v=spf1 include:servers.mcsv.net ?all

ISO Certificate for Medical Device Manufacturer

ISO Certificate for medical device manufacturer is available from AAS. To maintain quality for medical device there is a standard which is ISO 13485. The latest version of this standard is 13485:2016. The first version of this standard was 13485:1996 and the second version was 13485:2003. Now all those two versions have been expired.

There is a good similarity between the two standards of ISO 9001 and ISO 13485. However, some differences are still there.  Like ISO 9001 is focused on Continual improvement approach but ISO 13485 requires only that the certified organization demonstrate the quality system is effectively implemented and maintained.

The second requirement is customer satisfaction for 9001 but 13485 does not require it.

For both the standards regulatory body’s requirement is must. In the USA  FDA approval is must and for the EU market Medical Devices Directives 93/42/EEC is required. Many developing countries they do not have any specific guideline from their government end. In that case they can follow the above mentioned two guidelines.

6.4.2 Contamination control is mandatory for 13485:2016 but in 9001 there is no such clause. 5.2 indicates about the Cleanliness of product for 13485.

There is many similarities in both the standards like SOP, procedures, Design, preservation of products, identification of production process, corrective and preventive action, monitoring and measurement of equipment, calibration for the monitoring devices, Internal audit, data analysis etc are common for both the standards.

In Bangladesh there are many medical device manufacturers who are exporting those devices in abroad. They need certificate on ISO 13485. AAS is the authorized channel partner of the certification body IQS Audits and ITCC International which are located in the UK.

To get quotation in the shortest time you may contact this page

Apply for ISO Certification

Apply for ISO Certification is very common question to new comers who are searching for ISO Certification for their organization. I hope this post will help them to get idea about iso certification process. This post is the common certification process for all ISO standards like 9001, 14001, 45001, 27001 etc. Following step by step process will show you how to apply for ISO Certification in Bangladesh:

  1. Find Certification body from Google
  2. Discuss with Certification Body about the process and cost
  3. Apply for Certification
  4. Make  advance payment
  5. Prepare ISO guidelines
  6. Implement ISO guidelines
  7. Do Internal Audit
  8. Take CA Plan
  9. Invite CB to perform audit
  10. Wait for Certificate

If you have question to know more do not forget to post your question at the below of this post or simply visit this page to contact directly with certification body office in Bangladesh. You can send email from that page also to know about apply for ISO Certification.

ISO 14001 Certification

ISO 14001 Certification

iso 14001

ISO 14001 certification for environment

ISO 14001 is environmental management system standard. It is a very effective tool to minimize environmental impacts from the aspects of a factory. Nowadays environment is in great risk. To save our environment this standard can help a company to minimize the environmental damages from various aspects.

Main ingredients of environment are land, air, sound, water, tress, animal, people etc. These major things are badly affected by the factories, power plants, vehicles and others.

Most of the factories do not care about the impacts from their aspects. Though there is local environmental rules and regulations but most of them are not applied  properly in a factory. They are not also checked by the regulatory body sincerely. So, environment pollution is not protected well by local environment laws. Specially in developing countries it is neglected badly. In this case international organization for standardization (ISO) are contributing a lot by publishing the ISO 14001 standard.

Without proper implementation you cannot achieve ISO 14001 Certificate.  Before obtaining this iso 14001 Certification you need to establish documents  and implement all requirements of ISO 14001 :2015 throughout the organization. Then it is mandatory to attend in external audit. You will have to perform internal audit too regularly before and after certification body audit.

Even after obtaining certification you will have to attend in Surveillance audit regularly. Usually once in a year. During the audit NC, Observations and OFI may raised. Against any findings you will have to take corrective action which is mandatory. So, adopting ISO 14001 certification means you are committed to follow the EMS guidelines. If you do not follow those guidelines your certificate may be suspended.

So, adopting ISO 14001 certification is more effective rather than local environmental laws. It does not mean you will not take environment license from the local authority. Legal all certifications are mandatory to run an organization. Not only that during CB audit those legal things are checked by the 14001 auditor.

So, adopting local and international environmental standard  14001 standard can help to save our environment. In this regard both the government, industry owners, stake holders, donors, importers, international agencies,multinational corporations all can contribute to save our environment. ISO 14001 auditors have a great contribution too for proper implementation of EMS standard. Because they works directly with the organization.

Temperature of the environment is  growing unexpectedly. In summer season it is very tough to stay outside. So, life is becoming more stressful and harder for common people who work in the open place. In this regard government, industrially developed countries and international agencies should come ahead to reduce temperature of the environment.

ISO 14001 can guide you how to reduce carbon emission level in the air, water pollution, power consumption control, minimization of sound pollution and air pollution etc.

Like other management system standards it has 10 clauses. Those are:  Scope, Normative References, Terms and Definitions, Context of the organization, Leadership, Planning, Support, Operation, Performance Evaluation and Improvement. To read more you may visit this page.

If you are looking for ISO 14001 Certification for your organization then AAS can be your trusted partner to implement ISO 14001 guidelines in your organization. AAS has expert ISO 14001 auditors and consultants in Bangladesh. To adopt ISO 14001 standard in your factory or organization you may contact here

27001:2013 Implementation

ISO 27001:2013 is the latest version yet for ISMS Certification. Like other management system standards such as ISO 9001, 14001, 20,000, 45001 it has 10 clauses:

  1. Scope
  2. Normative References
  3. Terms and Definitions
  4. Context Of the Organization
  5. Leadership
  6. Planning
  7. Support
  8. Operation
  9. Performance Evaluation
  10. Improvement

The most important requirement for this standard is security threat. Online security threats are including Online hacking, data breaching, data theft, online robbery, money stealing from bank account etc are very common and great concern for IT and data management firm.

Clause 6 and clause 8 are the main clauses where an IT firm can work with more concentration. In the clause 6 it is told about planning. This planning should be done very carefully before starting implementation of ISO 27001 Standard throughout the processes of an organization.

Information security risk assessment and Risk Treatment both the two things are very important for a company who are going to implement this ISMS standard in his organization. Establishment of processes for risk assessment and treatment should be focus point of this clause. To do this two jobs carefully helps can be taken from ISO 31000 Standard.

Specially for financial organizations including bank, insurance, leasing company etc who are thinking to adopt this 27001 standard they should do this two things very carefully. If data or client information is disclosed by online hacker then there is a great loss for that organization. So, unauthorized network or server access is a very very risky incident for an financial institute. Risk assessment time this kind of risk should be taken very seriously.

After identifying risk what will be the possible treatment procedures to measure the risk and what will be be mitigation plan to minimize the losses against those risks. All this things should be clarified very carefully during the working time on the clause no 6.

Another important clause is Operation related and it is 8. It is the main process of a company.  Most of the incidents happen in this stage. Due to lack of security knowledge of IT Staffs many risks are happened in this operation  section. So, 8.2 and 8.3 Sub clauses can be implemented very carefully to minimize any loss in this section. But nothing is written with elaboration in this two sub clauses. That’s why an 27001 Consultant can guide you how to assess the risk and how to minimize the risk in operation.

Software attacks, theft of intellectual property or sabotage are just some of the many information security risks that organizations face in this operation section. And the consequences can be huge. Most organizations have controls in place to protect them, but how can we ensure those controls are enough? The international reference guidelines for assessing information security controls have just been updated to help. ISO 2700, 27002 and 27008 can be good references to work more closely on those risks.

Prof. Edward Humphreys, said,“In a world where cyber-attacks are not only more frequent but increasingly harder to detect and prevent, assessing and reviewing the security controls in place needs to be undertaken on a regular basis and be an essential aspect of the organization’s business processes,”

ISO 27001 is based on PDCA Plan. So before implementation of this ISMS standard you should consider the meaning of P. P means Planning. It should be done carefully. If your planning is not proper and related with your activities then implementation cannot be effective and successful.

So, an expert consultant on 27001 Standard can help you to do the plan properly by focusing on clauses 6 and 8 before real implementation of ISO 27001. Not only for that two clauses rather he will guide you how to apply other clauses like 6,7,9,10 etc in your processes to get real test of ISO 27001:2013 Certification in your organization.

But the problem is lack of 27001 consultant in Bangladesh. Hiring a foreign consultant is a matter of high cost. It is not hard for small and medium size financial organization and IT firm to hire an 27K foreign expert. On the other-hand it is also tough for many organizations to implement 27K requirements just buying some documents from online. There are two causes of it first of all the staffs have no enough time and they are not certified auditor on 27 standard.

So, to implement ISO 27001 requirements properly in your organization there is no alternative to hire a local consultant. Before implementing 27k requirements an  ISMS consultant should study your processes and operation by regular visit plans. After introducing with your processes he will help to asses your risks and establishing your risk treatment plan to mitigation the risk.

AAS-BD has some local 27k Consultants who have working experience with foreign 27k expert in Bangladesh for the last 10 years. So, find your 27 implementer in Bangladesh contact now with AAS-BD.


Fire Accident and ISO Standard

Fire accident and ISO Standard

Banani FR Tower Fire Accident

Fire accident in Bangladesh is a great concern nowadays. Very frequently the fire accident is happening in the country. It is killing people and destroying valuable asset. Not only that it is destroying a family. It is making unexpected burn injury which is very miserable. How long it will continue?

There is building code and fire safety guideline and RAJUK guidelines on behalf of the government for the building maker. But the problem is most of the building owners i.e developers do not obey those rules. Due to the building owners negligence we are seeing this kind of heart broken incident in the city.

Definitely the government agency cannot deny their responsibility. Enough law is there to prevent or minimize fire accident but due to negligence and corruption in the agencies it is still happening very frequently. Lac of monitoring and establishment of judgement for the offenders it is happening. So, government cannot refuge their failure in this incidents.

There is a proverb that prevention is better than cure. During the building construction period developer or building owner should establish this kind of preventive measures. These are establishing fire fighting equipment throughout the building, fire extinguisher, hydrant, reserve water facilities and finally assigning a fire officer or safety officer for the building by providing him proper safety training.

Though some buildings have those facilities but most of the cases there is no designated fire or safety officer for the building. That’s why fire is not controlled in the emergency cases. There should be smoke detector or alarming system which can help people to exit rapidly in emergency cases. However there should have enough emergence exit ways also.

There are few ISO standards like ISO 14001 and ISO 45001 which can be good guidelines for building owners or developers to control the fire. The different between the government fire law and ISO standard is monitoring system. If any company adopt those standard then the Certification Body(CB) auditors contribute a lot.

Before certification they do the gap analysis and suggest what to do according to the ISO standard for minimization of fire accident. After establishing those system in the building the company can achieve the certificate.

After certification it is mandatory the building owner to check their own fire fighting system by performing internal audit. It is mandatory for a ISO certified company to do internal audit regularly usually twice in a year. On the other-hand CB performs surveillance audit once in a year. So, ultimately there is three times mandatory checking system if any company adopts ISO Certificate on 14001 or 45001 Standard.

ISO 14001 and ISO 45001 standard is becoming more popular to save our environment and save people’s health. To prevent accident inside the building both standards can be a very effective tools who wants to control fire accident.

There are few CBs who are working in Bangladesh to provide ISO Certificates. Like others IQS Audits located in the UK is working in Bangladesh with the association of  Advanced Assessment Services