The Elsmar Cove Wiki More Free Files The Elsmar Cove Forums Discussion Thread Index Post Attachments Listing Failure Modes Services and Solutions to Problems Elsmar cove Forums Main Page Elsmar Cove Home Page
Google
  Web Elsmar.com
*Please be aware that SOME RECENT forum threads may not yet be indexed by Google.
PDA

View Full Version : Auditing TS 16949, Section 6.3 for information systems

vanputten
6th July 2005, 02:52 PM
Hello All:

I am not sure if this my question belongs in the TS 16949 forum or here?

I would like to learn from others what (if anything) they audit in terms of computer system infrastructure, MIS, IT, etc. in relationship to section 6.3 of TS 16949? I am interested in learning from either internal or external auditors.

Thank you, Dirk
Marc
7th July 2005, 05:25 AM
One aspect is data backups. Another is where software is written in-house - Look at change control and validation.

Just a couple thoughts. Hopefully some others here will have some comments.
cheahga
11th July 2005, 06:23 AM
Hello All:

I am not sure if this my question belongs in the TS 16949 forum or here?

I would like to learn from others what (if anything) they audit in terms of computer system infrastructure, MIS, IT, etc. in relationship to section 6.3 of TS 16949? I am interested in learning from either internal or external auditors.

Thank you, Dirk

Hi Dirk,

How are you? :bigwave: You always have good input to the cover. I always get some input from your post.

I hope I can contribute my view on your post, my personal point of view when I look at MIS in TS:

I would look at the aspect of hardware/ software failure which could lead to production halt situation.

Also, security threat maybe an area not to be missed, as virus protection failure could lead to disaster.

Of course, as what Marc is saying, backup frequency and validation of data back up.

In actual facts, BS 7799/ ISO 17799 could be use as some references.

Hope this input does help.
antoine.dias
11th July 2005, 07:33 AM
IMO there are different processes - in the IT environment - to be audited.

Define infrastructure
Implement infrastructure
Maintain infrastructure

to name a few.

Best thing to do in the ISO TS environment is to make turtles on those processes. With the turtles you have most items that should be audited.

I've attached an example of such turtle I found somewhere in the archives.

Hope this gives a push in the right direction.

Antoine
vanputten
12th July 2005, 01:29 PM
Thank you for the repsonses. Great stuff!

Regards, Dirk
jmp4429
12th July 2005, 01:41 PM
Just wanted to add security as far as confidentiality of customer information. We basically say we have a firewall to prevent hackers from getting onto the network, and that only authorized people have access to the network, and they have signed a confidentiality agreement.