Most organizations don't operate in just one dimension of risk. Quality failures, environmental incidents, and workplace injuries are often symptoms of the same root cause: poor process control. Yet many companies pursue ISO 9001, ISO 14001, and ISO 45001 as three separate, siloed initiatives — tripling their documentation burden, audit schedules, and management review cycles in the process.
After helping more than 200 clients achieve certification with a 100% first-time audit pass rate, I can tell you with confidence: an Integrated Management System (IMS) is almost always the smarter path. In this guide, I'll walk you through exactly what an IMS is, why the three standards are designed to work together, and how to build one without losing your mind.
What Is an Integrated Management System (IMS)?
An Integrated Management System is a single, unified framework that combines the requirements of two or more ISO management system standards into one coherent set of policies, procedures, objectives, and processes. Rather than running parallel systems that duplicate effort, an IMS treats quality, environment, and occupational health and safety as interconnected disciplines managed through a common structure.
The foundation that makes this possible is Annex SL (now formalized as the Harmonized Structure under the ISO/IEC Directives, Part 1, Consolidated ISO Supplement). Since 2015, all new and revised ISO management system standards share an identical high-level structure (HLS) of 10 clauses:
- Scope
- Normative References
- Terms and Definitions
- Context of the Organization
- Leadership
- Planning
- Support
- Operation
- Performance Evaluation
- Improvement
ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018 all follow this exact framework. That alignment is not accidental — it is an explicit design choice to facilitate integration.
Why Integrate? The Business Case in Numbers
Before diving into the "how," let's address the "why" with data.
Organizations that implement an IMS report an average 25–30% reduction in documentation volume compared to running three separate management systems. When you consolidate context of the organization (clause 4), leadership commitment (clause 5), and management review (clause 9.3) into a single set of records, the redundancy savings add up fast.
According to a study published in the Journal of Cleaner Production, companies operating integrated management systems demonstrate measurably better environmental and safety performance than those running standalone systems, largely because integration drives cross-functional awareness and accountability.
Certification bodies typically offer a 20–40% reduction in combined audit days when conducting an integrated audit versus three separate audits. For a mid-sized manufacturer, that can translate to tens of thousands of dollars in audit fees and employee time savings annually.
A 2023 survey by the British Assessment Bureau found that 67% of organizations certified to multiple ISO standards had already integrated at least two of them, underscoring that IMS is no longer an advanced strategy — it is becoming the industry standard.
Finally, consider the internal productivity angle: organizations with integrated systems report up to 35% fewer internal audit person-hours per year, freeing up quality, EHS, and operations teams to focus on improvement rather than compliance administration.
The business case is clear. Let's build the system.
How ISO 14001, ISO 9001, and ISO 45001 Align
The table below maps the three standards clause-by-clause to show where requirements overlap, where they diverge, and where integration delivers the greatest efficiency gains.
| HLS Clause | ISO 9001:2015 Focus | ISO 14001:2015 Focus | ISO 45001:2018 Focus | Integration Opportunity |
|---|---|---|---|---|
| 4 – Context | Customer needs, QMS scope | Environmental aspects, legal obligations | Worker participation, OH&S hazards | Single SWOT/PESTLE, one interested parties register |
| 5 – Leadership | Quality policy, customer focus | Environmental policy, top management commitment | OH&S policy, worker consultation | One integrated policy statement, unified roles matrix |
| 6 – Planning | Quality risks & opportunities, objectives | Environmental risks, aspects & impacts, objectives | OH&S hazards, risks & opportunities, objectives | Combined risk register, single objectives tracker |
| 7 – Support | Competence, awareness, documented info | Competence, awareness, documented info | Competence, awareness, documented info | Unified training matrix, one document control procedure |
| 8 – Operation | Process control, design, supply chain | Operational control, emergency preparedness | Operational controls, MOC, emergency preparedness | Integrated SOPs and emergency response plans |
| 9 – Performance Evaluation | Monitoring, internal audit, management review | Monitoring, internal audit, management review | Monitoring, internal audit, management review | Combined audit program, single management review agenda |
| 10 – Improvement | Nonconformity, corrective action, continual improvement | Nonconformity, corrective action, continual improvement | Incident investigation, corrective action, improvement | One CAPA system covering quality, environmental, and safety events |
Citation hook: ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018 share an identical 10-clause Harmonized Structure, meaning that clauses 4 through 10 can be addressed with a single set of integrated documented processes without sacrificing individual standard compliance.
Where the Standards Diverge (And Why It Matters)
Integration does not mean the standards are identical. Three key areas require standard-specific treatment:
- ISO 14001 Clause 6.1.2 — Environmental Aspects: The aspects and impacts analysis is unique to ISO 14001 and must identify significant environmental aspects with documented criteria. This cannot be fully merged with risk identification under ISO 9001 or ISO 45001, though it can live in the same risk management framework.
- ISO 45001 Clause 5.4 — Consultation and Participation of Workers: ISO 45001 places far greater emphasis on worker involvement in OH&S decision-making than the other two standards. Your IMS must preserve and document these consultation mechanisms.
- ISO 9001 Clause 8.3 — Design and Development: This is the most process-intensive unique requirement in ISO 9001 and has no direct equivalent in ISO 14001 or ISO 45001. Applicable organizations must maintain robust design controls that stand alone.
How to Build an Integrated Management System: A Step-by-Step Approach
Step 1: Conduct a Gap Analysis Across All Three Standards
Before you write a single procedure, assess your current state against the combined requirements of all three standards. Map what you already have — quality manual, EHS procedures, safety programs — against each clause. Identify:
- What exists and is compliant
- What exists but needs updating
- What is completely missing
This gap analysis becomes your project roadmap. At Certify Consulting, we use a color-coded clause matrix that allows leadership to see the full integration picture at a glance.
Step 2: Define Your Integrated Scope and Policy
Draft a single Integrated Management System Policy that explicitly references quality, environment, and occupational health and safety commitments. This document, typically one to two pages, should:
- State the organization's commitment to all three disciplines
- Reference compliance with applicable legal and other requirements
- Commit to continual improvement
- Be signed by top management and communicated to all workers
Your IMS scope (clause 4.3 under all three standards) should define the boundaries of the system in a single statement, noting which standards apply and to which sites or processes.
Step 3: Build a Unified Context and Risk Framework
Clause 4 (Context of the Organization) is one of the highest-value integration points. Develop one document or process that captures:
- Internal and external issues (SWOT, PESTLE, or equivalent)
- Interested parties and their needs and expectations — customers, regulators, workers, communities, shareholders
- Compliance obligations — customer requirements (ISO 9001), environmental legal requirements (ISO 14001), and OH&S legal requirements (ISO 45001)
From this foundation, build a combined risk register in clause 6 that houses quality risks and opportunities, environmental aspects and impacts, and OH&S hazards and risks in a single tracked document. Use consistent likelihood/consequence scoring so that leadership can prioritize across all three risk domains in one review.
Step 4: Consolidate Your Support Processes
Clause 7 (Support) is where integration delivers some of its most tangible administrative savings. Consolidate the following:
- Document Control Procedure: One procedure governs all IMS documents, regardless of standard origin.
- Competence and Training Matrix: One matrix tracks required competencies, training completion, and qualification records for quality, environmental, and safety requirements.
- Communication Plan: Define internal and external communication requirements for all three standards in a single communication matrix.
- Awareness Program: Integrate quality, environmental, and safety awareness into a unified onboarding and recurring training program.
Step 5: Develop Integrated Operational Controls
Clause 8 (Operation) is where the standards diverge the most at the procedural level, but integration is still achievable. The key is to build process-based SOPs that embed quality controls, environmental controls, and safety controls into the same work instruction rather than maintaining three separate procedure sets.
For example, a manufacturing line SOP might simultaneously address: - Inspection hold points and acceptance criteria (ISO 9001) - Waste segregation and spill containment steps (ISO 14001) - PPE requirements and hazard communication (ISO 45001)
Emergency preparedness and response (ISO 14001 clause 8.2 / ISO 45001 clause 8.2) is a natural integration point — environmental emergencies and safety emergencies are often the same events (chemical spill, fire, explosion). One emergency response plan with appended environmental and safety annexes is far more practical than two separate documents.
Step 6: Establish a Combined Performance Evaluation Program
Clause 9 governs monitoring, measurement, internal audit, and management review. This is arguably the highest-leverage integration point for ongoing operational efficiency.
Internal Audit Program: Train a cadre of internal auditors who are competent across all three standards. Develop integrated audit checklists that map questions to ISO 9001, ISO 14001, and ISO 45001 simultaneously. A single process audit of your chemical handling operation, for instance, can evaluate quality conformance, environmental compliance, and safety compliance in one walkthrough.
Management Review: Conduct one annual (or more frequent) management review meeting with an agenda that covers all three standards. ISO 14001 clause 9.3 and ISO 45001 clause 9.3 have nearly identical management review input requirements, and both overlap substantially with ISO 9001 clause 9.3.2. A single integrated review agenda satisfies all three.
Key Performance Indicators: Build a balanced IMS dashboard with KPIs across all three domains — first-pass yield and customer complaints (quality), energy consumption and waste generation (environmental), TRIR and near-miss frequency (safety).
Step 7: Unify Your Corrective Action and Improvement Process
Under clause 10, all three standards require a process for managing nonconformities and corrective actions, and all three expect continual improvement. One Corrective Action and Preventive Action (CAPA) procedure that accepts inputs from quality nonconformances, environmental incidents, and safety incidents — and routes them through a common root cause analysis and effectiveness verification process — is one of the clearest wins in an IMS.
Common Pitfalls When Integrating ISO Standards
Even with the best intentions, organizations stumble in predictable ways. Here are the mistakes I see most often — and how to avoid them:
1. Over-consolidating unique requirements. The goal is integration, not elimination. ISO 14001's aspects register and ISO 45001's worker consultation records must remain distinct and fully compliant. Do not merge them into oblivion in the name of simplicity.
2. Neglecting standard-specific competency. If your internal auditors only understand quality, they will audit ISO 14001 and ISO 45001 clauses superficially. Invest in cross-training.
3. Losing sight of the individual certification scopes. If you are pursuing three separate certificates, confirm with your certification body that your integrated documentation clearly demonstrates conformance to each standard individually. The integrated system must be traceable back to every clause of every standard.
4. Treating integration as a documentation project. An IMS lives in how people work, not just what's written in procedures. Embed integrated thinking into toolbox talks, process reviews, and leadership conversations.
5. Skipping a phased approach. Many organizations try to implement all three standards simultaneously. Unless you have significant internal resources and expertise, I recommend certifying to one standard first (typically ISO 9001), then integrating ISO 14001 and ISO 45001 in subsequent phases.
IMS vs. Separate Systems: A Direct Comparison
| Factor | Three Separate Systems | Integrated Management System |
|---|---|---|
| Policy documents | 3 separate policies | 1 integrated IMS policy |
| Risk registers | 3 separate registers | 1 combined register |
| Internal audit cycles | 3 separate programs | 1 combined audit program |
| Management reviews | 3 separate meetings | 1 integrated review |
| Training records | 3 separate matrices | 1 unified competence matrix |
| Document control | 3 separate procedures | 1 procedure, all documents |
| CAPA system | 3 separate NCR processes | 1 unified CAPA process |
| Certification audit days | Full days × 3 | Reduced combined audit (20–40% savings) |
| Ongoing maintenance effort | High (duplication) | Moderate (streamlined) |
| Cross-functional awareness | Low (siloed) | High (integrated) |
Citation hook: Organizations that implement an Integrated Management System combining ISO 9001, ISO 14001, and ISO 45001 typically reduce total certification audit days by 20–40% compared to scheduling three independent audits, while simultaneously improving cross-functional risk visibility.
Certification Considerations for an IMS
When you're ready for external certification, there are a few important practical points:
Choose an accredited certification body experienced in IMS audits. Not all auditors are equally competent across all three standards. Ask prospective certification bodies how they staff integrated audits and whether they assign a single lead auditor or a team.
