September 2019
Welcome to your September 2019 Newsletter
This month's newsletter offers insights and free resources to keep you up to date on a range of compliance and risk management issues.
Included in this edition:
What's the best quality management tool?
Preventing human error | New ISO 27001 Gap Analysis tool
Ask the experts (about interested parties) | Audit template (also for Interested parties) Qudos 3 IMS software update | Qudos Club news | New Qudos reseller
What's the best quality management tool?
There are many quality management tools available and some have been in existence for a good number of years. Process analysis and improvement tools played a major part in the early development of quality management. However, with the increased emphasis being placed on documented systems. The focus of the 'Quality Manager' role seemed to evolve from facilitating improvement to administration of documents and records. As a result, many tools and techniques were put in the shade.

In some quarters, a 'knowledge gap' has been recognised with a revival of interest in these tools. Here, we discuss the best of them.

Best Quality Management Tool
Ask the experts
The latest in our series of FAQs on compliance and risk management.

What evidence should we provide for compliance to ISO 9001:2015 clause 4.2 Interested parties?

This is a clause that was essentially new with the release of the 2015 version of the standard. In summary, it requires your organization to:

(a) determine who is an interested party that is relevant to your QMS
(b) determine their requirements that are relevant to the QMS
(c) monitor and review the above (e.g. to consider any changes)

Note the use of the word 'relevant' above.

The standard doesn't actually specify any requirements for documented information. However, you need to consider how would you provide evidence if it wasn't documented? One option is to create an 'Interested parties table' that is a standalone document or forms part of a Quality Manual or QMS Overview. One useful model would be a 4-column table.

  • The 1st column is to list the interested parties.
  • The 2nd column is to list their relevant needs and expectations.
  • The 3rd column identifies whether the item is a 'compliance obligation' e.g. a legal, contractual requirement or other requirement that you choose to comply with.
  • The 4th column references what you do to meet the identified needs / expectations.

An example of such a table is included in Quality Toolkit . This is available to Qudos 3 IMS software subscribers and Qudos Club members.

Evidence of monitoring and review can perhaps be provided by including the subject as an agenda item in your management review. Its worth noting that although ISO 9001 requires monitoring and review, some of the other standards do not. We still think it's good business practice to do this.
Internal audit template - Interested parties

We usually try to include a free audit template in each of our newsletters. This is no exception. Here is an template checklist for verifying that the needs and requirements of interested parties are understood and incorporated into your management system.

Interested Parties
Major update to Qudos 3 IMS software
Earlier this month, we released some significant updates to cloud-hosted users of Qudos 3 IMS software. The enhancements included:

  • New, fully-integrated ISO 27001 Gap Analysis tool (see article below)
  • Improved Actions module
  • Improved Supplier module
  • Improved Risk module
  • Drag-and-drop facility for Attachments throughout the software
  • Enhanced document deletion process
  • Client logo facility added to Main Screen 
  • New training videos
  • Updated Quality, OHS, Environmental and Information Security toolkits

Additional features in the Risk module are also being added next weekend. These changes are planned to be released to self-hosted clients during October.

Contact us  for further details
Qudos3 IMS interface
ISO27001 Information Security
Adoption
It seems that every day another information security incident makes the news. Now, more and more organizations are implementing ISMS (information security management systems) to preserve the confidentiality, integrity and availability of their information. While there are many frameworks upon which to base an ISMS, ISO27001 is fast becoming the industry-standard model and benchmark in the topic.

Taking the first step
Whether you are seeking certification or just want to base your information security on the industry-standard model, t he first step is the same . That is to conduct a  Gap Analysis  . In other words, a check of the current system and controls against the requirements of ISO 27001. The analysis can be performed in-house or with the help of a professional consultant. Either way, a Gap Analysis checklist is required.

New, fully-integrated Gap Analysis Tool
Qudos is proud to announce the release of the fully-integrated Gap Analysis software tool in Qudos 3 IMS software . This offers an ISO 27001 checklist with verification and results fields that may each be linked to independently-assigned Actions to address the gaps identified. These Actions may be easily monitored for progress until the gaps are closed out. This powerful tool is available now to all Qudos 3 users. It joins a series of Gap Analysis tools for other ISO management system standards.

Contact us  for further details about the new Gap Analysis tool or to ask about Gap Analysis services.
Preventing Human Error
The latest version of ISO 9001 included many significant changes, and the headline acts were probably the change in focus from documentation to risk management, the enhanced process requirements, and the adoption of ISO's common structure and terminology.

However, there were a few requirements that slid in without much fuss and fanfare. One of them is in clause 8.5.1 Control of production and service provision. A controlled condition that appeared for the first time is 'the implementation of actions to prevent human error'. So, what is human error and how can we prevent it?

Preventing Human Error
Qudos is delighted to welcome Auditor Training Online as the latest, authorised reseller for Qudos 3 IMS software and Qudos Club online library.

Auditor Training Online is a Registered Training Organisation for Management Systems Auditing courses. They provide Lead Auditor and other online courses for Quality - ISO 9001, Environmental - ISO 14001, OH&S - ISO 45001, HACCP, and Integrated Management Systems (Quality, Environment and OH&S).

There is a great deal of synergy between Qudos and Auditor Training Online, and we look forward to exciting developments ahead.

Click here f or more information on Auditor Training Online
Qudos Club News
Qudos Club is the comprehensive online library for compliance and risk management.

Recent developments include a smart new interface and updates to all toolkits. September also brings an introduction to ISO 27001.
Qudos Club Logo