2017 Newsletter Articles

IAF on ISO 9001 and ISO 14001

Dec 1, 2017 in Newsletter | Comments Off on IAF on ISO 9001 and ISO 14001

The International Accreditation Forum (IAF) has posted this notice at their website: IAF has published a communiqué entitled ‘Important information for Certification Bodies regarding transition to ISO 9001 and ISO 14001′ following the passing of IAF Resolution 2017-13, which states that as of 15 March 2018, conformity assessment bodies must conduct all ISO 9001 and ISO 14001 initial, surveillance and re-certification audits to the new versions – ISO 9001:2015 and ISO 14001:2015.   This resolution continues the efforts of...

Read More

ISO 9001:2015 Classes in Orlando

Dec 1, 2017 in Newsletter | Comments Off on ISO 9001:2015 Classes in Orlando

Larry Whittington will be the instructor for these ISO 9001:2015 classes in Orlando, Florida: IISO 9001:2015 Requirements December 18-19, 2017 (confirmed) February 5-6, 2018 ISO 9001:2015 Internal Auditor December 18-20, 2017 (confirmed) February 5-7, 2018 ISO 9001:2015 Lead Auditor December 18-21, 2017 (confirmed) February 5-8, 2018 Click on a course title to view the course description and enroll in a class. If you have questions about the training, or the registration process, please call...

Read More

Internal Audit Requirements

Dec 1, 2017 in Newsletter | Comments Off on Internal Audit Requirements

ISO management system standards are required to adopt the high-level structure, identical core text, and common terms and definitions of Annex SL of the ISO Directives, Part 1. The Annex SL base text for clause 9.2, Internal Audit, is shown below, and followed by the actual internal audit requirements for these management system standards: ISO 9001:2015 ISO 14001:2015 AS9100:2016; AS9110:2016; AS9120:2016 IATF 16949:2016 ISO 27001:2013. Annex SL 9.2 Internal audit 9.2.1 The organization shall conduct internal audits at planned intervals to...

Read More

ISO 27007 Audit Guidance

Dec 1, 2017 in Newsletter | Comments Off on ISO 27007 Audit Guidance

The second edition of ISO 27007, “Information technology – Security techniques – Guidelines for information security management systems auditing,” has been published. ISO 27007:2017 provides guidance on managing an information security management system (ISMS) audit program, on conducting audits, and on the competence of ISMS auditors. It gives guidance for auditing all the requirements stated in ISO 27001. ISO 27007 is intended to be used in conjunction with the audit guidance contained in ISO 19011:2011, and...

Read More

Millennials and Cybersecurity

Dec 1, 2017 in Newsletter | Comments Off on Millennials and Cybersecurity

Although millennials grew up as a tech-savvy generation, a ConsumerAffairs.com article says they appear to have a more relaxed attitude toward cybersecurity than their parents. A recent FirstData study shows that baby boomers are generally more concerned about security than their younger peers. The researchers found that, overall, boomers did a better job of protecting personal information than millennials. The study highlights two areas where millennials could do a better job — passwords and the use of social media. Reusing...

Read More

Quality Manual Templates

Dec 1, 2017 in Newsletter | Comments Off on Quality Manual Templates

We have quality manual templates for IATF 16949:2016, AS9100D, AS9110C, AS9120B, and ISO 9001:2015-based quality management systems: IATF 16949:2016 Quality Manual Template, 67 pages ($150) AS9100D:2016 Quality Manual Template, 42 pages ($135) AS9110C:2016 Quality Manual Template, 43 pages ($135) AS9120B:2016 Quality Manual Template, 40 pages ($135) ISO 9001:2015 Quality Manual Template, 29 pages ($95) We have a policy manual template for an ISO 14001:2015-based environmental management system, and a policy manual template for...

Read More

Gap Analysis Checklists

Dec 1, 2017 in Newsletter | Comments Off on Gap Analysis Checklists

Larry Whittington has developed ISO 9001:2015 and ISO 14001:2015 checklists for the purpose of conducting a gap analysis of your current system against the new and changed requirement of the new standards. ISO 9001:2015 Gap Analysis Checklist  The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations. To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy...

Read More

ISO 9001:2015 Classes in Orlando, Florida

Nov 1, 2017 in Newsletter | Comments Off on ISO 9001:2015 Classes in Orlando, Florida

Larry Whittington will be the instructor for these ISO 9001:2015 classes in Orlando, Florida: ISO 9001:2015 Requirements December 18-19, 2017 ISO 9001:2015 Internal Auditor December 18-20, 2017 ISO 9001:2015 Lead AuditorDecember 18-21, 2017 Click on a course title to view the course description and enroll in a class. If you have questions about the training, or the registration process, please call...

Read More

ISO 14001:2005 Changes – Clause 9

Nov 1, 2017 in Newsletter | Comments Off on ISO 14001:2005 Changes – Clause 9

9. Performance Evaluation 9.1 Monitoring, Measurement, Analysis, and Evaluation 9.1.1 Changes – General Replaces old 4.5.1 on Monitoring and Measurement Adds to communicate environmental performance and effectiveness of EMS Adds to determine criteria for evaluating environmental performance (and indicators) Adds “what” and “when” for monitoring and measurement Adds “when” for analysis and evaluation 9.1.2 Changes – Evaluation of Compliance Replaces old 4.5.2 on Evaluation of...

Read More

ISO 14001:2015 Changes – Clause 10

Nov 1, 2017 in Newsletter | Comments Off on ISO 14001:2015 Changes – Clause 10

10. Improvement 10.1 Changes – General New clause. Improvements determined by: monitoring, measuring, analysis, evaluation (9.1) internal audit (9.2) management review (9.3) Take actions to achieve “intended outcomes” referenced in 4.1, 4.4, 5.1.f, and 6.1.1. 10.2 Changes – Nonconformity and Corrective Action Replaces old 4.5.3 on Nonconformity, Corrective Action, and Preventive Action Drops need for separate preventive action Preventive concept covered by 4.1 and 6.1 Adds to deal with consequences of...

Read More

ISO 13485:2016 Handbook

Nov 1, 2017 in Newsletter | Comments Off on ISO 13485:2016 Handbook

This article is an edited version of an ISO news release. The medical devices industry is one of the most highly regulated sectors in the world. Significant quality systems and product requirements must be satisfied to ensure the medical devices produced are fit for their intended purpose. Medical devices range from simple bandages and tongue depressors to the most sophisticated radiotherapy equipment, implants, and software for disease screening. These medical devices play a key role in the welfare of the public, whose safety depends on the...

Read More

IATF 16949 Interpretations and FAQs

Nov 1, 2017 in Newsletter | Comments Off on IATF 16949 Interpretations and FAQs

The International Automotive Task Force (IATF) has issued the first set of IATF 16949:2016 “Sanctioned Interpretations” and “Frequently Asked Questions”. The sanctioned interpretations are for these clauses: S1. Definition of customer requirements (3.1) S2. Product safety (4.4.1.2) S3. Contingency plans (6.1.2.3) S4. Internal auditor competency (7.2.3) S5. Quality management system documentation (7.5.1.1) S6. Special characteristics (8.3.3.3) S7. Type and extent of control – supplemental (8.4.2.1) S8. Supplier...

Read More

Quality Manual Templates

Nov 1, 2017 in Newsletter | Comments Off on Quality Manual Templates

We have quality manual templates for IATF 16949:2016, AS9100D, AS9110C, AS9120B, and ISO 9001:2015-based quality management systems: IATF 16949:2016 Quality Manual Template, 67 pages ($150) AS9100D:2016 Quality Manual Template, 42 pages ($135) AS9110C:2016 Quality Manual Template, 43 pages ($135) AS9120B:2016 Quality Manual Template, 40 pages ($135) ISO 9001:2015 Quality Manual Template, 29 pages ($95) We have a policy manual template for an ISO 14001:2015-based environmental management system, and a policy manual template for...

Read More

Gap Analysis Checklists

Nov 1, 2017 in Newsletter | Comments Off on Gap Analysis Checklists

Larry Whittington has developed ISO 9001:2015 and ISO 14001:2015 checklists for the purpose of conducting a gap analysis of your current system against the new and changed requirement of the new standards. ISO 9001:2015 Gap Analysis Checklist The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations. To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the...

Read More

ISO 9001:2015 Classes in Orlando

Oct 2, 2017 in Newsletter | Comments Off on ISO 9001:2015 Classes in Orlando

Larry Whittington will be the instructor for these ISO 9001:2015 classes in Orlando, Florida: ISO 9001:2015 Requirements  December 18-19, 2017 ISO 9001:2015 Internal Auditor  December 18-20, 2017 ISO 9001:2015 Lead Auditor  December 18-21, 2017 Click on a course title to view the course description and enroll in a class. If you have questions about the training, or the registration process, please call...

Read More

ISO 14001:2005 Changes – Clause 7

Oct 2, 2017 in Newsletter | Comments Off on ISO 14001:2005 Changes – Clause 7

7. Support 7.1 Changes – Resources Accepts Annex SL text without change Replaces old clause 4.4.1 on Resources, Roles, Responsibility, and Authority Management Representative not required Resources can include: human resources (specialized skills and knowledge); natural resources; technology; financial resources; infrastructure (buildings, equipment, underground tanks, and drainage system). 7.2 Changes – Competence Replaces “Competence” part of old 4.4.2 on Competence, Training, and Awareness Changes from persons...

Read More

ISO 14001:2015 Changes – Clause 8 

Oct 2, 2017 in Newsletter | Comments Off on ISO 14001:2015 Changes – Clause 8 

8. Operation 8.1 Changes – Operational Planning and Control Replaces old clause 4.4.6 on Operational Control Introduces the term “life cycle perspective” Adds to determine environmental requirements for procurement of products and services Adds to consider providing information on potential significant environmental impacts during: transportation or delivery; use and end-of-life treatment; final disposal of products and services. Introduces the term “outsourced” process and need to define extent of control or...

Read More

IATF 16949:2016 Changes

Oct 2, 2017 in Newsletter | Comments Off on IATF 16949:2016 Changes

ISO/TS 16949:2009 was based on ISO 9001:2008 and included both sets of requirements. IATF 16949:2016 includes references to ISO 9001:2015 clauses, but you need the ISO 9001:2015 standard to view its requirements. The key changes from ISO 9001:2008 to ISO 9001:2015 are listed below with bullet points. The main changes from ISO/TS 16949:2009 to IATF 16949:2016 are indicated below with + signs. ISO 9001:2015 Changes *   Annex SL clause structure and common text *   Expanded applicability to service organizations *   Organizational...

Read More

ISO 14001:2015 Interpretations

Oct 2, 2017 in Newsletter | Comments Off on ISO 14001:2015 Interpretations

The ISO/TC 207/SC 1 sub-committee has a process for managing interpretations of ISO 14001:2015. If you’d like to view the interpretations for the questions below, go to this ISO/TC 207/SC 1 web page. 1. ISO 14001:2015 has a very different structure than the two previous versions. Our documentation is aligned to the clauses that existed in the previous version. Do we have to restructure our documentation to follow the new clause structure? 2. Are the references to other standards in the Notes to Entry in Clause 3 (Terms and...

Read More

ISO Certificate Survey

Oct 2, 2017 in Newsletter | Comments Off on ISO Certificate Survey

ISO has released the results of its annual survey of certifications. My summary below shows the number of worldwide certificates as of year-end 2016 for eight of management system standards, along with the USA totals and the top ten countries for each standard. ISO 9001 (Quality): 2008 and 2015 Editions Certificates in 2016 = 1,106,356 (USA = 30,474) Certificates in 2015 = 1,034,180 (USA = 33,103) Increase = + 72,176 (USA = – 2,629) Percentage = + 7 % (USA = – 8 %) 1. China = 350,631 2. Italy = 150,143 3. Germany = 66,233 4....

Read More

Gap Analysis Checklists

Oct 2, 2017 in Newsletter | Comments Off on Gap Analysis Checklists

Larry Whittington has developed ISO 9001:2015 and ISO 14001:2015 checklists for the purpose of conducting a gap analysis of your current system against the new and changed requirement of the new standards. ISO 9001:2015 Gap Analysis Checklist The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations. To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the...

Read More

Quality Manual Templates

Oct 2, 2017 in Newsletter | Comments Off on Quality Manual Templates

We’re pleased to announce that we now have quality manual templates available for IATF 16949:2016, AS9100D, AS9110C, and AS9120B-based quality management systems: IATF 16949:2016 Quality Manual Template, 67 pages ($150) AS9100:2016 Quality Manual Template, 42 pages ($135) AS9110:2016 Quality Manual Template, 43 pages ($135) AS9120:2016 Quality Manual Template, 40 pages ($135) In addition, we have an ISO 9001:2015 quality manual template, ISO 14001:2015 policy manual template, and an integrated QMS-EMS policy manual template: ISO...

Read More

ISO 9001:2015 Gap Analysis Checklist

Sep 1, 2017 in Newsletter | Comments Off on ISO 9001:2015 Gap Analysis Checklist

The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations. To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the checklist for $95. ISO 14001:2015 Gap Analysis Checklist The 17 page ISO 14001:2015 Gap Analysis Checklist contains 213 questions for organizations new to ISO 14001, and 96 delta questions for ISO 14001:2004 certified organizations. To read a...

Read More

ISO 45001 Draft Approved

Sep 1, 2017 in Newsletter | Comments Off on ISO 45001 Draft Approved

The second draft of the new ISO 45001 standard has been approved. Its title will be “Occupational health and safety management systems – Requirements with guidance for use”.  It is expected to be published in late 2017 or early 2018. Over 6300 people die each day from work-related accidents or diseases – that’s nearly 2.3 million every year, according to the International Labor Organization (ILO). The burden of occupational injuries and diseases is significant, both for employers and the wider economy, resulting...

Read More

New Edition of ISO 9004

Sep 1, 2017 in Newsletter | Comments Off on New Edition of ISO 9004

The 3rd edition of ISO 9004 was released in 2009 and titled “Managing for the sustained success of an organization – A quality management approach”. The 4th edition of ISO 9004 is titled “Quality management – Quality of an organization – Guidance to achieve sustained success”. The revised ISO 9004 version is due to be published in 2018. ISO 9004 provides a framework, based on a quality management approach, for organizations to achieve ongoing success by identifying their strengths and weaknesses, and...

Read More

Auditing Outsourced Audits

Sep 1, 2017 in Newsletter | Comments Off on Auditing Outsourced Audits

Many organizations have chosen to outsource the internal audits of their management system. They do this for a variety of reasons: use of more competent and experienced auditors no more training auditors and then replacing them volunteer auditors can be kept at their regular jobs more impartial, objective auditors and audit reports emphasis on evaluating effectiveness of processes focus on identifying opportunities for improvement However, you still need to ensure that an outsourced audit meets requirements. The external auditor may ask...

Read More

ISO 14001:2015 Changes – Clause 6

Sep 1, 2017 in Newsletter | Comments Off on ISO 14001:2015 Changes – Clause 6

6. Planning 6.1 Actions to Address Risks and Opportunities 6.1.1 Changes – General 6.1.1 is a new clause on risks and opportunities Adds to consider internal and external issues from 4.1 Adds to consider requirements of interested parties from 4.2 Adds to document risks and opportunities Must document processes for 6.1 to extent needed for confidence carried out as planned Auditors don’t determine risks or opportunities; they assess application of risk methodology ISO 14001:2004 in 4.1 – 4.6 does not mention...

Read More

ISO 14001:2005 Changes – Clause 5

Sep 1, 2017 in Newsletter | Comments Off on ISO 14001:2005 Changes – Clause 5

5. Leadership 5.1 Changes – Leadership and Commitment New clause on leadership and commitment Identifies actions for top management’s personal involvement, direction, and support Adds to ensure policy and objectives are compatible with “strategic direction” Adds to ensure EMS requirements are integrated into business processes Top management is critical to EMS success May delegate some responsibilities, but still accountable to ensure they are performed Adds to Annex SL that top management must take accountability for...

Read More

ISO 9001:2015 Classes in Orlando, Florida

Sep 1, 2017 in Newsletter | Comments Off on ISO 9001:2015 Classes in Orlando, Florida

Larry Whittington will be the instructor for these ISO 9001:2015 classes in Orlando, Florida: ISO 9001:2015 Requirements September 18-19, 2017 (Confirmed – Crowne Plaza Universal) December 18-19, 2017 ISO 9001:2015 Internal Auditor September 18-20, 2017 (Confirmed – Crowne Plaza Universal) December 18-20, 2017 ISO 9001:2015 Lead Auditor September 18-21, 2017 (Confirmed – Crowne Plaza Universal) December 18-21, 2017 Click on a course title to view the course description and enroll in a class. If you have questions...

Read More

ISO 9001:2015 Quality Manual Template

Sep 1, 2017 in Newsletter | Comments Off on ISO 9001:2015 Quality Manual Template

Larry Whittington has developed a comprehensive, 24-page quality manual template for use by organizations new to ISO 9001:2015 and those moving to ISO 9001:2015 from ISO 9001:2008. ISO 9001:2015 does not require a quality manual, but most organizations are choosing to have one and update their policies for the new and changed requirements of ISO 9001:2015. Why are organizations making that decision? ISO 9001:2015 still requires specific documents be maintained, e.g., quality management system scope; justifications for any not applicable...

Read More

ISO 9001:2015 Classes in Orlando

Aug 1, 2017 in Newsletter | Comments Off on ISO 9001:2015 Classes in Orlando

Larry Whittington will be the instructor for these ISO 9001:2015 classes in Orlando, Florida: ISO 9001:2015 Requirements September 18-19, 2017 December 18-19, 2017 ISO 9001:2015 Internal Auditor September 18-20, 2017 December 18-20, 2017 ISO 9001:2015 Lead Auditor September 18-21, 2017 December 18-21, 2017 Click on a course title to view the course description and enroll in a class. If you have questions about the training, or the registration process, please call...

Read More

Guide for Implementing ISO 14001:2015

Aug 1, 2017 in Newsletter | Comments Off on Guide for Implementing ISO 14001:2015

“ISO 14001:2015 – Environmental management systems – A practical guide for SMEs” has been released. This handbook aims to help small businesses understand the requirements of an environmental management system and to help them successfully implement ISO 14001:2015. Implementing an environmental management system at a small business can be a challenge since technical resources, financial resources, and staff time are limited. The handbook shares expert advice, tools, templates, and lessons learned on the implementation...

Read More

ISO/IEEE 15289:2017

Aug 1, 2017 in Newsletter | Comments Off on ISO/IEEE 15289:2017

ISO/IEEE 15289:2017 specifies the purpose and content of all identified systems and software life-cycle information items, as well as, information items for information technology service management. The information item contents are defined according to generic document types and the specific purpose of the document. Information items are combined or subdivided as needed for project or organizational purposes. This standard is based on the life-cycle processes specified in: ISO/IEEE 12207:2008, Systems and software engineering –...

Read More

ISO 14001:2015 Changes – Clause 4

Aug 1, 2017 in Newsletter | Comments Off on ISO 14001:2015 Changes – Clause 4

This article summarizes the new and changed ISO 14001:2015 requirements in Clause 4 compared to ISO 14001:2004. 4. Context of the Organization 4.1 Changes – Understanding the Organization and its Context New requirement on context of organization. High-level, conceptual understanding of the important issues that affect the way the organization manages its environmental responsibilities. These issues are: important topics, problems for debate and discussion, or changing circumstances that affect ability to achieve intended...

Read More

Gap Analysis Checklists

Aug 1, 2017 in Newsletter | Comments Off on Gap Analysis Checklists

Larry Whittington has developed ISO 9001:2015 and ISO 14001:2015 checklists for the purpose of conducting a gap analysis of your current system against the new and changed requirement of the new standards. ISO 9001:2015 Gap Analysis Checklist The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations. To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the...

Read More

ISO 9001:2015 Classes in Orlando, Florida

Jul 1, 2017 in Newsletter | Comments Off on ISO 9001:2015 Classes in Orlando, Florida

Larry Whittington will be the instructor for these ISO 9001:2015 classes in Orlando, Florida: ISO 9001:2015 Requirements September 18-19, 2017 December 18-19, 2017 ISO 9001:2015 Internal Auditor September 18-20, 2017 December 18-20, 2017 ISO 9001:2015 Lead Auditor September 18-21, 2017 December 18-21, 2017 Click on a course title to view the course description and enroll in a class. If you have questions about the training, or the registration process, please call...

Read More

Configuration Management

Jul 1, 2017 in Newsletter | Comments Off on Configuration Management

ISO 10007:2017, “Quality management – Guidelines for configuration management”, provides guidance on the use of configuration management within an organization. It is applicable to the support of products and services from concept to disposal. The purpose of this third edition of ISO 10007 is to enhance understanding of the subject, promote the use of configuration management, and assist organizations applying configuration management to improve their performance. ISO 10007 outlines the responsibilities and authorities before...

Read More

Vulnerability Scoring System

Jul 1, 2017 in Newsletter | Comments Off on Vulnerability Scoring System

The Common Vulnerability Scoring System (CVSS) is an open framework for communicating the characteristics and severity of software vulnerabilities. CVSS consists of three metric groups: Base, Temporal, and Environmental. 1. Base group represents the intrinsic qualities of a vulnerability. 2. Temporal group reflects the characteristics of a vulnerability that change over time. 3. Environmental group represents the characteristics of a vulnerability that are unique to a user’s environment. CVSS is owned and managed by FIRST.org, a US-based...

Read More

AS9100D, AS9110C, and AS9120B Courses

Jul 1, 2017 in Newsletter | Comments Off on AS9100D, AS9110C, and AS9120B Courses

We have AS9100D, AS9110C, and AS9120B Requirements and Transition Guidance courses. You can view the course descriptions by clicking on the course titles below. If you are interested in scheduling a 2.5 day onsite class, please call us at 770-862-1766 or send an email to Larry@WhittingtonAssociates.com. AS9100D Requirements AS9100:2016 (Revision D) replaces AS9100:2009 (Revision C). Organizations must transition to AS9100D by September 15, 2018, the date that AS9100C will be withdrawn. Our 2.5 day AS9100D Requirements and Transition...

Read More

Gap Analysis Checklists

Jul 1, 2017 in Newsletter | Comments Off on Gap Analysis Checklists

Larry Whittington has developed ISO 9001:2015 and ISO 14001:2015 checklists for the purpose of conducting a gap analysis of your current system against the new and changed requirement of the new standards. ISO 9001:2015 Gap Analysis Checklist The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations. To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the...

Read More

ISO 9001:2015 Classes in Orlando, Florida

Jun 1, 2017 in Newsletter | Comments Off on ISO 9001:2015 Classes in Orlando, Florida

Larry Whittington will be the instructor for these ISO 9001:2015 classes in Orlando, Florida: ISO 9001:2015 Requirements  June 5-6, 2017 – Confirmed September 18-19, 2017 ISO 9001:2015 Internal Auditor June 5-7, 2017 – Confirmed September 18-20, 2017 ISO 9001:2015 Lead Auditor June 5-8, 2017 – Confirmed September 18-21, 2017 Click on one of the course titles above to view its course description and enroll in a class. If you have questions about the training, or the registration process, please call...

Read More

Technologies Impacting Supply Chain

Jun 1, 2017 in Newsletter | Comments Off on Technologies Impacting Supply Chain

A recent article posted at the Material Handling & Logistics website said that if your company wants to ensure its long-term survival, it had better take a close look at these technologies: drones, driverless vehicles, 3-D printing, wearable technology, and robotics. Of these technologies, the Global Supply Chain Institute thinks that Robotics will be the greatest potential disrupter over the next five years. The Institute stated that robots have been around for more than 50 years, but they have become dramatically more dynamic in the last...

Read More

Sustainable Procurement

Jun 1, 2017 in Newsletter | Comments Off on Sustainable Procurement

ISO 20400:2017, Sustainable procurement – Guidance, provides guidance to organizations, independent of their activity or size, on integrating sustainability within procurement, as described in ISO 26000:2010, Guidance on social responsibility. It is intended for stakeholders involved in, or impacted by, procurement decisions and processes . Procurement is a powerful instrument for organizations wishing to behave in a responsible way and contribute to sustainable development. By integrating sustainability in procurement policies and...

Read More

New MDR and IVDR Regulations

Jun 1, 2017 in Newsletter | Comments Off on New MDR and IVDR Regulations

The new European Medical Devices Regulation (MDR) and the In Vitro Diagnostic Regulation (IVDR) have been published in the Official Journal of the European Union. The transition period for manufacturers selling medical devices into Europe began on May 25, 2017. Medical Devices Regulation (MDR) – 2017/745 The MDR, which replaces the Medical Devices Directive (93/42/EEC) and Active Implantable Medical Devices Directive (90/385/EEC), has a transition period of three years. Manufacturers have until May 2020 to update their technical...

Read More

Gap Analysis Checklists

Jun 1, 2017 in Newsletter | Comments Off on Gap Analysis Checklists

Larry Whittington has developed ISO 9001:2015 and ISO 14001:2015 checklists for the purpose of conducting a gap analysis of your current system against the new and changed requirements of the new standards. ISO 9001:2015 Gap Analysis Checklist The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations. To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the...

Read More

ISO 9001:2015 Classes in Orlando

May 1, 2017 in Newsletter | Comments Off on ISO 9001:2015 Classes in Orlando

Larry Whittington will be the instructor for these ISO 9001:2015 classes in Orlando, Florida: ISO 9001:2015 Requirements June 5-6, 2017 September 18-19, 2017 ISO 9001:2015 Internal Auditor June 5-7, 2017 September 18-20, 2017 ISO 9001:2015 Lead Auditor  June 5-8, 2017  September 18-21, 2017 Click on one of the course titles above to view its course description and enroll in a class. If you have questions about the training, or the registration process, please call...

Read More

Nokia Threat Intelligence Report

May 1, 2017 in Newsletter | Comments Off on Nokia Threat Intelligence Report

The Nokia Threat Intelligence Report examines the trends for malware infections in devices connected through mobile and fixed networks. The key findings are summarized below. Mobile Networks The overall monthly smart phone infection rate averaged 0.90 percent in the second half of 2016. This is up 83 percent from the first half of 2016. Smart phone infections accounted for 85 percent of infections detected in mobile networks. The infection rate in mobile networks rose steadily throughout 2016, reaching a new high of 1.35 percent of devices in...

Read More

Management Review Template

May 1, 2017 in Newsletter | Comments Off on Management Review Template

If you want a copy of a management review template for recording your meeting results, please send a request to larry@whittingtonassociates.com. The template is a Word file. It includes clickable date fields for Review Date and Next Review, as well as, entries for the Chairperson and Recorder. The main sections of the template are Attendees, Topics, and Minutes. The names of the regular Attendees are listed and you click on the box next to their name to indicate their attendance. All the required Topics are listed with clickable boxes to...

Read More

ISMS Guidance in ISO 27003:2017

May 1, 2017 in Newsletter | Comments Off on ISMS Guidance in ISO 27003:2017

ISO 27003:2017, Information technology – Security techniques – Information security management systems – Guidance, has been published. It replaces ISO 27003:2010. The main changes in the second edition of ISO 27003 are: 1. The scope and title have been changed to cover the explanation of, and guidance on, the requirements of ISO 27001:2013 instead of those in ISO 27001:2005; 2. The structure is now aligned to the structure of ISO 27001:2013 to make it easier for ISO 27003:2017 to be used together with ISO 27001:2013; 3....

Read More

Gap Analysis Checklists

May 1, 2017 in Newsletter | Comments Off on Gap Analysis Checklists

Larry Whittington has developed ISO 9001:2015 and ISO 14001:2015 checklists for the purpose of conducting a gap analysis of your current system against the new and changed requirement of the new standards. ISO 9001:2015 Gap Analysis Checklist The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations. To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the...

Read More

Five Data Breach Threats

Apr 1, 2017 in Newsletter | Comments Off on Five Data Breach Threats

According to a recent Business News Daily article, securing sensitive information has never been more difficult with new malware threats that seem to pop up every single year. Being ready for a data breach is essential to survival if, or more likely, when one occurs. Based on Experian’s 2017 Data Breach Industry Forecast report, here are some of the cyber threats businesses can expect: 1. Aftershock password breaches will become more common Experian predicts that “aftershock” breaches, repeated unauthorized logins after...

Read More

ISO 9001:2015 Classes in Orlando

Apr 1, 2017 in Newsletter | Comments Off on ISO 9001:2015 Classes in Orlando

Larry Whittington will teach these ISO 9001:2015 classes in Orlando, Florida: ISO 9001:2015 Requirements April 10-11, 2017: Confirmed Class – Crowne Plaza – Orlando Universal June 5-6, 2017 September 18-19, 2017 ISO 9001:2015 Internal Auditor April 10-12, 2017: Confirmed Class – Crowne Plaza – Orlando Universal June 5-7, 2017 September 18-20, 2017 ISO 9001:2015 Lead Auditor April 10-13, 2017: Confirmed Class – Crowne Plaza – Orlando Universal June 5-8, 2017 September 18-21, 2017 Click on a course...

Read More

IATF 16949 Auditor Competency

Apr 1, 2017 in Newsletter | Comments Off on IATF 16949 Auditor Competency

IATF 16949:2016, the replacement standard for ISO/TS 16949:2009, includes new competency requirements for internal auditors and second-party auditors. 7.2.3 Internal Auditor Competency Organizations must maintain a documented process to verify that internal auditors are competent, considering any customer-specific requirements. A list of qualified internal auditors must be maintained. Quality management system auditors, manufacturing process auditors, and product auditors must be able to demonstrate the following minimum competencies...

Read More

Internal Audit: ISO 9001 and ISO 14001

Apr 1, 2017 in Newsletter | Comments Off on Internal Audit: ISO 9001 and ISO 14001

The clause 9.2 internal audit requirements for ISO 9001:2015 and ISO 14001:2015 are very similar, because they both incorporate the common Annex SL internal audit requirements. Internal Audit Requirements In the requirements summary below, Annex SL appears in blue italics, ISO 9001:2015 is shown in black font, and ISO 14001 text is distinguished by green font. 9.2.1 General Conduct internal audits at planned intervals to provide information on whether the quality (environmental) management system   a) conforms to: 1. organization’s own...

Read More

Gap Analysis Checklists

Apr 1, 2017 in Newsletter | Comments Off on Gap Analysis Checklists

Larry Whittington has developed ISO 9001:2015 and ISO 14001:2015 checklists for the purpose of conducting a gap analysis of your current system against the new and changed requirement of the new standards. ISO 9001:2015 Gap Analysis Checklist The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations. To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the...

Read More

ISO 9001:2015, Clause 4

Mar 4, 2017 in Newsletter | Comments Off on ISO 9001:2015, Clause 4

This article summarizes the ISO 9001:2015 requirements in Clause 4, Context of the Organization, and identifies the changes from ISO 9001:2008. 4. Context of the Organization 4.1 Understanding the Organization and its Context 4.2 Understanding the Needs and Expectations of Interested Parties 4.3 Determining the Scope of the Quality Management System 4.4 Quality Management System and its Processes 4.1 Understanding the Organization and its Context Determine the external and internal issues that: are relevant to the organization’s purpose...

Read More

Role of a Process Owner

Mar 4, 2017 in Newsletter | Comments Off on Role of a Process Owner

Processes need to be established, implemented, maintained, and improved for an organization to consistently deliver products and services that satisfy its customers. To ensure this happens, each process should have a named owner. What is a process? It is a set of interrelated or interacting activities that use inputs to deliver an intended result, for example, an output, product, or service. The inputs to a process are the outputs from other processes, and the outputs of a process are inputs to other processes. Processes are planned and...

Read More

Interested Parties

Mar 4, 2017 in Newsletter | Comments Off on Interested Parties

An “interested party”, according to ISO 9000:2015, 3.2.3, is a person or organization that can affect, be affected by, or perceive itself to be affected by, a decision or activity. ISO 9001:2015, 4.2, states that an organization must determine the interested parties that are relevant to its quality management system, along with the relevant requirements of those interested parties. The reason for doing this is that an interested party may affect an organization’s ability to consistently provide products and services that meet...

Read More

External and Internal Issues

Mar 4, 2017 in Newsletter | Comments Off on External and Internal Issues

ISO 9001:2015, 4.1, Understanding the organization and its context, states that an organization must determine the internal and external issues that are relevant to its purpose and strategic direction, and that affect its ability to achieve the intended quality results. It also requires the organization to monitor and review information about these external and internal issues. Note 1 in the standard says that issues can include positive and negative factors or conditions for consideration.   Note 2 states that understanding the external...

Read More

Examples of External Issues

Mar 4, 2017 in Newsletter | Comments Off on Examples of External Issues

According to ISO 9001:2015, 4.1, Note 2, external issues arise from legal, technological, competitive, market, cultural, social, and economic environments (local, regional, national, or international). Examples of external issues are: Supply chain disruption Loss of a key supplier Technology shifts Competitive pressures Money exchange rates Oil price changes Increased regulations Patent expirations Trade union regulations Ventures into new markets Changes in financial markets Tightening of lending from banks Funding for non-profits Scarcity...

Read More

Examples of Internal Issues

Mar 4, 2017 in Newsletter | Comments Off on Examples of Internal Issues

According to ISO 9001:2015, 4.1, Note 3, internal issues are related to values, culture, knowledge, and performance. Examples are: Structure of organization Implementation or transition to ISO 9001:2015 Expected retirement of key personnel Availability of reliable, qualified workforce Capacity for product production; service delivery Addition of a second shift for increased sales Aging machinery or obsolete equipment Aging workforce and new hires Formation of a labor union Relocation of the company Business performance Poor customer...

Read More

Gap Checklists

Mar 4, 2017 in Newsletter | Comments Off on Gap Checklists

Larry Whittington has developed ISO 9001:2015 and ISO 14001:2015 checklists for the purpose of conducting a gap analysis of your current system against the new and changed requirement of the new standards. ISO 9001:2015 Gap Analysis Checklist The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations. To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the...

Read More

ISO 9001:2015, Clause 5, Leadership

Feb 1, 2017 in Newsletter | Comments Off on ISO 9001:2015, Clause 5, Leadership

Top Management is defined in ISO 9000:2015, 3.1.1, as the person or group of people who directs and controls an organization at the highest level (within the scope of the quality management system). Top Management has the power to delegate authority and provide resources within the organization. Clause 5 of ISO 9001:2015 has three sub-clauses: 5. Leadership 5.1 Leadership and Commitment 5.2 Policy 5.3 Organizational Roles, Responsibilities, and Authorities This article summarizes the ISO 9001:2015 requirements in Clause 5 and highlights the...

Read More

RASCI Diagram

Feb 1, 2017 in Newsletter | Comments Off on RASCI Diagram

The RASCI Diagram can be used to clarify the roles and responsibilities for cross functional processes. It helps determine who is Responsible, Accountable, Supporting, Consulted, and Informed. The RASCI Diagram splits activities into five types of roles that make up the acronym RASCI: R = Responsible: the person(s) who performs the activity A = Accountable: the person held accountable for completion of the activity S = Supporting: the person(s) that provides support for the work C = Consulted: the person(s) consulted before performing the...

Read More

ISO 27004:2016 on Security Measurements

Feb 1, 2017 in Newsletter | Comments Off on ISO 27004:2016 on Security Measurements

ISO 27004:2016, Information technology – Security techniques – Information security management – Monitoring, measurement, analysis and evaluation, is available. ISO 27004:2016 provides guidelines to assist organizations in evaluating the information security performance and the effectiveness of an information security management system to meet the requirements of ISO 27001:2013, clause 9.1. It establishes: a) the monitoring and measurement of information security performance; b) the monitoring and measurement of the...

Read More

ISO 27011:2016 for Telecommunications Organizations

Feb 1, 2017 in Newsletter | Comments Off on ISO 27011:2016 for Telecommunications Organizations

ISO 27011:2016, Information technology – Security techniques – Code of practice for Information security controls based on ISO 27002 for telecommunications organizations, is available. The revised standard defines guidelines for supporting the implementation of information security controls in telecommunications organizations. It will allow telecommunications organizations to meet baseline information security management requirements of confidentiality, integrity, availability, and any other relevant security properties. The 31...

Read More

Top Three IT Concerns

Feb 1, 2017 in Newsletter | Comments Off on Top Three IT Concerns

A Forbes blog says the trends analysis report by the Society for Information Management (SIM) has identified the CIOs’ top three concerns for 2017 as being business alignment, security, and skills shortages. The SIM 2017 report reflects the continuing evolution of business trends being information technology trends. Moreover, IT has increasingly become a priority for most businesses. SIM notes that IT budgets increased in 2016 by an average of 4.15%, short of last year’s increase of 4.6%, but positive nevertheless. The report also...

Read More

AS9120B Requirements and Transition Guidance

Feb 1, 2017 in Newsletter | Comments Off on AS9120B Requirements and Transition Guidance

The new AS9120B:2016 standard replaces the AS9120A:2009 standard. Organizations certified to AS9120A:2009 must transition to AS9120B:2016 by September 2018, the date that AS9120A:2009 will be withdrawn. Our new 2.5 day “AS9120B Requirements and Transition Guidance” course explains the underlying requirements based on ISO 9001:2015 and the additional requirements unique to AS9120B. To help with the transition, the course highlights all the requirement changes from those in the ISO 9001:2008 and AS9120A:2009 standards. The course...

Read More

Gap Analysis Checklists

Feb 1, 2017 in Newsletter | Comments Off on Gap Analysis Checklists

Larry Whittington has developed ISO 9001:2015 and ISO 14001:2015 checklists for the purpose of conducting a gap analysis of your current system against the new and changed requirement of the new standards. ISO 9001:2015 Gap Analysis Checklist The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations. To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the...

Read More

AS9100D:2016 Requirements and Transition Guidance

Jan 2, 2017 in Newsletter | Comments Off on AS9100D:2016 Requirements and Transition Guidance

The new AS9100:2016 (Revision D) standard replaces the AS9100:2009 (Revision C) standard. Organizations must transition to AS9100D by September 2018, the date that AS9100C will be withdrawn. Our new 2.5 day “AS9100D Requirements and Transition Guidance” course explains the requirements based on ISO 9001:2015 and the additional requirements in AS9100D. To help with the transition, the course highlights all the requirement changes from those in the ISO 9001:2008 and AS9100C standards. The course also includes specific transition...

Read More

IATF 16949:2016 Requirements and Transition Guidance

Jan 2, 2017 in Newsletter | Comments Off on IATF 16949:2016 Requirements and Transition Guidance

The new IATF 16949:2016 standard replaces the ISO/TS 16949:2009 standard. Organizations certified to ISO/TS 16949:2009 must transition to IATF 16949:2016 by September 2018, the date that ISO 9001:2015 will be withdrawn. Our new 2.5 day “IATF 16949:2016 Requirements and Transition Guidance” course explains the requirements in ISO 9001:2015 and the supplemental requirements in IATF 16949:2016. To help with the transition, the course highlights all the requirement changes from those in the ISO 9001:2008 and ISO/TS 16949:2009...

Read More

Gap Analysis Checklists

Jan 2, 2017 in Newsletter | Comments Off on Gap Analysis Checklists

Larry Whittington has developed ISO 9001:2015 and ISO 14001 checklists for the purpose of conducting a gap analysis of your current system against the new and changed requirement of the new standards. ISO 9001:2015 Gap Analysis Checklist The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations. To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the checklist...

Read More

ISO 9001:2015, Clause 6, Planning

Jan 1, 2017 in Newsletter | Comments Off on ISO 9001:2015, Clause 6, Planning

 Clause 6 on Planning has three sub-clauses: 6.1 Actions to Address Risks and Opportunities 6.2 Quality Objectives and Planning to Achieve Them 6.3 Planning of Changes This article summarizes the ISO 9001:2015 requirements in sub-clauses 6.1, 6.2, and 6.3 and highlights the changes from ISO 9001:2008. 6.1 Actions to Address Risks and Opportunities 6.1.1 (untitled) When planning for the quality management system (QMS), consider the issues in clause 4.1, and the requirements in 4.2. Determine the risks and opportunities that need to be...

Read More

ISO/TS 9002:2016 Guidelines for ISO 9001:2015

Jan 1, 2017 in Newsletter | Comments Off on ISO/TS 9002:2016 Guidelines for ISO 9001:2015

The new standard, ISO/TS 9002:2016, Guidelines for the Application of ISO 9001:2015, provides guidance on the intent of requirement clauses 4 through 10 of ISO 9001:2015.  Since ISO 9001 is designed to be applicable to all types and sizes of organizations, its requirements are necessarily broad. ISO/TS 9002 provides guidance supported by in-depth explanations, examples, and options to help organizations fully benefit from the implementation of their quality management system.  While the guidelines in this document are consistent with the...

Read More

IATF 16949 Gap Analysis Tool

Jan 1, 2017 in Newsletter | Comments Off on IATF 16949 Gap Analysis Tool

The Automotive Industry Action Group (AIAG) is providing a free Gap Analysis Tool to help organizations transition from ISO/TS 16949:2009 to the new IATF 16949:2016 standard.  The tool assists you in performing a gap analysis against IATF 16949:2016 to identify differences that need to be addressed to ensure your organization’s quality management system meets all the new requirements.  The tool also allows you to create a framework for completing an initial evaluation to determine the level of complexity of transitioning your QMS to...

Read More

Information Security for Small Businesses

Jan 1, 2017 in Newsletter | Comments Off on Information Security for Small Businesses

Hackers are targeting smaller, less secure businesses. These small companies need to understand the security risks and be prepared to protect their systems and information. The National Institute of Standards and Technology (NIST) recently published Small Business Information Security: The Fundamentals. It provides a framework to minimize security risks. The NIST guide contains the following sections: 1. Background: What is Information Security and Cybersecurity? 2. Understanding and Managing Your Risks 2.1 Elements of Risk 2.2 Managing Your...

Read More