Welcome to Sustaining Edge Solutions E- Newsletter
Our newsletters provide guidance on operational and quality systems ISO 9001, AS9100, ISO/TS 16949, TL 9000, ISO 13485, ISO 14001, and others. This includes process improvement methods Six Sigma, Lean Enterprise, and other topics of interest to our readers.
If you have any questions about the articles appearing in this issue, or you want to suggest topics for future issues, please let us know.
Security matters have become an integral part of daily life, and organizations need to ensure that they are adequately secured. Businesses risk losing over $1 trillion from loss or theft of data and other cybercrime, according to a recent study by security technology firm McAfee. They found that malware increased by 400 percent last year
The survey found 80% of the malware is aimed at making a financial gain, rather than the traditional viruses and worms which just have nuisance value. The increase in the availability and power of removable storage, such as mobile phones, laptops, and USB sticks, has made data loss or theft much easier.
Data loss is a major threat in today’s technology world and it may be the right time for your organization to consider implementing an ISO/IEC 27001 Information Security Management System (ISMS).
An ISMS describes activities that relate to the protection of information and information infrastructure assets against the risks of loss, misuse, disclosure or damage. describes controls that an organization needs to implement to ensure that it is sensibly managing these risks.
The risks to these assets can be calculated by analysis the following issues:
According to the ISO/IEC committee responsible for this standard, ISO/IEC 27001 is intended to be suitable for several different types of use, including:
As the trend in information security continues to change from technical security controls to a greater concern for overall business risk management, ISO 27001 will continue to grow as the recognized standard to guide businesses in the establishment of an acceptable level of risk tolerance and to successfully manage and mitigate risk in an interconnected eBusiness environment.
Look for more information on ISO 27001 including its companion documents and our ISMS services later this month on our web site.
The current economic conditions provide an excellent opportunity to implement error-proofing in our product designs and processes. You have probably heard many names used to describe error-proofing, such as poke-yoke, idiot proofing, fail safes, and mistake- proofing.
Mistake-proofing is the term applied to prevent mistakes from occurring in the manufacturing process, to eliminate the error from further processing, to warn that the error has occurred etc. We use error-proofing in design to prevent assembly errors. Examples include adding design features upside-down; backwards or reversed assembly; using snap-together features to eliminate fasteners (thus eliminating missing fasteners or incorrect, high/low torque etc.). However, most people use the terms mistake-proofing and error-proofing interchangeably.
W. Edwards Deming observed: “Quality comes not from inspection, but from improvement of the process.” It’s a point that’s too often forgotten. Rather than looking for defects after the fact, the true goal of manufacturing engineers and managers should be to install processes that yield zero defects.
Error – proofing falls into certain specific categories:
Approaches to error proofing include prevention, which seeks to prevent errors from creating defects, and detection, which detects defects and immediately initiates corrective action to prevent multiple defects from occurring.
A very useful tool in error proofing is Failure Mode Effects Analysis (FMEA). Our March Newsletter included information on the purpose, risk Identification and control of FMEA.
Why implement an error-proofing system?
When writing a procedure, keep in mind these questions:
A newly revised ISO standard will facilitate even further the application of the ISO 14000 series on an environmental management system (EMS). By establishing a common vocabulary, the standard will ensure the effectiveness of communication, key for the implementation and operation of environmental management systems.
This third edition of ISO 14050:2009, Environmental management – Vocabulary has been fully updated to include the latest developments in the field. The standard now provides clear and concise definitions of all concepts and terms used throughout the ISO 14000 series in the three official ISO languages, English, French and Russian, as well as in Arabic and Spanish. The standard also provides equivalent terms in Dutch, Finnish, German, Italian, Norwegian, Portuguese and Swedish.
An ISO survey published last year showed that up to the end of 2007 at least 154,572 certificates of compliance with ISO 14001:2004 (requirements for environmental management systems) had been issued in 148 countries.
Håvard Hjulstad, Convenor of the ISO/TC 207 Terminology Coordination Group which developed the standard, said “Given the global context, and the extent of the application of the ISO 14000 standards, it is clear now more than ever that ISO 14050 is crucial for ensuring that all the users of these standards are on the same page, no matter where in the world they are.”
Currently there are 21 published standards in the ISO 14000 series. ISO 14001 and ISO 14004 provide requirements and guidelines for establishing an EMS. The rest address specific environmental aspects including labeling, product design, performance evaluation, greenhouse gases, life cycle assessment, communication, and auditing. ISO 14050 compiles the terms in all these standards in one practical document.
Aligned with the release is a video clip, ISO 14001 – the world’s environmental management system standard. The video clip can be downloaded free of charge from ISO’s Web site. It is also available in high resolution on DVD for being shown in conference settings. The DVD version is also free, although postage and handling will be charged. Watch the 5 minute video clip in English only on YouTube.
We do offer training and consulting services in 14001 EMS.
When application software is used accurate information about how the software will help the user accomplish a task is necessary. The documentation may be the first tangible item that the user sees and therefore influences the user’s first impressions of the software product.
ISO 26514:2008 – Systems and Software Engineering – Requirements for Designers and Developers of User Documentation, covers the phases involved in designing, specifying, and producing user documentation. It is divided in two parts:
1. The first part covers the user documentation process for designers and developers of documentation. It describes how to establish what information users need, how to determine the way in which that information should be presented to the users, and how to prepare the information and make it available. It is not limited to the design and development phase of the life cycle, but includes activities throughout the information management and documentation processes.
2. The second part provides minimum requirements for the structure, information content, and format of user documentation, including both printed and on-screen documents used in the work environment by users of systems containing software. It applies to printed user manuals, online help, tutorials, and user reference documentation.
The standard recommends that development of the user documentation should be part of the development of the software product, and follows the same processes as the software product life cycle.
ISO 26514 is the first of a new suite of standards planned to address software user documentation. While ISO 26514 was developed to address the needs of user documentation designers and developers, three further standards are being developed that will address the needs of managers, acquirers and suppliers, and testers and assessors of software user documentation.
To order ISO 26514:2008 in e-Standard format visit the ANSI web site.
To see the course description, schedule, and on-line registration click on the course title below. Courses are awarded Continuing Education Units.
All courses can be delivered at your company. Don’t see a course, location, or date that fits your needs?