2012 Newsletter Articles

AIAG Quality Guides

Dec 1, 2012 in Newsletter | Comments Off on AIAG Quality Guides

Quality capability and capacity in the supply chain are common concerns across manufacturing sectors. Decades ago, the Automotive Industry Action Group (AIAG) brought the domestic automakers together to develop common quality methods and tools for the supply chain. These became known as the Core Tools, i.e., SPC, MSA, FMEA, APQP, and PPAP. These tools are now being used by other manufacturing sectors, e.g., Aerospace, Defense, and Pharmaceuticals. Later AIAG work produced the quality standards QS-9000 and its successor, ISO TS/16949. The...

Read More

OEE = A x P x Q

Dec 1, 2012 in Newsletter | Comments Off on OEE = A x P x Q

Operating equipment effectiveness (OEE) is the percentage of time that equipment, when running or required for production, is producing good-quality products at an acceptable rate. It is the product of three ratios: availability, performance, and quality. OEE = Availability X Performance X Quality Availability = Machine availability as a percentage of scheduled uptime Performance = Percentage of optimal production rate at which equipment operates Quality = Quality yield percentage of all products for a given line Industry Week says the average...

Read More

IT Security Survey

Dec 1, 2012 in Newsletter | Comments Off on IT Security Survey

The “2012 Global Information Security Survey” by Ernst & Young found cloud computing to be one of the main drivers of business model innovation and IT service delivery. Of the 1,850 chief information officers and chief information security officers that participated in the survey, 59% said they use or plan to use cloud services. However, 38% admitted they have not taken any measures to mitigate risks. Many CIOs and CISOs are struggling to adapt security practices to a changing environment that includes cloud computing, social...

Read More

Audit Sampling

Dec 1, 2012 in Newsletter | Comments Off on Audit Sampling

Auditors know it may not be practical to examine all available evidence due to its volume and dispersal. In those cases, a sample is selected to evaluate against the audit criteria and help develop the audit conclusion. The risk is that the sample may not be representative of the total set of people, documents, practices, and records being assessed. As a result, the audit conclusion may be different than if the auditor had examined the whole population. So, we may over-audit by taking samples that are too large and waste time and resources....

Read More

Atlanta 2013 Classes

Dec 1, 2012 in Newsletter | Comments Off on Atlanta 2013 Classes

Larry Whittington will be teaching RABQSA-certified ISO 9001 Lead Auditor classes in Atlanta on these dates in 2013: February 4-7 March 25-28 April 22-25 June 24-27 July 22-25 August 26-29 September 16-19 October 15-18 December 2-5 These classes will be held at the Country Inn & Suites in the Buckhead area of Atlanta, GA. Our special room rate is $86.00. To enroll in a class, go to this web page and scroll past the course description to see the class schedule. If you have any questions, please call Larry Whittington at 770-517-7944, or...

Read More

DFMEA, PFMEA, and MFMEA

Nov 1, 2012 in Newsletter | 0 comments

Failure Mode and Effects Analysis (FMEA) is an analytical method used to ensure potential problems are considered and addressed throughout the product and process development process. Failure Modes are the ways in which something might fail. The failures are actual or potential errors or defects, especially those affecting the customer. Effects Analysis refers to studying the consequences or effects of those failures. Using FMEA, failures are prioritized by the: Seriousness of their consequences Frequency of their occurrence Likelihood of...

Read More

More on ISO 9001:2015

Nov 1, 2012 in Newsletter | 0 comments

This article includes the clause structure and common text planned for new and revised management system standards, such as ISO 9001 and ISO 14001. Annex SL, Appendix 3, of ISO/IEC Directives, Part 1, “Consolidated ISO Supplement – Procedures specific to ISO”, proposes the high-level structure, identical core text, and common terms and core definitions for use in management systems standards. The aim of the document is to align all management system “requirements” standards and enhance their compatibility. It is...

Read More

ISO 9001 Lead Auditor in Atlanta

Nov 1, 2012 in Newsletter | 0 comments

Larry Whittington will be the instructor for a 4-day ISO 9001:2008 Lead Auditor class in Atlanta on December 17-20, 2012. Students at his last class had this to say: Larry has an expert command of ISO 9001 and is interesting to learn from. He was fantastic. I wish all courses were taught in his manner and style. The instructor is very knowledgeable and presented course material in a very effective way. Larry made a class with boring material interesting and keep me engaged. Larry is a consummate professional. His knowledge and ability to...

Read More

Market-Proof Your KPIs

Nov 1, 2012 in Newsletter | 0 comments

Leading organizations rely on Key Performance Indicators (KPIs) to make critical decisions and gain competitive advantage. In response to changing business conditions, organizations often become distracted and lose focus on the KPIs that are central to their business. To achieve peak performance, executives must rethink how to use KPIs to drive crucial insights — no matter what the market demands. Organizations begin with the best of intentions by creating new performance metrics to measure and assess impact. However, unintended...

Read More

Scope for ISO 20000

Oct 1, 2012 in Newsletter | 0 comments

ISO 20000-1:2011, “Information technology – Service management – Part 1: Service management system requirements”, specifies the requirements to plan, establish, implement, operate, monitor, review, maintain, and improve a Service Management System (SMS). The requirements include the design, transition, delivery, and improvement of services to fulfill the agreed to service requirements. Although the requirements in ISO 20000-1 do not change with organizational structure, technology, or service, operating the processes in...

Read More

Spotting Fake Products

Oct 1, 2012 in Newsletter | 0 comments

From vital medicines to sophisticated airplane parts, failure to identify counterfeit products can result in serious harm to users. The new ISO 12931:2012, “Performance criteria for authentication solutions used to combat counterfeiting of material goods”, will make it easier to expose fakes, everywhere in the world. As a result, the new standard should increase consumer confidence, make supply chains more secure, and help public authorities to create and implement preventive, deterrent, and punitive policies. Counterfeiting has...

Read More

ISO 9001:2015 Plans

Oct 1, 2012 in Newsletter | 0 comments

Since the publication of the minor amendment to ISO 9001 in 2008, the ISO organization has been carrying out extensive research and preparation for the next major ISO 9001 revision planned for 2015. This activity has included: Participating in the work aimed at increasing the alignment of ISO’s management system standards by developing a common high-level structure, common definitions, and some common text (see my July article on New Clauses and Annex SL of the ISO Directives) Studying the latest trends in quality management,...

Read More

Customer Satisfaction

Oct 1, 2012 in Newsletter | 0 comments

The new ISO 10004:2012 standard provides guidance in defining and implementing processes to monitor and measure customer satisfaction. It is intended for use by organizations regardless of type, size, or product provided. The focus of ISO 10004:2012 is on customers external to the organization. ISO 10004:2012, which replaces ISO/TS 10004:2010, is part of the ISO 10000 series of standards on customer satisfaction: ISO 10001:2007 provides guidance on codes of conduct ISO 10002:2004 (Corrigenda 1: 2009) covers complaints handling ISO 10003:2007...

Read More

Webinar on Audit Checklists

Oct 1, 2012 in Newsletter | 0 comments

Webinar: Improve Your Audit Checklist Presenter: Larry Whittington Date: Wednesday, October 10, 2012 Time: 1:00 PM ET (10:00 AM PT) Duration: One Hour Price: $199 Click Here to Register Description: Are audit checklists dead? No. However, to be an effective tool, they should be restructured to drop the canned clause-based questions and identify the expected evidence. Are you considering use of an audit checklist? Have you been told they are no longer recommended and may even cause audits to be ineffective? Before deciding if checklists are...

Read More

Audit Interviews

Sep 3, 2012 in Newsletter | 0 comments

Larry Whittington will present a new one hour “Conducting Successful Audit Interviews” webinar at 1:00 PM ET on September 26, 2012. You can register at this web page. The webinar is described below: Audit interviews are one of four ways to gather information during an audit, the others being to review documents, observe operations, and examine records. Conducting efficient and effective interviews will be the key to a successful audit. During interviews, we gather information about processes that may not be described in a...

Read More

Our Consultants

Sep 3, 2012 in Newsletter | 0 comments

If your organization needs training, consulting, or auditing, we can assign an experienced consultant to help you. Most of our consultants are Exemplar Global or IRCA certified lead auditors and all have worked with management system standards in a variety of industry sectors. Although we are based in Florida, we have consultants available in other states. Click on the consultant names below to see their extensive qualifications. Rich Barish (South Carolina) – ISO 9001, ISO 14001, TS 16949, OHSAS 18001 Roy D’Ardenne (Virginia)...

Read More

Audit Day Table

Sep 3, 2012 in Newsletter | 0 comments

How many audit days would a certification body (registrar) estimate for your initial stage 1 and stage 2 certification audit, ongoing surveillance visits, or re-certification audit? The International Accreditation Forum (IAF) provides Mandatory Documents (MD 5:2009 and MD 9:2011) to certification bodies that contain mandatory provisions and guidance on the time required to audit their clients. MD 5:2009 applies to quality management systems (ISO 9001) and environmental management systems (ISO 14001). MD 9:2011 applies to medical device quality...

Read More

Enterprise Quality

Sep 3, 2012 in Newsletter | 0 comments

The American Productivity and Quality Center (APQC), a nonprofit membership organization specializing in process improvement and benchmarking, released a research-based report, “Using Enterprise Quality Measurement to Drive Business Value,” outlining what it described as eight “imperatives” for an enterprise quality function. The eight imperatives, described as stepping stones in the emerging enterprise quality discipline, are: 1. Align enterprise quality with strategic goals and initiatives. 2. Establish structures and...

Read More

NIST Security Guides

Sep 3, 2012 in Newsletter | 0 comments

The National Institute of Standards and Technology (NIST) has released new guidance on how federal agencies and businesses can deal with network attacks and malware. The advice on the latest in security best practices has been provided in the two publications listed below: 1. Guide to Intrusion Detection and Prevention Systems 2. Guide to Malware Incident Prevention and Handling for Desktops and Laptops Guide to Intrusion Detection and Prevention Systems The Intrusion Detection and Prevention Systems (IDPS) guide covers wireless,...

Read More

Counterfeit Parts

Aug 1, 2012 in Newsletter | 0 comments

(This article is reprinted with permission from the NQA Update Newsletter) In the past, we have published two articles about counterfeit parts, their impact on businesses, and what the industry is doing about addressing this growing concern. In light of the fact that the AS6081 standard is still in draft form, but the accreditation rules for that standard are in the course of being drafted, we are republishing both of those articles again here. Counterfeit Parts Impacting Product Quality, by Kevin Beard Counterfeit Parts Impacting the Global...

Read More

Webinar – Corrective Action

Aug 1, 2012 in Newsletter | 0 comments

Webinar: Get Tough on Corrective Actions Presenter: Larry Whittington Date: Wednesday, August 8, 2012 Time: 1:00 PM ET (10:00 AM PT) Duration: One Hour Price: $199 Click Here to Register Overview Do you seem to be reporting some of the same nonconformities from audit to audit? Isn’t that frustrating? Why isn’t the auditee fixing the problems? It may be partly your fault. Accepting weak corrective actions will lead to repeat nonconformities. Why are organizations having a hard time taking effective corrective action? It may be...

Read More

Webinar – Auditee Bill of Rights

Aug 1, 2012 in Newsletter | 0 comments

Webinar: The Auditee Bill of Rights Presenter: Larry Whittington Date: Wednesday, August 1, 2012 Time: 1:00 PM ET (10:00 AM PT) Duration: One Hour Price: $199 Click Here to Register Overview As an audited organization, do you stand up for your rights? Or, to avoid conflict, do you just accept whatever comes your way during the audit experience? Maybe it is time for an Auditee Bill of Rights! This one-hour webinar will explain your rights as an auditee. You’ll learn what to expect and demand from your auditors and certification bodies....

Read More

Environmental Assessments

Aug 1, 2012 in Newsletter | 0 comments

ISO 14044:2006 specifies environmental management requirements and guidance for life cycle assessment (LCA) studies and life cycle inventory (LCI) studies. Two ISO technical reports have been published this year that provide life cycle assessment examples. ISO/TR 14047:2012, Environmental management – Life cycle assessment – Illustrative examples on how to apply ISO 14044 to impact assessment situations, provides examples to illustrate the current practice of life cycle impact assessments. ISO/TR 14049:2012, Environmental...

Read More

Audit Conference

Aug 1, 2012 in Newsletter | 0 comments

Larry Whittington will speak on “Audit Sampling” at the 21st Annual ASQ Audit Conference on October 11-12, 2012 in Augusta, GA. Auditors know it may not be practical to examine all available evidence due to its volume and dispersal. In those cases, a sample is selected to evaluate against the audit criteria and form the audit conclusion. The risk is that the sample may not be representative of the total set of people, documents, practices, and records being assessed. As a result, the audit conclusion may be different than if the...

Read More

Business Continuity

Jul 1, 2012 in Newsletter | 0 comments

The new ISO 22301:2012 standard, Societal security – Business continuity management systems – Requirements, will help organizations, regardless of their size, location, or activity, be better prepared and more confident in handling disruptions of any type. Incidents can disrupt an organization at any time and applying ISO 22301 will ensure that organizations can respond to and continue their operations. Incidents take many forms, ranging from large scale natural disasters and acts of terror, to technology-related accidents and...

Read More

Complaints to ISO

Jul 1, 2012 in Newsletter | 0 comments

The ISO organization wants to positively promote its “ISO brand” by ensuring certification is performed and used in a way that builds its credibility in the market. Therefore, monitoring accredited certification is of special interest to ISO in view of the exponential growth of certificates. It is often difficult for consumers to identify with whom a complaint should be filed, and what to do when a satisfactory response is not received. As a result, ISO has established a Complaints web page. The objective is to make it easier for...

Read More

Most Annoying Business Jargon

Jul 1, 2012 in Newsletter | 0 comments

The following is an edited version of a Forbes article by Max Mallet, Brett Nelson, and Chris Steiner on the Most Annoying Business Jargon. The next time you feel the need to reach out, touch base, shift a paradigm, leverage a best practice, or join a tiger team, by all means do it. Just don’t say you’re doing it. If you have to ask why, chances are you’ve fallen under the poisonous spell of business jargon. No longer solely the province of consultants, investors, and business-school types, this annoying gobbledygook has...

Read More

New Clauses for ISO Standards

Jul 1, 2012 in Newsletter | 0 comments

ISO has developed Guide 83 to align the clause structure for all management system standards. Where practical, the next revision of management standards such as ISO 9001 (quality) and ISO 14001 (environment) will have identical clause titles, sequence of clauses, definitions, and as much identical text as feasible. The planned clause structure is shown below. The first three clause titles are identical to current management system standards, but clause 4 through 10 are much different. 1. Scope 2. Normative references 3. Terms and...

Read More

Software User Manuals

Jun 2, 2012 in Newsletter | 0 comments

An article by Richard Hodkinson in the ISO Focus+ magazine states that before using a new software product, we need to understand how it can help us accomplish a given task. Its documentation may be the first tangible item we see, and therefore, influences our first impression of the software product. If the information is supplied in a convenient form, and is easy to find and understand, we can quickly become proficient at using the product. Hence, well-designed documentation not only assists the user and helps to reduce the cost of training...

Read More

ISO 14001 Revision

Jun 2, 2012 in Newsletter | 0 comments

The ISO 14001 environmental standard has begun the process for its second revision. Since published in 1996, and revised in 2004, it has been adopted by more than 250,000 certified users in 155 countries. ISO/TC 207, the technical committee for ISO 14001, has asked its Working Group 5 that is responsible for the revision process to consider two significant pieces of work: 1. The High Level Structure for Management System Standards (MSS) The aim of this work is to standardize the structure and core requirements of MSS to facilitate the...

Read More

Education Standard

Jun 2, 2012 in Newsletter | 0 comments

A revised version of the ASQ/ANSI Z1.11 standard is available for education organizations. The American National Standard specifies quality system requirements where an education organization needs to: establish confidence in its ability to design, develop, deliver instruction, evaluate students, support research, provide public service, and maintain its support services to fulfill education requirements, satisfy customers, and meet expectations of interested parties, and maintain conformity to applicable legal and regulatory...

Read More

Emergency Standard

Jun 2, 2012 in Newsletter | 0 comments

To minimize the impact of disasters, terrorist attacks, and other major incidents, a new international standard is available for emergency management. ISO 22320:2011, Societal Security – Emergency Management – Requirements for Incident Response , is expected to save lives, mitigate harm and damage, and ensure continuity of basic services such health, rescue services, water and food supplies, and electricity and fuel delivery. Any response following an incident might include the participation of both public and private organizations...

Read More

Reactive Maintenance

Jun 2, 2012 in Newsletter | 0 comments

The data below illustrates the level of reactive maintenance performed by IndustryWeek’s Best Plants winners and finalists over the past five years. How does your organization compare? The data is the percent (%) of reactive maintenance work, in response to unexpected machine or equipment breakdown: 2007 Median = 17.3 Average = 23.2 Minimum = 0.8 Maximum = 75.5 2008 Median = 6.5 Average = 18.1 Minimum = 0.8 Maximum = 70.0 2009 Median = 15.0 Average = 25.9 Minimum = 0.8 Maximum = 80.0 2010 Median = 33.0 Average = 27.8 Minimum =...

Read More

Standards for Records

May 1, 2012 in Newsletter | 0 comments

In the wake of recent failures in corporate governance, two new ISO standards should help organizations to disclose corporate information quickly and effectively. Increased pressure by industry regulators requires companies to provide such information because irregularities in financial management, ethical dealings, disclosure, and transparency of decisions have unfortunately become common. According to ISO, these new standards for records distil the expertise of experts drawn from 27 countries on five continents: ISO 30300:2011, Information...

Read More

ISO on YouTube

May 1, 2012 in Newsletter | 0 comments

ISO has videos on YouTube that might be of interest as brief overviews of different management systems. The following videos are each less than a minute in duration: ISO and Social Responsibility (0:47) ISO and the Environment (0:47) ISO and Energy Management (0:54) ISO and Food Safety (0:48) ISO and Health Care (0:43) These longer ISO videos are also available: ISO Video for Business and Government (2:06) ISO 14001 – The World’s EMS Standard (5:08) The ISO 9001 Family – Global Management Standards (7:31) I Have a Dream...

Read More

Data Breaches

May 1, 2012 in Newsletter | 0 comments

Despite rising concerns that cyber-attacks are growing more and more sophisticated, hackers used relatively simple methods for 97% of data breaches last year, according to a report compiled by Verizon. A Computerworld article states the findings suggest that organizations are overlooking basic precautions even as they buy new security systems. Verizon also found that in 80% of attacks, hackers hit so-called victims of opportunity — poorly defended sites that happen to catch their eye — rather than targeting specific...

Read More

Standards Alert

May 1, 2012 in Newsletter | 0 comments

Do you want an easy way to be alerted when a new edition of a specific ISO standard is published? Your organization may use multiple ISO standards related to its products, services, and management system, and will need access to the latest editions. However, it can be time consuming to monitor for any updates to these documents. There is a simple solution. Go to the Log In web page at the Standards Store on the American National Standards Institute (ANSI) web site to set up a free account. Then, search for an ISO standard and instead of...

Read More

SWEBOK Guide V3

May 1, 2012 in Newsletter | 0 comments

Volunteers are in the process of refreshing the Guide to the Software Engineering Body of Knowledge – SWEBOK – adding new knowledge areas (KAs) and revising others. For the latest materials available for public review, please check the SWEBOK V3 Public Review site. Each of the 15 KAs will be posted online when they become available for review. Three knowledge areas are currently available for public review: Software Engineering Models and Methods Software Maintenance Mathematical Foundations Notification will be provided as other...

Read More

FDA and ISO 13485

Apr 1, 2012 in Newsletter | 0 comments

The Food and Drug Administration (FDA) has issued the Medical Device ISO 13485:2003 Voluntary Audit Report Submission Pilot Program and it is expected to go live in June 2012. The ten page guidance document shares the FDA framework for manufacturers, in good compliance with QMS / QSR requirements, to voluntarily submit ISO 13485 reports and certifications to the FDA. This will allow the FDA to remove the manufacturer from the FDA inspection schedule for 12 months. This guidance provides information on the implementation of section 228 of the...

Read More

ISO 20000 Guidance

Apr 1, 2012 in Newsletter | 0 comments

The ISO 20000-2:2005 Code of Practice has been replaced by ISO 20000-2:2012, Information Technology – Service Management – Part 2: Guidance on the Application of Service Management Systems. ISO 20000-2:2012 provides guidance on the application of service management systems based on the requirements in ISO 20000-1:2011. It enables organizations and individuals to interpret ISO 20000-1 more accurately and, therefore, to use it more effectively. The guidance includes examples and suggestions to enable organizations to interpret and...

Read More

Performance Metrics

Apr 1, 2012 in Newsletter | 0 comments

This article was written by Duke Okes, one of our Associates. He is the author of a popular book on Root Cause Analysis and teaches our Root Cause Analysis course. He has developed a new course on Measuring Process and Organizational Performance (see the course description at the end of this article). Although metrics are a necessary component for managing organizational performance, they often elicit behaviors at odds with actual needs. In order to optimize the use of metrics, an organization should use a structured process to select them,...

Read More

Ten Commandments

Apr 1, 2012 in Newsletter | 0 comments

These Ten Commandments for top management are based on ISO 9001, clause 5, Management Responsibility, and were presented by Rick Giguere at a conference in Tampa this year for National Quality Assurance (NQA) auditors. I. Thou shalt be committed to your quality management system and continually strive to improve its effectiveness, (5.1). II. Thou shalt aim to enhance customer satisfaction, (5.2). III. Thou shalt believe in your quality policy and foster an environment for others to believe, (5.3). IV. Thou shalt live your quality policy by...

Read More

ISO: Farm to Fork

Apr 1, 2012 in Newsletter | 0 comments

ISO’s solutions for ensuring quality and safety in the food industry are the subject of a new brochure, “ISO & food”, which provides a concise overview of the International Standards available and how they can help. Today more than ever, food products regularly cross national boundaries at every stage of the supply chain. ISO standards create confidence in the products we eat or drink by ensuring the world uses the same recipe when it comes to food quality, safety, and efficiency. The new 4 page brochure explains the...

Read More

Software Assurance

Mar 1, 2012 in Newsletter | 0 comments

Software assurance (SwA) is the level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its life cycle, and that the software functions in the intended manner. The Department of Homeland Security sponsors a Software Assurance web site to enable greater resilience of cyber assets. Software is essential to the operation of the Nation’s critical infrastructure. Vulnerabilities in software can jeopardize intellectual property, consumer trust,...

Read More

SPCC Plan Review

Mar 1, 2012 in Newsletter | 0 comments

If you have a Spill Prevention, Control, and Countermeasure (SPCC) plan, the EPA requires you to review your plan at least every 5 years. This review gives you an opportunity to see if your plan needs amending based on more effective prevention and control technology. Plans must also be amended when there is a change in the facility design, construction, operation, or maintenance that materially affects its potential for a discharge. According to the Enviro.BLR.com web site, some frequently asked questions on amending an SPCC plan are: 1. As...

Read More

Spill Notice

Mar 1, 2012 in Newsletter | 0 comments

Under the federal Spill Prevention, Control, and Countermeasure (SPCC) regulations, if your facility has discharged more than 1,000 U.S. gallons of oil in a single discharge, or 42 U.S. gallons of oil in two separate discharges occurring within any 12-month period, you are required to submit a notice regarding that spill to your applicable Environmental Protection Agency (EPA) administrator within 60 days of the spill or release. In addition to the notice requirements, the EPA may also require you to amend your facility’s SPCC Plan to...

Read More

AS91xx Transition

Mar 1, 2012 in Newsletter | 0 comments

The IAQG Other Party Management (OPMT) has updated the Supplement Rules Document (SR001) that provides transition requirements for all stakeholders (e.g., Accreditation Bodies, Certification Bodies, Certified Organizations). The document was updated to incorporate the IAQG Executive Committee’s decision to adjust the consequences for not meeting the July 1, 2012 transition target date. The IAQG Executive Committee’s decision resulted in the following changes: 1. The July 1, 2012 target remains in place, but the suspension process...

Read More

Supplier Delivery

Mar 1, 2012 in Newsletter | 0 comments

According to a recent Industry Week article, a manufacturing company’s ability to perform well is directly linked to a well-performing supply chain. Supply chain partners can impact quality, product development, and inventory A failure by suppliers to deliver on time can cause manufacturers to deliver late or carry excess inventory on a just-in-case basis. Neither outcome is good How well do you (as a supplier) and your suppliers compare to those of Industry Week’s Best Plants winners and finalists last year? Their suppliers...

Read More

More on ISO 19011

Feb 1, 2012 in Newsletter | 0 comments

The ISO 19011:2011 auditing standard has a new name, “Guidelines for Auditing Management Systems”. The prior edition, ISO 19011:2002, limited its audit guidance to just quality and environmental systems. The new standard has broadened its scope to the auditing of any management system, but has reduced its focus to internal (first-party) and supplier (second-party) audits. Requirements for management system certification (third-party) audits are provided in ISO 17021:2011 (see my March 2011 article). ISO 19011:2011 provides guidance...

Read More

ISO/TR 27008:2011

Feb 1, 2012 in Newsletter | 0 comments

ISO/TR 27008:2011, Information technology – Security techniques – Guidelines for auditors on information security controls, is a new Technical Report (TR) that provides technical controls and compliance guidelines for auditors to help improve the effectiveness of an organization’s information security system. The document supports a rigorous organizational security audit and review program for information security controls, to enable the organization to have confidence that their controls have been appropriately implemented...

Read More

Audit Definitions

Feb 1, 2012 in Newsletter | 0 comments

The ISO 19011:2011 audit guidance standard has revised audit definitions, expanded related notes, and added new definitions. Some examples of these changes are described below. The definition of audit remains: a systematic, independent, and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled. Its revised note clarifies that the purpose of an internal audit may be to confirm the effectiveness of the management system or to obtain information for the...

Read More

Future ISO 9001

Feb 1, 2012 in Newsletter | 0 comments

In October 2010, the ISO technical committee that developed the ISO 9000 series of standards launched a major survey of existing and potential users of ISO 9001 in 122 countries. The survey objective was to better understand user needs, identify opportunities for improvement, and guide the long-term strategic direction for quality management. The worldwide survey was conducted in 11 languages (Arabic, Chinese, English, French, German, Italian, Japanese, Korean, Portuguese, Russian, and Spanish) and received 11,722 responses. Although the full...

Read More

Top Tech Trends

Jan 1, 2012 in Newsletter | 0 comments

Deloitte has issued its “Tech Trends 2012” report, which identifies and predicts the top 10 emerging and disruptive technologies that are expected to play a crucial role in how businesses are anticipated to operate globally in 2012 and beyond. According to Mark White, Principal and Chief Technology Officer, Deloitte Consulting LLP and co-author of the report, as we head into 2012, many CIOs are evaluating the various aspects of IT, looking ahead to the new technologies that can help them drive business growth in the years ahead. He...

Read More

Certificates by Country

Jan 1, 2012 in Newsletter | 0 comments

According to the recently released ISO Survey of Certifications, the top countries for certifications at the end of 2010 for ISO 9001, ISO 14001, ISO/TS 16949, ISO 13485, and ISO 27001 were: ISO 9001 Top 10 countries for ISO 9001 certificates (change): 1. China: 297,037 (+39,961) 2. Italy: 138,892 (+8,826) 3. Russian Federation: 62265 (+9,113) 4. Spain: 59,854 (-278) 5. Japan: 59,287 (-9,197) 6. Germany: 50,583 (3,427) 7. United Kingdom: 44,849 (3,656) 8. India: 33,250 (-4,243) 9. USA: 25,101 (-3,834) 10. Republic of Korea: 24,778 (+1,378) ISO...

Read More

Conformity Assessment

Jan 1, 2012 in Newsletter | 0 comments

The ISO Committee on conformity assessment (ISO/CASCO): prepares standards relating to the practice of testing, inspection, and certification; studies means of assessing the conformity of products, processes, services, and management systems to appropriate standards; and promotes mutual recognition of national conformity assessment systems. “Conformity assessment” is the term given to the processes that are used to demonstrate that a product, service, management system, or body meets specified requirements. These requirements are...

Read More

Safety Violations

Jan 1, 2012 in Newsletter | 0 comments

The following data is OSHA’s Top 10 list of the most frequently cited violations for fiscal year 2011, covering the period of Oct. 1, 2010, through Sept. 30, 2011. 1. Fall Protection Violations: 7,139 Standard: 1926.501 This standard defines where fall protection is required, the systems appropriate for given situations, the proper construction and installation of safety systems, and the proper supervision of employees to prevent falls. It is designed to protect employees on walking and working surfaces (horizontal or vertical) with an...

Read More

Container Violations

Jan 1, 2012 in Newsletter | 0 comments

According to a recent article in the Environmental Ezine, if you are a generator of hazardous waste, the first stop an inspector will likely make when conducting an inspection at your facility is the hazardous waste accumulation or storage area. This might be because there are a few common mistakes generators tend to make in connection with their hazardous waste containers. The article lists the most common container violations as: 1. Not keeping containers closed. Inspectors often observe hazardous waste drums that have been left open during...

Read More