Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11277 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Documenting finance and accounting process
Answer:
Since the standard doesn't have any requirements regarding finance and accounting processes, you don't have to document them or even include them in the scope of your QMS (Quality Management System). It is enough to identify them as a supporting processes for your main processes.
For more information, see: Deciding Which Procedures to Document in QMS https://advisera.com/9001academy/blog/2013/11/26/deciding-procedures-document-qms/
These materials will also help you regarding QMS documentation:
- Book Discover ISO 9001:2015 Through Practical Examples https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
- Free online training ISO 9001:2015 Foundations Course https://advisera.com/training/iso-9001-foundations-course/
- Conformio (online tool for ISO 9001) https://advisera.com/conformio/ -
Primer paso en la implementación
Mi respuesta:
El primer paso que se necesita llevar a cabo es obtener el apoyo de la alta dirección. Sin este soporte la implementación de ISO 9001 muy probablemente fallará.
Otro paso crucial para asegurar que la implementación es satisfactoria, es identificar todos los requisitos que existen para el SGC de la organización. Estos incluyen los requisitos de los clientes, así como otros requerimientos como son los regulatorios y las necesidades referidas a la cultura de la empresa. Para hacer esto, es posible realizar un análisis GAP (análisis de brecha) para comparar lo que la empresa ya está cumpliendo con los requerimientos de ISO 9001:2015 y ver qué requerimientos faltan por cumplir.
Para más información, vea los siguientes artículos:
- "Lista de los pasos de la implementación y certificación de la ISO 9001" (en inglés): https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/
- "El uso del análisis de brecha en la implementación de la ISO 9001" (en inglés): https://advisera.com/9001academy/17/use-gap-analysis-iso-9001-implementation/#
Los siguientes materiales le ayudarán con los sistemas de gestión ISO:
- Libro “Preparación para el proyecto de implementación ISO: una guía en un lenguaje sencillo”: https://advisera.com/books/preparacion-para-el-proyecto-de-implementacion-iso-una-guia-en-un-lenguaje-sencillo/
- Capacitación gratuita en línea: “Curso de fundamentos ISO 9001” https://advisera.com/es/formacion/curso-fundamentos-iso-9001/
- Conformio (herramienta en línea para ISO 9001): https://advisera.com/conformio/ -
Identifying risks in book Discover ISO 9001:2015 Through Practical Examples”
Answer:
I believe the book will help your company determine its risks and mitigate them. In the book, there is a particular section about determining risks. The book presents an example that can be applied to each of your company’s processes. You select a process and begin to ask yourself: what is the purpose of this process? What is the main reason, the main intended results for this process? And you ask yourself, what can go wrong? In what ways can we run away from the intended results? Then, you jump into the process and look for all the activities and their intended purpose. And you ask again: what can go wrong? In what ways can we run away from the intended results? With this you have built a list of possible negative deviations from the intended results.
According to ISO 9000:2015, risks are the effects of uncertainty on an expected result. So, you have determined the risks of that process. It is not very wise to try to change or act on everything. That is why you have to in a certain way classify your risks and act on those that are more important. The book gives a specific example, since the determination of risks, their classification and decision about what to do in order to improve the system.
The following material will provide you details with risk management:
Toolkit - ISO 9001:2015 Risk Management Toolkit - https://advisera.com/9001academy/iso-90012015-risk-management-toolkit/ -
Main focus for AS9100 Rev D product realisation
The answer:
The entire ISO 9001:2015 standard is required to create a QMS which is implemented to focus your efforts on providing products and services which meet customer needs, however, clause 8 on Operations is the main focus for requirements about your effort towards product realisation.
For more information see this whitepaper explaining the AS9100 Rev D clasues: https://info.advisera.com/9100academy/free-download/clause-by-clause-explanation-of-as9100-rev-d -
Conducting AS9100D internal audits
Answer:
Internal audits are effective when they are conducted against the QMS manual, processes and procedures. The important thing is to ensure that these processes and procedures comply to the requirements of the AS9100 Rev D standard
For more information see this article on the AS9100 internal audit: https://advisera.com/9100academy/knowledgebase/6-main-steps-in-the-internal-audit-according-to-as9100-rev-d/ -
Measuring quality objectives
Answer:
In order to be able to measure achievement of the objective, you need to set measurable objective. This means that you have to establish quantifiable objectives and also to define some timeframe for achievement of the objective.
For example, if you take for the objective to increase customer satisfaction, you cannot determine whether the objective is met if the customer satisfaction is increased for 5, 10 or 20%. Also, if there is no timeframe for the objective, you cannot measure its level of achievement. In the same example, you cannot determine if the customer satisfaction should be decreased within one o several years period.
The proper objective would be to increase customer satisfaction by 10% in 2017. In this way, by the end of the year you can determine whether the objective is met or not and to what extent. The general rule for quality objectives is to be SMART (Specific, Measurable, Agreed-upon, Realistic, Time-framed).
For more information, see: How to Write Go od Quality Objectives https://advisera.com/9001academy/knowledgebase/how-to-write-good-quality-objectives/
These materials will also help you regarding quality objectives:
- Book Discover ISO 9001:2015 Through Practical Examples https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
- Free online training ISO 9001:2015 Foundations Course https://advisera.com/training/iso-9001-foundations-course/
- Conformio (online tool for ISO 9001) https://advisera.com/conformio/ -
Examples for the risk assessment and risk treatment
We received this question:
>Thank you for answering the question. But, I was looking for actual examples rather than how to fill out the table. Something that would put me on the right track for actually identifying assets and selecting the proper threats and vulnerabilities for each asset. I don't want to add assets that shouldn't be included and I don't want to miss something that should be included. I did look at the asset categories in the excel sheet. Is there something else that is similar and more detailed?
Answer: I think maybe this material can help you:
- Diagram of ISO 27001:2013 Risk Assessment and Treatment process https://info.advisera.com/27001academy/free-download/diagram-of-iso-270012013-risk-assessment-and-treatment-process
This diagram can provide you an example of an overview of the connections between an asset and related threats and vulnerabilities.
If you need additional help with this process, also included in your toolkit you can schedule a meeting with one of our experts, so you can provide specific scenarios for him to help you work with th e assets that really matters to your organization. You can use this link to schedule a meeting: https://advisera.com/27001academy/consultation/ -
Mandatory procedures and ISO 9001:2015
Answer:
ISO 9001:2015 has no mandatory procedures required. It is up to each organization to decide to what extent it needs more or less documentation to support the operation of its processes. For example, organizations can use more documentation when processes are more complex, when turnover is high, when there is less training and experience, when there is a track record of quality problems. As an auditor, when there are no written procedures, one can give more attention to intended results and actual performance as the basis for audit preparation and realization.
These materials will also help you regarding the topic of preparing an audit:
• article - ISO 9001 Audit Checklist - https ://advisera.com/9001academy/knowledgebase/iso-9001-audit-checklist/
• article - Writing an Audit Checklist for ISO 9001 Processes - https://advisera.com/9001academy/blog/2014/11/25/writing-audit-checklist-iso-9001-processes/
• article - How to create a check list for an ISO 9001 internal audit for your QMS - https://advisera.com/9001academy/blog/2016/07/12/how-to-create-a-check-list-for-an-iso-9001-internal-audit-for-your-qms/
• article - List of mandatory documents required by ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/
• free online training ISO 9001:2015 Internal Auditor Course - https://advisera.com/training/iso-9001-internal-auditor-course/
• book - ISO Internal Audit: A Plain English Guide - https://advisera.com/books/iso-internal-audit-plain-english-guide/ -
Revisión de los requisitos de Producto/Servicio
Antes de que una organización acuerde suministrar un producto o servicio, es crucial que los requisitos no sólo sean identificados, sino también revisados por la empresa.
Es importante mantener unos buenos registros de la revisión y aceptación de cualquier pedido para asegurar que cualquier cambio es comunicado a todos los empleados que necesitan implementar los cambios. Asimismo, en algunos casos una revisión de cada uno de los pedidos puede ser poco práctico (como ventas a través de internet), aunque una revisión de la información de un producto relevante (como catálogos o materiales de publicidad) pueden ser adecuados, ya que éstos pueden ser utilizados en lugar del pedido.
Para más información vea "Cómo funcionan los requisitos de producto en ISO 9001"(en inglés) : https://advisera.com/9001academy/blog/2014/04/08/product-requirements-work-iso-9001/#
Estos materiales también pueden ayudarle con la documentación de ISO 9001 :
- Libro "Gestión de documentación ISO: una guía en un lenguaje sencillo": https://advisera.com/books/gestion-de-documentacion-iso-una-guia-en-un-lenguaje-sencillo/
- Curso gratuito en línea: "Curso de fundamentos ISO 9001" https://advisera.com/es/formacion/curso-fundamentos-iso-9001/
- Conformio (herramienta en línea para ISO 9001): https://advisera.com/conformio/ -
Business Continuity in SLAs
How can we bind third party vendor to provide service or what will be the responsibilities of third party vendor in case of disaster due to conditions mentioned in force majeure.
I have this query related to specific vendor like security guard service provider, Electrical service provider and IT Desktop support service provider.
Answer: Regarding the force majeure clause, you do not have many options to handle it. Your organization can either try to define in the service agreement specific situations where the clause does not apply (in these cases the vendor will have to include in the service agreement how it will handle these situations), or choose vendors which do not have this clause.
These articles will provide you further explanation about supplier management:
- 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-accor ding-to-iso-27001/
- Which security clauses to use for supplier agreements? https://advisera.com/27001academy/blog/2017/06/19/which-security-clauses-to-use-for-supplier-agreements/