• ISO 45001: 2018 Occupational Health and Safety Management Systems | Standards Australia Forum

    14th May, 2018 | by Tom Barham
    Safety workers in mines Read more

    The release of ISO 45001 by the International Organisation for Standardisation earlier this year has meant that standards bodies across the world are debating whether to adopt the international standards within their own jurisdictions. Does this seem like an overcooked formality?

  • How resistant is business to cyber shock?

    13th April, 2018 | by Jay Greensill
    infographic outlining the key findings from the Global State of Information Security 2018 Read more

    Cyber attacks are an inevitable threat to businesses operating in today’s technologically-driven world. With the Notifiable Data Breaches Scheme having recently passed into legislation in Australia, timing is paramount for our country’s businesses to have in place plans and strategies to deal with data breaches.

    Under the new legislation, Australian businesses are now compelled to disclose if a data breach occurs. It’s clear from the results of PwC’s Global State of Information Security Survey 2018, that while Australian businesses are aware data breaches can occur, they may not realise how seriously it could impact their business. 40% of respondents cited the disruption of operations as the biggest potential consequence of a cyber attack and 39% cited the compromise of sensitive data. What about damage to business reputation and overall profits? There are many examples of how data breaches can negatively impact these aspects of business, with Facebook and Ashley Madison being recent examples. 

    With this in mind, it’s staggering that 44% of global respondents said they do not have an overall information security strategy. 48% said they do not have an employee security awareness training program. 54% say they do not have an incident response process.

  • ISO 45001:2018 is here

    14th March, 2018 | by Tom Barham
    Read more

    So it’s finally here – ISO has formally published its first standard for Occupational Health and Safety Management Systems: ISO 45001:2018.

    ISO 45001:2018 is intended to unify the way Health and Safety is managed across the globe. It also provides the same structure and framework as many other management systems standards, such as ISO 9001:2015 for Quality, ISO 14001:2015 for Environmental, and ISO 27001:2013 for Information Security, enabling much greater integration than what was achievable with AS/NZS 4801:2001 or OHSAS 18001:2007.

    In order to help you understand the new standard and what it means, we’ve created a small FAQ below:

  • ISO 9001, Lean, TQM and Six Sigma – same same or different?

    22nd January, 2018 | by Andrew Barham
    Man in front of manufacturing line for aeroplanes Read more

    I’ve been working with these tools, methodologies and requirements for over 30 years and I think they’re great. Like all management terms, they drift in and out of favour, get changed, manipulated, criticised, talked about by gurus, turned into training courses, and become hot topics at conferences.

    But what are they, and are they the same thing with different names?

  • How to write an audit report – long and onerous or short and succinct?

    21st November, 2017 | by Andrew Barham
    Team of auditors on site Read more

    Want some tips on how to write an audit report? We have some insider tips on what to include in your report, how long it should be, and how to write your findings.

    In this article, we’re going to specifically focus on the final written report (not the verbal report given in the closing meeting – more on that later), and some tips on how to write an audit report that add value to the organisation, and actually be used to help with continual improvement.

  • Practical Tips for Continual Improvement

    29th September, 2017 | by Andrew Barham
    PwC London Office Read more

    Continually improving an organisation is easy… you just have your people do things a little bit better each day, you celebrate and reward good behaviour, you investigate when things don’t go as they should, and you amend processes to ensure issues do not recur. And what possibly could be hard about that?

    Lots of things! You’re dealing with people, your measures aren’t robust, you don’t know if things are actually getting better, you don’t have the time to investigate properly, and you certainly do not have the time to celebrate. And of course, nobody wants to amend the process as we all operate using the PDCA method –Please Don’t Change Anything!

    In this article, we highlight simple things that an organisation might try, some practical tips for continual improvement. And this can be applied across the organisation as a whole or to single departments or individual processes.

  • Why Certification or Regulatory Auditors should not use a checklist

    25th September, 2017 | by Andrew Barham
    Women with checklist knows on office door Read more

    We know that when we do an audit, we use a checklist to help us remember what to ask and what to look for – and it normally has a place for us to write down what we’ve seen (the evidence). There is normally a column that allows us to mark some form of symbol to show the finding: C for conformance, NC for nonconformance, O for observation, or something similar.

  • Training Tips

    28th August, 2017 | by Andrew Barham
    Read more

    Here we talk about some of what we’ve learnt in the past 15 years or so of training and assessing people who want to become auditors.

    There are many articles written about public speaking which discuss topics including:  grabbing your audience’s attention in the first 10 seconds, being commanding and powerful, waving your arms about, being animated. These are good for a presentation that is going to last an hour or so, maybe less, maybe a little more. But do these “rules” apply when you are training people and the training is going to last at least a day – possibly more?

  • Policy Requirements in ISO 45001

    15th August, 2017 | by Tom Barham
    Worker wearing PPE equipment for Safety reasons Read more

    A key component of any management system is the policy; it is a high level document that should be used to guide the organisation in its operation, as well as keep them on track to meet and exceed their goals.

    Some elements of a policy are the same across all disciplines – they should always reflect the individual organisation, they should be communicated and documented, and they should include a commitment to continual improvement. Other requirements will vary – a quality policy should include a commitment to meet and exceed customer expectations, an environmental policy should include a commitment to the prevention of pollution, and an OHS policy should include a commitment to eliminate work-related illness and injury… or should it?

    With ISO 45001 just around the corner, we thought we’d take the time to have a look at the new policy requirements in detail.

  • How ready is your organisation for ISO 45001?

    20th July, 2017 | by PwC's Auditor Training & Certification
    Read more

    How ready is your organisation for ISO 45001 – take this quiz to find out.

“It is rare to find a trainer with extensive practical and current industry knowledge of the topic. This is a real world training course for real world application. 100% recommend Pat to conduct any training in future.”

“Overall very valuable course. Balance of theory with practical workshops was excellent. Trainers stuck to timetable very well.”

“The course was thorough and many relevant examples provided by both Tom and Jackie to help me apply it to the workplace.”

“Great presentation of the course, engaging facilitators and good use of group work. I found the course to be a great refresher for an audit course I did 10 years ago and now feel more motivated to go audits in a non-bow tie way!”

“Trainers’ knowledge was excellent, their knowledge made the training and learning easy.”