Statement of Policy
Establishing the quality policy
The SLT shall establish, implement and maintain a quality policy that:
a) is appropriate to the purpose and context of the organisation and supports its strategic direction;
b) provides a framework for setting quality objectives;
c) includes a commitment to satisfy applicable requirements;
d) includes a commitment to continual improvement of the quality management system.
Communicating the quality policy
The quality policy shall:
a) be available and be maintained as documented information;
b) be communicated, understood and applied within the organisation;
c) be available to relevant interested parties, as appropriate.
Organisational roles, responsibilities and authorities
The SLT shall ensure that the responsibilities and authorities for relevant roles are assigned, communicated and understood within the organisation.
The SLT shall assign the responsibility and authority for:
a) ensuring that the quality management system conforms to the requirements of this International Standard;
b) ensuring that the processes are delivering their intended outputs;
c) reporting on the performance of the quality management system and on opportunities for improvement.
d) ensuring the promotion of customer focus throughout the organisation;
e) ensuring that the integrity of the quality management system is maintained when changes to the quality management system are planned and implemented.
The adoption by CFMS of an Integrated Business Management System (aka BMS) as per PY002, is a Board Level strategic decision introduced to help raise and maintain overall company performance standards, to meet and exceed requirements of future customers, strategic direction of the company, and to provide a sound basis for sustainable development initiatives. The BMS principles espoused by CFMS are:
- Customer focus
- Leadership
- Engagement of people
- Process approach
- Continuous improvement
- Evidence-based decision making
- Relationship Management
The aims of the CFMS Business Management System are to:
- create a framework to consistently provide services and deliverables that meet or exceed customer and applicable statutory requirements
- facilitate opportunities to enhance customer satisfaction
- address risks and opportunities associated with the framework and objectives
- provide the ability to demonstrate conformity to specified BMS requirements
In terms of design, the CFMS BMS is based on the well established Plan-Do-Check-Act (PDCA) cycle, together with risk and opportunity based thinking.
The PDCA cycle enables CFMS to plan its processes and their interactions and dependencies, as well as ensuring processes are appropriately resourced and managed, and that opportunities for improvement are identified and acted upon in a controlled manner.
The systematic definition and management of processes, and their interaction is intended to result in outcomes that are in accordance with the Quality Policy, and strategic direction of the company. The PDCA cycle facilitates the management of processes, while focussing on risk-based thinking and taking advantage of opportunities, whilst preventing undesirable results. Furthermore it enables:
- understanding and consistency in meeting requirements
- consideration of processes in terms of added value
- the achievement of effective process performance
- improvement of processes based on evaluation of data and information
Typically, each process will have a set of inputs, a series of tasks and a set of outputs. Typically, receivers of such outputs are viewed as internal customers, and providers of inputs as internal suppliers.
Policy
The CFMS SLT shall establish, implement and maintain the CFMS quality policy. The CFMS quality policy shall:
- be appropriate to the purpose and context of the organisation and shall support its strategic direction
- provide a framework for setting quality objectives
- include a commitment to satisfy applicable requirements
- include a commitment to continual improvement of the business management system
The CFMS Quality Policy shall be appropriately communicated, and shall therefore be:
- available and be maintained as documented information
- communicated, understood and applied within the organisation
- available to relevant interested parties, as appropriate
The organisational roles, responsibilities and authorities shall be defined and maintained by SLT, and therefore:
The SLT shall ensure that the responsibilities and authorities for relevant roles are assigned, communicated and understood within the organisation.
The SLT shall assign the responsibility and authority for:
- ensuring that the quality management system conforms to the requirements of both ISO9001:2015 and ISO27001:2013;
- ensuring that the processes are delivering their intended outputs;
- reporting on the performance of the quality management system and on opportunities for improvement.
- ensuring the promotion of customer focus throughout the organisation;
- ensuring that the integrity of the quality management system is maintained when changes to the quality management system are planned and implemented.
The Scope and Context of the CFMS Business Management System
Determining Our Strategic Direction
CFMS has reviewed and analysed key aspects of itself and its stakeholders to determine the strategic direction of the company. This involves:
- Understanding our core Services, and scope of the integrated management system GD001 – Understanding Company Context and Interested Parties Needs and Expectations
- Identifying “interested parties” (stakeholders) who receive our Services, or who may be impacted by them, or those parties who may otherwise have a significant interest in our company. These parties are identified in the document PR001 – Company Strategic Intent
- Understanding internal and external issues that are of concern to CFMS and its interested parties; also identified in the document PR001 – Company Strategic Intent. Many such issues are identified through an analysis of risks facing either CFMS or the interested parties. Such issues are monitored and updated as appropriate, and discussed as part of management reviews.
This information is then used by the Senior Leadership Team (SLT) to determine the company’s strategic direction. This is defined in records of management review, and periodically updated as conditions and situations change.
Scope of the Management System
Scope Statement
The scope of the integrated management system for ISO 9001:2015 and ISO 27001:2013 certification, (referred to as the Business Management System internally), encompassing CFMS as a business is defined as follows:
Digital Engineering Consultancy support, including design and analysis services, consultancy and IT infrastructure.
Statement of applicability:
Version 1.0 31/01/2023
Facilities Within the Scope
CFMS Main PremisesThe Business Management quality system applies to all processes, activities and employees within the company. The facility is located at:Bristol and Bath Science ParkDirac CrescentBristol, South Gloucestershire, UKBS16 7FR
Phone: 0117 9061100
Web: cfms.org.uk/
Permissible Exclusions
The company claims exclusions from the ISO 9001 standard clause 7.1.5.2 as CFMS is reliant on organisations that provide maintenance to ensure that measuring equipment is calibrated or verified, identified, and safeguarded from damage or deterioration.
CFMS Quality Objectives
The CFMS BMS Quality and Information Security Objectives shall be defined by the SLT and shall be:
- consistent with the BMS Quality policy
- measurable
- take into account applicable requirements
- relevant to the conformity of products and services and to the enhancement of customer satisfaction
- monitored
- communicated
- updated as appropriate
CFMS shall maintain documented information on the BMS Quality objectives for reference. When determining the CFMS BMS plan to meet the above objectives, CFMS shall determine:
- what will be done
- what resources will be required
- who will be responsible
- when it will be completed
- how the results will be evaluated
Current BMS Quality objectives identified and agreed upon are listed in the Quality Objectives Spreadsheet (GD102) Guidance document.