provision of iso management systems … of iso management systems implementation and gap analysis...
TRANSCRIPT
PROVISION OF ISO MANAGEMENT SYSTEMS IMPLEMENTATION AND
GAP ANALYSIS AUDITS
We cover the following ISO Standards:
• ISO 9001 QMS
• ISO 14001 EMS
• ISO 50001 EnMS
• ISO 27001 ISMS
• ISO 20000-1 SMS
• ISO 31000 RMS
• FSSC 22000 FSM
• HACCP
• OHSAS 18001 OHS-MS
• TS 16949 AQMS
WWISE IS CERTIFIED & ACCREDITED WITH: We Are The SHERQ Specialists
CONTENTS
1 WHAT WE DO 3
2 WHEN DO YOU NEED WWISE? 4
3 ISO MANAGEMENT SYSTEMS 5
4 CORE ISO IMPLEMENTATION SERVICES
4.1 ISO Implementation 5 4.2 ISO Management Systems Project Plan 6 4.3 ISO Management Systems Implementation Costs 7
5 GAP ANALYSIS
5.1 Gap Analysis Audit 8 5.2 Gap Analysis Audit Costs 9
6 ISO-IMS
6.1 Integrated Management Systems Software 9 6.2 ISO-IMS Modules 10 6.3 How To Get ISO-IMS 10 6.4 Specification Documents for IMS Modules 11
7 OUR CLIENTS 14
8 TESTIMONIALS 15
9 RECOMMENDATION & CONCLUSION
9.1 WWISE Recommendation 15
9.2 Conclusion 15
02
03
1. What We DoWorld Wide Industrial and Systems Engineers (WWISE) is a Level 1 BBBEE contributor. Our services are aimed at the improvement of quality, efficiency, knowledge and competitiveness of potential clients. WWISE offers you industry experts to help answer your questions. Our team consists of engineers, business consultants and auditors with extensive years of experience in ISO conformity.
WWISE’S Competitive Edge:
• Affordable Services
We do not only focus on large corporations, but understand that smaller businesses should also experience
the value of complying with various international standards. With this in mind, our range of services are
priced highly competitively.
• Approach
We do not just preach compliance, but embody it. We follow a well-documented approach to auditing,
training, business consulting, systems implementation and certification preparation.
• Time Sensitivity
Our team responds to quotes and information requests within 24 hours and has the same commitment to quality
with regards to all our actions. Indeed, we can develop a compliant ISO Management System within 14 days if the
client is committed.
• Customer Specific Solutions
With no two management systems exactly the same, it goes without saying that a ‘one-size fits all’ approach does
not work when it comes to systems development and compliance management. Thus, we customise business
solutions to fit your specific company’s size, industry and objectives.
• Support
We provide ongoing support throughout the compliance preparation process. Where needed, we re-design your
systems and integrate them with existing systems where possible. We understand that getting everyone involved
may not be the easiest task, but by working with us, you will notice that we know how to get your executives and
other employees committed
• Post Certification
Certification is only the confirmation of your company’s compliance with an ISO management system and other
relevant standard requirements. Ongoing improvements should be prevalent and this is where we come in,
offering support and training to ensure that you can continue, independently of WWISE, after certification.
• Innovation
We have a customized cloud-based mobile solution that can manage the entire organization’s ISO conformity and
an online training platform on various ISO courses.
• Networking Profile
We offer our clients a networking profile on our websites, ISO-IMS and E-learning solutions. This means that you
can expand your business network when you make use of our services.
• Certification Record
We have a 100% certification record with all our clients from any global certification authority. Therefore, you have
the guarantee you require to select us.
2. When Do You Need WWISE?WWISE specialises in ISO systems implementation, consulting, legal auditing, ISO-IMS software solutions and mobile applications, traditional classroom training and ISO E–Learning. If your organization requires assistance with ISO certification, WWISE is the right choice. We can assist any size and type of organization with the most affordable solution in ISO implementation and certification.
WWISE will guide you in accordance with your budget to implement an ISO management solution using the following options:
• Consulting
By making use of ISO Systems Implementation Services, we assist companies in meeting the requirements of any
ISO standard. After visiting your premises and conducting a gap analysis audit, we work through traditional
consulting strategies to effectively implement and maintain a robust ISO solution.
• ISO-Integrated Management Systems Software and Mobile Applications
To comply with ISO standards, we use Integrated Management Systems Development to integrate several business
systems and management solutions into a single management system. This can be customized and is available on
any iOS, Windows and Android mobile device.
• Traditional Classroom Training
We train all employees on an ISO standard from shop floor to executive management. We implement tools to
assist in understanding, implementing, auditing and statistically maintaining your system.
• ISO E-Learning
We have created a fun and vibrant online platform with engaging images and animation to keep the
delegates engaged with our ISO online courses which consist of 10 standards at different levels from Awareness
to Implementation. This can all be done in the comfort of an environment of your choice - be it at work, home or
even whilst you are standing in a queue. We are accredited, have summative assessments and online certification.
• Auditing
We provide ISO and legal auditing which includes gap analysis, First Party Internal Auditing and Second Party
Supplier Audits on behalf of clients and, we assist in Third Party Audits for different certification bodies such as the
SABS. All our auditors are SAATCA or IRCA registered.
04
We have a National Footprint and Travel Globally
4. Core ISO Implementation Services4.1 ISO ImplementationWe have a range of professional consultants / engineers who are registered auditors to assist in the implementation and maintenance of any ISO and OHSAS Management System.
The Implementation process of becoming ISO Certified is denoted in the flow chart below:
05
3. ISO Management Systems We specialize in the following ISO disciplines:
ISO 9001 ISO 14001
ISO 45001 ISO 27001
ISO 20000-1
ISO 22001
ISO 31 000
ISO 50 001
ISO/TS 16949
ISO 14064/5
Quality Management Systems Environmental Management Systems
Occupational Health & Safety Management Information Security Management Systems
Service Management Systems
Food Safety Management Systems (FSSC)
Risk Management Guidelines Standard
( Training on: Legal Courses related to OHS Act, Natural Conversation Act and many more )
Energy Management Systems
Automotive Industry Technical Quality
Greenhouse Gases Management System
ISO 22301 SANS 16001 Business Continuity Management Systems Wellness and Disease Management System
Guidelines for Auditing and Conformity Assessments
Invoice sent before gap analysis audit report
is submitted
Reason for rejection identified and client advised accordingly
End & continuous feedback on client process
Schedule an interview with our
consultant
Contact: [email protected]
Gap analysis audit at client premises
with quote ondifferent system
development on site
SLA & Project Plan signed
(Invoice sent by WWISE after each phase has been
completed)
Clie
nt &
WW
ISE
Adm
in T
eam
CLIENT PROPOSAL
Phase 1
Process, Identification & Awareness Training
(Invoice 1 sent on completion)
Proj
ect
Man
agem
ent
& S
yste
ms
Dev
elop
men
t
Phase 2
Document Development & Programming
(Invoice 2 sent on completion)
Phase 3
Implementation andAudit Training
(Invoice 3sent on completion)
6 Months free maintenance if
another client is referred and
closed
Phase 4
Certification Process
(Invoice 4 sent on completion)
START
ISO 19011/ISO 17021
Figure 1: The ISO Implementation Process
06
4.2 ISO Management Systems Implementation Project Plan
PHASE 1: GAP ANALYSIS & IDENTIFICATION OF PROCESSES
PHASE 3: IMPLEMENTATION
PHASE 4: CERTIFICATION
TOTAL AMOUNT OF DAYS ON AVERAGE TO BE READY FOR ISO CERTIFICATION
PHASE 2: ISO MANAGEMENT SYSTEM DEVELOPMENT
Task List For ISO Implementation Average Time Frame For a Company with 30 Employees
1. Gap Analysis Audit
2. Awareness Training
3. Identification of Processes & Information Gathering
1. On the Job Training and Workshops (Shop Floor to Executive Management)
2. Internal Auditor Training (Minimum 2 Employees)
3. Internal Audit, which will entail Non-Conformances & Corrective Actions
4. Management Review Meeting
1. Continuous Improvement File & Hand over of ISO System
2. Stage 1 Audit Preparation / Training
3. Stage 2 Audit Preparation / Training
4. Maintenance if Required (6 Month free Maintenance Plan if another
client is referred and closed)
1. ISO Management System Manual
2. Process Documentation (Policies, Mandatory Procedures,
Work Instructions, Forms, Templates and Process Mapping)
3. Quality Control Plans / Hazards Identification and Risk Assessments /
Environmental Aspects and Impacts / Statement Of Applicability,
Risk Assessments (Depending on the ISO Standard)
TOTAL DAYS REQUIRED (AVERAGE)
TOTAL DAYS REQUIRED (AVERAGE)
TOTAL DAYS REQUIRED (AVERAGE)
TOTAL DAYS REQUIRED (AVERAGE)
5 DAYS
13 DAYS
4 DAYS
72 DAYS (3 Months)
50 DAYS
2
1
2
5
2
5
1
1
1
2
4
23
23
* BLUE ITEMS INDICATE THAT TRAINING IS INCLUDED IN THE PACKAGE.
07
Note 1:
All costs are subject to change depending on the Gap Analysis Audit, the costs are for ONE site only. All Systems include training to maintain the system.
Note 2:
The Total Costs are subdivided into the Project Plan (See 4.2) and paid per phase upon completion. A deposit of Phase 1 shall be required to start the project with a Service Level Agreement signed to confirm the work and conditions of payment. The final invoice can be paid once Certification is attained as security.
Note 3:
Any organization outside of Gauteng, travel arrangements are NOT included and shall be included after understanding client’s location and the number of travel arrangements required.
Note 4:
R 40 000
R 40 000 - R130 000
R130 000 - R 200 000
R 200 000 - R 400 000
R 60 000
R100 000
R 150 000
R 250 000
R 120 000
R180 000
R 250 000
R 350 000
R 220 000
R220 000 - R 300 000
R 300 000 - R 350 000
R 350 000 - R 650 000
4.3 ISO Management Systems Implementation Costs
WWISE MICROSOFT WORD BASED MANAGEMENT SYSTEMS COST BREAKDOWN (EXCLUDING VAT)
Quality Management System
(ISO 9001)
Safety, Health / Food / Environmental
Management System(ISO 14001 or 22000
or OHSAS 18001)
Information Security/ Service / Energy
Management System(ISO 27001 or 20000-1 or
50001)
Integrated Management System
(Any 2 Systems)
0-3 EMPLOYEESOr atleast 3 processes
4-10 EMPLOYEESOr atleast 6 processes
11-15 EMPLOYEESOr atleast 9 processes
15-30 EMPLOYEESOr atleast 12 processes
TRANSITION to latest ISO Standards 3 Processes Only
ISO 14001:2004 to 14001:2015 or
OHSAS 18001 to ISO 45001
R 60 000
ISO 9001:2008 to
9001:2015
R 60 000
Companies that have more than 30 employees, a Gap Analysis Audit is mandatory. The output of the audit shall be a Gap Analysis Report and project proposal for implementation. (See 4.2)
08
5. Gap Analysis
5.1 Gap Analysis Audit
For organisations who require an accurate cost breakdown depending on their current status of conformance to standards and compliance to requirements. The most effective method is a Gap Analysis Audit.
A Gap Analysis Audit is a First Party Internal Audit to understand the organisations current status of compliance to an ISO standard or any Legal Requirement. The audit will guide the WWISE consultant & organisation to effectively cost on the “Gaps” within the organisations processes with respect to implementation.
Establish the scope of the audit and identify
the number of man day audits (R9250-00 per man day). Quotation sent, 50%
deposit required when the audit date
is scheduled.
WWISE auditor requests company’s policies,
processes and procedures and prepares an audit
plan & checklist.
Non-conformances?
Conduct an audit by starting off with an opening meeting.
Audit plan followed.
Issue non-conformance reports and
identify gaps within the processes.
Balance of the 50% deposit paid.
Conduct closing meeting.
"Brags & nags"discussed.
Issue audit report.
Project proposal and project plan
submitted along with an SLA.
Create audit reports.
START
Figure 2: A Gap Analysis Process
09
5.2 Gap Analysis Costs
The more the processes / employees the more man days are required. WWISE and the organisation can agree on multiple days of an audit with 1 auditor or multiple auditors in one day.
To quote effectively for a Gap Analysis Audit WWISE require the following Information:
• Scope of the organisation including the ISO Standard Required to be audited against.
• Legal requirements (register) if there are any.
• Number of processes / departments.
• Number of employees per process department.
A Gap Analysis Audit proposal with a quotation shall be sent once the information is gathered from the organisation. A 50% deposit is required in order for WWISE to book dates for the audit. The balance is paid after the audit is complete, with a report and project implementation proposal.
6. ISO-IMS6.1 Integrated Management System Software
The demand for Governance Risk Management and Compliance is growing substantially. Organizations are replacing unintegrated point solutions and spreadsheets with centralized, enterprise-wide, integrated solutions that cover the full spectrum of risk disciplines. WWISE strives to provide an accessible compliance software solution that adapts to each unique business and, in return, can assist in ISO certification by being paperless and more efficient.
Our target market is any business that requires a user-friendly software platform that resolves standard corporate governance, risk and compliance issues as well as any business that needs to streamline and standardize documentation across departments and become ISO compliant. This will also be available on mobile devices using iOS, Windows or Android.
The costs associated with an audit is R9250-00 (excluding Vat and travel outside of Gauteng). One Man Day Audit can audit upto 4 processes or 8 employees in a day including the ISO Management System.
10
6.2 Our ISO-IMS Modules are:
1. Document Control
2. Non-Conformances & Corrective Action
3. Risk Assessments & Preventive Action
4. Environmental Aspects an Impacts Assessments
5. Hazard Identification and Risk Assessment (HIRA)
6. Safety Incidents & Accident Investigation
7. Auditing Management (First, Second and Third Party Audits)
8. Management Review Meeting
9. Internal Communication
10. Client Satisfaction
11. Supplier Management
12. Training
13. BEE scoring
14. Human Resources & Performance Management
15. Quality Control
16. Marketing
17. Finance
18. Asset & Calibration Management
19. Energy Management
20. Information Security
21. Project Management
22. Reports
6.3 How to get ISO-IMS
Schedule an interview with our consultants01
Client accepts proposal03
Quote05
System implementation07
Maintenance and support09
02Presentation by our consultant team
04Gap analysis
06Client accepts quote
08Training
Figure 3: How To Get ISO-IMS
11
6.4 Specification Documents for IMS Modules
1. / Document Control (Control of Documents and Records)
Documents of all types can be created, distributed to relevant users and edited through a user-friendly approval
process. All documents are stored systematically and provide a read only format with appropriate version
numbers document numbers and relevant corporate identities. Once documents and records become obsolete
they are archived. A record control subsystem can link to any server and with a unique means of tracking the
record through the system via a search function for accessibility.
2. / Non-conformances and Corrective Action
Non-conformances can be created, assigned to the responsible personnel rejected or accepted. The non-
conformance module seamlessly integrates with all modules offered within the IMS and enables users to track all
non-conformities created within this module and those generated by other modules. An online root cause analysis
is provided by the management system where users can complete the relevant information (Such as 5 Whys,
Fishbone Diagram, corrective actions etc.). The system provides a reporting tool for trend analysis for all non-
conformances and corrective actions. The module interfaces with the risk assessment module and updates the
risks accordingly.
3. / Risk Assessments and Preventive Action
This module gives users the ability to create a risk matrix based on inherent risk, residual risk and risk treatments
liked to objectives, targets and actions plans. The module is created in line with ISO 31 000 which is the
fundamental guideline for risk management. The module tracks, monitors and report on all risks associated with
projects, products, services, processes, environmental, safety, energy, asset information security and integrates
with all modules that have risk analysis functionality.
4. / Environmental Aspects and Impacts Module
All aspects and impacts of the user’s environment can be documented, managed and analyzed. This module
provides an automated formula based on the likelihood and consequences, and calculates the total risk, with
mitigation controls, objectives, targets and programmes alike. The Environmental portal can also link to various
legislations to justify compliance.
5. / Hazard Identification and Risk Assessment (HIRA) Module
The module enables users to document all health and safety hazards in the workplace as well as their control
measures. The controls can link back to policies, processes, procedures and records. This is also part of the risk
assessment module that primarily focuses on safety hazards within any workplace and links to the Occupational
Health & Safety Act and International Labour Standards on Occupational Health & Safety.
6. / Safety Incidents and Accident Investigation
Users are provided with a user-friendly interface where incidents can be recorded, tracked, managed, and
maintained. The accident investigation module links to the corrective action module to allow user to conduct
a comprehensive investigation using the 5 whys and fishbone diagram. There are options to add images and link
to CCTV footage. This provides a comprehensive management tool for Occupational Health & Safety and is aligned
to the Occupational Health and Safety Act, as well as the International Labour Standards on Occupational Health
& Safety.
12
7. / Audit Management Module
This module allows users to track and manage the scheduling of audits and recording the results of audits of all
types (First Party-Internal, Second Party-Supplier, and Third Party-Certification). While seamlessly integrating with
the non-conformance module to create an action plan that ensures conformance to a variety of ISO standards that
links to the corrective action and risk assessment module.
8. / Management Review
The Management Review module has set inputs in accordance to the requirements of the standards which can
be entered into the agenda per standard. The discussion that takes place can be entered as minutes, actioned
with dates, linked to your calendar on Outlook or SharePoint and once complete, reference back to a record to
justify actions are completed.
9. / Internal Communications
The Management Review module has set inputs in accordance to the requirements of the standards which can
be entered into the agenda per standard. The discussion that takes place can be entered as minutes, actioned
with dates, linked to your calendar on Outlook or SharePoint and once complete, reference back to a record to
justify actions are completed.
10. / Client Satisfaction Module
Custom questionnaires are created with a simple 1(Poor) - 5(Excellent) rating for each question. A function has
been created to send the specific survey to the client to rate the service aligned to objectives and client contracts.
On retrieval of the feedback the percentage gained from the survey is automatically calculated and a statistical
report of both the overall and individual client feedback is developed.
11. / Supplier Management Module
The supplier management module allows users to source and evaluate potential suppliers based on criteria you
can define and create, it automatically scores and rates the potential and current suppliers according to the
company’s preferences and policies. Suppliers can apply online to become a vendor, undergoing an online
assessment with supporting documents and even questionnaires. This is also linked to the BBBEE module.
12. / Training
The Training module allows the organisation to control the records of all its employees and contractors. These
records will be aligned to evidence for Education, Skills, Experience and Training. Where Training is required
a skills plan can be generated linked to the Performance Module in Human Resources to determine effectiveness of
training. This can also be linked to our E-Learning portal to keep records on the various delegates and
their respective training and assessments.
13. / BBBEE Scoring
Users are provided with a user-friendly interface where incidents can be recorded, tracked, managed, and
maintained. The accident investigation module links to the corrective action module to allow user to conduct
a comprehensive investigation using the 5 whys and fishbone diagram. There are options to add images and link
to CCTV footage. This provides a comprehensive management tool for Occupational Health & Safety and is aligned
to the Occupational Health and Safety Act, as well as the International Labour Standards on Occupational Health
& Safety.
13
14. / Human Resources
This module consists of a variety of activities including recruitment, induction, record control, leave, performance
appraisals, disciplinary hearings, training and claims. The Performance Appraisal and escalation element in the
module allows to track whether or not non-conformances are being done within the relevant time frames, actions,
objectives and corrective actions are being conducted, if not points are automatically deducted and escalated to
management.
15. / Quality Control
The module allows users to perform a quality control processes throughout their organisation and analyse the
results. This can be added by the organisation by the use of a diagram, flow chart and respective understanding
where there verification/inspection and validation points of the processes are. With the use of various statistical
control mechanisms such as control charts, quality control plans, Pareto Analysis, check sheets and various other
tools to assist process/product/service conformity.
16. / Marketing and Sales
In this module sales and marketing are combined into one system. It enables the users to track the entire sales life
cycle, identify the source of the leads, perform direct marketing campaigns, generate quotations, monitor
negotiations, perform client relationship management and even calculate commission based on your criteria.
17. / Finance
The Finance module assists organisations to determine the income and expense of each department and
organisation as a whole. It can calculate profit, loss per project as well as assist in calculating Value Added
Tax, create purchase orders, quotations, tax invoices statements and reconciliations. We can also pull data from
your current financial systems and report on them based on your preference.
18. / Asset & Calibration Management
This module enables the user to manage all company assets and associate the assets to a calibration record for
measuring equipment or any other quality related applications. It can also link to a risk management portal
that can assist in information security controls, depreciation and decommissioning of assets aligned to its
reliability, maintainability and availability. The calibration module forms a part of the asset management module,
and is designed to ensure that measuring equipment is regularly calibrated, a preventive maintenance plan
with alerts for preventive and corrective maintenance can be customised to ensure all calibration records and
certificates are uniform to the measuring tools, or configured based on the correct and updated licenses for
software and antivirus.
