An integrated management system (IMS) incorporates and centralises an organisation’s seperate management systems and processes within one framework, eliminating silos and inefficiencies. It allows universal objectives between your departments and systems, and allows operations to be simplified by having one system to follow rather than a number of seperate ones.
ISO9001: Quality, ISO14001: Environment, ISO 4500: Occupational Health and Safety (formerly AS/NZS4801, OHSAS18001) and ISO27001: Information Security all have clauses and terminology in common that can be used to more efficiently manage the whole process. It makes sense to reduce duplication and manage them at the same time.
After all, whenever your staff are carrying out a process they have to think about all aspects: quality, environment, safety and information security.
For instance, to comply with the requirements for training and competency as required by the standard, you need to consider a number of things:
You need to ensure that your staff members are competent on the basis of knowledge to deliver the product or service (quality ISO 9001), determine training needs associated with your environmental impacts (environment ISO 14001), how to deliver the product or service safely (safety AS/NZS 4801, ISO 45001 and OHSAS 18001), and finally how will you secure the training records that may be stored (information security ISO 27001).
Further to this point, Annex SL goes on to state an integration of the management system into business processes is required. So, it becomes pretty clear why you should consider having an integrated management system. But, what parts do you integrate? And what is required to integrate them?