Welcome to Sustaining Edge Solutions Performance Improvement Newsletter

The principal highlights of “The ISO Survey of Certifications 2009” are that ISO 9001, the global benchmark for quality management, has topped one million certifications, and that certifications to ISO 22000 for food safety management systems, and to ISO/IEC 27001 for information security management systems have rocketed.

ISO states in the introduction to the survey that the 8-percent increase in ISO 9001 certificates, compared with the 3-percent increase in 2008, “confirms the importance of ISO 9001 in the global supply chains and as the pioneering model on which subsequent management system standards have been built and flourish.”

ISO 9001

ISO 9001 (certifications to 2000 and 2008 editions cumulated), which gives the requirements for Quality Management Systems, is now firmly established as the globally implemented standard for providing assurance about the ability to satisfy quality requirements and to enhance customer satisfaction in supplier-customer relationships.

Up to the end of December 2009, at least 1,064,785 ISO 9001 (2000 and 2008) certificates had been issued in 178 countries and economies. The 2009 total represents an increase of 81,953 (more than 8%) over 2008, when the total was 982,832 in 176 countries and economies.

ISO 14001

ISO 14001, which gives the requirements for Environmental Management Systems, retains its global relevance for organizations wishing to operate in an environmentally sustainable manner.

Up to the end of December 2009, at least 223,149 ISO 14001 certificates had been issued in 159 countries and economies. Annual growth is stabilized at almost the same level as in 2008-34,334 in 2009, compared to 34,242 in 2008, when the total was 188,815 in 155 countries and economies.

ISO 13485

ISO 13485 gives quality management requirements for the Medical Device Sector for regulatory purposes. Up to the end of December 2009, at least 16,424 ISO 13485 certificates had been issued in 90 countries and economies. The 2009 total represents an increase of 3,190 (about 24%) over 2008 when the total was 13,234 in 88 countries and economies.

ISO/IEC 27001

ISO/IEC 27001 gives the requirements for Information Security Management System. At the end of 2009, at least 12,934 ISO/IEC 27001 certificates had been issued in 117 countries and economies. The 2009 total represents an increase of 3,688 (more than 40%) over 2008 when the total was 9,246 in 82 countries and economies.

ISO/TS 16949

ISO/TS 16949 (certifications to 2002 and 2009 editions cumulated) gives the requirements for the application of ISO 9001:2000 by Suppliers in the Automotive Sector. Up to the end of December 2009, at least 41,240 ISO/TS 16949 certificates had been issued in 83 countries and economies.

AS9100

Certifications to AS9100 gives the requirements for the application of AS9100B Aerospace Standard. Current registrations to this revision is 12,186. The current revision AS9100C:2009 Aviation, Space and Defense Organizations Standard registrations is 329. All registered organizations to revision B will be obsolete by July 2012 and do require transition to the new revision.

“Each year, the release of the latest ISO Survey is an eagerly awaited event as the primary source of information on the importance of ISO’s management system standards to the global economy,” says ISO secretary-general Rob Steele. “For the first time, the new edition is being published on a CD-ROM containing Excel files of the surveys from the first, in 1993, up to the end of 2009. Making this data available in one place will facilitate comparison and extrapolation and make the survey an even more useful business tool.”

Interested in improved profitability, higher sales, and reduced operating costs? Contact us for all your needs regarding any of these proven global management systems.

Risk management consists of identifying those potentially undesirable situations, assessing their probability of occurring, understanding what the impact may be should the event happen, and determining what to do if the risk level is too high. Situations can be defined as failures and defect rates can be used to identify risk potential.

The new version of the aerospace standard AS9100:2009 (Revision C) requires companies to assess and manage the risks involved with providing their product or service. Risk is defined in the standard as “an undesirable situation or circumstance that has both a likelihood of occurring and a potentially negative consequence.” We do strongly suggest that a formal risk management process is key to any organization, not just the aerospace industry.

The new requirement is to implement a risk management process applicable to the product and organization covering: responsibility, criteria, mitigation & acceptance. This includes

• assignment of responsibilities for risk management,
• definition of risk criteria,
• identification, assessment and communication of risks throughout product realization,
• identification, implementation and management of actions to mitigate risks that exceed the defined risk acceptance criteria, and
• acceptance of risks remaining after implementation of mitigating actions.

Risk Management was placed in clause 7.1.2 Product Realization. To be effective and compliant, the risk management process must begin with determination, review, and acceptance of product or service requirements and throughout product realization.

Implementation and audit considerations can include

• Does the organization have a risk management process that addresses all of the applicable requirements?
• Is the definition of risk appropriately understood and applied in that process?
• Are risks successfully managed in the organization?

Let’s look at some examples of Risk Management Criteria.

