2008 Newsletter Articles

Multi-Site Certification

Dec 8, 2008 in Newsletter | 0 comments

Some organizations end up with separate management system certificates across their multiple sites due to business demands, site readiness, process variations, or company mergers. Individual certificates might have been the best solution at the time, but if these organizations qualify, they should consider merging their multiple certificates into a single scope of certification. If the activities across the multiple sites are carried out in a similar manner, under the organization’s authority and control, the organization may qualify for...

Read More

ISO Certificate Survey

Dec 8, 2008 in Newsletter | 0 comments

The recently issued ISO Survey – 2007 reveals that ISO management system certificates are held in 175 countries, demonstrating that the international standards have become essential tools of the world economy. The principal findings of the survey are described below: ISO 9001:2000 (Quality Management): By the end of 2007, at least 951,486 ISO 9001:2000 certificates had been issued in 175 countries. The 2007 total represents an increase of 54,557, or a 6% increase over 2006. The Service sectors accounted for 32% of the certificates...

Read More

AS9100 OASIS

Dec 8, 2008 in Newsletter | 0 comments

The International Aerospace Quality Group (IAQG) wants to ensure continual improvement in the aerospace supply chain by focusing on: 1. Details and appropriateness of nonconformities identified during an audit. 2. Depth and adequacy of the root cause analysis and related corrective action plan. This IAQG activity was initiated because of the perception of poor root-cause analysis by AS9100 certified organizations, and the soft grading of findings by third party auditors. As a result, IAQG now requires certification bodies to enter additional...

Read More

Move to ISO 9001:2008

Dec 8, 2008 in Newsletter | 0 comments

Will you be ready for your transition audit to ISO 9001:2008? Although it was announced as not containing any new requirements, you still need to examine it to see how it might affect your quality management system. Since ISO 9001:2008 provides clarified requirements and new notes, these changes might cause your organization to interpret the requirements differently. Your certification body will expect to see evidence during the transition audit that you have carefully considered these differences and revised your quality management system...

Read More

EPCRA Amendments

Dec 8, 2008 in Newsletter | 0 comments

The Emergency Planning and Community Right-to-Know Act (EPCRA) establishes requirements for federal, state, and local governments, Indian tribes, and industry, regarding emergency planning and “Community Right-to-Know” reporting on hazardous and toxic chemicals. The Environmental Protection Agency (EPA) recently finalized several changes to the EPCRA reporting requirements. These changes include clarification on how to report hazardous chemicals in mixtures, and changes to the Tier I and Tier II forms. Additionally, the rules now...

Read More

Hazmat Security Plan

Nov 8, 2008 in Newsletter | 0 comments

The Pipeline and Hazardous Materials Safety Administration (PHMSA), within the Department of Transportation, has proposed a modification to its current security plan requirements for the transportation of hazardous materials. The proposed change was published in the Federal Register as 49 CFR Part 172, “Hazardous Materials: Risk-Based Adjustment of Transportation Security Plan Requirements; Proposed Rule”. PHMSA, in consultation with the Transportation Safety Administration (TSA) of the Department of Homeland Security (DHS), is...

Read More

A Perfect Order?

Nov 8, 2008 in Newsletter | 0 comments

Four industry associations have joined forces to create a set of metrics for gauging the performance of execution in production plants and warehouses. The associations are the Manufacturing Enterprise Solutions Association (MESA) International; Order Fulfillment Council (OFC); Supply Chain Execution Systems and Technologies Group (SCE Group) of the Material Handling Industry of America (MHIA); and Warehousing Education and Research Council (WERC). The group’s first paper was a report, “Improving Order Execution Performance: A...

Read More

Auditee Bill of Rights

Nov 8, 2008 in Newsletter | 0 comments

As an audited organization, do you stand up for your rights? Or, to avoid conflict, do you just accept whatever comes your way during the audit experience? Maybe it is time for an Auditee Bill of Rights, so organizations know what they should expect and demand from their auditors and certification bodies. A “bill of rights” is a list of rights that are considered important and essential by a group of people. A prime example is the first ten amendments to the United States Constitution, referred to as the Bill of Rights. However,...

