Welcome to the Whittington & Associates
e-Newsletter!
Visit and bookmark our web
site.
Our newsletters provide guidance on ISO 9001,
AS9100, ISO 13485, ISO/TS 16949, TL 9000, ISO
14001,
ISO 27001, ISO 20000, ISO 22000, and related ISO
standards, as well as, Six Sigma.
If you have any questions about the articles
appearing in this issue, or you want to suggest
topics for future issues, please let us
know.
Ask EPA
Ask EPA is an online interactive forum where
you can discuss a wide range of environmental
and human health issues with EPA's senior
officials.
Past sessions have included: the efficient
use of water to save money and protect the
environment; holding polluters accountable to
deliver a cleaner, healthier America;
environmental risks and benefits of nanoscale
chemical products; the Energy Star program,
and recycling.
To see the schedule for these free, one-hour
sessions, go to this EPA
Upcoming Sessions web page.
You can submit questions for a session
beginning two days before the session.
To see the transcripts of past sessions, go
to this EPA
Transcripts web page.
To get on the email list for the
announcements of these sessions, or
to subscribe to other EPA notices, go to the EPA
Subscribe web page.
Outsourced Processes
Has your organization outsourced any
processes? Are these processes being properly
controlled?
ISO 9001:2000 clause 4.1 states: "Where an
organization chooses to outsource any process
that affects product conformity with
requirements, the organization shall ensure
control over such processes. Control of such
outsourced processes shall be identified
within the quality management
system."
What is considered an outsourced process?
Document ISO/TC 176/SC 2/N 630R2 at the ISO
web site describes an "outsourced process" as
a process that has been identified as needed
for the quality management system, but one
which the organization has chosen to be
carried out by an external party.
An outsourced process can be performed by a
supplier that is totally independent from the
organization, or which is part of the same
parent organization. For example, a separate
department or division not subject to the
same quality management system. The process
may be provided within the physical premises
or work environment of the organization, or
at an independent site.
The intent of Clause 4.1 is to emphasize that
when an organization chooses to outsource a
process (permanently or temporarily) that
affects product conformity, it cannot simply
ignore this process or exclude it from the
quality management system. The organization
has to demonstrate it exercises sufficient
control to ensure the process is performed
according to the relevant ISO 9001:2000
requirements, as well as, the requirements of
the quality management system.
The nature of this control will depend on the
importance of the outsourced process, the
risk involved, and the competence of the
supplier. Also, the outsourced process will
interact with other processes (either carried
out by the organization or outsourced). These
interactions must be managed as required by
ISO 9001:2000 clauses 4.1.a (process
identification) and 4.1.b (sequence and
interaction).
The acquisition of an outsourced process will
normally be subject to the requirements of
both ISO 9001:2000 clause 7.4 (Purchasing)
and clause 4.1 (General Requirements). In
some situations, the organization might not
actually "purchase" the outsourced process.
It might receive the service from a corporate
office or from another division, without a
monetary transaction taking place. Under
these circumstances, however, ISO 9001:2000
Clauses 7.4 and 4.1 are still applicable.
There are two situations that frequently must
be considered when deciding the appropriate
level of control of an outsourced process:
1. When an organization has the competence
and ability to carry out a process, but
chooses to outsource that process (for
commercial or other reasons), the process
control criteria should already have been
defined and can be transposed into
requirements for the supplier, if necessary.
2. When the organization does not have the
competence to carry out the process itself,
and chooses to outsource it, the organization
has to ensure the controls proposed by the
supplier of the outsourced process are
adequate. In some cases, it may be necessary
to involve external specialists in making
this evaluation.
It may be convenient, or even necessary, to
define some or all of the methods to be used
for control of the outsourced processes in a
contract between the organization and the
supplier. Care should be taken, however, not
to inhibit the supplier from proposing
innovations to the outsourced process.
In some situations, it might not be possible
to verify the output from the outsourced
process by subsequent monitoring or
measurement. In these cases, the organization
must ensure the control over the outsourced
process includes process validation in
accordance with ISO 9001:2000 clause
7.5.2.
