Questions about Conformio
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
1 - Of the items listed as mandatory for 27001, do they all have to be in place at stage 1 or is it okay to have a select listing completed and others WIP?
All items listed as mandatory need to be implemented by the time the certification audit starts.
2 - Also, could you give me an indication of the costs involved with Conformio please? Does Conformio only cover 27001 or does it cover other standards as well? I am currently responsible for the compliance and regulatory affairs of 2 companies whom I have taken through ISO13485, and I manage and maintain both their QMS arrangements, audits, NC’s, suppliers etc.
Currently, Conformio is covering only ISO 27001 standard. To see to costs and the content of different Conformio plans, click here: https://advisera.com/conformio/
3 - I am currently seeking to add 27001 certification for both and have a project team in place to identify where the existing QMS requires additional items to be ready for 27001 – currently doing risk threat analysis and controls id to enable completion Statement of Applicability – I will be using the same compliance company as we do for 13485 and have provisionally booked stage 1 for September – additionally, one business creates non-medical digital assets in addition to medical devices, so am seeking 9001 there also. Pretty full on as you can imagine.
BSI are constantly mailing me pushing their Compliance navigator tool, but I think we are too small (70 people between both) and would use too little to justify the costs they’re quoting – is Conformio a similar tool?
Currently, Conformio is not designed to work with multiple standards, and in cases like yours we recommend you take a look at our documentation toolkits:
- https://advisera.com/27001academy/iso-27001-documentation-toolkit/
- https://advisera.com/9001academy/iso-9001-documentation-toolkit/
- https://advisera.com/13485academy/iso-13485-documentation-toolkit/
They are designed for companies a size like yours, and since these standards share many common requirements, you can use them to implement ISO 27001, ISO 9001, and ISO 13485 together.
For further information, see:
- How to implement integrated management systems https://advisera.com/blog/2015/10/05/how-to-implement-integrated-management-systems/
4 - Also, would you have or have knowledge of anywhere that I might be able to find a regulatory roadmap for medical devices across different regions? ( Seems to be a bit of a minefield and each country seems to have regulations relating to clinical risk management etc in place which must be met in addition to MDR etc).
The following materials will help you regarding the comparison between ISO 13485 and medical device regulations:
- List of worldwide regulations that require implementation of ISO 13485 https://advisera.com/13485academy/blog/2021/03/09/list-of-worldwide-regulations-that-require-implementation-of-iso-13485/
- FDA vs. EU MDR Technical Documentation Matrix https://info.advisera.com/13485academy/free-download/fda-vs-eu-mdr-technical-documentation-matrix
Comment as guest or Sign in
Jun 07, 2022