GCERTI-JAPAN List of Products and Services

GCERTI-JAPAN Co., Ltd. is an ISO certification body (ISO certification organization). Our company is flexible in scheduling the audit dates and can complete audits that take two days with other certification bodies in just one day, providing "ISO standard certification audit services." With fewer audit days, the impact on daily operations can be minimized. Additionally, we conduct audits based on practical experience rather than paperwork, allowing you to primarily explain your daily operations during the audit. If you have any concerns regarding audits related to ISO 9001, ISO 14001, ISO 27001, or ISO 45001, or if you need assistance with planning and conducting seminars and training related to audits, please feel free to contact us. **Benefits of Requesting Our Services:** - Many of our auditors are young, allowing for flexible responses tailored to the site and scale! - Our auditors have a good understanding of the latest tools and work styles, enabling audits from multiple perspectives. - We employ internal auditors, making it easy to adjust schedules and allowing for certification acquisition in as little as three months! - We conduct internal auditor training, ensuring that all auditors adhere to the same audit standards. *For more details, please download the PDF or contact us.*

• others

Typically, ISO audits are conducted on a three-year cycle for renewal audits. I will explain the cycle in detail, separating it into cases of new certification acquisition and transfer audits. ■ In the case of new certification Year 1: Initial audit (Stage 1 audit, Stage 2 audit) Year 2: Surveillance audit Year 3: Surveillance audit Year 4: Renewal audit After the renewal audit in Year 4 is completed, there will be two more surveillance audits (over two years), followed by a renewal audit the following year, continuing the three-year cycle. ■ In the case of a transfer (change of certification body) audit In principle, it is possible to inherit the previous audit cycle. Many customers may think that "transferring is quite a hassle," but in our case, it can be done easily if you submit the following documents: - Application form (the sales department will assist in creating this) - Organizational chart (the sales department will assist in creating this) - Latest version of the manual data - Copy of the previous certification body’s certificate - Copy of the previous audit report - If there were any non-conformities in the previous audit, a corrective action report and evidence of corrective actions *We will provide a clear explanation of the surveillance audit in this ISO through related links.

• others

Do you need a consultant to obtain ISO27001 (ISMS)...? In conclusion, it is not absolutely necessary. However, depending on the internal structure, there are certainly cases where it is better to rely on a consultant. As an ISO auditor, I will provide specific examples of companies that did not need a consultant when obtaining ISO27001 (ISMS), while also introducing how to determine when a consultant is necessary and when they are not. 【What is a consultant?】 ■ A consultant is an expert who has experience and knowledge in a certain field and provides guidance and advice to clients. ■ Organizations that do not need a consultant are those that understand the requirements of the ISO standards. - Organizations with employees who can dedicate sufficient time to ISO. ■ About 80-90% of organizations utilize consultants. *For more details, please refer to the related link, which explains whether a consultant is absolutely necessary for obtaining ISO27001 (ISMS) in an easy-to-understand manner.

• others

Document management refers to "the appropriate management of internal documents, such as company information and customer information, from creation to disposal." Documents that inevitably arise from corporate management activities must be properly managed. If internal document management is not conducted appropriately, it can lead to decreased operational efficiency and the potential for information leaks, which could damage the company's credibility. Therefore, companies are engaged in document management as one of their fundamental operations. We will provide a detailed introduction to the basic principles of document management in ISO and key points to keep in mind. 【What is Document Management?】 - It is extremely important for improving operational efficiency, productivity, and strengthening compliance. - When managing documents, it is also important to establish appropriate rules for document retention periods. 【Common Challenges in Document Management】 - There is a vast amount of paper materials, and storage space is insufficient. - Documents that the company should retain are held by individuals. - Employees cannot smoothly find the documents they are looking for. - There are security concerns regarding loss and information leaks with paper documents. - Documents cannot be easily accessed while out of the office. - Document data cannot be utilized as an asset. *For more details, we will provide a clear explanation through related links.

• others

"I don't know where to start to obtain ISO 14001 in the first place." I believe this summarizes the concerns of representatives from small and medium-sized enterprises. I will explain the preparations for obtaining ISO 14001. ■ Preparation for Certification Audit To obtain ISO 14001, it is necessary to undergo an audit by an ISO certification body, regardless of the size of the company. As preparation for this audit, it is necessary to create new documents and records to "meet the requirements specified in JIS Q 14001." These documents and records do not necessarily have to be in paper format. Due to the recent trend towards paperless operations and the proliferation of online systems, it is also possible to handle them in digital formats. ■ Required Documents for the Audit The following items are required specifically by JIS Q 14001, which are not found in other standards: ~ Items Required Only by JIS Q 14001 ~ - Environmental Policy - Environmental Objectives - Environmental Aspects - Compliance Obligations and Compliance Evaluation - Emergency Preparedness *For more details, please refer to the related link, where we will clearly explain 'How Small and Medium-sized Enterprises Can Obtain ISO 14001!'*

• others

The seven principles of quality management refer to the fundamental principles established in the ISO 9001 standard for quality management systems. They provide a framework for building a quality management system that maintains conformity and effectiveness. 【Seven Principles of Quality Management】 ■ Customer Focus ■ Leadership ■ Engagement of People ■ Process Approach ■ Improvement ■ Evidence-Based Decision Making ■ Relationship Management 【Necessity of the Seven Principles of Quality Management】 The "Seven Principles of Quality Management," which form the basis of the JIS Q 9001 standard, are fundamental principles recommended by ISO for organizations aiming to improve their performance. If the seven principles of quality management are not maintained, the likelihood of nonconformities and complaints increases, as does the risk of providing products and services that do not meet customer satisfaction. To implement a quality management system more effectively and efficiently and to enhance customer satisfaction, the "Seven Principles of Quality Management," which serve as a framework for building a "quality management system that maintains conformity and effectiveness," are essential. *For more details, please refer to the related links for further explanation.

• others

ISO27001 refers to "Information Security Management Systems," and as the name suggests, it is an ISO standard concerning information security management systems. It is often abbreviated as "ISMS." Organizations possess a vast amount of information that is utilized during business activities or accumulated over time. Examples include information about individuals within the organization, such as employees, customer information for companies, contract information, information related to product sales, and development data for system development companies. These pieces of information are invaluable assets for the organization, but if the preservation and management of this information are neglected, what kind of issues could arise? The organization's business activities may not proceed smoothly, trust from customers may be lost, or it could lead to incidents of information leakage that make headlines in the news. ISO27001 stipulates the security, management methods, and management approaches for information related to such organizations. *For more details, please refer to the related links for a clearer explanation.*

• others

The international standard that defines the requirements for an Information Security Management System, ISMS (ISO/IEC 27001), was revised in 2022. This revision was necessary because the related standard ISO/IEC 27002 underwent changes that significantly altered the structure and content of the management measures, requiring updates or supplementary publications for ISMS (ISO/IEC 27001) to maintain consistency between the two standards. **Key Points of the 2022 Revision of ISMS (ISO/IEC 27001)** - Reduction in the number of items - Addition of 11 new management measures: - Threat intelligence - Information security for cloud service usage - ICT preparedness for business continuity - Physical security monitoring - Configuration management - Information deletion - Data masking - Data leakage prevention - Activity monitoring - Web filtering - Secure coding - Grouping of management measures from 14 items into 4 categories *For more details, we will provide a clear explanation through related links.*

• others

I would like to talk about what is important when facing ISO 9001:2015. ISO 9001:2015 contains various statements written in complex language, such as "must do." However, in reality, the content conveys what companies typically do as a matter of course in their operations and the necessary frameworks to protect the company and ensure appropriate management. ISO 9001:2015 is filled with hints for improving the company. Based on the above, I will outline the key points for engaging with ISO 9001:2015. [What does ISO 9001:2015 say?] It refers to the so-called PDCA cycle, but how does your company manage this? Are you able to elevate the level of the systems you are implementing by running the PDCA cycle? This is the essence of what ISO 9001:2015 requires. *For more details, I will provide a clear explanation through related links.

• others

The costs associated with obtaining ISO 9001 for the first time can be broadly divided into two categories: "mandatory costs" and "costs that can be minimized." After explaining these two types of costs in detail, we will introduce an approximate market rate for the necessary expenses based on case studies of companies that have successfully obtained ISO 9001. **Mandatory Costs When Obtaining ISO 9001 for the First Time** When obtaining ISO 9001 for the first time, there will always be "audit costs." Audit costs refer to the fees paid to the ISO certification body, which are broken down as follows: Audit costs = Audit fee + ISO registration fee + Travel and accommodation expenses for auditors **Costs That Can Be Minimized When Obtaining ISO 9001 for the First Time** In addition to audit costs, there are costs such as "management system development costs" and "capital investment and miscellaneous expenses." However, these costs can be minimized depending on the approach taken. *For more details, please refer to the related link that clearly explains "How much does it cost to obtain ISO 9001 for the first time."*

• others

The key points of the revisions to the requirements of ISO 9001:2015 can be broadly divided into the following four categories: - Integration into business processes - Addressing risks and opportunities - Promotion of a process approach - Greater flexibility regarding documentation and responsibilities/authorities **ISO 9001:2015, Four Revision Points** ■ Integration into business processes A new requirement has been added that calls for the integration of quality management system requirements into business processes, directed at top management. ■ Addressing risks and opportunities By strengthening the approach to risks and opportunities, organizations that previously thought it sufficient to address nonconformities only when they occurred, without adequately considering the planning of the quality management system, are now required to enhance their planning functions. ■ Promotion of a process approach It has become necessary to construct the management system in line with the actual flow of operations. ■ Greater flexibility regarding documentation and responsibilities/authorities The requirements for creating manuals used in the old standard have been expressed as "documented information." *For more details, a clear explanation will be provided through related links.*

• others

The key change points in the revision from ISO 9001:2008 to ISO 9001:2015 are that "it has become recognized that it is sufficient for the documents operated by each organization to comply with the standard." We will provide a detailed explanation of this change point and describe how to transition to the 2015 version. Please use this as a manual for transitioning to ISO 9001:2015. 【Added Item Numbers】 The following list includes item numbers that have been added with consideration for standardization across ISO as a whole. 4.1 Understanding the organization and its context 4.2 Understanding the needs and expectations of interested parties 4.3 Determining the scope of the quality management system 6.1 Actions to address risks and opportunities 6.3 Planning of changes 7.1.2 People 7.1.6 Organizational knowledge 8.5.5 Post-delivery activities 8.5.6 Control of changes *For more details, please refer to the related link for a clear explanation of the "ISO 9001 (Quality Management System): Transition Manual to the 2015 Revised Edition."

• others

In this column, we will introduce some examples of questions that internal auditors may ask during interviews in various departments. ISO 9001:2015 Section 9.2 requires that "internal audits are conducted at planned intervals." When obtaining ISO 9001:2015 certification, it is essential to conduct internal audits. However, the content of the standard only provides abstract information about when, who, and what should be done, leading many to question whether the internal audits being conducted are truly being done correctly. ■ Purpose of Conducting Internal Audits 1: To verify whether the organization's regulations and manuals align with actual practices. 2: To verify whether the organization's regulations and manuals align with the requirements of the plan. 3: To ensure that the system is designed to produce the desired results and outcomes as intended by the organization. The purpose of conducting internal audits is to collect information to confirm the above points. Therefore, internal audits will be based on the requirements of ISO 9001:2015 and the organization's own rules to verify actual practices.

• others

There are two main types of costs associated with obtaining ISO certification. The first is the examination fee charged by the certification body necessary for obtaining ISO certification. The second is the consultant fee for assistance in preparing for the examination. Regarding the consultant fee, it is not necessarily an expense that must be incurred, but based on my experience, about 90% of companies that are newly obtaining ISO certification typically contract with a consultant to help them prepare for the examination. First, let me discuss the examination fees. In conclusion, examination fees vary depending on the certification body, just like with consulting firms. Additionally, the examination fees may differ based on the customer's industry and size. In our case, the examination fees vary based on the following five conditions: ■ Number of applicable personnel ■ Number of applicable locations ■ Applicable standards ■ Applicable business activities ■ Presence of design and development activities *For detailed information, please refer to the related links. For more information, feel free to contact us.

• others

Our company conducts "ISMS audits," which significantly reduce the burden of the review process. The time taken from the audit to certification is approximately one month. The certification mark data and certificate will also be issued at this time. Additionally, since the certificate can be issued in both Japanese and English, there is an advantage in gaining international credibility. Furthermore, transferring the ISMS auditing organization (changing the certification body) can be done easily, and you can consider it whenever you want to make a review. 【Features】 ■ Online business negotiations/quotations available ■ Remote audits supported ■ Audits are speedy ■ Minimal burden on customers ■ International mutual recognition agreement system *For more details, please refer to the PDF materials or feel free to contact us.

• Management System

Our company offers flexible scheduling for the "ISMS Audit and Certification Service." We can conduct online meetings/quotations and accommodate remote audits. Audits that typically take two days with general certification bodies can sometimes be completed in one day, allowing for flexible scheduling of audit dates. Primarily, you can undergo an audit that mainly involves explaining your daily business operations. Please feel free to consult with us when needed. 【Features】 ■ Fastest certification process from application to certification in 3 months ■ Minimal impact on daily operations ■ Audits tailored to your business activities ■ No last-minute rush before the audit ■ Support for remote audits *For more details, please refer to the PDF document or feel free to contact us.

• Management System

We conduct 'ISO certification audits' that allow for online meetings/quotations and can accommodate remote audits. The number of days required for the audit is minimal, and we can flexibly adjust schedules. Document submission is kept to a minimum, and the audit is tailored to your business activities, eliminating any last-minute rush before the audit. Additionally, we can issue certificates in both Japanese and English, providing an advantage in gaining international credibility. Please feel free to consult us if you have any requests. 【Features】 ■ Minimal impact on daily operations ■ Low burden on customers ■ Over 11,000 companies worldwide and more than 1,000 companies domestically have been certified ■ International mutual recognition agreement system ■ Fast from audit to certification *For more details, please refer to the PDF materials or feel free to contact us.

• Management System

Our company offers "ISO audit and certification services" for ISO 9001, ISO 14001, and ISO 27001 (ISMS), all of which can be certified in as little as three months. We conduct audits based on practical experience rather than paperwork. The main focus of the audit is on explaining daily business activities. Additionally, we do not require the submission of a year's worth of documents before the audit, so there is no last-minute rush before the audit. Please feel free to consult us when you need our services. 【Features】 ■ Fast audits ■ Fast certification ■ Minimal burden on customers ■ Over 11,000 companies worldwide and more than 1,000 companies domestically have achieved certification ■ International mutual recognition agreement system *For more details, please refer to the PDF document or feel free to contact us.

• Management System

ISO stands for the "International Organization for Standardization," which is an international standardization organization. Based in Geneva, Switzerland, its main activity is to establish global standards to ensure that "products and services of the same quality and level can be provided worldwide" across various fields. To avoid these obstacles and facilitate smooth international transactions, ISO establishes "ISO standards," which are "worldwide common standards." The creation and revision of these standards are conducted through votes by member countries, including Japan, totaling 165 countries worldwide. Implementing ISO standards means "providing products and services based on a common global standard." Therefore, it becomes a significant factor in building trust not only in international transactions but also in domestic transactions within Japan. However, it is important to note that ISO certification is required to prove that products and services are provided according to the standards set by ISO.

• others

Our company offers an "ISO certification audit service" that flexibly accommodates scheduling for audits, allowing us to complete audits that typically take two days at other certification bodies in just one day. With fewer audit days, the impact on daily operations can be minimized. Additionally, we conduct audits based on practical experience rather than paperwork, allowing you to primarily explain your daily operations during the audit. Why is this possible? It is because one of our key features is that we employ auditors internally. By hiring auditors in-house, we can optimize audit costs and labor. Furthermore, our auditors are relatively young, enabling us to conduct flexible audits tailored to the site, making it possible to obtain ISO certification without burdening management or on-site personnel, not just in terms of cost. 【Certification Standards】 ■ISO 9001 Quality Management System ■ISO 14001 Environmental Management System ■ISO 27001 Information Security Management System ■ISO 45001 Occupational Health and Safety Management System (for the construction industry only) *For more details, please download the PDF or feel free to contact us.

• others