Search results

Home / Search

Category:

Sort by:

Select

Types of user:

Select

11272 results

Guest

Create New Topic As guest or Sign in

Business department* About business* Organization size*

Title *

Body *

HTML tags are not allowed

Category *

Select

Assign topic to the user

Select user

Security and compliance
Answer:

ISO 27001 Internal Auditor is someone with competence to audit an ISMS against ISO 27001 so he/she can perform audits for his/her organization, while the ISO 27001 Lead Auditor is someone who has competency on auditing an ISMS against ISO 27001 requirements and is qualified to become a certification auditor (i.e., capable to work for a certification body).

These articles will provide you further explanation about personal certifications:
- Qualifications for an ISO 27001 Internal Auditor https://advisera.com/27001academy/blog/2015/03/30/qualifications-for-an-iso-27001-internal-auditor/
- ISO 27001 Internal Auditor training – Is it good for my career? https://advisera.com/27001academy/blog/2016/03/29/iso-27001-internal-auditor-training-is-it-good-for-my-career/

These materials will also help you regarding internal audit training:
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
- ISO 27001:2013 Internal Auditor Cour se https://advisera.com/training/iso-27001-internal-auditor-course/
- ISO 27001:2013 Lead Auditor Course https://advisera.com/training/iso-27001-lead-auditor-course/
A tool to perform a Gap Analysis

Answer
Performing a Gap Analysis is not mandatory but it is surely a great help.

The following material will provide you more information about the Gap Analysis:
Article - Should you use a gap analysis in your ISO 9001 implementation? - https://advisera.com/9001academy/17/use-gap-analysis-iso-9001-implementation/
- Free ISO 9001:2015 Gap Analysis Tool - https://advisera.com/9001academy/iso-9001-gap-analysis-tool/
- Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
Annex A controls

Answer:

For information about Annex A controls I suggest you these references:
- Overview of ISO 27001:2013 Annex A https://advisera.com/27001academy/iso-27001-controls/
- Clause-by-clause explanation of ISO 27001 https://info.advisera.com/27001academy/free-download/clause-by-clause-explanation-of-iso-27001
- ISO 27001:2013 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
ISMS Manual

In fact ISO 27001 requirements have never prescribed the development of an ISMS Manual, and for good reasons. If you put all the policies and procedures into a single document, this will make the reading of such document very difficult. Additionally, the standard already has a requirement for a document that describe how a company will implement its information security – it is called Statement of Applicability.

This article will provide you further explanation about ISMS Manual:
- Is the ISO 27001 Manual really necessary? https://advisera.com/27001academy/blog/2014/02/03/is-the-iso-27001-manual-really-necessary/

This material will also help you regarding ISMS documentation:
- Managing ISO Documentation: A Plain English Guide https://advisera.com/books/managing-iso-documentation-plain-english-guide/
Espacio común para documentos

Respuesta:

Le recomiendo que en dicho espacio cuente con diferentes carpetas referidas a los requisitos obligatorios de documentación de la norma y que en dichas carpetas introduzca los documentos obligatorios y otro tipo de documentación más comúnmente usada (ej: ciertos procedimientos no obligatorios). Por ejemplo, puede contar con una carpeta para la determinación del contexto de la organización que contenga un procedimiento (no obligatorio), una lista sobre las partes interesadas y aquellos registros que considere adecuados, como un acta de reunión donde se definieron las cuestiones internas y externas de la organización.

Aquí puede ver esta lista de documentos obligatorios y más usuales en la implementación de ISO 9001:2015 - Lista de documentos obligatorios requeridos por la ISO 9001:2015: https://advisera.com/9001academy/pt-br/kit-de-documentacao-da-iso-9001/nowledgebase/lista-de-documentos-obligatorios-requeridos-por-la-iso-90012015/

Aquí puede ver nuestro paquete de documentos que se organizan en una serie de carpetas con distintos documentos , así como descargar una vista previa de los mismos - Paquete de documentos sobre ISO 9001: https://advisera.com/9001academy/es/paquete-de-documentos-sobre-iso-9001/

También contamos con una plataforma para el cumplimiento de la norma que se llama Conformio y facilita su implementación. Puede echar un vistazo a la misma aquí - https://advisera.com/conformio/

Para más información sobre cómo organizar la documentación en ISO 9001:2015 vea los siguientes materiales:
- Libro - Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
- Curso gratuito en línea - Curso de fundamentos de la norma ISO 9001:2015: https://advisera.com/es/formacion/curso-fundamentos-iso-9001/
Picking the right certification body

Answer
I cannot give here any recommendation, but I can send you to some articles about how to pick the right certification body for your case. By the way, I believe you have time enough to schedule the two stage audits before the ende of the year

The following material will provide you more information about choosing certification bodies:
How should you pick an ISO 9001 certification body? - https://advisera.com/blog/2021/01/11/how-to-choose-an-iso-certification-body/
How to choose a certification body - https://advisera.com/blog/2021/01/11/how-to-choose-an-iso-certification-body/
- Enroll for free course - ISO 9001:2015 Internal Auditor Course - https://advisera.com/training/iso-9001-internal-auditor-course/
- book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
ISO 17025 or ISO 9001

Answer
Start by your target customers. Who will be your ideal customers? What will be their requirements? If your lab testing results are just for your customers internal use, then perhaps ISO 9001 certification is enough. But, for example, if your lab testing results are for use in a court of law, or for use among two other parties then ISO 17025 accreditation may be the most useful option

The following material will provide you more information about ISO 17025 and ISO 9001:
ISO 17025 vs. ISO 9001 – Main differences and similarities - https://advisera.com/17025academy/blog/2019/07/11/iso-17025-vs-iso-9001-main-differences-and-similarities//
Diagram of ISO 17025 Implementation Process - https://info.advisera.com/17025academy/free-download/diagram-of-iso-17025-implementation-process
- Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/ foundations-course/
- book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
Definición de los procesos

Respuesta:

Es perfectamente correcto realizar una ficha para el proceso de Gerencia de administración y Finanza y determinar las entradas y salidas de dicho proceso, aunque posiblemente sea más sencillo dividirlo así mismo en subprocesos, como sería la contabilidad. Todo depende de la organización y lo que decida la misma, siempre y cuando cumpla con los requisitos de la norma de establecer, implementar, mantener y mejorar los procesos del SGC y sus interacciones.

Un proceso se define como un conjunto de actividades que se i nterrelacionan o interactúan entre sí transformando entradas en salidas. Es decir, la clave para poder considerarlo un proceso es que exista una entrada, se realicen algunas actividades utilizando esa entrada y luego se cree una salida. Para el ejemplo del subproceso de contabilidad anterior, su proceso de contabilidad tomará los informes de gastos, ingresos y compras (entradas), luego creará o cambiará los registros de cuenta necesarios (actividades) y finalmente creará informes financieros para la administración y la revisión de los accionistas (salidas .

Para saber más sobre procesos en ISO 9001:2015 puede ver los siguientes materiales:
- Artículo - Watch language ! Don´t confuse processes with procedureshttps://advisera.com/9001academy/blog/2014/11/04/watch-language-dont-confuse-processes-procedures/
- Artículo - ISO 9001:2015 process vs procesure: some practical examples: https://advisera.com/9001academy/blog/2016/01/19/iso-90012015-process-vs-procedure-some-practical-examples/
- Libro - Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
- Curso gratuito en línea - Curso de fundamentos de la norma ISO 9001:2015: https://advisera.com/es/formacion/curso-fundamentos-iso-9001/
ISO 45001: Root cause analysis for C/A

Answer:
I have always found that using a team approach can help greatly with determining the root cause of a problem. By getting multiple viewpoints it is easier to see what the potential problems could be so that you can investigate what the actual root problem is.

It is also important to understand a good root cause analysis tool to use. For simple problems I have found that the 5 Why approach (asking why did this happen until you get to a base cause) is very useful. For more complex problems I like to brainstorm using a fishbone diagram (as can be seen in the linked article). Here you go through the different potential causes from each category that could lead to the problem, and you can then determine which are most likely and eliminate them until you find the root cause.

For more on the corrective action process, see the article: Seven steps for co rrective and preventive actions in the OH&S management system, https://advisera.com/45001academy/blog/2015/04/20/seven-steps-for-corrective-and-preventive-actions-in-the-ohs-management-system/
Documentación en ISO 9001:2015

Respuesta:

No existen diferencias a nivel nacional o internacional con respecto a la documentación de la norma ISO 9001:2015. La norma es de carácter internacional y puede ser aplicable a todo tipo de organizaciones, de cualquier sector y de cualquier tamaño, siendo los requisitos los mismos en todos los casos.

En este artículo puede encontrar información acerca de la documentación obligatoria y más comúnmente usada - Lista de documentos obligatorios requeridos por la ISO 9001:2015: https://advisera.com/9001academy/pt-br/kit-de-documentacao-da-iso-9001/nowledgebase/lista-de-documentos-obligatorios-requeridos-por-la-iso-90012015/

Estos materiales pueden ayudarle a entender la documentación requerida en ISO 9001:2015:
- Libro - Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
- Curso gratuito en línea - Curso de fundamentos de la norma ISO 9001:2015: https://advisera.com/es/formacion/curso-fundamentos-iso-9001/

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +

Search results

11272 results

Create New Topic As guest or Sign in

Assign topic to the user

Want to vote?

Security and compliance

A tool to perform a Gap Analysis

Annex A controls

ISMS Manual

Espacio común para documentos

Picking the right certification body

ISO 17025 or ISO 9001

Definición de los procesos

ISO 45001: Root cause analysis for C/A

Documentación en ISO 9001:2015

Didn’t find an answer?