January 2020 (Volume 70 - Issue 1)
Our objective: To increase awareness, interest, and involvement in
activities and quality-related subjects.
Visit our LinkedIn group at https://www.linkedin.com/groups/90170/
Wednesday, January 29, 2020
QMS Auditor, Consultant and Trainer (ISO9001:2015, GMP, ISO22716, ISO15378, Cannabis, Risk Management)
join us on January 29th, 2020 to watch
our guest speaker deliver the
topic of Risk
in GxP Industries.
Sabrina Ippolito has been working in the field of training & development for ten years and her involvement has included all facets of the function, from conducting needs analysis and the development of training programs. In addition to delivering knowledge to the cannabis industry, Sabrina provides training & consulting services to clients who are interested in developing their quality management systems to achieve certification to ISO 9001 and beyond. Her experience includes auditor mentoring, coaching & training programs in a variety of topics which include both management-system related topics (QMS, EMS, Pharmaceuticals) as well as management-related programs. Sabrina conducts third-party certification and surveillance audits and has taught courses on topics such as QMS (ISO 9001:2015 Requirements, Internal Auditor, Lead Auditor, HACCP, GMP/GDP Pharmaceuticals), EMS (ISO 14001). Applying her vast experience and knowledge to the cannabis industry is of keen interest to Sabrina, in order to support the development of quality systems in this emerging industry.
$45 for all particpants.
Free for ASQ members attending their first event.
Dinner will be served at 6:00pm.
Arrive early for the food and to network with fellow Quality professionals.
Attendees to this event will will recieve 0.5 RUs.
your business cards and be ready to
your business cards and be ready to
Here is a tentative list of events we are planning for the first half of 2020:
February 26, 2020: TBD.
March 25, 2020: Women in Quality - panel event.
April 29, 2020: Counterfeiting in the Food Industry.
May 27, 2020: Pecha Kucha Night. If you would like to be one of our 4 speakers for this popular event, please contact someone on our leadership team.
Hope to see you all at these events in 2020!!
By Michael Bournazian, Eng., Newsletter Editor, ASQ Senior Member, CSSGB
Any feedback? Click on the link in the bottom right corner of this section and let me know. Thanks.
By Eric Hosking, Senior Consultant to Shainin, CQE, CSSBB and CQA
The new year is upon us, and with it comes changes in our leadership team.
Leaving the team are Nicoleta Roman who chaired our Programs and Arrangements committees, and Pierre-Luc Avoine our VOC chair. They have chosen to take new directions in their lives and I would like to thank them on behalf of the section for the work they did for us in 2019 in their respective roles. They were both at the heart of one of our main activities, organizing the speaker events and reporting on the outcomes. We very much appreciate the time, the energy and the innovations they brought to their roles.
Leaving but not gone is Rajesh Tyagi. A long time member of Section 401, he finds himself more frequently in Ottawa these days, so he has joined the section there and will continue in leadership capacities there. Many thanks for your service to our section and many best wishes in your new roles.
2019 was a busy year for us and we are proud of the ground we were able to cover, the speaker events we organized, the progress we made in our student outreach efforts, the collaboration we had with Section 404 (despite its troubles to find a basis for continuing to function), our newsletter, our website, our contributions at the Canada Region level and the many other things that happen unseen but that have to take place. To each of the Leadership Team members, I want to say thank you.
Now 2020 is here, and we are required to collect sales taxes on our activities. You will start seeing evidence of that on your receipts from the section.
On a much brighter note, we have added two key members to the 2020 Leadership Team: Sabrina Ippolito who becomes our Program Chair, and an old friend and former longtime member of the Leadership Team, Inteaz Alli, who returns to be our Historian and to work on our Nominations Committee. Welcome to the newbies (and oldbies)!
The vacated Arrangements Chair will be picked up by Sam Weissfelner, and Raquibul Siddiquee becomes the VOC chair.
In his first act as Arrangements chair, Sam has negotiated a favourable contract with the Sheraton in Dorval, where we will return to our old stomping grounds for the bulk of our speaker events.
In addition to being our Programs Chair, responsible for all of our speaker events, Sabrina boldly stepped up to be our January speaker, talking on Risk in GxP Industries. Nothing like leading by example. Thanks Sabrina.
Also in the month of January, our Student Outreach Committee will be hosting a panel event at ETS, organized to familiarize Engineers with careers in Quality. As is always the case with our outreach events, much of the heavy lifting is being done by Veronica Marquez. Way to go champ! Special thanks Mauricio Figueroa, a student member who has been instrumental in making this event come to fruition.
If you read about our upcoming events, we are quickly filling out a very full agenda for the coming year with lots of good things to look forward to. I would encourage you to come out to the events and network with your peers. They are always delighted to meet new folks and always happy to see old friends.
By George Azedo, IATF16949/ISO9001 Lead Auditor
Had you come . . . Securing Your Data: Should You Be Concerned?
Mr. Marco Estrela is a Senior Advisor, Managed Services and Security with ESI Technologies, and his presentation on data security provided some interesting and alarming insights into the world of data security, including topics such as hacking and scams used to obtain our data, obtain ransom, steal identities and much more. In the end, the answer to the question Securing Your Data: Should You Be Concerned? is, unfortunately, a resounding YES!!!
Some facts that we learned are:
Canadian organizations are attacked to varying degrees of seriousness over 450 times a year, with 87% of them experiencing at least one successful violation. Nearly half (46%) do not trust their ability to defend against attacks.
• Of the businesses that experienced a security breach, 47% had sensitive data impacted.
• Of these cases, one in five breaches were classified as "high impact" because sensitive information about customers or employees was exposed.
• 36% of respondents are unconvinced of the ability of their business to respond to security breaches.
• One-fifth of small organizations feel that they do not have sufficient resources to defend themselves effectively against attacks.
• Businesses spend about 10% of their IT budget on security expenses.
• A majority of respondents do not train employees to identify attacks, such as phishing scams, or to update software with the latest security measures.
Interestingly, one of the major vulnerabilities to all types of data security issues is human error and this is true in business and in our personal lives. Even when a company provides training and security procedures that must be followed, human nature tends to default to trusting people and to not being bothered because it will never happen to us or me. In the context of information security, this phenomenon is known as social engineering and is defined as the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
Social engineering attacks can happen in many ways including phishing (fraudulent attempt to obtain sensitive information by disguising oneself as a trustworthy entity in an electronic communication) and vishing (the fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable companies or agencies such as government and even police). Phishing attacks are perpetrated using e-mail, text messages, social media platforms and often they look very convincing; they sometimes come from company officials whose e-mail accounts have been hacked. Vishing is perpetrated through phone calls and voice messages – we have all heard about the recent CRA and RCMP scams.
We also learned that even gaining physical access to IT installations can be easily done through social engineering means. Pretending to be a delivery person from a well-known “trusted” parcel delivery company has been tested by Marco to being very effective at gaining access to IT server rooms which are otherwise heavily “protected”.
The consequences for both businesses and people can be severe and include competitors and/or criminals getting their hands on Trade Secrets, Personal Identification Information (DOB, SIN, etc.), Financial documents resulting in loss of competitive edge, damaged reputation, fraud problems including identity theft and financial losses.
Given all this, actions that businesses must take are:
• Review IT governance and risk management regularly
• Test infrastructure regularly by a third party
• Look at your logs or…
• …entrust your security to a MSSP that will look at them for you
• Stay informed of new risks that might affect the organization
• Train personnel
Note that MSSP is a managed security service provider. Having this outsourced is important because many companies do not have the expertise or time to even review logs to identify anomalies.
For training of company personnel and for personal users, some important actions are:
• Don’t reply to an email if it looks “phishy”, even if it appears to be from a known contact. Call the sender directly to verify they sent it, if possible.
• Don't share your password.
• Don't assume a URL link or an attachment is safe. If you think you have received a phishing email, don't follow links or open attachments in the email.
• It’s important to verify sites to avoid malware. Rather than clicking on a suspicious link, go to the company's official web site address and navigate to the applicable content that you seek.
• If you plan to log in to what should be a secure site, make sure that the site supports secure transactions – check for the ‘lock’ symbol in the URL address and also look for https:// when you get to the transaction page!
If you are unsure, do not click, open or respond in any way!!!
This is truly one of the most relevant topics today and really appreciated the presentation and discussion. It was worth the attendance.
Avoine, Eng., ASQ Senior Member, CSSGB, VoC Chair
ASQ Montreal colleagues and Quality professionals,
Give me your feedback by e-mail
By Veronica Marquez, M.Sc., CSSBB, ASQ Senior Member, Student Outreach Committee Chair
Year 2020! Bonne année 2020!
plus de détail: VMarquez@sections.asq.org
Bianca Zaleski Vale
Christopher F. Chin
ASQ Montreal Section thanks our Organization Members:
tuned for upcoming events in 2020!!
Ph.D., ASQ CQE and SSBB, Education & Audit Chair
Having ASQ certification gives you an edge in the market and can significantly increase your income.
ASQ Certification often leads to higher paying employment. The money invested in education and certification increases chances of finding employment quickly in the down sizing environment we live in. People who take the section sponsored refresher courses, and spend at least twice as much time as spent in the classroom on self study, have an 80%, or better, chance of passing the examination on the first attempt.
Certified Quality Engineer Topics include: quality concepts, cost of quality, human resources, team formation and group dynamics, inspection, metrology, sampling, reliability, quality standards, quality audit, statistics, design of experiments, process improvement, liability, and modern management methods for improving quality.
Certified Six Sigma Black Belt Topics include: quality concepts, cost of quality, enterprise wide deployment, business process management, project management, team formation and group dynamics, define, measure, analyze, improve, control, lean enterprise, statistics, design of experiments, and design for six sigma.
Certified Six Sigma Green Belt Topics include: quality concepts, cost of quality, enterprise wide deployment, business process management, project management, team formation and group dynamics, define, measure, analyze, improve, control, and statistics.
Certified Manager of Quality/Organizational Excellence Topics include: quality concepts, quality planning, customer focus, quality standards, project management, cost of quality, team formation and group dynamics, human resources and improvement.
Certified Quality Auditor Topics include: quality concepts, team formation and group dynamics, management responsibility, audit objectives, audit preparation, audit conduct, audit reporting, sampling, and basic statistics.
Certified Quality Inspector Topics include: quality concepts, team formation and group dynamics, geometry, metrology, reading drawings, mechanical processes, statistical process control, inspection, and sampling.
Calendar and Registration Form
Questions? In house courses, etc.: Dr. David Tozer: (514) 694-2830, firstname.lastname@example.org
Section Executive Committee (Leadership Team) Meetings are held at different locations, starting at 6 PM. The next regular meeting is tentatively scheduled for:
February 5, 2020
Consult the List of Your Executive
Unemployed ASQ members receive a discount on their membership dues based on consecutive years of membership.
NOTE: The following links require that you be logged into your account before you try to activate them.
Download the ASQ Unemployment Program
PDF (105 KB)
Please send us your comments about the ASQ Montreal Section 0401 E-Newsletter (topics, layout, length, etc.). Do you want to contribute an article (English or French) or a good idea? Contact us by e-mail.
Pass it on
We invite you to forward this Newsletter to friends and colleagues who may be interested.
Section 0401 Newsletter is prepared by and published for its members.
How to Opt Out.