Search results

Home / Search

Category:

Sort by:

Select

Types of user:

Select

11269 results

Guest

Create New Topic As guest or Sign in

Business department* About business* Organization size*

Title *

Body *

HTML tags are not allowed

Category *

Select

Assign topic to the user

Select user

Business Continuity Plan Concept
=========================================================
The purpose of the Business Continuity Plan is to define precisely how the organization will manage incidents in the case of a disaster or other disruption of business, and how it will recover its critical activities within set deadlines.
===========================================================
NO, a plan details WHAT a company will do to manage incidents. A Procedure details the steps on HOW this will be accomplished.

Answer: The term "Business Continuity Plan" is used well before the release of any ISO standard related to business continuity, meaning the actions to be performed in case of disaster, and when related ISO standards were elaborated it was decided to keep this term to avoid confusion.

The ISO 22300:2018 (Security and resilience — Vocabulary), defines business continuity plan as documented procedures that guide an organization to respond, recov er, resume and restore itself to a pre-defined level of operation following a disruption, making the link with the concept of procedures used in ISO standards.

This article will provide you further explanation about business continuity plan:
- Business continuity plan: How to structure it according to ISO 22301 https://advisera.com/27001academy/knowledgebase/business-continuity-plan-how-to-structure-it-according-to-iso-22301/

These materials will also help you regarding business continuity plan:
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/
- https://advisera.com/27001academy/knowledgebase/business-continuity-plan-how-to-structure-it-according-to-iso-22301/ https://advisera.com/27001academy/webinar/writing-a-business-continuity-plan-according-to-iso-22301-free-webinar-on-demand/
Organizational knowledge
for example:
Company maintains its quality standard of creating and managing training solutions for the last 25 years of excellent provision of human resource development, leadership training programmes given the recognition of different international accreditation and awarding bodies and of the Ministry.
Is this correct or we need to change our Manual? by the way we are using this manual for 10 years now and we just had our surveillance audit and certificate for ISO 9001-2015.

Answer:

You are correct. Organizational knowledge is referred to specific knowledge to the company, generally gained by experience, which is used and shared to achieve the objectives of the organization. This can come internally, such as intellectual property, lessons learned from failure and successes, or the results of improvements; or it can come externally from conferences, customer knowledge, or supplier knowledge.

To learn more about organizational knowledge, see this articles - How to manage knowledge of the organization according to the ISO 9001: https://advisera.com/9001academy/blog/2016/08/30/how-to-manage-knowledge-of-the-organization-according-to-the-iso9001/

For more information about organizational knowledge you can see these materials:
- Book - Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
- ISO 9001:2015 Foundations Course: https://advisera.com/training/iso-9001-foundations-course/
Plan de auditoria de un SGC
Consiste en definir qué va a ser auditado, quién llevará a cabo la auditoria y quién será auditado. En el plan de auditoria también se decide cómo se va a dividir la auditoria en caso de que exista más de un auditor, y cuánto tiempo se dedicará a cada proceso durante la misma.
Para saber más sobre la auditoria interna en ISO 9001:2015, puede ver estos materiales:
- Artículo - 13 pasos para la auditoria interna de ISO 9001 utilizando ISO 19011: https://advisera.com/9001academy/knowledgebase/13-steps-for-iso-9001-internal-auditing-using-iso-19011/
- Curso de auditor interno ISO 9001:2015: https://advisera.com/es/formacion/curso-auditor-interno-iso-9001/
- Preparación para la auditoria de certificación ISO: Una guía en un lenguaje sencillo: https://advisera.com/books/preparacion-para-la-auditoria-de-certificacion-iso-una-guia-en-un-lenguaje-sencillo/
Starting a career as consultant

Answer:

Although there are no legal requirements to start a career in consultancy, for the technical side I recommend getting certified training about ISO 9001 and about internal audits. For the commercial side I recommend starting a blog about your reflections about ISO 9001, and keeping an active participation in Linkedin for networking and developing your “personal brand”. About the financial side I can only tell you my own experience: I worked for some years as quality manager I saved money for starting my own business as consultant, then winned the first projects as trainer, auditor and consultant and then the business became sustainable.

The following material will provide you information about the advice:

- How to sell ISO consulting services [free webinar] - https://advisera.com/9001academy/webinar/how-to-sell-iso-consulting-services-free-webinar-on-demand/
- free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
QMS Scope and Quality Manual

Answer:

The Scope of the QMS normally does not change. So, include it in section 4.3 of the Quality Manual is a good option. The other option is also possible, keep it as an external document referred in Section 4.3. Scope and Process Map are two different things. For example, you can have a very similar Process Map for two companies in the same economic sector, but since they have different strategic orientations they have different scopes.

The following material will provide you information about QMS scope:

- ISO 9001 – How to define the scope of the QMS according to ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-define-the-scope-of-the-qms-according-to-iso-90012015/
- free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
Análisis de riegos y auditor interno
1.- cual es el método más recomendado para el análisis de riesgo?
2.- Se requiere tener en la organización un Auditor Lìder certificado? O con un Auditor interno es suficiente?

Respuesta:

1. El método que recomiendo para la identificación y análisis de los riesgos y oportunidades es el más sencillo de llevar a cabo para la organización. Podría simplemente organizarse una reunión con el personal más relevante de la organización, que incluya alta y media dirección y realizarse un análisis DOFA (debilidades, oportunidades, fortalezas y amenazas).

La determinación de los riesgos puede realizarse de forma individual o junto con otros elementos como los aspectos ambientales, los requisitos legales y el contexto de la organización.

Para más información sobre análisis de riesgos, vea estos artículos:
- Gestión de riesgos en ISO 14001:2015: qué, por qué y cómo: https://advisera.com/14001academy/es/knowledgebase/gestion-de-riesgos-en-iso-140012015-que-por-que-y-como/
- Riesgos y op ortunidades vs. aspectos ambientales en ISO 14001: https://advisera.com/14001academy/blog/2016/06/06/iso-14001-risks-and-opportunities-vs-environmental-aspects/#

2. No es necesario tener un auditor líder certificado para llevar a cabo las tareas de auditoria interna sino auditor interno con la experiencia necesaria y cualificación para realizar la auditoria interna.

En este artículo puedes encontrar las competencias necesarias que debe poseer un auditor interno - Qué competencias debería de tener u auditor interno de ISO 14001? (disponible en inglés): https://advisera.com/14001academy/blog/2016/07/04/what-competences-should-an-iso-14001-internal-auditor-have/#

Este curso puede ser de utilidad para saber más sobre ISO 14001:2015: https://advisera.com/training/es/course/curso-fundamentos-iso-14001/
Audits and sampling

Answer:

Every audit compares reality with audit criteria. Reality is very wide, and no one can audit reality exhaustively. So, every audit is performed by taking samples of reality and comparing them with audit criteria to get audit evidences. When designing your sample take care to assure that samples are representative and unbiased. Good audit practice should ensure that you audit program includes all processes. All processes must be audited, but for example you can audit the Commercial Process and take the internal market as a sample, leaving for another future audit the external market.

The following material will provide you information about audits:

- ISO 9001 – What is the ISO 9001 audit program, and how does it work? - https://advisera.com/9001academy/blog/2017/01/24/what-is-the-iso-9001-audit-program-and-how-does-it-work/ at-is-the-iso-9001-audit-program-and-how-does-it-work/
- 13 Steps for ISO 9001 Internal Auditing using ISO 19011 - https://advisera.com/9001academy/knowledgebase/13-steps-for-iso-9001-internal-auditing-using-iso-19011/
- free online training ISO 9001:2015 Internal Auditor Course - https://advisera.com/training/iso-9001-internal-auditor-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
Register of Data Subject Access Requests

Answer:
There is not mention in the EU GDPR on how long the data subject requests should be kept. However, you are free to decide upon a retention period that would at least give you the possibility to defend your legal rights if necessary. So, a good start would be to keep them for a period which is close to the statute of limitation under national law, in Romania that period is three years.

To learn more about the EU GDPR check out our free webinar “EU GDPR Foundations Course” (https://advisera.com/training/eu-gdpr-foundations-course//)
ISO 20000 scope

Answer:
Yes, providing IT services ti internal customers is valid scope for the ISO 20000 certification.
More details about scope - in the article " How to define the scope of the SMS in ISO 20000" https://advisera.com/20000academy/blog/2015/06/02/how-to-define-the-scope-of-the-sms-in-iso-20000/
Controlling changes

Answer:

As far as I understand the question, I believe you are talking about clause 6.3 Planning of changes. During a defined period, certain procedures will not be followed and an alternative controlled way of working will be in place.

The following material will provide you information about planning and controlling changes:

- ISO 9001 – QMS Change Management in 7 steps - https://advisera.com/9001academy/blog/2016/11/29/qms-change-management-in-7-steps/
- free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +

Search results

11269 results

Create New Topic As guest or Sign in

Assign topic to the user

Want to vote?

Business Continuity Plan Concept

Organizational knowledge

Plan de auditoria de un SGC

Starting a career as consultant

QMS Scope and Quality Manual

Análisis de riegos y auditor interno

Audits and sampling

Register of Data Subject Access Requests

ISO 20000 scope

Controlling changes

Didn’t find an answer?