BS OHSAS 18001:2007 - Health & Safety Management
18001 has at last been issued as a formal standard which can be assessed and a certificate issued. Previously the guidelines could be adopted but didn't carry the same weight as a British Standard. Many organisations wanted a recognisable occupational health and safety management system standard that could be assessed and certificated.
The format of the standard is similar to the template set for ISO9001 - the quality standard and ISO14001 - the environmental standard. The structure of all three standards allow for integration if desired.
There are elements of communality:
Many organisations are choosing the integrated approach to incorporate
'industry best practice' to maximise compliance to the raft of regulations
facing businesses today. Certification provides independent evidence of compliance which can be used to offset any problems in the quality, environmental of H & S areas.
The format of the standard is similar to the template set for ISO9001 - the quality standard and ISO14001 - the environmental standard. The structure of all three standards allow for integration if desired.
There are elements of communality:
- Management review
- Internal audit
- Non-conformity control
- Evaluation of compliance
- Performance measuring
- Document control
- Control of records
- Communication
- Competence, awareness and training
- Control of resources
- Objectives & targets
Many organisations are choosing the integrated approach to incorporate
'industry best practice' to maximise compliance to the raft of regulations
facing businesses today. Certification provides independent evidence of compliance which can be used to offset any problems in the quality, environmental of H & S areas.
Labels: 18001:2007, BS, Health, Management, OHSAS, safety
Posted: Saturday, 3 November 2007
Laptop Data Safety
Basic levels of password protection on laptops are easily overcome by the experienced thief and this is causing considerable concern within the industry.
There are two things you should do:
That takes some account of security for the laptop, but with attached devices such as SD cards and USB pen-drives the situation is different:
Anyone stealing the SD Card or Pen-drive can read the data on any computer loaded with similar software. This is clearly a point of vulnerability; the best method to protect this type of device is to encrypt it so that it is useless without the decrypt key.
This protection is not the expensive option it used to be, with open source software freely available. The best of these encrypt and decrypt on the fly and are transparent to the authorised but render the device useless to the thief and in may cases appear to be a blank device.
ISO27001 and Laptop Security
There are two things you should do:
- Physical security - Don't let your laptop out of your sight. Never leave it unattended in a public place. Never leave it in the boot of your car overnight at hotels. Always use a steel cable to attach it to a firm structure when in use outside your normal environment.
- Electronic security - Don't have sensitive data on a hard disk in the first place. Use a complex password and if possible second level authentication, such as a token or other device. When the laptop is on but is not being used, use the electronic lock facility to activate the password entry facility. Use a password on any screensaver.
That takes some account of security for the laptop, but with attached devices such as SD cards and USB pen-drives the situation is different:
Anyone stealing the SD Card or Pen-drive can read the data on any computer loaded with similar software. This is clearly a point of vulnerability; the best method to protect this type of device is to encrypt it so that it is useless without the decrypt key.
This protection is not the expensive option it used to be, with open source software freely available. The best of these encrypt and decrypt on the fly and are transparent to the authorised but render the device useless to the thief and in may cases appear to be a blank device.
ISO27001 and Laptop Security
Posted: Thursday, 21 June 2007
0 Comments:
Post a Comment