(1) Employees – the organization needs to ensure the safety, training, and qualifications of employees. (2) Process – managing process variation is critical to risk management and mitigation. (3) Design – building quality into the product design from the start, including it’s affect on planning. (4) Manufacturing – ensuring that manufacturing is more efficient with streamlined quality planning. (5) Equipment – ensuring that equipment can meet capabilities, current and future. (6) Environment – ensuring that the operations are not compromising the environment (adequate lighting, temperature control, noise, cleanliness, etc). (7) Security – managing the security needed by the facility. (8) Project – ensuring project risks are evaluated before beginning.

The requirement of “establish, implement, and maintain” requires a formal documented risk management system. Examples of risk management tools that can be used (but not specifically identified in the standard) include

• Failure Mode and Effects Analysis (FMEA)
• Fault Tree Analysis (FTA)
• Probabilistic Risk Assessment (PRA)
• Event Sequence Diagram (ESD)
• Reliability Block Diagram (RBD)

A formal risk management process is critical for success and will always provide a positive return on investment to the organization and its customers.

Contact us for all your AS9100C and risk management needs.

November 1st sees the launch of one of the most eagerly awaited ISO International Standards of recent years, ISO 26000:2010, Guidance on social responsibility, which provides guidance to both business and public sector organizations on social responsibility (SR).

Rob Steele comments: “The publication of ISO 26000 is eagerly awaited by organizations worldwide, whether they are business enterprises, or public sector organizations. Operating in a socially responsible manner is no longer an option. It is becoming a requirement of society worldwide. What makes ISO 26000 exceptional among the many already existing social responsibility initiatives is that it instills a truly international consensus on what social responsibility means and what core subjects need to be addressed to implement it. In addition, it is based on broad stakeholder input, including developing countries, business, government, consumers, labor, nongovernmental organizations and others.”

According to the standard, the perception and reality of an organization’s performance on social responsibility can influence, among other things:

• Competitive advantage and Reputation
• Ability to attract and retain workers or members, customers, clients or users
• Maintenance of employees’ morale, commitment and productivity
• View of investors, owners, donors, sponsors and the financial community
• Relationship with companies, governments, the media, suppliers, peers, customers and the community in which it operates.

ISO 26000 is a voluntary guidance standard that is not to be used for certification, unlike ISO 9001:2008 (quality management) and ISO 14001:2004 (environmental management) which can be used for certification.

NIST’s Awards Projects to Enhance U.S. Competitiveness. The National Institute of Standards and Technology (NIST) has awarded $9.1 million in cooperative agreements for 22 projects designed to enhance the productivity, technological performance, and global competitiveness of U.S. manufacturers. Covering areas from supplying the wind energy industry to introducing advanced manufacturing simulations in small- and medium-sized businesses, the projects are described in this NIST news release.

Report: Opportunities to Improve U.S. Engineering Education.“Enabling Engineering Student Success,” a new report released by the Center for the Advancement of Engineering Education (CAEE) and available for download at the center’s website, identifies key opportunities for improving how engineering students are currently being prepared for professional practice. The recently concluded Academic Pathways Study (APS), a major component of the report, involved a broad collaboration of scholars who conducted multiyear studies involving more than 5,400 students at more than 20 institutions. The research also included 100 newly hired graduates to round out a detailed picture of the paths engineering students take as they enter, experience, and graduate from undergraduate degree programs.

2011 ASQ Lean and Six Sigma Conference. February 28 through March 1, 2011, in Phoenix, AZ. Attend to advance your Lean and Six Sigma knowledge.

To see the course description, schedule, and
on-line
registration click on the course title below. We do provide onsite and custom training.

View all our Courses

View Our Web Based E-Training Courses

Understanding and Implementing ISO9001:2008

ISO 9001:2008 Process Based Internal Auditor

Documenting Your Quality Management System

Understanding and Implementing AS9100C:2009 Aerospace-NEW

AS9100C:2009 Process Based Internal Auditor- NEW

Documenting Your Quality Management System

Understanding and Implementing ISO/TS16949:2009 Automotive

ISO/TS16949:2009 Process Based Internal Auditor

Documenting Your Quality Management System

Understanding and Implementing ISO14001:2004 Environmental

ISO14001:2004 Process Based Internal Auditor

The Five Pillars of a Lean Workplace Organization

Continuous Process Improvement Lean Six Sigma

8 Disciplines (8D) of Problem Solving

Understanding and Implementing ISO 13485:2003 Medical Devices

ISO 13485 Process Based Internal Auditor

Understanding and Implementing ISO 27001:2005 Information Security

ISO 27001 Process Based Internal Auditor

All courses can be delivered at your company.
Don’t see a course, location, or date that fits your needs?

Contact Us

email: wtighe@sustainingedge.com

phone: 888-572-9642 Toll Free

web: http://www.sustainingedge.com