Yellow font on Black background Black font on White background Black font on Cream background
Call us today 01621 857841 or Email us
Quality Matters Logo

"Quality Matters in your Business"

Sunday, 27 October 2013

Green shoots?

At long last it seems that the economy is turning a corner; activity in both the manufacturing and service sectors does seem to be on an upward trend.

Now is the time that organisations look to increase training and in that light it is worth mentioning that we have a few spaces on our Management Systems Internal Auditing Course to be held in Colchester on 28-29th November 2013.

Readers of this blog will be aware that many of the Management Standards are changing:

  • ISO 27001 the information security standard just re-issued  1 October 2013;
  • ISO 14001 due for publication in 2015 (this was planned for 2014, but the response to the first draft was not too favourable);
  • ISO 9001 due for publication in 2015.

Inevitably other standards that are based on 9001 will also be updated but no information is available at the moment:

  • AS9100, AS9110, AS9120 – The Aerospace and Defence Standards
  • ATEX – Explosive atmospheres Standards
  • TS 16949 – Automotive Standards.
  • The list goes on.

The main aim of these updates is to bring the into line with modern thinking and to standardise the format to comply with Annex SL of ISO/IEC Directives ,Part one, Consolidated ISO Supplement.

This will mean that the format will be:

  1. Introduction
  2. Scope
  3. Normative references
  4. Terms and definitions
  5. Context of the organisation
  6. Leadership
  7. Planning
  8. Support
  9. Operation
  10. Performance Evaluation
  11. Improvement

It is interesting to note that the P-C-D-A (Plan- Do- Check- Act) principles are no longer featured.

Fascinating times ahead?

Monday, 14 October 2013

Information Security Management Standards

The revised Standards are now published.  The revised contents of both ISO 27001:20013 and ISO27002:2013 are shown below:

ISO27001:2013 - Requirements


  1. Scope
  2. Normative references
  3. Terms and definitions
  4. Context of the organization
  5. Leadership
  6. Planning
  7. Support
  8. 8 Operation
  9. Performance evaluation
  10. Improvement

ISO27002:2013 – Code of Practice

  1. Scope
  2. Normative references 
  3. Terms and definitions  
  4. Structure of this standard 
  5. Information security policies
  6. Organization of information security
  7. Human resource security 
  8. Asset management 
  9. Access control 
  10. Cryptography 
  11. Physical and environmental security 
  12. Operations security
  13. Communications security 
  14. System acquisition, development and maintenance 
  15. Supplier relationships 
  16. Information security incident management 
  17. Information security aspects of business continuity management 
  18. Compliance

New registrants can choose to become certificated to the new standard or to the old :2005 standard for a period of time.  Existing certificate holders will have to transition to the new standard during the next twelve months period.

Quality Matters

P.O.Box 5479
Maldon
Essex
CM9 8GG
England

T: 01621 857841
F: 01621 856016
M: 07702 193788

© 2015 Quality Matters Ltd. All rights reserved. Responsive Design