Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11269 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Flowcharts, tables and processes
Answer:
Many organizations use a high-level flowchart, called map, that describe the processes that constitute the management system and their interrelationship.
For example, a process map for a manufacturing company could be:
Besides mapping processes, some organizations also use tables to clarify what happens inside each process with: main tasks, responsibilities, records, performance indicators, …
For example, consider process “2. Win order”: who’s in charge? Who does what? What are the main tasks? What is kept as records? What are the performance measures?
The use of both tools simultaneously is not incompatible. Truth be said, most companies instead of tables use procedures.
The following material will provide you information about process determination:
- ISO 9001 – ISO 9001:2015 proces s vs. procedure – Some practical exemples - https://advisera.com/9001academy/blog/2016/01/19/iso-90012015-process-vs-procedure-some-practical-examples/
- free online training ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
AS9100 RevD Human Factors
Answer:
The AS9100 Rev D standard does not use the aviation acronym PEARs (People, Environment, Activities, Resources), but instead talks about human factors and human error. This concept only appears in three clauses. First, in a note to clause 7.1.4, Environment for the operation of processes, where it highlights that a suitable environment can be a combination of human and physical factors. Secondly, in clause 8.5.1, Control of Production and service provision, where one controlled condition that should be included are actions to prevent human error. Lastly, clause 10.2.1b where it talks about including human factor considerations when determining the causes of process nonconformities while investigating corrective actions.
For more on human factors see our article, “12 most important human factors to consider according to AS9100 Rev D”, https://advisera.com/9100academy/blog/2018/05/24/12-most-important-human-factors-to-consider-according-to-as9100-rev-d/ -
ISO 9001 is not a requirement for ISO 14001
Answer:
No, ISO 9001 is not a prerequisite to implement ISO 14001. Of course, many requirements related with ISO 9001 can also be found in ISO 14001
The following material will provide you information about implementing an environmental management system, and an integrated management system
· - ISO 14001 – List of ISO 14001 implementation steps - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/list-of-iso-14001-implementation-steps/
· - How to integrate ISO 14001 and ISO 9001 - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/how-to-integrate-iso-14001-and-iso-9001/
· - free online training ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
· - book - THE ISO 14001:2015 COMPANION – A A Straightforward Guide to Implementing an EMS in a Small Business - https://advisera.com/books/the-iso-14001-2015-companion/ -
FMEA training
Answer:
The organization must demonstrate technical competence of employees who are performing FMEA analysis (both PFMEA and DFMEA).
There is no requirement for specific training, but if someone is involved in FMEA core team, the organization must demonstrate that they are competent for that.
If with „basic“ training you can demonstrate the competence of personnel than it is enough, but please do a risk assessment for this decision.
Please find out more about FMEA in the following article:
- What is FMEA, and how to apply it in IATF 16949 https://advisera.com/16949academy/blog/2017/09/06/what-is-fmea-and-how-to-apply-it-in-iatf-16949/ -
Video content
Answer:
First of all, sorry for this inconvenience. Every time you find such discrepancies between the tutorials and documentation, please use the information in the templates, because they are the most updated version. -
Is clause 8.3 applicable?
Hi Pete, thank you for your question.
If by ITSM you mean how IT teams manage the end-to-end delivery of IT services to customers, including all the processes and activities to design, create, deliver, and support IT services. Then, clause 8.3 is applicable to ITSM companies. Here, design is not about the tools (like apps or software), but about the right arrangement of the tools, assets and processes.
-
AS9100 Router Configuration Mgmt
Making so, from there on, any changes are managed by CM department when the major milestones of the build or steps of the build are changed. I have a CM department trying to convince me that they do not only manage, make not e, or do any of the router changes, they also do not associate themselves or notate the request for the router to get loaded at the around same time as CM loads the BOM, on new assemblies. This leaves a gap in our process if CM does not own this configuration sustainability. What are your thoughts, is Router process configuration something with its own revision, needing to be tracked by CM since it is directly related to the configuration to the parts on the BOM?
Answer:
The decision of whether a router is included in the configuration management of a product is taken by the company per the customer and legal requirements for the product. As this document is often the instructions on how to assemble and test a product it is often considered to be part of the configuration listing for the final product that is shipped, and also often maintained by the configuration management department. However, this requirement is not necessarily the case for every customer or company that creates parts for aerospace. If you perceive a gap in your system then I suggest you refer to the customer requirements for configuration management and reporting to ensure that there is no specific requirement from them as to how this is done and reported.
For more information on what is included in AS9100 Rev D see this whitepaper, “Clause-by-clause explanation of AS9100 Rev D”, https://info.advisera.com/9100academy/free-download/clause-by-clause-explanation-of-as9100-rev-d -
Mandatory and non-mandatory documents
Answer:
In ISO world, mandatory requirements/documents are related to the words “must” or “shall”, while non mandatory requirements/documents are related to words “may”or “should”. Considering section 7.2 Competence, all requirements are mandatory (from a to d), and the single one requiring documentation is the retention of evidence of competence (item 7.2 d). Examples of evidence are certificates, university degrees, work declarations and attendance lists, which have their own formats, making unfeasible to define a single template for them. This means you have to conduct all the activities mentioned in a to c, but you do not have to document them (this is why there is no policy in our toolkit for that purpose) - what you need to have are records related to 7.2 d) mentioned above.
These a rticles can be helpful for you:
- Explanation of the basic terminology in ISO standards https://advisera.com/27001academy/blog/2015/01/12/explanation-of-the-basic-terminology-in-iso-standards/
- Records management in ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/11/24/records-management-in-iso-27001-and-iso-22301/ -
ISO 45001 Training
Answer:
The ISO 45001 standard is intended to be used by any organization that wants to improve their OHS performance. The standard is about implementing an OHS management system and goes beyond training to implementing all the processes that are necessary to identify and control hazards within the workplace, including meeting OHS legal requirements and improving the health & safety of the workers. The training element of this is to make everyone aware of the OHSMS processes and how they are involved, the hazards and consequences of not following the rules, and what has happened regarding the incident investigation. The role of this training is to make employees knowledgeable about the system and its risks and to make them more competent.
For more about the ISO 45001 standard see this article: “What is ISO 45001?”, https://advisera.com/45001academy/what-is-iso-45001/ -
Toolkit content
Answer:
ISO 27001 does not require each control to be implemented, nor it requires each implemented control to be documented. Therefore, you have the following options:
a) Exclude a control in the Statement of Applicability if there are no risks or requirements for this particular control
b) Implement a control and write a separate policy or procedure for it
c) Implement a control and document it though a policy or a procedure which covers also other controls
d) Implement a control without documenting it - in this case you only describe briefly how you implemented it in the SoA
These articles will provide you further explanation about selecting controls and SoA:
- The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/
- The importance of Statement of Applicability for ISO 27001 https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/
2 - For my own reference: I assumed that the ISO standard and controls (Annex A or SOA) are copyright protected ? But I saw you used the numbering and especially “titles” from the ISO standard, is this allowed ? I’m just wondering if I can use my own excel “including the official control description” as well and store it in Conformio or on our file server.
Answer: Using numbering and titles as reference to the standard is allowed because in many requires (like the one which defines the SoA content) you have to make reference to the standard to be compliant. What is not allowed is copy of sections content, as well as copies from description of controls, but you can write them in other words to use in your excel file with no problem