Search results

ISO 9001 Consultant

There are no formal qualifications needed to become consultant or trainer, at least not in most countries. This basically means anyone can become a consultant or trainer, with no qualifications whatsoever.

Your challenge is to be able to win customers. Winning customers mean conveying trust through evidencing experience and qualifications obtained. So, they are not mandatory, but they are important to evidence competence.

You can find more information below:

• How to choose the most appropriate training - https://advisera.com/training/compare/
• How to become an ISO 9001 consultant - https://advisera.com/9001academy/blog/2016/11/15/how-to-become-an-iso-9001-consultant/
• How to choose an ISO 9001 consultant - https://advisera.com/9001academy/blog/2019/11/12/iso-9001-consultant-how-to-hire-the-right-one/
• How to sell your ISO 9001 consulting services - https://advisera.com/9001academy/blog/2017/06/20/how-to-sell-your-iso-9001-consulting-services/
• Free webinar on demand – How to sell ISO consulting services - https://advisera.com/9001academy/webinar/how-to-sell-iso-consulting-services-free-webinar-on-demand/
• Enroll for free course - ISO 9001:2015 Lead Implementer Course - https://advisera.com/training/iso-9001-lead-implementer-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
   

ISO 14001 Aspect and Impact analysis process

If your focus is the environmental assessment of a corporate office, I recommend that you consider two levels:

• The office level; and
• The office decisions that influence other units 

About a) consider the typical office aspects like energy and water consumption, waste generation.

About b) consider for example decisions about business travel, supplier and investment selection, with an environmental component like CO2 emissions.

Please check this information below with more detailed answers:

• Environmental aspect identification and classification - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/environmental-aspect-identification-and-classification/
• Catalogue of environmental aspects - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/catalogue-of-environmental-aspects/
• Free webinar - ISO 14001: Identification and evaluation of environmental aspects - https://advisera.com/14001academy/webinar/iso-14001-identification-and-evaluation-of-environmental-aspects-free-webinar-on-demand/
• ISO 14001 document template: Procedure for Identification and Evaluation of Environmental Aspects and Risks - https://advisera.com/14001academy/documentation/procedure-for-identification-and-evaluation-of-environmental-aspects/
• Enroll for free in this course – ISO 14001:2015 Lead Auditor Course - https://advisera.com/training/iso-14001-lead-auditor-course/
• Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/

Considering ISO 28000 for outsourcing hosting of their software products

ISO 27001 does not require any specific standard to be followed so unless your client has a legal requirement (e.g., law, regulation or contract) demanding the implementation of ISO 28000 (Specification for security management systems for the supply chain), or it considers a good practice worthy to be implemented, there is no need to implement ISO 28000 to fulfill ISO 27001 requirements.

For further information, see:

• How to identify ISMS requirements of interested parties in ISO 27001 https://advisera.com/27001academy/blog/2017/02/06/how-to-identify-isms-requirements-of-interested-parties-in-iso-27001/

Root causes

Finding root cause(s) it is not a theoretical exercise. One must look and investigate the particular situation of each organization. I may say that the root cause is lack of training in ISO 9001:2015

You can find more information below:

• How to use root cause analysis to support corrective actions in your QMS - https://advisera.com/9001academy/blog/2016/03/01/how-to-use-root-cause-analysis-to-support-corrective-actions-in-your-qms/
• Free online training ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Managing ISO Documentation: A Plain English Guide - https://advisera.com/books/managing-iso-documentation-plain-english-guide/

Responsibility of scheduling Surveillance audits

The certification body contacts the certified organization with a proposal for the date of the surveillance audit.

You can find more information below:

• What is an ISO 9001 surveillance audit? - https://advisera.com/9001academy/blog/2016/10/18/what-is-an-iso-9001-surveillance-audit/
• Surveillance visits vs. certification audits - https://advisera.com/27001academy/knowledgebase/surveillance-visits-vs-certification-audits/
• ISO 9001:2015 Lead Auditor Training Course - https://advisera.com/training/iso-9001-lead-auditor-course/
• Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

Money resource

In my point of view money is all over clause 7.1 of ISO 9001:2015. What does a management system do with money?

• Hires people and provide them training and experience to be competent.
• Buys and maintains the needed infrastructure.
• Provides and maintains the right environment for the operation of processes.
• Provides and maintains the monitoring and measuring resources needed.

You can find more information below:

• Understanding Resource Management in ISO 9001 - https://advisera.com/9001academy/blog/2014/02/11/understanding-resource-management-iso-9001/
• ISO 9001:2015 Lead Auditor Training Course - https://advisera.com/training/iso-9001-lead-auditor-course/
• Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

ISO 14001 Clause 6.1.1 & 6.1.2

As per ISO 14001:2015, Clause 6,1.1. and 6.1.2, is it mandatory to carry out an environmental risk assessment and environmental aspects and impacts assessments as well as maintain its individual register required?

Answer:

Yes, it is mandatory to carry out an environmental risk assessment and environmental aspects and impacts assessments.

About the individual register, an organization needs to maintain one for all environmental aspects and impacts. About the risks and opportunities what is mandatory to maintain is register of those deemed to relevant enough to be addressed. Please check this article - List of mandatory documents required by ISO 14001:2015 - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/list-of-mandatory-documents-required-by-iso-140012015/

differentiate environmental risk and environmental impacts

Answer:

Determining environmental aspects is determining how an organization interacts with the environment. For example:

Determining risks and opportunities of an organization, according to ISO 14001:2015, is based on its environmental aspects, compliance obligations, and context and interested parties.

For example, concerning environmental aspects we can have:

Since organizations have to consider the lifecycle of its products and services, do not forget to consider risks and opportunities around your products and services during use or final disposal.

For example, concerning compliance obligations, and context and interested parties we can have for example, the above organization can realize that neighbors (an interested party) are pressuring local authorities to not allow its expansion (an external issue) due to non-compliance with wastewater discharging legislation (compliance obligations) translated into river pollution.+

Please check risk definition (3.2.10) on ISO 14001:2015 (effect of uncertainty). With environmental aspects and impacts we are considering normal, expected situations, like startup and closing down operations, but also abnormal and emergency situations. Whenever there is uncertainty there is risk or opportunities, there is a potential deviation from the expected.

About determining risks based on environmental aspects and compliance obligations I see that different organizations follow different approaches:

1. There are organizations that determine their environmental aspects and use a risk and opportunities assessment to determine its significant environmental aspects. (Please see the end of the second paragraph of Annex A.6.1.1 of ISO 14001:2015)

2. There are organizations that determine their environmental aspects evaluate them and determine the significant ones and use a risk and opportunities assessment to determine which ones need an action plan, and which ones need only to be monitored.

3. There are organizations that only apply the risk-based approach to the context part. In a certain way they are following the same approach as 1 without explicitly mentioning it.

Please check this information below with more detailed answers:

• Environmental aspect identification and classification - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/environmental-aspect-identification-and-classification/
• Catalogue of environmental aspects - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/catalogue-of-environmental-aspects/
• ISO 14001 risks and opportunities vs. environmental aspects - https://advisera.com/14001academy/blog/2016/03/21/how-does-product-life-cycle-influence-environmental-aspects-according-to-iso-140012015/
• Risks and opportunities in ISO 14001:2015 – What they are and why they are important - https://advisera.com/14001academy/blog/2016/03/07/risks-and-opportunities-in-iso-140012015-what-they-are-and-why-they-are-important/
• Free webinar - ISO 14001: Identification and evaluation of environmental aspects - https://advisera.com/14001academy/webinar/iso-14001-identification-and-evaluation-of-environmental-aspects-free-webinar-on-demand/
• ISO 14001 document template: Procedure for Identification and Evaluation of Environmental Aspects and Risks - https://advisera.com/14001academy/documentation/procedure-for-identification-and-evaluation-of-environmental-aspects/
• Enroll for free in this course – ISO 14001:2015 Lead Auditor Course - https://advisera.com/training/iso-14001-lead-auditor-course/
• Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/
   

Certification ISO au niveau d'un point de vente assurance

Je ne sais pas si j'ai bien compris votre question. Pour le contexte, je considérerais deux niveaux: local et dans le cadre d'une organisation plus large. Pour le contexte interne, je considérerais le type de sujets qui continuent d'apparaître dans les réunions sur la performance, qui continuent d'apparaître dans les plaintes, les rapports et les audits.

Pour le contexte externe, j'utiliserais la méthodologie PESTLE (politique, économie, social, technologique, législation, environnement) pour déterminer les topiques pertinents.

Vous pouvez trouver plus d'informations ci-dessous :

• How to identify the context of the organization in ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-identify-the-context-of-the-organization-in-iso-90012015/
• Free webinar on demand - ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope - https://advisera.com/9001academy/webinar/iso-90012015-clause-4-context-of-the-organization-interested-parties-and-scope-free-webinar-on-demand/
• Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
• Book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

Is clean room installation mandatory?

No, there is no strict requirement in ISO 13485:2016 that the cleanroom has to be installed. However, stated is the following:

In section 6.4.1 Work environment, is stated that the manufacturer needs to document requirements for the work environment needed to achieve conformity of the product with the specification. If the conditions of the work environment have adverse effects on product quality, besides documenting the requirements for the work environment, the manufacturer also must document the procedure foto monitro and control the work environment. Therefore, it is the manufacturer's decision depending on the type of the medical device, will cleanroom will be installed or not.In section 6.4.2 Contamination control, for sterile medical devices is stated that manufacturer must document requirements for control of contamination with microorganisms or particular matter and maintain the required cleanliness during assembly or packaging process.

For more information on this topic, please see the following articles:

• Managing cleanliness of a product and contamination control according to ISO 13485:2016 https://advisera.com/13485academy/blog/2017/07/04/managing-cleanliness-of-a-product-and-contamination-control-according-to-iso-134852016/
• Managing medical device infrastructure requirements according to ISO 13485:2016 https://advisera.com/13485academy/blog/2017/06/28/managing-medical-device-infrastructure-requirements-according-to-iso-13485/

• Does GDPR applies just for European people?

  Article 3 GDPR ruling the territorial scope and states that GDPR applies if:

  • The controller or the processor carries out the data processing within the E.U. (therefore, your Spanish hosting as the data processor will apply GDPR)
  • The data processing refers to data subjects within the E.U. where the processing activities relate to the offering of goods and services to data subjects in the E.U. and the monitoring of data subjects behavior as far as it happens within the E.U.
  • The data processing is carried outside the E.U. but the E.U. Member State law applies in force of International law (i.e. your company based in LATAM is under some E.U. country legislation)

  So, if your company is based outside E.U. and all data processed do not refer to European people, you will not apply GDPR. On the contrary, if your company is based in the E.U. you will need to comply with GDPR even if data processed belong to LATAM individuals.

  Here you can find more information:

  • Article 3 GDPR: https://advisera.com/eugdpracademy/gdpr/territorial-scope/
  • What is the EU GDPR and why is it applicable to the whole world? https://advisera.com/eugdpracademy/knowledgebase/what-is-the-eu-gdpr-and-why-is-it-applicable-to-the-whole-world/
  • Is the GDPR applicable to our company? https://advisera.com/eugdpracademy/knowledgebase/who-needs-to-be-gdpr-compliant-an-easy-explanation/
  • 9 steps for implementing GDPR https://advisera.com/articles/9-steps-for-implementing-gdpr/
  • List of mandatory documents required by EU GDPR https://advisera.com/articles/list-of-mandatory-documents-required-by-eu-gdpr/
  • A summary of 10 key GDPR requirements https://advisera.com/eugdpracademy/knowledgebase/a-summary-of-10-key-gdpr-requirements/

  You can also consider enrolling in our free EU GDPR Foundations Course

  • EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course//