Search results

Excluding clauses of ISO 9001 for a law firm

Excluding clauses is not a technical decision, it is a management decision based on the scope of the quality management system. For example, are Law firms not innovative and do not develop new services? Is clause 8.3 automatically not applicable?

Only after looking into the scope of the quality management system, one can say if a clause is applicable or not.

The following material will provide you more information about exclusions:

What clauses can be excluded in ISO 9001:2015? - https://advisera.com/9001academy/blog/2015/07/07/what-clauses-can-be-excluded-in-iso-90012015/2015/
Free webinar on-demand - ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope -
Enroll for the free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

Environmental risk assessment in a garments factory

You can start looking at your environmental aspects and impacts and determine what can go wrong and provide undesirable consequences like emergency situations or breakdowns.

Then look for interested parties and determine possible changes for the future and their potential impact in your organization. For example, customer requirements may demand more chemicals, environmental legislation may be more demanding.

PESTLE analysis may be useful to frame thinking about risks related with policy, technology, economy and social movements. Although about ISO 9001, perhaps the technique that I use and present in this free webinar on demand - Context of the organization, interested parties, and scope - - may be useful for you to work with context and interested parties to determine risks.

Please check this information below with more detailed answers:

• ISO 14001 risks and opportunities vs. environmental aspects - https://advisera.com/14001academy/blog/2016/03/21/how-does-product-life-cycle-influence-environmental-aspects-according-to-iso-140012015/
• ISO 14001 document template: Procedure for Identification and Evaluation of Environmental Aspects and Risks - https://advisera.com/14001academy/documentation/procedure-for-identification-and-evaluation-of-environmental-aspects/
• Enroll for free in this course – ISO 14001:2015 Lead Auditor Course - https://advisera.com/training/iso-14001-lead-auditor-course/
• Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/

ISO 9001 and supply chain control

ISO 9001 is a generic standard applicable to all kinds of organizations. If an organization uses ISO 9001 to improve the business and to do more than just getting a certificate, we can look into clauses 4.2 and 6.1 of ISO 9001:2015 as a way of answering your concerns. For example, in this free webinar on-demand - Context of the organization, interested parties, and scope - - I show how a set of participants in a business ecosystem can be included. When working with organizations on this topic I recommend thinking in more than just the needs and expectations of the interested party – that means:

About the fake/fraudulent components, it is a matter of thinking about risks and acting on those more significant. For example, I’m currently working with a manufacturing company on the implementation of a quality management system. One of the risks determined was about using raw materials during production with specifications changed by the supplier without warning. So, we determined a set of laboratory tests to be performed every x months. 

You can find more information below about mitigating risks.

• How to determine interested parties and their requirements according to ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/11/10/how-to-determine-interested-parties-and-their-requirements-according-to-iso-90012015/
• How to address risks and opportunities in ISO 9001: https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/
• In this free webinar on-demand - How to implement risk management in ISO 9001:2015 - https://advisera.com/9001academy/webinar/how-to-implement-risk-management-in-iso-90012015-free-webinar/
• Enroll for the free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ (I use a lot of examples based on the risk-based approach)

Controlled vs Non-Controlled copy

Who are these students?

Are they future users of the SOP’s? If they are future users of the SOP’s, will they have access to them in the future through paper or through another medium, like digital? If they will have future access to SOP’s through paper perhaps the copies should be controlled.

If they are not future users, or are future users with future access through digital, distributing non-controlled copies seems to be the best solution.

Controlled copies are used to ensure that those that need to use them are on the loop to be informed of any change

You can find more information about documentation below:

• Some tips to make Document Control more useful for your QMS - https://advisera.com/9001academy/blog/2014/05/20/tips-make-document-control-useful-qms/
• Free online training ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Managing ISO Documentation: A Plain English Guide - https://advisera.com/books/managing-iso-documentation-plain-english-guide/

Seperation of the ISO13485/MDR toolkit.

Templates for the ISO 13485 can and are recommended to be in one folder. Considering MDR, my recommendation is that MDR folders should be organized for one medical device or group (family) of medical devices – it means that each medical device or family of medical devices will have one folder.

A medical device family is a collection of medical devices that have the same or similar intended purpose, have the same risk classification, and have the same design and manufacturing process. Members of the medical device family can differ in the following (for example):

• in the sizes (e.g. gauzes different sizes, syringes with different volumes, gowns different sizes)
• strength (e.g. needle force)

• 17025 accreditation

  Indeed, if you are referring to your organisation performing the testing, ISO 17025 accreditation will demonstrate that the method is valid, and your laboratory operates competently. This will provide confidence in your work internationally.  Standardising a method would involve engaging with other experts in testing laboratories and applying to your sector-specific standards body or national standards body. A technical committee is formed to coordinate /manage the process.

  For more information on ISO 17025 see the article What is ISO 17025? at https://advisera.com/17025academy/what-is-iso-17025/

• When is there a need to open and handle a complaint?

  No, you do not need to initiate the complaint in the case that you have described. However, this situation is an input to your design and development process and also for the risk analysis. Responsible persons from these two processes (D&D and risk management) must be informed about the cause and a change process probably need to be initiate. 

  Following articles can be helpful:

  • How to manage design and development of medical devices according to ISO 13485:2016 https://advisera.com/13485academy/blog/2017/08/24/how-to-manage-design-and-development-of-medical-devices-according-to-iso-134852016/
  • How to use ISO 14971 to manage risks for medical devices https://advisera.com/13485academy/blog/2017/09/21/how-to-use-iso-14971-to-manage-risks-for-medical-devices/

  • IATF 16949 for software companies

    IATF 16949: 2016 standard; In the scope definition section in 1.1 Scope, stated as follows for the embedded software. '' Automotive supplemental to ISO 9001: 2015 this Automotive QMS Standard defines the quality management system requirements for the design and development, production and, when relevant, assembly, installation, and services of automotive-related products, including products with embedded software. ''In other words, companies that produce software embedded in the product can also apply for an IATF certificate. As you know, the product, which is embedded software, must be installed on the OEM or OES vehicle.
    If the company produces an embedded software product for the automotive industry; the IATF 16949: 2016 standard requires the following in clause 8.3.2.3.

    8.3.2.3 Development of products with embedded software

    The organization shall use a process for quality assurance for their products with internally developed embedded software. A software development assessment methodology shall be utilized to assess the organization's software development process. Using prioritization based on risk and potential impact to the customer, the organization shall retain documented information of a software development capability self-assessment.  The organization shall include software development within the scope of its internal audit program (see Section 9.2.2.1).

  • Is it mandatory to write a specific procedure for impartiality?

    There is no mandatory requirement to have a procedure or documented procedure regarding impartiality. Typically you will ensure safeguarding impartiality through stating your commitment and approach in a Quality Policy as well as the Quality Manual (if you have one).

    Other processes that include considering and evaluating risks to impartiality are Internal Audits, Addressing Risk and Opportunities, and Management Review. Risk assessments must be used to demonstrate the ongoing attention and identification of impartiality risks.

    Have a look at the Article  How to ensure impartiality in an ISO 17025 laboratory at https://advisera.com/17025academy/blog/2020/10/12/ensuring-impartiality-in-an-iso-17025-laboratory/ for Five steps to ensure impartiality.