Yellow font on Black background Black font on White background Black font on Cream background
Call us today 01621 857841 or Email us
Quality Matters Logo

"Quality Matters in your Business"

Monday, 20 January 2014

Common Standards

Here are the most used Standards and their revision status:

ISO 9001: 2008

The Quality Management Standard - Probably the most recognisable standard throughout the world.

Currently being rewritten and is scheduled to be issued in third quarter 2015.    Early drafts show that this is a major revision and will probably have a three year transition from date of issue.

ISO 14001: 2004

The Environmental Management Standard – now under review for scheduled publication during 2015. It was originally planned to be issued in 2104, but there were a number of major issues raised in the first committee draft.  It was decided that further review should take place.  It is anticipated that there will be at least a two year transition period from the date of publication.

ISO 27001: 2013

The Information Security Management Standard - Reissued in September of 2013.  This recent issue brings the Standard up to date.   There is a two year transition period from the 25 September 2013 publication.

The transition arrangements – New applicants may choose to be assessed to the 2005 standard up to 24 September 2014 or go straight to the 2013 Standard, once the certification bodies have been accredited to the new Standard.   Existing 27001 certificate holders can choose to keep to the 2005 Standard but must transition to the 2013 Standard by 24 September 2015; failure to do this will mean that the 27001 certificate is withdrawn.

OHSAS 18001:2007

The Occupational Health and Safety Standard – This standard is current and we are not aware of any changes planned.

AS 9100:2009

The Aerospace and Defence Standard – This standard is based on the 9001 standard and it is possible that this will be updated, but we are not aware of any plans to do this.

ISO 20000:2011

The IT Service Management Standard – Updated in 2011; this is a huge standard and take up has been slow.   To put this standard into perspective, one clause requires the organisation to have an information security management system in place!!

ISO 22000: 2005

The Food Safety Standard - Last updated in 2005.  No plans to update this Standard but some of the subsidiary Standards 22002-6 are under review.

There are, of course a number of Standards that we have not mentioned but are available for certification.  We will keep you advised as we learn about developments.

Monday, 6 January 2014

A Happy New Year 2014

We should all hope that 2014 is going to be a more secure year for our data. It seems that every day brings fresh news that our data has been compromised in one way or another. The chief culprits appear to be government departments, banks and hospitals which are being forced to own up to data breaches.  The fines being levied by the Office of the Information Commissioner are higher if the organisation is caught out rather than owning up to a breach.

In addition to lost data disks, there are paper records discarded in public dustbins and lost laptops by the boat-load. Security which was trumpeted by ministers as being paramount seems to have been very low on their priority list in their own domains. It is also lamentable that there has been a deliberate policy of hiding the facts from those people most at risk.

We must be vigilant as these data breaches might not affect us until some date in the future. Criminals will wait until the furore has died down before using the data illegally.

Let us make sure that 2014 is a year of increased data security, here are a few precautions that can help to reduce the possibility of data loss:
  • Always shred or burn confidential documents or documents having identifiable data;
  • Very confidential documents should be cross shredded rather than strip shredded;
  • Never give passwords or log on information to email enquiries, telephone callers or visitors;
  • HMRC will never refund overpayments of tax to your credit card; It is a scam.
  • Be wary of emails directing you to a bank or other secure site which asks for personal information;
  • Never give passwords or pin numbers to anyone calling on the telephone even if they identify themselves as police or bank officials;
  • Do be aware that information put into social sites such as Facebook may be visible to people other than the intended audience. Dates of birth, names and addresses, telephone numbers and details of family can be used to steal identities.
  • Never dispose of old computers/laptops or tablets until the hard drives have been removed or destroyed; remember deleting or re-formatting the disk does not actually delete the data;
  • Never leave confidential documents on desks overnight or when unattended (clear desk policies);
  • Laptops should be secured with a multi-strand cable to an immovable object like a radiator, when unattended;
  • Laptops should be password protected;
  • Laptops and tablets should kept close to you in public places to prevent theft;
  • Laptop disks should be encrypted, if data is sensitive;
  • Never share passwords and use complex passwords to prevent other gaining access to desktops and laptops;
  • When considering a complex password use a £ as this is not available on non UK keyboards;
  • Never leave desktops and laptops logged in and unattended;

The list goes on and on but use common sense - assume that the worst may happen and take precautions to stop or at least reduce it.

Let us all have a happy and safe 2014


Quality Matters

P.O.Box 5479
Maldon
Essex
CM9 8GG
England

T: 01621 857841
F: 01621 856016
M: 07702 193788

© 2015 Quality Matters Ltd. All rights reserved. Responsive Design