ISO 9001:2015 – How to apply Risk-based Thinking to Quality Processes [Part I]

Why taking a risk-based approach is a requirement of ISO 9001 Risk-based thinking is a sore point among many Quality professionals. Even so, identifying risk, analysing the consequences, probability and level of risk (i.e. risk analysis) and risk evaluation using formal techniques are becoming increasingly important tasks the global business world. ISO 9001:2015 incorporates what […]

Convert Office documents to PDF using OfficeToPDF 1.5

We’ve made a new release (1.5) of our OfficeToPDF open source project and pushed the code to its usual home on CodePlex ( It comes fairly soon after the release of 1.4 in August 2014 but the timing was right for two reasons: There was a flurry of issues raised and requests from users We […]

ISO 9001:2015 – The likely impact (Part III)

What ‘documented information’ is required by ISO 9001:2015? An Executive Summary could read as follows… ISO 9001:2015 will probably merge documents and records under the term ‘€œdocumented information’€ and there will be no mandatory quality manual, procedures or quality records. These significant changes may lead to much greater flexibility in how information is managed within […]

Cyber Essentials: Why your organisation should ‘Get Badged’! – Part V

Part V:  Requirements 4. Malware protection, and 5. Patch management Malware protection software is a necessary cyber security requirement. We all have knowledge of malware threats in one form or another and experience teaches us to be wary of certain links and email attachments. Cyber Essentials starts with the assumption that computers connected to the […]

Cyber Essentials: Why your organisation should ‘Get Badged’! – Part IV

Requirement 2. Secure configuration, and 3. User access control The second Cyber Essentials Requirement references ‘secure configuration’. At this point, I am reminded of The Security Configuration Benchmarks that are distributed free of charge to propagate their worldwide use and adoption as user-originated, de facto standards. The CIS Benchmarks are described as “consensus-based, best-practice security […]