Should a Covid vaccine and testing policy be included as part of ISO9001 or AS9100 risk management?

outdoorsNW

Quite Involved in Discussions
#1
With one covid vaccine FDA approved and Biden’s recent orders requiring covid vaccines for larger employers and federal contractors (one source said federal subcontractors as well), and the effects on what is considered common and normal, the following questions arise:

If a company has nothing in its QMS documentation, not even a justification for not taking action, at this point in time, is this a violation of the requirements of ISO9001 or AS9100?

Relevant questions:

Is it now time to ask suppliers about their covid vaccine and testing policy as part of ISO9001 or AS9100 (8.4.1) supplier risk management?

Should vaccine and testing policy be part of ISO9001 or AS9100 risk management activities at a certified company?

Is a vaccine and testing policy now defacto required under the safe working environment statements in ISO9001/ AS9100: 7.1.4?

Source for the federal subcontractor statement: New COVID-19 Executive Order Expands Requirements for U.S. Government Contractors | JD Supra
 
Elsmar Forum Sponsor

Jen Kirley

Quality and Auditing Expert
Staff member
Admin
#2
You almost wouldn't know it to look at us, but this is not our first pandemic. There was Bird Flu and Swine Flu; as vaccines were not made available for those flus, my workplaces put measures in place to help minimize the effect on employees by expanding work-from-home capabilities. They did the same thing for ice storms too; why not?

I remember the previous version of TS 16949 requiring a business contingency plan. These days the ISO 9001 standard just asks for risk based thinking. We auditors can suggest people to expand their thinking, but standards don't include shalls for vaccine policies so an auditor has no right to demand them.
 

Kronos147

Trusted Information Resource
#3
During compliance audits (ISO 9001), I saw many organizations listing the activities they did in relation to COVID-19 written into the management review meeting minutes under the section for effectiveness of actions taken to address risk and opps. If they avoided an outbreak, they thought they were effective.
 

malasuerte

Involved In Discussions
#4
You have a couple of questions there:

--So the risk assessment should be how to manage risk if there is pandemic, epidemic, etc. If CV is identified as a significant risk during that assessment, then your org may need to capture the details of what you are doing for that. Maybe think of this more tangibly (example from my co.) >>> we conduct a risk assessment for natural disasters that could affect one of our sites; we inlcude the possibilities, but in once location the risk of tsunami is prominent and so details about what to do in case of a tsunami are heavily detailed/documented; in another site it is volcano and not tsunami.

---To your supplier question: if you feel this is a risk, then yes, you may need to ask/understand their policy. For example, my co. still does not allow suppliers onsite without proof of vax. As a result, the supplier sponsors need to understand the suppliers current stance.

---Lastly, "safe environment" >>> It could be and is probably the right thing to do. Random thoughts: Is drug testing in a heavy machinery part of ensuring a safe environment? What would happen if a whole shift or group got sick and was home/quart. for extended time?

To wrap it up - firstly, "violation" is not the right terminology to use. It could be deemed a "non-conformance" to the requirements. Again, use my tsunami example (to have a more tangible item) >>> If your site receives and ships from a place that has a high probability of a tsunami, would you want that org to have documented information on the risk and how to handle? Yes, how to handle a tsunami is not a shall in the standard - but I think an org would be in the wrong if they did not have it in the BC plan if it is a likely risk.
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#5
Is a vaccine and testing policy now defacto required under the safe working environment statements in ISO9001/ AS9100: 7.1.4?
There is no SAFE working environment requirements in 9001/9100. The work environment statements in those standards relate to a conducive space to ensure product conformity.

A “safe” work environment would be the realm of standards such as ISO 45001.

A pandemic (any one) obviously affects business continuity in the whole global supply chain and customers need to be sophisticated enough to realize the myriad of risks they are exposed to. Just because there are risks, it does not mean they are the subject of a quality system. If the best supplier in the world goes bankrupt and cease operations, it will impact their customer base; so while financial stability is one of the concerns for suppliers, it does not mean that it should be part of the traditional quality checks, especially because supplier quality engineers are, for the most part, not qualified to assess the financial health of a supplier.
 
#6
Two things that ISO 9001 and AS9100 avoid are personnel safety and financial concerns. It isn't that they are not important, it's that it is outside of the scope of either of those standards.
 

Mike S.

Happy to be Alive
Trusted Information Resource
#7
During compliance audits (ISO 9001), I saw many organizations listing the activities they did in relation to COVID-19 written into the management review meeting minutes under the section for effectiveness of actions taken to address risk and opps. If they avoided an outbreak, they thought they were effective.
If they avoided an outbreak, in reality it was probably a combination of effective actions and luck. IMO there are no actions a typical employer can take to positively prevent an outbreak of influenza, Covid, etc. among employees, one can only reduce the risk.
 
Thread starter Similar threads Forum Replies Date
H When should the first PSUR be issued? EU Medical Device Regulations 2
I If i do not want to be an initial importer should i register with FDA? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 0
B UKRP to what level should you audit Class I Technical Documentation? UK Medical Device Regulations 0
C When should you quit programming? Job Openings, Consulting and Employment Opportunities 3
C Should resolution be included in uncertainty budget for digital caliper or micrometer calibration? Measurement Uncertainty (MU) 5
Ed Panek External Standards List - Should this document include previously revised standards? ISO 13485:2016 - Medical Device Quality Management Systems 4
T How should I approach REACH, CM, etc. as a job shop? RoHS, REACH, ELV, IMDS and Restricted Substances 18
A Should we assign the PRRC before the date of application of MDR (26 May 2021)? EU Medical Device Regulations 0
J UDI-DI how should we interpret Device version or model to determine if a new UDI-DI is needed? EU Medical Device Regulations 0
Sidney Vianna Interesting Discussion Should ISO 9004 be changed from a guidance document to a requirements standard? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
A Should I take an online course for a career in Occupational Health and Safety? Career and Occupation Discussions 2
J Should a Class 1 medical device with an option to measure body weight be considered Class 1m? EU Medical Device Regulations 0
K Should APQP/PPAP has its own section in a QM? Quality Management System (QMS) Manuals 1
S What should i choose for "testing procedure" characteristics? (N95) General Information Resources 0
P Should eIFU link per ISO 15223-1:2016 be added to labels out of scope of Reg 207/2012? EU Medical Device Regulations 1
S Which Sampling Plan(s) Should I Use? Inspection, Prints (Drawings), Testing, Sampling and Related Topics 13
A Document release vs its related training. Which should come first? ISO 13485:2016 - Medical Device Quality Management Systems 18
S Which department should prepare the control plan? could you show me a standard regarding to this matter. FMEA and Control Plans 17
J Help settle a disagreement: Should external providers of preventive maintenance be on your ASL? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
N Master Samples - What should we be keeping? IATF 16949 - Automotive Quality Systems Standard 9
G Supplier delivered recent PPAP, should he deliver yearly layout inspection? IATF 16949 - Automotive Quality Systems Standard 4
John Broomfield Vote - Should ISO9004 Become a Requirements Standard? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
A Capability Study - in the beginning of your career what should you have known about the tool Quality Tools, Improvement and Analysis 11
J Should Loading and Unloading be Included in Cycle Times? Lean in Manufacturing and Service Industries 14
E Manufacturers should develop a testing device for covid19 Service Industry Specific Topics 0
T 510(k) submission - Which name should I use in the submission? Other US Medical Device Regulations 3
N ISO 19011:2018 - 5.4.2 "...audit program should engage in appropriate continual development..." Training - Internal, External, Online and Distance Learning 4
G Should I perform Gage R&R only at the beginning of a new project? Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 6
DuncanGibbons Should the requirements FAA/EASA Part 21 be addressed within the QMS and AS9100D quality manual? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
M Should 510(k) Predicates be Actively Listed Devices? Other US Medical Device Regulations 12
B Why the Greek god Hephaestus should have done a design FMEA (DFMEA) on his giant robot APQP and PPAP 1
J On PFMEA for danger labels - Label always should be assigned severity 10 ? FMEA and Control Plans 3
H Who should be listed as the manufacturer/distributor on the box? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 15
M MDR, RED and LVD - Should our device comply with them? EU Medical Device Regulations 3
BeaBea How Many Processes should be created for each Department? Process Maps, Process Mapping and Turtle Diagrams 5
M Should volume of sales be factored into risk probability assessments? ISO 14971 - Medical Device Risk Management 33
MrTetris Should potential bugs be considered in software risk analysis? ISO 14971 - Medical Device Risk Management 5
S Should safety checks be included in the Control Plan? IATF 16949 - Automotive Quality Systems Standard 5
M Which incubation condition should be selected to recover both bacteria and fungus effectively Miscellaneous Environmental Standards and EMS Related Discussions 3
D Is there a specific location for PPE such as safety glass holders and glove dispensers should be mounted Occupational Health & Safety Management Standards 10
Robert Stanley Which Registrar Should I Choose for ISO 9001:2015 registration? Registrars and Notified Bodies 10
M Who should receive the bills from suppliers and vendors, account payable or procurement? Consultants and Consulting 4
V IATF 16949 8.4.1 Control of externally provided processes, products and services - Should the CB be on our Approved Supplier List? IATF 16949 - Automotive Quality Systems Standard 10
A We are ISO 13485:2016 should we be audited to ISO 14971 ISO 13485:2016 - Medical Device Quality Management Systems 16
E Received a Major finding during IATF Surveillance audit for loss of BIQS Level 3 (more than 6 SPPS in 6 months)...how should we address SYSTEMIC CA? IATF 16949 - Automotive Quality Systems Standard 11
J Organization merger. Should we keep two separate ISO 13485 certificates? ISO 13485:2016 - Medical Device Quality Management Systems 6
S Companies that maintain your machine should be in ASL? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
S Use of "Shall" versus "Should" in Procedures ISO 13485:2016 - Medical Device Quality Management Systems 26
D Class II medical device - When should a complaint be closed? Customer Complaints 6
Sidney Vianna IATF 16949 News Presentations from the latest IATF Stakeholder Event - Expectation that IATF 16949 certification should equate with product quality. Misguided? IATF 16949 - Automotive Quality Systems Standard 7

Similar threads

Top Bottom