Search results

SPC for big subgroups

You can use an X-R card. You can use the number of subsamples from 1 to 5 when using this card. For example, if your sub-sample number is 3, you can fill the card with a total of 3X25 = 75 values, or if your sub-sample number is 5, 5X25 = 125 values in total. As you know, d2 constant changes according to the number of subsamples. For this, you can use the SPC rev 2 blue manuals published by AIAG.   Normally, many companies use excel for this card. As you know, excel calculates itself with formulas. The X-S card can also be used. For this, the number of subgroup samples should be more than 5.

For the X-R card, I have specified the formulas used below:

X mean= (X1+X2...........X25)/25

R= X max-X min

R mean= (R1+R2........R25)/25

S(standard deviation)= R mean/d2

The d2 constant changes according to the number of subsamples. For example, if the subgroup number is 3 then the d2 constant is 1,69. If the subgroup number is 5 then the d2 constant is 2,33, as you can see on this screenshot: https://i.imgur.com/iCmdZvN.png

Cp (Product Capability)=  ( Upper Speciation Limit-Lower Specification Limit)/6xSCpk= (Upper Specification Limit-X mean)/3xS or (X mean-Lower Specification Limit)/3xS

For more information, see:

• How to establish QMS Statistical Process Control according to IATF 16949 https://advisera.com/16949academy/blog/2017/08/30/how-to-establish-qms-statistical-process-control-according-to-iatf-16949/  

• Pregunta ISO 9001-2015

  El alcance del sistema de gestión de calidad lo decide la organización, y es en este alcance donde se establecen los límites de la implementación de ISO 9001:2015. Por ejemplo, el alcance de la organiación puede estar limitado a un proceso específico, a un departamento, un producto, un servicio, o una localización (en el caso de que se trate de una empresa con varias localizaciones).

  Estos materiales pueden ayudarle con la implementación de ISO 9001:2015:

  - Cómo definir el alcance del SGC de acuerdo a la ISO 9001:2015: https://advisera.com/9001academy/pt-br/kit-de-documentacao-da-iso-9001/nowledgebase/como-definir-el-alcance-del-sgc-de-acuerdo-a-la-iso-90012015/
  - Libro – Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
  - Formación gratuita en línea – Fundamentos de ISO 9001:2015 : https://advisera.com/es/formacion/curso-fundamentos-iso-9001/

• Implementing accreditation and quality assurance at a university

  First, start with the scope. The department of education and student affairs may do a lot of things. What are the things included in the scope of the QMS?

  Then, consider the interested parties. Who are the relevant interested parties of the department of education and student affairs? Now you know what is expected of the department, what are the services or products to be delivered to whom with what specifications.

  Then, design the model of how the department of education and student affairs work based on the process-approach. After this, you can add the context analysis and do a risk determination exercise. What can go wrong in the processes? What can go wrong in the context?

  The following material will provide you more information about the scope:

  • How to define the scope of the QMS according to ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-define-the-scope-of-the-qms-according-to-iso-90012015/
  • Free webinar on-demand - ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope - https://advisera.com/9001academy/webinar/iso-90012015-clause-4-context-of-the-organization-interested-parties-and-scope-free-webinar-on-demand/
  • Please check this free webinar on-demand - The Process Approach - What it is, why it is important, and how to do it - https://advisera.com/9001academy/webinar/iso-9001-process-approach-free-webinar-on-demand/ - where I explain how to develop process mapping, drawing a model of how an organization works, based on the process approach, and how to draw a flowchart describing each process.
  • Enroll for the free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
  • Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

• CISO

  1.  Does the standard require that a CISO (Information Security Manager) be within the company?

  ISO 27001 does not require specific roles to be defined, only that relevant responsibilities related to information security be defined.

  Considering that, a CISO is not mandatory for ISO 27001. You can delegate responsibilities for information security to already existing roles in your organization.

  For further information, see:

  • How to document roles and responsibilities according to ISO 27001 https://advisera.com/27001academy/blog/2016/06/20/how-to-document-roles-and-responsibilities-according-to-iso-27001/

  2. Can I outsource a CISO?

  ISO 27001 does not prescribe that personnel with roles related to information security need to be employees of the organization, so the CISO role can be outsourced. You only need to ensure that required roles and responsibilities are included in the contract or service agreement established with the outsourcer entity.

  For further information, see:

  • What is the job of Chief Information Security Officer (CISO) in ISO 27001? https://advisera.com/27001academy/knowledgebase/what-is-the-job-of-chief-information-security-officer-ciso-in-iso-27001/

  3. Regarding the training plan, is it always necessary to present a certificate to demonstrate a training course?

  ISO 27001 requires evidence of competence, which can be related to education, training, or experience.

  Considering that, a certificate is one example of acceptable evidence for a training course, but you also can use a list of attendance (normally a certificate is used when the training is performed by an external provider, and a list of attendance is used for internal training courses).

  For more information, see:

  • How to perform training & awareness for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/05/19/how-to-perform-training-awareness-for-iso-27001-and-iso-22301/

  This material also can be of interest to you:

  • Free Security Awareness Training: https://advisera.com/training/awareness-session/security-awareness-training/ - this is a series of 25 videos that cover various topics related to security.

  4. How to show the free courses where you do not have a certificate?

  In these cases, you can take a print screen showing the results of the course (e.g., the screen with the final grade, or showing course completion), the attendee’s name, and date.

  5. Can the Information Security objectives be changed at any time or should a measurement period be expected?

  Normally, Information Security Objectives do not change before the first measurement but depending on the circumstances involving the need for change (e.g., a significative change in the organizational context), top management can review and define new Information Security Objectives.

  For further information, see:

  • ISO 27001 control objectives – Why are they important? https://advisera.com/27001academy/blog/2012/04/10/iso-27001-control-objectives-why-are-they-important/

  6. If a security objective is changed, can an auditor ask me to measure the old objective?

  ISO 27001 does not prescribe that changed security objectives need to be measured, so the auditor cannot ask you to measure the old objective, but he can ask for information about the need to change the objective, to evaluate if it was changed based on a significant change in the organizational context.

• 27001/2:2013 framework for Information Assets of OT/ICS

  ISO 27001 was designed to be used by organizations of any size and industry, so it can be applied to Information Assets of OT/ICS, however, please note that ISO 27001 and ISO 27002 do not go deep on technological details, so you should also consider using them together with other frameworks that provide technical implementation details, like NIST publications.

  These articles will provide you a further explanation about ISO 27001, ISO 27002, and NIST publications:

  • What is ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/
  • A quick guide to ISO 27001 controls from Annex A https://advisera.com/27001academy/iso-27001-controls/
  • How to use NIST SP 800-53 for the implementation of ISO 27001 controls https://advisera.com/27001academy/blog/2016/05/10/how-to-use-nist-sp-800-53-for-the-implementation-of-iso-27001-controls/

  These materials will also help you regarding ISO 27001:

  • Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
  • ISO 27001 Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/

• ISO 9001 and Quality teaching, research and Community outreach services

  ISO 9001 is about demonstrating the ability to consistently provide products and services that meet customer and regulatory requirements. So, ISO 9001 can help align an organization around a policy, a set of priorities, translated into objectives. And a management system is about working to meet those objectives. So, for each area, teaching, research, ... Who are the critical interested parties? What do they need and expect? How can the university organize itself in order to be focused on delivering those outcomes?

  ISO published in 2003, IWA 2:2003 - Quality management systems - Guidelines for the application of ISO 9001:2000 in education, a document updated in 2007 by IWA 2:2007 - Quality management systems -- Guidelines for the application of ISO 9001:2000 in education. However, as far as I know, this 2007 guideline has been withdrawn.

  ISO published in 2018, ISO 21001:2018 - Educational organizations -- Management systems for educational organizations -- Requirements with guidance for use. ISO 21001:2018 is a management system standard that is partially aligned with ISO 9001:2015 for quality management systems.

  The following material will provide you information about a QMS in an education setting:

  • ISO 9001 – Should universities implement ISO 9001? - https://advisera.com/9001academy/blog/2015/04/21/should-universities-implement-iso-9001/
  • Free online training I SO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
  • Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

   

• Employee Job Description in ISO 9001-2015

  If your quality management system includes employee's job descriptions an auditor can ask to see them. For example, as auditor, I may ask to see a job description in order to have an idea about authorities and responsibilities, and from there organizational knowledge requirements, and from there competence requirements.

  The following material will provide you more information about organizational knowledge and competence:

  • How to manage knowledge of the organization according to ISO 9001 - https://advisera.com/9001academy/blog/2016/08/30/how-to-manage-knowledge-of-the-organization-according-to-the-iso9001/
  • How to ensure competence and awareness in ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-ensure-competence-and-awareness-in-iso-90012015/
  • Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
  • Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
     

• Calibration SOP

  Calibration SOP is a request of ISO 13485:2016 covered in requirement 7.6 Control of monitoring and measuring equipment. I agree with you that equipment that is used to make verification and validation during design must be calibrated. SO, you can cover it in this documented procedure. 

  For more information regarding this topic, see the following article:

  • Calibration requirements in ISO 13485 https://advisera.com/13485academy/blog/2019/03/08/calibration-requirements-in-iso-13485/

  In our ISO 13485:2016 documentation toolkit, we have Procedure for Equipment Maintenance and Measurement Equipment: https://advisera.com/13485academy/documentation/procedure-for-equipment-maintenance-and-measurement-equipment-iso-13485-2016/

  Here you can see how our Maintenance and calibration record looks like: https://advisera.com/13485academy/documentation/maintenance-and-calibration-record-iso-13485-2016/

• Obtaining CE Mark

  From the MDR point of view, the product owner is responsible for putting the device on the market, he is considered as a manufacturer. Therefore, the product owner is responsible for getting a CE mark for this product.

  Taking into account Article 10 – General obligations of the manufacturer, the product owner is obliged to implement a quality management system. He has to adapt his quality management system to his needs. Since he outsources the production, there must be a quality agreement between him and the outsourced company, and appropriate levels of control must be established.

  Here you can find more information:

  • EU MDR Article 10 – General obligations of manufacturer - https://advisera.com/13485academy/mdr/general-obligations-of-manufacturers/

  The following articles can be helpful:

  • Production and service provision process in ISO 13485 https://advisera.com/13485academy/blog/2017/12/13/production-and-service-provision-process-in-iso-13485/
  • How can ISO 13485 help with MDR compliance? - https://advisera.com/13485academy/blog/2020/03/09/how-can-iso-13485-help-with-mdr-compliance/

  • ISO 9001 documents and processes for implementation

    1.Quality manual is compulsory for 9001:2015? 

    Answer.

    No, it is not mandatory to have a quality manual, according to ISO 9001:2015. Please check this article - List of mandatory documents required by ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/ - where you can see the mandatory documents and records according to ISO 9001:2015.

    2.one organization contains different processes, so they required process separate process documentation or in one it is included? 

    Answer:

    According to my understanding of your question. ISO 9001:2015, clause 4.4.2, invites each organization to determine which documents and records are needed, besides those mandatory. So, it is up to each organization to determine if it is needed to document its processes and how to do it. Any solution is allowed as long as it is useful, as long as it is clear and followed consistently.

    3. Does documents required clause no. mentioned in their header or footer? or only mentioning in process documentation is enough"

    Answer:

    No, ISO 9001:2015, clause 7.5.2 a), invites each organization to determine a document identification methodology. In no part of clause 7.5 is mentioned the need to include related ISO 9001:2015 clauses. Having said that, I must add that I like to include that information in the procedures, to allow people to make connections between what they do daily and the standard.

    You can find more information about documentation below:

    • How to structure quality management system documentation - https://advisera.com/9001academy/knowledgebase/how-to-structure-quality-management-system-documentation/
    • New approach to document and record control in ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/06/30/new-approach-to-document-and-record-control-in-iso-90012015/
    • Some tips to make Document Control more useful for your QMS - https://advisera.com/9001academy/blog/2014/05/20/tips-make-document-control-useful-qms/
    • Free online training ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
    • Book - Managing ISO Documentation: A Plain English Guide - https://advisera.com/books/managing-iso-documentation-plain-english-guide/