ISO Navigator Pro™

Management system guidance

ISO Navigator Pro™ is a free tool that provides practical, expert guidance for businesses wishing to interpret and better implement the requirements of ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018.

Our range of templates cover the requirements of ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018, and offer an easy way to implement your next management system.

Totally free management system guidance

ISO Navigator Pro

Providing practical knowledge and expert guidance, ISO Navigator Pro™ is a free browser-based resource that gives you instant access to the management system knowledge you need.

Access multiple guidance interpretations, across different departments and offices, ideal for employees working remotely!

Easily navigate the complex requirements of ISO 9001, ISO 14001 or ISO 45001 via any internet browser, using simple menus and straight forward language. Click the links below to begin:

  1. Planning - Organizational context
  2. Planning - Leadership
  3. Planning - Management system planning
  4. Doing - Support
  5. Doing - Operations
  6. Checking - monitoring, measuring, analysing and evaluating
  7. Acting - implementing improvement actions

Each stage is linked to the relavant, underlying ISO clauses to explain them in plain English with plenty of practical examples.

Planning

4.0 Organizational context

This is the 'Plan' part of the PDCA process. Establish the objectives and processes necessary to deliver results in accordance with customer requirements and the organizational policies. This is often implemented using stated objectives, work instructions or procedures as required for consistent process output.

  • Identify external and internal issues relevant to the organization's operational purpose and strategic direction. Monitor and review these issues for change.
  • Identify interested parties (stakeholders), their requirements and their impact on the quality, environmental or OH&S management system. Monitor and review stakeholder requirements for change.
  • Base the scope of the management system on the external and internal issues - 4.1, stakeholder needs - 4.2, and the types of operational activity that your organization undertakes - 8.1.
  • Define the management system processes, their sequence and interaction, and the quality, environmental or OH&S performance indicators needed to monitor process performance.
ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
4.1 Organizational Context 4.1 Organizational Context 4.1 Organizational Context
4.2 Relevant Interested Parties 4.2 Relevant Interested Parties 4.2 Relevant Interested Parties
4.3 Management System Scope 4.3 Management System Scope 4.3 Management System Scope
4.4 QMS Processes 4.4 EMS Processes 4.4 OH&S Management System
 

Planning

5.0 Leadership

Make sure you have Top management’s commitment before continuing the implementation project. Be sure that Top management are solidly behind implementation of the management system because without that commitment, the implementation process becomes almost impossible.

  • Demonstrate leadership by encouraging positive commitment and providing direction. Ensure processes exist to achieve customer satisfaction.
  • Ensure that any changes in context, or interested party requirements are reflected in commitments written in the management system policies.
  • Develop and communicate an organization chart and job descriptions to define roles, responsibilities and authorities.
  • Promote the participation of non-managerial roles within the OHS management system requirements, including incident investigations, risk assessments, plus control and monitoring activities including internal auditing.
ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
5.1 Leadership & Commitment 5.1 Leadership & Commitment 5.1 Leadership & Commitment
5.2 Quality Policy 5.2 Environmental Policy 5.2 OH&S Policy
5.3 Roles, Responsibilities & Authorities 5.3 Roles, Responsibilities & Authorities 5.3 Roles, Responsibilities & Authorities
    5.4 Consultation & Participation
 

Planning

6.0 Management system planning

Although risks and opportunities have to be determined and addressed, there is no requirement for a formal, documented risk management process. Confirm that your organization has a methodology in place that enables them to effectively identify risks and opportunities with respect to the planning of its management system.

  • Risks and opportunities should be relevant your organization's context 4.1, and any interested parties 4.2. Integrate risk-based thinking into processes 4.4.
  • Establish management system (quality, environmental or OH&S) objectives and targets, at each relevant function and level within the organization.
  • Identify risks and opportunities associated with change that could affect the management system. Deploy plans to monitor the effectiveness of the management system after change.
ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
6.1 Address Risks & Opportunities 6.1.1 Address Risks & Opportunities 6.1.1 Address Risks & Opportunities
6.2.1 Quality Objectives 6.1.2 Environmental Aspects 6.1.2 Hazard Identifcation
6.2.2 Planning to Achieve Objectives 6.1.3 Compliance Obligations 6.1.3 Legal & Other Requirements
6.3 Planning for Change 6.1.4 Planning Action 6.1.4 Planning Action
  6.2.1 Environmental Objectives 6.2.1 OH&S Objectives
  6.2.2 Planning to Achieve Objectives 6.2.2 Planning to Achieve Objectives
 

Doing

7.0 Support

This is the 'Do' part of the PDCA process. Ensure the availability of resources and information necessary to support the operation and monitoring of your processes. This may be through management review or other methods that define resource requirements.

  • Determine internal and external resources required for implementation, maintenance and improvement of the quality, environmental or OH&S management system.
  • Establish and document levels of competence, and that ensure staff are competent by undertaking competency-based training.
  • Ensure all persons working under the remit of the management system are fully briefed on aspects such as the policy, objectives, and the overall management system.
  • Undertake internal communication with employees, and external communication relating to the quality, environmental or OH&S management system with relevant parties.
  • Create, update and retain documented information to demonstrate effective operation of the management system.
ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
7.1 Resources 7.1 Resources 7.1 Resources
7.2 Competence 7.2 Competence 7.2 Competence
7.3 Awareness 7.3 Awareness 7.3 Awareness
7.4 Communcation 7.4.1 Communcation - General 7.4.1 Communcation - General
7.5 Documented Information 7.4.2 Internal Communcation 7.4.2 Internal Communcation
  7.4.3 External Communcation 7.4.3 External Communcation
  7.5 Documented Information 7.5 Documented Information
 

Doing

8.0 Operations

For those risks and opportunities that your organization has identified, you should seek evidence that these actions have been integrated into the management system; as such, these actions should be verifiable at process level – for example, evidence of controls, acceptance criteria and resources to address the risks and opportunities. Review the acceptability criteria; this may include targets, measures, values, KPIs, specifications and other criteria as relevant to the output.

  • Plan, implement and control operational processes that generate customer output, e.g. planning, engineering, operations, purchasing, warehousing, and delivery, etc. Implement the hierachy of controls to mitigate impacts and hazards.
  • Establish arrangements to provide the customer with product information, enquiry handling and orders, and a method for handling customer comments.
  • Implement and maintain a design and development process, appropriate to the types of products or services provided.
  • Ensure that externally provided processes, products or services meet quality requirements and monitor the performance of external providers.
  • Control the manner by which your products are produced and services provided. This also relates to clauses 5.2, 7.1, 7.2, 7.4 and 8.2.
  • Ensure planned arrangements are completed prior to the release of the product or service. Verify that product or service requirements have been met.
  • Identify products or services that do not conform to their intended requirements. Records of product non-conformity should be periodically reviewed.
  • Emergency situations may originate within your organization and have the potential to affect the environment or the safety of interested parties. Ensure that emergency plans take the needs of relevant third parties into account and are tested periodically and are maintained and retained as documented information
ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
8.1 Operational Planning & Control 8.1 Operational Planning & Control 8.1.1 General
8.2 Customer Requirements 8.2 Emergency Preparedness 8.1.2 Eliminating Hazards
8.3 Design & Development   8.1.3 Management of Change
8.4 Purchasing   8.1.4 Outsourcing
8.5 Product & Service Provision   8.2 Emergency Preparedness
8.6 Release of Products & Services    
8.7 Nonconforming Outputs    
 

Checking

9.0 Monitoring, measuring, analysing and evaluating

This is the 'Check' part of the PDCA process. Monitor, measure and analyse process performance. Monitor and measure processes and products against policies, objectives and requirements, and report the results. The methods employed and the timing of such analysis should be based upon priorities established by the organization.

  • Develop a process to identify, collect and analyze management system performance data and information from both internal and external sources.
  • Implement an internal audit programme to collect and analyze customer and management system data to ensure valid results and effective performance.
  • Conduct management review meetings at planned intervals to ensure continuing quality, environmental or OH&S management system effectiveness.
ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
9.1 Monitoring & Measurement 9.1.1 Performance Evaluation 9.1.1 Performance Evaluation
9.2 Internal Audit 9.1.2 Evaluation of Compliance 9.1.2 Evaluation of Compliance
9.3 Management Review 9.2 Internal Audit 9.2 Internal Audit
  9.3 Management Review 9.3 Management Review
 

Acting

10.0 Implementing improvement actions

This is the 'Act' part of the PDCA process. Implement the actions necessary to achieve the planned results, and for the continual improvement of those processes. Auditors will expect to see evidence that corrective action is taken when measurable objectives and performance indicators fall below target or a pre-defined action level.

  • Ensure improvement is underpinned by meeting customer needs and enhancing satisfaction, improving products and services; including future demand and changing needs or expectations.
  • Any non-conformities and subsequent actions to prevent the reoccurrence and the effectiveness of the corrective action, must be documented and retained.
  • Use the outputs from analysis and evaluation (9.1.3) and management review outputs (9.3.3) to drive improvement. Monitor improvement activities and the effectiveness of their results.
ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
10.1 Improvement - General 10.1 Improvement - General 10.1 Improvement - General
10.2 Nonconformity & Corrective Action 10.2 Nonconformity & Corrective Action 10.2 Incident, Nonconformity & Corrective Action
10.3 Continual Improvement 10.3 Continual Improvement 10.3 Continual Improvement
 

How to apply the latest quality management principles

The latest and current quality management principles (QMPs), stated in ISO 9000:2015, are intended to provide the foundation by which any organization can continually improve its performance.

You can learn to apply the latest quality management principles in the context of your business's own particular operations by reviewing and documenting its activities in the context of each quality management principle.

Want to know more?

SSL certification

A certificate guarantees the information your internet browser is receiving now originates from the expected domain - https://www.iso9001help.co.uk. It guarantees that when you make a purchase, sensitive data is encrypted and sent to the right place, and not to a malicious third-party.

Free PDCA guidance

ISO Navigator™ is our FREE online training tool that shows you how to apply the principles of PDCA to your operations. We also offer many helpful templates that get you on the road to documenting your management system, please visit the download page.