As we have mentioned before AS9100 REV D is very much focused on understanding the Risks in your Quality Management System and to your organisation plus how you will handle them. It makes sense, working in the aviation, space and defence industries is risky and the products that come out of those industries are perhaps the some of the highest risk ...

What would you do if one day your accountant walked in and said Ok boss, we have no money and the bank is going to have to step in. They are going to keep us afloat and let us trade out of the problem, but we need to improve what we do. They want us to increase our productivity, reduce our money tied up in WIP & stock, oh, and they will not let...

The interesting thing about the leadership clause of any standard is that it is one many organisation do not pay enough attention to. It tends to be an area where people still believe it is the quality or the safety or the compliance manager's role and so the senior management team take a hands-off approach leaving things to the person they have ha...

Clause A6, Organisation of Information Security, of the ISO 27001 is about providing guidance on the management framework of your Information Security Management System (ISMS). Clause A6 is split into two sections, A6.1 covers the Internal Organisation while clause A6.1 covers Mobile Devices and Teleworking (remote working) which is particularly on...

The great thing about lean is that there is always more to learn, there is always improvement in the thinking, the methodologies, the approaches, and the tools that get used. However, the underlying idea never changes, people somehow manage to complicate it when trying to explain what lean is and that perhaps is one of the things that make people t...

How many times have you heard that a new process or a business change was being done to align to 'best practice'? Other phrases in the same mould are 'that this new process or methodology has worked in many organisation before it'll work here' or even better, 'we work to 'industry standard'? They are all the same thing when it boils down to it, a s...

ISO27001:2013 Annex A for Information Security Management Systems may seem like a bit of a long list of controls, there are 114 of them after all! However, it is fair to say that Annex A of the standard is quite possibly the most important section of the standard because it list's the controls that you need to consider and where appropriate have in...

When you read through AS9100 D you will notice that where ISO9001:2015 may hint at something or assume you understand what it means, AS9100D is far better at being explicit in what it's talking about. Right off the bat in the scope of the standard for example it states "If there is a conflict between the requirements of this standard and customer o...

Over the weekend I send some time down in Twizel which is in middle of New Zealand South Island. It is nestled not far from Mount Cook, NZ's highest peak and Queenstown, the adventure capital and is home to some of the most traumatic scenery and stunning views around, especially in autumn as the leaves turn golden and start to fall to the ground. I...

I remember sitting in Biology back in high school (admittedly a long time ago) and the teacher explaining that our bodies were just a big battery for our brain. Sure, we have arms for reaching out and grabbing things, typically food, legs make us mobile so we can run away from the sabre tooth tiger and of course eyes to see the same sabre tooth tig...

Clause 10 of ISO27001 Information Security Management Systems (ISMS) is where you get some serious value for your organisation. Along the way to implementing your ISMS you have planned things out, you have implemented your information security management policy, implemented various new processes and systems and in your internal auditing process you...

It does not matter if you are working to achieve or already have your International Standards Organisation (ISO) certification internal auditing is a key element you need to master. Internal auditing seems to be one of the areas of real trepidation and confusion around the requirements for internal auditing programs. When we talk with clients who a...

ISO27001 for Information Security Management Systems clause 9 Performance Evaluation is full of that favourite ISO term "shall" which as we all know means you must do what they are asking. Clause 9 is split into 3 subclauses to help focus you onto the things that really drive the performance evaluation requirements in any management: 9.1 Monitoring...

The world of compliance is changing, it has had to change. The days of printing a forest worth of trees for your management systems and then keeping them, all safely tucked into a in a folder on the top shelf, is not something you can do today. COVID-19 has surely put paid to that myth once and for all? The idea of looking them it the week before a...

Going through university I studied manufacturing systems which is a fancy title for industrial engineering. We were the guys who learned lots about figuring out how to be productive. After university I landed a great job in an electronics company working as, you guessed it, a production engineer. Our focus, we were told was to create processes and ...

Pretty much everyone in industry at some level have heard of ISO 9001, it is the world's benchmark for Quality Management Systems, not as many however have heard of AS9100D or AS9100:2016 Rev D to give it it's full title. So, what exactly is it and why talk about it alongside ISO9001? AS9100D is the Quality Management Systems - Requirements for Avi...

ISO27001 for information Security Managements Systems Clause 8 Operation is where the rubber starts to meet the road, this is the part of the standard that requires to you to do what you have so far said you will do. If you think about the structure of the standard and apply the Plan Do Check Act (or Adjust) approach that the standard takes then th...

Even for the experienced ISO Systems manager, audits can be a nervous time. The second guessing of what you have created in your systems and what your ISO certification auditor is going to be looking for can lead to over thinking things and even on extremes the odd restless night. It does not matter if you are certifying to ISO9001 for quality mana...