Both ISO 9001 and ISO 14001 have a whole new clause of leadership for the management system. This replaces the old concept of top management commitment that appeared in the previous versions of both standards.
To begin, if you already have top management who are fully engaged in the management systems you have, and who actively participate in decisions and take note of issues and concerns the system raises, then this will be much easier. If, however, senior staff rarely comment on the QMS or EMS and who limit their involvement to management review then this will require some work.
Key to understanding leadership here is accountability. Top managers are busy people and were happy in the past to delegate much of the system function to a representative who would ‘keep the certificate on the wall’. The function of a management representative has been removed from the standards so it is no longer the case that this can be easily delegated.
To be accountable, top management must really have their finger on the pulse and be aware of issues and concerns within the system as soon as they occur. This allows them to allocate resource, drive improvement and ensure that the system really does contribute towards the organisation. To have certification should always be a benefit and never a burden.
The most obvious areas for top management to demonstrate their involvement include:
- Considering the quality and environmental implications of decisions they have taken, and ensuring the QMS and EMS develops alongside wider business/organisation improvement. The QMS should never be an afterthought
- Actively and continually reviewing progress against objectives and targets – and not simply waiting for an end of year review to find out these are not going to be met
- Making sure different departments and activities throughout the organisation work together to deliver the product/service and deliver good environmental management – the process approach
- Supporting all staff who may be trying to deliver the quality management system
- Being aware of risks and opportunities and using these when developing organisational strategy
Much of this already occurs within an organisation, but it is now part of ISO 9001 and ISO 14001. Much of this does not necessarily have to be documented in any way, but the top manager within your organisation shall have to be able to demonstrate this during certification body audits, usually through interview or by explaining the decisions they have made. There is no harm including top management in your own internal audit programme to ensure they are well prepared!
ISO 45001 is intended to replace the widely implemented BS OHSAS 18001 and it is anticipated that organisations currently certified to BS OHSAS 18001 will require to migrate to ISO 45001 within three years of the new standard’s publication.
You need to attend this workshop if you ..
- Manage an Occupational Health and Safety Management System
- Manage processes in your organisation
- Carry out internal audits of an Occupational Health and Safety Management System
- Require an understanding of the extent and nature of the changes introduced by ISO 45001:2016, that will supersede OHSAS 18001:2007.
- You are considering gaining certification to the new standard
The Workshop Includes …
- Annex SL explained, and its impact as the foundation for all current and future management systems standards
- Using the new high-level structure for a health and safety management system
- The additional/changed requirements defined in ISO 45001:2018 when compared with OHSAS 18001:2007
- Transition period you have before the changes become mandatory
- Guide to the actions you need to take.
What are the benefits of attending the Workshop?
- Understanding of the implications of ISO 45001 relevant to your business
- Planning required to introduce or transition to ISO 45001
- Assist in gaining certification
- Mapping Guide OHSAS 18001 to ISO/DIS 45001
To attend the workshop you will require to have some knowledge of the current OHSAS 18001:2007 requirements
Previous blogs have started to point you towards the new ISO/DIS 45001 Standard which is expected to be published in February 2018 and is the replacement for OHSAS 18001. With six months until publication, are you confident of what is being revised?
Let’s review and bring you up to date …
- ISO 45001 is the new international standard for occupational health and safety management
- ISO 45001 will replace existing OHSAS 18001 standard
- ISO 45001 will align with ISO 9001 and ISO 14001 with common terminology and Annex SL structure
- If you have certification to OHSAS 18001 you will need to migrate to ISO 45001 to maintain the validity of your certification.
What is being revised?
As the World’s first and only international standard, which can be fully integrated with other management system standards throughout organisations, it provides and ensures a safe and healthy place of work for everyone.
- Health and safety as a main and integral part of the business and recognised globally to ensure not only your employees, but your customers and communities know how you manage your health and safety.
- The focus on leadership and the commitment of that leadership to demonstrate that the responsibility is firmly with Top Management and not the sole responsibility of health and safety managers. Together with Top Management, there must also be demonstrable employee contribution.
- Identification of improvement opportunities to contribute to safe working will be introduced of Risk and Opportunity Management. Organisation must demonstrate their ability to identify and manage risk to ensure a more resilient system.
- Organisations holding certification to ISO 9001 and ISO 14001 will find the ease of integration with ISO 45001 a smoother process.
- Legislation registers/aspects and impacts registers will have their content based on individual business activity, geographical location and local/National enforcement requirements.
- Risk – there will be a universal definition the term.
- Worker – Differences in the definition of the term and various legal constraints. This includes workers and sub-contractors.
If you already have a certified OHSAS 18001 system, how does this compare with ISO 45001?
- OHSAS 18001 is not based on Annex SL, i.e. there is no common framework to all other management systems.
- Alignment of clauses and sub-clauses.
- Common language.
- Plan-Do-Check-Act cycle can be applied to all processes and clauses 4 – 10 can be grouped.
Regarding the new standards, one of the first new concepts you will identify is the establishment of context at Clause 4. We are frequently asked by our clients ‘what are we supposed to do here?’ and ‘Do we need to create new documented information or records?’.
Many organisations already have a good understanding of the market place within which they operate. The market place should be considered in its broadest sense as it may not always be a commercial one and includes public sector and third sector activities. To operate you need to understand the market, your clients, what your competitors are doing and what you might have to do to survive! This is part of any organisation’s ‘thought process’ and is not something new to be done as part of ISO 9001 and ISO 14001.
The standard requires you to consider what is the context within which you operate. This means, for example, demonstrating an understanding of key legal issues, technological change, market trends, environmental concerns, society’s view of your activities, political change etc. The exact list of issues will depend on your organisation, what you do and how integrated you are with external bodies.
To meet the requirements of clause 4 you must show that you have considered such issues and how they may, or may not, have an impact on your quality and/or environmental management system. This can be done on a document presented at management review; a distinct piece of work by your quality/environmental departments etc. It could, however, simply be top management providing robust and detailed understanding of these issues verbally, during audit. We would recommend having documented evidence that shows you have identified your key issues. A simple list of items under broad headings on economics, market, technology etc. will suffice.
The second part of clause four then asks you to consider interested parties. This means identifying all individuals and organisation who can have an impact on the QMS/EMS or who may be affected by it. There are obvious interested parties such as customers, suppliers, neighbours etc.
The clause also requires you to think what requirements are linked to each, for example, customers’ requirements might include the receipt of goods of the correct type, quantity and price, on time and without faults. A Neighbour may expect to not be adversely affected by your poor environmental performance, suffering from your pollution for example. For each requirement of an interested party you need to consider and demonstrate this requirement is fulfilled.
Note that the context you establish and understand makes it easier for you to consider risk and other unforeseen circumstances. Actions against these risks must be considered and relevant actions taken under the risk management clause of the standards (clause 6).
If you need some guidance on what the new clauses mean to your organisation, then you may be interested in attending one of our one-day courses on the new standards. These are great value and can be booked on our website or by giving us a call on 01236-734447
The new ISO 9001 and ISO 14001 standards look very different from their predecessors, with new terminology, structure and requirements. However, if you look closely you will find that much of what went before is still there and the new standards have, in most cases simply added on some new elements.
Our consultants have found that if you have a well maintained and up to date system certified to the current standards this will make the transition easier. If, however, you have fallen behind on the maintenance of your Quality or Environmental Management system we recommend you get things back on track before you start transition work.
When you are ready to begin transition, the first thing to do is to review your current management system in light of the new requirements. This approach is sometimes called a Gap Analysis. It allows you to see what may already be meeting the requirements of the standards and what does not – the gaps. It is only by understanding what these gaps are that you can begin to establish what actions to take to address them.
You will need a copy of the standard(s) to do the Gap Analysis or use one of the other review or gap tools some of the Certification Bodies are supplying to their clients. Sometimes they give suggestions on what you can do address the gaps.
You should also read ISO 9002:2016 (about to be published) and ISO 14004:2016 – Guidelines on Implementing a QMS/EMS as they also describe the types of activities, processes and documents you may need for the new standards
When you have a list of the gaps and actions to address them you can then consider the programme to introduce and implement the changes that are required.
Experience suggests that you need up to 12 months to complete this process – hence the need to begin now with the deadline approaching in Autumn 2018.
Note that you will also have to begin auditing to the new standards as well as introduce and follow new processes so that you can demonstrate that the new system is applied to your organisation.
It is not simply updating the system – it needs to be working!
