The ISO Show

ISO Standards are internationally recognised as the gold standard for best practice within a variety of subjects and sectors. But what ISO Standards are the most popular across the whole globe? And are there any trends that can be gleaned? Thankfully, the International Standards Organization runs a yearly survey to find out! Join Mel in this weeks' episode as she breaks down the top 10 ISO Standards Implemented globally, where they are most popular and identifies key trends. You'll learn · What are the top 10 Implemented ISO Standards? · What Standards are gaining traction? · Where are the top 10 Standards most popular? · Are there any trends within the top 10 Implemented ISO Standards? Resources · The ISO Show · ISO.org In this episode, we talk about: [00:25] Don't forget to subscribe and leave a review – We love sharing top tips and dispelling myths about ISO Standards. Help us reach a wider audience by subscribing on your preferred media player, and leaving us a review 😊 [01:10] Episode summary – We'll be taking a look at the top 10 most popular ISO Standards based on the ISO Survey, run annually by iso.org. The survey results break down the number of ISO Certificates issued, and highlights which countries and sectors these Standards are most popular in. We're basing this episode on the 2022 results, as the 2023 results won't be out until later this year. We'll do another episode on the 2023 results to see what's changed – so keep an eye out for that! [02:14] #1: ISO 9001 – No surprises here! The Quality Management Standard is still top of the pops. It's holding strong with a 12% increase based on the previous year. It's most popular within the Construction, wholesale & retail, electrical, machinery & equipment sectors. China is in the lead with number of certificates issues (by a very large margin!), followed by Italy, India, Germany and the UK. [03:30] #2: ISO 14001 – We're happy to see the Environmental Management Standard so popular! In fact, it's had a 21% increase over the previous year! It's most popular in China, Japan, Italy, UK and Spain. Construction is the leading sector, but we've also seen an increase in the number of professional services choosing to adopt this Standard. [04:15] #3: ISO 45001: Coming in at #3 we have the Occupational Health & Safety Management Standard. This has seen an even bigger increase in demand, 29% more than the previous year. China still leads the way with number of certificates issued, but the UK and Australia are not far behind. Interestingly, there is little uptake within the Agriculture sector, which is concerning considering they consistently have the highest injury and death statistics year on year (in the UK according to the annual HSE reports). [05:25] #4: ISO 27001 – The Information Security Management Standard comes in at #4, with a 21% increase in demand over the previous year. Unsurprisingly, it's increased primarily in the IT sector, but that's followed by transport, storage and communications, along with financial services and real estate / renting. [06:00] #5: ISO 22000 – The Standard for Food Safety Management makes it into the top 10, with it being more popular in Taiwan and Greece. The sector specific information for this particular Standard is slim, but it's applicable to any organisation involved in the making, packing and distribution of food, as well as organisations in the hospitality sector. [06:30] #6: ISO 13485 – This is the Standard for Medical Devices. The USA are leading the way with certificates issued, followed by France, Germany and Italy. We're pleased to see that none of these ISO Standards are in any decline, and only seem to be increasing in popularity as the years go by. [07:20] #7: ISO 50001 – This is the Standard for Energy Management, if you'd like to learn more about this Standard, check out a few of our previous episodes. ISO 50001 has seen a 33% increase in demand, which is amazing to see! We hope this is a sign of more organisations taking climate change seriously, and taking the appropriate steps to start reducing their impact. China is still in the lead where number of certificates issued is concerned, followed by Germany, Spain, Italy and France. [08:25] #8: ISO 20000 – The Service Management Standard is still very popular within countries where we see a lot of call center activity. This used to be known as the 'IT Service Management Standard', but it has since evolved and encompasses Service Management as a whole. We did a podcast episode covering this Standard in 2023, so go back and listen if you'd like to find out more. No surprises to see China still in the lead with number of certificates issued, followed by USA, India, Italy and Spain. [09:15] #9: ISO 37001 – This one was a surprise, ISO 37001 is the Anti-Bribery Standard. Blackmores have implemented this Standard in the Construction and Facilities Management sectors, but it's a shock to see it in the top 10 as it's always been very niche here in the UK. This particular Standard is most popular in Peru, followed by Italy, Indonesia, Korea and Brazil. We were curious about why Peru were in the lead, and it seems that there may be a requirement for certain organisations to have this. Back in 2017, we knew there was a voluntary requirement, but perhaps this has changed in the last few years. If we have any listeners in Peru – we'd love to hear your feedback on this subject! [10:35] #10: ISO 22301 – The Business Continuity Standard. This Standard is most popular in the UK, and based on our experience, it's commonly adopted by those in the professional services and IT managed services sectors to help provide resilience and continuity for their Stakeholders. Other countries where it's popular include India, China, Greece and Korea. [11:20] The runners up – These Standards didn't make it to the top 10, but they were very close: · ISO 55001 – Asset Management · ISO 20121 – Sustainable Event Management · ISO 44001 – Collaborative Business Management [12:10] Conclusions – It's clear to see that sustainability based Standards are becoming very popular. We're particularly pleased to see the 33% increase in demand for ISO 50001! If you'd like to request a specific topic, or be a guest on a future episode, get in contact and let us know. We'd love to hear your views and comments about the ISO Show, here's how: ● Share the ISO Show on Twitter or Linkedin ● Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Before we dive into the new year, we'd like to take a step back and reflect on 2023. Last year was filled with a lot of topics and challenges, from tackling the transition to ISO 27001:2022, to finding credible ways to offset your carbon emissions within the UK. With a total of 33 episodes published last year, Mel looks back on the 5 most popular episodes of 2023, including some highlights from each episode. You'll learn · What were the top 5 most popular podcast episodes of 2023? · A highlight from each of the top 5 episodes Resources · The ISO Show In this episode, we talk about: [00:45] Editor shoutout – A special shout out to the Blackmores Communication Manager, Steph Churchman, who helps organise, produce and publish the ISO Show podcast! [01:20] Information Security was a favorite topic for 2023 – ISO 27001:2022 was definitely a hot topic in 2023, which is not a surprise seeing as anyone currently certified to ISO 27001:2013 will need to transition to the latest standard by October 2025. Many were making a start on this in 2023, or looking to plan it in for 2024. [02:10] #1: Episode 128 What's new with ISO 27001:2022? – Orginially published as part of a series of podcasts explaining the new Standard. This episode focuses on a high-level overview of the major changes. Here are a few highlights from the snippet: · Steve Gives an overview of what's new in ISO 27001:2022 – The updated version of ISO 27001 was released on the 26th Oct 2022. The new version included 24 changes and clarifications within the main clauses. · The controls for the new standard are now categorised into 4 groups: Organisation, People, Physical and Technology · We covered some of the new controls in more detail in previous episodes: #109, #110, #111, #112, #113 and #114 · The 24 changes and clarifications to Clauses include older existing clauses which have been tidied up to be more transparent. We recommend reviewing to ensure that you are complying in a way that aligns with the Standard. · There are 11 new Controls. 56 controls from the 2013 version have been reduced to 24 with 58 remaining unchanged. So, in short, Annex A has been simplified with less duplication of controls. [09:15] #2: Episode 130 What are the 11 new controls in ISO 27001:2022? – In this episode we brought Steve Mason back to discuss the 11 new controls in ISO 27001:2022, and delve into the context of why these were added. We also highlight some of the resources we've made available in the isologuhub, including mention of our ISO 27001 Transition Gameplan. Here are a few highlights from the snippet: · These new controls are nothing to worry about – they are simply aligning the Standard with more modern security considerations. You may already be complying with them! · Control A.5.7 Threat intelligence – 'To provide awareness of the organization's threat environment so that the appropriate mitigation actions can be taken.' – This can come from many different sources, such as the NCSC or local police websites. There are also additional tools you can add to detect possible phishing attacks. This also includes consideration to external threats – Information Security is about much more than just protecting data! It also includes physical security. · Control A.5.23 Information security for use of cloud services – "To specify and manage information security for the use of cloud services." – More and more businesses reply on cloud-based computing. It's important to verify the security of your service provider to ensure it's adequate. You can check to see if they have any valid Information Security related credentials such as CSA Star, Cyber Essentials, SOC. You could also adopt principles of ISO 27017 (certification for cloud security), ISO 27018 (Protection of PII in the public cloud) and ISO 27701 (PII security Standard). · Control A.5.30 ICT readiness for business continuity –' To ensure the availability of the organization's information and other associated assets during disruption' – There a few standards that could assist with this, including ISO 27031 (ICT readiness for Business Continuity). Those that have ISO 22301 may want to look at how ISO 27001 elements can be integrated and improved in any disaster recovery plans. ISO 27001 needs to be an integral part of any business continuity plans – not just a bolt on. Small business may not want to conduct a full business impact analysis, but should carry out a risk assessment around business continuity at the very least. [21:20] #3: Episode 134 Credible Carbon offsetting with Treeconomy: We had some fantastic guests on the show last year, such as Harry Grocott – CEO of Treeconomy. We invited him on to talk about how we can demonstrate credible carbon offsetting through schemes here in the UK, and how you can avoid falling prey to greenwashing. Here are a few highlights from the snippet: · Can we quantify the value of nature? Short answer right now is no, but there is a lot of nuance. Nature offers ecosystem services i.e. farms offer a calorific benefit, we can put a price on the value that offers. The same principle applies to resources such as wood or oil. Now we are gaining the ability to quantify CO2 removal, which is undeniably valuable to humanity. · Other more recent services such as biodiversity projects are a bit harder to quantify – as they vary so much depending on the country. However, we are starting to assign value to these. · How can people be sure that they don't fall prey to Greenwashing? There are 2 main issues to consider: 1) Are your carbon credits credible? 2) what claims are top management making? · Tackling claims made by leadership: ISO standards are starting to solve this issue. There are clear requirements and certifications that need to be in place to back those claims. · Tackling carbon credits: The carbon offsetting market is heavily unregulated currently. Essentially it's a lot of people trading in invisible gas. There are a number of carbon standards (Not quite at the same level as ISO Standards), such as the Woodland Carbon Code and the Peatland Code, and Internationally there are standards such as Verra VSC – unfortunately, a lot of these standards aren't very robust and aren't enforced. · Many companies will often look to buy the cheapest offsets available, which are likely to be non-credible and will provide no evidence of actual offsetting occurring. But, there are a lot of new companies emerging that provide tangible evidence of offsetting (such as Treeconomy ) [33:50] #4: Episode 136 dotdigital's sustainable transformation with ISO 14001 – We're always delighted to share stories about our clients' ISO journeys. In this case we got the chance to talk to Steve Shaw, the Chief Product and Technology Officer at dotdigital, about their journey to achieve ISO 14001. Dotdigital have a habit of going above and beyond when it comes to implementing ISO Standards, and this time is no different as Steve explains some of the fantastic sustainability initiatives introduced as a result of gaining certification. Here are a few highlights from the snippet: · dotdigital was the worlds first carbon neutral marketing automation platform that was ISO 14001 certified. They also aim to be net zero by 2030! · They have a relatively small footprint as a primarily digital based company, only really having to consider the running of computers, air conditioning and standard office facilities. So it can be a challenge to reduce! · What led to the success of dotgreen? – dotdigital launched a group called dotgreen, which has since thrived into a community of likeminded individuals all working together to improve and reduce dotdigital's impact. They were fortunate to have an Executive group sponsor who can take ideas and suggestions to other leadership for consideration. This grassroots group encourages suggestions from everyone – no idea is a bad idea. Over time, the group evolved and helped to develop a sustainability programme for the business. · What was one of the initiatives implemented from dotgreen? – They identified that existing data centers used by the business weren't always utilising renewable energy. So, over the course of 2 years, they worked with Microsoft to build on their Azure platform to enable dotdigital to make the switch. Azure runs on renewable energy sources, and any remaining emissions can be offset through carbon credits. · A green option for their customers – As a result of their cloud platform now being run through green partners, they can extend the environmental benefit to their customers. [42:25] #5: Episode 135 Emerging SaaS Trends in Health and Safety – Health and Safety can be quite the task to keep on top of, a well known fact for anyone certified to ISO 45001. Thankfully, there are a number of Software as a Service options out there to make the lives of Health and Safety professionals much easier. New and emerging technologies are only going to develop more rapidly with the integration of AI and machine learning. We invited James Sharp, Chief Technical Officer at Riskex, onto the show to discuss the top 10 emerging SaaS trends, including how each can help streamline processes and gather and analyse large amounts of data. Here are a few highlights from the snippet: · Riskex have been certified to a number of ISO Standards, including ISO 18001 (Prior Health and Safety Standard, now certifying to the latest version, ISO 45001), ISO 27001 (Information Security) and ISO 9001 (Quality Management) · Software as a Service became very popular during Covid, as business became very fragmented and were looking for solutions that could be rolled out across multiple sites. Riskex also created their own track and trace system based on established software they were already offering – helping businesses manage Covid safely. · Trend #1 – Artificial Intelligence – Artificial learning is all around us and with vast volumes of data being collected by safety management platforms. AI allows decision engines to predict and provide guidance based on key trends or established KPI's. For example, if accident rates were to increase but at the same time risk levels have been reducing, it could soon highlight this trend and look at other surrounding data or previous trends to establish a pattern. This will lead to a more pro-active approach to reporting and subsequent decision-making. · Trend #2 – API Connectivity – Providing an open API platform will allow businesses to integrate internal systems and external services to digest data. As more organisations adopt Cloud solutions, connectivity between platforms has become increasingly important. With a robust API offering, multiple business services can interact with ease and become part of the safety management space, without incurring significant cost or time. · Trend #3 – Low-Code Optimisation – Developing generic components within software to allow for quicker builds, implementations and tailoring requests. As stand-alone and generic component development increases, solutions can offer more flexibility and self-serve options to the end user to assist them with aligning platforms with their specific processes. · Trend #4 – Mobile Optimisation – More and more end-users are accessing health and safety software via their mobiles but for various reasons, are not always able to use native apps (installed on the device). Therefore, health and safety software platforms need to adapt use on multiple devices, without the loss of features. We can't wait to dive into new topics this year! If you'd like to request a specific topic, or be a guest on a future episode, get in contact and let us know. We'd love to hear your views and comments about the ISO Show, here's how: ● Share the ISO Show on Twitter or Linkedin ● Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Trying to achieve Carbon Neutrality can feel like a monumental task, especially with so many separate elements that you have to complete. From quantifying your data, reducing where possible and offsetting the remainder, it can be hard to keep track of it all with taking a structured approach. Which is where ISO 14068 comes in. This is the new Standard for Climate Change Management, and it's specially designed to help businesses with the transition to Net Zero. In this weeks' episode Mel explains 10 reasons why you should use ISO 14068 – the new Standard for Carbon Neutrality. You'll learn · What is ISO 14068? · Why should you adopt ISO 14068? · How can Carbonology Support you with ISO 14068? Resources ● Carbonology ● Grab a copy of our Net Zero Planner ● ISO 14068 In this episode, we talk about: [00:25] What is ISO 14068? – This is standard for Climate Change Management. If you'd like to find out more about the Standard, it's purpose and how it can prevent green washing, go back and watch our previous episode. [00:55] Where to find more information – This podcast is based off BSI's most recent Publication on ISO 14068: 'Climate Change Management – Transition to Net Zero – Part 1: Carbon Neutrality (A BSI Executive Briefing). You can download this from a recent blog on BSI's website. [01:05] Reason 1: A structured approach – Mel found out firsthand from a recent EMEX event that people are looking for a structured approach to carbon neutrality. ISO 14068 gives organisations a structured process for developing a detailed carbon neutrality management plan with short- and long-term targets. [02:10] Reason 2: Quality - In contrast to unsubstantiated claims of neutrality, claims under ISO 14068 have to be based on all GHGs, take a lifecycle approach and can only be made after the development of long-term planning, with real GHG reductions in place, and offsetting restricted to residual emissions using high quality carbon credits. [03:10] Reason 3: Credibility: Use of this internationally recognised standard can offer market benefits by increasing the credibility and verifiability of a product or organisational claim of carbon neutrality. This Standard has been developed by international technical committees and subject matter experts across the globe, which gives it a lot more credibility in the eyes of Stakeholders. They will have confidence that claims are transparent and reliable from those who adopt ISO 14068. [04:22] Reason 4: Global Recognition – A quick reminder - Those who have been listening to the ISO Show for a while now may remember our previous podcasts on PAS 2060 – the previous Standard for Carbon Neutrality. Companies will now have 2 years to transition to ISO 14068. We'll be doing a podcast on how to go about doing that in 2024! Circling back to Global Recognition, ISO 14068 provides a common set of criteria for measuring and reporting carbon neutrality. This ensures consistency across different organizations and industries, underpins easer comparisons for carbon neutrality efforts between entities, allows stakeholders to assess and benchmark efforts, and supports global recognition for claims of carbon neutrality. [05:30] Reason 5: Convenience – If you've already got other ISO's in place, good news! ISO 14068 is designed to work with other quantification standards such as ISO 14064 or other equivalents. [05:55] Reason 6: Flexibility - ISO 14068 can be used by any sized organisation, in any country or sector. It can also be applied to whole organisations or individual products. [05:55] Reason 7: Responsibility - The standard encourages organisations to take responsibility for minimising their own carbon footprint before paying third parties to offset their emissions. We've seen in the past where people think just paying for carbon credits will work in the long-term – which just isn't sustainable. You should be looking to reduce as much as possible before moving onto the Offsetting stage. [08:00] Reason 9: Risk Mitigation – Adopters of ISO 14068 will be in a strong position to manage current and emerging regulatory and market risks in relation to GHG emissions. It's a competitive market place out there, with ESG requirements appearing more on tenders year on year. Many will now require you to prove your commitment to carbon neutrality, and it's become clear that we need Standards to be able to provide that evidence. This is where ISO 14068 comes in, as you will have that proven methodology that you can then demonstrate to those stakeholders. [09:30] Reason 10: Competitiveness – ISO 14068 demonstrates a commitment to climate action can also mitigate reputational risks and enhance brand value, market access and competitiveness [10:30] Further Information – Our sister company, Carbonology, will be publishing more content around ISO 14068 in 2024. Check back on their website to find out more. We'd love to hear your views and comments about the ISO Show, here's how: ● Share the ISO Show on Twitter or Linkedin ● Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

We're inching closer to our 2030 and 2050 Net Zero targets, and if we keep going the way we are, we're not going to hit either one. This is unsurprising considering the lack of a unified approach to achieving Net Zero. There are a lot of options to tackle certain aspects of sustainability, but few outline an entire pathway to guide businesses towards a tangible goal. However, that may be set to change with the release of ISO 14068-1:2023 – Climate Change Management! In this weeks' episode Mel explains what BS ISO 14068 is, who can use the Standard, and how this Standard can combat green washing. You'll learn · What is ISO 14068? · Who is this Standard for? · Why was this Standard created? · How can ISO 14068 help businesses to tackle climate change · How can ISO 14068 help combat green washing Resources ● Carbonology ● Grab a copy of our Net Zero Planner ● ISO 14068 In this episode, we talk about: [00:25] Introduction and episode summary – ISO 14068 has just been published, superseding PAS 2060. In this episode, we'll explore what this Standard is all about, how it can help you and help prevent green washing. Keep an eye out for our follow-up episode, which will give you more insight into the 10 reasons for adopting this Standard to achieve Net Zero in 2024. [01:40] A passion for Sustainability – If you're new, you may not be aware that Mel is the CEO of both Blackmores and Carbonology. Carbonology was created as a sister company in 2023, and it's sole purpose is to help businesses to be able to demonstrate with credibility and complete transparency - A legitimate route to achieving carbon neutrality. [03:00] What is ISO 14068-1:2023? – This is standard for businesses transitioning to Net Carbon zero. The standard for specifies the requirements for achieving and demonstrating carbon neutrality through the quantification, reduction, removal and offsetting of greenhouse gas (GHG) emissions. [03:30] Who can use this Standard? BS ISO 14068-1:2023 can be used by any organization, in the private or public sectors, that wishes to make either the organization or a product climate neutral. Products may be consumer-facing or business to business, and include all types of goods and services, including events and financial services. [04:05] Why has this Standard been developed now?: To avoid the worst effects and keep the rise in global temperatures to no more than 1.5°C, the Intergovernmental Panel on Climate Change (IPCC) of eminent scientists has identified that we need to cut emissions of greenhouse gases by 40% in this decade and to global net zero by 2050. However, working towards a long-term target of net zero can be difficult without recognition of achievements along the pathway. That's where carbon neutrality can help; organisations that have a clear plan and have started making real greenhouse gas (GHG) reductions can counterbalance their remaining carbon footprint using high quality carbon credits / offsets to achieve carbon neutrality. ISO 14068-1 is the new International Standard that sets out requirements for organisations wishing to achieve carbon neutrality, including for products, such as goods, services or events. ISO 14068-1 also provides a rigorous and robust framework for avoiding greenwashing, and builds on the 15 years' experience of the previous Standard – PAS 2060. Organizations using the standard will benefit in two main ways: internally, through having a clear guide on best practice in reaching carbon neutrality; and externally, by demonstrating compliance with a rigorous standard on carbon neutrality. [06:40] How can the standard help businesses that are still scratching their heads about how to tackle climate change? - The standard provides clear principles that entities need to consider when seeking carbon neutrality. These include establishing a hierarchy, so that GHG emission reductions are made first – and reductions are often the most cost-effective way of reducing a carbon footprint, avoiding the need for potentially costly carbon credits. The hierarchy is then used to determine a pathway to carbon neutrality, including short- and long-term targets for minimising the carbon footprint. The standard also explains how the pathway is used in developing a detailed carbon neutrality management plan, which provides clear guidance for those responsible for the implementation of carbon neutrality. [08:30] How can the standard combat green washing? In recent years, there have been many claims of carbon neutrality that are unsubstantiated or supported only by purchasing a few carbon credits, with a consequent risk of greenwashing. Following BS ISO 14068-1 means organiations will be able to demonstrate that their claim of carbon neutrality is underpinned by real action to reduce GHG emissions and includes a clear pathway to eliminate all possible GHG emissions, so it does not just fall back on purchasing carbon credits in the market. This significantly improves the credibility of a claim. [09:45] Keep an eye out for future episodes! We'll be talking more about ISO 14068 in future episodes, including the benefits of adopting this Standard. We'll also dedicate an episode to explaining the difference between Certification and Verification – so stay tunned! We'd love to hear your views and comments about the ISO Show, here's how: ● Share the ISO Show on Twitter or Linkedin ● Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

The use of AI within business is starting to become more common place. With major applications like Microsoft Teams and Word integrating many new features designed to make our lives easier. However, we still need to exercise caution with this new technology and consider what we can put in place to mitigate any potential security risks while developing or utilizing it. Which is precisely what today's guest, Monolith, has done. Monolith provide a machine learning program that engineers can adopt to build highly accurate self-learning AI models that instantly predict the performance of systems in a wide variety of operating conditions. In this weeks' episode Mel is joined by Æsc George, Senior Software Engineer at Monolith, to discuss why they have adopted ISO 27001, explain their implementation journey and the benefits of having an Information Security Management System. You'll learn · Who are Monolith AI? · What was their main driver behind obtaining ISO 27001? · What was the biggest Gap identified in the initial Gap Analysis? · What benefits did Monolith AI gain from implementing ISO 27001? Resources ● Monolith ● ISO 27001 Transition Gameplan In this episode, we talk about: [00:25] An introduction to Monolith and Æsc George – Monolith AI is all about empowering engineers to develop self-learning models from their engineering test data. With this they can develop machine learning models to really accelerate new product introductions and get these new products to market much more quickly, primarily by using these models to accelerate and streamline their testing. They are currently recommended for ISO 27001 certification, and are eagerly awaiting the arrival of their physical certificate. Æsc George is a Senior Software Engineer of this web browser based software. He is also the interim security officer, which is why he was tasked with obtaining ISO 27001. Fun fact about Æsc: He was a proud owner of a colony of 8 rats! He currently takes care of 4 cats, which have access to a plethora of enrichment in his home 😊 [03:35] What was the main driver for Monolith to obtain ISO 27001? – There were a few drivers, the most obvious being that they want to display their commitment and credibility when it comes to Information Security. Acquiring ISO 27001 makes it easier to show their clients and prospects that their engineering data is in safe hands. Monolith also know that there's a lot of buzz about artificial intelligence and machine learning at the moment, and that buzz covers both sides of the coin. What good it can do for the world and the harms it can do, so aligning with ISO 27001 shows that they're trying to use AI in a responsible way. [05:10] The start-up is getting a head start! – Monolith AI is a start-up company, only a year in and already leading the way for AI development by ensuring security is a priority from the start. [05:40] How long did it take to implement ISO 27001? Nine months from the point of contacting Blackmores to assist to being recommended for certification. Æsc recounts his experience: "My perception is that the effort was quite front loaded, so the amount of effort involved in the process almost wound down towards the end - even with the external audit happening towards the end. I think once the information security management had been established and we'd worked it into our day-to-day, the perceived effort was lower. So I felt pretty confident going through our audit processes because I've experienced the system working already." [08:15] What was the biggest gap identified at the Gap Analysis?: There wasn't a formal approach to information security risk and risk treatment. There were already a number of existing systems and ad-hoc arrangements to mitigate information security risks – but they had been framed in terms of risk. They hadn't gone through a process where risks were quantified and weighed against each other. So following the gap analysis, one of the many actions Monolith took was to make sure they were consistently and regularly assessing information security risk in various dimensions. They now have the right framework in place to allocate the appropriate time and resources towards information security, and to prioritise the biggest risks. [10:10] What difference has Implementing ISO 27001 made? - It's given Monolith more confidence in their understanding of Information Security risks, and assurance that there aren't any massive, unidentified risks that may cause trouble later down the line. It's also made it easier to discuss information security risk and policy decisions. Monolith AI are a remote first company, allowing their staff the freedom to experiment with new technologies, and be in an environment where they feel comfortable. Having formal risk treatment in place means they can maintain this highly flexible, highly innovative and productive way of working – but with their eyes wide open. [11:40] What has Æsc learned from the experience of Implementing ISO 27001? Æsc is not new to ISO Management Systems, having been involved with the maintenance and implementation of a few in the past. However, he has gained an appreciation for the nuance in ISO 27001. For example, the knowledge that the standard uses words like 'should' and 'shall' that have particular intentions – 'shall' being mandatory and 'should' being recommended. His previous experiences with Management systems had more available resource than at Monolith, so learning this nuance has been important in the prioritization of focus and resources in his current position. [13:30] What have been the main benefits from Implementing ISO 27001? Having a holistic and formal approach to Information Security and risk management compared to the ad-hoc approach they had prior. It's brought the company together on a really important issue, and helped everyone to understand the role they play in Information Security. Personally, Æsc has enjoyed reaching out to people he may not ordinarily get the chance to work with, as a result of this unifying issue that everyone at Monolith cares about. [17:00] Once Monolith formally receive their ISO 27001 certificate, what benefits will that bring? – Currently Monolith AI are recommended for Certification, and are simply waiting on the delivery of their physical certificate. Once received, they will be able to present it to prospects and clients if they are questioned on information security credentials – to show that they are serious about their commitment to security. It will also open doors to new prospects that may bother considering them as a supplier due to the lack of ISO 27001 certification. They are also a leading example in the relatively new industry of AI, those with ISO 27001 certification at this stage stand out from other competitors. [19:15] What tips does Æsc have for those starting out on their ISO jorney? – Speaking from experience, Æsc recommends hiring a specialist in ISO to assist with your implementation. In his case, Blackmores helped to organise the process, drive a lot of the early gap analysis and gave him confidence in going through internal and external audits. Having someone with experience acting as a guiding hand makes the whole process go a lot more smoothly. This could be a consultant, or someone you train within your own business. These projects are the sort of thing that turn passion into action. Whether that's information security or environmental management ect, it's better to have someone experienced or trained in the nuances of the Standard to ensure it's implemented in a way that truly benefits your business. [21:20] Æsc's book recommendation - Nature's Calendar: The British Year in 72 Seasons by Kiera Chapman, Rowan Jaines, Lulah Ellender and Rebecca Warren. It's Inspired by a traditional Japanese calendar which divides the year into segments of four to five days, this book guides you through a year of 72 seasons as they manifest in the British Isles. As Æsc describes: "Lots of the seasons will be very familiar to people who've lived in this country their whole life, but they may not have necessarily thought about the context of it. So I think is really grounding. Time and the way we measure it can seem so arbitrary and abstract sometimes, and measuring minutes and hours is responsible for so much stress and anxiety, so taking a breath, thinking about how nature moves at a different, slower, more deliberate pace, and finding the time to synchronise with that move with nature can be a really rewarding experience" [24:15] One of Æsc's favorite quotes - "I went to the woods because I wished to live deliberately, to front only the essential facts of life, and see if I could not learn what it had to teach, and not, when I came to die, discover that I had not lived" - Henry David Thoreau (from his book 'Walden') [26:10] Need help with your ISO 27001 transition? – We have an ISO 27001 Transition Gameplan available on the isologyhub. This Gameplan provides a step by step guide for you to transition to the latest 2022 Standard. If you'd like to learn more about Monolith AI, check out their website. We'd love to hear your views and comments about the ISO Show, here's how: ● Share the ISO Show on Twitter or Linkedin ● Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

