Through the years, NQA has been a supporter of various charitable organizations.  Often this support comes through our staff getting involved in fundraising events around the community.  On that note, if you’ve never heard of Tough Mudder, you might just want to take a few minutes to check it out at www.toughmudder.com.    Although it may sound like an event fit for jeeps and trucks with big tires, instead it’s a test of endurance for the soul willing to run (walk or crawl) through a 10-12 mile course designed by the British Special Forces.  It’s also a venue for some of the NQA staff to support our US Veterans.

Director of Business Development, Kirsten Smith and Accountant, Carol Aguiar will team up on May 5^th to participate in the 2012 Tough Mudder event at Mt. Snow, VT.   They’ll battle the elements (who knows WHAT the weather will bring to New England in early May!) and try to overcome the 30 course obstacles, including Death March, Mud Mile, Berlin Walls, Underwater Tunnels and more.  And though it may seem like a truly insane challenge to some, Kirsten and Carol recognize the significance of contributions toward the organization’s Wounded Warrior Project.

On their website, you’ll find a great description of this program.  “Tough Mudder participants have raised more than $2 million to support the Wounded Warrior Project. These funds help support thousands of warriors returning from the battlefield by providing combat stress recovery programs, adaptive sports, benefits counseling, education and employment services, and other programs that aid in the healing of the mind, body and spirit of these brave Americans.”

If you’d like to support the Wounded Warrior Project, go to https://www.RaceIt.com/fundraising/fundraise.aspx?event=2837&fundraiser=4091.   And keep your eye out in the future for pictures that include evidence of our NQA Tough Mudders having accomplished their goal!

The Property and Emergency Communications Divisions of the Houston Police Department (HPD) were certified to ISO 9001:2008 in September 2011.  HPD, the largest police department in Texas, and the fifth largest in the United States, pursued ISO 9001 certification, in part, because it establishes clear guidelines and goals against which they can measure achievements. HPD determined that the ISO quality management system (QMS) provides the ideal business model to further the Department’s commitment to continually improve its effectiveness in serving the needs of the community.

Implementing the ISO business model in one police division would have been an ambitious undertaking.  After all, ISO is a quality benchmark more common in private industry and new to the law enforcement community.  HPD decided to simultaneously pursue ISO certification in a second operational unit; the Property Division.

Challenges to Overcome

The Emergency Communications Division (ECD) is typically the first point-of-contact HPD has with the citizens of Houston, Texas.  To that end, ECD dispatches over 1.2 million calls-for-service (CFS) every year to include calls handled utilizing alternative response strategies.  The process is designed so that 9-1-1 calls are initially received by a cadre of independent call takers who then distribute CFS requests to Houston’s Police Department and / or Fire Department, accordingly.  Implementation of the ISO model created an acute awareness of individual processes and of a few boundaries that existed between them.   Process Owners and Users alike communicated improvement ideas that, heretofore, had remained dormant or simply not introduced.  This would include an open exchange of ideas between the 9-1-1 Call Taker and Dispatch operations.  Essential supplier-customer relationships were strengthened and several longstanding – and performance impacting – boundaries were dissolved.

Across town, Property Division staff members faced a different challenge at the outset of the ISO journey.  June 2009, marked the opening of a new state-of-the-art property and evidence storage facility in Houston.  While moving into a new $13.2 million dollar (LEED Certified) building was a much welcomed upgrade, there was a clear need for substantive change to the Property Division’s business model.  The ISO – QMS would be implemented, but with hundreds of thousands of items to be moved, the timing to launch this ambitious endeavor was certainly in question.

Achieving a delicate balance of not impeding daily operations, while transferring property from one edifice to another, was critical.  Three hundred (plus) items would be transferred, repackaged, re-labeled, bar coded and stored into the new building.  In addition, numerous meetings and training sessions were held to simultaneously implement the ISO – QMS.  At times, it felt like “trying to change four tires on a vehicle traveling at 60 miles per hour.”  The determined HPD Property team also prevailed, validating that this was indeed the perfect time for comprehensive renovation.

A Cultural Shift

Countless improvements were realized in both divisions during the course of the QMS implementation.  As stakeholders became more engaged and empowered, several time and cost saving ideas emerged.  Process maps allowed everyone to actually see the sequence and flow of tasks and to identify redundancies, inefficiencies and non-value added activity.  Similarly, this visual approach also made it possible to ensure process interconnectivity, or lack thereof.

To be sure, a burgeoning consciousness for quality improvement began to emerge that has since, been self-sustaining.  John J. Cantú, Management Representative for the project, stated, “As stakeholders from the Property and Emergency Communications Divisions became genuinely engaged, untapped knowledge and expertise was leveraged to yield powerful results. Performance improvement has been realized in virtually every work process and the impetus to perpetuate mutually beneficial supplier-customer relationships is now established.”

Registration Audit

The Houston Police Department selected National Quality Assurance (NQA) to conduct the required third-party audit.  Management Representative, John J. Cantú, commented, “All NQA representatives were extremely informative as we prepared for the two-stage audit.  Lead Auditor, Bill Scanlon, also provided valuable insight as we navigated through this process.  His expertise and professionalism were extremely helpful.”  Mr. Cantú also expressed appreciation to NQA’s Terri Sena, Regional Sales Manager, who formally presented the ISO 9001:2008 certificates to Houston Mayor, Annise Parker and HPD’s Chief of Police, Charles A. Mc Clelland, Jr.

As NQA embarks on the leading edge of a new certification program for Organizational Preparedness called PS Prep, we strive to keep stakeholders abreast of useful resources around this new program.

PS Prep and Organizational Preparedness is something all businesses should consider, but we understand that while the concepts of management systems may be familiar to NQA customers, concepts of preparedness and continuity may not be… we hope that such resources help bridge any potential gaps.

This month, you will find links to two separate sources “in the know” with regard to PS Prep in particular.  If your organization is considering an enhanced Preparedness (EM/DR/BC) Strategy, we encourage you to become familiar with some of the additional information out there:

• Lynnda Nelson of ICOR presides over one of the early-adopters and accredited providers of PS Prep and associated “resilience” training.  Her recent article “A Guide to PS-Prep Certification” contains a good outline of the PS Prep program as it stands today.

• Continuity Compliance is another great resource for information regarding PS Prep and other related business strategies such as Risk Management and Cybersecurity.  Their “PS-Prep Overview“provides a no-nonsense primer on key components of PS Prep.

Organizations wishing to explore early-adopter status in DHS’ PS Prep program should contact NQA at info@nqa-usa.com, or the Business Unit Director, Tim Woodcome at twoodcome@nqa-usa.com.

The requirements for Internal Audits in ISO 9001 can be also considered to have the 4 phases: “Plan, Do, Check, and Act Cycle” (PDCA), in the same manner as the Quality System. When preparing for an organization’s first audit program, emphasis is usually placed on the individual’s planning for their internal audit assignment. However, for that planning to be successful, consideration must be given to where and when the audit should be performed. In this, the second newsletter to look at Internal Audits, we discuss scheduling.

Death and Taxes

 Ben Franklin wrote “The only two certainties in life are death and taxes.” And, for those of us who are responsible for determining when and where to internally audit the Quality Management System, that’s a very true statement, because, when it comes to determining the plan for internal audits, there is very little that’s predictable about what should be audited, and when. Although it’s usual to put together a 12 month calendar, which identifies processes, departments or similar, which are going to be the focus of a ‘cycle’ of audits, often we miss what’s keeping management ‘awake at night’.

Ben Franklin’s advice was, in actual fact, only partially true because when considering an audit schedule, there are some “Immovable Feasts” or dates which relate to an organization’s planned events, which may include:

• Seasonally related activities – harvesting, vacation coverage, etc
• Certification Body Audit visits (once registered)
• Regularized Customer visits
• Regulatory Audits/inspections
• Product Certification surveillance visits

In all other respects it is difficult to predict – without a crystal ball – which part(s) of the Quality Management System should be audited and when, particularly 6 -12 months in advance. Although it is normal to construct a calendar, there is no actual requirement to do so in ISO 9001.

Indeed, the previous guidance document, ISO 9004:2000 stated (in part)“Planning for internal audits should be flexible in order to permit changes in emphasis based on findings and objective evidence obtained during the audit.”

Start As You Mean To Continue – NOT!

In the early stages of implementing a QMS, based on ISO 9001, it is usual and very natural to ensure that all the ISO 9001 requirements have been internally audited. No organization should enter into the ISO certification process knowingly, without ensuring that their whole system is, in fact, implemented as a network of connected processes and is producing the desired results, as defined. It is likely that to attain that level of preparation, auditors will do one huge audit or a number of smaller audits, performed over s relatively short time frame of just a few months.

Once the Quality Management System has been determined to be in compliance with the ISO 9001 requirements, it is unlikely that the same audit strategy is going to be suitable and effective to sustain the needs of the organization in the future. The challenge is to use audits for a higher purpose than preparing for a Certification Body ‘stage1’ or ‘stage 2’ audit. If we consider a graph of QMS maturity over time we can see that an internal audit programme must also follow the maturity of the system, to be capable of providing the information the organization’s management will need. Put simply, telling Management that their people “weren’t following procedures”, isn’t going to cut it!

With the movement of management systems standards to incorporation of risk and risk management, clearly, internal audit programmes will also be required to ‘step up’. The newest version of the auditing guidance document, ISO 19011 has a significant addition of risk:

“This International Standard introduces the concept of risk to management systems auditing……It does not provide specific guidance on the organization’s risk management process, but recognizes that organizations can focus audit effort on matters of significance to the management system.”

Risk is a concept which is often kept in the forefront of management’s collective mind. Risks are normally associated with:

• People
• Products
• Process

And, since events, actions and timeframes which are co-incident with the risk are often also on management’s mind too, it follows that for internal audits to be a useful tool, management – the risk ‘owners’ – must be involved in the timing, scope and criteria used for those audits, to ensure the correct parts of the business fall under the spotlight.

Push You or Pull Me?

Compliance based internal audit programmes rely on the audit process owner pushing the schedule/calendar, timing, scope etc. of audits, to management. This is fine in the phases before and immediately after formal implementation and Certification of a management system. Once beyond that, a pull system should be used, where management actively seek the ‘services’ of the audit programme, to evaluate risk and assist with risk mitigation. This change from push to pull has already been demonstrated as effective, under the ‘Demand Flow’ techniques of the Toyota Production System – which allows flexibility in scheduling, economies and effective/efficient manufacturing in response to customer demand.

Of course, in changing the manner in which audits are scheduled may lead to changes in other aspects of the Quality Management System, in particular, the cornerstone ‘Management Review’ activities. In the next newsletter, we’ll evaluate what options are open to make Management Review one of the most productive requirements of ISO 9001.

NQA’s Director of Conformity Assessment will be presenting at this year’s International Conference on ISO 9000, to be held February 26, 27, and 28 in Orlando, FL at the Hyatt Regency Grand Cypress.

Business Continuity Plans are hitting close to home for many organizations now. Seemingly an ever-increasing number of both minor and major incidents can serve to disrupt normal operations. Many organizations think they have this covered with existing disaster recovery plans. However, one weakness of a singular plan is the lack of effectiveness when it comes time to actually put the plan to use. The recent deployment of the PS-Prep(tm) program by the Department of Homeland Security was targeted at giving the private sector a stronger model using several best-in-class standards.

For more information on the International Conference on ISO 9000 and to register to attend, visit their website: www.iso9000conference.com. Be sure to stop and visit us in the NQA booth as well to speak with both Tim Woodcome and Randy Pittman.

A big “Thank You” to all those who attended NQA’s recent West Coast Conference 2012.  More than 150 participants filled the sessions varying in topics such as AS9100 Lessons Learned, ISO 9001 Internal Audits: A Risk Based Approach, Information and IT Management Systems: Minimizing Risks and Gaining and Edge through a Standardized Process Management Approach, and ISO 13485 Implementation. Additional topics included Counterfeit Parts Prevention, PS Prep/Business Continuity, and ISO 14001 Review.

NQA staff members and Lead Auditors presented relevant industry information during each session, then fielded questions and led discussions. NQA President, Kevin Beard commented, “Many organizations say they are compliant to the requirements of ISO 9001 and other standards, but world-class organizations continue to look for improvements.  It’s important to continue to raise these topics for discussion, and to encourage idea sharing in sessions such as these.”

The general consensus was a positive reaction to the day’s proceedings, with many attendees enjoying the opportunity to learn first-hand from NQA along with the chance to meet other ISO-certified organizations. Alan Lenny, Quality Manager with ThyssenKrupp Aerospace commented, “I would like to express my deep gratitude for inviting me to this conference and my appreciation for the information shared.  I went to the conference with the goal to glean as much as possible about AS9100 C and assuage my fears and anxieties, and Bob provided a great presentation to help me feel more comfortable.  But I really appreciated Andy’s presentation on risk based internal audits.  His presentation opened a new way of thinking for me on internal audits helping me break down paradigms I helped create many years ago.  This is a turning point for me and my organization.”

NQA looks forward to hosting another west coast conference in 2013.

by Nadia Perreault, NQA Lead Auditor

It is not unusual for NQA-USA’s Business Development Group to receive weekly inquiries about the application of the ISO 13485 Standard in specific business environments.  In some cases the ISO 13485 Standard would be an addition to an existing certification, in other cases the motivation could be internally driven or customer dictated.  Regardless of the incentive, many companies have seen the benefits of achieving an ISO 13485 certification.   The NQA-USA ISO 13485 certified companies cover a wide range of businesses.   For example, NQA has certified raw material suppliers, manufacturers of electrical components, manufacturers of tumor marker antigens and antibodies, packagers of dental implants and manufacturers of partially finished hips and knees.  The following three customers share their reasoning for obtaining ISO 13485 registration and explain the benefits that they’ve experienced.

Biomedical Structures (BMS), located in Warwick, RI, was funded in 2003.  When they received their ISO 13485 certification in 2008, their sales were approximately 1.2 million.  By 2011 BMS had increased their business by 358%. This growth was “very surprising given the business climate and the economy” stated Kevin Johnson, Director of Quality & Regulatory affairs. The management of BMS went on to say “this growth is perceived to be due to the growing awareness and understanding of the capabilities of textiles in the area of Orthopedic and Cardiovascular applications.”  The BMS management says “business growth was directly related to positive impressions that our customers recognized by us obtaining certification to ISO 13485.”  They go on to say the specific benefits are:

“•  Quality Management System which maintains compliance to the requirements of the medical device industry and is in line with the FDA QSR standards.

•   Improved manufacturing controls and procedures that ensure safe and effective medical devices.

•   Greater assurance that product will continue to meet customer specifications.

•   Improved Risk Management and Design Controls to assist customers in the development and improvement of their products.

•   Improved efficiency in assisting customers obtain market clearance and approval to meet aggressive sales and marketing goals.”

The scope for Arkadia Plastics, located in New Britain, CT is “Design and development of thermoplastic compounds for medical and non-medical applications” had initially become ISO 9001 certified and in 2010 elected to upgrade to ISO 13485 to appeal to the medical device industry.  Kate Bouras, the Management Representative and Office Manager for Arkadia states “Without a doubt the implementation of ISO 13485:2003 has contributed to the efficiency, productivity and consistency of our organizational system. The confidence of the existing customers has been increased resulting in a 30% increase of sales. In addition the certification constitutes a key factor to the approach of new customers since over 10 medical companies have added Arkadia Plastics to their Approved Supplier List after our registration. Being ISO 13485 certified gives us the opportunity to survive and expand in the really competitive environment of the medical industry.”

New England BioLabs (NEB), located in Ipswich, MA are currently ISO 9001 and ISO 14001certified.  They have recently successfully completed their ISO 13485 Stage 1 audit, and will have their Stage 2 mid-February.  The NEB scope is “The design, development, production and distribution of molecular biology and related reagents, in both standard and custom formats, for applications in both academic and industrial research.”

John Pelletier, the Director of OEM and Customized Solutions, is looking forward to announcing  states “the enhancement of our Quality Management System towards the ISO 13485 Quality Standard with NQA as our registrar. We view ISO13485 certification as an essential element to serving our customers with the highest level of product quality and service they have come to expect from NEB over the last 37 years.  This more stringent quality standard will also provide a stronger platform by which our various teams collaborate with customers to address market needs from a number of perspectives – including customer satisfaction, product development, regulatory compliance, and risk mitigation – all of which will ensure NEB continues to operate from the strongest position possible in meeting the needs of our existing customer base, and our growing customers in the Molecular Diagnostics arena, for many years to come.

Lance Goodreau, the Director of Quality Management Systems states “New England Biolab’s decision to become ISO 13485 certified is fueled by our long established history and passion for providing our customers with the very best products and service in the Life Sciences Industry.  Our customer base is continuously broadening the spectrum of applications served by our product portfolio.  This currently includes Molecular Diagnostics, or other similar platforms, which may be regulated as medical devices.  By complementing our existing ISO 9001 Certification with ISO 13485 it has helped NEB to appropriately position our Quality System to meet the expectations of all of our customers and their various scientific or commercial applications.  Additionally, it is has enabled us to identify and yield several internal efficiency opportunities that were recognized through the planning and implementation efforts.”

If you’re considering an ISO 13485 registration to improve efficiencies, meet customer requirements or to gain a competitive edge, please contact Kirsten Smith, Director of Business Development, for more information at KSmith@nqa-usa.com or (978) 635-9256 ext. 223.

Lynnda Nelson, President, The International Consortium for Organizational Resilience (ICOR)

What Is PS-Prep Certification?

The Voluntary Private Sector Preparedness Accreditation and Certification Program (PS-Prep) is designed to encourage private sector preparedness by assessing whether an organization complies with one or more of the standards adopted by the Department of Homeland Security (DHS). The program is based on established conformance assessment processes widely used in business and industry.

PS-Prep provides the structure and associated information tools to facilitate preparedness and certification. Conformance with one or more of the standards helps foster resilient organizations.
In June 2010, three non-industry specific standards were identified and accepted for compliance to meet the requirements established in Public Law 110-53. DHS defines the standards as a “common set of criteria for preparedness, disaster management, emergency management and business continuity programs.”

Click here to continue reading this article on the Continuity Insights web page.

Interstate Specialty Products Attains Certification for Medical Device Quality Standard ISO 13485:2003Interstate Specialty Products attains the certification ISO 13485:2003 certification that is a standard specific to medical device quality systems that supplements the requirements ISO 9001:2008 standard. Interstate Specialty Products provides precision custom die cutting services and high performance gaskets.

via Interstate Specialty Products Attains Certification for Medical Device Quality Standard ISO 13485:2003.

The food industry is not unfamiliar with risk management. The management of food safety risks is a requirement of legislation in the US, Europe and indeed in most countries of the world.

All participants in the food chain have a duty of care to all who will actively (or by chance); consume finished products of which they might have had an input, at some point, from farm to fork.

The hazards we have to deal with throughout the food chain and the life cycle of food products cannot be managed at singular points of interest in the supply chain only. Modern food safety legislation and consumer expectation place a duty on players in the food chain to ensure food safety competence of their supply chain. The singular most effective methodology for achieving this is by the implementation of a food safety management system (FSMS).

Food Safety Management Systems

An FSMS is a framework that involves policies, procedures, work practices and organizational behavior, among others, that enable an organization to manage a predetermined commitment to food safety. This system will be established on a technical backdrop of legislative compliance and (usually) a HACCP based risk assessment regime.

Because FSMS are set up to provide assurance of effective control of food safety risks, industry practice is to get such a management system certified by an independent third party organization. The certification process will almost always involve an audit where company processes are sampled and checked in depth to provide confidence that the system meets established industry best practice requirements. These requirements are usually set out in food safety management standards (FSMst).

Various FSMst are in place in various parts of the world. These standards could be national, industry interest group focused, private or supranational as the ISO standards represent. ISO standards are developed by the International Organisation for Standardization (ISO), the premier standards setting body in the world. They establish the baseline of best practice for the subject they address. ISO22000 is the ISO’s flagship standard for food safety.

ISO 22000 – Requirements for any organization in the food chain

ISO 22000 is founded on four major elements:

• Interactive communication
• System management
• Prerequisite programs
• HACCP Principles

While many food industry standards are product certification standards, providing a system that is based on managing the product; ISO 22000 like all other ISO standards is based on system process management. This has its foundations in the Total Quality Management philosophy that focuses on ‘the process approach’ to achieve product consistency, quality and safety. In reality however, all industry standards now tend to address both the product and process approach with varying emphasis.

ISO 22000 is the only FSMst that is applicable to ANY organization in the food chain. This includes farming, processing, manufacturing, feed production, retailing and wholesale, distribution, food chain related services, transport and storage, equipment manufacture, biochemical manufacture and the manufacture of packaging materials among others.

FSSC 22000 – An ISO 22000 based standard for food manufacturers

In the year 2010, the Global Food safety initiative, a body of leading manufacturers and retailers that benchmarks food safety standards approved FSSC 22000 through it benchmarking process, making it an alternative certification to the BRC Global Standards for food safety, IFS, SQF and the Dutch HACCP among others. FSSC 22000 in its simplest expression is ISO 22000 + PAS 220 (Publicly Available Specification on prerequisite programs for food manufacturing) + Additional scheme requirements.

This scheme is available only to food manufacturers and has registered over 300 sites worldwide within its first year; as it is a system certification standard it integrates seamlessly with environmental management system (ISO 14001) and quality management system (ISO 9001).