Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11269 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
ISO management system certification
Answer: First you have to implement ISO 27001 / ISO 22301 according the steps described in the toolkit you bought. After implementation, you have to look for a certification body to audit your system and issue a certificate in case the system is complaint with standards requirements.
2 - Once I work on completing all the documents in the documentation toolkit what happens then? Do I submit them to Advisera and you submit it to ISO or do I need to submit them to ISO myself?
Answer: During implementation you can submit some of your documents to us for review, so we can evaluate their compliance to the standards and suggest improvements when needed, but it is your organization that has to go through the process to select an certification body and submit your management system to the certification process. We are not authorized to issue certificates, since we are not a certification body.
This article will provide you further explanation about choosing a certif ication body:
- How to choose a certification body https://advisera.com/blog/2021/01/11/how-to-choose-an-iso-certification-body/
3 - How long on average does it take to become certified when the documents are submitted?
Answer: The time to go through all the certification process will vary depending on the size and complexity of the management system scope, but generally it takes between one to four months (mostly depending if the organization goes through a pre-certification audit or not).
- Becoming ISO 27001 certified – How to prepare for certification audit https://advisera.com/27001academy/iso-27001-certification/
- ISO 27001/ISO 22301: The certification process [free webinar on demand] https://advisera.com/27001academy/webinar/iso-27001iso-22301-certification-process-free-webinar-demand/
4 - Will someone from the body come to my company to conduct an assessment?
Answer: The certification process is conducted in two phases: a document review, which not necessarily requires the presence of the certification auditor in the organization, and the main audit, which is performed in the organization to asses the compliance of implemented processes and controls.
5 - Will my company receive certifications?
Answer: If your system is fully complaint with the standard's requirements, you will get the certificate.
6 - Can my company start to use the certifications in marketing or to secure new deals?
Answer: One of the benefits of certified systems is that you can use the certification as a market tool, to demonstrate you can protect information (regarding ISO 27001) / ensure business continuity (regarding ISO 22301). Together with the certification you also will receive from the certification body orientations about how to use the elements such as logos and certification information to promote your business. -
What is an environmental aspect?
Answer:
Any organization interacts with the environment. An environmental aspect is the way the activities or products or services of an organization interact or can interact with the environment. For example, a manufacturing plant consumes electricity and raw materials, discharges effluents and air emissions and generates wastes. The products must be transported and are used by consumers. During those steps the interactions with the environment continue to happen.
The following material will provide you information about environmental aspects:
- ISO 14001 – 4 steps in identification and evaluation of environmental aspects - https://advisera.com/14001academy/knowledgebase/4-steps-in-identification-and-evaluation-of-environmental-aspects/
- Environmental aspect identification and classification - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/environmental-aspect-identification-and-classification/
- free online training ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
- book - THE ISO 14001:2015 COMPANION – A A Straightforward Guide to Implementing an EMS in a Small Business - https://advisera.com/books/the-iso-14001-2015-companion/ -
Evidences of a strategic orientation
Answer:
It can be clear to an objective observer what is the strategic orientation of an organization. Assuming a strategy requires making choices, particularly, making trade-offs. An organization with a strategic orientation will assume to be good in some things and not so good at others. For example, if an organization has a strategic orientation of being a very competitive low-price supplier it cannot be, at the same type, a very competitive supplier of innovative products and services. Having said that, I believe that in most cases that is not possible or not clear for an objective observer because the strategic orientation is not cle ar for the organization or is not translated into the QMS documentation. Last month, when preparing the checklist for an audit, I looked into the quality policy and realized that they had only statements that anyone can subscribe, no strategic orientation there. Like “We want satisfied customers”
The following material will provide you information about strategic orientation:
ISO 9001 – Aligning quality objectives of the QMS with the strategic direction of the company - https://advisera.com/9001academy/blog/2017/03/07/aligning-quality-objectives-of-the-qms-with-the-strategic-direction-of-the-company/
You can look for strategic orientation example in this link https://advisera.com/books/wp-content/uploads/sites/9/2017/09/Discover-ISO-9001-through-practical-examples-EN-LookInside.pdf
- free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
Leadership and commitment evidences
Answer:
Objective evidence to demonstrate leadership can be gathered through interviews, observation and documented information. For example:
evaluating alignment between information and other evidences shown during interviews with the practices, real performance and documented information;
evaluating participation in communication and awareness events;
ensuring that the QMS is integrated in the business management system;
ensuring resources for the operation and improvement of the QMS;
ensuring that actions are taken when there is a gap between real and desired performance
For example, if your organization demonstrates lack of critical resources to satisfy customers or the conformity of products or services, the auditor will be in the presence of an evidence of lack of commitment with the QMS.
The following material will provide you information about leadership and commitment:
ISO 9001 – How to comply with new leadership requirements in ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-comply-with-new-leadership-requirements-in-iso-90012015/
- free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
Risk Assessment
Answer: The probability of occurrence can be identified by means such as historical data (either from the own organization or from available data from organization's industry), statistical models, or by expert opinion.
This article may provide you more information about identification of probability of occurrence: - How to assess consequences and likelihood in ISO 27001 risk analysis https://advisera.com/27001academy/iso-27001-risk-assessment-treatment-management/#assessment
2. How to identify the Chance of non-detection ?
Answer: For equipment you may find information about failure rates (or false negatives) on documentation provided by manufacturers. Regarding procedural controls, tests and simulations involving users, technical staff can provide information to help identify chances of a procedural control fail without detection. -
Assessing risks
Answer:
First, what is a risk? A risk is a deviation from the expected due to uncertainty. The expected are desired results, are the outcomes of the QMS.
Second, ISO 9001 mentions risks at three levels (clause 5.1.2b – risks about products and services. Clause 4.4.1f – risks about process outcomes. Clause 6.1.1 – risks about QMS overall results)
For example, yesterday I was working with a company describing the process where materials are ordered, received and prepared for production. We described the process as is. Then the Production Manager said that he would like to make a change in the process to minimize the risk of a supplier delayed a delivery and no one at the warehouse contacts him and Planning does not know that there is a problem of materials missing. This is a typical case about Clause 4.4.1f. For example, during context evaluation an organization can identify a trend for more competition, or more non-technical barriers when exporting beca use of a rise in protectionism. So, the organization can consider that trend as a risk or an opportunity. For example, analyzing all complaints from the previous year an organization can relate reasons for complaints with risks with products and services. After determining risks and opportunities organizations have to decide which need to be addressed and improve the system to eliminate or reduce those risks or take advantage of which opportunities.
The following material will provide you information risks and opportunities:
ISO 9001 – How to address risks and opportunities in ISO 9001 - https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/
- Risk-based thinking replacing preventive action in ISO 9001:2015 – The benefits - / https://advisera.com/9001academy/knowledgebase/risk-based-thinking-replacing-preventive-action-in-iso-90012015-the-benefits/
- – ISO 9001:2015 Risk Management Toolkit – https://advisera.com/9001academy/iso-90012015-risk-management-toolkit/
- free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
ISO 9001 internal audit documentation
Will be very thankful to you. I have download the checklist of the Mandatory documentation requirement for ISO 9001-2015. Is this list is fine or I need more information.
I want information of procedure and documentation of audit. Will be thankful
Answer:
You can see these articles that describe the steps for ISO 9001 Internal Auditing and the requirements of every step:
- Five main steps in ISO 9001 internal audit: https://advisera.com/9001academy/knowledgebase/five-main-steps-in-iso-9001-internal-audit/
- 13 steps for ISO 9001: internal auditing using ISO 19011: https://advisera.com/9001academy/knowledgebase/13-steps-for-iso-9001-internal-auditing-using-iso-19011/
To learn more about paperwork needed for ISO 9001 auditing you can use these materials:
- Article - ISO 9001 audit checklist: https://advisera.com/9001academy/knowledgebase/iso-9001-audit-checklist/
- You can downl oad a free preview of our audit checklist here: https://advisera.com/9001academy/documentation/internal-audit-checklist/
The list of mandatory documentation shows all mandatory documentation necessary for the implementation of ISO 9001:2015 as well as some common documents used: https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/ This list should be enough to demonstrate that you comply with ISO 9001:2015 requirements.
Here you can also download a free preview of our procedure for internal audit - Procedure for intenal audit : https://advisera.com/9001academy/documentation/procedure-internal-audit/ -
Quality Manual requirements
Answer:
Directorates or Sectoral are terminologies not used in ISO 9001:2015. So, I do not know what they stand for, but ISO 9001:2015 no longer considers mandatory to have a quality manual. Because of that, there are no requirements about the content of a Quality Manual, whatever the name chosen by an organization. So, you can have any name with the content that your organization decides useful.
The following materials will provide you details about quality manual in ISO 9001:2015:
- Article - The future of the Quality Manual in ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/the-future-of-the-quality-manual-in-iso-90012015/
- Writing a short Quality Manual - https://advisera.com/9001academy/knowledgebase/writing-a-short-quality-manual/
- [free course] ISO 9001:2015 Foundations Course - https://tra ining.advisera.com/course/iso-90012015-foundations-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
Legal requirements identification
Answer:
When I start the development of an EMS my first concern is to identify all aspects and impacts that interact with the environment. Then, for each aspect and impact I look for legal requirements in a database of environmental legal requirements for my country. I use a database from a commercial service because I want to be sure that I am doing what can be called due diligence. Then I analyze each legal requirement to check if they apply to the company. Sometimes there are legal requirements that are only applied when an organization use more than a certain amount. For example, in my country there is legislation for heavy consumers of energy. According to ISO 14001:2015, besides legal requirements I also check if relevant interested parties have requirements that the company wants to consid er as compliance obligations. Permits are legal requirements for sure.
The following material will provide you information about legal requirements:
- ISO 14001 – Compliance requirements according to ISO 14001:2015 – What has changed? - https://advisera.com/14001academy/blog/2015/09/14/compliance-requirements-according-to-iso-140012015-what-has-changed/
- free online training ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
- book - THE ISO 14001:2015 COMPANION – A A Straightforward Guide to Implementing an EMS in a Small Business - https://advisera.com/books/the-iso-14001-2015-companion/ -
Evidences about organizational knowledge
Answer:
Can your organization evidence the determination of what knowledge is necessary for performing a function relevant for achieving process performance and/or products and services conformity?
Can your organization evidence how that knowledge is kept alive and is shared when needed? Can be a database, can be Work Instructions, can be reports, can be sharing information meetings.
Can your organization evidence actions to prevent knowledge loss? For example, today, I visited a company that realized that they had no one prepared to replace a manufacturing sector manager who in the meantime broke a leg at home. Are there other situations that should be identified and prevented?
Can your organization evidence the knowledge transmission when someone starts in a function?
Can your organization evidence routines to be aware of new knowledge? Subscription of technical magazines? Regular meetings with suppliers? Partnerships with customers and/or universities? Regular participation at seminars and conferences?
The following materials will provide you details with organizational knowledge:
- Article - How to manage knowledge of the organization according to ISO 9001
- https://advisera.com/9001academy/blog/2016/08/30/how-to-manage-knowledge-of-the-organization-according-to-the-iso9001/
- Article - How to ensure competence and awareness in ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-ensure-competence-and-awareness-in-iso-90012015/
- [free course] ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/