Governance, Risk and Compliance Blog

Peek-at-you: Is 'Pokemon-Go' Looking at your Google Drive Files?

Posted by Emily Hill on Fri, Jul 22, 2016

Many apps now allow you to use your facebook, twitter or google account to log in. These shared sign-ons ask the user what permissions they want to grant the app, and any permissions beyond the basic requirements are clearly highlighted. That is - when they are used correctly. 

When the shared sign-ons are not used correctly, let's say, they are outdated, it skips the permission-granting step, giving the app creator 'full-access' to their accounts.

Then, situations like this happen:  






This week, Niantic, Inc., the creator of Pokemon Go, has been criticised for using an unsupported, out-of-date version of the sign-on process. This means that the permission-granting step was skipped and the app had “full access” to user accounts.

"Full access" means Pokemon Go has access to:

  • Read all your emails
  • Send emails as you 
  • Access all Google Drive documents
  • Look at your search history and your Maps navigation history
  • Access any private photos you may store in Google Photos
  • And a whole lot more



So was this because Niantic, Inc. needs all that data?

Apparently not.

A spokesman for Niantic, Inc. said they only used the user ID and email addresses and that no other Google account information is or has been accessed or collected.

Niantic, Inc. clearly had no intention of accessing or using the additional data. So, why was Niantic, Inc. using an outdated, unsupported version of the software? 



Michael Ord, Director of Qualsys Ltd, believes it was because no one was accountable. 

"Time and time again, companies spend so much time and money on their products, they overlook small but important details. In this example, Niantic, Inc. could have put millions of consumers, businesses and governments at risk because no one was responsible for checking that they were using the latest version of Google's software. What if the data had been stolen by hackers? Or what if the data had been accessed and misused internally? This excessive amount of data could have caused all sorts of issues because there was clearly no process for updating the software."

ISO 9001:2015, the world's most widely recognised quality management system, requires organisations to follow a plan-do-check-act process approach.plan_do_check_act.jpg

In this case, Niantic, Inc. should have: 

  1. Determined that consumer data is a risk. 
  2. Audited any processes where consumer data is collected or stored. 
  3. Then, they would have discovered in this audit that the software was collecting the additional data which they didn't need. 
  4. Niantic, Inc. would have updated the software and put a reminder to update it next time. 



EQMS is an off-the-shelf, configurable electronic quality management system which enables organisations to effectively manage closed-loop processes. Risks can be logged, escalated to the appropriate parties and tracked at any stage. The system improves accountability, visibility and communication. 

For more information about EQMS, please download our datasheets: 


EQMS Datasheets


10 Ways To Engage Your Team with Quality

Posted by Emily Hill on Thu, Jul 14, 2016

Every quality professional understands how important engagement is for embedding a culture of quality. 

Not only does an engaged workforce better understand their roles - resulting in fewer issues, less wastage and lower costs; they are also more proactive - resulting in better customer experience, more referrals and higher customer lifetime value. 

Sadly, however, it can be very difficult to drive engagement with quality, especially in growing organisations where many stakeholders are already feeling stretched. Management switch-off at the prospect of another humdrum status report meeting. Employees forget to submit important paperwork. And suppliers do not provide important credentials. 

So how can you get your stakeholders to engage with quality? Unfortunately, there is not a 'one size fits all' solution. It's not easy - even veteran quality professionals struggle to drive engagement with quality and every organisation will be different. You need to be bold, creative and flexible - and ideas may not come that easily when you are trying to prepare for an upcoming audit. 

Here are ten ideas to inspire you and your team to promote quality in your organisation. 


CQI Competency Framework

1) Ask for Opinions 

When employees don't feel as if they can speak up, they may be holding back valuable ideas and solutions that could help propel your organisation forward. Asking for opinions will give you some valuable insights and help you to embed an 'open-door policy'.

Here are some ways you could ask for opinions:

  • Invite groups of your employees to a monthly roundtable.
  • Embed feedback into processes using systems such as EQMS Issue Manager.
  • Send a survey. 
The key here is demonstrating that ideas have been actioned or passed on. Do not forget to feedback to your employees!

2) Make Time for Mentoring

If you are thinking "Mentoring? As if I have time for that!" - wait just one moment. Mentoring and coaching is a key remit of the quality professional, according to the CQI, the leading professional body for the advancement of quality practices in the UK. 


Taking the time to sit with your struggling employees and discuss their challenges will not only help your employees to feel more valued, it also help them to understand and engage more with quality. 

Here are some ways you could improve quality mentoring: 

  • Follow a structured approach.
  • Set goals.
  • Use systems such as EQMS Training Records Manager to track competency requirements. 
  • Assess performance on an ongoing basis. 

Need some more time? See how much time and money you could save by using the EQMS ROI Calculator.


3) Reward good performance

Good performance can be rewarded either with financial rewards or recognition. Yet few quality professionals are in the position where they have control over financial rewards (even though quality and compliance performance metrics should be taken into consideration for all financial rewards, in every organisation), but this means you will probably need to find more creative ways to reward good quality performance.


Here are a few ways you can recognise good performance: 

  • Internally: Email or newsletter to the organisation / share a sponge / promote on intranet;
  • Externally: Social media / Hosting a quality awards ceremony with all of your employees, suppliers and customers / share on your blog.  


4) Improve accountability

Accountability is key to improving engagement with quality initiatives. Holding individuals accountable, rather than teams or departments, will help to prevent a phenomenon known as social loafing, when people in groups exert less effort than when they work alone. 

Using systems such as EQMS improves accountability as it will enable you to track individual performance, keep an accurate record of all activity and will tell you what went wrong and why. 



5) Clarify goals and responsibilities

One of the biggest issues employees have is confusion over what one's role actually is. Sometimes things get lost in the mix, and it can take some time to identify issues and take action. To avoid this inertia, every employee should have a set of goals and responsibilities. Keeping these goals in a centralised system such as EQMS Document Manager means that employees can be reminded and changes to roles and responsibilities can be managed. 


6) Perfect your new employee onboarding process

If you do not already have an initiation program for new starters, you will be missing an important opportunity to nurture and embed a culture of quality and compliance. If you do not think you will have time to manage an onboarding training program, systems such as EQMS Training Records Manager can help. Through pre-configured workflows, you can automatically send training emails, notifications and documentation to your new employees over a set period of time. 



7) Celebrate World Quality Day in your organisation

Held every November, World Quality Day gives you the opportunity to promote quality to the rest of your organisation. How and what you do is up to you. But the CQI always has a number of workshops, activities and event ideas on their website. They give you (free) downloadable posters, promotional materials and much more to help raise the profile of quality. Many quality professionals who have taken part in these activities have told Qualsys Ltd that they believe World Quality Day is one of the most valuable ways to drive engagement with quality. 



World Quality Day Beer - Qualsys Sends 1000's of Beers to Quality Professionals Across the Globe


8) Provide ongoing training and support

On top of compulsory training, you can arrange for employees to participate in less formal training sessions. By getting employees to say what they want to learn about or using your EQMS Issue Manager module to spot skills gaps, you can suggest a program of interactive learning sessions. You could team up with other departments to put on a series of webinars, roundtables or even lunchtime 'hot seat' sessions. This will help you to embed a culture of learning and continuous improvement.

Also, if you record these sessions, you can then upload them to EQMS Document Manager so those who were absent can still keep up to date.  


9) Host your own events

It may sound like a lot of hardwork and you may even be thinking "Where will I get the budget for this?!" But a well-executed event can give you the opportunity to really engage in a dialogue with your employees, suppliers and partners. 


If you are an EQMS customer, Qualsys can sponsor your stakeholder engagement events by providing you with event plans, speakers and promotial materials. Qualsys also run a number of user-groups, customer summits, supplier roadshows and conferences throughout the year which can be useful inspiration for your own events. For more information, please contact


10) Start a weekly quality circle

At the end of each week, get some biscuits, buns or beers and invite your stakeholders to your 'quality circle.' It will give you an opportunity to share stories and talk to those in departments you may not normally get the chance to speak to. Read more about Qualsys' quality circle.


For more ideas, download the stakeholder engagement toolkit. 

New Call-to-action

6 'To-Do's' For A More Successful EQMS Implementation

Posted by Emily Hill on Wed, Jul 13, 2016

After weeks and possibly even months of searching through eQMS vendors' websites, building your business case and reading through RFP responses, you are probably very excited to finally be starting your EQMS implementation process.

Although much of the technical legwork will be carried out by the Qualsys implementation team, it is important not to overlook small details which can make a big difference to the success of your project. 

Below, you will find 6 'to-do's' for a more successful EQMS implementation. You will also find links to some fantastic online resources, articles and tools to inspire you. 

Let's get started. 

1) Define Your Success Criteria: 

You probably sent a RFI / RFP to prospective eQMS vendors explaining your current challenges and what you are planning to achieve. But this was probably weeks or even months ago. Since then, you have spent more time learning about your challenges and the solution, so your objectives and success criteria may have changed. 


Before you start your EQMS implementation, it is worth reviewing your objectives. By asking what you are trying to achieve, what success looks like and how you will measure success, it will help you focus your efforts and align all areas of the business.

Here are some articles and resources that will help you to dig deeper and define what success looks like to you: 

  1. Creating SMART objectives
  2. How do you define project success?
  3. How to measure project success
  4. The Transformational Quality Professional 
  5. Read how Carillion Direct Sourcing Measure Success
  6. Best Practice for implementing a QMS 


2) Assemble Change Champion Team 

Every major project needs internal champions who can keep things moving, rally support and make sure the necessary resources are available to make the implementation a success.


Before your implementation process begins, it is helpful to choose your change champions. For some, it may be obvious, but others may need to spend a bit longer deciding who the best people will be to inspire change in your organisation. 

Here are a few articles to help you assemble your change champion team: 

  1. Step-by-Step Guide to Creating Change Champions
  2. Six Sigma: The Champions Role
  3. 5 TED talks Every Quality Professional Should Watch


3) Demonstrate Leadership Commitment 

Not only is it an important regulatory requirement, leadership commitment is one of the best ways to acquire stakehodler engagement. 


Your leadership sponsor needs to communicate what the system does, what they want to achieve and how everyone can get involved. Whether this is an email, video or a meeting, it is important that the leadership team clarify this to align all areas of the organisation. 

Many quality professionals say they struggle to get leadership engagement, so here are a few articles to inspire you: 

  1. 3 Leadership Engagement Lessons 
  2. Demonstrate Leadership
  3. 5 Books Every Quality Professional Needs in Their Library


4) Plan Your Engagement Strategy

You will likely want to roll-out EQMS to hundreds or even thousands of your employees, so a well-planned engagement strategy is essential. 



Although Qualsys will help you plan your engagement strategy, it is worth considering what extra resources your organisation has available. What resources does your organisation have internally to help you to communicate EQMS? 

These resources will help you to build a strategic EQMS engagement plan: 

  1. 11 Ways To Engage Your Team with Quality 
  2. Stakeholder Engagement Planner 


5) Get Familiar With Your New System

Although EQMS is designed to be easy to use, there is a lot of functionality. Making the most out of all of this functionality requires you to be familiar with the system. 


Whether you prefer to learn by reading or listening, Qualsys offer you a number of different ways you can learn about key EQMS features.

Here are some of the different ways you can learn about EQMS: 

  1. Download the datasheets 
  2. EQMS Module Workshops
  3. Check out the EQMS user videos
  4. EQMS Help and Knowledge Base


6) Stay Up To Date

Keeping up to date with GRC news is essential as it helps you to implement best practices across your organsiation. 


Here are some resources to help you keep on top of trends and changes: 

  1. View the Qualsys Protopage for the latest news in the GRC industry  
  2. Follow Qualsys for EQMS updates on LinkedIn
  3. Follow Qualsys on Twitter
  4. Subscribe to the Qualsys blog or add to your RSS Feed 
  5. Sign up to the EQMS events and webinars


For more resources, articles and information please subscribe to the EQMS GRC newsletter. 


NHS Pharmacy Opts for A Robust Quality and Compliance Management Solution

Posted by Emily Hill on Tue, Jul 12, 2016

The pharmacy department at the Royal Free Hospital is deploying a new integrated quality and compliance management system to meet increasing healthcare compliance regulations and reduce operational costs. 


Image: Royal Free Pharmacy

The pharmacy dispenses prescriptions and provides medicines, information, and William_Marsden_17961867_by_Thomas_Henry_Illidge.jpgmanufacture and quality control medicines. The pharmacy also has a manufacturer's "specials" licence, an investigational medicinal products (IMP) licence and a wholesale dealer's licence, which means that Royal Free pharmacy are able to make and distribute a wide range of products.

Escalating Compliance Requirements

The pharmacy department is now partnering with Qualsys Ltd to implement EQMS, an integrated, modular quality and compliance management system.

After a competitive tendering process EQMS was selected for it's advanced functionality which will embed compliance into all processes, such as the ability to electronically sign SOP's, access a full audit trail for all documentation and instantly view a KPI dashboard. 

Royal Free will be implementing a number of integrated EQMS modules:

  • EQMS Document Manager will structure, control and distribute policies, procedures and process documents securely to facilitate compliance to ECGMP Annex 11 and GAMP 5 guidelines.
  • EQMS Audit Manager will store evidence of compliance with MHRA requirements and ECGMP Annex 11 and GAMP 5 guidelines.
  • Established in 1828 by William Marsden, a newly qualified surgeon who was shocked when he found that he could not find treatment for a penniless young woman, the Royal Free's founding principle was that they would take in anyone who needed treatment – the first hospital in London to do so and the only London hospital to stay open during the 19th-century cholera epidemics.
    EQMS Training Record Manager will ensure that training records complies with GMP guidelines.  
  • EQMS Risk Manager will support the risk management requirements of GMP.  

Atheal Alwash, Sales and Account Executive for all of Qualsys' NHS accounts said: 

"From our first discussions with the Royal Free Pharmacy it has been clear that EQMS is a perfect fit and we are delighted to be working the team.

The entire team work-hard to achieve a quality-first culture and this is how they continually provide world class expertise and local care.

We are really excited about our partnership and are looking forward to inviting the Royal Free team to join us for some of our events in Sheffield."

For more information about how EQMS can support your organisation to meet your quality and compliance objectives, please download the EQMS Datasheets. 


EQMS Datasheets

Tags: Quality Management Software, Annex 11

Inspire Change: 5 TED Talks Every Quality Professional Should Watch

Posted by Emily Hill on Mon, Jul 11, 2016

As a quality leader, you will often come across instances where operations are not being performed to the required standard. But getting employees to change how they do things can be very difficult. All too often, there are complications, resistance and struggles - leaving you feeling stuck in a rut. 

If you need some new ideas on how to lead, motivate and inspire your team, here are five TED talks you can watch in under one hour. 


1) How to start a movement: Derek Silvers

Length: 3:09

In this short, lighthearted TED talk, Derek Silvers, an entrepreneur, professional musician and circus clown, illustrates how movements happen. He demonstrates how it is actually the first follower who plays the most important role in starting a movement, as they show everyone else how to follow. 


2) How great leaders inspire action: Simon Sinek 

Length: 18:04

Why is is that some changes just don't seem to stick? 

In the TED Talk "How great leaders inspire action", Simon Sinek, the award-winning author of "Start With Why" and "Leaders Eat Last", shares how the most powerful leaders and brands inspire action by focusing on why. 



3) What is takes to be a great leader: Roselinde Torres

Length: 9:15

In this candid talk, Roselinde Torres explains that being a great leader goes beyond leadership training programs. After decades of studying the world's greatest leaders, Torres states they all ask three crucial questions:

  • Where am I looking to anticipate change? 
  • What are the diversity measure of my network?
  • Am I courageous enough to abandon the past? 

By asking these questions, you can be more prepared to lead change in your organisation. 


4) As Work Gets More Complex - 6 Rules to Simplify

Length: 11:58

Why do some people look so disengaged with their work? Yves Morieux, director of BCG Institute for Organisation, says it is due to increasingly complex businesses and obsolete traditional management pillars.  

In this energetic talk, Morieux offers six rules for "smart simplicity." (Rule One: Understand what your colleagues actually do.) 


5) Got a wicked problem? First, tell me how you make toast

Length: 9:01

Many quality problems are very complex and can only be resolved with the help of a number of specialists.

In this talk Tom Wujec, a designer at Autodesk, shares his research on how humans deal with different tasks. After watching how thousands of people draw how they make toast, Wujec discusses how tasks which seem easy to explain can actually be full of variation and complexity. 


Like this post? Subscribe to our monthly newsletter for more articles, resources and information about optimising your GRC processes.



Your ISO 9001:2015 Reading List - 5 Books Every Quality Professional Needs to Have in Their Library

Posted by Emily Hill on Fri, Jul 01, 2016

In the fast-paced, ever-changing world of quality, the key to success is to always be learning. You need to be a lifelong student. And sometimes, like all great students, that means you need to hit the books. 

Whilst there are thousands of business, risk and quality books, it can be difficult to know which ones are actually going to be helpful. 

In this article, the Qualsys team have shared 5 must-reads that every quality professional should have on their bookshelf [or in their Kindle library]. From leadership to risk management, each title touches upon an essential requirement for the revised ISO 9001:2015. 

Here are the five books every quality professional should read: 



1) Yes! 50 Scientifically Proven Ways to Be Persuasive by Noah Goldstein, Steve J Martin and Robert Cialdini -

Recommended by Michael Ord, New Business and Marketing Director at Qualsys 

ISO 9001:2015 requires leadership to demonstrate their commitment to quality. However, over 50% of quality professionals said they struggle to get leadership engagement at the CQI Conference 2016.

So, how can you persuade leadership to demonstrate their commitment to quality? 

Persuasion - an essential skill for quality professionals


In 'Yes! 50 Scientifically Proven Ways to Be Persuasive" Cialdini uses data and examples from research studies to demonstrate how human behaviour can be influenced by making small changes to the ways questions are asked and information is demonstrated. This book is recommended for you if want actional tips to persuade your leadership team to demonstrate their commitment to quality.

An excerpt from this book: 

Chapter 4. When persuasion might backfire, how do you avoid the 'magnetic middle?'

"The Petrified Forest study makes it clear that people have a natural tendency to do what most other people are doing, even when that behaviour is socially undesirable. But although we recommended trying to reframe the message to focus on all the people who are behaving in a more desirable way in such cases, unfortunately that's not always possible. What's the persuader to do in those situations?"

Download from Amazon here 


2) Thinking, Fast and Slow by Daniel Kahneman

Recommended by Alex Swan, Business Development Manager at Qualsys 

ISO 9001:2015 requires organisations to determine risks and opportunities, plan actions to address these risks and opportunities, implement actions into its quality management system and evaluate the effectiveness of these actions.

But what is risk? How do we identify opportunities? And how do we prevent a bias assessment? 


For ideas on how to understand risk and to prevent bias assessments, we recommend 'Thinking, fast and slow' by Daniel Kahneman as he discusses the importance of properly framing risks, the effects of cognitive biases on how we view situations and the difference between our experience and memory of events.

Excerpt from the book: 

"Every author, I suppose, has in mind a setting in which readers of his or her work could benefit from having read it. Mine is the proverbial office water-cooler, where opinions are shared and gossip is exchanged... A hope for informed gossip is that there are distinctive patterns in errors people make. Systematic errors are known as biases, and they recur predictably in particular circumstances."

Download from Amazon here


3) Two Speed World: The impact of explosive and gradual change - it's effect on you and everything else by Gerald Ashley and Terry Lloyd 

Recommended by Atheal Alwash, Sales and Account Executive at Qualsys 

ISO 9001 requires organisations to effectively manage change. However, a third of quality professionals say that their ability to manage change is their greatest challenge. 


If managing change is your organisations biggest challenge, the book ' Two Speed World: The impact of explosive and gradual change', by Gerald Ashley and Terry Lloyd will give you insight into the different types of change, what drives change and techniques for coping with complexity. We would recommend this book as it provides some interesting examples of how you can equip your teams with the information they need to deal with change. 

Excerpt from the book: 

"It is all too easy to always use techniques that are good for incremental change, since that is the morn and is what general procedures are set up to handle. However, these techniques will do more harm than good if they continue to be used in the face of disruptive change."

Download from Amazon here 


4) Implementing ISO 9001 by Paul Simpson, Jan Gillet and Susannah Clarke

Recommended by Lynne Gregory, Account Manager at Qualsys 

Over 90% of quality professionals we surveyed during our Annual Quality Survey 2016 said that their organisation had achieved ISO 9001:2008. Now, all must transition to the new standard before September 2018 to remain certified. 


For a general guide to all things for ISO 9001:2015, we recommend 'Implementing ISO 9001:2015' by Jan Gillett, Paul Simpson and Susannah Clarke. This easy read gives quality professionals a guide to all of the requirements of the revised standard. 

Excerpt from the book: 

"If the leadership has not been fully engaged, the implications are that quality professionals, internal auditors and external auditors will need to work much more with the top leadership team, the MD and/or CEO. No longer is there a glass ceiling where the buck stops with the 'management representative'.'

Download from Amazon here


5) The Undercover Economist by Tim Harford 

Recommended by Gemma Baldan, Account Manager at Qualsys 

The implementation of a QMS is a strategic decision influenced by the context of the organisation. Context of the Organisation is a new requirement, stating an organisation must consider both the internal and external issues that can impact on its strategic objectives and the planning of the QMS.

If you want to understand more about the factors influencing your organisation, The Undercover Economist by Tim Harford, an economist and a member of the Financial Times editorial board, is about the economic principles and interlinking relationships of events in organisations. 

Excerpt from the book: 

"According to economics professor Brian McManus, mark-ups on coffee are around 150 per cent - it costs fort cents to make a dollar cup of drip coffee and costs less than a dollar for a small latte, which sells for $2.55. So somebody is making a lot of money. Who?"

Download from Amazon here


For more information, tools and reading materials, download the ISO 9001:2015 toolkit. 


ISO 9001:2015 Toolkit

Tags: ISO 9001:2015

The Food Safety Conference 2016: Get up to £200 off your ticket with this code!

Posted by Emily Hill on Wed, Jun 29, 2016

Food and Beverage manufacturers are only too aware how poorly trained staff, inconsistent production processes and poor products inevitably lead to failure.

Global competition, international standards and tighter regulation are compelling producers to focus on food safety and quality more than ever before. 

Join us at the Food Safety Conference 2016 in London on Thursday 15th September to learn about the latest industry trends, network with your peers and hear presentations from some of the biggest brands in the industry, including Coca-Cola, Mondelēz International and Premier Foods.

Find out more about the event and how you can get up to £200 off your ticket below.


The focus of this year's event will be on identifying and reducing threats and vulnerabilities with advanced risk assessments around fraud, contaminants and industry challenges. 

The conference will explore hot topics in food safety management, supply chain traceability and raw material authenticity including:

  • Horizon Scanning & Industry Trends – Anticipating The Next Big Threat: Assess the trends in industry recalls and outbreaks and harness horizon scanning to predict and prepare for emerging risks.
  • Identifying & Reducing Supply Chain Vulnerabilities: Best-practice methods for robust risk assessment and traceability of your raw materials and supply chain to assess the various threats.
  • Food Fraud – Don’t Get Caught Out! Harness insights into the best methods and systems to maintain the authenticity and integrity of your end product.
  • Next-Level Authenticity Testing: Ensure the authenticity of your raw materials and map your supply chain with the latest tools, techniques and developments.
  • Prevent The Threat Of Contamination & Outbreaks: Best-practice detection methods and controls to protect your food and drink products from micro, chemical and physical contamination.
  • Advanced Allergen Control: Avoid the cost of allergen recalls and the risk of cross-contamination with robust detection methods and on-site controls.
  • Uncovering Retailer Expectations: Don’t fall short of retailer expectations and motivations.
  • Successfully Implementing & Preparing For Legislation Updates: Strategies to meet current industry standards and assessing the likely impact of legislation changes.
  • Embedding Food Safety Culture: Best-practice training methods to entrench food safety culture within your organisation.

Qualsys Ltd, who are exhibiting at the conference, have teamed up with the Food Safety Conference event organiser, Global Insight Conferences, to get up to £200 off every ticket our subscribers purchase. 

To get this deal, simply enter: 'Qualsys' in the ID Code field when you book online at   

Tags: Food Safety Management

Qualsys Welcomes W. E. Rawson Ltd As a New Customer

Posted by Emily Hill on Thu, Jun 23, 2016

Leading textile manufacturer, W. E. Rawson Ltd, is implementing a new electronic quality management system to improve accountability, issue management and to optimise processes across its Wakefield site. 


W.E Rawson Ltd has been manufacturing and distributing Non-Woven Textiles from their site in Yorkshire for 150 years. Their continuous growth is attributed to their commitment to innovation and Drive Continuous Improvement with ambitious growth plans for the next 12 months, W. E. Rawson Ltd is now replacing their legacy systems with EQMS.

EQMS will help W. E. Rawson Ltd incorporate a consolidated approach to quality and compliance management.



Lee Clack, Quality Assurance Site Manager at W. E. Rawson Ltd said they carefully selected EQMS for its integrated functionality, user-friendly interface and powerful reporting capabilities:

"We didn't have any reservations before procuring EQMS. This is simply the best system on the market. It is clee_clack.jpgost-effective, modern and user-friendly. There are a lot of QMS systems out there; however these are a million miles away from EQMS by Qualsys.

The sales team has been excellent and very professional and I have found the implementation team have always been very well organized and have documented everything.

We're confident that EQMS is going to help us meet our goal to reduce compliance burden and further embed a culture of quality." 

Business Development Manager at Qualsys, Alexander Swan said the team at Qualsys are looking forward to helping W. E. Rawson Ltd achieve a substantial ROI with EQMS:

 alex_swan.png“From my first interactions with W. E. Rawsons Ltd it was clear that Quality and Continuous Improvement was incredibly important to the company.

The entire team have been extremely professional throughout, and after extensive scoping the decision was made to work with Qualsys.

We are really looking forward to finishing rolling out EQMS and working in partnership with W. E. Rawson Ltd to help them to achieve substantial return on investment with EQMS.” 

If you are interested in seeing how EQMS can be used to support your organisation to achieve ISO standards, eliminate compliance burden and embed a culture of quality, please download the EQMS Datasheets. 


Trusted ISO Compliance Software


7 Questions to Ask When Managing Business Equipment

Posted by Emily Hill on Thu, Jun 23, 2016

Business equipment has a life of its own - a start-work date, an identification number, a function, a history, a con
tract, a need for maintenance, and a retirement date. But many organisations feel like they fail to successfully manage their equipment throughout its life cycle. 

The consequences of poor equipment management are not only costly, but it can be dangerous and damaging to your reputation. Managing equipment in a systematic process will make your organisation more agile, safer and more profitable. 

For more streamlined, systematic equipment management, here are seven questions you should ask.

1What equipment do we have?


Image: MP expenses scandal in 2015 demonstrates why it is essential to always know what the organisation is purchasing, public or private sector. 

It is shocking just how many organisations do not keep an updated list of what they own. Even large organisations, who have a sophisticated asset register database, simply fail to register the importance of regularly keeping track of what they have. 

Consequences are inevitably costly. Being unable to fulfil an order because you don’t have the equipment to do the job.  Buying duplicate items of equipment. And wasting money, time and effort purchasing equipment you do not need.

Organisations that do keep track are leaner, more profitable and more responsive to their customers.


2. How do we know when maintenance is due? 

As well as the obvious issues with under-maintenance, there are two critical issues with over-maintenance.

1) There is the obvious additional cost that adds no value. Oniqua, an Australian-based expert in the maintenance of equipment in the oil and gas industry has found that organisations typically spend up to 30% of their maintenance costs on equipment with a zero failure rate.

2) There is evidence that intrusive over-maintenance may actually increase the failure rate and introduce additional risk. Federal Aviation Authority statistics show that:

  • Almost 12% of all aircraft accident reports cite a maintenance factor.
  • When failure or malfunction of aircraft equipment is part of an accident or incident, one-third of these malfunctions relate to a maintenance error.
  • Whenever engine delays are encountered, maintenance error accounts for nearly 50% of the causes.

It is important that organisations understand the balance between over and under maintenance. 


3. Do employees know how to properly operate equipment? 


Image: Andrew Jones Pies was fined £250,000for safety offences after  a gas explosion in an industrial bakery oven killed a man and badly injured another. 

Equipment will inevitably fail if it is not operated properly and the consequences can be much worse than broken equipment.

A tragic example of when improper equipment operation caused a fatal accident was at a Pie firm in West Yorkshire in 2010. Mr. Cole, a Baker, made repeated attempts to light a 30 year-old oven unaware gas was building up to a critical flashpoint inside the baking chamber. When the gas did ignite, the blast blew the oven door off its hinges hitting Mr. Cole. 

Preventing fatalities such as this does not only involve training, but also ongoing monitoring. It is important to:

1) find out how your assets should be operated;

2) understand the effects of operating outside of optimum range of operation and;

3) if you can’t operate within the ranges, understand the risks or mitigate the risk.


4. Have we properly managed risk?  

Effective equipment management not only manages the operation and maintenance of physical assets, but also manages the risks associated with the ownership and use of the assets. Risk assessment and subsequent management and controls are critical.

A shocking example of unassessed and unmanaged risk is the “Bhopal Disaster” in India in 1984, widely regarded as the world’s worst industrial catastrophe, killing over 4,000 people.


Adopting a systematic approach to risk management minimises the potential for equipment problems with serious consequences. An ISO 31000 based process will guide you through;

  • Establish context
  • Risk assessment: Risk identification, Risk analysis, Risk evaluation
  • Risk treatment
  • Monitor and review


5. Is equipment accurately valued? 

Consistent accounting policies are essential. This means you must be able to accurately value your equipment on your balance sheet. If you intend to sell on equipment is the fair market value represented in your books? Revaluation of assets is embarrassing and potentially damaging to your share price or ability to borrow.


6. Are we meeting regulatory compliance requirements?


Image: FDA Issues warning to medical device company Zimmer Biomet Holding Inc, who observed unspecified activities that didn't conform with "current good manufacturing practice requirements". Read more:

If equipment you use subject to regulatory control it almost certainly has the potential to harm your staff or customers.  The Food and Drug Administration in the USA regulate organization using or making Medical Devices. Code of Federal Regulation 21 specifies that you must:

  • Establish and maintain equipment maintenance schedules and procedures.
  • Conduct and document periodic inspections in accordance with procedures.
  • Post any limitations or allowable tolerances visibly close to equipment or make it readily available to persons performing periodic adjustment

Fail to comply and the FDA can shut you down.


7How much equipment do we actually have? 

Another challenge is the sheer volume of equipment organisations manage these days. Lower technology costs mean we all have cars, laptops, smartphones, printers, tablets and more. This equipment is critical if we are to work faster, smarter and compete in a global market, but failure to manage all the equipment results in lost, stolen and unmanaged equipment.


Optimise your Equipment Management

Listen to best practices on maintaining an asset register, maintenance and calibration tracking by accessing the one hour 'Managing Equipment for Asset Care and Safety' webinar here.  


equipment management webinar


Tags: Equipment Management System

ISO/TS 16949 Revision: What you need to know now

Posted by Emily Hill on Wed, Jun 22, 2016

Automotive manufacturers are only too aware how design and development defects, production waste, and variation leads to increased costs, delays and compliance issues, compelling automotive manufacturers to focus on quality more than ever before. 

Since 1999, ISO/TS 16949 has been firmly established as the global standard of quality in the automotive industry, harmonising automotive standards such as VDA 6.1, EAQF, AVSQ and QS-9000. 

Now ISO/TS 16949 is being radically revised to ensure it meets modern needs, bringing with it questions and concerns over the new structure, documentation requirements and other changes required to conform to the new standard. If you are interested in reading more about the changes to the standard, please find some answers to your frequently answered questions below. 


1) How will the structure of the standard change?  

ISO/TS 16949:2009 is based on ISO 9001:2008 and refers to its clauses. However, ISO 9001:2015 is significantly different to the 2008 version and is also built around the new ISO Annex SL specification. It fits then that the revision of ISO/TS 16949 will align with the ISO 9001:2015 based structure and requirements.annex_sl.png

If you have already transitioned to ISO 9001:2015 you will already be familiar with the new high level structure. But if you have not yet transitioned, you may want to familiarise yourself with the Annex SL framework. We would highly recommend reading the CQI's Annex SL briefing notes document for more information.  


2) How will our Certification Body audits change?

One of the changes to the standard is how sites will be audited. In 2014, the Certification Body Communique announced "One postal address, one certificate". This eliminated manufacturing site extensions from the CB audit. 

However, key stakeholders have expressed concerns that this is causing too much of an emphasis on the physical address of a manufacturing site, rather than focusing on the quality management system. It has been reported that some suppliers are even allocating time and money to find workarounds to accomplish one physical address to avoid lots of duplicated audit preparation, audit execution and audit reporting. 


This is being addressed by allowing certificates to be awarded to a 'single manufacturing site with extended manufacturing site(s). 

Read more about these changes here.


3) What are the key dates for my diary? 

Q3 2016: Supplier training for the International Automotive Task Force (IATF) QMS standard will be announced.

Q4 2016: The revised standard will be published

Q1 2017: The IATF will be offering Certification Body auditor training and testing materials for auditors.

14th September 2018: Deadline for upgrade to ISO/TS 16949:2016. 


4) When can I transition? 

You may transition during your next planned surveillance or recertification audit, or at any other time outside your normal surveillance audit cycle.

The audit will take the duration of a recertification audit and up to one additional day on-site. This extra time provides the Certification Body with an opportunity to review the changes made by the organisation to their quality management system to incorporate both ISO 9001:2015 and the revised automotive requirements. 


5) How can I use EQMS for my transition to ISO 16949:2016?

When standards and regulations are updated, EQMS is particularly useful to evidence how and when you have implemented changes. For example, EQMS Document Manager enables you to communicate, control and evidence any change in processes, policies and procedures:

  • Systematically review and update critical documentation employing full version control.
  • Send notifications about updated documentation to relevant parties and let them know what they need to do and by what date.
  • Use the workflow to make sure all changes follow your approval processes. 
  • Check all relevant stakeholders, including suppliers, have acknowledged the changes by checking your KPI dashboard. 

This embeds compliance, minimises error and mitigates risk.

For more information about EQMS Document Manager, you will find all of the essential information on our datasheets. Download the datasheets here. 


New Call-to-action



Tags: ISO/TS 16949