Posts Tagged ‘quality requirements’
What Is The QMS Scope For ISO 9001?
The scope of the QMS should be based on the nature of the organization’s products and their realization processes, the result of risk assessment, commercial considerations, and contractual, statutory and regulatory requirements.
While ISO 9001 is generic and is applicable to all organizations (regardless of their type, size or product category), under certain circumstances, an organization may exclude complying with some specific ISO 9001 requirements (from clause 7), while being permitted to claim conformity to the standard. This is because it has been recognized that not all the requirements in this clause of the standard are relevant to all organizations.
To enable identification of what has been registered/certified, the scope of registration/certification should clearly define:
*the scope of the quality management system (including details of the product lines and related sites, departments, divisions etc. that are covered by it)
*the organization’s main processes for its product realisation or service delivery activities (such as design, manufacture and delivery), for the product lines that are covered
*any ISO 9001 requirement that has been excluded
ISO 9001: Verification of Effectiveness?
What exactly is verification of effectiveness? Many organizations struggle with this quality management requirement. When you are verifying the effectiveness of a corrective action you are seeking evidence that the causes of the problem have been removed or reduced. In a perfect world, each problem cause would be removed. This however is not always possible. Sometimes the best you can hope for is a reduction of the causes. The cause is still there, but it manifests itself less frequently or less severely. So the best option is to remove the cause, but the next best option is to at least reduce the cause.
The key to verification of effectiveness is evidence. You are seeking objective, factual evidence that your problem causes have been reduced or removed. This evidence usually takes the form of data or records. Another powerful form of evidence is your own first-hand observations. That’s not to say that you can’t accept verbal evidence, but records, data, and first-hand observations are certainly better and more easily audited. To improve your current corrective action process make sure that each time you act to correct a non-conformance, you go back and verify that what you did actually accomplished what you set out to do, “ remove or reduce the problem”. Some software applications available today can greatly aid an organization that is struggling with this requirement by prompting the responsible individual to review the corrective action taken so that a decision can be made as to the effectiveness of that action. Let’s face it, today small business owners are concerned about where each dollar is being spent and what the pay back will be. Software is one of the best ways to add value when organizations are continuing to down size.
ISO 9001 Calibration Considerations
Quality management system standards uniformly have requirements for controlling the devices used to measure, verify, test, and accept product and monitor the processes used to achieve specified results. Everyone seems to miss something. It’s almost inevitable. Perhaps it’s because this process is generally referred to as “calibration” and the mental image it conjures up is associated primarily with things like micrometers, depth gages, and comparators. The process is often much more elaborate, addressing appropriate consideration for gages, thermostats, software, jigs, timers, known-good-samples – a multiple of devices for measuring product or process. Controlling monitoring and measuring devices must, therefore, include multiple factors.
When used in the monitoring and measurement of specified requirements, the ability of computer software to satisfy the intended application shall be confirmed. This shall be undertaken prior to initial use and reconfirmed as necessary. If results from monitoring and measuring devices are fed into a computer and the program mathematically processes the results to provide an end result (for example using Microsoft Excel), the program should be “validated”. Typically, validation is done by comparing the results of the program with the results calculated manually. If the results do not match then it implies a fault in the software program (assuming the manual calculation is correct). Software validation should be carried out before the system is put into use. If the calculation algorithm of the program is modified then the validation exercise should be repeated.
The ISO Standard Says That Internal Audits Cannot be Completed by Someone Involved in the Activity. How Does a Small Business Meet This Requirement?
An organization that has fewer resources must look to other options, like outsourcing or cross-functional activities, to fulfill internal requirements for audit. There are many individuals and organizations that provide internal audit services to small companies at a fraction of the cost of employing personnel full time. The contracted individual or organization manages the planning process for internal audit based on your established procedures or you can develop the plans for ongoing internal audit. Another option is to train individuals within your organization that can perform internal audits and alternate audit activities between processes. For small companies this is often not possible as people are actively involved in all the processes and activities of the company; therefore, outsourcing is a better option to ensure objectivity.
AS9100 C, What’s The Hold UP?
The AS9100 revision C standard was released in January 2009 but as of now, no companies have been registered to it. This holdup is an result to a delay in the release of the accompanying AS9101D standard (checklist). This new checklist will take the place of the AS9101C checklist your auditor currently uses which simply breaks down the current revision of the AS9100 standard into question form.
Since the AS9100C standard is tied to the AS9101 D checklist, the general consensus within the aerospace industry is that it will not be before the 1st quarter of 2010, at the earliest, before any company can be registered to the requirements of the AS9100 C standard.
While we wait, is your AS9100 quality management system ready to meet this new standard? Your documentation may need a tune up, but it doesn’t need to be painful. There are AS9100 Templates that are available now that will help you move effortlessly to this new system. Now is the time to make ready, don’t make the mistake of waiting too long to upgrade your QMS.
Know Your AS9100 Aerospace Terms
The aerospace industry is very different from other industries. Filled with terms, acronyms and processes that catch many new suppliers, fighting to get into the industry, off guard while leaving potential customers wondering if it is worth taking a chance on them. It is worth the time to get to know some of the more common terms to ease this customer doubt. Here is a short list of terms to get familiar with:
AS9100 – standard created the SAE international to standardize the quality requirements between the main players in the aerospace industry, military and regulatory agencies. Built upon ISO 9001 with 80 additional clauses specific to the aerospace and military industries.
FAI (First Article Inspection) - This is the stated documentation procedure required in order to submit product in the aerospace industry. Defined in the AS9102 standard by SAE international this procedure is used to show compliance to product and process requirements.
FAIR (First Article Inspection Report) – The actual paperwork created by following the FAI procedure. A sample, compliant, form is supplied at the end of the AS9102 created by SAE international.
CAR or SCAR (Corrective Action Report or Supplier Corrective Action Report) – basic corrective action report given by or submitted to the customer or supplier.
MRB (Material Review Board) – Assigned board of members, usually based on experience and knowledge, that can disposition product that does not meet predefined quality requirements.
NC (Non-Conformance)- Product of processes that do not meet quality requirements.
NCR (Non-Conformance Report) – The documentation that records an NC.
QPR(s) (Quality Purchasing Requirements) – The quality requirements, usually placed on a purchase order, that describe the quality requirements of the product and the quality management system used to produce the product as well as record retention requirement.
FOD (Foreign object damage/debris) – Refers to any object that can compromise the proper function of a aerospace product or damage caused by such objects.
DPD (Digital Product Definition) – The procedure used to handle customer supplied data, including prints, cad data and numerical programs. Many international standard address DPD, the must commonly referred to is the Boeing DPD standard which can be found on Boeing’s website.
ITAR (International traffic in arms regulations) – US government regulation concerning arms or products and information pertaining to the production of arms (items on the US munitions list) and their transfer outside on the US or to persons within the US that are not citizens or permanent residents.
AS9100 Root Cause And Corrective Action
Root cause corrective action for nonconformance’s has long been a requirement in theaerospace industry as stated in the AS9100 standard. It is a process of determining the causes that led to a nonconformance or event, and implementing corrective actions to prevent a recurrence of the event. The requirements for corrective action have been imposed on the aerospace industry for decades and while not new, may not have been aggressively enforced.
Corrective action begins with clearly defining the actual problem. While this may seem simple,many recurring nonconformance’s result because the wrong problem was solved, only the result was fixed, or only one problem was corrected when there were really two or more problems. In order to fix a problem, it must be clearly and suitably defined. Frequently, the nonconformance identified is not really the problem, but the symptom of the problem.
The best ways to arrive at the true root cause of a nonconformance is collect and analyze data that will support your conclusions. There are many tools and methods to collect data that can aid in problem identification. Among these tools are software solutions which can collect and graph information for ease of analysis. AS9100 software applications can help your organization clearly and accurately identify the root cause of a problem, so that you can implement corrective action that will resolve and prevent the problem from reoccurring in the future.
What Must An Organization Do To Have An EMS That Meets The ISO 14001 standard?
The ISO 14001 standard requires that an organization put in place and implement a series of practices and procedures that, when taken together, result in an environmental management system. ISO 14001 is not a technical standard and as such does not in any way replace technical requirements embodied in statutes or regulations. It also does not set prescribed standards of performance for organizations. The major requirements of an EMS under ISO 14001 include:
A policy statement which includes commitments to prevention of pollution, continual improvement of the EMS leading to improvements in overall environmental performance, and compliance with all applicable statutory and regulatory requirements.
- Identification of all aspects of the organization’s activities, products, and services that could have a significant impact on the environment, including those that are not regulated
- Setting performance objectives and targets for the quality management system which link back to the three commitments established in the organization’s policy (i.e. prevention of pollution, continual improvement, and compliance)
- Implementing the EMS to meet these objectives. This includes activities like training of employees, establishing work instructions and practices, and establishing the actual metrics by which the objectives and targets will be measured.
- Establishing a program to periodically audit the operation of the EMS
- Checking and taking corrective and preventive actions when deviations from the EMS occur, including periodically evaluating the organization’s compliance with applicable regulatory requirements.
- Undertaking periodic reviews of the EMS by top management to ensure its continuing performance and making adjustments to it, as necessary.
What are The Supplier Requirements For AS9100?
The industry is quickly moving toward requiring their subcontractors and suppliers to be AS 9100 compliant and/or certified. By conforming to AS 9100 or becoming registered by a third party, suppliers can gain a competitive advantage and benefit from the improved processes and continuous improvement that is the foundation of ISO 9001:2000 certified Quality Management Systems.
Effective Dec. 2003 the Boeing Company began requiring all Boeing suppliers to be BQMS (Boeing’s Quality Management System) approved or have a waiver. AS 9100 Rev. B is a significant part of Boeing’s BQMS requirements.
General Electric Aircraft Engines (GEAE) was one of the first manufacturers to require AS 9000 compliance by all of their direct material suppliers. Currently, GEAE is requiring AS 9100 certification for all new suppliers, and existing suppliers have a gap audit and a certification audit performed to coincide with their existing surveillance audit schedule.
THE ISO9001 REQUIREMENTS FOR RECORDS
The standard states: Records established to provide evidence of conformity to requirements and of the effective operation of the quality management system shall be controlled. The organization shall establish a documented procedure to define the controls needed for the identification, storage, protection, retrieval, retention and disposition of records. Records shall remain legible, readily identifiable and retrievable. (ref. 4.2.4)
Let’s spell out each requirement:
- Legible – You must ensure handwritten records can be easily read and that you protect paper records from deterioration that might affect their readability.
- Readily Identifiable – Each record should be uniquely identified through a number, code, title, date, storage location or other appropriate method. Anyone looking at the records should be able to easily tell what they are looking at.
- Retrievable – Every record should be filed and stored in such as way as to be easy to find and access when needed.
In addition, you must have a documented procedure for controlling records. In the procedure you must address how your organization handles the following:
- Identification – What minimum information must be added to every record for identification (see “Readily Identifiable” above).
- Storage – How hardcopy and electronic records are stored to protect them.
- Protection – What methods must be used to preserve records from loss or wear and tear. For hardcopy records, you may want to include where files are kept, in what types of storage containers and any environmental concerns (moisture, temperature, etc.). For electronic records, be sure to include how the data is backed-up regularly.
- Retrieval – Describe how records are cataloged or otherwise organized to aid easy access.
- Retention Time – Specify minimum and/or maximum retention requirements for each type of record. Be sure to establish a schedule to review your records according to your requirements.
- Disposition – Determine how you will dispose of records when scheduled. For confidential records, be sure you are clear about how you intend to destroy the records.