Search results

Requirement for ISO 13485 of procedure of Human resources and another procedure of Infrastructure and working environment

1. Hi, if we have few employees (8) with many outsourced freelancers, and we don't own the working place, is it required for ISO13485 a procedure of Human resources and another procedure of Infrastructure and working environment?

According to the ISO 13485:2016 requirement 6.2 Human resources, for all personnel that performs work that affects product quality you need to document competencies, training needed, and description of how you will ensure the awareness of the employees. Therefore, you need a Human resource procedure for your 8 employees, but also for all freelancers because you need to state the criteria how will you choose your freelancers and which competencies freelancers need to have.

You can see on the following link how our Procedure for Human resource in our ISO 13485:2016 documentation toolkit looks like: https://advisera.com/13485academy/documentation/procedure-for-human-resources-iso-13485-2016/

2. If it is, why?

Considering the procedure for infrastructure and working environment, if you do not have a working place, then you can exclude the working environment part. However, if you have computers, mobile phones, and/or cars for your employees, then those elements are your infrastructure. Therefore, you need to make a documented procedure for maintaining this electronic equipment. Your infrastructure is also some server where you make your back-up or cloud service so be sure that it is included as well.

For more details on managing medical device infrastructure requirements, please read the following article:

• Managing medical device infrastructure requirements according to ISO 13485:2016 https://advisera.com/13485academy/blog/2017/06/28/managing-medical-device-infrastructure-requirements-according-to-iso-13485/

You can see on the following link how the Procedure for Infrastructure and work environment in our ISO 13485:2016 documentation toolkit looks like: https://advisera.com/13485academy/documentation/procedure-for-infrastructure-and-work-environment-iso-13485-2016/

6.1.3 (f) and acceptance by top management

Please note that in the template the risks are accepted by top management on behalf of the risk owners, i.e., the acceptance is made according to what is defined by risk owners, so this approach fulfills clause 6.1.3 (f), and approval of all risk owners is not needed.

This article will provide you a further explanation about risk owner:

• Risk owners vs. asset owners in ISO 27001:2013 https://advisera.com/27001academy/knowledgebase/risk-owners-vs-asset-owners-in-iso-270012013/

This material will also help you regarding risk management:

• Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/

ISO 14001 questions

your answers are clear, concise and extremely helpful.  Thank you so much for your help!

Sistema de gestión

Primeramente debe contar con el apoyo de la dirección de la organización, que será clave durante el proceso de implementación de ISO 9001:2015, también para proporcionar los recursos necesarios.

Más tarde le recomiendo llevar a cabo  un análisis GAP o de brecha, que le va a ayudar a identificar aquellos requisitos que ya cumple y los que le debe aún cumplir. Aquí puede llevar a cabo el análisis de forma gratuita: https://advisera.com/9001academy/iso-9001-gap-analysis-tool/

Es muy importante que usted conozca cada una de las cláusulas para poder llevar a cabo el proyecto de implementación de ISO 9001, y para dar respuesta a esos requisitos con los que su organización debe cumplir . En este white paper puede encontrar información resumida sobre cada una de ellas - Clause by clause explanation of ISO 9001: https://info.advisera.com/9001academy/free-download/clause-by-clause-explanation-of-iso-90012015

Más adelante, puede escribir un plan de proyecto en el que de signa responsabilidades, define la documentación que va a escribirse, los plazos etc. En este enlace puede descargarse una plantilla - Plan de Proyecto para la implementación de ISO 9001:https://info.advisera.com/9001academy/es/descarga-gratuita/plan-de-proyecto-para-la-implementacion-de-iso-9001-ms-word

Luego ya podría empezar con la implementación de la norma: la definición de la política de calidad, los objetivos de calidad y planes para llevarlos a cabo, el contexto de la organización y sus partes interesadas, el alcance del SGC, etc...hasta llegar a la auditoría interna y la revisión por la dirección, que sería el paso previo para certificarse. En este enlace puede descargarse un checklist para la implementación de la norma - Projectect checklist for ISO 9001:2015: https://info.advisera.com/9001academy/free-download/project-checklist-for-iso-9001-2015-implementation

Estos materiales pueden ayudarle con la implementación de ISO 9001:2015:
- Libro – Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
- Formación gratuita en línea – Fundamentos de ISO 9001:2015 : https://advisera.com/es/formacion/curso-fundamentos-iso-9001/

Free Calculator - Duration of ISO 27001/ISO 22301 Implementation

1. A quick question on your calculator..
Q. Number of physical locations.. We have 5 employees who all work remotely. We don't have a physical office. So is this 5 physical locations?

For certification purposes, you need to consider at least one of your remote places as the organizations' Head Quarters (e.g., the CEO place), and the others can be considered out of the scope and treated as remote locations. Considering that, you can inform a single location in the calculator.

2. another question on the calculator. One of the question asks, will a project manager be assigned (or something along those lines), I ticked 'yes' as I am assigned as PM and I am a Prince2 practitioner. Does this assume a full time employee? I am part time, therefore I wonder if the calculation would be longer if it took that into account?

The calculator considers an effort of one day per week (or 8h per week) for the person in the role of project manager

Other people that will need to be involved:

• Sponsor of the project (e.g. the CEO) - ca 4 hours per month - for approving main documents and resolving conflicts
• Head of IT department - ca 2 man/days per month - for reviewing the documents and coordinating the IT side of the implementation
• Heads of the departments - ca 5 man/days during the whole implementation - for participating in the risk assessment, reviewing the documents and coordinating the implementation in their departments

ISO 17025 : 2017 transition stage

If you are referring to the changes the laboratory need to make or has made to transition from ISO 17025:2005 to ISO 17025:2017; yes the laboratory should perform a gap assessment, look at the risks of not meeting the requirements, decide on what is required and record actions /changes to take place. The accreditation body would have a guideline and perhaps even a transition checklist for the laboratory to use. This may be requested of you before the assessment. Remember however that in terms of accreditation, transitional changes are requirements, not merely improvements.

I recommend you contact your accreditation body for more information on specific transitional guidelines or requirements

The following article may be of assistance:  ISO/IEC 17025:2005 vs. ISO/IEC 17025:2017 revision: What has changed? At https://advisera.com/17025academy/blog/2019/11/13/iso-17025-2017-vs-iso-17025-2005-key-changes-infographic/. You can also download the free whitepaper Checklist of mandatory documents required by ISO 17025:2017 at https://info.advisera.com/17025academy/free-download/checklist-of-mandatory-documents-required-by-iso-17025.

The folloing ISO 17025 toolkit preview may also be of value - Addressing Risks and Opportunities Procedure at https://advisera.com/17025academy/documentation/addressing-risks-and-opportunities-procedure/

Application of ISO 22301 certification

ISO management standards cannot be applied to products, only to the process that supports them (in case of ISO 22301, the continuity of the processes that are involved in the delivery of the product).

For further information, see:

• ISO 27001/ISO 22301: The certification process [free webinar on demand] https://advisera.com/27001academy/webinar/iso-27001iso-22301-certification-process-free-webinar-demand/

Scope clause

ISO 9001:2015 clause 4.3 is about the scope of the quality management system (QMS). Once determined the scope an organization may find that some clauses may be not applicable. For example, an organization may have two kinds of business:

1. Manufacturing products that are sold to consumers through stores
2. Manufacturing products according to client’s instructions and with client’s materials

If the QMS scope is only about business 1, then clause 8.5.3 is not applicable. Please check ISO 9001:2015 Annex A.5 about applicability

The following material will provide you more information about scope and exclusions:

• How to define the scope of the QMS according to ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-define-the-scope-of-the-qms-according-to-iso-90012015/
• What clauses can be excluded in ISO 9001:2015? https://advisera.com/9001academy/blog/2015/07/07/what-clauses-can-be-excluded-in-iso-90012015/2015/
• Free webinar on demand - ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope -
• Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
   

ISO 9001 Course

Please check this article - How to choose the most appropriate training - https://advisera.com/training/compare/ - where you can find this table:

Where the first column sets the circumstances in which each course will most applicable. For example, the ISO 9001:2015 Foundations Course can be useful to help you implement a quality management system in your school.

You can find detailed information about how to plan and implement a quality management system in the following links:

• Checklist of ISO 9001 implementation & certification steps - https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/
• ISO 9001 Implementation diagram - https://info.advisera.com/9001academy/free-download/iso-9001-implementation-diagram
• Free webinar on demand - Overview of ISO 9001 implementation steps - https://advisera.com/9001academy/webinar/overview-of-iso-9001-implementation-steps-free-webinar-on-demand/
• Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/