February, 2017 Newsletter Articles

ISO 9001:2015, Clause 5, Leadership

Feb 1, 2017 in Newsletter | Comments Off on ISO 9001:2015, Clause 5, Leadership

Top Management is defined in ISO 9000:2015, 3.1.1, as the person or group of people who directs and controls an organization at the highest level (within the scope of the quality management system). Top Management has the power to delegate authority and provide resources within the organization. Clause 5 of ISO 9001:2015 has three sub-clauses: 5. Leadership 5.1 Leadership and Commitment 5.2 Policy 5.3 Organizational Roles, Responsibilities, and Authorities This article summarizes the ISO 9001:2015 requirements in Clause 5 and highlights the...

Read More

RASCI Diagram

Feb 1, 2017 in Newsletter | Comments Off on RASCI Diagram

The RASCI Diagram can be used to clarify the roles and responsibilities for cross functional processes. It helps determine who is Responsible, Accountable, Supporting, Consulted, and Informed. The RASCI Diagram splits activities into five types of roles that make up the acronym RASCI: R = Responsible: the person(s) who performs the activity A = Accountable: the person held accountable for completion of the activity S = Supporting: the person(s) that provides support for the work C = Consulted: the person(s) consulted before performing the...

Read More

ISO 27004:2016 on Security Measurements

Feb 1, 2017 in Newsletter | Comments Off on ISO 27004:2016 on Security Measurements

ISO 27004:2016, Information technology – Security techniques – Information security management – Monitoring, measurement, analysis and evaluation, is available. ISO 27004:2016 provides guidelines to assist organizations in evaluating the information security performance and the effectiveness of an information security management system to meet the requirements of ISO 27001:2013, clause 9.1. It establishes: a) the monitoring and measurement of information security performance; b) the monitoring and measurement of the...

Read More

ISO 27011:2016 for Telecommunications Organizations

Feb 1, 2017 in Newsletter | Comments Off on ISO 27011:2016 for Telecommunications Organizations

ISO 27011:2016, Information technology – Security techniques – Code of practice for Information security controls based on ISO 27002 for telecommunications organizations, is available. The revised standard defines guidelines for supporting the implementation of information security controls in telecommunications organizations. It will allow telecommunications organizations to meet baseline information security management requirements of confidentiality, integrity, availability, and any other relevant security properties. The 31...

Read More

Top Three IT Concerns

Feb 1, 2017 in Newsletter | Comments Off on Top Three IT Concerns

A Forbes blog says the trends analysis report by the Society for Information Management (SIM) has identified the CIOs’ top three concerns for 2017 as being business alignment, security, and skills shortages. The SIM 2017 report reflects the continuing evolution of business trends being information technology trends. Moreover, IT has increasingly become a priority for most businesses. SIM notes that IT budgets increased in 2016 by an average of 4.15%, short of last year’s increase of 4.6%, but positive nevertheless. The report also...

Read More

AS9120B Requirements and Transition Guidance

Feb 1, 2017 in Newsletter | Comments Off on AS9120B Requirements and Transition Guidance

The new AS9120B:2016 standard replaces the AS9120A:2009 standard. Organizations certified to AS9120A:2009 must transition to AS9120B:2016 by September 2018, the date that AS9120A:2009 will be withdrawn. Our new 2.5 day “AS9120B Requirements and Transition Guidance” course explains the underlying requirements based on ISO 9001:2015 and the additional requirements unique to AS9120B. To help with the transition, the course highlights all the requirement changes from those in the ISO 9001:2008 and AS9120A:2009 standards. The course...

Read More

Gap Analysis Checklists

Feb 1, 2017 in Newsletter | Comments Off on Gap Analysis Checklists

Larry Whittington has developed ISO 9001:2015 and ISO 14001:2015 checklists for the purpose of conducting a gap analysis of your current system against the new and changed requirement of the new standards. ISO 9001:2015 Gap Analysis Checklist The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations. To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the...

Read More