Top 3 ISO standards to feed into your ISO supply chain management
26 June 2019
Your organisation’s ISO supply chain management can be enhanced with correct ISO accreditation, which is a powerful tool for overhauling how your business operates.
The modern ISO standard for supply chain management recognises that compliance cannot happen in a vacuum. Quality management for you must also involve quality management for the suppliers who provide you with the materials and services that your business needs to function.
We look at the top 3 ISO standards you can achieve to not only enhance your own operation, but strengthen your grip, slice risk and embed security throughout your supply chain.
1. ISO 22301
What would you do if a key supplier went bust tomorrow? Or a crucial delivery was delayed past crunch time? What if your power supply was suddenly cut off?
ISO 22301, the business continuity standard, is designed to ensure you have answers to those questions.
Accrediting to the standard means:
- Pinpointing the critical processes your business needs to continue functioning
- Assessing the key associated risks for each process with a Business Impact Analysis
- Building and testing a continuity plan to ensure your critical processes continue to operate
Assessing supply chain risk is a core element of ISO 22301.
An ISO 22301 auditor will expect to see that you've considered how to work around any event that disrupts your suppliers' ability to work for you, from transport disruption and natural disasters to financial collapse and technological faults.
Accrediting to the standard is a great way to give your business a more flexible, resilient approach to your suppliers and prevent an irreparable break in your ISO supply chain. Bringing your suppliers into the loop with shared continuity plans and transparent risk assessments will only make your business continuity management system (BCMS) even stronger.
2. ISO 27001
The longer, more complex and more international your ISO supply chain, the weaker the security of information passing along it. This makes your business more vulnerable to cyber breaches, attacks and regulatory penalties.
A 2018 survey showed that 56% of organisations had suffered a breach of security caused by one of their vendors, and the average number of third parties with access to sensitive information was 471 per company. That means potentially hundreds of cyber security threats are present within your supply chain, making an ISO 27001-certified information security management system crucial.
Hardware and software systems, particularly cloud-based, are a key risk factor to consider since it's likely your business is supplied with them by at least one third party.
3. ISO 14001
Businesses looking to lighten their environmental impact and carbon footprint can only make the strongest possible change by driving their supply chains into compliance with them. One of our clients did exactly that, harnessing their massive purchasing power to restructure their supply chain towards more efficient, low-wastage suppliers and processes. Along with the wider environmental benefits, they reported a dramatic cost reduction as waste was sliced.
Several studies have shown that profitability and public benefit don't form a zero-sum game. 14001-accredited businesses with environmentally conscious supply chains outperformed other businesses by around 10% on the stock market in 2018, according to Bloomberg.
Establishing common objectives and KPIs, maintaining performance with a Plan Do Check Act cycle and transparent reporting, implementing a shared improvement plan: these are all key ingredients for driving ISO 14001 compliance deep into your supply chain. Thanks to the so-called 'green bullwhip effect', pushing for environmental sustainability tends to cause ripples of action beyond your immediate grasp, driving positive improvement far beyond your direct suppliers.