The demand for tangible sustainability action is becoming more pressing as we inch closer to our 2030 and 2050 Net Zero targets. However, that is still quite a way off, and many businesses are dragging their feet when it comes to taking action. Sure, some may have an ESG Policy or mention it on their website, however that term is starting to become synonymous with green washing due to poor implementation in many cases. So, what can you do to make a difference right now? In this weeks' episode Mel explains the principle of Parkinson's law, how ISO Standards can help to tackle climate change and how you can achieve Net Zero in just 90 days. You'll learn · What Parkinson's Law is · How can ISO standards help tackle climate change · The 3 reasons why businesses are behind on achieving net zero · How you can achieve Net Zero in just 90 days using the Net Zero Planner Resources ● Carbonology ● Register for EMEX here ● Grab a copy of our Net Zero Planner In this episode, we talk about: [00:25] Come visit the Carbonology stand at EMEX! – EMEX is a free exhibition to learn about carbon management, ESG and sustainability. It takes place at ExCeL London on 22nd – 23rd November 2023 – Carbonology will be at Stand G38. Come grab a free Net Zero Planner while you're there! Register your place here. [02:10] Episode Summary – Today we'll be talking about why we need to act now rather than in a decade or two, how ISO Standards can play a critical role in tackling climate change and using the Net Zero Planner to help you set achievable objectives to work towards Net Zero in just 90 days. [02:55] We need to act now rather than later! – Our 2030 and 2050 targets are very far away, which results in businesses not doing much to address them in the meantime. They might have an ESG policy or they might have something referencing ESG on their website, but are they actually taking action right now to make that happen? In many cases, no. Which is where Parkinson's Law comes into play. [03:40] What is Parkinson's Law? Parkinson's Law is the idea that work expands to fill the time allotted for its completion. This may mean you take longer than necessary to complete a task or you procrastinate and complete the task right before the due date. Parkinson's Law is the old adage that work expands to fill the time allotted for its completion. The term was first coined by Cyril Northcote Parkinson in a humorous essay he wrote for "The Economist" in 1955. Lets say you are given a task to complete a report in 3 weeks, chances are if you were given the task to do in 1 week – you'd make it happen. Parkinson's Law says that the perceived importance and difficulty of a task will grow in proportion to the amount of time given to finish it. [05:30] Is it possible to achieve Net Zero in 2024?: Yes! Carbonology® been turning around projects to help businesses to build net carbon neutral in less than three months - so why can't you? [06:05] The Net Zero Planner - The Net Zero in 90 days planner gives you a pathway to follow to achieve Net Carbon Zero. Each day focuses on a specific task, enabling you to make step by step progress to achieve your goals. Your Net Zero Planner provides the foundations for not only achieving Net Zero but also achieving verification to Carbon standards along the way. Grab a copy here! [08:25] What role do ISO Standards play in tackling climate change? Standards have a critical role in helping meet climate goals. Particularly when there is an influx of greenwashing across industries. The international standards for carbon verification (ISO 14064) and carbon neutrality (PAS 2060, due to be ISO 14064 in 2024) support the Sustainable Development Goals (SDG) and create a level playing field, providing transparency, reliability, accountability and without a doubt, credibility. [10:00] Why are businesses struggling to achieve Net Zero? there are three reasons why businesses are behind on achieving Net Zero:- · Time and resources have not been dedicated. · Lack of focus and structure · Lack of knowledge on what to do The Net Zero Planner will help to address these challenges. [11:15] Carbonology is there to support you – Some of the tasks in the planner may be tricky – quantifying your emissions for example, this is always going to be challenging. Carbonology is there to support you, either with consultancy or digital resources via the Carbonologyhub. If you need some extra assistance, simply contact them. [11:55] How can the Net Zero Planner help you? – First and foremost, Net zero is not going to happen, unless you prioritise your time. This starts with designing your ideal week. Imagine how would you structure your week if you had 100% control. What does your ideal week look like? Remember, What gets scheduled gets done. Sticking to a plan takes discipline, but imagine if every business dedicated 2 hours a day for 3 months, we'd be achieving net zero well before 2050! By setting aside 2 hours a day to complete a Net Zero task, you and your team will be well equipped to put your planning in place and achieve Net Zero accreditation! Of course, not every week will be aligned with your ideal week, but it's a guide that you can refer back to. [13:00] Making progress with the Net Zero Planner - It's imperative you review progress on a weekly and monthly basis and at the end of the 9O days. This will help to drive momentum when you see what you've achieved and also provide a reality check if you need additional support or time. The weekly, monthly and quarterly review provides an opportunity to look back at your progress and allows you time to reflect on what went well, and where you've been having challenges which may result in making decisions to address any shortfalls. This could include allowing more time for a specific task the following week, delegating responsibilities internally or outsourcing activities i.e. carbon quantification or verification. It's recommended that you schedule this review and reflection time in your calendar i.e. 1 hour on a Friday afternoon or at the end of the month. In addition to the structured planner pages, there are blank pages for expanding on your ideas and taking notes. [15:25] Special Deal! - The Net Zero Planner is available for Amazon at a reduced price of £7.99 until the 15th December 2023. The Standard price will be £14.99. If you're at EMEX on the 22nd or 23rd November 2023, we have 100 free copies to give away! Lastly, if you have an questions or would like to learn more about how Carbonology can help you, feel free to book a call in via David's Calendly. We'd love to hear your views and comments about the ISO Show, here's how: ● Share the ISO Show on Twitter or Linkedin ● Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Sustainability has become a top topic to address in the last few years, both for businesses and individuals. In fact, 90% of business leaders think sustainability is important, but only 60% actually have a sustainability Strategy. The demand for tangible action is becoming more pressing as we inch close to the 2030 milestone of the Paris Agreement. To encourage action from businesses, we're seeing more public and private sector contracts include a tendering requirement to show your commitment to sustainability. One such example is the need for a PPN 06/21 Carbon Reduction Plan. In this weeks' episode David Algar, Principal Carbonologist® at Carbonology, joins Mel to explain how to create a Carbon Reduction Plan, shares some top tips on presentation and how Carbonology® can support you. You'll learn · How to create a Carbon Reduction Plan · How Carbonology® can help you align that plan with ISO 14064 and PAS 2060 · Addressing difficult tendering questions · How to best present your Carbon Reduction Plan Resources ● Carbonology ● Book a call with David Algar ● A quick Guide to creating your PPN 06/21 Carbon Reduction Plan In this episode, we talk about: [00:24] What are PPN 06/21 Carbon Reduction Plans? – Go back and listen to our previous episode to learn more. [00:42] Episode Summary – Today we'll be talking about how to create a Carbon Reduction Plan (CRP), how to deal with difficult tendering questions and the best ways in which to present your CRP. [02:46] How do you actually calculate the emissions? We have gone into this in a lot more detail on a previous episode, but to summarise:- Emissions are calculated by taking your activity data, such as kWh of electricity, or miles driven in a vehicle, and multiplying it by an emission conversion factor. Specific emission conversion factors are available from DEFRA for specific activity data, they are also year-specific. The hard part is sourcing your activity data, accounting for missing information, performing estimates, and ensuring the overall methodology is accurate. This is all done in alignment with ISO1464-1, as well as the PPN guidelines, so one of the very first things we'll do with you is define your organisational and reporting boundaries, [05:27] How can a business set carbon reduction targets and forecast emissions? This is tricky as it involves trying to predict the future, not just in the short term, but potentially several decades ahead depending on your goal. The good thing is you know the end destination of your carbon pathway: little to no emissions by 2050. Using this and some simple maths you can at least map out where you should be each year when moving forward from the base year, the base year being the period you use to compare future results against. Usually the base year is the first year you complete calculations, but this can