Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results for "iso17025 vs gmp"
1219 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Certifying organizations
...
... has to be certified by an accreditation body against ISO/IEC 17065. You can have an overview of this standard here: https://www.iso.org/obp/ui/#iso:std:iso-iec:17065:ed-1:v1:en
This article will provide you further explanation about accreditation and certification:
- Accreditation vs. certification vs. registration in the ISO world https://advisera.com/articles/accreditation-vs-certification-vs-registration-in-the-iso-world/ -
ISO 9001 for a single person company
... ate costs vs benefits of implementing the standard. If you determine that you will gain some work that otherwise you wouldn´t be eligible for, then you should consider implementing ISO 9001.
To learn more about achieving ISO 9001 in a small company you can see these materials:
- Article - Checklist of ISO 9001 implementation and certification steps: https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/
- Article - Benefits of ISO 9001 implementation f or small businesses: https://advisera.com/9001academy/blog/2018/09/17/benefits-of-iso-9001-implementation-for-small-businesses/
- Book - Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
- ISO 9001:2015 Foundations course: https://advisera.com/training/iso-9001-foundations-course/ -
Enrollment Process in Elementary School
... t process vs procedure:
- ISO 9001 â Watch Your Language! Donât confuse processes with procedures - https://advisera.com/9001academy/blog/2014/11/04/watch-language-dont-confuse-processes-procedures/
- Should universities implement ISO 9001? - https://advisera.com/9001academy/blog/2015/04/21/should-universities-implement-iso-9001/
- free online training ISO 9001:2015 Foundations Course â https://advisera.com/training/iso-9001-foundations-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
EU GDPR and scrapping data
... ficials' CVs.
> 2. A valid lawful ground would be based on just publishing an adequate Privacy Notice at the web to let data subjects know details, or should we also need also to directly contact them and get their consent? Thanks in advance
Answer: Depends on how you provide the scrapping service. I guess that someone would come to you and ask you to scrap his data, thus you would need to have the permission of that person. -
ISO 27001 Lead Auditor
... ... so provides accredited ISO 27001 Lead Auditor course, and you can read more information at this link: https://advisera.com/training/iso-27001-lead-auditor-course/
This article will provide you further explanation about accreditation and certification:
- Accreditation vs. certification vs. registration in the ISO world https://advisera.com/articles/accreditation-vs-certification-vs-registration-in-the-iso-world/ -
Risk owner for the use of mobile devices
Answer: This depends on the risk(s) you identified related to this activity. If there is a risk of loss of data or data leakage, the risk owner could be the Head of IT department; if there is a risk of inappropriate usage of the device, the risk owner could be the security officer, etc.
See also this article: Risk owners vs. asset owners in ISO 27001:2013 https://advisera.com/27001academy/knowledgebase/risk-owners-vs-asset-owners-in-iso-270012013/ -
BIA input for risk assessment
... mpact on confidentiality, integrity and availability of your information.
Therefore, you can take Business Impact Analysis as an input for your risk assessment, however this could prove to be very costly if you start doing this for each of your assets; to avoid these costs you can do the BIA only for the most valuable assets.
Read also this article: Risk assessment vs business impact analysis: https://advisera.com/27001academy/knowledgebase/risk-assessment-vs-business-impact-analysis/ -
Non-Conformance vs Opportunity for Improvement
Struggling little bit with Non-Conformance vs Opportunity for Improvement, or Continuous improvement. Do you have any examples, on ISO 27001 nonconformance vs Continuous improvement Something not meeting a requirement of ISO 27001 if taken up as Continuous improvement as an action, will that suffice? -
Control owners
... p>... ince inf ormation security controls can cover much more then IT-related controls, then the best approach would be for the controls to be owned by the Head of information security. Again, if the number of controls is too high, then you can split responsibilities considering people competencies.
This article will provide you further explanation about risk owners:
- Risk owners vs. asset owners in ISO 27001:2013 https://advisera.com/27001academy/knowledgebase/risk-owners-vs-asset-owners-in-iso-270012013/ -
ISO certifications for cloud computing
... ISO 27001 vs. ISO 27017 â Information security controls for cloud services https://advisera.com/27001academy/blog/2015/11/30/iso-27001-vs-iso-27017-information-security-controls-for-cloud-services/
- ISO 27001 vs. ISO 27018 â Standard for protecting privacy in the cloud https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/