Search results

Home / Search

Category:
Select
Select

11269 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • ISO 9001 version 2008 vs version 2015

    Main differences are:

    • Introduced the risk-based approach;
    • There are no mandatory procedures;
    • Introduced clauses about the context and interested parties;
    • More commitment with the QMS and leadership is expected from top management;
    • No longer mandatory a management representative or a quality manual. 

    Please find below more detailed information:

  • Clauses that mention continual improvement

    The following requirements clauses in ISO 45001 mention continual improvement (note that I am only including clauses within clause 4 – 10 as this is where the requirements are):

    4.4 – Continually improve the OHSMS

    5.1 - Leaders promote continual improvement

    5.2 – OH&S policy includes continual improvement commitment

    5.4 – Consultation of workers ensures continual improvement

    6.1.1 - Actions for risk and opportunity to achieve continual improvement

    6.2.1 - OH&S objectives to continually improve

    7.1 – Resources to ensure continual improvement of the OHSMS

    7.4.2 – Internal communication enables continual improvement

    9.2.2 – Internal audit program takes action for continual improvement

    9.3 – Management review looks at continual improvement

    10.3 – This is all about continual improvement

    You can learn more about corrective actions and their role in continual improvement of the OHSMS in the article: Using corrective actions to eliminate nonconformities and drive health & safety improvements, https://advisera.com/45001academy/blog/2017/02/15/using-corrective-actions-to-eliminate-nonconformities-and-drive-health-safety-improvements/

  • Organizational success

    Thanks very much. I am ok. Following some links for more information on the need for ISO

  • ISO 27001 implementation

    1. In addition to the kit I bought from you I purchased the standard from iso... I now realize I should have also bought 27002 so I can get more details on the controls. Is there a package you recommend that has everything I need in it? I'd prefer to get that instead of having to keep asking my cfo for permission for each thing.

    Please note that our toolkits were designed to consider all elements necessary for certification (e.g., recommendations from ISO 27002 are already included in the templates), and from our experience with our customers all around the world, the toolkit content is all you need to successfully implement the standard. No additional standards are required.

    2. Also, I've done the foundations course but I am still feeling a little overwhelmed with where to start... I think risk assessment methodology is the place, but not sure.

    The toolkit documents are ordered in the exact sequence you need to follow to implement the standard, so the first document you need to develop is the Procedure for Document and Record Control.

    There is a List of Documents file in your toolkit that can show your the order of the documents.

    For information, see:

    3. I've started going through the docs and updating them with our company info etc and the roles I expect for certain things but not sure if that is the right thing to start with. Thanks in advance for any direction

    You need to follow the sequence of documents explained in the previous answer for easier implementation.

    It is also important that before working on the documents you see the video tutorials included with the toolkit. They will provide you guidance on filling in the most critical documents, using examples with real data. And the templates contain several comments with guidance and examples on how to fill the documents. You should read them first too.

    Additionally, you can count on our support, through email or scheduled meetings, to clarify your doubts regarding the ISO 27001 implementation, as well as to review some of your developed documents, where we will provide comments about how to improve them as necessary.

  • ISO 9001 - where to start?

    You need some foundational training about ISO 9001:2015 to understand the language, for you and for a core Project Team.
    The first step is to perform a Gap analysis, to determine the amount of work to be done - comparing what your organization already has in place versus ISO 9001:2015 requirements. From that GAP Analysis, you can develop your Project Plan, listing what needs to be done, by whom, until when.

    Then, an important step is to design a model of how your organization works as a set of interrelated processes: Your organization has any research? Develops new products? Looks for customers, sends proposals, wins orders, prepares, and delivers those orders. Buys products, tests those products, and warehouses them. Trains people, keeps the work environment and equipment. From there you go to implementation in order to close the gaps found. Then, perform an internal audit and the management review. There you can decide if your organization is ready for a certification audit.

