Search results

Home / Search

Category:
Select
Select

11277 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Questions regarding Impartiality

    In summary, if the only interaction with the supplier organisation is the provision of goods or services and the laboratory’s role is limited to verifying the supplier’s certificate or specifications, the main risk relates to the acceptance of those supplied items. In such cases, the laboratory should ensure that the review of supplier certificates, acceptance of supplied goods, and any related technical decisions are performed by competent personnel who are independent of the supplier organisation.

    More broadly, the laboratory must still retain full technical independence for method selection, data interpretation, and the approval and reporting of results, and should not rely solely on the shared CTO when a supplier relationship exists.

    You asked: 1. Is it acceptable under ISO/IEC 17025 for a laboratory CTO to simultaneously hold the CTO role in a critical supplier organisation?

    ISO/IEC 17025 does not prohibit a person from holding senior roles in more than one related organisation. A CTO serving both the laboratory and a supplier organisation can therefore be acceptable. However, the laboratory must identify and manage the resulting risk to impartiality (section 4.1). In the scenario you describe, where the CTO is involved as the analyst reviewing the supplier’s certificate or specifications for supplied goods, accreditation bodies would expect the laboratory to ensure that the final acceptance of supplied items and related technical decisions are made independently of the supplier organisation.

    You asked: 2. What risks to impartiality would an accreditation body likely expect us to identify and control in this situation?

    The main risks relate to potential influence over the acceptance of supplied goods or services, including reliance on supplier certificates without independent review, preferential acceptance of the supplier’s products, or pressure to accept goods that do not fully meet requirements. There may also be perceived conflicts of interest if the same individual has responsibilities in both organisations. ISO/IEC 17025 requires laboratories to identify and control both actual and perceived risks to impartiality.

    You asked: 3. What types of governance or structural controls would typically be expected to mitigate this arrangement?

    Controls typically include documenting the supplier relationship as an impartiality risk; conflict of interest declarations; ensuring that the review of supplier certificates and the acceptance of supplied goods are carried out by competent personnel independent of the supplier; and maintaining laboratory authority over method selection, data interpretation, and approval and reporting of results. The supplier should also be evaluated independently through the laboratory’s normal process for control of externally provided products and services.

    You asked: 4. Are there examples of acceptable structures where a laboratory shares senior technical leadership with a supplier or related organisation?

    Yes. Similar arrangements occur where laboratories operate within engineering or technical organisations that also supply products or services used by the laboratory. Accreditation bodies generally accept these structures provided the laboratory demonstrates that decisions affecting the acceptance of supplied items, testing activities, and reporting of results are independent from the supplier’s commercial interests and appropriately controlled through the laboratory’s impartiality and supplier management processes.


    Lastly, you asked:  

    Any guidance on how accreditation bodies typically view this structure would be greatly appreciated."

    Accreditation bodies generally do not prohibit shared roles between related organisations, but they will expect the laboratory to clearly identify the relationship as a potential impartiality risk and demonstrate that appropriate controls are in place. Their primary concern is that the laboratory retains independent authority over technical decisions and the acceptance of supplied goods or services.

    Where a shared CTO is involved, they will normally look for evidence that the review of supplier certificates, acceptance of supplied items, and the approval and reporting of laboratory results are performed by competent personnel who are independent of the supplier organisation. If these controls are clearly defined and implemented, such structures are commonly accepted during accreditation assessments.

  • Supplier Scorecards

    For distributors, reporting on shipment performance is logical.

    For manufacturers/suppliers, you can prepare a quality ppm report.

    These two scorecards can be prepared for supplier evaluations.

  • Client tolerances much wider than standards

    Hello everyone, A calibration laboratory states that in its calibration certificates it indicates conformity or non-conformity based on a tolerance specified by the customer. The tolerance values given by the customer are significantly wider than those implied by the relevant standard or industry norms. When questioned about 7.2.1.1 (“the laboratory shall use appropriate methods”), the argument is that the decision rule based on the customer’s tolerance is allowed by ISO/IEC 17025, referring to the note in 7.8.6.1: “Where the decision rule is prescribed by the customer, regulations or normative documents, a further consideration of the level of risk is not necessary.” My concern is that using a much wider customer-specified tolerance may conflict with the requirement to use “appropriate methods”, since the conformity statement could be misleading when compared to the normative expectations. In your interpretation, is relying solely on customer-specified tolerances (even if they are much wider than normative ones) acceptable under ISO/IEC 17025? Or should the laboratory ensure that the method and decision rule remain technically appropriate beyond simply following the customer’s prescription? Thanks in advance for your insights.

  • Clarification on Laboratory Evaluation Requirements (IATF 16949)

    If the external laboratory is already accredited for ISO 17025, there is no need for further formalization on your organization's end.

  • Use of a Single Quality Manual for a Group with Multiple Subsidiaries

    Can a corporate group composed of three subsidiaries, each with its own name and legal information, use a single Quality Manual for all entities?

  • What is the main difference between ISO/IEC 27701:2019 and ISO/IEC 27701:2025 ?

    The main difference is that ISO/IEC 27701:2025 is a stand-alone standard, whereas the 2019 version was an extension of ISO/IEC 27001. This means organizations can now be certified for their Privacy Information Management System (PIMS) without requiring an existing ISO/IEC 27001 certification. 

  • record about Phisical and Electronic correspondance

    Hi In the first "Procedure for document and record control" we have one paragarpahe related to phisical and electronic records and when i choose for both Excel file the sentece become wired Each external document that is necessary for the planning and operation of the ISMS must be recorded in the Register of external correspondence in Excel or in the Register of external correspondence in Excel, according to their form. The Register of external correspondence in Excel and the Register of external correspondence in Excel must contain the following information: sender, document name, and date of receipt. The person who receives such external documents in paper or other physical forms (e.g., through regular mail or as courier parcels) must make a record in the Register of external correspondence in Excel. The person who receives external documents in electronic form (e.g., through email) must record them in the Register of external correspondence in Excel. hiw can we modify that paragraphe ? Also when we subscribe and get a quick workshop on getting started with confirmi, the person who present the tool told me that an update will be available wher we can modifiy the documents in a more flexibale way with teh possibility to ad headers and footers like in world can you tell me when it will be available ?   thanks Ed    

  • Risk level = 4, how to bring the residual risk at zero

    Hi, In Conformio, I’m currently in the Risk Register phase, Treatment step. When both Impact and Likelihood of my risk are set to 2-High (Level set to 4 – Not acceptable), I’m not able to bring the residual risk at zero. It remains at one, even when selecting all suggested risk treatment controls (safeguards). What should I do to bring the residual risk at zero? Or should I rather accept this residual risk of one?

  • Distributor traceability

    When it comes to traceability, the AS9100 standard does not give detailed requirements on how to do this, but only says that you need to control the unique identity if that is a requirement, and retain documents necessary to ensure this traceability.

    So, as per the standard, your question goes back to what your customer's requirements are. If your customer allows waivers on traceability, then that is acceptable, but if not, then it is not acceptable. As the standard is used by any organization within aerospace, the requirements only describe what needs to be done but need to be supplemented with the customer and legal requirements.

     

    For a bit more on the traceability requirements in AS9100, see the article: How to meet traceability requirements in an AS9100D-based QMS, https://advisera.com/9100academy/blog/2019/06/05/as9100-traceability-requirements-how-to-meet-them/

  • Reviewing incidents in Conformio Management Review

    We have the same problem here
Page 1-vs-13485 of 1128 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +