Sunday, June 25, 2017
Search

author - search results

If you're not happy with the results, please do another search

    0 649

    ISA is a certification body headquartered in the U.S.A., providing certification/registration to ISO 9001, AS9100 and AS9120 Quality Management Systems (QMS). Our assessors are strategically located throughout North America, Middle East and Asia. As we continue to evolve with a service oriented attitude and value added approach, we are mindful that the strategies we pursue and the certifications we issue must ultimately result in long term benefits for our clients.

    Our clients range in size from thousands to single employee and with each Quality Management Systems (QMS), large or small; ISA strives to provide the same level of professionalism, service and support.

    ISA knows the most important relationship in our business is the relationship our clients have with our auditors. ISA has built its reputation as “Registrar of Choice” by employing the most qualified and competent auditors in the field. Our certified Lead Auditors, AIEA (Aerospace Industry Experience Auditors), and AEA (Aerospace Experience Auditors) are seasoned professionals averaging more than 20 years of experience.

      0 537

      Even if you have an informal quality management system within your business it is often difficult to implement the requirements of ISO 9001:2015. Depending on the size of your business this could be a task that may take six to twelve months to complete depending on the established current systems. It is vital that your staff are fully trained and engaged to make any implementation a success. The following 10 tips are vital to smoothly and effectively implementing an ISO 9001 management system:

      1. Get senior management commitment; while this may sound a little cliché, without the full commitment of your management team throughout the business it is going to be very difficult to drive home the changes and improvements that are required.
      1. Provide training at all levels in the business. Your staff needs to understand not only about the requirements of ISO 9001 but also the different quality principles that they should strive to implement within their every day work. Training should be provided on an ongoing basis according to perceived needs.
      1. Ensure that you have effective internal communication. Without this you are not going to be able to maintain the constancy of purpose that is required.
      1. Establish an implementation team with the authority to make things happen. You cannot just implement an ISO 9001 management system by assigning a management representative and expecting them to do everything in isolation. You need to identify the staff that will be required at all levels throughout the business to craft your system.
      1. Conduct a Gap Analysis; you need to fully understand where your current system meets or fails to meet the expectations of ISO 9001:2015 so that you can allocate resources accordingly.
      1. Involve customers and suppliers in analyzing your current systems. It is important to understand how others view the effectiveness of what you currently do and what they expect from you to improve things.
      1. Plan your implementation fully; responsibilities, roles and schedule. As with any project, the better that you plan it the more likely you are to have success.
      1. Create clear and concise policies and objectives for quality to provide the company with a common direction. Well communicated and understood these will help your company to move forward together.
      1. Encourage everyone to question and improve. It is not enough to only have auditors looking for issues with the systems; everyone should continually seek better ways to do things.
      1. Conduct regular reviews of your ISO 9001 management system through your auditing process to ensure that you are continually improving how your systems function.

      In addition to the above, foster a good relationship with your certification body. Your auditor is not there to catch you out. They will want to help you to develop and grow a system that will significantly benefit your business, so use them fully.

        0 261

        – 30 years of industrial and business experience covering diverse industries including medical, and automotive
        – Audit / implementing ISO 9001, 13485, 14001, 14971, 62366, 21 CFR 820, MDDEV, 93/42/EEC
        – Deployment of Lean, Six Sigma, and training on the same from White and Yellow Belt to Master Black Belt
        – Supply Chain Management and Risk Analysis

        Certifications: Six Sigma Black Belt, CQA, CQE, CQM/OE

        Worked for / with world leading corporations such as Dell, Applied Materials, DuPont, Abbott Labs, and more
        Coached business leaders from small and medium firms to large corporations across the world.

        Author: Ten Mistakes of Risk Management, 5S Foundation for Personal and Business Excellence,
        Do-Magic with Your Business (upcoming), Do-Magic with Your Startup (upcoming)

          0 478

          For over 25 years, Radian Compliance Consultants have been helping clients obtain and maintain compliance and/or certification with standards and regulations.

          Over time, we have built a team of leading experts in Information Security, Physical Security, Service Management, Risk Management, Business Continuity, ITAR Compliance and Inspection Services.   We support multiple ISO standards as well as frameworks for CMMI, SSAE 16 and FedRAMP.

          We support our client’s initiatives with Assessment, Implementation, Internal Audit and Education.

