Search results

ISO 9001 quality documentation

Below you will find links for: how to structure the quality management system documentation – what kind of documents and their purpose; the mandatory documents required by ISO 9001:2015; Advisera’s ISO 9001:2015 Documentation Toolkit.

The following material will provide you more information about documentation:

- How to structure quality management system documentation - https://advisera.com/9001academy/knowledgebase/how-to-structure-quality-management-system-documentation/
- List of mandatory documents required by ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/
- ISO 9001:2015 Documentation Toolkit - https://advisera.com/9001academy/iso-9001-documentation-toolkit/

- Free webinar on demand – How to use a Documentation Toolkit for the implementation of ISO 9001 - https://advisera.com/9001academy/webinar/how-to-use-a-documentation-toolkit-for-the-implementation-of-iso-9001-free-webinar-on-demand/
- Free online training ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- Book - Managing ISO Documentation: A Plain English Guide - https://advisera.com/books/managing-iso-documentation-plain-english-guide/

Applicable regulation in aftermarket

Regarding regulation, you’ll need some background knowledge, since standards, regulations, and practices in North America differ fundamentally from those in markets using the IEC standards. If you are interested in applicable standards, you can check some of the standards for Valve Actuators (e.g. ISO 22153:2020 Electric actuators for industrial valves — General requirements).

Regrading legal responsibility, you should also find legal representatives for both countries of the manufacturing and county of the aftermarket. Answer for accidents or injuries of end-user are main concerns, and besides the legal part, you should have deep analysis in your system, so you are able to recognize all places of potential injuries your product can cause. In this way, you can find places for improvement and level up product safety.

Mobile device

Your assumption is correct, you can include a laptop in the mobile device category.

Broadly speaking, a mobile device is any device that can be easily moved from one location to another. Over time, this category has expanded to include cell phones, laptops, smartphones, smartwatches, and other portable devices.

For more information, see:

• How to write an easy-to-use BYOD policy compliant with ISO 27001https://advisera.com/27001academy/blog/2015/09/07/how-to-write-an-easy-to-use-byod-policy-compliant-with-iso-27001/

Difference between ISO 27001:2013 and ISO 27000:2016

The differences are:

• ISO 27001 provides the requirements for the planning, implementation, operation, and improvement of an Information Security Management System (ISMS). This one is the standard to be used as a reference for certification.
• ISO 27000 provides the terms and definitions commonly used in the ISO 27001 family of standards. This is a supporting standard to make an understanding of the ISO 27001 family of standards easier.

This article will provide you a further explanation about ISO 27001:

• What is ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/

Separate organizations in one location

Yes, you can. Two different organizations with different legal existence, even in the same location can have different ISO 9001:2015 certificates.

Even two organizations belonging to the same entity can have different certificates if each certificate is about a different scope.

You can find more information about scope below:

- How to define the scope of the QMS according to ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/how-to-define-the-scope-of-the-qms-according-to-iso-90012015/
- What clauses can be excluded in ISO 9001:2015? https://advisera.com/9001academy/blog/2015/07/07/what-clauses-can-be-excluded-in-iso-90012015/2015/
- Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

Toolkit content

No, since each company has its own coding system, we have left our clients to insert their own codes into the documents. Of course, the policies and procedures in our toolkit make cross references to other documents using their names, but you can insert also the codes as well if you see this as necessary.

For more details please read the following article: Common mistakes with ISO 13485:2016 documentation control and how to avoid them https://advisera.com/13485academy/blog/2018/03/14/common-mistakes-with-iso-134852016-documentation-control-and-how-to-avoid-them/

Gestión del cambio

Los cambios que debe tener en cuenta son aquellos que pueden afectar a su sistema de gestión de calidad y estos cambios pueden tener diferentes orígenes: pueden surgir durante las reuniones de gestión de riesgos, también de las no conformidades detectadas, o de las encuestas de satisfacción del cliente. Así mismo, pueden provenir de cambios en alguna normativa o requisito legal que afecte a su empresa, o de otros cambios en los requisitos del producto o servicio que ofrece. Estos cambios deben ser registrados y planificados según la norma ISO 9001:2015

Para más información sobre la gestión de los cambios en ISO 9001:2015, vea los siguientes materiales: 

- Artículo - QMS change management in 7 steps: https://advisera.com/9001academy/blog/2016/11/29/qms-change-management-in-7-steps/

- Libro - Discover ISO 9001:2015 through practical examples: https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

- Curso de Fundamentos ISO 9001:2015: https://advisera.com/es/formacion/curso-fundamentos-iso-9001/

Impact of ISO 9001 implementation

I worked as a consultant with several construction enterprises of SMEs level in the implementation of ISO 9001. In my experience the main impacts are:

• Better overall planning;
• Better raw materials control and less shortages;
• Better customer focus and increased customer satisfaction

Some organizations were able to reduce maintenance costs and get more demanding and rewarding projects.

You can find more information about ISO 9001 below:

- Would construction companies benefit from ISO 9001? - https://advisera.com/9001academy/blog/2016/06/07/would-construction-companies-benefit-from-iso-9001/
- Quality Management System: What is it? - https://advisera.com/9001academy/knowledgebase/quality-management-system-what-is-it/
- Six Key Benefits of ISO 9001 Implementation - https://advisera.com/9001academy/knowledgebase/six-key-benefits-of-iso-9001-implementation/
- Free webinar on demand - Overview of ISO 9001 implementation steps - https://advisera.com/9001academy/webinar/overview-of-iso-9001-implementation-steps-free-webinar-on-demand/
- Case study for ISO 9001:2015 transition in a construction company - https://info.advisera.com/9001academy/free-download/case-study-for-iso-9001-2015-transition-in-a-construction-company
- Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

Risk & opportunities for food testing laboratory

The standard specifies the need for the following, related to risks and opportunities:

1. Consider them
2. Plan how to address them
3. Take action proportional to the potential impact on the validity of the results  (i.e. positive impact in the case of opportunities, and negative impact in the case of risks)
4. Evaluate the effectiveness of the actions taken
    

To “consider “means to think carefully about the risks and opportunities before making a decision. Central to all decision making is thinking about the risk or opportunity for improvement in terms of ensuring and safeguarding the laboratory’s defined quality objectives. These objectives should be aligned to the requirements of the standard. i.e. impartiality, competence and consistent operation.

The “considering” process can involve various methodologies and tools, including process mapping, brainstorming and use of the Plan-Do-Check-Act (PDCA) cycle. Start with mapping your processes and brainstorming. The best approach is produce a Registry of Key Risks and Opportunities, with suitable columns, including for example description, responsibility. For each activity ask the question – is there a risk to safeguarding impartiality, competence or consistent operation? If the answer is yes, in order to meet the requirement of point two and three above, you need to first evaluate risks and opportunities using a risk matrix, considering the existing controls already in place. Once the risks and opportunities are ranked in priority (high to low), you can move to planning how to firstly reduce the high risks; and implement the opportunities found to have a high benefit-to-risk (of implementing) ranking. Choose the actions that are most likely to reduce or control the risk, or ensure success of improvement. Assign responsibility and due date.

Finally, as with any laboratory activity, the efficiency of the activity must monitored. This can be done through existing activities such as nonconforming events, internal audits and management review. Show evidence of this evaluation by updating the risk register and recording the date of last review.

Have a look at the following articles, which will provide more guidance:

• Five-step laboratory risk management according to ISO 17025:2017 https://advisera.com/17025academy/blog/2019/12/05/iso-17025-risk-management-in-five-steps/
• Plan-Do-Check-Act in the ISO 9001 Standard, also applicable to ISO 17025 https://advisera.com/9001academy/knowledgebase/plan-do-check-act-in-the-iso-9001-standard/

The ISO 17025 procedure and registry template are available stand-alone, or part of the toolkit:

• Addressing Risks and Opportunities Procedure https://advisera.com/17025academy/documentation/addressing-risks-and-opportunities-procedure/
• Registry of Key Risks and Opportunities https://advisera.com/17025academy/documentation/registry-of-key-risks-and-opportunities/
   

Requirement of records of training, skill, experience, and qualifications

Your understanding is correct. Please note that the Training and Awareness Plan defines which records must be kept, but it does not contain them itself. In the column "Implementation record of necessary training", you need to inform where such records can be found, and some of them will be stored by HR in the employees' personal files.

This article will provide you a further explanation about performing training:

• How to perform training & awareness for ISO 27001 and ISO 22301 https://advisera.com/27001academy/blog/2014/05/19/how-to-perform-training-awareness-for-iso-27001-and-iso-22301/