Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11277 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Implementing ISO 14001
Answer:
Once I have no information about your particular industry, I have to be very general in my answer. Start by determining how your organization interacts with the environment, by determining environmental aspects and impacts. Determine interested parties and compliance obligations and your conformance situation. Determine context and risks and opportunities.
With that information you can write an environmental policy, objectives and action plans. Then, monitor implementation, define and monitor performance, perform internal audits and the management review.
The following material will provide you more information about implementing an EMS:
- ISO 14001 – 4 steps in identification and evaluation of environmental aspects - https://advisera.com/14001academy/knowledgebase/4-steps-in-identification-and-evaluation-of-environmental-aspects/
- List of ISO 14001 implementation steps - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/list-of-iso-14001-implementation-steps/
- free online training ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
- book - THE ISO 14001:2015 COMPANION – A A Straightforward Guide to Implementing an EMS in a Small Business - https://advisera.com/books/the-iso-14001-2015-companion/ -
Mission, vision and strategy
Answer:
The mission is about the purpose of an organization, it is about the why an organization exists.
Vision is about the future, it is about an attractive mental image of where an organization will be at some point in the future.
The strategy is about the set of choices that an organization make in order to carve a path from where it is today, to where it wants to be in the future.
The following material will provide you information about the strategic direction:
- ISO 9001 – Aligning quality objectives of the QMS with the strategic direction of the company - https://advisera.com/9001academy/blog/2017/03/07/aligning-quality-objectives-of-the-qms-with-the-strategic-direction-of-the-company/
- Free course – ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
ISO 45001: Hazard control for Silica Dust
Answer:
The controls for OH&S hazards follow a 5-level hierarchy, and the more hazardous something is, the higher up the hierarchy the control should be. The hierarchy is (most control to least control): elimination, substitution, engineering control, administrative controls and personal protective equipment (PPE).
So, for silica dust the lowest level of control would be providing masks as PPE, but if it is more of a hazard you should look at higher controls such as an engineering control like a dust collection system. It would be better if it was possible to substitute with a less hazardous material, or eliminate the need for the process, but this is often not the case, so the highest level of control is an engineering control that manages the hazard.
For more information on putting controls in place for OH&S hazards, see the article: 5 le vels of hazard controls in ISO 45001 and how they should be applied, https://advisera.com/45001academy/blog/2015/09/02/5-levels-of-hazard-controls-in-iso-45001-and-how-they-should-be-applied/ -
Anonymous data
Answer:
Anonymous data is not subject to the GDPR so there will not be any processing of Personal Data.
If you want to find out more about the applicability of the EU GDPR check out this free EU GDPR Foundation Course (https://advisera.com/training/eu-gdpr-foundations-course//) -
Combining multiple roles
Answer:
There are always risks while combining multiple roles in single person (although, such situation is sometimes inevitable).
In your case I see following risks:
1. Dynamics of activities and approach for Major Incident (as well as all incidents) is quite different than resolving problems or implementing changes
2. People you are working with are different (knowledge, experience...)
3. Incident is trigger for problem management. So, you can see it as “controlling” of the problem management's efficiency
4. Problem management is trigger for change management. So, mentioned in #3 is valid here.
5. Problem management efficiency influences incident management, Same relation is valid for change management – problem management. So, if you have all these processes in one person…
This is the article that can he lp: “
What ITIL roles can be combined in one person?” https://advisera.com/20000academy/knowledgebase/itil-roles-can-combined-one-person/ -
How to become a consultant in ISO 9001, ISO 22301
Answer:
If you are interested in working as a consultant implementing ISO 9001 or ISO 22301 you should consider attending Lead Implementer Course, since that course can help you to understand and implement the standards and then get the Lead Implementer certificate in order to prove your competence. Also, a Project Manager Certificate can be helpful because you will learn how to run projects.
This article will provide you further explanation about becoming a consultant:
- How to become an ISO 27001 / ISO 22301 consultant https://advisera.com/27001academy/blog/2014/07/21/how-to-become-an-iso-27001-iso-22301-consultant/
These materials will also help you regarding becoming a consultant:
- How to become an ISO 27001 / BS 25999-2 consultant [free webinar on demand] https://advisera.com/27001academy/webinar/become-iso-27001-bs-25999-2-consultant-free-webinar/
- ISO 9001:2015 LEAD IMPLEMENTER COURSE https://advisera.com/training/iso-9001-lead-implementer-course/ -
Best practice for BC Plans
Answer:
In our site you can find several resources about business continuity plans and how to integrate them on a business continuity management system. For example:
- What is ISO 22301 https://advisera.com/27001academy/what-is-iso-22301/
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/
- Writing a business continuity plan according to ISO 22301 [free webinar on demand] https://advisera.com/27001academy/webinar/writing-a-business-continuity-plan-according-to-iso-22301-free-webinar-on-demand/
- Business continuity plan: How to structure it according to ISO 22301 https://advisera.com/27001academy/knowledgebase/business-continuity-plan-how-to-structure-it-according-to-iso-22301/
As for how to see how a BCP looks like, at our site you can also access a free demo of our Business Continuity Plan at this link: https://advisera.com/27001academy/documentation/business-continuity-plan/ -
How to develop and implement DR Plan
Answer:
A disaster recovery plan is normally a type of recovery plan, so for developing it you must consider the description of step-by-step actions and responsibilities for recovering the information and communication technology infrastructure (e.g., applications, databases, communication links, etc.).
To see how a DR Plan looks like I suggest you to take a look at this free demo: https://advisera.com/27001academy/documentation/disaster-recovery-plan/
This article will provide you further explanation about DR Plans:
- Disaster recovery vs Business continuity https://advisera.com/27001academy/blog/2010/11/04/disaster-recovery-vs-business-continuity/
These materials will also help you regarding DR Plans:
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/
- Writing a business continuity plan according to ISO 22301 [free webinar on demand] https://advis era.com/27001academy/webinar/writing-a-business-continuity-plan-according-to-iso-22301-free-webinar-on-demand/ -
ISO 22313 and BCMS implementation
Answer:
ISO 22313 gives you examples of best practices on how the requirements from ISO 22301 could be implemented, so if you organization does not have previous experience in business continuity or management systems, it can help you save time on searching for ways of implementation, or in evaluating solutions presented by consultants.
This article will provide you further explanation about ISO 22313:
- ISO 22301 vs. ISO 22313 https://advisera.com/27001academy/blog/2013/05/21/iso-22301-vs-iso-22313/ -
Developing BCP tests
Answer:
The Kobayashi maru test is a no winning scenario designed to evaluate the response of personnel in a situation they have no hope to prevail, but they do not know that.
Considering that, to adapt this concept to a BCP test you have to meticulously develop a scenario where expected reactions of your personnel will not work, or will make situation worst. Additionally you can add time limits to achievement of some objectives. There is no definitive scenario to implement the Kobayashi maru test, so it can vary from a cascade failure of datacenter hardware to a sequence of disaster hitting you site.
The Fukushima Power Plan disaster (an earthquake followed by a tsunami), or the Chernobyl reactor explosion are examples of no win situations.
This article will provide you further explanation about BCP testing:
- How to perform business continuity exercising and testing according t o ISO 22301 https://advisera.com/27001academy/blog/2015/02/02/how-to-perform-business-continuity-exercising-and-testing-according-to-iso-22301/
This material will also help you regarding BCP testing:
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/