Search results for "iso17025 vs gmp"

ISMS Scope Extension

... sk owners vs. asset owners in ISO 27001:2013 https://advisera.com/27001academy/knowledgebase/risk-owners-vs-asset-owners-in-iso-270012013/

Regarding step 4, you do not need another SoA. Since you are extending the certification scope, a single SoA is sufficient.

General privacy policy/notice vs. entity-specific policy/notice

For a company that has subsidiaries with different processing, is it ideal for them to have a general privacy policy or notice or entity-specific ones?

Choosing the right Certification Body for ISO27001 Compliance

... ut selecting a certification body:

• List of Questions to ask an ISO 27001 or ISO 22301 certification body https://info.advisera.com/27001academy/free-download/list-of-questions-to-ask-an-iso-27001-certification-body
• Accreditation vs. certification vs. registration in the ISO world https://advisera.com/blog/2016/02/29/accreditation-vs-certification-vs-registration-in-the-iso-world/

Using CVSS as Risk Management Methodology for ISO 27001

Using ISO 9001 documents for ISO 13485

Yes, you can. This applies mostly to, for example, forms and procedures for internal audit, corrective measures, and non-compliant products.  

On the following link you can find the article that compares ISO 9001 and ISO 13485:

• Similarities and differences between ISO 9001:2015 and ISO 13485:2016 https://advisera.com/9001academy/blog/2015/01/21/iso-9001-vs-iso-13485/

• Corrective actions and nonconformities

  ... ... ses were not eliminated). In case they are solved as planned and there are no recurrences they will not mean a problem in the external audit.  

  Please note that ISO 27001 does not require non-conformities in internal audits to be classified. Normally non-conformities are classified during surveillance/certification audits.

  For further information, see:

  • Major vs. minor nonconformities in the certification audit https://advisera.com/27001academy/blog/2014/06/02/major-vs-minor-nonconformities-in-the-certification-audit/

• Timing requirements for quarantine areas and non conforming areas

  ... ve-action-vs-preventive-action/" class="content-link Link" rel="nofollow ugc">https://advisera.com/articles/complete-guide-to-corrective-action-vs-preventive-action/ ion/

• Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

• GDPR intermediary

  ... e 26 GDPR – Joint controllers: https://advisera.com/eugdpracademy/gdpr/joint-controllers/

• Article 28 GDPR – Processor: https://advisera.com/eugdpracademy/gdpr/processor/
• EU GDPR controller vs. processor – What are the differences? https://advisera.com/eugdpracademy/knowledgebase/eu-gdpr-controller-vs-processor-what-are-the-differences/

• ISO 27001 Toolkit Support

  ...

• Major vs. minor nonconformities in the certification audit https://advisera.com/27001academy/blog/2014/06/02/major-vs-minor-nonconformities-in-the-certification-audit/

These materials will also help you regarding internal audit:

• Preparing for ISO Certification Audit: A Plain English Guide https://advisera.com/books/preparing-for-iso-certification-audit-plain-english-guide/
• ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
• ISO 27001:2013 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/

• ISO 27001 toolkit

  ... ISO 27001 vs. ISO 27017 – Information security controls for cloud services https://advisera.com/27001academy/blog/2015/11/30/iso-27001-vs-iso-27017-information-security-controls-for-cloud-services/

• ISO 27018 – Standard for protecting privacy in the cloud https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/