Search results

Corrective Action Form

The reference to be used in the column “Reference to the Corrective Action Form” is the number of the Corrective Action form. There is no need to list “actions points” because this information will be recorded in the Corrective Action form.

This article will provide you a further explanation about records management:

• Records management in ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/11/24/records-management-in-iso-27001-and-iso-22301/

These materials will also help you with records management:

• Managing ISO Documentation: A Plain English Guide https://advisera.com/books/managing-iso-documentation-plain-english-guide/
• Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/

ISO 9001 Questions

1/Example of determining the requirements for products and services, meaning what features the product or service will have in the organization;

Answer:

I do not know if I understand the question correctly. Product or service requirements are included in its specifications. They are a design output (see ISO 9001:2015 clause 8.3.5 d))

2/Example of scope of QMS and its evidences in any organization;

Answer:

I invite you to check this free webinar on-demand - ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope - – where I develop the topic.

For example, a hotel may have several services and several kinds of clients:

While implementing a quality management system, top management decided that its scope would be only the hospitality service for groups. The scope statement should be written in a document. Normally, organizations keep a system’s manual, not mandatory, and include the scope statement there.

3/ Example of process design/service in any organization

Answer:

In this picture

you find a generic example of a design process.

4/ Example of establishment and documenting the criteria for supplier’s selection in any organization;
5/Example of establishment and documenting the criteria Production and service provision in any organization 

Answer:

Unfortunately, I cannot present here those examples because we sell that kind of template in our ISO 9001:2015 Documentation Toolkit. Please check the free previews available.

About supplier’s selection criteria – think about what an organization needs from its suppliers: no defects, no delivery delays, price level, innovation, service.

About establishing the criteria for product and service provision – please check this free webinar on-demand - The Process Approach - What it is, why it is important, and how to do it - https://advisera.com/9001academy/webinar/iso-9001-process-approach-free-webinar-on-demand/  - and see how the risk-based approach can be used to develop a process control plan.

New requirements for technical files

You have a template for technical documentation in the folder Technical file. The name of the document is the Technical file template.  

Coding records

You do not need to code records if it is not suitable for you. The point of the code is that you can differentiate your records. So any system that will allow you how to differentiate records is good. This way of coding in our documentation toolkit was just a suggestion, the way that we considered to be the best. But, do it as it is logical for you.

Your documentation must suit your company, organizational, and process needs

Considering the example from your question: 

If you decide to you codes on the record, then one code will be for one type of the record. It means, that if you have a record PR-001-F, each time when your employee will use this form it will be written on it. It does not depend on the date of issue of that record or the content of the record. The code always stays the same. Some clients put that code in the header or footer.

Considering the records that run automatically like backup logs - yes you can add that code to the file name of the backup

More information about document management you can find on the following link:

• Common mistakes with ISO 13485:2016 documentation control and how to avoid them https://advisera.com/13485academy/blog/2018/03/14/common-mistakes-with-iso-134852016-documentation-control-and-how-to-avoid-them/
• How to structure Quality Management System documentation according to ISO 13485 https://advisera.com/13485academy/knowledgebase/how-to-structure-quality-management-system-documentation-according-to-iso-13485/

• Working Instructions for testers under accreditation

  You asked

  Working Instructions for testers under accreditation – is there recommended form and will we receive it?

  Within ISO 17025 there are certain mandatory procedures, documented processes and records required. Work Instructions (WI) can be used when detailed information is needed about how to do a task. There is no prescribed way a WI must be presented. An instruction could be in the form of a written text in a document, workflow of steps, a graphic illustration, series of photographs and or a video.  Either way WIs should be sequential, logical and to the point, menaing clear to follow. The design will depend on your needs. Within the ISO 17025 Academy toolkit, there are a number of procedures and forms, including checklists that contain the information to complete a process. These can be used to write a step by step work instruction. To preview the toolkit see https://advisera.com/17025academy/iso-17025-documentation-toolkit/

  You also asked

  Is it possible to receive support for the structure of the Lab and it place in our organization chart – to be acceptable for accreditation body?

  Simply answered any structure is acceptable where there is overall management, clearly defined roles and there is no conflict of interest. Responsibilities and authorities must be defined, and the structure must safeguard impartiality, confidentiality and drive the objectives of the laboratory.

  Please have a look at my reply to a question Key positions in ISO 17025, at https://community.advisera.com/topic/key-positions-in-iso-17025/ where this is answered. You can also view a preview of the Quality Manual that covers this, available from https://advisera.com/17025academy/iso-17025-documentation-toolkit/ Also feel free to download a complimentary white paper Clause-by-clause explanation of ISO 17025:2017 at https://info.advisera.com/17025academy/free-download/clause-by-clause-explanation-of-iso-17025/, where Structural requirements are explained in section 5.

• Measuring success of Information Security

  Thank you. Your explanations are clear and understandable.

• ISO 9001 Engineering drawing

  Unfortunately, there is no guide.  ISO 9001 has no universal guide for archiving records. It is up to each organization to decide how to do it.

  Records are like the memory of an organization. Without memory, learning happens very slowly.

  Two things about records: accessibility and protection.

  How authorized persons can easily find the records they are searching for: where are they located, how are they compiled (topic), how are they organized (how to search – date, alphabetically, numerically, …), for how long they will be kept?

  About protection think about how to guarantee that unauthorized persons have access to them, think about how to protect them from accidents (fire, flood, …)

  You can find more information about documentation below:

  • New approach to document and record control in ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/06/30/new-approach-to-document-and-record-control-in-iso-90012015/
  • Some tips to make Document Control more useful for your QMS - https://advisera.com/9001academy/blog/2014/05/20/tips-make-document-control-useful-qms/
  • Free online training ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
  • Book - Managing ISO Documentation: A Plain English Guide - https://advisera.com/books/managing-iso-documentation-plain-english-guide/
     

• Política de uso de criptografia

  Para mais informações sobre o uso de criptografia de acordo com a ISSO 27001, por favor veja:

  • How to use the cryptography according to ISO 27001 control A.10 https://advisera.com/27001academy/how-to-use-the-cryptography-according-to-iso-27001/

  Este material também pode ser útil:

  • ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/

  Caso você ainda tenha alguma dúvida específica, você pode fazer uma pergunta em nossa comunidade: https://community.advisera.com/

• Encryption Use Policy

  For more information on the use of encryption according to ISO 27001, please see:

  • How to use the cryptography according to ISO 27001 control A.10 https://advisera.com/27001academy/how-to-use-the-cryptography-according-to-iso-27001/

  This material will also help you regarding cryptography:

  • ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/

  If you still have a specific question, you can ask a question in our community: https://community.advisera.com/

• Additional requirement to ISO13485 that has to be addressed for MDSAP

  The Medical Device Single Audit Program (MDSAP) is a program that allows the conduct of a single regulatory audit of a medical device manufacturer’s quality management system that satisfies the requirements of multiple regulatory jurisdictions.

  MDSAP is based on ISO 9001:2015 so the following aspects are not covered in the ISO 13485:2016:

  • Context of the manufacturer
  • Interested parties
  • Business risk assessment

  What are more differences between ISO 9001:2015 and ISO 13485:2016 you can see on the following link:

  • Similarities and differences between ISO 9001:2015 and ISO 13485:2016 https://advisera.com/9001academy/blog/2015/01/21/iso-9001-vs-iso-13485/