Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results for "iso17025 vs gmp"
1219 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Updating the Incident Management Procedure
... ity event vs. incident vs. non-compliance https://advisera.com/27001academy/blog/2018/12/03/iso-27001-information-security-event-vs-incident-vs-non-compliance/
Should we include our maintenance window to this document to exclude from our SLA? I mean we use this document as a reference for SLA.
I assume you refer to Incident Management Procedure - this procedure needs to be aligned with your existing SLAs, meaning you have to plan to react to incidents in a way to comply with the requirements from your clients.
Here's some more information: How to handle incidents according to ISO 27001 A.16 https://advisera.com/27001academy/blog/2015/10/26/how-to-handle-incidents-according-to-iso-27001-a-16/
Do you recommend any tool for handling incidents proper for small business?
In couple of months time we will launch a new SaaS tool that will help smaller companies handle incidents compliant with ISO 27001 - we'll let you know once we complete it.
-
Is IATF accreditation necessary?
... . ref="https://info.advisera.com/16949academy/free-download/project-plan-for-iatf-16949-implementation-presentation" class="content-link Link" >https://info.advisera.com/16949academy/free-download/project-plan-for-iatf-16949-implementation-presentation
- What are the main differences between IATF 16949 and ISO 9001? https://advisera.com/16949academy/blog/2019/11/19/iso-9001-vs-iatf-16949-what-is-the-difference/
-
Question about training
... >... -lead-implementer-training-look-like/
- What does ISO 27001 Lead Auditor training look like? https://advisera.com/27001academy/blog/2016/08/29/what-does-iso-27001-lead-auditor-training-look-like/
- Lead Auditor Course vs. Lead Implementer Course â Which one to go for? https://advisera.com/27001academy/blog/2014/06/16/lead-auditor-course-vs-lead-implementer-course-which-one-to-go-for/
-
Processes, Actives, Procedures, Process , Functions
... 5 process vs. procedure – Some practical examples https://advisera.com/9001academy/blog/2016/01/19/iso-90012015-process-vs-procedure-some-practical-examples/
- What should you write in your Information Security Policy according to ISO 27001? https://advisera.com/27001academy/blog/2016/05/30/what-should-you-write-in-your-information-security-policy-according-to-iso-27001/
- ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/ -
Implementation duration for ISMS/BCMS
... ISO 27001 vs. ISO 27017 – Information security controls for cloud services https://advisera.com/27001academy/blog/2015/11/30/iso-27001-vs-iso-27017-information-security-controls-for-cloud-services/
- ISO 27001 vs. ISO 27018 – Standard for protecting privacy in the cloud https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/
-
New version of ISO 27001 standard
... ce visits vs. certification audits https://advisera.com/27001academy/knowledgebase/surveillance-visits-vs-certification-audits/
- ISO 27001/ISO 22301: The certification process [free webinar on demand] https://advisera.com/27001academy/webinar/iso-27001iso-22301-certification-process-free-webinar-demand/
- How to choose a certification body https://advisera.com/blog/2021/01/11/how-to-choose-an-iso-certification-body/
- ISO 27001 Certification: What’s next after receiving the audit report? https://advisera.com/27001academy/blog/2015/05/18/iso-27001-certification-whats-next-after-receiving-the-audit-report/2 - Are there any annual certification fees? I just want to get my expectations in place.
Answer: Costs related to surveillance audits need to be questioned directly to your certification body. Normally contracts with certification bodies are set considering a full certification cycle (i.e., certification audit and surveillance audits), so this information about costs may be included in the contract clauses (the recertification cost is similar to the certification cost).
Additional costs you need to pay attention are related to the auditor’s travel costs (if he or she is out of your town), as the client will be responsible for his or her lodging, and the auditors’ fee related to his or her experience in the client's industry because their feedback is considered more valuable.
-
Is ISO 27002 part of ISO 27001?
ISO 27002 is an independent document from ISO 27001. It provides detailed guidance and recommendations for the implementation of controls from ISO 27001 Annex A, but it can be bought and used independently from ISO 27001.
These articles will provide you a further explanation about ISO 27002:
- ISO 27001 vs. ISO 27002 https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
- Relationship between ISO 27701, ISO 27001, and ISO 27002 https://advisera.com/27001academy/blog/2019/12/10/relationship-between-iso-27701-iso-27001-and-iso-27002/
This material will also help you regarding ISO 27002:
- ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
-
ISO 9001:2015 clause 4 internal and external issues vs interested parties
Can you explain ISO 9001:2015 clause 4 internal and external issues vs interested parties, please? Companies use very general terms there.
-
Certificate Maintenance
... ce visits vs. certification audits https://advisera.com/27001academy/knowledgebase/surveillance-visits-vs-certification-audits/
- ISO 27001/ISO 22301: The certification process [free webinar on demand] https://advisera.com/27001academy/webinar/iso-27001iso-22301-certification-process-free-webinar-demand/
- How to choose a certification body https://advisera.com/blog/2021/01/11/how-to-choose-an-iso-certification-body/
2 - What happens if for some reason the organization didn't pay for the annual subscription for two years for example and then wanted to re-certify after that.
First is important to note that there is no such thing as an annual subscription for certification bodies. To keep your certification, you need to undergo surveillance audits at scheduled times, or your certification will be suspended, and in case of prolonged delay (that will be less than two years), the certification will be canceled, and you will need to undergo all the certification process again.
3 - Is there any hidden cost in the process of yearly audit and recertification audit?
Some hidden costs you need to pay attention are related to the auditor’s travel costs (if he or she is out of your town), as the client will be responsible for his or her lodging, and the auditors’ fee related to his or her experience in the client's industry because their feedback is considered more valuable.
For further information, see: