COMPANY

LOGO

Integrated Business Management System Manual

ISO 9001:2015

ISO 14001:2015

ISO 45001:2018

Document No:
Version:
Date:
 COMPANY
LOGO

Table of Contents

ISO 9001:2015& ISO 14001: 2015& ISO45001:2018Control Document

Clause 4 - Context of the organisation

4.1 Understanding the organisation and it’s context
4.2 Understanding the needs and expectations of interested parties
4.3 Determining the scope of the management system
4.4 Management System and its processes

Clause 5 - Leadership
5.1 Leadership and commitment
5.1.1 Leadership and commitment for the management system
5.1.2 Customer focus (Quality)
5.2 Quality & Environmental & OH&S Policy
5.3 Organisational roles, responsibilities and authorisation
5.4 Consultation and Participation of Workers (OH&S)

Clause 6 - Planning for the management system

6.1 Actions to address risks & opportunities
6.1.2 Environmental Aspects
6.1.3 Compliance Obligations / Determination of Legal Requirements and other
Requirements
6.1.4 Planning Actions

(OH&S)
6.1.2.1 Hazard Identification
6.1.2.2 Assessment of OH&S risks and other risks to the OH&S System
6.1.2.3 Assessment of OH&S opportunities and other opportunities to the OH&S System

6.2 Quality, Environmental and OH&S objectives and planning to achieve them
6.3 Planning of changes (Quality)

Clause 7 - Support
7.1 Resources
7.1.1 General
7.1.2 People
7.1.3 Infrastructure
7.1.4 Environment for the operation of processes
7.1.5 Monitoring and measuring systems
7.1.6 Organisational knowledge

7.2 Competence

7.3 Awareness

7.4 Communication

7.5 Documented Information

7.5.1 General
7.5.2 Creating and updating
7.5.3 Control of documented information

Document No:
Version:
Date:
 COMPANY
LOGO

Clause 8 - Operation
8.1 Operational planning & control

(OH&S)
8.1.2 Eliminating hazards and reducing OH&S risks
8.1.3 Management of change
8.1.4 Procurement
8.1.4.1 General
8.1.4.2 Contractors
8.1.4.3 Outsourcing

8.2 Determination of requirement for products and services

8.2.1 Customer communication
8.2.2 Determination of requirements related to products and services
8.2.3 Review of requirements related to products and services

(OH&S)
8.1.2 Eliminating hazards and reducing OH&S risks
8.1.3 Management of change
8.1.4 Procurement
8.1.4.1 General
8.1.4.2 Contractors
8.1.4.3 Outsourcing

8.2 Emergency Preparedness and response (QMS/OH&S)

QMS
8.3 Design and development of product or services
8.3.1 General
8.3.2 Design and development planning
8.3.3 Design and development inputs
8.3.4 Design and development controls
8.3.5 Design and development outputs
8.3.6 Design and development changes
8.4 Control of externally provided products and services
8.4.1 General
8.4.2 Type & extent of control of external provisions
8.4.3 Information for external parties
8.5 Production and service provision
8.5.1 Control of production and service provision
8.5.2 Identification and traceability
8.5.3 Property belonging to customers or external parties
8.5.4 Preservation
8.5.5 Post delivery activities
8.5.6 Control of changes

8.6 Release of products and services

8.7 Control of non conforming process outputs, products or services

Clause 9 - Performance evaluation

9.1 Monitoring, measurement, analysis and evaluation
9.1.1 General
9.1.2 Customer satisfaction (QMS)
9.1.3 Analysis and evaluation
9.2 Internal Audit
9.3 Management Review

Clause 10 - Improvement
10.1 General
10.2 Incident, Non conformity& corrective action
10.3 Continual improvement

Document No:
Version:
Date:
 COMPANY
LOGO

Document No:
Version:
Date:
 COMPANY
LOGO

1. INTRODUCTION

This document is the Integrated Business ManagementManual (the Manual) of EXAMPLE LIMITED.

The Manual is the property of EXAMPLE and is a controlled document.

The purpose of the Manual is to provide an overview of EXAMPLE, the activities it carries out and the
quality and environmental standards of operation it conforms to.

It is not designed to act as a procedures manual, although it does carry information about where
procedures information is located and the detailed information on documentation requirements for the
procedures required by the respective standards.

This Manual is designed to meet the requirements of ISO9001:2015 and ISO 14001:2015and
ISO45001:2018.

1.1 THE ISSUE STATUS

The issue status is indicated by the version number in the footer of this document. It identifies the
issue status of this Manual.

When any part of this Manual is amended, a record is made in the Amendment Log shown below.

The Manual can be fully revised and re-issued at the discretion of the Management Team.

Please note that this Manual is only valid on day of printing.

Issue Issue Date Additions/Alterations Initials

ENTER DATE ENTER
1.0 Business Management Manual First Authorised Issue
INITAL

Document No:
Version:
Date:
 COMPANY
LOGO

1.2 PLAN-DO-CHECK-ACT Model

Document No:
Version:
Date:
 COMPANY
LOGO

1.3 QUALITY, ENVIRONMENTALand OH&SPOLICY

It is the policy of ENTER COMPANY NAME to maintain a quality system designed to meet the
requirements of ISO9001:2015& ISO14001:2015& ISO45001:2018 in pursuit of our primary
objectives, the purpose and the context of the organisation.

It is the policy ofENTER COMPANY NAMEto:

 strive to satisfy the requirements of all of our customers, stakeholders and interested parties
whenever possible, meeting and exceeding their expectations;

 comply with all compliance obligations, codes of practice and all other requirements
applicable to our activities including the nature, scale and environmental impacts of its
activities, products and services;

 protect the environment, including prevention of pollution, sustainable resource use, climate
change mitigation and adaptation, the protection of biodiversity and ecosystems and any
other specific commitments which are relevant to the context of the organisation;

 ensure commitment to provide safe and healthy working conditions for the prevention of work
related injury and ill health which satisfies the requirements of all of our customers,
stakeholders and interested parties whenever possible and is specific to our OH&S risks and
OH&S opportunities;

 reduce hazards, OH&S risks, prevention of injury and ill health;

 provide all the resources of equipment, trained and competent staff and any other
requirements to enable these objectives to be met;

 ensure that all employees are made aware of their individual obligations in respect of this
policy, and ensure that consultation and participation of workers, to be actively involved in the
management of the system and the activities supplied;

 provide all the resources of equipment, trained and competent staff and any other
requirements to enable these objectives to be met;

 maintain a management system that will achieve these objectives and seek continual
improvement in the effectiveness and performance of our management system based on
“risk”.

This quality& environmental and OH&Spolicy provides a framework for setting, monitoring, reviewing
and achieving our objectives, programmes and targets.

Customer satisfaction forms an essential part of our objectives and to ensure this is fulfilled, all
employees receive training to ensure awareness and understanding of quality, H&S and
environmentissues and their impact on customer service and of the products or service in which we
provide.

To ensure the company maintains its awareness for continuous improvement, the management
system is regularly reviewed by “Top Management” to ensure it remains appropriate and suitable to
our business and is subject to both internal and external annual audits.

Top Management (To be signed and dated annually)

Document No:
Version:
Date:
 COMPANY
LOGO

2. OVERVIEW OF THE ORGANISATION

EXAMPLE Limited, established in XXXX, provide XXX services to the XXX industry. Etc

2.1 SCOPE OF REGISTRATION

e.g. Provision of XXX services

Document No:
Version:
Date:
 COMPANY
LOGO

3. MANAGEMENT SYSTEM OBJECTIVES

In order to meet the commitments set out in our policies, our Management Team will analyse relevant
data to ensure that the followingobjectives are being met.

 We will endeavour to deliver our services to specification, on time and to the price quoted
This is measured by….. (Project stats, client feedback… )

 We will endeavour to satisfy our clients’ requirements and get things right first time.
This is measured by….. (No. of non-conformances, complaints, corrective action
reports, customer feedback…)

 We will comply with all compliance obligations, codes of practice and all other requirements
applicable to our activities including the nature, scale and environmental impacts of its
activities, products and services
This is measured by….. (Compliance Review, Targets & Objectives & relevant key
performance indicators..)

 We will ensure that the reduction of pollution, sustainable resource use, climate change
mitigation and adaptation, the protection of biodiversity and ecosystems are measured and
acted upon accordingly.
This is measured by….. (Monitoring and measuring the impact to the environment
which includes key performance indicators relevant to our organisation.…)

 We will reduce and mitigate the risk of accidents and incidents as far as reasonably
practicable
This is measured by….. (Project stats, client feedback, accident & incident investigations… )

 We are committed to fostering a culture of strong behavioural OH&S through regular audits,
training, toolbox talks, mentoring and to lead by example
This is measured by….. (Meeting Minutes, Toolbox Talks, Internal Auditing, Accidents &
Incident performance)

 We are committed to reporting and investigating all accidents, incidents and safety
observations.
This is measured by….. (Accident / Incident Performance…)

 We will ensure that continual improvement and development of the OH&S management
system is in line with the PDCA (Plan, Do, Check, Act) process.
This is measured by…….(Internal Audits, Management Review, Accident / Incident
investigations, consultation and participation of employees)

 We will ensure that all legal and legislation requirements are adhered to in line with our
activities
(This is measured by ……… Legal and legislative evaluation together with having the
competence of the evaluation. This is documented in line with our context of the
organisation)

 We are committed to communicate all performance and activities of OH&S

(This is measured by…… website etc)

Whilst the above company objectives are “high-level”, we have further analysed and categorised
these into our Risk & Opportunities Matrix. In some cases, this may allow for specific objectives being
set across different functions. This shows how we measure and set targets in meeting the “high level”
objectives.

Document No:
Version:
Date:
 COMPANY
LOGO

4. CONTEXT OF THE ORGANISATION

4.1 Understanding the organisation and its context

The context of the organisation is demonstrated within this Business Management System and all
associated processes connected with the services / products offered.

The legal legislation / regulatory compliance to the service / products offered are listed below/ external
to this manual. NOTE: Legislation can be extensive and as such the table can either be removed (to
sit as an external document) or used within the manual if you consider the list to be not extensive.

List all Legal and Regulatory Legislation connected Relevance to operations

with the business
Health and Safety at Work Act Safe working practices in place. Risk
assessments and method statements.
Waste Scotland 2012 regulations Segregation and disposal of recyclable office
waste.

Please enter a statement of how your company evaluates legal compliance and how you deem that
you are compliant to the above. Also, what is the criteria set for the person evaluating such
requirements.

4.2 Understanding the needs and expectation of interested parties

Interested Parties Information Requirements

Directors To provide leadership to ensure the aims and objectives of the
organisation are met; To oversee the overall running of the business; To
communicate QMS requirements to staff; To ensure that client
requirements are understood and delivered; To ensure Quality
processes/policies are followed; To ensure that staff are competent and
that requisite training has been carried out; To ensure the required
documentation is in place. To be responsible for managing customer
service.
Employees To meet client requirements; To ensure QMS processes are followed; To
ensure policies are followed.
Clients To provide detailed information relating to their requirements; To provide
suitable communication channels; To meet payment terms and conditions.
Contractors
Suppliers
Accountants
Company Solicitors / Lawyers
Governing / Regulatory Bodies To provide guidance on industry legislation/standards; To ensure that the
organisation delivers its services in line with industry legislation/standards.
Unions
Shareholders
Neighbouring businesses
(EMS specific)
Landowners (EMS specific)
Others (e.g. Householders) (EMS
specific)

Document No:
Version:
Date:
 COMPANY
LOGO

4.3 Determining the scope of the business management system

The scope of the system covers all the core and supporting activities of the company. The activities
and arrangements of all personnel including any sub-contractors also fall within the scope of the
system.

4.4 Part 1 –Our Management system and its processes

Exampleis responsible for the planning and management of our Management systems. We work
closely with our workers, clients and partners to satisfy mutual requirements. We have a flow chart to
illustrate the interaction of our core business processes, as shown below:

Enter below a flowchart or list of all processes involved within organisation - e.g.

ALL

- Organisation risk assessment

- Internal audit
- Non-conformance / corrective action
- Purchasing / Supplier management
- Management review
- Training and awareness
- Communication
- Management of Change

Quality

- Operational processes (e,g. Enquiry, project planning, project delivery, project completion etc)
- Customer satisfaction process

Environmental

- Aspects and Impact evaluation

- Waste Management process
- Emergency preparedness and response

OH&S

- Risk assessment
- Safe working procedures/method statements
- Outsourcing procedure
- Contractors procedure
- Emergency preparedness and response

Document No:
Version:
Date:
 COMPANY
LOGO

5 LEADERSHIP

5.1 Leadership & Commitment

EXAMPLE’s Top Management Team are committed to the development and implementation of a
Quality, Environmentaland OH&S Policy and a Management System which are both compatible with
the strategic direction and the context of the organisation. This system is frequently reviewed to
ensure conformance to the relevant standards. Responsibility has been assigned to ensure that the
Quality, Environmental and OH&S Management systems conform to the requirements of the
respective standards and the provision to report on performance to the top management team has
been defined.

The designated senior Management Representative(s) will ensure that EXAMPLE staff are aware of
the importance of meeting customer as well as statutory and regulatory requirements, and overall, to
contribute to achieving our Management Policies and Objectives.

The Senior Management Team is responsible for implementing the Business Management System
(BMS) and ensuring the system is understood and complied with at all levels of the organisation.

In summary, the Senior Management Team will ensure that:

5.1.1 Leadership and commitment for the Business Management System

 The company has a designated Senior Management Representative who is responsible for
the maintenance and review of the Business Management Systems.
 The ongoing activities of EXAMPLE are reviewed regularly and that any required corrective
action is adequately implemented and reviewed to establish an effective preventative
process.
 Measurement of our performance against our declared Objectives is undertaken.
 Resources needed for the BMS are available and employees have the necessary training,
skills and equipment to effectively carry out their work.
 Internal audits are conducted regularly to review progress and assist in the improvement of
processes and procedures.
 Objectives are reviewed and, if necessary amended, at regular Review meetings and the
performance communicated to all staff.
 The BMS is integrated into the organisations business processes.
 Communication covering the importance of the effective BMS and conformance to the BMS
requirements is in place.
 Continual improvement is promoted.
 The contribution of persons involved in the effectiveness of the BMS is achieved by engaging,
directing and supporting persons and other management roles within their area of
responsibility.

5.1.2 Customer Focus (Quality)

 Customer requirements and applicable statutory and regulatory reuirements are determined
and met
 The risks and opportunities that can affect conformity of products and services and the ability
to enhance customer satisfaction are determined and addressed
 The focus on consistently providing products and services that meet customer and applicable
statutory and regulatory requirements is maintained
 The focus on enhancing customer satisaction is maintained

5.2 Quality / Environment / OH&S Policy

The Policy of EXAMPLE is located within section 1.3 of this Manual.

Document No:
Version:
Date:
 COMPANY
LOGO

5.3 Organisational roles, responsibilities and authorities

EXAMPLE has an organisation chart in place. Employee contracts together with job descriptions are
in place to ensure that the appropriate personnel are in place to cover the whole context of the
organisation and strategy of the business.

NOTE: Please “Hyperlink Organisation Chart” or attach as Appendix

5.4 Consultation and participation of workers (OH&S)

A process is implemented for the consultation and participation of workers, contractors and other
people e.g. volunteers. The Organisation encourages the two-way flow of information between the
workforce and management. Consultation is about seeking workers views and considering them,
before making a decision. Participation is about joint decision making e.g. jointly understanding a risk
assessment and agreeing actions or being involved in deciding other factors of the OH&S
management system.

This is primarily covered through OH&S meetings and involving employees of all functions of the
organisation in developing risk and hazard assessments together with the operation of the OH&S
system.

For contractors, a pre-start meeting is completed to ensure all areas of the activity to be undertaken is
discussed and any potential issues are resolved, minutes of discussion points are kept for evaluation.

Please see below document as demonstration:-

Consultation and Participation Process

6 Planning for the Business Management System

6.1 Actions to address risk and opportunities

We have identified the risks and opportunities that are relevant to our Business Management system
from an operational perspective. This also links to section 4.1 and 4.2 of this manual and also
provides information on low-level objectives. This 'Context, Risk, Opportunities and Objectives'
(CROO) document is separate to this manual. Within each of the areas the risks are identified
together with a rating as to the importance of the risk. The associated consequence & mitigation of the
risk is also noted together with any new opportunities that we have identified. Where applicable, we
have identified measurable objectives and these can be found within a separate tab in the 'CROO'
document.

Please see below document as demonstration:-

CROO Document (Context, Risk, Opportunities & Objectives)

Document No:
Version:
Date:
 COMPANY
LOGO

6.1.2 Hazard Identification and assessment of risks and opportunities (OH&S)

6.1.2.1 Hazard Identification

EXAMPLE (in consultation with workers), identify all potential situations that may cause harm. In
general, hazards are likely to be found in the following:-

 Physical work environment

 Equipment, materials or substances used
 Work tasks and how they are performed
 Work design and management

In order to identify hazards, the following are considered:-

1) Past incidents / accidents (internal or external to the organisation including emergencies and
their causes) are examined to see what happened and whether the incident / accident could
occur again
2) Employees be consulted to find out what they consider are safety issues, i.e. asking workers
about hazards near misses they have encountered as part of their work.
3) How work is organised, social factors (including workload, work hours, victimisation,
harassment and bullying), leadership and the culture in the organisation
4) Work areas or work sites be inspected or examined to find out what is happening now.
Identified hazards are documented to allow further action. The work environment, tool and
equipment as well as tasks and procedures should be examined for risks to Work Health &
Safety.
5) Information about equipment (e.g. plant, operating instructions) and Material Safety Data
Sheets be reviewed to determine relevant safety precautions.
6) Welcome creative thinking about what could go wrong takes place, i.e. what hazardous event
could take place here.

The following “Risk rating” is applied from inception and then further analysed once controls have
been put in place:-

Catastrophic Death or permanent disability

Critical Serious Injury, hospital treatment required
High Injuring requiring medical treatment and some lost time
Moderate Minor injury, first aid only required
Low Injuries requiring no treatment or first aid

Please see below document as demonstration:-

Hazard Identification

Document No:
Version:
Date:
 COMPANY
LOGO

6.1.2.2 Assessment of OH&S risks and other risks to the OH&S management system
Effective risk assessment is based on a series of steps, involving identifying risks, assessing the
extent of the risks, determining whether action needs to be taken to reduce the risk, and then taking
action and evaluating the results of the action.

The risk assessment record must be reviewed every 12 months as a minimum to ensure that the
hazards are still current and the control measures remain effective. They should also be reviewed
upon any significant changes to the working environment or working practice and following any
serious accident or incident. The Risk Assessment Record should be held locally for information
purposes. All significant risk issues must be communicated to the appropriate Director / Senior
Manager for monitoring purposes and inclusion on the risk register and the “CROO” document for
“high level” further analyses. All staff that may be “at risk” must be informed of the significant hazards
and any control measures they may need to implement as part of their work activity e.g. wearing of
PPE etc.

The purpose of the “Risk Procedure” for identifying risks are (Develop a Risk Assessment
Procedure):-

 To ensure that a consistent approach to the application of risk assessment techniques is

applied across all services within the organisation
 To create and maintain a culture of risk awareness within the organisation, which is reflected
in both business planning and operational management
 To promote a risk aware organisation through risk assessment and proactive risk
management across all services
 To set out training and support available for staff who undertake risk assessment.

Please see below document as demonstration:-

An example template can be found on http://www.hse.gov.uk/risk/casestudies/pdf/office.pdf

6.1.2.3 Assessment of OH&S opportunities and other opportunities to the OH&S management
system
Opportunities to the OH&S management system are covered in a variety of other clauses which are:-
 CROO Document
 Hazard Identification
 Risk Assessment
 Performance Evaluation

6.1.2 Environmental Aspects(Environment)

EXAMPLE has conducted a review based on change (which includes planning of new developments),
new or modified activities, products or services to identify and evaluate aspects, impacts and risk
connected to its business operation. These include people, activities, buildings, services and the
scope of the Business Management System.

The review of the environmental aspects is undertaken by Top Management at regular intervals to
ensure they are valid.

Please see below document as demonstration:-

Aspects & Impacts Register

Document No:
Version:
Date:
 COMPANY
LOGO

6.1.3 Compliance obligations(Environment)

EXAMPLE has determined compliance obligations which are connected to the operation of our
business and is contained within the Aspects and Impacts register on a separate tab. The related
document is reviewed by Top Management at regular reviews.

Please see below document as demonstration:-

Compliance Obligations

6.1.3 Determination of legal requirements and other requirements (OH&S)

Legal and other requirements are evaluated by a competent person to whom the job description
relates for the experience required to carry out this task. Evaluation is undertaken regularly to ensure
the organisation complies with legal and other requirements which include but not limited to, any
codes of practice. The source for evaluation includes but is not limited to:
http://www.hse.gov.uk/legislation/trace.htm
This is interlinked with clause 4.1.

6.1.4 Planning Action(Environment)

EXAMPLEtakes actions to address it significant environmental aspects, compliance obligations and

risks and opportunities in the following documents:-

Please see below document as demonstration:-

Aspects & Impacts Register
Compliance Obligations
CROO Document (Context, Risk, Opportunities & Objectives)

6.1.4 Planning Action (OH&S)

TheSenior Management Team of EXAMPLEplan for actions which consider best practices,
technlogical options, financial, operational and business requirements. This is closely interlinked with
Clause 8.1.3 “Management of Change”. A “research background” will be undertaken to determine the
feasibility of the changes with regards to:-

 Purpose of the change (i.e. Design Change)

 Any potential consequences
 Integration of the OH&S system
 The availability of resources
 The allocation or reallocation of responsibilities and authorities
 Technical Skills
 Timescales
 Risks & Opportunities (including the Hierarcy of Control)
 Impact (including responding to Emergency Situations)
 Legal and Other requirements

Once completed this then forms part of the Management Review together with including within the
internal audit schedule.

Please see below document as demonstration:

Planning of Actions

Document No:
Version:
Date:
 COMPANY
LOGO

6.2.1 Objectives and planning to achieve them

OurObjectives (high level) and methods of achieving the objectives are located within section 3 of this
Manual – Objectives.

6.2.2 Planning actions to achieve environmental objectives (Environment)

Top management regulary review environmental objectives, which are contained within our objectives
policy together with our aspects & impacts register. Please see section 3 and section 6.1.2 of this
Business Management system.

6.3 Planning of Changes (Quality)

TheSenior Management Team of EXAMPLEidentifiesany potential changes, this is then delegated to

a responsible person as a “project manager”.He or she will conduct a “research background” to
determine the feasibility of the changes with regards to:-

 Purpose of the change

 Any potential consequences
 Integration of the quality management system
 The availability of resources
 The allocation or reallocation of responsibilities and authorities
 Technical Skills
 Timescales
 Risks
 Impact

Once completed this then forms part of the Management Review together with including within the
internal audit schedule.

Please see below document as demonstration:

Planning of changes

Document No:
Version:
Date:
 COMPANY
LOGO

7 Support
7.1 Resources

7.1.1 General
EXAMPLE determines and provides the resources needed for the establishment, implementation,
maintenance and continual improvement of the business management system.

We ensure that the below elements are taken into account when completing an evaluation:

 The capabilities of, and constraints on, existing internal resources;

 What needs to be obtain from external providers

7.1.2 People (Quality)

Operation and context of the organisation is taken into account when we determine the relevant
persons necessary for the effective operation of the quality management system.

7.1.3 Infrastructure (Quality)

All of our administration is conducted at our Head Office. This includes:-

 Management of financial matters

 Handling of client orders
 Personnel records

In terms of equipment used to deliver our product / service, asset registers and maintenance records
are kept for the following:

 Measuring equipment
 Utilities
 Hardware / software
 Technology
 Machinery
 Vehicles
 Plant equipment
Etc…

NOTE: If you operate as a “multi-site” client (i.e. have various locations covered under certification),
please also include details of how you monitor the above and how this is carried out in practice

7.1.4 Environment for the operation of processes (Quality)

Enter a statement reference the environment of the organisation e.g. temperature controls,
cleanliness (cleaners), ergonomics, physical etc.

EXAMPLE OF STATEMENT:
The environment consists of a 720 square foot area with temperature controls in place and HVAC
systems. All equipment is maintained and certificate evidence of maintenance for the HVAC system.
The office space consists of 10 people whom all have undergone DSE evaluation and appropriate
equipment is in place to alleviate any restraints on the employee. There are no psychological factors
to take into consideration / we monitor our employees through appraisals and general meeting for
their wellbeing which includes stress. Cleanliness is very good with sub-contract cleaners visiting the
site 2 times per week. The ergonomic layout is very good minimising any impacts to the environment

Document No:
Version:
Date:
 COMPANY
LOGO

7.1.5 Monitoring and measuring resources (Quality)

We ensure that all relevant equipment and personnel are monitored and measured to ensure that
equipment and personnel are effective for the services / products we offer:-

Equipment: We ensure that all equipment is serviced, maintained and where applicable calibrated to
statutory and regulatory requirements (see documented evidence within our maintenance, service and
calibration records).

Personnel: We ensure that all personnel are monitored on a regular basis (please see personnel
records for training etc). We maintain a monitoring / training matrix as evidence.

7.1.6 Organisation Knowledge (Quality)

We ensure that “Job Specifications” are produced which include knowledge requirements for each
individual role. Specific tests are implemented to ensure that persons are knowledgeable with the
specific elements of the role. This could include telephone interview, tests, internal training or
vocational certificates.

7.2 Competence
All employees have the training and skills needed to meet their job requirements. All employees are
monitored on an ongoing basis to identify any training and development needs. Competences and
training needs are identified / satisfied by using:

Please see below “hyperlinked documentation as demonstration of compliance:

 Job descriptions which set out the competences required

 Contracts of employment which set out contractual and legal requirements
 Induction checklists to ensure / check understanding
 Appraisal reviews to monitor performance
 Development plans to set objectives
 On the job reviews to ensure / check levels of competence
 Tests of understanding
 A training / competency matrix

7.3 Awareness
We ensure that all employees are aware of all policies and their contribution to the effectiveness of
the Business Management System through:

 Notice Boards
 Employee Handbook
 Awareness Training
 Induction
 CPD

Document No:
Version:
Date:
 COMPANY
LOGO

7.4 Communication
Example
For internal staff the company intranet is a source of information and is updated regularly to ensure
that all information is correct. This is accessible by all staff.
Any communication which is sent external to the intranet is designated through the appropriate line
manager.

For external persons, the company internet is a source of information and is updated regularly to
ensure that information to up-to-date. Client mail shots are sent out regularly to provide additional
services etc

7.5 Documented Information

7.5.1 General
EXAMPLE demonstrates documented compliance to ISO 9001:2015 and ISO 14001:2015(or any
other standard in line with Annex SL Structure) through this Business Management System Manual
(which includes processes& procedures) on an electronic system which is available on the company
intranet / access drive to all employees (delete as applicable). All information is read only and only
accessible via the document owner for amendment.

7.5.2 Creating and updating

The creation of documentation to support the Business Management System is primarily the
responsibility of the designated “Top Management Representative”.

Identification will be sought by a document number, date and author. To aid the approval and
suitability of documents, the Managing Director of EXAMPLE authorises the release and delegates
any training required to the “Top Management Team”.

Document No:
Version:
Date:
 COMPANY
LOGO

7.5.3 Control of documented information

All documentation is controlled by version and date and is listed on a “Master Document List”.

Example
EXAMPLE has ENTER SOFTWARE in place to avoid the loss of confidentiality, improper use or loss
of integrity. Key office computers are backed up daily to tape on a local server. Remote office
computers / laptops are backed-up monthly to suitable magnetic or digital media.

Control of documents can be seen on the Master Document List and encompasses the following
elements:-

 Distribution, Access, Retrieval and use

 Storage and preservation, including preservation of legibility
 Control of changes (e.g. version control)
 Retention and disposition

Documents can be retrieved by authorised personnel from the storage locations specified and / or
from folders on the network. Customer records are identified by customer name.

On or after the retention period stated, the relevant records will be reviewed by Top Management and
will either remain in-situ, be archived or destroyed.

If records are to be destroyed, they will be disposed of in a controlled manner; sensitive hard copies
will be shredded and soft copies will be deleted from the system. If records are to be archived, they
will be identified and stored appropriately

Please see below document as demonstration of compliance:

Master Document List

Document No:
Version:
Date:
 COMPANY
LOGO

8 Operation
8.1 Operational planning and control (ALL)

EXAMPLE has determined the requirements and controls implemented for all processes detailed in
section 4.4. Any planned changes and actions are controlled through sections 6.3 (Planning for
Changes), 6.1.4 (Planning Action) and 8.1.3 (Management of Change)

8.1.2 Eliminating hazards and reducing OH&S risks (OH&S)

EXAMPLE has a process in place to eliminate hazards and reductions of OH&S risks taking into
account the “Hierarchy of Control”, this is closely interlinked with clause 6 (risk). The hierarchy of
controls table below is used to identify the level of control to be applied to each risk:

NOTE: A process must be developed, implemented and maintained with appropriate records

8.1.3 Management of Change (OH&S)

The control of planned temporary and permanent changes that impact the OH&S performance
together with the consequences of unintended changes is interlinked with clause 6.1.2 & 6.1.4 above.

8.1.4.1 Procurement (OH&S)

EXAMPLE have controls in place to ensure that external provisions are approved before using the
service or product. This is done via the Supplier OH&S Questionnaire together with the Supplier Visit
Report.

Please see below document(s) as demonstration of compliance:

Supplier OH&S Questionnaire
Supplier Visit Report
Supplier Approval List

Document No:
Version:
Date:
 COMPANY
LOGO

8.1.4.2 Contractors (OH&S)

EXAMPLEhas controls in place to ensure that “Contractors” are approved for knowledge, skills,
methodsand means. Consideration of the reporting of hazards and the coordination of the activities
carried out by theexternal resource is undertaken and documented as necessary. Coordination
methods include:-

a) Reporting of hazards between EXAMPLE and its contractors

b) Controlling worker access to hazardous areas and activities
c) Reporting contractor or interested party injuries and / or ill-health
d) Processes to follow in emergencies

Contractors are verified for the competence and capability of performing the tasks before being
allowed to proceed with their work. Verification includes, but is not limited to:-

a) Satisfactory OH&S performance records

b) Qualification, experience and competence criteria for workers are specified and have been
met (e.g. through training)
c) Resources, equipment and work preparations are adequate and ready for the work to
proceed.
NOTE: A process must be developed, implemented and maintained with appropriate records

8.1.4.3 Outsourcing (OH&S)

The Outsourcing, functions and processes should be controlled to make sure the external provider
understands what is needed and also to ensure it is being done in an acceptable way.

There is a need to document the extent of the control over outsourced functions or process, based on
technical competence, potential effect of the outsourced process or function, is this within the OH&S
Management System.

Examples: Billing, printing, internal auditing, welding, plating, paint spraying etc.

The degree of control should be defined in the OH&S management system

NOTE: A process must be developed, implemented and maintained with appropriate records

Document No:
Version:
Date:
 COMPANY
LOGO

8.2 Determination of requirements for products and services (Quality)

8.2.1 Customer Communication

Capability, facility and service information is supplied to customers via web site, brochures, email and
through direct sales / personal contact.

Communications such as enquiries, quotes, orders and amendment details are appropriately stored
and identified by customer and reference number.

Any technical documentation required for products / services offered by EXAMPLEare forwarded to
our clients on closure of the contract. The documentation is then filed within the client file.

Customer feedback is proactively sought via direct contact and satisfaction monitoring.

Complaints are documented and recorded.

Please see below document(s) as demonstrationof compliance:

Customer Satisfaction
Customer Complaints Form
Customer Complaints Summary

8.2.2 Determination of requirements related to products and services (Quality)

EXAMPLEensures that applicable statutory and regulatory requirements are met which can be
evidenced within section 4.1 of this document.
Should we issue any legal documentation (i.e. calibration document – traced back to national
standards) in connection with the products / services offered then this is forwarded to the clients at the
closure of the contract. All documentation is filed within the client file for archive purposes.

8.2.3 Review of requirements related to products and services (Quality)

EXAMPLE has processes in place to ensure that client details are collected at “Contract Review”.
This to ensure that all details are correct and any additional information is collected etc.

Any statutory and regulatory requirements applicable to the service / products offered are also
documented within the contract review.

The contract review will be reviewed mid-way through the process to validate the client’s
requirements.

Any change required either through client requirements or product / service design will be fully
documented through the “Planning of changes” within section 6.3 of this document.

Document No:
Version:
Date:
 COMPANY
LOGO

8.2 Emergency preparedness and response ((Environment and OH&S)

EXAMPLEhave established, implemented and maintained processes to prepare for emergency

situations and to respond if they occur. Listed below are aspects of performing the organisation’s
functions in an emergency:-

 Establishing a planned response to emergency situation, including the provision of first aid
 Provide training for the planned response
 Periodically test and exercise the planned response capability
 Evaluate the performance and, as necessary, revising the planned response, including after
testing and in particular after the occurrence of emergency situations
 Communication with relevant information to all workers on their duties and responsibilities
 Communication of information to contractors, visitors, emergency response services,
government authorities and, as appropriate the local community
 Considering the needs and capabilities of all relevant interested parties and ensuring their
involvement, as appropriate in the development of the planned response

Please see below document as demonstration of compliance

Emergency Preparedness and Response

Document No:
Version:
Date:
 COMPANY
LOGO

8.3 Design and development of products and services (Quality)

EXAMPLE has detailed processes for the design and development of products / services. The
following elements are detailed within flowcharts explaining the processes or are incorporated within
our Operational processes described in section 4.4 of this manual.

 Design and Development Planning

 Design and Development Inputs
 Design and Development Controls
 Design and Development Outputs
 Design and Development Changes

OR

The organisation does not design or develop product. Design and Development of the services
provided is incorporated in the planning cycle as described in section 6 of this document. We also
apply the requirements given in section 8.5 to the development of processes for services provision.
Section 6.3 describes the controls in place should any changes need to be made to the design of
service delivery or associated processes.

8.4 Control of externally provided products and services (Quality)

8.4.1 General
EXAMPLE ensures that externally provided processes, products and services conform to specified
requirements and also reviewed as part of EXAMPLE’sCROO Document.

8.4.2 Type and extent of control of external provision (Quality)

EXAMPLE have controls in place to ensure that external provisions are approved before using the
service or product. This is done via the Supplier Quality Questionnaire together with the Supplier visit
report.

Please see below document(s) as demonstration of compliance:

Supplier Quality Questionnaire
Supplier Visit Report
Supplier Approval List

8.4.3 Information for external provision (Quality)

Communication of any applicable requirements which are deemed appropriate and are provided
through the contract review with the provider. (i.e. T&C’s, performance, competence etc)

8.5 Production and service provision (Quality)

8.5.1 Control of production and service provision

EXAMPLE ensures that controls are in place for conditions for production and service provision,
including delivery and post-delivery activities.

E.G. If a product requires refrigeration then controls are in place for verification and temperature
controls

Document No:
Version:
Date:
 COMPANY
LOGO

Document No:
Version:
Date:
 COMPANY
LOGO

8.5.2 Identification and traceability (Quality)

Note what traceability methods you have for your supplier products and service
E.G. If a product came in it should be properly labelled and stored in the correct conditions (date of
delivery etc).

8.5.3 Property belonging to customers or external providers (Quality)

Note how you identify, verify, protect and safeguard any customer or external provider’s property
provided for use or incorporation into the products and services.

8.5.4 Preservation (Quality)

Note how you handle, package and store this will include “Records / Data / Software / GDPR”

8.5.5 Post-delivery activities (Quality)

Note what post-activities you have which can include actions under warranty provision, contractual
obligations such as maintenance services and supplementary services such as recycling or final
disposal.

8.6 Release of products and services (Quality)

EXAMPLE ensures that the appropriate documentation is provided to the client on release of the
product / service and this is also retained for traceability.
Add the appropriate documentation for compliance (E.G signed acceptance on delivery etc)

8.7 Control of nonconforming process outputs, products and services (Quality)

The EXAMPLE Management Action Log is used to identify non-conformances and any actual or
potential shortfalls in quality standards or internal processes/ procedures, suggest improvements and
track any actions to ensure improvements have taken place, or potential problems are avoided.

These areas are reviewed within the agenda for the Management Review meetings and typically
cover the action taken to control and correct any non conformances noting any consequences of the
action taken and themes which may be evident. In terms of continual improvement, we also review
the suitability, adequacy and effectiveness of our Business Management System.

For products the following actions must are also followed:-

 Segregation, containment, return or suspension of provision of products

The SeniorManagement Representative is responsible for checking the “non-conforming products or

services form” and ensuring that people with allocated responsibilities are aware of them and actions
are progressing.

Once all actions on a log sheet have been completed the Management Representative archives it as
a Quality Record

Related records
Non Conforming Products or Services
Management Review meeting records

Document No:
Version:
Date:
 COMPANY
LOGO

9 Performance Evaluation
9.1 Monitoring, measurement, analysis and evaluation
Monitoring is based on Risk and is linked to the CROO Document.

9.1.1 General

EXAMPLE has deemed the following elements (9.1.2, 9.2 & 9.3) for monitoring, measuring, analysis
& evaluation to ensure the quality performance and the effectiveness of the business management
system.

9.1.2 Customer Satisfaction (Quality)

EXAMPLE collates data on customer satisfaction through various means. This includes customer
contact, emails and customer satisfaction survey. The customer satisfaction survey is sent to clients
yearly, analysed and evaluated at the Management review meeting by “Top Management” as it is a
reportable requirement.

Please see below document as demonstration of compliance:

Customer Satisfaction Questionnaire

9.1.2 Evaluation of compliance (Environment)

EXAMPLE ensures that compliance is reviewed regularly to ensure the business is meeting
compliance obligations. This can be seen in section 4.1 of this business management system.

9.1.2 Evaluation of compliance(OH&S)

Competency of the evaluation of compliance is detailed within the job description and as such the
appointed person has the appropriate competency to complete. Updates are provided through
ENTER DETAILS and is monitored regularly to ensure

Legislative & Regulatory compliance is considered in determinging the effectiveness of the OH&S
Management System.

When determining the evaluation, the following are taken into account:-
- Activities
- Processes, including equipment
- Materials
- Workers
- Location, including specific facilities

Legal requirements and other requirement include those based on the hazards and OH&S risks
related to EXAMPLESactivities. These could include the following:-

- Regulations and HSE approved codes of practice

- Orders issued by regulators, e.g. an improvement or prohibition notice by HSE or Local
Authority Inspector
- Permits, licenses or other forms of authorisation
- Requirements of parent or partner organisations, customers and insurers
- Collective bargaining agreements
- Voluntary adherence to sector or trade body guidance
- Agreements with workers and other interested parties
- Conformity to voluntary standards, codes of practice, technical specifications, charters
- Public commitment of the organisation or its parent organisation

Document No:
Version:
Date:
 COMPANY
LOGO

9.1.3 Analysis and Evaluation(Quality)

Results of feedback which includes customer satisfaction questionnaire, internal audits, conformity of
products & service, planning, suppliers, risk & opportunities matrix is evaluated through the
management review meeting and actioned as applicable should any non-conforming areas be
present.

9.2 Internal Audit

An internal audit schedule is prepared on an annual basis year and covers the requirements of any
ISO standards in which EXAMPLE wish to be certified.Internal audits are carried out through “risk or
claused based” auditing.

Appropriate personnel are allocated to complete the internal audits and must record appropriate
evidence for completeness. All audits completed must be authorised by Top Management as
complete once any non-conforming areas have been dealt with (without any undue delay). Internal
audit documentation must be kept and filed appropriately.

Please see below document as demonstration of compliance:

Internal Audit Report / Non-conformance Report
Internal Audit Schedule

Document No:
Version:
Date:
 COMPANY
LOGO

9.3 Management Review

Management reviews take place on a monthly / bi-monthly / quarterly / bi-annual / annual basis
(delete as necessary). The attendees present are “Top Management” and any other appropriate
persons of the business.

All inputs / outputs are full documented and minuted in line with the requirements of the specific ISO
standard in which EXAMPLE wish to be certified. Any actions arising from the meeting must be
completed without any undue delay and appropriate evidence filed with the Management review
documentation.

Please see below document as demonstration of compliance:

Management Review Agenda

10 Improvement
10.1 General

EXAMPLE ensures that improvement processes are completed and actioned as necessary. Analysis
methods include various elements which include:-

 Customer Satisfaction Analysis and Evaluation

 Internal Audits
 Planning changes to the Quality Management System, Products & Services
 3rd party assessments for certification purposes
 Results of non-conforming products
 CROO Document

10.2 Nonconformity and corrective action

Should a nonconformity occur, including those arising from complaints, internal audits & external 3 rd
part assessment EXAMPLEdesignate the appropriate “Top Management” representative to ensure
that corrective action including root cause analysis is completed and implemented to avoid any further
occurrences. This is then analysed and should the risk to the business pose to be “high” then this is
then entered onto the “CROO Document (see Clause 6.1)” to assist in mitigating the risk to the
business.

Should any non-conformance’s occur then the internal audit report / non-conformance report must be
completed to ensure that a full analysis of the problem is resolved. Should any changes to the
Business Management System, Products or Services be required then the “Planning changes”
document shall also be completed.

The Management Action Log must be completed, as this then forms part of the Management Review
meeting.

Please see below document(s) as demonstration of compliance:

Internal Audit Report / Non-conformance Report
Management Action Log

Document No:
Version:
Date:
 COMPANY
LOGO

Incidents (OH&S)

EXAMPLE has a process in place to investigate incidents. This process includes the determination
not only for the immediate causes, but also the underlying or root causes and to develop corrective
actions to prevent recurrence. The aim of an investigation should not be to apportion blame.

Incidents, including near-misses, are investigated, so that recurrence or escalation into more serious
incidents can be prevented.

All incidents are recorded on the appropriate documentation which is obtained from HSE.
https://www.hse.gov.uk/forms/incident/

Please see below document(s) as demonstration of compliance:

Internal Audit Report / Non-conformance Report
Management Action Log

10.3 Continual Improvement

Continual Improvement will be ongoing through various elements of the Business Management
System which is encompassed within this document. The list below is not exhaustive:-

 CROO Document – Evaluated at several stages (clause 5.1, 6.1)

 Quality Policy / Objectives
 Planning of Changes
 Competency Matrix
 Customer Satisfaction - Operation\Supplier Quality Questionnaire - clause 8.4.1.docx
 Production & Service Provision (Supplier Evaluation)
 Risk, Hazard & Incident Identification and Control
 Internal Audits
 3rd Party External Audits
 Management Review

Document No:
Version:
Date: