Search results

Home / Search

Category:
Select
Select

11269 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Level of competence

    You asked

    if an individual who has 20 years plus of experience with both methods and hands on experience and is really knowledgeable on the subject, it that sufficient to provide responsible sign off of product even although the individual is not a doctor or a professional body member etc. 

    ISO 17025 requires personnel competency, however laboratory management must define the competency requirements for this activity. You need to base this on your sector, applicable legislation, and requirements from the accreditation body. For many sectors, highly skilled an competent personnel are not necessary member of a professional body. In other sectors it is mandatory. 

    What is required by ISO 17025 is that personnel must have assigned, communicated and well understood responsibilities an authorities. 

    Typically a laboratory will appoint a competent “signatory” who takes responsibility for the technical validity of results, and they sign the report. Bear in mind that depending on the size of the laboratory, other personnesl, such as a quality controller may be responsible for the quality control of a particular batch and may “sign off” the batch analysis as valid as the QC passed. The laboratory’ s quality assurance process should specify this, meaning what objective checks and responsibility does a  “sign  off” versus report “signature” indicate. Often the laboratory manager will co-sign a test report, taking overall responsibility for the approval of a report to go to a customer

    You also asked

    Is there a document that would define the requirements to sign off on testing and results etc.

    The specific technical requirement relates to technical quality assurance (control of the test method)., covered by ISO 17025 clause 7.7, Ensuring the validity of results. This should not be seen as the only requirement. It also requires knowledge and evidence that the overall Quality assurance of, for example suitable equipment, conditions, methods and metrological traceability is in place. Although these overall responsibilities may that of say a Quality Manager, the person approving the release of results should have evidence that the management system quality assurance is effective. 

    The following toolkit documents could assist you

    Quality Assurance Procedure at https://advisera.com/17025academy/documentation/quality-assurance-procedure/
    Competence, Training and Awareness Procedure and the four related appendices, available at https://advisera.com/17025academy/documentation/quality-assurance-procedure/
    Testing Report Procedure at https://advisera.com/17025academy/documentation/testing-report-procedure/
     

  • ISO 9001 Risk measuring

    First of all I recommend this free webinar on demand - How to implement risk management in ISO 9001:2015 - https://advisera.com/9001academy/webinar/how-to-implement-risk-management-in-iso-90012015-free-webinar/ - where I develop the theme around managing risks.

    Standard reference in measuring Risks?

    Answer:

    As far as I understand your question there is no standard reference in measuring risk. Each person, each group of persons, each organization has its own standard for measuring risks. Even, what for some is a risk, for others is an opportunity.

    How it is measured? qualitative or quantitative?

    Normally, organizations develop quantitative methods to evaluate risk significance. They can use a matrix like this one:

    https://www.screencast.com/users/ccruz5284/folders/Default/media/b88dee74-9e86-42bc-a11a-7740cf494b12

    To get results like this one:

    https://www.screencast.com/users/ccruz5284/folders/Default/media/0a14e015-fc2a-4424-b3a4-96892a0a6630

    As a consultant, working with different organizations, normally I use that matrix approach, but I already used with some clients a more subjective and qualitative approach.

    How to identify risks?

    According to ISO 9001:2015 I recommend determining risks about:

    • The business context (clause 6.1, 41 and 4.2)
    • The products and services (clause 5.1.2 b))
    • The processes (clause 4.4.1 f))

    Think about expected results and what kind of uncertainties can deviate your organization from meeting them.

    Think about what can generate or promote undesirable results.

    Where to base your assessment? example manufacturing of foam industries.

    As far as I understand your question, start with my previous answer. What are your organizations main objectives and what in the business context can help or hinder in meeting them?

    The following material will provide you more information about risks and opportunities:

  • Addressing Improvement clause

    You asked

    1. How to address Improvement clause?

    The Quality Manual can be used to state the commitment and any policy addressing Improvements. Although a procedure is not mandatory, it is a commonly used non-mandatory procedure. This is because it is an important quality management system activity and you need to show evidence on how you consider, action and evaluate opportunities for improvement. This should be covered under the procedure Addressing Risks and Opportunities.

    See ISO 17025 document template: Addressing Risks and Opportunities Procedure, available at https://advisera.com/17025academy/documentation/addressing-risks-and-opportunities-procedure/

    You also asked

    2. What data should be included in the context of Improvement data analysis

    For each potential opportunity, a benefit / risk evaluation should be performed. Inputs to the evaluation will be both subjective (knowledge of the system) and objective (for example client requests, contract requirements, strategic decisions).

    The record Registry of Key Risks and Opportunities, or similar, plus any other supportive records such as risk evaluation matrices should be used. The objective is to decide if the opportunity is worth the possible risk of change. Because the actions taken are required to be proportional to the potential impact, you can use a 3 x 3 risk and a 3 x 3 opportunities matrix for the evaluation to semi quantify the evaluation. Start with the benefit score. For example do a 3 x 3 opportunity evaluation where High = 3 points,  Med = 2 points and Low = 1 point. Consider Probability of successful implementation against Positive Impact. Multiple the probability and impact points to determine the Benefit points. Decide on a scale, for example if the Benefit points = 1 or 2 it is low, 3 or 4 is medium and 6 or 9 is high benefit.

    Then do the Risk Score. For example do a 3 x 3 Risk evaluation where Probability of Risk if you implemented the improvement change (High, Med, Low) against Severity, i.e. negative impact if implemented the improvement change (High, Med, Low) where again High = 3 points,  Med = 2 points and Low = 1 point. Multiple the points. Decide on a scale, for example if the Risk Score is 1 or 2 it is low, 3 or 4 is medium and 6 or 9 is high risk.

    Finally perform the overall Evaluation, which is a Benefit / Risk Ratio to guide your decision. State your approach, for example only implement if Low Risk and High or Medium Benefit; do not implement if benefit is Low or Medium and Risk is High; for all other cases evaluate further. Remember  this is not a policy to adhere to, but a guidance, to assist the laboratory decide (on a risk basis) which improvements to implement. Evaluating further will involve looking at how much resources will be needed, in terms of time and finances. These discussions could take place during management review.

    See the ISO 17025 document template: Registry of Key Risks and Opportunities available at https://advisera.com/17025academy/documentation/registry-of-key-risks-and-opportunities/ for more assistance

    The webinar How to manage risks in laboratories according to ISO 17025 will also assist, being available at https://advisera.com/17025academy/webinar/iso-17025-risk-management-how-to-manage-it-free-webinar-on-demand/

  • ISO 13485 implementation duration

    Small contract engineering firm, 10 employees. Decades of experience in product development but little in med devices. Starting from nothing, about how long should it take to achieve 13485 certification using the right consulting firm to assist?

  • ISO 14001 Environmental auditing vs monitoring compliance

    Environmental auditing concerns clause 9.2 of ISO 14001:2015 and his about auditing the whole environmental management system based on a sample. Evaluation of compliance concerns clause 9.1.2 of ISO 14001:2015 and his about checking the current status of an organization against all the regulations and legislation determined according to clause 6.1.3 of ISO 14001:2015, and if there is any noncompliance check if actions were taken to deal with it, and if top management was made aware of the current situation. Evaluation of compliance is not based on sample, is a complete evaluation.

    You can find more information below:

  • ISO 14001: 2015 en la industria química

    Primeramente es muy importante contar con el apoyo lo de la alta dirección, que va a facilitar los recursos tanto de personal como económicos para poder llevar a cabo el proyecto de implementación.

    Posteriormente debería de realizar un análisis de brecha (o GAP, por sus siglas en inglés) que le ayudará a identificar aquellos requisitos con los que la organización aún no cumple. Esto le va a facilitar la implementación ya que reducirá significativamente el tiempo de implementación, especialmente en una industria química donde ya existen numerosos procedimientos que cumplen con regulaaciones especiíficas de medio ambiente. Aquí puede llevar a cabo el análisis de forma gratuita - Herramienta de análisis de brecha en ISO 14001: https://advisera.com/14001academy/es/herramienta-gap-analysis-iso-140012015/

    Más tarde le recomiendo que lleve a cabo un plan de proyecto, donde defina las responsabilidades, hitos durante la implementación, plazos, etc. Aquí puede descargar de forma gratuita un plan de proyecto - Project Plan for ISO 14001:2015 implementation: https://info.advisera.com/14001academy/free-download/project-plan-for-iso-140012015-implementation-ms-powerpoint

    Luego ya podrían empezar con lo que es la implementación en sí de la norma, definiendo el alcance del Sistema de Gestión Ambiental, para lo cual le recomiendo que primeramente de las cuestiones internas y externas del contexto de la organización, ya que le puede ser de gran ayuda a la hora de saber cuáles van a ser los límites de su SGA. A continuación, puede determinar tanto la política de su SGA así como los objetivos del SGA. Aquí puede obtener más información de cómo definir el alcance de su SGA - How to determine the scope of the EMS according to ISO 14001:2015: https://advisera.com/14001academy/blog/2016/02/01/how-to-determine-the-scope-of-the-ems-according-to-iso-140012015/

    Más adentante, deberá de establecer todos los procesos relacionados con el sistema e implentarlos para finalmente realizar la auditoría interna y finalmente llevar a cabo la revisión por la dirección.

    Estos materiales  pueden ayudarle a saber cuáles son los pasos en la implementación de ISO 14001:2015:

    - Artículo: Lista de pasos para la implementación de la ISO 14001: https://advisera.com/14001academy/es/knowledgebase/lista-de-pasos-para-la-implementacion-de-la-iso-14001/

    - Curso gratuito - Fundamentos de ISO 14001:2015:  https://advisera.com/training/es/course/curso-fundamentos-iso-14001/

    - Libro - The ISO 14001:2015 companion: https://advisera.com/books/the-iso-14001-2015-companion/

  • Question about LinkedIn and emails

    My situation is that we are publishing a list of the top 25 UK figures in a specific technology. We would like to notify those figures that they've been chosen before we publish, but we have not been given their email addresses.

    My questions are: If we are able to obtain those email addresses from the public domain (but haven't been given explicit consent from the people to use those email addresses), is it admissible to email them in order to ask them if they want to be featured? Does this fall under 'legitimate interest'?

    Yes, it falls under legitimate interest. If you find the email in the public domain, the owner of the email expects to be contacted for something of interest. Not to receive commercials or spam, therefore informing those persons that they will feature on a list of top 25 UK figures can be considered a legitimate interest.

    If we message these people on social media instead of emailing (i.e. LinkedIn and/or Twitter), but we are not currently 'connected' to them, is this admissible under GDPR?

    Yes, the message is under the legitimate interest of the data controller.

    Here you can find more information:

    If you want to know more about GDPR compliance you can consider enrolling in this EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course//

  • Early stage compliance

    What do you mean by start-up? Let us consider two hypotheses:

    • A - Let me use start-up to represent a new company with an established business model, like a restaurant, like a new shoe manufacturing plant, or a new transport company.
    • B - Let me use start-up company as a designation for a project of company in search of a business model. Startups, in reality, are not yet companies, they are still projects of companies in search of a successful business model and customer fit. So, a startup is like an experiment being done. The startup can be called a company only after finding the right business model, a customer fit, and when it starts scaling. Only then, the procedures and internal standards are ready to be documented.

    So, for situation B it is too early to certify. For situation A, I think it is easier to get ISO certification than with an established company (with same resources and motivation). An established company has to unlearn some practices and that it is not always easy.

    For situation B certification makes sense only after starting to scale.

    You can find more information below:

  • Clause 8.1 Management system requirements

    Clause 8.1 does not require a procedure. It specifies the need to establish a management system and document it to the extent necessary so that the laboratory can achieve the requirements of ISO 17025. This means it is more applicable to apply clause 8.1 to a policy statement. e.g. State as a policy “The laboratory is committed to establishing,  documenting and maintaining a management system to meet the general, structural, resource, process and management requirements of ISO 17025”. This is typically documented in the Quality Manual, not as a procedure. If the laboratory does not have a system already established in accordance with ISO 9001, then state that the Option A applies, where the clause 8 management requirements are addressed as part of ISO 17025. If the laboratory does have a system already established in accordance with ISO 9001, then state that the Option B applies, where the clause 8 management requirements are addressed as part of ISO 9001, including laboratory activities. This means that, for example how complaints and corrective action are handled, fall under the ISO 9001 activities and evidence can be shown of laboratory activities being included.You can link this clause 8.1 to your overall project planning to implement ISO 17025:2017.

    Have a look at the ISO 17025 toolkit document templates for some more insight:  

    The following articles may be of interest :

  • Excluding "Design" from the ISO audit

    Let us consider three situations:


    a) Company does not perform design activities
    b) Company performs design activities, but they are performed outside the scope of the quality management system
    c) Company performs design activities, and they are performed within the scope of the quality management system and the company decides to exclude design from the certification process

    Situations a) and b) are allowed, but the organization has to explain why design was excluded. These are common, pacific situations.
    Situation c) is not allowed. If design is performed within the management system scope it must be included. Not including design is a major non-conformity.
    The following material will provide you more information about exclusions:

     
Page 288-vs-13485 of 1127 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +