Search results

Home / Search

Category:
Select
Select

11269 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • LSA

    The Leading Supervisory Authority (LSA) is the Supervisory Authority that a data controller selects when is established in more than one Member State. So if your company is based in the EU, your Supervisory Authority will be the Data Protection Authority of the Member State where your EU company is established (i.e. Ireland). If you are established in more than one Member State (i.e., Ireland and France), you can appoint the Irish Data Protection Authority as your LSA and inform the French Data Protection Authority about it.

    Here you can find more information about the LSA:

    You can also consider enrolling in this free EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course/

  • ISO 45001 in a virtual or hybrid work environment

    As an international standard that is applicable to any organization of any size anywhere in the world, ISO 45001 is written in such a way that the requirements are descriptive but not prescriptive; meaning the requirements tell you what needs to be done for the processes of the OHSMS, but not how to do the processes. As such, there is a lot of flexibility in how you meet the requirements in any particular organization to allow for differences in industry or legal requirements among other variations.

    SO, a virtual or hybrid working environment is one of these variables that can be accommodated. For instance, ISO 45001 asks you to identify the hazards and OH&S risks in your organizational processes, and you would need to consider the virtual or hybrid working environment and identify the hazards in this way of working. You can then identify the unique controls for your working processes. This is true for all requirements of ISO 45001.

     

    You can learn more about the requirements for the OHSMS in ISO 45001 in a plain English fashion in our whitepaper: Clause-by-clause explanation of ISO 45001:2018, https://info.advisera.com/45001academy/free-download/clause-by-clause-explanation-of-iso-45001

  • What is the acceptable range of RH for a laboratory? 

    Specific requirements are determined by tolerance is specified in test methods being performed and or regulatory requirements depending on the test or calibration sector.  The two primary factors in creating an ideal laboratory condition are temperature and humidity. Note that often with the use of air conditioners, there is a drying effect and relative humidity is reduced. 
    Laboratories should be equipped with suitable climate and ventilation control. The laboratory must look at risks – personnel comfort and risk to validity or results. The starting point is that the temperature and humidity must be kept within limits for the proper performance of each test performed and according to the manufacturer’s specifications for the proper operation of equipment.

    Certain organisations, such as the FDA in the USA, have guidelines for general conditions. For example, a comfortable working environment is considered 20 to 25 Degrees Celsius with a relative humidity, depending on geographical area, of 35 to 50%.

    For more information, see the Advisera ISO 17025 toolkit Facilities and Environmental Condition Procedure at https://advisera.com/17025academy/documentation/facilities-and-environmental-condition-procedure/

    For more information and links to Advisera resources, have a look at a similar topic Environmental conditions for testing and calibration laboratories at https://community.advisera.com/topic/environmental-conditions-for-testing-and-calibration-laboratories/

  • Measurement uncertainty and lab validation

    You asked

    "If tests come with accepted tolerance ranges do you still do measurement uncertainty?

    I assume, based on you next question you are referring to a Standard test method. ISO 17025 states in clause 7.6.3, note 1 that if a laboratory follows a well-recognized test method that specifies limits to the values of the major sources of measurement uncertainty and specifies the form of presentation of the calculated results; and the laboratory follows reporting instructions, the laboratory is considered to have satisfied requirements of clause 7.6.3 to evaluate measurement uncertainty. So if this is the case, you will not need to perform MU as a testing Laboratory. Note that in all cases however you need to assess the risk of misrepresenting the results to clients. Furthermore calibration laboratories must always report the MU on a calibration certificate.

    You also asked

    Also if you use international standards which are validated already do you still need to validate the method in the lab?"

    You must meet the requirements of ISO 17025:2017 Clause 7.2, meaning if it is standard method your extent of validation is to verify that your laboratory can meet the performance criteria of the standard test with you conditions of venue, equipment and personnel. This could be, for example the required sensitivity, specificity, or other parameters stated.  

  • Conversion to UK version of GDPR

    Thanks for your response. Would you say that if a policy is already designed to comply with EU GDPR, then simply amending the language to also reference UK GDPR is sufficient? In other words, is the only change required to specify that it’s UK, but no actual substantive changes to the policy are needed?

    Yes, that is right. Of course, I suggest you monitor the Information Commissioner Officer (you can subscribe to the newsletter which is good) if any change in the legislation happens. Now, the UK GDPR is mirroring the EU GDPR (it was a condition to benefit from the adequacy decision for data transfer between the UK and the EU), but in the future things may change.

  • Documents and clauses

    As you have acknowledged and actioned, it is very important to keep track of your implementation project.

    You asked 

    which clause this will fit under?

    There is no specific clause in ISO 17025 to meet in terms of implementing the system, as ISO 17025 has requirements for meeting the requirements and controlling risks and changes (rather than how to developp processes and go about implementation). This is why we recommend using the Project Plan template, available at https://info.advisera.com/17025academy/free-download/project-plan-for-iso-17025-implementation and provide you with the Project-checklist-for-iso-17025-implementation available at https://info.advisera.com/17025academy/free-download/project-checklist-for-iso-17025-implementation.

    Note however, that requirements for controlling changes to your system are covered specifically in clauses

    • 5.7  (Management must control planned change to maintain integrity of the management system)
    • 7.11 Control of data and information management
    • 8.9  Management Review

    Practically I also advise you to use the Internal audit checklist to record your progress.
    The checklist is part of the toolkit, available for preview under “Performance Evaluation” at https://advisera.com/17025academy/iso-17025-documentation-toolkit/

  • Documentation of requirements

    Please note that our ISO 27001 Documentation Toolkit covers all mandatory documents and some documents that are not mandatory. Many of the clauses and controls you mentioned do not need to be documented according to the standard, and in our opinion, it would be an overhead to document each and every one of them in a small company. 

    Our toolkit is created specifically for smaller companies that want to implement ISO 27001 in a quick way, without unnecessary paperwork; for larger companies that require more documents, we recommend getting some other solution.

    This article will also help you:

  • What is EQA Test in ISO17025

    EQA stands for “External Quality Assurance” and refers to the ISO 17025 requirements in clause 7.7 Ensuring the validity of results, for a laboratory to  monitor its performance by comparison with results of other laboratories. How a laboratory does this depends on the type of testing and the type of comparison that is available and appropriate. This can be participation in proficiency testing or other means, for example, is appropriate bi-lateral comparisons or use of certified reference material. I suggest you contact your accreditation body and obtain their rules for Proficiency Testing and other comparison programme requirements for ISO 17025 accredited facilities in your sector. See too the ILAC P9:06/2014 ILAC Policy for Participation in Proficiency Testing Activities (the policy for accreditation bodies on the use of proficiency testing activities in the accreditation process), available from https://ilac.org/publications-and-resources/ilac-policy-series/

    For more information, have a look at previously answered topic Documentation and PT program https://community.advisera.com/topic/documentation-and-pt-program/

    For more information on what is required for ISO 17025, read the whitepaper Clause-by-clause explanation of ISO 17025:2017 available for download from https://advisera.com/17025academy/free-downloads/ and preview the Toolkit at https://advisera.com/17025academy/iso-17025-documentation-toolkit/ which includes the Quality Assurance Procedure and the Proficiency Testing Record.

  • Scope of ISMS

    The paper archive will need to be part of the ISMS scope if it contains information you want your Information Security Management System to protect.

    For example, if the paper archive contains employees’ information, and you want the ISMS to protect only customer information, then the paper archive does not need to be part of the ISMS scope.

    These articles will provide you a further explanation about defining the ISMS scope:

    This material can also provide more information:
Page 141-vs-13485 of 1127 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +