|
April, 2005
Welcome to the
Whittington & Associates e-Newsletter!
Visit and
bookmark our web site today: http://www.WhittingtonAssociates.com
This e-Newsletter is in HTML
format and may not be displayed properly by some email programs. Please
click on our web site address above
to see the e-Newsletter with its proper formatting.
April Articles
|
Atlanta Classes |
|
To see a list of recommended
ISO 9001, Auditing, and Six Sigma books, click on:
http://www.whittingtonassociates.com/v2/books.shtml
Click on a title to
jump to the
article:
1. ANAB Advisory
on Conflict of Interest with Consulting
2. ANSI to
Accredit Food Safety Auditors
3. ISO to Develop New
Food Safety Standard
4. Best Practices for Information Retention
and Maintenance
5. Registrar
Rankings in United States and by Industry Standards
6.
Classes: April, 2005 - June, 2005
Call us at 1-800-404-7585 for these 1-day onsite classes:
- AS9100B:
Requirements Beyond ISO 9001:2000
- ISO 9001:2000 Auditor
Update - The
Process
Approach
- Understanding
ISO/TS
16949:2002
Requirements
To
see previous
articles, go to Newsletter
Archives.
To avoid this
newsletter
being rejected, or placed in a junk folder, please add <Larry@WhittingtonAssociates.com>
to your address
book or accepted list.
|
Students attending
a class in Atlanta receive a 20% discount on future Atlanta classes.
ISO
9001:2000 Lead Auditor
April 18-22, 2005
June 20-24, 2005
ISO
9001:2000 Internal Auditor
May 24-26, 2005
July 12-14, 2005
Understanding ISO 9001:2000 Requirements
May 16, 2005
Quality System Documentation
May 17-18, 2005
Implementing ISO 9001:2000
May 19-20, 2005
Green
Belt Certification
May 23-25, 2005
Black
Belt Certification
Group 15 (3 weeks): April 4-8
+ May 2-6 + June 6-10
Training
Classes in
Other Cities
|
|
1. ANAB Advisory on Conflict of Interest with
Consulting
|
This article
is based on ANAB Advisory 16. To see other Advisories, go
to: http://www.anab.org and click on "Advisories".
ANAB Advisories represent positions taken, or policies established, on
operational issues related to programs operates by ANAB. One basis of
the value of third-party conformance assessment and
certification is that the registration process, audits,
and certification decision
are objective and impartial and not influenced by conflicting
interests. This basic premise is
unambiguously expressed in ISO Guides 62 and 66 and related IAF
Guidance.
The requirements for safeguarding impartiality apply at three levels:
the structure and operation of the certification body (CB), personnel
(including employees, contractors,
and subcontractors), and relationships with other bodies.
There has been satisfactory experience safeguarding impartiality of
audits with the historic and longstanding requirement that an auditor
for a third-party registration audit cannot have consulted with the
client organization being audited for at least two years (IAF Guidance
on the Application of ISO Guide 62:1996 Clause G.2.1.30 and IAF
Guidance on the Application of ISO
Guide 66:1999 Clause G.4.1.29).
There has also been satisfactory experience safeguarding impartiality
of audits and registrations for the automotive sector with the
following QS-9000 requirement: “Organizations that have provided quality system consulting services in
the past two years to a particular client
are not acceptable as certification bodies/registrars for that client,
nor may they supply auditors. This
restriction includes subsidiaries or affiliates of the same parent
company” (QS-9000:1998 Appendix B Clause 9).
This successful experience with auditors and the automotive sector led
the aerospace sector to establish a similar requirement: “CRBs
processes and requirements to obtain an AQMS
sector qualification, shall include as a minimum: prohibition against
certifying/registering an
organization to an AQMS with whom a related body has provided
consulting services related to certification/registration
of said organization within the past two year. Any individual, who has
in
the past two years provided consulting
services to an organization, shall have no involvement with the
certification/registration of that
organization. Where there might appear to be a conflict of interest,
either through consulting or the offering of
training to a potential client, this shall be disclosed to the ABs
and RMC prior to performing the registration process to determine if
there is a conflict of interest” (SAE AIR5359: 2003 Clause 6.3j).
There is within the United States a very heightened awareness of the
conflict of interest when an organization or related organizations
provide both auditing and consulting. This
heightened awareness led many stakeholders to challenge the safeguards
in the third-party
certification system for ISO 9001 and ISO 14001 management
systems. This challenge was posed directly to
the ANAB, as the national accreditation body for the United States.
This led the ANAB Board of
Directors to form an ad-hoc Conflict of Interest Task Force. The task
force recommended that ANAB implement
this requirement now as an Advisory, rather than waiting for the
adoption of ISO 17021 (Conformity
assessment - Requirements
for bodies providing audit and certification of management systems) to improve safeguards that prevent conflicting
interests between a CB and a
management systems consultancy. ISO/CASCO Working Group 21 has
developed what is generally perceived to
be a better solution to this issue by focusing on the activity that is
of concern rather than relying upon
a definition of a related body. Therefore, this Advisory is changed to
be consistent with the wording in ISO/DIS 17021.
To understand this Advisory, it is necessary to have a definition for
management systems consultancy. The following is the definition from
ISO/DIS 17021:
Definition: Management System Consultancy - participation in
designing,
implementing, or maintaining a management system.
Examples
a. preparing or producing manuals or procedures;
b. giving specific advice, instructions, solutions, or training towards
the development and implementation of a management system;
c. conducting internal audits.
Note: Arranging training and participating as a trainer is not
considered consultancy, provided that where the course relates to
management systems or auditing, the course is
confined to providing generic information and advice that is freely
available in the public domain,
that is, the trainer should not provide company-specific solutions.
Advisory
A CB shall not certify a management system for a client that has
received management systems consultancy on the same management system,
where the relationship
between the consultancy body and the CB poses an unacceptable threat to
the impartiality of the
certification body.
Note 1: Allowing a minimum period of two years to elapse following the
end of the management system consultancy is one way of reducing the
threat to impartiality to an
acceptable level.
Note 2: A relationship that threatens impartiality between the CB and
management systems consultancy body may be based on ownership,
governance, management, personnel,
shared resources, finances, contracts, marketing, and payment of a
sales commission, or other
inducement for the referral of new clients, etc.
Note 3: This Advisory is not intended to apply to an individual under
the direct contractual control of a CB because other accreditation
requirements apply that prohibit any
auditor from participating on an audit for a client that the auditor
may have consulted or was otherwise employed by
the client for at least two years.
2. ANSI to Accredit Food Safety Auditors |
The Food Marketing
Institute
(FMI) has selected the American National Standards Institute (ANSI) to
accredit the certification bodies that audit suppliers under FMI’s Safe
Quality Food (SQF) Program. This new partnership is designed to help
strengthen food safety procedures and improve quality for consumers.
ANSI will help ensure the
auditing organizations are legal
entities, independent and free of conflicts of interest, employ
qualified people, have proper oversight, and otherwise comply with the
requirements of ISO Guide 65.
“Accreditation provides
the
necessary additional oversight of the certification and auditing
function,” said Paul Ryan, executive director of the SQF Institute, the
FMI division that administers the program. “If a food safety
certification program is going to have credibility and be
internationally recognized, it must have an accreditation component. Through our partnership
with
ANSI, the U.S. now has a system in place for meeting this requirement.
FMI is pleased that ANSI has agreed to provide an accreditation service
for its SQF certification bodies.”
“ANSI brings worldwide
credibility, a knowledgeable and professional staff and a long history
of accreditation activities similar to our new partnership with the SQF
Institute,” said Reinaldo Figueiredo, ANSI program director of product
certification accreditation. “We look forward to working with FMI to
encourage participation by certifiers in this program.” Seven certification bodies
already have expressed strong interest in participating in this
program.
The SQF Program is a fully
integrated food safety and quality management system that enables a
food supplier to ensure that its products have been produced, prepared,
transported, stored, and handled according to the most rigorous
international standards. The program has established standards for both
third-party auditing and training.
SQF certification is the
most
important feature of the program. It ensures that suppliers use the
Hazard Analysis and Critical Control Point (HACCP) system, a
science-based method used by the food industry worldwide to minimize
food safety risks. The SQF Program outlines safety and quality
requirements for all food commodities, including raw materials and
ingredients, processed and prepared foods and beverages — from grains,
produce, and meat to canned goods, fruit juices, and sushi.
Currently 4,000
businesses
in 17 countries are certified as complying with SQF standards. For more
information, go to: (http://www.sqfi.com).
3. ISO to Develop New Food Safety Standard |
ISO/FDIS 22000, Food
Safety Management Systems - Requirements for Organizations throughout
the Food Chain, has been approved for Final Draft status. It combines
quality concepts from ISO 9001:2000 with the Hazard Analysis and Critical Control Point
(HACCP) system. This standard is intended for use by farmers, ranchers,
food processors, wholesalers, distributors, retail stores, and food
outlets.
The five key elements of ISO 22000 are 1) interactive communication, 2)
system management, 3) process control, 4) HACCP principles, and 5)
prerequisite programs, such as good manufacturing practices, good
hygienic practices, and good veterinarian practices. This new standard
on food safety is planned for publication by the end of 2005.
|
4. Best Practices for Information
Retention and Maintenance |
Leading global technology companies
have announced the formation of the Compliance and Management of
Electronic Information (CMEI) Working Group. As part of the Internet
Law & Policy Forum (ILPF), the CMEI Working Group will work with
both public and private sector representatives, as well as other
industry groups, to create a global, cross-industry framework for
managing electronic information for compliance.
Hitachi
Data Systems, HP, Network Appliance, Open Text, Oracle, Plasmon, Sun
Microsystems, and
VERITAS Software Corporation will provide guidance on best practices
for companies working to comply with information retention and
maintenance regulations. Additionally, the group will offer counsel to
legislators regarding technical and business challenges of regulatory
compliance and facilitate information exchange between business,
technology, and regulatory bodies.
AMR Research predicts that companies will spend
$6.1 billion in 2005
just to comply with the Sarbanes-Oxley Act, which is in addition to the
resources already committed to retention and maintenance requirements
found in US federal, state, and international law. The rapid growth of
regulation, combined with the ambiguity of many of the requirements,
has made compliance not only difficult and expensive, but also in some
cases impossible.
For example, a financial institution
based in the US with offices in the UK is required to comply with both
US data regulations and UK data laws. Under US law, companies must
retain all records, including customer data, for seven years. In the
UK, a company must immediately destroy all customer information when
the customer terminates his relationship. No matter what the company
does, it will violate one of these laws.
As a result of market conditions, legal
concerns, and
regulatory requirements, companies, technology vendors, and regulators
are facing specific challenges, but there is common ground when it
comes to compliance:
- Regulators want to raise the levels of
compliance as quickly as
possible
- Companies want to minimize the risk of
non-compliance
- Technology vendors want to provide
solutions that help customers
address regulatory requirements
“Global businesses and legislators are working
diligently to make
universal regulatory compliance a reality,” said David Yockelson,
executive vice president, META Group. “Having this broad base of
technology vendors working together to help facilitate discussions
about compliance and provide advice around best practices is a valuable
asset for stakeholders on all sides of the compliance issue.”
The CMEI Working Group will develop and
publish
best practices,
checklists and summaries of legal and regulatory requirements to
provide compliance guidance. Additionally, the group will hold a series
of forums where technology vendors, regulated entities, government
leaders, and policy experts can discuss the impact of law on end users
and develop recommendations and guidelines that will facilitate
compliance while allowing companies to continue effective business
operations.
The
ILPF is a non-profit organization that provides a neutral forum for
challenges posed by the Internet on law, policy, technology and
businesses
worldwide. Beyond the CMEI, the organization hosts working groups
focused
on spam, self-regulation, security and policy, content liability,
electronic
authentication, and jurisdiction.
The
CMEI site will host documentation on best practices for information
retention and maintenance regulations, provide counsel and exchange
information with various businesses, legislative bodies, and regulatory
agencies in various workshops, and publish checklists and summaries of
legal
and regulatory requirements for interested companies. The working group's
intention right now to offer its downloadable
items
from its web site for free. For more
information, please see www.ilpf.org.
5. Registrar Rankings in United States and
by Industry Standards
|
Quality Systems Update has
unveiled a new global ranking of certification bodies based on its free
search engine, WhosRegistered.com.
Based on submissions to QSU Publishing as of December 1, 2004, the
registration totals for different geographic areas and industries are
shown below:
ISO 9001
World-Wide |
ISO 9001
United States |
BSI
|
40,788
|
BSI
|
5,389 |
PJR
|
9,230
|
QMI |
3,742 |
URS
|
8,032
|
DNV |
3,285 |
QMI
|
7,579
|
PJR |
3,232 |
ABS QE
|
5,789
|
UL |
3,028 |
SGS
|
4,402
|
LRQA |
2,944 |
DNV
|
4,357
|
BVQi |
2,180 |
UL
|
3,573
|
ABS QE
|
1,940 |
LRQA
|
3,373
|
SGS |
1,904 |
| Intertek |
2,781
|
NQA |
1,696 |
AS9100
United States |
ISO
13485
United States |
TL
9000
United States
|
ISO/TS
16949
United States |
DNV
|
263
|
BSI
|
553
|
LRQA
|
43
|
BSI
|
829
|
PJR
|
228
|
TUV
|
86
|
QMI
|
42
|
LRQA
|
194
|
BSI
|
207
|
LRQA
|
72
|
BSI
|
41
|
IEAC
|
140
|
NQA
|
181
|
Intertek
|
49
|
DLS
|
28
|
DNV
|
86
|
BVQi
|
111
|
SGS
|
33
|
BVQi
|
27
|
NQA
|
50
|
To identify the certification body
abbreviations, or see the contact information, go to
(http://www.qsuonline.com/BodyPages/Registrars.html).
|
6. Class Schedule: April, 2005 - June, 2005
|
To enroll
in these
public classes, you can click on the course title, go to Class
Schedule at our web site, or call us at 800-404-7585.
Classes
taught by Larry Whittington are shown in yellow.
ISO
9001:2000 Lead
Auditor (RABQSA Certified) - BSI Management Systems
Initial
course version developed by Larry Whittington
| April |
May |
June |
| 04-08 Chicago, IL |
02-06 San
Diego, CA |
06-10 Las
Vegas, NV |
| 11-15 Newport Beach, CA |
09-13 Reston, VA |
13-17 Reston, VA |
| 18-22 Atlanta, GA |
16-20 San
Juan, PR |
20-24 Atlanta, GA |
| 18-22 Providence, RI |
23-27 Columbus, OH |
20-24 Chicago, IL |
| 25-29 Memphis, TN |
- - |
- - |
ISO
9001:2000
Internal Auditor (RABQSA Certified) - BSI
Management Systems
Initial course version developed by Associate at Whittington & Associates
| April |
May |
June |
| 19-21
Newport Beach |
24-26
Atlanta, GA |
01-03 San
Diego, CA |
| - - |
24-26
Reston, VA |
- - |
Implementing
ISO
9001:2000
Course
developed by Larry Whittington
| May |
July |
| 03-04
Reston,
VA |
07-08
Newport Beach, CA |
| 19-20 Atlanta, GA |
- - |
Understanding
ISO
9001:2000
| May |
July |
| 02
Reston, VA |
06 Newport Beach, CA |
Understanding
ISO
9001:2000 Requirements (Atlanta Only - $295)
Course
developed by Larry
Whittington
| May |
August |
| 16
Atlanta, GA |
22 Atlanta, GA |
Quality
System
Documentation (ISO 9001:2000)
Course
developed by Larry
Whittington
| May |
August |
| 05-06 Reston,
VA |
23-24 Atlanta, GA |
| 17-18
Atlanta, GA |
- - |
The above
public
courses can
be offered on-site at your facility. In addition, we offer these
on-site courses:
- ISO 9001:2000
Auditor Update - The
Process
Approach (1 Day) - Course developed by Larry
Whittington
- Understanding
ISO/TS 16949:2002
Requirements (1 Day) - Course developed by Larry
Whittington
- Internal
Quality
Auditing (2 Days) - Course developed by Larry
Whittington (based on ISO 19011)
- AS9100B:
Requirements Beyond ISO 9001:2000 (1 Day) - Course developed by Larry
Whittington
To arrange
an
economical
on-site class, please call us at 800-404-7585.
© 2000-2005 Whittington & Associates, LLC. All
rights reserved.
You may copy this e-Newsletter provided you copy it completely, do not change
it, and include this copyright notice.
|
