ISO/ standards/ accreditations

BUSINESS
ISO standards and accreditation guidelines are sets of requirements and good practices which help business organizations towards streamlining their operation and improving their performance.
We have a longstanding experience in the implementation of ISO standards in business organizations, of which the best evidence is the number of ISO Certificates awarded to our Clients

ISO 9001 – Quality Management Systems

ISO 14001- Environmental Management Systems

ISO 27001 – Information Security Management Systems

RODO/GDPR - General Data Protection Regulation

ISO 27018 – Protection of Personally Identifiable (PII)Data in the Cloud

ISO 45001 – Occupational Health and Safety Management Systems

ISO 31000 – Risk Management

ISO 26000 – Social Responsibility

ISO 37001 – Anti-bribery Management Systems

ISO 50001 – Energy Management Systems

ISO 19600 – Compliance Management Systems

ISO 22301 – Continuity Management

ISO 20000 – IT Service management systems

ISO 28000 – Security management systems for the supply chain

ISO 22000 – Food safety management

BRC Global Standard for Food Safety - British Retail Consortium

IFS - International Food Standard – international food safety standard recognized in all European countries , except Great Britain where the British Retail Consortium standard is in force

CMJ accreditation standards for hospitals and primary care providers – Centrum Monitorowania Jakości w Ochronie Zdrowia/ Polish Centre for Monitoring Quality in Healthcare

diversity management

SMETA - Sedex Members Ethical Trade Audit

The Uptime Institute Tier Classification System

ISO 9001 – Quality Management Systems

ISO 9001:2015 standard specifies the requirements for a quality management system when an organization’s particular focus is on customer needs and satisfaction; it also underlines the importance of risk and opportunity analyses in the effective process management in an organization.

Using our original SenseMaking Practices© methodology, we will help you effectively implement a quality management system in conformity with the ISO 9001 requirements. In the implementation process we use the reference models specific to processes in business organizations, risk scenario techniques, BOC Adonis tools for process modelling  and rely on our hands-on experience derived from the previous successful QMS implementations. We  concentrate on eliminating redundant actions and reducing the bulk of unnecessary documentation in your business. Following the successful implementation of the QMS, we will help your organization towards obtaining the ISO 9001:2015 Certificate. 

ISO 14001- Environmental Management Systems

ISO 14001:2015 standard specifies the requirements for an environmental management system that an organization can use to enhance its environmental performance, particularly with respect to the natural environment protection and sustainable development.

Using our original SenseMaking Practices© methodology, we will help you effectively implement a quality management system in conformity with the ISO 14001 requirements. In the consultation process we rely on our expertise to help you identify the aspects and influences of your organization on the natural environment, and for the pertinent aspects, determine the objectives, tasks and environmental programmes. Following the successful implementation of the environmental management standards we will help your organization towards obtaining the ISO 14001 Certificate.

ISO 27001 – Information Security Management Systems

To assure an effective implementation of the ISO 27001 standard for information security management systems, an organization must meet statutory requirements for data protection and legal compliance, take into account the specificity of the business environment, and use relevant IT tools and solutions.

We will help you effectively implement an information security management system, relying on our original SenseMaking Practices© methodology, practical experience in auditing and implementation, and using reference models specific to business organizations. We will conduct risks analyses and suggest optimal information security solutions compliant with existing legal requirements, and guaranteed to effectively protect your processed information. Following the successful implementation, we will assist your organization towards obtaining the ISO 27001 Certificate. 

RODO/GDPR – General Data Protection Regulation

The requirements of RODO/GDPR with regard to protection of personal information of natural persons apply to compliance with the law, reliability and transparency, purpose limitation, minimisation and accuracy, storage and retention, accountability, data integrity and confidentiality. In our RODO/GDPR implementation process we use the most up-to-date and reliable management practices.

