Yellow font on Black background Black font on White background Black font on Cream background
Call us today 01621 857841 or Email us
Quality Matters Logo

"Quality Matters in your Business"

Monday, 29 March 2010

Risk Assessment and ISO27001

 Last week I travelled to one of my clients in Kent; then traffic was awful and my sat nav took me on a slightly different route.  There was still a good deal of delay and at one point we sat in a queue for some ten minutes, then lorry in front of me suddenly reversed striking my car on the bonnet.  He lorry driver apologised and gave me details of his insurance, registration number etc.  Now I had a damaged car and was very late for my appointment. I was also very irritated that this unnecessary incident had happened.

Could I have prevented it? I don’t think so.  Should I have ignored my sat nav and used my usual route?  Again I don't think it would have been sensible. 

I was going to my client to initiate some risk assessments for their emerging Information Security Management System ISO27001 and it struck me that the data I had concerning the other driver, the accident, his vehicle, his employer and insurance company details were governed by the Data Protection Act and this information would be held by me temporarily but then dealt with by his insurers, my insurers, the repair garage and if there had been any injuries, which fortunately there were none, by Solicitors.  All this information would be held on databases and would be available to a great many organisations.  No wonder I thought about a risk assessment covering all of this, albeit in retrospect.

I  hope to get my car back soon.

Monday, 15 March 2010

Internal Quality/Environmental Auditing

All of the management standards require regular internal audits be carried out by properly authorised and trained auditors.   There are many courses available and with varying costs.

Our own certificated auditing course is run twice each year and represents excellent training in the subject and cost effective.

Each delegate will be able to carry out internal audits in his or her own organisation following a successful participation in the course.  

Our next course is due to be held in Colchester, Essex on 13th and 14th May 2010 and covers:

  • ISO 9001: 2008 and ISO 14001:2004
  • Management System documentation
  • ISO 19011:2002 - Auditing Standard
  • The audit cycle and schedules 
  • Preparation and planning of an audit
  • Conducting an audit
  • Auditing top management
  • Reporting non-conformities
  • Qualification & training of auditors
  • Non verbal communication
  • Live audit practice
  • Tests of competence of delegates

Cost of the course is only £305.00 plus VAT

See our web-site For further details and a booking form.

Saturday, 6 March 2010

This blog has moved

This blog is now located at
You will be automatically redirected in 30 seconds, or you may click here.

For feed subscribers, please update your feed subscriptions to

Security Risks and Social Networks

MySpace, Facebook, Linkedin and Twitter, used by millions yet the risks are not fully understood or appreciated.  Apart from the obvious threats from Trojans, viruses, stolen passwords and other malware, there is also the human risk of hurried messaging which has resulted in embarrassment and security threats to organisations.  The big problem with social networks and email to the same extent is that once sent, the message or information is 'in the wild' and could, if the experts are to be believed, stay on the internet in one form or another indefinitely.  How many of us had wished that they could recall an email one sent?

There are many people who believe that these social sites are secure.  If you are foolish enough to publish details of your address, interests and other personal information you are providing sufficient data to allow your identity to be stolen or misused.

Unfortunately, the information you post today, about a subject you  hold dear, may very well haunt you in years to come.  A future employer may 'Google' your name and all that information could be recovered.  This might be the difference between getting that job or being rejected.

Many companies are barring employees from using these networking sites as it has been shown that some company sensitive bits of information end up being discussed on these sites.  During the last war the enemy used to gather information by listening in to casual conversations in pubs and sporting venues.  A little bit here and a little bit there soon added up to a considerable amount of data once collated. 

The same applies to company blogs and instant messaging systems of all types, indeed a Microsoft employee apparently let slip that the new 2010 office package would be available in March.  This was swiftly denied by an official spokesman, but the damage has been done.

I always advise my clients that the internet is about as secure as writing the same information  on a piece of paper and fixing it to a public notice board in the middle of a busy town.  In short it is not secure at all, unless some elaborate encryption is used. 

One final word on social network sites, if you must use them, please, PLEASE do not use the same passwords that you use on secure sites such as bank, shopping or business networks and think once and think once again before pressing  SEND.

Enough said?

Quality Matters

P.O.Box 5479

T: 01621 857841
F: 01621 856016
M: 07702 193788

© 2015 Quality Matters Ltd. All rights reserved. Responsive Design