Text

COMPARISON OF AN ISO 17065 ACCREDITATION TO A COMMERCIAL GRADE DEDICATION (IN THE CONTEXT OF THE CRITICAL CHARACTERISTICS OF THE SERVICE PROVIDED BY THE CERTIFYING BODY)

Page 1 of 13 Introduction The traditional approach to taking credit for a commercial grade service is to perform a commercial grade dedication (CGD). The typical acceptance method used to perform this type of CGD is a commercial grade survey (CGS). This document evaluates the ISO 17065 accreditation process as a replacement to that traditional approach. The context of this evaluation/comparison is the service being provided by an IEC 61508 functional safety certifying body (CB).

Summary of Process The comparison process used in this document is to develop a CGS checklist and then compare it to ISO 17065 accreditation. To develop the CGS checklist, the following steps are used: identify the safety function, perform a technical evaluation to identify the critical characteristics (CCs), and then identify the applicable audit sections of the Nuclear Procurement Issues Corporation (NUPIC) audit checklist. A commercial grade survey is typically performed using a tailored 10CFR50 App B checklist. The checklist is trimmed down to specifically address the identified critical characteristics. The NUPIC checklist encompasses the requirements of 10CFR50 App B and is therefore an acceptable starting point. To complete this process, this tailored NUPIC checklist is then compared to the accreditation requirements of ISO 17065.

CGS Checklist Development Safety Function: Evaluate the safety case for specific equipment to determine if an adequate level of safety integrity exists.

Technical Evaluation:

Failure Mode Effect Critical Characteristic Acceptance Criteria Personnel are not qualified to perform the work Conclusions of the evaluations will likely be inaccurate

1. Personnel qualification Documented evidence exists to confirm qualification of personnel Outsourced evaluations are not conducted by an entity that is qualified to perform the work Conclusions of the evaluations will likely be inaccurate

2. Outsourced entity qualification Documented evidence exists to confirm qualification of entity performing evaluations Standards, procedures, and/or schemes used as the basis for evaluation requirements are not correct Conclusions of the evaluations will likely be invalid

3. Standards, procedures, and/or schemes validity Basis documents are appropriate for the evaluation being performed.

Input information (e.g. OEM Safety Case, Failure Data) is not correct Conclusions of the evaluations will likely be invalid

4. Input information validity Input information is applicable and valid Changes have occurred during ongoing production of a The results of the evaluation are not

5. Change management and reporting mechanisms Contractual arrangements are in place between the OEM and the CB to

COMPARISON OF AN ISO 17065 ACCREDITATION TO A COMMERCIAL GRADE DEDICATION (IN THE CONTEXT OF THE CRITICAL CHARACTERISTICS OF THE SERVICE PROVIDED BY THE CERTIFYING BODY)

Page 2 of 13 certified product that invalidate the certification applicable to the product currently being produced ensure the CB is notified of changes made to the product The certifying body does not have organizational discipline to ensure consistency in evaluations Conclusions of the evaluations could be invalid

6. Organizational management The discipline of the organization is demonstrated by implementation and adherence to a quality management program that ensures consistent performance of evaluations Identifying Applicable NUPIC Checklist (10CFR50 App B based) Audit Sections:

Audit Section Section Description Applicability Critical Characteristics 1

Contract Review Yes-1.2 & 1.4 only 5

2 Design Yes-2.2, 2.4-2.6 only 3-5 3

Commercial Grade Dedication No 4

Software Quality Assurance No 5

Procurement Yes-5.3 only 2

6 Fabrication/Assembly Activities, Material Control and Handling, Storage and Shipping No 7

Special Processes No 8

Tests, Inspections, and Calibration No (ISO 17025 scope) 9 Document Control/Adequacy Yes 1-6 10 Organization/Program Yes 6

11 Nonconforming Items/Part 21 Yes (with no Part 21)- 11.3 only 5

12 Internal Audits Yes 6

13 Corrective Action Yes 6

14 Training/Certification Yes 1

15 Field Services No 16 Records Yes 1-6

COMPARISON OF AN ISO 17065 ACCREDITATION TO A COMMERCIAL GRADE DEDICATION (IN THE CONTEXT OF THE CRITICAL CHARACTERISTICS OF THE SERVICE PROVIDED BY THE CERTIFYING BODY)

Page 3 of 13 ISO 17065 Table of Contents-For

Reference:

COMPARISON OF AN ISO 17065 ACCREDITATION TO A COMMERCIAL GRADE DEDICATION (IN THE CONTEXT OF THE CRITICAL CHARACTERISTICS OF THE SERVICE PROVIDED BY THE CERTIFYING BODY)

Page 4 of 13 Comparison Applicable NUPIC Checklist (10CFR50 App B based) Audit Sections ISO 17065 Elements Notes Compensatory Measures 1.2-Verify that measures are established and implemented for the translation of customer purchase order/contract technical and quality requirements into the suppliers control documents.

4.1.2.1 the certifying body (CB) shall have a legally enforceable agreement for the provision of the certification activities to its client 4.1.2.2.a the CB shall ensure its certification agreement requires the client always fulfills the certification requirements, including directed corrective actions 4.1.2.2.b the CB shall ensure its certification agreement requires that ongoing production of the certified product continues to fulfill requirements 4.1.2.2.c.1 the CB shall ensure its certification agreement requires the client to make arrangements for the conduct of the evaluation and surveillance 4.1.2.2.c.2 the CB shall ensure its certification agreement requires the client to make arrangements for investigation of complaints 4.1.2.2.c.3 the CB shall ensure its certification agreement requires the client to make arrangements for the participation of observers 4.1.2.2.d. the CB shall ensure its certification agreement requires the client to make claims consistent with the scope of certification 4.1.2.2.e. the CB shall ensure its certification agreement requires the client not to use the product certification in a negative manner or make misleading statements concerning the cert 4.1.2.2.f the CB shall ensure its certification agreement requires the client to discontinue marketing the cert after it is no longer valid.

The contract between the certifying body (CB) and the client (equipment manufacturer) is an important aspect of the certification process. This contract must establish the CB as the authority over the resulting certification of the product being evaluated.

The commercial grade survey (CGS) checklist, which is 10CFR50 App B based, is focused on product procurements where the purchaser is the authority.

This make it less than a perfect fit for the service being surveyed, but this section 1.2 is the best place to capture the requirements for this client-certifier agreement (contract). These requirements highlighted from ISO 17065 meet or exceed the expectations of the CGS.

None needed

COMPARISON OF AN ISO 17065 ACCREDITATION TO A COMMERCIAL GRADE DEDICATION (IN THE CONTEXT OF THE CRITICAL CHARACTERISTICS OF THE SERVICE PROVIDED BY THE CERTIFYING BODY)

Page 5 of 13 Applicable NUPIC Checklist (10CFR50 App B based) Audit Sections ISO 17065 Elements Notes Compensatory Measures 4.1.2.2.g the CB shall ensure its certification agreement requires the client to only reproduce certification documents in their entirety 4.1.2.2.h the CB shall ensure its certification agreement requires the client to comply with the requirements of the certification in all marketing material 4.1.2.2.i the CB shall ensure its certification agreement requires the client to comply with certification marking requirements 4.1.2.2.j the CB shall ensure its certification agreement requires the client to keep records of and make known complains made related to the certification. The client shall also be required to act in response to complaints and to document those actions.

4.1.2.2.k the CB shall ensure its certification agreement requires the client to inform the CB, without delay, of changes in their ability to conform to cert requirements 4.1.3.1 the CB shall control the mechanisms for indicating a product is certified 4.1.3.2 the CB shall take action to correct any inaccurate indications of product certifications 4.2 certification activities shall be undertaken impartially, and CBs must track and manage any potential and confirmed risks to maintaining impartiality on an ongoing basis.

This does not preclude the CB from providing information to the client regarding identified deficiencies.

COMPARISON OF AN ISO 17065 ACCREDITATION TO A COMMERCIAL GRADE DEDICATION (IN THE CONTEXT OF THE CRITICAL CHARACTERISTICS OF THE SERVICE PROVIDED BY THE CERTIFYING BODY)

Page 6 of 13 Applicable NUPIC Checklist (10CFR50 App B based) Audit Sections ISO 17065 Elements Notes Compensatory Measures 1.4-Verify that measures are established and implemented to ensure that final record packages, including Certificates of Compliance/Conformance, demonstrate that purchase order/contract technical and quality requirements were satisfied.

7.4 Evaluation-The CB shall have a plan for performing the evaluation and shall follow the plan ensuring compliance with the other applicable sections of this standard.

7.4.6 & 7.4.7 The client shall be informed of any nonconformities and given the option to work to resolve them.

7.4.8 If the client choses that path, the evaluation shall be repeated.

7.4.9 The results of all evaluation activities shall be documented prior to review.

7.5 Review-The CB shall assign a person to review the evaluation results who was not involved in the evaluation. This review shall be used to determine if a certificate will be issued.

7.6.1 Certification decision-the CB shall be responsible for its decisions relating to certification.

7.6.2 The CB shall assign at least one person to make the certification decision based on the evaluation, review, and any other relevant information. This person or group shall be independent from the performance of the evaluation.

7.7 Certification documentation-The certificate issued to the client shall meet all the requirements of this section.

7.8 The CB shall maintain information on certified products including the details of what the product is, who the manufacturer is, and what certificates were granted.

7.12 Records-The CB shall retain records to demonstrate that all certification process Again, the NUPIC checklist is not a perfect fit for an audit or survey of a certifying body, but this section 1.4 is the best fit for capturing this aspect of the CBs responsibility to ensure certification requirements are met and appropriately documented. These requirements highlighted from ISO 17065 meet or exceed the expectations of the CGS.

None

COMPARISON OF AN ISO 17065 ACCREDITATION TO A COMMERCIAL GRADE DEDICATION (IN THE CONTEXT OF THE CRITICAL CHARACTERISTICS OF THE SERVICE PROVIDED BY THE CERTIFYING BODY)

Page 7 of 13 Applicable NUPIC Checklist (10CFR50 App B based) Audit Sections ISO 17065 Elements Notes Compensatory Measures requirements (for this standard and the scheme) have been fulfilled.

7.13 Complaints and appeals-The CB shall have a documented process to receive, evaluate and make decisions on complaints and appeals. The CB shall record and track complaints and appeals, as well as action undertaken to resolve them.

2.2-Verify that measures are established and implemented to control the translation of design requirements into design documents.

7.1.1 General-The CB shall operate using a certification scheme 7.1.2 Evaluation requirements of products shall be contained in specified standards 7.1.3 If explanations are needed to link the standards to the scheme, those explanations must be developed by technically competent and impartial persons or committees 7.2 Application-the CB shall obtain all the necessary information to complete the certification process in accordance with the scheme.

7.3.1.a-The CB shall ensure the information collected about the client and product is sufficient 7.3.1.b-Differences in understanding between the CB and client are resolved 7.3.1.c-The scope of certification is defined 7.3.1.d-The means are available to perform all evaluation activities 7.3.1.e-The CB has the competence and capability to perform the certification activities 7.3.2-The CB shall have a process to identify when the clients request for certification includes a type of product, a normative document, or a certification scheme with which the CB has no prior experience The CB is not engaged in any design activities but is heavy focused on verifying that the design of the product being evaluated meets the requirements of the applicable standards (in this case, the focus is IEC 61508).

This section 2 of the NUPIC checklist is the best fit for capturing the technical aspects of the certification process. The CBs scheme is especially important for accurately evaluating the manufacturer and their product against the relevant standards.

At this time, it is unclear how an accreditation team is structured to be able to verify the technical adequacy of the CBs scheme.

Additional observations and interviews of CBs and ABs are needed to gain a deeper understanding of this technical aspect.

2.4-Verify that measures are established and implemented for the identification and control of design interfaces.

2.5-Verify that measures are established and implemented for the verification of design adequacy.

2.6-Verify that measures are established and implemented to control design changes including changes for spare/replacement parts.

COMPARISON OF AN ISO 17065 ACCREDITATION TO A COMMERCIAL GRADE DEDICATION (IN THE CONTEXT OF THE CRITICAL CHARACTERISTICS OF THE SERVICE PROVIDED BY THE CERTIFYING BODY)

Page 8 of 13 Applicable NUPIC Checklist (10CFR50 App B based) Audit Sections ISO 17065 Elements Notes Compensatory Measures 7.3.3-In cases of 7.3.2, the CB shall ensure it has the necessary competence 7.3.4-The CB shall decline to undertake a specific certification if it lacks competence or capability 7.3.5-If the CB relies on previous certifications to omit any activities that shall be recorded in their records 5.3-Verify that measures are established and implemented for the evaluation, selection and assessment of sub-suppliers including distributors, services (calibration, NDE, testing, heat treatment, etc.)

and software.

6.2.2.1 When the CB utilizes external resources to perform tasks such as testing, those resources shall be in compliance with the appropriate standard, such as ISO 17025 ISO 17025 has already been evaluated to be acceptable to support CGD of testing and calibration services. If testing is utilized during the certification process, that previous evaluation becomes relevant. These requirements highlighted from ISO 17065 meet or exceed the expectations of the CGS.

None 9.2-Verify that measures are established and implemented to control the preparation, review/approval, and issue of documents (i.e., procedures, instructions, drawings, work orders, etc.) including changes.

8.3 Control of documents-The CB shall establish procedures to control the document that relate to the fulfillment of this standard.

These requirements highlighted from ISO 17065 meet or exceed the expectations of the CGS.

None 10.2-Verify that adequate measures are established and implemented for management, direction, and execution of the Quality Assurance Program.

4.1.1 the CB shall be a legal entity that can be held responsible 4.3.1 the CB shall have adequate financial arrangements to cover liabilities arising from its operations It is important to note that option B (discussed in 8.1.3) requires that even if a certifying body is accredited to ISO 9001 the CB must still demonstrate compliance to None

COMPARISON OF AN ISO 17065 ACCREDITATION TO A COMMERCIAL GRADE DEDICATION (IN THE CONTEXT OF THE CRITICAL CHARACTERISTICS OF THE SERVICE PROVIDED BY THE CERTIFYING BODY)

Page 9 of 13 Applicable NUPIC Checklist (10CFR50 App B based) Audit Sections ISO 17065 Elements Notes Compensatory Measures 4.3.2 the CB shall have the financial stability and resources required for its operations 4.4 the CB shall conduct operations in a non-discriminatory manner 4.5 the CB shall be committed to maintaining confidentiality of clients information 4.6 the CB shall maintain and make available upon request information about their cert scheme, a description of how the CB makes money, a description of the rights and duties of applicants and clients, and information about handling complaints and appeals 5.1.1 certification activities shall be structured and managed so as to safeguard impartiality 5.1.2 the CB shall document its organizational structure 5.1.3 the management of the CB shall identify the person or group of people who have overall authority and responsibility for keys areas of the operations of the CB (listed out in the standard) 5.1.4 the CB shall have formal rules for the appointment, terms of reference and operation of any committees that are involved in the certification process 5.2.1 the CB shall have a mechanism for safeguarding its impartiality 5.2.2.a the mechanism shall be formally documented to ensure a balanced representation of significantly interested parties 5.2.2.b the mechanism shall be formally documented to ensure access to all the information necessary to enable it to fulfil all its functions the management system requirements of this ISO 17065 standard.

COMPARISON OF AN ISO 17065 ACCREDITATION TO A COMMERCIAL GRADE DEDICATION (IN THE CONTEXT OF THE CRITICAL CHARACTERISTICS OF THE SERVICE PROVIDED BY THE CERTIFYING BODY)

Page 10 of 13 Applicable NUPIC Checklist (10CFR50 App B based) Audit Sections ISO 17065 Elements Notes Compensatory Measures 5.2.3 if the top management of the certification body does not follow the input of this mechanism, the mechanism shall have the right to take independent action 5.2.4 although every interest cannot be represented in the mechanism, a certification body shall identify and invite significantly interested parties 8.1.1 The CB shall establish and maintain a management system that is capable of achieving the consistent fulfillment of the requirements of this standard in accordance with either of the following two options 8.1.2 Option A-the management system shall address sections 8.2-8.8 of this standard 8.1.3 Option B-the management system can be in accordance with ISO 9001 and must also address sections 8.2-8.8 of this standard.

8.2 General management system documentation-The CBs top management shall establish, document, and maintain policies and objectives for fulfillment of this standard and the certification scheme, and shall ensure they are implemented throughout the organization 8.5 Management review-The CBs top management shall establish procedures to review its management system at planned intervals, in order to ensure its continuing suitability, adequacy and effectiveness, including the stated policies and objectives related to the fulfilment of this standard

COMPARISON OF AN ISO 17065 ACCREDITATION TO A COMMERCIAL GRADE DEDICATION (IN THE CONTEXT OF THE CRITICAL CHARACTERISTICS OF THE SERVICE PROVIDED BY THE CERTIFYING BODY)

Page 11 of 13 Applicable NUPIC Checklist (10CFR50 App B based) Audit Sections ISO 17065 Elements Notes Compensatory Measures 11.3-Verify that measures are established and implemented to disposition items which do not conform to requirements.

7.4.6 & 7.4.7 The client shall be informed of any nonconformities and given the option to work to resolve them.

7.4.8 If the client choses that path, the evaluation shall be repeated.

7.9 Surveillance-The CB shall perform surveillances of the use of certification marks 7.10.1 Changes affecting certification-When the certification scheme requirements change the clients shall be informed.

7.10.2 The CB shall consider other changes affecting certification, including changes initiated by the client, and shall decide upon the appropriate action.

7.11 Termination, reduction, suspension or withdrawal of certification-When a nonconformity with certification requirements is substantiated, either as a result of surveillance or otherwise, the CB shall consider and decide upon the appropriate action.

7.13 Complaints and appeals-The CB shall have a documented process to receive, evaluate and make decisions on complaints and appeals. The CB shall record and track complaints and appeals, as well as action undertaken to resolve them.

The CB is not evaluating specific physical items. They are evaluating the design and processes of specific items. Therefore, non-conformities are handled from a design or process adequacy perspective.

None 12.2-Verify that measures are established and implemented to ensure a comprehensive system of planned and periodic internal audits.

8.6 Internal audits-The CB shall establish procedures for internal audits to verify that it fulfils the requirements of this standard and that the management system is effectively implemented and maintained.

These requirements highlighted from ISO 17065 meet or exceed the expectations of the CGS.

None 12.3-Assess the overall effectiveness of the internal audit process by review of previous internal audits

COMPARISON OF AN ISO 17065 ACCREDITATION TO A COMMERCIAL GRADE DEDICATION (IN THE CONTEXT OF THE CRITICAL CHARACTERISTICS OF THE SERVICE PROVIDED BY THE CERTIFYING BODY)

Page 12 of 13 Applicable NUPIC Checklist (10CFR50 App B based) Audit Sections ISO 17065 Elements Notes Compensatory Measures and comparison of the results/issues identified in these audits with those identified by this NUPIC audit.

13.2-Verify that measures are established and implemented to assure that conditions adverse to quality are promptly identified and corrected.

7.13 Complaints and appeals-The CB shall have a documented process to receive, evaluate and make decisions on complaints and appeals. The CB shall record and track complaints and appeals, as well as action undertaken to resolve them.

8.7 Corrective actions-The CB shall establish procedures for identification and management of nonconformities in its operations.

8.8 Preventative actions-The CB shall establish procedures for taking preventive actions to eliminate the causes of potential nonconformities.

The ISO 17065 requirements exceed the 10CFR50 App B based requirements by including preventative actions.

None 13.3-Verify that deficiencies identified/reported by customers, to the supplier, (e.g., receipt inspection rejections, source verification rejections, return material authorizations, site nonconformances, etc.) are adequately evaluated and entered into the suppliers nonconformance or corrective action program, as applicable.

13.4-Verify the overall effectiveness of the corrective action process.

14.2-Verify that measures are established and implemented to ensure quality program indoctrination and training of personnel who perform activities affecting quality.

6.1.1.1 The CB shall have a sufficient number of people 6.1.1.2 The people shall be competent 6.1.1.3 The people shall keep confidential information related to certification activities 6.1.2.1 The CB shall establish, implement, and maintain a procedure for managing competencies of personnel 6.1.2.2 The CB shall maintain records on the personnel involved in the certification process These requirements highlighted from ISO 17065 meet or exceed the expectations of the CGS.

None 14.3-Verify that inspection/test personnel, auditors, calibration, repair personnel and similar specialists (i.e., ASME Code design personnel to ASME Section III) are

COMPARISON OF AN ISO 17065 ACCREDITATION TO A COMMERCIAL GRADE DEDICATION (IN THE CONTEXT OF THE CRITICAL CHARACTERISTICS OF THE SERVICE PROVIDED BY THE CERTIFYING BODY)

Page 13 of 13 Applicable NUPIC Checklist (10CFR50 App B based) Audit Sections ISO 17065 Elements Notes Compensatory Measures qualified and have certifications on file.

6.2.1 When the CBs internal resources perform tasks such as testing, those resources shall be in compliance with the appropriate standard, such as ISO 17025 6.2.2.2 Records must be kept to justify confidence in evaluations outsourced to non-independent bodies (e.g. client laboratories) 16.2-Verify that adequate measures are established and implemented to ensure that all QA records not transferred to the member are maintained in facilities that provide storage, retention requirements and protection against environmental effects, damage and loss.

7.12 Records-The CB shall retain records to demonstrate that all certification process requirements (for this standard and the scheme) have been fulfilled.

8.3 Control of documents-The CB shall establish procedures to control the document that relate to the fulfillment of this standard.

8.4 Control of records-The CB shall establish procedures to define the controls needed for the identification, storage, protection, retrieval, retention time and disposition of its records related to the fulfilment of this standard These requirements highlighted from ISO 17065 meet or exceed the expectations of the CGS.

None Conclusion Based on this comparison, accreditation to ISO 17065 covers the majority of the scope of a CGS. The only aspect that still needs further investigation is how the accreditation relates to ensuring the CBs scheme is in compliance with the requirements of IEC 61508. This directly relates to critical characteristic #3 from the technical evaluation. Additional interactions with CBs and ABs is needed to gain a better understanding of how the technical requirements of the CBs scheme are verified. Beyond this technical aspect, this comparison shows that accreditation to ISO 17065 provides adequate confirmation of the CBs processes and management systems (i.e. quality assurance aspects). All critical characteristics except #3 would be able to be determined to be acceptable within the scope of a CGD of the CB service, based on the CBs accreditation to ISO 17065.