Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11269 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Car license plate number
Answer:
The EU GDPR defines personal data as “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”. As long as the car is registered to an individual, the license plate would make that person indefinable so it would fall under the definition above.
To learn more about personal data and the EU GDPR check out our EU GDPR Foundations Course (https://advisera.com/training/eu-gdpr-foundations-course//). -
Business Impact Analysis
Is this correct? Is this how they can be completed and meet the requirements for ISO 23001.
Answer:
ISO 22301 does not prescribe how Business Impact Analysis must be performed, only that you have to perform this task, so your approach to define recovering activities for a department as a whole rather than by each different activity will also meet the requirements for ISO 23001. -
I received following question:
Answer:
Specific of Virtual Service Desk is that personnel is geographically dispersed and that they can be organized in various ways. That also provides options for measuring e.g. telecommunication costs, dropped calls, number of resolved incidents (or other calls) per group (if they are located e.g. on same location), availability of agents (e.g. if they work from home or office that is not supervised), etc.
Of course, all usual measurements related to the Service Desk apply also. This articles can give you idea:
ITIL Service Desk types https://advisera.com/20000academy/blog/2014/05/06/itil-service-desk-types/
Service Desk: Single point of contact https://advisera.com/20000academy/knowledgebase/service-desk-single-point-contact/ -
Design in AS9100 Rev D
Answer:
This is one example that I have used where a company that supplies products also has a service that they provide to customers. Even if you do not design the product, you certainly design the service of creating a drawing. If this is a new service that you are offering it would need to be designed as per the AS9100 Rev D requirements for design and development. As for your question on customer approval, this is a decision that is part of your customer requirements, not the AS9100 standard. If your customer states that they need approval over any documents you create to manufacture their parts then you would certainly need approval over the drawing.
For more information on how the design and development requirements apply in AS9100 see this article, “Can companies still exclude design and development from their AS9100 Rev D QMS?“; https://advisera.com/9100academy/blog/2017/10/09/can-companies-still-exclude-design-and-development-from-their-as9100-rev-d-qms/ -
ISO 9001 and root cause analysis
Answer:
An organization performs quality control on its products (clause 8.6). During quality control, an organization can detect product nonconformity (clause 8.7).
Also, an organization performs monitoring and measurement (clause 9.1.1) and analysis and evaluation of performance (clause 9.1.3)
Either because one particular product non-conformity is considered very serious, or because it is a recurring product non-conformity, an organization can decide that performance should be improved. For that reason, a corrective action should be developed (clause 10.2). Developing an effective corrective action must include determining the root cause of the product quality issue.
Let us suppose that the organization is not satisfied with the level of non-conformities on product X. So, the first step is to focus the effort of improvement, by performing a symptom diagnosis using, for example, a Pareto chart: https://www.screencast. com/t/cw2cpildI
After this initial screening the organization needs:
· to determine probable causes;
· make some tests or investigations to find root-cause(s);
· develop alternative solutions;
· select the best one;
· implement the solution;
· check the effectiveness of that solution
The following material will provide you with information about root cause analysis:
- ISO 9001 – How to use root cause analysis to support corrective actions in your QMS - https://advisera.com/9001academy/blog/2016/03/01/how-to-use-root-cause-analysis-to-support-corrective-actions-in-your-qms/
- Free webinar – Measurement, analysis, and improvement according to ISO 9001:2015 - https://advisera.com/9001academy/webinar/measurement-analysis-and-improvement-according-to-iso-9001-2015-free-webinar/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
Enterprise Risk Management
Answer:
You can use ISO 31000:2018, Risk management – Guidelines, which provides principles, framework and a process for managing risk. It can be used by any organization regardless of its size, activity or sector and although it cannot be used for certification purposes organizations can use it to compare their risk management practices with an internationally recognised benchmark.
To learn more about risk management in companies you can see the following materials:
- Article - Similarities and differences in risk management in ISO 9001 , ISO 31001 and ISO 27001: https://advisera.com/9001academy/blog/2016/10/25/similarities-and-differences-in-risk-management-in-iso-9001-iso-31000-and-iso-27001/
- Article - How to address risk and opportunities in ISO 9001: https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/ -
Template content - disruptive scenarios
Answer:
The examples are only to provide a better understanding on how to come up with your scenarios, so you do not have to keep them if you understand that they cannot represent a real situation for you organization. Some of them with some adjustments may be fit for your organization, but scenarios built by your own team have more chance to be useful.
These articles will provide you further explanation about treating disruptive scenarios:
- How can ISO 27001 and ISO 22301 help with critical infrastructure protection? https://advisera.com/27001academy/blog/2017/09/25/how-can-iso-27001-and-iso-22301-help-with-critical-infrastructure-protection/
- Using ISO 22301 business continuity practices to support mass public events https://advisera.com/27001academy/blog/2017/06/05/using-iso-22301-business-continuity-practices-to-support-mass-public-events/
- Enabling communication during disruptive incidents according to ISO 22301 https://advisera.com/27001academy/blog/2016/12/19/enabling-communication-during-disruptive-incidents-according-to-iso-22301/
- ISO 22301 Case study in the travel industry: Business continuity as a necessity in customer care https://advisera.com/27001academy/blog/2016/11/07/iso-22301-case-study-in-the-travel-industry-business-continuity-as-a-necessity-in-customer-care/ -
Quality objectives or KPI in QMS Manual?
Answer:
The QMS Manual should have quality objectives established at the beginning as it much easier to track the effectiveness than KPI for a single department and it also provides a broader goal that the company is working toward for its Quality Management System. The objectives can be specified within or out of the Manual as ISO 13485 does not specify where the objectives need to be documented.
For more information, please refer to :
-How to manage the Quality Manual according to ISO 13485:2016 requirements: https://advisera.com/13485academy/knowledgebase/how-to-manage-the-quality-manual-according-to-iso-13485-requirements/
-Setting good quality objectives for ISO 13485: https://advisera.com/13485academy/knowledgebase/setting-good-quality-objectives-for-iso-13485/ -
Integrating management system context
2. We are in the process of implementing ISO 9001:2015 in a dairy company and we are writing down our processes but can't cleary figure out the difference between work instructions and procedures e.g. should the stepwise description of how to determine butter fat content of milk be a procedure or a work instruction Kindly assist.
Answers:
1) You are partially correct. Due to Annex SL, the ISO document that dictates how they will structure management system standards, the requirements for context of the organization are almost identical. This means that you can use the sam e process for developing the context of the organization for each standard you implement, but this does not mean the output will be identical. For instance, your customers will be very interested parties for your quality management system (QMS), but not as much for your environmental management system (EMS). Likewise, your government agency for the environment will be interested in your EMS, but may not be at all interested in the QMS. The same thought needs to be applied to your internal and external issues, some issues will not be applicable to all management systems. The policy for each management system will very likely be different as well.
2) Work instructions are a special type of procedure, so it is not surprising that confusion exists. A procedure is simply a specific way of doing a process if this is required. A work instruction is a step-by-step procedure for a specific task, such as the stepwise instruction you mentioned.
For a better understanding of how to structure documentation in the QMS see this article, “How to structure quality management system documentation”; https://advisera.com/9001academy/knowledgebase/how-to-structure-quality-management-system-documentation/ -
ISO 9001 and Lean
Answer:
First of all, just to state that ISO 9001 and LEAN it is not an either/or choice; both can be used.
An organization can pick ISO 9001 because it is a customer requirement because it’s lack is a barrier to start working with new customers, because it is a way of reducing variability in organizations, because it is a way of a creating a continual improvement culture. LEAN methodologies can be a way of implementing the continual improvement mentioned in ISO 9001 because it is a way of identifying and systematically eliminate/reduce waste in organizations.
The following material will provide you with information about ISO 9001 and Lean:
- ISO 9001 – ISO 9001 vs. Lean: How they compare and how they are different - https://advisera.com/9001academy/blog/2014/07/22/iso-9001-vs-lean-compare-different-2/
- Six Key Benefits of ISO 9001 Implementation - https://advisera.com/9001academy/knowledgebase/six-key-benefits-of-iso-9001-implementation/
- free online training ISO 9 001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
Warning: A non-numeric value encountered in /www/expertadvicecommunity_719/public/wp-content/plugins/advisera-press/vendor/jasongrimes/paginator/src/JasonGrimes/Paginator.php on line 154
Warning: A non-numeric value encountered in /www/expertadvicecommunity_719/public/wp-content/plugins/advisera-press/vendor/jasongrimes/paginator/src/JasonGrimes/Paginator.php on line 214
Warning: A non-numeric value encountered in /www/expertadvicecommunity_719/public/wp-content/plugins/advisera-press/vendor/jasongrimes/paginator/src/JasonGrimes/Paginator.php on line 217
Page 638-vs-13485 of 1127 pages