Businesses doing charity

Why corporate social responsibility is so attractive to consumers

Companies with social responsibility policies attract more customers and encourage loyalty over the long term. And this is essential for an organisation’s ongoing success. From protecting the environment to tackling poverty, these policies enhance the image of socially responsible organisations. It becomes synonymous with your brand. This makes you more attractive to consumers which translates to a positive effect to your bottom line.

But it is more than that. Corporate social responsibility (CSR) is attractive to consumers for a number of reasons. And they will all have a positive flow on effect to your organisation. The beliefs of a brand are increasingly more important to consumers. They want the beliefs of the organisations they deal with to align with their own beliefs. Consumers are willing to pay a higher price to deal with or by products from socially responsible companies. Your policies and beliefs are an incentive for consumers to become a customer of your business.


Brand beliefs

Price based strategies alone are no longer enough to engage consumers. When looking to buy, consumers look at a brand’s beliefs and purpose and how it implements these as part of the business. How consumers respond to your beliefs is now important for success.

Research shows that people are aware of a company’s commitment to social responsibility. When a company’s purpose and beliefs match with consumers, they will engage with your business. If they do not match, 42% will walk away and you will never win back 21% of them.  


Consumers care about the world

Companies need to meet consumer expectations. More and more they expect sustainability and CSR from brands. A study found that a third of respondents choose to buy services and goods from companies with a social and environmental conscience. And 21% of respondents are acutely aware of the increasing problem with waste. They said they would choose companies who were working proactively to change their packaging so it is more sustainable.

Today’s consumers have high expectations of brands but it has positive benefits for your company.


Corporate social responsibility – the benefits

CSR policies will contribute to the success of your business over the long term by:

  • Reducing costs. A reduction in energy use and waste, natural resources and raw materials means you create efficiencies within the organisation which cuts costs. A waste program is socially responsible has a positive effect on your profit margins.
  • Building consumer trust. Social responsibility and sustainability strengthens relationships and builds consumer trust in your brand. This will ultimately translate into long-term success. It also attracts employees who want to work for a company that is making a difference to the world. And this increases employee morale and productivity.
  • Driving company growth. CSR policies such as sustainability can open new markets and inspire innovation.


What it comes down to

Companies that embrace CSR grow consumer loyalty through positive brand recognition. This drives growth and profits and sets it up for long-term success.

Contact us to discover how your company can embrace socially responsibility. We can show you how to grow your business to achieve success over the long term.

Business owner looks at certification

How to Choose an ISO Certification Body

When implementing ISO standards, you need to hire a certification body to certify your company’s compliance. There are many to choose from, and not all are accredited. Anyone can give you that piece of paper certifying compliance, but not all have a licence. So, it is essential to check that your preferred certification body has the necessary licence from a recognised accreditation service. For example, in New Zealand, it is JAS-ANZ and is very simple to check their register, which is public and regularly updated:

What else should you consider when hiring a certification body?

Price is not the only factor to consider

Price is certainly a primary consideration when choosing a certification body. Always get at least two proposals to compare costs and what they include. Make sure you check their accreditation status. Also, consider the following when selecting a company.


Industry experience

Companies with little experience may be cheaper. Do not let this tempt you. Someone without much experience can miss valuable insights that can cost you more in the long run. Check an organisation’s background before hiring them. Ask who will conduct the audit. Also, ask for their credentials and a list of organisations they have previously audited.


What is their specialisation

If you are a manufacturing company, it is probably not a good idea to hire a company that generally works with financial institutions. While the auditor may be an expert with financial requirements, you may spend a lot of time explaining how the manufacturing process and supply chain works. The point is to learn from the auditor, not the other way round. It is wise to choose an auditor with experience in your industry.


Reputation is important

Avoid choosing a company without a good reputation. ISO certification is an important milestone for your business that you can use for marketing goods and services. So you want to ensure the certifying body has stringent criteria your company needs to meet. If your certification body just gives away compliance certificates, it is really meaningless.


Integrated audits

When you are planning certification for more than one ISO standard, ask your certification body for an integrated audit. This will save you money and time as you will not need to go through separate audits for each system. The auditor can audit them all at the same time.


Consider the value a certification body offers

It is important to consider the overall value a company offers. The cheapest certification body may not have the experience and reputation, and end up costing you more in time and money. And the most expensive may not offer value for money. Do your research to find the best certification body for your company.

At QICE we can help you make the right decision. Talk to us today for help or advice about the best company to help you achieve ISO certification.


How ISO 9001 can increase your ROI

Many service, distribution and manufacturing organisations find meeting quality requirements consistently costly. So it makes sense to implement ISO 9001 NZ right across your organisation. It increases your quality performance and saves money on your bottom line.

A Quality Management System (QMS) helps lower expenses which increases profits. Investing in a quality system makes your company attracts more customers. Focusing on quality encourages customer loyalty which gives you a competitive edge. A QMS lowers your expenses by:

  • Reducing the need to carry inventory so you do not need so much working capital.
  • Streamlining processes and procedures which lowers your production costs.

Your return on investment (ROI) in quality will outweigh the costs of implementing and maintaining a QMS.


What is quality costing you?

It is natural to want to know if a QMS is cost-effective. First you need to assess what quality costs you:

  • Cost of prevention. How much do you spend on preventing recurring quality problems? This can include the cost of creating procedures and processes, quality plans and training.
  • Cost of appraisal. How much do you spend on measuring and monitoring activities to achieve consistent quality across the company?
  • Cost of internal failures. What are internal failures costing you? This includes scrapping and reworking a product, and the time and labour spent replacing products.
  • Cost of external failures. Cost of external failures includes warranties and loss of business.

The cost of preventing quality issues is a lot less than dealing with customer complaints. But you probably already know this. Poor quality products and services cost your organisation 10 times more to deal with once it reaches your customer than it does to prevent the issue in the first place.


ISO 9001 benefits

The following are just a few of the financial benefits of a QMS:

  1. Reduces manual processes which reduces human error and increases employee productivity.
  2. Access to real-time reporting. This allows you to make more informed decisions which means less overall downtime.
  3. Improved processes and efficiency means higher productivity.
  4. Consistent quality control across the whole organisation. This reduces defects, mistakes and customer complaints.
  5. Increased customer satisfaction which boosts sales and business opportunities.

Understanding and measuring what quality costs you allows you to see how spending more on prevention and appraisal helps reduce costs. Spending more in advance implementing a QMS lowers the cost of poor quality. Understanding all this helps you can calculate your ROI.

Our specialists understand quality and how you can use a QMS to get the best out of your business. Contact us today to find out how ISO 9001 can increase your ROI. We are passionate about helping businesses grow too their full potential using ISO certification.

Woman using computer

How ISO 27001 Works

ISO 27001 is a risk management standard for protecting your organisation’s information. It is an Information Security Management System (ISMS) that monitors, reviews, maintains and improves how you deal with your information and the data you collect.

Using ISO 27001 NZ allows you to:

  • Identify potential security risks to business information for insight into vulnerable areas.
  • Establish a management system to control how and where you store information and how to use it.
  • Provide a framework for implementing and managing information controls.
  • Manage compliance with regulations and laws.
  • Outline information security processes, policies and standards for the organisation.
  • Maintain a process for managing your information security policy into the future.
  • Inform employees and third party contractors of the risks and process for incident reporting
  • Set objectives for managing information security.
  • Keep IT systems updated with the latest protection.
  • Put in place system access controls.
  • Monitor system and user activities.


How it works

ISO 27001 works from the top down. It is technology neutral and uses a risk based approach. Implementing an ISMS means your organisation establishes security controls in a structured manner. Without an ISMS, companies often implement controls for specific situations or as a convention. But these normally only address aspects of IT or data security and soon become disorganised. This leaves other assets such as company paperwork and proprietary knowledge lacking in protection.

Putting an ISMS in place minimises the risk of security breaches that can negatively impact your business. Information breaches will damage you company reputation and can cost you a lot of money when it falls into the wrong hands.

A business that achieves ISO 27001 certification demonstrates it:

  • Protects information from unauthorised access.
  • Ensures accuracy of the information.
  • Ensures information can only be changed by authorised users.
  • Has assessed the risks and put controls in place to mitigate the impact of any breaches.
  • Was independently assessed and meets international standards.

An ISMS does not guarantee that breaches will never occur but it:

  • Increases the reliability and security of your information and systems.
  • Improves customers confidence in your business as it aligns with their expectations and requirements.
  • Increases the resilience of your business.
  • Improves your management processes and integration with corporate strategies.


Risk management is central

Risk management is central to ISO 27001. It does not tell you how to protect your information. ISO 27001 provides a framework. You complete a risk assessment and then decide what controls the business needs to protect your information.

A robust ISMS reduces your risks, disruptive activity and costs. It also boosts your reputation and trust in your business.