The new ISO/DIS 9001:2008 standard has added
two notes under clause 4.1 to further explain
outsourced processes. One note says, "An
outsourced process is identified as one being
needed for the organization's quality
management system, but chosen to be performed
by a party external to the
organization."
The other note says, "The type and nature
of control to be applied to the outsourced
process may be influenced by factors such as,
a) the potential impact of the outsourced
process on the organization's capability to
provide product that conforms to
requirements;
b) the extent to which the control for the
process is shared;
c) the capability of achieving the necessary
control through the application of clause
7.4.
Ensuring control over outsourced processes
does not absolve the organization of the
responsibility of conformity to all customer,
statutory, and regulatory
requirements."
To audit the outsourcing of processes, an
auditor might ask these questions:
1. Have any processes been outsourced?
2. What is your criteria for outsourcing?
3. How are the suppliers being evaluated?
4. Are relevant ISO 9001 requirements
assigned?
5. What outsourcing controls are in place?
6. How is risk considered in the controls?
7. How is supplier performance evaluated?
8. How are supplier problems handled?
If an organization uses outsourced processes, it
is still responsible for conforming to
customer and legal requirements. Carefully
evaluate the suppliers of outsourced
processes according to ISO 9001:2000, clause
7.4.1, as you must for all other suppliers of
products and services.
Calibration Software
Regardless of size, facilities with the need
to calibrate instruments can benefit by
implementing calibration software. These
software products allow an organization to
maintain its calibration records, calibration
procedures, instrument location, and
instrument history in a secure, readily
accessible database.
Another advantage of using calibration
software is it can alert the operator when an
instrument is due for calibration, prevent
the use of overdue instruments, and
communicate the overall performance of the
measurement system.
Automated management trumps the abilities of
homegrown software because an Access database
or an Excel spreadsheet still relies on
someone looking at it periodically to act on
what the data is telling them. However,
calibration software informs you, 'This
instrument is due."
The software can send an e-mail to remind
operators that a gage is due for calibration,
they failed to take action, or the gage is
missing. Instrument due-date alerts can
escalate through an organization's hierarchy.
For example, if an operator isn't responding
to an alert, the manager can receive e-mail
notification that the issue is not being
promptly handled.
When an organization is being audited,
calibration software can help with both
preparation and the audit. With a paper
system, locating records can be a daunting
task. With a computerized approach, verifying
that the system works correctly is the focus,
rather than dealing with how the system
works.
Calibration solutions are typically able to
integrate with measurement system assessment
activities and inspection software. Other key
features to look for include bar code
reading, expansive statistical capabilities,
automated printing of labels and
certificates, grouping of instruments, and
visual representations of instruments.
In general, calibration solutions are moving
toward the use of centralized databases to
allow multiple users and locations to share
data. And, because many organizations
outsource much of their calibration needs,
solutions are available that allow users to
interface with their calibration vendors.
Considerations
When considering which calibration software
solution fits your needs, thoroughly analyze
prospective solutions by asking questions
such as:
Will the software help us meet industry
or customer requirements?
Do we need basic or expansive
functionality and features in a solution?
How many users or locations will need
access to the software?
Organizations should also be aware of factors
such as whether or not a solution supports a
calibration system directly, integrates with
other enterprise systems, offers bar code
reading, or has the capability to expand to
perform future tasks. Beyond the initial
purchase cost, find out how often the
software is updated, what type of support is
offered, and what additional costs may be
incurred, e.g., maintenance activities.
Price vs. Capability
Calibration software ranges in price and
capability, and your organization's
situation, size, throughput, and resources
should dictate the product selection.
Low-cost solutions are appropriate for small
shops in which calibration data is needed for
only one location, few instruments need
calibrating, and with minimum requirements
for industry compliance. These will be
stand-alone solutions that offer basic gage
surveillance features, calibration and
measurement history, and reporting
tools.
Mid- to high-end software is appropriate for
organizations looking to implement a large
deployment of a common solution. Such
software will be feature rich and will have
advanced statistical capabilities;
furthermore, it will enable multiple users
and locations to share data through the use
of centralized databases or a web-based
architecture.
When multiple computers or manufacturing
locations require access to calibration data,
a system that allows open database
connectivity to a central database is
required. In laboratory environments, a
hosted web-based solution that automatically
collects calibration data from instruments
may be the answer.
Also, mid- to high-range software will
provide scalability, reliable product
support, and a focus on continuous adherence
to industry standards, such as, ISO 9001 and
ISO 17025; with solutions that satisfy the
requirements of 21 CFR Part 11 and 10 CFR 50
tending to be more expensive.
Quality Online
Visit Quality
Online and type "Calibration Software"
into the search engine to find related
articles. Among the results you'll find:
"Finding the Right Calibration Software"
"How to Choose a Calibration Software
Solution"
"Size Up Gage Calibration Software"
"Successful Software Selection"
Note: This article was based on "Finding the
Right Calibration Software", an article by
Steve Wichelecki in the March 2008 issue of
Quality magazine.
International Energy Management Standard
ISO has approved the creation of a project
committee to develop an international
standard on energy management. The standard
will provide all types of organizations a
practical and widely recognized approach to
increase energy efficiency, reduce costs, and
improve environmental performance. If you are
interested in participating in the
development of this standard, please see the
contact information at the end of this
article.
The standard is intended to be broadly
applicable to various sectors of national
economies, including utility, manufacturing,
commercial building, general commerce, and
transportation sectors. As a result, the
standard could have an influence on as much
as 60 percent of the world's energy
demand.
ISO Secretary-General Alan Bryden commented:
"The urgency to reduce GHG emissions, the
reality of higher prices from reduced
availability of fossil fuels, and the need to
promote efficiency and the use of renewable
energy sources, provide a strong rationale
for developing this new standard building on
the most advanced good practices and existing
national or regional standards".
Following the successful examples of the ISO
9000 series on quality management and the ISO
14000 series on environmental management, the
project committee ISO/PC 242, Energy
Management, will consider the development of
a standard that provides management system
requirements together with guidance for use,
implementation, measurement, and metrics. The
standard will be based on the continual
improvement and Plan-Do-Check-Act approach
utilized in ISO 9001 and ISO 14001 to provide
compatibility and integration
opportunities.
Among the main benefits of the future
standard are that it will:
provide organizations with a
well-recognized framework for integrating
energy efficiency into their management
practices
offer organizations with operations in
more than one country a single, harmonized
standard for implementation across the
organization
provide a logical and consistent
methodology for identifying and implementing
improvements that may contribute to a
continual increase in energy efficiency
across facilities
assist organizations to better utilize
existing energy consuming assets, thus
reducing costs and/or expanding capacity
offer guidance on benchmarking,
measuring, documenting, and reporting energy
intensity improvements and their projected
impact on reductions in GHG emissions
create transparency and facilitate
communication on the management of energy,
promote energy management best practices,
thus reinforcing the value of good energy
management behaviors
assist facilities in evaluating and
prioritizing the implementation of new
energy-efficient technologies
provide a framework for organizations to
encourage suppliers to better manage their
energy, thus promoting energy efficiency
throughout the supply chain
facilitate the use of energy management
as a component for projects in the context of
GHG emission reduction projects.
The secretariat of ISO/PC 242 will be held
jointly by the ISO members for the United
States (American National Standards
Institute: ANSI) and for Brazil (Associação
Brasileira de Normas Técnicas: ABNT). ANSI
has approved the formation of a United States
Technical Advisory Group (US TAG) for ISO PC
242.
The TAG is a mechanism for identifying issues
and developing national consensus regarding
energy management. The TAG's primary purpose
is to develop and transmit to the
International Organization for
Standardization (ISO), via ANSI, the US
position on
activities and ballots of their ISO Project
Committee.
The US TAG for PC 242 will consist of experts
and practitioners in the field of energy
management. The selected delegates will
participate in the activities of ISO/PC 242,
including the development of the ISO standard
on energy management and others that will be
approved in the future. Participation in the
US TAG 242 provides an opportunity for
representatives of all affected U.S.
constituencies (industry, commerce, NGO,
education, government, etc.) to influence the
development of international energy
standards.
If you are interested in participating in the
development efforts of the international
standard through the US TAG for PC 242,
please contact Deann Desai with the Georgia
Institute of Technology Enterprise Innovation
Institute - Energy and Environmental
Management Center (GTEEMC). Ms. Desai will
provide you with an application for
participation in the US TAG or answer any
questions that you may have regarding the
matter.
Ms. Desai can be reached by email at
deann.desai@gatech.edu, or by mobile phone at
770-605-4474, or by mail at 760 Spring Street
NW, Suite 300, Atlanta, GA 30332-0640.
AS9100, AS9110, or AS9120?
Which standard, AS9100, AS9110, or AS9120, is
applicable to an organization in the
aerospace industry? According to the
International Aerospace Quality Group (IAQG),
the three quality management system standards
are to be applied as follows:
AS9100 - Quality Management Systems -
Aerospace - Requirements
AS9100:2004, Revision B, is intended
for use by organizations that design,
develop, and/or produce aviation, space, and
defense products; as well as, by
organizations providing post-delivery
support, including the provision of
maintenance, spare parts, or materials for
their own products.
AS9101:2006, Revision C, is the
Quality Management System Assessment
standard. It defines the content and
presentation of the AS9100 Assessment
Report.
AS9110 - Quality Management Systems -
Aerospace - Requirements for Maintenance
Organizations
AS9110:2003 is intended for use by
organizations whose primary business is
providing maintenance, repair, and overhaul
services for aviation sector products. It is
tailored for organizations with National
Airworthiness Authority (NAA) repair station
certification, but is also suitable for
non-certificated organizations, including
those that provide maintenance, repair, and
overhaul services for military aviation
products.
The standard is also intended to be used by
organizations with maintenance, repair, and
overhaul operations that operate
autonomously, or that are substantially
different from their manufacturing
operations.
AS9111:2005 is the Quality Management
System Assessment standard for Maintenance
Organizations.
AS9120 - Quality Management Systems -
Aerospace - Requirements for Stockist
Distributors
AS9120:2002 is intended for use by
organizations that procure parts, materials,
and assemblies and sell these products to a
customer in the aviation, space, and defense
industries. This includes organizations that
procure products and split them into smaller
quantities.
This standard is not intended for
organizations that rework or repair products.
Organizations that perform work that affects,
or could affect, product characteristics or
conformity should use AS 9100 or another
general quality management system
standard.
AS9121:2007, Revision A, is the
Quality Management System Assessment standard
for Stockist Distributors.
Upcoming AS9100 Revision
AS9100 uses ISO 9001:2000 as its foundation,
with additional aerospace requirements
highlighted in bold, italic type. The ISO
9001 standard is being amended and its
release is expected in October this year.
This ISO 9001 revision is driving an update
of AS9100.
The first draft of the AS9100 revision was
issued November 8, 2007 based on the
September 20, 2007 draft of ISO 9001. The
publication of the AS9100 revision should be
a few months after the issuance of ISO
9001:2008.
The AS9110 (Maintenance Organizations) and
AS9120 (Stockist Distributors) standards are
undergoing a similar revision process. Since
they use AS9100 as the baseline, they are
expected to trail the AS9100 revision by
about six months.
The AS9101 checklist is being revised as a
more process-oriented tool, as well as, to
apply across AS9100, AS9110, and AS9120. It
will be introduced into the audit process as
organizations make the transition to the
revised AS9100, AS9110, and AS9120
standards.
AS9100 Training
If you are interested in implementing or
auditing an AS9100-based quality management
system, click on the titles below to see the
course descriptions and class schedules:
