The Only Constant is Change in Manufacturing Advances in manufacturing technology is affecting quality management strategies. Companies are reassessing their manufacturing requirements, and many are reshoring to the United States. According to studies conducted by the McKinsey Global Institute, the United States could boost annual manufacturing as much as 20% by 2025. To accomplish this, … Read more
What is an Information Security Management System (ISMS) An Information Security Management System is a collection of policies, procedures, and controls that systematically address information security in an organization. It is a framework based on risk assessment and risk management. The most widely recognized and instituted ISMS in the business environment is ISO 27001. It … Read more
ISO 27001 Protects Vital Sensitive Data ISO 27001 (ISO/IEC 27001) helps organizations treat data security seriously and confidently. It is implemented through documented systems and processes that are designed to guard against the risk of security breaches or misuse of data while ensuring compliance to legal requirements. The ISO 27001 2013 (Information and Data Security) … Read more
ISO 9001-2015 Risk Training Risk Training is a critical component to your transition to the new standard. With the release of ISO 9001:2015 on September 23, 2015, now is the time to prepare. CVG Strategy is offering a half-day 9001-2015 Risk Training course that will highlight the changes from the ISO 9001:2008 revision. A key … Read more
CVG Strategy AS9100 Consulting Team has implemented AS9100D at many companies over the years, and its AS9100 Consulting services are focused on helping small- to medium-sized operations. AS9100 Requirements and the ISO 9001 Standard AS9100 is a quality management system specifically developed for the aerospace industry. The standard was created in 1999. Since then … Read more
Global challenges for cybersecurity resilience were outlined in a recent report from the World Economic Forum. The report, Global Cybersecurity Outlook 2024, analyzes the state of inequity in achieving cyber security, the impacts of geopolitics on the cyber risk landscape, the effects of emerging technologies such as Artificial Intelligence (AI), and the shortage of qualified people … Read more
A secure software development attestation form has been approved by the Federal Government in an attempt to ensure that contracted developers of software assume responsibility for the security risks in the protection of federal information. The form was released by the Cybersecurity and Infrastructure Security Agency (CISA) Office of Management and Budget (OMB) on April … Read more
Quality Management Systems for Defense and Aerospace A deeper look into AS9100D “Quality Management Systems – Requirements for Aviation, Space, and Defense Organizations” reveals the ability of this powerful QMS to continually improve products and processes within an organization. AS9100D is a Quality Management System (QMS) based on the structure and content of ISO 9001:2015 … Read more
Hosting giant, GoDaddy, has disclosed a Multi-Year Security Breach that has compromised customer security and may cause infection of websites. This is a noteworthy concern as the company acts as a hosting service for 20 million customers worldwide. The first breach was reported in November of 2019. Since this time the company has reported two … Read more
Tabletop Exercises for Cyber Incident Response teams are effective tools for assessing the ability of an organization to protect and preserve sensitive data. These exercises engage team members to respond to a variety of scenarios. This provides an evaluation of the Cyber Incident Response Plan’s technologies, processes, and personnel’s ability to maintain confidentiality, integrity, and … Read more
Maintaining a CMMC program requires that organizations engage management system principles in their daily cybersecurity programs. These activities will be essential for Department of Defense (DoD) contractors to remain compliant. Current CMMC Requirements Currently CMMC 2.0 requirements are divided into three levels of compliance: CMMC Level 1 – Foundational is comprised of the 17 practices … Read more
The Federal Communications Commission (FCC) and Homeland Security Bureau have designated Huawei and ZTE as threats to U.S. national security. Because both Chinese companies are subject to the Chinese Communist Party, they are required by law to cooperate with China’s intelligence gathering activities. China has developed an arsenal of cyber capabilities to target U.S. information … Read more
FBI concerns about TikTok’s use of U.S. citizens’ user data were conveyed to the House Committee on Homeland Security by Director Christopher Wray. The Chinese owned social media app currently has over one billion monthly users. Among the FBI’s concerns is that the Chinese government could conduct influence operations with the app or use it … Read more
In an effort to improve cybersecurity in the United States, the National Institute of Standards and Technology (NIST), Federal Trade Commission (FTC) and other federal government agencies are initiating an Information of Things (IoT) product labeling program for consumer devices. This action is being taken as part of Executive Order (EO) 14028 to improve the … Read more
FDA Title 21 Part 820 Background FDA Medical Device Regulations were developed to establish a standardized quality management system requirement for manufacturers of medical devices sold in the United States. The Food and Drug Administration (FDA) included medical devices to FDA Title 21 Part 820 in 1978. These regulations establish Current Good Manufacturing Practices (CGMP) … Read more
The Truth About Iranian Cybersecurity Threats Given recent headlines, one might conclude that Iranian Cybersecurity threats were a new development. In fact, Iran has been a player in the international cyber game since 2002 with the formation of the Ashiyane hacking forum to repress dissidents. By 2007, government backed organizations had begun to develop sophisticated … Read more