Request a combined audit. Most major certification bodies (BSI, Bureau Veritas, DNV, SGS, TÜV) offer integrated certification audits. The audit will assess all three standards simultaneously, typically resulting in three separate certificates from a single audit engagement.
Align your surveillance audit schedule. Under an IMS, surveillance audits for all three standards can be synchronized to the same annual cycle, reducing disruption to operations.
Maintain traceability matrices. Your certification body auditor will need to verify that your IMS addresses every clause of every standard. A cross-reference matrix (sometimes called a "clause correlation matrix") that maps each IMS document or process to the specific clauses of ISO 9001, ISO 14001, and ISO 45001 is an invaluable tool during the audit.
For organizations preparing for multi-standard certification, our detailed walkthrough of ISO 14001 documentation requirements provides a strong foundation for the environmental management components of your IMS.
Is an IMS Right for Every Organization?
Honestly, no — but it is right for most. Here's a quick decision framework:
Strong IMS candidates: - Organizations already certified to one standard and pursuing a second or third - Companies where quality, environmental, and safety risks intersect (manufacturing, construction, chemical processing, healthcare) - Organizations with limited internal resources who cannot sustain three parallel systems - Companies seeking to reduce certification costs and audit fatigue
Cases where a phased or standalone approach may be better: - A startup pursuing its first certification with no existing management system infrastructure - An organization where only one standard is required by customers or regulators - Companies in highly specialized industries where one standard's requirements are so dominant they dwarf the others
Even in these cases, I recommend building with integration in mind from day one — it is far easier to integrate systems that were designed to be integrated than to retrofit standalone systems years later.
Getting Started With Your IMS: Next Steps
Building an IMS that satisfies ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018 simultaneously is a significant undertaking, but it is well within reach for any organization with committed leadership and the right guidance.
At Certify Consulting, we have guided organizations across manufacturing, construction, energy, food production, and professional services through exactly this process — and every one of them has passed their first-time certification audit. Our IMS implementation methodology is built around your existing processes, not a generic template.
If you are ready to explore what an IMS could look like for your organization, or if you simply want a second opinion on your current approach, I am happy to have that conversation.
You can also explore our ISO 14001 implementation guide for a deeper look at the environmental management system foundation that anchors every IMS we build.
Frequently Asked Questions About Integrated Management Systems
Can ISO 9001, ISO 14001, and ISO 45001 be certified together?
Yes. Most accredited certification bodies offer integrated audits that assess all three standards in a single engagement, resulting in three separate certificates. The Harmonized Structure shared by all three standards makes this straightforward for experienced auditors.
How long does it take to implement an IMS?
Implementation timelines vary based on organizational size, complexity, and baseline maturity. For an organization starting from scratch, expect 12–18 months for a full three-standard IMS. Organizations already certified to one standard can typically integrate a second within 6–9 months.
Do I need separate documentation for each ISO standard in an IMS?
No. The goal of an IMS is to use shared documentation wherever the standards' requirements overlap. You will need some standard-specific documents (e.g., an environmental aspects register for ISO 14001, worker consultation records for ISO 45001), but the majority of your IMS infrastructure — policies, procedures, audit programs, CAPA systems — can be unified.
What is the Harmonized Structure and why does it matter for IMS?
The Harmonized Structure (formerly Annex SL) is a common 10-clause framework mandated by ISO for all new and revised management system standards. ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018 all use identical clause numbering and core text, which means their requirements can be addressed with a single integrated set of processes.
How much can an IMS save compared to three separate systems?
Organizations typically report 25–30% reductions in documentation volume, 20–40% savings in combined certification audit fees, and up to 35% fewer internal audit person-hours annually when operating a fully integrated IMS versus three independent management systems.
Last updated: 2026-03-16
Jared Clark is the principal consultant at Certify Consulting, specializing in ISO 9001, ISO 14001, ISO 45001, and Integrated Management System implementations. With 8+ years of experience and a 100% first-time audit pass rate across 200+ clients, Jared brings practical, results-driven guidance to every engagement.
Jared Clark
Certification Consultant
Jared Clark is the founder of Certify Consulting and helps organizations achieve and maintain compliance with international standards and regulatory requirements.