Log in

My tweets

My tweets


My tweets


ISO 27001 certification advice on information security management, it is responsible for the organization in its launch. Implementing or maintaining security personnel. The standard for the development of the organization's safety standards and effective security management practices provides the common base. And provide trust for communication between organizations. The standard pointed out that information is also a kind of asset. It has value to an organization. Thus needs to be properly protected. Information security is provided to prevent a variety of information to be threatened, to ensure business continuity, to reduce the risk of damage to the business, to maximize return on investment and business opportunities. Information security is achieved by implementing a set of appropriate control.

ISO 27001 Certification helps Organization to resolve three aspects including confidentiality, integrity, and availability. ISO 27001 also specifies requirements for the implementation of safeguards the needs of individual organizations to measure, by means of establishing, implementing, operating, monitoring, reviewing, maintaining and improving an Information Security Management System (ISMS). ISO 27001 certification standards have many benefits. In the first place, it ensures compliance with laws and regulations. Second may be the independent validation of the organizational risk, and it can make a correct identification through assessment and management through formal information security processes. Third, the continuous monitoring of organizational performance is increased. It can reach stakeholders of the safety of the company. Moreover, it can conform to the height of the information security.

Benefits of Achieving ISO 27001 Certification within any Organization:

  • Assurance that information security program best practices defined and documented. This assurance would lead to better implementation ISMS.

  • Suitable templates for all ISMS requirements, including registry context, scope, information security policy, risk assessment, performance dashboard, and management review and internal audit -records.

  • Suitable templates for Annexure controls, such as continuity planning, patch management, backup policies, log management, password policies, manuals for human resources, physical security, application development lifecycle, vendor management to name a few

  • Each template has filled in content - that is marked to distinguish the need to be adapted to information for use

  • A guarantee that an organization use these documents they will succeed in both the certification and achieving ISMS investments

  • Documentation is independently checked for accuracy and coverage

  • Worldwide support

My tweets


My tweets


My tweets


ISO 17020 Procedures for Inspection Body

The purpose of this document is to establish the procedure used to evaluate Accreditation Bodies (ABs). ISO 17020 procedures are based on an evaluation additional Sector Specific Technical Requirements for Accreditation Body is providing accreditation to inspection bodies for ISO/IEC 17020.

The inspection body should be able to demonstrate that it is organized in such a way that the work of the staff performing inspections is supervised by personnel who are familiar with the objectives of the inspections, the inspection methods and procedures being used and the assessments of the inspection results. The extent, nature and level of supervision exercised should take in to account the qualifications, experience, training and technical knowledge of the inspection staff and the inspections being undertaken.

ISO 17020 Procedure creates a mechanism for determining the equivalence of the operation of accreditation programs of the inspection body, to the effect that the inspection bodies accredited by these bodies shall be considered to have met the same technical requirements of competence. This procedure will provide necessary opportunities to strengthen confidence through the active participation of regulators, industry and others who have the need to reinforce confidence in the AB group.

When the inspection methods and procedures of ISO 17020 are not defined in regulations, standards or specifications the inspection body itself shall define and document the methods and procedures for inspection. Policies and procedures should assist inspection body personnel in identifying and addressing commercial, financial or other threats or inducements which could affect their impartiality, whether they originate inside or outside the inspection body. Such procedures should address how any conflicts of interests identified by personnel of the inspection body are reported and recorded. Note, however, that while expectations for inspector integrity can be communicated by policies and procedures, the existence of such documents may not signal the presence of integrity and impartiality required by this clause.

List of Procedures in preparing of ISO 17020 Procedures

  • Procedure for Personnel and training

  • Procedure for Equipment, reference standards, reference materials and its transportation, handling and storage

  • Procedure for Purchasing, selection and approval of suppliers

  • Procedure for subcontracting the inspection services

  • Procedure for Handling of inspection items

  • Procedure for Complaint and appeal process

  • Procedure for Control of documents

  • Procedure for Control of records

  • Procedure for Management review

  • Procedure for Internal audit

  • Procedure for Corrective actions

  • Procedure for Preventive actions

  • Procedure for Measurement Traceability and calibration

  • Procedure for Contract review

My tweets




Latest Month

March 2016



RSS Atom
Powered by LiveJournal.com