公告&动态 第201页

You are what you buy – the first International Standard for sustainable procurement just published

Sustainable purchasing can improve supplier relations – and your business. ISO 20400 for sustainable procurement has just been published to help organizations make sustainable purchasing a way of life.

Procurement plays a large role in any organization, large or small. Who an organization buys from has just as big an impact on its performance as what it buys. Ensuring suppliers have sound and ethical practices – across everything from working conditions and risk management to their environmental impact – has the potential to not only make businesses work better, but to improve the lives of everyone in the communities where they are situated.

Sustainable procurement entails making purchasing decisions that meet an organization’s needs in a way that benefits them, society and the environment. It involves ensuring that a company’s suppliers behave ethically, that the products and services purchased are sustainable and that such purchasing decisions help to address social, economic and environmental issues.

ISO 20400, Sustainable procurement – Guidance, is the world’s first International Standard for sustainable procurement and aims to help organizations develop and implement sustainable purchasing practices and policies.

Jacques Schramm, Chair of ISO/PC 277, the project committee that developed the standard, says the benefits of sustainable procurement can be far-reaching. “It is no longer enough for businesses to rely on suppliers to provide them with what they want, no questions asked. Organizations benefit greatly from getting to know their suppliers – understanding what their requirements are as well – to ensure their demands are not unrealistic and that the suppliers they work with have good, ethical practices,” he explains.

“The risks of not understanding and managing practices throughout the whole supply chain are great. At best, poor quality products or ruptures of stock can result. At worst, disasters like the Rana Plaza in Bangladesh in 2013 can happen. Sustainable procurement helps to minimize risks such as these by encouraging buyers and suppliers to work closely together for a better result for all.”

ISO 20400 provides guidelines for integrating sustainability into an organization’s procurement policy strategy and process, defining the principles of sustainable procurement such as accountability, transparency, respect for human rights and ethical behaviour.

ISO tackles loud traffic noise

Anyone living near a busy road will agree that traffic noise is a serious nuisance. According to the World Health Organization (WHO), it can also affect our health and lead to premature death.

Traffic-related noise pollution accounts for over one million healthy years of life lost annually to ill health, disability or early death in the western countries of the European Region, states a WHO report on the subject. But this problem is not limited to Europe as it affects any country with traffic areas and high vehicle usage.   

One of the biggest contributors to this issue is the sound created when a tyre touches the pavement. The worst type of tyre/road interaction occurs at speeds of, or above, 50 km/h. For light vehicles, it starts at speeds as slow as 30 km/h while, for the otherwise quiet electric vehicles, it happens at every speed range.

The United Nations Economic Commission for Europe has issued legal limits to control tyre noise and these are in place in most industrialized countries. However, road surfaces are also an important variable, influencing traffic noise as much as tyres and vehicles do.

A few countries have started to modify road surfaces in areas vulnerable to high noise, but there is still a long way to go. Negotiations are currently underway to legally limit how much noise a road surface should generate, a move that is also backed by vehicle and tyre manufacturers. 

But in order to put these requirements into practice, we need International Standards to uniformly and reliably measure and monitor the influence of road surfaces on traffic noise. ISO published a first standard in 1997, but advances in technology and changing needs have led to the development of a new methodology in ISO 11819-2, Acoustics – Measurement of the influence of road surfaces on traffic noise – Part 2: The close-proximity method.

Ulf Sandberg, Project Leader for the new standard, says that “the new methodology is much more practical and easier to use, especially for long stretches of road”.

This new method led to the development of technical specification ISO/TS 11819-3 on reference tyres. Sandberg explains: “We were developing the new ISO 11819-2 when we realized that we also needed to identify tyres correctly to give reliable and reproducible data, so we created ISO/TS 11819-3.”

However, the ISO committee developing these standards went even further. Recent research has shown that temperature influences noise emission as much as tyres and road surface. A new document, ISO/TS 13471-1, was developed to account for the influence of temperature when measuring tyre/road noise.

“The need to control road noise is getting more and more attention. The European Commission, for example, now requires that member states regularly report traffic noise emission along major roads and that they develop abatement programmes if these are found to be excessive,” says Sandberg. “The three new documents offer a solid toolbox for identifying the contribution of road surfaces to noise pollution.”

Measuring effectiveness of information security

ISO/IEC 27004 explains how to develop, assess and report results of information security metrics

By Claire Marchand

You simply can’t be too careful when it comes to information security. Protecting personal records and commercially sensitive information is critical. But how can you tell that your ISO/IEC 27001 information security management system (ISMS) is making a difference? A new ISO/IEC International Standard can help you out.

information security

ISO/IEC 27004 explains how to develop measurement processes and how to assess and report results of information security metrics

New edition of ISO/IEC 27004

The recently updated ISO/IEC 27004:2016, Information technology – Security techniques – Information security management – Monitoring, measurement, analysis and evaluation, provides guidance on how to assess the performance of ISO/IEC 27001:2013, Information technology — Security techniques — Information security management systems — Requirements. It explains how to develop and operate measurement processes, and how to assess and report the results of a set of information security metrics.

Prof. Edward Humphreys, Convenor of the working group that developed the standard (ISO/IEC JTC 1/SC 27), says: “Cyber-attacks are among the greatest risks an organization can face. This is why the much improved version of ISO/IEC 27004 provides essential and practical support to the many organizations that are implementing ISO/IEC 27001 to protect themselves from the growing diversity of security attacks that business is facing today.”

Insights into effectiveness of ISMS

Security metrics can provide insights regarding the effectiveness of an ISMS and, as such, have taken centre stage. Whether you’re an engineer or consultant responsible for security and reporting to management or an executive who needs better information for decision making, security metrics have become an important vehicle for communicating the state of an organization’s cyber risk posture.

In Prof. Humphreys’ own words, “Organizations need help to address the question of whether the organization’s investment in information security management is effective, fit for purpose to react, defend and respond to the continually changing cyber-risk environment. This is where ISO/IEC 27004 can provide numerous advantages.”

Many benefits

ISO/IEC 27004:2016 shows how to construct an information security measurement programme, how to select what to measure, and how to operate the necessary measurement processes. It includes extensive examples of different types of measures, and how the effectiveness of these measures can be assessed.

Among the many benefits to organizations of using ISO/IEC 27004 are:

Increased accountability

Improved information security performance and ISMS processes

Evidence of meeting requirements of ISO/IEC 27001, as well as applicable laws, rules and regulations

ISO/IEC 27004:2016 replaces the 2009 edition; it has been updated and extended to align with the revised version of ISO/IEC 27001:2013 to provide organizations with greater added value and confidence.

ISO/IEC 27004:2016 was developed by Subcommittee 27: IT security techniques, of ISO/IEC Joint Technical Committee (JTC) 1, Information technology.

Measuring effectiveness of information security

ISO/IEC 27004 explains how to develop, assess and report results of information security metrics

By Claire Marchand

You simply can’t be too careful when it comes to information security. Protecting personal records and commercially sensitive information is critical. But how can you tell that your ISO/IEC 27001 information security management system (ISMS) is making a difference? A new ISO/IEC International Standard can help you out.

information security

ISO/IEC 27004 explains how to develop measurement processes and how to assess and report results of information security metrics

New edition of ISO/IEC 27004

The recently updated ISO/IEC 27004:2016, Information technology – Security techniques – Information security management – Monitoring, measurement, analysis and evaluation, provides guidance on how to assess the performance of ISO/IEC 27001:2013, Information technology — Security techniques — Information security management systems — Requirements. It explains how to develop and operate measurement processes, and how to assess and report the results of a set of information security metrics.

Prof. Edward Humphreys, Convenor of the working group that developed the standard (ISO/IEC JTC 1/SC 27), says: “Cyber-attacks are among the greatest risks an organization can face. This is why the much improved version of ISO/IEC 27004 provides essential and practical support to the many organizations that are implementing ISO/IEC 27001 to protect themselves from the growing diversity of security attacks that business is facing today.”

Insights into effectiveness of ISMS

Security metrics can provide insights regarding the effectiveness of an ISMS and, as such, have taken centre stage. Whether you’re an engineer or consultant responsible for security and reporting to management or an executive who needs better information for decision making, security metrics have become an important vehicle for communicating the state of an organization’s cyber risk posture.

In Prof. Humphreys’ own words, “Organizations need help to address the question of whether the organization’s investment in information security management is effective, fit for purpose to react, defend and respond to the continually changing cyber-risk environment. This is where ISO/IEC 27004 can provide numerous advantages.”

Many benefits

ISO/IEC 27004:2016 shows how to construct an information security measurement programme, how to select what to measure, and how to operate the necessary measurement processes. It includes extensive examples of different types of measures, and how the effectiveness of these measures can be assessed.

Among the many benefits to organizations of using ISO/IEC 27004 are:

Increased accountability

Improved information security performance and ISMS processes

Evidence of meeting requirements of ISO/IEC 27001, as well as applicable laws, rules and regulations

ISO/IEC 27004:2016 replaces the 2009 edition; it has been updated and extended to align with the revised version of ISO/IEC 27001:2013 to provide organizations with greater added value and confidence.

ISO/IEC 27004:2016 was developed by Subcommittee 27: IT security techniques, of ISO/IEC Joint Technical Committee (JTC) 1, Information technology.

Aus der Praxis für die Praxis – Veröffentlichung der Normenreihe DIN 15159

Transportkette für Erzeugnisse des Handels – Spezifische Palette aus thermoplastischem Kunststoff.

Innerhalb Europas hat sich seit langem die so genannte Halbpalette als Transport- und Ladehilfsmittel in der Logistik von Handelsunternehmen und auch bei Discountern etabliert. Mit ihren Abmessungen von 800 mm × 600 mm sind Halbpaletten optimal für den direkten Einsatz auf den Verkaufsflächen am Point-of-Sale geeignet. Damit stehen die Waren am Ende palettiert auf der Verkaufsfläche und können über die gesamte Distributionskette vom Hersteller bis zum Point-of-Sale durchgängig auf demselben Ladungsträger verbleiben. Sowohl in den Umschlagprozessen als auch auf der Verkaufsfläche wird dadurch der Arbeitsaufwand minimiert.

Die Idee eines Ladungsträgers in der Größe einer halben Euro-Palette entstand bereits vor rund 25 Jahren und wurde in der Norm DIN 15146-4, Vierwege-Flachpaletten aus Holz; 800 mm × 600 mm spezifiziert. Mangelnde Stabilität und Beschädigungen aufgrund nicht eingehaltener Vorgaben nach DIN 15146-4 führten in den vergangenen Jahren innerhalb des offenen Pool-Systems vermehrt zu größeren Qualitätsproblemen.

Aus diesem Grund haben sich mehrere Handelsunternehmen entschieden in Kooperation mit Paletten-Herstellern eigene Halbpaletten aus Kunststoff für die Nutzung in geschlossenen Paletten-Pools zu entwickeln. Um eine definierte Paletten-Qualität auch handelsübergreifend gewährleisten zu können, wurde der Arbeitsausschuss NA 115‑03‑07 AA „Paletten“ des Normenausschusses Verpackungswesen (NAVp) im September 2014 mit der Erarbeitung einer Norm für Paletten aus Kunststoff im Maß 800 mm × 600 mm beauftragt.

Es wurde festgelegt das Norm-Projekt als Normenreihe DIN 15159, Transportkette für Erzeugnisse des Handels — Spezifische Palette aus thermoplastischem Kunststoff bestehend aus den folgenden Teilen zu erarbeiten:

– Teil 1: 800 mm × 600 mm ×160 mm; Maße und Gewichte;

– Teil 2: Anforderungen und Prüfungen;

– Teil 3: Auto-ID und RFID.

Die Erarbeitung der Normenreihe erfolgte durch Beteiligung der interessierten Kreise aus den folgenden Bereichen: Handel, Paletten-Hersteller, Forschung sowie Unternehmen aus der Fördertechnik und der Ident-Technologie. Teil 1 wurde im Oktober 2016 veröffentlicht. Die Teile 2 und 3 sind im Januar 2017 erschienen.

European police firearms technology recommendations 

Laws, police tactics and requirements differ from country to country. A common set of technical recommendations and verification methods, not limiting national decision-making or police tactics, are needed to guarantee high quality equipment for and occupational safety of police officials. However, the recommendations must be flexible to comply with national conditions, accepting more than one technical solution and provide unambiguous definitions, test methods and sentencing criteria.

CEN/WS Police Firearms Technologies (CEN/WS PFT) was set up in January 2015, of which the secretariat is provided by the Austrian Standards Institute (ASI). The Workshop workshop membership consists of representatives from industry organizations and police forces working under the guidance of Adjunct Professor Jorma Jussila (the chair of this WS) to develop a set of recommendations for police firearms technology.

Solid technical basis and yardstick

The following Workshop Agreements were published in December 2016, and provide a solid technical basis and yardstick for the design process of industry, national procurement and continuous monitoring of firearms used in the field:

.         CWA 17094-1:2016 Police firearms technology – Part 1: Police pistol and rifle ammunition features – Recommendations

.         CWA 17094-2:2016 Police firearms technology – Part 2: Police pistol and support weapon – Recommendations

.         CWA 17094-3:2016 Police firearms technology – Part 3: Police shotgun ammunition features – Recommendations

The publications are available for purchase with CEN National Standardization Bodies.

The result will be newer, more flexible recommendations and test methods for firearms in use in Europe.

“When used to define national technical requirements for an invitation to tender, a subset of the requirements can be selected and rated according to their importance to the procuring unit. A further subset can be defined for carrying out acceptance inspections of a manufacturing lot or for assessing and monitoring the current firearms in use. This allows using standardized unambiguous text to describe varying national needs.” Mr Jorma Jussila, Chairman of CEN/WS PFT

European police firearms technology recommendations 

Laws, police tactics and requirements differ from country to country. A common set of technical recommendations and verification methods, not limiting national decision-making or police tactics, are needed to guarantee high quality equipment for and occupational safety of police officials. However, the recommendations must be flexible to comply with national conditions, accepting more than one technical solution and provide unambiguous definitions, test methods and sentencing criteria.

CEN/WS Police Firearms Technologies (CEN/WS PFT) was set up in January 2015, of which the secretariat is provided by the Austrian Standards Institute (ASI). The Workshop workshop membership consists of representatives from industry organizations and police forces working under the guidance of Adjunct Professor Jorma Jussila (the chair of this WS) to develop a set of recommendations for police firearms technology.

Solid technical basis and yardstick

The following Workshop Agreements were published in December 2016, and provide a solid technical basis and yardstick for the design process of industry, national procurement and continuous monitoring of firearms used in the field:

.         CWA 17094-1:2016 Police firearms technology – Part 1: Police pistol and rifle ammunition features – Recommendations

.         CWA 17094-2:2016 Police firearms technology – Part 2: Police pistol and support weapon – Recommendations

.         CWA 17094-3:2016 Police firearms technology – Part 3: Police shotgun ammunition features – Recommendations

The publications are available for purchase with CEN National Standardization Bodies.

The result will be newer, more flexible recommendations and test methods for firearms in use in Europe.

“When used to define national technical requirements for an invitation to tender, a subset of the requirements can be selected and rated according to their importance to the procuring unit. A further subset can be defined for carrying out acceptance inspections of a manufacturing lot or for assessing and monitoring the current firearms in use. This allows using standardized unambiguous text to describe varying national needs.” Mr Jorma Jussila, Chairman of CEN/WS PFT

Better detecting viruses in water to protect your health 

“The virus monitoring in water is not mandatory in Europe. The current virus test – based on molecular biology – is expensive, time consuming and labor intensive, thus the test is limited to few laboratories in a few countries, even though the protection of water networks against pathogenic viruses is crucial. We hope that with the present CWA and later with a European Standard the monitoring of pathogen viruses in water will spread in Europe, protecting people from serious outbreaks”, Ms Noemi Rozlosnik, chairperson of CEN Workshop WS 82

Are we sure of the safety of our waters in Europe? Worldwide waterborne viral diseases represent a high public health risk. Currently, human enteric viruses are frequently found in in different types of environmental water samples. These viruses can cause polio, hepatitis, gastroenteritis as well as other types of innocuous infections.

Waters can be contaminated by infectious viral particles (human and animal urine and feces containing pathogenic microorganisms) through the release of sanitary wastewaters. People can then be contaminated through contact with these waters or be infected through their consumption.

Urban wastewater contains a large number of pathogen viruses that even the most advanced wastewater treatment cannot fully remove. When you know that as few as 10-100 virus particles can cause a serious illness in humans, it is time to tackle the problem.

Therefore, CEN has developed a standardized sensor system which is intended to provide a rapid, simple and economic method for monitoring dangerous levels of various types of viruses.

A new CEN Workshop Agreement for safer waters

The CEN Workshop WS 82 – 'Virus sensor system for monitoring rotavirus, norovirus and hepatitis A virus in various types of water intended for human use (AquaVir)’, of which the sercretariat was provided by our German National Member DIN, was created to develop:

.         CWA 17102:2017 – a CEN Workshop Agreement (CWA) for a cost effective, on-site detection system for monitoring rotavirus, norovirus and hepatitis A virus in different types of water such as municipal water, surface water, bathing water, drinking water and ground water.
CWA 17102:2017 was published on 11 January 2017 and is now available for purchase with CEN National Standardization Bodies.

It is the first milestone towards the development of a European Standard. The CEN CWA has a lifetime of 3 years, which can be extended to a total of 6 years.

Better detecting viruses in water to protect your health 

“The virus monitoring in water is not mandatory in Europe. The current virus test – based on molecular biology – is expensive, time consuming and labor intensive, thus the test is limited to few laboratories in a few countries, even though the protection of water networks against pathogenic viruses is crucial. We hope that with the present CWA and later with a European Standard the monitoring of pathogen viruses in water will spread in Europe, protecting people from serious outbreaks”, Ms Noemi Rozlosnik, chairperson of CEN Workshop WS 82

Are we sure of the safety of our waters in Europe? Worldwide waterborne viral diseases represent a high public health risk. Currently, human enteric viruses are frequently found in in different types of environmental water samples. These viruses can cause polio, hepatitis, gastroenteritis as well as other types of innocuous infections.

Waters can be contaminated by infectious viral particles (human and animal urine and feces containing pathogenic microorganisms) through the release of sanitary wastewaters. People can then be contaminated through contact with these waters or be infected through their consumption.

Urban wastewater contains a large number of pathogen viruses that even the most advanced wastewater treatment cannot fully remove. When you know that as few as 10-100 virus particles can cause a serious illness in humans, it is time to tackle the problem.

Therefore, CEN has developed a standardized sensor system which is intended to provide a rapid, simple and economic method for monitoring dangerous levels of various types of viruses.

A new CEN Workshop Agreement for safer waters

The CEN Workshop WS 82 – 'Virus sensor system for monitoring rotavirus, norovirus and hepatitis A virus in various types of water intended for human use (AquaVir)’, of which the sercretariat was provided by our German National Member DIN, was created to develop:

.         CWA 17102:2017 – a CEN Workshop Agreement (CWA) for a cost effective, on-site detection system for monitoring rotavirus, norovirus and hepatitis A virus in different types of water such as municipal water, surface water, bathing water, drinking water and ground water.
CWA 17102:2017 was published on 11 January 2017 and is now available for purchase with CEN National Standardization Bodies.

It is the first milestone towards the development of a European Standard. The CEN CWA has a lifetime of 3 years, which can be extended to a total of 6 years.

—韩国提议IEC技术委员会获准成立并获得理事国地位—

*可穿戴型智能设备：指能够穿戴在身上或嵌入人身体中，可以提供健康、医疗、生活、安防、情感、娱乐、教育、产业现场管理等多种个性化服务的设备。

□ 第158届IEC*SMB**大会于2月7日至8日在墨西哥城召开，大会通过了韩国发起的新设立“可穿戴型智能设备”技术委员会（TC***）的提案，同时大会给予韩国新设立的技术委员会中秘书国地位。

1、IEC（国际电气技术委员会）：电气、电子领域国际标准化机构。

2、SMB（标准化管理理事会）：该秘书国负责IEC中技术委员会的设立、废止、合并、业务范围调整等国际标准化相关政策。

3、TC（技术委员会）：国际标准化组织根据产业门类而设立的专门型国际标准制定委员会。

ㅇ 此前由韩国主导，在ISO*、IEC等国际标准化机构中设立的技术委员会只有2011年设立的“IEC/TC119（印刷电子**）”，而本次韩国主导的新的技术委员会的设立，也成为了提高韩国在IEC中国际地位***的重要契机。

1、ISO（国际标准化组织）：该组织负责除电气电子外所有产业的国际标准。

2、印刷型电子产品：通过使用包括电子墨水（传导性.半导体.绝缘墨水）在内的多种形式进行印刷，制造电子元件。

3、截止到2016年6月，韩国在IEC中提出的议案总数居世界第二位。(2016.09. IEC

技术委员会报告)

ㅇ 同时，秘书国有权提名秘书长。秘书长对技术委员会负责，有权推荐主席，并负责全部标准化活动，可向韩国国内实时传达国际标准化组织的政策变化及各国标准化发展方向，意义重大。

□ 韩国负责“可穿戴型智能设备”的技术委员会及相关技术标准化后，将着力推进可穿戴型智能设备的核心技术E-Textile、安全性、产品可信赖度等方面的标准化。

E-Textile（电子纤维）：在服装等纤维制品内部加入电路，属最尖端的纤维产品。

□“可穿戴型智能设备”是有望于2024年拥有700亿市场份额的朝阳产业，也是韩国政府推进的19个未来成长动力领域之一。（2015年3月确定）

ㅇ本次技术委员会的成立及秘书国的确认将为韩国主导可穿戴型智能设备的产品技术打下基础，有望推动韩国企业抢先占据世界市场。