ISO 9001 Requirement Dilemma - Security Aspects

Q

QMSNoob

#1
Hi guys,

First of all, thank GOD there's this forum and those special people in it and well met all of you :bigwave:

Now to my dilemma, I'm will participating in a consultancy tender for an oil & gas related park which covers Security & HSE and I'm at a lost in regards to one of the requirement which is to have a QMS manual akin to the ISO 9001 standard particular for the Security aspect of it. Is there a standard ISO 9001 template (documents) that I could base this QMS system on?

Have browsed the web but most seems to offer a generic template that I'm afraid that would not suit my particular scenerio, especially after going thru the forum thread, correct me if I'm wrong, there seems to be a specific type of QMS for specific industry type. I do plan to have it certified soon as it seems to be the standard norm.

I hope someone could point me in the right direction on this one as I just don't which way to start, any feedback would be much appreciated.

Thanks in advance.

-QMSNoob
 
Elsmar Forum Sponsor
P

pldey42

#2
Re: ISO 9001 Standard Requirement Dilemma

I'm no expert in oil and gas but would ISO 29001 help?

According to BSI

"ISO/TS 29001 defines the quality management system requirements for the design, development, production, installation and service of products for the petroleum, petrochemical and natural gas industries.

"Developed as a direct result of a partnership between ISO and the international oil and gas industry (led by the American Petroleum Institute - API), ISO 29001 specifically focuses on the oil and gas supply chain."

If it's like other industry-specific variants of ISO 9001 it will be based upon ISO 9001 but include extra detailed requirements specific to oil and gas.

You can purchase it from BSI or, probably, your local standards institute.

Hope this helps
Pat
 

John Broomfield

Staff member
Super Moderator
#3
Re: ISO 9001 Standard Requirement Dilemma - Security aspect

Hi guys,

First of all, thank GOD there's this forum and those special people in it and well met all of you :bigwave:

Now to my dilemma, I'm will participating in a consultancy tender for an oil & gas related park which covers Security & HSE and I'm at a lost in regards to one of the requirement which is to have a QMS manual akin to the ISO 9001 standard particular for the Security aspect of it. Is there a standard ISO 9001 template (documents) that I could base this QMS system on?

Have browsed the web but most seems to offer a generic template that I'm afraid that would not suit my particular scenerio, especially after going thru the forum thread, correct me if I'm wrong, there seems to be a specific type of QMS for specific industry type. I do plan to have it certified soon as it seems to be the standard norm.

I hope someone could point me in the right direction on this one as I just don't which way to start, any feedback would be much appreciated.

Thanks in advance.

-QMSNoob
QMSNoob,

ISO 28000 perhaps?

However, I see no reason why ISO 9001 cannot be used to assure the quality of security.

Just define your product and the processes that work together in a system to deliver that product.

Then bring your definitions here and we may be able to help you to plan the development of your process-based security management system.

John
 
R

Reg Morrison

#4
Re: ISO 9001 Standard Requirement Dilemma - Security aspect

I'm no expert in oil and gas but would ISO 29001 help?
ISO TS 29001 has a very uncertain future, as API (the real force for 29001 to exist) withdrew support for that standard, in favor of the 9th Edition of API Q1. I suspect that ISO 29001 will die a slow death, specially because no accreditation body under the IAF has ever set up an accreditation scheme for that standard. All certificates issued against 29001 are not accredited.....

ISO 28000 perhaps?

However, I see no reason why ISO 9001 cannot be used to assure the quality of security.
If they want a security and HSE model, try RCMS. If ISO 9001 could be used for any "discipline", why would ISO bother with all other management system standards, such as 14001, 16949, 29001, 50001, 27001, 22000, 28000, etc....?
 
Last edited by a moderator:

John Broomfield

Staff member
Super Moderator
#5
Re: ISO 9001 Standard Requirement Dilemma - Security aspect

Reg,

RCMS is based on ISO 14001 and is not a bad choice.

Neither is applying ISO 9001 to improve the quality of any service or product.

John
 
P

pldey42

#7
Re: ISO 9001 Standard Requirement Dilemma - Security aspect

I'm pleased to see that RCMS is risk-based. For a project involving security I would see risk assessment as an essential element, especially since risks will vary according to what the plant actually does, its location and the neighbouring geography, local political stability, and so forth.

In the absence of anything specific for oil and gas, the ISO 31000 series of standards on risk assessment might be helpful.

And/or, one could consider using ISO/TS 29001 as a model, and getting the resultant system certified to ISO 9001 (on the assumption that 29001 is upward-compatible with 9001, which these things usually are) and using a certification body and auditors with specific competencies in oil and gas services.

Pat
 

John Broomfield

Staff member
Super Moderator
#8
Re: ISO 9001 Standard Requirement Dilemma - Security aspect

Assessing risks is just another process that can result in the appropriate controls being added to the other processes in the process-based management system for realizing beneficial risks (aka opportunities) while limiting adverse risks.

Current revisions to ISO 14001 and ISO 9001 will recognize this.

Customers may still insist on their own variants of these management system standards, instead of inserting special conditions in their contracts, to broaden their choice of prequalified suppliers.
 
Q

QMSNoob

#9
Re: ISO 9001 Standard Requirement Dilemma - Security aspect

Hi Guys,

Thanks for all the feed backs and inputs :applause:

Let me try to shed more light into the requirements for this particular request.

Tenderer request QA/QC for execution for the proposal in regards to the Security consultancy, mentioning ISO standards, whilst it be assessed too for the option of project management. As mentioned it concerns a proposed industrial park that will include a refinery, supply marine base and other oil & gas downstreams'

Would the ISO 9001 be able to be utilised for these requirements?

Is there any drafts/templates in the forum files for any of the suggestions you guys made (ISO 31000, 28000, RSM, etc) apart from the ISO 9001 which I've browsed thru?

I would like to adopt a particular standard that would permit application to most as the company would be handling supply, services and now, consultancy related to the oil & gas industry.

Thanks in advance.
 
Q

QMSNoob

#10
Re: ISO 9001 Standard Requirement Dilemma - Security aspect

QMSNoob,

ISO 28000 perhaps?

However, I see no reason why ISO 9001 cannot be used to assure the quality of security.

Just define your product and the processes that work together in a system to deliver that product.

Then bring your definitions here and we may be able to help you to plan the development of your process-based security management system.

John
Definitions?
 
Thread starter Similar threads Forum Replies Date
C Does ISO 9001-2015 have a requirement for manufacturing equipment to be numbered? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
Q Does ISO 9001 Requirement for Document Approval (a service organization) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
J Does the word "claim" in ISO 9001 Clause 8.2.2 mean "requirement"? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
E Disaster Contingency - Is it a requirement in ISO 9001? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
V Certified Internal auditor is necessary? ISO 9001 requirement? Quality Management System (QMS) Manuals 4
S ISO 9001 Audit requirement for maintenance department ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
Q ISO 9001:2008 requirement for Design Organization Approval prior to "Repair" ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
O Audit Result Breakdowns by ISO 9001 Requirement ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
Q ISO 9001 Requirement(s) for the Review of Work Instructions Document Control Systems, Procedures, Forms and Templates 11
S Is an Annual Supplier Evaluation an ISO 9001 requirement? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
F ISO/CD 9001:2015 - The 6 mandatory requirement (procedures) are extend to 9 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 17
R ISO 9001 - Requirement for Process Audits ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 30
smryan Satisfying the ISO 9001:2008 4.3.2.f External Document Control requirement ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
smryan Satisfying the ISO 9001:2008 7.3.5 Design & Development Verification requirement ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
M ISO 9001 - Requirement for Work Instructions Document Control Systems, Procedures, Forms and Templates 20
B Requirement for ISO 9001 Flow Down to Supply Chain? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
N What Documents are Required for each ISO 9001 Requirement ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
J ISO 9001/AS9100 Requirement for Management Responsibility ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
J ICT Assets and ISO 9001 Clause 7.5.3 - Where Traceability is a Requirement ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
K Is it a requirement of ISO 9001 or ISO 22000 that a document is reviewed? Food Safety - ISO 22000, HACCP (21 CFR 120) 9
Z Job Descriptions - Are job descriptions a requirement of ISO 9001:2008? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
B Inventory Control as an ISO 9001 Requirement ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 17
J ISO 9001 requirement for Sequencing Operation Service Industry Specific Topics 17
A Requirement for Accredited Suppliers - ISO 9001 Clause 7.4.1 Purchasing process Service Industry Specific Topics 4
B Requirement for Review and Re-Approval of Documents - ISO 9001 Clause 4.2.3 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
B Configuration Management - Is Configuration Management a requirement of ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 21
N "Where traceability is a requirement" Record - ISO 9001 Clause 7.5.3 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 16
S ISO 9001:2008 Requirement to Audit 'All Shifts' ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 18
D Customer Property Identification Requirement - ISO 9001 Clause 7.5.4 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 77
P ISO 9001 requirement for SPC (Statistical Process Control) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
B Specific requirement for Internal Auditor training in ISO 9001? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 25
T ISO 9001 Clause 7.3.2 (a) Functional & performance requirement - what does it mean? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
J Design Inputs not Quantitative - ISO 9001 Clause 7.3.2 requirement Design and Development of Products and Processes 19
N Process Maps - If not a requirement for ISO 9001:2000, why bother? Process Maps, Process Mapping and Turtle Diagrams 16
Sidney Vianna Sector Specific Standards based on ISO 9001 as a baseline requirement ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
A Does ISO 9001 or TS 16949 have any requirement like 777 rules for control charts? Statistical Analysis Tools, Techniques and SPC 12
M SPC is not a direct requirement of ISO 9001:2000, correct? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
Miner Poll: How do you comply with the ISO 9001 requirement for Mapping Processes? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
Marc ISO 9001 Three Year Recertification Audit Requirement(s) - Complete Reaudit Registrars and Notified Bodies 6
Sean Kelley TS 16949 supplier certification requirement - ISO 9001:2000? Supplier Quality Assurance and other Supplier Issues 2
J No equipment maintenance requirement in ISO 9001:2000? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
I The certification requirement for Tier II suppliers is ISO 9001:2000 Supplier Quality Assurance and other Supplier Issues 4
E ISO 9001:2000 - Document Disaster Recovery Program Requirement? Document Control Systems, Procedures, Forms and Templates 33
A Is there a ISO 9001:2000 Requirement for Job descriptions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
J ISO 9001 Requirement Review - Beverage delivery company ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
T ISO 9001:2000 Section 8 - Measurment Analysis and IMPROVEMENT requirement? Preventive Action and Continuous Improvement 1
Marc ISO 9001 - Meeting the INTENT vs. Meeting the REQUIREMENT ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 27
Marc ISO 9001 Management Responsibility Requirement ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
D ISO 9001 certificate issued by QMS International for 10 years - legit? Registrars and Notified Bodies 7
S Thoughts on managing ISO 9001, 13485, IATF 16949 and 17025 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 26

Similar threads

Top Bottom