Yellow font on Black background Black font on White background Black font on Cream background
Call us today 01621 857841 or Email us
Quality Matters Logo

"Quality Matters in your Business"

Friday, 21 May 2010

How can you get certificated to ISO9001?

There are a number of steps required to ensure a successful certification to ISO9001 and probably the best way is to get some help from someone who has done it before.  This way you do not have to reinvent the wheel.

Step one is to purchase a copy of the Standard; this sets out the framework for you to follow.

Step two is to see what you have in place already and check that it compares favourably with the Standard.
It is likely that you have some systems in place and these may just need some tweaking to make them fit the quality model.

Step three is to produce a quality manual; the manual is usually in three parts:

  • A policy manual, which reflects the iSO 9001 standard;
  • A procedures section which shows the 6 mandatory procedures

    • Document control
    • Control of Records
    • Internal audit
    • Control of non-conforming product/service
    • Corrective action
    • Preventive action

  • A process section which shows all the processes within your organisation having an impact on quality. Note finance is normally excluded.

Step four is to make it all happen and adjust the processes as necessary.

Step five is to carry out an internal audit to check that everything is as it should be

Step six is to get an Accredited Certification Body to assess your system.

Step seven is where you can take a bow, as this is the award of your certificate of compliance to ISO9001.
If you need help, we can give you as much or as little as you need.

Monday, 10 May 2010

Secure Systems

Most company directors use laptops or netbooks to keep data available when away from their offices, but many do not have any sort of security installed.

Most will have anti virus software installed and many will have a password to log-in. A few will have basic  systems in place to prevent data being exported to a memory stick or CD.  Some may even have encrypted files.

The main security should ensure that the machine is physically secure. i.e. not left unattended.

The second level must include a secure log-in procedure, i.e. a complex password system, changed regularly.

The third level should ensure that any sensitive data is protected by a second  level of security. i.e encryption or second factor authentication.

One of the best methods is to have the laptop as a dumb terminal, holding no data and used to access data in the cloud or on a company server.  This does however require a secure internet connection. i.e https:/   but today the loss or corruption of data can have very serious consequences.

My own laptop is kept in a secure location; it has a steel cable attaching it to an immovable object when out of my sight. I use two levels of password and my sensitive data drive is fully encrypted.

I know that a good hacker could get round all my security but I have made it less attractive.  There is a balance to be made; really tight security means it is difficult to do anything; too lax and it is possible to lose or compromise data.  Somewhere in between must be the aim.

Quality Matters

P.O.Box 5479
Maldon
Essex
CM9 8GG
England

T: 01621 857841
F: 01621 856016
M: 07702 193788

© 2015 Quality Matters Ltd. All rights reserved. Responsive Design