19. / Energy Management
The user is provided with a software based system to assist with focusing on the energy performance of the
organisation. The system will provide a platform to pull data from smart meters or any other monitoring tool
to conduct an energy review. Users are able to identify significant energy usage, set baseline parameters with
variables, formulate energy performance indicators and create energy objectives, targets and actions plans with
a reporting function related to a customised dashboard, assisting users to justify reduction or optimization of
energy consumption against any capital costs.
MTN SA
NASHUA
PRASA
VODACOM
PIMS/JSI
UNISA
SABC LEARNING & DEVELOPMENT
IMPLATS
PAYSPACE
ESKOM
AUTO MAGIC
COLUMBUS STAINLESS
7. Our Respected Clients
14
20. / Project Management
This module assists the user in planning, organising and managing resource tools and developing resource
estimates. By identifying projects, milestones, and tasks and controlling those using records and justification of
timelines with great advanced statistical tools. The module can pull data from any current project management
tool such as MS projects or Excel.
21. / Information Security Module
The information security module allows an organisation to select its statement of applicability based on the
controls of ISO 27001:2013, create an asset risk based on the asset module, link to the risk assessment and
treatment plan and conduct regular security logs of penetration tests, vulnerability scans to detect any malware
and protect e-mails and confidential information on devices using smart algorithms. All incidents can be logged
on a ticketing system and the root cause of the action can be determined with the corrective action module.
22. / Reports Module
An accessible reporting function and business intelligence module is provided, this enables the user to view all
reports in different forms with statistical analysis tools for each module in the software or in any other system.
Users can easily design their own advanced dashboards and reports, with slice and dice functionality.
9. Recommendation & Conclusion9.1 WWISE RECOMMENDATION
WWISE recommends a Gap Analysis Audit for organisations to understand the current status of conformance to the ISO Standard to effectively be quoted on the Implementation of an ISO Management System.
* For Organisations that cannot afford the Consulting Fees and Implementation Costs associated with this proposal, WWISE recommends purchasing readymade Manuals, Procedures and Templates upon request - this excludes any training or consulting.
* HOWEVER THIS CANNOT GUARANTEE ISO CERTIFICATION.
9.2 CONCLUSION
WWISE would like to thank you for allowing us the opportunity to submit our proposal. We commit to meeting all our client requirements and exceed their expectations, with clear emphasis on quality.
We can guarantee any ISO certification with any certification body as we pride ourselves with a 100% conversation rate for our clients who continue with certification.
• For more information on Customized Web-based Solutions, Training, Maintenance and Consulting contact us on: 08610 99473(WWISE)
• To view our respective satisfied clients and any further information please visit our website: www.wwise.co.za
8. Testimonials We highly recommend Wwise on any projects that they wish to embark on and are delighted with the services provided to MTN to globally stand out as one of the leading telecommunication industries in the world.
Willem Weber Senior Manager Core Implementation MTN
The facilitator was incredibly knowledgeable and gave the course that element of joviality by allowing it to be completely interactive and providing real world examples which were specific to our organisation.
Shaan Hussain Specialist Process Engineer: Service Solutions SARS
I can confidently recommend WWISE as a solid and reliable consultant, and experts in their field.
Nokubonga Mhlongo Management Quality Representative R4C
SAQI has worked with Muhammad Ali since 2008 and has found him to be honest, trustworthy and extremely competent. He has been our preferred service provider for a number of SAQI’s training programs particularly our ‘SAQI certificate in quality.
Vanessa Du Toit & Paul Harding South African Quality Institute
“
“ “
“
15
TEL: 08610 99473 (WWISE)
FAX: (012) 664 0368
CELL: 072 300 50 65
EMAIL: [email protected]
WEBSITE: www.wwise.co.za
Jean Park Chambers, 252 Jean Avenue, Unit 26 Building 8, Centurion, South Africa
ACCREDITED & MEMBERS OF:
SABS: ISO 9001:2015 SAIIE SAQI PROUDLY SOUTH AFRICAN LEVEL 1 BBBEE FP&M SETA PMSA MEMBER OF THE GREEN BUILDING COUNCIL OF SA