All posts in ISO


The Ultimate Risk Management Guide: Everything You Need to Know

the ultimate risk management guide everything you need to knowWhat’s the worst that could happen? Risk management is one of the first things you should be thinking about when planning for pretty much anything in your business.

The truth is, risk inescapable; success of your business is not determined by your ability to avoid risk, rather by your ability to accept, plan for, and take advantage of the varying outcomes risk might present to you.

It might sound negative, but risk management is actually more optimistic than it seems.

The key takeaway is that successful risk management strategies are proactive, as opposed to reactive.

By thinking ahead, you can prepare for and prevent risks before they even have a chance to arise.

In this article, we’ll take a look at how you can use Process Street to streamline and automate your risk management approach, including:

Hopefully by the end of it, you’ll have a better understanding of how to focus your risk management efforts into a forward-facing, proactive approach.

There are lots of ways to approach and prepare for risk, and this article will give you the tools you need to master risk management.
Continue Reading

What Is ISO 31000? Getting Started with Risk Management

what is iso 31000? Getting started with risk management

We analyze and manage risks every day.

From crossing the street, correctly preparing food, fastening seat belts, to coordinating a journey via public transit. Each of these is an example of a risk management process happening in our heads; sometimes the result of “common sense”, sometimes these decisions are made unconsciously.

When it comes to business management, a more rigorous, formalized approach is needed.

One such strategy for managing risk is to utilize standards for risk management, like ISO 31000. This approach is useful in pretty much any situation, for organizations of all shapes and sizes, to manage risk in their everyday operations.

Managing risk effectively is essential to ensure businesses succeed and thrive in an environment of constant uncertainty. This post covers everything you need to know about ISO 31000; here’s a quick rundown of the article structure:

Continue Reading

ISO 19011:2018 Basics (8 Free Management System Audit Checklists)

internal audit

What exactly is an “audit“?

The International Organization for Standardization defines it as:

“[the] systematic, independent and documented process for obtaining objective evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled.” – ISO, from ISO 19011:2018 – Guidelines for Auditing Management Systems

That’s another way of saying someone takes a look at what you’re doing, gathers some evidence, and compares that evidence to what you’re supposed to be doing (in other words, a set of clearly documented requirements).

In the case of ISO, these requirements are known as standards. ISO 9001 is a standard. ISO 14001 is a standard.

Importantly, this understanding of audit implies that there are a few main things being considered by the auditor:

  • What’s documented by the company (e.g. internal processes, policies, and SOPs)
  • Evidence gathered to support how these policies, procedures, and SOPs are implemented in practice
  • The requirements defined by the ISO standard being audited against (e.g. ISO 9001)

Audits performed by companies to assess and analyze their own management systems are known as internal audits. Many resources for guiding companies on how to perform internal audits exist, and foremost of these is the ISO 19011 standard.

For most management system standards, internal audits are an important requirement. Even guideline standards like ISO 26000 for social responsibility depend on reports to evidence the success of their implementations.

As such, ISO 19011 defines a set of guidelines; a framework for companies to plan, implement, and improve upon their audit programs, for auditing the implementation of management systems.

Since the first edition of ISO 19011 was published in 2002, many new management system standards have been published.

These standards often share a common structure, including certain requirements, terms, and definitions being used. That means ISO 19011 can be used to devise highly economic audit programs, wherein knowledge and processes can be shared and applied across various management systems.

By considering how they might take a broader approach to management system auditing and integration, companies implementing ISO management systems stand to save time, money, and confusion when preparing for and implementing internal audits.

The goal of this post is to provide a spring-board for understanding ISO 19011, and how to get started with internal ISO auditing. In this post, I’ll cover:

  • What is ISO 19011
  • 7 principles of ISO auditing
  • Different types of ISO audit
  • Key elements of an ISO audit
  • 8 free ISO audit templates

If you just want the free ISO audit templates, then here they are:

Continue Reading

What are Maturity Models in Business? (Capability Maturity Model, AIMM, and More)

maturity modelWhen you’re building a business, a team, or any kind of system, you need ways to understand how well you’re doing.

You want to be able to look at your performance and set base standards which have to be met, and be able to contrast those standards with an understanding of what best practice looks like.

You want to understand where on that scale of performance you are at.

It’s why we use things like KPIs, OKRs, or other goal/objective driven metrics.

But those metrics, as useful as they are for some things, are often hard to apply to qualitative data.

This is where maturity models can become an incredibly useful tool.

One model we’ll discuss here is the Capability Maturity Model, and the CMMI Institute alone appears to have about +8500 accredited users of this model (interestingly, in 2018 ~80% were pairing it with agile methodologies).

The problem, though, is that maturity models are often shrouded in complex terminology and overly-convoluted systems. How am I supposed to implement one in my business if people can’t understand it?

In this Process Street article, we’ll tear through the jargon and look at:

  • What is a maturity model?
  • What are the current limitations of business process maturity models?
  • Which are the best business process maturity models?
  • What is a Capability Maturity Model (CMM)?
  • What is the Agile ISO Maturity Model (AIMM)?
  • How does Process Street fit in your maturity model?

Continue Reading

Get a free Process Street account
and take control of your workflows today.

No Credit Card Required