Private sector organisations find themselves facing many challenges. From trying to do more for less, to understanding and implementing regulatory procedures and continually adapting to our ever-changing world to stay up-to-date and ahead of competitors. This combined with pressure from customers for companies to consider things such as environmental practices, diversity and benefitting communities, means it’s never been more important to choose the right third-party suppliers that positively reflect your business practices.
But how can private sector organisations know what to look for and why is choosing an accredited supplier so important?
Accreditation is independent recognition that an organisation meets the requirements of governing industry standards. It is an important way to give confidence in goods, services, management systems and people.
You want to partner with companies you can trust and develop a relationship with so that you can rely on and work together to meet your objectives while also satisfying your customer’s needs.
Accredited suppliers come with a wealth of experience and expertise to give you peace of mind that your project is in safe hands.
Here at CFH Docmail, we hold a range of accreditations and certifications and have done for over 30 years. As a processor of data, trusted partner and communication expert, we understand that holding these accreditations is vital for private sector confidence, knowing that your data and communications are handled, managed and produced in the best possible way. While conforming to both business and environmental procedures.
In this blog, our Accreditation and Certification expert, Michelle Underwood, is going to focus on some of our accreditations and certifications that are most relevant to the private sector, explaining what the accreditation is, why businesses may choose to achieve it and how we achieve it – which may also help you decide on partnering with us, to help you achieve your communication goals.
ISO 9001:2015 is a UKAS-accredited international standard that specifies requirements for a quality management system (QMS). A QMS is a collection of business processes focused on consistently meeting customer requirements and enhancing their satisfaction. It is aligned with an organisation's purpose and strategic direction.
In short, this accreditation demonstrates the quality controls we have in place to meet our changing customer requirements to a particular standard.
Organisations use the standard to demonstrate the ability to consistently provide products and services that meet customer and regulatory requirements. It helps organisations ensure their customers constantly receive high-quality products and services, which in turn brings many benefits to a business, including satisfied customers, management and employees.
CFH Radstock (our head office) continuously maintain registration to ISO 9001 through BSI (certification governing body) and has held the standard since 1991. CFH Livingston (our site in Scotland) maintains registration to ISO 9001 through NQA (a separate governing body). PRINT.UK.COM (our site in Windsor) maintain registration to ISO 9001 through QMS International, a separate governing body.
Independent certification governing body BSI, carry out continuing assessments against the standard twice per year at the Radstock site. NQA carries out an audit of the Livingston site once per annum, and QMS International carry out an audit of the Windsor site once per annum.
ISO9001:2015 shows our commitment to providing quality service to all our customers.
An Environmental Management System (EMS) is a framework that helps a company achieve its environmental goals through consistent control of its operations.
This accreditation simply means we ensure our processes have little to no impact on the environment and that we have controls in place to manage any impacts.
It’s a management tool for evaluating the activities of an organisation, identifying the environmental impacts associated with those activities and managing resources to reduce those impacts. An EMS also helps businesses stay compliant with environmental regulations requirements. The key concepts of an EMS are intended to help an organisation understand the full range of its environmental impact, prioritise and effectively manage its programs, track and document its progress, and reduce environmental impact (reduce energy use, waste, prevent pollution, and sustainably sourced materials).
CFH Radstock maintains registration to ISO 14001 through the BSI certification governing body. CFH Livingston maintains registration to ISO 14001 through the NQA certification governing body. PRINT.UK.COM maintain registration to ISO 14001 through QMS International.
Independent audits are carried out by BSI, NQA & QMS against the requirements of the standard at each site (2 x Radstock, 1 x Livingston, 1 x Windsor).
ISO14001:2015 demonstrates our commitment to the environment, that we are responsible and monitor our impact and reduce it as much as possible.
An Information Security Management System (ISMS) is a systematic approach to managing sensitive company information so that it remains secure. It encompasses people, processes and IT systems. BSI published a code of practice for these systems, which has now been adopted internationally as ISO/IEC 27002:2013.
This is one of the most important accreditations we hold, as it demonstrates our ability to securely manage data.
Information is critical to the operation and protection of an organisation. Being certified to ISO/IEC 27001 helps to manage and protect valuable information assets. The key concept of information security management systems (ISMS) is the ability to equivalently protect, maintain and improve confidentiality, integrity, and availability of our information assets that should be protected by the organisation.
ISO27001:2015 Underpins our commitment to take information security seriously and do all we can to protect any data that we have and keep it as secure as possible.
CFH Radstock maintains registration to ISO 27001:2013. An independent audit is carried out by BSI, against the requirements of the standard twice per year at the Radstock site. PRINT.UK.COM has been added as an extension of scope to the Radstock certification to maintain registration to ISO 27001. The Windsor site is audited by BSI once per year as part of the schedule for both sites.
CFH Livingston maintains registration to ISO 27001:2013 through the NQA certification governing body. An Independent audit is carried out by NQA, against the requirements of the standard once per year at the Livingston site.
The 3 ISO standards work on a 3 year audit cycle – 2 years of surveillance audits where samples of the standard are audited and then in the third year, a full standard re-certification audit takes place to ensure that we are meeting the required standard and can continue to display the ISO badge.
This government-backed scheme is simple but effective, that helps companies to protect their organisation, whatever its size, against a whole range of the most common cyber-attacks.
Cyber Essentials’ trademark is its simplicity of approach. It provides guidance for the protection businesses need to put in place. The Cyber Essentials accreditation is a hands-on self-assessment technical verification that is carried out. The scheme includes five key controls that, when implemented correctly, can stop the majority of cyber-attacks.
Those controls are:
Boundary firewalls and Internet gateways
Access controls and administrative privilege management
Cyber Essentials permits us to work with the UK government. According to the UK government, achieving Cyber Essentials could prevent “around 80% of cyber-attacks”.
Cyber Essentials certification applies to the whole CFH group that covers all three sites.
Certification to Cyber Essentials requires annual re-assessment which includes carrying out a full technical check across all of our internal systems which includes everything in the control list.
Forest certification is a voluntary, market-based instrument, implemented through two separate but linked processes: sustainable forest management certiﬁcation and chain of custody certification. This system must be in line with the requirements of the FSC Forest Management and/or Chain of Custody Standards.
Being part of FSC certified shows that we a business is complying with the highest social and environmental standards on the market. Civic apprehension about the state of the world’s forests and timber resources is growing, and the FSC accreditation enables a company to find a trustworthy solution to intricate environmental and social issues.
This scheme is relevant for all 3 of our sites.
Our internal audit process on the FSC chain of custody happens twice per year and gets involved a large amount of paperwork traceability with the help of the CS Production team, Logistics and Accounts.
The FSC certification audit will assess CFH Docmail’s compliance with the relevant FSC requirements. An audit report is produced, on which the certification body makes a decision. In the last years, our certification body produced very positive reports, we only had two minor non-conformances based on changing the wording for some of our procedures, to be in line with the last updates of FSC standards. Following a positive certification decision, we receive an FSC certificate and FSC certificate and license codes.
PEFC chain of custody certification provides independently verified assurance that the certified forest-based material contained in a product originates from sustainably managed forests.
It enables businesses to demonstrate their legal and sustainable sourcing of forest products to their customers and provides them with a variety of advantages that help the environment, people, and the bottom line, such as access to new markets and compliance with legislation.
This Scheme is relevant for all 3 of our sites. Organisations with a chain of custody activities in multiple locations can gain certification for all their sites under one certificate through PEFC multi-site certification.
So there you have it, some of our accreditations and certifications explained and they are just the start of it! From other sector-specific accreditations, including a 100% rating with the Data Security & Protection Toolkit approved and of course GDPR compliance to internal controls and processes we have in place to continuously manage our customer expectations and requirements, we focus on delivering the best service and solutions possible to help achieve your goals and objectives.
Why not get in touch to find out more about the accreditations, certifications and processes we have in place and how we can help you achieve your goals with effective, reliable, industry-leading communications?
Or why not check out our other news and other interesting topics, by subscribing to our blogs: