Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11272 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Total Productive Maintenance in IATF 16949
Answer:
Total Productive Maintenance (TPM) has been introduced as a new requirement for the aIATF 16949 based on previous non-conformances noted in the areas of equipment management. Requirements for TPM are stated in clause 8.5.1.5 and it is required to document total productive maintenance system.
At a minimum, TPM procedure must include the following:
- identification of process equipment necessary to produce conforming product at the required volume;
- availability of replacement parts for the equipment identified in item a);
- provision of resource for machine, equipment, and facility maintenance;
- packaging and preservation of equipment, tooling, and gauging;
- applicable customer-specific requirements;
- documented maintenance objectives, for example: OEE (Overall Equipment Effectiveness), MTBF (Mean Time Between Failure), and MTTR (Mean Time To Repair), and Preventive Maintenance compliance metrics. Performance -
- to the maintenance objectives shall form an input into management review (see ISO 9001, Section 9.3);
- regular review of maintenance plan and objectives and a documented action plan to address corrective actions where objectives are not achieved;
- use of preventive maintenance methods;
- use of predictive maintenance methods, as applicable;
- periodic overhaul. -
Auditing clause 5.1.2
Answer:
Clause 5.1.2 refers to customer focus, and you can audit conformance to it by checking whether:
a) customer and applicable statutory and regulatory requirements are determined, understood and consistently meet;
b) the risks and opportunities that can affect conformity of products and services and the ability to enhance customer satisfaction are determined and addressed;
Since this clause doesn't require documented information, you will need to check the interested parties and their needs and expectations, if they are determined and whether they include customers and regulatory bodies and to check what risks and opportunities are identified and what actions are taken to address them.
For more information, see: How the ISO 9001:2015 standard can help improve relationships with your customers https://advisera.com/9001academy/blog/2016/02/23/how-the-iso-90012015-standard-can-help-improve-relationships-with-your-customers/
These materials will also help you regarding customer focus:
- Book Discover ISO 9001:2015 Through Practical Examples https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
- Free online training ISO 9001:2015 Foundations Course https://advisera.com/training/iso-9001-foundations-course/
- Conformio (online tool for ISO 9001) https://advisera.com/conformio/ -
Use of SWOT analysis
The following materials will provide you details with quality policy:
- Article - How to identify the context of the organization in ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-identify-the-context-of-the-organization-in-iso-90012015/
- [free webinar] How to implement risk management in ISO 9001:2015 - https://advisera.com/9001academy/webinar/how-to-implement-risk-management-in-iso-90012015-free-webinar/
- [free course] ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/ -
Change implementation challenges
Answer:
Here are few biggest challenges I see people are facing during the implementation:
- Resistance to the change in process
- Getting management buy-in
- Roles and responsibilities
- Implementation of the process
- Process (not) supported by tool
This article will help you address and overcome those challenges while implementing Change Management:
"How to overcome barriers while implementing the ITIL/ISO 20000 Change Management process" How to overcome barriers while implementing the ITIL/ISO 20000 Change Management process -
Quality policy and transition
When considering the task of formulating a quality policy I like that organizations focus on their customers and their requirements, because organizations exist with the purpose of serving customers. Considering that, look into the difference between clause 5.2 (ISO 9001:2008) and clause 5.1.2 (ISO 9001:2015). We went from “customer requirements” into “customer and applicable statutory and regulatory requirements”. So, when designing a quality policy the organization compromises should be not only about customer requirements but also about applicable statutory and regulatory requirements.
The following materials will provide you details with quality policy:
- Article - How to Write a Good Quality Po licy https://advisera.com/9001academy/blog/2014/03/25/write-good-quality-policy/
- White paper - Twelve-step transition process from ISO 9001:2008 to the 2015 revision - https://info.advisera.com/9001academy/free-download/twelve-step-transition-process-from-iso-90012008-to-the-2015-revision/
- Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/ -
External audit principles
Answer:
External audit principles are defined in ISO 19011 and they are the following:
- Have integrity and be professional
- Present fair and truthful results
- Exercise due professional care
- Care about confidentiality
- Be independent and impartial
- Use an evidence-based approach
For more information, see: Benefits and potential problems in becoming an ISO 9001 Lead Auditor https://advisera.com/9001academy/blog/2020/04/10/how-to-become-an-iso-9001-lead-auditor/
These materials will also help you regarding the audit:
- Book Discover ISO 9001:2015 Through Practical Examples https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
- Free online training ISO 9001:2015 Internal Auditor Course https://advisera.com/training/iso-9001-internal-auditor-course/
- Conformio (online tool for ISO 9001) https://advisera.com/conformio/ -
Responsibilities and process map
Answer:
Assigning responsibilities for processes should be easy. Once you identified the processes, you should put someone in charge of the process, usually it is a manager of the department to which the process belongs, for example, the owner of the production process will be production manager and for sales process the sales manager, and so on.
The key here again is to identify the processes first and then define the sequence and interaction between them. For example, information from sales process goes to design and development, then the design goes to production, then the product goes to storage, distribution and delivery to the customer. For more information, see: How to create an ISO 9001 process flowchart https://info.advisera.com/9001academy/free-download/how-to-create-an-iso-9001-process-flowchart -
ISMS implementation
Answer: Sure. In the following article you can find a sixteen-steps list about how to implement an ISMS:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
For a practical example, I suggest you to take a look at this article: Case study: ISO 27001 implementation in an IT system integrator company https://advisera.com/27001academy/blog/2017/05/08/case-study-iso-27001-implementation-in-an-it-system-integrator-company/
2 - I want to be an expert for security of networks and systems, what can I do?
Answer: To master security of networks and systems you should consider attend courses related to these topics, look for related certifications, and follow already recognized experts on this fields, since they often publish materials that can help one to apply security concepts on his activities.
This article will provide you further explanation about certifications:
- How personal certificates c an help your company’s ISMS https://advisera.com/27001academy/blog/2014/10/06/how-personal-certificates-can-help-companys-isms/
These materials will also help you regarding acquiring knowledge:
- How to learn about ISO 27001 and BS 25999-2 https://advisera.com/27001academy/blog/2010/11/30/how-to-learn-about-iso-27001-and-bs-25999-2/
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/ -
Disaster recovery and ISO standards
Answer: For Disaster recovery and business continuity the recommended ISO standards are ISO 22301, ISO 22313, and ISO 27031.
ISO 22301 covers the requirements for a business continuity management system, which will help you identify, implement, operate, control and improve the most relevant business aspects to be supported by business continuity and disaster recovery practices.
ISO 22313 covers guidance on how to implement ISO 22301 requirements, business continuity and disaster recovery plans.
ISO 27031 cover guidance on how to implement business continuity and disaster recovery plans on Information and Communication Technology.
For an example of a cycle from establishment of business continuity requirements to a complete plan, please see these articles:
- How to write business continuity plans? https://advisera.com/ 27001academy/blog/2010/04/08/how-to-write-business-continuity-plans/
- Business continuity plan: How to structure it according to ISO 22301 https://advisera.com/27001academy/knowledgebase/business-continuity-plan-how-to-structure-it-according-to-iso-22301/
This article will provide you further explanation about ISO standards related to business continuity and disaster recovery:
- ISO 22301 vs. ISO 22313 https://advisera.com/27001academy/blog/2013/05/21/iso-22301-vs-iso-22313/
- Understanding IT disaster recovery according to ISO 27031 https://advisera.com/27001academy/blog/2015/09/21/understanding-it-disaster-recovery-according-to-iso-27031/
These materials will also help you regarding disaster recovery:
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/
- Writing a business continuity plan according to ISO 22301 [free webinar on demand] https://advisera.com/27001academy/webinar/writing-a-business-continuity-plan-according-to-iso-22301-free-webinar-on-demand/ -
ISMS gap analysis
Answer: Sure. To verify the current status of your ISMS you can use our Free ISO 27001 Gap Analysis Tool at this link: https://advisera.com/27001academy/free-iso-27001-gap-analysis-tool/
This tool can help you see how much of ISO 27001 you have implemented so far, considering the management system requirements and security controls.