Search results

Control A.18.1.2

In general terms your assumption is correct.

Please note that this control is related to compliance with legal requirements (e.g., laws, regulations, and contracts) related to intellectual property rights and the use of proprietary software.

Considering that, you need to evaluate applicable legal requirements to your company to identify what they required from you for compliance. Compliance evidence may be only a copy of terms of service, but this may also require other evidence, like log reports, or reports from independent auditors.

Cybersecurity

ISO standards, like ISO 27001 (information security management) and ISO 22301 (business continuity management), help organizations to identify and prioritize cybersecurity resources considering business objectives, relevant information security risks, and impacts of disruptive events over business processes and services.

For example, if an organization's core business is providing software as a service, protection of source codes and users’ data may be a paramount concern related to information security, and availability of provided software during a disruptive event (e.g., loss of a datacenter) may be essential for business continuity.

Based on this information cyber security controls related to the protection of source code (e.g., secure development practices) can be justified, as well as the provision of resources related to alternative sites containing proper hardware and software to ensure a quick recovery for a disruptive event.  

For further information, see:

• What is cybersecurity and how can ISO 27001 help? https://advisera.com/27001academy/blog/2011/10/25/what-is-cybersecurity-and-how-can-iso-27001-help/
• How to achieve sustainable competitive advantage through cybersecurity https://advisera.com/27001academy/blog/2022/01/21/cybersecurity-competitive-advantage-model/
• Small business guide to cyber security: 6 steps against the data breach https://advisera.com/27001academy/blog/2015/02/09/small-business-guide-to-cyber-security-6-steps-against-the-data-breach/
• What is ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/
• What is ISO 22301 https://advisera.com/27001academy/what-is-iso-22301/

Evaluation of the calibration uncertainties

I have to assume, based on the information provided, that sa is the standard error (uncertainty) of the intercept and sb is the standard error (uncertainty) of the slope. I do not have enough context to respond directly regarding a suitable “low enough” value for Sa/Sb and the technical nature of this question is not in the scope of the support that can be provided.  I can share some principles and best practices, however. In method development you need to determine the slope and sensitivity as well as the Limit of detection  (LOD) and Limit of Quantification (LOD). The relative uncertainty near zero is usually large. This topic of linear regression needs to cover a number of topics, including an understanding of residuals (the difference between an observed y value, and the calculated y value using the fitted line equation) and regression statistics.

The objective is to set up a calibration with a good predictability of y (analyte concentration) based on instrument response through the regression equation.  It is not best practice to be measuring near zero.  It is advisable to start with five to seven standard concentration points, equally spaced; covering the range of interest. Include a standard blank and select the range so that the majority of test samples would fall in the centre of the calibration range because that is where the uncertainty associated with predicted concentration is the lowest. Plot and examine the residuals, do not force the intercept to zero and calculate the uncertainty (prediction interval) for test sample concentrations using the calibration equation. Depending on the purpose of the method, you need to look at the contribution of the calibration uncertainty to the overall measurement uncertainty, and determine how significant it is.

Depending on the instrument, and purpose of the method, I suggest you reach out to your supplier for some application guidelines.

Question about pH meter

There are four possible components that could be the issue, namely the meter, ion selective electrode, application (including sampled) and the technique. To troubleshoot, I suggest you contact the supplier and ensure you have the manual and handling instructions for both the meter and electrode. Then work systematically to isolate the problem
You can refer to the ASTM D1179-16(2021)e1 Standard Test Methods for Fluoride Ion in Water or EPA method SW-846 Test Method 9214: Potentiometric Determination of Fluoride in Aqueous Samples with Ion-Selective Electrode, for a method, including the principle of calibration. 
See here https://www.astm.org/d1179-16r21e01.html and https://www.epa.gov/hw-sw846/sw-846-test-method-9214-potentiometric-determination-fluoride-aqueous-samples-ion

Mandatory and nonmandatory documents.

1. I hope everything is well with you

I have A question about ISO27001 Implementation Tool kit does the toolkit contain or cover all the documents that I will need to comply with ISO27001 because I notice for example when I Review the document internal audit checklist regarding control A6 YOU Need evidence for the are all information security responsibilities clearly defined through one or several documents? For example, and if that compliant or not my question here I MUST CONDUCT Document for the A.6.1.1 AND A6.1.2 AND A6.1.3 AND A6.1.4 THIS IS MY QUESTION

Please note that our ISO 27001 Documentation Toolkit covers all mandatory documents and some documents that are not mandatory. Many of the clauses and controls you mentioned do not need to be documented according to the standard, and in our opinion, it would be an overhead to document each and every one of them in a small company. 

Our toolkit is created specifically for smaller companies that want to implement ISO 27001 in a quick way, without unnecessary paperwork; for larger companies that require more documents, we recommend getting some other solution.

Regarding control A.6.1.1 (Information security roles and responsibilities), all document templates include defined roles and responsibilities for defined activities. Controls A.6.1.2 (Segregation of duties) to A.6.1.4 (Contact with special interest groups) do not require documentation, and simple records of contacts performed and activity logs demonstrating segregated activities will be sufficient.

2. Also I’m confused regarding the document I Downloaded from ISO27001 Academy named checklist of mandatory documentation required by ISO27001 BECAUSE the document contain the part explain the nonmandatory documents

And this part contain for example document about BYOD I CONFUSED BECAUSE THE DOCUMANTION TOOLKIT CONTAIN THE BYOD DOCUMENT WHICH IS RIGHT THE DOCUMANTION TOOLKIT OR THE DOCUMENTS WHICH I Downloaded from the ISO 27001 Academy

Please explain to me

Please note that nonmandatory documents presented in the article are the ones commonly adopted by organizations to make information security management easier, but they do not need to be implemented by all organizations. The BYOD policy is an example.

ISO 27001:2022 Documentation Toolkit

Question about MSA Implement

As mentioned earlier, measuring instruments can measure more than one feature. If these 3 different features you mentioned are important for product suitability, that is, product characteristics that need to be measured; It is preferred that the MSA study be performed for each measurement feature.

MDR/ISO 13485 risk management of "SYSTEM"

It should be done for its individual parts. 

Which ISO standards are mandatory to purchase as an official version?

Yes, you are right, ISO 13485 and ISO 14971 are mandatory. As for other standards, it depends on what your medical device is.

For all medical devices are also applicable following standards:

• ISO 20417:2021 Information from the manufacturer
• ISO 10993-1:2018 Biocompatibility
• ISO 15223-1:2021 Labelling
• IEC 62366-1:2015 Usability

There are also a lot of different technical standards. For example, if your medical device is sterile, then you need to have ISO standards relating to your type of sterilization. If your device requires electricity, then it has to be electromagnetic compatible.

List of all harmonized standards are published on several links as follows:

• https://health.ec.europa.eu/medical-devices-topics-interest/harmonised-standards_en
• https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.LI.2020.090.01.0001.01.ENG&toc=OJ:L:2020:090I:TOC
• https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2021.129.01.0153.01.ENG

• ISO 27001:2022 Documentation Toolkit

  Dear All,

  Trust all is well

  The advisera document toolkit for ISO 27001, ISO 9001& ISO 14001 has been a great help to our organization. We have a partnership with Advisera..

  
  The much-awaited ISO 27001:2022 is finally here. Just want to ask the following questions:-

  1. Whether ISO 27001:2013 version documentation toolkit can used in the transition of ISO 27001:2022 version. If yes, How can it be done and If no, please provide the reason also?
  2. When will be Advisera ISO 27001:2022 documentation toolkit will be available? Any timelines for that
  3. Can u please provide the quotes for Advisera ISO 27001:2022 Documentation toolkit?

  Looking forward to hearing from you