home-quote-icon
btn-coursecal
btn-inhouse

ARCHIVE NEWS

Annex SL – Making Standards More Compatible and Business Focused

ISO 9000 has evolved considerably since it was first published in 1987 and in the last 15 years or so, numerous other management system standards have been developed covering a wide range of business interests, from environmental concerns, health and safety, information security, food safety, energy management, risk management and business continuity, to name but a few.

All these management system standards have evolved independently of each other and therefore in many cases, have used different terminology and structures from that of ISO 9001. As a result, it has proved a challenge for organisations seeking to implement multiple management system standards and led to confusion, duplication and inconsistent interpretation of requirements when integrating the management systems, hampering their effective and efficient implementation.

As recognition grew as to the benefits of implementing a management system, businesses also came to realise that management systems are not independent of one another and indeed have many common requirements between them. Management system thinking evolved into the knowledge that a business has one management system – the ‘business management system’ – and the requirements of many of the standards were applicable to business practices across the board and could be practically accommodated and streamlined under one management system to ensure the continuing effectiveness and economic viability of the business.

In 2012, Annex SL – Proposals for management system standards was issued by ISO/IEC (previously known as ISO draft Guide 83). The intention of Annex SL was to create a common text framework which could be used when writing new or revising management system standards (MSS). It was felt that this approach would also be easier for organisations to use when implementing the standards and for auditors to audit against. The aim was for Annex SL to provide a holistic approach to management system standards’ writing rather than the historical siloed effect so as to add value and improve the effectiveness for businesses.

Annex SL describes a framework for a generic management system and applies to all management system standards, through the development process of a new or revised MSS, so that in future, all MSS will have the same overall look and feel.  The document consists of 10 clauses and 4 appendices, of which Appendix 3 is of particular interest as it covers:
  • High level structure with identical core text
  • Common terms
  • Core definitions

High Level Structure

The 10 high level clauses that form the new structure for all MSS are as follows:
  1. Scope
  2. Normative references
  3. Terms and definitions – subdivided into high-level structure, identical core text and common terms and core definitions
  4. Context of the Organisation
  5. Leadership
  6. Planning
  7. Support
  8. Operation
  9. Performance evaluation
  10. Improvement
It has been observed by some that the Plan-Do-Check-Act approach has been removed from the structure but this is not the case and though there is no prescribed process, the PDCA philosophy still exists. So although perhaps not as obvious as in previous MSS structures, it is still an important approach and can be captured in the following way.

plan_do

As a generic management system framework, Annex SL contains a basic set of generic requirements – 84 in all – but in addition, individual ISO management system standards will require discipline specific requirements relating to each individual standard such as ISO 9001, ISO 14001, ISO/IEC 27001, ISO 22301, etc. to meet the full requirements for that discipline.

Terms and Definitions

Annex SL Appendix 3 Clause 3 lists 22 terms and definitions which must all be addressed in discipline specific standards, though each standard can include additional terms and definitions as required. Some of the following terminology illustrates some notable references in this section:
  • Interested party is the term preferred to stakeholder
  • Documented information is used instead of documented procedure, record or quality manual; a significant change is that there is no requirement for documented procedures though some standards may contain additional requirements here
  • Risk is mentioned in two places but the point is made that formal risk management is not mandatory; there is no mention of preventive action as the reality is that the major function of an MSS is precisely that.
  • Leadership is a new term where previously it was Management Responsibility and there is no requirement for a Management Representative
Through the use of new terminology, Annex SL puts pressure on high level management to embrace the MSS with greater commitment. Organisational context, interested parties, leadership and risks and opportunities clearly tie the management system to the strategic direction of the company.

Key Implications of Annex SL

Annex SL will:
  1. Enhance the consistency and compatibility of ISO MSS, thus simplifying the process of integrating management systems within an organisation.
  2. Add value to the organisation’s management system by reducing duplication, misinterpretation and conflict by using common terms and definitions
  3. Steer an organisation’s management system to align itself with the needs and strategic direction of the business with senior management leading the way.
  4. Promote both internal and external auditors to provide more value to a business through increased competence, encourage a more business focused approach, and become more efficient in their audits with common requirements to audit against.
  5. Necessitate fewer documented requirements which should lead to less bureaucracy within an organisation.
  6. Provide for a more fluid integration of additional standards within an organisation’s existing management system.
"For Lead and Internal auditors, auditing an integrated management system should become more effective and efficient as they will have a core set of generic requirements to assess, no matter what the discipline." Gordon Staples, one of Excel’s Managing Partners, says. "It may also change the way we deliver auditor training, evolving to address the core set of requirements with the additional discipline-specific requirements as supplementary training, though that will be directed primarily by what our customers want and how they want it delivered," he continues.

The Application of Annex SL so far

There is an amount of reorganising management system requirements into the Annex SL structure and ISO standards that have already migrated to the new high level structure and a few others in the process of being revised are listed below.

Published Standards based on Annex SL:

  • ISO 22301 – Business Continuity Management
  • ISO 20121 – Event Sustainability Management
  • ISO 30301 – Management System for Records
  • ISO 27001 – Information Security Management
  • ISO 39001 – Road Traffic Safety Management

Standards currently being revised using Annex SL:

  • ISO 55001 – Asset Management (expected 2014)
  • ISO 9001 – Quality Management (expected 2015)
  • ISO 14001 – Environmental Management (expected 2015)
Excel will provide further updates on the developing standards – particularly ISO 9001 and ISO 14001 - as the requirements and interpretations of the new versions become clearer.

All Excel’s training courses reflect current Management System Standards and are revised accordingly as new revisions are released. We endeavour to facilitate our customers’ transitions to new versions by publishing Comparison Documents. These can be found on our Technical Information page.