Search results

Home / Search

Category:
Select
Select

11275 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Access Control Policy

    Hi All,

    I am drafting the Access Control Policy in Conformio.

    In the document there is a section in which I need to map the job titles to the user profiles.

    My issue is that for some of the applications that we are using there are a set of pre-exisintg user profiles like for example Light Agent or Standard staff for which we do not have any users assigned to them.

    In this case should I simply not list them in the Definition of User Profiles or should I list them to state their existence but when doing the mapping with the job titles say something like "No currently Job Title assigned to the profile"

    Thanks in advance.

    Best Regards

    Igor

  • Audit Question Stage 1 with FDA compliance

    I recently had a client going through Stage 1 and the registration auditor commented on their procedures containing a reference to the CFR 820 as it pertains to their organization as a Distributor and a Servicer. They also were told they need to take an exclusion to Medical Device Reporting, it is not a requirement for a third party servicer, however it is required they have a documented process to record any adverse reporting. The auditor suggested this leaves them open for a more in depth "Audit". However - they distribute, install, service and repair the medical device. FDA would most likely audit this procedure if they were to come to their facility. Has anyone ever had an auditor from the registrar comment on this?

  • Project Plan

    Do I have to put phone numbers and email address into the project plan I have left them blank and it is not allowing me to move forward??

  • Measurement Uncertainty for 17025 Accreditation

    As far as ISO 17025 requirements go, there are situations where a lab does not need to evaluate and estimate MU if a published standard method is followed.

    That is if you are using a standard published method or a well-recognized test method  
    and if the method specifies limits to the values of the major sources of uncertainty 
    and if the method specifies the form of presentation of the calculated results 
    and if the laboratory follows the test method without deviation  
    and if the laboratory follows reporting instructions. i,e you control the risks

    Even if the above criteria are met, besides ISO 17025 requirements you need to fulfill any client and regulatory requirements; and those specified by the accreditation body (these could be best practices enforced by a professional association or a particular program).

    I suggest you confirm with your accreditation body and users of the test results. For example, a client may be part of an agricultural quality scheme that mandates the MU be below a limit for contaminants in animal feed; or there may be local regulations for fertilizers that specify a decision rule including MU (e.g result plus MU must be below the threshold limit to pass).

  • Collated Nonconformances

    The responsibility for addressing internal audit non-conformances for each clause in ISO 9001:2015 will typically fall on the employees or teams directly involved in the process or area where the non-conformance occurred. This may include process owners, quality assurance personnel, or designated individuals responsible for investigating and resolving non-conformances. The specific individuals responsible for addressing non-conformances will vary depending on your organization's structure and processes.

  • Question about ITIL Documentation

    Although suited for ISO 2000 implementation, our free ISO 20000 GAP analysis tool can help you start your assessment. It contains many common elements with ITIL and you can find it here

    ISO 20000 Gap Analysis Tool https://advisera.com/20000academy/iso-20000-tools/iso-20000-gap-analysis-tool/

  • ISO 13485 for supplier of microelectronic components

    We do supply packaged ASIC (application specific IC) to customer that manufacture medical devices. Our ASICs are not considered medical devices, and we have received ISO 13485 certification. Does this mean that we should also fulfill the requirements of ISO 14971? If yes, how can we evalaute the benefit of our components?
    Yes, ISO 14971 is mandatory for anybody who implements ISO 13485 according to the requirement 7.1 Planning of production. If your risks after implementing control measures are acceptable, then calculating the benefit /risk ratio is unnecessary.

    Regarding ISO 13485 clause 4.2.3, is it correct to consider this not applicable since we do not manufacture medical device, and we do not have medical device files?
    No, points from requirements 4 and 5 are not possible to state as non-applicable. For you, it is enough to prepare a file where you will put some kind of specification and/or code. Nothing else is necessary for your type of product.

  • Are partners classed as individuals?

    No, a company cannot be seen as an individual. Although the business is a partnership, it is still a business. Article 1 in GDPR states:

    “1. This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.

    2. This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.”

    Thus, the Regulation protects only natural persons

  • Basic practices to implement in a service desk

    Since the primary set of activities of the Service Desk consists of resolving incidents and fulfilling service requests, Incident Management and Service Request Management are some of the primary practices relevant to the Service Desk.

    Also, Service Desk practice is important.

    I would point out Configuration, Asset, and Knowledge Management from the other practices.

     

    More details about the Service Desk can be found in the articles

    “ Desk: Single point of contact“ https://advisera.com/20000academy/knowledgebase/service-desk-single-point-contact/

    „Service Desk staff – a window to the IT organization“ https://advisera.com/20000academy/blog/2014/02/18/service-desk-staff-window-organization/

    „ITIL Service Desk types“ https://advisera.com/20000academy/blog/2014/05/06/itil-service-desk-types/

  • Template for ISO27001 Audit program

    Thank you for your question.

    We answered it through Experta - you can find the answer here: https://experta.com/shared-post/e7443f68-d4e9-4cc1-b42a-43e51b4f99e7
Page 3-vs-13485 of 1128 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +