Kitchen Chat and more…
Kitchen Chat and more…
The latest edition of ISO 13485, the internationally recognised quality management systems standard for medical device industry, with over 27,000 certificates globally, has been published on March 1, 2016.
ISO 13485:2016 identifies the requirements for a quality management system (QMS) in which an organisation needs to demonstrate its ability to provide medical devices and related services that consistently meet both customer and regulatory requirements.
This third edition cancels and replaces the second edition (ISO 13485:2003) and ISO/TR 14969:2004, which have been technically revised. It also incorporates the Technical Corrigendum ISO 13485:2003/Cor.1:2009.
Some of the most critical changes in the 2016 version include:
The ISO 13485 standard was updated for two main reasons: to keep up with changes in the industry and to address changes in the underlying ISO 9001 standard. While the old ISO 13485 2003 standard was based on the old ISO 9001 2000 standard, the new one is based on ISO 9001 2008. While some people expected the new ISO 13485 standard to use the latest ISO 9001 2015 standard, ISO TC 210 evidently feels that the older ISO 9001 standard better serves the needs of medical device suppliers, regulators, and customers.
For the convenience of users, below table shows the correspondence between these two standards.
Please contact us if you need our hands to assist you for develop and establish your management system in compliance with the requirements of ISO 13485:2016 standard. We also offer a gap assessment service to find out how close you are to your ISO 13485:2016 certificate.
ISO 27001 is an internationally recognized structured methodology dedicated to information security and the only auditable international standard which defines the requirements for an Information Security Management System (ISMS). The ISO 27000-series comprises information security standards published jointly by the International Organisation for Standardization (ISO) and the International Electro technical Commission (IEC).
The series provides best practice recommendations on information security management, risks and controls within the context of an overall Information Security Management System (ISMS), similar in design to management systems for quality assurance (the ISO 9001) and environmental protection (the ISO 14001).
The series is deliberately broad in scope, covering more than just privacy, confidentiality and IT or technical security issues. It is applicable to organisations of all shapes and sizes. All organisations are encouraged to assess their information security risks, and then implement appropriate information security controls according to their needs, using the guidance and suggestions where relevant. Given the dynamic nature of information security, the ISMS concept incorporates continuous feedback and improvement activities, summarized by Deming’s “plan-do-check-act” approach, that seek to address changes in the threats, vulnerabilities or impacts of information security incidents.
ISO 27001:2013 has the following sections:
Annex A Reference control objectives and controls, little more in fact than a list of titles of the control sections in ISO 27002. The annex is ‘normative’, implying that certified organisations are expected to use it, but they are free to deviate from or supplement it in order to address their particular information security risks.
Certified compliance with ISO 27001 by an accredited and respected certification body is entirely optional but is increasingly being demanded from suppliers and business partners by organisations that are concerned about the security of their information, and about information security throughout the supply chain or network.
Based on ISO survey 2013, more than 22,000 of ISO 27001 certificates have been issued all over the world. Out of these certificates, Australian share was only 140 certificates. However, based on the information security attacks and vulnerabilities reports which are published every year, we can see the need for Australian corporations to consider the ISO 27001 as the best practice. There should be some reasons why Australian rate of using ISO 27001 is so much lower than developed countries. Some of those reasons could be:
Please contact us if you need more details on how our expert team can assists you in training and developing a new or updating your current ISMS in compliance with ISO 27001:2013 standard.
After three years of revision work, the ISO 9001:2015, the most popular management system standard with over 1.1 million certificates globally issued, has published now. Similar to ISO 14001:2015 which was published mid-September, it has been also restructured based on High Level Structure (HLS) to be aligned with other management systems.
The new version is adapted with 21st century circumstances with more focus on performance and process approach and less requirements for documentation and compliance.
The process approach which is introduced as a “requirement” now will challenge both organisations and auditors how to restructure the existing functional approach to a process-based mindset throughout the whole organisation in design, implementation and auditing.
Need to understand the context of the organisation and the needs and expectations of interested parties helps the organisations to establish and implement a quality management system which is tailor-made to add value to the organisation and its interested parties rather than a bunch of document to tick the boxes and satisfy the auditors.
The risk-based thinking is a real masterpiece in the 2015 version. It will help the organisations to consider both adverse and beneficial impacts of its processes, products and services internally and externally.
Change management is also a breakthrough in this version which reduce the risk of unplanned changes which can potentially cause even more issues. Any changes are supposed to be reviewed and analysed in advance considering the risks and impacts to internal and external interested parties.
Regarding the changes in the new version such as “Design & Development” and “Measuring equipment” clauses, it is more understandable and adaptable for service sector.
International Accreditation Forum (IAF) has provided a guidance for the transition from ISO 9001:2008 to ISO 9001:2015. ISO 9001:2008 certifications will not be valid after three years from publication of ISO 9001:2015.
Please contact us if you need our hands to assist you in the journey of transition to the new version of standard. We will help you assess the gaps between your existing system and the requirements of the new version and also assist you in filling the gaps and getting ready for ISO 9001 certification.
Level 5, 7 Eden Park Drive, Macquarie Park, NSW 2113 Australia
(+61) 02 8935 9472
Level 9, 440 Collins St., Melbourne VIC 3000 Australia
(+61) 03 9190 8986