Friday, April 11, 2014

Quality Managements System Requirements for ISO9001

When achieving an ISO 9001 certification for your business one amongst the most requirements is that the installation of a highly effective Quality Management System. This 'QMS' forms the backbone of the ISO 9001 needs and can enable you to boost the standard of your services or product whereas at the same time up your client satisfaction levels.

The requirements of ISO9001 stipulate 3 areas that the standard management system should cover. Foremost the standard management system should have correct and thorough management in site to confirm that it runs easy, is effective and is maintained so far by either management or workers members within the organization. By doing this all members of workers are utterly alert to what's expected of them and the way they have to still management quality in their role. Second it should provide a benchmark to live quality against; this provides a baseline normal for any product or services and eventually a reference against that the performance of the organization may be measured. Reviewing this reference and sterilization targets conjointly forms a part of the system, permitting organizations to continually improve on their quality processes.

Within the standard management system there are varieties of ISO 9001 requirements that the organization should meet relating to ISO 9001procedures documentation. The states that there should be each a formally written quality policy and quality manual - each are thought of to be essential for the right operating of the QMS.

The iso 9001 quality manual is key requirements that totally outline associate degree organization’s quality management system (QMS) and conjointly justify any choices encompassing exclusions from the quality. It conjointly should detail UN agency is liable for that facet of the QMS inside the country and the way the processes act and follow on from one another - the system can work on a 'plan, do, check, act' methodology like several alternative systems lined by ISO standards.

The quality policy should be specifically written every for individual organization desirous to become ISO 9001 certified - each business is totally different therefore a high quality policy must be tailored to every. It should embody an area regarding however the organization is committed to yielding with the ISO 9001 requirements and the way they attempt to frequently improve on their quality management system to form it additional thorough and effective. The policy is conjointly is additionally needed to supply a framework outlining once quality objectives are reviewed and it also should be clearly communicated and understood by the workers and management of the organization.
Posted by ISOConsultant at 11:17 PM 15 comments
Labels: , , , , ,

Tuesday, May 15, 2012

Calibration Services and Automation System

Accurate calibration and measurement of strategic quantities such as flow, temperature, and pressure is an essential part of the control or monitoring of operation of any process. A physical quantity called the measured value and process variable is converted by a measurement system in a measured value, usually an electrical or pneumatic signal which can be used for display of control.

Now, from the chart of control (automation) system we can see that the measurement device is most important for the control or to run the all system smoothly, accurately & in some hazardous chemical process most important to prevent an accident.

In any chemical plant for to neutralize the acid, pH control system is run. Let us take an example of an Automation system, which is run to stop the acidic chemical entering into the vessel in such type of neutralization process. In the system the pH sensing probe sense the pH value of the chemical and converts into corresponding mili volt and thus process value is fed to the control device (pH controller). In the pH meter calibration controller reference value of pH is feed. Now the neutralization process gives the corrected signal to the process until the pH value of the chemical will be equal to reference value after that it will feed to the vessel. In this process the sensor (measuring device) is most imp portion because the final pH value of the chemical depends on that. If the measuring device is not calibrated and it gives incorrect signal to the system then there may be chances of entering acidic chemical into the vessel and the vessel may blast. So to prevent an accident monitoring of measuring devices (calibration) must be required.

In any chemical plant to neutralize the acid, pH control system is run. In the calibration services of instruments the pH sensing probe sense the pH value of the chemical and converts into corresponding mili volt and thus process value is fed to the control device (pH controller). In the pH controller reference value of pH is feed. Now the neutralization process gives the corrected signal to the process until the pH value of the chemical will be equal to reference value after that it will feed to the vessel. In this process the sensor (measuring device) is most imp portion because the final pH value of the chemical depends on that. So to have accurate measurement and to get desired value of substance the measuring device must be accurate and to maintain its accuracy the calibration is essential.
Posted by ISOConsultant at 6:02 AM 7 comments
Labels: , , , , ,

