SBS - The best value in QMS software

Updating to ISO 9001:2008 - I need to add section 7.3 Design and Development

#11
From what I was told, we have always been the engineering and design for our customers, but our customers have always headed the design process, taking full accountability. We were walking a fine line by excluding it from our original certification, but now we have customers that are requiring us to be certified with section 7.3.
The simple question you have to answer is "can we make a change to a product spec without anyone else's approval?"

If the answer is 'yes', then you are product design responsible. If the answer is 'no', then the customer owns the design. You may be a significant input to the process, but it's not your process.

Now, in terms of ISO certification, if you answered 'no', then all you may need to do is describe how you act on and interface to customers' design processes. But this shouldn't be under 7.3 of ISO 9001, since you aren't responsible, try 7.1 and 7.2.

If you decided you are design responsible, it's not just having a policy and procedures you need for certification, as I said. You'll have to demonstrate all the requirements of design control have been implemented. No evidence = non-compliance in most cases.
 
Elsmar Forum Sponsor
J

John Martinez

#12
The simple question you have to answer is "can we make a change to a product spec without anyone else's approval?"

If the answer is 'yes', then you are product design responsible. If the answer is 'no', then the customer owns the design. You may be a significant input to the process, but it's not your process.

Now, in terms of ISO certification, if you answered 'no', then all you may need to do is describe how you act on and interface to customers' design processes. But this shouldn't be under 7.3 of ISO 9001, since you aren't responsible, try 7.1 and 7.2.

If you decided you are design responsible, it's not just having a policy and procedures you need for certification, as I said. You'll have to demonstrate all the requirements of design control have been implemented. No evidence = non-compliance in most cases.

If you decided you are design responsible, it's not just having a policy and procedures you need for certification, as I said. You'll have to demonstrate all the requirements of design control have been implemented. No evidence = non-compliance in most cases.


I agree with Andy but would ask why is your customer now requiring you to include 7.3 in your certification?

I would also caution that you do not have to either implement or take exception to ALL of 7.3. For instance if you client does the design portion and you do the validation, then neither is 7.3 all applicable or all excludable.

To your original question, nothing in 7.3 of ISO 9001:2008 requires a procedure. If your management system requires one, then you will need to implement one.

In addition, not to add to your worries, but besides implemented, depending upon what your internal audit procedure states, you may have to internal audit it as well.

If you could postpone your audit, I would. :yes:
 
D

DrM2u

#13
Are you saying that I do not have to have procedures to reference 7.3?! Where would I find this in writing. Inevitably I will write procedures, because we do meet all of the documentation requirements, but if I could get away from having to have the procedures completed by audit time, this could allow me to focus on more important items.

I would like to thank everyone for there input!!
Read clause 7.3 and you will not find any sentence that includes 'the organization shall prepare documented procedures' or anyhting along these lines. The ISO 9001 requires only (6) procedures, the rest are up to the organization as deemed necessary:
Document control (4.2.3)
Record control (4.2.4)
Internal audit (8.2.2)
Nonconforming product (8.3)
Corrective action (8.5.2)
Preventive action (8.5.3)
(the last two are often combined into one)

I am not a big fan of procedures because they can constrain processes and improvement. The intent of documentation (unless required) is to compensate for the lack of knowledge necessary to perform a task or more (process). Always make sure that the PROCESS is compliant with the requirements and have the documentation (if any) match and follow the process. Do not let documentation drive the process or a few years from now you'll hear 'we've always done it this way' instead of a good reason for having and following certain processes.
 

Stijloor

Staff member
Super Moderator
#14
<snip>I am not a big fan of procedures because they can constrain processes and improvement. The intent of documentation (unless required) is to compensate for the lack of knowledge necessary to perform a task or more (process). Always make sure that the PROCESS is compliant with the requirements and have the documentation (if any) match and follow the process. Do not let documentation drive the process or a few years from now you'll hear 'we've always done it this way' instead of a good reason for having and following certain processes.
Well........

Here is my view. The purpose of process documentation (in whatever form) is to:
  1. Ensure consistency of practice
  2. Preserve knowledge
Whether people like it or not, running a company on tribal knowledge and memory is extremely dangerous.

A well-defined and documented process is easier to control and improve than a process supported by 5 memorized recipes....

Regretfully, documentation is often used to support a stupid bureaucracy, and that is I believe your concern as well.

Stijloor.
 
D

DrM2u

#15
Well........


Here is my view. The purpose of process documentation (in whatever form) is to:
  1. Ensure consistency of practice
  2. Preserve knowledge
This is why I am proposing that documentation follows the process ... to preserve knowledge and serve as a reference (compensate for lack of knowledge) when needed to preserve consistency of practice. We are on the same page on this ... I think.
Regretfully, documentation is often used to support a stupid bureaucracy, and that is I believe your concern as well.
Indeed ... I have seen too many companies with thick binders full of procedures and instructions that do nothing but collect dust and make changes & improvements difficult to implement.
 

Stijloor

Staff member
Super Moderator
#16
Thanks! Yes, we are on the same page. :agree1:

A question to ask relative to documentation is:

What information do our employees need to perform their job
  • Safely
  • Effectively
  • Efficiently
Then, only then we look at what the standard requires and possibly customers and statutory and regulatory requirements.

Organizations get too wrapped up in the requirements initially and ignoring what the folks in the trenches need.

The employees ("user community") are often ignored as information is produced. As a result we see multi-page docs and instructions that put you to sleep or are hard to interpret.

User-friendliness comes to mind.

Sorry for my rant. ;)


Stijloor.
 
Last edited:
T

TBDQM

#17
I agree with Andy but would ask why is your customer now requiring you to include 7.3 in your certification?

If you could postpone your audit, I would. :yes:
It is a new customer that we are now doing business for....
I really wish I could postpone the audit but apparently it has been postponed two many times already. I appreciate everyone's feedback, I have gotten more information here than 3 days of googling!
 

Stijloor

Staff member
Super Moderator
#18
It is a new customer that we are now doing business for....
I really wish I could postpone the audit but apparently it has been postponed two many times already. I appreciate everyone's feedback, I have gotten more information here than 3 days of googling!
Don't postpone the audit. Just provide your customer with a detailed action plan showing how and by when you will have a complete design and development process in place. I would not risk getting dinged with a major nonconformity because of a sloppy D&D process. At the next surveillance audit you could then expand the scope of the QMS to include the D&D process.

Stijloor.
 

Colin

Quite Involved in Discussions
#19
Sorry to be pedantic on this issue but a few posters have said 'you don't need a procedure for design' - well, you certainly don't need a documented procedure but you need control over the process. There will almost certainly be a procedure for conducting design already. Whether this aligns with the requirements of clause 7.3 is another matter.

The other problem I foresee is that if the present method of controlling designs does not comply with 7.3, there is unlikely to be sufficient time to build satisfactory evidence to demonstrate that the design process is in control. In other words, what are you going to show the auditor when s/he asks for the evidence?
 
A

artorius22

#20
I am faced with the carnage of a company converting from QS to TS with no changes other than renumbering. Unfortunately the system has grown to 30 procedures, 70 or 80 work instructions, and several hundred forms. My current task has reduced this monstrosity by 65%
 
Thread starter Similar threads Forum Replies Date
A What ISO 9001:2015 clause could be used to write nonconformance for not updating licensed driver list? General Auditing Discussions 8
T Design & Development in Updating Machines and Equipment - ISO 9001 Help Design and Development of Products and Processes 4
F Updating a Quality Manual from ISO 9001 to ISO TS 16949 - Process Mapping IATF 16949 - Automotive Quality Systems Standard 2
M Updating a Quality Manual from ISO 9001:2000 to ISO 9001:2008 Quality Management System (QMS) Manuals 57
B Updating from ISO 9001:2000 to ISO 9001:2008 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
J ISO/AS Surveillance Audit - Minor for not updating my QA Manual to ISO 9001:2008 Quality Management System (QMS) Manuals 95
I Updating Lead Auditor Certifications to ISO 9001:2008 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
B Tips on updating our Quality Systems Manual from ISO 9001:1994 to ISO 9001:2000 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
B Timeframe for updating QMS / transitioning from ISO 14971:2012 to ISO 14971:2019 ISO 14971 - Medical Device Risk Management 10
C ISO 13485 Gap Analysis Checklist - Updating ISO 13485 from the 1996 standard to 2003 ISO 13485:2016 - Medical Device Quality Management Systems 2
T Re-PPAP after updating CMM program? Manufacturing and Related Processes 9
H Updating Quality Manual to API Q1 Service Industry Specific Topics 6
Z Minitab - Updating Graph with specific data points Using Minitab Software 2
N Updating the website of the manufacturer EU Medical Device Regulations 1
A Technical File - Updating Applied Standards EU Medical Device Regulations 4
N Updating QM to 13485:2016 - We do not make medical devices ISO 13485:2016 - Medical Device Quality Management Systems 1
B Site Move - Question about Updating Product Labels 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 4
O Updating "opportunities" resulting from Corrective Actions Nonconformance and Corrective Action 2
N Updating class I device IFU with instructions to use class II cleared device 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
V Periodic review criteria for reviewing/updating SOPs US Food and Drug Administration (FDA) 1
T Design Changes - Updating the Design and Development File EU Medical Device Regulations 5
L Clinical Evaluation Report Updating Procedure Other Medical Device Related Standards 5
A Changing a Form Template & Updating Records ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
M AS9100D - Updating Scope Exclusions AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 9
E Updating DHF (Design History File) to include Alternative Component 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
W ISO9001:2015 - Clause 7.5.2 - Requirements for Creating & Updating Documents ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
Q Actions Taken - Updating a FMEA for the addition of a downstream poke yoke FMEA and Control Plans 3
I NCR for Customer not updating their drawings AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 14
P Updating a Medical Device's Intended Use Other US Medical Device Regulations 2
N Updating Job Titles - Does This Mean There Needs to Be a rev change? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
shimonv Updating Safety Test Report when changing component supplier IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
K Updating Outdated Calibration Procedures Document Control Systems, Procedures, Forms and Templates 2
J Is the SFDA in China in the process of updating their Medical Device Regulations ISO 13485:2016 - Medical Device Quality Management Systems 3
B Requirement for Updating Medical Device Software (Firmware) in the Field 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 11
S IPC 620 updating from Class 1 to Class 3 Inspection, Prints (Drawings), Testing, Sampling and Related Topics 6
C Updating (Revising) Documents with a New Logo Document Control Systems, Procedures, Forms and Templates 3
O Sum of Cpk - Updating Product Tolerances Capability, Accuracy and Stability - Processes, Machines, etc. 6
R Standard Relevance & Updating - ASME B&PVC Various Other Specifications, Standards, and related Requirements 4
J Declaration of Conformity - Updating the DofC to MMD 2007/47/EC EU Medical Device Regulations 4
C Updating our Laboratory Calibration / Verification Procedures IATF 16949 - Automotive Quality Systems Standard 5
V Updating Quality Manual - Adding the word Statutory in front of laws and regulations Quality Management System (QMS) Manuals 3
M Updating Certificate of Foreign Government (CFG's) Other US Medical Device Regulations 18
ScottK How is this for extremes in updating to the ISO9001:2008 rev ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
A FDA - Registration & Listing Updating + when Purchasing another Company 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 8
K Updating Procedures because they are bland and wordy Document Control Systems, Procedures, Forms and Templates 12
C Updating the IPC1752 info RoHS, REACH, ELV, IMDS and Restricted Substances 3
W Standards Updating Service? Current Revision Level of Standards Other ISO and International Standards and European Regulations 11
J Updating a PFMEA (Process FMEA) after a Process Failure FMEA and Control Plans 3
S Requirements for Updating a Medical Device Technical File EU Medical Device Regulations 11
D Updating Training Procedures when other documents change - Over Kill? Training - Internal, External, Online and Distance Learning 14

Similar threads

Top Bottom