Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11269 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
ISO 20000 and ISO 9001
Answer:
This free material explains mentioned relationship:
"ISO/IEC 20000-1:2011 vs. ISO 9001:2015 matrix" https://info.advisera.com/20000academy/free-download/iso-iec-20000-1-2011-vs-iso-9001-2015-matrix -
Scope of EMS, 2015 version
How can I define the Scope of the EMS for a manufacturing company, according to 2015 version of ISO 14001, without going too far that is impossible to manage? (company uses minerals, metals, chemicals, etc). Could you provide an example? -
Defining context of the organization
Answer:
When determining context of the organization, you need to examine all internal and external issues that can affet your QMS (Quality Managemnet System). When it comes to internal issues, you need to consider products and services, organizational structure, roles, and responsibilities, organizational culture, capabilities, etc. For external issues, the organization needs to consider culture of the markent where it operates, legislations, customer requirements and habits, competitors, etc.
Even for the companies that conduct the same type of business in the same country, the context of the organization can be different because of the various elements of the context that need to be considered.
Here you can find case study for context of the organization that can be helpful: ISO 9001:2015 Case study: Context of the organization as a success factor in manufact uring company https://advisera.com/9001academy/blog/2016/10/11/iso-90012015-case-study-context-of-the-organization-as-a-success-factor-in-manufacturing-company/ -
Requirements of the clause 8.3.2 in ISO 9001
Answer:
The clause 8.3.2 j) requires that during design an development planning the organization to consider documented information needed to demonstrate that design and development requirements have been met. This doesn't mean that you need to provide these documented information during the planning phase but to define what documented information must exist at the end of the design and development process to demonstrate that the requirements have been met. For example, in the project plan or project task you will define what documented information will be created as the design and development output, e.g. CAD drawings.
For more information, see: Specific use of ISO 9001 design and development in the machining process https://advisera.com/9001academy/blog/2017/03/14/specific-use-of-iso-9001-design-and-development-in-the-machining-process/ -
Competence requirements for auditors and management representative
For ex: In our organization, I am the quality manager/primary person for QMS. I have been trained for internal auditor along with 3 other colleagues?
Is it expected from the the rest 3 auditors to have the same extent of knowledge that I have?
Answer:
Management representative (MR) is no longer a mandatory role in the QMS (Quality Management System) so the standard does not have any requirements regarding the management representative. But considering the roles and responsibilities the MR, he or she should have knowledge of the standard requirements and also knowledge of the organization's operations and processes.
Auditors should be familiar with requirements of the standard and the auditing techniques but the same type of training is sufficient for the MR as well. There are no differences in competence requirements but there are differences in responsibilities and authorities between these two role s.
For more information, see: What is the job of the quality management representative? https://advisera.com/9001academy/knowledgebase/what-is-the-job-of-the-quality-management-representative/ -
Integrating ISO 9001, ISO 14001 and ISO 45001
Answer:
ISO 45001 hasn't been published yet, so it is difficult at this point to talk about integration of this standard with other management system standards but the approach will be the same.
First step is to identify all common requirements of the standards you want to integrate. For example, ISO 9001 and ISO 14001 have requirement for determining the context, defining the policy and objectives, internal audit, competence and awareness, etc. For more information see: ISO 14001:2015 integration with ISO 9001:2015 – What has changed? https://advisera.com/14001academy/blog/2016/02/15/iso-140012015-integration-with-iso-90012015-what-has-changed/
Once you determine the similarities, you should start implementing them first and than add specifics of the each standard. Since ISO 9001 is better foundation for the system ,it is better to start implementing ISO 9001 requi rements and process and than add requirements for ISO 14001. For example, you first need to implement requirements for production, design and development, purchasing and so on and then to conduct assessment of environmental aspects for each process. For more information, take a look at this free webinar – How to integrate ISO 9001:2015 and ISO 14001:2015 https://advisera.com/9001academy/es/webinar/how-to-integrate-iso-90012015-and-iso-140012015-free-webinar//
When you implement ISO 9001 and ISO 14001 it will be easy to add requirements of ISO 45001 once it is published. It will probably have the same structure as ISO 9001 and ISO 14001 so the integration wont be too challenging. If you want to take a look at the Integrated Management System documentation, here you can download a free preview https://advisera.com/9001academy/iso-9001-iso-14001-integrated-toolkit/ -
BS 25999 and ISO 22301
(Is the 25999 standard the same as the 22301?)
Answer: No. 25999 standard is an old British Standard officially recognized in the United Kingdom (its current status is superseded), while 22301 is an ISO standard accepted worldwide (current status published, version 2012). In terms of content, we can consider ISO 22301 an "upgrade" of BS 25999, with the ISO standard presenting significant changes and additions.
This article will provide you further explanation about BS 25999 and ISO 22301:
- ISO 22301 vs. BS 25999-2 – An Infographic https://advisera.com/27001academy/blog/2012/05/22/iso-22301-vs-bs-25999-2-an-infographic/
These materials will also help you regarding BS 25999 and ISO 22301:
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/
- What’s new in ISO 22301 : How to make the transition from BS 25999-2 [free webinar] https://advisera.com/27001academy/webinar/whats-new-in-iso-22301-how-to-make-the-transition-from-bs-25999-2-free-webinar/ -
Information classification
Thank you -
Patching
Answer:
Patch management can be seen from two point of views:
1. Routine patching - Approach it as IT Operations (find out here more about it "IT Operations Management Function in ITIL" https://advisera.com/20000academy/knowledgebase/operations-management-function-itil/ or "ITIL Service Operations – From development to maintenance without headaches" https://advisera.com/20000academy/blog/2015/10/27/itil-service-operations-from-development-to-maintenance-without-headaches/) activity. This is usually the case when you have mandatory patches and you set a process, and - that's all.
2. Critical or more (from resource, risk, technology... point of view) demanding patches - use change i.e. release and deployment management process to handle them.
Important is to know "what's in front of you" and manage the implementation. -
Scope and Quality Objectives
Answer:
They should be part of your scope and consider the HQ as an external interested party. If your scope is only local facility, then they need to follow your objectives but you can make an exception and add HQ objectives as well.