Send us a text

Summary

In this conversation, Ian Shorten, an independent information security consultant, discusses the fundamentals of ISO 27001, a standard for managing information security. He explains its importance in today's interconnected world, the core concepts of the standard, and the journey organisations face during implementation. Ian emphasises the need for a culture of security awareness across all levels of an organisation and provides practical tips for successfully implementing ISO 27001.

Takeaways

ISO 27001 is a management system for information security.

It's not just for IT companies; all organisations need it.

Understanding information as an asset is crucial.

Confidentiality, integrity, and availability are key attributes of information security.

Creating a culture of security awareness is vital for all employees.

The implementation journey can take from three months to several years.

Risk management doesn't have to be overly complicated.

Regular maintenance of the ISMS is essential for effectiveness.

Most problems in security are caused by human error, not technology.

Get a grip on your information assets early in the process.

Chapters

00:00 Introduction to ISO 27001 and Information Security

02:55 Understanding Information Security Management Systems

05:35 The Importance of ISO 27001 in Today's World

08:09 Core Concepts of ISO 27001

10:39 Identifying and Managing Risks in Information Security

13:11 The Role of Controls in ISO 27001

15:51 Flexibility and Adaptability of ISO 27001

18:33 Implementation Journey for ISO 27001

21:49 Implementation Timeline for ISO 27001

23:24 Understanding Existing Controls and Technology

25:15 Common Pitfalls in Information Security Management

28:57 Scalability of ISO 27001 for Small Businesses

31:01 Creating a Culture of Security Awareness

33:45 Maintaining ISO 27001 Compliance

36:52 Top Tips for Starting ISO 27001 Journey

Key Links

Auva Website: www.auva.com

Apple Podcast: https://podcasts.apple.com/gb/podcast/by-all-standards/id1771677594

Spotify: https://open.spotify.com/show/79OUNj3vY9dmESR3okwHJa?si=871837f56dc149b6

Youtube: https://www.youtube.com/@auvacertification/podcasts

LinkedIN: https://www.linkedin.com/company/auva-certification-ltd

Instagram: @auvacert

Michael Venner: https://www.linkedin.com/in/michaelvenner-isocertificationexpert/

Ian Shorten: https://www.linkedin.com/in/ian-shorten-8a100012/

Ian Shorten: ian@ianshorten.co.uk

Send us a text

Summary

This conversation delves into the requirements of ISO 45001, focusing on the importance of consultation and participation in health and safety management. Martin Graham explains the definitions of consultation and participation, the legal requirements surrounding them, and the significance of involving workers in decision-making processes. The discussion highlights the barriers to effective consultation, the role of leadership in fostering a safety culture, and practical tips for improving worker participation. Ultimately, the conversation emphasises the need for open communication and the importance of listening to workers' feedback to enhance safety practices within organisations.

Takeaways

ISO 45001 emphasises the need for consultation and participation.

Consultation involves seeking workers' views, while participation involves decision-making.

Involving workers can lead to better health and safety outcomes.

Legal requirements exist for worker participation in health and safety.

Barriers to effective consultation include fear of reprisals and lack of communication.

Leadership plays a crucial role in fostering a positive safety culture.

Simple mechanisms like suggestion boxes can improve participation.

Feedback from workers should be acknowledged and acted upon.

Consultation and participation are distinct but interconnected processes.

Creating an open environment encourages workers to voice their concerns.

Chapters

00:00 Understanding ISO 45001: Consultation and Participation

04:00 Legal Requirements and Cultural Impact

07:36 Engaging All Workers: Beyond Employees

10:23 Mechanisms for Effective Consultation

15:12 Common Pitfalls in Consultation Practices

16:54 Navigating Workplace Personalities

17:20 Overcoming Barriers to Safety Engagement

18:07 Creating a Culture of Open Communication

19:59 The Importance of Participation in Safety

22:01 Integrating Safety Standards Across the Organisation

23:37 Leadership's Role in Safety Culture

25:21 Building Trust Through Engagement

28:03 Defining Consultation vs. Participation

28:59 Simple Steps to Enhance Participation

Key Links

Auva Website: www.auva.com

Apple Podcast: https://podcasts.apple.com/gb/podcast/by-all-standards/id1771677594

Spotify: https://open.spotify.com/show/79OUNj3vY9dmESR3okwHJa?si=871837f56dc149b6

Youtube: https://www.youtube.com/@auvacertification/podcasts

LinkedIN: https://www.linkedin.com/company/auva-certification-ltd

Instagram: @auvacert

Michael Venner: https://www.linkedin.com/in/michaelvenner-isocertificationexpert/

Martin Graham: https://www.linkedin.com/in/martin-graham-657251173/

Send us a text

Summary

In this conversation, Alex from JWA Management Consulting discusses the intricacies of ISO 14001 and environmental management systems. He explains the concepts of aspects and impacts, common pitfalls organisations face, and the importance of engaging employees in the process. The discussion also covers how to identify significant aspects, the role of legal compliance, and the importance of stakeholder engagement. Alex emphasises the need for continuous improvement and shares tools and resources that can aid organisations in their environmental management journey. The conversation concludes with success stories and contact information for further engagement.

Takeaways

Aspects are how an organisation interacts with the environment.

Impacts are the consequences of those interactions.

Many organisations treat environmental management as a tick-box exercise.

Engaging employees at all levels is crucial for effective environmental management.

Identifying aspects requires a thorough understanding of the organisation's operations.

Significant aspects are those that could have a major impact on the environment.

Legal compliance is a key component of environmental management.

Stakeholder engagement can drive improvements in environmental practices.

Continuous improvement is essential for effective environmental management.

Tools and resources are available to assist organisations in their environmental journey.

Key Links

Auva Website: www.auva.com

Apple Podcast: https://podcasts.apple.com/gb/podcast/by-all-standards/id1771677594

Spotify: https://open.spotify.com/show/79OUNj3vY9dmESR3okwHJa?si=871837f56dc149b6

Youtube: https://www.youtube.com/@auvacertification/podcasts

LinkedIN: https://www.linkedin.com/company/auva-certification-ltd

Instagram: @auvacert

Michael Venner: https://www.linkedin.com/in/michaelvenner-isocertificationexpert/

JWA Management Consultancy Website: https://www.jwallcock.co.uk/

JWA Management Consultancy LinkedIN: https://www.linkedin.com/company/jwa-management-consulting/posts/?feedView=all

Alex Holford LinkedIN: https://www.linkedin.com/in/alex-holford-pcqi-564414240/