general training iso/iec 17011:2017 · 2019. 11. 27. · general training iso/iec 17011:2017....
TRANSCRIPT
General trainingISO/IEC 17011:2017
Dubai, United Arab Emirates
6-8 May 2018
Objective
• Present the conformity assessment and accreditation concepts for ABs as defined in ISO/IEC 17011
• Provide ABs and others with understanding of the requirements presented in ISO/IEC 17011
• Provide and review practical examples
2
Agenda - 3 days
• Introduction and History
• Concepts and Definitions
• Accreditation Terminology and Understanding
• Clause by Clause Understanding- Review by Examples
• Provide and review practical examples
3
Material
• ISO/IEC 17000
• ISO/IEC 17011
• Slides
• Exercises
• Other
4
Introduction
• Instructor (s)
• Attendees
• Organizers
• Material Needed for the training
5
EXERCISE AND QUIZ
• Exercises with numbers ( See List of exercises)(In the slides the numbers are not sequential)
• Exercises with letters in the Slides
• Quiz in the slides
6
History
• Revision of ISO/IEC 17011 decided and started in July 2014
• Document updates completed in May 2017• Appeal made, accepted and revisions suggestions in
July 2017• Final Draft (FDIS) and electronic ballot• Final version published in November 2017
7
ISO/IEC17011 – History and Revision Timeline
8
ISO/IEC 17011 timelineThe first edition was ISO/IEC Guide 58 and 61 and TR 17010.
The 1st edition of ISO/IEC 17011 was published in 2004.
The current edition is 2017.
9
Development stages of ISO/IEC 17011
Working draft WD
Committee draft 1 (CD)
Committee draft 2 (CD)
DIS November 2016 , 583 comments – 78/81 (96%)
Publication Nov/Dec 2017
October 2015, 1771 comment - 69/8 with 7 abstentions
March 2016, 1410 comments -76/6 with 9 abstentions
2014 2017
10
HistoryDate Activity Output
July 2014 New Work Item Proposal (NWIP) was approved to revise the standard
11 - 13 November 2014 1st Meeting of WG Clear work plan, structure and way forward
3 - 5 February 2015 2nd Meeting of WG WD1
11 - 13 May 2015 3rd Meeting of WG CD1 (Ballot closed October 2015)
21 – 23 October 2015 Drafting Group Meeting
8 – 10 December 2015 4th Meeting of WG CD 2 (Ballot closed March 2016)
10 - 12 May 2016 5th Meeting of WG DIS (Ballot closed November 2016)*
6 – 9 December 2016 Drafting Group Meeting
21 – 23 February 2017 6Th Meeting of WG Standard ready for editing and proofreading
May 2017 Standard ready for publication
*P-Members voting: 78 in favor out of 81 = 96 % / 3 negative votes out of 82 = 4 %
11
Results of resolution on the revision of ISO/IEC 17011 64 - ISO/CASCO Members voting 45 Agreed 19 Disagreed (17 EU members) 01 Abstained (Recommendation to revised the ISO/IEC 17011 was
approved July 2014)
12
Nomination of Co-Convenors for ISO/CASCO WG – 42
Cynthia Woodley Nominated by ANSI Alister Dalrymple Nominated by AFNOR
(August 2014)
13
First Meeting - November 11 to 13 - 2014
- Members : 41
- Liaisons: 11
- Observers : 03
USA – 04 Members EU – 18
Canada – 01 Member Asia - 10
Mexico – 01 Member Liaisons: 11
Peru – 01 Member Other countries: 8
Brazil – 01 Member
14
First Meeting - November 11 to 13 - 2014
Topics discussed during this meeting:
36 months to develop the new standard (IS May 2017)
Align the headings in ISO/IEC 17011 with the ISO/CASCO common structure
Validation audits
Use IAF/ILAC documents
More detail on witness assessment
15
Second Meeting: February 2 to 5 2015
- Number of participants: 52
Topics discussed during this meeting:
Witness assessment (improve definition)
Proficiency testing - Marks and Symbols
Certification Scheme ownership
Accreditation Cycle
Unacceptable risk: additional text may be needed under section on impartiality
Review the TG inputs and develop Working Draft 16
Third Meeting: May 11 to 13 2015
- Number of participants: 54
Topics discussed during this meeting:
Review the comments related to the first Working draft
Number of comments received by the ISO/CASCO Secretariat on the first Working Draft from the WG – 42 members:
i) 1238 Comments
ii) 171 Pages
17
Third Meeting: May 11 to 13 2015
Topics discussed during this meeting:
Definition of key activities
Information and Communication Technology (i.e. Virtual and Remote assessments )
Common structure (ISO 9001 or the common elements as options)
Proficiency Testing is conformity assessment. Therefore, ABs cannot provide this service.
18
Third Meeting: May 11 to 13 2015
Topics discussed during this meeting:
To have validity on the Certificate of Accreditation or accreditation documents;
Surveillance and Reassessment and if there is a need for decision during these two activities;
Accreditation cycle (is there a need to define the length of the accreditation cycle or not?)
Use of the Accreditation Symbol by Conformity Assessment Bodies
19
Next Steps
ISO/IEC 17011 Committee Draft (CD-1) will be submitted to ISO/CASCO member bodies for comments no later than July 15th; comments will be collected over a 3 month period.
20
Next Steps
Drafting Group Meeting December 2016
WG meeting February 21 to 23 – 6th Meeting
May 2017 for Publication
Appeals
Approved by ISO Members October 2017
21
Key Objectives of the Revision
• Align with the common structure of CASCO documents
• Incorporate the mandatory wording of the PAS documents
• Identified Proficiency Testing as an accreditation activity
• Incorporate where appropriate the IAF and ILAC documents
22
Key Objectives of the Revision
• Added new sections (new definitions)
• Introduced the concept of risk and risk-based assessments
• Incorporated competence criteria in main body of text as well as an Informative annex on knowledge and skills
• Not to include a principles section in the standard
23
Key Objectives of the Revision
• Align with the common structure for ISO CASCO documents
• Incorporate the mandatory wordings of the PAS documents
# currently ISO CASCO Procedure document 33 (Proc 33)
• Identified ‘Proficiency Testing provision’ as an accreditation activity
• Incorporate where appropriate the IAF and ILAC documents
• Added new sub-clauses (new definitions)
• Introduced the concept of risk and risk-based assessments
• Incorporated competence criteria in main body of text as well as an Informative annex on knowledge and skills
• Not to include a principles section of Proc 33 in the standard
24
Changes to ISO/IEC 17011
• Majority of the requirements in ISO/IEC 17011 : 2004 have been included in the new standard
• Mandatory Changes Alignment with mandatory structure of ISO/CASCO
standards Introduction of mandatory language for: Impartiality Confidentiality Handling complaints and appeals Management System requirements
25
Changes to ISO/IEC 17011
Provision of options for compliance with MS requirements
Option A and B• Broader Scope ----- Standards applicable to
accreditation of a wider range of CA activities• Great Flexibility for ABs to establish “risk based”
monitoring of CABs Recognition of the wide range of CA activities Traditional assessment methods may not be the only
mechanism
26
ISO/IEC 17011 Major Sections
Introduction1. Scope2. Normative references3. Terms and definitions4. Genera requirements5. Structural Requirements6. Resource requirements7. Process requirements8. Information requirements9. Management system requirements
27
ISO/IEC 17011:2017
Scope
Normative references
Terms and definitions
General requirements
Structural requirements
Resource Requirements
Process requirements
Information requirements
Management systems Requirements
Informative Annex
ISO/IEC 17011:2004Scope
Normative references
Terms and definitions
Accreditation Body
Management
Human resources
Accreditation process
Responsibilities of the AB
Structure of ISO/IEC 17011
28
All CASCO Standards ( ISO/IEC 17000 series incl17011, 17025 , 17065 , 17020 etc) must also comply with requirements of the Common Elements in ISO/CASCO Standards (QS –CAS- PRO/33)
Impartiality
Confidentiality
Handling of complaints and appeals
Management System in ISO/CASCO documents
Definitions transcribed directly from ISO/IEC 17000: 2004 cannot be modified although can be amplified or explained through the use of a “note”
Mandatory Scope
29
This document specifies requirements for the competence, consistent operation and impartiality of accreditation bodies assessing and accrediting conformity assessment bodies. (CAB)
* NOTE: Also appears in definition of conformity assessment body.
1. Scope
30
Conformity Assessment Bodies (CABs)− Testing bodies including sampling bodies(ISO/IEC
17025)
− Calibration bodes (ISO/IEC 17025)
− Medical testing bodies (ISO/IEC 15189)
− Inspection bodies (ISO/IEC 17020)
− Proficiency testing providers (ISO/IEC 17043)
− Reference material producers (ISO/IEC 17034)
− Certification bodies (ISO/IEC 17024, ISO/IEC 17021-1, ISO/IEC 17065)
− Validation & verification bodies (ISO/IEC 14064, ISO/IEC 14065)
31
2. Normative References
ISO 9000, Quality management systems —Fundamentals and vocabulary
ISO/IEC 17000, Conformity assessment —Vocabulary and general principles
ISO/IEC Guide 99, International vocabulary of metrology -- Basic and general concepts and associated terms (VIM)
32
Terms and Definitions
Terms added, changed and deletedAll definitions must be read to ensure understanding of the documentAll 17000 series includes a statement:
“In this document, the following verbal forms are used: - “shall” indicates a requirement; - “should” indicates a recommendation; - “may” indicates a permission; - “can” indicates a possibility or a capability”.
33
3. Terms and definitions
3.1 Accreditation
Third-party attestation related to a conformity assessment body conveying formal demonstration of its competence to carry out specific CA tasks
Logo versus Symbol
3.3 Logo - used by the accreditation body
3.12 Symbol is - issued by accreditation body to be used by accredited CAB’s to indicate their status
34
3. Terms and definitions3.10 Impartiality
− Objectivity means that conflicts of interest do not exist, or are resolved so as not to adversely influence subsequent activities of the AB
3.33 Interested party
− includes the accreditation body, conformity assessment bodies, their associations and their clients, industry services, trade associations, scheme owners, governmental regulatory
First party, second party and third party
− Where are these defined?
35
3.5 – conformity assessment activityactivity conducted by a conformity assessment body when assessing conformity
Note to entry: In the context of this document, activities covered by accreditation include but are not limited to testing, calibration, inspection, certification of management systems, persons, products, processes and services, provision of proficiency testing, production of reference materials, validation and verification. For simplicity, these are referred to as conformity assessment activities being performed by conformity assessment bodies.
3. Terms and definitions
36
3.7 – flexible scope of accreditationscope of accreditation expressed to allowconformity assessment bodies to make changes inmethodology and other parameters which fallwithin the competence of the conformityassessment body as confirmed by the accreditationbody.
3. Terms and definitions
37
3.8 - accreditation schemerules and processes relating to the accreditation of conformity assessment bodies to which the same requirements apply.
Note to entry: Accreditation scheme requirements include but are not limited to ISO/IEC 17020, ISO/IEC 17021 series, ISO/IEC 17025, ISO/IEC 17024, ISO 17034, ISO/IEC 17043, ISO/IEC 17065, ISO 15189 and ISO 14065.
3. Terms and definitions
38
3.9 - accreditation activityindividual operational tasks of the accreditation process (see clause 7)
3.11 - accreditation processall activities from application through to granting and maintenance of accreditation as defined by the accreditation scheme
3. Terms and definitions
39
3.13 - accreditation decisiondecision on granting, maintaining, extending, reducing, suspending and withdrawing of accreditation3.14 - granting accreditationawarding accreditation for a defined scope of accreditation3.15 - maintaining accreditationconfirming the continuance of accreditation for a defined scope3.23 - reassessmentassessment performed to renew the accreditation cycle
3. Terms and definitions
40
3.24 - assessment techniques methods used by an accreditation body to perform an assessment NOTE to entry: Assessment techniques, can include but are not limited to: - on-site assessment, - remote assessment, - witnessing, - document review, - file review, - measurement audits, - review of performance in proficiency testing and other inter-laboratory comparisons, - validation audits, - unannounced visits,- interviewing.
3. Terms and definitions
41
3.26 - remote assessmentassessment of a conformity assessment body's physical location or virtual site, using electronic means NOTE to entry: A virtual site is an on-line environment allowing persons to execute processes, for example in a cloud environment.
3.27 - assessment programmeset of assessments consistent with a specific accreditation scheme that the accreditation body performs on a specific conformity assessment body during an accreditation cycle
3.28 - assessment plandescription of the activities and arrangements for an assessment
3. Terms and definitions
42
3.29 - accreditation body personnel internal or external individuals carrying out activities on behalf of the accreditation body
3.10 - impartialitypresence of objectivityNote 1 to entry: Objectivity means that conflicts of interest do not exist, or are resolved so as not to adversely influence subsequent activities of the accreditation body.Note 2 to entry: Other terms that are useful in conveying the element of impartiality include “independence”, “freedom from conflict of interests”, “freedom from bias”, “lack of prejudice”, “neutrality”, “fairness”, “open mindedness”, “even-handed”, “detachment”, “balance”.
3. Terms and definitions
43
EXERCISE A)
a) List the methods used by the accreditation body to perform an assessment (See definition 3.24)
b) List the accreditation activities defined in ISO/IEC 17011:2017 (See definition 3.11)
c) List examples of accreditation schemes (See definition 3.8)
d) List examples of Consultancy as defined by ISO/IEC 17011:2017 (See definition 3.34)
44
Quiz 1) (Select the correct answer)Technical expert is1.person assigned by an accreditation body to perform, alone or as part of an assessment team2.person assigned by an accreditation body, working under the responsibility of an assessor, who provides specific knowledge or expertise with respect to the scope of accreditation to be assessed and does not assess independently 3.person assigned by an accreditation body to assess independently and provide technical knowledge to the assessment team.4.Person who is given the overall responsibility for the management of the assessment
45
Quiz 2) (Select the correct answer)
Complaint isa.expression of dissatisfaction by any person or organization, to an accreditation body, relating to the activities of that accreditation body or of an accredited conformity assessment body, where a response is expectedb.request by a conformity assessment body for reconsideration of any adverse accreditation decision related to its desired accreditation status c.expression of dissatisfaction to a conformity assessment body by the scheme owner related to the activities of the accreditation body
46
Exercise 1 – Terminology – See List of exercises Page 2/39
47
ISO/IEC 17011 General requirements
4.1 Legal entity4.2 Accreditation agreement4.3 Use of accreditation symbol and
other claims4.4 Impartiality requirements4.5 Financing and liability 4.6 Establishing accreditation schemes
48
Legal Entity (4.1)
Similar to legal requirements from 2004 version.
NOTE 1 Governmental accreditation bodies are deemed to be legal entities on the basis of their status within their government.
NOTE 2 An accreditation body that is part of a larger body can operate under a different name.
49
Exercise 2/1 – Legal – See List of exercises –Page 4/39
50
Accreditation Agreement (4.2)Very similar to 8.1 in previous version (Obligations of the CAB). New requirements added in agreement:•4.2.e - to have, where applicable, legally enforceable arrangements with their clients that commit the clients to provide, on request, access to accreditation body assessment teams to assess the conformity assessment body’s performance when carrying out conformity assessment activities at the client’s site;•4.2.g - to commit to follow the accreditation body's policy for the use of the accreditation symbol;•4.2.k - to assist in the investigation and resolution of any accreditation-related complaints about the conformity assessment body referred to it by the accreditation body.
51
Exercise 2 – Agreement – See List of exercises page 3/39
52
Use of accreditation symbols and other claims of accreditation (4.3)Very similar to 8.3 in previous version with minor additions pertaining to:• discontinuing use of reference to accreditation if
accreditation is withdrawn (4.3.1.c)• not implying that a product, process, service,
management system or person is approved by the AB (4.3.1.d)
• having the legal right to use the accreditation symbol (4.3.2)
• use of the accreditation symbol in conjunction with other CAB marks (4.3.3.a)
• reproduction of the accreditation symbol (4.3.3.c)• reference to accreditation (4.3.3.d)• use of the accreditation symbol in communication
media (4.3.3.e)
53
Impartiality Requirements (4.4)• Incorporate obligatory requirement form the
“Common Elements”
• Expands on requirements in current 4.3 Impartiality
• Additions
Top management commitment to impartiality, public impartiality policy that includes importance of impartiality in carrying our accreditation activities
Process to identity , analyze, evaluate, treat, monitor an document on on-going basis the risks to impartiality arising from its activities including conflicts arising form its relationships or the relationships of its personnel
54
Impartiality Requirements (4.4) When risks to impartiality identified, AB shall demonstrate and
document how it eliminates or minimizes risks and document residual risk which AB management must review to determine whether it is within acceptable level
ABs cannot perform any CA activities including running PT programs
Related Body has been changed to bodies offering consultancy or CA activities
AB’s policies , process and procedures shall be non-discriminatory and shall be applied in a non-discriminatory way
Make its services accessible to all applicants Access not conditional upon the size of the applicant CAB or
membership of any association or group, nor shall accreditation be conditional upon the number of CAB already accredited
55
Impartiality Requirements (4.4)
• AB or any part of the same legal entity shall not offer or provide any service that affects its impartiality (CA and consultancy)
• If AB is linked to a body offering consultancy or perform CA activities the AB shall have:
Different top management
# personnel performing the Accreditation decision-making process
Distinctly different name , logos and symbols
Effective mechanism to prevent influence on the outcome of any accreditation activity
56
Impartiality Requirements (4.4)
• AB activities shall not be presented as linked with consultancy or other services that pose an unacceptable risk to impartiality
• Nothing shall be said or implied that would suggest accreditation would be simpler, easier, faster or less expensive if any specified person (s) or consultancy were used.
57
Exercise 4 – Risk ( See List of exercises page 6 and 7/39) Scenario # 1
58
Exercise 4 – Risk ( See List of exercises page 8 and 9/39) Scenario # 2
59
Exercise 4 – Risk ( See List of exercises page 8 and 10/39) Scenario # 3
60
Exercise 14 – Risk ( See List of exercises page 27/39) Scenario # 3
61
Similar to clause 4.5 in 2004 version. No substantive changes•Financial resources, of AB demonstrated by records and/or documents, required for the operation of its activities•Must have a description of income•Evaluate the risks arising from activities • Have arrangements to cover liabilities arising from its activities
Financing and Liability (4.5)
62
Accreditation Schemes
Establishing Accreditation Scheme
63
Establishing an accreditation scheme (4.6)
Accreditation scheme (3.28)
Rules and process relating to the accreditation of CAB’s to which the same requirements apply.
WADA (ISL) World Anti-Doping Agency –International Standard for laboratories ISO/IEC 17025
PEFC program for the endorsement of Forest certification (ISO/IEC 17065)
Non-destructive testing (ISO/IEC 17024)
Road Traffic Safety Management System (ISO/IEC 17021)
64
CASCO Toolbox 27 published standards and guides
See ISO – WEB SITE https://www.iso.org/sites/cascoregulators/02_casco_toolbox.html
• Describe the accreditation schemes you have in your AB or would like to have in your AB
• Discuss in Groups• Each Group contribute to list (place list on flip chart)
EXERCISE B)
66
Any documents developed to support a scheme requires input from interested parties and competent persons (4.6.2)
When developing a scheme the following shall be considered:
Feasibility of launching or extending an accreditation scheme
Analysis of it present competence and resources
Accessing and employing expertize
Need for application or guidance documents
Training of AB internal and eternal personnel
Implementation or transition arrangement
Views of interested parties (4.6.4)
Accreditation Schemes
67
Before an AB discontinues an accreditation scheme part or in full at least the following shall be considered
Views of interested parties
Contractual duties
Transition arrangements
External communication regarding the discontinuation
Information published by the accreditation body.
Accreditation Schemes
68
Accreditation process
Application from CAB
Preparation for assessment
Assessment
Accreditation decision
Maintaining accreditation
69
Establishing Accreditation Schemes (4.6)
New concept (see definition 3.28) Clause added with many new requirements ABs have sometimes been in charge of developing
the rules and requirements for accreditation programs (e.g. to ISO/IEC 17065 for product certification) but, in other cases, they are actors in a scheme for which another body has written the rules and requirements.
This is commonplace in the regulatory sector, where the Regulatory authority may dictate all or part of the requirements to be applied by the AB, but it is also the case in many voluntary schemes.
70
Schemes
Developed or adopted by AB
• Must have process (procedures/rules/records) to evaluate schemes
• Scheme must not contradict or exclude parts of other applicable international standards
• Considerations for documenting, extending, implementing, maintaining and discontinuing of schemes
71
Exercise 3 – Scheme ( See List of exercises page 5/39)
72
Quiz 3) The accreditation symbol must be legally protected.Which are used by the AB to legally protect the accreditation symbol?1. Registered with the US Trademark and Patent Office2. Listed in the AB agreement with CAB3. Have a policy on use of the AB symbol4. Registered with the government agency at the
headquarters location of the AB5. Have an agreement with the CAB to properly use the
AB mark.
73
Risk Based Concepts
ISO 31000: Risk Management
− ISO approaches that impact how organizations can implement the concept
Three considerations− Risk is not only about things going bad (NC) – but
includes doing things better (OFI).− Risks that have been identified cannot be ignored.− Risk analysis does not need to be a complex process
74
Risk based thinking
Three actions− Identify conditions and circumstances from all
sources that may impact operations, successes, corporate objectives, and the integrity of services.
− Determine the impact and circumstances (risk analysis and evaluation) – the good and the not-so-good.
− Take action to address them: • Risk treatment• Mitigate) adverse affects and keep record• Enhance positive ones and keep record
75
Risk based thinkingExample of process
− Identify the condition− Take immediate remediation action (where required)− Determine the risk or benefit presented by the
condition Impact on integrity or enhancement of accreditations Impact on risk to business (reputation) or people
(safety) Impact of cost, efficiency, effectiveness Amount of effort to address
− Determine any root cause− Determine the permanent resolution (including those
for any OFI)− Document the permanent resolution
76
Risk based thinkingExample of process
− Identify the condition− Take immediate remediation action (where required)− Determine the risk or benefit presented by the condition Impact on integrity or enhancement of accreditations Impact on risk to business (reputation) or people (safety) Impact of cost, efficiency, effectiveness Amount of effort to address
− Determine any root cause− Determine the permanent resolution (including those for
any OFI)− Document the permanent resolution
77
Exercise 16 – Related to Scheme Contents ( See List of exercises page 29/39)
78
• Sections 5.1 to 5.8• The authority and responsibility must be identified
• organizational chart suggested• Describe the legal entity and other activities
• Present all activities of AB and other parts of the legal entity
• Listing of names of owners and operators of the AB.
• Duties, responsibilities and authorities of top management and others that are involved with the AB
Essentially unchanged from current clause 4.2 Structure
ISO/IEC 17011 Structure (5.0)
79
Structural Requirements (5)
Same as clause 4.2 in previous version with one new requirement:
(5.3) if the accreditation body is part of a larger entity, the accreditation body shall be identified.
2017 Version 2004 Version
5.1 4.2.1
5.2 4.2.8
5.4 4.2.3
5.5 4.2.2
5.6 4.2.4
5.7 4.2.5
5.8 4.2.7
80
Quiz 4)
What is the objective evidence that a person has the authority to perform an activity? (e.g. signing an agreement, or making the accreditation decision, etc.)
What is the objective evidence that a person has the responsibility to perform an activity? (e.g. signing an agreement, or making the accreditation decision, etc.)
81
Quiz 5) (Discussion)
Can a person have the responsibility without being given the authority?
82
Exercise 4 a) and b) – Responsibilities ( See List of exercises page 11 and 12 /39)
83
ISO/IEC 17011 Resource Requirements (6.0)
6.1 Competence of personnel (Table A-1)6.1.1 General6.1.2 Determination of competence criteria6.1.3 Competence of management
6.2 Personnel involved in the accreditation process6.3 Personnel records6.4 Outsourcing
84
Accreditation Body Personnel
85
Personnel Definitions (3)
• Accreditation Body Personnel Internal or external individuals carrying out activities on
behalf of the accreditation body (3.30)• Assessor
Person assigned by an accreditation body to perform, alone or as part of an assessment team, an assessment of a conformity assessment body (3.7)
• Technical Expert Person assigned by an accreditation body, working under
the responsibility of an assessor, who provides specific knowledge or expertise with respect to the scope of accreditation to be assessed and so does not assess independently (3.11)
86
Personnel Definitions (3)
• Assessment Team
Team leader and a suitable number of assessors and/or technical experts (7.4.1)
• Team Leader
Assessor who is given the overall responsibility for the management of an assessment (3.14)
87
1. He has a bachelor's degree in English Literature.
2. He has 5 years experience as an English teacher
3. He attended a 2 day training in creative writing
Evaluate if this person has a good written communication skills.
88
Competency Not very well
Not well Well Outstanding
1. Effectively organizes written report
X
2. Uses effective grammar X3. Spells properly X4. Gears the language to the appropriate level of audience
X
Evaluate if this person has a good written communication skills.
89
Competence is absolute but specific: Either a person is
or is not competent to perform on the job.
Competency is contextual.
Only a minimal competency is necessary (maximal capacity is irrelevant) for the task at hand.
Some things require a higher degree of competence than others.
Competency is ‘fluid’ and thus must be assessed
‘at the moment’.
Defining Competence
90
Competence- ability to apply knowledge and skills to achieve intended results.
Qualification demonstrated education, training and work experience, where applicable.
Competence requires ongoing evaluation
Establish validity of pass/fail decisions (competent vs. not competent).
Competence vs. Qualification
91
Written, oral, practical, observation
Examination
Assessment
Assessment vs. ExaminationAssessment is a bigger concept and includes examination.
92
• Portfolio assessment
• Review of report
• Manager assessment
• Questionnaires
• 360 degree feedback
• Interview
• Observation
Assessment Tools
93
• Goals and performance criteria should be:
• Position Specific
• Person Centric
• Behaviorally anchored ratings
Establishing Competency
94
S- Specific
M- Measurable
A- Attainable
R- Relevant
T- Timely
UTILIZE SMART For Performance Management
95
Resource Requirements
There are many new requirements relating to competence. These include: •Competence of personnel for scheme and region in which it operates (6.1.1)•Documented process for determining and documenting competence criteria (6.1.2.1)•Knowledge of assessment principles and practices and general management systems (6.1.2.2)•Knowledge of AB’s rules and processes, accreditation scheme requirements, conformity assessment scheme requirements (6.1.2.3)`
96
Resource Requirements
These include: (continued)•Knowledge of risk based assessment principles (6.1.2.4)•Knowledge of general regulatory requirements (6.1.2.5)•Knowledge of CAB’s business environment, communication skills, note-taking and report-writing skills, opening and closing meeting skills, interviewing skills and assessment-management skills (6.1.2.6)•Personnel that review documents must demonstrate note-taking and report writing skills (6.1.2.7)
97
Resource Requirements
Many new requirements including:• Competence to evaluate the outcomes of the
assessment (6.1.2.8)• Additional criteria for specific accreditation schemes
(6.1.2.9)• Management of competence includes authorization
after demonstration of the accreditation activities (6.1.3.1)
• Identify training needs and provide access to specific training (6.1.3.3)
• Up-to-date set of documented procedures providing assessment instructions (6.2.3)
98
Resource RequirementsUp-to-date set of documented procedures providing assessment instructions (6.2.3)
Clauses that stayed the same or minor wording changes:
2017 Version 2004 Version
6.1.3.1 6.2.1
6.1.3.2 6.2.2
6.1.3.4 6.3.1
6.1.3.5 6.3.2
6.1.6.6 6.3.2
6.2.1 6.1.1 and 6.1.2
6.2.2 6.1.4
99
Resource Requirements
2017 Version 2004 Version
6.3 6.4
6.4 7.4
6.4.1 7.4.1
6.4.2 7.4.1
6.4.3 7.4.1
6.4.4 7.4.1
6.4.5 7.4.2
6.4.5.a 7.4.2.a
6.4.5.b 7.4.2.b
6.4.5.c 7.4.2.d
6.4.6 7.4.3
Clauses that stayed the same or minor wording changes:
100
Table A-1 (Informative)
Summary of the knowledge and skills for accreditation body assessment teams and appropriate accreditation body personnel but are informative because they only identify the areas of knowledge for specific accreditation activities. The competence requirements for each accreditation activity are stated in 6.1.2.2 to 6.1.2.7. Table A.1 gives the reference to the specific requirement.
101
Principles for Inspiring Confidence⎯ impartiality,
⎯ competence,
⎯ responsibility,
⎯ openness,
⎯ confidentiality, and
⎯ responsiveness to complaints
(From ISO/IEC 17021: 2006 Conformity assessment —Requirements for bodies providing audit and certification of management systems, Clause 4.1.3)
102
Competence of personnel (6.1)
Accreditation Bodies must have a process to ensure its personnel have the appropriate knowledge and skills (competence) relevant to the accreditation and geographic areas in which they operate (clause 6.1.1).
103
Determining Competence (6.1.2)
Accreditation Bodies shall have a documented process for determining and documenting the competence criteria for personnel involved in the management and performance of assessments and other accreditation activities.
Competence criteria shall be determined with regard to the requirements of each accreditation scheme and shall include the required knowledge and skills for performing accreditation activities. (6.1.2.1)
104
EXERCISE D)
• Create a list of competence criteria (knowledge and skills) in addition to what is in Annex A for your assessment team
• Discuss in Groups
• Each Group contribute to list (place list on flip chart)
105
Competence Management (6.1.3)Accreditation Bodies must:
a) establish and implement a documented process for the initial evaluation, and on-going monitoring of all personnel involved in accreditation processes;
b) ensure that its evaluation methods are effective to demonstrate competence of accreditation body personnel; and
c) prior to undertaking accreditation activities, authorize personnel to perform those activities of the accreditation process.
(Clause 6.1.3.1)
106
Competence Management (6.1.3)
Accreditation Bodies must have a documented process for selecting, training and formally authorizing assessors.
Accreditation Bodies shall have a documented process for selecting and authorizing technical experts and familiarizing them with relevant requirements and procedures used in the accreditation process.
The initial competence evaluation of an assessor shall include determining the ability to apply required knowledge and skills during assessments ( 6.1.3.2)
107
Competence Management (6.1.3)
Accreditation Bodies shall identify training needs and shall provide access to specific training to ensure all personnel involved in the accreditation processes are competent for the accreditation activities they perform. (6.1.3.3)
108
Exercise 23 – Related to Monitor Assessors ( See List of exercises page 38/39)
109
Competence Management (6.1.3)
There shall be a documented process for monitoring competence and performance of all personnel involved in the assessment activities.
In particular, the accreditation body shall review and record the competence of its personnel taking into account their performance in order to take any necessary corrective action. (6.1.3.4)
110
Competence Management (6.1.3)
The accreditation body shall monitor each assessor considering each accreditation scheme for which the assessor is authorized.
The documented monitoring process of assessors shall include a combination of:
− on-site evaluation,
− review of assessment reports, and
− feedback from personnel, conformity assessment bodies or from other interested parties (6.1.3.5)
111
Each assessor shall be observed during an assessment at regular intervals.
This shall be at least every three years, unless there is sufficient supporting evidence that the assessor is continuing to perform competently.
If the interval is extended, justification shall be made (6.1.3.6)
Competence Management (6.1.3)
112
Personnel Involved in Accreditation Process (6.2)
The accreditation body shall have access to a sufficient number of competent personnel to manage and support all its accreditation activities for all accreditation schemes. (6.2.1)
113
Personnel Involved in Accreditation Process (6.2)
The accreditation body shall have enforceable arrangements requiring all personnel to conform with applicable policies and implement processes as defined by the accreditation body.
The arrangements shall address aspects relating to confidentiality and impartiality and shall require all personnel to notify the accreditation body of any existing, prior or foreseeable relationships which may compromise impartiality. (6.2.2)
114
Personnel Involved in Accreditation Process (6.2)
The accreditation body shall give assessors and technical experts access to an up-to-date set of documented procedures giving assessment instructions and all relevant information on the accreditation processes (6.2.3)
115
Personnel Records (6.3)
The accreditation body shall maintain records, including qualifications, training, competence, results of monitoring, experience, professional status and professional affiliations for personnel managing or performing accreditation activities.
116
Table A-1 (Informative)
Summary of the knowledge and skills for accreditation body assessment teams and appropriate accreditation body personnel but are informative because they only identify the areas of knowledge for specific accreditation activities. The competence requirements for each accreditation activity are stated in 6.1.2.2 to 6.1.2.7. Table A.1 gives the reference to the specific requirement.
117
EXERCISE E)
• List all documents that should be in a personnel file
• Discuss in Groups
• Each Group contribute to list (place list on flip chart)
118
Exercise 5 – Records ( See List of exercises page 13/39)
119
Outsourcing (6.4)
Outsourcing is having an external person or body perform a task under their own direction rather under the procedures of the Accreditation Body.
120
Accreditation decisions shall not be outsourced.
The person(s) assigned by the accreditation body to make an accreditation decision shall be employed by, or shall be under enforceable arrangements with the accreditation body. (6.4.2)
Outsourcing (6.4)
121
The accreditation body shall describe the conditions under which outsourcing may take place and when applicable shall have a documented procedure for outsourcing. (6.4.3)
Outsourcing (6.4)
122
The accreditation body shall have a enforceable arrangement covering the outsourcing arrangements, including confidentiality and conflicts of interests, with each body that provides outsourced services. (6.4.4)
Outsourcing (6.4)
123
The accreditation body shall:
a) take responsibility for all activities outsourced to another body;
b) ensure that the body that provides outsourced services, and the individuals that it uses, conform to requirements of the accreditation body and also to the applicable provisions of this document, including competence, impartiality and confidentiality; and
c) obtain the consent of the conformity assessment body to use a particular provider of any outsourced parts of the assessment. (6.4.5)
Outsourcing (6.4)
124
The accreditation body shall have a documented process for the approval and monitoring of all bodies that provide outsourced services used for accreditation processes, and shall ensure that records of the competence of all personnel involved in accreditation processes are maintained. (6.4.6)
Outsourcing (6.4)
125
NOTE 1 Where the accreditation body engages individuals or employees of other organizations to provide additional resources or expertise, the use of these individuals does not constitute outsourcing provided they are individually contracted to operate under the accreditation body's management system
NOTE 2 Mutual recognition arrangements based on this document may fulfil some of the requirements (6.4.6)
Outsourcing (6.4)
126
EXERCISE F)
What items for personnel records must the accreditation body retain?
List the specific type of objective evidence expected to be available at the on-site AB evaluation.
For Example: Qualification: High School and Bachelors degree: Copies of each are available at the AB
127
Quiz 6)
The accreditation decision may be outsourced.
True or False
128
Quiz 7)
The accreditation body must have an enforceable arrangement with the outsourced entity that includes confidentiality and conflict of interest.
True or False
129
Quiz 8)
The accreditation body must monitor the activity performed by the outsourced body and maintain records of competence for personnel performing accreditation activities.
True or False
130
Exercise 21 – Monitor Assessors ( See List of exercises page 38/39)
131
ISO/IEC 17011 Process Requirements (7.0)
7.1 Accreditation requirements7.2 Application for accreditation7.3 Resource review7.4 Preparation for the assessment7.5 Review of documented information7.6 Assessment7.7 Accreditation decision-making7.8 Accreditation information7.9 Accreditation cycle7.10 Extending accreditation7.11 Suspending, withdrawing or reducing accreditation7.12 Complaints7.13 Appeals7.14 Records on conformity assessment bodies
132
Process RequirementsMany new requirements including:
•Accreditation Requirements •Application for Accreditation – Applicant to provide information demonstrating compliance with accreditation requirements •Determine the Suitability of the application for Accreditation •AB rejection of application for evidence of fraudulent behavior or if the CAB provides false information (7.2.4)•Preliminary Visit • Resources review • Appoint an assessment team • AB inform CAB of the names of the members of the assessment team • AB shall clear define the assignment given to the assessment team
133
Process Requirements
Many new requirements including:
•AB establish documented procedures to assess the competence of the CAB sufficient to provide confidence in the conformance with the scheme (7.4.4)•AB establish documented procedure related to assessment team assess the performance of a sample of the CA activities representative of the scope of Accreditation•Activities to be assessed shall be selected considering risk associate with – Activities, locations and personnel (7.4.6)
134
Process Requirements
Many new requirements including:
•Assessment plan to be developed and AB to justify where witnessing is not applicable (7.4.7)•Confirmation of date (s) and plan for the assessment •Appropriate documents to the Assessment team (7.4.9) • Review of document information •AB establish document procedures for describing the assessment techniques used (7.6.1)• Opening meeting – Cover purpose of the assessment and accreditation requirements as well as assessment plan (Scope of the assessment are confirmed)
135
Exercise 7 – Related to Assignments ( See List of exercises page 15/39)
136
Exercise 8 – Preparation ( See List of exercises page 16/39)
137
Exercise 21 – Assessment Process ( See List of exercises page 35/39)
138
Exercise 12 – Related to Assessment ( See List of exercises page 25/39)
139
Process Requirements
Many new requirements including: (continued)•Conduct the assessment based on the assessment plan (7.6.3)•Assessment team to reach out to AB personnel for clarification (7.6.5) • Written report on the result of the outcome of the assessment shall be provide to the CAB•Provide explanation in writing when the outcome of the assessment differs form the outcome delivered at the close of the assessment (7.6.6.c)
140
Process Requirements
AB responsible for the content of all its assessment reports •AB define time limits for correction of corrective action to be implemented by CAB (e.g. root cause analysis) •AB to describe process for all types of accreditation decision (7.7.1)•AB competent person (s) or committee (s) different from those who carried out the assessment (If the decision is not related to reassessment and no changes then the AB can implement a process with does not require an independent decision • Information provided to Accreditation decision maker (s)
141
Process Requirements
•Information to be reviewed to include further information needed (7.7.3.i)• Accreditation information (7.8.1)•Effective date is the date of or date after the accreditation decision (7.8.2)•Scope of accreditation (CB, Labs, IB, VVB, PT, RMP and others• AB has to have a document procedure on how it address flexible scope of accreditation
142
Exercise 24 – Assessment Report ( See List of exercises page 39/39)
143
Process Requirements
Many new requirements including: •Accreditation cycle (7.9) replaces reassessment and surveillance (7.11)•Extending Accreditation • Suspending, withdrawing or reducing • Evidence of fraudulent behavior or false information provided (7.11)•Documented procedures and criteria for lifting suspension (7.11.3) AB shall have a documented process to receive,
evaluate and make decisions on complaints and Appeals (7.12 and 7.13)
144
Exercise 22 – Complaints and Appeals ( See List of exercises page 36 and 37/39)
145
EXERCISE G)
Create a list of actions, appropriate to your particular accreditation scheme(s), for which you would suspend, withdraw or reduce accreditation.
Resources:
• Sample Complaints policy and procedures
• Sample Appeals policy and procedures
146
Quiz 9)
A remote assessment does not require interviewing the CAB personnel
True or False
147
Quiz 10)
A remote assessment requires a prior document review
True or False
148
Quiz 11)
The following must be provided by the AB to the certification body when accredited.
the type of certification
certification scheme(s);
the standards, normative documents and/or regulatory requirements to which management systems, products, processes and services, or persons are certified, as applicable;
product, processes, service and persons categories where relevant.
True or False
149
Exercise 16 – Related to Scheme Contents ( See List of exercises page 29/39)
150
Exercise 17 – Related to Scheme Contents ( See List of exercises page 30/39)
151
Exercise 18 – Related to Scheme Contents ( See List of exercises page 31/39)
152
Exercise 19 – Related to Scheme Contents ( See List of exercises page 32/39)
153
Exercise 20 – Related to Scheme Contents ( See List of exercises page 33/39)
154
ISO/IEC 17011 InformationRequirements (8.0)
8.1 Confidential information
8.2 Publicly available information
155
EXERCISE H)
List the information that is not confidential and must be made publicly available.
List specific objective evidence of conformance
156
Information Requirements (8)
Mostly the same as 2004 version with one addition:
•AB shall make publicly available information about the AB’s other activities (other than accreditation) (8.2.1.a.4)
157
Exercise 6 – Related to Confidentiality ( See List of exercises page 14/39)
158
Exercise 9 – Related to Confidentiality ( See List of exercises page 17/39)
159
Quiz 12)
The accreditation body does not need to inform the conformity assessment body, in advance, of information it intends to place in the public domain.
True or False
160
Quiz 13
The accreditation body shall give due notice of any changes to its requirements for accreditation. It shall take account of views expressed by interested parties before deciding on the precise form and effective date of the changes.
True or False
161
ISO/IEC 17011 Management SystemRequirements (9.0)
9.1 General9.2 Management system9.3 Document control9.4 Records control9.5 Non-conformities and corrective actions9.6 Improvement9.7 Internal audits9.8 Management reviews
162
Management System Requirements (9)
Mostly the same as 2004 version with addition of:
•Option A (9.1.4)
•Option B (9.1.5)
•AB continually improve effectiveness of this system (9.2.2)
163
Session 10
Management systems
164
Management system requirements for Accreditation body
Option A—General management system requirements
Option B—Management system requirements in accordance with ISO 9001
Management system
165
Management system requirements for ABs - General
CB shall have a management system for demonstrating consistent achievement of the requirements of [ISO/IEC17011]. In addition to meeting the requirements in this document an AB shall have a management system in accordance with option A or option B
Management system
166
Option A - Management System
Shall design implement and improve the effectiveness of a management system which includes the following:control of documentscontrol of recordsnonconformities and corrective actions improvement internal auditsmanagement review
Management system
167
Management system requirements for CBs
Option BAn accreditation body that has established and maintains a management system, in accordance with the requirements of ISO 9001, and that is capable of supporting and demonstrating the consistent fulfilment of ISO/IEC 17011, fulfils at least the management system section requirements.
Management system
168
Components of Option A9.2 Management system
--shall operate a management system appropriate to the type, range and volume of work performed.
-all applicable requirements of this document shall be addressed either in a manual or in associated documents.
-shall ensure that the manual and relevant associated documents are accessible to its personnel
-shall ensure effective implementation of the management system’s processes.
169
9.3 Document Control
The accreditation body shall establish documentedprocedures to control all documents (internal and external) that relate to its accreditation activities.
170
Records control (9.4 )and
Records9.4.1 AB shall have documented procedures to define the controls needed for the identification, storage, protection, retrieval, retention time and disposition of its records9.4.2 …..documented procedures for retaining records for a period consistent with its contractual and legal obligations.
171
Nonconformities and Corrective actions (9.5)
9.5.1 The AB shall establish documented procedures for the identification and management of nonconformities in its own operations. The accreditation body shall also, where necessary, take actions to eliminate the causes of nonconformities in order to prevent recurrence. Corrective actions shall be appropriate to the impact of the problems encountered.
172
Exercise 13 – Related to Non-conformities ( See List of exercises page 26/39)
173
9.6 Improvement
The accreditation body shall establish documentedprocedures to identify opportunities for improvement and to identify risks and take appropriate actions
174
9.7 Internal Audits9.7.1 The accreditation body shall establish documented procedures for internal audits to verify that the accreditation body conforms to the requirements of this document and that the management system is implemented and maintained.
9.7.2 Internal audits shall be performed normally once a year. An audit programme shall be established, taking into consideration the importance of the processes and areas to be audited, as well as the results of previous audits.9.7.3 The frequency of internal audits may be reduced if the accreditation body demonstrates that its management system has been effectively implemented according to this document and has proven stability.
175
9.8 Management reviews
The accreditation body's management shall establish documented procedures to review its management system at planned intervals to ensure its continuing adequacy and effectiveness in satisfying the relevant requirements, including this document and the stated policies and objectives. These reviews shall be conducted at least once a year
176
Exercise 10 – Related to Management System ( See List of exercises page 18/39)
177
Exercise 11 – Related to Management System ( See List of exercises page 19/39)
178
Quiz 14
The management system must be defined in a manual and relevant documents.
True or False
179
Quiz 15
The AB must ensure the effectiveness of making improvements.
True or False
180
Quiz 16
The internal audit must be at a defined frequency and must include opportunities of improvement.
True or False
181
Exercise 15 – Related to Implementing the changes ( See List of exercises page 28/39)
182
183
ANSI‘s PLAN TO IMPLEMENT - THE NEW ISO/IEC 17011:2017
184
FLEXIBILITY is the most significant advantage of the ISO/IEC 17011
Recognition that “one size does not fit all”
- Not all industries , regulatory/business/technical environments are alike
- Not all CAB are alike
- Not all CA activities are alike
- Not all ABs are Alike!!
- ABs’ rules and procedures need to be “Fit for the purpose”
ISO/IEC 17011 - 2017
185
Expectation that ABs will understand the risks in the environment in which they are operating and adapt their process accordingly
- Opportunity to apply risk-base thinking to all sections of Standard
e.g. Clause 6 Resources requirements , Clause 7 Process requirements
ISO/IEC 17011 - 2017
186
Flexibility in the scope
- Clause 7.8.3 (H)
- Some CA activities can be outside the MRAs/MLAs
ISO/IEC 17011 - 2017
187
Flexibility in the Scheme rules and process requirements
- ABs shall develop or adopt Accreditation Schemes –Document rules and process referring to relevant IS or other normative documents
* Accreditation Scheme = Rules and process relating to Accreditation of CABs to which same requirements apply (e.g. 17020, 17025, 17065 , 15189, 17021… etc)
ISO/IEC 17011 - 2017
188
Flexibility in the Scheme rules and process requirements
- Accreditation Criteria
i) A schemes can be developed at the level of the IS
Or
ii) Schemes can be set up under an IS + SO requirements + AB guidance
iii) Schemes endorsed by IAF must include IAF/PAC mandatory document
iv) Schemes may also need to include regulatory requirements
ISO/IEC 17011 - 2017
189
Flexibility in the Scheme rules and process requirements- Assessment Processi) Assessment techniques ii) How scope is covered sufficiently to provide confidence that the CAB
complies with accreditation criteria (e.g. how representative samples of CAAs , locations and personnel are selected
Risk to be considered in relation to selection of techniques to be used, and sampling CAAs, locations , personnel
- Scope of Accreditation
i) Flexible scope of accreditation = SoA expressed to allow CABs to make changes in methodology and other parameters which fall within the competence of the CAB as confirmed by the AB.
ISO/IEC 17011 - 2017
190
Flexibility in the Scheme rules and process requirements- Accreditation Cycle i) Cycle≤ 5 Years , Accreditation criteria + SoA assessed taking risk
into accountii) Sample of SoA ≤ 2 Yearsiii) Onsite Assessment ≤ 2 years , unless use another assessment
technique will achieve the same objective can be justified iv) Reassessment + Accreditation Decision at the end of the Cycle- Assessment programs for CABs to ensure CAAs representative of the SoA at relevant locations are assessed during the accreditation cycle -- Do not need to be the same for each CAB but must comply with scheme process requirements
ISO/IEC 17011 - 2017
191
Establish Accreditation Schemes –
Factors to Consider (Clause 4.6.4) Regulatory context/expectations
Industry expectations
Public expectations
CA Scheme owners expectations
ISO/IEC 17011 - 2017
192
Establish Accreditation Schemes –Factors to Consider (Clause 4.6.4) CABs- Maturity - Geographic location, availability of technology- Multi-site vc single siteo For multi-site – Organizational /Technical management - Resources e.g. personnel performing CAAs- Ranges of CAAs performed
ISO/IEC 17011 - 2017
193
Establish Accreditation Schemes –Factors to Consider (Clause 4.6.4) CABs- Types of CAAso Complexity, level of automationo Availability of PT and ILCso Witness assessment o Consequences/impact of CAA outcomes
ISO/IEC 17011 - 2017
194
Establish Accreditation Schemes –Factors to Consider (Clause 4.6.4) Remote assessment- Use of wearable technology- Scope extensionso Improve the witness of CAAs – see more CAAs , personnel o Improve responsiveness to clients requestso More efficient use of technical assessors/expertso Travel time reduceo Costs for CABs reduce
ISO/IEC 17011 - 2017
195
Establish Accreditation Schemes –Factors to Consider (Clause 4.6.4) Sampling of sites for multi-sites CABs- Traditional on-site assessment for every site Consider factors such as:o Central control of MSo Technical control centrally managedo Common technology platformso Accreditation History (performance)o Stability of CAB’s management , staffing Accreditation Cycles based on CABs performance- Traditionally used shortened intervals between assessments as a “Sanction”, no extension of intervals--- Better use of the resources TA--- Reduce cost for CABs
ISO/IEC 17011 - 2017
What Needs To Be Planned Questions from ANSI clients submit to ANSI What is your process for flexible scopes? What is your requirements to defines virtual sites? I note that the new ISO/IEC 17011:2017 3.26 NOTE defines a virtual
site as: First question: If various CBa office locations contribute ONLY
high speed internet access in to the CBa intranet to the staff working there can all those locations be considered part of CBa’sONE virtual site (the CBa intranet). If not, why not given the definitions in ISO/IEC 17011 2017 and IAF MD2?
Second question: More and more CBs staff work from home or other locations that are not rented or owned by CBa. All these staff perform their work via the CBa intranet (virtual site). Do you agree I can aggregate all those staff in to a single CBa virtual site (CBa intranet) for accreditation purposes?
196
Questions from ANSI Assessors
Concept of Risk and Risk-based thinking in the assessment PROCESS
Sampling of conformity assessment activities representative of the scope of Accreditation
The use of assessment techniques
Rules to determining assessment durations
ANSI tools to monitor the competencies of Assessors
What Needs To Be Planned
197
Document Review of ANSI documents for accreditation process
− Revise existing documents
− Develop new ANSI documents defined in the new standard (e.g. risk based thinking for assessments)
− Sample of CA activities representative of the scopes of accreditation
i) Consider the risk associate with the activities, locations and personnel
Develop pilot program using flexible scopes (Product, GHG and Personnel)
After the pilot develop the process/procedure related to Flexible scopes 7.8.4
Develop the use of wearable technology for observation of ANSI assessors
− Alternative method for evaluating competence of assessor
− Alternative method for conducting witness assessment
What Needs To Be Planned
198
Refine process related to sampling of CB locations (See ISO/IEC 17011 clauses)− Headquarters− Other CAB activities at other sites AND virtual sites
Refine process for Remote or virtual locations assessments
Refine process for Witness assessment− Sampling of schemes, standards, process− How many, frequency and what types of the CB activities to
witness
• Inspection• Testing• Management systems
What Needs To Be Planned
199
Adopt ISO/IEC 27001 into the ANSI process
− Systematically examine ANSI’s information security risks, taking account of the threats, vulnerabilities, and impacts to the accreditation of Product, Process and Service CABs
Adopt an overarching management process to ensure that the information security controls continue to meet the organization's information security needs on an ongoing basis
Monitor and review the information security risks from refined ANSI process to ensure the risks are minimized
Update and improve the information management system as necessary
Other Changes Needed
200
Develop a Process to “Establishing accreditation Schemes”
(Develop a process) - Suitability of the conformity assessment schemes
Application for accreditation (7.2.3 Determine the suitability of the application for accreditation to initiate an assessment) Link to 4.6.3
Other Changes Needed
201
Train following groups on ISO/IEC 17011 and the process of risk based thinking assessments
− Scheme owners (More than 60 organizations)
− ANSI assessors (include risk based assessments)
− ANSI accreditation committee ( 60 members)
− ANSI clients (2018 Client Day – Include ISO/IEC 17011 on the agenda) - 250
− ANSI staff
− Meeting with
Pod Cast ISO/CASCO WG-45
− Interview of WG members
Planning of Training
202
ANSI staff participation in the development of the ISO/IEC 17011 (WG – 45)
Develop cross reference ISO/IEC 17011:2004 to ISO/IEC 17011:2017 Perform Gap Analysis (After internal audit - March 2018) Revise the ANSI accreditation committee (ACC) Policy documents
− PL-102 Manual of operations (Mid 2018)− PL-103 ACC rules of operation (Mid 2018)
IAF-MD 20 has been implemented by ANSI Expand IAF - MD-20 to include Technical Assessors and ANSI
accreditation Committee member and staff (Mid 2018)
− ISO/EC 17011:2017 Clause 6 − ANSI staff and ACC members Review and selection of competent
Assessors or technical experts NIST/NVCASE Evaluation (TCB program)
List of actions
203
Impact to Peer Evaluation
• ANSI involvement
• Competence of peer evaluators in reviewing new process
• Peer evaluation scheduled for 2021 for ANSI
• Transition to be completed by ANSI end of 2019
• PAC requires transition to be complete by November 2020
• ANSI will be ready for next peer evaluation
204
Session 11
Closing
205
What Did we Cover?
Review of objectives (both provided and supplied)
206
Questions and Answers
Do you have questions that were not answered?
207
Award Ceremony
Award certificates
208
Evaluation
Please complete the evaluation
209
The End
Thank you for attending
Slide 210
American National Standards Institute
Headquarters New York Office1899 L Street, NW 25 West 43rd Street11th Floor 4th FloorWashington, DC 20036 New York, NY 10036
T: 202.293.8020 T: 212.642.4900 F: 202.293.9287 F: 212.398.0023
www.ansi.orgwebstore.ansi.org
www.nssn.org
Reinaldo B. Figueiredo
ANSISenior Program
Director Kotaro YoshidaInternational Accreditation
Japan(IAJapan)