Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11272 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Certifications on risk
I'm not currently doing a IT Risk job,what you tube material would you recommend to help me improve my skills.
Answer:
For a general approach for risk management you should consider an ISO 31000 certification:
- https://pecb.com/en/education-and-certification-for-individuals/iso-31000
- https://www.certifiedinfosec.com/iso-31000-certification/introduction
For information security risk management you should consider an ISO 27005 certification:: - https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27005/iso-iec-27005-risk-manager -
Compiling an ISO 9001 QMS file
Answer:
By QMS file I believe you mean knowing what documents and records are required. Also important to understand ISO 9001 structure and read something about the PDCA cycle and the process approach.
You can find more information below:
- Article – What is ISO 9001? - https://advisera.com/9001academy/what-is-iso-9001/
- Checklist of Mandatory Documentation Required by ISO 9001:2015 - https://info.advisera.com/9001academy/free-download/checklist-of-mandatory-documentation-required-by-iso-90012015
- ISO 9001 Requirements and Structure - https://advisera.com/9001academy/knowledgebase/iso-9001-requirements-and-structure/
- Plan-Do-Check-Act in the ISO 9001 Standard - https://advisera.com/9001academy/knowledgebase/plan-do-check-act-in-the-iso-9001-standard/
- Free webinar on demand – The Process Approach - What it is, why it is important, and how to do it - https://advisera.com/9001academy/webinar/iso-9001-process-approach-free-webinar-on-demand/
- Product Tour: ISO 9001 Documentation Toolkits - https://advisera.com/9001academy/product-tour/
- Free ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
Context of the company - examples
Answer:
An organization is an open system that interacts with the outside world. For example, new technology can make the product or the production process obsolete. For example, legislation can imply changes in the way a product is manufactured or is sold on the market. For example, political changes can support or hinder exports for your organization’s main market.
An organization has also its own inside world that can affect its performance like, for example: difficulties in finding new employees; outdated manufacturing equipment that does not allow efficiency levels required by the competition prices; lack of know-how about selling online.
The free webinar below has several examples and makes the relationship between context, SWOT analysis, and risks.
You can find more information about context determination:
- Article - How to identify the context of the organization in ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/ wledgebase/how-to-identify-the-context-of-the-organization-in-iso-90012015/
- Article - ISO 9001:2015 Case study: Context of the organization as a success factor in manufacturing company - https://advisera.com/9001academy/blog/2016/10/11/iso-90012015-case-study-context-of-the-organization-as-a-success-factor-in-manufacturing-company/
- Free webinar on demand - ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope - https://advisera.com/9001academy/webinar/iso-90012015-clause-4-context-of-the-organization-interested-parties-and-scope-free-webinar-on-demand/
- [free course] ISO 9001:2015 Internal Auditor Course - https://advisera.com/training/iso-9001-internal-auditor-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
Audit findings and definitions
Answer:
When an auditor performs an audit, he or she compares the reality with the audit criteria. If the reality is not according to the audit criteria, we have a Non-Conformity. If the reality is according to the audit criteria, we have a Conformity.
Even when the auditor identifies a Conformity he or she can also find, due to his experience, an Opportunity for Improvement. Some auditors also use word Observation.
Based on ISO 19011:2018 one can say that:
Non-Conformity – it is when an audit criteria, a requirement is not fulfilled
Conformity - it is when an audit criteria, a requirement is fulfilled
ISO 19011:2018 and ISO 9000:2015 do not have definitions either for Opportunity for Improvement or for Observations. Nevertheless ISO 19011:2018 states that the findings of an audit can lead to opportunities for improvement but onl y defines improvement. An activity to improve performance.
So, the evidence presented indicates that a requirement has been effectively implemented, but based on auditor experience and knowledge, the organization can take advantage of modifying its approach.
You can find more information about audits:
- Article - How to write a good ISO 9001 audit nonconformity? - https://advisera.com/9001academy/blog/2018/04/24/how-to-write-a-good-iso-9001-audit-nonconformity/
- [free course] ISO 9001:2015 Internal Auditor Course - https://advisera.com/training/iso-9001-internal-auditor-course/
- book - ISO Internal Audit: A Plain English Guide - https://advisera.com/books/iso-internal-audit-plain-english-guide/ -
Consultant becoming internal auditor
Answer:
I can give you my own experience; I have done that several times without problems raised by certification bodies.
If you check the definition of auditor on ISO 19011:2018 versus the one on ISO 19011:2011 you can see that the independence requirement was dropped. See also ISO 9001:2015 clause 9.2.2 c), what is important is to ensure objectivity and impartiality. I work on that by preparing my checklists and leaving audit reports that describe precisely what I found.
You can find more information about audits:
- Article - How to write a good ISO 9001 audit nonconformity? - https://advisera.com/9001academy/blog/2018/04/24/how-to-write-a-good-iso-9001-audit-nonconformity/
- [free course] ISO 9001:2015 Internal Auditor Course - https://advisera.com/training/iso-14001-internal-auditor-course/ ernal-auditor-course/
- book - ISO Internal Audit: A Plain English Guide - https://advisera.com/books/iso-internal-audit-plain-english-guide/ -
Right of erasure
Answer:
Both work just the same as long as the deletion or anonymization is permanent. -
Official versions
Answer:
That E stand for the official version in English. For example, the French version has EN ISO 9001:2008 (F) where the F stand for the official version in French.
The following material will provide you information about ISO 9001:
- ISO 9001 – What is ISO 9001? - https://advisera.com/9001academy/what-is-iso-9001/
- Free course – ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- book – Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
Processes and environmental management system
Answer:
The basis for an environmental management system is your list of environmental aspects and impacts, the way your organization interacts with the environment. You can relate each environmental aspect and impact with the processes where they are originated. So, you only need to plan for the processes where relevant environmental aspects and impacts occur, and for those associated with compliance obligations even if they are not considered significative.
The following material will provide you information about assessment of environmental interactions:
- ISO 14001 – 4 steps in identification and evaluation of environmental aspects - https://advisera.com/14001academy/knowledgebase/4-steps-in-identification-and-evaluation-of-environmental-aspects/
- List of ISO 14001 im plementation steps - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/list-of-iso-14001-implementation-steps/
- free online training ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
- book - THE ISO 14001:2015 COMPANION – A Straightforward Guide to Implementing an EMS in a Small Business - https://advisera.com/books/the-iso-14001-2015-companion/ -
Process mapping
We've received other questions:
> 1. On the process map will follow turtle diagram of each processor flow chart ok?
Answer 1:
Turtle diagram and flowchart are both useful for describing different topics about a process.
The turtle diagram systematizes a whole set of information about a process:
See -
The flowchart describes the flow of activities and who participates between the inputs and the outputs:
See -
> 2) process Acquire materials and services we will have even if we don’t buy any material for production ok?
Answer 2:
Perhaps the name is not the best one, but the idea is to capture the activities about Picking up the materials and everything until assembling starts. Besides the materials and components, are there not any important products or services that your organization acquires from suppliers? -
ISO 9001 and nonprofit organizations
Answer:
Yes, nonprofit organizations can apply for ISO 9001 certification. You can look into hospitals and governmental organizations, for example.
The following material will provide you information ISO 9001:
- ISO 9001 – What is ISO 9001? - https://advisera.com/9001academy/what-is-iso-9001/
- Free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- book – Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/iso-standard/iso-9001/