May, 2009 Newsletter Articles

ISO 9001:2008 Support

May 21, 2009 in Newsletter | 0 comments

Some of you may have used the ISO 9001:2000 Introduction and Support Package to ease the move to ISO 9001:2000. Well, the package has been revised at the ISO web site to reflect ISO 9001:2008 and may help you with the transition to ISO 9001:2008. The package consists of the following seven guidance documents: 1. Guidance on ISO 9001:2008 sub-clause 1.2 “Application” This document explains the concept of excluding an ISO 9001:2008 requirement from a quality management system, as well as, the need to include your justification in...

Read More

QMS-EMS Audit Days

May 21, 2009 in Newsletter | 0 comments

How many audit days would a registrar estimate for your initial stage 1 and stage 2 certification audits, ongoing surveillance visits, and re-certification audits? The International Accreditation Forum (IAF) recently issued a Mandatory Document (IAF MD 5:2009) for certification bodies that contains mandatory provisions and guidance on the time required to audit their clients. The MD 5:2009 document applies to quality management systems (QMS) and environmental management systems (EMS). The effective number of personnel indicated in the QMS...

Read More

Internal Audit Reports

May 21, 2009 in Newsletter | 0 comments

The audit team leader prepares an audit report that is a complete, correct, concise, and clear record of the audit. The written report may include the topics described below. Some topics may not be applicable for your organization and the topics may be included in a different sequence. The asterisked (*) items are the minimum set of topics suggested by QE19011S:2008 for an internal audit report. Audit Objectives (*): Identify the goals of the audit, e.g., to verify conformity, evaluate effectiveness, and identify opportunities for...

Read More

Cybersecurity Controls

May 21, 2009 in Newsletter | 0 comments

Amid increasing scrutiny over U.S. cybersecurity, experts from the private and public sectors are pushing a set of recommendations they say are sorely needed to help shore up the nation’s defenses against data breaches. The resulting Consensus Audit Guidelines (CAG) map out requirements for security controls needed to protect IT installations in government and the private sector. Their creators include the U.S. Department of Homeland Security’s US-CERT unit, the National Security Agency, and the Department of Defense. Commercial...

Read More

CMMI for Services

May 21, 2009 in Newsletter | 0 comments

The Capability Maturity Model Integration (CMMI) for Services, known as CMMI-SVC, is a new model that provides guidance to service organizations for establishing, managing, and delivering services. The model focuses on service provider processes and integrates bodies of knowledge that are essential for successful service delivery. Service organizations are 80% of the world economy. In these lean times, they can benefit by using process improvement to make the most of their resources to achieve desired business results. The new CMMI-SVC is a...

Read More