Search results

Home / Search

Category:
Select
Select

11268 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Designing integrated ISO 14001 and OHSA 18001 maual


    Answer:

    ISO 14001 and OHSAS 18001 do not require the manual so they do not have particular requirements on what the manual should contain. Usual information to be placed in the manual are the scope of the IMS, roles and responsibilities, IMS policy and description of IMS elements and their interactions.

    For more information about EMS and OH&SMS manuals, see:
    - What is an environmental management system manual? https://advisera.com/14001academy/knowledgebase/what-is-an-environmental-management-system-manual/
    - Does your organization need a health & safety manual? https://advisera.com/18001academy/blog/2016/10/12/does-your-organization-need-a-health-safety-manual/

  • Business Continuity Strategies


    In the Activity Recovery Strategy document at the end of point 3 states: "The recovery strategy for applications / databases and external services will be specified in the general part of the Strategy." But in the BC Strategy document I did not find the perfect place for that, and it doesn't seem to me convenient location. Please help with this.

    Answer: If you need to detail strategies for specific applications you can just add this information in the section 5.3 (Applications/databases) of the BC strategy document. The text that comes with the template covers the situation where you use the same strategy for all applications, but this can be adjusted to fit your organization's needs.

    This material will also help you regarding BCP elaboration:
    - Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/

  • Identificación de riesgos y oportunidades


    Respuesta:

    Para determinar el contexto de la organización es necesario considerar:

    - cuestiones internas y externas que puedan afectar al funcionamiento de la compañía (Cláusula 4.1.)
    - partes interesadas externas e internas y sus necesidades (Cláusula 4.1.)

    Mediante el análisis DOFA es posible evaluar las fortalezas, debilidades, oportunidades y amenazas. Pueden equipararse las amenazas y debilidades a los riesgos, y las fortalezas y oportunidades, a las oportunidades.
    Utilizando este tipo de análisis DOFA le ayudará a llevar a cabo la planificación e identificar los riesgos y las oportunidades. Por ejemplo, si se identifica que un riesgo es un componente clave en su producto o servicio que va a quedarse obsoleto, entonces se puede planificar encontra r un repuesto antes de que los consumidores reciban el impacto.
    Además, será necesario añadir los riesgos procedentes de los propios procesos definidos en la compañía, tales como aquellos derivados de procesos estratégicos, de soporte u operacionales.
    Posteriormente en la cláusula 6.1. será necesario analizar y priorizar los riesgos, llevar a cabo un plan de acción, implementar el plan de acción y revisar la eficiencia.

    Para más información puede ver el artículo de "cómo abordar riesgos y oportunidades":
    https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/

  • ISO management systems compatibility

    Can you provide in the process, Cross References between ISO 9001.2015 and Iso 27001/ISO 22 301?

    Answer: Currently we have this material you can use to cross reference these standards:
    - Clause-by-clause explanation of ISO 9001:2015 https://info.advisera.com/9001academy/free-download/clause-by-clause-explanation-of-iso-90012015
    - Clause-by-clause explanation of ISO 27001 https://info.advisera.com/27001academy/free-download/clause-by-clause-explanation-of-iso-27001
    - Clause-by-clause explanation of ISO 22301 https://info.advisera.com/27001academy/free-download/clause-by-clause-explanation-of-iso-223012008
    These materials provide explanations and support material for each clause, and since these standards have the same framework, the clauses numbering are equivalent between them.

    This article will p rovide you further explanation about integrating management systems:
    - How to implement integrated management systems https://advisera.com/articles/how-to-implement-integrated-management-systems/

  • Misión, visión y valores

    Estamos preparándonos para certificarnos ISO 9001, les pregunto:
    Debo elaborar unas política de Visión, Misión y Valores diferentes a las que ya poseemos..??

    Respuesta

    Para la norma ISO 9001 necesitarán redactar nuevas políticas desde un enfoque diferente. La misión y visión deben de estar alineadas con la política de calidad así como con los objetivos de calidad, poniendo énfasis a los clientes en cómo quiere la organización que se realice el servicio de una forma clara y concisa.
    La política de calidad incluye la mayoría de las metas, intenciones y dirección de una organización; mientras que los objetivos de calidad están diseñados para dar soporte a la política de calidad y son específicos de empleados y departamentos.

