Search results

Home / Search

Category:

Sort by:

Select

Types of user:

Select

11272 results

Guest

Create New Topic As guest or Sign in

Business department* About business* Organization size*

Title *

Body *

HTML tags are not allowed

Category *

Select

Assign topic to the user

Select user

ISO 9001 Question

I start showing that interaction through a picture like this one.

Then, in each process description I list the main relevant clauses.

The following material will provide you more information about the process approach:
- Free webinar on demand - The Process Approach - What it is, why it is important, and how to do it - https://advisera.com/9001academy/webinar/iso-9001-process-approach-free-webinar-on-demand/ - please check how training can be related with the process approach
- Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
- Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ - where I extensively use the process approach.
ISO 9001 Remote Audit Procedure

Unfortunately, we still have not develop that procedure, but perhaps this free webinar on demand can help you - - How to perform an internal audit remotely - https://advisera.com/9001academy/webinar/remote-internal-audit-free-webinar-on-demand/ a detailed explanation about how to remotely audit operations using a tablet, a smartphone, CCTV or a drone.

You can find more information below:
- What are the benefits and barriers when performing remote audits? - https://advisera.com/articles/what-are-benefits-and-barriers-when-performing-remote-audits/
- ISO 9001:2015 Internal Auditor Course: https://advisera.com/training/iso-9001-internal-auditor-course/
- Book - ISO internal audit: A plain English guide: https://advisera.com/books/iso-internal-audit-plain-english-guide/
ISO 9001 Creating Risk and Opportunities Assessment

The risk-based thinking (RBT) should be an ongoing process, it can’t be done once a year and considered as effective. The best way to apply is through the PDCA cycle.

First you should define the scope of RBT. According to clauses 4.4.1 f), 5.1.2 b) and 6.1 of ISO 9001:2015 I recommend determining risks around processes, around products and services and around processes.

About the methodology to treat risks and opportunities there are a lot of available methodologies and there is no single methodology that will fit all organizations. My advice is to do a little research and select the methodology according to criteria that you find appropriate.

Determine the risks and opportunities. Although not mandatory, I recommend using a register to record risks and opportunities.

Next step is, of course, to conduct the risk evaluation. The best way is to include relevant people from your organization and get the most relevant information and data needed for the evaluation. I use and recommend using a simple approach like the one embodied in the following matrix:

For opportunities think advantage instead of severity.

Once you identify unacceptable risk, you need to create the plan for mitigation of those risks. This can be done in same way you performed the preventive actions.

And, at the end, you need to do a follow up to determine whether the actions for risk mitigation were effective and if the risk assessment methodology or scope should be altered. If there is need for further action, you need to initiate corrective actions.

Consider the non-conformities, complaints, devolutions, lost customers as signs, as warnings about the quality to update of the risk assessment or of the risk evaluation. Are they signaling that changes must be made?

You can find more information below.
- How to address risks and opportunities in ISO 9001: https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/
- Does ISO 9001 require a procedure for addressing risks and opportunities?: https://advisera.com/9001academy/blog/2017/10/10/does-iso-9001-require-a-procedure-for-addressing-risks-and-opportunities/
- Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
ISO 9001 Pregunta

Lo primero q debe contar es con el apoyo de la dirección para que pueda facilitar todos los recursos necesarios, tanto económicos como de personal, para llevar a cabo un proyecto de tal complejidad.

Posteriormente puede hacer un análisis GAP o de brecha para saber con qué requisitos ya cuenta y con cuáles debe aún cumplir. En este enlace puede realizar este análisis de forma gratuita - Herramienta de análisis de brecha ISO 9001: https://advisera.com/9001academy/es/herramienta-analisis-de-brecha-iso-9001/

Así mismo, le recomiendo establecer un Plan de Proyecto, en el que determine cada uno de los hitos del proyecto, responsabilidades y metas. Aquí puede descargar un Plan de Proyecto gratuito para ISO 9001:2015 - Project Plan for ISo 9001 implementation: https://info.advisera.com/9001academy/free-download/project-plan-for-iso-9001-implementation-ms-word

Más tarde ya puede comenzar a determinar la política de calidad, los objetivos del SGC, el contexto de la organización y así hasta llegar a la auditoría interna y la revisión por la dirección.

En el caso de un laboratorio de materiales debe de poner especial atención a la cláusula 7.1.5 de Recursos de seguimiento y medición.

Estos materiales pueden serle de utilidad para la implantación de la norma en un laboratorio de materiales

- Monitoring and measurement equipment control: https://advisera.com/9001academy/blog/2014/05/06/monitoring-measurement-equipment-control/

- ISO 9001 audit checklist for laboratory: https://advisera.com/9001academy/blog/2018/09/04/iso-9001-audit-checklist-for-laboratory/

- ISO 9001 implementation diagram: https://info.advisera.com/9001academy/free-download/iso-9001-implementation-diagram

- Curso de Fundamentos de la norma ISO 9001:2015: https://advisera.com/es/formacion/curso-fundamentos-iso-9001/

- Discover ISO 9001:2015 through practicale examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
ISO 9001 introduction to the staff

As part of the induction for all staff I recommend following clause 7.3 of ISO 9001:2015. Each function may have its specific requirements for competence and awareness, but for all people it is a must to know the quality policy. Not verbatim, but the sense, the meaning, the purpose behind it. All people must know the quality objectives, or at least those that they can contribute to or influence. All people must know how they can contribute to an effective quality management system and what may be the consequences of non-conformities.

You can find more information below
- How to ensure competence and awareness in ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-ensure-competence-and-awareness-in-iso-90012015/
  ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
Cold calling via e-mail to website visitors or potential customers with a presumed interest

A general email address like info@... is not considered as personal data, so you can send emails to companies to present your services. Email addresses with name or surname (direct contact) are personal data under GDPR. These direct contacts are not published to receive advertising or promoting contacts, the person who published it does not attend to receive such email (unless the text around it allows you to believe otherwise) so that it would not be appropriate to contact them.

However, if you model your email as a cold email using legitimate interest as a legal ground, you can present your company and the advantages in working with you and underline that you are contacting them because they are looking for a similar profile. This would be in line with GDPR requirements.

Here you can find more information:
- Is consent needed? Six legal bases to process data according to GDPR https://advisera.com/eugdpracademy/knowledgebase/is-consent-needed-six-legal-bases-to-process-data-according-to-gdpr/
- How does GDPR impact marketing activities? https://advisera.com/eugdpracademy/blog/2018/02/08/how-does-gdpr-impact-marketing-activities/
- How does GDPR affect digital marketing? https://advisera.com/eugdpracademy/blog/2019/02/20/how-does-gdpr-affect-digital-marketing/
You can consider enrolling in our free EU GDPR Foundations Course:
- EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course//
- Do internal auditors need training?
  
  Yes, system internal auditors must receive training on the following topics according to IATF 16949:2016 standard clause 7.2.3.
  - ISO 9001:2015 and IATF 16949:2016 standard knowledge
  - Risk-based thinking based automotive process approach internal auditor training
  - Core tools training (FMEA, SPC, MSA, APQP, PPAP, etc)
  - Customer-specific requirements knowledge
  For more information, please read the following article:
  - Requirements for the competence of IATF 16949 internal auditors https://advisera.com/16949academy/blog/2017/10/19/requirements-for-competence-of-iatf-16949-internal-auditors/
  You can consider enrolling in our free courses:
  - ISO 9001:2015 Foundations Course https://advisera.com/training/iso-9001-foundations-course/
  - ISO 9001:2015 Internal Auditor Course https://advisera.com/training/iso-9001-internal-auditor-course/
  - ISMS
    
    Please note that besides documents and records required by the standard, legal, statutory, and business requirements related to the ISMS may also require documents and records to be kept, such as:
    - contracts
    - blueprints and specifications
    - manuals
    Considering that, you need to identify legal, statutory, and business requirements related to your ISMS to identify documents and records that you need to present during the audit.
    
    This article will provide you a further explanation about the identification of requirements:
    - How to identify ISMS requirements of interested parties in ISO 27001 https://advisera.com/27001academy/blog/2017/02/06/how-to-identify-isms-requirements-of-interested-parties-in-iso-27001/
  - Document/template used for the context of the organisation in ISO 27001 toolkit
    
    Please note that ISO 27001 does not require documenting the context of the organization and this is especially not recommended for smaller organizations - you only need to take into the context of the organization when defining the scope and doing the risk assessment.
    
    You can read more here:
    - Explanation of ISO 27001:2013 clause 4.1 (Understanding the organization) https://advisera.com/27001academy/knowledgebase/how-to-define-context-of-the-organization-according-to-iso-27001/

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +

Search results

11272 results

Create New Topic As guest or Sign in

Assign topic to the user

Want to vote?

ISO 9001 Question

ISO 9001 Remote Audit Procedure

ISO 9001 Creating Risk and Opportunities Assessment

ISO 9001 Pregunta

ISO 9001 introduction to the staff

Cold calling via e-mail to website visitors or potential customers with a presumed interest

Do internal auditors need training?

ISMS

Document/template used for the context of the organisation in ISO 27001 toolkit

Didn’t find an answer?