ISO 9001:2015

Quality Management Systems - International Standards

Quality Management Systems - Requirements

ISO 9001 is an international standard designed to provide companies and organizations with a common approach to applying a Quality Management System.  The intent of the standard is to make sure the organization applies the quality principles of strong customer focus, the motivation and implication of top management, the process approach and continual improvement. 

There are ten (10) primary sections that classify the requirements in ISO 9001 that mesh with the High-Level Structure many ISO Management System standards share (such as ISO 14001 and ISO 45001). Within these ten sections of the Standard are the specific requirements that an organization must apply to implement an QMS.  This alignment helps an organization to integrate many standards intone management system.

Over one million organizations in over 150 nations are registered to ISO 9001.  It also forms the base requirements for many other standards, including the aerospace AS9100, and the automotive IATF 16949 standards.

 

IATF 16949:2016

Quality Management Systems - for Automotive Production and Service Parts Organizations

Quality Management System requirements for automotive production and relevant service parts organizations

IATF 16949 is the automotive ISO Quality Management System Standard that in addition to the ISO 9001 standard outlines the expectations of an automotive supplier.  In addition to all the ISO 9001 requirements you also need to meet additional automotive supplier requirements such as PPAP, Measurement Systems Analysis and Customer Specific Requirements. The organization must address the requirements of both standards.

There are ten (10) primary sections that classify the requirements the same as ISO 9001 that mesh with the High-Level Structure many ISO Management System standards share (such as ISO 14001 and ISO 45001). Within these ten sections of the Standard are the specific requirements that an organization must apply to implement an automotive Quality Management System.  This alignment helps an organization to integrate many standards into one management system.

What about all those AIAG manuals?  Hang on to them, PPAP and MSA is to be used if the customer does not specify otherwise.  The remaining manuals are for reference (still have APQP, FMEA and SPC requirements.

 

AS9100D & AS9120B

Quality Management Systems - Suppliers to Aerospace and Defense Industry

Quality Management Systems - Requirements for Aviation, Space and Defense Organizations and AS9120 Distributors

SAE AS9100 is the quality system requirements for suppliers to the aerospace and defense industries. AS9120 is available for aerospace related distributors organizations.

The Standards have several additional requirements and amplifications of the ISO 9001 Standard. These standards contain requirements that were developed by the International Aerospace Quality Group (IAQG) and is the technically equivalent to AECMA prEN 9100 for European Aerospace suppliers.

The requirements specified in this standard are complementary (not alternative) to customer and applicable statutory and regulatory requirements.

All the requirements of these International Standards are intended to be applicable to any organization, regardless of its type or size, or the products and services it provides.

 

ISO 14001:2015

Environmental Management Systems

Environmental Management Systems - Requirements with
 guidance for use

The ISO 14000 series of standards that includes ISO 14001 Environmental Management Systems (EMS) grew out of the international success of the ISO 9000 series of Standards and the emergence of excessive country and regional standards for managing the environment.  

There are ten (10) primary sections that classify the requirements in ISO 14001 that mesh with the High-Level Structure many ISO Management System standards share (such as ISO 9001 and ISO 45001). Within these ten sections of the Standard are the specific requirements that an organization must apply to implement an EMS. This alignment helps an organization to integrate many standards into one management system.

ISO 14001 is not prescriptive, but requires specific commitments to regulatory compliance, prevention of pollution, and continuous improvement.

Intent: The application of the 14001 standard is to assist organizations achieve their environmental and economic goals and objectives.  The overall aim is to support environmental protection and prevention of pollution in balance with socioeconomic needs. The success of an EMS depends on a commitment from all levels and functions within an organization and especially from senior or top management.

Over 300,000 organizations in over 150 nations are registered to ISO 14001.  It also forms the base requirements for other standards such as the American Chemistry Council’s RC14001.

 

ISO 45001:2018

Occupational Health and Safety Management System - International Standard

Health and Safety Standard

ISO 45001:201 specifies requirements for an occupational health and safety (OH&S) management system, and gives guidance  for its use, to enable organizations to provide  safe and healthy workplaces by preventing work-related injury and ill health, as well as by proactively improving its OH&S performance. ISO 45001:2018 is applicable to any organization that wishes to establish, implement, and maintain an OH&S management system to improve occupational health and safety, eliminate hazards and minimize OH&S risks (including system deficiencies), take advantage of OH&S opportunities, and address OH&S management system nonconformities associated with its activities.  ISO 45001 is not prescriptive, but requires specific commitments to worker participation, regulatory compliance, prevention of injury, and continuous improvement.

There are ten (10) primary sections that classify the requirements in ISO 45001 that mesh with the High-Level Structure many ISO Management System standards share (such as ISO 14001). Within these ten sections of the Standard are the specific requirements that an organization ISO 9001 and must apply to implement an OH&SMS. This alignment helps an organization to integrate many standards into one management system.

 

RC14001:2015

Responsible Care® is the chemical industry's world-class environmental, health, safety and security performance initiative

Based on the ISO 14001 Environmental Management
 System (EMS)

A standard created by the American Chemistry Council (ACC) and has been expanded to address the  Responsible Care®  Principles.  The registration to this standard will address all requirements for registration to ISO 14001 and is available for all companies to register to without having to become a member of the ACC.  The ACC also developed another more simplified standard, for members, called the RCMS® which follows.

The application of the RC14001 standard is to provide organizations with the elements of an effective Environmental, Health, Safety & Security Management System (EHS&SMS) that can be integrated with or into other management systems requirements, to assist organizations achieve their environmental, health, safety, security and economic goals and objectives.  The overall aim is to support security, health and safety, environmental protection and prevention of pollution in balance with socioeconomic needs. The success of an EHS&SMS depends on a commitment from all levels and functions within an organization and especially from senior or top management.

RC14001 enables an organization to establish and assess the effectiveness of procedures to set a policy including objectives, achieve conformance with them, and to demonstrate conformance to others, including interested external parties.

The American Chemistry Council (ACC) has created two Technical Specifications that addresses the environment, health, safety, and security.  They are RC14001 and RCMS® .

 

RCMS:2019

Technical Specifications: Health, Safety, Security, and the Environment - American Chemistry Council

RCMS®  Environmental, Health, Safety, & Security
 Management System

The American Chemistry Council has created a Technical Specification that addresses the health, safety, security, and the environment and is available for Registration by ACC members/affiliates only.

Intent: The application of the RCMS® standard is to provide organizations with the elements of an effective Environmental Health, Safety and Security Management System that can be integrated with or into other management systems requirements, to assist organizations achieve their environmental, health, safety and economic goals and objectives.  The overall aim is to support Health, safety, security and environmental protection and prevention of pollution in balance with socioeconomic needs. The success of an RCMS® depends on a commitment from all levels and functions within an organization and especially from senior or top management.

RCMS® enables an organization to establish and assess the effectiveness of procedures to set a policy including objectives, achieve conformance with them, and to demonstrate conformance to others, including interested external parties.

Note 1: There are two  Responsible Care® Management System Technical Specification, the RCMS®  and the aforementioned RC14001.

Note 2: RC14001 registration is open to all companies but the RCMS document is limited to ACC and ACC Affiliate members.

* ACC members are required to address the Product Safety, Process Safety, and Security codes, as “other requirements to which the organization subscribes”.  External auditors will be required to verify these requirements are being met per the ACC timeline.

 

ISO 13485:2016

Quality Management Systems - Medical Devices

Medical devices - Quality Management Systems

An international standard designed to provide medical device suppliers with a common approach to applying a Quality Management System that addresses most FDA requirements.  The ISO 13485 standard was based on the ISO 9001 standard (but does not track with the ISO 9001:2015 numbering system). Unlike ISO 9001, Continuous Improvement and Customer Satisfaction are not as stressed in ISO 13485; instead, more emphasis is placed on regulatory requirements.

Intent: ISO 13485 is to provide for the development of a Quality Management System that ensures to prospective customers and regulatory bodies that the goods and services offered by the organization will meet customer and regulatory requirements. 

ISO 13485 can be applied to any type or size of organization that designs, develops, produces, installs or services medical devices

 

ISO 15189:2012

Quality and Competency - Medical Laboratories

Medical Laboratories - particular requirements for quality
 and competence use

The standard is basically the application of the ISO/IEC 17025 and ISO 9001 standards to a Medical Laboratory Accreditation to ISO 15189 requires that: The laboratory has a quality system meeting requirements of ISO 15189; The lab facility has adequate equipment to perform its testing tasks; The lab facility has adequate laboratory personnel with the competence to perform the testing; In addition, most accreditation schemes in the United States require proficiency testing amongst the laboratories.

Therefore, ISO 15189 is recognition of medical laboratory competence, while ISO/IEC 17025 and ISO 9000 are simply recognition of competency of a laboratory management system.

The intent of ISO 15189 is to provide confidence in medical laboratories because medical services are essential to patient care and therefore have to be available to meet the needs of all patients and the clinical personnel responsible for the care of those patients.

 

ISO 50001:2018

Energy Management System - International Standard

Energy Management System

The International Organization for Standardization (ISO) has released ISO 50001:2018, the management system standard for Energy Management System.

There are ten (10) primary sections that classify the requirements in ISO 50001 that mesh with the High-Level Structure many ISO Management System standards share (such as ISO 14001 and ISO 45001). Within these ten sections of the Standard are the specific requirements that an organization must apply to implement an EMS. This alignment helps an organization to integrate many standards into one management system.

ISO 50001 provides requirements for a systematic, data-driven, and facts-based process, focused on continually improving energy performance. The key explicit intended outcomes from implementing the standard is to achieve continual improvement in energy performance and the energy management system.

Contact Eagle Group® for more information on how we can support your system transition today!

 

ISO/IEC 17025:2017

General requirements for the competency of testing and calibration laboratories

General requirements for the competency of testing and
 calibration laboratories

Accreditation to ISO/IEC 17025 requires that the laboratory has a Laboratory Management System meeting the basic requirements of ISO 9001 and the competency to do testing or calibration.  Part of this competency is to ensure the lab facility has adequate equipment to perform its testing or calibration tasks; The lab facility has adequate laboratory personnel with the competence to perform the calibration and testing; In addition, most accreditation schemes in the United States of America. require proficiency testing amongst the laboratories to make sure the results can be trusted.

There are two schemes that an organization can chose from for their Laboratory Management System accreditation. Unlike ISO 9001 there are There are eight (8) primary sections that classify the requirements in ISO/IEC 17025. Within this standard are seven (7) sections that apply to laboratories implementing 17025 within their larger accredited/registered ISO 9001 Quality Management System) Option B, or all (8) eight sections of the Standard for Option A for organizations that are not already registered to an ISO 9001 or intending registration.

Therefore, ISO/IEC 17025 is recognition of laboratory competence, while ISO 9001 alone is simply recognition of conformance to a quality system.

Note:  A specific version of this standard for Medical Laboratories has been developed.    See  ISO 15189.

 

ISO/IEC  27001:2013

Information Security Management Systems - International Standard

Technology - Security Techniques - Information Security Management Systems - Requirements

ISO/IEC 27001 is an internationally recognized management system for managing information systems that follows the process-based Plan-Do-Check-Act model and parallels other popular Management Systems such as the popular ISO 9001 and ISO 14001 standards.

ISO/IEC 27001 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.

There are ten (10) primary sections that classify the requirements in ISO/IEC 27001 that mesh with the High-Level Structure many ISO Management System standards share (such as ISO 9001 and ISO 14001). Within these ten sections of the Standard are the specific requirements that an organization must apply to implement an Information Security Management System.  This alignment helps an organization to integrate many standards into one management system.

 

ANSI/API RP 1173:2015

Pipeline Safety Management Systems

Pipeline Safety Management Systems

An American Petroleum Institute Recommended Practice designed to provide pipeline operators recommended guidance on how to develop and maintain a system for pipeline safety.  The RP 1173 addresses environmental management, occupational health, personnel safety, and risk management.  The document has rough equivalents to ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018, but does not track with the aforementioned ISO numbering systems.

The intent of this Safety Management System is to effectively manage and continually improve the safety of pipeline management with the industry wide objective of zero incidents. .

 

Risk-Based Performance Standards

Chemical Facility Anti-terrorism program (CFATS) - Congress mandated the Department of Homeland Security (DHS) to implement the Chemical Facility Anti-terrorism Standards (CFATS) that high-risk chemical facilities must meet to comply with the Act.

CFATS establishes eighteen Risk-Based Performance Standards (RBPSs) that identify the areas for which a facility's security program will be examined. To meet the Risk-Based Performance Standards, covered facilities are free to choose whatever security programs or processes they deem appropriate, so long as they achieve the requisite level of performance in each applicable area. Each of the RBPSs describe the performance level expected of the facilities based on their status (Tier 1, Tier 2, Tier 3 and Tier 4)

International Traffic in Arms Regulations (ITAR) - For organizations that are involved in the exporting of any defense products, services, or related technical data this set of export control laws are designed to prevent unauthorized foreign nationals from procuring accessing physical materials or technical data related to defense and military technologies is restricted.

Proposition 65 -  is officially known as the Safe Drinking Water and Toxic Enforcement Act of 1986. Designed to protect California’s drinking water sources from being contaminated with chemicals known to cause cancer, birth defects or other reproductive harm, and requires businesses to inform Californians about exposures to such chemicals.  These requirements are extended to out of state manufacturers and requires the organization to provide a consumer warning and applies regardless of whether a business is located in California or out-of-state, as long as its products cause exposures to individuals in California.

Security Vulnerability Assessments (SVA) - A vulnerability assessment of your security weaknesses, these weaknesses can be of a variety of nature’s such as information systems, transportation routes, of physical facilities. It evaluates if the system/organization is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed.  For instance many chemical handling organizations are subject to the federal requirement “Chemical Facility Anti-Terrorism Standards (CFATS)” which requires the organization to do a Security Vulnerability Assessment per the Chemical Security Assessment Tool (CSAT).