Search results

Is ISO 17025 accreditation needed?

You asked

I would like to ask if an OEM company is ISO9001:2015 certified is it mandatory that they will get certification for ISO IEC 17025:2017 accreditation?

The answer is no, IATF does not have a mandatory requirement for ISO 17025 accreditation. To clarify this let us start with mentioning that ISO 17025 is a testing and calibration standard to which laboratories are accredited, where ISO 9001 and IATF 16949 are Quality Management standards, to which organizations are certified. IATF 16949 is implemented in conjunction and as a supplement to ISO 9001 with a number of extra requirements for automotive suppliers on top of the requirements of ISO 9001.

An OEM (original equipment manufacturer) that supplies components is not a laboratory, so ISO 17025 is not directly applicable. IATF 16949 however requires that specific laboratory requirements are met and the process for the management and calibration or verification records and internal calibrations is documented. Because of these requirements and the need for statements of conformity to a specification after calibration/verification, IATF 16949 includes an explanatory note that ISO/IEC 17025 accreditation is useful to demonstrate the organization's in-house laboratory conformance to the IATF 16949 requirements. This means that although not mandatory, testing of components and calibrations will typically be be performed by an accredited ISO 17025 laboratory. This is irrespective of  whether it is an inhouse laboratory (owned by or a department of the OEM) or subcontracted to an external provider.

Note that while accreditation is not mandatory; as a minimum, it is advisable that the laboratory implements ISO 17025 and works in accordance to ISO 17025 to ensure requirements are met.

You also asked 

 if answer is No, does it affects company's accreditation to  IATF 16949?

Please note as said above, a company is certified to IATF 16949, not accredited. As long as the specific laboratory requirements are met, accreditation to ISO 17025 will not affect company's certification to IATF 16949

For more information on IATF 16949, see the IATF 16949 Advisera Academy at https://advisera.com/16949academy/
For more information on ISO 17025 see ISO 17025 – Main guidelines at https://advisera.com/17025academy/what-is-iso-17025/

Changing calibration frequency

A Calibration record is used to record the Calibration Dates. This is available as part of the Advisera ISO 17025 Toolkit as 08.3_Appendix_3_Calibration_Record. Then you should record the decision in your Registry of Key Risks and Opportunities, provided as part of the Advisera ISO 17025 Toolkit as 05.1_Appendix_1_Registry_of_Key_Risks_and_Opportunities.

One risk I suggest you consider is financial risk of such a frequent calibration interval. I do not know what type of field testing you do, however you refer to temperature. It seems unnecessary to have such a frequent calibration of a thermometer or thermocouple device (depending on factors such as handling / stability), as typically for a testing laboratory you will calculate you MU based on the most recent calibration certificate for equipment used. Then you include your method imprecision during repeated use of the device in the field.

For more information see:
The answer to a question on calibration intervals, Re-calibration time at https://community.advisera.com/topic/re-calibration-time/, which includes links to resources.
The ISO 17025 document template Equipment and Calibration Procedure available at https://advisera.com/17025academy/documentation/equipment-and-calibration-procedure/

15.1. Control Document

The template Supplier Security Policy was developed to also cover control A.15.1.3 (on sections 3.1 – Identifying risks, and 3.3 - Contracts).

To take a look to see if it can fulfill your needs, please access the free demo in this link: https://advisera.com/27001academy/documentation/supplier-security-policy/

This article will provide you a further explanation about supplier security:
- 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/

Lab Software

CAN I EXCLUDE CHAPTER 8.3 ON DESIGN AND DEVELOPMENT FROM THE SCOPE OF THE QUALITY MANAGEMENT SYSTEM?

According to your description, and if your quality management system’s scope includes only this kind of service to clients, I think that clause 8.3 is not applicable.

For more information about exclusion consider the following:

• What clauses can be excluded in ISO 9001:2015? - https://advisera.com/9001academy/blog/2015/07/07/what-clauses-can-be-excluded-in-iso-90012015/
• Free webinar on demand - ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope - https://advisera.com/9001academy/webinar/iso-90012015-clause-4-context-of-the-organization-interested-parties-and-scope-free-webinar/
• Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

PUEDO EXCLUIR DEL ALCANSE DEL SISTEMA DE GESTION DE CALIDAD EL CAPITULO 8.3 DE DISEÑO Y DESARROLLO

Si su empresa no hace ninguna modificación en el diseño, simplemente lo verifica entonces podría excluir el requisito 8.3 de diseño y desarrollo. Sin embargo, si su organización hace alguna modificación del mismo debería de incluir el diseño y desarrollo dentro del alcance de su SGC.

Para más información sobre la aplicabilidad de la cláusula de diseño y desarrollo, vea los siguientes materiales:

- What clauses can be excluded in ISO 9001:2015: https://advisera.com/9001academy/blog/2015/07/07/what-clauses-can-be-excluded-in-iso-90012015/2015/

- ISO 9001 design process explained: https://advisera.com/9001academy/blog/2013/11/05/iso-9001-design-process-explained/

- Curso de fundamentos de la norma ISO 9001:2015: https://advisera.com/es/formacion/curso-fundamentos-iso-9001/

- Libro - Discover ISO 90001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

LSA

The Leading Supervisory Authority (LSA) is the Supervisory Authority that a data controller selects when is established in more than one Member State. So if your company is based in the EU, your Supervisory Authority will be the Data Protection Authority of the Member State where your EU company is established (i.e. Ireland). If you are established in more than one Member State (i.e., Ireland and France), you can appoint the Irish Data Protection Authority as your LSA and inform the French Data Protection Authority about it.

Here you can find more information about the LSA:

• Understanding the Lead Supervisory Authority concept in GDPR https://advisera.com/eugdpracademy/knowledgebase/understanding-the-lead-supervisory-authority-concept-in-gdpr/

You can also consider enrolling in this free EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course/

ISO 45001 in a virtual or hybrid work environment

As an international standard that is applicable to any organization of any size anywhere in the world, ISO 45001 is written in such a way that the requirements are descriptive but not prescriptive; meaning the requirements tell you what needs to be done for the processes of the OHSMS, but not how to do the processes. As such, there is a lot of flexibility in how you meet the requirements in any particular organization to allow for differences in industry or legal requirements among other variations.

SO, a virtual or hybrid working environment is one of these variables that can be accommodated. For instance, ISO 45001 asks you to identify the hazards and OH&S risks in your organizational processes, and you would need to consider the virtual or hybrid working environment and identify the hazards in this way of working. You can then identify the unique controls for your working processes. This is true for all requirements of ISO 45001.

You can learn more about the requirements for the OHSMS in ISO 45001 in a plain English fashion in our whitepaper: Clause-by-clause explanation of ISO 45001:2018, https://info.advisera.com/45001academy/free-download/clause-by-clause-explanation-of-iso-45001

What is the acceptable range of RH for a laboratory? 

Specific requirements are determined by tolerance is specified in test methods being performed and or regulatory requirements depending on the test or calibration sector.  The two primary factors in creating an ideal laboratory condition are temperature and humidity. Note that often with the use of air conditioners, there is a drying effect and relative humidity is reduced. 
Laboratories should be equipped with suitable climate and ventilation control. The laboratory must look at risks – personnel comfort and risk to validity or results. The starting point is that the temperature and humidity must be kept within limits for the proper performance of each test performed and according to the manufacturer’s specifications for the proper operation of equipment.

Certain organisations, such as the FDA in the USA, have guidelines for general conditions. For example, a comfortable working environment is considered 20 to 25 Degrees Celsius with a relative humidity, depending on geographical area, of 35 to 50%.

For more information, see the Advisera ISO 17025 toolkit Facilities and Environmental Condition Procedure at https://advisera.com/17025academy/documentation/facilities-and-environmental-condition-procedure/

For more information and links to Advisera resources, have a look at a similar topic Environmental conditions for testing and calibration laboratories at https://community.advisera.com/topic/environmental-conditions-for-testing-and-calibration-laboratories/