Warning: A non-numeric value encountered in /www/expertadvicecommunity_719/public/wp-content/plugins/advisera-press/includes/App/Repositories/Topic/TopicRepository.php on line 602
Search results for:

Search results

Home / Search

Category:
Select
Select

11277 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Changes in documents


    Answer:

    There are not specific requirements in ISO 9001:2015 about this issue, however I recommend you to keep track of changes mentioning the review date and the edition number. Regading the edition number without changes, this is totally up to you, I usually don´t change the edition number unless there are some changes in the document. You can develop a procedure stating all these things so everybody in the company can follow and understand the system.

    These materials can help you to better understand document control in ISO 9001:2015:
    - Article - Some tips to make document control more useful for your QMS: https://advisera.com/9001academy/blog/2014/05/20/tips-make-document-control-useful-qms/
    - Book - Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ xamples/
    - ISO 9001:2015 Foundations Course: https://advisera.com/training/iso-9001-foundations-course/

  • Gap analysis

    thank you so much. i found it very helpful.

    best regard
    monike

  • Off-site audit


    Answer:
    Your organization has to answer to those major findings and send your proposals to the auditor. By “off-site” he means that he does not need to go back to your company to accept your answers. Your organization write the answers, send them to him or her, and he or she will accept it or not without going back again to your organization.

    The following material will provide you information about answering to findings:
    - ISO 9001 – How to deal with nonconformities in an ISO 9001 certification audit - https://advisera.com/9001academy/blog/2015/06/09/how-to-deal-with-nonconformities-in-an-iso-9001-certification-audit/
    - free online training ISO 9001:2015 Internal Auditor Course https://advisera.com/training/iso-14001-internal-auditor-course/ 5-internal-auditor-course/ - book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

  • MOC documentation required


    Answer:

    Regarding the mandatory documentation related to MOC, you need to retain the following documented information:
    - Design and development changes records (clause 8.3.6)
    - Production/service provision change control records (clause 8.5.6)

    These materials can help you to understand better MOC documentation:
    - Article: QMS change management in 7 steps: https://advisera.com/9001academy/blog/2016/11/29/qms-change-management-in-7-steps/
    - Article - List of mandatory documents required by ISO 9001:2015: https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/
    - Book Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -9001-2015-through-practical-examples/
    - Free on line ISO 9001:2015 Foundations Course: https://advisera.com/training/iso-9001-foundations-course/

  • Video and template content

    In this tutorial - ISO 27001 standard clauses refers to 4.3.2 and 4.3.3 and in the template the reference document is listed as 7.5. Can you please advise why these are different, and which clauses I should reference, so I can make sure this matches up correctly moving forwards? Can you please advise which one should I rely on?

    1. Reference documents
    · ISO/IEC 27001 standard, clause 7.5
    · ISO 22301 standard, clause 7.5
    · BS 25999-2 standard,clauses 3.4.2 and 3.4.3
    · Information Security Policy
    · Business Continuity Policy
    · Policy for handling classified information
    · [other documents and regulations specifying document control]

    Answer:

    First of all, sorry for this inconvenience. Every time you find such discrepancies between the tutorials and documentation, please use the information in the templates, because they are the most updated version.

    2 - Also there is mention throughout of ISO/IEC 27001. Can you please confirm what the IEC relates to as I ha ve not come across this before.

    Do I keep this referenced within our documentation as the Standard name or should I have this removed? As I work through the video / documentations, I am noticing several discrepancies between the video and the template.

    Answer:

    The International Electrotechnical Commission (IEC) is an international standards and conformity assessment body for all fields of electrotechnology, and has joined with ISO for the development of ISO 27001, since many controls to protect information are related to electrotechnology. The official name of the standard is ISO/IEC 27001, but you can only refer to the standard as ISO 27001 without problems.

  • GDPR compliance


    Answer:

    Let me start by saying that compliance with ISO standards and compliance with a legal requirement are somewhat different. ISO standards are not mandatory and you don't get fined if you do not comply with their provisions nor can they be enforced by governmental bodies. In terms of ISO or any other standard, you get some kind of certificat ion stating you are compliant while for GDPR this is not applicable.

    And finally, nor ISO nor any other standard can be used to prove compliance with a legal requirement such as the EU GDPR. What BS:10012 does is give you a framework that you could use in terms of data protection without guaranteeing anything in terms of legal compliance.

    Coming back to your original question, I personally think that BS:10012 or ISO 270018 are not required to be compliant with the EU GDPR so unless you need those standards for something else, then you can get certified. ISO 27001 is, however, a good way to prove that you are keeping your information assets including personal data secure which helps in terms of compliance with Article 32 of the EU GDPR.

    If you want to find out more about ISO and GDPR compliance, check out this EU GDPR & ISO 27001 Integrated Documentation Toolkit (https://advisera.com/eugdpracademy/eu-gdpr-iso-27001-integrated-documentation-toolkit/).

  • The classification of data


    Answer:

    Personal data that should be protected regardless of which structure within the company or third party processes it. Internally, the whole company is responsible and assigning an owner will only cause confusion and spread the belief that only the owner is accountable for how the personal data is being processed. Ultimately, the company is responsible if the data i s processed in an unlawful manner and not a specific individual/employee.

    In terms of your web developer, as he will be acting as your data processor, he is bound by the obligations set up in Article 28 of EU GDPR and you, as a data controller, need to ensure that those obligations are clearly set out in the Data Processing Agreement you need to sign with the processor.

    To learn more about processors and controllers, as well as the responsibility of managing personal data, check out this free EU GDPR Foundations Course (https://advisera.com/training/eu-gdpr-foundations-course//).

  • QMS in Higher education


    Answer:

    ISO published in 2003, IWA 2:2003 - Quality management systems - Guidelines for the application of ISO 9001:2000 in education, a document updated in 2007 by IWA 2:2007 - Quality management systems -- Guidelines for the application of ISO 9001:2000 in education. However, as far as I know this 2007 guideline has been widrawn.

    ISO published in 2018, ISO 21001:2018 - Educational organizations -- Management systems for educational organizations -- Requirements with guidance for use. ISO 21001:2018 is a management system standard that is partially aligned with ISO 9001:2015 for quality managent systems.

    The following material will provide you information about a QMS in an education setting:
    - ISO 9001 – Should universities implement ISO 9001? - https://advisera.com/9001academy/blog/2015/04/21/should-universities-implement-iso-9001/
    - free online training I SO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
    - book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

  • Controller or processor?

    Thanks Andrei, very useful answer... as usual!

  • Risk, opportunities and external suppliers


    Answer:
    One ISO definition indicates that risk is the “effect of uncertainty on an expected result. So, what are the expected results of your organization concerning its purchasing process?

    What desired results an organization wants from its purchasing process? For example: raw materials at a good price; delivered on time and with quality.

    Risks/opportunities are what can contribute to not getting/ or meeting those expected results. For example:

    A rise in demand of raw materials can increase prices;
    The closing of an important competitor can reduce demand and prices;
    Raw materials shortage due to insufficient inventory control;
    Raw materials shortage due to deterioration while on warehouse;
    Raw materials shortage due to delivery delay;
    Raw materials shortage due wrong reference delivered;
    Raw materials delivered with insufficient amount;
    Raw materials delivered with defects;

    The following materials will provide you more information about risks and opportunities:

    - Article - How to address risks and opportunities in ISO 9001 - https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/
    - Free webinar – How to implement risk management in ISO 9001:2015 - https://advisera.com/9001academy/webinar/how-to-implement-risk-management-in-iso-90012015-free-webinar-on-demand//
    - book - DISCOVER ISO 9001:2015 THROUGH PRACTICAL EXAMPLES - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

Warning: A non-numeric value encountered in /www/expertadvicecommunity_719/public/wp-content/plugins/advisera-press/vendor/jasongrimes/paginator/src/JasonGrimes/Paginator.php on line 154

Warning: A non-numeric value encountered in /www/expertadvicecommunity_719/public/wp-content/plugins/advisera-press/vendor/jasongrimes/paginator/src/JasonGrimes/Paginator.php on line 214

Warning: A non-numeric value encountered in /www/expertadvicecommunity_719/public/wp-content/plugins/advisera-press/vendor/jasongrimes/paginator/src/JasonGrimes/Paginator.php on line 217
Page 641-vs-13485 of 1128 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +