ComplianceOnline

Compliance Resources to Help you Stay Current

Get trained on regulations affecting your industry through online webinars, learn the best practices, and download quality standards, checklists and news articles. Listen to experts on best practices to streamline quality and compliance processes and meet the regulatory demands.
Loading....

IEC 62304 – Medical Device Software Life Cycle Process Standard – Overview and Summary of Requi ....

  • Industry: Quality Management

The IEC 62304 is a global harmonized standard adopted by the US and EU. It gives life cycle requirements for medical device software as well as medical software.

This article gives an overview of the standard and a summary of the IEC 62304 requirements for software development.

Medical Device Quality System Regulations – A Brief Overview of FDA Requirements

  • Industry: Quality Management

As medical devices become increasingly available for home use and more use-accessible and friendly, it has become important for manufacturers to ensure the product’s quality, safety and reliability. Medical device quality regulatory requirements issued and enforced by agencies such as the FDA act as a valuable guide for manufacturers.

This article gives a brief overview of the FDA’s medical device quality system regulations.

ISO 14644-1 - An In-Depth Look at the Requirements Related to the Pharmaceutical Industry

  • Industry: Quality Management

The manufacture of pharmaceuticals requires strict adherence to standards and regulations. ISO 14644-1 details the requirements that pharma manufacturers have to follow with respect to clean room environments.

In this article, Yara Almouti, an expert on cGMP in the pharma industry, explains these requirements.

ISO/IEC 17025 – Applicability, Use and Summary of Requirements

  • Industry: Quality Management

The ISO/IEC 17025:2005 - General requirements for the competence of testing and calibration laboratories - is an international standard that applies to laboratories. It specifies the general requirements for the competence required in a laboratory to carry out tests and/or calibrations, including sampling. It covers testing and calibration performed using standard methods, non-standard methods, and laboratory-developed methods.

This article describes the applicability and use of this standard and summarizes its requirements.

OHSAS 18001 – Background, Summary of Provisions and Recent Updates

  • Industry: Quality Management

Occupation Health and Safety Assessment Series (OHSAS) 18001 is an internationally recognized assessment specification for occupational health and safety management systems. OHSAS 18001 was first issued in 1999 but was subject to review during 2006 and then issued as a revised standard on 1 July 2007. The standard aims to help organizations meet their health and safety obligations in an efficient manner. This article describes the background to this standard, summary of main provisions and recent updates.

ISO 22000 Food Safety Management Systems

  • Industry: Quality Management

ISO 22000 is an international standard that defines the requirements of a food safety management system covering all organizations in the food chain from “farm to fork”. Since it is a generic food safety management standard, it can be used by any organization directly or indirectly involved in the food chain. It applies to all organizations in the food chain.

ISO 31000 Risk Management

  • Industry: Quality Management

ISO 31000:2009 sets out principles, a framework and a process for the management of risk that is applicable to any type of organization in the public or private sector. It emphasizes the fact that risk management must be tailored to the specific needs and structure of the particular organization. ISO 31000:2009 can be used by any public, private or community enterprise, association, group or individual.

ISO 9001:2008

  • Industry: Quality Management

The International Organization for Standardization (ISO) was established in 1947 and is currently an association of 159 member-countries. ISO employs a system of Technical Committees, Sub-committees and Working Groups to develop International Standards. Besides the National Standards Bodies, ISO permits other international organizations that develop standards to participate in its work, by accepting them as Liaison members. ISO works in accordance with an agreed set of rules of procedure, the ISO/IEC Directives, which also include requirements on the presentation of standards.

ISO 13485

  • Industry: Quality Management

ISO 13485:2003 specifies requirements for a quality management system in which an organization should demonstrate its ability to provide medical devices and related services that consistently meet customer requirements and regulatory requirements applicable to medical devices and related services.

All the requirements of this standard are specific to organizations providing medical devices, regardless of the type or size of the organization.

If regulatory requirements permit exclusions of design and development controls, this can be used as a justification for their exclusion from the quality management system. These regulations can provide alternative arrangements that are to be addressed in the quality management system.

