Search results

Measurement Uncertainty for 17025 Accreditation

As far as ISO 17025 requirements go, there are situations where a lab does not need to evaluate and estimate MU if a published standard method is followed.

That is if you are using a standard published method or a well-recognized test method  
and if the method specifies limits to the values of the major sources of uncertainty 
and if the method specifies the form of presentation of the calculated results 
and if the laboratory follows the test method without deviation  
and if the laboratory follows reporting instructions. i,e you control the risks

Even if the above criteria are met, besides ISO 17025 requirements you need to fulfill any client and regulatory requirements; and those specified by the accreditation body (these could be best practices enforced by a professional association or a particular program).

I suggest you confirm with your accreditation body and users of the test results. For example, a client may be part of an agricultural quality scheme that mandates the MU be below a limit for contaminants in animal feed; or there may be local regulations for fertilizers that specify a decision rule including MU (e.g result plus MU must be below the threshold limit to pass).

Collated Nonconformances

The responsibility for addressing internal audit non-conformances for each clause in ISO 9001:2015 will typically fall on the employees or teams directly involved in the process or area where the non-conformance occurred. This may include process owners, quality assurance personnel, or designated individuals responsible for investigating and resolving non-conformances. The specific individuals responsible for addressing non-conformances will vary depending on your organization's structure and processes.

Question about ITIL Documentation

Although suited for ISO 2000 implementation, our free ISO 20000 GAP analysis tool can help you start your assessment. It contains many common elements with ITIL and you can find it here

ISO 20000 Gap Analysis Tool https://advisera.com/20000academy/iso-20000-tools/iso-20000-gap-analysis-tool/

ISO 13485 for supplier of microelectronic components

We do supply packaged ASIC (application specific IC) to customer that manufacture medical devices. Our ASICs are not considered medical devices, and we have received ISO 13485 certification. Does this mean that we should also fulfill the requirements of ISO 14971? If yes, how can we evalaute the benefit of our components?

Regarding ISO 13485 clause 4.2.3, is it correct to consider this not applicable since we do not manufacture medical device, and we do not have medical device files?

Are partners classed as individuals?

No, a company cannot be seen as an individual. Although the business is a partnership, it is still a business. Article 1 in GDPR states:

“1. This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.

2. This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.”

Thus, the Regulation protects only natural persons

Basic practices to implement in a service desk

Since the primary set of activities of the Service Desk consists of resolving incidents and fulfilling service requests, Incident Management and Service Request Management are some of the primary practices relevant to the Service Desk.

Also, Service Desk practice is important.

I would point out Configuration, Asset, and Knowledge Management from the other practices.

More details about the Service Desk can be found in the articles

“ Desk: Single point of contact“ https://advisera.com/20000academy/knowledgebase/service-desk-single-point-contact/

„Service Desk staff – a window to the IT organization“ https://advisera.com/20000academy/blog/2014/02/18/service-desk-staff-window-organization/

„ITIL Service Desk types“ https://advisera.com/20000academy/blog/2014/05/06/itil-service-desk-types/

Template for ISO27001 Audit program

Thank you for your question.

We answered it through Experta - you can find the answer here: https://experta.com/shared-post/e7443f68-d4e9-4cc1-b42a-43e51b4f99e7

The best way to calculate the carbon footprint

It should be noted that ISO 14001 does not discuss carbon footprint, but only requires that you identify issues and legal requirements that affect the EMS, and ensure you meet them. So, if carbon footprint is an external issue you need to address, or you have a legal requirements around calculating your carbon footprint, then this is not a required part of the EMS.

That being said, if you have a legal requirements on calculating your carbon footprint, and this legal requirement defines how you need to do so, then you should follow this. The same goes for any industry practices around calculating the carbon footprint, so that you can easily compare with others in your industry.

If these requirements do not exist, there is an ISO standard that gives guidelines on how to do carbon footprint; ISO 14067:2018, “Greenhouse gases — Carbon footprint of products — Requirements and guidelines for quantification” which will give some internationally recognized guidance on applying this practice.

For more information please see this article. While this article is about the previous version of this standard, it will give some good information on what the standard is about: What is ISO 14067:2013 and why is it useful for carbon footprint?, https://advisera.com/14001academy/blog/2017/05/30/what-is-iso-14067-2013-and-why-is-it-useful-for-carbon-footprint/

How comprehensive and specific should we describe the implementation methods in SoA?

Thank you for your question.

We answered it through Experta - you can find the answer here: https://experta.com/shared-post/076e2772-3efb-4557-8a6d-9558333d7e5d

Non-mandatory documents

Most of the non-mandatory documents on our website come from our experience in helping organizations comply with ISO 22301. These non-mandatory documents were identified by organizations as being helpful in implementing and operating their BCMS.

For example, ISO 22301 does not require organizations to document how they control documents and records, but having a procedure for that can facilitate communication and keep documents in a default format.   

This article can provide you with further information:

• 8 criteria to decide which ISO 27001 policies and procedures to write https://advisera.com/27001academy/blog/2014/07/28/8-criteria-to-decide-which-iso-27001-policies-and-procedures-to-write/