Services Requested
Is there a time constraint? What is the target for completion of the scope of work?
For Additional Sites, please provide: Site Locations / Site Activities / Approximate Square Footage / Number of Employees at Each Site
What standard(s) is the company currently certified to and how long has it been certified? Who is the Registrar?
What are the company's main products and / or services? Are there different product lines at different sites? Please provide additional information so that we can understand the overall operations of your organization.
Are there MRP / ERP or other systems / software being used to support the ISO system? What are they and how many employees have ready access to the computer?
Is there a Document Control system in place, hard copy or electronic? How long has the system been in place? If document control software is being used, which one? Are documents, including forms, adequately controlled; review, approval, distribution, and revision? How are Engineering Drawings controlled?
Is there an Information Security Manual and, if yes, approximately how many pages is it?
Are there Level 2 documents (also called Procedures / SOPs, etc.) and, if yes, how many, format (text vs. flowchart) and average size (pages)? Are Level 2 documents clearly identified? How many Level 2 documents are there?
Are there trained Internal Auditors; how many, who trained them? Is there an internal audit process in place? Will Internal Audit be outsourced?
Please check any of the following Cyber Security Policies the company may have documented:
Has the company formally identified all relevant legislative statutory, regulatory, contractual requirements and how it meets them?
Is your company tracking any of the following metrics?
What other metrics does your company track and provide a very general description of how they are tracked?
Are there any additional complications or concerns that we should know about?
Click Here to Send