Read More

Procedure vs. Instruction

Nov 8, 2008 in Newsletter | 0 comments

What is the difference between a procedure and an instruction? And, does it matter? A procedure is a specified way to carry out an activity. An instruction provides detailed directions on how to perform a task. Procedures and instructions can be documented, or not. If the activities and tasks are being carried out by competent people, written procedures and instructions may be unnecessary. The confusion between what is a procedure and what is an instruction is magnified when organizations refer to them by different names. For example, a...

Read More

RASCI Diagrams

Nov 8, 2008 in Newsletter | 0 comments

The RASCI Diagram can be used to clarify the roles and responsibilities in cross functional processes and projects. It helps determine who is Accountable, Responsible, Supporting, Consulted, or Informed. The RASCI Diagram splits activities down to five types of roles that make up the acronym RASCI: R = Responsible: the person(s) who performs the activity A = Accountable: the person held accountable for completion of activity S = Supporting: the person(s) that provide support for the work C = Consulted: the person(s) consulted before performing...

Read More

Employees are Biggest Security Threat

Oct 8, 2008 in Newsletter | 0 comments

According to research by Secure Computing, 80% of IT directors said in a recent survey that insider threats were their biggest security danger. Security problems created by employees are far more serious than the threats posed by external hackers and criminals, the new research reports. Less than one in five respondents said external threats from hackers are more dangerous. This could be due in part to 37 % of respondents saying they have experienced a leak of sensitive information in the past year. Email was identified by 34 % of respondents...

Read More

ISO 50001 Planned for Energy Management

Oct 8, 2008 in Newsletter | 0 comments

The first meeting of ISO’s new project committee PC 242, which is developing an International Standard on energy management, was held last month in Washington, DC, USA. The future ISO 50001 will establish a framework for industrial plants, commercial facilities, or entire organizations to manage energy. Targeting broad applicability across national economic sectors, the standard could influence up to 60% of the world’s energy use. The meeting was attended by delegates from the ISO national member bodies of 25 countries from all...

Read More

ISO/TR 90005 for Applying ISO 9001

Oct 8, 2008 in Newsletter | 0 comments

The new ISO/TR 90005:2008, Systems Engineering – Guidelines for the Application of ISO 9001 to System Life Cycle Processes, will be a valuable tool for applying the ISO 9001:2000 requirements to the acquisition, supply, development, operation, and maintenance of IT systems and related support services. ISO/TR 90005 adopts the IT system life cycle processes of ISO 15288 as a starting point for system development, operation, or maintenance, and identifies the equivalent requirements in ISO 9001:2000 that have a bearing on the...

Read More

Developing User Software Documents

Oct 8, 2008 in Newsletter | 0 comments

Anyone who uses application software needs accurate information about how the software will help the user accomplish a task. The documentation may be the first tangible item that the user sees and therefore influences the user’s first impressions of the software product. ISO 26514:2008 – Systems and Software Engineering – Requirements for Designers and Developers of User Documentation, covers the phases involved in designing, specifying, and producing user documentation. It is divided in two parts: 1. The first part covers...

Read More

Information Security in the Health Sector

Oct 8, 2008 in Newsletter | 0 comments

The highly sensitive area of personal health information, and how best to protect its confidentiality and integrity, while assuring its availability for healthcare delivery, is the issue addressed by ISO 27799:2008, Health Informatics – Information Security Management in Health using ISO 27002. ISO 27799 applies to health information in all its aspects – whatever form the information takes, whatever means are used to store it, and whatever means are used to transmit it. The standard specifies a set of detailed controls for...