Our consultants, using the SenseMaking Consulting Group methodology for the implementation of personal information protection systems in business organizations, will help you carry out an effective risk analysis and implement the best security practices compliant with RODO regulations.

ISO 27018 – Protection of Personally Identifiable (PII)Data in the Cloud

ISO 27018 establishes control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in organizations which use public cloud computing environment for processing personal information. It complements the implementation of the RODO/GDPR requirements for the protection of personal information and  ISO 27001 guidelines for the information security management systems, and together with the latter standards assures the security of the personal information stored by an organization in the public cloud.

We will help you in an effective implementation of the ISO 27018 standard, applying our original SenseMaking Practices© methodology and professional experience derived from our cooperation with data centres and first-hand  knowledge of the personal information protection procedures. We will create the optimal solutions and upgrade your IT infrastructure to ensure an effective protection of the processed information in your organization. Following the successful implementation, we will assist your organization towards obtaining the ISO27018 Certificate

ISO 45001 – Occupational Health and Safety Management Systems

ISO 45001 is an International Standard that specifies requirements for an occupational health and safety (OH&S) management system, with guidance for its use, to enable an organization to proactively improve its OH&S performance in preventing injury and ill-health

We will help implement an occupational health and safety management system in your organization, using our original  SenseMaking Practices© methodology and relying on  our experience in solving health and safety issues in business organizations. We will identify your organization’s occupational health and safety process risks, conduct risk analyses with regard to all employment positions, and suggest applicable solutions for the consultation process and employee participation. Following the successful implementation, we will assist your organization towards obtaining the ISO 45001 Certificate

ISO 31000 – Risk management

ISO 31000 provides principles and generic guidelines on risk management which can be used by any organization for risk  analysis, assessment and management with regard to all its processes and any area of activity.

Using our original SenseMaking Practices© methodology, proactive risk scenarios, BOC Adonis IT tool , and reference models specific to business organizations, we will help you identify and assess process risks and implement applicable risk management guidelines

ISO 26000 – Social responsibility

ISO 26000 provides guidelines, concepts, principles and good practices relating to an organization’s social responsibility. It helps businesses and organizations translate principles into effective actions and directs their attention towards key areas of social responsibility, including identifying the stakeholders and providing information as to the organizations’ commitment, activity and achievements with regard to their social activity

Relying on our original SenseMaking Practices© methodology and experience in the implementation and auditing of  ISO 26000 and SA8000 standards, we will help you effectively implement social responsibility guidelines. We will define, develop and implement measures to promote responsibility, transparency and ethical standards, recognition of stakeholders’ expectations, compliance with statutory law, and we will work out an effective social responsibility reporting system as a part of your general non-financial reporting

ISO 37001 – Anti-bribery management systems

ISO 37001:2016 specifies a series of measures to help organizations prevent, detect and eliminate bribery and corruption
PWe will help effectively implement the ISO 37001 standard in your company, relying on our experience in auditing and  counteracting bribery and corruption through successful implementations of the respective standards in numerous organizations . We will conduct a due diligence audit in your organization to enable the elimination of the risks of corruption and financial abuse . We will focus on implementing ethical standards and controls to safeguard your employees against the temptations and dangers of bribery and corruption. Following the successful implementation, we will assists your organization towards obtaining the ISO 37001 Certificate

ISO 50001 – Energy management systems

ISO 50001 is based on the management system model of continual improvement and provides a framework of requirements for organizations to develop a policy for more efficient use of energy and continually improve energy management
We will help you effectively implement an energy management system in your business. During the implementation process we calculate the energy efficiency of your energy-consuming equipment, work out applicable measurement principles and reporting methods. We also advise with regard to designing or purchasing equipment, appliances and systems in order to ensure the optimal choices for your business, and define factors affecting your energy efficiency. Following the successful implementation, we will help your business towards obtaining the ISO 50001 Certificate.

ISO 19600 - Compliance Management Systems

ISO 19600 provides guidance for establishing, developing, implementing , evaluating, maintaining and improving an effective and responsive compliance management system within an organization. The standard is complementary to ISO 31000 and emphasises the role of compliance as a controlling and advisory resource
We will help you in an effective implementation of the compliance standards, applying our original SenseMaking Practices© methodology, experience in the domain of compliance risk management and professional knowledge of acknowledged law experts. In the implementation process we focus on eliminating any existing manifestations of non-compliance with regard to statutory law, directives, ordinances, or recommendations, and internal regulations. We also offer our professional assessment of the existing practices and advise as to the implementation of solutions ensuring an effective protection of your organization’s activity

ISO 22301 – Business continuity management systems

ISO 22301 for business continuity management systems provides guidance based on good international practice for planning, establishing, implementing, operating, monitoring, reviewing, maintaining and continually improving a documented management system that enables organizations to prepare for, respond to, and recover from disruptive incidents when they arise
Applying our original SenseMaking Practices© methodology, we will help implement business continuity requirements in your organization. In the implementation process we will rely on our comprehensive experience in auditing and implementation of management systems in numerous business organizations. We will conduct an accurate and effective analysis of the impact of continuity disruptions on your business, products and services, and existing processes. On this basis, we will develop a recovery plan, as well as supporting procedures, for the critical areas of your organization’s activity. Following the successful implementation, we will help your organization towards obtaining the ISO 22301 Certificate

ISO 20000 - IT service management system (SMS)

ISO 20000 specifies the requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain  and improve a service management system (SMS). The requirements also include the design, transition, delivery and improvement of services to fulfil agreed requirements. Additionally, the standard contains a set of good practice guidelines and directives
We will help you effectively implement the ISO 20000 standard, using our original SenseMaking Practices© methodology and professional IT experience and expertise. In or consultation work we help you define the guaranteed performance level of the IT services and focus on implementing good practice managements standards as to software versions, sources, configurations and reporting. Following the successful implementation, we will help your organization towards obtaining the ISO 20000 Certificate

ISO 28000 - Security management systems for the supply chain

ISO 28000 specifies the requirements for a security management system for the supply chain with regard to logistics systems. It helps minimize the risk of incidents and disruptions to ensure timely and secure transfer and delivery of commodities, goods and products at every stage of the supply chain.
Applying  our original SenseMaking Practices© methdology, we will help you effectively implement a security management system for the supply chain in your business. We will determine the security level, as well as propose methods to design, implement and maintain applicable security measures for every supply chain participant, to ensure overall systemic security. Based on risk analysis, we will propose solutions guaranteed to ensure optimal security of the entrusted goods at every stage of the supply chain. Following the successful implementation, we will help your organization towards obtaining the ISO 28000 Certificate.

ISO 22000 – Food safety management systems

ISO 22000 specifies the requirements for food safety management systems for organizations which directly or indirectly participate in the food chain operations, and concern producers of food, animal feed, food additives, and food packaging as well as caterers and other food-related businesses. The standard is based on the requirements of the Codex Alimentarius.
We will help your business organization effectively implement the ISO 22000 requirements and pass the certification audit. Using our original SenseMaking Practices© methodology and our experience with regard to auditing and implementation of the standard, we will implement the HACCP requirements for Critical Control Points (CCP)supervision and monitoring, which will be based on risk analyses of the processes in your organization. We will introduce solutions and corrective actions in accordance with good hygiene practice (GHP) and good manufacturing practice(GMP) to increase the effectiveness  of your food safety management system.

BRC – Global standard for food safety developed by British Retail Consortium

The BRC global standard for food safety provides a framework to manage product safety, integrity, legality and quality, and the operational controls for these criteria in the food and food ingredient manufacturing, processing and packing industry.
We will help you effectively implement the BRC requirements and obtain the BRC Certificate. Using our original SenseMaking Practices© methodology and professional experience, we will implement the BRC standard in accordance with the principles and directives of the HACCP, and introduce practical solutions to increase your organization’s security, optimize a quality management system, reporting system and develop relevant documentation

IFS is an international food safety standard recognized in all European countries except Great Britain, where the BRC (British Retail Consotrium standard ) is in force

The objective of the IFS standard is to minimise the risk of food safety hazards, particularly for food producers who supply big retail chains with their own brand products. The standard concerns the manufacturing and processing of products which have not been previously packed.

We will help your business organization effectively implement the IFS requirements and pass the certification audit. Using our original SenseMaking Practices© methodology  and our experience with regard to auditing and implementation of the standard, we will implement the HACCP requirements for Critical Control Points (CCP)supervision and monitoring. We will introduce relevant solutions in accordance with good hygiene practice (GHP) and good manufacturing practice(GMP), help develop and implement product specifications, guidelines for the supervision of the purchasing process, packaging standards, requirements for the manufacturing environment and supply process

CMJ standards for hospitals and primary care providers – Centrum Monitorowania Jakości w Ochronie Zdrowia/ Polish Centre for Monitoring Quality in Healthcare)

Healthcare accreditation standards have been developed for the purpose of implementing ubiquitous good practice guidelines to ensure patient safety and high quality clinical practice throughout the health industry.
We will help you implement accreditation standards in your healthcare facility, based on our experience in effective implementations of the accreditation requirements in various  healthcare  facilities and using Adonis NP by BOC and NOR-STA information technology tools. During the implementation process we will focus on eliminating redundant actions and reducing the bulk of unnecessary documentation. Following the successful implementation, we will help your organization towards obtaining the CMJ Certificate.

diversity management

The strategy of managing human resources through diversity recognizes workplace diversity (with regard to gender, age, education, sexual orientation or disability) as one of the vital assets of an organization, contributing to its development and achievement of objectives. Diversity management consists in appreciating the differences between individual employees and preventing situations in which they might become victims of discrimination and prejudice because of these differences
We will help you effectively implement a diversity management strategy in cooperation with the Diversity Hub, an acknowledged expert think tank in the domain of diversity management. We will conduct a diversity audit * in your organization and concentrate on implementing effective measures oriented towards the recognition of individual differences and prevention of prejudice and discrimination

SMETA - Sedex Members Ethical Trade Audit

SMETA audit has been developed by Sedex (Supplier Ethical Data Exchange) and is one of the most widely used ethical audit formats in the world. It focuses on and emphasizes the role of ethics in the global supply chain processes. It is based on the ETI Base Code (Ethical Trading Initiative) as well as good practice standards regarding working conditions, occupational health and safety, environmental protection and management systems.
We will effectively prepare your organization for a successful SMETA audit, using our extensive auditing experience and  original SenseMaking Practices© methodology. During the consultation process we will help you conduct a self-evaluation which will be followed by an effective implementation of an ethical code, guidelines on equal treatment and non-discrimination, ethical policy, environmental requirements, occupational health and safety standards, and good practice standards with respect to employee remuneration and working time

The Uptime Institute Tier Classification System

The Tier Classification System is a means to effectively evaluate data centre infrastructure in terms of a business’ requirements for system availability. It provides the data centre industry with a consistent method to compare typically unique, customized facilities based on expected site infrastructure performance, or uptime. Tiers enable companies to align their data centre infrastructure investment with business goals specific to growth and technology strategies.
We will help effectively design and implement in your data centre the Tier III topology for system reliability relying on  independently manageable infrastructure, meaning that your IT systems’ operation will remain unaffected by management and infrastructure components changes. We will, at your behest, design and implement the Tier IV topology to guarantee your data centre failure-resistance to accidents, breakdown or isolated unplanned incidents such as fires, chemical leaks or explosions. In the implementation process we will rely on our original methodology for the implementation of reliability systems and concentrate on advising how to tailor data centre infrastructure to the needs of specific business users.