Search results

Home / Search

Category:
Select
Select

11270 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Procedimientos en ISO 9001:2015


    Respuesta:

    Lo cierto es que en esta nueva versión de la norma ISO 9001:2015 ya no existe la obligatoriedad de crear procedimientos. La nueva ISO 9001 nos habla únicamente de información documentada que es necesaria mantener, esto correspondería a la política de calidad, los objetivos, el alcance y los criterios para la selección de los proveedores; y también menciona que debe ser retenida información documentada, que se refiere a lo que se entiende como registros. No obstante, la organización puede determinar la necesidad de crear una serie de procedimientos que le ayuden a facilitar la implementación y mantenimiento de la norma.

    En este artículo puede encontrar un listado con los documentos y registros obligatorios así como los comúnmente utilizados - Lista de documentos obligatorios requeridos por la ISO 9001:2015: https://advisera.com/9001academy/es/knowledgebase/lista-de-documentos-obligatorios-requeridos-por-la-iso-90012015/

    Estos materiales también pueden ayudarle con la documentación de ISO 9001:2015:
    - Libro - Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
    - Curso gratuito en línea - Fundamentos ISO 9001:2015: https://advisera.com/es/formacion/curso-fundamentos-iso-9001/

  • ISMS scope


    Answer: Section 3.4 of the ISMS scope document requires an organization to document a general overview of which network and IT assets (e.g., firewalls, switches, communication links, etc.) are included in the scope, but you also have to understand how these assets relate to elements external to the scope (e.g., Internet, customer's network, communication providers, etc.), so you can have a precise understanding of your security context and environment.

    Here is an example:
    "The network and IT infrastructure included in the ISMS scope comprise of two local networks (user and system LANs) and a wi-fi network (for consultants), interconnected by two independent switches, and a backbone which connects all networks to the Internet."

    These articles will provide you further explanation about ISMS scope:
    - How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
    - Problems with defining the scope in ISO 27001 https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/

    2 I also want to know if you have a gap assessment document for ISO 22301?

    Answer: For ISO 22301 gap assessment I suggest you to take a look at the free demo of our ISO 22301 Internal Audit Checklist at this link: https://advisera.com/27001academy/documentation/internal-audit-checklist/

    This document provides a list of questions in order to help identify compliance with ISO 22301. For each clause or control from the standard the checklist provides one or more questions which allows you to visualize which specific elements of business continuity management system you’ve already implemented, and what you still need to do.

  • Availability of the policies and procedures of the ISMS


    Answer:

    The GDPR does not require you to have specific persons signing policies and procedures, this is usually an internal requirement of the companies. The only thing you may need to prove is the fact that the policies and procedures are available to the concerned employees and that there is a method in place to check if they are effective.

  • ISO 27001 courses


    Answer:

    I suggest you to take a look at these ISO 27001 courses:
    - ISO 27001:2013 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
    - ISO 27001:2013 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/
    - ISO 27001:2013 Lead Auditor Course https://advisera.com/training/iso-27001-lead-auditor-course/
    - ISO 27001:2013 Lead Implementer Course https://advisera.com/training/iso-27001-lead-implementer-course/

    All exams are accredited by Exemplar Global, and recognized world-wide. You can enroll each one for free (you only have to pay for the certification exam / workshop).

  • What other regions are planning to apply GDPR?


    Answer:

    Not so sure about the US because privacy related concepts are a little different there, but Canada and other countries especially the ones that received adequacy decisions in the past will definitely be amending their local privacy laws to be as close as possible to the GDPR.

  • Roles in a QMS


    Answer:
    When implementing a QMS you use the process approach. The QMS is nothing more than a set of processes. In each process you identify a flow of activities. Each activity has the participation of one or more functions (roles). What I recommend you to do is to list all the activities done by each function in each process.

    This way you will develop a sound characterization of what is expected from each function (role).

    The following material will provide you information about roles in a QMS:

    - How to document roles and responsibilities according to ISO 9001 - https://advisera.com/9001academy/blog/2018/02/26/how-to-document-roles-and-responsibilities-according-to-iso-9001/
    - What is the job of the Quality Manager according to ISO 9001? - https://advisera.com/9001academy/blog/2016/08/23/what-is-the-job-of-the-quality-manager-according-to-iso9001/
    - free online training ISO 9001:2015 Lead Implementer Course - https://advisera.com/training/iso-9001-lead-implementer-course/ - book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

  • Quality objectives for a construction company


    Answer:
    You shouldn’t develop quality objectives without prior definition of the quality policy, and quality policy should be aligned with the strategic orientation of the company.

    Consider a construction company that wants to be known by its ability to comply with project dates. So, a quality objective could be:

    Next fiscal year, our rate of projects delivered beyond target delivery date should be below 3%. Responsible: Production Manager

    The following material will provide you information about developing quality objectives:

    - How to Write Good Quality Objectives - https://advisera.com/9001academy/knowledgebase/how-to-write-good-quality-objectives/
    - What has changed with quality objectives in ISO 9001:2015? - https://advisera.com/9001academy/blog/2018/05/08/what-has-changed-with-quality-objectives-in-iso-90012015/
    - free online training ISO 9001:2015 Lead Implementer Course - https://advisera.com/training/iso-9001-lead-implementer-course/
    - book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

  • ISO 14001 and an environmental management strategy


    Answer:
    ISO 14001 does not tell us how to develop an environmental management strategy. ISO 14001 only tell us about requirements to consider, when developing an environmental management system, aligned with a particular environmental management strategy.

    To develop an environmental management strategy, I ask organizations why they want to develop an environmental management system. For example, for industrial companies I ask them: how can an environmental management system help your organization’s business strategy? They can tell me that they win clients due to their low prices, but clients also want them to be ISO 14001 certified. In that case, I recommend developing the environmental management system with a particular focus on efficiency, on recycling and/or re-use.

    The following material will provide you information about implementing ISO 14001:

    - 6 Key Benefits of ISO 14001 - https://advisera.com/ 14001academy/knowledgebase/6-key-benefits-of-iso-14001/
    - Download free ISO 14001 materials - https://advisera.com/14001academy/free-downloads/
    - free online training ISO 14001:2015 Lead Implementer Course - https://advisera.com/training/iso-14001-lead-implementer-course/
    - book - THE ISO 14001:2015 COMPANION – A A Straightforward Guide to Implementing an EMS in a Small Business - https://advisera.com/books/the-iso-14001-2015-companion/

  • Risk assessment


    Answer:

    In the Risk assessment spreadsheet a risk is described in terms of the asset, threat and vulnerability related to it, using the columns A, D and E of the spreadsheet. For example, for the risk "theft of unattended laptop" the description would be:

    Column A (asset name): laptop
    Column B (threat): thief
    Column C (vulnerability): unattended asset

    By the way, included in the toolkit you bought, you have access to video tutorials that will help you fill in the risk assessment table.

  • BCMS implementation

    Good day, thank you so so much for the guidance.

    It is really appreciated :-)

    Best regards,
    Rene Pieterse
Page 674-vs-13485 of 1127 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +