Search results

Training on ITIL

Training on ITIL covers some topics related to information security that can provide evidence of competence that can help achieve ISO 27001 compliance.

These articles will provide you a further explanation about competences, ITIL, and ISO 27001:

• How to perform training & awareness for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/05/19/how-to-perform-training-awareness-for-iso-27001-and-iso-22301/
• ISO 27001 vs. ITIL: Similarities and differences https://advisera.com/27001academy/blog/2016/03/07/iso-27001-vs-itil-similarities-and-differences/
• Using ITIL to implement ISO 27001 incident management https://advisera.com/27001academy/blog/2015/11/10/using-itil-to-implement-iso-27001-incident-management/t/

This material will also help you regarding competences on information security:

• Free Security Awareness Training: https://advisera.com/training/awareness-session/security-awareness-training/ - this is a series of 25 videos that cover various topics related to security.

Table Top Exercise /Drill Validity in meeting ISMS Certification

ISO 27001 does not prescribe how to test a Disaster Recovery Plan, so organizations are free to use the approach that better suits them, provided they can show evidence that the plan is fit for purpose.

This article will provide you a further explanation about testing a DRP (although it is about ISO 22301, the same concepts apply to ISO 27001):

• How to perform business continuity exercising and testing according to ISO 22301 https://advisera.com/27001academy/blog/2015/02/02/how-to-perform-business-continuity-exercising-and-testing-according-to-iso-22301/

This material will also help you regarding a DRP:

• Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/

ISO Environment

Thank you for your answer.

ISO 9001 Quality Analyst

ISO 9001 can be useful for a Quality Analyst to develop a management view about how an organization works, that way it can be useful for evolving for other positions in an organization. It can be a way of moving from a technical to a management position.

The following material will provide you more information:

• What is ISO 9001? - https://advisera.com/9001academy/what-is-iso-9001/
• The history and future of the ISO 9000 series of standards - https://advisera.com/9001academy/blog/2019/04/15/history-of-the-iso-9000-series-of-standards-and-what-to-expect-next/
• Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
• Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

Need for gage R&R

IATF 16949: 2016 standard, article 7.1.5.1.1 states that statistical studies must be carried out for each type of measuring instrument specified in the control plan.  Since Torque wrench is a measuring instrument that should be specified in the control plan; the statistical study should be done. You can use GRR or another MSA method.

For more information please see the following article:

• How to Establish Measurement System Analysis According to IATF 16949 https://advisera.com/16949academy/blog/2017/11/08/how-to-establish-measurement-system-analysis-according-to-iatf-16949/

• Audit practice

  You can offer your audit services for:

  • friends working at other companies;
  • consulting companies that outsource auditing services;
  • consultants that outsource auditing services.
  • potential customers through promoting your services in business professional networks and business marketplaces.

  Find a way of documenting and giving credibility to your knowledge and preparation. Potential clients must be aware of your competence. About competence: Can you provide evidences of experience as auditor? Can you provide evidence of training as auditor? Can you provide evidence of certification as auditor to provide image and credibility?

  Potential clients must be aware of your existence. You must develop your own brand by evidencing your knowledge and experience. You evidence your knowledge when you write. You should write. Share what you know, share your experience and results, share testimonies of your clients about the outcomes of working with you. Use blogs, professional networks, trade magazines, use your LinkedIn profile, make presentations at conferences. And don’t forget to develop a network of contacts. Consultants implementing quality management systems always need an independent first party auditor. So, you can contact them and offer your services. As soon as you have enough experience as internal auditor you can contact certification bodies to offer your services as third party auditor.

  The following material will provide you more information:

  • How to sell your ISO 9001 consulting services - https://advisera.com/9001academy/blog/2017/06/20/how-to-sell-your-iso-9001-consulting-services/
  • ISO 9001:2015 Lead Auditor Training Course - https://advisera.com/training/iso-9001-lead-auditor-course/
  • Book - ISO internal audit: A plain English guide: https://advisera.com/books/iso-internal-audit-plain-english-guide/

• Keeping track of data on context of organization

  ISO 14001 does not require context of the organization (internal and external issues) to be documented. However, you can record your internal and external issues on a register, a table, or translate them into a SWOT matrix. This document can be kept separately or can be an appendix to a manual.

  Periodically, or when relevant your organization should update and evaluate if some issues became more or less important and if new issues appeared.

  Please check this information below with more detailed answers:

  • Determining the context of the organization in ISO 14001 https://advisera.com/14001academy/knowledgebase/determining-the-context-of-the-organization-in-iso-14001/
  • Enroll for free in the course - ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
  • Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/

• Integrating business success with ISO 9001

  Think about the business management system instead of a quality management system. Integrate your strategic orientation in the business management system. How? Start by determining what is your organization’s competitive advantage and who are your target customers. Develop a quality policy that clearly answers to Who are we? Whom do we serve? What are the few relevant things that we must be excellent at to satisfy target customers? Develop objectives that are relevant for the business and aligned with strategy. Develop action plans that execute the strategy and allow meeting business objectives. Then, working with the process approach and disciplined monitorization will do the rest.

  The following material will provide you more information:

  • Aligning quality objectives of the QMS with the strategic direction of the company - https://advisera.com/9001academy/blog/2017/03/07/aligning-quality-objectives-of-the-qms-with-the-strategic-direction-of-the-company/
  • Free webinar on demand where I develop the challenge of working with relevant indicators - Measurement, analysis, and improvement according to ISO 9001:2015 - https://advisera.com/9001academy/webinar/measurement-analysis-and-improvement-according-to-iso-9001-2015-free-webinar/
  • Free webinar on demand - The Process Approach - What it is, why it is important, and how to do it - https://advisera.com/9001academy/webinar/iso-9001-process-approach-free-webinar-on-demand/
  • Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
  • I base this book in the process approach - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

• Keeping track of aspect/impact register

  As far as I understand your question, you made your organization’s initial environmental assessment where you determined aspects and impacts and recorded them on a register. After evaluation of significance your organization developed action plans to control, prevent, eliminate or minimize, the most significant impacts. Periodically, your organization, due to changes in legislation, due to new products and services, due to investments in the facilities, due to the impact of previous action plans, may need to update either the aspects and impacts in the register, either their evaluation. For example, a successful action plan may make a previous significant aspect/impact as non-significant now.

  Please check this information below with more detailed answers:

  • 4 steps in identification and evaluation of environmental aspects - https://advisera.com/14001academy/knowledgebase/4-steps-in-identification-and-evaluation-of-environmental-aspects/
  • Enroll for free in this course – ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
  • Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/