change over time. We're finding some clients are opting to change their base year to account for the disruption of COVID-19 on operations [06:40] How do you actually set the targets?: When we look at target setting and emission forecasts we generally take 2 approaches: Milestones: · The first, and our most common approach, is about setting milestones based on specific carbon reduction initiatives the business can implement, at specific dates. · For instance, all company vehicles being hybrid by 2025 and fully EV by 2035? Or what if we phased out gas by a certain date? Or cut out all single use plastics? · Using this milestone method for the forecasting can be tricky, but you can end up with a carbon pathway that is more representative of real life. Straight line method: · The second is what we refer to as the 'straight line' method. This is a simpler approach that involves doing some simple maths to plan out your carbon targets for each year, without factoring in specific milestones or events. · We refer to this unofficially as the 'straight line' method as the graph showing your carbon pathway is pretty much a straight line from your base year towards net zero, using the milestones method gives a 'bumpy' line due to the influence of specific milestones at specific years. [08:35] A tip for setting targets for the first time is by thinking 'what if? This is essentially looking at the thing you're doing now and replacing it with a more sustainable alternative. For instance, calculating what your business travel emissions would be last year if they were all completed in hybrids, or if domestic flights were replaced by train journeys. Doing these 'what if?' calculations is a bit hypothetical as operations are likely to change over the years, but it still helps give you a specific target to aim for a specific GHG sources. [10:40] How can you influence carbon reduction in areas where you have no direct control? Some areas will be out of your control, for instance if you ship goods in from around the world you can't necessarily decide how they get to you, or if they are transported via more sustainable transport. · One thing you can do is aim to set a good example yourself as a business · You could also adopt the PPN framework yourself and request it from anyone that is aiming to win your business · Another quick win is actually speaking to your suppliers. If you use a local delivery firm you could speak to them about their plans for an electric fleet, or more sustainable packaging. Or if you use a data centre, you could enquire about if is run on renewable energy sources [13:15] But what if we are planning to grow as a business? Results are expected to fluctuate over time, so if they go up after the base year this shouldn't impact your success or failure in your tender submission. The aim is obviously to decrease on average over time If you know for certain that they will increase in the next few years, for instance through opening new sites, making acquisitions, or just natural growth, that's ok. You could pick a new base year if operations significantly change as this will give a more realistic figure to work down from. You can also use this as an opportunity to evidence efficiency improvements through intensity metrics, such as your tonnes of carbon per employee, or relative to your revenue. [15:15] In what other ways can Carbonology help to support you? – Once everyone is happy with the CRP, you'll then have to actually use it in tenders. The fun thing about tenders is that they can all ask different questions, despite PPN having technical requirements, so you can't always have the information to hand before submitting one. We can't write your tender submissions for you, but we can provide guidance and pull out the necessary figures if requested, for instance if you need certain numbers to support with your Social Value Model reporting. [16:20] How can this help on your journey to Carbon Neutrality? – If you've gone through all the hard work to create a PPN 06/21 Carbon Reduction Plan, you'll be in the ideal position to achieve carbon neutrality of your operations via PAS 2060. The next step would be creating a PAS 2060 Qualifying Explanatory Statement, or QES, which details how you have achieved carbon neutrality through offsetting, and your commitment to maintain this for future reporting periods. [17:25] Where does the verification come into play? If you've already calculated your emissions you may be asked to have them independently verified by an independent third party. We've recently developed a process so we can check over you GHG calculations, policies, procedure and overall alignment with the standard. As part of this, Carbonology can provide a verification report with all findings and opportunities for improvement, as a well as a verification statement to show you have had emission independently verified in alignment with ISO 14064. For further information, David has prepared a quick guide for creating your PPN 06/21 Carbon Reduction Plan. Feel free to download it here. Lastly, if you have an questions or would like to learn more about how Carbonology can help you, feel free to book a call in via David's Calendly. We'd love to hear your views and comments about the ISO Show, here's how: ● Share the ISO Show on Twitter or Linkedin ● Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Sustainability has become one of the main focal points for businesses to address in the last few years, and for good reason! We're already seeing the devastating effects of simply doing nothing in the form of more extreme weather, occurring much more frequently in areas not equip to handle it. To encourage action from businesses, we're seeing more public and private sector contracts include a tendering requirement to show your commitment to sustainability. One such example is the need for a PPN 06/21 Carbon Reduction Plan. In this weeks' episode David Algar, Principal Carbonologist at Carbonology, joins Mel to explain exactly what PPN 06/21 Carbon Reduction Plans are, what the requirements mean in practice and the consequences if a business does not meet the requirements. You'll learn · What are PPN 06/21 Carbon Reduction Plans? · What the requirements mean in practice · Benefits to a business · What if a business does not meet the requirements? Resources ● Carbonology ● Book a call with David Algar ● A quick Guide to creating your PPN 06/21 Carbon Reduction Plan In this episode, we talk about: [00:42] Episode Summary - We're talking about PPN 06/21 Carbon Reduction Plans because there is a government requirement to submit one. This episode will cover the what and why, in part 2 we'll go into more detail about how to create a Carbon Reduction Plan. [02:10] What is a PPN 06/21 Carbon Reduction Plan? Procurement Policy Note 06/21 was introduced back in June 2021, hence the 06/21 part, and is a tendering requirement for companies looking to win contracts in the public sector that links to the Government's Net Zero target. [02:28] What is the UK government's Net Zero target? The 'net zero target' refers to a government commitment to ensure the UK reduces its emissions by 100% from 1990 levels by 2050. [02:55] Who does PPN apply to?: Public sector, so any businesses that works with education, local authorities, housing, infrastructure, defence, transit, and of course, the NHS who have set a goal of Net Zero by 2040. Officially this is for contracts that are valued at £5M or more, but in April 2024 the NHS will be requesting a Carbon Reduction Plan for all procurement. Unofficially, this framework could be adopted by any business, so even if you don't deal directly with the public sector, or are a subcontractor, your supply chain may soon be requesting a Carbon Reduction Plan! [04:05] Why do you need a Carbon Reduction Plan? Although the Government's targets and policies around Net Zero keep changing, the overall goal of PPN 06/21 is to encourage businesses to reach Net Zero before 2050, come up with a plan to do so, and implement emission reduction initiatives in the delivery of Government contracts. [04:35] From a businesses perspective, what are the main benefits? There are 2 main benefits: ● It's essential for some tendering, with as much as a 10% weighting based on your carbon management and social values. Put simply, if you don't produce one when needed, you may fail the tender requirements and probably won't make the sale. ● The second main benefit is that this isn't just a piece of paper with a graph on it, it's a great opportunity to investigate your business' GHG emissions, and put a plan in place to reduce them. This also helps you show to stakeholders that you are actually committed to environmental protection and could identify some cost savings in your business after going through all the data. ● It's also a great addition to any existing ISO 14001 or ISO 50001 Management Systems! [06:10] What are the key requirements of PPN 06/21? –  Firstly you'll need to make a commitment to achieving net zero by 2050 at the latest. This includes annually calculating your emissions and updating the Carbon Reduction Plan. Next you'll need to report on a minimum set of GHG categories: 100% of your Scope 1 emissions, so direct emission from company vehicles, gas heating (so stuff you burn) and any fugitive emissions, which are leaks from HVAC systems for most businesses. 100% of your Scope 2 emissions which is electricity most of the time but can also refer to steam you import from an external source. You'll also need to report on 5 Scope 3 categories, these are your indirect emissions: ● Waste generated in operations ● Business travel in vehicles you don't own, so staff cars, flights, trains, etc ● Commuting, so staff traveling to and from work, being careful not to double count business travel not already claimed under expenses ● And arguably the most complicated, upstream and downstream transportation, i.e. goods in, and goods out – physical transport of goods [09:50] Are there any other categories covered by scope 3 that we should consider? – Generally, when we produce a CRP for our clients, we'll look at a few extra Scope 3 categories such as water, homeworking, or purchased goods, so carbon reduction planning can extend to other elements of the business. In all cases you'll need to report in tonnes of carbon dioxide equivalent, or tCO2e, as this accounts for the global warming potential of multiple GHGs. [11:30] Are there any ISO standards that you can align the Carbon Reduction Plan to? Yes! At Carbonology, we use ISO 14064-1. This sets out a series requirements and guiding principles for the quantification and reporting of emissions. We wouldn't necessarily have to go all the way to meeting every single requirement of the standard for your CRP but we always align with the key requirement of the standard when completing a CRP. And if you're lucky we'll also cover your SECR figures! [12:05] What is SECR? - Streamlined Energy and Carbon Reporting. This is mandatory reporting for businesses that are defined as large, so 250+ staff, and 36M turnover or 18M on the balance sheet. [18:20] Asset Management - In 8.2 there is a consideration for Asset Management on your side. You should take care of any assets relating to the customer, where it's stored and how it's being looked after. Standards such as ISO 27001 (Information Security) and ISO 55001 (Asset Management) already have some considerations for this. [13:30] You've calculated your GHG results, what's next?- Once you've calculated emission from the required sources, you'll then need to look at the carbon reduction side of your Carbon Reduction Plan. To start with you'll need to outline existing initiatives you have, for instance, a sustainable travel policy, EV charging on site or a hybrid working model. It's really important that these are relevant to the delivery of the contract you are trying to secure. Next, you'll need to outline planned future initiatives, but bear in mind, these will need to be realistic and relevant, so no wild claims about buying an EV fleet or going zero waste next week! Once you've done all this you can then start looking at carbon reduction forecasts and what the numbers might look like between now and 2050 (or you chosen date. [15:10] Additional PPN 06/21 tips from David: It will need to be signed off by a director, or equivalent, at your business to demonstrate leadership commitment. If the document isn't signed off on you may fail on the tender. You'll need to publish it on your website, making it easy to access. Simple solution to this is just add a link at the bottom of your landing page. And finally, you'll need to make sure this is kept up to date each year. Reporting for emissions occurs on a 12 monthly basis. This can either be calendar year or your financial year, but ideally, you'll want to publish the updated version as soon as you can after the year-end, certainly no longer than 6 months after. [16:40] What does a Carbon Reduction Plan look like? - When the government announced this requirement, they also released a template document that businesses can complete. This is to simplify the process for businesses that are reporting on emission for the first time, but more importantly it standardises reporting. However, the template is a bit basic! You're not marked on presentation, but you can dress it up a little as long as you don't deviate from the template too much. So feel free to put come company branding on it, make a cover page, change the font, etc. You could also make a 'full' version of your CRP that includes further details on boundaries, methodologies and results, just make sure you only submit the template version to tenders. [19:10] What happens if you don't meet the requirements? - If you don't meet the requirements without a valid reason, chances are you'll fail the selection criteria. The selection criteria is a bit like the marking scheme associated with PPN. We can't say for a fact that this means you'll subsequently fail the tender, but it will certainly have a negative impact. For further information, David has prepared a quick guide for creating your PPN 06/21 Carbon Reduction Plan. Feel free to download it from the link provided in the Resources section. Lastly, if you have an questions or would like to learn more about how Carbonology can help you, feel free to book a call in via David's Calendly. We'd love to hear your views and comments about the ISO Show, here's how: ● Share the ISO Show on Twitter or Linkedin ● Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Last week we gave you an introduction to ISO 20000, the Service Management Standard. As a refresher, the aim of the standard is to provide a framework for an effective end-to-end service management system which encompasses the entire lifecycle of a service from concept and design, through to service removal and end-of-life. It's best adopted by businesses who provide a service, particularly those that operate a help / service desk system. For some this may still seem a bit nebulous, especially for those that may not be familiar with Service Management terminology. To help demystify this Standard, we've brought Steve back to take a deeper dive into what makes this Standard unique. Join Steve Mason and Mel in this weeks' episode as they explore Clauses 7 and 8 of ISO 20000 in more detail, and how certain aspects can apply to any business. You'll learn ● What is ISO 20000? ● What is included in Clause 8 of ISO 20000? ● How can ISO 20000 apply to any business? Resources ● isologyhub ● ISO 20000 In this episode, we talk about: [00:43] What is ISO 20000? Go back and listen to our previous episode to learn what ISO 20000 is, a brief overview of the key clauses and the benefits of adopting the Service Management Standard. [02:00] A recap of the main requirements of the Standard: · 4.0 Context of the Organisation · 5.0 Leadership · 6.0 Planning · 7.0 Support of Service Management System · 8.0 Operation of the Service Management System · 9.0 Performance Evaluation · 10.0 Improvement Clauses 7 and 8 are where the main differences lie between this Standard and others. It includes requirements for aspects such as: · Service Portfolio · Relationship Agreements · Supply and Demand · Service Design and Transition · Resolution and Fulfilment [03:15] Similarities with other ISO Standards – Ultimately, this standard in terms of the structure, it looks like any other ISO standard, i.e. we've got context of the organisation, leadership, Planning, performance Evaluation and improvement. These will be familiar if you've worked with ISO 9001, ISO 14001 or ISO 27001. [04:05] Clause 7 – Support of Service Management System: This is where we're really looking at the competency awareness communications and documented information required by the standard. In 7.5 there is a really useful list of all the documented information that's required in the management system – one that we wish was included in every ISO Standard! That required documented information doesn't have to be in writing, it could be on computer or established system. Another key aspect of Clause 7 is Knowledge – this is about ensuring all knowledge is documented and sharable and not just stuck in people's heads. For Service Management, this may involve the creation of a customer portfolio where you can record any incidents that occur during a service call, and how you dealt with it ect. Competence is also another major component – Make sure people are competent to do their job, i.e. they've been trained to do things properly and effectively. [06:40] Different ways of knowledge sharing – Knowledge sharing doesn't just have to be written down – it could be done via a recorded video. We use Loom a lot at Blackmores to get things across quickly. There are also a number of service desk tools available that can help you put together process flow diagrams to make things easier to understand. [08:15] Clause 8 – Operation of the Service Management System: Before you do any sort of service management, you need to plan it properly – otherwise, if you fail to plan, you'll plan to fail. First you need to understand what resources you have, what activities there are in the service management to deliver that service to the customer and ensure that they're coordinated. A top tip from Steve: Separate resources into five groups: people, technology, information, finance and service partners. [09:55] Planning your Service – Now you understand what you're trying to deliver, it's time to plan your service. First you want to take a look at the flow of the service through the organisation. Which departments does it go into? Is there good connection between departments? Can you ensure that a customer's order is going to stay the same through the whole process, you wouldn't want possibilities for miscommunication to occur. We'd recommend drawing up a flow diagram for this process – just so you can clearly see who is doing and communicating what at any