Search results

COVID -19 and ISO 9001 policy, processes and procedures

Normally, organizations do not make changes in policies and processes due to COVID-19. What I see is organizations making changes in procedures because they change the way they do some activities.

You can see more information below:

• Free webinar – How to perform an internal audit remotely - https://advisera.com/9001academy/webinar/remote-internal-audit-free-webinar-on-demand/
• Free webinar – How to use ISO 9001 to control operations during the pandemic - https://advisera.com/9001academy/webinar/how-to-use-iso-9001-to-control-operations-during-the-pandemic-free-webinar-on-demand/

Implementando la lista de verificación de códigos

Como implementaría la lista de verificación de códigos de documentos en una empresa?

Parameters for clean room

Cleanrooms are classified according to the cleanliness level of the air inside them. The cleanroom class is the level of cleanliness the room complies with, according to the quantity and size of particles per volume of air. 

All necessary information regarding cleanroom technology you can find in the following standards:

• ISO 14644-1:2015 Cleanrooms and associated controlled environments — Part 1: Classification of air cleanliness by particle concentration - This standard includes the cleanroom classes ISO 1, ISO 2, ISO 3, ISO 4, ISO 5, ISO 6, ISO 7, ISO 8 and ISO 9, with ISO 1 being the “cleanest” and ISO 9 the “dirtiest” class (but still cleaner than a regular room). The most common classes are ISO 7 and ISO 8.
• ISO 14644-2:2015 Cleanrooms and associated controlled environments — Part 2: Monitoring to provide evidence of cleanroom performance related to air cleanliness by particle concentration
• ISO 14644-3:2019 Cleanrooms and associated controlled environments — Part 3: Test methods

• ISO 9001 typical objectives

  Quality objectives must be aligned with the quality policy and must be built upon the SMART framework.

  Examples of quality objectives can be:

  • Improve customer satisfaction level to no less than 80% in the next 18 months
  • Reduce customer complaints by 10% in the next 12 months
  • Meet deadlines agreed with the client at least in 85% of cases in the next 12 months
  • Pass all round-robin tests in the next 18 months without any non-conformity

  The following material will provide you more information:

  • How to define Key performance indicators for a QMS based ISO 9001: https://advisera.com/9001academy/24/define-key-performance-indicators-qms-based-iso-9001/-iso-9001/
  • How t write good quality objectives: https://advisera.com/9001academy/knowledgebase/how-to-write-good-quality-objectives/
  • Free webinar on demand - Measurement, analysis, and improvement according to ISO 9001:2015 -
    https://advisera.com/9001academy/webinar/measurement-analysis-and-improvement-according-to-iso-9001-2015-free-webinar/
  • Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
  • Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

• ISO 9001 processes and procedures in certification

  First, process and procedure are two different things. A process is a set of activities that convert inputs into outputs. A process is represented by a verb because process is transformation, process is action. A procedure is a description of what to do or how to do it.
  You do not need a procedure to describe every process or every job your organization does.

  ISO 9001:2015 has no mandatory procedures. Please check this article - List of mandatory documents required by ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/ 
  Please also take a look at clause 4.4.2 – It is up to each organization to decide which procedures are useful and should be developed. More complex organizations, or organizations with less training, or organizations with more staff turnover, normally decide to develop more procedures.

  You can find more information below:

  • ISO 9001:2015 process vs. procedure – Some practical examples - https://advisera.com/9001academy/blog/2016/01/19/iso-90012015-process-vs-procedure-some-practical-examples/
  • Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
  • Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

• Systéme qualité

  Mettre en place un sponsor de projet, un chef de projet et une équipe de projet. Assurez le soutien de la direction, obtenez une formation et, dans un premier temps, effectuez une analyse des lacunes pour déterminer la quantité de travail à effectuer - en comparant ce que votre organisation a déjà en place avec les exigences ISO 9001: 2015. À partir de cette analyse des lacunes, vous pouvez développer votre plan de projet, répertoriant ce qui doit être fait, par qui, jusqu'à quand.

  Ensuite, une étape importante consiste à concevoir un modèle de fonctionnement de votre organisation en tant qu'ensemble de processus interdépendants. Décidez comment décrire et surveiller ces processus.

  À partir de là, c'est la mise en œuvre afin de combler les lacunes constatées. Ensuite, effectuez un audit interne et une revue du system par la direction. Là, vous pouvez décider si votre organisation est prête pour un audit de certification.

  Ceci est une très courte description du voyage mais ci-dessous vous pouvez trouver des informations plus détaillées:

  • Free Gap Analysis Tool - https://advisera.com/9001academy/iso-9001-gap-analysis-tool/
  • Should you use a gap analysis in your ISO 9001 implementation? -https://advisera.com/9001academy/17/use-gap-analysis-iso-9001-implementation/
  • Checklist of ISO 9001 implementation & certification steps - https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/
  • ISO 9001 Implementation diagram - https://info.advisera.com/9001academy/free-download/iso-9001-implementation-diagram
  • Free webinar on demand - Overview of ISO 9001 implementation steps - https://advisera.com/9001academy/webinar/overview-of-iso-9001-implementation-steps-free-webinar-on-demand/
  • Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
  • Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
     

• Streamlining OHSMS

  Some smart ways of streamlining the OHSMS is to systematically work through the standard. If you are not using a toolkit that guides you through the implementation, then it is best to go through the ISO 45001 standard in order from clause 4 through 10 as it is in a fairly good order to understand the OHSMS. The only thing that is out of place is that you will want to set the process for documentation control (clause 7.5) first so that you have the rules for recording procedures and records as you go through.

  The other thing to keep in mind is to think about what you already have in place that could meet the requirements of the standard as you work your way though. If you are meeting your OH&S legal requirements you will likely have many processes already in place that might either completely, or partially, meet the standard requirements. It is also helpful to ensure that you think about what documentation you actually need instead of just trying to document everything. Simple and concise documentation will be more helpful that complicated and confusing procedures.

  You can learn more about OHSMS implementation in our free download: Diagram of ISO 45001 Implementation Process, https://info.advisera.com/45001academy/free-download/diagram-of-iso-45001-implementation-process

• Calibration Requirements

  As ISO 17025 applies to accredited calibration laboratories, they need to meet all the relevant requirements of the standard, other than only applicable for testing laboratories.

  I am not sure I understand fully your reference to a “calibration recall list”. There is no defined recall list as may apply to regulated products released to end users.

  Firstly the calibration laboratory must ensure the validity of the service to a testing laboratory before they accept the work. Before calibrating any testing laboratory equipment, a calibration laboratory needs to ensure that all their equipment used in that calibration meets the requirements of ISO 17025, as well as your performance specification as a customer. This includes metrological traceability to international units for all equipment used. They must make their Calibration and Measurement Capability (CMC) known, upfront. This means that following a documented process, they can express the capability of calibration and measurement to be performed for you, through a statement of uncertainty.

  If however, the laboratory discovers non-conforming work that was released by them, the process to address this is the same as for testing laboratories. They need to base decisions on risk, evaluate and make a decision about the significance of the deviation, and make a decision regarding action to be taken. The ISO 17025 requirement is that the customer will be informed. If necessary, work must be recalled.

  The following may be useful to you:

  • The ISO 17025 toolkit procedure Calibration of measurement equipment https://community.advisera.com/topic/calibration-of-measurement-equipment/
  • What does ISO 17025:2017 require for laboratory measurement equipment and related procedures? https://advisera.com/17025academy/blog/2019/07/25/iso-17025-measurement-requirements-of-the-standard/ 
  • What is ISO 17025? at https://advisera.com/17025academy/what-is-iso-17025/

• Some Information regarding ISO 13485 and ISO 9001

  Yes, the manufacturing of surgical masks must lie under the scope of ISO 13485.

  There is a difference between ISO 9001:2015 and ISO 13485:2016, and by implementing the ISO 9001 not all requirements for the manufacturing of medical devices will be fulfilled. It is not a question of preference, but what the legal regulations are and what requirements must be met in order for a medical device to comply with its regulations. ISO 13485:2016 is a standard that is specific for Manufacturers of medical devices (Medical devices — Quality management systems — Requirements for regulatory purposes). Besides that, on the web pages of the European Commission are stated which standards are applicable for all types of medical devices:  https://ec.europa.eu/growth/single-market/european-standards/harmonised-standards/medical-devices_en 

  On that list, which has around 300 standards, only ISO 13485:2015 is the standard for the quality management system.

  For more information on this topic, please see the following articles:

  • Similarities and differences between ISO 9001:2015 and ISO 13485:2016 https://advisera.com/9001academy/blog/2015/01/21/iso-9001-vs-iso-13485/
  • What is ISO 13485? - https://advisera.com/13485academy/what-is-iso-13485/
  • How to get ISO 13485 certified? - https://advisera.com/13485academy/iso-13485-certification/
  • Checklist of ISO 13485 implementation and certification steps - https://advisera.com/13485academy/knowledgebase/checklist-of-iso-13485-implementation-and-certification-steps/

  • Risk Assessment Table

    Please note that ISO 27001 objective is the protection of information, regardless of its format and where it is.

    Considering that, you need to evaluate your situation not by what you do, but by how it impacts the information you want to protect (in this case I'm assuming it is the data you access remotely).

    In your stated scenario, the loss of utility power may impact availability of processed information in the following ways:
    - an unauthorized person may have access to your facility an damage the equipment you use to remotely process data, so when utility power is back you cannot resume the work.
    - during the power loss, you cannot provide processed information

    In these cases, you need to consider how the UPS and generators affect your operational capacity to maintain the remote process of information. Basically, all these risks are actually related to availability of information, which is part of the C-I-A triad