Agència per a la Qualitat del Sistema Universitari de Catalunya

Access the content (Alt + 1)


Access to the menu section (Alt + 2)

System for quality management and information security

UNE-ISO/IEC 27001:2014

ISO 9001:2008

The system for internal quality management and information security at AQU Catalunya is a mechanism for management of the organisation in a way that is systematic, visible and effective for both the Agency's executive management and staff.

PDF document PDF AQU Catalunya process map

AQU Catalunya was awarded ISO 9002:1994 certification on 5 June 2000, and as such was the first QA agency in Europe to be awarded the certificate.

In 2012, the Agency started a process to incorporate information security into its management system, and in 2015 the Agency successfully completed external certification with ISO standard 27001.

The Agency's system is annually subject to the corresponding audits that certify its compliance with certification requirements.

The system for internal quality management and information security being implemented is consistent with:

Cicle Plan, Do, Check and Act a AQU Catalunya

The Plan-Do-Check-Act cycle at AQU Catalunya

The IQA facilitates and promotes improvement and enhancement through Deming's PDCA (plan-do-check-act) cycle, which is followed in the Agency's day-to-day activities as well as its IQA.

Summary of the evidence of the application of AQU Catalunya's IQA
  • Strategic Plan
  • Annual Action
  • Plan Planning of projects
  • Policies
DO Implementation of the following Plans:
  • Internal procedures-instructions, which define the activities to be carried out, the responsibilities and the outputs
  • Review guides
  • Regulations
  • Reports/register
  • Monitoring of the Agency's activities: coordination meetings, strategic meetings, project monitoring meetings
  • Quality and Information Security Management Committee
  • Indicator monitoring and analysis
  • Meta-evaluation (annual accounts of the Agency's different sections)
  • Meta-evaluation of projects (annual accounts of the Agency's different sections)
  • Follow-up of incidents and internal and external enhancement proposals (intranet portal/webpage mailbox/corporate mail)
  • Internal audits
  • External audits
  • The improvement Plan for each of the Agency's different sections
  • Periodic revision of the review guides and procedures