Search results

Home / Search

Category:
Select
Select

11277 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Is Security Awareness training complaint enough for ISO 27001 audit?

    Please note that the awareness training included with your Conformio plan covers the most common topics related to general employees training and awareness, but to be sure if it is enough for auditing purposes you need to verify the results of your risk assessment and applicable legal requirements (i.e., laws, regulations, and contracts) to check if no specific additional training is required.

    For further information, see:

  • Best laboratory practices

    General best practices in laboratories involve establishing a quality management system with criteria for a safe working environment, efficient processes and valid results. The specifics depend on the type of laboratory. For example, for non-clinical safety studies, the Organisation for Economic Co-operation and Development (OECD) sets out Principles of Good Laboratory Practice (GLP) to ensure the quality and integrity of test data related to non-clinical safety studies.

    ISO 17025 is the basis of the quality management system for testing and calibration laboratories. Then depending on the sector and risk, practices for safety and environmental protection could include certification to other ISO or other international standards, for example, ISO 14001.

    For more information to meet ISO 17025 requirements, see the complimentary white paper (PDF) Clause-by-clause explanation of ISO 17025:2017 available at https://info.advisera.com/17025academy/free-download/clause-by-clause-explanation-of-iso-17025/ and the ISO 17025 Toolkit at https://advisera.com/17025academy/iso-17025-documentation-toolkit/

  • Extended Manufacturing Site

    Extended üretim sahası kuralları için IATF Rules revizyon 5, Annex 4’ü gözden geçirmenizi tavsiye ederim. 

    Özellikle extended manufacturing site için; ‘’ özerk karar vermeme yetkisine sahip olmamak’’ önemlidir ve ana üretim sahasına bağlı olmalıdır. 

    Bir çok ana aktivite; üst yöntim, kalite yönetim, vb gibi konular; ana saha tarafından yürütülmelidir.  

    Hatta, extended manufacturing site’da; sadece üretim, kalite gibi operatörlerin olmasıda isteniyor olabilir. 

    Bunun haricinde belgelendirme şirketiniz ile de görüşmenizi tavsiye ederim. 

  • Requirement of compulsory annual health check-up of employees

    No, there is no such a requirement from ISO 13485:2016. 

  • Validation and accreditation questions

    You asked

    1)    must the process of sample size reduction for analysis be included in the validation process for accreditation?

    I understand it the sample size reduction is part of sample preparation, not sampling (from source), so yes that step must be included in your method validation. The sample preparation variability must be evaluated. 

    You also asked

    2)    can you validate this as one method, even though different size reduction requirements and dilutions are used prior to analysis?"

    You can validate as one method if the same in-house or standard testing method is followed, and the dissolution and analytical part of the validation is common,

    As an example. an accredited would be stated as Procedure for the dissolution of crushed ore, waste ore and concentrate (final product) with analysis by ICP-OES. For accreditation you must specify the Material or product tested, the Standard Specifications, Techniques / Equipment used, the Type of Tests / Properties Measured, and Range of Measurement (if applicable, for example your limit of detection is a restriction).

  • organization have no work order since 2 years

    I am afraid that for a full answer to this question you will need to talk to your certification body, because AS9100 gives you the requirements on how to create an aerospace QMS, but it does not tell you how to audit it. Even ISO 19011, the guidelines for management system auditing, does not go into this sort of detail. The standard gives you the information on how to create the processes, which processes are needed, and some of the requirements they need to meet; but not how to assess these processes when a company has not had aerospace customers for a while. It also does not talk about if you do or do not have customers.

    That being said, documented records are not the only information used to audit the processes of the QMS. You may be able to assess the processes through interview where records do not exist because there have been no customers. It can be enough to know that the processes are in palce, understood, and ready for when a customer returns.

    You can learn a bit more on how the certification audit works in the article: What to expect at the ISO certification audit: What the auditor can and cannot do, https://info.advisera.com/free-download/what-to-expect-at-the-iso-certification-audit

     

  • Auditor Questions Allowed

    When preparing for an audit of the OHSMS it is important to realize that the management system can not simply meet the requirements of ISO 45001, it also needs to incorporate legal and other requirements of interested parties which is why the standard asks that you identify these as part of clause 4.2. What this means is that during an audit you are not asking questions about the standard, since people in the organization may not know what the standard says, but rather questions about the process this is implemented which will include all requirements including ISO 45001.

    This means what you need to do is to review the process in place to see what questions you need to ask to assess if the process is implemented as planned. If people are doing the process as planned, and the process meets the requirements of ISO 45001 and the needs and expectations of interested parties, then you are assessing if the requirements of the process are met in your audit.

     

    You can learn more on how auditing works in the article: How to perform an internal audit using ISO 19011, https://info.advisera.com/free-download/how-to-perform-an-internal-audit-using-iso-19011

  • UK -GDPR

    If you are working in the company, this would be considered as a transfer of personal data (Transfers of personal data to third countries or international organizations) falling under Chapter V in UK GDPR. So there should be a legal basis to be used. In your case, it depends on where your employment contract is. If your employment contract is in the UK but you reside outside the UK, that is not a problem. If your employment contract is outside the UK, but not in EEA, then there should be a transfer mechanism in place, like standard contractual clauses or binding corporate rules that should be signed between the UK company and your employer.

     

    Please find more links here (references are for EU GDPR, but the text is the same):

  • Data transfers to 3rd countries

    If the headquarter of the organization is in the United Kingdom, then UK GDPR would apply mainly. According to article 3 – Territorial scope – from EU GDPR, the Regulation would apply only if the company would offer goods or services to people in EEA, or if it monitors the behavior of people in EEA. If the data is stored in Serbia, then a transfer takes place from the UK to Serbia. According to UK GDPR, which is almost the same as EU GDPR (with EU references removed), a suitable transfer mechanism should be used for compliant personal data transfer. In this case, the best transfer mechanism would be UK Standard Contractual Clauses. ICO, UK’s Data Protection Authority issued some new SCCs, called IDTAs (International Data Transfer Agreement) that can be used starting March 21, 2022.

    You could explore developing Binding Corporate Rules (BCRs) for intra-group personal data international transfers, but they need to be approved by the supervisory authority (ICO in this case).

    Please consult these links to find more details:
Page 100-vs-13485 of 1128 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +