Integrated Management System – Interview – Overview on the current challenges organisations are facing in respect of compliance and audit
The Integrated Management System challenges
The issues that companies face at the moment in terms of compliance are particularly linked to the omnipresence of regulation on the Luxembourgish market.
This has raised a demand for integrated management systems (IMS), to be used as a central/unique repository for all reference documents required for implementation, audit and certification against regulations, standards or best practices. Labgroup has been a precursor on this track, having already put in place a comprehensive IMS that has proved its value on the occasion of the audit for the ISO 27001[1] certification on February 2014. Further, early this year, the company succeeded in the renewing of both the ISO 9001[2] and the ISO 27001 certifications, as a result of a single audit process. And, last but not least, Labgroup’s IMS is being fed for the purpose of the next audit to be performed, in order for Labgroup to become the first company to be PSDC certified.
Operating in a highly regulated market is very demanding and it is key to success for enterprises to switch their perspective on these regulations from a hindrance to an opportunity for improvement.
(from right to left) Sébastien Pineau, Lead Partnership Officer, LIST, Bernard Moreau, CEO, Labgroup, Pierre Dewez, CEO, PECB Europe. @Hôtel Royal #Elephantparade – save the elephants initiative
This has been the cornerstone of Labgroup’s certification strategy, involving both management and staff, as it is extremely important that everyone, as part of the organisation, is involved from a to z. To successfully achieve this, it is essential to innovate with organisations such as LIST, who are dedicated to help enterprises meet all these compliance requirements.
In fact, List designed a set of processes to target different certifications and develops tools, allowing to achieve compliance with different regulations. Currently, the institute launched a comprehensive risk management process for two types of risk: operational and information security risks.
Interview – Integrated Management System – LIST – PECB – LABGROUP – Watch the video now!
In a market that is increasingly moving towards deploying and operating integrated management systems, it does no longer make sense to audit and certify each norm individually.
This is the reason why for Labgroup, it was very important to find a certification body capable of auditing and certifying integrated management systems, not only ISO standards but also compliance with standards, such as PSDC.
The main difficulty to achieve this is the lack of auditors with a strong background in all the relevant fields, who are able to understand the complexity and challenges of these management systems, and all the processes and tools within.
PECB Europe, the first Luxemburgish certification body, is able to provide an answer to all of these compliance milestones in one single audit.
The key factor in achieving this is understanding how to accompany the certification and auditing process whilst leveraging what is really important for enterprises, always focusing on decreasing the footprint and noise that an audit could cause in an organisation.
Becoming the first PSDC certified company in the market, strongly increases the demands and exigencies of an integrated management system, setting a new benchmark for compliance.
This is the reason why it is more and more important that organisations such as LIST, are able to provide innovative tools to better integrate regulation, with the target of being able in the future to integrate the regulators and the regulation, making compliance more easily accessible and efficient for the whole ecosystem in Luxemburg, as well as contributing to the Luxemburgish trusted data hub.
PSDC – The new certification scheme on Dematerialisation and Archiving Services, based on the Luxemburgish law on electronic archiving (25 of July 2015).
What is PSDC?
PSDC is a standard developed to meet the requirements of the Luxembourgish law on electronic archiving (25 of July of 2015), by which an organisation providing dematerialisation and archiving services, can become certified against PSDC technical rules and requirements.
Being a PSDC certified organisation means that all documents processed by the certified organisation have the same probative value as the original. This, in turn, implies that these documents are valid in a tribunal or court, having the same value as the analogic originals (paper-based).
Contact
Lab Luxembourg S.A.
Marketing Department
2, rue Edmond Reuter
L-5326 Contern
Luxembourg
T +352 350 222 999
F +352 350 222 350
——————————————————————————————–
Links
Download press pack: www.labgroup.com/pr
————————————————————
Attachments
Communiqué de presse – Labgroup
[1] ISO 27001 “specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.”, Definition, International Organization of Standardization, 2016, available online: http://www.iso.org/ .
[2] ISO 9001 “specifies requirements for a quality management system when an organization:
- a) needs to demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements, and
- b) aims to enhance customer satisfaction through the effective application of the system, including processes for improvement of the system and the assurance of conformity to customer and applicable statutory and regulatory requirements.
All the requirements of ISO 9001 are generic and are intended to be applicable to any organization, regardless of its type or size, or the products and services it provides.”Definition, International Organization of Standardization, 2016, available online: http://www.iso.org/ .