Standards/ Frequently Asked Questions (FAQ) - Logistics Consultants

to make you more productive . . .
Go to content

Standards/ Frequently Asked Questions (FAQ)

Purchase Standards
BS, EN & ISO standards are published worldwide, available on-line from sites including:

Quality/ ISO Certification

What is AS/BS EN 9100?
Aerospace Quality Management System [On-site assessment by most Certification Bodies] Quality Management System (based on ISO 9001), published by International Aerospace Quality Group for the aviation, space & defence industries:
  • AS/EN 9100  Design & installation
  • AS/EN 9110  Maintenance & repair
  • AS/EN 9120  Stockholding & distribution

What is Annex SL?
ISO Directives Annex SL defines the format (index) of all new/revised ISO (International Organisation for Standardization) management system standards: 0) Introduction, 1) Scope, 2) Normative references, 3) Terms and definitions, 4) Context of the organization, 5) Leadership, 6) Planning, 7) Support, 8) Operation, 9) Performance evaluation, 10) Improvement.

What do the abreviations BS, CEN, EN, ISO PAS, PD stand for?
(eg BS EN ISO 9001 or PD CR ISO 15608)
ISO: International Organisation for Standardization Worldwide technical t
erminology/procedure standards published by ISO Technical Committee

DIS: Draft International Standard Worldwide consultation document released prior to publishing finalised ISO standard

EN: European Norm European technical terminology/procedure standards published by, for example CEN (Comite European De Normalisation)

BS: British Standard  UK technical terminology/procedure standards published by British Standards Institution

CEN (previously CR): Comite European De Normalisation Report European minor standard published by CEN (Comite European De Normalisation)

PAS: Publicly Available Specification UK minor standard published by BSI (British Standards Institution)

PD: Published Document  UK minor standard published by BSI (British Standards Institution)

What is Customer Service Excellence (Charter Mark) Awards Scheme?
Customer Service Excellence'[On-site assessment by Cabinet Office] Customer service award for public sector. Based on customer perception of service quality. Supersedes 'Charter Mark'.

What is EFQM?
EFQM Excellence Model [On-site assessment by EFQM (formerly the European Foundation for Quality Management)] Quality award for medium/large companies (mediumweight 'Business Excellence' model). EFQM licenses external facilitators (trainers & advisers) to assist in implementation.

What is GLP?
Good Laboratory Practice [On-site assessment by Medicines & Healthcare products Regulatory Agency (MHRA)] Quality Management award for laboratories. Confidence in data, not interested in the science.

What is iAuditor?
Auditing Software [Produced in Australia by Safety Culture] Smartphone app and PC browser software for Quality, Health, Safety & Environmental auditing. Useful for co-ordinating (geographically) distributed auditors in multi-site companies & Certification Bodies (eg Alcumus ISOQAR). Free for 10 users (slightly restricted functionality), Premium version 10$ per month per user.

What is Investors In Excellence (IIE)?
Investors In Excellence [Mentoring & on-site assessment by Midlands Excellence] Quality award for small/medium companies (lightweight 'Business Excellence' model). No connection with Investors In People.

What is ISO 9001 (formerly BS 5750)? (updated 30 September 2015, amended February 2024)

Quality Management System [On-site assessment by most Certification Bodies] Being well organised to ensure your customer receives the product/ service they purchased. A more descriptive title would be 'Business Management System' or even 'Logistics'. Sector-specific applications of ISO 9001 include Medical Devices (ISO 13485) & Software Engineering (ISO/IEC 9003). Amendment (2024): Climate action changes "The organization shall determine whether climate change is a relevant issue. Relevant interested parties can have requirements related to climate change"

What is ISO 13485?
Medical Devices Quality Management System [On-site assessment by most Certification Bodies] Quality Management System (based on ISO 9001) for manufacturers of medical equipment, not pharmaceuticals.

What is ISO 14001?
See 3) Environmental

What is ISO 14064/14065 (Carbon Footprint)?
What is ISO 20000?
See 6) Security/ IT

What is ISO 22301 (BS 25999)?

What is ISO 26000?
Social Responsibility [some Certification Bodies offer Performance Assessment] Voluntary guidance on human rights, labour practices, environment, fair operating practices, consumer issues, community involvement & development. Understanding ISO 26000 (BIP 2215) provides guidance notes.

What is ISO 27001?

What is ISO 27500?
Principles for a Human-Centred Organisation [Code of practice] Describes seven high-level, human-centred principles for board members in order to optimize performance, minimize risks to organizations and individuals, maximize well-being in the organization, and enhance relationships with customers.

What is ISO 3103 (BS 6008)?

What is ISO 31000?
Risk Management [Code of practice, not intended for assessment] Manage business risks that could impair company performance.

What is ISO 37001 (BS 10500)?

What is ISO 3834?

What is ISO 44001? (2017, amended February 2024)
Management of Collaborative Relationships [On-site assessment by major Certification Bodies] Maintaining mutually beneficial relationships with suppliers, customers, partners & internal departments. Amendment (2024): Climate action changes

What is ISO 45001 (OHSAS 18001)?
See 5) Safety/ Ethics

What is ISO 50001?

What is Legal Aid Franchise?
Legal Aid work [On-site assessment by Legal Services Commission] Quality requirement for solicitors whose fees are state subsided.

What is PAS 99? (updated 4 October 2012)
Integrated Management System [On-site assessment by BSI] 'Publicly Available Specification' - Framework to integrate other management systems (typically ISO 9001/14001/27001/OHSAS 18001). May save time on internal & external audits.

What is Six Sigma?
Lean Six Sigma [Assessment, not of the company, but of projects submitted by a facilitator to a Certification Body] Quality initiative for large companies (heavyweight 'Business Excellence' model). Internal/external facilitators are certified (Yellow Belt up to Master Black Belt) through assessed projects.

What is UKAS?
United Kingdom Accreditation Service is appointed as the sole national accreditation body in the UK by the European Commission (statutory instrument No 3155/2009) and identified by IAF (International Accreditation Forum). An Accreditation Body assesses/endorses the Certification Body, which audits & certifies your company to a standard eg ISO 9001. Many companies (eg MoD) only recognise a UK Certification Body (eg BM TRADA, BSI, ISOQAR, Intertek, Lloyd's Register) that is UKAS accredited.

Contractor/ Utilities Certification (construction, maintenance & welding)

What is Acclaim Accreditation? {SSIP Forum Member}
Acclaim Accreditation [Acclaim is included in Constructionline Bronze, Silver, Gold and Platinum memberships - Acclaim Accreditation cannot be purchased as a standalone product] Acclaim Accreditation is a Health & Safety award.

What is Achilles BuildingConfidence?
BuildingConfidence [On-Site assessment by Achilles Information] Quality, Health, Safety & Environmental award for principal/ major construction contractors. Achilles BuildingConfidence is less detailed than Achilles UVDB Verify.

What is Achilles FPAL?
First Point Assessment [Assessment by Achilles Information] Quality, Health, Safety & Environmental, Competence & Training award for oil & gas contractors. Companies cannot fail assessment, instead they receive a score (average company score: 8.0). Achilles FPALVerify involves site assessment.

What is Achilles RISQS (formerly Achilles Link-Up)?
Rail Industry Supplier Qualification Scheme  [Assessment by Achilles Information] Financial, Quality, Health, Safety & Environmental award
for transport (mainly rail) contractors. RISQS is normally achieved by document submission although some "product codes" (eg trackside working) involve site assessment.

What is Achilles UVDB?
Utilities Vendor DataBase [Assessment by Alcumus] Quality, Corporate & Social Responsibility, Health, Safety & Environmental award for utilities contractors. Companies cannot fail assessment, instead they receive a score (85% is adequate for most purposes). Achilles UVDB is achieved by document submission, Achilles UVDB Verify involves site assessment. Achilles Audit Specification

What is Avetta (formerly PICS)?
Supplier Qualification Scheme [Assessment by Avetta] Health & Safety award for construction/maintenance contractors. Avetta is achieved by submission of documentation & references.

What is Builder's Profile?
Supplier Qualification Scheme [Assessment by Constructionline] Database of approved construction/maintenance contractors. Builder's Profile is achieved by submission of documentation & references.

What is BIM Certification? (Legal requirement from Apr 2016)
Building Information Modelling [BRE BIM Level 2 Business Systems Certification Assessment by BRE Global] Information management (to PAS 1192-2) and Construction Prequalification Questionnaires (to PAS 91). From April this year, all centrally procured government projects of any size will have to be carried out using building information modelling (BIM) to level 2.

What is BS 5975?
Temporary works procedures & permissible stress design of falsework [Code of Practice] Recommendations for temporary structures (falsework eg access scaffolding, shoring, excavation support, crane platforms) on building sites, for example appointing a TWC (Temporary Works Coordinator). BS 5975 is not a legal requirement, but the Principal Contractor needs to demonstrate temporary works are properly managed.

What is BS EN 1090 (CE Mark)?
Execution of steel structures & aluminium structures [On-site assessment by a Notified Body] Quality & Technical management system (based on ISO 9001, with additional emphasis on fabrication/ welding quality). EU Construction Products Regulation requires this 'harmonised' technical specification for designers/fabricators/installers of structural stainless/steel/aluminium. Overview of BS/ EN/ ISO standards for fusion welding

  • BS EN 1090-1 Defines CE Mark documentation - updated 2011
  • BS EN 1090-2 Fabrication of hot rolled structural steelwork (steel columns, beams & hollow sections) - updated June 2018
  • BS EN 1090-3 Fabrication of hot rolled structural aluminium (aluminium columns, beams & hollow sections) - updated April 2019

  • BS EN 1090-4 Fabrication of cold-formed structural steelwork (thin gauge steel roof, ceiling, wall & floor profiles) - published December 2018
  • BS EN 1090-5 Fabrication of cold-formed structural aluminium (thin gauge aluminium roof, ceiling, wall & floor sheets) - published March 2017

What is CCNSG Safety Passport?
Client/Contractor National Safety Group Safety Passport [Administerd by
ECITB (Engineering Construction Industry Training Board)] Reputable Health & Safety training not for a company, but for a person involved in construction/maintenance. CCNSG Safety Passport comprises: National Course (mandatory, 2 days), Renewal Course (1 day), Supervising Safety Course (1 day).

What is CHAS?
{SSIP Forum Member}

Contractors Health & Safety Scheme [Assessment by a Merton Council] Health & Safety award for construction/maintenance contractors. CHAS is achieved by document submission. CHAS requires annual renewal.

What is Considerate Constructors (CCS)?
Considerate Constructors Scheme [On-site assessment by a Considerate Construction Scheme Monitor] Award "to improve the image of construction" (Site appearance, Community/Environmental impact, Workforce safety/wellbeing). CCSS requires annual renewal.

What is Construction Products Regulations (CPR)/Construction Products Directive (CPD)?
Construction Products Regulations [Product assessment (CE Mark) by a Notified Body] From July 2014, building products sold within the European Economic Area need to be assessed to their 'harmonised' technical specification (recognised by manufacturers of similar product). Although the product receives a CE Mark, the assessment process for building products differs; CPR is based on a quality audit of the design/manufacturing process rather than product testing. CPR normally involves site assessment.

What is Constructionline?
{SSIP Forum Member}

Construction companies' on-line assessment [Assessment by Acclaim (for H&S) and Constructionline (for other modules) - Bronze, Silver, Gold and Platinum memberships)]. Certificate states "Certifies the company meets pre-qualification requirements appropriate to public & private sector procurement". For construction/maintenance companies. Bronze includes modules: Acclaim SSIP, Work, Identity, Financial & Insurance. Constructionline is achieved by data submission. Acclaim Accreditation included.

What is Contractor Plus?
ContractorPlus [Assessment by Lambert Smith Hampton, Safety Management & Monitoring Services] Health & Safety award for building contractors. ContractorPlus is inexpensive & is achieved by on-line document submission.

Construction Skills Certification Scheme [Administered by CITB (Construction Industries Training Board)] Health, Safety & Environmental test (& technical requirement) not for a company, but for a person involved in construction/ maintenance. JIB (Joint Industry Board) is a corporate membership discount on multiple CSCS Cards. The Health, Safety & Environmental element for all CSCS Cards is achieved by sitting a £50 multiple-choice test at a CSCS accredited testing centre.
CSCS Cards are colour coded:
[CSCS Yellow Card ('Visitor' to construction sites) - no longer available]
CSCS Green Card ('Labourer' - previously 'Construction Site Operative') requires a NVQ Level 1 health & safety qualification (eg one day IOSH Working Safely)
CSCS Red Card (Several versions eg 'Experienced Worker' or 'Manager') is issued temporarily while NVQ is achieved
CSCS Blue Card ('Skilled Worker')
issued temporarily, requires a NVQ Level 2 craft qualification or craft evidence (qualification/ experience)

CSCS Gold Card ('Advanced Craft/Supervisory' eg electrician) requires a NVQ Level 3 craft qualification or craft evidence (qualification/ experience)

CSCS Black Card ('Manager') requires a NVQ Level 4 construction management qualification
CSCS White Card ('Academically Qualified' or 'Professionally Qualified' - previously 'Construction Related Occupation') requires an HNC construction related qualification/membership.

CSCS affiliated
schemes (technical requirement for CSCS Blue/Gold Card) include:
ACE      Assurance in Competence in Engineering Construction
CCDO   Certificate of Competence of Demolition Operatives
CISRS   Construction Industry Scaffolders Record Scheme
CPCS    Construction Plant Competence Scheme
ECS      Electrotechnical Certification Scheme [NVQ Level 3]
EUSR    Energy & Utility Skills Register [One day training course]
IPAF     International Powered Access Federation
SPA Core Day certificate holders are exempt from the CSCS Health, Safety & Environment Test (touch screen).

What is DGSA/ADR? (Legal requirement)
Dangerous Goods Safety Adviser [Accord européen relatif au transport international des marchandises Dangereuses par Route] Required for businesses that regularly transport dangerous goods. Certified DGSA (Dangerous Goods Safety Adviser) advises on compliance.

What is DVSA/VOSA? (Legal requirement)
Driver & Vehicle Standards Agency  previously VOSA (Vehicle & Operator Services Agency) [Goods Vehicle Operator's Licence] Health, Safety & Environmental requirement for vehicles (weighing over 1,525kg unladen or 3,500kg laden) and trailers (over 1,020kg unladen, with powered brakes). Specification for operating centre, driver training, tachograph, vehicle operation & maintenance.

What is ESM?
Electrical Safety Management Certified Contractors Assessment [On-site assessment of office systems (not site work) by Lloyd's Register] Quality, Health, Safety & Environmental requirements for electricity distribution infrastructure contractors employed by Western Power Distribution (originally Central Networks).

What is Exor? {SSIP Forum Member}
Exor [Assessment by Alcumus Group] Pre-Qualification database. Health & Safety, Financial Stability, Equal Opportunities, Environment, Quality award for construction/maintenance contractors. Exor is achieved by document submission.

What is FORS?
Fleet Operator Recognition Scheme [On-site assessment by a FORS Auditor] management/ vehicle/ driver & operations assessment of lawfulness, safety, fuel efficiency & emissions.

What is GIRS?
Gas Industry Registration Scheme [On-site assessment by Lloyd's Register] Technical, Quality, Health, Safety & Environmental requirements for gas distribution infrastructure contractors. GIRS Audit Specification refers to technical standards published by IGEM (Institution of Gas Engineers & Managers).

What is HAE SafeHire?
Hire Association Europe SafeHire  [On-site assessment by Hire Association Europe] Quality, Health, Safety & Environmental award for equipment hire & rental companies. Annual inspection of premises & 3 yearly audit of management systems. Linked with CHAS (Contractors Health & Safety Scheme).

What is HERS?
Highway Electrical Registration Scheme [On-site assessment by HEA (Highway Electrical Association)] Quality requirement for roadside electrical contractors. Specification defined in HERS Handbook (refers to ISO 9001, NHSS 8 and some NERS requirements). Company registers trained Authorising Officer, Qualified Supervisor and Operatives possessing ECS HERS certificates (cards).

What is Human Focus?
Human Focus [Competence verification database held by Safety Online] an on-line record of personal Health, Safety & Technical compliance training/ qualifications. Site operative carries a plastic card which displays the web address of scanned copies of all his training certificates. The database is accredited by RoSPA (The Royal Society for the Prevention of Accidents). Human Focus also offers on-line health & safety training.

What is ISO 3834?
Quality Requirements for Fusion Welding of Metallic Materials (in 6 parts) [On-site assessment by some Certification Bodies] Welding quality guidelines (quality aspects specific to welding, additional to the requirements of ISO 9001) for fabricators of stainless/steel/aluminium. ISO 3834 has been largely superseded by the more technical (and legally binding) requirements of fabrication detailed in BS EN 1090.

What is MURS?
Multi-Utilities Recognition Status [Assessment by Lloyd's Register] Contractors who hold NERS, GIRS & WIRS automatically receive MURS (free of charge).

What is NANDO?

NANDO (New Approach Notified & Designated Organisations) is appointed by the European Commission to identify Accreditation Bodies (UKAS for the UK) & Notified Bodies (which accredit steelwork contractors to BS EN 1090)

What is NCCB?
National Core Competence Benchmark [database held by NCCB] A web based database of recognised Health & Safety related training courses. The database ranks the content of each course against NQF (National Qualificaions Framework) eg Level 2 equates to GCSE, Level 6 equates to a Bachelors Degree. NCCB is approved by RoSPA (Royal Society for the Prevention of Accidents).

What are NEBOSH & IOSH qualifications?
National Examining Board in Occupational Safety & Health [recognised by Institution of Occupational Safety & Health (IOSH)] Health, Safety (& some Environmental) qualification not for a company, but for a person:

  • IOSH (1 day, Introduction) eg Working Safely/ Leading Safely / Managing Safely
  • NEBOSH Award (3 days, for Team Leaders) eg NEBOSH Health & Safety at Work
  • NEBOSH General Certificate (150 hours, for Supervisors) eg NEBOSH General Certificate in Occupational Health & Safety
  • University Post Graduate Certificate (225 hours, for Graduates) eg PgCert in Environmental, Health & Safety Management
  • NEBOSH Diploma (500 hours, for Chartered Members of IOSH) eg NEBOSH National Diploma in Occupational Health and Safety.

What is NERS?
National Electricity Registration Scheme [On-site assessment by Lloyd's Register] Technical, Quality, Health, Safety & Environmental requirements for electricity distribution infrastructure contractors. NERS Audit Specification

What is NHSS?

National Highways Sector Scheme [On-site assessment by Certification Body (LRQA or SCCS)] Quality requirement for roadside steelwork contractors Encompasses all of ISO 9001 & BS EN 1090:

  • NHSS 3 - Stocking & Distribution Activities for Mechanical Fasteners
  • NHSS 3B - Stocking & Distribution Activities for Structural Steel Products
  • NHSS 8 - Highway Electrical Equipment & Supporting Works
  • NHSS 19A - Corrosion Protection of Ferrous Materials by Industrial Coatings
  • NHSS 20 - Steelwork in Transportation Infrastructure Assets Requires BCSA Level 3 Bolting Coordinator, qualified Responsible Welding Coordinator & Level 2 NDT Weld Inspectors.

What is NICEIC?

National Inspection Council For Electrical Installation Contracting [On-site assessment by NICEIC] Technical requirement (up to 1kV) for Electrical Contractors . The company registers a Supervisor, who needs to hold NVQ Level 3 City & Guilds (2394 Installation, 2395 Testing & Inspection & 2382 BS7671 17th Edition).

What is NSSS (Blue Book)?
National Structural Steelwork Specification for Building Construction (5th Edition CE Marking Version) [Published by BCSA (British Constructional Steelworks Association)] Technical guidelines for fabricators/installers of structural stainless/steel/aluminium. NSSS has been superseded by the legally binding requirements of BS EN 1090.

What is PAS 55?
Pre-qualification criteria in the construction industry [On-site assessment by Lloyd's Register] 'Publicly Available Specification' - Good practice for construction procurement managers issuing tenders.

What is PAS 91?
Asset Management [On-site assessment by some Certification Bodies] 'Publicly Available Specification' - Whole-life management system for physical assets (eg buildings).

What is Reset?
Reset [Competence verification database held by Reset] an on-line record of personal Health, Safety & Technical compliance training/ qualifications. Site operative carries a plastic card which displays the web address of scanned copies of all his training certificates. Some hospitals require contractors to carry a Reset Card.

What is SafeContractor?
{SSIP Forum Member}
Safe Contractor [Assessment by Alcumus Group, previously Santia Consulting] Health & Safety award for construction/maintenance contractors. SafeContractor is achieved by document submission. SafeContractorplus has additional requirements for Environment, Quality, Equality & Diversity.

What is SCI NHBC LSF (Light Steel Frame) System?
Light Steel Frame System [Assessment to NHBC Standards by SCI (Steel Construction Institute)] Technical award for the manual/ software supplied to designers of LSF (Light Steel Frame) System to avoid Structural Engineers working from first principles for every application. Scope comprises durability, strength, fire, condensation & cladding. Light Steel Frame System is achieved by document submission.

What is SDR PQQ?
Skills Development Recognition Pre-Qualification Questionnaire [Assessment by IceBlue Marketing & Design] Quality, Health, Safety & Environmental award for construction contractors in the Midlands. Skills Development Recognition is achieved by document submission.

What is SMAS Worksafe? {SSIP Forum Member}
Safety Management Advisory Services Worksafe [Assessment by SMAS] Health & Safety award for construction/maintenance contractors. SMAS is achieved by document submission.

What are SMSTS/ SSSTS qualifications?
Site Management Safety Training Scheme (5 day course)/ Site Supervisors' Safety Training Scheme (2 day course) [Administered by CITB (Construction Industries Training Board) Site Safety Plus (training division)] Well-regarded Health, Safety, Welfare & Environmental qualification not for a company, but for a person managing a construction site. Qualification is valid for 5 years.

What is SPA?
Safety Pass Alliance [Training & testing by an SPA approved training provider] Health & Safety training not for a company, but for a person involved in construction/maintenance/operation. SPA Passport comprises: Core Day (mandatory, 1 day), followed by a choice of 17 'sector specific' courses (1 day) eg Quarries, Food & Drink (not to be confused with Level 2 (Basic) Food Hygiene), Petrol Retail, Supervisor. SPA Core Day certificate holders are exempt from the CSCS Health, Safety & Environment Test (touch screen).

What is SSIP?
Safety Schemes in Procurement  [Recognition of Health & Safety Scheme Assessment Bodies by NHBC Services (Division of National House Building Council)] Registered SSIP Members comprise Assessment/Certification Bodies who agree to recognise the certifications awarded by each other's construction pre-qualification Health & Safety schemes. Eg OHSAS 18001/ISO 45001 certification satisfies all the H&S requirements for CHAS & SMAS. SSIP do not charge a fee, however
Assessment/Certification Bodies (SSIP Members) may charge an audit fee (£150).
SSIP Audit Specification

What are the Welding Standards?
Technical, Quality, Health & Safety standards for welding are listed in Overview of BS/ EN/ ISO standards for fusion welding

What is WIMES?
Water Industry Mechanical & Electrical Specifications [Code of practice (specifications) published on-line by] Pump Centre membership allows accces to technical documentation recognised by majority of Water Utility companies.

What is WIRS?
Water Industry Registration Scheme [On-site assessment by Lloyd's Register] Technical, Quality, Health, Safety & Environmental requirements for water distribution infrastructure contractors laying water mains & services.

What is WIRSAE?
Water Industry Registration Scheme - Accredited Entity [On-site assessment by Lloyd's Register] Technical, Quality, Health, Safety & Environmental requirements for water distribution retail contractors installing water meters & carrying out disconnections.

Environmental Certification (greenhouse gas, sustainability)
What is ASTM D6400/D6868?
American Society for Testing & Materials International [Laboratory test]:
  • D6400 Organic recovery (aerobic) of plastic
  • D6868 Organic recovery (aerobic) of plastic/polymer laminated paper
Material is composted industrially (aerobic) for 12 weeks. To pass, the material is required to have reduced into a residue that has:
a) Biodegraded - Either 95% biobased before composting, or after composting decomposed into 90% CO₂;
b) Composted - Decomposed into a mulch, nutritious for 90% plant growth, plus Heavy Metal/Fluorine content within US standards;
c) Disintegrated - Decomposed into 90% 2mm fragments, aids plant feed & incineration.

What is BES 6001?
Building Research Establishment Environmental & Sustainability Standard [On-site assessment by BRE & other Certification Bodies] Environmental management of supply chain for construction products.

What is Bio . . .?
Biodegradable: Plant/animal matter that disintegrates under industrial conditions (by bacteria/fungi) into a fuel source
(Degradable Where large molecules eventually degrade into smaller molecules (no organisms involved))
(Oxodegradable Plastics: Pro-Oxydantia (transition metals) added, but insufficient biodegration (not certified EN 13432) only "Fragmentable")
Biogas: Produced by the breakdown of waste organic matter in the absence of oxygen (then burn for heat/electricity)
Biomass: Recently-dead plant & animal matter used as fuel
Bioplastics: Sourced from non-fossil fuels and can be based on sustainable crops.

What is BS 8555? (updated 2016)
Environmental Management System [On-site assessment by some Certification Bodies] Controlling activities that affect the environment eg resource consumption and waste disposal. BS 8555 is designed for small & medium sized enterprises, where implementation is in 5 phased stages. Level 5 is equivalent to ISO 14001 (Environmental Management System), BS 8555 certification is supplied at all 5 levels.

What is BS EN 13432?
Organic recovery (anaerobic) of animal/plant based packaging [Laboratory test] Material is composted industrially (aerobic &/or anaerobic test is acceptable) for 2-6 months (optimum temperature of 35-60°C). To pass, the material is required to have reduced into a residue that has:
a) Biodegraded - Decomposed into a mainly combustable substance ie a fuel source;
b) Composted - Decomposed into a mulch, nutritious for plant growth;
c) Disintegrated - Decomposed into small (approx 2mm) fragments, aids plant feed & incineration.

What is Carbon Footprint?
Report of annual GHG (greenhouse gas) emissions. GHG include the CO₂ warming equivalent of other gases (Methane, Nitrous Oxide, HFCs, PFC, SF6). (Net) Carbon Zero Certification is achievable through offsetting unavoidable emissions. Guidance on how to calculate Greenhouse gas emission calculation is detailed in:
i) publishes useful data (conversion factors) for calculating Carbon Footprint
ii) BS EN ISO 14064 Quantification & reporting of greenhouse gas emissions (Calculate greenhouse gas inventory)
iii) BS EN ISO 14065 Greenhouse gas validation & verification bodies (Independent verification)
iv) PAS 2050 Specification for the assessment of life cycle greenhouse gas emissions of goods & services
v) PAS 2060 Demonstration of Carbon Neutrality (achieve net zero via GHG quantification, reduction & offsetting)

What is Carbon Reduce (Formerly CEMARS)?
Greenhouse Gas Certification (formerly CEMARS Certified Emissions Measurement & Reduction Scheme [On-site assessment by Achilles/Toitū Envirocare] Verification that the company's reporting of their greenhouse gas emissions is accurate & complies with ISO 14064.

What is CEDREC?
Comprehensive European Directory of Regulation on the Environment with Commentary [Legislation (explanations) published on-line by] Monthly bulletins on changes to Health, Safety or Environmental legislation. £800/year per category.

What is Climate Change Act 2008?
Carbon Reduction Commitment [Government target] UK commitment to an 80% cut in emissions of six greenhouse gases by 2050.

What is Compostable?          
A material which will breakdown under specific composting conditions to produce a nutrient rich compost:
  • Composting - Home: Waste is Shredded; EN 13432 plus biodegrades in soil at ambient temperature (90% in 2 years at 20-30°C)
  • Composting - Open Windrow: Waste is Shredded; Turned (for oxygen, moisture, heat) for 2 months; Screened (remove plastics)
  • Composting - Industrial IVC: In-Vessel Composting. Temperature around 60°C
  • Composting - Industrial AD: Anaerobic Digestion (no fungi). Animal & food waste only, produces Biogas

What are Conflict Free Minerals?
Conflict Resources are extracted within a war zone to finance rebel forces.  USA declares conflict minerals as tantalum, tin, tungsten & gold from Democratic Republic of Congo. UN Security Council defines blood diamonds as diamonds from the Ivory Coast. Companies are increasingly required to question their supply chains to ensure ethically sourced materials. Nothing in common with Rare Earth Elements.

What was CRC Energy Efficiency Scheme? (Launched 2010, discontinued 2019)
Carbon Reduction Commitment [Self certification, backed up by spot audits] Mandatory reporting & legally binding carbon capping for large organisations (consume 6,000 MWh of electricity/ year, half hourly metered). Companies that failed to meet their carbon budgets were fined. Discontinued, replaced by ESOS, SECR.

What is EN 16785?         
Biomass. Laboratory analysis of bio-based content (plant & animal matter) in a product.

What is ESOS Energy Compliance? (Updated 14/4/2022)
Energy Savings Opportunity Scheme [Assessment by Lead Assessor (member of approved professional body register), alternatively via ISO 50001 certification (see below)] Mandatory reporting to Environment Agency of energy consumption for large organisations - defined as either of the following:
  • No. of employees 250
  • Turnover £44m & a Balance Sheet Total (ie gross balance) £38m
Report every 4 years:
  1. Compliance Period - Year including 31/12/14, report by 5/12/15
  2. Compliance Period - Year including 31/12/18, report by 5/12/19
  3. Compliance Period - Year including 31/12/22, report by 5/12/23
  4. Compliance Period - Year including 31/12/26, report by 5/12/27 (TBC)
Also, See SECR (reporting of Green House Gas (GHG) emissions).

What is FSC?
Forest Stewardship Council [On-site assessment by Exova BM Trada & other Certification Bodies] International certification to identify that a manufacturer's wood & paper is procured from well managed forests &/or recycled materials. Categories: FSC 100% Controlled (all legally & sustainably logged), FSC Recycled (all reclaimed wood), FSC Mix (min 70% Recycled & Controlled Wood).

What are GPP/ PPG?
Guidance for Pollution Prevention [Regulatory Guidance (not endorsed by England Environment Agency)] Replaces PPG (Pollution Prevention Guidelines).

What is Green Achiever?
Green Achiever [Assessment by E4environment] Inexpensive Environmental Management Scheme
Self Assessed achieved through document submission
Silver involves on-site surveillance
Gold requires reduction (off-setting) carbon emissions & involves on-site assessment.

What is ISO 14001? (updated 15 September 2015)
Environmental Management System [On-site assessment by most Certification Bodies] Controlling activities that affect the environment eg resource consumption and waste disposal. The baseline is legal compliance.

What is ISO 2400/BS 8903? (updated 2017)
Sustainable Procurement Guidance [Guidance document] How to influence suppliers to use renewable resources. Formerly BS 8903 Principles and Framework for Procuring Sustainably.

What is ISO 14064-1?
Carbon Footprint Verification (CFV) [Verification by some Certification Bodies eg Achilles Carbon Reduce] Independent verification of Greenhouse Gas (GHG) emissions.

What is ISO 50001? (updated 22 August 2018)
Energy Management System (EnMS) [On-site assessment by some Certification Bodies] Demonstrates baseline of energy use & continuous improvement of energy intensity; with the aim of reducing energy cost & hence Green House Gas (GHG) emissions. Competence of internal Energy Manager is critical. Satisfies requirement for independent ESOS reporting.

What is ISPM15?
International Standard for Phytosanitary Measures No.15 [6 monthly, on-site assessment by an Assessment Agency on behalf of UKWPMMP (United Kingdom Wood Packaging Material Marking Programme)] Standard developed by IPPC (International Plant Protection Convention) for the treatment of wooden packaging to help prevent the spread of pests (eg beetles). ISPM15 is a legal requirement for all wood packaging material moving between UK and the EU.

What is OK Compost Home/Industrial?
Organic recovery of packaging [Laboratory testing by TUV Austria (previously Vincotte)] Testing of packaging to BS EN 13432 to establish whether or not the material biodegrades, composts & disentegrates.
OK Compost HOME - Testing to BS EN 13432, but carried out at a lower (ambient) temperature (20-30°C)
OK Compost or OK Compost INDUSTRIAL - Testing to BS EN 13432.

What is organic?
Originally defined as the chemistry of carbon based substances. Organic has developed a second meaning eg Soil Association defines organic as:
  • Fewer pesticides
  • No artificial colours & preservatives
  • Free range
  • No routine use of antibiotics
  • No GM ingredients

What is PAS 100?
Compost 'Publicly Available Specification' - industry standard for composts.
What is PAS 2050?
Carbon Footprint 'Publicly Available Specification' - a method for assessing the life cycle greenhouse gas (GHG) emissions of goods and services, Cradle-to Gate (raw material extraction to factory gate).
PAS 2050: Generally applicable to a wide range of goods & services
PAS 2050-1:Supplement for horticultural (greenhouse grown) products
PAS 2050-2: Supplement for seafood & other aquatic food products

What is PAS 2060?
Carbon Net Zero [Verification by some Certification Bodies] 'Publicly Available Specification' - a method for demonstrating carbon neutrality.

What is PEFC?
Programme for the Endorsement of Forest Certification [Not a certification body] PEFC endorses national forestry sustainability certification schemes, for example the UK Woodland Assurance Standard & Sustainable Forest Initiative Standard. A less rigorous alternative to FSC (Forest Stewardship Council).

What are Rare Earth Elements/ Metals/ Oxides?
15 metallic chemical elements with atomic numbers 57–71, from lanthanum tolutetium. Not rare but difficult to separate from each other. Diverse applications including catalysts & permanent magnets. Nothing in common with Conflict Free Minerals.

What is Reuse, Repurpose, Recycle, Recyclable, Renewable?
Reuse: Use a product more than once (for the same function)
Repurpose: Use a product more than once (for a different function)
Recycle: Used products and/or materials remade back into other useful products (composting is not a form of recycling)
Recyclable: Economically viable to recycle (volume, quality & price)
Renewable: A natural resource or source of energy (wind, water, solar) which can be continuously renewed.      

What is SECR Energy Compliance? (Updated 29/3/2019)
Streamlined Energy & Carbon Report Regulations [UK's version of European energy efficiency directive]
The Companies (Directors’ Report) and Limited Liability Partnerships (Energy and Carbon Report) Regulations
Mandatory disclosure in annual Directors' Report of Scope 1 & 2 greenhouse gas emissions for large organisations - defined as two of the following
  • No. of employees 250
  • Turnover £36m  
  • Balance Sheet Assets (ie gross balance) £18m
Large organisations consuming less than 40,000kWh per annum, merely have to state this in their Directors' Report.
See ESOS (reporting of energy consumption).

What is Supply Chain Sustainability School?
Library of sustainability training resources [] Free training (Sustainability, Digital, FIR, Lean Construction, Management, Offsite, People and Procurement) for the construction industry. Recognised by some Principal Contractors for Pre-Qualification Questionnaires.

What is SFI Standard?
Sustainable Forest Initiative Standards [On-site assessment by some Certification Bodies] North American certification including Forest Management, Fibre Sourcing, Chain of Custody & On-Product Labels.

What is Sustainable?
A product or process which does not erode the natural, social and economic support systems upon which it relies.  

What is TUV?
Accreditation Body. Accredits Certification Bodies eg OK Compost, DIN Certco. Issues a "TUV Seedling" logo.

Food & Feed Safety Certification

What is BRCGS? (Previously BRC)
Brand Recognition & Compliance (previously British Retail Consortium) Global Standards [On-site assessment by some Certification Bodies, accredited by BRCGS, satisfies GFSI (Global Food Safety Initiative).] Food quality & safety certification, owned by the LGC Group (previously British Retail Consortium). BRCGS comprise:
  • Food Safety - Companies with on-site food processing or packing
    Additional Modules (scopes): Global GAP, Meat Supply, European Coeliac (gluten-free), Modernization (USA), Culture Excellence
  • Consumer Products - Manufacturers of non food products
    either General Merchandise or Personal Care & Household (either Foundation Level or Higher Level)
    Additional Modules (scopes): Factored Products, Moulded Accessories, Repacked Products
  • Storage & Distribution - Wholesalers of food & non food product
    Additional Modules (scopes): W
    holesale, Contract (ie sub-contract), Vehicle, Repacking
  • Packaging Materials - Manufacturers of primary & secondary packaging
    Additional Modules (scopes): Traded Goods, Environmental Awareness, Audit One
  • Retail - Companies who buy & sell food or food packaging
  • Agents & Brokers - Companies who buy, sell or facilitate the trade of food or food packaging
  • Gluten-Free Certificate Programme - Companies who manufacture, process or pack gluten-free products
  • Plant-Based - Framework for production of plant-based food
  • Ethical Trade & Responsible Sourcing - Framework for evaluating suppliers
  • START! - Framework for food safety in small sites.
What is Codex Alimentarius?
Food & Feed Safety Standards [] Food/feed quality & safety documentation comprising:
  • Standards/ Maximum Residue Levels (MRLs): Specifications for individual foods eg allowable max water content in honey
  • Guidelines/Codes of Practice: Specifications for food in general eg allowable nutrition & health claims

What is EU 10/2011?
Commission Regulation on plastic materials & articles intended to come into contact with food [European Union legislation] Technical specification for laboratory migration testing of plastic (leaching into food), to ensure plastic packaging is safe in contact with food.

What is FSSC 2000?
See - What is ISO 22000 (FSSC 2000, ISO/TS 22002)?

What is GFSI?
Global Food Safety Initiative [Recognition ("accreditation") of food & packaging safety certifications] GFSI Guidance Document  specifies benchmarking model (it is not itself a food safety standard). Recognised CPOs (food safety Certification Programme Owners) includes BRCGS, (but not BRCGS Consumer Products), FSSC 22000 (but not ISO 22000), IFS Food and SQF.

What is HACCP?
Hazard Analysis and Critical Control Points (HACCP) is a Risk Assessment applied in the food industry to identify potential food safety hazards, so that key actions (Control Points) can be taken to prevent food poisoning. Control Points are early opportunities to control a food safety hazard, a Critical Control Point is the last (therefore essential) chance to control contamination prior to consumption. HACCP was devised by NASA for the manufacture of food for astronauts.

What is HARA?
Hazard And Risk Analysis (HARA) is a little used term (Food Industry). Implies more than Risk Assessment (eg adds communication of the risk management).

What is HARPC?
Hazard Analysis and Risk-Based Preventive Controls (HARPC) [Requirement of FDA (US Food & Drug Admistration)] A food industry Risk Assessment comprising Hazard Analysis and Critical Control Points (HACCP) plus planning against acts of terrorism, intentional adulteration & food fraud.

What is IFS?
International Featured Standards (Previously International Food Standards) [On-site assessment by some Certification Bodies, accredited by IFS, satisfies GFSI (Global Food Safety Initiative)] Food quality & safety certification. Global Markets version of standards are, confusingly, simplified standards for "small businesses". IFS is less prescriptive (less wordy, more risk based) than BRCGS. IFS Standards comprise:
  • Food - Process food, or pack loose food
  • Logistics - Transport of food & non-food products
  • Cash & Carry/Wholesale
  • Broker - Trader does not come into direct contact with the product
  • HPC - Household & personal care products
  • PACsecure - Manufacture primary & secondary packaging material (developed jointly with Packaging Association of Canada)

What is ISO 3103 (BS 6008)?
Preparation of Tea [Code of practice (specification)] Method for preparation of a liquor (infusion) of tea, with or without milk.

What is ISO 22000 (FSSC 2200, ISO/TS 22002)?
Food Safety Management System [On-site assessment by some Certification Bodies, accredited by United Kingdom Accreditation Service (UKAS)] Ensures food is safe at the time of consumption.
ISO/TS 22002 defines prerequisite programmes on feed & animal food.
FSSC 22000 (Food Safety System Certification) Additional requirements to satisfy GFSI (Global Food Safety Initiative).

What is PAS 223?
Publicly Available Specification - Prerequisite programmes and design requirements for food safety in the manufacture and provision of food packaging [On-site assessment by some Certification Bodies] Specification for food packaging manufacturers to meet the requirements of prerequisite programmes (PRPs) as specified in ISO 22000 (Food Safety Management System).

What is Prop 65?
Proposition 65 (The Safe Drinking Water and Toxic Enforcement Act 1986) List of substances prohibited in California (USA).

What is SALSA?
Safe & Local Supplier Approval [On-site assessment by Institute of Food Science & Technology (IFST)] Food legal/ quality compliance certification for small food & drink producers (1-50 employees).

What is STS?
Support, Training & Services [On-site assessment by Support, Training & Services  Ltd] Food safety certification for food processors/suppliers to the Public Sector (eg hospitals).

What is SQF?
Safety Quality Food [On-site assessment by BSI (British Standards Institute), satisfies GFSI (Global Food Safety Initiative)] Ensures food is safe at the time of consumption. Less popular certification scheme.

What is UFAS?
Universal Feed Assurance Scheme [On-site assessment by KIWA PAI, accredited by United Kingdom Accreditation Service (UKAS)] Aims to protect animal/human health, by certifying the safety of the feed for food producing animals, based on HACCP principles.

Safety/ Ethics Certification

What is B Corp?
Benefit for All Corporations [On-line Impact Assessment verified by B Lab analyst] BIA Score based on Governance, Workers, Community, Environment & Customers. Verified minimum 80% BIA score required for Certification.

What is CE Marking?
European Conformity [Product assessment by self-certification &/or Notified Body)] Mandatory safety evaluation of 'hazardous' products (including construction products, machinery, medical devices & toys) sold within European Economic Area. Conformity Assessment Procedures classify risk & hence Modules (options) to certify product. Class 1 CE mark is easily attainable, the manufacturer prepares Technical Documentation and Declaration of Conformity. Class 3 CE mark is the most stringent, requiring formal toxicology studies.

What is Clubmark?
Clubmark [On-site assessment by Sport England] Quality, Health & Safety award for sports clubs.

Which Covid-19 (Coronavirus) Cleaning Products?
Effective cleaning agents comprise a Detergent (cleans by dissolving grease) together with an Antiseptic/Disinfectant (kills micro organisms)
I) Hand Hygiene - Detergent (degreaser) + Antiseptic (applied onto your skin to kill micro organisms), in order of efficacy:
i)   Soaps (detergents which dissolve the lipid layer around the virus)
     All soaps are innately antibacterial (antiseptic), “Anti-bacterial” or “Germ shield” are marketing terms
     Liquid soaps are preferable to solid bars, as less likely to be contaminated with micro organisms
ii)  Hand Sanitisers (min 60% alcohol) work in a similar way, inactivating the virus by breaking down the lipid layer
     Liquid/gel sanitisers are ineffective on sweaty, greasy or visibly soiled hands
     Frequent use can cause skin dryness/irritation
iii)  Wipes
transfer insufficient quantity of alcohol to be an effective antiseptic
II) Surface Cleaning Products - Detergent (degreaser) + Disinfectant (applied onto nonliving surfaces to kill micro organisms)
i)  BS EN 14476 - Minimum requirements for virucidal cleaning agent (where viruses, including Covid-19, are known to be present eg hospitals)
ii) BS EN 1276 - Minimum requirements for bactericidal cleaning agent (for bacteria, but also deters viruses eg food businesses)
iii) Domestic cleaners - Detergent (only) kills most micro organisms (adequate for general welfare facilities eg changing rooms)
iv) Bleach (concentrated) - Kills micro organisms but corrodes skin/lungs/eyes, it also lacks detergent, so fails to clean (degrease) surfaces   

What is EcoVadis?
Sustainability [Certification (rating) by EcoVadis] CSR (Corporate & Social Responsibility) score based on Environment, Labour & Hunman Rights, Ethics and Sustainable Procurement. EcoVadis certification is achieved by completing questionnaire (40 pages) with supporting documentation.

What is HSG65?
"Successful Health and Safety Management" (HSG65) is the original guide to health & safety management, first published in 1991 by
HSE (Health & Safety Executive). ISO 45001 has superseded HSG65 because of its compatibility with other ISO standards (ISO 9001 & ISO 14001).

What is Investors In People (IIP)?
Investors In People [On-site assessment by approved training centre] Staff training award. IIP (Bronze, Silver or Gold) is achieved by confidential on-site interviews of employees to establish the organisation's ability to train, develop & motivate staff.

What is IOSH?
Institution of Occupational Safety & Health [Professional body for H&S individuals & Examination board] IOSH membership categories:
Associate (AIOSH), Technical (TIOSH), Graduate (Grad IOSH), Chartered (CMIOSH), Fellow (CFIOSH). IOSH H&S qualifications include:
a) IOSH Leading Safely (4 hours or online) awareness not a qualification so RQF(NVQ) n/a
b) IOSH Working Safely (1 day or online) awareness not a qualification so RQF(NVQ) n/a
c) IOSH Managing Safely (4 days or online) awareness not a qualification so RQF(NVQ) n/a
d) IOSH General Certificate (10 days face to face learning) RQF(NVQ) Level 3
See also NEBOSH (rival examination body).

What is ISO 37001 (BS 10500)?
Anti-Bribery Management System [On-site assessment by most Certification Bodies] Anti-bribery procedures in response to UK Bribery Act.
ISO 37001 has replaced BS 10500.

What is ISO 45001 (OHSAS 18001)? (ISO 45001 published 12 March 2018, OHSAS 18001 expires 30 September 2021) {SSIP Forum Member}
Occupational Health & Safety Assessment Series [On-site assessment by most Certification Bodies] British law is no longer prescriptive, employers are required to 'assess risks' and then enforce 'safe systems of work' for their employees. H&S is an emotive area, but there are benefits:
i) If you think safety is expensive, try having an accident ie human cost, fines, legal costs, FFI (HSE Fee For Intervention);
ii) ISO 45001/OHSAS 18001 certification provides exemption from the H&S element of other certification schemes eg CHAS, Constructionline, SAFE contractor - See 3) Contractor Certification - SSIP.
ISO/IEC 18000 (radio frequency standard) already exists, so the ISO occupational health & safety management system standard replacing OHSAS 18001 is named ISO 45001.
  • BS 45002-0 General guidance on application of ISO 45001
  • BS 45002-1 Guidance on managing occupational health
  • BS 45002-2 Topic-specific guidance on application of ISO 45001
  • BS 45002-3 Guidance on incident investigation

What is ISO 45003?
Psychological Health & Safety Management [On-site assessment by most Certification Bodies] Guidance on protecting psychological health by managing psychosocial risks.

What is NEBOSH?
National Examination Board in Occupational Safety & Health [Examination board] NEBOSH H&S qualifications include:
a) NEBOSH H&S at Work RQF(NVQ) Level 2 (3 days or online)
b) NEBOSH National General Certificate in Occupational Health & Safety (2019) RQF(NVQ) Level 3 (110 hours) - For IOSH Technical Member
c) NEBOSH National Diploma in Occupational Health & Safety RQF(NVQ) Level 6 (500 hours) - For IOSH Chartered Membership
See also IOSH (rival examination body).

What is Oeko-Tex Standard 100?
Oeko-Tex Standard 100 [Laboratory product test & on-site assessment by Oeko-Tex member institute] Laboratory testing for harmful substances of products worn next to skin as well as a 3 yearly on-site audit of Quality Management System. 4 product classes: I) Items for infants, II) Items with prolonged skin contact, III) Textiles without skin contact, IV) Furniture materials.

What is PAS 3002?
Improving Health & Wellbeing [On-site assessment by some Certification Bodies] 'Publicly Available Specification' - Code of Practice based on Diversity/inclusion, Physical/psychological support, Work culture, Job design & People management.

What is QSA (RoSPA)?
Quality Safety Audit [Either self assessment or on-site assessment by RoSPA (The Royal Society for the Prevention of Accidents)] An aid to auditing against the elements listed in HSG65/OHSAS 18001. Companies cannot fail the audit, instead they receive a Health & Safety Performance Rating (maximum level 5). Not to be confused with membership of RoSPA, which is available to all.

