ISO/ standards/ accreditations

PUBLIC ORGANIZATIONS
ISO standards and accreditation guidelines are sets of requirements and good practices which help public sector organizations optimize their performance.
We have a longstanding experience in the implementation of ISO standards in public organizations, of which the best evidence is the number of ISO Certificates awarded to our Clients.

ISO 9001 – Quality Management Systems

ISO 14001- Environmental Management Systems

ISO 27001 – Information Security Management Systems

RODO/GDPR – General Data Protection Regulation

ISO 27018 – Protection of Personally Identifiable (PII)Data in the Cloud

ISO 19600 – Compliance Management Systems

ISO 45001 – Occupational Health and Safety Management Systems

ISO 31000 – Risk Management

ISO 37001 – Anti-bribery Management Systems

CMJ accreditation standards for hospitals and primary care providers - Centrum Monitorowania Jakości w Ochronie Zdrowia/ Polish Centre for Monitoring Quality in Healthcare

ISO 26000 – Guidance on Social Responsibility

diversity management

ISO 37120 – Indicators for city services and quality of life

ISO 9001 – Quality Management Systems

ISO 9001:2015 specifies the requirements for a quality management system when an organization’s particular focus is on customer needs and satisfaction; it also underlines the importance of risk and opportunity analyses in the effective process management in an organization.
Using our original SenseMaking Practices© methodology , we will help you effectively implement a quality management system in conformity with the ISO 9001 requirements. In the implementation process we use the reference models specific to processes in public organizations, risk scenario techniques, and rely on our hands-on experience derived from the previous successful QMS implementations. We  concentrate on eliminating redundant actions and reducing the bulk of unnecessary documentation in your organization. Following the successful implementation of the QMS, we will help your organization towards obtaining the ISO 9001:2015 Certificate.

ISO 14001- Environmental Management Systems

ISO 14001:2015 specifies the requirements for an environmental management system that an organization can use to enhance its environmental performance, particularly with respect to the natural environment protection and sustainable development.
Using our original SenseMaking Practices© methodology, we will help you effectively implement a quality management system in conformity with the ISO 14001 requirements. In the consultation process we rely on our expertise to help you identify the aspects and influences of your organization on the natural environment, and for the pertinent aspects, determine the objectives, tasks and environmental programmes. Following the successful implementation of the environmental management standards we will help your organization towards obtaining the ISO 14001 Certificate.

ISO 27001 – Information Security Management Systems

To assure an effective implementation of the ISO 27001 standard for information security management systems, an organization must meet statutory requirements for data protection and legal compliance, take into account the specificity of the public sector environment, and use relevant IT tools and solutions.
 We will help you effectively implement an information security management system, relying on our original SenseMaking Practices© methodology, practical experience in auditing and implementation, and using reference models specific to public sector organizations. We will conduct risks analyses and suggest optimal information security solutions compliant with existing legal requirements, and guaranteed to effectively protect your processed information. Following the successful implementation, we will assist your organization towards obtaining the ISO 27001 Certificate.

RODO/GDPR – General Data Protection Regulation

The requirements of the RODO/GDPR with regard to the protection of personal information of natural persons apply to the questions of compliance with the law, reliability and transparency, purpose limitation, minimisation and accuracy, storage and retention, accountability, data integrity and confidentiality. In the implementation process of the RODO/GDPR we use the most accurate and reliable management practices available.
Our consultants, using the SenseMaking Consulting Group methodology for the implementation of personal information protection systems in public sector organizations, will help you carry out an effective risk analysis and implement the best security practices compliant with the RODO regulations.

ISO 27018 – Protection of Personally Identifiable (PII)Data in the Cloud

ISO 27018 establishes control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in organizations which use public cloud computing environment for processing personal information. It complements the implementation of the RODO/GDPR requirements for the protection of personal information and  ISO 27001 guidelines for the information security management systems, and together with the latter standards assures the security of the personal information stored by an organization in the public cloud.
We will help you in an effective implementation of the ISO 27018 standard, applying our original SenseMaking Practices© methodology and professional experience derived from our cooperation with data centres and first-hand  knowledge of the personal information protection procedures. We will create the optimal solutions and upgrade your IT infrastructure to ensure an effective protection of the processed information at your organization. Following the successful implementation, we will assist your organization towards obtaining the ISO27018 Certificate.

ISO 19600 - Compliance Management Systems

ISO 19600 provides guidance for establishing, developing, implementing , evaluating, maintaining and improving an effective and responsive compliance management system within an organization. The standard is complementary to ISO 31000 and emphasises the role of compliance as a controlling and advisory resource.

We will help you in an effective implementation of the compliance standards, applying our original SenseMaking Practices© methodology, experience in the domain of compliance risk management and professional knowledge of acknowledged law experts. In the implementation process we focus on eliminating any existing manifestations of non-compliance with regard to statutory law, ordinances, or recommendations, and internal regulations. We also offer our professional assessment of the existing practices and advise as to the implementation of solutions ensuring effective protection of your organization’s activity.

ISO 45001 – Occupational Health and Safety Management Systems

ISO 45001 specifies requirements for an occupational health and safety (OH&S) management system, with guidance for its use, to enable an organization to proactively improve its OH&S performance in preventing injury and ill-health.
We will help implement an occupational health and safety management system in your organization, using our original  SenseMaking Practices© methodology and our experience pertaining  to health and safety issues in the public sector. We will identify your organization’s occupational health and safety process risks, conduct risk analyses with regard to all employment positions, and suggest applicable solutions for the consultation process and employee participation. Following the successful implementation, we will assist your organization towards obtaining the ISO 45001 Certificate.

ISO 31000 – Risk management

ISO 31000 provides principles and generic guidelines on risk management which can be used by any organization for risk  analysis, assessment and management with regard to all its processes and any area of activity.
Using our original SenseMaking Practices© methodology  [hiperlink], proactive risk scenarios, BOC Adonis IT tool , and reference models specific to public organizations, we will help you identify and assess process risks and implement applicable risk management guidelines.ryzykiem.

ISO 37001 – Anti-bribery management systems

ISO 37001 specifies a series of measures to help organizations prevent, detect and eliminate bribery.
We will help effectively implement the ISO 37001 standard in your organization, relying on our experience in auditing and activities with regard to counteracting bribery and corruption. We will conduct a due diligence audit in your organization aimed at eliminating the risks of corruption and financial abuse. We will focus on implementing ethical standards and controls in your organization to safeguard your staff against the temptations and dangers of bribery and corruption. Following the successful implementation, we will assists your organization towards obtaining the ISO 37001 Certificate.

CMJ accreditation standards for hospitals and primary care providers – Centrum Monitorowania Jakości w Ochronie Zdrowia/ Polish Centre for Monitoring Quality in Healthcare

Healthcare accreditation standards have been developed for the purpose of implementing ubiquitous good practices to ensure patient safety and high quality clinical practice throughout the health industry.
We will help you implement accreditation standards in your healthcare facility, based on our experience in effective implementations of the accreditation requirements at public healthcare facilities and using Adonis NP by BOC and NOR-STA information technology tools. During the implementation process we will focus on eliminating redundant actions and reducing the bulk of unnecessary documentation. Following the successful implementation, we will help your organization towards obtaining the CMJ Certificate.

ISO 26000 – Social responsibility

ISO 26000 provides guidelines, concepts, principles and good practices relating to an organization’s social responsibility. It helps businesses and organizations translate principles into effective actions and directs their attention towards key areas of social responsibility, including identifying the stakeholders and providing information as to the organizations’ commitment, activity and achievements with regard to their social activity.
Relying on our original SenseMaking Practices© methodology and experience in the implementation and auditing of  ISO 26000 and SA8000 standards, we will help you effectively implement social responsibility guidelines. We will define, develop and implement measures to promote responsibility, transparency and ethical standards, recognition of stakeholders’ expectations, compliance with statutory law, and we will work out an effective social responsibility reporting system.społecznego.

diversity management

The strategy of managing human resources through diversity recognizes workplace diversity (with regard to gender, age, education, sexual orientation or disability) as one of the vital assets of an organization, contributing to its development and achievement of objectives. Diversity management consists in appreciating the differences between individual employees and preventing situations in which they might become victims of discrimination and prejudice because of these differences.
We will help you effectively implement a diversity management strategy in cooperation with the Diversity Hub, an acknowledged expert think tank in the domain of diversity management Diversity Hub. We will conduct a diversity audit * in your organization and concentrate on implementing effective measures oriented towards the recognition of individual differences and prevention of prejudice and discrimination.

ISO 37120 – Indicators for city services and quality of life

ISO 37120 provides a complete set of 100 indicators grouped into 17 categories, which can be used to steer and measure the performance of city services and the quality of life with regard to social, economic and environmental development, and can also  be used as a verification tool for comparison purposes with respect to other cities’ performance.
We will help you effectively implement the recommended set of indicators and measurement methods and provide training to your staff.Following the successful implementation of the ISO37120 standard, we will help your organization towards obtaining the  World Council on City Data certificate.