Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11269 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Implementing ISO 9001 - what about duration?
Answer:
In the middle of the 80’s, I worked for a couple of years for an artificial leather manufacturing company for the automotive industry with some small production of tarpaulins for trailers (emulsion PVC was the main raw material).
I believe that the duration of implementation depends primarily on the size of the organization, for example:
* Smaller organizations (up to 50 employees) usually implement the standard in less than 8 months;
* Mid-size organizations (up to 500 employees) usually implement the standard in 8 to 12 months;
* Large organizations (500 employees and more) – implementation usually lasts 12 to 15 months.
Beware of companies that drag such projects on for too long (e.g., small companies for more than 12 months) usually never finish the project.
ISO 9001:2015 does not require many documentation and even if there are no written procedures there must be some kind of practices use them as the corner stone of your QMS. For example, this week I visited an organization without QMS but with quality control in place.
The following material will provide you information about implementing a QMS:
- ISO 9001 – Five tips to ensure your ISO 9001:2015 implementation is successful – /…/mplementation-is-successful
- How long does it take to implement an ISO 9001-based QMS? – /…/ement-an-iso-9001-based-qms
- Gaining employee buy-in for your ISO 9001:2015 implementation – /…/iso-90012015-implementation
- free online training ISO 9001:2015 Foundations Course – https:…
- book – Discover ISO 9001:2015 Through Practical Examples – /…/-through-practical-examples -
Transition to ISO 9001:2015
Explain how you will change the company ISO 9001:2008 the new ISO 9001:2015 (AT LEAST TEN POINTS)
These are the 12 steps transition process from ISO 9001:2008 to ISO 9001:2015 that should be followed:
1. Define the context of the organization
2. List all interested parties
3. Determine the scope of the QMS
4. Demonstrate Leadership
5. Align QMS objectives with the company´s strategy
6. Assess risks and opportunities
7. Control documented information
8. Operational Control
9. Review the design and development process
10. Control of external providers
11. Performance evaluation
12. Measuring and reporting
For more information about every step, you can download the following white paper for free "Twelve-step transition process from ISO 9001:2008 to 2015 revision": https://info.advisera.com/9001academy/free-download/twelve-step-transition-process-from-iso-90012008-to-the-2015-revision You can also see this article "How to make the transition from ISO 9001:2008 revision to the 2015 revision": https://advisera.com/9001academy/blog/2015/10/06/how-to-make-the-transition-from-iso-90012008-revision-to-the-2015-revision/Who will be involved in this transition project?
Top management will need to be actively involved in the QMS development, implementation and maintenance. Where previously it may have been the quality manager’s responsibility to work with auditors, ISO 9001: 2015 demands that it’s the leaders of the organisation that will need to be involved in the entire process.
And of course, getting a good team to work in the transition, including process owners, is crucial and they have to commit time to participate.
To learn more about the new leadership requirements you can see: https://advisera.com/9001academy/knowledgebase/how-to-comply-with-new-leadership-requirements-in-iso-90012015/How long will it take to get the NEW Transition?
The duration for the transition varies from company to company, but company size is often a big predictor of the time it will take to implement ISO 9001:2015. Also, it is necessary to considerate how much time will be spent on the project by internal people.
To estimate your transition duration you can use the following tool: https://advisera.com/9001academy/iso-9001-duration-calculator/
Also, you can see this article "How long does it take to implement an ISO 9001 based QMS?": https://advisera.com/9001academy/blog/2016/07/05/how-long-does-it-take-to-implement-an-iso-9001-based-qms/
Performing a GAP analysis to learn what parts of the ISO 9001 Standard you already are complying with will be also very helpful. You can use this free GAP tool: https://advisera.com/27001academy/free-iso-27001-gap-analysis-tool/What is the benefits for the company by introducing this new ISO 9001:2015?
These are the main benefits of implementing the ew ISO 9001:2015:
- Effectiveness of the changes to your business
- Improvement of your reputation
- Avoiding exposure to potential non-conformities
- Easy Integration with other systems
- Overall result: reduced costs, improved bottom line
For more information, see "ISO 9001:2015 - The benefits of early transition": https://advisera.com/9001academy/blog/2015/09/29/iso-90012015-the-benefits-of-early-implementation/
These materials can also help you with the transition process:
- Book "Discover ISO 9001:2015 through practical examples": https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
- Free online training ISO 9001:2015 Foundations Course: https://advisera.com/training/iso-9001-foundations-course/ -
Risks & opportunities and ISO 14001
Thank you Carlos. Your answer is very helpful. -
Vendor qualification - who is responsible?
Answer:
There is no technical universal answer. That depends on what each organization decides. In my experience I see organizations opting either for one or the other.
The following material will provide you information about the Vendor qualification:
- ISO 9001 – How to evaluate supplier performance according to ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/10/27/how-to-evaluate-supplier-performance-according-to-iso-90012015/
- free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
- book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ -
Changes and environmental aspects
Answer:
In my early days of work in the chemical industry my company changed a procedure for terminating the chemical reaction in order to increase productivity. Sometime after that change we realized that the amount of dangerous chemical compounds in the wastewater increased a lot. We had a normal operation working with several environmental aspects identified, then we decided to make a change and that change in the way of work changed the environmental aspects. Another change could be a change in a recipe, or a change in raw materials or a change of suppliers. Your organization can be an importer of goods made in another continent, with some environmental aspects due to distance of a long supply chain. If your organization decides to start to buy the goods locally those environmental aspects will change.
The following material will provide you information about assessment of environmental as pects:
- ISO 14001 – 4 steps in identification and evaluation of environmental aspects - https://advisera.com/14001academy/knowledgebase/4-steps-in-identification-and-evaluation-of-environmental-aspects/
- Environmental aspect identification and classification - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/environmental-aspect-identification-and-classification/
- free online training ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
- book - THE ISO 14001:2015 COMPANION – A A Straightforward Guide to Implementing an EMS in a Small Business - https://advisera.com/books/the-iso-14001-2015-companion/ -
DPIA Register template
Answer:
The document does not include a list of risks nor it should since the risks vary from business to business from processing activity to processing activity and will most likely be different for each organization. So, you need to identify them by yourself and the questionnaire will help you with that.
To learn more about DPIAs check out our webinar “Seven steps of Data Protection Impact Assessment (DPIA) according to EU GDPR” https://advisera.com/eug dpracademy/webinar/seven-steps-of-data-protection-impact-assessment-dpia-according-to-eu-gdpr-free-webinar-on-demand/ -
Policies and procedures
Answer:
You can amend the documents to your liking except for the “Standard Contractual Clauses for the Transfer of Personal Data to Controllers” and “Standard Contractual Clauses for the Transfer of Personal Data to Processors” which must be filled in only where there are blanks.
To find more about how to use the EU GDPR Documentation Toolkit https://community.advisera.com/topic/consent-form/ don’t miss our upcoming webinar “How to use a Documentation Toolkit for the implementation of EU GDPR” https://advisera.com/eugdpracademy/webinar/how-to-use-a-documentation-toolkit-for-the-implementation-of-eu-gdpr-free-webinar-on-demand/ -
Consent form
Answer:
Our EU GDPR Documentation Toolkit https://advisera.com/eugdpracademy/eu-gdpr-documentation-toolkit/ contains a draft consent form that you can use, as well as all the other documents you need to consider for EU GDPR compliance.
I also suggest you to check out our webinar “How to handle consents under GDPR” https://advisera.com/eugdpracademy/webinar/how-to-handle-consents-under-gdpr-free-webinar-on-demand/ -
Application of control A.18.1.1
The application of control A.18.1.1 (Identification of applicable legislation and contractual requirements) refers only to the identification of the legal requirements that can affect your information security - for example, requirements related to privacy regulation, regulation on e-commerce, etc.
If a law or contract applicable to your organization has no impact on the information protected by your ISMS scope, you do not need to document it for the purposes of the information security management.
Regarding the services you provide, if they are not included in your ISMS scope, there is also no need to document it. -
Cláusulas 5.1 y 5.3: ¿es necesario documentarlas?
En cuanto a la cláusula 5.1 de la ISO 14001:2015 no existe documentación obligatoria con la que cumplir. Sin embargo, la alta dirección debe demostrar su liderazgo garantizando los recursos adecuados el SGA, asegurando que el plan estratégico sea compatible y esté integrado con el SGA y cumpliendo con la mejora continua, entre otros.
Para más información vea "Cómo demostrar el liderazgo según la ISO 14001:2015" (en inglés): https://advisera.com/14001academy/blog/2015/10/05/how-to-demonstrate-leadership-according-to-iso-140012015/#
En el caso de la cláusula 5.3, tampoco existe documentación obligatoria que exija la norma ISO 14001:2015. Para poder cumplir con los requisitos de este numeral es muy recomendable que la alta dirección asigne a los diferentes roles la responsabilidad y autoridad necesarias para que se puedan cumplir sin dificultades todos los requisitos del SGA y para que la alta dirección se mantenga informada sobre el desempeño del sistema.La asignación se puede realizar mediante la elaboración y la comunicación interna de perfiles completos de los puestos de trabajo. Además de todas las actas de reunión en la que se realice la revisión por la dirección y los comités.
Para más información, vea "Cuáles son los roles y responsabilidades clave en el SGA": https://advisera.com/14001academy/blog/2016/11/21/what-are-the-key-roles-and-responsibilities-in-the-ems/
Además estos materiales pueden ser de utilidad:
- Curso Fundamento de ISO 14001:2015: https://advisera.com/training/es/course/curso-fundamentos-iso-14001/
- Libro sobre ISO 14001:2015 (sólo disponible en inglés): https://advisera.com/books/the-iso-14001-2015-companion/
- Herramienta en línea para ISO: https://advisera.com/conformio/