Search results

Risk treatment

I'm assuming you are referring to the "How to implement risk treatment video".

Considering that, the example shown in the video starts approximately in minute 2, and if you note it is said, approximately at minute 2:50, that mentioned controls (physical, technical, and organizational) have an impact on risk, but it does not mention impact and probability at this moment, so it is not possible to conclude that mentioned controls have affect on both elements.

If you understand you need  more clarification, you can schedule a meeting with one of our experts at this link: https://advisera.com/27001academy/consultation/

Excel Template Programming

Please note that we do not use programming in our templates, only the most basic features of the programs, so the templates become accessible for most users.

Regarding the Risk Treatment template, we use the only "Data validation" feature (accessible through the Data tab) in columns J and K. With this feature you can define warning messages in case wrong data is entered.

For changing the color of a cell you should use the "Conditional Formatting" feature (accessible through the Home tab).

For more information on these features, please see:

• https://support.office.com/en-us/article/apply-data-validation-to-cells-29fecbcc-d1b9-42c1-9d76-eff3ce5f7249
• https://support.office.com/en-us/article/use-conditional-formatting-to-highlight-information-fed60dfa-1d3f-4e13-9ecb-f1951ff89d7f

Consistent operation of the Laboratory

As an international standard, compliance to ISO 17025 promotes confidence in laboratory operations, demonstrating they have the ability to produce valid results. “Consistent operation of the Laboratory” means that the laboratory maintains the requirements of ISO 17025 and produces valid results over time, i.e. consistently. To achieve this, processes inputs and outputs should be known and risks to disrupting the desired outcome must be identified through monitoring activities. All the risks that could impact quality objectives (such as turnaround time) and the quality of results must be controlled.

ISO 17025 assists by specifying the requirements to facilitate consistent operation. An example would be requirements for document and record control to ensure consistency of access and use between personnel. Another example would be the requirement Ensuring the validity of results, were the laboratory is required to monitor the consistency of method performance through internal and external quality control checks and act on significant variations.

The effective implementation of a ISO 17025 provides the grounding to achieve consistency. Have a look at the
ISO 17025 toolkit https://advisera.com/17025academy/iso-17025-documentation-toolkit/ and
free Diagram of ISO 17025 Implementation Process https://info.advisera.com/17025academy/free-download/diagram-of-iso-17025-implementation-process

Masks effectiveness

I assume that you refer to list published in the article EU standards for protective equipment – available now for free https://advisera.com/13485academy/blog/2020/04/14/free-access-to-iso-13485/

On that standard list, there are two standards for masks: one for classic surgical masks and one for respiratory masks FFP. According to the guidelines from the World health organization on the day April 5th, 2020, regular surgical masks are effective protection against COVID-19: https://www.who.int/emergencies/diseases/novel-coronavirus-2019/advice-for-public/when-and-how-to-use-masks. 

For that surgical masks is applicable standard EN 14683:2019 + AC:2019 Medical face masks – Requirements and test method. For respiratory masks applicable standard is N 149 + A1:2009 Respiratory protective devices – Filtering half masks to protect against particles – Requirements, testing, marking (commonly referred to as ‘FFP masks’).

DPIA for COVID-19 Remote Work Environment

During this period Data Protection Authorities (DPA) are establishing guidelines for organizations on how to organize homework. You should check your country DPA in order to check for specific guidelines.European Data Protection Board released on 19th March 2020 a statement on the processing of personal data in COVID-19 pandemic. You can download the statement here: https://edpb.europa.eu/sites/edpb/files/files/file1/edpb_statement_2020_processingpersonaldataandcovid-19_en.pdf

Most of DPA stated that the pandemic outbreak does not derogate to normal rules on data protection, yet the emergency requires to balance and mitigate risks. So, in order to perform a Data Protection Impact Assessment, you will need to follow the usual procedure in order to estimate risks.Some of the risks arising from homeworking relate to:• unauthorized access (i.e. family members of the workers),• data breaches because of accidental loss of data,• insufficient security measures (due to the use of workers’ personal devices).

In order to mitigate risks, you can have a look at our template on teleworking and Bring Your Own Device Policy in order to establish a policy for homeworkers that suits to your needs. Remember to consider DPA guidelines and additional internal rules (i.e. on workers' surveillance).

Here you can find some useful information:Useful links to Data Protection Authorities website: https://advisera.com/eugdpracademy/knowledgebase/useful-links/How to write an easy-to-use BYOD policy compliant with ISO 27001: https://advisera.com/27001academy/blog/2015/09/07/how-to-write-an-easy-to-use-byod-policy-compliant-with-iso-27001/

Bring Your Own Device (BYOD) Policy: https://advisera.com/eugdpracademy/documentation/bring-your-own-device-byod-policy/Mobile Device and Teleworking Policy: https://advisera.com/eugdpracademy/documentation/mobile-device-and-teleworking-policy/ 

Standard for protective equipment

It depends, first of all, what protective equipment manufacture produce, because on that list are standards for both masks, gloves and protective cloths. Therefore, the manufacturer must declare on its Declaration of Conformity the standards by which his products are made.

If you are distributor and wholesale, your suppliers are responsible for placing medical devices on the market. Your suppliers must provide you CE certificate of the medical device and optionaly ISO 13485 certificate. 

Which standards are now free to donwload, please see the following link: EU standards for protective equipment – available now for free https://advisera.com/13485academy/blog/2020/04/14/free-access-to-iso-13485/ 

ISO 9001 in a pandemic

During the pandemic event:

• supply chains may be disrupted;
• operations need to practice social distancing and prevent loss of employees;
• normal distribution channels may be disrupted;
• customers may be closed or only accessible through new distribution channels.

Some organizations see their workloads drop significantly. Organizations that nevertheless continue to function can take advantage of the period to train employees, to develop experiences in production that would otherwise be difficult, to maintain equipment, to change layout, to develop improvement actions.

Some organizations continue to work and have to find alternative suppliers without jeopardizing quality. So, new suppliers have to be tested, trained and monitored.

Organizations that continue to work should train employees so that they can be versatile and perform functions for which they are not prepared, to replace any colleague who becomes infected.

Organizations that continue to work may have to change space and tools use to practice social distancing. So, new practices may have to be implemented and work instructions changed. Some organizations will need remote audits to check that these changes are in place and effective.

Organizations that continue to work may be forced to change to use new distribution channels. That may require training and setting new payment systems.

Some organizations will need help in migrating for internet meetings and communication with suppliers, customers and sales force.

These are some examples of how a consulting company can still help organizations during this pandemic event with ISO 9001:

Please consider this article - How to use ISO standards to address a pandemic - https://advisera.com/articles/how-to-use-iso-standards-to-address-a-pandemic/

Explanation of quality objectives

A quality objective is a result that the quality management system intends to achieve. Good quality objectives stem from the quality policy. A good quality policy is appropriate to the purpose and context of the organization and supports its strategic orientation.

So, a good template to write a quality objective should test this condition: which commitment of the quality policy is executed through this quality objective?

So, if a construction company follows a strategy based on working for a particular niche of customers, a good quality policy will consider those particular customer requirements as priority for improvement. For example, our company wants to be viewed as the experts, the tailors in working with long glass surfaces. That way, a quality objective may be: “rate of long glass surfaces projects won”.

Good objectives should comply with the S.M.A.R.T (specific, measurable, achievable, realistic and time-based) test. A good template should test these conditions.

In my work with organizations I also include a time chart to answer to three important questions: what to do, by whom and until when.

A good template should also clarify upfront what resources are available to meet the objective.

About developing good departmental objectives and using the process approach. Please check these two free webinars on demand:

• The Process Approach - What it is, why it is important, and how to do it - https://advisera.com/9001academy/webinar/iso-9001-process-approach-free-webinar-on-demand/
• Measurement, analysis, and improvement according to ISO 9001:2015 - https://advisera.com/9001academy/webinar/measurement-analysis-and-improvement-according-to-iso-9001-2015-free-webinar/
   

Below, you can find more information about quality objectives:

• How to Write Good Quality Objectives - https://advisera.com/9001academy/knowledgebase/how-to-write-good-quality-objectives/
• What has changed with quality objectives in ISO 9001:2015? - https://advisera.com/9001academy/blog/2018/05/08/what-has-changed-with-quality-objectives-in-iso-90012015/
• Free online training ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
   

ISO 9001 Car manufacturing

I believe all ISO 9001:2015 clauses are applicable to your organization.

Your organization:

• Develops commercial activity – clause 8.2
• Designs the car – clause 8.3
• Buys products, services and processes – clause 8.4
• Have a set of operations – clause 8.5
• Control product quality – clause 8.6
• Treat product nonconformities – clause 8.7

In 3 years from now, when your organizations already manufactures your own cars what will change is the scope of the set of operations.

The following material will provide you more information about scope and exclusions:

• How to define the scope of the QMS according to ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-define-the-scope-of-the-qms-according-to-iso-90012015/
• What clauses can be excluded in ISO 9001:2015? https://advisera.com/9001academy/blog/2015/07/07/what-clauses-can-be-excluded-in-iso-90012015/2015/
• Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
   

Checklist ISO 22301:2019 content

Please note that although this clause requires post-exercise reports to be produced, this clause does not require a report to be documented. In theory, such report could be delivered verbally (e.g. for smaller exercises that might be performed on daily level), although in practice such report is almost always written as a document.