A corporate management system significantly increases the efficiency of an enterprise, be it small or big. It is incorporated into each level of the organization and effectively supports the processes of the company, reduces its operational costs, improves cooperation, which have impact on customer satisfaction and efficiency.

Corporate management systems can consist of several components (ISO 9001, ISO14001, MSZ 28001, MSZ ISO/IEC 27001) that are capable of covering an entire company and assisting fields of operation. The best systems are flexible in providing the components most needed by the client and upon request are able to assist in the implementation of unique ideas.

With the help of a corporate management system, everything can be handled in a more rational and easier manner and we get much faster where we would like to.

Quality Management System (QMS), MSZ EN ISO 9001:2009 (ISO 9001:2008)

The MSZ EN ISO 9001:2009 is the most widespread standard in all spheres of the economy that became a uniform system of international requirements nowadays.

It means a uniform guideline that can be applied independently from the size, activity, operation of a company in any field of the economic sector, in the operation of entrepreneurial sphere, public administration, governmental and non-profit organisations as well.

It promotes and guarantees the constant excellent quality and continuous improvement of products and services and the enhancement of customer satisfaction and better conformity with customer requirements.

The extraordinarily strong local and international competition has been forcing companies to apply the quality principle not only to products but also to the whole company including its operation.

The quality management system ensures the transparency of the processes within the company and the reasonable documentation of activities, it makes possible the daily management of the processes.

In the international practice and based on international agreements the quality management system of a company can be considered adequate and accepted if its conformity to the given standard is certified by an independent, highly-qualified and duly entitled certification body.

Environmental Management Systems (EMS), MSZ EN ISO 14001:2005 (ISO 14001:2004)

Protection of the environment, the reasonable use of resources and technology is a central requirement of our age. This determines the future and quality of life of future generations.

Our age demands a unified perception of technologies and their impact and public acceptance.

The challenge of the future is in new solutions of environmental protection that permanently spare the environment and resources while they enhance the technological and economic competitiveness.

The international dominance of free market economy, ensuring competitiveness and expectations regarding environmental protection inevitably forced companies to keep and improve their marketability by implementing their environmental policy. Environmental problems cause turmoil not only in the image and market position of a company, but they affect employees, (external) facilities located (residential and green areas, citizens living there, etc.) within the impact radius of the premise, the responsible municipalities and also the company’s relations with its business partners.

The introduction and operation of environmental management system promote the protection of natural resources, decrease of pollution and hazards and safeguarding the health of employees and those living in the neighbourhood. It is applicable to all types and sizes of organizations and can be integrated into other management systems.

The operation of environmental management system has the following favourable effects: 

  • reduction in the use of material and energy;
  • decrease of contaminant emission;
  • reduction of waste production;
  • increase of recycling;
  • establishment of conditions for environmental safety operation, risk reduction;
  • better assessment by banks and insurance companies;
  • clear identification of responsibilities for the environment;
  • improvement in the social, community and market perception of the organization;
  • acquisition, maintenance and extension of domestic and export markets;
  • improvement of the relations with the authorities.

Occupational Health and Safety Management System (OHSAS), MSZ 28001:2008 (BS OHSAS 18001:2007)

The top management shall take into consideration the fact that similarly to other developed countries also in Hungary stricter regulation plays an increasing role in the field of occupational health and safety.

Trials are stricter, fine of million forints can also be imposed on a company that significantly increases its operational costs and may also cause serious harm to the company image in long term. Transparency and proven excellence in occupational health and safety constitute a significant element of competition in the market.

Several examples prove that severe accidents, occupational illnesses and other damages (fines, litigations, ruined company image, etc.) caused by them might have been avoidable if the company had taken the necessary steps to create and regularly check work conditions to see whether they had been safe and healthy, if the employees had been aware of their obligations and observed the rules of their work.

Surveys on accidents show that costs of accidents far exceed the sum that an insurance company compensates in a given case. The estimated value of uninsured costs may be fivefold-fiftyfold of the costs caused by accidents and sicknesses.

The standard MSZ 28001 defines the requirements of occupational health and safety management system in order for an organization to be able to manage risks and improve the operation.

The standard may be applied by any organisation that is committed to establishing an occupational health and safety management system to cease or minimize to the extent possible the risk of employees and other interested parties exposed to occupational, health or safety hazards related to the activities of the organisation.

Organisations may apply the standard voluntarily to indicate their commitment to constantly improving occupational health and safety, but this is not required to be realized at once in the whole field of the activity. The adequate operation of the established system is supported by regular audits that provide information for the management.

The OHSAS can be easily integrated into the quality management system of MSZ EN ISO 9001 standard and the environmental management system of MSZ EN ISO 14001 standard.

Why is it worth applying the OHSAS? 

  • It offers systems approach in solving occupational health and safety problems.
  • It helps comply with legal requirements.
  • It reduces costs and the number and gravity of accidents.

What organizations can make the most of OHSAS? 

Organizations that

  • wish to regulate their occupational health and safety activity;
  • aim to establish an integrated management system;
  • want to manage work problems with systems approach in order to achieve corporate excellence;
  • intend to prevent work problems and cease or limit existing troubles with a view to improve the performance in occupational health and safety. 

Minőségirányítási rendszer

 Information Security Management System (ISMS) MSZ ISO/IEC 27001:2006

The security of information is a sensitive point at a lot of companies. A little gap in the information security system may often mean an open point to the potential attacks that may shake the company to the foundations. High level of connectedness across the globe, electronic trade, industrial espionage, global virus attacks or the international catastrophes such as in the case of the Word Trade Center in New York made dramatically obvious the necessity of high quality information security management systems.

The information is – according to one of its definitions – meaningful data and therefore it may exist in many different forms: printed or written in paper, stored electronically, forwarded by mail or electronic devices, presented in film or by voice during a conversation. Regardless of the form of its appearance or whether the information is stored or forwarded, it is recommended to be duly protected.

The information is an asset that has value and this value – similarly to other important business assets – is protected by the organisation in a proper manner. Information security protects the information against various threats in order to ensure that the business is running without interruption, the business damage is limited and that the business potential and the return of investments are as high as possible.

Information security safeguards the 

  • confidentiality of information: protects the information that only authorized person should have access to it;
  • integrity of information: protects the accuracy and entirety of the information and its processing method;
  • availability of information: provides that the authorized person can really access the required information and the necessary equipment be at his/her disposal.

 Topics, security measures and methods related to information security can be classified into different groups in many ways according to different criteria. One of the classification methods is the following:

  • Data protection: protection of information systems against losing or damaging the data and rules, processes and solutions ensuring the continuous availability of data. (In particular, maintaining the reliable operation of information systems shall be considered.)
  • Data security: rules, processes and solutions preventing damages deliberately caused to the information system and unauthorized access the information.

In general, security can be considered satisfactory if the cost and the method of the protection triggers the reduction of the risk of possible damages (damage value × probability of occurrence) to a level that is under a tolerable limit. However, it is necessary to emphasize that not only the sum but the method of the protection is also important, namely the protection shall be set up in a comprehensive and closed manner. The tolerable risk defines the rate of investment that can be determined on the basis of the tolerable limit indicated in the risk matrix of damage value and probability of occurrence. This limit shall be individually defined for each organization when inspecting the information security.

Where shall an information security management system be introduced and certified?

  • IT companies that deal with software development and information and telecommunication projects;
  • Financial and public administration organizations, authorities, insurance companies that handle the personal data of their clients;
  • Security companies that deal with property protection, defensive and guarding technology;
  • Logistic companies that contact their partners in electronic way.
  • Health institutions that provide health care.
Vállalat irányítási rendszerek