Friday, April 13, 2012

Overview of ISO 27001 Information Securtiy Management Standard


Overview of ISO 27001
  • Security Management Standard: (Security + Availability): Secure Business
  • Key controls – Differ- Industry to Industry
  • Importance of ISMS
  • Loss of Reputation
  • Business Continuity
  • Loss of Data for Process Continuity
  • Customer Specific Requirement: Contractual Obligation.
  • Regulated by HIPAA Law: Health Insurance Portability and Accountability Act – Mandatory since Apr’05.
  • Productivity Loss
  • PDCA Model
  • Takes care of Confidentiality, Integrity and Availability- For all Information Assets
  • Right Information available to Right People at Right Time.
  • BS 7799 Part 2:2002 – Certifiable standard
  • Guideline Document: iso 27001 standard – Further Revised in 2005.
  • Initiative from Department of Trade and industry in 1995- Part 1. Part 2 released in 1998. In 1999- Swedish standard SS 62 7799 Part 1 &2 and new issue of BS 7799 Part 1 &2.
  • In Dec’00 – ISO/IEC 17799:2000 released
  • In 2001: New BS 7799- P2 drafted and Accepted in Sep’02.
  • Standard: Four Mandatory requirements of Standard + Annexure A: Possible Controls.
  • Develop, Implement and Maintain ISMS System for continually improve in context to Organization Business Requirements and Risk.
  • Section 5: Management Responsibility
  • Section 6: MRM
  • Section 7: Continual Improvement
  • Annexure A: Management Controls
  • Information Security Policy (A.3)
  • Organizational Security: What are the activities to be done at Organization level for managing security?  Eg Contractual requirements. (A.4)
  • Asset Classification & Controls. (A.5)
  • Personnel Security- Security from the Personnel. (53% frauds by internal people) (A.6)
  • Physical and Environmental Security (A.7)
  • Business Continuity Management (A.11)
  • Compliance (A.12)
Technical Requirements
A.8:    Communication & Operational Management – Focuses on basic infrastructure
A.9:    Access Control – Network only- No Physical. For Physical details under A7.
A.10:  System Development & Maintenance - Focuses on Software Development.

Total 36 Objectives and 127 Controls:
  1. Basic Focus of ISMS: Predictability & Repeatability
  2. Procedural Security & Technical (Product) Security
  3. Preventive Controls – Firewall,
  4. Detective Control: IDS.
  5. All Assets impacting CIA are termed as Information Assets.
  6. Users are all those having access to all information assets.
Section 7
  • Continual Improvement
  • Corrective Action
  • Preventive Action 
ISO Organization Implications
Management, Employees, Customers/Users, Share Holders, Company Culture, Ownership, Legislation

Success of ISMS Depends
  • Policies, objectivities and activities match business needs and requirements.
  • Develop ISMS in line with existing Organizational Culture
  • Change Management-
  • Preventive Controls rather than Detective controls
  • Awareness
  • Commitment from Management
  • Identify Information Assets impacting CIA
  • Understanding of Security & Risk
  • Effective marketing of security within the organization.
  • Distribution of guidelines on policy and procedures.
  • Training & education
  • PDCA 
Management Commitment
  • Policy
  • Objectives
  • Roles & responsibility
  • Communication
  • Resources
  • Levels of Risks
 Scope of ISMS:
Define scope based on Business Characteristics, Organizational Characteristics, Locations, Information Assets and Technology
Scope defines the ISMS deployed for all Information Assets- For Basic Focus on identified Information Assets for effective controls with geographical and logical boundaries.

Source: Globalmanagergroup.com
Posted by ISOConsultant at 6:46 AM 5 comments
Labels: , , , ,

Saturday, March 17, 2012

OHSAS 18001 Guidelines and Safety Policies

OHSAS 18001 Policy Guidelines:

The OHSAS Policy is a public statement by the organisation of its intentions and principle in relation to its overall OHSAS performance, which provides a framework for action and for the setting up its OHSAS objectives and targets. The OHSAS Policy acts as the driving force behind all of the enterprise's activities in the OHSAS field, and can have far-reaching business implications for the future direction of the enterprise. It should be integrated into the enterprise's overall business strategy and should also be compatible with other organisational policies such as Quality or Occupational Health and Safety. It must therefore be initiated, developed and actively supported at the highest levels within the organisation.

The responsibility for developing the OHSAS 18001 Policy should therefore rest with those at the very top of the enterprise (e.g. the Board of Directors or other governing body) and it should be signed by the Chairman, Chief Executive or similar top manager as evidence of commitment. Management will then be responsible for implementing the policy, but continuing support from the top of the enterprise will be needed during the further development of the OHSAS management system and for the organisational changes, which will result from its implementation.

