Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11268 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Incoming inspection results and clause 9.1.1.1 of IATF 16949
The standard requires records of actual values and/or test results of variable data, so you need to add these values to the pass/fail format. -
Continual vs continuous improvement
Continuous improvement asks the organisation to continuously improve its processes already in place, while continual improvement asks the company to look outside its boundaries at the external competition and continuously benchmark itself to not only improve but also innovate its processes. Breakthrough improvement here forms a part of continual improvement.
Continuous improvement does ask the organisation to sustain its developments, whereas continual improvement asks to develop, implement and sustain and again repeat the cycle
Am I right in my understanding? Could you kindly point out more differences ?
Thank you for your time and support.
Answer:
"Continuous improvement" and "Continual improvement" are often used interchangeably and shouldn't be used in that manner. Continuous indicates duration without interruption. Continual indicates d uration that continues over a long period of time, but with intervals of interruption.
Continuous improvement means that organizations are in a constant state of driving process improvements. This involves a focus on linear and incremental improvement within existing processes. Continual improvements means that organizations go through process improvements in stages and these stages are separated by a period of time. This period of time might be necessary to understand if the improvements did actually help the bottom line. In some cases, the results might take a while to come to realization.
Continual and continuous improvement have nothing to do with how the organization achieves the improvements but rather with whether the improvement is linear or not. -
Complying with clause 8.4 of ISO 9001:2015 in trade company
Since we are a trading company (buy and sell), we have "Control" with our suppliers of the goods however, the forwarder company we used are normally good in service.
We did not have any control for the forwarder. We would like to know whether it would be OK for being audited against the NEW ISO 90001 2015.
In addition, we will use some caliper to measure the length of the product. The caliper will be calibrated by external accredited laboratory. Since they are accredited,
We did not have any control measure with the laboratory. Would it be OK being audited against with the New ISO 9001 2015?
Answer:
The standard requires organization to establish control over externally provided processes products and services but it doesn't specify what kind of controls. So, the organization can decide on the level of controls necessary, in your case it can be only counting the amount of goods received or measuring the length of the product. As fa r as the laboratory is concerned, if they are accredited, no further control is necessary, you only need to have an evidence that they are accredited.
For more information, see: How to control outsourced processes using ISO 9001 https://advisera.com/9001academy/blog/2015/05/05/how-to-control-outsourced-processes-using-iso-9001/ -
Transition of ISO 9001 and ISO 13485
I want to know if there is no production of medical machine after successfully ISO 13485 and ISO 9001:2008 what will be the consequences in future surveillance audits, as ISO 9001:2015 is update from 2008 so it is necessary to implement ISO 9001:2015 in surveillance audit?
If you want to maintain your ISO 9001 certificate, you will need to make transition to the new version of the standard until September 2018. This can be done during surveillance audits or re-certification audits. In my opinion, it is better to conduct it during re-certification audit since the cost of the surveillance audit is smaller than the re-certification and getting certified against new version of ISO 9001 is practically a certification audit and will be charged appropriately. The same rule applies to ISO 13485 as well.
Since ISO 13485:2016 is developed according to ISO 9001:2008, you won't have too much problems making the transition because all elements of ISO 9001:2008 will remain in the new version. When making transition to ISO 9001:2015 you will basically only need to add new requirements (context of the organization, risks and opportunities, etc) and leave all the old elements (quality manual, preventive actions, etc) because they are still required by ISO 13485:2016.
For more information, see: How to make the transition from ISO 9001:2008 revision to the 2015 revision https://advisera.com/9001academy/blog/2015/10/06/how-to-make-the-transition-from-iso-90012008-revision-to-the-2015-revision/ -
Surveillance audits
Answer: The activities in a surveillance audit are practically the same as for a certification audit (opening meeting, documentation review, operations review, etc.), the difference being that the surveillance audit scope is smaller and they are more focused on daily management system operations, instead on the verification if all mandatory requirements are implemented.
2 - What requirements are evaluated during this audit?
Answer: The requirements to be reviewed will depend on the surveillance plan that is established after the certification audit by the certification body. But there are elements that are always present, like management review, SoA review, audit process review and non conformity and corrective actions review.