To discover more about how ISO 27001 works, contact us today. We can show you how establishing an ISMS protects your information.

Business meeting

Benefits of ISO 9001 for business

Implementing ISO 9001 provides your business with a practical Quality Management System (QMS) that allows you to monitor all areas of your business. A QMS establishes a set of workable procedures for your organisation. It allows you to define how you will meet stakeholder and customer requirements.

The basis of ISO 9001 is continual improvement. It is flexible so is suitable for use by any organisation. The standard does not specify quality objectives or how to meet customer needs. But expects an organisation to define these objectives and strive to continually improve their processes to meet them. Once your business reaches its targets, reassess them in pursuit of continual improvement.


ISO 9001 advantages for business

By putting a QMS in place, it helps your business to focus on what is most important. QMS processes provide a solid framework which increases productivity and profitability and boosts efficiency. It also increases customer acquisition and retention through greater confidence in your organisation.

ISO 9001 advantages for businesses includes it:

  • Is suitable for organisations of all sizes.
  • Allows for better internal management.
  • Produces less waste.
  • Is a globally recognised standard.
  • Can integrate with other ISO standards.
  • Increases efficiency, productivity and profitability.
  • Improves customer numbers and loyalty. ISO 9001 gives customers confidence your business has procedures and processes, so they have confidence in receiving a high standard of customer service.
  • Gives you the ability to expand into new markets where clients require certification before doing business with an organisation.
  • Can help identify and address organisational risks.


ISO 9001 advantages for customers

Customers understand the advantages of working with a business with ISO 9001 certification. And some customers will only work with certified organisations as it gives them confidence your business continually assesses its management systems.

ISO 9001 advantages for customers includes:

  • Access to improved services and products.
  • Predictable schedules for production runs and deliveries.
  • Promoting good communication and reporting.
  • Minimising mistakes.
  • Maintaining standards through annual assessments.
  • Putting customers first so you can meet their needs consistently and enhance customer satisfaction.
  • Fewer complaints and returned products.


ISO 9001 advantages for staff

One of the most important things people want from employment is security. But staff also want work satisfaction. By engaging them through a QMS it can improve job satisfaction by recognising the importance of your people.

ISO 9001 advantages for employees includes:

  • Boosting productivity and performance.
  • Promoting higher employee engagement.
  • Providing employees with insight into the organisation’s processes and procedures.
  • Reducing inefficiencies to improve employee’s workflow by focusing on preventive measures which decreases internal costs.
  • Improving customer service and their experience with the organisation.
  • Establishing continuous training programs to equip them with the skills to deal with changing needs.
  • A commitment to get it right the first time.

ISO certification is important for all organisations as it allows business growth, cost savings and profitability. It establishes ongoing quality standards for continuous improvement and a sustainable positive customer experience.

Contact us today for more information. We are passionate about assisting businesses achieve greatness through ISO certification.

Hands typing on a keyboard

How to know if your business needs an ISO 27001 Certification

Information and data is the essence of most organisations. It is a source of intelligence that can provide a competitive advantage and drive the success of future plans.

Your data is usually stored electronically so you need to protect it from accidental or deliberate loss. Data and information is a business not an IT problem. The use of ISO 27001 – Information Security Management System (ISMS) gives you a framework to protect and manage critical information and data effectively.

Cyberattacks and data theft are more common than ever, and staff make mistakes. If your business does not have policies and procedures in place, it becomes easy for hackers to steal data. ISO 27001 certification demonstrates your commitment towards minimising security threats and gives customers confidence in your business. Certification improves credibility and your value proposition. It gives customers confidence.


You want to avoid potential costs of a security breach

Security breaches have a potential to cost your organisation not only a lot of money but loss of reputation. Implementing ISO 27001 demonstrates your proactive approach to protecting information so if there is a security breach you may avoid heavy fines and penalties.

An ISMS gives you the ability to make informed decisions based on risk management and continuous improvement.


You want to maintain data privacy and integrity

All organisations are responsible for maintaining the privacy and integrity of the data collected. An ISMS helps to secure and reduce data breaches. Implementing ISO 27001:

  • Gives organisations storage and access control of data. You can safely use and destroy it effectively using organisational processes and procedures.
  • Ensures the protection of data which reduces the likelihood of clients’ losing trust and suing you for data breaches.
  • Means you have the processes and procedures in place to quickly detect a breach so you can take appropriate action.
  • Allows a systematic approach to identifying, managing and reducing threats to your data.
  • Ensures the integrity of data using access controls, and procedures for backing up and organising data.


Information security should be a priority

Information security should be a priority for all organisations. As technology gets smarter, so do hackers. They will stop at nothing to breach and compromise sensitive data to use to their own ends.

You may think you have good control of your information. But how effective these are depends on how you monitor and control your security management processes. A short-sighted approach is having security controls for only specific IT areas. This then poses a threat to assets that are not IT-related. Implementing ISO 27001 overcomes these issues. Certification guarantees customers your organisation uses best practice methods to secure the collection of data and information.

Achieving and maintaining ISO 27001 certification has many more advantages. To find out if your business needs certification, contact our ISO specialists. We pride ourselves on helping New Zealand businesses grow to their potential.


Why is internal auditing important for any business?

People often ask what internal auditing is, and whether it is necessary for a company. Should a small organisation spend resources on an internal audit program? For a larger company, with many employees, is it important to secure another opinion?  If you need to provide efficient, compliant, and secure services, then the answer is “yes”.

Why is auditing important?

The internal audit has become an important element in the assurance environment of many organisations, and a valuable tool and for managing risk more effectively. This applies to both the corporate sector and the public sector. It is an important function of any information security and compliance program, and is a valuable instrument for managing risk effectively and appropriately.

What can auditing help with?

The role of the internal audit is to provide independent assurance that an organisation’s risk management, governance, and internal control processes are operating effectively. Internal auditors, along with executive management, non-executive management and the external auditors, are a critical part of the top-level governance of any organisation. Internal auditing provides insight into an organisation’s culture, policies, procedures, and it assists board and management oversight by verifying internal controls such as operating efficiency, risk mitigation controls, and compliance with any relevant laws or regulations.

Many companies have already discovered the potential that internal auditing can unlock in their business improvements, and have included internal auditing roles and functions in their businesses. Although this process may seem like a luxury to many small to medium-sized businesses, the truth is that they can’t afford not to implement internal auditing in their businesses.

Internal audit programs are critical for monitoring all your business assets and ensuring that they have been properly secured and safeguarded from threats. It is also important because it helps you to verify that your business processes reflect your documented policies and procedures. An internal audit helps you locate areas where your business can save time and money by examining the day-to-day tasks of workers, and pointing out areas where improvement is possible. Audits also identify areas of waste in a business, as well as fraudulent spending or improper transactions by employees.

An internal audit is essential for any organisation that wants to utilize its resources properly.



Top 10 benefits of internal auditing

An internal audit is a systematic and independent examination of an organization, an evaluation of the effectiveness of a company’s internal controls.

In the broadest sense, an internal audit, often also referred to as management control, includes the plan drawn up by management related to the organization, methods and procedures that are necessary to meet a company’s mission, goals and objectives. Internal controls also serve as the first line of defense against fraud and legal violations, or breaches of regulations and the provisions of contracts and agreements.Internal controls include processes for planning, organizing, directing and controlling operations, as well as systems for measuring, reporting and monitoring performance and actions taken by management and other parties to enhance risk-management and increase the likelihood that established objectives and goals will be achieved.

The internal audit function is the key to ensuring proper monitoring and safeguarding against threats at work within an enterprise. It does so by creating critical opportunities for objective insight into a business’s assets, the work it does, and the controls it has in place. It is an invaluable tool that supports your company’s risk management processes.

Some of the benefits of having a good system of internal audit are:

  • Provides target knowledge
  • Helps protect assets and reduce the possibility of fraud
  • Enhances Efficiency of Operations
  • Increases financial reliability and integrity
  • Assesses Risks and Protects Assets
  • Ensures compliance with laws and statutory regulations
  • Surveys Controls
  • Establishes monitoring procedures
  • Makes the organization process-dependent instead of person-dependent
  • Helps top management to discover bugs in their internal control system and to draw up plans and policies for the organization
  • Provides objective insight
  • Helps shareholders to know the actual position of the organization at various points of time during the year
  • Increases accountability within the organization.

According to the Institute of Internal Auditors, “internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.”The internal audit serves many purposes, but its principal tasks include risk assessment, process walk throughs and documentation, control assessment, as well as testing and reporting.



ISO Standards – Who are the interested parties?

Any organization which intends to achieve quality environmental or health and safety certification must understand the needs and expectations of interested parties. This is a mandatory requirement of the management systems standards ISO 9001, ISO 14001 and ISO 45001. But who exactly are interested parties and how do you manage them? It may not be easy to identify who the interested parties related to your Quality Management System (QMS) are, or what to do with this information once you have obtained it. Here is a bit of information to help you determine who your interested parties are, and how they affect your QMS processes.

Interested parties are so important that they are considered an integral part of the context of the organization. They should be well-understood before defining the scope of the management system.The justification for this is that interested parties will have an impact on the organization’s ability to provide products and services that consistently meet customer needs and legal requirements. The requirements function to determine which interested parties are relevant to the QMS, and the requirements of these parties that can affect the QMS.

In each standard, the requirement to understand the needs and expectations of interested parties is expressed almost identically: The organization shall determine the interested parties that are relevant to the management system and the requirements (needs and expectations) of these interested parties that are relevant to the management system.

When it comes to ISO 9001 interested parties, for example, the interested parties can be customers, owners, people in an organization, providers, bankers, regulators, unions, partners, society, competitors, and pressure groups. For ISO 14001, interested parties can be customers, communities, suppliers, regulators, non-governmental organizations, investors, employees. As for ISO 45001, examples of interested parties include workers, top management, managers, non-managerial persons, external providers, contractors, individuals, agency workers.

Simply listing suppliers, customers, communities etc. is not enough to meet the requirements of the standard, i.e. understanding the needs and expectations of relevant interested parties. These can be defined based on their relationship with the organization, by their: responsibility (investors), influence (pressure groups), proximity (neighbours), dependency (employees), representation (trade unions), authority (regulators), etc.

For an organization, it is important to identify relevant interested parties, determine their needs and expectations, rank them in terms of power and interest, and set objectives and priorities. Taking the time to understand the needs and expectations of your interested parties is worthwhile and essential to define the scope of your management system, ensure customer satisfaction, meet compliance obligations, the continual improvement of the organization and its management system, and meeting the requirements of ISO standards.If you understand the needs, expectations, and requirements of your interested parties, it is easy to see that these are critical to ensuring that your products or services meet the requirements. This is the reason why you have or would want to have a QMS. Therefore, it is important to know and understand your interested parties if you are to properly plan and implement the processes of your QMS.


Is ISO 14001 right for my business?

ISO 14001 was first launched in 1996. It is a standard with a set of requirements, and it helps organizations to create an effective Environmental Management System (EMS). This standard allows them to benchmark their current environmental performance and to determine ways in which that performance can be improved.

ISO 14001 Certification is a general term that is used to refer to two main functions: the certification of the knowledge of individuals, and the certification of a company’s environmental management system.

What can the standard do for my business?

This standard helps organizations to improve their environmental performance through a more efficient use of resources and a reduction of waste, which can, in turn, assist organizations in securing an advantage over their competitors and gaining the trust of stakeholders.ISO 14001 is suitable for organizations of all types and sizes, be they private, not-for-profit or governmental. The system requires an organization to consider all environmental issues relevant to its operations, such as air pollution, water and sewage issues, waste management,soil contamination, climate change mitigation and adaptation, and resource use and efficiency.

What is the importance of ISO 14001?

The environmental standard is important for any organization because it helps the organization demonstrate its compliance with current and future statutory and regulatory requirements. Furthermore, it enhances leadership involvement and employee engagement, while also improving the company’s reputation and bolstering the confidence of stakeholders through strategic communication. ISO 14001 helps a company achieve strategic business aims by incorporating environmental issues into its business management, and provides a competitive and financial advantage by improving efficiency and reducing costs.

So is it right for me?

ISO 14001 is the right choice if you and your organization want to demonstrate your commitment to reducing the environmental impact of your activities, and would like to achieve the resultant financial and stakeholder benefits. Accredited certification through ISO 14001 is not a requirement, and organizations can still enjoy many of the benefits that attend on using the standard without going through the accredited certification process.What’s more,for some organizations, it can assist in showing how specific regulatory or contractual requirements are being fulfilled. Like all ISO management system standards, ISO 14001 includes the requirement for continual improvement of an organization’s systems and the constant development of its approach to environmental concerns.

An alternative to seeking representation is to look for a specialist consultant in ISO 14001. Consultants are used for a variety of different reasons, depending on the size of the organization. A small business may require hands-on help because they have limited resources. A larger organization may have the required manpower, but feel that expertise is required to maximize efficiency opportunities and to ensure that the organization meets more complex legal requirements. A consultant works to engage, involve, train and empower your staff.

ISO 14001 sets out requirements for building an Environmental Management System. By providing a way to organize people, resources and processes, it aims to meet organizational goals. This results in increased resource efficiency and a reduction of waste, thereby bolstering profitably.