Search results

Home / Search

Category:
Select
Select

11270 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Quality manual in IATF 16949


    Answer:

    When it comes to IATF 16949 requirements regarding the manual, it requires at minimum:
    a) the scope of the QMS including justification for any exclusion
    b) documented processes established for the QMS or reference to them;
    c) the organization's processes and their sequence and interactions (inputs and output, including type and extent of control of any outsourced processes;
    d) a document (i.e. matrix) indicating where within the organization's QMS the customer specified requirements are addressed.

    Previous version of the standard, ISO/TS 16949:2009 required the same as bullets a), b) and c), so if your manual meets all requirements of the new version, you do not have to make changes to it except aligning clauses of the standard. In other case, you need to make an update of your manual to meet all above mentioned requirements.

  • Clause 1 Scope vs clause 4.3 Scope of QMS


    Answer:

    Clause 1 Scope of ISO 9001:2015 explains to what kind of companies the standard applies in terms of size, type of business, type of product or service, etc. On the other hand, the clause 4.3 defines requirements for organization to define scope of its QMS (Quality Management System).

    Clause 1 does not have any requirements for the QMS, it just explains to what kind of organizations the standard can apply and clause 4.3 contains actual requirements of the standard and these requirements will be audited during the certification audit. For more information, see: How to define the scope of the QMS according to ISO 9001:2015 https://advisera.com/9001academy/knowledgebase/how-to-define-the-scope-of-the-qms-according-to-iso-90012015/

  • Certifying non-IT organization


    Answer: Yes, you can certify a company if you justify the exclusion of certain controls - this is done through a process of risk assessment, see this article for explanation: The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/

    By the way, the fact that your company is not an IT organization does not mean you will exclude all of IT controls - most of the companies today need to include controls like backup, antivirus, access control, etc. This article will help you with the controls: Overview of ISO 27001:2013 Annex A https://advisera.com/27001academy/iso-27001-controls/

    These materials will also help you learn the basics of ISO 27001 and how to implement i t:
    - Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your
    Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
    - Free online training ISO 27001 Foundations Course
    https://advisera.com/training/iso-27001-foundations-course/

  • ISO courses for individuals


    Answer: Regarding ISO 27001, the courses you should consider are:
    - ISO 27001 internal auditor: this course is made for beginners in information security and internal auditing, requiring no prior knowledge.
    - ISO 27001 Lead Auditor: this course will clarify you about management system purpose and structure and how to plan and conduct an audit, alone or leading an audit team. This is the only course for which someone receive an international recognized certification, if the course is done with an accredited provider.
    - ISO 27001 Lead Implementer: this course will clarify you about the process how to implement an ISMS according ISO 27001 requirements.

    This articles will provide you further explanation about ISO courses for individuals:
    - ISO 27001 Internal Auditor training – Is it good for my career? https://advisera.com/27001academy/blog/2016/03/29/iso-27001-internal-auditor-training-is-it-good-for-my-career/
    - What does ISO 27001 Lead Auditor training look like? ht tps://advisera.com/27001academy/blog/2016/08/29/what-does-iso-27001-lead-auditor-training-look-like/
    - What does ISO 27001 Lead Implementer training look like? https://advisera.com/27001academy/blog/2016/11/28/what-does-iso-27001-lead-implementer-training-look-like/
    - How to learn about ISO 27001 and BS 25999-2 https://advisera.com/27001academy/blog/2010/11/30/how-to-learn-about-iso-27001-and-bs-25999-2/

    These materials will also help you regarding ISO courses for individuals:
    - ISO 27001 Lead Auditor Course preparation training [free webinar on demand] https://advisera.com/training/iso-27001-lead-auditor-course/
    - ISO 27001:2013 Internal Auditor Course https://advisera.com/training/iso-27001-internal-auditor-course/

  • Implementing ISO 9001 in a library

    ok

  • Documenting clause 5


    Answer:

    Requirements of the new clause 5 doesn't differ much from the clause 5 in the previous version of the standard when it comes to documentation. There is no requirement to make any document other than Quality Policy. Most of the requirements, such as leadership and commitment, roles, responsibilities and authorities do not require documenting a procedure and can be meet indirectly through other actions.

    For example, the top management will demonstrate leadership and commitment by participating in determining the context and risks and opportunities, setting the objectives,etc. On the other hand, although the roles and responsibilities are not required to be documented, they usually are through other procedures such as procedure for production, sales procedure, etc where you define who do es what.

    For more information, see: How to comply with new leadership requirements in ISO 9001:2015 https://advisera.com/9001academy/knowledgebase/how-to-comply-with-new-leadership-requirements-in-iso-90012015/

  • Política ambiental


    Mi respuesta:

    La política ambiental que tiene actualmente la empresa debería de seguir los mismos principios de ISO 14001, que establece las intenciones y direcciones de la organización respecto a su impacto en el medio ambiente. Además tendría que incluir los siguientes elementos:
    - Ser apropiada a los impactos ambientales de las actividades de la empresa
    - Un compromiso de mejora continua
    - Cumplir con todos los requerimientos legales y contractuales
    - Establecer objetivos y metas

    Si la política ambiental no cumple con todos estos elementos y/o éstos no están bien documentados, implementados y mantenidos, entonces sería necesario cambiar o adaptar la política ambiental de la organización a los requerimientos de ISO 14001

    Para más información vea, "Cómo escribir una política ambiental en ISO 14001": https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/how-to-write-an-iso-14001-environmental-policy/#

  • Changes in Quality Policy per IATF 16949


    Answer:

    When it comes to Quality Policy, ITAF 16949 doesn't have any additional requirements to requirements of ISO 9001:2015 and since ISO/TS 16949:2009 didn't have any additional requirements to requirements of ISO 9001:2008, the difference is the same as the difference between ISO 9001:2015 and ISO 9001:2008.

    Basically, the only new requirement is that the policy must be appropriate to the purpose and context of the organization and supports its strategic direction.

    For more information, see: Aligning quality objectives of the QMS with the strategic direction of the company https://advisera.com/9001academy/blog/2017/03/07/aligning-quality-objectives-of-the-qms-with-the-strategic-direction-of-the-company/

  • Process validation in IATF 16949:2016


    Answer:

    New version of IATF 16949:2016 does not have separate section dedicated to production process validation and it does not have any additional requirements for validation other the requirements of ISO 9001:2015 and that is the organization must perform "the validation, and periodic revalidation, of the ability to achieve planned results of the processes for production and service provision, where the resulting output cannot be verified by subsequent
    monitoring or measurement"

  • Requirements for documented procedures in ISO 9001:2015


    Answer:

    There is no explicit requirement in ISO 9001:2015 to document procedures for any process. When it comes to requirements for documentation, the standard requires organization to:
    a) maintain documented information to support the operation of its processes;
    b) retain documented information to have confidence that the processes are being carried out as planned.

    This means that he company can decide whether it needs a documented procedure, flowchart or any other document to ensure that the process is carried out as planned but it doesn't mean that you need documented procedure for any process in the QMS. The good rule of thumb when it comes on deciding whether the documented procedure is needed is to consider whether such procedure would prevent occurrence of nonconformities. If it does, then you should document a procedure, if not, then the docume nted procedure is redundant.

    For more information, see: Deciding Which Procedures to Document in QMS https://advisera.com/9001academy/blog/2013/11/26/deciding-procedures-document-qms/
Page 906-vs-13485 of 1127 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +