Search results

Home / Search

Category:
Select
Select

11272 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Product safety requirements when there are no such requirements

    Dear Norma,

    You need to define process for product safety and apply it to all your products, the product safety cannot be arbitrarily applied to some products and not to others.

    Best regards,

    Strahinja

  • List of external documents and Quality Manual


    1. Clarification on the incoming document register and the list of external documents
    a. I cannot identify any external documents that we would list in this record?
    b. Should the incoming document register only apply to the documents identified in the list of external documents?

    List of external documents should contain all external documents related to the QMS, for example the standard, the documentation provided by the certification body or customer that want to perform 2nd party audit of your company, etc.

    2. I have read through the list of tasks in the project but cannot see where the quality manual is created?
    a. Apologies if I have just missed this but if you could point me to it or explain where in the process it is created that would be great

    There is no particular task for writing the quality manual in the Conformio Step-b y-Step guidance for ISO 9001 implementation simply because it is not a mandatory document and some companies may decide not to write that document at all. I would suggest you to write the manual at the end when you finish all the documents, so you will know exactly what information should be a part of it. For example, you might miss to write something in the procedure, or it doesn't fit, so you can put it in the manual.

  • Emergency vs Disaster Management


    Answer:

    Emergency management (or disaster management) is the organization and management of resources and responsibilities for dealing with all aspects of emergencies—preparedness, response, and recovery—in order to reduce the harmful effects of all hazards, including disasters.

    There are no differences between these two. In both cases you need to identify potential emergency or disaster and define actions that will be taken in case if the emergency or disaster occur.

    For more information, see: How to satisfy emergency response requirements in ISO 14001:2015 https://advisera.com/14001academy/blog/2015/10/19/how-to-satisfy-emergency-response-requirements-in-iso-140012015/

  • Defining severity and probability


    Answer:

    The way of calculating risks, or severity and probability of the risk depends on the methodology you use. Since most of the methodologies are semi-quantitative (they use numbers to express the value but it is not expressed in some measuring units), the key is to ensure repeatability, meaning that the methodology enables different persons to come up with same results.

    To achieve this, you need to determine criteria by which you will determine probability or severity on the predefined scale (e.g. from 1 to 5). For example, if something happens every day, it has high probability and is marked with 5, if something happens once in ten years it has low probability and is marked with 1. The same should be done for the severity, you make the scale and define when each value in the scale will be assigned.

    Once you define the severity an probability criteria, you need to decide how to calculate the risk, whether by subtraction or multiplication. For example, if we take that risk is calculated as severity + probability and we take our scales from 1 to 5, the maximum risk can be 10 and the lowest risk can be 2. On this range of scale, you need to define what risk level is acceptable and what risks need to be addressed. For example, risks lower than 6 are insignificant and wont be analyzed any further.

    For more information, see: How to address risks and opportunities in ISO 9001 https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/

  • Roles and responsibilities

    Really,i m seeing your articles very interesting as i did follow the 12 steps that one need for the OHSAS 18001 ;In the roles,responsibilities&authorities,how do you do ? YOU need to assign the roles to people whom to participate to the implementing of the policy ?And give them responsibilities to do means there job description and authority must be the management to also have a duty to do ?accepting the resolutions ?
    Best regards

    Answer:

    OHSAS 18001 requires organization to assign roles and responsibilities for:
    a) Ensuring that the OH&S management system is established, implemented and maintained in accordance with this OHSAS Standard;
    b) Ensuring that reports on the performance of the OH&S management system are presented to top management for review and used as a basis for improvement of the OH&S management system.

    Basically you need to assign responsibility to someone (or a group of people) in your organization for compliance with the standard and reporting on the performance of your Occupational Health and Safety Management System (OH&SMS). This person is management representative and should be part of the top management. He or she should coordinate internal audits and other activities regarding the OH&SMS and report to the top management.

    For more information, see: Which roles and responsibilities should exist in the OH&SMS according to OHSAS 18001? https://advisera.com/18001academy/blog/2016/01/13/which-roles-and-responsibilities-should-exist-in-the-ohsms-according-to-ohsas-18001/

  • BCM requirement in SLA or contract - Force majeure clause


    But you should also note that even within this situation, a force majeure event can still happen (e.g. the alternative site being affected by a different event during a disruption on the main site), but chances of this happening are lower than if the provider did not have BCM practices at all.

    These articles will provide you further explanation about supplier management:
    - 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/
    - Which security clauses to use for supplier agreements? https://advisera.com/27001academy/blog/2017/06/19/which-security-clauses-to-use-for-supplier-agreements/

  • Interested parties, risks and opportunities and IMS

    How to determine interested parties, their needs & expectations?

    You need to identify internal and external interested parties relevant for your Quality Management System (QMS). Examples of internal interested parties are the top management, the board of directors, employees, unions, etc. External interested parties can be customers, government authorities, suppliers, local community, etc. For more information, see: How to determine interested parties and their requirements according to ISO 9001:2015 https://advisera.com/9001academy/blog/2015/11/10/how-to-determine-interested-parties-and-their-requirements-according-to-iso-90012015/

    How to perform the risk assessment in ISO 9001:2015 ?

    The standard does not require full scale risk assessment. All it requires is to identify risks and opportunities and this can be done by organizing brainstorming session with relevant people in the company and discuss risks and opportunities, or you can u se SWOT or PEST analysis, or if you like to implement the risks assessment, you can apply FMEA or some similar methodology. For more information, see: How to address risks and opportunities in ISO 9001 https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/

    And the companies like us who have integrated management system , how can we incorporate these changes in current system?

    It depends on the standards you've integrated. If you implemented ISO 9001 and ISO 14001, there are a lot f similar changes and once you make updates for ISO 9001 you can make them for ISO 14001 as well. But the basic principle is to conduct a GAP analysis and determine tho what extent your current system is compliant with new version of the standard and what needs to be changed to achieve the full compliance. Then you can stat updating your management system. For more information, see: How to make the transition from ISO 9001:2008 revision to the 2015 revision https://advisera.com/9001academy/blog/2015/10/06/how-to-make-the-transition-from-iso-90012008-revision-to-the-2015-revision/

    These materials will also help you regarding the ISO 9001 transition:
    - Free online training ISO 9001:2015 Foundations Course https://advisera.com/training/iso-9001-foundations-course/
    - Conformio (online tool for ISO 9001) https://advisera.com/conformio/

  • What to look for during 1st and 2nd stage audit


    Answer:

    In the 1st stage audit, the auditor will examine the documentation and determine whether it is compliant with requirements of the standard. This stage can be done on or off site of the audited organization. During this phase you will also develop your audit checklist and prepare for the 2nd stage audit.

    During the 2nd stage audit, the auditor will examine processes and interview the employees to determine whether the processes are carried out according to the standard and EMS (Environmental Management System) documentation.

    For more information, see: What will the ISO 14001 auditor ask you during the certification? https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/what-will-the-iso-14001-auditor-ask-you-during-the-certification/

    These materials will also help you regarding the audit:
    - Book Preparing for ISO Certification Audit: A Plain English Guide https://advisera.com/books/preparing-for-iso-certification-audit-plain-english-guide/
    - Free online training ISO 14001:2015 Internal Auditor Course https://advisera.com/training/iso-14001-internal-auditor-course/
    - Conformio (online tool for ISO 14001) https://advisera.com/conformio/

  • Evidence of awareness of the core tools


    Answer:

    Clause 7.2.3 d) requires from internal auditors to demonstrate competence regarding the applicable core tools. Therefore you don't need record about internal auditor awareness of the core tools but rather the evidence of competency, which can be certificate from appropriate course.

    Secondly, you will need to retain documented information about the trainer competency to deliver such training.

  • BCP tests clause


    Answer: The ISO 22301 clause that requires BCP to be regularly tested is the clause 8.5 (exercising and testing).

    This article will provide you further explanation about BCP tests:
    - How to perform business continuity exercising and testing according to ISO 22301 https://advisera.com/27001academy/blog/2015/02/02/how-to-perform-business-continuity-exercising-and-testing-according-to-iso-22301/

    These materials will also help you regarding BCP tests:
    - Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/
Page 856-vs-13485 of 1128 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +