Search results

EU MDR

Thank you

Accreditation bodies for Lab

 "Do you have any suggestion for accreditation bodies for Lab to accredited ISO 17025?

I am unable to make suggestions on such a matter. Certain countries have a single accreditation body, and laboratories do not have a choice. If you do have a choice, you may choose to speak with laboratories that have been through the process; and form your own opinion as who to choose.

What is the difference between accreditation bodies and certification bodies?

Certification bodies assess and certify organizations or people, whereas accreditation bodies assess and accredit laboratories. Accreditation is not compulsory for certification bodies, however, all accreditation bodies themselves accredited, mandated by national legislation. Depending on the scope of work, the standard to which accreditation and certification bodies are accredited differ. ISO 17011 is the Standard for Accreditation Bodies, whereas ISO 17024 is the standard for Conformity assessment - General requirements for bodies operating certification of persons.

The following article may be of interest, providing a good explanation and further information

Clause 4.1 and 4.2

If we think in iterative terms, it doesn't matter where to start. I usually start by determining the relevant internal and external issues. Then, we determine the stakeholders and their needs and expectations. In determining these needs and expectations, we often see the need to complete the list of issues previously developed.

Then, as shown in this free webinar on demand – ISO 9001:2015 clause 4 – Context of the organization, interested parties, and scope – https://advisera.com/9001academy/webinar/iso-90012015-clause-4-context-of-the-organization-interested-parties-and-scope-free-webinar-on-demand/ we determine risks and opportunities

The following material will provide you more information about the context and interested parties:

- Case study for ISO 9001:2015 transition in a construction company - https://info.advisera.com/hubfs/9001Academy/9001Academy_FreeDownloads/Case_study_for_ISO_9001_2015_transition_in_construction_company_EN.pdf
- How to identify the context of the organization in ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-identify-the-context-of-the-organization-in-iso-90012015/
- How to determine interested parties and their requirements according to ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/11/10/how-to-determine-interested-parties-and-their-requirements-according-to-iso-90012015/
- Free webinar - ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope - https://advisera.com/9001academy/webinar/iso-90012015-clause-4-context-of-the-organization-interested-parties-and-scope-free-webinar-on-demand/
- Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

ISO 9001 mandatory documents

ISO 9001:2015 does not require as mandatory a document called quality plan. However, planning quality is of paramount importance.

• Second paragraph of clause 8.4.1 of ISO 9001:2015 states “The organization shall determine the controls to be applied”
• Clause 8.5.1 c) of ISO 9001:2015 states “the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met”
• First paragraph of clause 8.6 of ISO 9001:2015

Slide 11 of this free webinar on demand - Measurement, analysis, and improvement according to ISO 9001:2015 - https://advisera.com/9001academy/webinar/measurement-analysis-and-improvement-according-to-iso-9001-2015-free-webinar/ - includes an example of what can be used as a template for a quality plan. Remember, these days many organizations do not use paper even digitally, the rules from quality planning can be distributed through internet applications, machine software and many other ways.

Video Tutorials not aligned to downloaded document

I'm sorry about this problem - this particular video was made for earlier revision of the standard, and the templates were updated to include improvements.

If you find any other differences between any video tutorial and the templates, please consider the templates, because they are up to date to the current version of the standard.

If you still feel you need more information about this topic, you can schedule a meeting with one of our experts. To schedule a meeting, please access this link: https://advisera.com/27001academy/consultation/

Common Risks associated with ISO 9001 Quality Management Systems

Please avoid generic lists of risks. Each organization is a particular case.

According to ISO 9001:2015 organizations can determine three types of risks:

• Risks related with context and interested parties;
• Risks related with products and services; and
• Risks related with processes

 Please check these free webinars on demand where I present examples of such risks:

• ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope - https://advisera.com/9001academy/webinar/iso-90012015-clause-4-context-of-the-organization-interested-parties-and-scope-free-webinar-on-demand/
• How to perform management review according to ISO 9001:2015 - https://advisera.com/9001academy/webinar/how-to-perform-management-review-according-to-iso-9001-2015-free-webinar-on-demand/ 
• How to implement risk management in ISO 9001:2015 - https://advisera.com/9001academy/webinar/how-to-implement-risk-management-in-iso-90012015-free-webinar/

You can find more information about risks below:

- How to address risks and opportunities in ISO 9001 - https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/
- Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
 

Encrypting customer data

Encryption is considered a good security measure under article 32 GDPR paragraph 1 letter a, so it is highly recommended when feasible.The Regulation, in fact, leaves up to the Data Controller to decide if the measure is appropriate to the risk for the rights and freedoms of natural persons, considering the state of art and the cost of implementation as well as the nature, scope, and purposes of the processing.

Whatever the choice will be, consider the accountability principle and explain in your internal policy why the data controller adopted or not such measure.

You can find more information here:

EU GDPR controller vs. processor – What are the differences?: https://advisera.com/eugdpracademy/knowledgebase/eu-gdpr-controller-vs-processor-what-are-the-differences/The obligations of controllers towards Data Protection Authorities according to GDPR: https://advisera.com/eugdpracademy/blog/2017/12/11/the-obligations-of-controllers-towards-data-protection-authorities-according-to-gdpr/How cybersecurity solutions can help with GDPR compliance: https://advisera.com/eugdpracademy/blog/2017/11/27/how-cybersecurity-solutions-can-help-with-gdpr-compliance/

You can also find some useful information in our free online GDPR Foundation Course: https://advisera.com/training/eu-gdpr-foundations-course//

Sending audit checklist to auditee

I must confess that while performing the first internal audits to management systems under implementation, I use to send my audit checklist to the auditee prior to the audit. It is their first experience with an audit, and I want them to be prepared. During the audit they do not comment the checklist, any comment should be done prior to the audit.

You can find more information about checklists below:

- ISO 9001 Audit Checklist - https://advisera.com/9001academy/knowledgebase/iso-9001-audit-checklist/
- free online training ISO 9001:2015 Internal Auditor Course – https://advisera.com/training/iso-9001-internal-auditor-course/
 - book -  ISO Internal Audit: A Plain English Guide - https://advisera.com/books/iso-internal-audit-plain-english-guide/

Management of diseases

ISO 45001 is a standard set of requirements to help you implement a good OH&S management system, and as such is not specifically detailed about creating processes to combat an epidemic. The standard does, however, include requirements to identify and prepare for emergency situations. It would be reasonable, for a company to have the need to prepare for their response to a pandemic emergency.

To find out what is included in the standard, see our free whitepaper: Clause-by-clause explanation of
ISO 45001:2018, https://info.advisera.com/45001academy/free-download/clause-by-clause-explanation-of-iso-45001

Quality Manual vs. QMS Document vs. Quality Plan

ISO 10005 Quality management systems - Guidelines for quality plans provides guidance on establishing and using quality plans as a means of relating requirements of the process, product, project or contract, to work methods and practices that support product realization. Benefits of establishing a quality plan are increased confidence that requirements will be met, that processes are in control and the motivation that this can give to those involved.