Search results

Home / Search

Category:
Select
Select

11272 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Servicios limpieza y control medioambiente

    Lo primero es contar con el compromiso de la alta dirección de la empresa, esto es fundamental y va a ser uno de los requisitos de la ISO 14001; pero es que además es imprescindible para contar con los recursos necesarios, tanto financieros como de personal para llevar a cabo la implementación de la norma. Aquí podemos encontrar información sobre los beneficios de ISO 14001 - 6 Beneficios clave de la ISO 14001: https://advisera.com/14001academy/es/knowledgebase/6-beneficios-clave-de-la-iso-14001/

    Una vez que contamos con el apoyo de la alta dirección, podemos llevar a cabo un análisis de brecha o GAP, que nos va a indicar aquellas áreas en las que necesitamos cumplir con los requisitos de la norma ISO 14001 en nuestra organización. En este enlace puede realizar de forma gratuita un análisis de brecha - Herramienta de análisis de brecha en ISO 14001: https://advisera.com/14001academy/es/herramienta-gap-analysis-iso-140012015/

    Posteriormente puede escribir un Plan de proyecto, en el que defina cuáles van a ser los hitos durante la implementación, realice un calendario de actividades y defina cada una de las responsabilidades. Puede descargar de forma gratuita este plan de proyecto y adaptarlo a su organización - Project plan for ISO 14001 implementation: https://info.advisera.com/14001academy/free-download/project-plan-for-iso-14001-implementation-ms-word

    Luego ya podría empezar a definir el alcance del sistema de gestión ambiental, el contexto de la organización, definir las partes interesadas, etc. hasta llegar a la auditoría interna y la revisión por la dirección En este artículo puede encontrar más información sobre cada uno de los pasos - Lista de pasos para la implementación de la ISO 14001: https://advisera.com/14001academy/es/knowledgebase/lista-de-pasos-para-la-implementacion-de-la-iso-14001/

    Para más información sobre los pasos para la implementación de ISO 14001:2015 vea los siguientes materiales:
    - White paper - Clause by clause explanation of ISO 14001:2015: https://info.advisera.com/14001academy/free-download/clause-by-clause-explanation-of-iso-140012015
    - Libro – The ISO 14001:2015 companion: https://advisera.com/books/the-iso-14001-2015-companion/
    - Curso gratuito en línea – Fundamentos de la norma ISO 14001:2015 : https://advisera.com/training/es/course/curso-fundamentos-iso-14001/

  • EI REQUISITO 8 DE LA ISO:9001

    Los requisitos mínimos con los que debe cumplir su organización con respecto a la cláusula 8 se pueden resumir en los siguientes puntos:

    Cláusula 8.1 – Planificación y control operacional

    En este punto la organización debe de determinar:

    -        Cuáles son los objetivos de calidad así cómo los requisitos mínimos para poder proporcionar el servicio.

    -        Cuáles son los procesos, recursos así como documentación necesaria para proporcionar el servicio.

    -        Las actividades que sean necesarias para llevar a cabo la verificación, validación y seguimiento del servicio. 

    -        Contar con los registros que puedan evidenciar que los procesos y el servicio cumplen con los requisitos que han sido establecidos. 

    Este artículo puede ayudarle a entender los requisitos para los productos – Product requirements wok in ISO 9001: https://advisera.com/9001academy/blog/2014/04/08/product-requirements-work-iso-9001/

    Cláusula 8.2.3 – Revisar los requisitos para los productos y servicios

    Esta revisión debe de realizarse antes de que la organización llegue a proporcionar el servicio al consumidor o cliente. De esta forma es posible saber si puede llevarlo a cabo. Para esto la institución debe de garantizar que los requisitos están perfectamente definidos y que tiene capacidad de cumplir con los mismos. Es necesario mantener registros de esta revisión.

    Cláusula 8.3.5 – Elementos de salida de diseño y desarrollo

    Los resultados del diseño y desarrollo de servicio deben de posibilitar la verificación de los elementos de entrada y salida, ya que son los que determinan dichos procesos. 

    Por otro lado, es necesario establecer la información necesaria para poder llevar a cabo la adquisición de productos y/o servicios, la prestación del servicio, y determinar los requisitos en materia de subcontrataciones, etc. 

    Sería necesario en este caso guardar los registros de cada uno de estos procesos. 

    Cláusula 8.4.1. – Productos y servicios externalizados

    La organización debe de establecer una serie de criterios para sus proveedores, con el fin de poder realizar una evaluación de los servicios que proporcionan. De esta forma la institución garantiza que el servicio o producto que compra cumple con los requisitos especificados.

    Los registros resultantes de la evaluación, del seguimiento del desempeño y de la evaluación de los proveedores externos deben de ser guardados.

    En este artículo puede encontrar más información sobre la evaluación de proveedores externos – How to evaluate supplier performance according to ISO 9001:2015: https://advisera.com/9001academy/blog/2015/10/27/how-to-evaluate-supplier-performance-according-to-iso-90012015/

    Cláusula 8.5.2 – Identificación y trazabilidad

    Este punto podría no ser aplicable a su institución, ya que versa sobre la identificación del producto/servicio y todo el proceso de realización. 

    Cláusula 8.6 – Liberación de productos y servicios

    Todos los servicios prestados (y en caso de que proporcionen productos también aplica) deben de estar sometidos a los procesos de seguimiento y medición, es decir, que se debe de evidenciar que han alcanzado los criterios de aceptación definidos. Estos requisitos podrían estar establecidos de forma legal.

    Cláusula 8.7 – Control de salidas no conformes. 

    La organización debe de guardar aquellos registros sobre las medidas tomadas en relación a las salidas no conformes, tanto de los procesos, servicios o productos que proporcione

    Estos materiales pueden serle de ayuda para entender mejor la cláusula 8 en ISO 9001:2015:

    - Artículo – Clause by clause explanation of ISO 9001:2015 https://info.advisera.com/9001academy/free-download/clause-by-clause-explanation-of-iso-90012015

    - Inscríbase gratis en este curso -  Curso de Fundamentos de la nroma ISO 9001:2015 - https://advisera.com/es/formacion/curso-fundamentos-iso-9001/

    - Libro – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/  

     

     

  • Internal Audit Preparation

    How can I maintain objectivity in an internal EMS audit while I am the EMS implementor?

    Answer:

    Objectivity is sticking to the facts, being guided by the evidence and considering an event will be closer to the truth the more supporting evidence it has. So, focus on the audit objective. Study the audit criteria and develop a checklist requesting clear evidences of conformity. Be aware of the sampling to be representative. For me this is the most important to ensure objectivity.

    Think about the risks – Where will you have more possibilities of losing objectivity? What measures can you take to minimize those risks? 

    Having failed my auditor exam, how do I know where i failed and what to improve on?

    Answer:

    There is no universal methodology that training organizations follow. In Advisera courses people are informed of the area or part of the exam failed, and only answer to those parts in a new exam.

    The following material will provide you more information about internal audits:

    - Article - ISO 9001 internal auditor training: Is it for me? - https://advisera.com/9001academy/blog/2015/06/02/iso-9001-internal-auditor-training-is-it-for-me/
    - Free webinar - How to perform an ISO 14001:2015 internal audit - https://advisera.com/14001academy/webinar/how-to-perform-an-iso-14001-2015-internal-audit-free-webinar-on-demand/
    - Enroll for free in this course – ISO 14001:2015 Internal Auditor Course - https://advisera.com/training/iso-14001-internal-auditor-course/ 
    - Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/

  • The difference between ISO 27001 AND NESA

    I'm assuming that by NESA you are referring to the National Electronic Security Authority from the United Arab Emirates (UAE). Considering that, NESA  is a government body that develops documents based on ISO 27001 and several other established standards (such as NIST publications). These documents are named as a whole as NESA Information Pack. On the other hand, ISO 27001 is an internationally recognized standard for information security management, published by ISO.

    In short, ISO 27001 is an international standard, while NESA documents are developed based in part on ISO 27001, but to cover specifics of United Arab Emirates.

    This article will provide you further explanation about ISO 27001:
    - What is ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/

  • ISO 14001 as a legal requirement

    I do not know of any country where ISO 14001 certification is mandatory by law in any economic sector. What I see is that some important customers in relevant economic sectors make ISO 14001 certification either a mandatory requirement, or a plus for qualification of a supplier.

    For example, in the automotive sector. 

    Concerning VW, in its 2018 Sustainability Report, it states:

    “A certified environmental management system in accordance with ISO 14001 and/or EMAS is one of the ecological requirements our tier 1 suppliers have to meet.”

    Concerning GM, it required all supplier facilities to be ISO 14001 certified by December 31, 2002.

    Concerning Ford, it required all supplier facilities to be ISO 14001 certified by July 1, 2003.

    Sources for GM and Ford requirement are difficult to find but it is well documented in news around the world from the beginning of the century.

    So, it is natural that Tier 1 suppliers make ISO 14001 certification a mandatory requirement for Tier 2 suppliers and so on. 

    Your organization, instead of legal requirements, can use its purchasing power to invite or make mandatory the ISO 14001 certification. For example, certified suppliers could expect more orders.

    The following material will provide you more information about aspects and impacts:

    - Article - Driving Your Supply Chain to ISO 14001 Compliance - https://advisera.com/14001academy/blog/2015/04/13/driving-your-supply-chain-to-iso-14001-compliance/- Article - How to manage outsourced suppliers in line with ISO 14001:2015 - https://advisera.com/14001academy/blog/2017/07/11/how-to-manage-outsourced-suppliers-in-line-with-iso-140012105/- Free webinar - Free webinar - ISO 14001: Identification and evaluation of environmental aspects - https://advisera.com/14001academy/webinar/iso-14001-identification-and-evaluation-of-environmental-aspects-free-webinar-on-demand/- Enroll for free in this course – ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/- Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/

  • Calibration of measurement equipment

    You asked:

    Question - In relation to recalibration or our own equipment What information would you look for on the calibration certificate to determine the equipment needs to be recheck and why? 

    I assume you are referring to external calibration? The certificate should not specify the recalibration date. The decision is that of the laboratory based on need, meaning assurance of test results generated using your equipment. The unbroken chain of calibrations is what provides the Metrological traceability for your results, to meet ISO 17025 clause 6.5.

    The calibration interval will vary depending on the type of equipment, in terms of its robustness. The accreditation bodies typically have requirements and or guidelines on this, guided by ILAV (see link below). Some sectors of work and instruments will require a mathematical calculation to determine that the interval is suitable. Typically however, the laboratory itself must look at the need to make the interval shorter due to risk, or justify increasing the interval due to lack of risk. Take an analytical balance for example, that is well looked after. You may typically have it calibrated externally say once a year. Then you perform intermediate checks (verification) before use that verify that the balance is still calibrated and fit for use. Based on risk, you set the range your verified mass should fall within. You should of course, use calibrated mass pieces of a suitable class depending on the type of balance. Then you watch for trends. If you see the performance deteriorating, to minimise risk you would have the next external calibration sooner.

    You also asked

    What key requirements should I consider when managing all equipment in our lab to insure reliable result? Equipment register?"

    Look at Clause 6.4 (Equipment) in ISO 17025, together with clause 6.5 Metrological Traceability where all the requirements are stated. Any that can jeopardise the competency of the laboratory to generate valid results must be considered, risk assessed and controls put in place. For example if am instrument is potentially unstable (drifts) then you would run reference samples (of known result) more often. When those results fail, then the unknown results are not reliable and corrective action must be taken, which may include recalibration.

    For more information, have a look at:

    Also refer to  ILAC P10:07/2020 ILAC Policy on Metrological Traceability of Measurement Results and ILAC G24:2007 Guidelines for the determination of calibration intervals of measuring instruments, available from https://ilac.org/publications-and-resources/

  • GDPR clarifications

    Is consent needed to transfer personal data to other countries outside EU?

    Not necessarily. Content is needed only as an exemption if the other safeguards in Chapter 5 of the GDPR. If you want to find out more about international data transfers check out this webinar : “How to make personal data transfers to other countries compliant with GDPR” (https://advisera.com/webinars/how-to-make-personal-data-transfers-compliant-with-gdpr-free-webinar-on-demand/).

    Do I need to have a data processing agreement with data controllers?

    Although not mandated by the EU GDPR it is a best practice to have a Controller to Controller Agreement in place. You can find such a template at : https://advisera.com/eugdpracademy/documentation/controller-to-controller-data-processing-agreement/

    When can legitimate interest be used as a legal basis?

    It can be used but you need to perform a Legitimate Interest Assessment to prove that your interest is not infringing upon the rights and freedoms of the data subjects.

    Do I need to insert data protection specific clauses in work contracts?

    The GDPR does not specifically require such clauses to be included in the labor agreements however you need to ensure that you have in place appropriate confidentiality clauses.

    Can I delete the data of a former emplyee if he makes a request?

    The right to be forgotten in not an absolute right especially when we are taking about labor law. As a company you have some legal obligations so you need to ensure that you are not breaking such obligations before deleting the unnecessary data.

    How much time do I have do delete the data?

    The GDPR allows for one month before you need to respond to a request. However, if the request is complex you can extent the period to a maximum of 3 months. You can find out more about data subject rights in our webinar : Data Subject Rights under the EU GDPR (https://advisera.com/eugdpracademy/webinar/data-subject-rights-under-the-eu-gdpr-free-webinar-on-demand/).

  • GDPR Data Protection office course and GDPR Fundamental course

    The EU GDPR Foundations is meant to build general knowledge about the EU GDPR and is around 8 hours while the EU GDPR Data Protection Officer Course is more detailed and is more aimed towards persons fulfilling the role of Data Protection Officer. Additionally, the EU GDPR Data Protection Officer Course takes around 15 hours to complete.

  • ISO 22301 templates update

    Good morning, as you know, buy the package of documents for 27001 and 22301.

    Since October, version 22301 2019 is already available, can you please confirm if you plan to update the documents that have changed or if, on the contrary, it will remain in the purchased version?

    We are working on the updates of ISO 22301 templates, and as soon as we finish the updated versions they will be sent to all customers who purchased the toolkit within last 12 months, without charge.

  • Access control policy

    Great answer by referring to exactly where the topic document can be found with content. 👍
Page 475-vs-13485 of 1128 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +