Global Community

Hi Community,

Thrilled to see this community live. What nonconformity theme are you seeing most this year (document control, requirements management, processes, SOPs, suppliers, training, change management..)? How are you addressing it sustainably?

In my organization (oil and gas) the majority of NCs are as a result of lack of standardization and enforcement. This is a very crucial gap and a lot of support is needed from Leadership to address. 

My company mostly deals in automotive and aerospace. We're seeing a lot of documentation errors (mostly in the control plans, pfmeas, etc.)- changes not being flowed through to every page, outdated forms, etc. We've had to change our review process and have had to get everyone on board. It's going to be a long process, but we purchased APiS to help us with our control plan documents and it seems to be helping quite a bit. 

I have that concern also. Some organisation when recommended for review of process see it as a waste of time especially when you have the non committed top management 

This is ISO 27001 related.  We are seeing a rise in the number of organisations that have weak or non-existent IT/IS Acceptable Use Policies which do not synchronise with their Discipline Policies.   This raises their risk of data breaches. denials of service and financial theft.  Often a weak Acceptable Use Policy is also coupled to vague or non-existent AI Guidelines - which raises their risk profile even higher.