The Complete Guide to Integrated Management Systems (IMS): Combining ISO 9001, 14001 & 45001

Running three separate management systems for quality (ISO 9001), environment (ISO 14001) and occupational health & safety (ISO 45001) is expensive, duplicative and exhausting for every team involved. An Integrated Management System (IMS) combines all three — and optionally ISO 27001, 22301, 50001 — into one manual, one audit programme, one management review.

"Integration is not about cramming three systems into one binder. It is about designing one system that naturally covers quality, environment and safety from the start."
— ISO Xpert

What Is an Integrated Management System?

An IMS is a single, unified management system that satisfies the requirements of multiple ISO standards simultaneously. Because ISO 9001, 14001 and 45001 all share the Annex SL high-level structure (10 identical clause headings), integration is architecturally natural — you write each clause once and layer in the standard-specific requirements where they diverge.

Why Integrate? The Business Case

The Annex SL Advantage

All three standards (and most modern ISO management system standards) follow the Annex SL high-level structure:

1. Clause 1 — Scope (standard-specific)
2. Clause 2 — Normative references
3. Clause 3 — Terms and definitions
4. Clause 4 — Context of the organisation → write once, cover internal/external issues and interested parties for Q + E + S
5. Clause 5 — Leadership → one integrated policy, one set of roles and responsibilities
6. Clause 6 — Planning → one risk register with Q, E and S risk categories; one set of objectives
7. Clause 7 — Support → shared document control, competence framework, communication plan
8. Clause 8 — Operation → this is where standards diverge most (product realisation vs aspects/impacts vs HIRA)
9. Clause 9 — Performance evaluation → one internal audit programme, one management review
10. Clause 10 — Improvement → one CAPA process, one continual improvement mechanism

Clause 8 is where most of the standard-specific procedures live. Everything else can be written once and shared.

Step-by-Step Integration Approach

Step 1 — Simultaneous gap analysis

Run a single gap analysis covering all three standards at once. Use a combined checklist that maps each clause to 9001, 14001 and 45001 requirements side by side. This immediately shows where requirements overlap and where they are unique.

Step 2 — Unified policy

Write one integrated policy covering quality, environmental and OH&S commitments. Leadership signs one document, employees see one policy on the wall.

Step 3 — Single risk register

Create one risk register with categories for quality risks, environmental aspects/impacts, and OH&S hazards. Each risk has a common scoring methodology (likelihood × impact) and treatment plan.

Step 4 — Integrated procedures

Write shared procedures for:

• Document and record control
• Internal audit (ISO 19011)
• Management review
• Corrective action and CAPA
• Training, competence and awareness
• Communication (internal and external)
• Emergency preparedness and response
• Supplier evaluation and procurement
• Monitoring and measurement

Step 5 — Standard-specific procedures

Write separate procedures only where genuinely different:

• ISO 9001 — customer requirements, design and development, production/service delivery
• ISO 14001 — environmental aspects and impacts register, legal compliance (environmental regs), waste/water/energy controls
• ISO 45001 — hazard identification and risk assessment (HIRA), worker consultation and participation, PPE, permit-to-work

Step 6 — Combined internal audit programme

Audit each process area against all three standards simultaneously. One audit visit, one report, one set of findings — covering Q, E and S in every process.

Step 7 — Integrated management review

One meeting per cycle covering all required inputs from all three standards. Use a combined agenda template that ensures nothing is missed from any standard.

Step 8 — Certification

Request a combined audit from your certification body. Most accredited CBs offer integrated audits at significantly reduced day rates compared to three separate audits. You receive one certificate (or three linked certificates) covering all standards.

Extending the IMS

Once you have 9001 + 14001 + 45001 integrated, you can layer in additional standards without starting from scratch:

• ISO 27001 — add information security controls into Clause 8
• ISO 22301 — add business continuity plans and BIA
• ISO 50001 — add energy management alongside environmental
• ISO 42001 — add AI governance for tech-forward organisations

Common Mistakes in IMS Integration

1. Bolt-on instead of built-in — don't just staple three systems together. Redesign from the Annex SL structure outward.
2. One person does everything — integration needs a cross-functional team (quality + HSE + environment + IT).
3. Ignoring Clause 8 differences — this is where standards genuinely differ. Don't force-fit.
4. Not retraining internal auditors — auditors need competence across all three standards to audit the IMS effectively.
5. Skipping the combined gap analysis — you need to see all three standards mapped before you start writing.

ISO Xpert IMS Products

ISO Xpert offers a ready-made IMS toolkit (9001 + 14001 + 45001) with integrated manual, shared procedures, combined risk register, audit checklist and management review template. Also available as a Toolkit + Certificate package with full certification support.

• Shop IMS products — toolkits, certificates and gap analyses
• Certification support — end-to-end IMS certification management
• Integration how-to guide — practical steps for merging existing separate systems

Frequently Asked Questions

Related Articles

• What Is ISO Certification? Beginners Guide
• Benefits of ISO Certification: ROI
• ISO Certification Timeline
• Top 10 ISO Standards