This article will provide you further explanation about audits:
- Surveillance visits vs. certification audits https://advisera.com/27001academy/knowledgebase/surveillance-visits-vs-certification-audits/
These materials will also help you regarding audits:
- Preparing for ISO Certification Audit: A Plain English Guide https://advisera.com/books/preparing-for-iso-certification-audit-plain-english-guide/
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/ -
Conformity with EU GDPR
Answer: Only ISO 27001 is not enough. EU GDPR focus is on protection of personal information, and ISO 27001 focus is to protect information in general. From the ISO 27000 family, ISO/IEC 27018 should also be consulted (Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors).
This article will provide you further explanation about ISO 27001 and EU GDPR:
- Does ISO 27001 implementation satisfy EU GDPR requirements? https://advisera.com/27001academy/blog/2016/10/17/does-iso-27001-implementation-satisfy-eu-gdpr-requirements/
This material will also help you regarding ISO 27001 and EU GDPR:
- What is EU GDPR and how can ISO 27001 help? https://info.advisera.com/27001academy/free-download/what-is-eu-gdpr-and-how-can-iso-27001-help -
Questions regarding clauses 8.3 and 6.1
“The organization shall establish, implement and maintain a design and development process that is appropriate to ensure the subsequent provision of products and services”.
My interpretation of this clause is; organisation should design and develop process FOR provision of products and services. The organisation I work for generate, transmit and distribute electricity. Am I wrong that the standard is not interested in the design of electricity but wants us to design and develop processes to provide that electricity and associated services?
Answer: The standard is referring to design and developing of products or services and not processes, so in case of your company you can exclude clause 8.3 from the scope of QMS. For more information, see: What clauses can be excluded in ISO 9001:2015? https://advisera.com/9001academy/blog/2015/07/07/what-clauses-can-be-excluded-in-iso-90012015/2015/
Clause 6.1 reads as thus; “When planning for the quality management system, the organization shall consider the issues referred to in 4.1 and the requirements referred to in 4.2 and determine the risks and opportunities that need to be addressed.
The reading of the clause gives me an indication that risks and opportunities should first be Determined in relation to the “QMS Processes defined” in response to clause 4.4 and then ACTION taken.
Please help me in interpreting these clauses 6.1 and 8.3
Answer: Organization needs to consider risks and opportunities emerging from the context of the organization and that includes he QMS processes. Actions to address risks and opportunities cannot be defined or taken without identifying risks and opportunities first.
For more information, see: How to address risks and opportunities in ISO 9001 https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/ -
Management representative in ISO 9001:2015
Answer:
The article you've reading is written according to ISO 9001:2008 which required management representative as a mandatory role in QMS (Quality Management System). New version of the standard does not require management representative as a mandatory role, however the standard still requires roles and responsibilities within the QMS to be assigned.
For more information, see: What will be the destiny of the management representative in the new ISO 9001:2015? https://advisera.com/9001academy/knowledgebase/what-will-be-the-destiny-of-the-management-representative-in-the-new-iso-90012015/ -
Documents for ISO 45001 implementation
Answer:
Since the official version of ISO 45001 is not published yet (it is expected by the end of this year), I can only tell you what I know based on the draft version of the standard. Keep in mind that this is subjected to change and we cannot know with 100% certainty what will be requirements for documentation of the official ISO 45001 before it is published.
The most important group of documents needed for implementation of ISO 45001 are the ones explicitly required by the standard, the company must have these documents in order to be compliant with the standard. This includes the policy, objectives, procedures and records.
The second group of the documents are the ones that are not mandatory but the company finds them necessary for maintaining the Occupational Health and Safety Management System, this can be various procedures, policies, work instructions and records that can be useful for maintaining the system although they are not explicitly required by the standard.
For more information about documents used in ISO 45001 implementation, see: List of mandatory documents required by DIS ISO 45001:2016 https://advisera.com/18001academy/blog/2016/01/27/list-of-mandatory-documents-required-by-dis-iso-450012016/