Read More

Whittington Speaker at ASQ Audit Conference

Sep 8, 2008 in Newsletter | 0 comments

Audit Conference: Mastering the Game The 17th Annual ASQ Audit Division conference will be held October 16-17, 2008 in the home of the historic Masters Golf Tournament in Augusta, Georgia. Audits are more than a “game”, but there are some analogies we can draw that enable all of us, from beginner to “pro”, to improve our approach and execution. In short, “improving” or “mastering” our audit game. Getting equipped: Just as a beginning golfer gets equipped with the basic clubs, spikes, and other...

Read More

New QE 19011S:2008 Audit Guidance

Sep 8, 2008 in Newsletter | 0 comments

ISO 19011:2002, “Guidelines for Quality and/or Environmental Management Systems Auditing”, was issued in the United States as QE 19011. Due to the third-party and large organization focus of ISO 19011:2002, a US-only version, QE 19011S:2004, was developed and released. The QE 19011S:2004 standard included all the text from ISO 9011:2002, plus supplemental text for first-party (internal) audits and second-party (supplier) audits, as well as, guidance for small organizations. The new QE 19011S:2008, “Guidelines for Management...

Read More

* PDF File on Changes in ISO 9001:2008

Sep 8, 2008 in Newsletter | 0 comments

ccording to a joint announcement by the ISO (International Organization for Standardization) and the IAF (International Accreditation Forum), the two organizations have agreed to an implementation plan for a smooth migration to ISO 9001:2008. 1) Certification to ISO 9001:2008 will only be issued after publication of ISO 9001:2008 (expected before the end of 2008) and after a routine surveillance audit or re-certification audit against ISO 9001:2008. 2) One year after publication of ISO 9001:2008, all certifications issued (new certifications...

Read More

Software and System Test Documentation

Sep 8, 2008 in Newsletter | 0 comments

The IEEE 829-2008 standard for “Software and System Test Documentation” has been revised. The prior version described the format and content of numerous items of test documentation. The updated standard removes some items of test documentation and modifies the format and content of the remaining items. Test processes determine whether the development products of a given activity conform to the requirements of that activity, and whether the system and/or software satisfy the intended use and user needs. Testing process tasks are...

Read More

Information Security Risk Management

Sep 8, 2008 in Newsletter | 0 comments

Organizations of all types are very concerned by threats that could compromise their information security. The new ISO 27005:2008 standard, which describes the information security risk management process and associated actions, will help information technology (IT) departments manage these risks. Threats may be deliberate or accidental, and may relate to either the use and application of IT systems, or to IT’s physical and environmental aspects. These threats may take any form from identity theft, risks of doing business on-line, denial...

Read More

New APQP 2nd Edition

Aug 8, 2008 in Newsletter | 0 comments

The Advanced Product Quality Planning (APQP) reference manual provides common guidelines for a product quality plan and control plans leading to product that satisfies customer expectations. The new APQP 2nd edition explains all the steps necessary to plan for successful product approval submission and for common communication of program status between the supplier, organization, and OEM. This guidance manual employs the process approach and provides recommendations for a reduction in the complexity of product quality planning, including...

Read More

Webinars on Software Best Practices

Aug 8, 2008 in Newsletter | 0 comments

The CAI’s IT Metrics and Productivity Institute is hosting a series of free weekly webinars on software best practices. Each webinar will feature an expert speaker who has extensively researched, and successfully applied, best practice principles to the development and maintenance of software. For example, the webinars in August 2008 are: 8/13/08 – Root Cause Analysis: What Is It and How Do I Do It? 8/14/08 – Essential Measurements for Software Projects 8/19/08 – ITIL Early Adoptors: Initial Results 8/20/08 – IT...

Read More

Predictive Maintenance

Aug 8, 2008 in Newsletter | 0 comments

Jonathan Katz begins his Industry Week article with the statement, “Plant floor machines have so much to say.” He goes on to explain that trapped inside every machine is a wealth of information that can tell maintenance technicians if small hiccups might develop into large problems. Tapping into this machine information is becoming easier with predictive maintenance tools. Machine maintenance is evolving from prescheduled routine tasks to the use of more precise indicators that increase maintenance efficiency. Scheduled maintenance...

Read More

AIAG Actionline Article on FMEA 4th Edition

Aug 8, 2008 in Newsletter | 0 comments

Our July 2008 newsletter announced the availability of the 4th Edition of the Potential Failure Mode and Effects Analysis (FMEA) Reference Manual. The June/July 2008 issue of the AIAG Actionline contained an article describing the key updates in the 4th Edition. The improvements include: Formatting and organization Process-driven rather than form-driven Additional examples and explanations Management support Importance of teams Scope and content definition Changes in the ranking tables Linkages between DFMEA and PFMEA To read the FMEA...

Read More

Transition to ISO 9001:2008

Aug 8, 2008 in Newsletter | 0 comments

Transition to ISO 9001:2008ISO 9001:2008 is still expected to be published by the end of this year. However, changes to the existing ISO 9001:2000 standard are considered minor and, in principle, there will be no new requirements. What is expected in the updated quality standard are clarifications to the existing requirements of ISO 9001:2000, as well as, changes that are intended to improve consistency with the ISO 14001:2004 environmental standard. According to the International Register of Certificated Auditors (IRCA), there will be a...

Read More

New BOK for Software Quality Engineer

Aug 8, 2008 in Newsletter | 0 comments

The Certified Software Quality Engineer (CSQE) body of knowledge (BOK) has been recently updated so that the most current knowledge areas will be tested in future examinations. Part of the updating process was to conduct a job analysis survey to determine whether the current topics in the BOK are still relevant to the role of a Software Quality Engineer and to identify any new topics that have emerged since the BOK was last issued. The results of the CSQE job analysis survey showed that all of the topics in the 2002 BOK are still relevant to...

Read More

ISO 38500 for IT Corporate Governance

Jul 8, 2008 in Newsletter | 0 comments

An inadequate information technology (IT) system can hinder the performance and competitiveness of your organization or expose it to the risk of not complying with legislation. The new ISO 38500 standard provides broad guidance on the role of top management in regards to the corporate governance of IT. Most organizations use IT as a fundamental business tool and few can function without it. IT is also a significant enabler in the future business plans of many organizations. ISO 38500 will help the governing body to evaluate, direct, and...

Read More

ISO 9001:2008 Status

Jul 8, 2008 in Newsletter | 0 comments

The ISO/DIS 9001:2008 has been approved and the proposed standard is being submitted for voting as a Final Draft International Standard. If the FDIS is approved, the new edition should be published in the October-November 2008 time frame. The proposed ISO 9001:2008 does not introduce any additional requirements beyond the current ISO 9001:2000. Although certification is not compulsory, it is estimated that over one million ISO 9001 certificates have been issued to organizations in private and public sectors, in manufacturing and services, and...

Read More

FMEA 4th Edition

Jul 8, 2008 in Newsletter | 0 comments

The new Potential Failure Mode and Effect Analysis (FMEA) Reference Manual, Fourth Edition, can improve the management of risks associated with product and process failure modes. FMEA is one of the Automotive Quality Core Tools developed by representatives of Chrysler, Ford, and General Motors. Methods described in the new reference manual include those applicable to the DFMEA (product design at the system, subsystem, interface and component level) and to the PFMEA (process control at manufacturing and assembly operations). Improvements...

Read More

Outsource Your Internal Audits?

Jul 8, 2008 in Newsletter | 0 comments

If your internal audit program is difficult to manage, and you wonder about its effectiveness, maybe it’s time to consider outsourcing it. We can maintain your audit schedule and assign experienced auditors to perform your internal audits. If an area needs to be audited more often based on the results, we adjust the audit schedule, but stay within the agreed to number of audit days. By using our independent auditors, you may end up with more impartial and objective audits. And, you can keep your “volunteer” auditors at their...

Read More

Code of Ethics for Consultants

Jul 8, 2008 in Newsletter | 0 comments

In the June 2008 newsletter, I proposed an Internal Auditor Code of Conduct. My article began by stating that ethical behavior is the foundation of professionalism. Since many of us in the quality field have become self-employed consultants, I’m adding in this issue a proposed Consultant Code of Ethics. A client engages the consultant in the belief that the consultant is capable of performing the services, in a timely manner, and at an agreed to price. If you are a consultant, you should adopt a Code of Ethics similar to the one below to...

Read More

Incident and Problem Management

Jun 8, 2008 in Newsletter | 0 comments

The ISO 20000 standard for IT Service Management includes requirements for incident and problem management. Incident and problem management are separate resolution processes, but they are closely linked. Incident management deals with restoring services to users. Problem management is concerned with identifying and removing the causes of incidents. Incident Management An incident is defined as any event which is not part of the standard operation of a service and which causes or may cause an interruption to, or a reduction in, the quality of...

Read More

Lean Software Development

Jun 8, 2008 in Newsletter | 0 comments

Software development can greatly improve its business performance by discovering and embracing its kinship to classic (non-software) industries. Perhaps the most important thing software has to gain is guidance on how to implement Lean production. Lean production has, on average, doubled productivity and tripled quality for the classic industries. According to James M. Sutton with Lockheed Martin Aeronautics, early applications of Lean to software have exceeded those results. Software development is an ideal subject for Lean because its...

Read More

Code of Conduct for Internal Auditors

Jun 8, 2008 in Newsletter | 0 comments

Ethics are the principles of conduct governing an individual or a group. Ethical behavior is the foundation of professionalism. Auditors certified by the RABQSA are required to sign a Code of Conduct. Most internal auditors are not certified auditors, yet it would be appropriate for them to also sign a code of conduct. Years ago, I created a Code of Conduct for internal auditors based on the IIA Code of Ethics, the RABQSA Code of Conduct, and the IRCA Code of Conduct. I recently examined the current codes from these organizations, as well...

Read More

Document Control Software Features

Jun 8, 2008 in Newsletter | 0 comments

Are people in your organization spending too much time filing and retrieving documents and forms? Are document control issues causing process problems and audit findings? Maybe it is time to implement a document management system. The most important consideration when evaluating document management software is how easy is it to create, approve, release, secure, access, revise, and archive documents. Basic and advanced features of a document management system are listed below: Document Creation Support different document types Store in...

Read More

Safer at Work or Home?

Jun 8, 2008 in Newsletter | 0 comments

The idea of on-the-job safety has been incorporated into business policies and culture for decades. And, injuries at work have been lowered substantially. However, companies are now recognizing that a more serious threat exists: off-the-job injuries. According to the National Safety Council, for every person killed at work, 11 are killed away from work. And, for every person suffering a disabling injury on the job, two people are similarly injured off the job. Off-the-job injuries cause people to miss more than 3 times as many days from work...

Read More

International Energy Management Standard

May 10, 2008 in Newsletter | 0 comments

ISO has approved the creation of a project committee to develop an international standard on energy management. The standard will provide all types of organizations a practical and widely recognized approach to increase energy efficiency, reduce costs, and improve environmental performance. If you are interested in participating in the development of this standard, please see the contact information at the end of this article. The standard is intended to be broadly applicable to various sectors of national economies, including utility,...

Read More

AS9100, AS9110, or AS9120?

May 8, 2008 in Newsletter | 0 comments

Which standard, AS9100, AS9110, or AS9120, is applicable to an organization in the aerospace industry? According to the International Aerospace Quality Group (IAQG), the three quality management system standards are to be applied as follows: AS9100 – Quality Management Systems – Aerospace – Requirements AS9100:2004, Revision B, is intended for use by organizations that design, develop, and/or produce aviation, space, and defense products; as well as, by organizations providing post-delivery support, including the provision of...

Read More

Calibration Software

May 8, 2008 in Newsletter | 0 comments

Regardless of size, facilities with the need to calibrate instruments can benefit by implementing calibration software. These software products allow an organization to maintain its calibration records, calibration procedures, instrument location, and instrument history in a secure, readily accessible database. Another advantage of using calibration software is it can alert the operator when an instrument is due for calibration, prevent the use of overdue instruments, and communicate the overall performance of the measurement...

Read More

Outsourced Processes

May 8, 2008 in Newsletter | 0 comments

Has your organization outsourced any processes? Are these processes being properly controlled? ISO 9001:2000 clause 4.1 states: “Where an organization chooses to outsource any process that affects product conformity with requirements, the organization shall ensure control over such processes. Control of such outsourced processes shall be identified within the quality management system.” What is considered an outsourced process? Document ISO/TC 176/SC 2/N 630R2 at the ISO web site describes an “outsourced process” as a...

Read More

Ask EPA

May 8, 2008 in Newsletter | 0 comments

Ask EPA is an online interactive forum where you can discuss a wide range of environmental and human health issues with EPA’s senior officials. Past sessions have included: the efficient use of water to save money and protect the environment; holding polluters accountable to deliver a cleaner, healthier America; environmental risks and benefits of nanoscale chemical products; the Energy Star program, and recycling. To see the schedule for these free, one-hour sessions, go to this EPA Upcoming Sessions web page. You can submit...

Read More

More on e-Audits

Apr 8, 2008 in Newsletter | 0 comments

Our December 2007 newsletter included an article titled, “Are e-Audits in Your Future?” It discussed the advantages and possible drawbacks of conducting electronic audits from a remote location. Having remote access to documents and records for audit preparation, and then conducting interviews by teleconference, can save travel time and expenses, as well as, be less disruptive to the auditee. However, not being present at the remote location may reduce the effectiveness of the audit. The article examined e-audits by assessing their...

Read More

Nonconformity, Defect, or Finding

Apr 8, 2008 in Newsletter | 0 comments

Nonconformity Are you using the right term? What do you call it when a requirement is not met? ISO 9000:2005, 3.6.2, defines the non-fulfillment of a requirement as a “nonconformity”. As expected, “conformity” is defined in 3.6.1 as the fulfillment of a requirement. However, some auditors use “conformance” and “nonconformance”. Does it matter? ISO 9000:2005, 3.6.1, states that although conformance is synonymous with conformity, it is deprecated. What does that mean? Well, “deprecated”...

Read More

ISO 13485 and GMDCAS

Apr 8, 2008 in Newsletter | 0 comments

GMDCAS stands for “Global Medical Device Conformity Assessment System”, a program initiated by the International Accreditation Forum (IAF). As many as 150 countries have no medical device regulations. Several of these countries are considering establishing their own, unique regulatory requirements, with more countries to follow. As a result, there is a strong need to develop a third party accreditation program that can be used by all countries. Since these countries rely heavily on imported medical devices, their development of...

Read More

ISO 20000 – What is Coming Next?

Apr 8, 2008 in Newsletter | 0 comments

The 1Q08 issue of the TickIT quarterly journal contains an article by Graham Cox on the future of ISO 20000, the IT services management standard. ISO 20000 was published in 2005 in two parts. Part 1 is the Specification and used for certification; Part 2 is the associated Code of Practice. Parts 1 and 2 of ISO 20000 are in the review process and a revised Part 1 is expected in 2009 and the updated Part 2 in 2010. Both parts will take into account ITIL v3. The new Parts planned for the ISO 20000 family are: Part 3: Guidance on Scope and...

Read More

ISO 24762 for IT Disaster Recovery

Apr 8, 2008 in Newsletter | 0 comments

Fires, earthquakes, and pandemics, as well as, terrorism and piracy, may cause organizations to become disaster victims at any time. A new standard, ISO 24762, will help businesses deal with the unexpected and safeguard their reputation, brand, and value-creating activities. ISO 24762:2008, Information Technology – Security Techniques – Guidelines for Information and Communications Technology Disaster Recovery Services, as the title indicates, offers guidance on the information and communications technologies and services necessary...

Read More

Clarification of Intent for ISO 14001:2004

Mar 8, 2008 in Newsletter | 0 comments

The U.S. Technical Advisory Group (TAG) to ISO/TC 207 has issued two new Clarifications of Intent for ISO 14001:2004: 07-08.A1 Question: Is it a nonconformance if an organization establishes Objectives, Targets, and Programs but, at the time of the audit, none relate to an identified significant aspect? Answer: No. Clause 4.3.3 requires that significant environmental aspects be taken into account when establishing and reviewing objectives and targets, but it does not explicitly require that there be an objective and target related to a...

Read More

BS 25999 for Business Continuity

Mar 8, 2008 in Newsletter | 0 comments

Continuing operations in the event of a disruption, whether due to a major disaster or a minor incident, is a fundamental requirement for any organization. The new BS 25999 standard for business continuity management (BCM) was developed to help minimize the risk of such disruptions. By helping to put the fundamentals of a BCM system in place, the standard is designed to keep your business going during the most challenging and unexpected circumstances – protecting your staff, preserving your reputation, and providing the ability to...

Read More

Small Business Disaster Guide

Mar 8, 2008 in Newsletter | 0 comments

The Small Business Administration (www.sba.gov) and Nationwide Mutual Insurance Company have teamed up to launch a disaster planning guide for small business owners. The 10-page brochure provides information that business owners need to develop an effective plan to protect customers and employees in the event of a disaster. The guide provides key disaster preparedness strategies to help small businesses identify potential hazards, create plans to remain in operation if the office is unusable, and understand the limitations of their insurance...

Read More

ISO 26702:2007 for Systems Engineering

Mar 8, 2008 in Newsletter | 0 comments

ISO 26702:2007 defines the interdisciplinary tasks which are required throughout a system’s life cycle to transform customer needs, requirements, and constraints into a system solution. The standard also specifies the requirements for the systems engineering process and its application throughout the product life cycle. ISO 26702:2007 focuses on engineering activities necessary to guide product development, while ensuring that the product is properly designed to make it affordable to produce, own, operate, maintain, and eventually...

Read More

Quality Objectives

Mar 8, 2008 in Newsletter | 0 comments

Are you having a difficult time identifying quality objectives for your organization? You’re not alone. According to ISO 9000:2005, 3.2.5, a quality objective is something sought or aimed for, related to quality. ISO 9001:2000, 5.4.1, states your quality objectives must be measurable and consistent with the quality policy. Clause 5.3 of ISO 9001:2000 says your quality policy is a framework for establishing quality objectives. It also says that the policy must include a commitment to 1) comply with requirements and 2) continually improve...

Read More

More Changes in ISO/DIS 9001:2008

Feb 8, 2008 in Newsletter | 0 comments

In the last newsletter, I previewed the requirement changes in the ISO/DIS 9001:2008 standard. However, the changes planned for Edition 4 of ISO 9001 weren’t limited to clauses 4 through 8. 0.1 General ISO 9001:2000 states, “The design and implementation of an organization’s quality management system is influenced by varying needs, particular objectives, the products provided, the processes employed, and the size and structure of the organization.” The following factors are added to the list by ISO/DIS...

Read More

Top Ten OSHA Cited Violations

Feb 8, 2008 in Newsletter | 0 comments

According to an article in Safety + Health magazine, the top ten violations cited during fiscal 2007 by the Occupational Safety and Health Administration (OSHA) were: 1. Scaffolding: Failure to provide fall protection; failure to provide proper access; failure to provide adequate platform construction; failure to provide support scaffolding and guard rails. 2. Fall Protection: Failure to provide protection; failure to use fall arrest or safety net; failure to provide protection on roofs and wall openings. 3. Hazard Communication: Failure...

Read More

ISO/PAS 22399:2007 for Societal Security

Feb 8, 2008 in Newsletter | 0 comments

ISO has published the first internationally ratified benchmark document addressing incident preparedness and continuity management for organizations in both public and private sectors. The Publicly Available Specification, ISO/PAS 22399:2007, Societal security – Guideline for incident preparedness and operational continuity management, is based on best practice from Australia, Israel, Japan, the United Kingdom, and the United States. Natural disasters, acts of terror, technology-related accidents, and environmental incidents have...

Read More

Job Descriptions

Feb 8, 2008 in Newsletter | 0 comments

Have you adequately defined the responsibilities for your quality management system? Clause 5.5.1 of ISO 9001:2000 requires top management to ensure responsibilities and authorities are defined and communicated within the organization. Responsibilities and authorities should be expressed to implement and maintain an efficient and effective quality management system. Employees should be given this information so they can help achieve the quality objectives and establish their involvement, motivation, and commitment. The ISO 9001:2000 standard...

Read More

ISO/TS 29001 for Oil and Gas Industries

Feb 8, 2008 in Newsletter | 0 comments

ISO has published an updated edition of ISO/TS 29001. This technical specification is intended to ensure safe and reliable equipment and services throughout the oil and gas industries by providing a unique requirements document for quality management. The 2003 edition incorporated the requirements of ISO 9001:2000 and supplemental, sector-specific requirements. ISO/TS 29001:2007 has edited and expanded these requirements, as well as, added new definitions. ISO/TS 29001:2007 was developed to meet the needs of the oil and gas industry,...

Read More

ISO 9001:2008 – Clause 8

Jan 8, 2008 in Newsletter | 0 comments

This article looks at the suggested changes for clause 8, Measurement, Analysis, and Improvement. 8.1 General The organization shall plan and implement the monitoring, measurement, analysis and improvement processes needed a) to demonstrate conformity of the to product requirements, The current use of “conformity of the product” might be interpreted as more limiting than the new “conformity to product requirements”. 8.2.1 Customer Satisfaction A new Note has been added for clause 8.2.1 to provide examples of sources...

Read More

ISO 9001:2008 – Clause 7

Jan 8, 2008 in Newsletter | 0 comments

This article looks at the suggested ISO 9001:2008 changes for clause 7, Product Realization. 7.1 Planning of Product Realization The only change to the text of clause 7.1 is the addition of “measurement” as one of the required activities to be determined during the planning of product realization. In planning product realization, the organization shall determine the following, as appropriate: c) required verification, validation, monitoring, measurement, inspection and test activities specific to the product and the criteria for...

Read More

ISO 9001:2008 – Clause 6

Jan 8, 2008 in Newsletter | 0 comments

This article describes the proposed changes to clause 6, Resource Management. 6. Resource Management 6.2 Human Resources 6.2.1 General The revision for this clause is from work affecting “product quality” to work affecting “conformity to product requirements”. Quality is the degree to which a set of inherent characteristics fulfils requirements; Conformity is the fulfillment of a requirement. Personnel performing work affecting product quality conformity to product requirements shall be competent on the basis of...

Read More

ISO 9001:2008 – Clause 5

Jan 8, 2008 in Newsletter | 0 comments

In the first article of this newsletter, I reviewed the proposed changes for clause 4 of the draft ISO 9001:2008 standard. Now for a look at the minor change in clause 5, Management Responsibility. 5. Management Responsibility 5.5 Responsibility, Authority, and Communication Most organizations already appoint a Management Representative that is a member of their own management team. The change below clarifies that requirement. 5.5.2 Management Representative Top management shall appoint a member of the organization’s management who,...

Read More

ISO 9001:2008 – Clause 4

Jan 8, 2008 in Newsletter | 0 comments

In my newsletters last year, I reviewed the proposed changes to ISO 9001:2000 based on a Committee Draft. It was expected at that time that the revised standard would be issued in 2009. The Draft International Standard version is now being circulated for review and comment. The new publication date is expected to be late 2008, so I will refer to the revised standard as ISO 9001:2008. This newsletter contains articles describing the changes planned for each of the major clauses, 4 through 8. Most of the suggested changes are just word changes...

Read More