Search results

Home / Search

Category:

Sort by:

Select

Types of user:

Select

11277 results

Guest

Create New Topic As guest or Sign in

Business department* About business* Organization size*

Title *

Body *

HTML tags are not allowed

Category *

Select

Assign topic to the user

Select user

Time between 2 surveillance audits

Answer:
Yes, the standard that officially defines the maximum period between two surveillance audits is ISO 17021 (standard that defines requirements for bodies providing audit and certification of management system), and in accordance with this standard, surveillance audits shall be conducted at least once a year.

These articles can be interesting for you:

“Surveillance visits vs. certification audits” : https://advisera.com/27001academy/knowledgebase/surveillance-visits-vs-certification-audits/

“How to maintain the ISMS after the certification” : https://advisera.com/27001academy/blog/2014/07/14/how-to-maintain-the-isms-after-the-certification/

"Accreditation vs. certification vs. registration in the ISO world" : https://advisera.com/articles/accreditation-vs-certification-vs-registration-in-the-iso-world/

Finally, these materials will help you to know more about information security and the audit s in ISO 27001:
- free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
- book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
ISO 14001 transition and ISO 13485

Answer:

Since both ISO 14001 and ISO 13485 have new versions, it is best to conduct the transition for both standards at the same time. The problem is that the ISO 14001:2015 has adopted High Level Structure (with ten clauses) and ISO 13485:2016 is created according to ISO 9001:2008 so it kept the old clause numbering and this will make the transition and the integration more difficult that it should be.

The best toolkit for you is ISO 14001:2015 Documentation Toolkit (https://advisera.com/14001academy/de/iso-14001-2015-gap-analyse-tool/ 001-documentation-toolkit/) that contains all necessary documents together with some most frequently used ones. You can use your old Quality Manual and combine it with our new Environmental Manual that is a part of above mentioned toolkit. Practically you will need to identify common requirements of ISO 13485 and ISO 14001:2015 and merge them into joint sections and for different requirements you will have separate sections in the manual. We will also publish ISO 13485:2016 Documentation Toolkit soon so if you decide to purchase it later, you will get a big discount as our previous customer.
QMS in rice industry

Answer:

Implementation of ISO 9001 is the same for every industry, including rice production. You need to conduct gap analysis first to determine to what level your company is already compliant with ISO 9001 and what needs to be done to achieve full compliance.

Then you need to create all the documents needed for your quality management system and implement new processes and procedures in your everyday activities. For more information, see: List of mandatory documents required by ISO 9001:2015 https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/

Once you create all new documents and implement them in your process, you need t conduct internal audit and management review to ensure your system is compliant with ISO 90 01. For more information, see: Checklist of ISO 9001 implementation & certification steps https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/
ISO 9001 in hospitals

Answer:

Implementation of ISO 9001 is the same for any type of business including the hospitals, clinics or any other health institution.

You need to get the management buy in for the implementation first and then to assemble team for the implementation. Next step is to perform gap analysis to determine to what extent your company is already compliant with the standard and what needs to be done to achieve full compliance. Here you can find our free GAP analysis tool https://advisera.com/9001academy/iso-9001-gap-analysis-tool/

Then you need to start creating necessary documents and implement new processes and actions in order to be compliant with the standard. For more information, see: ISO 9001 Implementation Diagram https://advisera.com/9001academy/free-downloads/

Once you complete the implementation, you need to conduct internal audit and management review to ensure that your system is fully compliant with ISO 9001:2015 . Finally you can hire certification body to conduct certification audit and issue your company the certificate.

For more information, see:
- Would hospitals benefit from ISO 9001? https://advisera.com/9001academy/blog/2015/07/21/would-hospitals-benefit-from-iso-9001/
- Checklist of ISO 9001 implementation & certification steps https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/
Calibration according to ISO 14001:2015

Answer:

The standard does not define who will perform the calibration and what qualifications must the person to perform calibration have. It simply says in the clause 9.1 "The organization shall ensure that calibrated or verified monitoring and measurement equipment is used and maintained, as appropriate". However, the clause 7.2 states "The organization shall determine the necessary competence of person(s) doing work under its control that affects its
environmental performance and its ability to fulfil its compliance obligations".

This means that in case of internal calibration, the company itself may define requirements for competence of perople performing the calibration. If the company decides that no certificate is needed, than the person does no t need the certificate.

For more information, see: ISO 14001 Monitoring & measurement equipment control https://advisera.com/14001academy/blog/2015/03/02/iso-14001-monitoring-measurement-equipment-control/
Implementing plan for PCI-DSS

Answer:
I am sorry but we do not give support for the implementation of PCI-DDS, anyway, if you need a project plan for the implementation of this standard. maybe our free template can be useful for you “ISO 27001 Project Plan” : https://advisera.com/27001academy/free-downloads/?icn=free-resources-27001&ici=bottom-iso-27001-project-plan-txt />
This template is focused on ISO 27001, but generally a project plan is similar for the implementation of any type of project, so you can use it for the implementation/certification of PCI-DSS.

And this article can be also interesting for you “ISO 27001 project - How to make it work” : https://advisera.com/27001academy/blog/2013/04/22/iso-27001-project-how-to-make-it-work/

By the way, PCI-DSS has some common parts with ISO 27001, so these articles can be also interesting for you:

“PCI-DSS vs. ISO 27001 Part 1 - Similarities and Differences” : https://advisera.com/27001academy/knowledgebase/pci-dss/

“PCI-DSS vs. ISO 27001 Part 2 - Implementation and Certification” : https://advisera.com/27001academy/knowledgebase/pci-dss/

Finally, these materials will help you to know more about the ISO 27001:
- free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
- book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
Measure the effectiveness of training
Great! And so to confirm, the standard does not require you to measure or monitor your training program?
Thanks!
The future of the cyber security
2. What Skill set should I gain to accomplish the domain knowledge

Answer:
Regarding the first question, from my point of view, the cyber security is the base for the protection of the future: IoT (Internet of Things), IIoT (Industrial Internet of Things), OT (Operational Technology), etc., so, careers related to cyber security will be very important, and currently they are on growth.

Regarding the second question, my recommendation is that you need courses, books, webinars, etc. about cyber security, although the information security is also fundamental for the cyber security, so our resources can be also interesting for you (it can be your first step to learn more about cyber security)

Regarding the cyber security, our free eBook can be interesting for you “9 Steps to Cybersecurity” : https://advisera.com/books/9-steps-to-cybersecurity-managers-information-security-manual/

And these articles can be also interesting for you:

“What is cybersecurity and how can I SO 27001 help?” : https://advisera.com/27001academy/blog/2011/10/25/what-is-cybersecurity-and-how-can-iso-27001-help/

“Which one to go with - Cybersecurity Framework or ISO 27001?” : https://advisera.com/27001academy/blog/2014/02/24/which-one-to-go-with-cybersecurity-framework-or-iso-27001/

Finally, these materials will help you to know more about the information security:
- free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
- book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
Prepare for the certification

Answer:

Before you hire the certification body you need to implement the standard first. Usual first step in implementation is to conduct gap analysis to determine to what level your company is already compliant with the standard and what needs to be done to achieve full compliance with the standard. Here you can find free GAP analysis tool https://advisera.com/9001academy/iso-9001-gap-analysis-tool/

Next step is to create a project plan and define activities that need to be done, documents to be created and responsibilities for each activity. In case of bigger company with lot of locations, hundreds of employees, you will have to form a QMS team that will implement the standard, in case of smaller company , one man can be enough. For more information, see: How to choose a project manager for your ISO 9001:2015 implementation https://advisera.com/9001academy/blog/2016/01/12/how-to-choose-a-project-manager-for-your-iso-90012015-implementation/

Then you start implementing new procedures and documents into your existing company processes and create new ones. Once the system is implemented, you need to conduct internal audit and management review to make sure that your quality management system is compliant with ISO 9001. Finally, you can hire certification body to conduct internal audit.

For more information, see: Checklist of ISO 9001 implementation & certification steps https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/
¿Qué evalua ISO 27001 e ISO 22301?

Respuesta:
Si tu pregunta está relacionada con la auditoría de certificación, los auditores revisarán el cumplimiento de todos los requerimientos de la ISO 27001 o de la ISO 22301 en tu organización (teniendo en cuenta el alcance de tu sistema, lo cual significa que sólo se revisarán los procesos, áreas, departamentos, etc. involucrados en el alcance).

Este artículo te puede resultar interesante "17 steps for implementing ISO 22301" : https://advisera.com/27001academy/knowledgebase/17-steps-for-implementing-iso-22301/22301/iso-22301/

Y también este otro "ISO 27001 implementation checklist" : https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/

Y también este "Lista de documentos obligatorios exigidos por la norma ISO 27001 (revisión 2013)" : https://advisera.com/27001academy/es/blog/2015/05/04/lista-de-documentos-obligatorios-exigidos-por-la-norma-iso-27001-revision-2013/

Con respecto a las entidades certificadoras, en Perú es fácil encontrar entidades que certifiquen ISO 27001 e ISO 22301, porque hay muchas empresas certificadas (por ejemplo las administraciones públicas), por tanto este artículo te puede resultar interesante "How to choose a certification body" : https://advisera.com/blog/2021/01/11/how-to-choose-an-iso-certification-body/

Finalmente, estos materiales también te pueden ayudar a conocer mejor la ISO 27001, como se implementa, y qué esperar de la auditoría de certificación:

- free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
- book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +

Search results

11277 results

Create New Topic As guest or Sign in

Assign topic to the user

Want to vote?

Time between 2 surveillance audits

ISO 14001 transition and ISO 13485

QMS in rice industry

ISO 9001 in hospitals

Calibration according to ISO 14001:2015

Implementing plan for PCI-DSS

Measure the effectiveness of training

The future of the cyber security

Prepare for the certification

¿Qué evalua ISO 27001 e ISO 22301?

Didn’t find an answer?