Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11269 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Clauses and situations
Answer:
Are they relevant for the product or service delivered by your organization? If they are not relevant don’t include them on your QMS. If they are relevant that will depend on their influence. For example: 7.1.3; 7.1.4 or 8.5.1.
2. A quality assurance SOP dealing with the inspection of incoming material and resulting products would come under the heading of which clause according to standard (9001:2015)?
Answer:
I would consider clause 8.4.2
3.An SOP on the maintenance of equipment would come under the heading of which clause according to standard (9001:2015)?
Answer:
I would consider clause 7.1.3
The following material will provide you information about ISO 9001:2015:
How to evaluate supplier performance according to ISO 9001:2015 -h ttps://advisera.com/9001academy/blog/2015/10/27/how-to-evaluate-supplier-performance-according-to-iso-90012015/
Free online training – ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
Book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
Requested documented information
hello, i want to tell you, i'm very satisfy to your intervention. Thanks! -
Documented information of external origin during the certification audit
what other ISO standards should be available in my office while the certification body is auditing'
Answer:
You should have at list a paper or electronic copy of ISO 9001:2015. You should also have paper or electronic copies of standards that are relevant for the quality of your product or service. Those determined under clause 7.5.3.2 as documented information of external origin.
The following material will provide you more information about documented information of external origin:
What does “external documents control” mean in ISO 9001? - https://advisera.com/9001academy/blog/2019/02/04/what-does-external-documents-control-mean-in-iso-9001/
Enroll for free in this course – ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- Book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
Context and risks
Answer:
You can elaborate a report where you list the internal and external issues determined by your organization. See the example below in the white paper.
From issues do we refer to RISKS or the current PROBLEMS the organization is experiencing?
Answer:
Issues are not risks. Issues are elements that can affect and organization’s approach to developing and achieving its objectives. For example, a competitor may enter your market with a superior product due to new technology. Another example, your potential market may grow or shrink due to demographic changes.
And how does the context of the organization relate to risk assessment?
Answer:
Internal and external issues can help or hinder in meeting expected results. For example, your organization expects to grow market share among the wealthiest segment (an objective). That can be hindered by the move of a competitor that presented a superior product due to new technology. For example, your organization sells its best seller to parents with young kids. Your organization’s growth perspectives may be hindered by the demographic evolution of your main markets. Whatever helps your organization in meeting objectives is an opportunity. Whatever hinders your organization in meeting objectives is a risk.
And another question is that under the heading of which clause would a security cameras SOP come under?
Answer:
Perhaps under ISO 9001:2015 clause 7.1.4 Environment for the operation of processes
The following material will provide you more information about context and risk:
White Paper - Case study for ISO 9001:2015 transition in a construction company - https://info.advisera.com/hubfs/9001Academy/9001Academy_FreeDownloads/Case_study_for_ISO_9001_2015_transition_in_construction_company_EN.pdf How to identify the context of the organization in ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-identify-the-context-of-the-organization-in-iso-90012015/
How to identify risk significance in ISO 9001:2015 - https://advisera.com/9001academy/blog/2019/01/14/how-to-identify-risk-significance-in-iso-90012015/
Free webinar – ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope - https://advisera.com/9001academy/webinar/iso-90012015-clause-4-context-of-the-organization-interested-parties-and-scope-free-webinar-on-demand/
Enroll for free in this course – ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- Book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
Certification costs
Answer:
That will depend on several factors like number of employees, economic sector, particular environmental situation and from country to country.
If you want to implement and certify an environmental management system in your organization, please consider the cost of training and implementation, and the cost of certification.
The following material will provide you more information about implementation and certification costs:
Article - How much does ISO 14001 implementation cost? - https://advisera.com/14001academy/blog/2017/01/23/how-much-does-iso-14001-implementation-cost/
Enroll for free in this course – ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/ -
SOC 2 and ISO 27001
Answer:
There are many common points between SOC II and ISO 27001:2013: risk management, internal audit, business continuity, access control, etc. If you want to know details about the similarities about both standards, and what resources can be shared, you can see the document “Trust Services Map to ISO 27001” in the official site of American Institute of CPAs. You can find it at this link: https://www.aicpa.org/content/dam/aicpa/interestareas/frc/assuranceadvisoryservices/downloadabledocuments/othermapping/trust-services-map-to-iso-27001.xlsx -
ITIl and ISO 20000
Answer:
ITIL and ISO 20000 overlap quite a lot. Usage of ITIL processes for ISO 20000 implementation depends also on the detail of the implementation. Ownership of the processes depends on how many employees your ITSM organization have. Ideally, every process would have different owner. But, process owners can be combined.
Here are more details:
ITIL and ISO 20000: A Comparison https://advisera.com/20000academy/knowledgebase/itil-iso-20000-comparison/
Defining roles and responsibilities for ISO 20000-based IT Service Management https://advisera.com/20000academy/blog/2017/10/18/defining-roles-and-responsibilities-for-iso-20000-based-it-service-management/
What ITIL roles can be combined in one person? https://advisera.com/20000academy/knowledgebase/itil-roles-can-combined-one-person/ -
KEDB
Answer:
Best option would be to integrate Known Error Database (KEDB) as part of the ITSM (IT Service Management) tool. In such way, you'll have automation in place meaning that you will integrate KEDB with Incident Management and Problem Management. both of the processes use KEDB to enter Known Errors or use KEDB to resolve incidents i.e. problems.
Here is more about Known Errors (records in scope of KEDB) Known Errors – repetitio est mater studiorum? Not in this case. https://advisera.com/20000academy/blog/2014/02/04/known-errors-repetitio-est-mater-studiorum-case/ -
Residual risk
Answer:
You have to calculate the residual risk after the definition of the risk treatment to be applied. At this point the residual risk is the risk value you expect to achieve with the implementation of the controls. After the implementation of the controls, the risk value you will measure will confirm if the previously calculated residual risk is right or if you need to perform adjustments in the control implementation.
These articles will provide you further explanation about risk assessment:
- ISO 27001 risk assessment & treatment – 6 basic steps https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/
- Why is residual risk so important? https://advisera.com/27001academy/knowledgebase/why-is-residual-risk-so-important/
These materials will also help you regarding risk assessment:
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
- The basics of risk assessment and treatment according to ISO 27001 [free webinar on demand] https://advisera.com/27001academy/webinar/basics-risk-assessment-treatment-according-iso-27001-free-webinar-demand/ -
Privacy and Data Protection Notice
Thank you