Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results for "iso17025 vs gmp"
1219 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Risks & opportunities and ISO 14001
... rtunities vs. environmental aspects - https://advisera.com/14001academy/blog/2016/06/06/iso-14001-risks-and-opportunities-vs-environmental-aspects/
- Risks and opportunities in ISO 14001:2015 â What they are and why they are importante - https://advisera.com/14001academy/blog/2016/03/07/risks-and-opportunities-in-iso-140012015-what-they-are-and-why-they-are-important/
- free online training ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
- book - THE ISO 14001:2015 COMPANION â A A Straightforward Guide to Implementing an EMS in a Small Business - https://advisera.com/books/the-iso-14001-2015-companion/ -
Quality Assurance vs Quality Control
"What is the difference between Quality Control Engineer and Quality Assurance Engineer? Also i have an interview 2 days later , what advice I can get from you since I’m a fresh graduate in mechanical engineer applying for a Quality Control Engineer in a plastic industry organization ?” -
Additional evidences of competence
Answer:
The standard does not prescribe what kind of evidence of competence the organization will provide, it can be training record, diplomas, certificates, CVs and any other record that demonstrates that the employee is competent to perform certain activity.
The only novelty in the new standard is that the organization will need to provide documented evidence of the trainer's competency to perform internal audit training, but other than that there are no changes in requirements for competency.
For more information, see: How to ensure competence of your employees according to IATF 16949 https://advisera.com/16949academy/blog/2017/10/04/how-to-ensure-competence-of-your-employees-according-to-iatf-16949/ -
Courses for consultants
... or Course vs. Lead Implementer Course â Which one to go for? https://advisera.com/27001academy/blog/2014/06/16/lead-auditor-course-vs-lead-implementer-course-which-one-to-go-for/
We will launch such courses in ca 2 months. -
DPO and Data Management
... >... ogether with another party then we can assume that joint processing. Each situation needs to be assessed in order to establish the controller, processor, joint controller status.
You should not assume that you are either until you have assessed the particular situation.
To learn more about controllers and processors you can check out our article âÂÂEU GDPR controller vs. processor â What are the differences?â https://advisera.com/eugdpracademy/knowledgebase/eu-gdpr-controller-vs-processor-what-are-the-differences/ -
Risk management according to ISO 27001, ISO 27005 and ISO 31000
... ssessment vs. business impact analysis https://advisera.com/27001academy/knowledgebase/risk-assessment-vs-business-impact-analysis/
These materials will also help you regarding risk assessment:
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
- The basics of risk assessment and treatment according to ISO 27001 [free webinar on demand] https://advisera.com/27001academy/webinar/basics-risk-assessment-treatment-according-iso-27001-free-webinar-demand/ -
IT organization
... >... instructions of the data controller and they would also be useful as proof that the activities are actually happening.
Regarding the level of details this is something that you need to establish by yourself and is strictly related to the services that are provided.
To find out more about controllers and processors you can check out our article âÂÂEU GDPR controller vs. processor â What are the differences?â - https://advisera.com/eugdpracademy/knowledgebase/eu-gdpr-controller-vs-processor-what-are-the-differences/ -
ISO 27001 implementation
... onsultant vs. DIY approach https://info.advisera.com/27001academy/free-download/implementing-iso-27001-with-a-consultant-vs-diy-approach
These materials will also help you regarding ISO 27001 implementation:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/ -
ISMS implementation strategies
... onsultant vs. DIY approach https://info.advisera.com/27001academy/free-download/implementing-iso-27001-with-a-consultant-vs-diy-approach
2 - What is the rough estimate timeline for ISMS implementation.
Answer: With the information you provided, the implementation duration would be something between 3 and 12 months. For a more precise estimative, considering the aspects mentioned on the first answer, I suggest you to use our Free Calculator â Duration of ISO 27001/ISO 22301 Implementation at this link: https://advisera.com/27001academy/free-tools/free-calculator-duration-of-iso-27001-iso-22301-implementation/
For more information, please see these articles:
- How long does it take to implement ISO 27001 / BS 25999? https://advisera.com/27001academy/blog/2011/11/08/how-long-does-it-take-to-implement-iso-27001-bs-25999/
- How much does ISO 27001 implementation cost? https://advisera.com/27001academy/blog/2011/02/08/how-much-does-iso-27001-implementation-cost/
3 - What will be steps and best approach for me to assist this company.
Answer: Roughly speaking, ISO 27001 implementation steps can be resumed in:
1) getting management buy-in for the project;
2) defining ISMS basic framework (e.g., scope, objectives, organizational structure), by understanding organizational context and requirements of interested parties;
3) development of risk assessment and treatment methodology;
4) perform risk assessment and define risk treatment plan;
5) controls implementation (e.g., policies and procedures documentation, acquisitions, etc.);
6) people training and awareness;
7) controls operation;
8 performance monitoring and measurement;
9) perform internal audit;
10) perform management critical review; and
11) address nonconformities, corrective actions and opportunities for improvement.
This article will provide you further explanation about ISMS implementation:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
Regarding the approach, please see the first answer.
These materials will also help you regarding ISO 27001 implementation:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/ -
Auditing ISO 27001 and ISO 27018
... ISO 27001 vs. ISO 27018 â Standard for protecting privacy in the cloud https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/ loud/
2 - Is it possible to audit the 11 extra controls of the ISO 27018 only as the controls of the ISO 27001/27002 already apply? how would you recommend to do it?
Answer: You can reduce your audit scope to cover only the ISO 27018 extra controls and the other controls from ISO 27001 that have some specific recommendations provided in the ISO 27018 with no problem.
To support this activity, I suggest you to take a look at the free demo of our Internal Audit Checklist for ISO 27001 & ISO 27017 & ISO 27018 at this link: https://advisera.com/27001academy/documentation/internal-audit-checklist/
It provides a list of questions in order to help perform an internal audit against ISO 27001, considering also ISO 27018. For each clause or control from the standard the checklist provides one or more questions which should be asked during the audit in order to verify the implementation.
This article will provide you further explanation about internal audits:
- How to make an Internal Audit checklist for ISO 27001 / ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-make-an-internal-audit-checklist-for-iso-27001-iso-22301/
These materials will also help you regarding internal audits:
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
- ISO 27001:2013 Internal Auditor course https://advisera.com/training/iso-27001-internal-auditor-course/