Search results

ISO 45001 resistance from company management and employees

Making change in an organization can be difficult with resistance, especially from management and supervisors. The only real way to deal with this is to focus on the benefits that the management system will give you. I would suggest not talking about the certification, as many people don’t understand this, but rather on the benefits of having a systematic system in place for managing OH&S and improving workplace safety to prevent injury and ill health.

Another thing to consider is finding those who are in favor of the change, after explaining the benefits, and working with them to help convince others.

You can read more on the benefits in this article, 4 key benefits of ISO 45001 for your business, https://advisera.com/45001academy/blog/2015/09/30/4-key-benefits-of-iso-45001-for-your-business/

MDR Deadline

For class I, you do not need the Notified body. What you need is to implement ISO 13485:2016, and then certification body will audit your Quality Management System according to ISO 13485. 

For medical device class Ir, you need to certify it under the MDR by May 2024. There is no postponement for these device classes. 

Identifying gaps between ISO 13485 and ISO 9001

We do not have as part of our documentation toolkit any GAP analysis template. But you can look at this article for details:

• Similarities and differences between ISO 9001:2015 and ISO 13485:2016 https://advisera.com/9001academy/blog/2015/01/21/iso-9001-vs-iso-13485/

Also, you can check the Annexes in ISO 13485:2016, where you have a cross-reference table between ISO 9001:2015 and ISO 13485:2016.

Specific pharma industry question

Here are four detailed examples of risk management practices:

Microbiological Contamination Control risk:

• Management Approach: Implementing environmental monitoring programs, aseptic processing techniques, and robust sanitation practices to prevent microbial contamination. Conduct risk assessments to identify critical control points, establish microbial limits, and implement effective disinfection procedures, air filtration systems, and personnel training to mitigate the risk of microbial contamination during manufacturing.

Raw Material Quality Control risk:

• Management Approach: Implementing supplier qualification programs, quality agreements, and rigorous testing protocols to ensure the quality, purity, and identity of raw materials. Conduct risk assessments to evaluate the impact of raw material variability on the final product and establish appropriate specifications and controls to mitigate risks associated with raw material quality variations.

Process Robustness and Variability risk:

• Management Approach: Employing Quality by Design principles to design and optimize manufacturing processes, identifying critical process parameters, establishing control strategies, conducting risk assessments to understand and mitigate potential process variability, and implementing Process Analytical Technology (PAT) tools and continuous process monitoring to ensure consistency and robustness in manufacturing operations.

Packaging Integrity and Stability risk:

• Management Approach: Implement comprehensive packaging material qualification, stability testing, and integrity checks to ensure the packaging system maintains product integrity throughout its shelf-life. Conduct risk assessments to identify vulnerabilities in packaging processes and implement protective packaging, barrier systems, and appropriate storage conditions to mitigate packaging integrity and stability risks.

BIA Questionaire Assistance

Included in your toolkit, you have access to a video tutorial that will guide you, providing real examples of how to fill in the BIA Questionnaire.

The information about how to access the tutorial is included in the e-mail you received when you bought the toolkit. 

For further information, see:

• How to implement business impact analysis (BIA) according to ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-implement-business-impact-analysis-bia-according-to-iso-22301/
• Five Tips for Successful Business Impact Analysis https://advisera.com/27001academy/blog/2010/06/10/five-tips-for-successful-business-impact-analysis/

Becoming third-party certification body

First, you need to get certificates that you are lead auditors for certain standards. Then you need to prepare all necessary documentation stated in standard ISO 17021-1 Conformity assessment - Requirements for bodies providing auditing and certification of management systems, Part 1: Requirements. When you prepare it, you need to pass the accreditation audit conducted by some Competent authority or National accreditation body. Each country has its own Competent authority or National accreditation body.

Only when you receive an Accreditation certificate from a Competent authority or Accreditation body, you can market yourself as a Certification body.

Here are some more information regarding certification body.

Risk Management

This is a good approach. The point is that these similar devices should have a similar intended purpose and be produced by similar technological processes. 

Will ISO 9001:2015 be updated until 2030?

ISO 9001:2015, most likely will not remain valid until the year 2030.

Currently, Technical Committee 176, Sub Committee 2, (TC 176/SC2) is already working on ISO 9001 revision.

Last July 29th the result of an ISO ballot was announced, and the majority of the National Standards Bodies comprising TC 176/SC2 voted in favor of starting the revision of ISO 9001. It will be a limited revision.

ITSCM and BCM

ITSCM and BCM should be integrated. BCM is driving ITSCM in a way that BCM defines objectives (from the business point of view). Since all business activities are usually supported by IT services – defined BCM targets directly influence ITSCM targets.

In practice, ITSCM people should talk to BCM and get inputs for their TSCM objectives. If BCM doesn't exist, ITSCM should speak directly with the business.

Read this article to get more info: IT Service Continuity Management – waiting for the big one https://advisera.com/20000academy/blog/2013/09/24/service-continuity-management-waiting-big-one/