DEVELOPING THE OHSAS 18001 SAFETY POLICY:


The OHSAS Policy is based in part on the findings and conclusions of the Initial OHSAS Review. A number of important factors need to be considered. These are essential to ensure that the policy relates not only to the enterprises individual needs and ideas, but is also in line with recognized ohsas 18001 certification good practice and any relevant industry-specific guidelines. If the enterprise is interested in working towards certification of its OHSAS management system (now or in the future) then it may also be important to ensure that the policy will conform to the requirements of such a standard.

Once a policy has been developed and published, the enterprise's OHSAS performance will be judged against it. It is therefore worthwhile spending time to ensure that the policy provides and exact statement of the enterprise's objectives and can be used as a basis for the development of targets and the OHSAS programme.
Other important sources of information for input into the OHSAS safety Policy development process include the following:  
  • The result of the Initial OHSAS review
  • The enterprise's value and beliefs, such as its (desired) relationship with its employees, the local community and the general public.
  • The enterprise's business strategy and strategic plan elements relating to the enterprise's (OHSAS) direction, opportunities and risks, medium and long term planning including internal and external limits, and opportunities in capabilities and resources.
  • Any existing statement on OHSAS aspects; mission statements, old policies, previous statements of commitment in internal/external reports.
  • Other policies in existence: such as occupational health, safety, quality
  • The views of stakeholders (shareholders, staff) and other interested parties
  • Written standards: available recognized ohsas 18001 standard for occupational health and safety  management system which include prescribed elements for OHSAS Policy statements
  • General statements of OHSAS principles: e.g. from government, public bodies, industry associations, which are relevant to the individual enterprise
  • Other codes to which the enterprise subscribes
  • Examples of OHSAS Policy statements: from similar companies or enterprises
  • Clear definition of the geographical and organisational boundaries of the policy: which countries/regions and which sites, departments or activities are to covered by the policy
  • Any specific local or regional conditions.
CONTENT OF THE OHSAS 18001 SAFETY POLICY:

An OHSAS Policy should clearly delineate the OHSAS areas to be addressed by the enterprise of Organisation and should be relevant to its activities, products and /or services. The policy may address very broad aspects of the enterprise's activities (such as waste reduction), depending on the nature of those activities. Many ohsas 18001 policies also include aspects of occupational health and safety including statements regarding the working OHSAS.

Some ideas for the content and wording of statements of commitment in an ohsas safety policy are given below. However, these should not be copied as such and should always be placed in context. The policy must be appropriate to the individual enterprise. It may be as brief as one sentence or as long as 10 pages.

General Principles:
  • Define extent of OHSAS responsibility (customers, suppliers, staff etc.)Ensure minimum of compliance with legislation
  • Provide for development of corporate standards in the absence of legislation.
  • Establish system to ensure full control of OHSAS situation (impact and risks)
  • Make commitment to continual improvement in OHSAS performance (step by step); this is also a requirement in ohsas 18001  -standard, such as ISO 14001
  • Make commitment to prevention of pollution if compliance with iso 14001 is intended
  • Develop OHSAS performance evaluation procedures and indicators
  • Embody life cycle thinking
  • Work towards the achievement of sustainable development
  • Commit to development and implementation of an OHSAS system
  • Provide adequate resources for OHSAS management
Strategy and Planning:
  • Consider OHSAS issues in investment policy and practice
  • Minimize the OHSAS impacts of new developments through the use of OHSAS management procedures and OHSAS impact assessment in strategic planning, and project definition and implementation
  • Influence suppliers in order to ensure that they contribute to the realization of the policy.
Specific Policy Goal: 
  1. Support for the use of best available technology and management practices.
  2. Promotion of appropriate OHSAS legislation and requirements
  3. Waste reduction / minimization
  4. Reduction in consumption of resources (materials, water, energy)
  5. Prevention of pollution
  6. Reduction or elimination of (specific) emissions to the OHSAS
  7. Commitment to recovery and recycling, as opposed to disposal where feasible
  8. Reduction in the use of hazardous substances and use of alternatives where possible
  9. Reduction in packaging
Compliance:
  1. Co-operation with regulatory authorities
  2. Compliance with OHSAS regulations in all areas of operations
  3. Compliance with local or corporate ohsas 18001 standards whichever are the most stringent
  4. Compliance with the principles set down by the industry association or the ICC Business Charter for Sustainable
Find ready to use iso manual, iso templates and iso formats documents with free demo download
    Posted by ISOConsultant at 12:08 AM 4 comments
    Labels: , , , , , , ,

    Tuesday, February 28, 2012

    Advantages of ISO 9001 14001 Integrated Management System

    ISO 9001 and ISO 14001 Quality Environment Integrated Management Standard consist of Integrated ISO 9001-2008 and ISO 14001-2004. The ISO 9001 14001 integrated management system is central to strategy for developing a quality, environmentally sustainable business. Implementing integrated management system (IMS) on quality and environment the performance of the employees can be improved which helps in reducing cost of production and maintain quality of products. Also with iso 9001 14001 - quality and environment management system, companies maintain their quality environmental issues. It is essential that environment, quality and environmental safety issues are involved within an organization's day-to-day activities and that they are an integral part of their overall management system.

    Implementation of proper ISO integrated system as per requirement of iso 9001-2008 and iso 14001-2004 standard improves business, often having a positive effect on investment, market share, sales growth, sales margins, competitive advantage and avoidance of litigation. ISO 9000 guidelines provide a comprehensive model for quality management systems that can make any company competitive. ISO 9001 14001 standard certification includes documents of all procedures and processes, including operational and documentation control, the establishment of emergency procedures and responses, and the communication with employees, to ensure they can competently implement the necessary processes and record results. ISO 9001 14001 quality environmental management can be a very effective ISO QMS EMS certification tool to identify these cost savings opportunities for some organizations. Some other organizations can falter in its planning, lack of senior management commitment and poor understanding of how it should be implemented and find themselves managing an ineffective iso 14001 EMS Certification. Among the wide advantages of the ISO Quality System standard to make vibrant culture some are as follows:

    Key Advantages of ISO 9001 14001 Integrated Management System
    • Creates a more efficient, effective operation.
    • Increases customer satisfaction and retention.
    • Reduces third party ISO 9001 14001 audit .
    • Improved quality (reduction in waste, rework, scrap, less complaints, etc.).
    • Reduction of waste and consumption of resources.
    • Reduce operating costs.
    • Increase long term viability of businesses.
    • Enhance market share and increase growth in sales.
    • Identification of possible areas which can save costs such as recycling, landfill costs, utilities.
    • Positive response from investors, lenders,& insurers.
    • Improves employee motivation, awareness, and morale with the help of ISO 9001.
    • Promotes international trade.
    • Increases profit by implementing ISO Quality System.
    • Greater control of processes and activities throughout organization.
    • An onward journey of improvement is possible on an on-going basis.
    • Minimizing the risk of regulatory and environmental liability fines.
    • Improving an organization’s efficiency Increases customer satisfaction and retention.
    • Provides competitive advantage against companies that do not adopt the standard.

    Global Manager Group is a leading name for iso 9001, iso 14001, ohsas 18001 consultancy services. They also offers readymade iso 9001 14001 ready to use documents as well as hse manual and hse audit checklist for integrated management system implementation.

    Posted by ISOConsultant at 2:13 AM 4 comments
    Labels: , , , , , , , , , ,

    Thursday, June 2, 2011

    Objective of ISO 9001 Quality Management System

    The objective of ISO standard certificate is to promote the development of standardization and related activities with a view to facilitate the international exchange of goods and services, and to develop corporation in the spheres of intellectual, scientific, technological and economic activity. Work of the ISO results in international agreements, which are published as international standards.

    Why ISO?

    ISO is well established in many diverse fields and will continue to grow for the following reasons:
    •     Worldwide progress in trade liberalization
    •     Interdependence of sectors
    •     Worldwide growth of communication systems
    •     Need of global standards in emerging technologies
    •     Standardization of economic policy for achieving sustainable growth.
     
    Who Can Go For ISO

    ISO can be granted to any organization regardless of what it does, its size, or whether it’s in the private, or public sector. It is applicable across an entire gamut of industrial sectors ranging from manufacturing, service and academic organizations.

    Is Certification Expensive For Small Organizations?

    Bureau of Indian Standards always gives the small-scale industries a discounted fee structure to encourage them to take up certification. Similarly, most of the other certifying bodies also help the small companies, in this regard. The Government of India also gives a subsidy to the tune of Rs. 75,000/- to small-scale industries.

    Benefits:
    •     The client favors the ISO certified company
    •     Development of streamlined and well defined procedures
    •     Clarity about processes and objectives in the organization
    •     Improved predictability and reliability
    •     Increased efficiency
    •     Confidence in operations
    •     Better realization of client and industry expectations
    •     Focus on continual improvement for every process
    •     Quality manual becomes an important marketing support document not only for new projects but also for image enhancement
    •     Easy monitoring of internal work
    •     System based working - easier and faster training of new employees.
     Will ISO: 9000 System Increase Documentation?

        Previous version of ISO: 9000 (1994) emphasize on documents and document control. But as per new standard the extent of documentation can differ from company to company in a simplified manner.

        ISO: 9000 quality management system requires records at relevant stages, which provide data for continual improvement and can be used for legacy as a data bank.   
      
    Is ISO: 9000 Certification Applicable For Product Quality?

    ISO: 9000 is applicable for the management system only and not for product quality. Implementation of ISO: 9000 quality management system assures product quality instead of ensuring product quality.

    Procedure For Getting ISO 9000 Certification
    1.     Framing quality policy and quality objectives.
    2.     Preparation of quality manual and process procedures in line with ISO 9001 document requirements.
    3.     Awareness training program for all staffs shall be arranged.
    4.     Internal quality auditors shall be trained.
    5.     Internal quality auditing shall be conducted.
    6.     Management review of quality management system.
    7.     Co-ordination with certification body.
    8.     Certification auditing.
    9.     ISO: 9000 certification.
    10.     Periodical auditing every six months by certification body.
    Why Does ISO-9000 Implementation Fail?
    •     Over emphasis on documentation
    •     Poorly designed system
    •     Inexperience of the personnel
    •     Insufficient top management commitment
    •     Prohibitive cost factors
    How Does ISO 9000 System Improve the Performance of A Company?
    •     ISO 9000 system identifies the important processes.
    •     The current status of the performance of the process is measured.
    •     A target is fixed for improvement (quality objective).
    •     An action plan is prepared and implemented.
    •     The improvement is measured and enhanced.
    •     The improvement cycle is checked for its effectiveness through internal auditing and management review.
    •     After achieving the target, new target is fixed.

    Read other latest post about ISO 14001 - Environment Management System.
    Source: ISOqualitykit.com
    Posted by ISOConsultant at 5:52 AM 1 comments
    Labels: , , , , , , , ,

    Wednesday, May 4, 2011

    Overview of ISO 14000 Standards

    ISO 14000 series is voluntary and based on international consensus as 65 countries are participating in the standards development process. The ISO 14001standards are generic, i.e. applicable to both manufacturing and service organization, in public and private sectors. They say what should be done by an organization to manage the impact on the environment of its activities, but do not dictate how to do it. Thus ISO 14001 EMS has impact on the issues listed below.

    Following issues for Industry are  considered

    • Air Pollution
    • Water Pollution
    • Water use
    • Other Resource Use
    • Hazardous Substances
    • Biological Hazards
    • Radiation
    • Waste
    • Noise
    • Community Concerns
    • Wildlife & Habitats
    • Accidents & emergencies
    • Planning Issues 
    • Interface with other Health & Safety Issues

    ISO 14000 series of standards can be classified as the specification standard and guidance standard. ISO 14001 is the only specification standard to which companies would be registered. All other standards mentioned in the Table-1 are guidance standards and so are not prescriptive.

    The overall aim of this international standard is to support environmental protection and prevention of pollution in balance with socio - economic needs. However, it is not intended to be used to create non-tariff trade barriers or to increase or change an organization's legal obligations.
       
    This international standard does not incorporate occupational health and safety management system elements. Nevertheless, the certification / registration process will only be applicable to aspects of the environmental management system. The company has to take ISO 14001 training and make targets related to environment issues for long run and achievement for the same. Also provisions for emergency so that environment is no where affected by the company. The elements of  ISO 14000 are listed below.

    ISO 14001 Environment Management System - EMS


    The ISO 14001 Specification envisages 5 Core Elements for EMS, for the purpose of certification by third parties. These are:
       
    1. Commitments and Policy
    An organization should define its environmental policy and focus on what needs to be done for ensuring continual environmental performance. It should also ensure commitment to the policy.

    2. Planning
    An Organization should formulate a plan to fulfill its environmental policy.

    3. Implementation
    For effective implementation an Organization should develop the capabilities and support mechanisms necessary to achieve its environmental policy, objectives and targets.

    4. Measurements and Evaluation
    An organization should measure, monitor and evaluate its environmental performance.

    5. Reviews and Improvement
    An organization should review and continually improve its environmental management system, with the objective of improving its overall environmental performance.


    Source: Globalmanagergroup.com
    You can read my other post about Benefits of ISO 14001 EMS here.

    Posted by ISOConsultant at 6:13 AM 4 comments
    Labels: , , , , , ,
    Subscribe to: Posts (Atom)