Risk Based Thinking and the Impact on 17025 Featuring our invited presenter: Melanie Ross, Training Products Specialist for ANAB

• All-in-One Compliance Management Solution

• ISO 9001:2015 Certified Organization

• Founded in 1993

• 97% customer renewal rate

• Headquartered in Blacksburg, VA

YOUR QUALTRAX PRESENTER

Account ExecutiveKaren Arrivillaga

• All-in-One Compliance Management Solution

• ISO 9001:2015 Certified Organization

• Founded in 1993

• 97% customer renewal rate

• Headquartered in Blacksburg, VA

YOUR QUALTRAX PRESENTER

Training Product Specialist ANSI National Accreditation Board (ANAB)

Melanie Ross

OUR INVITED PRESENTER

● Develops and Delivers Training on Variety of Topics

● 15+ years working with Quality Assurance, Control and Management

● Managed accounts of global certification organizations

ANSI National Accreditation Board

Risk-based ThinkingProcess Approach to Risk Assessment

Goals• Define risk

• Identify standard requirements related to risk

• Identify risk-based controls of the standard

• Application of risk-based thinking in the laboratory

• What to expect during an assessment

Risk resources• ISO 31000 Risk management guidelines

• ISO/IEC 31010 Risk management-risk assessment techniques

NOT REQUIRED BY ISO/IEC 17025 STANDARD

Risk in the context of ISO framework• ISO documents provide

• Requirements, specifications, guidelines, or characteristics

• Intent is to ensure materials, products, processes and services are fit for purpose

RISK RELATES TO DOUBT IN REACHING THIS INTENT

What is risk?• Effect of uncertainty

• Risk is the deviation from the expected cause by a shortage of information, misinformation, or misinterpretation of information

• Effects may be both positive and negative• Negative effects: nonconformities• Positive effects: opportunities for improvement

Risk in ISO/IEC 17025:2017• 4.1.4 risks to impartiality• 4.1.5 eliminating risks to impartiality• 7.8.6.1 level of risk associated with decision rules• 7.10.1 actions taken for nonconforming work• 8.5 actions to address risks and opportunities• 8.7 corrective action• 8.9 management review

Clause 4.1.4 & 4.1.5• Identify risks to impartiality on an ongoing basis

• Laboratory relationships• Relationships of personnel

• Eliminate or minimize identified risks

Clause 7.8.6.1• Reporting of results

• Level of risk associated with decision rule• False accept/reject• Statistical assumptions

Clause 7.10.1• Actions for nonconforming work based on risk levels

• Established before nonconforming work occurs

Clause 8.5.1• Consider risks and opportunities to

• Assure management system achieves intended results• Enhance opportunities to achieve objectives• Prevent or reduce undesired impacts• Achieve improvement

Clause 8.5.2• Laboratory shall plan

• Actions to address identified risks and opportunities• How to

• Integrate and implement these actions• Evaluate effectiveness

Clause 8.5.3• Actions

• Proportional to the potential impact on validity of results

Clause 8.7.1• Corrective action

• Update risks and opportunities determined during planning• Make changes to the management system

Clause 8.9• Management review

• Include results of risk identification

Inherent risk-based controls• Contract review: ability to provide service, decision rules

• Process review: selection, verification, and validation of methods

• Externally provided products and services: supplier selection

• Testing or calibration: review of work, assuring quality

Inherent risk-based controls• Internal audit: frequency, audit schedule prioritization

• Nonconforming work: response based on risk

• Corrective action: initiating/depth of investigation

• Management review: monitoring system performance

Addressing risk in the lab• Identify the risks and opportunities

• Plan response

• Incorporate response into management system

• Evaluate effectiveness of response

Risk-based thinking• Preventive action as part of the routine operation

• Risk-based thinking can identify opportunities

• Included in development of management system processes• Authority and responsibility of appropriate staff• Level of details of procedures required for consistent

application

What is at risk in the laboratory?• Internal context

• Within the management system

• External context• Based on management system outcomes

Simple risk-based approach• Identify risks and opportunities – it depends on context• Analyze and prioritize risks and opportunities

• What is acceptable?• What is unacceptable?

• Plan actions to address risks and opportunities• Accept the risk• Avoid or eliminate the risk• Mitigate the risk

Simple risk-based approach• Implement the plan – take action• Check the effectiveness of the actions – did it work?• Learn from the experience – improvement

Performance based standard• Risk-based thinking

• Reduction in prescriptive requirements• Performance-based requirements

• Greater flexibility• Less prescription• More discussion

Is a documented procedure needed?• No procedure is required

• Most likely however there will be a record trail to identified risks and opportunities

Would a procedure be useful?• Ensure consistency

• Is risk-based thinking method used new?• Are new people involved in the process?• Will it make integration easier?• Will it help when reviewing for effectiveness?

Assessment considerations

• Demonstrate risks and opportunities were• Identified• Evaluated• Mitigated, minimized, or accepted

• Document risks and opportunities

What should the lab do?• Identify the risks and opportunities for the organization

• Standard does not require a full, formal risk assessment, of to maintain a risk register

• ISO 31000 Risk Management-Principles and guidelines may be useful as a reference (but not mandated)

How Qualtrax Plays a Role in Risk Based Thinking

• Proactive and Reactive

• Promotes Employee Accountability

• Centralized location for all audit data

• Visibility to identify risks and opportunities for improvement

• Configurable Process Automation- Corrective Actions- Management Review

All -In-One Quality Management System

“We are a lean organization – constantly trying to improve our processes while cutting away the waste,” explains Todaro. “That’s what drives us to improve our quality each and every day.”

Jim TodaroQuality Assurance Manager

Benefits to Qualtrax Workflows

• Process Control

• Automated, Role-Based Tasks and Alerts

• Records in one place

• Reporting/Visibility

• Configurable

Some Workflows Used Today

● Corrective ActionRequest

● Internal Audit● Safety Work Order● Accident Reporting● Employee Onboarding● Performance Evaluation● Management Review● Chemical Preparation● Vendor Evaluation &

Approval● Purchase Request● Validation● Customer Complaint● Validation● Proficiency Testing

● Approved Vendors● Deviation Request● LIMS Change Request● Customer Feedback● Drug Reagent &

Chemical Prep● Quality Incident Log● DNA Inventory● Court Testimony Log● Authorizations● Audit - Safety● Audit - Surveillance

Visits● Preventative Actions● Security AccessRequest

● Improvement Action● Production Approval● Safety Work Order● Accident/Near Miss

Report● Forklift Certification● Glass Breakage Record● Training/Certification

Record● Instrument

Certification● Engineering Change

Order● CAPA/NCR● Pigment Approval● Assemble to Stock

● Authorizations● Literature Review Log● Outstanding● PTO Request● IT Request● Planning Meetings● Staff Holiday Parties● Suggestion Box● Quality Memo● Archive Request● Unexpected Data Log● Equipment Inventory● Outstanding

Communications● Error Log● Employee Termination

Registration is closing soon!go.qualtrax.com/SuperQUC

Questions?

Karen Arrivillaga Account Executive

Qualtrax, Inc.karen@qualtrax.com

Melanie RossTraining Product Specialist

ANSI National Accreditation Board (ANAB)