If any requirement(s) in Clause 7 of ISO 13485:2003 is(are) not applicable due to the nature of the medical device(s) for which the quality management system is applied, the organization does not need to include such a requirement(s) in its quality management system.

ISO 9001 – A Summary

  • Industry: Quality Management

One of the standards of the ISO 9000 family, ISO 9001 is an internationally recognised standard of quality management in businesses, applying to the processes that create and control the products and services produced by an organisation. A systematic control of activities is undertaken to ensure that the customers’ expectations and requirements are fully met.  All requirements of ISO 9001 are generic and are designed so that they can apply to almost any product or service in any part of the world, regardless of type, size and nature.

Background

ISO was published first in 1987, largely based on the earlier BS 5750, developed by the BSI Group. Since 1978, the BSI Group has been the certifying organization for quality management.

The standards of ISO 9001 are published by ISO, the International Organization for Standardization and available through national standards bodies. The fundamentals of quality management systems include eight management principles and ISO 9001 deals with the requirements that organizations have to meet if the wish to obtain the ISO 9001 certification. A certification to the effect that an organization meets the requirements of ISO 9001 can be obtained from a third party competent to provide this certificate. Currently, over a million organizations all over the world have ISO 9001 certification making it the single most effective management tool.

Why ISO 9001?

The worldwide adoption of ISO 9001 is attributable to a number of factors, the principal among them being major purchasers requiring their suppliers to hold ISO 9001 certification, significant financial benefits identified for organizations certified with ISO 9001, organizations achieving palpably better return on assets compared with those without this certification, superior operational performance of an organisation after receiving the certification, superior performance in the stock market and investments in an ISO 9001 organization reaping huge rewards in comparison with its peers without such certification.

The mechanism of improved results has been subject to much research and has been largely attributed to a psychological boost of employees from the sheer aura of this certification.

Consequences of Violation

Even after an Organization has been granted the ISO 9001 certification, regular audits are conducted to check whether they still conform to the standards. If these checks reveal that the organization at any point falls short, non-compliance is issued and the certification is withdrawn.

Sources:

http://www.isoqar.com/iso9001/qualintro.htm

http://www.iso.org/iso/catalogue_detail?csnumber=46486

http://en.wikipedia.org/wiki/ISO_9000




 

This is a Nonconformity

  • Industry: Quality Management

Auditors are trained on how to ask interview questions, but they may not be as well trained on how to let someone know about a nonconforming situation. Let's look at some examples.

1. "You're nonconforming. I'm going to have to write you up."

Well, the person isn't nonconforming. This statement sounds like the person is defective and may need to be scrapped. It is the process that is nonconforming, not the person. And, don't make it personal by saying you will write the person up. You are fact finding, not fault finding.

A better statement might have been:

Records show the process is not being carried out according to the planned arrangements. Since the process requirements aren't being met, this is a nonconformity.

2. "You really screwed up this time. Better update your resume."

Again, don't make it personal, and especially don't make it sound career-ending. An audit should be a penalty-free learning opportunity and a catalyst for improvement.

A better statement might have been:

This activity is being performed differently than the applicable procedure. Unless there is an authorized reason for the difference, this is a nonconformity.

3. "This is a BIG problem. How do you spell your name?"

Nonconformity statements should be written with reference to job titles, not individual names. Keep the focus on the process, not the person.

A better statement might have been:

This product is stored in a different location than called for by the work instruction. Unless this change has been approved, storing the product in the wrong location is a nonconformity.

4. "Why did you do it that way? Were you trained to cause problems?"

Nonconformities are rarely caused on purpose. Don't make things worse with attempts at sarcastic humor. You want the person to understand the problem, not become defensive.

A better statement might have been:

The document is obsolete and not suitably marked to prevent its use as the current version. This is a nonconformity because the document control procedure is not being followed.

5. "What were you thinking? This is a serious violation."

A violation does sound serious, like a legal infraction. Will jail time be involved? Our choice of words can cause a person to react in a negative manner. Don't overstate the situation.

A better statement might have been:

The procedure calls for a final product check before shipment. There are no records indicating this required activity was performed, therefore it is a nonconformity.

While these verbal re-statements may be acceptable, the written versions should be reported with more details. The nonconformity report should state the specific requirement that is not being met, as well as, provide objective evidence that it is a nonconformity.

Upcoming webinars by Larry Whittington at ComplianceOnline:

The Auditee Bill of Rights : January 14, 2011, 1:00 PM to 2:00 PM EST

Get Tough on Corrective Actions : January 27, 2011, 1:00 PM to 2:00 PM EST

Improve Your Audit Checklist : February 8, 2011, 1:00 PM to 2:00 PM EST

About the Author:

Author of this article is Larry Whittington, president of Whittington & Associates, a training, consulting, and auditing company founded in 1993 and located in Woodstock, Georgia. He is an RABQSA certified Lead Auditor and IRCA Principal Auditor, as well as, ASQ certified Quality Auditor and ASQ certified Software Quality Engineer.

Larry has developed requirements, implementation, documentation, and auditing courses used by multiple training firms, and has taught hundreds of classes to thousands of students. His free monthly e-Newsletter on quality and auditing topics has been published for more than ten years and is read by thousands of subscribers. 

Email: [email protected]

Quality Objectives

  • Industry: Quality Management

As auditors, we are called upon to assess conformity and effectiveness. To assess process effectiveness, we need to evaluate to what extent the planned activities are being realized and the planned results are being achieved.

We may need to venture outside the defined scope of a process audit to fully judge its effectiveness (results). To assess how well the process is meeting the needs of its internal customers, go interview those internal customers. They may have a different view of the deliverables and results than the process supplying them. Their opinion can lead to the facts needed to assess process effectiveness.

Another key element in evaluating effectiveness is to examine the planned results expected by the process owner in terms of their quality objectives. However, some organizations struggle to identify meaningful quality objectives. As an auditor, you may be called upon to explain what is meant by a specific, measurable quality target.

According to ISO 9000:2005, 3.2.5, a quality objective is something sought, or aimed for, related to quality. Clause 5.3 of ISO 9001:2008 says the quality policy is a framework for establishing quality objectives. It also says the policy must include a commitment to 1) comply with requirements and 2) continually improve the effectiveness of the quality management system.

And, it says in ISO 9001:2008, 5.4.1, that quality objectives must be measurable and consistent with the quality policy. Since the quality policy is the framework, it follows that an organization should have an objective to measure the degree to which requirements are being met, plus an objective to measure the results of the quality management system.

If the quality policy identifies other important areas, e.g., product reliability, the organization would be expected to have a measurable target for product reliability. In addition, ISO 9001:2008, 8.2.1, states customer satisfaction is a necessary performance measure for the quality management system.

Even with this guidance, some organizations struggle on how to express meaningful quality objectives. Remember, goals are conditions to be achieved in the future. They should be defined consistent with the organizational vision and mission. Goals are established to guide decisions and actions. However, they usually do not involve measurable results, and therefore, do not change as often as objectives.

Objectives are focused on critical issues and milestones. They describe the activities and targets to achieve your goals. They even identify the dates for completing the activities. They are measurable in terms of being achieved, or not. For example, a general goal might be to reduce waste. The related, specific objective might be to reduce waste from 4% to 3% by the end of the year.

Depending on the industry, organizations might consider quality objectives such as:

Requirements Traceability = Traceable to Design / Total Requirements
Design Stability = Change Requests / Product Releases
Test Rate = Tests Passed / Tests Planned
Scrap Rate = Product Rejects / Products Produced
Problem Rate = Problem Reports / Total Customers
Fix Response Rate = Fixes Closed on Time / Fixes Due
Return Rate = Products Returned / Products Shipped
Repair Failure Rate = Nonconforming Units / Repaired Units
Complaint Rate = Received Complaints /Total Customers
Customer Satisfaction Index = (Questions x Ratings) /Surveys Returned
On-time Delivery = Deliveries by Due Date / Deliveries Scheduled
Service Quality = Defective Transactions / Total Transactions
Milestone Delay = (Phase Duration - Planned Duration) / Planned Duration
Defect Removal = Defects Removed / Defects Reported in Test Cycle
Action Effectiveness = (Actions Taken - Repeated Nonconformities) / Actions Taken


Some of these quality metrics would be expressed over a period of time, e.g., complaints per customer per year. And, some values may be multiplied by 100 to give a percentage. Also, objectives don't have to be variable measures. For example, installation of a new document management system by the end of the year could be a quality objective.

In an article in Management Review nearly thirty years ago, George Doran defined the SMART way to set management objectives. The SMART acronym has evolved since then and can be applied to setting quality objectives. Make them S pecific, M easurable, A chievable, R elevant, and T imed.

Specific : Identify the expected result. Be precise on the desired outcome. All the concerned persons should know what is required.

Measurable : Quantify the result and ensure you have a reliable system for measuring it. You should know when you have achieved the objective.

Achievable : The objective should be realistic given the target and date. Resources must be available to deliver the result with reasonable effort.

Relevant : Links to business success should be clear so people are motivated to meet the objective. Ensure people can influence the outcome.

Timed : Establish a timeframe for reaching the objective. Monitor progress against interim targets on the way to achieving the stated objective.

Quality objectives should be based on comprehensive strategic planning. Organizations must be careful how they set these objectives and how they communicate them. Employees may manipulate processes to achieve the desired results, especially if the numbers are used to judge their personal performance.

When handled poorly, performance targets can result in internal competition and a lack of cooperation. In fact, a specific process objective can be optimized at the expense of overall system performance.

If a target is seen as arbitrary, and set beyond the capability of the process, it may lead to employee frustration, reduced morale, and lower performance. Individuals must feel they have some control over the outcome for an objective to actually promote improvement. The objectives should help monitor and control the processes, not the people.

As auditors, we can use the quality objectives and related results to help us assess process effectiveness. And, we can assist the organization by clarifying the need for specific, measurable quality objectives that help them manage and control their processes and overall business.

Upcoming webinars by Larry Whittington at ComplianceOnline:

The Auditee Bill of Rights : January 14, 2011, 1:00 PM to 2:00 PM EST

Get Tough on Corrective Actions : January 27, 2011, 1:00 PM to 2:00 PM EST

Improve Your Audit Checklist : February 8, 2011, 1:00 PM to 2:00 PM EST

About the Author:

Author of this article is Larry Whittington, president of Whittington & Associates, a training, consulting, and auditing company founded in 1993 and located in Woodstock, Georgia. He is an RABQSA certified Lead Auditor and IRCA Principal Auditor, as well as, ASQ certified Quality Auditor and ASQ certified Software Quality Engineer.

Larry has developed requirements, implementation, documentation, and auditing courses used by multiple training firms, and has taught hundreds of classes to thousands of students. His free monthly e-Newsletter on quality and auditing topics has been published for more than ten years and is read by thousands of subscribers. 

Email: [email protected]

Audit Agendas

  • Industry: Quality Management

If you've been asked to audit an ISO 9001-based quality management system, how do you develop an efficient and effective audit agenda?

After confirming the audit dates, hours, and location, identify the functional areas that are included in the audit scope. Start by requesting a copy of the quality manual and organization chart. Review the description of the interaction between the processes that is a required part of the quality manual.

List the functional areas from the quality manual and organization chart. You want to know all the processes within the scope and how they interact with one another. Then, list the work hours for the areas so their audits are scheduled during normal hours of operation.

Ask your auditee contact to give you the employee and contractor totals for each of the functional areas. This information will help you determine the audit time to allocate to each area based on size. Other considerations in establishing the audit sample should be recent process changes, risk factors, new technology, process complexity, and new management.

In addition to auditing the applicable requirements for functional areas, you also want to assess the related clauses of the ISO 9001 standard. Therefore, see if the organization has a responsibility matrix that identifies the applicable clauses for each area. If not, talk to your auditee contact and gather the needed information.

You're now ready to create the audit agenda. Using a document template, list times in the first column in 30 minute blocks from the start time to the end time. Block out the events that are independent of the audited areas, such as meetings.

For example, if the work day is 8:00 to 5:00, schedule the Opening Meeting at 8:00, lunch at 12:00, auditor preparation at 12:30, report preparation at 4:00, and the Closing Meeting at 4:30. For a two day audit, Day 1 will end with auditor preparation at 4:00 and a Management Briefing at 4:30. Day 2 will end with report preparation at 3:30 and the Closing meeting at 4:30.

Count the open time slots on the agenda that remain for auditing the areas. Allocate the number of time periods needed for the functional areas to be audited. Some areas may only need one time period (30 minutes), but others may be allocated multiple times periods, e.g., Engineering and Production.

Then, knowing the needed durations, plug the areas into the second column of the agenda in a logical sequence. A typical flow might start with the Quality department for a review of the quality manual and to understand the document control and record control procedures. This overview should help you assess the remaining areas and their linkages.

The next logical area to audit might be top management and their requirements from clause 5 of the standard. Afterwards, you could move to Sales and assess their applicable requirements, including clause 7.2. The audit flow might continue with Engineering (7.3), Purchasing (7.4), Receiving (7.4.3), Planning (7.1), Production (7.5), Test (8.2.4), Warehouse (7.5.3, 7.5.5), and Shipping (7.5.3, 7.5.5). The audit could finish with the Quality department to assess Internal Audit (8.2.2) and Corrective and Preventive Actions ( 8.5.2, 8.5.3).

Verify that all the areas are on the agenda and all the applicable ISO 9001 clauses will be addressed. List the key clauses with each area on the agenda as reminders. Ensure you and any other auditors on the team are independent of the areas to be audited. And, ensure all of you have the necessary competencies for the assignment.

If any of the areas on the agenda are far apart, take these distances into account and show the travel times on the agenda. Also, determine the number of shifts and arrange to sample some from each shift. For example, stay late one day for second shift and arrive early the next morning for third shift. Or, schedule separate audits for each of the shifts.

Send a copy of the draft agenda to the other auditors on the team, to the audit client (the person requesting the audit), and eventually the auditee (the organization to be audited). Ask for their review comments and make the appropriate changes.

Refer to the agenda at the opening meeting and use it during the audit to satisfy the audit objectives. Remember, it is a plan and may need to be adjusted during the audit. Include a copy of the final agenda in the audit report.

Upcoming webinars by Larry Whittington at ComplianceOnline:

The Auditee Bill of Rights : January 14, 2011, 1:00 PM to 2:00 PM EST

Get Tough on Corrective Actions : January 27, 2011, 1:00 PM to 2:00 PM EST

Improve Your Audit Checklist : February 8, 2011, 1:00 PM to 2:00 PM EST

About the Author:

Author of this article is Larry Whittington, president of Whittington & Associates, a training, consulting, and auditing company founded in 1993 and located in Woodstock, Georgia. He is an RABQSA certified Lead Auditor and IRCA Principal Auditor, as well as, ASQ certified Quality Auditor and ASQ certified Software Quality Engineer.

Larry has developed requirements, implementation, documentation, and auditing courses used by multiple training firms, and has taught hundreds of classes to thousands of students. His free monthly e-Newsletter on quality and auditing topics has been published for more than ten years and is read by thousands of subscribers. 

Email: [email protected]

2010 Baldrige National Quality Award Makes History with Seven Nominees

  • Industry: Quality Management

Seven organizations were nominated to receive the nation’s highest presidential honor for performance excellence through innovation, improvement and visionary leadership - the 2010 Malcolm Baldrige National Quality Award. The mission of the Baldrige Program is to enhance the competitiveness and performance of U.S. organizations. The award is not extended to particular products or services.

Quality of Chinese Equipment in Question - Auditing its Performance

  • Industry: Quality Management

Quality of Chinese equipments, day-by-day, is becoming a serious concern for the Indian government. A few recent incidents that went against the Chinese product qualities are also fueling the doubt.

In power equipments, the Indian government feels that Chinese equipment fails to attain its optimum result when fired with Indian coal. And their feeling turned into belief when the turbine blades of the MW Sagardighi project of West Bengal Power Development Corporation, supplied by the Chinese manufacturing company Dongfang, failed miserably. As a result of this failure, the apex power sector planning body, the Central Electricity Authority (CEA) initiated a technical audit of Chinese equipments.

CEA during its audit in BHEL observed, quality wise the Chinese products are at par with the Indian ones but, when an India based top business house, Indiabulls cancelled its order placed with China and placed the same order from BHEL, the controversy about the quality of the Chinese products got aggravated.

Bharat Heavy Electrical Ltd or commonly known as BHEL is the largest manufacturer of power equipment in the country. Recently the company has shown its concern regarding the quality of the power generation equipments supplied by the Chinese manufacturers. And, BHEL has also claimed that the performance of its equipment has been constantly 2% higher than other available equipments and its operating availability is also higher.

However, not only Dongfang Electric, Harbin Power Equipment Company and Sepco are also among the big players that have bagged big-ticket orders from Indian market.

Of all the mentioned news, the most controversial and significant one that recently shocked the Indian government is perhaps the Chinese mobile equipments controversy. It is to be believed that the Chinese mobile equipments are carrying spyware or malware capable of infringing Indian security system by providing security information to foreign intelligence agencies through telecom networks. Accepting the seriousness of the news, government has officially banned importing any equipment manufactured by Chinese vendors, including Huawei and ZTE. Though government announcement on limiting the usage of Chinese mobile equipments is not taking place for the first time in India however this is the first time the ban is announced as official.

Earlier, the Indian government banned the import of Chinese headsets that comes without IMEI number. The government’s decision of banning Chinese mobile equipments is undoubtedly going to give a huge blow to companies like ZTE and Huawei that have big betting on the Indian mobile phone market. Also, with the banning decision Indian vendors are going to be affected as well as they mostly bank upon the attractive schemes provided by the Chinese companies. However, the European and U.S. based mobile companies are assumed to be the biggest gainer of the ban.

Source:

http://businesstoday.intoday.in/index.php?issueid=81&id=7744&option=com_content&task=view

http://www.thehindubusinessline.com/2010/04/29/stories/2010042952880100.htm

Again in Soup: Electronic Problem Gives Toyota another Blow!

  • Industry: Quality Management

Toyota is surely going through its roughest phase! This time flaws in an electronic system forcing Toyota to fix nearly 1.2 million Corolla and Matrix models.

Since November 2009, NHTSA (National Highway Traffic System Administration) has received 26 stalling complaints in Corolla and Matrix models where drivers reported the stalls happened randomly and could have caused fatal accidents. Although Toyota disapproves the potency of the alleged defect to create “an unreasonable risk to motor vehicle safety”, but the U.S. safety regulators and members of three congressional panels have criticized Toyota for moving too slowly to address consumer complaints of unintended acceleration and other safety concerns.

Recently Toyota went through a rough phase when it had to recall 8.5 million of its vehicles due to acceleration and engine problem. Now with the flaw of electronic system, Toyota will again come under the scrutiny of US regulatory bodies.

Source: http://www.reuters.com/article/...

 

Here comes TS 16949

  • Industry: Quality Management

The International Automotive Task Force (IATF) took on the challenge of developing a standard to harmonize three European catalogs-VDA 6.1 (Germany), AVSQ (Italy), EAQF (France)-and the North American QS-9000 standard. The result was the ISO/TS 16949:2002 standard. The Big Three automakers have put their support behind ISO/TS 16949:2002. QS-9000 is no longer in the long-term picture. According to an executive from one of the Big Three, the ISO/TS 16949 contains 90 percent of QS-9000 already, and it's an improved standard. DaimlerChrysler released a letter dated July 2002, which stated that effective July 1, 2004, all product and service part suppliers to DaimlerChrysler are required to be registered to ISO/TS 16949. In early August 2002, DaimlerChrysler, Ford and GM released a joint letter announcing that the third edition of QS-9000 will expire on Dec. 14, 2006, after which ISO/TS 16949:2002 will replace QS-9000

Best Sellers
You Recently Viewed
    Loading