GCERTI-JAPAN List of Products and Services

GCERTI-JAPAN Co., Ltd. is an ISO certification body (ISO certification organization). Our company is flexible in scheduling the audit dates and can complete audits that take two days with other certification bodies in just one day, providing an "ISO standard certification audit service." With fewer audit days, the impact on daily operations can be minimized. Additionally, we conduct audits based on practical experience rather than paperwork, allowing you to primarily explain your daily operations during the audit. If you have any concerns regarding audits related to ISO 9001, ISO 14001, ISO 27001, or ISO 45001, or if you need assistance with planning and managing seminars and training related to audits, please feel free to contact us. **Benefits of Requesting Our Services:** - Many of our auditors are young, allowing for flexible responses tailored to the site and scale! - Many auditors have an understanding of the latest tools and work styles, enabling audits from multiple perspectives. - We employ internal auditors, making it easier to schedule and allowing for certification acquisition in as little as three months! - We conduct internal auditor training, ensuring that all auditors adhere to the same audit standards. *For more details, please download the PDF or contact us.*

• ISO certification body

Typically, ISO audits are conducted on a three-year cycle for renewal audits. I will explain the cycle in detail, separating it into new certification acquisition and transfer audits. ■ For New Certification Year 1: Initial Audit (Stage 1 Audit, Stage 2 Audit) Year 2: Surveillance Audit Year 3: Surveillance Audit Year 4: Renewal Audit After the renewal audit in Year 4 is completed, there will be two more surveillance audits (over 2 years), followed by a renewal audit the following year, continuing the three-year cycle. ■ For Transfer (Change of Certification Body) Audits In principle, it is possible to inherit the previous audit cycle. Many customers perceive that "transferring is quite a hassle," but in our case, it can be easily done by submitting the following documents: - Application form (the sales department will assist in its preparation) - Organizational chart (the sales department will assist in its preparation) - Latest version of the manual data - Copy of the previous certification body's certificate - Copy of the previous audit report - If there were any non-conformities in the previous audit, a corrective action report and evidence of corrective actions *We will provide a clear explanation of the surveillance audit in this ISO through related links.

• ISO certification body

Do you need a consultant to obtain ISO27001 (ISMS)? In conclusion, it is not absolutely necessary. However, depending on the internal structure, there are certainly cases where it is better to rely on a consultant. As an ISO auditor, I will provide specific examples of companies that did not need a consultant when obtaining ISO27001 (ISMS), while also introducing how to determine when a consultant is necessary and when it is not. 【What is a consultant?】 ■ A consultant is a professional who has experience and knowledge in a particular field and provides guidance and advice to clients. ■ Organizations that do not need a consultant are those that understand the ISO standard requirements. - Organizations with employees who can dedicate sufficient time to ISO. ■ Approximately 80-90% of organizations utilize consultants. *For more details, please refer to the related link, which explains whether a consultant is absolutely necessary for obtaining ISO27001 (ISMS) in an easy-to-understand manner.

• ISO certification body

Document management refers to "the appropriate management of internal documents, such as company information and customer information, from creation to disposal." Documents that inevitably arise from corporate management activities must be properly managed. If internal document management is not conducted appropriately, it can lead to decreased operational efficiency and the potential for information leaks, which could damage the company's credibility. Therefore, companies are working on document management as one of their fundamental operations. We will provide a detailed introduction to the basic principles of document management in ISO and key points to keep in mind. 【What is Document Management?】 - It is extremely important for improving operational efficiency, productivity, and strengthening compliance. - When managing documents, it is also important to establish appropriate rules for document retention periods. 【Common Challenges in Document Management】 - There is a vast amount of paper documents, and storage space is insufficient. - Documents that the company should retain are held by individuals. - Employees have difficulty smoothly finding the documents they are looking for. - There are security concerns regarding loss and information leaks with paper documents. - It is not easy to check documents smoothly while out of the office. - Document data cannot be utilized as an asset. *For more details, we will provide a clear explanation through related links.

• ISO certification body

I don't know where to start in order to obtain ISO 14001." I believe this summarizes the concerns of representatives from small and medium-sized enterprises. I will explain the preparations for obtaining ISO 14001. ■ Preparation for Certification Audit To obtain ISO 14001, it is necessary to undergo an audit by an ISO certification body, regardless of the size of the company. As preparation for this audit, it is necessary to create new documents and records to meet the requirements outlined in JIS Q 14001. These documents and records do not necessarily have to be in paper format. Due to the recent trend towards paperless operations and the proliferation of online systems, it is also possible to use digital formats. ■ Required Documents for the Audit The following items are required specifically by JIS Q 14001, which are not found in other standards: ~ Items required only by JIS Q 14001 ~ - Environmental policy - Environmental objectives - Environmental aspects - Compliance obligations and compliance evaluation - Emergency preparedness *For more details, please refer to the related link, which provides a clear explanation of "How Small and Medium-sized Enterprises Can Obtain ISO 14001!

• ISO certification body

The seven principles of quality management refer to the fundamental principles established in the ISO 9001 standard for quality management systems. They provide a framework for building a quality management system that maintains conformity and effectiveness. 【Seven Principles of Quality Management】 ■ Customer Focus ■ Leadership ■ Engagement of People ■ Process Approach ■ Improvement ■ Evidence-Based Decision Making ■ Relationship Management 【Necessity of the Seven Principles of Quality Management】 The "Seven Principles of Quality Management," which form the basis of the JIS Q 9001 standard, are fundamental principles recommended by ISO for organizations aiming to improve their performance. If the seven principles of quality management are not maintained, the likelihood of nonconformities and complaints increases, as does the risk of providing products and services that do not meet customer satisfaction. To implement a quality management system more effectively and efficiently and to enhance customer satisfaction, the "Seven Principles of Quality Management," which serve as a framework for building a "quality management system that maintains conformity and effectiveness," are essential. *For more details, please refer to the related links for further explanation.

• ISO certification body

ISO27001 refers to "Information Security Management Systems," and as the name suggests, it is an ISO standard concerning information security management systems. It is often abbreviated as "ISMS." Organizations possess a vast amount of information that is utilized in their business activities or accumulated over time. Examples include information about individuals within the organization, such as employees, customer information for companies, contract information, information related to product sales, and development data for system development companies. These pieces of information are invaluable assets for the organization, but if the preservation and management of this information are neglected, what kind of issues might arise? The organization's business activities may not proceed smoothly, trust from customers may be lost, or it could lead to problems that are highlighted in the news as incidents of information leakage. ISO27001 establishes the security, management methods, and management approaches for information related to such organizations. *For more details, please refer to the related links for a clearer explanation.*

• ISO certification body

The international standard that defines the requirements for information security management systems, ISMS (ISO/IEC 27001), was revised in 2022. This revision was necessary because the related standard, ISO/IEC 27002, underwent changes that significantly altered the structure and content of the management measures, requiring updates or supplementary publications for ISMS (ISO/IEC 27001) to maintain consistency between the two standards. **Key Points of the 2022 Revision of ISMS (ISO/IEC 27001)** - Reduction in the number of items - Addition of 11 new management measures: - Threat intelligence - Information security for cloud service usage - ICT preparedness for business continuity - Physical security monitoring - Configuration management - Information deletion - Data masking - Data leakage prevention - Activity monitoring - Web filtering - Secure coding - Grouping of management measures from 14 items into 4 categories *For more details, please refer to the related links for a clearer explanation.*

• ISO certification body

I would like to talk about what is important when facing ISO 9001:2015. ISO 9001:2015 contains various statements written in complex language, such as "must do this," and so on. However, in reality, the content simply conveys what companies typically do as a matter of course in their operations and the necessary structures for protecting the company and ensuring proper management. ISO 9001:2015 is filled with hints for improving the company. Based on the above, I will outline the key points for working on ISO 9001:2015. 【What does ISO 9001:2015 say?】 It refers to the PDCA cycle, but how does your company manage this? Are you able to elevate the level of the systems you are implementing by running the PDCA cycle? This is the essence of what ISO 9001:2015 requires. *For more details, I will provide a clear explanation through related links.

• ISO certification body

The costs associated with obtaining ISO 9001 for the first time can be broadly divided into two categories: "mandatory costs" and "costs that can be minimized." After explaining these two types of costs in detail, we will introduce an approximate market rate for the necessary expenses based on case studies of companies that have successfully obtained ISO 9001. **Mandatory Costs When Obtaining ISO 9001 for the First Time** When obtaining ISO 9001 for the first time, there will always be "audit costs." Audit costs refer to the fees paid to the ISO certification body, and the breakdown is as follows: Audit costs = Audit fee + ISO registration fee + Auditor's travel and accommodation expenses **Costs That Can Be Minimized When Obtaining ISO 9001 for the First Time** In addition to audit costs, there are costs such as "management system development costs" and "capital investment and miscellaneous expenses." However, these can be minimized depending on the approach taken. *For more details, please refer to the related link that clearly explains "how much it costs to obtain ISO 9001 for the first time."*

• ISO certification body

The key points of the revisions to the requirements of ISO 9001:2015 can be broadly divided into the following four categories: - Integration into business processes - Addressing risks and opportunities - Promotion of a process approach - Greater flexibility regarding documentation and responsibilities/authorities **ISO 9001:2015, Four Revision Points** ■ Integration into business processes A new requirement has been added that calls for the integration of quality management system requirements into business processes by top management. ■ Addressing risks and opportunities By strengthening the approach to risks and opportunities, organizations that have previously thought that it was sufficient to address nonconformities only after they occur, without adequately considering the planning of the quality management system, are now required to enhance their planning functions. ■ Promotion of a process approach It has become necessary to build a management system that aligns with the actual flow of business operations. ■ Greater flexibility regarding documentation and responsibilities/authorities The requirement for creating manuals used in the old standard has now been expressed as "documented information." *For more details, we will provide a clear explanation through related links.*

• ISO certification body

The key point of the revision from ISO 9001:2008 to ISO 9001:2015 is that "it has become recognized that it is sufficient for the documents operated by each organization to comply with the standard." We will provide a detailed explanation of this key point and describe how to transition to the 2015 version. Please use this as a manual for transitioning to ISO 9001:2015. 【Added Item Numbers】 The following list includes item numbers that have been added with consideration for standardization across ISO as a whole. 4.1 Understanding the organization and its context 4.2 Understanding the needs and expectations of interested parties 4.3 Determining the scope of the quality management system 6.1 Actions to address risks and opportunities 6.3 Planning of changes 7.1.2 People 7.1.6 Organizational knowledge 8.5.5 Post-delivery activities 8.5.6 Control of changes *For more details, please refer to the related link for a clear explanation of the "ISO 9001 (Quality Management System): Transition Manual to the 2015 Revised Edition."

• ISO certification body

In this column, we will introduce some examples of questions that internal auditors may ask during interviews in various departments. ISO 9001:2015 Section 9.2 requires that "internal audits are conducted at planned intervals." When obtaining certification for ISO 9001:2015, it is essential to conduct internal audits. However, the content of the standard only provides abstract information about when, who, and what should be done, leading many to question whether their internal audits are truly being conducted correctly. ■ Purpose of Conducting Internal Audits 1: To verify whether the organization's regulations and manuals align with actual practices. 2: To check if the organization's regulations and manuals are consistent with the requirements of the plan. 3: To ensure that there is a system in place that produces the desired results and outcomes as expected by the organization. The purpose of conducting internal audits is to collect information to confirm the above points. Therefore, internal audits will be based on the three criteria of the ISO 9001:2015 standard requirements and the company's own rules to verify actual practices.

• ISO certification body

There are two main types of costs associated with obtaining ISO certification. The first is the examination fee charged by the certification body necessary for obtaining ISO certification. The second is the consultant fee for assisting with preparations leading up to the examination. Regarding the consultant fee, it is not necessarily an expense that must be incurred, but based on my experience, about 90% of companies seeking new ISO certification typically contract with a consultant to help prepare for the examination. First, let me discuss the examination fees. In conclusion, examination fees vary depending on the certification body, just like with consulting firms. Additionally, examination fees may differ based on the customer's industry and size. In our case, examination fees vary based on the following five conditions: ■ Number of applicable personnel ■ Number of applicable locations ■ Applicable standards ■ Applicable business activities ■ Presence of design and development activities *For detailed information in the column, please refer to the related links. For more details, feel free to contact us.*

• ISO-related consultant

Our company conducts "ISMS audits," which significantly reduce the burden of the auditing process. The time taken from the audit to certification is approximately one month. At this time, the certification mark data and certificate will also be issued. Additionally, since the certificate can be issued in both Japanese and English, there is an advantage in gaining international credibility. Furthermore, transferring the ISMS auditing body (changing the certification body) can be done easily, and you can consider it whenever you wish to review. 【Features】 ■ Online business negotiations/quotations available ■ Remote audits supported ■ Audits are speedy ■ Minimal burden on customers ■ International mutual recognition agreement system *For more details, please refer to the PDF document or feel free to contact us.

• Management Seminar

We offer a flexible "ISMS Audit and Certification Service" that can accommodate schedule adjustments. Online meetings and estimates are available, and we can also conduct remote audits. Audits that typically take two days with standard certification bodies can sometimes be completed in one day, allowing for flexible scheduling of the audit dates. Primarily, you can undergo the audit by explaining your daily business activities. Please feel free to consult us when you need our services. 【Features】 ■ Fastest certification from application in 3 months ■ Minimal impact on daily operations ■ Audits tailored to your business activities ■ No last-minute rush before the audit ■ Support for remote audits *For more details, please refer to the PDF materials or feel free to contact us.

• Management Seminar

Our company conducts "ISO certification audits" that allow for online meetings/quotations and can accommodate remote audits. The number of days required for the audit is minimal, and we can flexibly adjust schedules. Document submission is kept to a minimum, with audits tailored to your business activities, and there is no last-minute rush before the audit. Additionally, we can issue certificates in both Japanese and English, making it easier to gain international credibility. Please feel free to consult us if you have any requests. 【Features】 ■ Minimal impact on daily operations ■ Low burden on customers ■ Over 11,000 companies worldwide and more than 1,000 companies domestically have been certified ■ International mutual recognition agreement system ■ Fast process from audit to certification *For more details, please refer to the PDF materials or feel free to contact us.

• Management Seminar

Our company offers "ISO audit and certification services" for ISO 9001, ISO 14001, and ISO 27001 (ISMS), all of which can be certified in as little as three months. We conduct audits based on practical experience rather than paperwork. The main focus of the audit is on explaining daily operations. Additionally, we do not require the submission of a year's worth of documents before the audit, so there is no rush before the audit. Please feel free to consult us when needed. 【Features】 ■ Fast audits ■ Fast certification ■ Minimal burden on customers ■ Over 11,000 companies worldwide and more than 1,000 companies domestically have achieved certification ■ International mutual recognition agreement system * For more details, please refer to the PDF document or feel free to contact us.

• Management Seminar

ISO stands for the "International Organization for Standardization," which is an international standardization organization. Based in Geneva, Switzerland, its main activity is to establish global standards to ensure that "products and services of the same quality and level can be provided worldwide" across all fields. To avoid these obstacles and facilitate smooth international transactions, ISO establishes "ISO standards," which are "worldwide common standards" or "a common yardstick." The creation and revision of these standards are conducted through voting by member countries, including Japan, totaling 165 countries worldwide. Implementing ISO standards means "providing products and services based on a common yardstick." Therefore, it becomes a significant factor in building trust not only in international transactions but also in domestic transactions within Japan. *However, to prove that products or services are provided according to the standards set by ISO, ISO certification is required.*

• ISO certification body

Our company offers an "ISO standard certification audit service" that flexibly accommodates scheduling for audits, allowing us to complete audits that typically take two days with other certification bodies in just one day. With fewer audit days, the impact on daily operations can be minimized. Additionally, we conduct audits based on practical experience rather than paperwork, allowing for a focus on explaining daily operations during the audit. Why is this possible? It is primarily due to our unique feature of employing auditors internally. By hiring auditors in-house, we can optimize audit costs and labor. Furthermore, our auditors are relatively young, enabling us to conduct flexible audits tailored to the field, making it possible to obtain ISO certification without burdening management or on-site personnel, not just in terms of cost. [Certification Standards] ■ISO 9001 Quality Management System ■ISO 14001 Environmental Management System ■ISO 27001 Information Security Management System ■ISO 45001 Occupational Health and Safety Management System (Construction industry only) *For more details, please download the PDF or feel free to contact us.

• others