RSS Introducing an ISO 14155 Certification Consultancy Service for Good Clinical Practice recently announced of starting a new certification consultancy service for ISO 14155 good clinical practices for clinical Investigation of medical devices for a human subject. The first edition of the ISO 14155 standard was published in February 2003, and presently the third edition published in July 2020 is applicable for certification and regulatory purposes. ISO 14155 specifies general requirements planned to protect the rights and safety of human subjects to ensure the scientific conduct of the clinical investigation and the credibility of the results. This standard determines to describe the responsibilities of the sponsor and principal investigator and assist sponsors, ethics committees, regulatory authorities, and other bodies that are involved in the conformity assessment of medical devices.

Punyam offers ISO 14155 certification services that include support for the implementation of a management system for Clinical Investigation of Medical Devices for Human Subjects as well as system documentation and system implementation training for all employees of the organization. ISO 14155:2020 Certification is desired by organizations that want to perform better. After an organization is audited for successful implementation of the ISO 14155 system, the certification body, which is accredited to provide ISO 14155 Certification, issues ISO 14155 certificate. This certificate is issued for 3 years after successful completion of pre-assessment and registration assessment. The certificate is valid for 3 years from the date of issue. Surveillance audits are conducted by the certification body within 3 years, at the intervals of 3 months depending on the nature and size of the organization.

Applying clinical investigation of medical devices as per ISO 14155 standard the organizations can achieve the benefits with continuous improvements are like ISO 14155 certification helps to improve clinical practices and performances, successfully implemented system to ensures scientific conduct of the clinical investigation and credibility of the clinical investigation results, The ISO 14155 protects the rights, safety, and well-being of human subjects, and it well-defined responsibilities of the sponsor and principal investigator.


Tags: , , , , , , is Introducing New Service – ISO 20252 Certification Consultancy in India is an associate of Global Manager Group – one of the largest business management consulting and training firms that announces providing a new service – ISO 20252 Certification Consultancy for the organizations to implement the standard for continual improvement in Market, Opinion, and Social Research in the organizations.

With having more than 25 years of experience and qualified consultants, added one more triumph by including the new ISO Certification Consultancy service in the list. By adding ISO 20252 Certification Consultancy, assists organizations by providing training for system awareness, implementation of ISO 20252 systems, auditing implemented system and preparing the documentation of ISO 20252:2019 certification as a part of the consultancy project. The mission of is to provide value to the organization so that they can get maximum benefits from implemented ISO system in their organizations., the industry’s leading solutions provider, has associated with Global Manager Group to develop a ready-to-use ISO 20252 Documentation kit to meet the requirements of the Market, Opinion, and Social Research.

Steps that follows during ISO 20252 Certification Consultancy projects are listed below.

1.         Make a micro-level of the existing system for every activity.

2.         Conduct an awareness training program for ISO 20252.

3.         Prepare documentation of Market, Opinion, and Social Research.

4.         Provide training to employees related to documentation and its implementation.

5.         Conduct an internal audit.

6.         Apply for ISO 20252 certification

7.         Implement the Market, Opinion, and Social Research

8.         Take corrective actions for non-conformities

9.         Final audit by certifying body

10.       Get certified for ISO 20252:2019.


Tags: ,

6 Steps of Getting an ISO/IEC 17025 Accreditation and its Benefits

ISO/IEC 17025 is a global standard that specifies the general requirements for laboratories to perform competently, impartially, and consistently. The International Organization for Standardization (ISO) and the International Electro-technical Commission (IEC) collaborated on the publishing of the standard. It identifies the activities that must be included in laboratory operations to encourage trust in the laboratory’s ability to produce valid and consistently reliable testing, calibration, and sampling results. ISO/IEC 17025:2017 is the most recent revision.

Accreditation is a formal recognition by an Accreditation Body that a laboratory is effective in fulfilling the requirements of ISO 17025 standard to perform tests within its accredited scope. The standard and accreditation are used by laboratories that are independently owned and operated as well as those that are part of larger organizations, regardless of industry or size, that are involved in sampling or measurement activities. This includes both regulated government and public sectors and unregulated sectors. ISO/IEC 17025, along with ISO 9001, serves as the foundation for ISO 15189, which specifies requirements for competence and quality, as well as medical laboratory accreditation. ISO/IEC 17025 Consultant will make the accreditation process easy. Accreditation implies several actions, including document review, process audits, and accreditation results provided by third-party accreditation bodies. All these steps are encapsulated below:

  • Start Your Research/Preparation: The accreditation process starts with the research and learning about 17025. Take ISO/IEC 17025 awareness training and discover what the individual requirements are. Learn about the scope of accreditation and different requirements, including general, structural, resource, and process requirements, to prepare by hand at all levels of organizations.
  • 17025 Gap Analysis and Checklist: Make a summary of the areas of improvement in the laboratory management system to meet the management and technical requirements of ISO 17025 accreditation. Also, a gap analysis checklist will help identify what the lab already has, an area to improve, and how much time need to complete the accreditation procedure.
  • Create the ISO/IEC 17025 Implementation Project Plan: Prepare a framework for approaching accreditation bodies by referring to the checklist created in the earlier step. Design a system and timeline of the steps that the organization will follow while applying for accreditation and elsewhere.
  • Documentation: In this step, the organization will need to document all the processes, methods, and procedures of the lab. Appropriate documentation includes:
    • Quality Manual
    • Functional Procedures
    • Work Instructions
    • Quality Records
    • System Procedures and Formats
  • Audit QMS Performance: The organization has enhanced the quality management system and curated all documentation, Now the lab needs to know if all is working well. For that, the lab will need to conduct internal audits to learn about any non-conformities based on the internal audit report and build an action plan. This will support the lab in modifying any issues before beginning the accreditation assessments.
  • Final Audit from an Accreditation Body: The final assessment of labs will be performed by an accrediting body. They may interview some employees of the organization or lab, inspect documents and records, observe selected calibrations or tests, and examine equipment. They look for statements, documented procedures, records, and written policies to check your lab’s technical competency. If any non-conformities are found, the organization will be asked to correct them. After modifying the non-conformities, a lead assessor will authenticate them. The accreditation body will then prepare and transfer the accreditation certificate to the lab when there are no longer any issues. The certificate will demonstrate the technical capability of the organization or lab in providing calibration or testing services.

Benefits of an ISO 17025 Accreditation 

  • The ISO 17025 accreditation saves enough time and operational capital by avoiding retesting products.
  • Laboratory accreditation is a sustainable approach for labs to demonstrate technical competence, instilling trust among their customers.
  • The standard validates test and calibration methods and ensures accurate results.
  • The globally recognized accreditation certificate validates the performance of your lab for your customers and stakeholders, thus giving you an edge over your competitors and boosting your reputation at the international level.
  • Lab accreditation means measurement traceability and calibrations meet the highest standards, it provides correct and valid results. 
  • The ISO 17025 accreditation is the best for testing laboratories to develop operational efficiency and productivity. Sustaining high-quality results and reducing measurement uncertainties and mistakes are dangerous for a testing or calibration lab’s success.

Tags: , , , , , , , ,

Understand the ISO 15189 Internal Audit of Quality Management System

ISO 15189 is an international standard for medical laboratories – Requirements for quality and capability, after this referred to as ISO 15189, was first published in 2003 and revised in 2007 and again in 2012. ISO 15189 is not a tool simply to meet accreditation requirements or deliver quick fixes for specific mistakes. Instead, laboratories executing ISO 15189 strive to:

  • Make systems that are as failure resistant as possible, will catch errors before they become a problem, and decrease errors by getting things right the first time.
  • Identify opportunities for enhancement at all times.
  • Contain and empower their staff by including them in the solving of problems and the implementation of solutions.

ISO 15189 inspires full involvement and utilization of the capabilities of all employees at all levels to expand the organization. In a laboratory accredited to ISO 15189, the goal is constant enhancement, and for staff members to know precisely what to do, how to do it, who is in charge of a procedure, and where to find all information essential to perform their jobs. In the United States, accreditation to ISO 15189 is voluntary, as no governmental or regulatory agency needs laboratories or health care providers to conform to ISO 15189.

Internal Audit of ISO 15189 Quality Management System:

ISO 15189 accredited laboratories have to accomplish internal audits of their Quality Management System on a regular basis. Such audits essential to contain the managerial and technical components, as well as pre-examination, examination, and post-examination procedures. These serve to:

  • Establish that all activities of the QMS are covered.
  • Assure that processes are effective.
  • Identify opportunities for enhancement.

ISO 15189 accredited laboratories generally perform internal audits by section, with an entire cycle completed within one year. ISO 15189 Internal Auditor Training develop capability to plan, initiate, and conduct an internal audit of the management system of a medical laboratory in accordance with the requirements of ISO 15189: 2012 standard. Improved frequency of audits may be essential depending on risk and occurrence management outcomes. Internal audit results are one of some inputs for the regular, high-level management review required of ISO 15189 accredited laboratories. Management review meetings offer the opportunity to review problems that affect the laboratory’s processes, with, but not limited to, internal audit results, quality metrics, ongoing quality improvement projects, opportunities for enhancement, complaints, and forthcoming new technologies or regulatory changes.

Quality management system conclusions in an ISO 15189 are based on facts and data. This stops personal preferences or a top-down management style from inhibiting procedure and quality enhancement. Constant enhancement is a permanent objective of ISO 15189 standard quality management. This does not mean, for example in anatomic pathology that every possible effort should be made to decrease the frozen section turnaround time by 1 min. The laboratory would find meaningful metrics that are associated with the laboratory’s mission. Enhancements may affect any aspect of the quality management system and its procedures. They may contain problems such as saving control tissue for immunohistochemically stains, making the work instructions for lymphoma workups more succinct and accessible, or automating frozen section against final diagnosis associations using the laboratory information system.

Also, in clinical chemistry, constant improvement does not mean making every possible effort to decrease hemoglobin turnaround time by 10 sec. Though, it may mean making efforts to drive down variation and risk, which can help an essential laboratory avoid repeating testing, incorrect results, physician complaints, or even probably having to add a satellite lab with its associated overhead costs. More significantly, constant improvement also refers to the improvement of the quality management system.


Tags: , , , , , ,

9 Important Guidelines for Implementing GMP According to ISO 22716 Standard

GMP-related processes are essential to quality assurance and the guidelines help organizations manufacture practices that are constantly high in quality from every batch. Also, implementing industry-standard GMP according to ISO 22716 that requires considering the following GMP guidelines:

  1. GMP for Cosmetics – Employees
    Cosmetics GMP highlights the importance of ensuring that employees of the cosmetics company are all sufficiently skilled, knowledgeable, and capable of correctly producing, as well as storing and controlling the products according to the organization’s specifications, also contributing to safety and quality moderately than compromising it. Also, the necessary support from the organization in the form of providing GMP training, regulation, safety equipment, as well as the personal protective equipment, and resources to perform their job and tasks efficiently.
  2. Premises
    The premises of a cosmetics manufacturer should always meet the GMP specifications like providing a safe, hygienic environment that reduces the risk of contamination. The facilities should be planned to allow for suitable division of storage, manufacture, quality control, washing, purification, and any further subsidiary facilities, and confirm that cleaning and maintenance rules are prepared.
  3. Equipment
    All equipment used should be suitable for its purpose and must be sufficiently cleaned, disinfected, and kept to avoid air contamination. An essential part of a company’s GMP procedure is that the equipment used for the manufacture of the cosmetic product is only used for this purpose. The equipment should also be stored properly and calibrated every so often if needed.
  4. Raw Materials and Packaging
    All ingredients, raw materials, and packaging materials should meet an acceptable measure to ensure the quality of the finished product. All raw materials should be well prepared and appropriately labeled along with packaging materials to prevent mix-ups with any products. These labels must contain batch information so that they can be traced at any point in the manufacturing process.
  5. Production
    All the measures should be taken during each step to ensure that the finished product meets its specifications. Proper ISO 22716 documents and records should be created to capture all features of the production process. The guideline recommends establishing ISO 22716 standard operating procedures (SOPs) for all processes. It also contains GMP for cosmetics procedures, as well as a new product formulation of the cosmetic product in percentages, and weight/volume.
  6. Finished Products
    Finished products must meet all the quality standards established by the company and reflect good manufacturing products. Once a complete product is placed on the market, it is necessary to validate compliance with defined quality criteria. Some strict rules of storage must be followed for finished products, ensuring appropriate conditions. Finished product storage containers should be listed with the product’s name, its batch number, any relevant storage conditions, and its quantity.
  7. GMP for Cosmetics – Quality Control
    Quality refers to the faithfulness of a cosmetic product, its preservation, and its overall purpose. Many of the tests that are required check that the quality of a product remains to a high standard, any products holding water are at risk of contamination by microbial development and will require sampled quality checks to ensure a product remains unchanging and passes challenge tests. For sampling and testing purposes, samples must be identifiable by their name, concentration, expiration date, opening date, storage conditions, etc.
  8. Complaints and Recalls
    Any complaints or any events reported about a cosmetic product must be reviewed, investigated, and followed up on. The GMP for cosmetics ISO 22716 requirement may be a legal requirement as part of the cosmetics principles. All complaints should be centrally recorded, and investigating complaints should include the steps to prevent a product defect from reoccurring, also recognizing possible issues with safety or quality. If a severe or high-risk safety or quality issue is suspected, an organization must be capable of implementing a product recall speedily and proficiently.
  9. GMP for Cosmetics Audit and Documentation
    To assure the implementation and execution of good manufacturing practices for cosmetics, it is important to conduct a regular audit, to evaluate the overall performance of a quality management system. It should be able to identify the system’s strengths and weaknesses, as well as advise a plan of action to overcome failings in GMP good manufacturing practice cosmetics. Also, maintain proper documentation of all the procedures as well as any action taken in the organization.

Tags: , , , , , , , , ,

The Role of Risk Management in ISO 14001 Environmental Management System

The ISO 14001:2015 standard published and among many fundamental changes, it pressures the necessity for better strategic risk management to change and enhance the present system that relies more on a “reactive” protective action process. Another important change is the increasing contribution of “top management” in this procedure. These changes may not sound affected, but they need organizations to demonstrate evidence of improved and better strategic risk planning and implementation.

