If you are implementing any management system defined by requirements created by the International Organization for Standardization (ISO), you will see that each of the standards includes requirements for operational planning and control. You will find clause 8.1 for operational planning if you are creating a Quality Management System (QMS) using ISO 9001, an Environmental Management System (EMS) using ISO 14001, a Business Continuity Management System (BCMS) per ISO 22301, an Information Security Management System (ISMS) using ISO 27001, an Occupational Health & Safety Management System (OHSMS) per ISO 45001, or others. Each of these standards includes requirements in clause 8 for operation of the management system and, in all cases, clause 8.1 defines requirements for operational planning and control.
So, you may ask, what does operational planning mean, and how are the standards different from each other?
What does clause 8.1, operational planning and control, mean?
To understand operational planning, we first need to understand what we mean by operations. Clause 8 of the ISO standards gives the requirements for the day-to-day activities of the management system. So, operational planning is about how we plan, implement, and control the processes needed in the management system.
Each standard asks you to plan (some use the term “establish”), implement, and control (some add maintain, as well) the processes needed to meet the management system requirements. In all cases, this implementation of operational processes links back to the actions identified in the planning activities (clause 6) earlier in the implementation. During planning, we identified risks, opportunities, and other elements of the management system that need to have controls put in place, and clause 8.1 is where this planning, and identified control activities, are implemented into our day-to-day activities.
Comparison of operational planning and control requirements
The standards include some common elements in clause 8.1 regarding how operational planning and control can be done. One of these important requirements is to keep documented information that you deem necessary to be confident that the operational processes are carried out as planned. This could be a procedure to ensure that the process is done consistently when this is necessary, and to identify when you need records to show that the process was done as planned. You can read a bit more on documented information in the article A new approach to documented information in ISO 14001:2015 (since requirements for documented information are the same in all ISO management standards, this article is relevant for other standards as well).
Another common element in operational planning and control is the control of any planned changes to ensure that any adverse effects are mitigated during the change. This includes any unintended change where someone may have mistakenly changed a process. Finally, all standards talk about ensuring the outsourced processes are determined and have adequate controls in place in line with the management system purpose.
So, the question is: How do the different standards compare regarding the requirements for clause 8.1 Operational planning? Below is a table to compare the differences in the main ISO standards:
Operational Planning and Control – An Important Consideration
It is important to see operational planning and control as a critical function if you want your management system to function well. These processes comprise your daily activities around the management system, and having adequate plans in place to ensure they are controlled properly is crucial for the ongoing maintenance of your system. Remember, thought and planning during implementation will lead to an easier management during use of the processes.
If you are looking to integrate more than one management system, download this free white paper for more information: How to integrate ISO 9001, ISO 14001 and ISO 45001.
Mark Hammar is a Certiﬁed Manager of Quality / Organizational Excellence through the American Society for Quality, and he has been a Quality Professional since 1994. Mark has experience in auditing, improving processes, and writing procedures for Quality, Environmental, and Occupational Health & Safety Management Systems, and he is certiﬁed as a Lead Auditor for ISO 9001, AS9100, and ISO 14001.