If you feel that you don’t have enough hours in the day to train your staff in the new clauses, click on our training programme on www.qcsl.co.uk and check out our great value 1 day Introduction courses, or alternatively half day in house courses for your team are proving very successful.
Meantime, if you think you need advice or guidance on your transition process you can call us at QCS International for a friendly chat, advice or assistance, or check out our websites and blogs on …
Thirty years ago, Quality Consulting Services started business in Cumbernauld, delivering consultancy services for BS 5750 Parts 1,2 & 3; a Scottish-based company for Scottish clients. Within a few years QCS had a growing market share and a reputation for ‘quality’ and personal service. Our highly experienced consultants covered a wide range of sectors, from Oil and Gas – Construction – Service Sector.
Always at the forefront, QCS identified a gap in the Scottish market for IRCA Registered Training. At that time, Internal and Lead Auditor courses were not delivered in Scotland, which added a financial burden to clients implementing a BS 5750 quality management system north of the border. QCS launched The Quality College of Scotland with a bespoke training venue in Central Scotland and gained IRCA Training Organisation status to deliver IRCA Registered Internal and Lead auditor courses together with foundation and implementation courses. Such was our success that we were soon delivering IRCA Registered courses in USA, Dominican Republic, Seychelles, Mauritius, Arab Emirates throughout Europe and opened a QCS offices in Phoenix and Vermont.
As a progressive company our expertise allowed us to add ISO 14001 (Environmental) and OHSAS 18001 (Health & Safety) consultancy to our portfolio and once again we were a forerunner for IRCA training in Scotland and overseas for Environmental and Health & Safety Auditor courses. With our increased global presence, we were renamed as QCS International allowing us to fully capitalise on the worldwide services we were delivering.
To say we have been a forerunner is perhaps easy, but looking at our medical device portfolio lets you see just how much of a forerunner we are. With advanced medical device management system specialists in house, we developed the first IRCA Registered Internal and Lead Auditor training courses – not only in the UK, but also worldwide and we have trained medical device professionals both at our public training venue in Scotland and at clients’ organisations all over the world.
How do we do this?
- Our consultants are fully employed by QCS – we don’t need to use sub-contractors like many other training and consultancy organisations
- We deliver high quality consultancy to the medical device industry from implementation of ISO 13485 – Technical File preparation – CE marking – Regulatory Advice and much more
- QCS consultants are not only highly qualified in their field, but they all have up to date working experience
At QCS it is important for us to work in partnership – we don’t sit in a corner of your office and work in isolation. We become part of your management team and we spread our knowledge to meet your objectives and ensure your personnel have the skills to continually manage the systems after certification.
We are a one stop should for all your Quality, Environmental, Health & Safety and Medical Device Management Systems covering:
Consultancy, Training, Integrated Management, Risk Assessment, Audit, Regulatory Advice, CE Marketing, Legal Compliance, Outsource Management and much, much more.
The QCS Team look forward to working with you for the next 30 years …….
In 2015 the new ISO 9001 and ISO 14001 standards for quality and environmental management were published. These new standards were updated to reflect new thinking associated with management systems, the adoption of a more integrated approach and a greater emphasis on risk appraisal.
We are now half-way through the three-year period during which transition to the new standards must be completed. Given the amount of work required by some organisations, the time limit will become increasingly difficult.
Over the next 18 months, as we approach the September 2018 deadline, QCS will be sending out monthly update blogs on the new standards, of which this is the first. The blogs will include pointers to the kind of actions you need to be taking to meet the new requirements and some useful tips on where you should be to make a successful transition.
Note that for a successful transition you need to be speaking with your Certification Bodies now.
Waiting until 2018 means you could encounter difficulties securing the services of Certification Body Auditors, who will be extremely busy as the deadline approaches. Each Certification Body offers help and guidance through the process and should be able to explain their approach to transition to you.
If your current certificates (to ISO 9001:2008 or ISO 14001:2004) are set to expire in the next 18 months, then there is little or no value in having these maintained. Any new certificates will not be valid beyond September 2018 meaning that the costs of recertification will not give you the normal 3-year registration. In such circumstances transition and certification to the new standards now is desirable and cost effective.
Blog 17 (April release), will begin to explain what the structure of the new standards mean to those of you with certification to more than one standard:
Is integration the way ahead?
Meantime, if you think you need advice or guidance on your transition process you can call us at QCS International for a friendly chat, advice or assistance, or check out our websites and blogs on …
We are pleased to let all of our current and prospective clients know that QCS International is, from 1st January 2017, an Approved Training Partner of the Chartered Quality Institute/International Register of Certified Auditors. This new status provides all of our training delegates the assurance that our training is delivered to the highest possible standard, against a set of industry-recognised criteria.
All of our courses, previously approved by IRCA, are now recognised as part of a new structure of training reflecting different grades or levels of training required for differing roles or responsibilities of delegates within their organisations. QCS is pleased to offer training at all grades: foundation, practitioner and professional. The auditor training for which we are well known has not changed – it still reflects the grades of internal and lead auditor standing – but for CPD these are known as practitioner and professional courses within the CQI/IRCA framework.
Our new training programme for 2017 is now available to see on our website. We continue to offer the best value training in the market. Given our approved status you can be assured that whilst we may offer the lowest prices we have not compromised in the content or quality of what we deliver.
Should you ever have any questions about our training services, or want to find out about hosting an in house course at your premises which is a cost-effective way in providing your staff with the best training around, then do get in touch with Audrey Smith, Training Sales Director [email protected] or tel 01236-734447.
We reported in April that the new ISO 45001 would be delayed after the committee steering the new standard had not gained sufficient support in the vote to accept the draft. A final draft was not issued and the expected publication date was thrown in to doubt.
A new committee draft has, apparently been developed but not yet ready to be issued as a new Draft International Standard ‘2’. It appears some of the issues still to be ironed out relate to a desire amongst some members of the committee to add in further elements that do not necessarily fit in with the Annex SL, high level structure; for example the need to reflect more on the rights of ‘workers’ as specific interested parties.
Having said this we remain hopeful that a DIS2 will be issued in January 2017 to be made available for comment through consultation before a new vote on content, which may not take place until approximately May. This means that the date for a final draft and full publication is probably not going to take place before Autumn 2017. Some observers even suggest that there may be final delays – so keep an eye on our website and we shall publish news as we hear it.
Meantime, the British standard OHSAS 18001 remains in place and continues to be the most widely recognised standard for Health and Safety management throughout the world. We at QCS will continue to monitor progress on ISO 45001 and will provide feedback and comments as the process continues.
The MDSAP Pilot was intended to allow MDSAP recognized Auditing Organizations to conduct a single audit of a medical device manufacturer that will satisfy the relevant requirements of the medical device regulatory authorities participating in the pilot program.
International partners that participated in the MDSAP Pilot included:
- Therapeutic Goods Administration of Australia
- Brazil’s Agência Nacional de Vigilância Sanitária
- Health Canada
- Japan’s Ministry of Health, Labour and Welfare, and the Japanese Pharmaceuticals and Medical Devices Agency
- The World Health Organization (WHO) Prequalification of In Vitro Diagnostics (IVDs) Programme and the European Union (EU) are Official Observers
Following successful completion of the pilot Health Canada has been the first of the international partners to announce that they will be fully adopting the scheme.
As of January 1st 2019, Health Canada will only accept MD-SAP style audits to show compliance with Canadian regulations and conformity with the requirements if ISO 13485.
An interesting feature of these audits is the grading assigned to non-conformities which follows the GHTF guidelines (SG3/N19:2012).
When the nonconformity has the potential to affect safety or performance, it should be written against the specific requirement in ISO 13485 found in clauses 6.4 through 8.5, because it has direct QMS impact.
When the nonconformity is against the manufacturer’s quality manual, procedures or requirements, is not specifically required in ISO 13485 or does not impact safety or performance, then the nonconformity should be assigned to clauses 4.1 through 6.3, because it has indirect QMS impact.
If the nonconformity that has previously been identified in either of the two previous QMS audits (against the same sub-clause (X.X.X))
The nonconformity poses an increased risk because it is an indicator that a corrective action has not been adequately taken or implemented
Scoring and Escalation
The score can be further escalated by the two following scenarios;
- The absence of a documented procedure or process (the score is escalated by 1)
- The release of a non-conforming medical device as a result of the non-conformity (the score is escalated by 1)
Contact should be made as soon as possible with your certification body to ensure that you have planned arrangements for the assessment based on MDSAP criteria to take place if you sell medical devices into the Canadian market.