What is RIDDOR? (updated 2013)
The Reporting of Injuries, Diseases & Dangerous Occurrences Regulations. Legal requirement to report a Reportable Accident if injured worker is likely to be off work for 7 consecutive days (excluding day of accident); or if a worker is suffering from a Reportable Occupational Disease (condition likely to have been caused/ made worse at work eg carpal tunnel syndrome); Or a Reportable Dangerous Occurrence ('near-miss' eg contact with overhead power lines or a fire causing work to be stopped over 24 hours).
Report within 10 days (Major Accidents report immediately) via:

What is SA8000?
Social Accountability [On-site assessment by SAI (Social Accountability International) approved Certification Body] Management system to assure that human rights are respected both within the company & within it's entire supply chain.

What is Sedex?
Supplier Ethical Data Exchange [On-site assessment using SMETA auditing standard (Sedex Members Ethical Trade Audit), self auditing permitted]
Collaborative auditing/database which monitors Health & safety, Labour Standards, Environmental (optional) & Business Ethics (optional) of international manufacturers.

What is Social Value?
Public Services (Social Value) Act 2013. Requires people who commission public services to think about how they can also secure wider social, economic and environmental benefits. In practice, tenders need to include calculations on metrics such as SROI (Social Return on Investment). The Government's 'Social Value Model' gives vague advice.

What is WRAP?
Worldwide Responsible Accredited Production (USA based) [On-site assessment using WRAP-accredited monitoring organisation] Monitors Health & Safety, Environmental & Labour Standards of international textile (footwear & clothing) manufacturers.

Security/ IT Certification

What is Accredit UK?
IT accreditation [Assessment by National Computer Centre (IT trade association)] Quality award for Information & Communication Technologies (ICT) companies. Accredit UK is achieved for a defined IT specialism by completing a self-assessment workbook followed by site assessment.

What is BS 10012?
See "What is GDPR/ BS10012"  below

What is BS EN 15713 (formerly BS 8470)?
Secure destruction of confidential material [Code of practice, not intended for assessment] Recommendations for disposal of electronic & paper media.

What is CAS(T)?
CESG Assured Service (Telecoms) [On-site assessment by LRQA or KPMG] Information Security accreditation for telecommunications companies supplying public sector organisations working on the PSN (Public Services Network). Based on ISO 27001 (Information Security Management System), with additions defined by CESG (Communications-Electronics Security Group) - the government's national technical authority for IA (Information Assurance) working with the Health Service, law enforcement, local government, & utilities.

What is CESG Business Impact Level?
CESG [Communications-Electronics Security Group] is housed with GCHQ (Government Communications Headquarters) and is the government's national technical authority for Information Assurance (IA) working with the Health Service, law enforcement, local government, & utilities.
CESG Business Impact Level
quantifies the threat to national security resulting from an organisation's potential information loss, Business Impact Level ranges:
from 0 (no impact), to 6 (extreme impact ie widespread loss of life, £10 billion financial loss to business).

What is Cyber Essentials (Plus)?
Cyber Essentials [Online self-assessment issued/verified by IASME consortium on behalf of National Cyber Security Centre (GCHQ)] Checklist of technical controls for office IT equipment, normally completed by the business' IT Manager/IT support contractor, cost £300-£500
Cyber Essentials Plus [Online self-assessment plus remote assessment by an Auditor accredited by IASME consortium on behalf of National Cyber Security Centre (GCHQ)] Self Assessment plus an independent auditor tests your systems to judge level of exposure, cost from £1,400.
National Cyber Security Centre publishes tools for checking IT security, whether or not Cyber Essentials is being implemented:

What is GDPR/BS 10012?
(Legal Requirement from 25/5/2018)
General Data Protection Regulation [EU 2016.679], replicated in Data Protection Act 2018 (UK). Data protection entails procedures for:
a) Data Security (Prevent a security lapse)
b) Citizen's Rights (Care of the implications for the individual)
In practice, all SME (small & medium sized enterprises) need to appoint a Data Controller, publish a Data Protection Policy & map their Data Flows.
Higher risk (of significant data breach) companies require a Data Protection Impact Assessment & should consider:
  • ISO 27001 - Information Security Management System (see below): Satisfies 'Data Security' requirements of GDPR/Data Protection Act
  • BS 10012 - Personal Information Management System: Satisfies 'Citizen's Rights' requirements of GDPR/Data Protection Act
  • ISO/IEC 27701 - Privacy Information Management System: Satisfies 'Citizen's Rights' requirements of GDPR/Data Protection Act

What is ISO 20000-1 (formerly BS 15000)?
Service Management System [On-site assessment by most Certification Bodies] Management of Customer Services (including cyber security) of IT Services, Facilities Management. ISO 20000-3 is a guidance document.

What is ISO 22301 (formerly BS 25999)? (updated 2019, amended 2024)
Business Continuity Management Systems [On-site assessment by most Certification Bodies] Precautions against threats to the company, including risk assessment, contingency/ disaster recovery plans. ISO 22301 has replaced BS 25999. Amended 2024: Climate action changes.

What is ISO 27001 (ISO 27002, 27017, ISO 27018)? (updated October 2022, recertification audit deadline 30/4/24)
Information Security Management System [On-site assessment by most Certification Bodies] Protects information (confidentiality, integrity & availability) including verbal, paper, electronic and film data whether printed, filmed, stored/transmitted electronically or verbally.
The content of BS ISO/IEC 27001:2013, BS ISO EN 27001:2015 & BS ISO IEC EN 27001:2017 are identical. Currently, UKAS accredited Certification Bodies only issue ISO 27001 certificates referencing the 2013 version.
Related standards:
  • ISO 27002 - Guidance on the implementation of ISO 27001
  • ISO 27017 - Additional guidelines for information security of cloud services
  • ISO 27018 - Additional guidelines for information security of public cloud services
  • ISO 27701 - Privacy Information Management System (below)
  • BS 10012 - Personal Information Management (GDPR)
  • PAS 555 - Cyber Security Risk Governance & Management (below)
  • Cyber Essentials (Plus) (below).

What is ISO 27701?
Privacy Information Security Management System [On-site assessment by most Certification Bodies] Extends ISO 27001 (Information Security Management System) to completely cover GDPR (General Data Protection Regulation).

What is PAS 555?
Cyber Security Risk Governance & Management [On-site assessment by some Certification Bodies] 'Publicly Available Specification' - Framework for technical, cultural & behavioural aspects of Cyber Security.

What is SIA ACS?
Security Industry Authority Approved Contractor Scheme [On-site assessment by SIA approved Assessing Body] From 6 April 2015, all security businesses will need to hold an SIA Business Licence. Security firms need ACS to demonstrate they are fit & proper to supply the security services: Manned Guarding, Key Holding & Immobilisation of Vehicles. ISO 9001 covers two-thirds of the ACS requirements.

What is TickIT?
TickIT [On-site assessment by some Certification Bodies] Quality Management System (based on ISO 9001) for software developers. TickITplus replaces TickIT (includes ISO 9001 approval).

Back to content