Search results

Home / Search

Category:
Select
Select

11272 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • What is the main difference between ISO/IEC 27701:2019 and ISO/IEC 27701:2025 ?

    What is the main difference between ISO/IEC 27701:2019 and ISO/IEC 27701:2025 ? Any new information as its the latest news in the ISO world. Please throw some light for the same.

  • record about Phisical and Electronic correspondance

    Hi In the first "Procedure for document and record control" we have one paragarpahe related to phisical and electronic records and when i choose for both Excel file the sentece become wired Each external document that is necessary for the planning and operation of the ISMS must be recorded in the Register of external correspondence in Excel or in the Register of external correspondence in Excel, according to their form. The Register of external correspondence in Excel and the Register of external correspondence in Excel must contain the following information: sender, document name, and date of receipt. The person who receives such external documents in paper or other physical forms (e.g., through regular mail or as courier parcels) must make a record in the Register of external correspondence in Excel. The person who receives external documents in electronic form (e.g., through email) must record them in the Register of external correspondence in Excel. hiw can we modify that paragraphe ? Also when we subscribe and get a quick workshop on getting started with confirmi, the person who present the tool told me that an update will be available wher we can modifiy the documents in a more flexibale way with teh possibility to ad headers and footers like in world can you tell me when it will be available ?   thanks Ed    

  • Risk level = 4, how to bring the residual risk at zero

    Hi, In Conformio, I’m currently in the Risk Register phase, Treatment step. When both Impact and Likelihood of my risk are set to 2-High (Level set to 4 – Not acceptable), I’m not able to bring the residual risk at zero. It remains at one, even when selecting all suggested risk treatment controls (safeguards). What should I do to bring the residual risk at zero? Or should I rather accept this residual risk of one?

  • Distributor traceability

    When it comes to traceability, the AS9100 standard does not give detailed requirements on how to do this, but only says that you need to control the unique identity if that is a requirement, and retain documents necessary to ensure this traceability.

    So, as per the standard, your question goes back to what your customer's requirements are. If your customer allows waivers on traceability, then that is acceptable, but if not, then it is not acceptable. As the standard is used by any organization within aerospace, the requirements only describe what needs to be done but need to be supplemented with the customer and legal requirements.

     

    For a bit more on the traceability requirements in AS9100, see the article: How to meet traceability requirements in an AS9100D-based QMS, https://advisera.com/9100academy/blog/2019/06/05/as9100-traceability-requirements-how-to-meet-them/

  • Reviewing incidents in Conformio Management Review

    We have the same problem here

  • UPDATE ADDRESS

    If you plan to move the department of the system to another address then have to update what records? Note: Only use the network of the new address, the rest is managed according to the old system. Thanks!

  • Secure Development policy

    There is a paragraph in the Secure development policy which states: In addition to the risk assessment performed according to the Risk Assessment and Risk Treatment Methodology, Head of RD must perform the annual assessment of the following: the risks related to unauthorized access to the development environment the risks related to unauthorized changes to the development environment technical vulnerabilities of the IT systems used in the organization the risks a new technology might bring if used in the organization the risk a new development methodology and/or programming language might bring if used in the organization the risks related to licensing requirements The question is, is this assessment to be done in the Risk Register or is it an additional document that needs to be drafted by the Head of R&D? Thanks

  • Question on large/small business certification

    The answer depends on how the ISO 9001 certification is structured within the big business.

    If the big business is ISO 9001 certified at an organizational level, it keeps certification.
    If the certification was contract-specific, the certification may no longer apply to that contract. The small business would need to become ISO 9001 certified if required for the contract.

  • Confidentiality Statement

    We are drafting the Confidentiality Statement through Conformio. To do this we have downloaded a template which should be edited based on the specific clauses are required in the company. This document should involve both employees and external parties. The issue is that we do not have a single document for all. For example for the employees the confidentiality statements are added in the employement letter which also references the employee handbook which has additional clauses, while for third parties there is a specific NDA. So the question is, how am I supposed to say all this since I have a single template? Best Regards  

  • Edit Risk register

    Hi there We want to edit the Impact and Likelihood fields for certain risks on the Risk Register. How do we do this? thank you.
Page 1-vs-13485 of 1128 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +