Search results

Home / Search

Category:
Select
Select

11272 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Risk assessment


    Answer:

    In the Risk assessment spreadsheet a risk is described in terms of the asset, threat and vulnerability related to it, using the columns A, D and E of the spreadsheet. For example, for the risk "theft of unattended laptop" the description would be:

    Column A (asset name): laptop
    Column B (threat): thief
    Column C (vulnerability): unattended asset

    By the way, included in the toolkit you bought, you have access to video tutorials that will help you fill in the risk assessment table.

  • BCMS implementation

    Good day, thank you so so much for the guidance.

    It is really appreciated :-)

    Best regards,
    Rene Pieterse

  • Change management


    Answer:

    To manage changes in an effective way, the first thing you have to do is to define a change management policy, to explain to all interested parties how changes to information systems are controlled. In this policy you will define what is to be considered as a change (e.g., the addition, modification or removal of any authorized, planned, or supported component that could have an effect on IT services.).

    Depending on the complexity of the environment and competence level of the team, you may also consider the development of change procedures to detail specific activities to be performed (e.g., procedure to change firewall rules, or update a database management system).
    To see how a change management policy looks like, I suggest you to take a look at the free demo of our Change Management Policy at this link: https://advisera.com/27001academy/documentation/change-management-policy/

    This article will provide you further explanation about change management:
    - How to manage changes in an ISMS according to ISO 27001 A.12.1.2 https://advisera.com/27001academy/blog/2015/09/14/how-to-manage-changes-in-an-isms-according-to-iso-27001-a-12-1-2/

  • Preparation for ISO 9001:2015 certification


    Answer:

    You need to start by obtaining management support and identifying the customer requirements for the QMS, then you will need to define your quality policy, quality objectives, which together define the overall scope and implementation of the Quality Management System. Along with these, you will need to create the mandatory and additional processes and procedures necessary for your organization to properly create and deliver your product or service.

    Here you can find a list of mandatory documentation and commonly used for ISO 9001:2015: https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/

    This article can help you with the certification process:
    - Article - How do you prove to the certification auditor that QMS processes are carry out as plannes: https://advisera .com/9001academy/blog/2016/12/13/how-do-you-prove-to-the-certification-auditor-that-qms-processes-are-carried-out-as-planned/

    Certification process should be smooth if the implementation of the standard is successful. Usually certification audits are conducted in 2 stages. The first stage is a review of your documentation by the certification body auditors to verify that, on paper, you have addressed all ISO 9001 requirements. In the second stage the certification body auditors will review the records you have accumulated by operating your QMS processes, including your records of internal audits, management review and corrective actions.

    To understand more about the certification steps, see this article:
    - Checklist of ISO 9001 implementation and certification steps: https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/

    There are many benefits regarding the certification, among them - Improvement of your credibility and image; Improvement of customer satisfaction; Better process integration; Improve your evidence for decision making; Create a continual improvement culture; Engagement of employees. Regarding the cons I would say that you will need some effort in the terms of money, personnel involvement, training, etc. in order to implement the standard, either by yourserlf or with the help of a consultant

    In this article you can find the benefits of the certification - Six key benefits of ISO 9001 implementation: https://advisera.com/9001academy/knowledgebase/six-key-benefits-of-iso-9001-implementation/

    Also these materials can help you with the implementation and certification process:
    - Book - Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
    - ISO 9001:2015 Foundations Course: https://advisera.com/training/iso-9001-foundations-course/

  • Information security incident by ISO 27001 vs. personal data breach by GDPR


    Answer:

    If the vulnerability was not exploited to misuse personal data there is no data breach under the EU GDPR. The EU GDPR defines a “personal data breach” in Article 4(12) as: “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise process ed”

    So if the data was not destroyed, lost, altered or transmitted, then it is just a security incident but not a data breach.

    To learn more about data breach check out our free “EU GDPR Foundations Course” (https://advisera.com/training/eu-gdpr-foundations-course//).

  • Lead auditor certification


    Answer:

    Usually getting the lead auditor certification is more important if you want to become a lead auditor because in this kind of course you’ll learn everything you need to know about ISO 9001, but also how to become qualified certification auditor of quality management system.