          Information Security

          Our Information Security practice is centered around ISO 27001:2013, NIST 800-53 and COBiT.  We support client requirements for certification and compliance to one or many of these standards.  Whether you are a government contractor with a requirement to support ISO 27001 or a Cloud Service Provider under FedRAMP, we can support your program.

          Private Security

          A specialized subset of Radian Consultants that have extensive experience with Private Security, support our program under PSC.1 and the soon to be released ISO standard for Private Security.  Our team is comprised with experts in Human Rights as well as experienced former military personnel.  Our program lead contributed to the PSC family of standards and is listed as one of the authors.

          Business Continuity

          Our team is highly skilled in all aspects of Business Continuity and have real-world experiences in ensuring plans are relevant and tested.  Our practice supports a variety of standards including ISO 22301, ASIS – SPC.1.  Our program lead contributed to the SPC family of standards and is listed as one of the authors.

          Service and Quality Management

          At the core of our expertise are the skilled consultants who are expert in Service Management under ISO 20000-1:2011 and Quality Management under ISO 9001:2008 (soon to be 2015).     Any of our team members can support a client’s initiatives with implementing a management system that works for their business and meets customer demands.

            0 0
            Top 5 Tips for Effective Procedures

            0 115
            If your company is in the process of becoming certified to ISO 9001:2015, you’re probably wondering, “What do we need to do to ensure...

            0 122
            When organizations decide to implement an Information Security Management System they often wonder what is the difference between ISO 27001 and the ISO 27002?...

            0 648
            Are your Business Management Systems still operating in Silos? If so then you may want to think about adopting a more integrated approach... Steve Tyler, CEO...
            What Does Schedule 16 of Bill 70 Really Mean for Companies in Ontario?

            0 589
            On the 8th of December in 2016 Schedule 16 of Bill 70, the Building Ontario Up for Everyone Act (Budget Measures), 2016, gained royal assent...

            0 638
            “What’s in it for me?” is not an unreasonable question for anyone to ask, especially if you are going to ask them to spend...

            0 889
            Documented Information for ISO 9001:2015 With the relatively recent release of ISO 9001:2015, many companies are still asking themselves what documentation is required. Back with...

              0 623

              Perry L. Johnson is the founder of Perry Johnson Registrars. He is one of the world’s foremost authorities in quality, having written more than 15 manuals covering topics from Total Quality Management to Statistical Process Control and ISO/QS-9000. Johnson’s first book on ISO 9000, ISO 9000: Meeting the International Standards, published by McGraw-Hill, has been a best-seller, and is now in its second edition. Johnson holds a bachelor’s degree in mathematics from the University of Illinois at Champagne-Urbana, and a master’s degree in psychology from the University of Detroit. Mr. Johnson is the author of the best-selling definitive text on international quality standards and certification, ISO 9000: Meeting the New International Standards (McGraw-Hill, 1993), now in its second edition as ISO 9000: Meeting the International Standards (McGraw-Hill, 1997); the breakthrough text, Keeping Score: Strategies and Tactics for Winning the Quality War (Harper Collins, 1989); ISO 14000 Road Map to Registration (McGraw-Hill, 1997); ISO 14000: The Business Manager’s Complete Guide to Environmental Management (John Wiley & Sons, 1997) and the ISO/QS-9000 Yearbook: 1998 (McGraw-Hill, 1998).

              1 2106

              The new ISO 9001:2015 represents a major change to the 9001:2008 version. One of these changes regards the Quality Management Systems (QMS) documentation.

              The 2008 version of the standard, uses two separate terms “documents” and “records” to identify its documentation, whereas, in the recently published Draft International Standard of the new revision, both these terms are combined as “documented information”.

              For those familiar with the 2008 version, it can be said that where it refers to “documented procedures” in the new revision it is expressed as a requirement to maintain documented information. Also, where the 2008 version refers to as “records” it is now expressed as a requirement to retain documented information. Below, there’s a list of the documented information that the new standard requires to be maintained and retained.

              Documented information that is required to be maintained with ISO 9001:2015

              • The scope of the QMS, including the products and services it covers and the justification of those requirements that the QMS will not be able to apply.
              • Information that supports the operations of processes.
              • The quality policy.
              • Information that defines characteristics of products and services, activities to be performed, and the results to be achieved.

              Documented information that is required to be retained with ISO 9001:2015

              • Information necessary to have confidence that processes are being performed as planned and conform to requirements.
              • Information on the quality objectives.
              • Information as evidence of fitness for purpose of monitoring and measurement resources.
              • Information as evidence of competence.
              • Information describing the results of the review of requirements related to products and services.
              • Information resulting from the design and development process.
              • Information on review of design and development changes.
              • Information of the results of the evaluation, monitoring of performance and re-evaluation of the external providers.
              • Information necessary to maintain traceability when required.
              • Information describing the results of the review of changes, personnel authorizing the change, and any necessary actions
              • Information providing traceability to the person(s) authorizing release of products and services for delivery to the customer.
              • Information on actions taken on nonconforming process outputs, products and services.
              • Results of monitoring and measurement activities.
              • Information as evidence of the implementation of the audit programme and the audit results
              • Information as evidence of the results of management reviews.
              • Information as evidence of the nature of the nonconformities, actions taken, and the results of any corrective action.

              As it can be seen from the above list, in the new version of the standard, it will not be required to create and maintain a Quality Manual, which has been around since the creation of ISO 9001 in 1987.

              ISO 9001:2015 is still under development, and it is possible for some changes to occur before its final version is released on September 2015.

                0 0
                ISO 17025 contains all of the requirements that testing and calibration laboratories have to meet if they wish to demonstrate that they operate a management system, are technically competent, and are able to generate technically valid results.
                ISO 17025 contains all of the requirements that testing and calibration laboratories have to meet if they wish to demonstrate that they operate a management system, are technically competent, and are able to generate technically valid results.

                ISO 17025 is an International Standard, used by testing and calibration laboratories, which specifies the general requirements for the competence to carry out tests and/or calibrations, including sampling. It covers testing and calibration performed using standard methods, non-standard methods, and laboratory-developed methods.

                ISO 17025 contains all of the requirements that testing and calibration laboratories have to meet if they wish to demonstrate that they operate a management system, are technically competent, and are able to generate technically valid results.
                ISO 17025 contains all of the requirements that testing and calibration laboratories have to meet if they wish to demonstrate that they operate a management system, are technically competent, and are able to generate technically valid results.

                This standard, ISO/IEC 17025:2005, General requirements for the competence of testing and calibration laboratories, was first issued in 1999 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It was produced as the result of extensive experience in the implementation of ISO/IEC Guide 25 and EN 45001, both of which it replaced.

                ISO 17025 contains all of the requirements that testing and calibration laboratories have to meet if they wish to demonstrate that they operate a management system, are technically competent, and are able to generate technically valid results. The standard requires laboratories to demonstrate continual improvement, perform regular internal audits to identify opportunities to make the test or calibration better and it drives the laboratory to keep abreast of scientific and technological advances in relevant areas.

                The use of this standard applies to all organizations performing tests and/or calibrations. These include, first-, second- and third-party laboratories, and laboratories where testing and/or calibration forms part of inspection and product certification. ISO 17025 applies to all laboratories regardless of the number of personnel or the extent of the scope of testing and/or calibration activities. Laboratory customers, regulatory authorities and accreditation bodies may also use it in confirming or recognizing the competence of laboratories.

                Laboratories that use this standard will be able to:

                • Implement a quality system aimed at improving their ability to consistently produce valid results.
                • Seek accreditation from an Accreditation Body.
                • Demonstrate their customers and other interested parties that they are technically competent and able to produce precise and accurate test and/or calibration data.
                • Operate in many countries where most labs must hold accreditation in order to be deemed technically competent. In many cases suppliers and regulatory authorities will not accept test or calibration results from a lab that is not accredited.

                This standard incorporates those ISO 9001 requirements that are relevant to the scope of testing and calibration services that are covered by the laboratory’s management system; therefore, all testing and calibration laboratories that comply with ISO 17025 will also operate in accordance with ISO 9001.

                The following referenced documents are indispensable for the application of ISO 17025:

                • ISO/IEC 17000, Conformity assessment — Vocabulary and general principles
                • VIM, International vocabulary of basic and general terms in metrology, issued by BIPM, IEC, IFCC, ISO, IUPAC, IUPAP and OIML.

                  0 0
                  Accreditation bodies allow organizations seeking accreditation can demonstrate to their customers that they have been successful at meeting the requirements of international accreditation standards.

                  ISO 17021 is an International Standard that provides Certification Bodies (CB) with a set of requirements that will enable them to ensure that their management system certification process is carried out in a competent, consistent and impartial manner.

                  The conformity assessments done by ISO 17021 certified CBs provide value to all types of organizations.
                  The conformity assessments done by ISO 17021 certified CBs provide value to all types of organizations.

                  ISO/IEC 17021:2011 Conformity assessment — Requirements for bodies providing audit and certification of management systems, as it is officially called, was prepared by the ISO Committee on conformity assessment (CASCO) in 2006. It was developed to fulfill the need to have an International Standard that could facilitate the recognition of bodies that were performing conformity assessments and the acceptance of their certifications on a national and international basis; making it easier to recognize management system certification in the interests of international trade.

                  This International Standard provides a set of requirements for management systems auditing at a generic level, aimed at providing a reliable determination of conformity to the applicable requirements for certification, conducted by a competent audit team, with adequate resources and following a consistent process, with the results reported in a consistent manner.

                  ISO 17021 is intended for use by CBs that carry out audit and certification of management systems. It gives generic requirements for such CBs performing audit and certification in the field of quality, environmental and other forms of management systems. These CBs (also called Registrars) can be non-governmental or governmental (with or without regulatory authority) and they do not need to offer all types of management system certification.

                  More and more organizations are seeking certification of their management systems (quality, environmental, OH&S, etc.) to demonstrate that it conforms to specified requirements, is capable of consistently achieving its stated policy and objectives, and is effectively implemented. The conformity assessments done by ISO 17021 certified CBs provide value to these organizations, its customers and interested parties by assuring them that:

                  • They are competent to evaluate their management system(s).
                  • The value of the issued certificate will be recognized by all the organization’s interested parties.

                  The bodies that certify if a CB is operating to ISO 17021 are called Accreditation Bodies, and the CBs accredited by them are referred to as Accredited Certification Bodies. It’s not mandatory for a CB to comply with ISO 17021 in order to perform conformity assessments and issue a given certificate; however, the value of the certificate issued may not be recognized by all stakeholders.

                  The following referenced documents are indispensable for the application of this International Standard.

                  • ISO 9000, Quality management systems — Fundamentals and vocabulary.
                  • ISO/IEC 17000, Conformity assessment — Vocabulary and general principles.

                    0 0

                    ISO 27001 is an international standard that describes how to manage information security in an organization. It specifies the requirements for establishing, implementing, maintaining, and improving an Information Security Management System (ISMS).

                    ISO 27001 offers a set of specifications that describe the features of an effective ISMS.
                    ISO 27001 offers a set of specifications that describe the features of an effective ISMS.

                    ISO/IEC 27001:2013 – Information technology – Security techniques – Information security management systems – Requirements was first published in October 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

                    In today’s globalized world, organizations are relying more and more on electronic media to keep records and data of sensitive information. In order to protect this information, organizations have the need to implement an ISMS. ISO 27001 offers a set of specifications that describe the features of an effective ISMS. This standard has a systematic approach to managing sensitive company information so that it remains secure. It encompasses people, processes, and information technology (IT) systems and its main objectives are:

                    • Confidentiality, which ensures the availability of information only to those who are authorized to access,
                    • Integrity, which protects the accuracy and completeness of information and processing methods, and
                    • Availability, which ensures that authorized users have access to information and associated assets when required.
                    ISO 27001 can help an organization protect their information from threats and to comply with a range of regulatory and statutory requirements.
                    ISO 27001 can help an organization protect their information from threats and to comply with a range of regulatory and statutory requirements.

                    ISO 27001 is suitable for organizations of all sizes and sectors, anywhere in the world. Any organization that wants to protect their information from threats and to comply with a range of regulatory and statutory requirements related to information protection can implement this standard. Organizations that comply with this standard can:

                    • Establish a clear and structured methodology for security management.
                    • Reduce risk of loss, theft or corruption of information.
                    • Continually review the risks and its controls.
                    • Increase customers and strategic partner’s confidence.
                    • Ensure continuity of business operations required after serious incidents.
                    • Comply with legislation relative personal information, intellectual property and others.
                    • Improve their image.
                    • Reduce costs and improve processes and service.
                    • Integrate the ISMS with other management standards such as ISO 9001 and ISO 14001.

                    The ISO 27000 family of standards offers a set of specifications, codes of conduct, and best practice guidelines on designing, implementing, auditing, and certifying information security management systems. The ISMS can protect the confidentiality, integrity, and availability of the information. Of primary interest to information security are ISO 27001, ISO 27002 and ISO 27005. Of all the ISO 27000 family of standards, ISO 27001 is the only one that organizations can receive certification for as it offers the specification of an effective information security management system; however, this standard is not a guide. For guidance, organizations should use other standards of the ISO 27000 series.