Export Compliance Program Management Effective export compliance program management poses challenges for organizations of all sizes and sectors. U.S. export regulations such as the Export Administration Regulations (EAR) and the International Traffic in Arms Regulations (ITAR) are complex and under constant revision. Compliance is further complicated for organizations that have multinational operations and must therefore … Read more
Why Have a Quality Management System for Service Industry Businesses? At first glance a Quality Management System (QMS) might appear inappropriate for service industry businesses. There would appear to be a lack of metrics to serve as inputs, as a large portion of the product is not physical. Customer satisfaction however, is a very tangible … Read more
Many users take messaging app security for granted when sending text messages, voice messages, photos, and videos. However, not all apps secure messaging data equally. This is a concern for both organizations and individuals who wish to ensure the confidentiality, integrity, and authenticity of information transferred between authorized users. Elements of Messaging Security Messaging app … Read more
What is Cybersecurity Maturity Model Certification? The Office of the Under Secretary of Defense for Acquisition & Sustainment has released the Cybersecurity Maturity Model Certification program. The program will be made effective in new programs released by the Department of Defense (DoD) and will be a requirement for product and service providers. This program has … Read more
Cybersecurity Threats by Industry Sector Cybersecurity threats remain a significant concern for organizations in every sector. IBM’s 17th Cost of a Data Breach Report provided insights in to the nature of the threat environment in 2021. This report provides an assessment of risks and strategies for protecting data and responses to data breaches. Among its … Read more
What is a Quality Management System? A Quality Management System (QMS) is an assemblage of processes, procedures, and polices for achieving customer requirements and customer satisfaction. These systems, when appropriately applied, can provide an enterprise with increased operational consistency and profitability. Although originally created for manufacturing endeavors, QMS are also applicable for service industries. There … Read more
ISO 9001: 2015 Quality Management System Requirements Proper documentation is the cornerstone of ISO 9001:2015. Creating a system of documentation that is appropriate to your company’s requirements is crucial. This is because the documentation defines the manner in which it will conduct business. Paying attention to the design of your Quality Management System (QMS) at … Read more
Corrective Actions Provide Opportunities for Improvement Corrective Actions are excellent opportunities for process improvement and increasing profitability. It is necessary however, to implement a process to these control corrective actions. This is often perceived by some as being a cumbersome, unnecessarily complicated, and time consuming process. However, a properly constructed Quality Management System can ensure … Read more
According to a number of leaders in cybersecurity, spyware is becoming an issue of growing concern for businesses. Malwarebytes, in its 2021 report, Malwarebytes 2021 State of Malware Report, observed that business spyware detections increased 51% in 2020. These spyware infections can be found on both computers and mobile devices. What is Spyware? Spyware is … Read more
Technical Data and Export Law Understanding what technical data is and how it pertains to export law is important for companies doing business in the U.S. and Canada. Both countries have different requirements and regulations controlling how technical data is stored and transferred. Additionally, these regulations are subject to change. What is Technical Data? Definitions … Read more
ISO 9001 provides tools for business management beyond the scope of product quality. Incorporating these tools can help an organization effectively and consistently manage specific issues and requirements strategically. Furthermore, because ISO 9001:2015 requires involvement from top management and relevant stakeholders, it ensures that these issues will be addressed comprehensively. Context of the Organization “Context … Read more
Bloomberg reported on February 12, 2021 that a Supermicro hardware hack had been conducted on server motherboards by a Chinese espionage program. This report follows previous reports by the news agency in 2018 and illustrates the susceptibility of technology manufacturers to supply chain attacks. The hack involved embedding a small integrated circuit into the trace … Read more
Creating Effective Quality Management Documentation Effective Quality Management Documentation is the backbone of a ISO 9001:2015 quality program. The documentation created therefore should be clear, concise, and targeted for its intended audience. Documents serve to explain and instruct all stakeholders on policies, procedures, and work instructions. They also provide the basis for evaluation for continuous … Read more
Creating Effective Quality Management Systems. Effective Quality Management Systems (QMS) are the products of proper implementation. For ISO 9001:2015, that implementation is dependent on a detailed assessment of what processes are required for by the context of the organization. That assessment can also provide guidance for requirements of the management team that needs to be … Read more
As a Cybersecurity and NIST Consultant, we are prepared to help Department of Defense (DoD) companies and contractors to develop their Cybersecurity Maturity Model Certification (CMMC) programs. The development of CMMC has been a concern for companies in the Defese Industrial Base (DIB) and many have voiced concerns that the CMMC was creating barriers to … Read more
What is an Information Security Management System (ISMS) An Information Security Management System is a collection of policies, procedures, and controls that systematically address information security in an organization. It is a framework based on risk assessment and risk management. The most widely recognized and instituted ISMS in the business environment is ISO 27001. It … Read more
