Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11269 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Certificar ISO 27001
Respuesta: El principal objetivo de ISO 27001 es la protección de la información, por tanto, cualquier empresa, de cualquier sector, puede implementar y certificar este estándar, porque todas las compañías tienen información y tienen que protegerla, incluyendo las empresas de servicios y soporte. ¿Por qué? Pues porque este estándar puede proporcionar beneficios a tu negocio, algunos de ellos, por ejemplo: Cumplimiento, marketing, reducción de costes, estándarización de procesos. Para más información sobre los beneficios que aporta este estándar, puedes leer este artículo “Four key benefits of ISO 27001 implementation” : https://advisera.com/27001academy/knowledgebase/four-key-benefits-of-iso-27001-implementation/
Este webinar también te puede resultar interesante “Beneficios de ISO 27001: Cómo obtener el apoyo de la Dirección” : https://advisera.com/27001academy/es/webinar/iso-27001-benefits-how-to-obtain-management-support-free-webinar-on-demand/ -
Policy and risks in ISO 9001:2015
Answer:
You don´t need to follow any format, just comply with the requirements of the standard regarding the policy document, among them to be appropiate to the purpose and context of the organization and aligned with the strategic direction of the organization.
For more information about quality policy, see this article - How does the ISO 9001:2015 affect the quality policy: https://advisera.com/9001academy/blog/2018/04/10/how-does-the-iso-90012015-revision-affect-the-quality-policy/
2nd one is, should i maintain individual files for each policy??
Answer:
Policy for ISO 9001:2015 should be just one for the whole organization, unless you implement other standards, so you can have a policy for each one.
3rd one is, for risk-based thinking, will I also preserve the papers of the meetings, we attended to discuss on RBT???
You can keep the minutes of the meetings as a record that validates that you carried out a risk-ba sed assessment, athough this is not a mandatory requirement in ISO 9001:2015.
Here you can find a list of mandatory documents and records that must be maintained and retained according to ISO 9001:2015 - List of mandatory documents required by ISO 9001:2015: https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/
These materials can help you with the policy and risk based thinking:
- Book – Discover IS O 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
- Free on-line course- ISO 9001:2015 Lead Implementer Course:https://advisera.com/training/iso-9001-lead-implementer-course/ -
BCP in ISO 9001:2015
Answer:
ISO 9001:2015 doesn´t require a Business Continuity Plan to the organizations. That being said, a BCP can help organizations to recognize, mitigate and address risks to your business. Also some customers may require a BCP to their suppliers so it will depend on the company to satisfy this expectation/need.
If you want to learn more about Business continuity management systems, see: https://advisera.com/27001academy/what-is-iso-22301/
These materials can help you with the mandatory requirements of ISO 9001:2015:
- List of mandatory documents required by ISO 9001:2015: https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/
- White paper - Clause by clause exanation of ISO 9001:2015: https://info.advisera.com/9001academy/free-download/clause-by-clause-explanation-of-iso-90012015
- Book - Discover IS O 9001:2015 through practical examples
- Free on-line course- ISO 9001:2015 Lead Implementer Course: https://advisera.com/training/iso-9001-lead-implementer-course/ -
Performing risk assessment
Answer:
To perform risk assessment I suggest you to take a look at the free demo of our ISO 27001/ISO 22301 Risk Assessment Toolkit at this link: https://advisera.com/27001academy/iso-27001-22301-risk-assessment-toolkit/
This toolkit enables you to implement information security compliant with ISO 27001.
This article will provide you further explanation about risk assessment:
- ISO 27001 risk assessment & treatment – 6 basic steps https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/
These materials will also help you regarding risk assessment:
- The basics of risk assessment and treatment according to ISO 27001 [free webinar on demand]
https://advisera.com/27001academy/webinar/basics-risk-assessment-treatment-according-iso-27001-free-webinar-demand/
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/ -
Auditor competences
Answer:
If you already are a qualified ISO 9001 lead auditor you only have to evidence competence on ISO 27001 to be able to audit an ISMS, and implementing an ISMS is one way to evidence such competency.
These materials will provide you further explanation about auditor qualification:
- Qualifications for an ISO 27001 Internal Auditor https://advisera.com/27001academy/blog/2015/03/30/qualifications-for-an-iso-27001-internal-auditor/
- ISO 27001:2013 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/
- ISO 27001:2013 Foundations Course https://advisera.com/training/iso-27001-foundations-course/ -
Validation and Verification of Design and Development
The previous provided answer is still applicable in your case. -
Use of ISO 45001 Toolkit in transition
Should we use the document sequentially when we have some procedures existing?
Answer:
If you are migrating from OHSAS 18001 to ISO 45001 using our toolkit then you are correct, if you already have existing procedures in place then reviewing these first before using the toolkit procedures. There is a helpful whitepaper on the transition process that can help you to organize the steps you will go through during the transition, including review of existing documents.
You can find the whitepaper here: https://info.advisera.com/45001academy/free-download/twelve-step-transition-process-from-ohsas-18001-to-iso-45001 -
ISO 45001 legal requirements
Answer:
ISO 45001, like all ISO management system standards, does not cover the specifics of what legal requirements are to be met, or how to meet them. That being the case the requirements of ISO 45001 are that you identify what compliance obligations your organization has (including legal obligations), and then to determine how to comply with these obligations. So, your first step is to determine what are the legal compliance obligations in the dental college environment.
For more on how ISO 45001 is implemented please see this helpful implementation diagram: https://info.advisera.com/45001academy/free-download/diagram-of-iso-45001-implementation-process -
About Management Representative
The Standard requires a documented procedure for the Management Review. It will be recommended to supplement the Management Review procedure with a SOP if the procedure stated in the Quality Manual is brief.
For more information, please refer to :
How to Perform Management Review According to ISO 13485
https://advisera.com/13485academy/blog/2017/11/09/how-to-perform-management-review-according-to-iso-13485/
Procedure for Management Review
https://advisera.com/13485academy/documentation/procedure-for-management-review-iso-13485-2016/ -
Implementing ISO 9001 for a consultancy office
Answer:
Implementing ISO 9001 in a consulting business is very similar to implementing it in any service business. The trick is applying the process approach and seeing the business as a set of processes. What does the business do to be known by potential customers? How does the business understand customer requirements and develop an offer? How does the business set a project team to handle a consultancy appointment? How does the business develops, controls and terminates a consultancy project? And so on…
The following materials will provide you more information about implementing a quality management system:
- ISO 9001 – Six Key Benefits of ISO 9001 Implementation - https://advisera.com/9001academy/knowledgebase/six-key-benefits-of-iso-9001-implementation/
- free online training ISO 9001:2015 Lead Implementer Course - https://training.advisera.co m/course/iso-9001-lead-implementer-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/