    This is a very short description of the journey but below you can find more detailed information:

     

  • ISO 9001 and employee motivation

    Transform a “long road” into a set of stages. For each stage you can ask yourself:

    • Who participates in this stage?
    • Who will resist change?
    • What habits and anxieties promote inertia and friction? Most of the time the unknown promotes fear and resistance to change. If we change, what can go wrong? What are they afraid of?
    • What can push them to change? Can you show them the pain from the present? Defects, costs, complaints, delays, lost customers, loss, and their consequences for employees.
    • What can pull them to change? What is the idea of a better life for employees in that stage?
    • How can ISO 9001 be used in that stage to create a better future?
    • For each stage what’s in it for staff, resulting from the implementation? 

    You can find more information below:

  • Necessity of team training in Good Manufacturing Practices

    According to the EudraLex, The Rules Governing Medicinal Products in the European Union Volume 4 EU Guidelines for Good Manufacturing Practice for Medicinal Products for Human and Veterinary Use; PArt 1 – Chapter personel in requirement 2.10 is stated that manufacturer should provide training for all the personnel whose duties take them into production and storage areas or into control laboratories (including the technical, maintenance and cleaning personnel), and for other personnel whose activities could affect the quality of the product, not necessarily the entire team.
     
    For more information about Good manufacturing practice, please follow the link: https://ec.europa.eu/health/documents/eudralex/vol-4_en

  • Does your toolkit have any policies or appendices that surround FDA ESG or Digital Certificates?

    Unfortunately, our ISO 13485:2016 Toolkit does not have any policies that surround FDA ESG Digital Certificate.

    However, the Digital certificate is one application of cryptography, so I suggest you see the demo of our Policy on the Use of Encryption at this link: https://advisera.com/27001academy/documentation/policy-on-the-use-of-encryption/

    This policy defines rules for the use of cryptographic controls, as well as the rules for the use of cryptographic keys, in order to protect the confidentiality, integrity, authenticity, and non-repudiation of information.Maybe this policy can help to fulfill your needs. 

    This article can provide additional information:

    • How to use the cryptography according to ISO 27001 control A.10 https://advisera.com/27001academy/how-to-use-the-cryptography-according-to-iso-27001/

    • ISO standard and GDPR

      How can ISO27701 (Privacy Information Management System) help comply with GDPR? 

      ISO 27701 can help an organization to implement security processes in your organization relating to the privacy of information. It helps build a personal information management system which sets policies, procedures, roles, and responsibilities for privacy, making it easier to comply with GDPR
       

      What are the similarities and differences in both of them?"

       

      ISO 27701 is a standard for the quality of the privacy of information, this standard is focused on information security and personally identifiable information (or personal data protection).
      GDPR is an EU Regulation that is mandatory for organizations in the EU or processing personal data of EU individuals or processing personal data in the EU. 

      GDPR is focused on data subjects’ rights and risks for freedom and rights. It requires to be transparent with data subjects and give them some rights towards their personal data. It also requires that data are processed taking security measures. GDPR lets to the data controller to evaluate which solution is the best to achieve the goal of protecting personal data without providing a clear path to follow, while ISO 27701 helps to implement controls to achieve data protection goals similar to the one set by GDPR. Compliance to ISO27701 is considered as an adequate security measure under Article 32 GDPR.

      Here you can find more information on GDPR and ISO 27001

      You may also consider enrolling in this online EU GDPR Foundations Course:
      EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course//
       

    • ISO 45001 and OHSAS 18001 requirements

      With ISO 45001 replacing OHSAS 18001, making it obsolete, you will certainly want to make the transition to the new standard. We suggest a 12-step process to ensure that you meet the requirements of the new standard, while still utilizing as much of the OHSAS 18001 system that you already have in place (such as procedures and records). Since most of the requirements of OHSAS 18001 are included in ISO 45001 it makes sense to do this transition in a systematic manner to ensure you don’t create excess work for yourself.

      You can learn about this 12-step process in the free whitepaper: Twelve-step transition process from OHSAS 18001 to ISO 45001, https://info.advisera.com/45001academy/free-download/twelve-step-transition-process-from-ohsas-18001-to-iso-45001
Page 371-vs-13485 of 1127 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +