Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11269 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
What lies under the hood of design and development
Answer
I must confess that before reading your question at the end I was already thinking about how strange: a company is dealing with personalized solutions being exempt of design and development.
The process for design and development is how your company design a develop a new solution fo r a customer:
First you have to consider the inputs: client requirements; legal and regulatory requirements; your own manufacturing requirements; your expertise and past experience requirements. This will help your design and development team decide if and when is the project terminated (what is called verification activities in ISO 9001:2015 – to check if the output of the project is according to the inputs);
Then you have to develop the project activities to turn inputs into outputs (for example, choosing materials, choosing software, making prototypes and test them – those tests are what is called review activities in ISO 9001:2015)
After a successful verification it is wise to get client approval, for example after simulation tests (those tests are what is called validation activities in ISO 9001:2015)
A successful design and development do not end with a validated output. It also answers to questions like: What are the specifications of the output (product and/or service)? What are the specifications for process and quality control during production? What are the specifications for buying raw materials or subcontracting? What are the requirements for monitoring resources? (This is what ISO 9001:2015 calls design and development outputs)
Once your company develops the previous activities in a planned and systematic way, to meet deadlines, to focus design and development team’s attention it is useful to start each project with a plan. (This is what ISO 9001:2015 calls design and development planning)
The client validated the product and production started. Changes always happen, because of a complaint, because of a change of materials or suppliers, because of a change of production process. Changes must be treated, tested, validated and documentation and practices altered in a controlled way to avoid chaos. (This is what ISO 9001:2015 calls design and development changes)
The following material will provide you more information about design and development:
The ISO 9001 Design Process Explained - https://advisera.com/9001academy/blog/2013/11/05/iso-9001-design-process-explained/
ISO 9001 document template: Procedure for Design and Development - https://advisera.com/9001academy/documentation/procedure-design-development/
- Free webinar on demand (you can see here information about non-applicable clauses- ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope - https://advisera.com/9001academy/webinar/iso-90012015-clause-4-context-of-the-organization-interested-parties-and-scope-free-webinar-on-demand/
- Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
Legal provisions of the BDSG and DSGV
Answer:
Neither the BDSG or the GDPR establish specific retention periods for student or any other category of data subjects, this is usually established to specific pieces of legislation such and the laws on archiving. As regards to the transmission, this depends on the role of the receiving party. If the receiving party acts as a data processor for the sending party then the provisions of article 28 of the EU GDPR will apply.
If you want to get some basic information about the EU GDPR, check out this EU GDPR Foundation Course https://advisera.com/training/eu-gdpr-foundations-course// -
Preparing for a surveillance audit
Answer
Surveillance audits exist to check if your management system is working as designed. So, pay special attention to records. Are all the incidents being recorded? Measurements, complaints, corrective actions, non-conformities, internal audits, and management review, etc. Remember, if your organization had any minor non-conformity or observations during the certification audit, be sure that auditors will look into those issues with special care.
The following material will provide you more information about surveillance audits:
- What is an ISO 9001 surveillance audit? - https://advisera.com/9001academy/blog/2016/10/18/what-is-an-iso-9001-surveillance-audit/
- Surveillance visits vs. certification audits - https://advisera.com/27001academy/knowledgebase/surveillance-visits-vs-certification-audits/
- Enroll for free course - ISO 9001:2015 Internal Auditor Course - https://advisera.com/training/iso-9001-internal-auditor-course/
- book – Preparing for ISO Certification Audit: A Plain English Guide - https://advisera.com/books/preparing-for-iso-certification-audit-plain-english-guide/ -
Integrating management systems
Answer:
Congratulations for your successful certification project. It is nice to know that Advisera could help you and your organization. Yes, you can integrate ISO 45001 and ISO 14001 without ISO 9001.
I would not make any of the standards the leading one. I rather would draw a process map of how your organization works and is it doing that work so that health and safety and environmental issues should be considered. So, instead of “while doing things relevant for the environment I must also consider this health and safety topics” I would follow the approach “while doing our work to fulfill the organization’s purpose of existence we have to consider both environmental and health and safety iss ues”.
The following material will provide you more information about management systems integration:
Article - - How to integrate OHSAS 18001 and ISO 14001 - https://advisera.com/9001academy/blog/2016/10/18/what-is-an-iso-9001-surveillance-audit/
Free webinar on-demand - How to integrate ISO 9001:2015 and ISO 14001:2015 - https://advisera.com/14001academy/webinar/how-to-integrate-iso-90012015-and-iso-140012015-free-webinar-on-demand/
Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/ -
Certified suppliers
Answer:
Even if your supplier is ISO 27001 certified you have to perform a risk assessment to identify the risks this supplier can bring to you organization, so you can include proper information security clauses in your contract or service agreement with it.
The fact the supplier is ISO 27001 certified brings more confidence that it can handle customer's information properly, but you as a customer still have to perform your own risk assessment regarding the supplier.
These articles will provide you further explanation about managing security of suppliers:
- 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/
- Which security clauses to use for supplier agreements? https://advisera.com/27001academy/blog/2017/06/19/which-security-clauses-to-use-for-supplier-agreements/ -
Format as controlled document
Answer
Yes, the auditor will accept the memo format as long as your organization can demonstrate document control over that memo. One designation, changes controlled, distribution controlled, approval controlled.
The following material will provide you more information about document control:
New approach to document and record control in ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/06/30/new-approach-to-document-and-record-control-in-iso-90012015/
- Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- book – Managing ISO Documentation: A Plain English Guide - https://advisera.com/books/managing-iso-documentation-plain-english-guide/ -
Certification benefits
Answer
ISO 9001 certification is not mandatory. Your company should first evaluate what can be the benefits from ISO 9001 certification and then decide. For example, does ISO 9001 certification bring marketing/image benefits?
The following material will provide you more information about certification benefits:
Six Key Benefits of ISO 9001 Implementation - https://advisera.com/9001academy/knowledgebase/six-key-benefits-of-iso-9001-implementation/
Free webinar – Overview of ISO 9001 implementation steps - https://advisera.com/9001academy/webinar/overview-of-iso-9001-implementation-steps-free-webinar-on-demand/
- Enroll for free course - ISO 9001:2015 Foundations Course - https://traini ng.advisera.com/course/iso-90012015-foundations-course/
- book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
Duration estimation
I think that a small manufacturing enterprise with up to 20 employees can develop implement and request a certification audit in about 6 to 9 months. So, just for developing the system I believe that 6 months are enough. The following material will provide you more information about implementing a quality management system: Should you use a gap analysis in your ISO 9001 implementation? - https://advisera.com/9001academy/17/use-gap-analysis-iso-9001-implementation/ Free ISO 9001:2015 Gap Analysis Tool - https://advisera.com/9001academy/iso-9001-gap-analysis-tool/ ISO 9001 Implementation Duration Calculator - https://advisera.com/9001academy/iso-9001-duration-calculator/ ISO 9001 Implementation diagram - https://info.advisera.com/9001academy/free-download/iso-9001-implementation-diagram
Free webinar – Overview of ISO 9001 implementation steps - https://advisera.com/9001academy/webinar/overview-of-iso-9001-implementation-steps-free-webinar-on-demand/ - Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/ - book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ Perhaps a documentation tool kit could help slash developing time - ISO 9001:2015 Documentation Toolkit - https://advisera.com/9001academy/iso-9001-documentation-toolkit/ -
How to mark and identify Company Policies?
Answer:
It is not mandatory for these documents to have document ID, version number and review date. In ISO 13485:2016, in point 4.2.4 it is stated that Organization must ensure that documents are identified according to the current revision status, must prevent the unintended use of obsolete documents and must apply suitable identification to them. Therefore, how you will identify them and how you differentiate them is absolutely up to you, but you must ensure that the above requirements are secured.
According to the ISO 13485:2016, for Quality Policy it is not mandatory to have document ID and version number. However, in requirement 5.3 Quality policy, in subsection e) it is stated that Top management must ensure that it is re viewed for continuing suitability. Therefore, you have to have a date on it to know when it was last reviewed.
For more about common mistakes in document control, please read article:
Common mistakes with ISO 13485:2016 documentation control and how to avoid them
https://advisera.com/13485academy/blog/2018/03/14/common-mistakes-with-iso-134852016-documentation-control-and-how-to-avoid-them/ -
Quality manual for corporation
Answer
First, ISO 9001:2015 no longer mandates the existence of a quality manual. So, organizations have a lot of freedom to decide what do they want to include if they decide to write a quality manual.
The corporation has a purpose, has a mission, each business unit work on its own way to contribute to that purpose. One of the big advantages of corporations is the synergy among different business units, like the case you mention: sharing common processes.
Start with a description of the corporation, then describe the business units and their processes and underline the existing synergies.
The following material will provide you more information about the quality manual:
How to write a short, concise Quality Manual - https://advisera.com/9001academy/knowledgebase/writing-a-short-quality-manual/
The future of the Quality Manual in ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/the-future-of-the-quality-manual-in-iso-90012015/
- Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/