    Para más información, vea el artículo "cómo escribir buenos objetivos de calidad": https://advisera.com/9001academy/pt-br/kit-de-documentacao-da-iso-9001/nowledgebase/como-escribir-buenos-objetivos-de-calidad/

  • Processes and risks


    Answer:

    A process is a series of actions or steps taken in order to achieve a particular outcome. You need to observe activities performed within your company and determine what are the separate entities that produce required outcomes. For example production process has an input which is working order, production plan or similar and as an outcome of the process you have a final product. Other examples of processes are sales process, design and development, purchasing, transport, etc. For more information, see: ISO 9001: The importance of the process approach https://advisera.com/9001academy/blog/2015/12/01/iso-9001-the-importance-of-the-process-approach/

    Risks in the processes are in most cases related to events that can result in process failing to deliver the expected outcome. For example, what events can result with process delivering nonconforming products. These events are then assessed in therms of their probability of occurrence and severity of consequences to determine whether they need to be addressed. For more information, see: How to address risks and opportunities in ISO 9001 https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/

  • Backup control


    Answer: ISO 27001 control A.12.3.1 - Information Backup requires the implementation of:
    - a backup policy, for definition of backup requirements considering information, software and systems, as well as requirements for retention and protection of backup media.
    - facilities with capability to ensure information and software recovery following a disaster or media failure.
    - procedures for backup, recovery and testing procedures, as well as how to act in case of one of these procedures fail.
    - a backup schedule, considering what to backup, the frequency, the type of backup (e.g. full or differential backup), all considering business needs.

    It is important to note that all these definitions should be aligned with existent business continuity plans.

    This article will provide you further explanation about Backup control:
    - Backup policy – How to determine backup frequency https: / /advisera.com/27001academy/blog/2013/05/07/backup-policy-how-to-determ ine-backup-frequency/

    This material will also help you regarding Backup control:
    - ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/

  • Determinación del contexto y partes interesadas


    Respuesta:

    En la ISO 14001:2015 no hay procedimientos que sean obligatorios de manera explícita, sólo existen una serie de documentos como la política, planes y registros que necesitan ser documentados.
    Para más información sobre este tema, vea: https://advisera.com/14001academy/es/knowledgebase/list-of-mandatory-documents-required-by-iso-140012015/

    Respecto al contexto de la organización, es necesario considerar todas las consecuencias directas e indirectas, los requerimientos legales y todos los efectos en las partes interesadas que tendrá el funcionamiento del SGA.
    En cuanto a las partes interesadas, la sección 4.2. explica que la razón para identificar las mismas es determinar las necesidades y expectativas relevantes de las mismas para poder deducir cuáles son de obligado cumplimiento. Ejemplos de part es interesadas son: gobierno, accionistas, clientes, vecinos, empleados.
    Para más información sobre este tema, vea: https://advisera.com/14001academy/es/knowledgebase/como-determinar-las-partes-interesadas-de-acuerdo-a-la-iso-140012015/

  • Risk evaluation


    Answer:

    In addition to requirements of ISO 9001:2015 to address risks and opportunities, IATF 16949 requires the risk analysis to include at minimum lessons learned from product recalls, product analysis, field returns and repairs, complaints, scraps and rework. It also requires FEMA to be applied on production and design and development process.

  • IATF 16949 Quality Policy


    Answer:

    IATF has no additional requirements regarding the Quality Policy compared to ISO 9001:2015. If you already implemented ISO 9001:2015, you can use the same policy for both standards.

    If you are developing it from scratch, the policy must meet following requirements:
    - it must be appropriate to the purpose and context of the organization and supports its strategic direction;
    - it must provide a framework for setting quality objectives;
    - it must include a commitment to satisfy applicable requirements;
    - it must include a commitment to continual improvement of the quality management system.

    For more information about writing the Quality Policy, see: How to Write a Good Quality Policy https://advisera.com/9001academy/blog/2014/03/25/write-good-quality-policy/
Page 918-vs-13485 of 1127 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +