Search results

Advice on ISMS implementation for Group and subsidiary companies

This scenario is not much different from a single organization with multiple departments attending specific and non-related target groups, and for such a scenario, a good approach is to implement the ISMS covering the whole units.
 
Regarding certification, adopting a single certificate for all units or separate ones for each unit is a business decision, depending on their objectives and strategies, but in general organizations like these adopt the model of one certification for each unit, because a change in a unit does not impact the certification of other units (of course, in tour case, the most critical certificate will be the one fro the mother company).
 
These articles will provide you a further explanation about scope definition:  

• How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
• Problems with defining the scope in ISO 27001 https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/

Questions about risk

Thanks alot for your response. Indeed you have addressed issues left vague by the standard, especially on the opportunity.

Becoming expert in quality of pathology lab

To answer your question, lets distinguish between management and technical quality. While quality assurance approaches are similar in all laboratories, pathology has a diagnostic aspect not typically addressed by testing and calibration laboratories. Although veterinary accreditation programs are covered by ISO 17025, the International standard applicable to medical pathology is ISO 15189:2012 Medical laboratories — Requirements for quality and competence. When looking at management quality activities such as document control, auditing and improvement, both ISO 17025 and 15189 follow the same approach, in accordance to ISO 9001.

Understanding the purpose of the tests (what the results are being used for) and associated risks is crucial to developing skill as an expert. If you are referring to technical quality, I would suggest you obtain training on topics such as risks (as relate to diagnostic methods), method validation, internal and external quality control. Find opportunity to develop your skills in internal auditing and addressing nonconformances, root cause analysis an corrective action.

Generally, a knowledge of ISO 9001 will be an advantage, as ISO 15189 incorporates ISO 9001 principles, like ISO 17025, into the standard. Have a look at the ISO 9001:2015 Foundations Course at https://advisera.com/training/iso-9001-foundations-course/
Also look at the available information in the ISO 17005 and 9001 learning centres, available at the Advisera academies at https://advisera.com/17025academy/ and https://advisera.com/9001academy/

Risk identification and mitigation

I always recommend following three ways to determine risks:

• Risks deriving from context and interested parties (see clause 6.1.1 of ISO 9001:2015)
• Risks deriving from products and services (see clause 5.1.2 b) of ISO 9001:2015)
• Risks deriving from processes (see clause 4.4.1 f) of ISO 9001:2015) 

In this free webinar on demand - How to implement risk management in ISO 9001:2015 - https://advisera.com/9001academy/webinar/how-to-implement-risk-management-in-iso-90012015-free-webinar/ - I show some examples of determining risks and then acting on them.

After determining risks, you have to evaluate them to determine which ones are more relevant and deserve some kind of action (see clause 6.1.2 of ISO 9001:2015). ISO 9001:2015 is very flexible about how organizations decide to evaluate and to act.

You can find more information below about mitigating risks.

• How to address risks and opportunities in ISO 9001: https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/
• Does ISO 9001 require a procedure for addressing risks and opportunities?: https://advisera.com/9001academy/blog/2017/10/10/does-iso-9001-require-a-procedure-for-addressing-risks-and-opportunities/
• For a free preview of an example of the Registry of Key Risks and Opportunities - https://advisera.com/9001academy/documentation/registry-of-key-risks-and-opportunities/
• Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ (I use a lot of examples based on the risk-based approach)

Sistema de calidad ISO 9001

Los requisitos sobre los procesos y documentación de la norma ISO 9001:2015 aplicarían a aquellos procesos que se encuentren dentro del alcance de la organización. No obstante, uno de los criterios que puede tener una organización que implemente la norma ISO 9001:2015 puede ser que durante la evaluación de proveedores sea uno de los criterios a tener en cuenta. En este caso, la empresa puede determinar que sus proveedores cuenten con un sistema de gestión de calidad certificado y por lo tanto cumplan con los requisitos que establece la norma. 

Para más información de si los procesos fuera del alcance deben de cumplir con los requisitos de la norma, vea los siguientes materiales: 

- Cómo definir el alcance del SGC de acuerdo a la ISO 9001:2015: https://advisera.com/9001academy/pt-br/kit-de-documentacao-da-iso-9001/nowledgebase/como-definir-el-alcance-del-sgc-de-acuerdo-a-la-iso-90012015/

- Webinar gratuito en línea - Cláusula 4 en ISO 9001:2015: contexto de la organización, partes interesadas y alcance:  https://advisera.com/9001academy/es/webinar/iso-90012015-clause-4-context-of-the-organization-interested-parties-and-scope-free-webinar-on-demand/

- Curso gratuito en línea - Fundamentos de la norma ISO 9001:2015: https://advisera.com/es/formacion/curso-fundamentos-iso-9001/

- Libro - Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

Clause 6.4.3

ISO 17025 does not specify particular tests. The responsibility is with the laboratory to consider and address the risks related to all equipment that could impact the validity of results.

See the previous response at https://community.advisera.com/topic/glassware-cleaning-within-microbiology-labs/

The following may be of interest.

What does ISO 17025:2017 require for laboratory measurement equipment and related procedures? at https://advisera.com/17025academy/blog/2019/07/25/iso-17025-measurement-requirements-of-the-standard/
and the ISO 17025 document template: Equipment and Calibration Procedure at https://advisera.com/17025academy/documentation/equipment-and-calibration-procedure//

ISO 13485:2016 laboratory equipment

1. In what way is the laboratory equipment involve in the ISO 13485?

2. If laboratory equipment is used within a project for a medical device then does this need to be included in the QMS ?

Laboratory equipment is involved in ISO 13485 in the following situations:

• if it is used for quality control of the raw material, semi-products and finished medical device
• if it is used for the design of the medical device
• if it is used to calibrate any equipment in the production process

3. Is the ISO based on a medical device the company is trying to sell or is this for all instruments used for the development of devices?

In section 1 Scope of the ISO 13485:2016 is stated that this standard specifies requirements for a quality management system where the organizations need to demonstrate its ability to provide a medical device and related services that meet customer requirements and applicable regulatory requirements. It furthermore states that these organizations can be involved in one or more stages of the life-cycle, including design and development, production, storage and distribution, installation or servicing, and any other technical support activities. 

For more information on ISO 13485, please see the following link:

• What is ISO 13485 https://advisera.com/13485academy/what-is-iso-13485/

• Glassware cleaning within microbiology labs

  You asked

  Question - When washing and reusing glassware that can impact the recovery of organisms, does the laboratory require a procedure to test for residual detergents ? Is this mandatory or purely a best practice ?

  Yes, indeed a procedure is required for any equipment where in your case, contamination, interferences or inhibitors may impact the validity of results. This should be part of your validation. You should suitable verification tests initially and thereafter as often as necessary to ensure the process is in control. Typically this may be every 6 or 12 months or before you change the detergent or procedure (e.g. hand washing versus dishwasher)/

  Depending on the method, you could also consider routinely including two process QC blanks per batch – one where the glassware had additional rinsing and one following normal washing practice.

  You also asked

  Should a test such as this be written in to the SOP ?"

  To ensure that the procedure is standardised and enforced, yes it is advisable to include in a SOP or quality control manual.

  The following article may be of interest:

  What does ISO 17025:2017 require for laboratory measurement equipment and related procedures? at https://advisera.com/17025academy/blog/2019/07/25/iso-17025-measurement-requirements-of-the-standard/
  and the ISO 17025 document template: Equipment and Calibration Procedure at https://advisera.com/17025academy/documentation/equipment-and-calibration-procedure//

• ISO 14001 going global

  To go global, you have two main priorities:

  • Demonstrate competence;
  • Be known by potential clients.
     

  To demonstrate competence, you must invest in recognized training and personal certifications.

  To demonstrate competence, show expertise and be known by potential clients you must also develop your own brand by evidencing your knowledge. You evidence your knowledge when you write. You should write. Share what you know, share your experience and results, share testimonies of your customers about the outcomes of working with you. Use blogs, professional networks, trade magazines, use your LinkedIn profile, make presentations at conferences. And don’t forget to develop a network of contacts.

  After developing some track record of projects, you can also apply to work for international organizations both as employee or as freelancer.

  Please check some of our courses, perhaps they may be useful for your future:

  • How to choose the most appropriate training - https://advisera.com/training/compare/
  • Enroll for free in this course – ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
  • Enroll for free in ISO 14001:2015 Internal Auditor Course - https://advisera.com/training/iso-14001-internal-auditor-course/
  • Enroll for free in this course - ISO 14001:2015 Lead Implementer Course - https://advisera.com/training/iso-14001-lead-implementer-course/
  • Enroll for free in this course - Enroll for free in this course – ISO 14001:2015 Lead Auditor Course - https://advisera.com/training/iso-14001-lead-auditor-course/
     

• Is it necessary to generate document change report against newly added document in activity chart?

  That will ultimately depend on your organization’s own procedures. Theoretically, when you add a new document what do you need? You need that users of that new document are made aware of it and start using it. How do you plan to do this in your system? Is it to be done by a document change report? Can it be done by a simpler way?

  You can find more information below:

  • How to structure quality management system documentation - https://advisera.com/9001academy/knowledgebase/how-to-structure-quality-management-system-documentation/
  • New approach to document and record control in ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/06/30/new-approach-to-document-and-record-control-in-iso-90012015/
  • Some tips to make Document Control more useful for your QMS - https://advisera.com/9001academy/blog/2014/05/20/tips-make-document-control-useful-qms/
  • Free online training ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
  • Book - Managing ISO Documentation: A Plain English Guide - https://advisera.com/books/managing-iso-documentation-plain-english-guide/