QUALITY TALK

October December 2017 ISSUE- IV, Dated 4/10/2017

Our newsletters provide information on business management systems and process improvement
methods. These systems include ISO 9001 QMS, AS9100 Aviation, Space and Defense, ISO/TS
16949 Automotive, ISO 27001 Information Security, ISO 13485 Medical Devices, ISO 14001
Environmental Management Standard, and others. Further subjects include performance
improvement methods such as Six Sigma, Lean Enterprise, and other topics of interest to our
readers.

Do You have a Subject of Interest for our Newsletter? Mail us at qual.solutions@gmail.com

ATTENTION ISO 9001, IATF 16949 , ISO 14001 and AS9100 Organizations: Time is running out!
You have less than 1 year to transition to the new standard. Contact us for all your transition
needs.

Organizational Risk Management

Risk based thinking (RBT) is one of the most substantial changes to ISO management system standards
in many years. It is a clearly-bounded methodology approach that distributes risk across the full scope of
a management system as an integrated business function. The International Organization for
Standardization (ISO) has this to say on RBT:

"Risk based thinking ensures these risks are identified, considered and controlled throughout the design
and use of the quality management system".

Although the function of risk based thinking is to manage risk at various critical stages and relationships
with your products and services, the true purpose of risk based thinking is more than just creating a
systematic, precautionary approach for your organization.

Instead, you should look at risk based thinking as a form of acquiring and maintaining organizational
knowledge. This is important because a badly managed organizational system is immediately apparent to
users, customers and investors, who often look for so much from you than just your certification status.
This is one of the reasons why risk based thinking features so heavily in updated standards like ISO
9001:2015 and ISO 14001:2015, and the highly anticipated future ISO 45001 Health and safety
management system standard.
Faulty-managed organizational risk can start when an organization designs a purely linear process for
risk management. This is appropriate and to some extent logical during the implementation of a new
management system, but once the management system becomes established it can become a
considerable burden, and sub-optimization takes place During the implementation process risks are
considered and managed through a series of periodic fixes - as opposed to an iterative process. Systems
like this suffer from a lack of agility and can become predictable non-value added activity. In order for the
organization to learn about new risk, it can mostly rely upon a system of internal
 QUALITY TALK Page -2
October December 2017 ISSUE- IV, Dated 4/10/2017

audits and management reviews. Is a single annual management review meeting an iterative
process? Risks are therefore considered too infrequently to capture and control real time threats.

Risks are also often managed centrally. Organizations commonly lack the insight, scope and flexibility to
handle risks that occur at a grass-roots level, where the work gets done. Decisions to prevent and
mitigate risk can sometimes be delayed as employees do not have the capability to assess risk, or the
time to define and reduce the risk. Often this happens because employees do not feel empowered or
confident to take preventative and corrective action in the first place.

There are 5 common symptoms which could highlight to you that your approach to risk management
could be improved:

1. Uncertainty - the organization struggles to collect the right, or enough information about its risks.
Checks are too infrequent, must be recurring and beyond annually. The scope of information about the
organizations risk is narrow.
2. Complexity - the organization is collecting enormous amounts of information about risk to the low
level weeds areas. Decision makers cannot interpret the information. Opportunities are overlooked.
3. Ambiguity - the organization is not able to formulate the correct questions in order to understand its
risk. Additional information is useless because risk is not understood or documented effectively, and is
some cases not documented at all.
4. Lack of Common Language- there are multiple interpretations of risk between individuals across the
organization. Risk management is mutually exclusive or in conflict. A power struggle usually ensues
between individuals with conflicting views and beliefs.
5. Silo mentality (larger organizations) - different departments resist communicating information about
risks across the organization. This typically leads to a condition of both uncertainty and not my problem
mentality.

HOW TO FIX THE PROBLEM

Choose the right risk management tools. Experiment with different approaches while your management
system is in operation.
Understand the standards. You need to correctly interpret the terminology applied to ISO management
systems. Risk is not always stated explicitly in each ISO standard. Terms like "suitable" and "appropriate"
will often imply that you need to demonstrate a balanced approach towards risk based thinking.

You should also assume that risk identification can have a positive impact, Opportunity- and that it can
even provide workable business opportunities. Your approach must accept risk as a systemic entity in
your management system. You need to consider all of the functional aspects of your management
system, and how effectively risks are identified and controlled in real-time.

Transitioning into a risk-intelligent business can take a considerable length of time and experience. The
value of implementing an ISO management system (in particular the new 2015 and 2016 standards) is
that it determines the focus for a Risk-Based approach. But it does not tell you which business tools to
apply - this choice is yours.
 QUALITY TALK Page -3
October December 2017 ISSUE- IV, Dated 4/10/2017

NEWS-QUALITY STANDARDS

1. Medical Device Sector New Handbook

The handbook ISO 13485:2016 - Medical devices - A practical guide written by a group of technical
experts from ISO's technical committee ISO/TC 210, Quality management and corresponding general
aspects for medical devices. Tthe handbook provides users with practical guidance and accurate
interpretation of the requirements specified in the ISO 13485:2016, Medical devices -Quality
management systems - Requirements for regulatory purposes.

Mapped to the structure of ISO 13485:2016, the new handbook offers step-by-step guidance for all
organizations in the medical devices sector wishing to implement and maintain a quality management
system. It covers guidance applicable to various stages of a medical product's life cycle, including the
gathering of customer requirements, design, development, production, supply chain, installation,
servicing and post-market surveillance of medical devices.

Aimed at all organizations, regardless of size and the nature of their business, it helps create a level
playing field and facilitate the market access of their products globally. The handbook can be used as
the go-to reference when questions arise about specific requirements, their interpretation, and
implementation strategies

2. Use of ISO management system standards continues to rise The number of valid certificates to
ISO management system standards (MSS) rose 8 % in 2016 compared to 2015, according to latest
figures of the ISO Survey. The ISO Survey is an annual survey of valid certifications to ISO management
system standards issued by accredited certification bodies worldwide. It is the most comprehensive
overview of certifications to these standards currently available.
A total of 1 643 523 valid certificates were recorded across nine standards compared to 1 520 368 in
2015 (an increase of 8 %), with a further 834 certificates across two new additions to the survey
bringing the 2016 total to 1 644 357.The ever-popular ISO 9001, Quality management systems
Requirements, and ISO 14001, Environmental management systems Requirements with guidance for
use, were up 7 % and 8 % respectively, with 1 106 356 and 346 189 certificates issued, while more
recent additions to the survey, such as ISO 50001 for energy management and ISO/IEC 27001 for
information security, rose by 69 % and 21 % respectively, amassing 20 216 and 33 290 certificates
worldwide.For the 2015 versions of ISO 9001 and ISO 14001, the survey contains separate tables to
show how many of the certified organizations have already taken the step of updating their certification to
the newest versions.
Two additional standards were included in the ISO Survey this year ISO 28000, Specification for security
management systems for the supply chain, and ISO 39001, Road traffic safety (RTS) management
systems Requirements with guidance for use due to data from accredited sources now being available.
As ISO does not perform certification, the figures in the ISO Survey represent the number of valid
certificates reported to ISO by accredited certification bodies as at 31 December 2016.
View the executive summary and full results on the ISO Survey page
 QUALITY TALK PAGE-4
October December 2017 ISSUE- IV, Dated 4/10/2017

3.Govt of India launches ZED Scheme for MSMEs In a bid to support the Make in India campaign, the
government has launched a new scheme namely Financial Support to MSMEs in ZED Certification
Scheme. The objective of the scheme for promotion of Zero Defect and Zero Effect (ZED) manufacturing
amongst micro, small and medium enterprises (MSMEs) and ZED Assessment for their certification is to
develop an ecosystem for zero defect manufacturing in MSMEs, promote adaptation of quality
tools/systems and energy efficient manufacturing, enable MSMEs for manufacturing of quality products,
encourage MSMEs to constantly upgrade their quality standards in products and processes and support
Make in India campaign.

There are 50 parameters for ZED rating and additional 25 parameters for ZED defence rating under ZED
Maturity Assessment Model. Under the scheme 22,222 MSMEs will be rated and certified under ZED
Maturity Assessment Model, while 5,000 MSMEs will be rated and certified under the ZED Defence
Model, another 7,368 MSMEs will be supported for gap analysis, handholding, consultancy for improving
their rating, etc. The total cost of the project is Rs 491.00 crore. Quality Council of India aims to certify
22,000 MSMEs this year The Quality Council of India (QCI) today said it aims to certify about 22,000
MSMEs this year under the 'ZED scheme' initiated by the Prime Minister.

QCI Chairman Adil Zainulbhai said the process for the same will begin in the next 15 days. He was
speaking at a FICCI (Federation of Indian Chambers of Commerce and Industry) event on 'Sustainable
Industry Growth through Quality Systems' under the theme 'Quality Systems to Achieve Goal of Make in
India'. Zainulbhai said the ambitious ZED programme hopes to certify one million MSMEs in the next
three years.
The government under the Zero Effect Zero Defect (ZED) certification scheme hand-holds MSMEs across
the country in Make in India sectors through quality He also said that consumers need to demand quality
goods and services and reject substandard products. The quality of products and services at the ground
level in India did not even meet the minimum standards, he said, adding, "This can be changed only by
measuring quality and enforcing quality standards in all spheres of life."

4. Quality Council of India hosted culmination of its '12th National Quality Conclave'- QCI
organized the Annual Flagship Event of Quality Council of India (QCI), the National Quality
Conclave on September 21-22 , 2017 at Hotel Le Meridien, New Delhi . The Conclave with its theme of
Leveraging Quality to drive Economic and Social Development would emphasize and share practices
of efficient and effective ways of delivering better services to our citizens and would also explore new
approaches and opportunities for continued improvement. Addressed by leaders in policy and decision
makers from both public and private sectors, national and international experts, the Conclave is planned
to host several best practice sessions in a wide range of fields like Public Services, Healthcare,
Education & Skills and Industry. The Honble Minister of Commerce and Industry, Shri Suresh
Prabhu was Chief Guest and Honble Minister of Railways, Shri Piyush Goyal grace the Conclave
as Guest of Honour.
 QUALITY TALK PAGE-5
October December 2017 ISSUE- IV, Dated 4/10/2017

5. New global standard for workplace health and safety, company proves compliance The International
Organisation for Standardisation (ISO) will announce the next stage in development of its ISO 45001 health
and safety standard later this month. Companies across various industries globally are required to comply
with ISO standards before operation starts. This standard, which is likely to be finalised and published in the
first half of 2018, ensures occupational health and safety management and continual improvement of
organisations safety practices to prevent deaths, work-related injuries and ill health, owing to working
conditions.

According to the ISO, more than 6 300 people die a day from work-related accidents or diseases globally
nearly 2.3-million people every year. Further, the burden of occupational injuries and diseases is significant
for employers and the economy, resulting in losses because of early retirement, staff absence and rising
insurance premiums. The ISO 45001 standard is based on the existing ISO 14001, ISO 9001 and OHSAS
18001 standards.The standard will provide an improved framework for employee safety, reduce workplace
risks and create better, safer working conditions globally. First Draft of ISOs Occupational Health and
Safety Standard Now Available

Continuously compliant with new legislation is waste management company Interwaste, which ensures
adoption of procedures and practices in their waste management operations to accommodate new
standards.The companys health and safety practices are currently ISO 14001-compliant, with an ISO
recertification audit scheduled for December.Interwaste safety, health, environment and quality manager
Juan Dorfling tells Engineering News that the formal waste sector in South Africa employs more than 30 000
people and that it is essential to keep staff healthy and safe in the workplace to ultimately ensure the
continued economic viability of the sector.We have a highly qualified health and safety environment (HSE)
department dedicated to ongoing health and safety to ensure that we are prioritising, on a daily basis, our
staff and the communities in which we operate.He adds that the HSE department will also adapt the
companys strategy accordingly with the pending ISO 45001 once its requirements are released. This
department is responsible for identifying and applying best practice and new innovations. Dorfling explains
that the companys HSE systems are maintained by the HSE department, with more than 200 in-house
audits conducted in 2016.To this end, Interwaste actively encourages training in, and compliance with its
internal HSE policies and procedures, applicable legislation and global best practice. Interwaste shows a
continuing downward trend in its lost-time-injury frequency rate.
 QUALITY TALK PAGE-6
October December 2017 ISSUE- IV, Dated 4/10/2017

This has translated into improvements on total days lost, owing to injuries, with an improvement rate of 63%
(393 injuries in 2015, compared with 248 in 2016); an improvement of 89% for average days lost, owing to
injury (19 days in 2015, compared with 2 in 2016); and an improvement of about 30% for the number of
injuries for every 100 employees (2.83 in 2015, compared with 2.18 in 2016).
Facility Compliance
Dorfling avers that its FG landfill facility, in Olifantsfontein, Gauteng, was the first landfill facility in South Africa
to be equipped with a Class B landfill liner, which complies with OHSAS 18001 and has been audited by
Germany-based validation services provider Technical Inspection Association.
At this facility, Interwaste implements solutions, such as fully automated shredding technology and baling
machines, driver cameras and vehicle monitoring, to assist in achieving optimal workplace safety.
To ensure constant assessment and evaluation of the landfill operating area, Interwaste has a permanent
cover over the sites leachate dam, which prevents odours from spreading.

The International Organization for Standardization issued the following news:

ISO 45001, which sets requirements for occupational health and safety management systems, has now
reached Committee Draft stage.
This draft standard, inspired by the well-known OHSAS 18001, is designed to help companies and
organizations around the world ensure the health and safety of the people who work for them.