    You can attend this course for free here - ISO 9001 Lead Auditor Course: https://advisera.com/training/iso-9001-lead-auditor-course/

    If you want to become a consultant I recommend you better the Lead Implementer Course where you can learn everything you need to know about ISO 9001, plus how to become an independent consultant for implementing a Quality Management System

    You can at tend this course for free here - ISO 9001 Lead Implementer Course: https://advisera.com/training/iso-9001-lead-implementer-course/

  • Audit Programme


    Answer:

    The ISO 9001 requirements for the audit program are to plan, establish, implement, and maintain an audit program. The audit program relies on a schedule of all audits, which can be as simple as a spreadsheet or calendar of the audits to be performed.

    Therefore, these elements should be included in the program:
    - Audit frequency
    - Audit methods
    - Responsibilities
    - Requirements for planning
    - Audit reporting

    To learn more about the audit programme, you can see these materials:
    - Article - https://advisera.com/9001academy/blog/2017/01/24/what-is-the-iso-9001-audit-program-and-how-does-it-work/
    - Book - Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
    - ISO 9001:2015 Foundations Course: https://advisera.com/training/iso-9001-foundations-course/

  • Transition to ISO 9001:2015


    Answer:

    In order to successfully perform the transition to ISO 9001:2018 you can follow these steps:

    1) Define the context of the organization
    2) List all interested parties
    3) Review the scope of the QMS
    4) Demonstrate leadership
    5) Align QMS objectives with the company’s strategy
    6) Assess risks and opportunities
    7) Control documented information
    8) Operational control
    9) Review the design and development process.
    10) Control of external providers
    11) Performance evaluation.
    12) Measurement and reporting

    To learn more about the transition process to ISO 9001:2015, you can see these materials:
    - Article - How to make the transition from ISO 9001:2008 revision t the 2015 revision: https://advisera.com/9001academy/blog/2015/10/06/how-to-make-the-transition-from-iso-90012008-revision-to-the-2015-revision/
    - Book - Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
    - ISO 9001:2015 Foundations Course: https://advisera.com/training/iso-9001-foundations-course/

  • Partes interesadas


    Respuesta:

    Pueden organizar una reunión con la gente relevante de la organización y llevar a cabo una tormenta de ideas para identificar las partes interesadas que pueden tener un impacto en el SGC, es decir, en la capacidad de la organización para proporcionar productos y servicios que cumplan tanto con las necesidades de los clientes como con los requisitos legales.

    Algunas partes interesadas pueden ser: clientes (en su caso pudieran ser los ciudadanos a los cuales prestan un servicio), proveedores, organizaciones gubernamentales, ONGs, empleados, etc.

    Estos materiales pueden ser de ayuda para comprender las necesidades y expectativas de las partes interesadas:

    - How to determine interested parties: https://advisera.com/9001academy/blog/2015/11/10/how-to-determine-interested-parties-and-their-requirements-according-to-iso-90012015//015 /
    - Understanding needs and expectations of interested parties in ISO 9001:2015: https://advisera.com/9001academy/: academy/blog/2017/10/24/understanding-needs-expectations-of-interested -parties-in-iso-90012015/
    - Libro - Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
    - Curso Fundamentos ISO 9001:2015: https://advisera.com/es/formacion/curso-fundamentos-iso-9001/

  • ISO 9001 in a construction company


    Answer:
    Evidence of Valid ISO 9001:2015 Accredited Quality Management System (QMS) – means that your client wants that your company implements a Quality Management System (QMS) according to ISO 9001:2015 and then certifies that system by a certification body accredited according to ISO 17021

    “We are a family company in the construction business for long time but now I want my company to improve the quality skills and paperwork so if you can send me some sample construction QC plans and HSE plans for a war zone design and build contractor that would be great. I couldn’t download from your webpage somehow.”

    The following material will provide you information about implementing an ISO 9001 management system in a construction company:

    - ISO 9001 – Case study for ISO 9001:2015 transition in a construction company - https://info.advisera.com/hubfs/9001Academy/9001Academy_FreeDownloads/Case_study_for_ISO_9001_2015_transition_in_construction_company_EN.pdf?t=1493297551317
    - Would construction companies benefit from ISO 9001? - https://advisera.com/9001academy/blog/2016/06/07/would-construction-companies-benefit-from-iso-9001/
    - free online training ISO 9001:2015 Lead Implementer Course - https://advisera.com/training/iso-9001-lead-implementer-course/
    - book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
Page 675-vs-13485 of 1128 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +