Search results

ISO 9001 in the Pharmaceutical industry

Thank you Carlos

ISO 14001 in relation to International Financial Institution

This topic is included in clauses 4.2, 5.2 and 6.

Clause 4.2 b) is about the relevant needs and expectations of the relevant interested parties.

Clause 5.2 d) is about the commitment to comply with compliance obligations

Clause 6.1.3 is about determining the organizations’ compliance obligations related with its environmental aspects

Through clause 4.2 your organization determines relevant parties and their relevant requirements. Let us consider just two relevant interested parties

Both Government and the International Financial Institution have requirements that we can call compliance obligations. Government has legislation and the International Financial Institution has a signed contract.

Let us consider four alternative scenarios about requirements from both interested parties:

In scenario 1 – contract requirements are included in legislation – your organization must comply with legislation and in doing so complies with the contract requirements

In scenario 2 – contract requirements are more demanding than legislation – your organization must comply with contract requirements and in doing so complies with the legislation.

In scenario 3 – there are some contract requirements not included or more demanding than legislation - your organization must comply with legislation and with the extra requirements from the contract.

In scenario 4 – contract requirements are much more demanding than legislation but there are some requirements in legislation not included in the contract - your organization must comply with contract requirements and with the extra requirements from legislation.

You can find more information about ISO 14001:2015 below:

• Understanding the needs & expectations of interested parties in ISO 14001 - https://advisera.com/14001academy/blog/2017/04/03/understanding-the-needs-expectations-of-interested-parties-in-iso-14001/
• Compliance requirements according to ISO 14001:2015 – What has changed? - https://advisera.com/14001academy/blog/2015/09/14/compliance-requirements-according-to-iso-140012015-what-has-changed/
• Enroll for free in this course – ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/ 
• Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/

ISO 14001 implementation in a small company

Start with a self-assessment compliance checklist to list the initial gaps between ISO 14001:2015 requirements and your organization’s current environmental practices and performance. As long as you have top management support, any sound environmental management system starts with a clear identification of environmental aspects and impacts and its evaluation, and with an identification of any compliance obligations. Then, you have to plan your implementation project about how to improve environmental aspects situations and meet your environmental objectives aligned with an environmental policy. If you are in a hurry to implement your environmental management system, perhaps our ISO 14001:2015 Documentation Toolkit - https://advisera.com/14001academy/iso-14001-documentation-toolkit/ can be useful.

Please check this information below with more detailed answers:

• How to use an ISO 14001 self-assessment compliance checklist - https://advisera.com/14001academy/blog/2019/12/04/iso-14001-self-assessment-checklist-how-to-use-it/
• List of ISO 14001 implementation steps - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/list-of-iso-14001-implementation-steps/
• Project checklist for ISO 14001 implementation - https://info.advisera.com/14001academy/free-download/project-checklist-for-iso-14001-implementation
• ISO 14001:2015 Implementation diagram - https://info.advisera.com/14001academy/free-download/iso-14001-2015-implementation-diagram
• Article - Environmental aspect identification and classification - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/environmental-aspect-identification-and-classification/
• Article - Catalogue of environmental aspects - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/catalogue-of-environmental-aspects/
• Free webinar on demand - How to use a Documentation Toolkit for the implementation of ISO 14001 - https://advisera.com/14001academy/webinar/how-to-use-a-documentation-toolkit-for-the-implementation-of-iso-14001-free-webinar-on-demand/
• Enroll for free in this course – ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
• Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/
   

Environmental strategic risk and operational risk

How can environmental strategic risk be integrated with operational risk in environmental risk register?

Supplier Security Program (Annex A 15 Supplier Relationships)

Besides those classified as high risk or critical, for the identification of these suppliers you must consider:

• the ISMS scope, i.e., the suppliers that can affect the information you want to protect
• the legal requirements (e.g., laws, regulations and contract) you must comply to (for example, a contractual clause with a customer may require a specific supplier or suppliers to be included in the program)

If a supplier does not fall in one of the above-mentioned situations, then you do not need to include it in your supplier management program related to information security.

This article will provide you a further explanation about supplier management:

• 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/

8.5 production and service provison

Clause 8.5.3 may not be applicable to every organization.

Simple case – a customer bought a product and that product is returned for planned maintenance, or for correcting some defect, or for upgrading some part (last week I updated my computer battery, for example).

Business to business case – consider a brand that outsources the manufacturing of its jackets to a manufacturer. The manufacturer buys and applies all materials, but the brand supplies the high-profile brand labels. Those labels must be protected from theft or any kind of loss. For all purposes, those labels are like money.

Intellectual property – a customer send you, the manufacturer, the blueprints of its later high-tech gadget. Customers expect that the blueprints are protected from theft or leaking into the media.

Molds – A customer has a mold and asks your organization to manufacture injection molding parts with it. The customer expects that you don’t start injection parts with that mold for your own use.

External providers – It is becoming more common that organizations don’t possess equipment, they rent it to an external provider. For example, in a construction company, the scaffolding structure used may belong to an external provider.

You can find more information below:

• How does ISO 9001 property clause 8.5.3 reflect on software? - https://advisera.com/9001academy/blog/2018/03/23/how-does-iso-9001-property-clause-8-5-3-reflect-on-software/
• Free webinar on demand - Overview of ISO 9001 implementation steps - https://advisera.com/9001academy/webinar/overview-of-iso-9001-implementation-steps-free-webinar-on-demand/
• Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/

ISO 17025 Quality Manual Option B

Firstly a comment. As laboratories that are already ISO 17025:2017 accredited do not typically seek ISO 9001 certification, I assume you are referring to the larger organisation going for ISO 9001 certification for support departments like HR and Finance ? A laboratory that is accredited to ISO 17025 conforms to the requirements of ISO 17025 clause 8, Management requirements for laboratory activities. As these are the clauses covered in ISO 9001 management, It is considered that the laboratory fulfils the intent of ISO 9001.

You can refer to a similar question and reply, Are there any things in ISO 9001 not covered by ISO 17025? at https://community.advisera.com/topic/are-there-any-things-in-iso-9001-not-covered-by-iso-17025/

You asked

Is it better to integrate or have two separate manuals. The chances of having an integrated or combine audit is zero, since it is two separate bodies. There is a strong suggestion to integrate the manuals”

This is a organisational preference. If top management is the same for the ISO 17025 and ISO 9001 activities, then rather have one manual.  This is simpler, and duplication will be avoided. The argument for two separate manuals can be made if there are different people involved, for different departments, such as HR. I suggest you look at the risks of combining them, versus having them separate in terms of responsibilities for processes such as dealing with complaints and noncomformances, auditing, management review and couemntation.

For more information, see ISO 17025 – Main guidelines at https://advisera.com/17025academy/what-is-iso-17025/  and the article ISO 17025 vs. ISO 9001 – Main differences and similarities at https://advisera.com/17025academy/blog/2019/07/11/iso-17025-vs-iso-9001-main-differences-and-similarities/ for some more insight.

Test validity for the regulatory bodies

You asked if your laboratory's use of a internal Standard test method will be valid for the regulatory bodies, even if you are not accredited.

I am not in the position to comment on specific regulations (e.g. FDA GMP) and can only comment from an ISO 17025 implementation and accreditation point of view.  Performing a test is only a part of the overall management system requirements of ISO17025. The competency required to provide a consistently valid result is demonstrated through a number activities to meet the requirements of ISO 17025. Hence the importance of accreditation – the process of independent assessment and attestation to this competency.

I do not know what regulatory bodies you are referring to, nor the purpose of the test, i.e. type of product and application. Bear in mind the requirements may be different; for example if the test results were being used for quality control for a manufacturer, compared to studies for research or a product registration.  As the laboratory, your responsibility is to understand, define and document the requirements for the work you do.  Out of interest, I can mention that if the testing relates to alcohol-based hand sanitizer products during the COVID-19 pandemic; the FDA has issued a Temporary Policy for the preparation of certain products. See https://www.fda.gov/regulatory-information/search-fda-guidance-documents/guidance-industry-temporary-policy-preparation-certain-alcohol-based-hand-sanitizer-products-during

I suggest you enquire as to the specific requirements of your customers (the use / purpose of the test result) and the requirements of their applicable regulatory bodies. ISO 17025:2017 clause 7.1 Review of requests, tenders and contracts and clause 7.2 Selection Verification and validation of methods are particularly relevant to your question. These are covered under section 09_Customer_Service and 10_Test_and_Calibration_Method in the ISO 17025 toolkit. https://advisera.com/17025academy/iso-17025-documentation-toolkit/

Sandblasting under ISO 14001

ISO 14001:2015 does not forbid any specific practice. ISO 14001:2015 require that organizations commit to comply with legislation or regulation applicable. So, if in your country there are no compliance obligations forbidding sand blasting you can use it. If during your initial environmental assessment, you conclude that sand blasting has significant environmental impacts, your organization should take actions to minimize or control those impacts.

Please consider these sources of information:

• Article - Identifying environmental aspects in the engineering business according to ISO 14001 - https://advisera.com/14001academy/blog/2017/03/20/identifying-environmental-aspects-in-the-engineering-business-according-to-iso-14001/
• Article - Environmental aspect identification and classification - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/environmental-aspect-identification-and-classification/
• Article - Catalogue of environmental aspects - https://advisera.com/14001academy/blog/2019/08/27/key-iso-14001-benefits-to-customers/nowledgebase/catalogue-of-environmental-aspects/
• Free webinar - ISO 14001: Identification and evaluation of environmental aspects - https://advisera.com/14001academy/webinar/iso-14001-identification-and-evaluation-of-environmental-aspects-free-webinar-on-demand/
• Enroll for free in this course – ISO 14001:2015 Foundations Course - https://advisera.com/training/iso-14001-internal-auditor-course/
• Book – The ISO 14001:2015 Companion - https://advisera.com/books/the-iso-14001-2015-companion/