Sulayr® provides services for the implementation of ISO standards and, through agreements with the main certifiers at European level, offers the most complete service possible to our customers.

Our implementation technicians are also auditors of the main certification entities, which highlights the deep degree of specialization and professionalism of our team.

The ISO standards are the passport for the products and services of the companies, since they are the best mean to accomplish a presumption of conformity on the part of the buyers, whether they are other companies, Public Administrations or final consumers. Customers are  every day more demanding at the time of purchase, and that is why it is necessary to guarantee the buyer the safety, quality and standardization of the products or services acquired, which is achieved by providing the product with one or several ISOs which certify, by an independent third party, the quality of our product or service.

Currently there are more than 30,000 UNE EN ISO standards published and in force in Spain. The UNE standards (acronym of Una Norma Española), constitute one of the most complete normative bodies in the world and the largest in Spanish language, and are the encyclopedia of our technology, consisting in a documentary set of priceless value for our companies and our country, being there described the methodology and way of manufacturing products or providing standardized services, which is synonymous with quality and efficiency; it also represents the only way for the competitiveness and economic sustainability of companies, NGOs and Public Administrations.

Highly aware of this reality, Sulayr® has implemented and certified an Integrated Management System of the ISO 9001: 2015, ISO14001: 2015 and Ethical Management and Social Responsibility standards according to UNE ISO 26000: 2012.

Sulayr® has always been a pioneer in the implementation and management models of ISO standards, and for this purpose it has developed ISOonline and Compligest, an i-Cloud software for the online management of ISO and Compliance standards, which allows you a great saving of time and effort.

ISO 9001
OHSAS 18001
Marcado CE

Read more

ISO 27001

Read more

ISO 22000

Read more


Read more

ISO 9001, in Spain UNE EN-ISO 9001, is a standard developed by the International Organization for Standardization (ISO), and translated into Spanish by AENOR, that applies to the Quality Management Systems of public and private organizations, regardless of their size or business activity. It is an excellent work method for improving the quality of products and services, as well as customer satisfaction.

The quality management system is based on the norm ISO 9001: companies are interested in accomplishing this certification to guarantee the improvement of their products or services to their customers, since these in turn prefer companies committed to quality. Therefore, standards such as ISO 9001 become a competitive advantage for organizations.

ISO 9001:2015

In September 2015 the new ISO 9001: 2015 version was published. The revision of the norm arose from the need to adapt it to the current economic and social reality and to the situations in which organizations are involved today.

Therefore companies, including those already certified, must meet the requirements of the new ISO 9001: 2015 standard, which contains a new structure that will be followed by all ISO standards which will be renewed in the future.

With the new High Level Structure, the integration among the different ISO Management Systems will be favored, reducing considerably the time and resources invested in their execution.

The structure of the new ISO 9001: 2015 includes the following requirements:

  • Scope
  • Normative references
  • Terms and definitions
  • Context of the Organization
  • Leadership
  • Planning
  • Support
  • Operation
  • Performance evaluation
  • Improvement

The ISOonline Platform ISOonline facilitates the automation of the ISO 9001 Standard and is adapted to the 2015 version.

Based on the process and logic of the PDCA cycle (Plan – Do – Check – Act), ISOonline is designed to make more effective the management of documentation, improve communication and reduce time and costs during the management of your System. In this way, a real impact is achieved on the efficiency, cost and results of the organization.

ISOonline allows the optimization of Quality Management Systems based on ISO 9001: 2015 and facilitates the transition processes from the 2008 to the 2015 version. It also helps organizations to integrate, in a simple way, the ISO9001 standard with other standards, such as OHSAS 18001 and ISO 1400.

Do not hesitate to contact Sulayr® if you need to know more about ISO 9001: 2015.

ISO 14001: 2015, in Spain UNE EN-ISO 14001: 2015, is an international standard translated into Spanish by AENOR, which describes how to implement an effective Environmental Management System within an organization.

It applies to all types of organizations, of any size, that wish to comply with environmental legislation and avoid their environmental responsibilities and impacts.

ISO 14001 will allow you to define and establish environmental risks to reduce their impact, helping the sustainable growth of your company, providing a framework for you to meet the increasingly high expectations of customers in terms of compliance, regulatory and of corporate responsibility.

Objective of the ISO 14001: 2015 standard

Comply with the different environmental objectives that each company has, such as:

  • Environmental Protection
  • Risk mitigation for organizations
  • Compliance with all legal obligations
  • Perspective of continuous improvement
  • Communication of environmental information
  • Commitment of all levels of management and functions of the organization
  • The involvement of senior management
  • Opportunities to prevent or mitigate adverse impacts
  • To increase opportunities of beneficial effects for the organization
  • Risk management
  • Alinear e integrar los objetivos con la estrategia, los procesos de negocio y la toma de decisiones
  • To align and integrate objectives with strategy, business processes and decision making.

The ISOonline Platform ISOonline facilitates the automation of the ISO 14001 Standard and is adapted to the 2015 version.

Based on the process and logic of the PDCA cycle (Plan – Do – Check – Act), ISOonline is designed to make more effective the management of documentation, improve communication and reduce time and costs during the management of your System. In this way, a real impact is achieved on the efficiency, cost and results of the organization.

ISOonline allows the optimization of Quality Management Systems based on ISO 14001: 2015 and facilitates the transition processes from the 2008 to the 2015 version. It also helps organizations to integrate, in a simple way, the ISO 14001 standard with other standards, such as OHSAS 18001 and ISO 1400.

Do not hesitate to contact Sulayr® if you need to know more about ISO 14001: 2015.

The OHSAS 18001 standard establishes the minimum requirements for best practices in Occupational Safety and Health management, aimed at allowing an organization to control its occupational risks and improve its prevention models.

What are the benefits of the OHSAS 18001 standard?

  • To create the best possible working conditions throughout your organization.
  • To identify the risks and establish controls to manage them.
  • To reduce the number of work accidents and sick leave, minimizing costs and downtime linked to them.
  • To commit and motivate staff with better and safer working conditions.
  • To demonstrate compliance to customers and suppliers

The International Organization for Standardization (ISO, is developing the ISO 45001, which will replace the OHSAS 18001 in the second quarter of 2018.

The ISOonline Platform ISOonline facilitates the automation of the OHSAS 18001 Standard.

Based on the process and logic of the PDCA cycle (Plan – Do – Check – Act) ISOonline is designed to make more effective the handling of documentation, improve communication and reduce time and costs. In this way, a real impact is achieved on the efficiency, cost and results of the organization.

ISOonline, allows to optimize Management Systems based on the OHSAS 18001 standard, also helps organizations to integrate the OHSAS 18001 standard with other standards, such as ISO 9001 and ISO 14001, in a simple way.

Do not hesitate to contact Sulayr®  if you need to know more about OHSAS 18001.

The free movement of goods, one of the cornerstones of the single market in Europe, represents obvious business opportunities for our companies. It is based on premises such as the absence of barriers to trade, mutual recognition between countries and technical harmonization.

The EC Mark guarantees the free circulation within the European market of all those products that comply with the legal requirements of the European Union, generally related to issues of safety and health of people and their goods, and protection of the environment.

Manufacturers place EC Mark on their products. In doing so, they declare under their sole responsibility that said products meet all the legal requirements in force in Europe, and therefore in Spain.

It is the responsibility of the manufacturer to ensure that the products it sells under the EC Mark comply with all legal requirements.

Sulayr® has great experience in helping companies to implement the EC Mark for their products, do not hesitate to contact us without obligation if you need to know more.

Corporate Social Responsibility or CSR is a way of managing companies based on ethical management of the impacts that their activity generates on their customers, employees, shareholders, local communities, the environment and society in general.

The 5 principles that govern CSR

  1. Compliance with legislation
  2. Global and transversal
  3. Ethics and coherence
  4. Impact management
  5. Satisfaction of expectations and needs

Because it is important?

At the beginning of the 1990s, globalization promised a future full of good omens. It was assumed that everyone would win, both developed and developing countries. It seemed that globalization would produce an unprecedented development on a world scale, but all those expectations have been diluted when great imbalances have taken place both within and between countries.

Globalization has favored:

  • Increasing the power of the company to the detriment of the States
  • The decrease in rights to attract foreign direct investment
  • The offshoring processes
  • The privatization of basic services

All this exposed context, has favored the boom of the debate on Corporate Social Responsibility (CSR), as a tool that serves to reduce the negative impact of companies in general and multinationals in particular, on social rights, labor, the environment and ultimately, about Human Rights.

CSR is a transversal concept that affects different areas of company management, so the activities developed within the framework of CSR must be:

  • Have a vocation for permanence
  • Involve a commitment from senior management

There is agreement on the major thematic areas covered by CSR: economic, social and environmental. However, if something characterizes the CSR is its multidimensional character that affects different areas of the management of the company.

  • Human rights
  • Work and employment practices
  • Protection of health
  • Environmental issues
  • Fight against fraud and corruption
  • Consumer interest

The main internal advantages that the company brings to ISO 26000 are the following:

  • Awareness and organizational change
  • Improvement of the labor climate
  • Absenteeism reduction
  • Facilitates the preparation of sustainability reports
  • Integration of management systems
  • Minimizes “non-responsibility” costs
  • Improvement in productivity
  • Recruitment and Retention of talent
  • External benefits:
    • Creation of barriers to entry, a strong brand makes it difficult for competitors to enter a market
    • Greater cooperation with administrations reduces the risk of infringement-sanction, and adds strength to the regulatory environment
  • Sustainable stock indices
  • Improvement of the reputation
  • Increase in customer satisfaction
  • Greater dialogue and closeness with all interested parties allows a greater anticipation of changes in the market.

Sulayr® inspires its management and work methods in compliance with the principles of CSR, and has a certificate of Ethical Management and Social Responsibility according to UNE ISO 26000: 2012.

Sulayr® has extensive experience in the implementation of CSR management systems in companies, which is why it is your perfect partner in Corporate Social Responsibility. Contact us without obligation.

ISO standards management platform ISO.

ISOonline® is an application in the cloud that manages all documents and company records that are necessary for compliance with ISO 9001, ISO 14001, ISO 22000, ISO 27001, OHSAS 18001, among many others. It also manages the combinations and interrelationships between the different ISO standards and is applicable to all types and sizes of companies and sectors.

ISOonline® is a software that makes the difficult easy, since it elevates ISO management to levels of excellence by allowing you to save time and effort in the management of your ISO standards, and in which you can, through a scalable key system, give permissions of total or partial access to subordinates, responsible for dispersed work centers, branches, etc.

ISOonline® has a specific work system for franchisees of Sulayr®, which allows them access and individual control of their clients, as well as giving scalable keys to them.

Do not hesitate to visit our ISOonline® platform if you want to know more.

Sulayr® considers cybersecurity as the actions and protection systems of digital information in interconnected systems. Consequently, cybersecurity is included within information security.

The decisions made about information security are an important part of risk management decisions.

Sulayr® has extensive knowledge of ISO risk management standards and has been providing related services for more than 15 years:

  • Information Security Management Systems (ISMS) – ISO 27001, ISO 27002 and following up to ISO 27018, which include the concepts of PrivacyByDesign and PrivacyBy Default.
  • Quality of Cloud services. ISO / IEC 25000 and StarAudit.
  • Business Continuity Management Systems (SGCN) – ISO 22301.
  • Information Technology Management Systems (SGTI) – ISO 20000.

The development of the previous norms and the increasing participation of the private sector in the provision of Services and in the provision of ICT Products or Solutions to public entities, has led to the development, through Royal Decree 3/2010, of 8 January, the National Security Scheme or ENS, which takes the ISO management model for execution, in which Sulayr® is an expert, which supports our knowledge to provide services as a technical office in this area.


The ENS establishes the necessary conditions of trust in the use of electronic means, through measures which guarantee the security of systems, data, communications and electronic services, allowing citizens and Public Administrations the exercise of rights and the fulfillment of duties through these means.

As established by the ENS/NSS guidelines, when private sector organizations provide services or solutions to public entities, they must be able to display the corresponding Declaration of Conformity with the ENS/NSS, when it comes to BASIC category systems, or Certification Conformity with the ENS/NSS obligatorily, when dealing with systems of MEDIUM or HIGH categories, and of voluntary application in the case of systems of BASIC category, using the same procedures as those required for the public entities themselves.

Sulayr® can rely on a team specialized in the implementation of the National Security Scheme and can assist you complying with this obligation, in order to obtain the Declaration or Certification of Conformity according to the legal requirements in force.

For this, it has agreements with first-level certification bodies and with the cybersecurity research group Network Engineering & Security Group (tic-233) of the School of Computer and Telecommunications Engineering of the University of Granada.

Contact us and get our free guide “What is the ENS/NSS and how do I implement it in my company?” It will help you to clear up your doubts about how to do it.

Sulayr® in collaboration with the University of Granada offers a specialized technical office service that is provided to those clients who, being affected by regulatory requirements for information security, do not have sufficient internal resources to address their compliance or require an external expert knowledge.


The service methodology of the technical office is based on the PDCA continuous improvement cycle (Plan, Do, Check, Act) of the ISO model, since it begins in the analysis phase and compliance plan until the phase of maintenance and improvement, to ensure the continuity of fulfillment.

Based on this work philosophy, our technical office offers a series of specialized services, backed up by a group of certified and highly qualified professionals. Among them we highlight:

  • Legal advice and regulations in the field of cybersecurity.
  • Specialized advice in the field of legality and standardization of Information Technology and Security.
  • National Security Scheme (ENS) – RD 3/2010.
  • Information Security Management Systems (ISMS) – ISO 27001.
  • Information Technology Management Systems (SGTI) – ISO 20000.
  • Business Continuity Management Systems (SGCN) – ISO 22301.
  • Criminal Compliance Management System (SGC) – UNE 19601.
  • Other related services

Sulayr® also offers a service of Assistant to the Responsible for Virtual Security, which consists of providing knowledge and continuous expertise in security to those companies in need of this professional figure and do not have it among their own staff. For this, it relies on a guaranteed team of professionals, which ensures excellence in this service.

In Sulayr® we are experts in FOOD HYGIENE. We master all the standards of management on food safety and assurance, such as ISO 22000, BRC, IFS framework list, among other standards.

We provide services to a large number of companies and entities such as denominations of origin DO and PGI Protected Geographical Indications, which has given us a great knowledge of the sector and its needs.

The main objective of the UNE-EN ISO 22000 standard of Food Safety Management Systems, is to guarantee food safety in all processes involved from the place where the food is produced until it is consumed. Therefore, the scope of this standard is the entire phases of the supply chain of food products.

Advantages of the Standard:

  • Specificity of requirements for the food industry, being a standard designed exclusively for this field.
  • Possibility of application to the entire food chain, which covers all possible dangers that can cause a lack of safety in the food products.
  • Acceptance at the international level, being developed by an organization recognized in a varied set of countries.
  • Coverage of the aspects of quality and food safety required by certification standards of the different distributor associations.
  • Compatibility for its integration with other ISO standards, such as the 9000 or 14000 series, in an Integrated Management System for Quality, Food and Environmental Safety.
  • It avoids the duplication of documentation of the different quality systems and food safety, since it can be integrated into the same management system.

Objectives of the norm

The ISO 22000 standard pursues a series of objectives, among which we can highlight:

  • To achieve better consumers’ protection, which increases their confidence in products and companies, through their food safety mechanisms.
  • To improve cooperation between the different levels related to the food industry, both private and official, nationally and internationally, through communication and management requirements.
  • To contribute to the enhancement of the food safety mechanisms in the specific sector, harmonizing requirements and criteria.

BRC Global Standard for Food Safety is a voluntary, internationally recognized food safety certification standard developed in the United Kingdom by the British Retail Consortium, the food distributor association of the United Kingdom.

BRC Food Safety includes the requirements of an HACCP system, following the Codex Alimentarius, a documented quality management system, and the control of requirements of the environmental conditions of the facilities, products, processes and personnel.

The BRC Food Safety standard has been developed to help distributors certify compliance with food safety legal obligations and guarantee the highest level of consumer protection.

Likewise, BRC was designed to help retailers comply with legal obligations and to guarantee the highest level of protection for their customers, providing food companies with a clear, operational and transparent protocol to measure the safety of their products, offering greater confidence to consumers.

The BRC V7 version is currently in force.

The BRC Food Safety standard is applicable, in phases subsequent to primary production, to companies that produce, handle or package food.

The BRC certification is currently required by large distribution chains to select the suppliers that are going to manufacture, process or package products with private label.

If your food company is certified in BRC Food Safety it will gain a spotlight in the distribution market and will become more competitive.

Which sectors can be certified in the BRC Standard?

The BRC Food Safety standard has been designed to be applied to any organization regardless of its size and geographical location. It is a standard used by suppliers and retailers worldwide.

The IFS norm International Featured Standard is an internationally recognized private certification, which includes a set of standards applicable to suppliers and manufacturers of food safety and food quality products processed or packaged in bulk

IFS has been developed since 2003, by German, French and Italian distributors to ensure that a food company meets all legal requirements and food safety, and fulfills the requirements of the Global Food Security Initiative (GFSI) , through a complete protocol of audits and external evaluations to suppliers.

IFS is only applicable in later stages of primary production, when the products are processed or when there is a risk of contamination of the food product in the packaging process.

IFS is especially relevant in the food industry with brands of its own, as it offers an added value of safety and quality that can be used, as an added value, in the advertising and marketing actions of the brand. It is also an important competitive element for export, since the most important food chains of the European continent demand this seal in their commercial agreements.

In the development of the specifications of IFS have participated certification entities, retailers, food industry and companies in the service sector, to accommodate consumer requirements and European and national laws.

The currently valid standard is IFS, version 7 of 2017.

The current Spanish penal legislation advises to implement in the companies a preventive program, also known as COMPLIANCE PENAL, that allows a greater detection and prevention of the crimes that may occur in its midst.

Criminal compliance is a preventive manual for the company, which consists of a model of organization and management developed in the UNE 19601 standard; if effectively implemented before the commission of the criminal act, it can exempt the company from criminal liability. Legal persons may therefore be exempt from the penalties they would face for the commission of a crime by any of its members, both employees and members of its administrative body.

Compliance management systems have been regulated in Spain through the UNE 19601 standard, which comprises the following characteristics:

  • It is a national standard with a series of measures that an organization must adopt, in order to have a criminal compliance management system aligned with what Spanish criminal legislation requires about criminal prevention models, international standards and best practices in the matter.
  • It is a standard with an implementation process based on ISO 9001 and, likewise, it is certifiable by entities accredited by ENAC.
  • The certification provides greater guarantees to the management system, considering the systems that meet this requirement as exemptions from the criminal offense. On the other hand, the management systems Compliance not certified by entities accredited by ENAC, will be disregarded or, at the most, considered as mitigating factors.

Sulayr® has continuously developed the COMPLIGEST tool (link to in its permanent task of constant improvement and expansion of services to its customers. It is a software aiming to implement, manage and maintain compliance management systems in organizations.

Visit our platform and request more information and a demo without commitment.

Sulayr® has constantly developed the COMPLIGEST tool in its permanent work of continuous improvement and expansion of services to its customers.

COMPLIGEST Criminal Compliance is a software designed to implement, manage and maintain compliance with the Crime Prevention Systems. In addition, it allows the development of the complete cycle of risk assessment (Identification, Analysis and Evaluation of Risk) as well as the Treatment of Risk based on the UNE 19601 norm and compliance with the Penal Code.

Likewise, COMPLIGEST Criminal Compliance allows managing the complete cycle of continuous improvement established by the said regulation, from the establishment of the scope and objectives to the monitoring and continuous improvement of the framework, including the measures applied for the treatment of risks. It allows the definition of Compliance responsibilities, the development of Gap Analysis and the management of incidents and complaints.

It allows carrying out the implementation of the whole system WITHOUT papers, since everything is registered in the platform and  document manager will help you to organize all the necessary documentation to achieve compliance with the regulations.

Visit our platform and request more information and a demo without commitment.

ISOonline® is a cloud application that manages all those documents and company records that are necessary for compliance with standards.

COMPLIGEST Criminal Compliance is a software to implement, manage and maintain compliance with the Crime Prevention Systems.

Virtual Office