GDPR Compliance for ISO 27001, ISO 20000, ISO 13485

GDPR ISO 27001, GDPR ISO 20000, GDPR ISO 13485

General Data Protection Regulation GDPR was published by the European Union to ensure that Data is secure and used for the right business purpose.

Although the compliance has to be met by organisations, there is no need for any certification by any third party.

To comply to the GDPR and meet the certification requirements for ISO 27001 Information Security Management, ISO 20000 IT Service management, ISO 13485 Medical devices management system, there are 99 articles and 173 recitals to be complied.

Certain additional ISO Standards which can be referred while implementing ISO 27001, ISO 20000, ISO 13485 are ISO 8000-8 Data Quality, ISO 29124 Information Technology security techniques guidance for Data privacy, BS 10012 Personal Information Management system.

The following details have to be known for organisations who implement GDPR, DS – Data Subject, DP – Data processor and DC -Data controller. All the key companies involved in Data processing be it in Europe or any other part of the world have to comply to GDPR.

The word “Third country” is used many times in the GDPR. This refers to the organisations located in other countries other than the European Union EU, who are a party to this and have to comply to GDPR

Upon knowing a Breach, the DS Data subject have to notify the National regulator within 72 hours of such a breach. The guilty could be penalised anywhere between 10 million Euros to 20 million Euros.

Organisations have to deploy as Data Processing Officer who is referred to DPO to monitor the GDPR Compliance.

Wish to implement GDPR along with ISO 27001, ISO 20000, ISO 13485 – Do call us on 9845078743, 9845313910 or just drop an email to SHAKTI@GQSINDIA.COM

ISO 13485 Certification Bangalore, Hyderabad, Chennai

CRITICAL STEPS TOWARDS ISO 13485 CERTIFICATION

Most medical equipment manufacturing companies are guided by GQS consultants and ISO certification body regarding the requirements to be implemented and complied to.

The statutory and regulatory requirements  applicable for medical equipments have to be studied, reviewed and documented before the documentation kick starts. There are over 30 documented procedures and documents needed to roll out the same for implementation.

For these 30 documented procedures, mandatory records over 40 have to be implemented by various departments.

Clinical validation, Clean room validation, Advisory notices, Servicing instruction, Installation instruction, Technology handover post design, Risk assessment based on ISO 14971 covering all harms associated with the use of medical equipments have to be reviewed, documented and implemented.

During Design of these medical equipments, it is important to understand if there are samples or information from patients used are controlled and complied as per the latest EU regulation against Data Protection. The articles and recitals of the 99 GDPR Articles have to be studied and complied.

Should you require further information on ISO 13485 Consultants, ISO 13485 Certification, ISO 13485 Consultancy drop us an email at SHAKTI@GQSINDIA.COM

Call us 9845313910 / 9845078743

ISO 13485 Certification

Opportunities from Risks ISO 9001:2015, ISO 14001:2015, ISO 45001:2018, ISO 22000:2018

iso-9001-2015-iso-45001-2018-iso-22000-2018-iso-14001-2015

Learn and document how to identify Risks and opportunities in the latest High Level structure published by the International organisation for standardization.

The 4 step method to identify, assess and mitigate risks and opportunities as per iso-9001-2015-iso-45001-2018-iso-22000-2018-iso-14001-2015 are illustrated in the image above.

The advantages of these 4 step method is to assure the organisation that all the high risks are identified, assessed as per the documented procedure, mitigated and controlled as per the feasibility and budgets allocated to each and every process by the Leadership team.

Whether it is ISO 9001:2015, ISO 14001:2015, ISO 45001:2018, ISO 22000:2018, ISO 27001:2013, the process of identifying, assessing and mitigating Risks in line with ISO 31000 requirements remains the same.

Should you be interested in consultancy, certification of ISO 9001:2015, ISO 14001:2015, ISO 45001:2018, ISO 22000:2018, ISO 27001:2013, ISO 50001, ISO 55001 Drop an email to SHAKTI@GQSINDIA.COM, 9845313910.

Six ways to upgrade to ISO 22000:2018

Six Ways to upgrade to ISO 22000:2018 by focussing on Interested parties

1. Identify interested parties
2. Collect information regarding their expectations and needs
3. Monitor and review information related to Interested parties
4. Consider these requirements of interested parties in identifying gaps and fill gaps by preparing procedures
5. Review Hazard analysis with team
6. Additional requirements from Interested parties to be considered while assessing Hazards.

Located in Bangalore, Singapore, Malaysia, Indonesia, Sri Lanka, Maldives, UAE – Do let us know as your organisation decides to upgrade / migrate to ISO 22000:2018 Certification.

Call 9845313910 or drop an email to SHAKTI@GQSINDIA.COM

Interested parties ISO 22000:2018

ISO 22000-2018 Road map for certification

ISO 22000-2018 Road map for certification

ISO 22000-2018 Food Safety Management system has been revised and shall shortly be rolled out for implementation and by 2019-20 all food manufacturing companies who are certified to the previous version have to upgrade to the latest version of the FSMS Standards.

The road map for ISO 22000-2018 certification is attached in the image above.

In addition to the Four 4 pillars of the ISO 22000 such as Interactive Communication, Management System, PRP, HACCP –  the following changes needs to be documented and implemented.

1. Understanding the organisation
2. Identification of the interested parties and understanding their requirements
3. Conducting a Risk assessment based on the ISO 31000 requirements covering all processes.
4. Mitigating risks and demonstrating the effectiveness of risk mitigation
5. Hazard assessment
6. Identification of Pre requisite programs based on CODEX or TS 22002 – Part 1, 2, 3, 4
7. Conducting Risk based Internal audit as per ISO 22000-2018
8. Conducting Management review as per ISO 22000-2018
9. Certification to ISO 22000-2018

For ISO 22000-2018 Consultant, ISOS 22000-2018 Certification, ISO 22000-2018 Consultants or Information regarding ISO 22000-2018 migration please contact 98453131910 or drop an email to SHAKTI@GQSINDIA.COM

Know the 7 requirements for certification to ISO 22000:2018

FSSC 22000 Lead auditor, ISO 22000:2018

ISO 22000-2018 Food Safety Management system has been amended as per the High Level Structure HLS and is very soon to be published as a commercial standard for implementation in food industry.

All industries from Farm to Fork and which have been certified earlier to ISO 22000:2005 are supposed to migrate to the ISO 22000:2018 soon. The advantages of migration would that the ISO 22000:2018 is aligned to the new requirements of the standard and can be integrated in line with PAS 99 and certification bodies accredited as per ISO 17021 to certify the new standards.

The advantages for ISO 22000:2018 certification are numerous including integrating the mandatory documentation requirements of the standard to the other management system standards.

The ISO 22000:2018 has brought in more clarity with respect to definitions of

1. Withdrawal and Recall, Emergency preparedness and response.
2. Maintain and Retain documents
3. HACCP Plan preparation
4. Corrective action and Preventive action
5. Risks and Hazards
6. Pre requisite program implementation.
7. Consumer complaints
8. Compliance requirements to meet FSSAI, Customer and other requirements.
9. Agenda points to be discussed in the ISO 22000:2018
10. Integration to additional scheme requirements of FSSC 22000 V4.1 or TS 22002 Guidelines to implement Pre requisite programs.

For ISO 22000:2018 Consultant, ISOS 22000:2018 Certification, ISO 22000:2018 Consultants or Information regarding ISO 22000:2018 migration please contact 98453131910 or drop an email to SHAKTI@GQSINDIA.COM

R2 Responsible Care SERI Certification

SERI R2 CERTIFICATION DELHI, MUMBAI, HYDERABAD

TAJ Computers with its collection centre in Bangalore and processing centre in New Delhi has kick started the R2 Responsible care certification process. Lead by our Senior consultant, the gap analysis based on the standard have been conducted and the documentation process has been kick started.

R2 Responsible care 2013 published by SERI USA is a standard based on recycling electronic goods except for White goods. Right from collection till final disposal, the entire life cycle assessment is carried out and documents based on the standard are prepared. Implementation time frame will take any where between 6 to 12 months depending upon the maturity of the systems implemented.

The provisions of the R2 standard will have to be strictly adhered to achieve the certification from SERI approved certification body.

Looking for a SERI approved R2 Consultant, R2 Certified Recycler in DELHI, MUMBAI, HYDERABAD, CHENNAI or any part of the India, Singapore, Malaysia, Qatar, Oman, UAE, Philippines, Hongkong, Japan, Korea, Vietnam, Taiwan, Cambodia…Just drop an email to shakti@gqsindia.com or call or WhatsApp + 91 9741501910

ISO 50001:2011 Certification Goa

ISO 50001 Training, ISO 50001 Consulting Goa, ISO 50001 Consultancy Goa

Right from conducting Energy audit, Identification of the Significant Energy Use, Documenting over 120 Operational control criteria for various equipments, Identification of Design of new equipments which would reduce power consumption by 45%, Introducing Green Procurement, Identification & Installation of Sub-metering, Calibration of instruments of Operational criteria, Checking Efficiency of HVAC, Delta T of Cooling towers and a whole lot of milestones to reach this stage of Internal auditing for ISO 50001 Energy management at this plant in Goa where the power consumption is over few thousand Megawatt per day !!

Should your company be interested in ISO 50001 Training, ISO 50001 Consulting Goa, ISO 50001 Consultancy Goa, ISO 50001 Certification, call us on 9845313910 or drop an email to SHAKTI@GQSINDIA.COM

ISO 9001:2015 Risk Based thinking training

ISO 31000 Risk based thinking

ISO 31000 – Risk management standards were published keeping in mind that the clause on Preventive action will be sooner or later be obsolete.

Since 2012 all standards being published be it ISO 22301, ISO 27001, ISO 9001, ISO 14001, ISO 50001-2019, ISO 45001 (yet to be published) Addressing risks has become an important part of all management system and is mandatory for organisations to carry out a Risk assessment using any kind of tool such as FMEA, PESTLE, SWOT.

The training at HYCOM Engineers on ISO 31000 and Risk based thinking was carried out to all the team members. The Workshops have helped the team to understand the methodology to conduct the RA and also arrive at a decision method to reduce or eliminate the risks.

The following 4T Rule can be applied to reduce or terminate the risks

1. TERMINATE
2. TREAT
3. TRANSFER
4. TOLERATE

Interested to learn more about Risk assessment or Risk based thinking call 9845313910 or 9845078743 or drop an email to SHAKTI@GQSINDIA.COM

FSSC 22000 Version 4.1 Certification Consultants Bangalore Goa Mangalore

FSSC 22000 Version 4.1 Certificate, FSSC 22000 Version 4.1 Consultant

FSSC 22000 Version 4.1 Certification, FSSC 22000 Version 4.1 Consultant

Vijayanagara Sugar Gangapura completes its FSSC 22000 Version 4.1 Consultancy and documentation project. The entire team of the plant was involved in preparing the TACCP, VACCP for the product right from the Cane until the sugar is transported to the customer.

The changes from FSSC 22000 Version 3.1 to Version 4.1 were explained to the team and the team appreciated the effort by GQS to impart the training to the entire FSMS Team. The FSMS Team Leader applauded the smart way of preparing the TACCP and VACCP assessment workshop. The workshop was very interactive and was tailor made to suit the sugar industry.

Should you be interested in FSSC 22000 Version 4.1 certification or consultancy drop an email or call us on 9845313910 or 9845078743.