Search results

Assessment/Treatment Methodology

The list of legal, regulatory, and contractual or other requirements summarizes all requirements, interested parties, and responsible persons for complying with requirements that must be fulfilled by the ISMS.

An example of how to fill in the List of Legal, Regulatory, Contractual, and Other Requirements, is this scenario:

A customer has a service level agreement with your company which defines, on clause 32-b, that in case of a disruptive incident, access to information system ABC must be restored to at least 30% of normal capacity in no more than 24 hours. In this case, the person responsible for system ABC is responsible to ensure compliance of the system to this requirement. Then your document would be like this:

Interested party: Customer Jon
Requirement: Clause 32-b (recovering access to system ABC to at least 30% of normal capacity in no more than 24 hours)
Document: Service level agreement
Person responsible for compliance: System ABC administrator
Deadline: 24 hours after the occurrence of disruptive incident which makes access to system ABC unavailable

To see how a list of legal, regulatory and contractual or other requirements looks like, please take a look at the free demo of our List of Legal, Regulatory, Contractual and Other Requirements at this link: https://advisera.com/27001academy/documentation/list-of-legal-regulatory-contractual-and-other-requirements/

This article will provide you a further explanation about the list of requirements:

• How to identify interested parties according to ISO 27001 and ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-identify-interested-parties-according-to-iso-27001-and-iso-22301//
• How to identify ISMS requirements of interested parties in ISO 27001 https://advisera.com/27001academy/blog/2017/02/06/how-to-identify-isms-requirements-of-interested-parties-in-iso-27001/

ISO 22301 Accreditation

 PECB does not require a specific set of courses or curriculum of study as part of the certification process, so self-study or third party training are optional. If you go for training, the completion of a recognized PECB course or program of study would be a better approach.

For further information, see: https://pecb.com/en/examination-rules-and-policies

Online internal audit

Thanks and noted but my query was related to online Internal Audit. Also i would like to inform in India one online external audit was performed. if you required, i can give you details. 

Surveillance audit

The surveillance audit will be used to verify that the quality management system is still working, and procedures are being used. Particular attention will be paid to verifying the actions taken to close any non-conformities raised during the certification audit. The records associated with the system review, internal audits, complaints, treatment of non-conformities and development of corrective actions will be audited. some processes will be audited at random to prove that the system continues to be followed.

You can find more information below:

• What is an ISO 9001 surveillance audit? - https://advisera.com/9001academy/blog/2016/10/18/what-is-an-iso-9001-surveillance-audit/
• Surveillance visits vs. certification audits - https://advisera.com/27001academy/knowledgebase/surveillance-visits-vs-certification-audits/
• ISO 9001:2015 Lead Auditor Training Course - https://advisera.com/training/iso-9001-lead-auditor-course/
• Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

ISO 9001 for companies vs individuals

Yes, ISO 9001:2015 is for organizations, not for individuals. If you want to be qualified in relation to ISO 9001:2015 you can look for courses where you can get a certificate.

You can find more information below:

• Quality Certification - https://advisera.com/9001academy/knowledgebase/quality-certification/
• ISO 9001 online training - https://advisera.com/training/iso-9001-courses/

Validation, Qualification, and Verification procedure

My first instinct was to recommend you check ISO 9000:2015 definitions, but then I realized that ISO 9000:2015 uses qualification and verification interchangeably. Verification is commonly used in design activities to name a set of activities done to confirm that specifications were met. Meeting specifications is not a guarantee that requirements for intended use are met, that is the topic of validation: confirmation that requirements for intended use are met. Now, about qualification I have doubts about what you want to mean with it. Perhaps, qualification is the state after a verification well succeeded.

You can find more information below:

• The ISO 9001 Design Process Explained - https://advisera.com/9001academy/blog/2013/11/05/iso-9001-design-process-explained/
• About conducting design and development reviews consider - ISO9001 Design Verification vs Design Validation - https://advisera.com/9001academy/knowledgebase/iso9001-design-verification-vs-design-validation/
• ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
   

Statutory and regulatory requirements

There is no universal answer, a specific answer for your own organization will depend on its organization chart and job descriptions. I see many maintenance departments being held responsible for fleet inspection management.

You can find more information on Statutory and regulatory requirements below:

• What does “external documents control” mean in ISO 9001? - https://advisera.com/9001academy/blog/2019/02/04/what-does-external-documents-control-mean-in-iso-9001/
• How to include statutory and regulatory requirements in your QMS - https://advisera.com/9001academy/blog/2017/02/14/how-to-include-statutory-and-regulatory-requirements-in-your-qms/
• Free on-line course - ISO 9001:2015 Foundations Course: https://advisera.com/training/iso-9001-foundations-course/
• Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

Auditing internal audit processes

I start by checking if they have an annual audit program. If the program is approved and is being followed. I pick two internal audits and ask to see the audit reports. After checking the name of the auditors, I ask to see evidence that they comply with the organization’s requirements for competence. If there were non-conformities raised I ask to see if they were treated and properly closed.
If there is an internal audit procedure I can check if the right forms were used and if records are correctly kept.

You can find more information below:

• How to deal with nonconformities in an ISO 9001 certification audit - https://advisera.com/9001academy/blog/2015/06/09/how-to-deal-with-nonconformities-in-an-iso-9001-certification-audit/
• How to write a good ISO 9001 audit nonconformity? - https://advisera.com/9001academy/blog/2018/04/24/how-to-write-a-good-iso-9001-audit-nonconformity/
• Free webinar on-demand - How to perform an ISO 9001:2015 internal audit - https://advisera.com/9001academy/webinar/how-to-perform-an-iso-9001-2015-internal-audit-free-webinar-on-demand/
• ISO 9001:2015 Internal Auditor Course - https://advisera.com/training/iso-14001-internal-auditor-course/ ernal-auditor-course/
• ISO Internal Audit: A Plain English Guide - https://advisera.com/books/iso-internal-audit-plain-english-guide/

ISO 14001 compliance in local municipality

I listed below a set of links that can help you start your draft proposal. What can be the benefits for the municipality and its interested parties? What environmental aspects and impacts? What risks and opportunities? From there a project plan to meet environmental objectives and improve the relationship with the environment.

• ISO 14001 Knowledge Base - https://advisera.com/14001academy/knowledgebase/
• Is a gap analysis desirable for ISO 14001 implementation? - https://advisera.com/14001academy/blog/2016/11/14/is-a-gap-analysis-desirable-for-iso-14001-implementation/
• Project checklist for ISO 14001 implementation - https://info.advisera.com/14001academy/free-download/project-checklist-for-iso-14001-implementation
• ISO 14001:2015 Implementation diagram - https://info.advisera.com/14001academy/free-download/iso-14001-2015-implementation-diagram
• Enroll for free in this course – ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-foundations-course/
• Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/