Preventive measures versus strategic risk management:

The ISO 14001:2015 standard depend on risk assessment along with corrective and protective actions to decrease the impact that a business has on the environment; however, the ratios in which the above are expected to be performed are not definite. The 14001:2015 standard will seek to replace the “preventive action” with “improved risk management”. So, the attention will transfer from preventive actions, which may be less effective because they may be carried out by only certain individuals within an organization, to risk management, which should be a more systematic process due to input and assurance from multiple stakeholders, with a heightened sense of importance due to the change in the ISO 14001 standard.  Also, if organization have to deliver a corrective action, reacting to an event that has already occurred. The new standard purposes to stop these incidents defined by the use of risk management and proactive risk assessment.

The purpose of “strategic risk management” is to attention the organization’s top management and team to both spend more time measuring, investigating, and understanding features that may current risk to the environment, and implement these actions before any environmental effect is felt, as different to during or after.

The Environmental Benefits of Risk Management:

It is clear that the changes in the Draft International Standard are considered to confirm that a proactive, measured, and strategic outlook is occupied toward environmental concerns. The key benefits to the environment should come from a main bias toward identification and prevention of occurrences, rather than reactions to events. This attention will have an enormously positive effect on the environment and the legacy leave for future generations. With the collective enhancements of ISO 14001, accredited and obedient organizations throughout the world will positively impact the planet and the resources leave for others.

The Benefit of Risk Management to Organization:

The swing in the direction of strategic planning of how evaluate environmental aspects, by contribution of management team, will generate a fundamental change in environmental performance. Consider that now it will become normal for whole management team to think about any aspects that may affect business and discuss how these risks will be accomplished, mitigated, and removed. Many environmental “aspects,” which in time convert “incidents,” are costly not only to the environment, but also to business. organization must now see a conclusive enhancement in this area of performance criteria, and environmental key performance indicators should improve. Continual review, adjustment, and constant enhancement will confirm that this cycle remains. Prevention, with the help of forward planning and risk management, is much better than a cure.

An improved shift toward strategic risk management will result in benefits both to the planet and to the financial performance of organization. ISO 14001 Lead Auditor Training deliver knowledge and skills to qualify and get certified as lead auditor for environmental management system. ISO 14001 Lead auditor training will help to properly interpret ISO 14001:2015 requirements and then plan, conduct and close an audit of the environmental management system based on ISO 14001:2015, and also understands the new concepts of impartiality, risk management and risk evaluation techniques, decision rule, and procedure approach.


Tags: , , , , , ,

Understand The ISO 29001 Standard And Its Benefits

ISO 29001 standard describes the quality management system requirements for the plan, development, manufacture, connection, and service of products for the petroleum, petrochemical, and natural gas industries. To support users of the documents, the requirements of ISO 29001 are given with specific guidance and supplementary requirements for its implementation within the industry. Though some of the supplementary requirements may be viewed as not specific to the oil and gas industry, they are needed in ISO 29001 to ensure that the requirements are clearer and can be more readily verified/audited.

What is ISO 29001?

The quality management system for product and service supply organizations in the petroleum, petrochemical, and natural gas sectors is defined by ISO 29001. ISO 29001 requirements are like API Q1 system specifications, such as ISO 29001 documents, methods for conception, getting audit training, and other fundamental organizational activities. The standard also contains unique sector requirements for design, development, production, installation, and product services.

The ISO 29001 standard is an extension of the ISO 9001 quality management systems standard, which is internationally recognized and includes supplementary requirements with importance on fault stoppage and the decrease the variation and waste from service providers. These necessities have been established discretely to ensure that they are clear and auditable. ISO 29001 explicitly focuses on the oil and gas supply chain.

Who Benefits from ISO 29001 standard?

ISO 29001 Standard is accessible by manufacturers, both upstream and downstream, of oil and gas industry apparatus and materials, service providers to the oil and gas industry, and purchasers of gear, resources, and services. The standard can also be used for organizations to perform auditing of their suppliers and for 3rd party certification purposes. Organizations may benefit from this standard if they:

  • Those who are involved in the exploration, production, pipelines, transportation, and refining of petroleum and natural gas products.
  • Also, those who are involved in the design, manufacturing, installation, service, and repair of equipment used in the exploration, production, transportation, and refining of petroleum and natural gas products.
  • And those who provide technical, operational, and support services to the various industry sectors identified above.

What is the need for ISO 29001 implementation?

critical industry. It not only covers the systems and procedures, but it also demonstrates that you care for the employees and the public. The oil and gas sectors are rife with danger. In the industry that handles fluids (liquids and gases), frequently at extremely high pressures, through a range of products and processes, strict adherence to engineering, user, and regulatory criteria is necessary. Hazardous liquids and gases may cause serious harm to humans and the environment if they are mishandled or inadequately controlled. Considerations for worker safety are essential. Protecting the environment and the public necessitates having a high level of operational integrity. Complicating matters, oil and gas industry equipment and service providers are dispersed globally, and many operate in underdeveloped countries with very different cultural approaches. Adherence to ISO 29001 ensures better business continuity (maintenance of revenue streams, both for companies and national economies) and should assist in the mitigation of operational risks because of products’ existence in full conformance with conditions and guidelines.

The benefits of implementing ISO 29001

  • ISO 29001 standard helps to improve the ability to gain a license to trade, resulting in increased contracts and prospects
  • Also, it demonstrates to stakeholders and customers of commitment to quality and best practices
  • It helps in better risk management and increased performance
  • Having efficient operations that improve quality and reduce waste
  • And the continual improvement has resulted from improved communication and regular assessment.

Tags: , , , , , , ,

How to conduct an internal audit according to ISO 9001 Quality Management System?

Organization sees the essential process for Internal Audit as a form of necessary evil that they want to endure in order to maintain ISO 9001 registration. They think it is a duplicate effort of the registrar, not realizing that the Internal Audit can be much more effective because it looks at the processes more often and more carefully than the registrar has time for. At worst, the Internal Auditors are seen as some sort of internal police force that it is best to guard yourself against by hiding important data or outright misleading with false information.

In fact, as a process owner, the ISO 9001 Internal Audit process can be the finest way to have an outside set of eyes take a close look at procedure. They can help identify areas for improvement, or possibly complacency, which can benefit process to run better, quicker or more efficiently. Below are main steps that explain how to conduct an internal audit according to ISO 9001, and how they can finest be used to focus the internal process owners on enhancement of those procedures.

Planning the ISO 9001 Audit Schedule: A significant part of a good process is having an overall ISO 9001 Audit Schedule that is readily available to let everybody know when each process will be audited over the upcoming cycle. By publishing the audit intentions, the message is that this is meant as a support to the process owners and the ISO 9001 auditors are there to help. This can permit the process owners to time the finish of any enhancement projects that they are working on to be before the audit, so that they can collect valued information on the implementation, or to request the ISO 9001 auditors to focus on helping to collect information for other planned enhancements.

Planning the Process Audit: The first step in planning the individual process audits is to approve with the process owners when the audit will take place. The complete plan above is more of a guideline as to how often procedures will be audited, and roughly when, but the confirmation permits the ISO 9001 auditor and process owner to cooperate to determine the best time to review the process. This is when the auditor can review previous audits to see if any follow-up is essential on concerns previously found, and when the process owner can classify any areas that the ISO 9001 auditor can look at to assist the process owner to identify information. A good audit plan can assure that the process owner will get value out of the audit process.

Conducting the ISO 9001 Audit: An ISO 9001 audit should start with a meeting of the process owner to assure that the audit plan is ready. Then there are many paths for the auditor to collect information during the ISO 9001 audit: studying records, talking to employees, analyzing key process data. The focus of this activity is to collect evidence that the process is functioning as planned in the QMS, and is effective in creating the essential results. One of the most important things that an auditor can do for a process owner is not only to classify areas that do not have evidence that they are functioning appropriately, but also to point out areas of a process that may function improved if changes are made.

Reporting on the Audit: A closing meeting with the process owner is a necessity to confirm that the flow of information is not delayed. The process owner will want to know if there are any areas of weakness that want to be addressed, but it will also be interested in knowing if any areas occur that might be enhanced. This must be followed with a written record as soon as possible to deliver the information in a more permanent format to allow follow-up of the information. By classifying not only the non-conforming areas of the process, but also the positive areas and potential development areas, the process owner will get a better value from the ISO 9001 Internal Audit, which will permit for process enhancements.

Follow-up on Issues: As with many areas of the ISO 9001 standard, follow-up is a critical step. If problems have been found and corrective actions taken, assure that the problem is actually fixed is a key part of fixing it. If development projects have been accomplished from opportunities recognized in the audit, then seeing how much the process has enhanced is a great motivator for upcoming improvements.

By using the ISO 9001 Internal Auditor training to focus on helping to better the processes, and not just to maintain compliance, the organization can see more value out of the ISO 9001 audits. Process improvement is one of the key elements of an ISO 9001 Quality Management System, and should be one of the chief motivators of an organization that wants to implement and maintain a good QMS. Process improvement not only helps with efficacy, but also saves time and money in the process. If used correctly, the ISO 9001 Internal Audit, instead of being a “necessary evil,” can be one of the biggest contributors toward process improvement in the Quality Management System.


Tags: , , , , , , , ,

Requirements of ISO 27001 Consultants for ISMS Certification in Your Organization

ISO 27001 security standard has a set of specific requirements for an information security management system (ISMS). It makes one of the furthermost required certifications for organizations wanting to follow the important guidelines. As we all know in today’s stage of development of data breaches and cybercrime, businesses are gradually sensing the pressure to demonstrate that they can be trusted for information security and privacy management.  Having an ISO 27001 certification demonstrates that an organization has acknowledged and apportioned for any risks to its security.

Do You Really Need ISO 27001 Consultant for Your Organization?

Having an ISO 27001 consultant can be an amazing way to save organization resources, time, and energy. Also, The ISO 27001 consultant has expert knowledge of all things about the ISO 27001. Having expert knowledge is not the only advantage they offer. Also, a skilled consultant knows best practices for each step of the certification process, from building an ISMS to conducting an audit. The ISO 27001 consultant can also use their experience helps to build solutions that reflect your business’ unique systems. An ISO 27001 consultant is most helpful when the organization does not have dedicated compliance staff. A third party is in a good position to catch security issues or mislaid links than internal staff who may view their systems with a small partiality or are happy with the process in place and have not fully evaluated them for security best practices. Here is mention some points where a proficient ISO 27001 consultant can help an organization with their knowledge are:

  • ISO Risk Classification: Organizations must categorize their information and information systems in demand of risk to confirm that the sensitive information and the systems that use it are given the highest level of security.
  • ISO System Security Plan: ISO 27001 requires organizations to create a security plan which is repeatedly sustained and kept modernized. The security plan should include things like the security controls executed within the organization, security policies, and a schedule for the summary of additional controls.
  • ISO Risk Assessments: Risk assessments are a key element of ISO 27001 information security requirements. ISO 27001 offers some guidance on how agencies should conduct risk assessments. According to the ISO 27001 guidelines, risk assessments should be three-tiered to identify security risks at the organizational level, the business process level, and the information system level.
  • ISO Security Controls: ISO 27001 required security controls for ISO 27001 compliance.  ISO 27001 does not require an organization to implement every single control. As an alternative, they are educated to implement the controls that are applicable to their organization and systems. Once the suitable controls are selected and the security requirements have been fulfilled, the organizations prepared an ISO 27001 document based on the selected controls in their system security plan.
  • Certification and Accreditation: ISO 27001 requires organization to conduct security reviews to ensure risks are kept to a minimum level. Organization can achieve ISO 27001 Certification and Accreditation through a four-phased process which includes initiation and planning, certification, accreditation, and continuous monitoring.

The Role and Responsibility of an ISO 27001 consultant are:

  • ISO 27001 consultant helps in the design, implementation, operations, and maintenance of ISMS based on the ISO/IEC 27001 standard, including ISO 27001 certification.
  • Consultant also conducts ISO 27001 auditor training on ISO 27001.
  • Conduct the ISO 27001 internal audit activities in the organization
  • Find the risk and accomplish a risk assessment based on ISO standards
  • Execute analysis using Quality Tools
  • Examine statistical information to analyse the existing standing of function for development.
  • Consultant also supports the team in developing audit reports; Along with the presents audit reports to top management, as needed.
  • Also, the consultant helps to categorize the legal, statutory, regulatory, and contractual requirements
  • It offers risk management guidance, as well as advice on risk assessment, risk treatment, risk acceptance, risk monitoring, and risk analysis.
  • Implement quality assurance activities.
  • Ensure control of documents, records & procedure change requests.
  • Assuring linkage between projects, business, and customer priorities using process improvement tools and methodologies.
  • Consultant help as an implementer between the external audit team and internal departments for the smooth accomplishment of the audit and closure of all the audit results.
  • Examine training needs, organize training program, and conduct training sessions as per requirement

Tags: , , , , , , , ,

Requirements of ISO 22716 for Good Manufacturing Practices in the Organization

ISO 22716 standard is an international standard that guides the production, control, storage, and shipment of cosmetic products. It deals with all features of the supply chain of cosmetic products. The guiding principle covers the quality and safety of the product, and they affect manufacturers, as well as suppliers, retailers, brand holders, and vendors of cosmetic products.

The ISO 22716 Good Manufacturing Practices (GMP) guide was designed to give guidelines for the production, control, storage, packaging, labelling, shipment, and distribution of cosmetic products. ISO 22716 is also organized to complement current management systems in place, like the ISO 9001. It provides the quality of cosmetic products to customers, as well the accountability and traceability in the production and distribution phases of products. ISO 22716 GMP protects all aspects of the supply chain of cosmetics.

Requirements to implement the ISO 22716 for Good Manufacturing Practices

Cosmetic companies, regardless of the complexity and size, can implement ISO 22716. Also, the ISO 22716 certification fits well with BRC and ISO 9001. EU cosmetics GMP requirements are included in the EU Cosmetics Regulation. The regulation created requirements to make sure customers and those involved in the cosmetics sector, whether European or non-European, are safe. It covers essential processes like manufacturing, testing, labelling, packaging, distribution, etc… GMP can prove their compliance either by an ISO 22716 certification or a statement showing that the products are produced according to ISO 22716 standards.

ISO 22716 has arranged the following specific requirements and principles:

  • Personnel:
    The personnel working in the organization, are responsible to improve effectiveness of production, controller, and products that fulfil the requirements of quality standards. It includes some features and limitations, including an organizational chart, number of employees, key responsibilities of the management and workers, system awareness  training, ISO 22716 auditor training, special hygiene and health of staff, guests, and inexperienced personnel.
  • Equipment:
    Equipment should be applicable and beneficial for the intended purpose. All parts of equipment must be cleaned, sanitized, and maintained. Also, usage and access to equipment should be provided to authorized persons only.
  • Raw materials and packaging:
    Both raw and packaging materials should fulfil the well-defined acceptance standards significant to the quality of end products.
  • Premises and Locations:
    Premises should be planned, built, placed, and utilized to assure the protection of the product, as well as efficient cleaning, sanitation, and maintenance and it helps to minimize the risk of confusion in raw materials, packaging units, and products.
  • Production:
    Here, In every stage measures the manufacturing procedures and packaging operations to manufacture an end product that accomplishes the identified features. Also, companies should be able to make sure the availability of relevant documents, perform start-up checks, allocate batch numbers, and re-stock raw materials. They must recognize in-process operations, controls, and product storage during the manufacturing and packaging phase.
  • Subcontracting:
    Subcontracting means obtaining a product or service that follows the requirements of the defined contract of the contributor.
  • Finished products:
    Also, make sure that the end products fulfill the well-defined receiving criteria before distributing the products on the marketplace.
  • Quality control laboratory:
    The quality control laboratory must apply the principles recognized by ISO 22716 standard, equipment, premises, subcontracting, and documentation.
  • Deviations:
    Deviations must be determined by gathering enough data and taking corrective measures. Also, identify the behaviour of a product that is out of description.
  • Waste Management:
    ISO 22716 standard requires companies to dispose of wastes in a sanitary, methodical, and appropriate manner.
  • Conducting and Controlling Changes:
    Official staff should agree and conduct changes that could affect the finished product’s quality based on acceptable data.
  • Handling complaints and recalls:
    ISO 22716 standards help to manage, investigated, review, and followed up on all complaints associated with the products.
  • Performing an internal audit:
    Every cosmetic company needs to monitor the implementation and position of the ISO 22716 Good Manufacturing Practices. According to that take action and plan if necessary.
  • Proper documentation:
    In the ISO 22716 standard, ISO 22716 documentation is a critical part of Good Manufacturing Practices. The ISO 22716 documents are available online with ready-to-use templates that makes overall documentation process easy and fast and helps to describe GMP actions, secure evidence of processes, and avoid confusion and loss of data.

Tags: , , , , , ,

What are the requirements of ISO 55001 Asset Management System?

Assets come in all shapes and sizes, but one thing is for sure all organizations have assets. Assets can be a competitive advantage or can trough organization’s resources. That’s why it is significant to manage assets efficiently and ISO 55001 can do just that. ISO 55001 is especially appropriate in industries that are capital intensive, have important physical assets to manage and have high fixed costs. This can include services, heavy and light manufacturing, supply, creation, property management and transportation. ISO 55001 was published in January 2014 and founds specific requirements for not only executing and maintaining an asset, but also refining that asset via an Asset management system. ISO 55001 goals to apply this method across other sectors permitting all businesses to get advantage from it. It is designed to deliver structure and guidance to an Asset Management System (AMS) to manage and mitigate risk, while benchmarking performance across all sectors and refining financial performance in line with organizational development strategies.

Requirements of ISO 55001 Standard:

  • Context of the Organization:

Meanwhile asset management is an organizational system, it is imperative that the organization takes into account the different factors that affect them.  This contains the external context such as social, cultural, economic and physical environments.  Regulatory, financial are other external contexts which wants to be considered.  The internal context contains the organizational culture, environment, and the objectives. Understanding the organization’s stakeholders is serious to understand the balance between cost, performance risk and to be able to implement rules to confirm consistent decision-making balances those necessities.

  • Leadership:

An asset management system must be controlled from the top of an organization.  Without leadership the asset management systems will not be sustained, nor will it deliver the advantages to the organization and stakeholders. Leaders are essential to develop the asset management objectives with the organizational objectives, and cascade those down to everybody in the organization. Leaders at all levels must continue to not only communicate the asset management system but live it each day.  They accomplish this by resourcing the organization to accomplish the objectives, define RACIs, and eliminate any barriers or conflicts that may arise.

  • Planning:

The path and objectives of the organization are established during the strategic planning activities, and documented in the organization’s plan.  This plan is used to grow the Strategic Asset Management Plan (SAMP). The SAMP is used to guide the development of the asset and asset management objectives, along with how to accomplish the objectives, at a high level.  The SAMP is then used as guidance to develop the Asset Management Plan(s) for the several asset types. Lastly, all objectives in the Asset Management Plan should be fully associated with the organization.

  • Support:

Executing the Asset Management Plan(s) requires the right level of support.  This support is generally resources. The Asset Management Plan(s), will spell out the expected requirements for the several support functions. This is where cross-functional groups really come into asset management.  HR & IT are serious in their support of asset management.  Whether it is confirming the organization has the right abilities and competencies, or the databases to house all the asset information.

  • Operations:

The Asset Management system is now able to be put into operation.  It is during this phase, that the plans are executed and value appreciated from the system. During the operation of the asset management system, changes may arise to funding, risk profiles, etc., and essential to be addressed.  This is all part of the operation of the asset management system. If any activities were outsourced, regardless of the reason, the organization wants to confirm those activities are conducted in an appropriate manner, associated with the business objectives.

  • Performance Evaluation:

Using the objectives set forth in the SAMP, or asset management plan, the performance of not only the assets, but the asset management system desires to be evaluated. If the objectives are not being met, the reasons why want to be understood and action is taken to expand the performance.  Without estimating the performance, the asset management system will likely not be able to meet the objectives of the organization. The information assembled during the performance evaluation phase should be feedback to the senior managers for use through the management review.

  • Improvement:

The information collected in the performance evaluation will be used to drive enhancement in not only the assets but the asset management system as well. But the organization wants to confirm that the asset management system is being followed, therefore, it should be conducting regular assessments or audits.  This will confirm the system is being followed by all those in the organization.  Any non-conformities shall be documented, and corrective, or preventive actions put in place to prevent reoccurrence. Lastly, in the event that there is any type of incident, there is an opportunity to expand the asset management system.  Take these incidents as a learning experience and improve any risk profiles and response plans.

ISO 55001 asset management system awareness training provide basic knowledge of ISO 55001:2014 standard, its requirements, benefits of implementing ISO 55001:2014 asset management system, ISO 55001 documentation; steps for certification and much more. This ISO 55001:2014 standard can be applied to all types of assets and by all types and sizes of organizations, therefore ISO 55001 Awareness Training can be useful for all those people who are associated with asset management services or working in any organization involved in asset management activities.


Tags: , , , , , , , , , , , , , , , , , , , ,

Key Elements of ISO 18788 Security Operations Management System

ISO 18788 specifies the requirements and delivers guidance for organizations that conduct security operations. Moreover, it delivers a framework for establishing, applying, operating, monitoring, reviewing, maintaining and refining a Security Operations Management System. It allows the continuous development of security services, while confirming customer safety and respect for human rights. This standard validates compliance with rules and regulations, respect for human rights, and the establishment of professional security operations to well meet the customer’s and stakeholder’s requirements. ISO 18788 delivers a business and risk management framework for the actual conduct of security operations. It places a robust importance in identifying stakeholders, including employees, clients, local communities and subcontractors.

The ISO 18788 standard gives principles and requirements for a security operations management system (SOMS), and supports it show its capability to continuously offer services that meet customer requirements and in conformance with appropriate rules and human rights requirements. ISO 18788:2015 gives a business and risk management framework for organizations conducting or contracting security operations and associated activities and functions while representing: – manner of professional security operations to meet the requirements of customers and other stakeholders, accountability to rule and respect for human rights, constancy with charitable commitments to which it subscribes.

What are the Elements of ISO 18788 Standard?

  • Risk based method is considered to be an essential process of the security operations management system.
  • ISO 18788 supports to plan and establish security operations throughout the management controls.
  • Private security operations defend significant parts of enterprise risk management.
  • The standard places a strong responsibility on organization as a security service provider to classify who will operations impact and how, starting with clients, regulations and legal governance, to employees and subcontractors.
  • ISO 18788 supports every business purpose and encompasses the essential security operations and the supply chain of an organization.
  • ISO 18788 is maintained and driven by the senior management team.

Why Security operations management system is Important?

The importance of ISO 18788 stands on the capability of the organization to spot appropriate lawful and regulatory guidelines and also support business functions and the supply chain. This ISO 18788 standard is suitable for any kind of organization involved in conducting or contracting security operations. The ISO 18788 certification helps to create, implement, maintain and improve a Security Operations Management System and at the same time confirm that the organization has executed effective management controls.

In addition, it proves the organization’s commitment to continuously provide qualitative services that meet customer’s requirements, guard the customer’s and organization’s reputation, while obeying to applicable laws and human rights necessities. By attending the ISO 18788 auditor training any management personnel can gain the essential expertise to support an organization in implementing and managing a Private Security Operations Management System (SOMS). Furthermore, obtain the appropriate skills to manage a Security Operations team.

Benefits of ISO 18788 Standard:

  • Deliver reliability and establish actual Corporate Governance.
  • Strengthen credibility and defend reputation.
  • Confirm the quality and skill of security organizations.
  • Establish constant customer improvements.
  • Deliver confidence to customers, governments and communities
  • Rise the potential of operational success.

Tags: , , , , , , , , , , ,