stage. [11:20] Getting Operations in order – once you understand what the process is, you need to begin to control and involve the interested parties within the life cycle of your process. This isn't just the customer; this also includes confirming what services you're actually delivering – as you'll be looking to improve these services as time goes on. You also need to consider the whole service life cycle. This includes things like if a customer wants to move to a different service – how would you deal with that? Have you got a process in place to handle the return of customer assets if they disengage from your services? [12:30] Service Level Agreements: It's a good idea to establish Service Level Agreements and Delivery Level Agreements early on. This is so you typically know what you are going to be delivering to a customer and how quickly can you deliver it and ensure the whole process is sustainable as well. This will also clarify key accountabilities for everyone involved with delivering a specific service. Clearly defined services – Finally, it also provides a clearly defined service for Salespeople. This avoids the situation where they simply sell what they think sounds good but isn't backed up by any resources to actually deliver the service they sold. You need to have a clear strategy that sales can use and go out and sell – this may be referred to as a Service Catalogue. [15:18] A Service Catalogue in action - In Blackmores case, our Service Catalogue is online on our website. We have all the ISO Standards we can assist with listed, in addition to a description of how we can help companies implement an applicable Management System. You don't have to have all your prices listed out at that stage, that can come later when you have a full view of the customer requirements and agreements are made. [18:20] Asset Management - In 8.2 there is a consideration for Asset Management on your side. You should take care of any assets relating to the customer, where it's stored and how it's being looked after. Standards such as ISO 27001 (Information Security) and ISO 55001 (Asset Management) already have some considerations for this. [19:05] Configuration Management - Configuration management is understanding how the parts of the service fit, so you don't disassociate them from each other. The Standard asks you to identify what's known as CIS, these are configuration items, and these are all the things that you need to deliver your service. We'll dig more into this aspect in future content – so keep an eye out! [20:40] A final top tip from Steve: Collaboration and communication that involves leadership. If you just devolve it down to parties doing the work and just get them to work in silo, it will not work for you. It's a collaborative standard – both inside and outside of the business. [21:20] Resources available - We've got a number of ISO 20000 related resources available on the islogyhub – contact us to learn more! We'd love to hear your views and comments about the ISO Show, here's how: ● Share the ISO Show on Twitter or Linkedin ● Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Often seen as the poor cousin to ISO 9001, ISO 20000 Service Management largely gets ignored in favor of the more popular Quality Management Standard. To be fair, it's title may have done it a disservice in the past. Being known as the IT Service Management Standard prior to 2018, it was often perceived as only applicable to IT service providers, when in actuality it could be adopted by any business! So, what is ISO 20000 exactly? The aim of the standard is to provide a framework for an effective end-to-end service management system which encompasses the entire lifecycle of a service from concept and design, through to service removal and end-of-life. It's best adopted by businesses who provide a service, particularly those that operate a help / service desk system. In this weeks' episode, Steve Mason joins Mel to discuss what ISO 20000 is, who can use and benefit from the Standard and how it fits in with other more widely adopted ISO Standards. You'll learn ● What is ISO 20000? ● Who is ISO 20000 designed for? ● What are the benefits of ISO 20000? ● A brief overview of the Standard ● How ISO 20000 integrates with other ISO Standards Resources ● isologyhub ● ISO 20000 In this episode, we talk about: [00:50] Why are we talking about this Standard? We've had a lot of interest in a few of our informative videos available on YouTube over the past year, with ISO 20000 content constantly ranking in our top 5 most watched videos every month. [01:00] ISO 20000-1 was previously known as the 'IT Service Management Standard', but since it's most recent update in 2018, it's simply known as the 'Service Management Standard' now. [03:10] Why is ISO 20000 one of Steve's favourite Standards? – It takes some of the aspects of quality a step further and actually gives you much clearer detail on how you can improve your management systems. So, if you've got a Service Management System in any way, shape or form, this is the standard to go. It's also one of the easiest standards to audit because there's some very simple questions to ask that can highlight some very obvious weaknesses. This can lead to significant improvement when compared to the likes of ISO 9001. [04:05] What Is ISO 20000? – ISO20000-1:2018 is a Service Management standard which has evolved from the IT industry and the ITIL Framework for Service Management; but today it can be used in all types of Service Industries particularly where there is a need for a Help Desk / Service Desk system. Some may ask, isn't this what ISO 9001 can do? In short, no. ISO 9001 will give you a bare framework of how to create a Quality Management System, but it won't give you the fundamental details of how to improve that Service Management System, and that's where ISO 20000 comes in. [05:39] Who is ISO 20000 applicable to? – Any business that provides a service, but more specific examples include: IT Service provider, call centres, gas / electricity providers, retail ect. [07:15] A high level overview of ISO 20000 – This Standard follows the Standard structure that many other ISO Standards follow. The first 3 clauses are all informative, starting from clause 4 we have: · 4.0 Context of the Organisation · 5.0 Leadership · 6.0 Planning · 7.0 Support of Service Management System · 8.0 Operation of the Service Management System · 9.0 Performance Evaluation · 10.0 Improvement Clause 8.0 is where ISO 20000 fills in the gaps for other Standards, as it covers topics such as: · Service Portfolio · Relationship and Agreement · Supply and Demand · Service Design, Build and Transition · Resolution · Service Assurance [08:20] Familiar to some – Those in Service Management may recognise some of those terms, but may not use that exact wording. For example 'relationships and agreements' may be more commonly known as Service Level Agreements and Operating Level Agreements – which can be a business critical area for some. [10:45] What are the benefits of ISO 20000? - Improve the planning and introduction of services: This standard would help you understand what it is you need to do to introduce that new service, go through the planning, testing through a proper change management system and launch through a release and deployment management system. SLA's and OLA's - Achieve Service Level Agreements (SLAs) and Operating Level Agreements (OLAs) will be achieved consistently month on month. Reduce Stress - It will help to reduce employee stress as service request, incident and problem queues become manageable. Knowledge articles can be created to document incidents and solutions for future reference. Improved quality of service through continual improvement gained from Incidents and Problem fixes resulting in both time and financial savings. [12:30] ISO 20000 to the rescue - Steve recounts an experience he had at a company that had an outstanding issue ticket queue of 800. With the introduction of elements of ISO 20000, they we able to reduce this ludicrous amount down to 30! [14:05] A top recommendation - We'd highly recommend that you consider doing a Gap Analysis against ISO 20000. Even if you have no plans to implement it, you can still benefit from the findings. [14:40] Further resources - You can purchase the Standard directly from the ISO website. We also have a number of short courses covering specific clauses in ISO 20000, available in the isologyhub. [15:55] How does ISO 20000 fit in with other ISO Standards?- ISO20000-1:2018 has now been remodelled using the High Level Standard (HLS) framework so that clauses 4 to 7 and 9 to 10 can all be interconnected with only minor differences due to the nature of each standard. Essentially, if you already have ISO9001:2015 or ISO27001:2013 most of the framework for ISO20000-1:2018 will have already been done; all that would be required is to address the service aspects in those six clause before tackling the main work in clause 8. [18:20] Business Continuity - ISO 20000 specifies a section on 'service continuity management' which can neatly slot in with ISO 22301 – the Standard for Business Continuity. While ISO 22301 focuses on the bigger picture, the ISO 20000 element focuses on how a service can continue for a customer during an incident or accident occurring. We'd love to hear your views and comments about the ISO Show, here's how: ● Share the ISO Show on Twitter or Linkedin ● Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List