Greetings!

Welcome to Sustaining Edge Solutions E- Newsletter

Our newsletters provide guidance on operational and quality systems ISO 9001, AS9100, ISO/TS 16949, TL 9000, ISO 13485, ISO 14001, and others. This includes process improvement methods Six Sigma, Lean Enterprise, and other topics of interest to our readers.

If you have any questions about the articles appearing in this issue, or you want to suggest topics for future issues, please let us know.

Newsletter Sign-up

Thanks for your Support!

The ISO 9001:2000 quality standard addresses the control of records, but only includes three sentences of requirements:

1. Records must be established and maintained to provide evidence of conformity to requirements and of the effective operation of the quality management system.
2. Records must remain legible, readily identifiable and retrievable.
3. A documented procedure must be established to define the controls needed for the identification, storage, protection, retrieval, retention time, and disposition of records.

If you want to know more about records management than included in ISO 9001:2000, you should look at ISO 15489-1:2001, Information and Documentation – Records Management.

Records
According to ISO 15489-1:2001, records are information created, received, and maintained as evidence in pursuance of legal obligations or in the transaction of business. Records contain information that is a valuable resource and an important business asset. A systematic approach to managing these records is essential to protect and preserve them as evidence of actions.

A records management system results in a source of information about business activities that support subsequent activities and business decisions, as well as, ensure accountability to present and future stakeholders.

Records Management
ISO 15489-1 defines records management as the field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use, and disposition of records, including processes for capturing and maintaining evidence of, and information about, business activities and transactions in the form of records.

Policy
Organizations should define and document a policy for records management. The objective of the policy should be to create and manage authentic, reliable and usable records that are capable of supporting business functions and activities for as long as they are required.

Authenticity
An authentic record is one that can be proven to 1) be what it claims to be, 2) be created or sent by the person purported to have created or sent it, and 3) be created or sent at the time indicated.To ensure the authenticity of records, an organization should implement and document policies and procedures that control the creation, receipt, transmission, maintenance, and disposition of records.
Record policies and procedures should ensure that record creators are identified and authorized, and that records are protected against unauthorized addition, deletion, alteration, use, and concealment.

Reliability
A reliable record is one whose contents can be trusted as a full and accurate representation of the applicable transactions, activities, or facts. They can be depended upon during subsequent transactions or activities as being reliable. Records should be created at the time of the related transaction or incident, or soon afterwards, by individuals who have direct knowledge of the facts, or by instruments routinely used within the business to conduct the transaction.

The system that manages the records should be capable of continuous and regular operation in accordance with applicable procedures and provide ready access to all relevant records.

Integrity
The integrity of a record refers to its being complete and unaltered. Records must be protected against unauthorized changes. Policies and procedures should specify what additions or annotations may be made to a record after it is created, under what circumstances they may be authorized, and who is authorized to make them. Any annotation, addition, or deletion of a record should be explicitly indicated and traceable.

The record system should include controls for access monitoring, user verification, authorized destruction, and security to prevent unauthorized access, destruction, alteration, or removal of records.

Usability
A usable record is one that can be located, retrieved, presented, and interpreted. The record should be capable of being connected to the business activity or transaction that produced it.

You can order ISO 15489-1:2001 at the ANSI eStandards Store.

The second edition of ISO 14971:2007, Application of Risk Management to Medical Devices, has been released. The revised version aligns better with ISO 13485:2003 requirements and provides an improved model for implementing a risk management system.

ISO 14971:2007 specifies a process for a manufacturer to identify the hazards associated with medical devices, including in vitro diagnostic (IVD) medical devices, to estimate and evaluate the associated risks, to control these risks, and to monitor the effectiveness of the controls. The requirements of ISO 14971:2007 are applicable to all stages of the life- cycle of a medical device.

ISO/TR 14969:2004 provides guidance for applying the requirements for quality management systems contained in ISO 13485. It does not add to, or otherwise change, the requirements of ISO 13485. It does not include requirements to be used as the basis of regulatory inspection or certification assessment activities. However, its guidance can be used to better understand the ISO 13485 requirements and to illustrate some of the methods and approaches available for meeting those requirements.

Purchase the Standard for $160 at the ANSI Site

Have you heard about FMEA, but remain unsure of its use as a quality tool?

Well, FMEA is the acronym for Failure Modes and Effects Analysis. failure Modes are the ways in which something might fail. The failures are actual or potential errors or defects, especially those affecting the customer. Effects Analysis refers to studying the consequences or effects of those failures.

Failures are prioritized according to the seriousness of their consequences, the frequency of their occurrence, and likelihood of their detection. The purpose of FMEA is to take actions to eliminate or reduce failures, starting with the higher priority ones.

FMEA is used during design to prevent failures. Later, it is used for control before and during operation of the process. Ideally, FMEA begins during the earliest conceptual stages of design and continues throughout the life of the product or service. It is a step- by-step approach for identifying all possible failures in a design, a manufacturing or assembly process, or a product or service.

To see an FMEA example, go to this ASQ web page

The CE Mark is mandatory for a wide range of products sold in the European Union. The CE Mark has been described as a “passport” that allows manufacturers to trade industrial products freely within the internal EU market. The CE Mark indicates the manufacturer has undertaken all assessment procedures required for the product. The CE Mark is not a quality mark and does not indicate conformity to a standard; it indicates conformity to the legal requirements of the EU directives.

General Steps for Getting the CE Mark

1. Identify all applicable EU directives (laws).
2. Assess your product to the “essential requirements” of the directives.
3. Choose the appropriate conformity assessment.
4. Determine the applicable standards.
5. If required, choose a competent body in US to perform product tests.
6. If desired, choose an authorized representative for your company in EU.
7. Prepare a technical file, including a users manual, for products with high risk hazards.
8. Assemble the required approvals and certificates.
9. Prepare a Declaration of Conformity for each applicable directive.
10. Affix the CE Mark in accordance with the laws.

Obtaining authority to attach the CE Mark is often thought to be difficult and time-consuming. However, in many cases it is not.

view the CE Mark PDF brochure at the NIST web site.

Our October-December course schedule is now posted on our website

To see the course description, schedule, and on-line registration click on the course title below. Courses are awarded Continuing Education Units.

Understanding & Implementing ISO9001:2000
ISO 9001:2000 Process Based Internal Auditor
Documenting Your Quality Management System

Understanding & Implementing AS9100B:2004
AS9100B: 2004 Process Based Internal Auditor
Documenting Your Quality Management System

Understanding and Implementing ISO/TS16949:2002
ISO/TS16949:2002 Process Based Internal Auditor
Documenting Your Quality Management System

Understanding and Implementing ISO14001:2004
ISO14001:2004 Process Based Internal Auditor

The Five Pillars of a Lean Workplace Organization
Continuous Process Improvement
Lean Six Sigma

All courses can be delivered at your company. Don’t see a course, location, or date that fits your needs?

Contact Us

phone: 888-572-9642

web: http://www.sustainingedge.com