Search results

What do we do when our existing policies do not match Conformio's policies?

In terms of the standard, the question here would be: 
 
"What do we do if our guidelines and Conformio's do not match?"
 
In this case, the customer should choose the document that best complies with the standard. Sometimes the user's document is more strict than the one provided by Conformio, and this is not a problem as the user can upload the PDF version of their own document to Conformio and use it instead of the Conformio template. 
 
An alternative can be that the user includes the link to the page where the document is published in the Conformio template and explains to the customer that if he fulfills the requirements for document management in their Wiki platform it wouldn't be a problem. However, this means they would have to manage updating two different documents (the Wiki page, and the Conformio document), so it might be too complicated.

Teleworking Policy and IT Security Policy

Thank you for your question!

You can do that, but it is advisable that you mark the control that lists the Teleworking Policy as inapplicable in the Statement of Applicability so the step for Teleworking Policy is then hidden.

Risk treatment plan

Thank you for your question.

We answered it through Experta - you can find the answer here: https://experta.com/shared-post/356983f7-e736-474d-b864-81cb855154a8

CQI 17

For reference informed

3.4. Handling classified information

Thank you for your question.

We answered it through Experta - you can find the answer here: https://experta.com/shared-post/fdc70116-07a2-4725-b1ab-b81cd698870c

Custom Edit Documents

Thank you for your question.

We answered it through Experta - you can find the answer here: https://experta.com/shared-post/a195a94d-9059-4e02-ab72-90480d32fce6

Multiple scope in one certification

Our company is certified for meeting ISO 13485 requirements for the scope of design, development, manuafcture and sales of product for brand A. Our Parent company has requested to get certified for their brand (i.e Brand B) with the scope of manufacture aand sales of products. Would this be treated as a spearate certification and would require both stages of audits? or can be integrated with existing one as an extension of scope

Recovery

ISO 22301 does not prescribe how recovery needs to be performed, so organizations can implement recovery as best fits their needs.

The preference for fully automated recovery versus human intervention step by step would depend on various factors such as the criticality of the systems or data being recovered, the complexity of the recovery process, and the resources available.

Fully automated recovery processes can be faster and more efficient in certain situations, especially for routine or well-defined recovery scenarios where human intervention may introduce delays or errors. Automation can also help ensure consistency and reduce the risk of human error during the recovery process.

However, in some cases, human intervention may be necessary to make critical decisions, assess the situation, or address unforeseen issues that automated systems may not be able to handle. Human intervention can also provide a level of oversight and control that may be necessary for certain recovery scenarios.

Zeiss CMM Users

I do not know where the person you were talking to got the information that this is against the AS9100 requirements because those requirements do not go into this much detail on how you manage the organization, they only give a structure on what needs to be included.

In fact, in AS9100 clause 8.5.2 it talks about using acceptance media as part of the identification and traceability, and gives examples of electronic signatures and passwords as being acceptable. This is how you will be controlling the approval in your CMM area. Again, the standard does require that you control changes and access for production processes, but this is what you will be doing.

Repackaging of a medical device

ISO 13485 is not specifically mentioned anywhere in the MDR, but the term quality management system is extended. However, Article 8 states that "Devices that are in conformity with the relevant harmonized standards, or the relevant parts of those standards, the references of which have been published in the Official Journal of the European Union, shall be presumed to conform with the requirements of this Regulation covered by those standards or parts thereof." In the list of harmonized standards published in the Official Journal of the European Union, the only standard related to the quality system is ISO 13485. That is why manufacturers and distributors are expected to have introduced ISO 13485.