Search results

OOS/Deviation

I believe OOS stands for Out Of Specification. You can find help in ISO 9001:2015 clause 8.7.

When you find OOS product you have to segregate that product to avoid unintended use and you have to decide what to do with it:

• Ship as it is after talking with client;
• Correct or rework the product;
• Downgrade the product as 2nd grade or off-grade 

The following material will provide you more information:

• ISO 9001 – Understanding dispositions for ISO 9001 nonconforming product - https://advisera.com/9001academy/blog/2014/11/18/understanding-dispositions-iso-9001-nonconforming-product/
• Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
   

Design and development in service provision industry

I have no experience in the security provider industry. I’m sure the industry has to follow guidelines from regulatory bodies. If they exist, they set a kind of general process to be followed. For example, I found on the internet the OCC Bulletin 2004-20, "Risk Management of New, Expanded, or Modified Bank Products and Services: Risk Management Process,". 

I suppose that the process was updated in 2017 with this - https://www.occ.treas.gov/news-issuances/bulletins/2017/bulletin-2017-43.html So, a possible process can be:

• After validation of the conceptual idea for the product
• List all inputs for design and development (part of due diligence – Step A)
• Follow the process activities (Steps A, B and C)
• Apply controls (reviews, verifications and validations)
• Define product specifications, advance with product registration, 
• Market and distribute new product
• Launch new product
   

The following material will provide you more information:

• The ISO 9001 Design Process Explained - https://advisera.com/9001academy/blog/2013/11/05/iso-9001-design-process-explained/
• About conducting design and development reviews consider - ISO9001 Design Verification vs Design Validation - https://advisera.com/9001academy/knowledgebase/iso9001-design-verification-vs-design-validation/
• ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/

Conformio implementation plan with ISO 27001

Conformio platform has basic Document Management System features that fulfill ISO 27001 document management requirements, so you can keep all your ISO 27001 related documents in Conformio.

This article will provide you a further explanation about the document management:

• Document management in ISO 27001 & BS 25999-2 https://advisera.com/27001academy/blog/2010/03/30/document-management-within-iso-27001-bs-25999-2/

Roles and responsibilities for ISMS specific processes

ISO 27001 does not prescribe roles to be defined, so organizations are free to define them according to their needs.

Regarding responsibilities, ISO 27001 only requires the definitions of these responsibilities:

• ensuring that the ISMS conforms to the requirements of the standard
• reporting on the performance of the ISMS to top management.

Other responsibilities the organizations can define according to their needs.

These articles will provide you a further explanation about roles and responsibilities:

• Roles and responsibilities of top management in ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/06/09/roles-and-responsibilities-of-top-management-in-iso-27001-and-iso-22301/
• How to document roles and responsibilities according to ISO 27001 https://advisera.com/27001academy/blog/2016/06/20/how-to-document-roles-and-responsibilities-according-to-iso-27001/

These materials will also help you regarding roles and responsibilities:

• Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
• ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/

Strategies for training employees in ISO 9001

Try small blocks of time with very specific objectives linked to business results or business benefits.

Use different approaches: classroom training; games that people play and simultaneously test topics related with ISO 9001 – ISO 9001 comes as answer to a problem and not as something pushed; on-job training where you start with what people do, with the purpose of what they do, with what can go wrong and how ISO 9001 can help minimize wrongs and increase rights.

The following material will provide you more information:

• Article - How to ensure competence and awareness in ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-ensure-competence-and-awareness-in-iso-90012015/
• Article - What are the benefits of ISO 9001 for your employees? - https://advisera.com/9001academy/blog/2016/06/14/what-are-the-benefits-of-iso-9001-for-your-employees/
• Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

Technical requirements for a physico-chemical lab

Thank you a lot for this answer. The links are also very useful for implementation.

Requirement for laboratory recognition scheme in BIS

1. What is the requirement for laboratory recognition scheme in BIS?

The National Standards Body of India, the Bureau of Indian Standards (BIS), specifies the requirements for their laboratory recognition scheme on their website, available at https://bis.gov.in/wp-content/uploads/2020/06/LRS_23062020.pdf. This scheme recognizes laboratories in India or outside India as suitable for carrying out testing activities assign to it, performed on behalf of Bureau. This includes accreditation to ISO 17025:2017, along with other statutory provisions. For example, there are additional prescriptive requirements for impartiality, in addition to ISO 17025 where the laboratory has to submit a signed undertaking and a code of ethics a prescribed format that they supply.

2. Which way it has to be aligned with BIS?"

The national Indian standard (BIS) IS/ISO/IEC 17025:2017 General Requirements for the Competence of Testing and Calibration Laboratories is identical to ISO/IEC 17025:2017. It is a mandatory requirement of the BIS laboratory recognition scheme that a laboratory is accredited to  ISO 17025:2017. All the test parameters of interest, prescribed in National Indian Standards must be included in the ISO 17025 scope of accreditation.

For further information on ISO 17025, these links may be of interest:

• The article What is ISO 17025? at https://advisera.com/17025academy/what-is-iso-17025/
• The Comparison matrices for ISO/IEC 17025 implementation solutions at https://advisera.com/17025academy/comparison/
• Diagram of ISO 17025 Implementation Process at https://info.advisera.com/17025academy/free-download/diagram-of-iso-17025-implementation-process
• The Advisera ISO/IEC 17025:2017 Documentation Toolkit at https://advisera.com/17025academy/iso-17025-documentation-toolkit/
• The Free webinar – What are the steps in the ISO 17025 accreditation process? at https://advisera.com/17025academy/webinar/what-are-the-steps-in-the-iso-17025-accreditation-process-free-webinar-on-demand/

Organizational context question

What is correlation about organization context & needs and expectations with environmental aspect?

Answer:

For example, an organization has determined these environmental aspects:

When that organization determined its internal issues registered this one:

• our wastewater treatment facility is becoming more and more incapable of treating all the wastewater due to strong production increase.

When that organization determined its interested parties and their needs and expectations registered these two:

• neighbors from the local community are a relevant interested party and they expect, they hope that the river beach can continue to be used and not be harmed by polluting discharges
• local authorities expect than environmental legislation is complied. 

Can you see a risk emerging from that internal issue here? Can you see how the interested parties make that risk critical? And all that related with environmental aspects.

It is mandatory to synchronize? If yes, how to synchronize it?

Answer:

No, it is not mandatory to synchronize, only if you found relevant interactions that can affect your relationship with the environment in significant ways. I hope I demonstrated above how to do it.

And how about risk & opportunity? What is difference with environmental aspect?

I hope the example and figure above showed the difference. Environmental aspects is about how your organization interacts with the environment. Risks and opportunities are about a potential deviation from the expected due to the presence of uncertainty.

Does a risk and opportunity have to assessed (quantitative)? 

Risks and opportunities should be evaluated but it is not mandatory to do it through a quantitative scale

Please check this information below with more detailed answers:

• Environmental aspect identification and classification - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/environmental-aspect-identification-and-classification/
• Catalogue of environmental aspects - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/catalogue-of-environmental-aspects/
• ISO 14001 risks and opportunities vs. environmental aspects - https://advisera.com/14001academy/blog/2016/03/21/how-does-product-life-cycle-influence-environmental-aspects-according-to-iso-140012015/
• Risks and opportunities in ISO 14001:2015 – What they are and why they are important - https://advisera.com/14001academy/blog/2016/03/07/risks-and-opportunities-in-iso-140012015-what-they-are-and-why-they-are-important/
• Free webinar - ISO 14001: Identification and evaluation of environmental aspects - https://advisera.com/14001academy/webinar/iso-14001-identification-and-evaluation-of-environmental-aspects-free-webinar-on-demand/
• ISO 14001 document template: Procedure for Identification and Evaluation of Environmental Aspects and Risks - https://advisera.com/14001academy/documentation/procedure-for-identification-and-evaluation-of-environmental-aspects/
• Enroll for free in this course – ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
• Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/
   

Individual or global aspect register

As far as I understand your question, it is preferable to keep an aspect and impact register per individual site. ISO 14001:2015 definition of environmental aspect states, “element of an organization’s activities or products” and when organizations want to evaluate the significance of a particular aspect and impact it is important to be aware of the specific situation. Different individual sites may have the same environmental aspects, but their significance can be very different.

Please check this information below with more detailed answers:

• Article - Environmental aspect identification and classification - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/environmental-aspect-identification-and-classification/
• Article - Catalogue of environmental aspects - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/catalogue-of-environmental-aspects/
• Enroll for free in this course – ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
• Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/
   

ISO 14001 questions

If I want to implement ISO 14001, how many % I need to have in legal requirements?

Answer:

Getting certification against ISO 14001:2015 requires complying with all applicable legal requirements?

Every single environmental aspect shall determine if can control or can influence?

Answer:

Yes, for every single environmental aspect an organization must determine if can control or influence.

Please check this information below with more detailed answers:

• Demystification of legal requirements in ISO 14001 - https://advisera.com/14001academy/blog/2014/10/01/demystification-legal-requirements-iso-14001/
• Environmental aspect identification and classification - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/environmental-aspect-identification-and-classification/
• Catalogue of environmental aspects - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/catalogue-of-environmental-aspects/
• Free webinar - ISO 14001: Identification and evaluation of environmental aspects - https://advisera.com/14001academy/webinar/iso-14001-identification-and-evaluation-of-environmental-aspects-free-webinar-on-demand/
• ISO 14001 document template: Procedure for Identification and Evaluation of Environmental Aspects and Risks - https://advisera.com/14001academy/documentation/procedure-for-identification-and-evaluation-of-environmental-aspects/
• Enroll for free in this course – ISO 14001:2015 Lead Auditor Course - https://advisera.com/training/iso-14001-lead-auditor-course/
• Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/