RSS

Tag Archives: Certification

How Businesses Can Keep Customers Safe From Product Injuries

The urgency to protect customers from injuries that can be inflicted by consumer goods is not only the responsibility of manufacturers, but of suppliers as well. In fact, they must ensure that the goods they offer in their business are not banned and meet all the necessary safety standards associated to them. As such, if a manufacturer fails to meet safety standards for his goods, yet distributes them, the possibility of saving customers from injuries will still be great if suppliers make an effort to make certain that the goods are safe. One way for manufacturers and suppliers to determine if their products are safe, is by having the goods tested by independent specializing companies.

How Can A Business Ensure Safety

There are a few ways for a business to acquire written evidence or certification that indicate the products are in compliance with safety regulations.

Businesses can:

  • Commission accredited independent laboratories to reliably test products regularly and provide test reports.
  • Conduct product and material testing by adding necessary facilities, equipment and specializing professionals.
  • Request safety compliance certification from material suppliers or manufacturers, or have third party certification including test report copies.
  • Commission a certification agency to assess the products and provide compliance certification along with safety standards. This option will allow businesses to use the certification on labels on respective products.

How To Choose A Testing Agency

Not all testing agencies or laboratories will carry accreditation, but it is to the advantage of businesses to commission or receive testing and reports from accredited agencies. This is because the agencies are often subjected to vigorous and regular assessments by an independent agency and their reports are considered highly credible in the event a court case is filed against the business by a customer.

It is essential to remember that just because the accreditation of the agency allows testing for a specific or a part of a standard does not imply that it can test for an entire or another standard. Thus, it is important that the accreditation for a specified testing is checked as well as any relevant factors.

In order to determine if the accredited testing agency or laboratory meets the business standards and product needs, here are a few questions to ask before doing business:

  1. What does the agency’s accreditation cover?
  2. Is the agency accredited to test for specific standards or parts of standards?
  3. What is the accreditation reference number?
  4. Is the accreditation directly related to the required testing?
  5. Is it a current accreditation?
  6. If the accreditation is limited, in what way is it so?

What Customers Can Do

Although it is the responsibility of suppliers and manufacturers to provide safe products that pass testing processes, customers can also play their part in ensuring that they are getting safe products. Many customers turn to the internet to make and read reviews about numerous products. As such, customers can base their shopping decision on these reviews or they can also run a background check on the business, the product and the certification the products claim to hold. In the event that a customer is injured due to neglect on the part of the business, then the business can be held liable. However the business in turn can also hold the testing agency or laboratory liable for possible negligence during the testing process that was supposed to identify flaws in order to prevent injuries.

Citations:

Valerie Hanks is a freelance writer specializing in product testing and business management. She regularly contributes articles to Professional Testing “EMI”, Inc. and other business and testing websites.

 

 

Tags: , , , , , , ,

What Does An Information Security Audit Entail?

This article explores how businesses can best prepare for an information security audit, either internally or conducted by external assessors.

Audit = Worry

For many people the very word audit is enough to send them into cold sweats, however if your house is in order, so to speak, there is no reason for this to be the case. An external audit is a mandatory part of becoming certified at ISO 27001 standard. Part of attaining an ISO 27001 accreditation also obliges you to carry out your own, internal audits in order to ensure that the relevant standards of compliant are continuously met in your business.

What does an information security audit look like, in particular in regards to ISO 27001 certification?

The Auditing Process

ISO 27001 follows a three-step auditing process, which is the norm for information security standards, as well as other processes throughout the information technology sector. These steps are clearly broken down and defined so that any issues with non-compliance can be addressed prior to the next stage in the process of ISO 27001 certification.

Stage One: Your Documents

The first stage of ISO 27001 accreditation is an auditing of your documents. This will usually entail a rather informal visit from an external assessor to go through your existing paperwork, and assist you in adding any documents you need to in order to achieve the required level of compliance.

ISO 27001 contains a mixture of mandatory and optional measures. Obviously, the mandatory ones should be fully completed. Only the optional measures which are relevant to your business need be completed, however be prepared to write up more should the external auditor feel that you have not completed a certain one which would benefit your business.

Once all of your documents are in order and up to date, the auditor will leave and return for stage two.

Stage Two: The Audit Itself

This is a formal auditing of your business’ compliance to all of the mandatory guidelines, as well as your chosen optional ones, in ISO 27001. The audit will look to pick holes in your information security management system, and explore flaws which fraudsters and cyber criminals could potentially capitalise on. Take this stage for what it is, and appreciate any learning’s that come from it – you will get the opportunity to address any non-compliance.

Stage Three: Putting It Right And Certification

Stage three entails you carrying out any recommendations made by the external auditor, and providing evidence that these will be an on-going part of your information security processes.

Once these have been completed to satisfaction, you will be awarded the ISO 27001 certification.

Embrace the opportunities afforded by audits, and recognise how carrying out the necessary best practice to a high standard will leave you with nothing at all to worry about.

Iso27001standard provide resources, pdfs and video tutorials to help with implementing ISO 27001.

 

Tags: , , , , , , ,

 
Follow

Get every new post delivered to your Inbox.

Join 4,998 other followers

%d bloggers like this: