Public sector organisations are finding themselves increasingly under pressure, not only to deliver the very best services to their audiences but to achieve efficiency savings and justify their public expenditure. With this in mind, it’s never been more important to choose the right third-party suppliers. But how can public sector organisations know what to look for and why is choosing an accredited supplier so important?
Accreditation is independent recognition that an organisation meets the requirements of governing industry standards. It is an important way to give confidence in goods, services, management systems and people.
You want to partner with companies you can trust and develop a relationship with so that you can rely on and work together to meet your objectives.
Accredited suppliers come with a wealth of experience and expertise to give you peace of mind that your project is in safe hands.
Here at CFH Docmail, we hold a range of accreditations and certifications and have done for over 30 years. As a processor of data, trusted partner and communication expert, we understand that holding these accreditations is vital for Public Sector confidence, knowing that your data and communications are handled, managed and produced in the best possible way. But we also recognise that these accreditations and certifications highlight us as a provider of the very best communication service to our different customers. They allow us to demonstrate our practices and prove we are a trusted, reliable and ethical supplier, while also supporting our core brand values.
We have a range of accreditations and certifications, each covering different aspects and topics of vital business and industry requirements as well as data security. In this blog, our Accreditation and Certification expert, Michelle Underwood, is going to focus on some of our accreditations and certifications that are most relevant to the Public Sector, explaining what the accreditation is, why businesses may choose to achieve it and how we achieve it - which may also help you decide on partnering with us, to help you achieve your communication goals.
ISO 9001:2015 is a UKAS-accredited international standard that specifies requirements for a quality management system (QMS). A QMS is a collection of business processes focused on consistently meeting customer requirements and enhancing their satisfaction. It is aligned with an organisation's purpose and strategic direction.
In short, this accreditation demonstrates the quality controls we have in place to meet our changing customer requirements to a particular standard.
Organisations use the standard to demonstrate the ability to consistently provide products and services that meet customer and regulatory requirements. It helps organisations ensure their customers constantly receive high-quality products and services, which in turn brings many benefits to a business, including satisfied customers, management and employees.
CFH Radstock (our head office) continuously maintain registration to ISO 9001 through BSI (certification governing body) and has held the standard since 1991. CFH Livingston (our site in Scotland) maintains registration to ISO 9001 through NQA (a separate governing body). PRINT.UK.COM (our site in Windsor) maintain registration to ISO 9001 through QMS International, a separate governing body.
Independent certification governing body BSI, carry out continuing assessments against the standard twice per year at the Radstock site. NQA carry out an audit of the Livingston site once per annum, and QMS International carry out an audit of the Windsor site once per annum.
ISO9001:2015 shows our commitment to providing quality service to all our customers.
An Environmental Management System (EMS) is a framework that helps a company achieve its environmental goals through consistent control of its operations.
This accreditation simply means we ensure our processes have little to no impact on the environment and that we have controls in place to manage any impacts.
It’s a management tool for evaluating the activities of an organisation, identifying the environmental impacts associated with those activities and managing resources to reduce those impacts. An EMS also helps businesses stay compliant with environmental regulations requirements. The key concepts of an EMS are intended to help an organisation understand the full range of its environmental impact, prioritise and effectively manage its programs, track and document its progress, and reduce environmental impact (reduce energy use, waste, prevent pollution and sustainably sourced materials).
CFH Radstock maintains registration to ISO 14001 through the BSI certification governing body. CFH Livingston maintains registration to ISO 14001 through the NQA certification governing body. PRINT.UK.COM maintain registration to ISO 14001 through QMS International.
Independent audits are carried out by BSI, NQA & QMS against the requirements of the standard at each site (2 x Radstock, 1 x Livingston, 1 x Windsor).
ISO14001:2015 demonstrates our commitment to the environment, that we are responsible and monitor our impact and reduce it as much as possible.
An Information Security Management System (ISMS) is a systematic approach to managing sensitive company information so that it remains secure. It encompasses people, processes and IT systems.
BSI published a code of practice for these systems, which has now been adopted internationally as ISO/IEC 27002:2013.
This is one of the most important accreditations we hold, as it demonstrates our ability to securely manage data.
Information is critical to the operation and protection of an organisation. Being certified to ISO/IEC 27001 helps to manage and protect valuable information assets. The key concept of information security management systems (ISMS) is the ability to equivalently protect, maintain and improve confidentiality, integrity, and availability of our information assets that should be protected by the organisation.
ISO27001:2015 Underpins our commitment to take information security seriously and do all we can to protect any data that we have and keep it as secure as possible.
CFH Radstock maintains registration to ISO 27001:2013. An Independent audit is carried out by BSI, against the requirements of the standard twice per year at the Radstock site. PRINT.UK.COM has been added as an extension of scope to the Radstock certification to maintain registration to ISO 27001. The Windsor site is audited by BSI once per year as part of the schedule for both sites.
CFH Livingston maintains registration to ISO 27001:2013 through the NQA certification governing body. An Independent audit is carried out by NQA, against the requirements of the standard once per year at the Livingston site.
The 3 ISO standards work on a 3 year audit cycle - 2 years of surveillance audits where samples of the standard are audited and then in the third year, a full standard re-certification audit takes place to ensure that we are meeting the required standard and can continue to display the ISO badge.
Companies who wish to print and personalise cheques and gyros must have, and maintain the accreditation to Pay.UK Limited (‘Pay.UK’) Standard 55 under the Cheque Printer Accreditation Scheme (CPAS) – Audit Standard for Cheque Printers (CPAS mapping to BS ISO/IEC 27001:2013
Accredited cheque printers are the only organisations permitted to print and personalise cheques, so having this certification makes this possible.
This scheme only applies to our Radstock & Livingston sites.
Each manufacturing site is required to have its own independent certification and each site is assessed by, and at the same time as our ISO 27001 audits against Standard 55 requirements, at a minimum of once per year on behalf of Pay.UK Limited (‘Pay.UK’) as part of our ISO27001 audit schedule. We must have, and maintain certification to ISO 27001:2013 to achieve Pay.UK Limited (‘Pay.UK’) Std 55. Strict physical security controls, with regard to all aspects of cheque printing (such as data, printing plates, printed cheques, reconciliation, stock control and waste disposal) must be adhered to at all times.
This government-backed scheme is simple but effective, that helps companies to protect their organisation, whatever its size, against a whole range of the most common cyber-attacks.
Cyber Essentials’ trademark is its simplicity of approach. It provides guidance for the protection businesses need to put in place. The Cyber Essentials accreditation is a hands-on self-assessment technical verification that is carried out. The scheme includes five key controls that, when implemented correctly, can stop the majority of cyber-attacks.
Those controls are:
Secure configuration
Boundary firewalls and Internet gateways
Access controls and administrative privilege management
Patch management
Malware protection
Cyber Essentials permits us to work with the UK government. According to the UK government, achieving Cyber Essentials could prevent “around 80% of cyber-attacks”.
Cyber Essentials certification applies to the whole CFH group that covers all three sites.
Certification to Cyber Essentials requires annual re-assessment which includes carrying out a full technical check across all of our internal systems which includes everything in the control list.
The Forest Stewardship Council® (FSC®) is a global, not-for-profit organization dedicated to the promotion of responsible forest management worldwide. FSC defines standards based on agreed principles for responsible forest stewardship that are supported by environmental, social, and economic stakeholders. To learn more, visit www.fsc.org
Being FSC certified shows that we as a business are complying with the highest social and environmental standards on the market. Civic apprehension about the state of the world’s forests and timber resources is growing, and the FSC accreditation enables us to find a trustworthy solution to these intricate environmental and social issues.
Put simply, the FSC certification audit will assess CFH Docmail’s compliance with relevant FSC requirements. Come the end of the process, an audit report is produced, based on which the certification body makes a decision.
In the last years, the certification body has produced very positive reports on CFH, and we only had two minor non-conformances based on changing the wording for some of our procedures. Following a positive certification decision, we receive an FSC certificate and FSC certificate and license codes.
This scheme is relevant for all 3 of our sites, and as such, we must ensure that we remain compliant across these locations. Our internal audit process on the FSC chain of custody happens twice per year and involves a large amount of paperwork traceability. We are assisted by multiple teams, including the CS Production team, Logistics and Accounts.
PEFC chain of custody certification provides independent verified assurance that the certified forest-based material contained in a product originates from sustainably managed forests.
It enables businesses to demonstrate their legal and sustainable sourcing of forest products to their customers and provides them with a variety of advantages that help the environment, people, and the bottom line, such as access to new markets and compliance with legislation.
This Scheme is relevant for all 3 of our sites.
Organisations with chain of custody activities in multiple locations can gain certification for all their sites under one certificate through PEFC multi-site certification.
...some of our accreditations and certifications explained and they are just the start of it! From other sector-specific accreditations, including a 100% rating with the Data Security & Protection Toolkit approved and of course GDPR compliance to internal controls and processes we have in place to continuously manage our customer expectations and requirements, we focus on delivering the best service and solutions possible to help achieve your goals and objectives.
Why not get in touch to find out more about the accreditations, certifications and processes we have in place and how we can help you achieve your goals with effective, reliable, industry-leading communications? To do so, fill out our contact form below.
Or why not check out our Public Sector Success Stories other news and other interesting topics, by subscribing to our blogs here:
Docmail, saving valuable time and money while supporting the NHS Long Term Plan, across 110 surgeries and a combined 1 million patient cohort.
Derbyshire Community Health Service NHS Foundation Trust, utilising hybrid mail to streamline patient communication processes and increase engagement.
Housing mailing success, with an increase in client response rate of 45%
RBKC streamline the communication process, to engage with members in a secure, cost effective and trusted way – hybrid mail.
Hybrid mail helping increase patient opt in by 40%, for the primary care information sharing programme across 12 surgeries.
UK Trial Manager at University of Nottingham uses hybrid mail to attract trial participants by driving patient engagement with print and post.
With an ageing population and specific patient cohorts opting for letters as their communication preference, the surgery required an alternative process for sending printed mail.
Despite communications experiencing a shift towards digital channels, print and post remain critical in engaging and providing important information to patients.
