According to Wikipedia, business continuity is defined as "the capability of an organization to continue the delivery of products or services at pre-defined acceptable levels following a disruptive incident" and the business continuity planning is the planning work that goes into the systems and processes you need to put in place to account for tho...

One of the challenges with quality management is building systems and processes that are simple enough for people to use, and want to use, but be robust enough to give you what you need to achieve. As I've talked about before, we spend a lot of time with clients helping them simplify their systems, people will use a simple system every day of the w...

If you think about the first 7 clauses of the AS9100 REV D as building the framework of your Quality Management System, then section 8 - Operation is very much about putting some substance on that framework and as a result it's quite in depth in its requirements. Section 8.1 - Operational Planning and Control, that we will discuss here, gives the r...

Beware the HiPPO! It sounds like something out of the latest blockbuster superhero or horror film doesn't it, a dire warning to the hero about the danger the HiPPO poses with the expectation that the hero, at some point, will have to face the HiPPO and survive. Encountering a HiPPO can range from being terrifying too hilarious to, well, depressing....

When we are talking to our clients about steps, they can be taking to improve their management system is stressing the need to capture any incidents that have occurred and improvements that they have made. Rather than thinking about these things as negatives because something was not right, and it created an incident or needed improvement, we help ...

Clause 7.5 - Documented Information within the AS9100 REV D standard highlights what is required when creating and controlling documentation that is required to support your Quality Management System for Aviation, Space, and Defence Organisations. The requirements for how you manage and control your documented information have changed since technol...

Like many of the ISO standards ISO27001 for information security management systems needs you to have a relationship with your supplier, that relationship of course should be one of mutual benefit and respect what Annex clause A15 does however set up the requirements for implementing some targets in terms of information security requirements.  ...

I always remember the 1st time I helped implement 5s into a factory. 5s (Sort, Set, Shine, Standardise and Sustain) is one of the many 'tools' used by organisations when moving to taking lean thinking. The driving force was actually from the maintenance department at the time rather than operations, which still surprises some people. People still t...

For many organisations having any form of information security system is new, and that can make it a little challenging. It means that you are having to graft your new systems onto what you already have, which is tricky. However, there will come a point that the next system you need isn't one you had before you system, its new and so the very best ...

AS9100 clause 7.4 Communication is a small and innocuous clause, there really doesn't seem too much to it on the face of it. This clause in Rev D of the AS9100 standard for Aviation, Space and Defence organisation is all about ensuring that those within your organisation and outside of it get the right level of communication about your quality mana...

One of the great things that we see happening in the compliance world at the moment is an upsurge in the interest in gaining accreditation to ISO14001 for environmental management systems (EMS). There a lot of factors generating this interest from contractual requirements including the need for environmental sustainability or certification to busin...

While this annex clause of ISO27001 for Information security management systems (ISMS) is named Communication Security, think of it more as the security linked to how you move your information around both internally and externally of your organisation. The clause is split into two parts which really link to that internal & external thinking. A1...

I overheard a conversation in a café the other day between a few people sitting round a table in what I presume was an off site catch up for the management team. They were discussing some of the challenges that they were having and how tough things had been throughout the covid pandemic for them. They had managed to get through by being really cash...

Although AS9100 REV D requirements for your Quality Management System (QMS) is built on top of the ISO9001:2015 standard, there are a few areas where the requirements of the Aerospace standard are different or there are additional requirements, AS9100D Clause 7.3 for Awareness is one oof those areas.   Clause 7.3 - Awareness  This section...

Annex 12 – Operational Security for your ISO27001:2013 Information Security Management System (ISMS) is a pretty substantial clause since it's all about preventing the loss or availability, integrity and importantly confidentiality of your business information. By substantial we mean there are 14 separate elements for you to think about controls th...

If I knew then what I know now… The inference from that little phrase is that you would obviously make a different decision and so things would turn out better. Often however that's not the case, certainly not with people at work. We all hire people who aren't suited for the company, they aren't necessarily bad people, it's just they don't fit the ...

This Week's Question  This is a question that comes up a lot in discussions when we're implementing some lean with clients, "If we want to have a lean culture what is more important, respect for people or continuous improvement? Surely, they are both equally important? " The Feedback No! It's kind of chicken in the egg, so if you think about i...

Within the AS9100 REV D standard Competency (Clause 7.2) and Awareness(Clause 7.3) are split into 2 separate clauses, that makes sense if you look at competency as purely skill or knowledge based but you do have to ask if it is to have any Competency without Awareness (or Communication!). As an organisation it';s for you to decide how you manage it...