ML25162A142
| ML25162A142 | |
| Person / Time | |
|---|---|
| Site: | Nuclear Energy Institute |
| Issue date: | 05/31/2025 |
| From: | Nuclear Energy Institute |
| To: | Office of Nuclear Reactor Regulation |
| References | |
| NEI 22-04, Rev. 0 | |
| Download: ML25162A142 (117) | |
Text
© NEI 2025. All rights reserved.
nei.org NEI 22-04 Utilization of ISO 9001 and Other Non-nuclear Suppliers for Safety-related Applications Prepared by the Nuclear Energy Institute May 2025 (Rev. 0)
May 2025
© NEI 2025. All rights reserved.
nei.org Revision Table Revision Description of Changes Date Modified Responsible Person
May 2025
© NEI 2025. All rights reserved.
nei.org Acknowledgements This document was developed by the Nuclear Energy Institute. NEI acknowledges and appreciates the contributions of NEI members and other organizations in providing input, reviewing and commenting on the document.
NEI Project Lead: Mark Richter Notice Neither NEI, nor any of its employees, members, supporting organizations, contractors, or consultants make any warranty, expressed or implied, or assume any legal responsibility for the accuracy or completeness of, or assume any liability for damages resulting from any use of, any information apparatus, methods, or process disclosed in this report or that such may not infringe privately owned rights.
May 2025
© NEI 2025. All rights reserved.
nei.org Executive Summary Nuclear energy is poised to play a meaningful role in meeting Americas clean energy needs. Advanced reactor deployment plans are aggressive. However, plant shutdowns in the early part of this century and the expense to suppliers of maintaining quality assurance programs certified to ASME NQA-1 in what was then seen as a shrinking market has led to a decrease in nuclear suppliers in the U.S. and worldwide. To date, ASME NQA-1 and its predecessors, e.g. ANSI N45.2, are the only quality assurance standards that the NRC has endorsed for compliance with requirements in 10 CFR Part 50 Appendix, B.
The nuclear industry now faces a shortage of ASME NQA-1 qualified nuclear suppliers at a time when there is a growing need for safety-related components and reluctance by established commercial/industrial suppliers in developing ASME NQA-1 programs in addition to their current QA programs certified to other standards.
The NRC has previously accepted alternative approaches to complying with 10 CFR Part 50 Appendix B.
Nuclear suppliers and licensees are already accepting items and services from Suppliers with ISO 9001 and other quality standards that have not been accepted by the NRC for compliance with 10 CFR Part 50 Appendix B for safety-related applications through their commercial grade dedication (CGD) and traditional quality assurance processes. While these approaches are effective and are expected to continue, they may not be the most efficient way to grow the nuclear supply chain at the pace needed to meet current advanced and small module reactor construction required to meet decarbonization goals. NEI prepared NEI 22-04 to provide an alternative approach to meeting the requirements of 10 CFR Part 50 Appendix B for the procurement of safety related structures, systems, and components and other nuclear components.
Significant potential benefits will accrue to the successful implementation of this guidance. The risks of shortages, backlogs, and higher costs are expected to be mitigated by providing market opportunities for new nuclear suppliers; barriers to entry for new suppliers will be minimized by avoiding the burden of developing and maintaining two quality programs; and the US industry will become more competitive the global marketplace.
May 2025
© NEI 2025. All rights reserved.
nei.org Table of Contents 1
Purpose............................................................................................................................................ 1 2
Background...................................................................................................................................... 1 3
Acronyms and Definitions................................................................................................................ 3 4
Implementation Process.................................................................................................................. 6 5
Performing the Gap Assessment..................................................................................................... 8 6
Fundamental Requirements from 10 CFR 50 Appendix B............................................................... 9 7
Additional Purchaser Requirements or Procedural Controls......................................................... 12 7.1 Additional Purchaser Requirements in Procurement Specifications................................ 13 7.2 Potentially Useful Additional Purchaser Procedural Controls.......................................... 18 7.3 ISO 9001:2015 Requirements Consistent with the 10 CFR Part 50 Appendix B............... 28 8
10 CFR Part 21 Compliance............................................................................................................ 31 9
References..................................................................................................................................... 32 Appendix A. Screening Process................................................................................................................. A-1 Appendix B. 10 CFR 50 Appendix B Gap Assessment Checklist................................................................. B-1 Appendix C. Detailed Comparison of 10 CFR 50 Appendix B to ISO 9001:2015........................................ C-1 Table of Figures Figure 1: Depiction of High-level Approach for NEI 22-04 Implementation................................................. 6 Figure 2: Division of Key Responsibilities (not intended to be an exhaustive list)........................................ 6 Table of Tables Table C.1: 10 CFR 50, Appendix B, Criterion I - Organization.................................................................... C-1 Table C.2: 10 CFR 50, Appendix B, Criterion I - Organization.................................................................... C-2 Table C.3: 10 CFR 50, Appendix B, Criterion I - Organization.................................................................... C-3 Table C.4: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program........................................... C-4 Table C.5: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program........................................... C-5 Table C.6: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program........................................... C-6 Table C.7: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program........................................... C-7 Table C.8: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program........................................... C-8 Table C.9: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program........................................... C-9 Table C.10: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program........................................ C-10 Table C.11: 10 CFR 50, Appendix B, Criterion III - Design Control........................................................... C-11 Table C.12: 10 CFR 50, Appendix B, Criterion III - Design Control........................................................... C-12 Table C.13: 10 CFR 50, Appendix B, Criterion III - Design Control........................................................... C-13 Table C.14: 10 CFR 50, Appendix B, Criterion III - Design Control........................................................... C-14
May 2025
© NEI 2025. All rights reserved.
nei.org Table C.15: 10 CFR 50, Appendix B, Criterion III - Design Control........................................................... C-15 Table C.16: 10 CFR 50, Appendix B, Criterion IV - Procurement Document Control.............................. C-16 Table C.17: 10 CFR 50, Appendix B, Criterion IV - Procurement Document Control.............................. C-17 Table C.18: 10 CFR 50, Appendix B, Criterion V - Instructions, Procedures, and Drawings.................... C-18 Table C.19: 10 CFR 50, Appendix B, Criterion V - Instructions, Procedures, and Drawings.................... C-19 Table C.20: 10 CFR 50, Appendix B, Criterion VI - Document Control.................................................... C-20 Table C.21: 10 CFR 50, Appendix B, Criterion VII - Control of Purchased Material, Equipment, and Services.................................................................................................................................................... C-21 Table C.22: 10 CFR 50, Appendix B, Criterion VII - Control of Purchased Material, Equipment, and Services.................................................................................................................................................... C-22 Table C.23: 10 CFR 50, Appendix B, Criterion VII - Control of Purchased Material, Equipment, and Services.................................................................................................................................................... C-23 Table C.24: 10 CFR 50, Appendix B, Criterion VII - Control of Purchased Material, Equipment, and Services.................................................................................................................................................... C-24 Table C.25: 10 CFR 50, Appendix B, Criterion VIII - Identification and Control of Materials, Parts, and Components............................................................................................................................................. C-25 Table C.26: 10 CFR 50, Appendix B, Criterion IX - Control of Special Processes..................................... C-26 Table C.27: 10 CFR 50, Appendix B, Criterion X - Inspection................................................................... C-27 Table C.28: 10 CFR 50, Appendix B, Criterion X - Inspection................................................................... C-28 Table C.29: 10 CFR 50, Appendix B, Criterion X - Inspection................................................................... C-29 Table C.30: 10 CFR 50, Appendix B, Criterion X - Inspection................................................................... C-30 Table C.31: 10 CFR 50, Appendix B, Criterion XI - Test Control............................................................... C-31 Table C.32: 10 CFR 50, Appendix B, Criterion XI - Test Control............................................................... C-32 Table C.33: 10 CFR 50, Appendix B, Criterion XI - Test Control............................................................... C-33 Table C.34: 10 CFR 50, Appendix B, Criterion XII - Control of Measuring and Test Equipment.............. C-34 Table C.35: 10 CFR 50, Appendix B, Criterion XIII - Handling, Storage, and Shipping............................. C-35 Table C.36: 10 CFR 50, Appendix B, Criterion XIII - Handling, Storage, and Shipping............................. C-36 Table C.37: 10 CFR 50, Appendix B, Criterion XIV - Inspection, Test, and Operating Status.................. C-37 Table C.38: 10 CFR 50, Appendix B, Criterion XV - Nonconforming Materials, Parts, or Components.. C-38 Table C.39: 10 CFR 50, Appendix B, Criterion XVI - Corrective Action.................................................... C-39 Table C.40: 10 CFR 50, Appendix B, Criterion XVII - Quality Assurance Records.................................... C-40 Table C.41: 10 CFR 50, Appendix B, Criterion XVII - Quality Assurance Records.................................... C-41 Table C.42: 10 CFR 50, Appendix B, Criterion XVII - Quality Assurance Records.................................... C-44 Table C.43: 10 CFR 50, Appendix B, Criterion XVII - Quality Assurance Records.................................... C-45 Table C.44: 10 CFR 50, Appendix B, Criterion XVIII - Audits.................................................................... C-46
May 2025
© NEI 2025. All rights reserved.
nei.org 1 1 PURPOSE The purpose of this report is to provide guidance for an entity with a 10CFR50, Appendix B-compliant QA program to use ISO 9001:2015 (Reference 1) as the basis for an alternative approach to meeting the requirements of 10 CFR 50 Appendix B (Reference 2). This guidance is intended to be applicable to the procurement of safety related structures, systems, and components (SSCs) by licensees and other entities that have a 10 CFR 50 Appendix B-compliant program. The objective of this process is to provide an alternative means for accepting equipment from a non-nuclear supplier. (As noted in the definitions in Section 3, pursuant to NRC Regulatory Guide 1.28, ASME NQA-1 and predecessors, e.g. ANSI N45.2, is the only QA standard endorsed by NRC as complying with all 10 CFR Part 50 Appendix B and Part 21 requirements.)
It is important to note that the equipment must still meet applicable nuclear design and specification requirements, including seismic qualification, environmental qualification, and compliance with applicable codes or standards required by 10CFR50.55(a).
To implement this process, the Purchaser performs a gap assessment of the suppliers non-nuclear quality program for compliance with applicable requirements from 10 CFR 50 Appendix B. The Purchaser identifies the applicable elements of 10 CFR Part 50 Appendix B that apply to the supplied items or services and any actions required of the supplier to meet the applicable elements that the staff of the U.S. Nuclear Regulatory Commission (NRC) considers acceptable for complying with the provisions of Title 10 of the Code of Federal Regulations (10 CFR) Part 50, Domestic Licensing of Production and Utilization Facilities (Ref. 1), and 10 CFR Part 52, Licenses, Certifications, and Approvals for Nuclear Power Plants (Ref. 2), which refer to 10 CFR Part 50, Appendix B, Quality Assurance Criteria for Nuclear Power Plants and Fuel Reprocessing Plants, for establishing and implementing a quality assurance (QA) program for the design and construction of nuclear power plants and fuel reprocessing plants. Based on the gap assessment results, supplemental requirements are developed and implemented as needed to ensure the supplied items or services are adequately controlled under the Purchasers 10 CFR 50 Appendix B-compliant program.
Quality assurance (QA) comprises all planned and systematic actions necessary to provide adequate confidence that a structure, system, or component (SSC) will perform satisfactorily in service. Attributes of a QA program include procedures, recordkeeping, inspections, corrective actions, and audits.
The successful implementation of QA is essential to providing confidence in the nuclear industry. A high degree of reliability and integrity is required of products and services, and the requirements are particularly stringent for assuring nuclear safety. Failure of structures, systems or components to perform their intended function during normal and accident conditions, or their poor performance, could adversely affect the health and safety of workers and the public.
2 BACKGROUND The NRC defines safety-related in 10 CFR 50.2 and requires that safety-related structures, systems, and components meet 10 CFR Part 50 Appendix B quality requirements. The NRC definition of a basic component is essentially the same as the definition of a safety-related SSC, and establishes certain reporting requirements for basic components, in 10 CFR Part 21. Thus, the requirements of both Part 50 Appendix B and Part 21 apply to safety-related applications. 10 CFR 50.34(a)(7) requires the nuclear QA program to be applied to the design, fabrication, construction, and testing of SSCs (Reference 3).
May 2025
© NEI 2025. All rights reserved.
nei.org 2 The NRC has established various guidance documents for Appendix B QA programs (herein referred to as nuclear QA programs), including RG 1.28 and RG 1.33. The most common QA program standard approved by the NRC as meeting all Part 50 Appendix B requirements and acceptable for nuclear applications is ASME NQA-1. However, some licensees still utilize ANSI N45.2 and related standards.
In 2003, NRC staff completed a review of the international quality assurance standard ISO-9001-2000, Quality Management System-Requirements, against the existing 10 CFR Part 50 Appendix B requirements framework and assessed approaches for adopting this standard for safety-related components in nuclear power plants into the existing regulatory framework (Reference 4). Staff review and analysis resulted in the recommendation that supplemental requirements would need to be applied when implementing ISO 9001:2000 to meet the requirements of the existing regulatory framework.
In December 2003, EPRI published Analysis and Comparison of ANSI/ISO/ASQ Q9001:2000 with 10CFR50, Appendix B [16]. The objective of the report was to determine whether a supplier that satisfactorily complies with the quality requirements of ISO 9001:2000 also meets the quality requirements of 10 CFR Part 50 Appendix B. In cases where it did not, the report assesses the extent of the gap. EPRI concluded as did NRC, that ISO-9001 could be used to meet Appendix B requirements but would need to include supplemental requirements.
NRC Regulatory Guide 1.28 Quality Assurance Program Criteria (Design and Construction), revision 6 states, in part, Methods or solutions that differ from those described in this RG may be deemed acceptable if they provide sufficient basis and information for the NRC staff to verify that the proposed alternative demonstrates compliance with the appropriate NRC regulations.
This guidance is intended to serve as a useful tool to enable purchasers with Appendix B - compliant quality programs to procure and control nuclear components from suppliers with ISO 9001:2015. This will support a needed expansion of the nuclear supply chain while still providing the same high level of assurance of safety and operational reliability.
10 CFR Part 50 Appendix B and ISO 9001 have the same objective, to produce quality SSCs that meet the pre-established design and performance requirements. However, they take different approaches to achieve the common objective. Appendix B establishes quality assurance requirements for the design, manufacture, construction, and operation of those structures, systems, and components. The pertinent requirements of this appendix apply to all activities affecting the safety-related functions of those structures, systems, and components; these activities include designing, purchasing, fabricating, handling, shipping, storing, cleaning, erecting, installing, inspecting, operating, maintaining, repairing, refueling, and modifying. Safety-related functions are to ensure public health and safety. The end goal of Appendix B is to ensure that structures, systems, and components will comply with regulatory requirements that provide reasonable assurance of adequate protection of public health and safety.
ISO 9001 specifies requirements for a quality management system when an organization needs to demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements and aims to enhance customer satisfaction through the effective application of the system. This includes processes for improvement of the system and the assurance of conformity with customer and applicable statutory and regulatory requirements. The pinnacle requirement of quality will not be superseded by costs.
Other regulated industries are utilizing an ISO 9001:2015 based quality program. In those instances, the regulating bodies recognized the need for, developed and implemented supplemental requirements and
May 2025
© NEI 2025. All rights reserved.
nei.org 3 controls to align with their specific industry requirements. Examples of additional controls and requirements for specific industries include the medical device industry which uses ISO 13485, which builds upon ISO 9001 with extra requirements for medical devices; the railway sector which uses ISO 22163, and the petroleum industry which uses ISO 29001. As a result, many ISO 9001:2015 certified suppliers have robust QA programs geared towards providing equipment to other industries requiring safe, reliable products of high quality. Nuclear suppliers and licensees are already accepting items and services from ISO 9001:2015 suppliers through their commercial grade dedication (CGD) process. This same approach would be applied to ISO 9001:2015 and other non-nuclear quality standards to be compliant with the 10 CFR 50 Appendix B regulatory requirements. ISO 19443 was developed specifically for nuclear applications, complementing international standards for nuclear safety with regards to the nuclear supply chain. While it is an available option, there are not very many suppliers that have utilized this standard and there may still be gaps between ISO 19443 and 10 CFR Part 50 Appendix B. This is why ISO 9001 is the focus of this guidance document.
While this guidance focuses on the use of ISO 9001, the process in this guidance could be applied to other industry-specific non-nuclear QA standards, such as oil, gas, and chemical industries (e.g. API-Q1 Quality Management System Requirements for Organizations Providing Products for the Petroleum and Natural Gas Industry). The main difference between ISO 9001 and API Q1 is that ISO 9001 can be applied broadly across many industries while API-Q1 is specific to the oil and gas industry and includes additional requirements to address the unique risks and quality concerns of that industry. This is the approach described in NEI 22-04, where additional requirements unique to the nuclear industry are applied.
3 ACRONYMS AND DEFINITIONS ACRONYMS CGD - Commercial Grade Dedication (or Dedication)
CGI - Commercial Grade Item ISO - International Standards Organization NRC - U.S. Nuclear Regulatory Commission QA - Quality Assurance QMS - Quality Management System SSC - structure, system, or component Note: Regulation 10 CFR 50 Appendix B uses the term equipment. Nuclear standards typically use the term item. ISO standards typically use the term products. Throughout this report, the terms equipment, items, and products are used interchangeably to represent procurement or supply of SSCs and other hardware associated with the supply of SSCs.
May 2025
© NEI 2025. All rights reserved.
nei.org 4 DEFINITIONS Audit - a planned and documented activity performed to determine by investigation, examination, or evaluation of objective evidence the adequacy of and compliance with established procedures, instructions, drawings, and other applicable documents, and the effectiveness of implementation. An audit should not be confused with surveillance or inspection activities performed for the sole purpose of process control or product acceptance (Reference 5).
Commercial-Grade Survey - Activities conducted by the purchaser or its agent to verify that a supplier of commercial-grade items controls, through quality activities, some, or all the critical characteristics of the designated commercial-grade items to be purchased. The verification can be used as a method to accept those characteristics. The commercial-grade survey should include verification of the supplementary documentation and the effective implementation of the commercial-grade quality program (Reference 6).
Gap Assessment - In the context of this document, a gap assessment is an evaluation of a non-nuclear suppliers quality program that is performed by a purchaser of a good or service for the purpose of determining how the suppliers program compares to the requirements of 10 CFR 50 Appendix B. This activity is performed in a manner similar to an audit but results in a list of identified gaps for compliance with the applicable regulatory requirements rather than issuance of any audit findings. Taking this approach to address these gaps is not intended to be a commercial-grade survey.
Lead Auditor - In the context of this document, a lead auditor is a person qualified; based on education, experience and training; to evaluate quality programs for compliance with applicable nuclear regulatory requirements, codes and standards.
Management System - set of interrelated or interacting elements of an organization to establish policies and objectives, and processes to achieve those objectives. (Reference 7)
Note 1: A management system can address a single discipline or several disciplines, e.g., quality management, financial management or environmental management.
Note 2: The management system elements establish the organizations structure, roles and responsibilities, planning, operation, policies, practices, rules, beliefs, objectives and processes to achieve those objectives.
Note 3: The scope of a management system can include the whole of the organization, specific and identified functions of the organization, specific and identified sections of the organization, or one or more functions across a group of organizations.
Non-Nuclear QA Program - A QA program that does not satisfy all applicable regulatory requirements of both 10 CFR 50 Appendix B and 10 CFR Part 21.
Non-nuclear Supplier - In the context of this document, a non-nuclear supplier is an organization in the supply chain that provides items or services in accordance with a non-nuclear quality program that does not satisfy the applicable regulatory requirements of both 10 CFR 50 Appendix B and 10 CFR Part 21.
Nuclear Supplier - In the context of this document, a nuclear supplier is an organization in the supply chain that provides items or services in accordance with a quality assurance program that satisfies the
May 2025
© NEI 2025. All rights reserved.
nei.org 5 applicable regulatory requirements of both 10 CFR 50 Appendix B and 10 CFR Part 21 (Nuclear QA Program).
Nuclear QA Program - A QA program that satisfies the applicable regulatory requirements of both 10 CFR 50 Appendix B and 10 CFR Part 21 and may be used for safety-related applications. The NRC has only endorsed NQA-1 as fully satisfying all 10 CFR 50 Appendix B requirements and available for the use of safety-related applications (see Regulatory Guide 1.28).
Purchaser - the organization responsible for establishment of procurement requirements and for issuance or administration, or both, of procurement documents (Reference 5). In the context of this document, a Purchaser is the licensee or Nuclear Supplier that plans to procure items or services from a Non-nuclear Supplier for use in a safety related application.
Quality - degree to which a set of inherent characteristics of an object fulfills requirements.
(Reference 7)
Quality Assurance - part of quality management focused on providing confidence that quality requirements will be fulfilled. (Reference 7)
Quality Management - management regarding quality. (Reference 7)
Note: Quality management can include establishing quality policies and quality objectives, and processes to achieve these quality objectives through quality planning, quality assurance, quality control, and quality improvement.
Quality Management System - part of a management system with regard to quality. (Reference 7)
Quality Program - In the context of this document, this term is used generically to refer to any policies, processes, or procedures established to achieve quality, including a quality assurance program or quality management system. A non-nuclear quality program is understood to be a program implemented by a non-nuclear supplier. A nuclear quality program or nuclear QA program is understood to be a program implemented by a nuclear supplier.
Technical Specialist - In the context of this document, a technical specialist is a person who has related experience and knowledge regarding the area or activity being assessed.
Validation - confirmation, through the provision of objective evidence, that the requirements for a specific intended use or application have been fulfilled. (Reference 7)
Note: The objective evidence needed for validation is the result of a test or other form of determination such as performing alternative calculations or reviewing documents.
Verification - confirmation, through the provision of objective evidence, that specified requirements have been fulfilled. (Reference 7)
Note: The objective evidence needed for verification can be the result of an inspection or of other forms of determination such as performing alternative calculations or reviewing documents.
May 2025
© NEI 2025. All rights reserved.
nei.org 6 4 IMPLEMENTATION PROCESS To ensure applicable requirements from 10 CFR 50 Appendix B are addressed, the Purchaser performs a gap assessment of the Suppliers non-nuclear Program to identify gaps for compliance with 10 CFR 50 Appendix B. Once the gaps are identified, the Purchaser works with the Supplier to determine the appropriate supplemental requirements for closing the gaps. The Purchaser generates the Supplemental Requirements to address the gaps. These supplemental requirements are imposed contractually.
Periodic audits and surveillance activities are performed by the Purchaser as needed to verify the Supplier implements their quality program and the supplemental requirements appropriately. This high-level approach is depicted in Figure 1.
Figure 1: Depiction of High-level Approach for NEI 22-04 Implementation The division of key responsibilities for implementing this approach are depicted in Figure 2. In both figures, the dotted line is intended to encompass activities that are controlled under the Purchasers 10 CFR 50 Appendix B-compliant program.
Figure 2: Division of Key Responsibilities (not intended to be an exhaustive list)
May 2025
© NEI 2025. All rights reserved.
nei.org 7 The steps described below serve as a guideline for purchasers (e.g. utilities, plant owners, design certificate holders, manufacturing license holders, etc.) for use in procuring items from non-nuclear suppliers who have a non-nuclear quality management system, for the provision of safety-related items and services. The steps in the implementation process as defined by the purchaser include:
- 1. Identify the item or service the purchaser needs.
- 2. Establish the specific requirements (10 CFR 50 Appendix B and others, as applicable) that the item or service would need to meet.
- 3. Select potential non-nuclear suppliers (i.e., utilizing a non-nuclear quality program such as ISO-9001) for screening using a detailed questionnaire (Appendix A). An initial screening may be useful in informing both purchaser and supplier decisions regarding moving forward.
- 4. From the questionnaire responses, select those suppliers that have the potential to meet the requirements for the item or service.
- 5. Perform an assessment of the supplier(s) to identify potential gaps that the supplier(s) would need to meet 10 CFR 50 Appendix B requirements. (This has already been performed in Appendix C for ISO-9001.) (See Section 5.)
- 6. Issue a request to the supplier for the scope of work including any additional quality controls that need to be implemented to close the gaps between their non-nuclear QA program and the 10 CFR 50 Appendix B requirements. The supplier will review this document to determine if they want to pursue the work. If so, they will provide a quote for what it will cost to perform the specified work.
- 7. If the purchaser and supplier come to an agreement, the purchaser will issue a procurement document (contract, purchase order, requisition, etc.) with the detailed specification of the requirements they are imposing. These would include such items as:
- a.
Applicable 10 CFR 50 Appendix B requirements.
- b.
Applicable functional requirements.
- c.
Specific approvals / hold points that are required (document approvals, sub-supplier approvals, inspection and testing hold points, test observations, etc.).
- d.
Training /qualification requirements for supplier personnel.
- e.
Identification requirements for nonconformances.
- f.
Delivery and post-delivery requirements including notification of potential nonconformance issues after delivery that may require 10 CFR Part 21 notification (Reference 4).
To ensure that the supplier can provide the products / services to the purchasers requirements, the purchaser needs to identify the specific requirements that are necessary to fulfill the functional and quality demands. For example, this is demonstrated in the sample table below.
May 2025
© NEI 2025. All rights reserved.
nei.org 8 General Requirement Specific Requirement Control of special processes shall be in accordance with Criterion IX of 10 CFR 50 Appendix B.
Welding shall be performed in accordance with the following standards:
ASME..
AWS Personnel performing welding shall be qualified as follows:..
Documentation of welder qualification shall be available upon request.
If specific documentation is required, then the initial request and subsequent purchase document need to specify the level of documentation required.
Suppliers of non-nuclear calibration and testing services are more likely accredited to ISO 17025 and can be accepted in accordance with NEI 14-05A (Reference 10).
5 PERFORMING THE GAP ASSESSMENT The gap assessment should be performed by purchaser personnel qualified to perform supplier audits.
The purchaser should assign a gap assessment team leader who is a qualified Lead Auditor with sufficient experience and knowledge of nuclear regulatory requirements, codes, and standards to judge whether a Suppliers programmatic controls satisfy the requirements of 10 CFR 50 Appendix B.
The Gap Assessment Team may consult with engineering or other resources to assist in determining the applicable elements of 10 CFR 50 Appendix B to be considered. Technical Specialists should be included as needed to judge whether the Suppliers technical capabilities and controls are acceptable.
The gap assessment should be performance based to verify the supplier effectively implements their Non-nuclear Quality Program in addition to determining whether the program documentation (e.g., quality manual and procedures) satisfy the applicable requirements of 10 CFR 50 Appendix B.
The Gap Assessment Team may use checklists to perform and document the results of the gap assessment. Appendix B of this report provides a checklist that may be used for any non-nuclear quality standard. A detailed comparison of ISO-9001:2015 to 10 CFR Part 50 Appendix B is documented in Appendix C of this report. To perform the analysis, each criterion from 10 CFR 50 Appendix B was decomposed into discrete fundamental requirements and corresponding requirements from ISO 9001:2015 were identified. For each criterion of 10 CFR 50 Appendix B, the checklist provides questions to assess the fundamental requirements from 10 CFR 50 Appendix B. Although the checklist identifies relevant ISO 9001:2015 references to assist the Gap Assessment Team in identifying comparable requirements in a suppliers ISO 9001:2015 program, the checklist may be broadly applied to any non-nuclear quality standard. For the assessment of a supplier utilizing an ISO 9001:2015 QA program, Purchasers may use Section 7.1, which identifies the actions necessary to address gaps identified in
May 2025
© NEI 2025. All rights reserved.
nei.org 9 Appendix C, and further considerations to assess whether additional procedural controls are needed to address supplier performance capabilities and compliance with their own program.
6 FUNDAMENTAL REQUIREMENTS FROM 10 CFR 50 APPENDIX B The fundamental requirements for each criterion of 10 CFR 50 Appendix B, which were identified as part of the gap assessment checklist found in Appendix B, and the gap analysis found in Appendix C of this report, are listed below.
Criterion 1: Organization 1.A Establish and execute a quality assurance program and retain responsibility for any delegated work.
1.B Establish authorities and duties for persons or organizations performing activities affecting SSC safety functions.
1.C Establish sufficient authority, organizational freedom, independence from cost and schedule, and direct access to management for personnel and organizations performing QA functions and to define a specific list of functions they shall be authorized to perform.
Criterion 2: Quality Assurance Program 2.A Establish a documented QA program, which complies with the regulation.
2.B Identify SSCs covered by the program, major organizations participating in the program and designated functions of the organizations.
2.C Control activities affecting the quality of the SSCs to an extent consistent with their importance to safety.
2.D Accomplish activities affecting quality under suitably controlled conditions, including appropriate equipment and environment, and ensure prerequisites for a given activity have been satisfied.
2.E Consider the need for special controls, equipment, and skills to attain the required quality and verify quality by inspection and test.
2.F Provide indoctrination and training to establish and maintain suitable proficiency for personnel performing activities affecting quality.
2.G Management to regularly review the status and adequacy of the QA program.
Criterion 3: Design Control 3.A Correctly translate regulatory and design basis requirements into specifications, drawings, etc., to specify quality standards in design documentation and ensure deviations from quality standards are controlled.
3.B Establish measures for selection and review for suitability of application of materials, parts, equipment, and processes essential to the safety-related functions of SSCs.
May 2025
© NEI 2025. All rights reserved.
nei.org 10 3.C Establish measures for identification and control of design interfaces, including the establishment of procedures among design organizations for the review, approval, release, distribution, and revision of documents involving design interfaces.
3.D Perform independent verification of the design, by a design review process alternate calculation, or testing a prototype under the most adverse conditions, and apply design control measures to activities such as reactor physics, accident analyses, material compatibility, in-service inspection, and acceptance criteria for inspections and tests.
3.E Establish measures for control of design changes, including field changes, commensurate with those applied to the original design and approved by the organization that performed the original design.
Criterion 4: Procurement Document Control 4.A Establish measures to assure that applicable requirements, which are necessary to assure quality, are included or referenced in procurement documents, whether purchased by the licensee, or its contractors or subcontractors.
4.B To the extent necessary, require contractors or subcontractors to implement a quality assurance program that complies with 10 CFR 50 Appendix B.
Criterion 5: Instructions, Procedures, and Drawings 5.A Ensure activities affecting quality are prescribed and accomplished by documented instructions, procedures, or drawings.
5.B Ensure instructions, procedures or drawings include quantitative or qualitative acceptance criteria for important activities.
Criterion 6: Document Control
- 6. Establish measures for controlling documents affecting quality to ensure they are suitable and available for use.
Criterion 7: Control of Purchased Material, Equipment, and Services 7.A Establish measures that ensure purchased material, equipment, and services conform to the procurement documents.
7.B Include provisions for source evaluation and selection, objective evidence of quality, inspection at the source, and examination of products upon delivery.
7.C Require sufficient documentary evidence of product conformity to applicable requirements be available and retained at the nuclear facility.
7.D Assess the effectiveness of supplier quality controls at intervals consistent with the importance, complexity, and quantity of the product or service.
May 2025
© NEI 2025. All rights reserved.
nei.org 11 Criterion 8: Identification and Control of Materials, Parts, and Components
- 8. Establish measures for identification and control of items throughout fabrication to prevent the use of incorrect or defective items.
Criterion 9: Control of Special Processes
- 9. Establish measures to ensure special processes are controlled by qualified personnel using qualified procedures in accordance with applicable requirements.
Criterion 10: Inspection 10.A Establish and execute a program for inspection of activities affecting quality to verify conformance with the documented instructions, procedures, and drawings. The inspections are required to be performed by individuals other than those that performed the activity being inspected.
10.B Perform examinations, measurements, or tests for each work operation where necessary to assure quality.
10.C Provide indirect control by monitoring, if inspection is impossible or disadvantageous, and implement both inspection and monitoring when control is inadequate without both.
10.E Identify the required hold or witness points in appropriate documents.
Criterion 11: Test Control 11.A Establish a test program, including proof tests or tests performed during facility operations, to demonstrate SSCs will perform satisfactorily in service.
11.B Ensure test procedures include provisions for ensuring all prerequisites are met, adequate instrumentation is available and used, and that tests are performed under suitable environmental conditions.
11.C Ensure test results are documented and evaluated to ensure that test requirements have been satisfied.
Criterion 12: Control of Measuring and Test Equipment
- 12. Establish measures that ensure measuring and test equipment is properly controlled, calibrated, and adjusted to maintain accuracy within necessary limits.
Criterion 13: Handling, Storage and Shipping 13.A Establish measures to control the handling, storage, shipping, cleaning, and preservation of items in accordance with work and inspection instructions to prevent damage or deterioration.
13.B Specify and provide special protective environments, such as inert gas atmosphere, specific moisture content levels, and temperature levels, when necessary for certain products.
May 2025
© NEI 2025. All rights reserved.
nei.org 12 Criterion 14: Inspection, Test and Operating Status
- 14. Establish measures to indicate the status of inspections and tests using markings, such as stamps, tags, labels, routing cards, or other suitable means, and to indicate the operating status of SSCs in nuclear facilities.
Criterion 15: Nonconforming Materials, Parts or Components
- 15. Establish documented controls for nonconforming items, including identification, documentation, segregation, disposition, and client notification, as appropriate, to prevent their inadvertent use or installation.
Criterion 16: Corrective Action
- 16. Establish measures that ensure conditions adverse to quality are promptly identified and corrected and, in the case of significant conditions adverse to quality, ensure that the cause of the condition is determined, corrective action to prevent repetition is taken, and appropriate levels of management are notified.
Criterion 17: Quality Assurance Records 17.A Maintain sufficient records to furnish evidence of activities affecting quality.
17.B Maintain records that include operating logs and the results of reviews, inspections, tests, audits, monitoring of work performance, materials analyses and closely related data such as qualifications of personnel, procedures, and equipment.
17.C Require inspection and test records to, as a minimum, identify the inspector or data recorder, the type of observation, the results, the acceptability, and the action taken in connection with any deficiencies noted.
17.D Ensure records are identifiable and retrievable and establish requirements for record retention, duration, location and assigned responsibilities consistent with applicable regulatory requirements.
Criterion 18: Audits
- 18. Establish a comprehensive system of planned and periodic audits to verify all aspects of the QA program and determine its effectiveness. The audits are required to be performed in accordance with written procedures or checklists by appropriately trained personnel who do not have responsibility for the audited area. Follow-up action is required, as appropriate, and audit results are required to be documented and reviewed by the management responsible for the audited area.
7 ADDITIONAL PURCHASER REQUIREMENTS OR PROCEDURAL CONTROLS The authors of this guidance performed a review to identify potential gaps that a Purchaser should consider in evaluating ISO 9001:2015 Supplier compliance with the regulatory requirements of 10 CFR 50 Appendix B. A purchaser that is seeking to utilize a supplier with a different non-nuclear quality standard would need to perform a similar assessment according to Appendix B of this report. To perform this analysis, each criterion from 10 CFR 50 Appendix B was decomposed to identify a set of 44
May 2025
© NEI 2025. All rights reserved.
nei.org 13 discrete fundamental requirements. Corresponding requirements from ISO 9001:2015 were identified, potential gaps were noted, and recommendations for closing the gaps were provided. A detailed gap analysis is provided in Appendix C of this report.
A summary of the potential gaps and recommendations is provided below, and the details are discussed in Appendix C. These gaps and the type of action required to close the gap(s) are:
Compliance with 10 CFR Part 50 Appendix B Requirements:
- a. Not Compliant - Additional Purchaser Requirements needed in Procurement Specifications -
9 (See Section 7.1)
- b. Compliant - No Additional Purchaser Requirements needed - 35 Consistency with Purchaser Expectations:
- c. Consistent with Industry Practices - 12
- d. Potential Need for Additional Purchaser Procedural Controls - 23 (See Section 7.2) 7.1 Additional Purchaser Requirements in Procurement Specifications The gaps listed below represent instances where regulatory requirements from 10 CFR 50 Appendix B are not explicitly addressed in ISO 9001:2015. Some Suppliers may have QA programs that exceed the ISO-9001 requirements in ways that satisfies these 10 CFR Part 50 Appendix B requirements, while other suppliers may need to augment their QA program in order to supply safety-related SSCs. In either case, the Purchaser is responsible for including supplemental requirements in the procurement specifications to address these gaps so that the procurement will comply with the regulatory requirement.
- 1. Fundamental Requirement from 10 CFR 50, Appendix B - Organization (1.A):
To establish and execute a quality assurance program and retain responsibility for any delegated work.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to develop a quality management system (QMS) and to ensure externally provided activities conform to requirements.
Potential Gap(s):
ISO 9001:2015 implies that the Supplier retains responsibility for delegated work. However, this requirement is not explicitly stated.
Recommended Additional Purchaser Procedural Controls:
The Purchaser includes a requirement in the procurement specification that the Supplier to retain responsibility for any activities delegated or subcontracted by the Supplier.
- 2. Fundamental Requirement from 10 CFR 50, Appendix B - Organization (1.C):
May 2025
© NEI 2025. All rights reserved.
nei.org 14 To establish sufficient authority, organizational freedom, independence from cost and schedule, and direct access to management for personnel and organizations performing QA functions and to define a specific list of functions they shall be authorized to perform.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to assign responsibilities and authorities for ensuring product/service conformity and effective QMS implementation.
Potential Gap(s):
ISO 9001:2015 does not explicitly require people to perform QA functions, does not define specific QA functions to be performed, such as inspections and tests, and does not require organizational freedom, independence for cost and schedule, or direct access to management.
Recommended Additional Purchaser Procedural Controls:
Purchaser includes a requirement in the procurement specification that specifies the required QA functions and associated requirements for independence and requires a project-specific organizational chart, if necessary, to confirm organization structure facilitates organizational freedom and ensures direct access to appropriate levels of management.
- 3. Fundamental Requirement from 10 CFR 50, Appendix B-Quality Assurance Program (2.A):
To establish a QA program to accomplish activities in accordance with applicable requirements, which is documented by written policies, procedures, or instructions and complies with regulations.
ISO 9001:2015 Comparison ISO 9001:2015 requires a quality management system to be established that includes documented information as needed to ensure the requirements of the ISO standard are satisfied, required processes are implemented properly, and the desired results are achieved.
Potential Gap(s):
ISO 9001:2015 does not identify specific policies, procedures, or instructions that are required to be documented in accordance with nuclear regulatory requirements.
Recommended Additional Purchaser Procedural Controls:
Purchaser includes a requirement in the procurement specification for submitting project-specific procedures, policies, and instructions confirming accordance with the nuclear regulatory requirements specified in the procurement specification.
- 4. Fundamental Requirement from 10 CFR 50, Appendix B - Design Control (3.C):
To establish measures for identification and control of design interfaces for coordination among participating design organizations, including the establishment of procedures among design
May 2025
© NEI 2025. All rights reserved.
nei.org 15 organizations for the review, approval, release, distribution, and revision of documents involving design interfaces.
ISO 9001:2015 Comparison ISO 9001:2015 requires design and development planning activities to consider the responsibilities and authorities involved in the design process, the internal and external resource needs, and the need to control interfaces between people involved in the design process.
Potential Gap(s):
ISO 9001:2015 requires the organization to consider the need for interface controls, but does not explicitly require procedures among the participating design organizations to define how those interfaces will be controlled.
Recommended Additional Purchaser Procedural Controls:
Purchaser includes a requirement in the procurement specification for the supplier to identify the participating design organizations and define how the interfaces and coordination among the design organizations will be controlled.
- 5. Fundamental Requirement from 10 CFR 50, Appendix B - Design Control (3.D):
To perform independent verification of the design by review, alternate calculation, or testing a prototype under the most adverse conditions, and to apply design control measures to activities such as reactor physics, accident analyses, material compatibility, in-service inspection, and acceptance criteria for inspections and tests.
ISO 9001:2015 Comparison ISO 9001:2015 requires design verification and validation activities (i.e., the result of an inspection or test or other form of determination, such as alternate calculations or reviews) to ensure the design outputs meet the input requirements and to ensure the products and services meet the requirements for the specified application or intended use. ISO 9001:2015 also requires design outputs to define requirements for monitoring and measuring and the acceptance criteria.
Potential Gap(s):
ISO 9001:2015 does not require verification and validation activities to be performed by people other than those that performed the design and does not explicitly require testing to consider the most adverse conditions. ISO 9001:2015 Suppliers do not address nuclear safety applications in their QMS scope and do not have the knowledge needed to ensure the design is suitable for a nuclear application.
Recommended Additional Purchaser Procedural Controls:
Purchaser includes a requirement in the procurement specification for verification and validation activities to be performed by persons other than those that performed the design and requires testing to consider the most adverse conditions. Purchaser retains responsibility for ensuring suitability of the design and adds nuclear industry specific requirements in the contract, as applicable.
May 2025
© NEI 2025. All rights reserved.
nei.org 16
- 6. Fundamental Requirement from 10 CFR 50, Appendix B - Design Control (3.E):
To establish measures for control of design changes, including field changes, commensurate with those applied to the original design and approved by the organization that performed the original design.
ISO 9001:2015 Comparison ISO 9001:2015 requires review and control of changes made during or after the design and development planning activities to the extent necessary to ensure there is no impact on conformity to requirements.
Potential Gap(s):
ISO 9001:2015 does not explicitly require design changes to be controlled in a manner commensurate with the original design or approval by the original design organization.
Recommended Additional Purchaser Procedural Controls:
Purchaser retains responsibility for ensuring suitability of the design and imposes nuclear industry specific requirements in the contract, as applicable. Purchaser confirms that the supplier has a design change control process including field changes, commensurate with those applied to the original design and approved by the organization that performed the original design.
- 7. Fundamental Requirement from 10 CFR 50, Appendix B - Procurement Document Control (4.B):
To the extent necessary, require contractors or subcontractors to implement a quality assurance program that complies with 10 CFR 50, Appendix B.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to ensure externally provided processes do not prevent the organizations ability to deliver conforming products and services, which includes ensuring that externally provided processes remain in control and applying controls or verification activities, as needed, based on the potential impact the external provider has on the product or service and the effectiveness of the controls applied by the external provider.
Potential Gap(s):
ISO 9001:2015 does not require procurement documents to impose a QA program that, to the extent necessary, complies with 10 CFR 50, Appendix B.
Recommended Additional Purchaser Procedural Controls:
Purchaser assesses whether the supplier adequately controls products and services under their program, including a requirement in the procurement specification that controls are applied to subcontracted activities, to ensure applicable requirements are satisfied. Purchasers may need to supply qualified materials or require the use of Purchaser-approved suppliers for subcontracted items and services that are not adequately controlled.
May 2025
© NEI 2025. All rights reserved.
nei.org 17
- 8. Fundamental Requirement from 10 CFR 50, Appendix B - Identification and Control of Special Processes (9):
To establish measures to ensure special processes are controlled by qualified personnel using qualified procedures in accordance with applicable requirements.
ISO 9001:2015 Comparison ISO 9001:2015 requires documented information to define the activities to be performed and the results to be achieved, competent persons, including required qualification, and validation / periodic revalidation of the ability to achieve planned results of processes where the resulting output cannot be verified by subsequent monitoring or measurement.
Potential Gap(s):
ISO 9001:2015 does not explicitly require procedures and personnel to be qualified.
Recommended Additional Purchaser Procedural Controls:
Purchaser assesses whether the special process controls are sufficient and includes a requirement in the procurement specification that specifies special process requirements as needed to meet 10 CFR Part 50 Appendix B or require special processes to be performed by Purchaser approved suppliers.
- 9. Fundamental Requirement from 10 CFR 50, Appendix B - Inspection (10.A):
To establish and execute a program for inspection of activities affecting quality to verify conformance with the documented instructions, procedures, and drawings. The inspections are required to be performed by individuals other than those that performed the activity being inspected.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to determine and provide resources for ensuring valid and reliable results when monitoring or measuring (e.g., inspection and testing) is used to verify the conformity of products and services to the requirements. This includes the appointment of competent people, and any required qualification, as well as documented information that defines the characteristics of the products and the results to be achieved.
Potential Gap(s):
ISO 9001:2015 does not explicitly require a program for inspection activities and does not require personnel performing inspection activities to be independent.
Recommended Additional Purchaser Procedural Controls:
Purchaser includes a requirement in the procurement specification that specifies inspection program requirements as needed, including inspector independence to close the identified gaps.
May 2025
© NEI 2025. All rights reserved.
nei.org 18 7.2 Potentially Useful Additional Purchaser Procedural Controls Beyond the requirements in 10 CFR Part 50 Appendix B, there are many typical nuclear industry practices and purchaser specific expectations that, while not necessarily required to meet NRC requirements, may - for a given purchaser - prove useful for consistent high-quality supply of safety-related components. Since views on these things may vary from purchaser to purchaser, supplier to supplier, and from component to component, there is not a one-size fits all approach to addressing these areas.
The potential differences listed below represent instances where the Supplier may address a requirement from ISO 9001:2015 in a different manner than is typical for a Nuclear Supplier, that is where ISO requirements meet the 10 CFR 50 Appendix B requirement, but the suppliers program may not fully align with the Purchaser expectations. There could be many reasons for this, e.g., the Purchasers QA program includes requirements beyond what is needed for 10 CFR 50 Appendix B, or there is variability in practice. The Purchaser will make this determination in their evaluation and audit of the supplier, and there may be approaches other than procurement specifications that could be used to address these expectations. These areas do not represent non-compliance with 10 CFR Part 50 Appendix B, but rather an opportunity to implement Purchaser expectations recognizing that there exists variability to tailor to the unique combination of the purchaser, supplier and component.
- 1. Fundamental Requirement from 10 CFR 50, Appendix B - Quality Assurance (2.B):
To identify the SSCs covered by the program, major organizations participating in the program and designated functions of these organizations.
ISO 9001:2015 Comparison ISO 9001:2015 requires the scope of the QMS, which drives the development of the QMS and associated activities to be performed, to be established based on the products and services supplied and requirements from interested parties, including customer and regulatory requirements.
Potential Difference(s):
None. The ISO 9001:2015 objectives are consistent with the regulation.
Potential Additional Purchaser Procedural Controls (if identified as a difference that needs to be addressed):
Purchaser retains responsibility for ensuring suitability of the design and adds nuclear industry specific requirements in the contract, at the Purchasers discretion.
- 2. Fundamental Requirement from 10 CFR 50, Appendix B - Quality Assurance (2.C):
To control activities affecting the quality of the SSCs to an extent consistent with their importance to safety.
May 2025
© NEI 2025. All rights reserved.
nei.org 19 ISO 9001:2015 Comparison ISO 9001:2015 requires control of activities needed to ensure the QMS and associated processes achieve the intended results.
Potential Differences(s):
ISO 9001:2015 is not explicitly focused on nuclear safety related activities.
Potential Additional Purchaser Procedural Controls (if identified as a difference that needs to be addressed):
Purchaser retains responsibility for ensuring suitability of the design and adds nuclear industry specific requirements in the contract, at the Purchasers discretion.
- 3. Fundamental Requirement from 10 CFR 50, Appendix B - Quality Assurance (2.E):
To consider the need for special controls, equipment, and skills to attain the required quality and for verification of quality by inspection and test.
ISO 9001:2015 Comparison ISO 9001:2015 requires controls, infrastructure, (e.g., tools and equipment), competence (including required qualification), and implementation of monitoring and measurement activities (e.g., inspection and test) to ensure products and services conform to the acceptance criteria.
Potential Difference(s):
The ISO 9001:2015 objectives are consistent with the regulation. However, ISO 9001:2015 Suppliers may not qualify their processes or personnel in a manner consistent with nuclear regulatory requirements.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser assesses whether the processes and personnel are properly qualified to perform their function and whether the planned inspections and tests meet regulatory requirements or specifies qualification and inspection / test requirements needed to address the differences.
- 4. Fundamental Requirement from 10 CFR 50, Appendix B - Quality Assurance (2.F):
To provide indoctrination and training as needed to establish and maintain suitable proficiency for personnel performing activities affecting quality.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to determine the competence, including any required qualification, needed for personnel performing work that affects the performance and effectiveness of the QMS and ensure the required level of competency is established and maintained.
May 2025
© NEI 2025. All rights reserved.
nei.org 20 Potential Differences(s):
None. The ISO 9001:2015 objectives are consistent with the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser assesses supplier personnel training and qualifications meet regulatory requirements and specify additional training and qualification requirements if needed to address the differences.
- 5. Fundamental Requirement from 10 CFR 50, Appendix B Design Control (3.A):
To correctly translate regulatory and design basis requirements into specifications, drawings, etc., to specify quality standards in design documentation and ensure deviations from quality standards are controlled.
ISO 9001:2015 Comparison ISO 9001:2015 requires design outputs to satisfy the applicable design inputs, including regulatory requirements and standards; to be documented adequately for subsequent processing of products and services; to include monitoring and measurement (e.g., inspection and test) requirements, including the acceptance criteria; and to specify characteristics essential for their intended purpose and their safe and proper provision.
Potential Difference(s):
None. The ISO 9001:2015 objectives are consistent with the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser retains responsibility for ensuring suitability of the design, including the specified standards, and imposes nuclear industry specific requirements in the contract, as applicable.
- 6. Fundamental Requirement from 10 CFR 50, Appendix B - Design Control (3.B):
To establish measures for selection and review for suitability of application of materials, parts, equipment, and processes essential to the safety-related functions of SSCs.
ISO 9001:2015 Comparison ISO 9001:2015 requires design outputs to satisfy the applicable design inputs, including functional and performance requirements to be documented adequately for subsequent processing of products and services and to specify characteristics essential for their intended purpose and their safe and proper provision.
Potential Difference(s):
None. The ISO 9001:2015 objectives are consistent with the regulation.
May 2025
© NEI 2025. All rights reserved.
nei.org 21 Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser retains responsibility for ensuring suitability of the design and imposes nuclear industry specific requirements in the contract, as applicable.
- 7. Fundamental Requirement from 10 CFR 50, Appendix B - Procurement Document Control (4.A):
To establish measures to ensure that applicable requirements, which are necessary to assure quality, are included or referenced in procurement documents, whether purchased by the licensee, or its contractors or subcontractors.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to ensure the adequacy of requirements communicated to external providers.
Potential Difference(s):
ISO 9001:2015 Suppliers may need additional information to ensure applicable nuclear regulatory and design bases requirements are communicated to their suppliers.
Additional Purchaser Procedural Controls) (if not addressed within the Suppliers program):
Purchaser defines the applicable requirements to be passed down to suppliers.
- 8. Fundamental Requirement from 10 CFR 50, Appendix B - Instructions, Procedures, and Drawings (5.A):
To ensure activities affecting quality are prescribed and accomplished by documented instructions, procedures, or drawings.
ISO 9001:2015 Comparison ISO 9001:2015 requires the quality management system to include documented information as needed to operate its processes and ensure the documented information is available and suitable for use.
Potential Difference(s):
ISO 9001:2015 does not identify specific procedures or instructions that are required to be documented.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser requires submittal of project-specific procedures, as needed.
- 9. Fundamental Requirement from 10 CFR 50, Appendix B - Instructions, Procedures, and Drawings (5.B):
To ensure instructions, procedures, or drawings include quantitative or qualitative acceptance criteria for important activities.
May 2025
© NEI 2025. All rights reserved.
nei.org 22 ISO 9001:2015 Comparison ISO 9001:2015 requires design and development outputs to include acceptance criteria for monitoring and measuring requirements and to specify characteristics of the products and services that are essential for their intended use and their safe and proper provision. Documented information that defines the characteristics of the products or services and the results to be achieved are required to be available for use. ISO 9000 notes that a characteristic can be qualitative or quantitative.
Potential Difference(s):
ISO 9001:2015 Suppliers may need additional information to determine whether the characteristics and acceptance criteria are adequately defined for a nuclear application.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser assesses whether the suppliers acceptance criteria are suitable for their nuclear application and imposes technical and quality requirements as needed to ensure the acceptance criteria for important activities are adequately defined.
- 10. Fundamental Requirement from 10 CFR 50, Appendix B - Document Control (6):
To establish measures for control of documents affecting quality to ensure they are suitable and available for use.
ISO 9001:2015 Comparison ISO 9001:2015 requires documented information to be reviewed and approved for suitability and adequacy and available for use where and when it is needed. Changes to documented information are required to be controlled.
Potential Difference(s):
The ISO 9001:2015 objectives are consistent with the regulation. However, ISO 9001:2015 does not require changes to be reviewed and approved by the same organization as the original.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser requires documents with impact on quality, including document changes, to be submitted for review and approval.
- 11. Fundamental Requirement from 10 CFR 50, Appendix B - Control of Purchased Material, Equipment, and Services (7.B):
To include provisions for source evaluation and selection, objective evidence of quality, inspection at the source, and examination of products upon delivery.
ISO 9001:2015 Comparison ISO 9001:2015 requires evaluation and selection of external providers based on their ability to satisfy the requirements, and requires controls applied to external providers and their outputs to be defined
May 2025
© NEI 2025. All rights reserved.
nei.org 23 based on the potential impact on the ability to satisfy requirements and the effectiveness of the providers controls.
Potential Difference(s):
The ISO 9001:2015 evaluation and selection process would not explicitly consider requirements compliance with 10 CFR 50, Appendix B.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser assesses whether the supplier adequately controls products and services under their program, including their controls applied to subcontracted activities, to ensure applicable requirements are satisfied. The Purchaser may need to supply qualified materials or require the use of Purchaser approved suppliers for subcontracted items and services that are not adequately controlled.
- 12. Fundamental Requirement from 10 CFR 50, Appendix B - Control of Purchased Material, Equipment, and Services (7.C):
To require sufficient documentary evidence of product conformity to applicable requirements be available and retained at the nuclear facility.
ISO 9001:2015 Comparison ISO 9001:2015 requires documented information of product conformity to be retained.
Potential Difference(s):
ISO 9001:2015 does not require the documented information to be supplied to the client and retained at the nuclear facility.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser maintains responsibility for obtaining the required documentary evidence and ensuring it is available at the nuclear facility. Purchaser specifies requirements for submittal of documentary evidence in the contract.
- 13. Fundamental Requirement from 10 CFR 50, Appendix B - Control of Purchased Material, Equipment, and Services (7.D):
To assess the effectiveness of supplier quality controls at intervals consistent with the importance, complexity, and quantity of the product or service.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to re-evaluate external providers based on their ability to satisfy the requirements, ensure externally provided processes remain in control, and apply controls or verification activities, as needed, based on the potential impact the external provider has on the product or service and the effectiveness of the controls applied by the external provider.
May 2025
© NEI 2025. All rights reserved.
nei.org 24 Potential Difference(s):
The ISO 9001:2015 assessment for effectiveness may not explicitly consider requirements for compliance with 10 CFR 50, Appendix B.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser assesses whether the supplier adequately controls products and services under their program, including their controls for ensuring subcontracted activities remain in compliance. The Purchaser may need to supply qualified materials or require the use of Purchaser approved suppliers for subcontracted items and services that are not adequately controlled.
- 14. Fundamental Requirement from 10 CFR 50, Appendix B - Identification of Materials, Parts, and Components (8):
To establish measures for identification and control of items throughout fabrication to prevent the use of incorrect or defective items.
ISO 9001:2015 Comparison ISO 9001:2015 requires a suitable means to identify outputs when necessary to ensure conformity and unique identification when traceability is a requirement.
Potential Difference(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Additional Purchaser Procedural Controls) (if not addressed within the Suppliers program):
Purchaser specifies requirements for identification and control as needed, including traceability.
- 15. Fundamental Requirement of 10 CFR 50, Appendix B - Inspection (10.B):
To perform examinations, measurements, or tests for each work operation where necessary to assure quality.
ISO 9001:2015 Comparison ISO 9001:2015 requires the implementation of monitoring and measurement activities (e.g., inspections and tests) at appropriate stages to verify that criteria for control of processes or outputs, and the acceptance criteria for products and services, have been met.
Potential Difference(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies inspection requirements as needed.
May 2025
© NEI 2025. All rights reserved.
nei.org 25
- 16. Fundamental Requirement from 10 CFR 50, Appendix B - Inspection (10.D):
To identify required hold or witness points in appropriate documents.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to implement planned arrangements, at appropriate stages, to verify that the requirements have been met and to retain documented information providing evidence of conformity to the acceptance criteria and traceability to the person(s) authorizing the release.
Potential Difference(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies inspection requirements, including requirements for hold and witness points, as needed.
- 17. Fundamental Requirement from 10 CFR 50, Appendix B - Test Control (11.B):
To ensure test procedures include provisions for assuring all prerequisites are met, adequate instrumentation is available and used, and that tests are performed under suitable environmental conditions.
ISO 9001:2015 Comparison ISO 9001:2015 requires the availability of documented information that defines the characteristics (e.g.,
physical or functional) of the products to be produced and for implementation of monitoring and measurement activities (e.g., inspections and tests) at appropriate stages to verify that criteria for control of processes or outputs, and the acceptance criteria for products and services, have been met.
ISO 9001:2015 also requires a suitable infrastructure and environment for the operation of processes.
Potential Difference(s):
ISO 9001:2015 does not explicitly require documented information to include test procedures that satisfy the requirements of the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies testing requirements if needed and requires submittal of applicable test procedures for review and approval.
- 18. Fundamental Requirement from 10 CFR 50, Appendix B - Inspection, Test, and Operating Status (14):
To establish measures to indicate the status of inspections and tests by the use of markings, such as stamps, tags, labels, routing cards, or other suitable means, and to indicate the operating status of SSCs in nuclear facilities.
May 2025
© NEI 2025. All rights reserved.
nei.org 26 ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to use suitable means to identify outputs when necessary to ensure conformity and to identify the status of outputs with respect to monitoring and measurement requirements throughout production.
Potential Difference(s):
The regulatory requirements for indicating the operating status of SSCs in nuclear facilities do not apply to non-licensees, such as ISO 9001:2015 suppliers. The ISO 9001:2015 objectives are consistent with the regulatory requirements for indication of inspection and test status. ISO 9001:2015 does not explicitly list suitable methods for indicating the status of monitoring and measurement requirements. However, ISO 9001:2015 Suppliers typically use stamps, tags, and routing cards for this purpose.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies requirements for indicating the inspection and test status as needed.
- 19. Fundamental Requirement from 10 CFR 50, Appendix B - Corrective Action (16):
To establish measures that ensure conditions adverse to quality are promptly identified and corrected and, in the case of significant conditions adverse to quality, assure that the cause of the condition is determined, corrective action to prevent repetition is taken, and appropriate levels of management are notified.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to react appropriately to a nonconformity to control and correct it and deal with the consequences. The organization is required to evaluate the need for action to eliminate the cause by analyzing the nonconformity, determining the cause, and determining if similar nonconformities exist or could occur. The organization is required to implement needed actions, review the effectiveness of actions taken, and update the quality management system, if necessary. The organization is required to retain documented information of the nonconformity, actions taken, and the results of corrective actions.
Potential Difference(s):
ISO 9001:2015 does not explicitly require management notification.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies requirements for management notification.
- 20. Fundamental Requirement from 10 CFR 50, Appendix B - Quality Assurance Records (17.B):
To maintain records that include operating logs and the results of reviews, inspections, tests, audits, monitoring of work performance, materials analyses and closely related data such as qualifications of personnel, procedures, and equipment.
May 2025
© NEI 2025. All rights reserved.
nei.org 27 ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to retain documented information for various activities, including those providing confidence that processes are carried out as planned, providing evidence of competence, demonstrating conformity of products and services, demonstrating design and development requirements were met, providing information on nonconformities, and providing evidence of audit program implementation.
Potential Difference(s):
The documented information required by ISO 9001:2015 is consistent with the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies the records requirements as needed.
- 21. Fundamental Requirement from 10 CFR 50, Appendix B - Quality Assurance Records (17.C):
To require inspection and test records to, as a minimum, identify the inspector or data recorder, the type of observation, the results, the acceptability, and the action taken in connection with any deficiencies noted.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to implement monitoring and measuring activities (e.g.,
inspections and tests) at appropriate stages to verify acceptance criteria for products and services were met and to retain evidence of conformity with the acceptance criteria with traceability to the person(s) authorizing the release. The organization is also required to retain documented information as evidence of the nature of nonconformities and any subsequent actions taken.
Potential Difference(s):
ISO 9001:2015 does not explicitly define minimum content requirements for inspection and test records.
However, inspection and test records from ISO 9001:2015 Suppliers typically include the required information.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies records requirements as needed.
- 22. Fundamental Requirement from 10 CFR 50, Appendix B - Quality Assurance Records (17.D):
To ensure records are identifiable and retrievable and to establish requirements for record retention, duration, location, and assigned responsibilities consistent with applicable regulatory requirements.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to ensure documented information is available and suitable for use where and when it is needed and adequately protected from improper use or loss of integrity. The organization is required to control documented information to address requirements for distribution,
May 2025
© NEI 2025. All rights reserved.
nei.org 28 access and retrieval, storage and preservation, including preservation of legibility, retention and disposition, and protection from unintended alterations.
Potential Difference(s):
The ISO 9001:2015 requirements for control of documented information are consistent with the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies records requirements and submittal of records needed to satisfy applicable regulatory requirements, for retention in accordance with the Purchasers program.
- 23. Fundamental Requirement from 10 CFR 50, Appendix B - Audits (18):
To establish a comprehensive system of planned and periodic audits to verify all aspects of the QA program and determine its effectiveness. The audits are required to be performed in accordance with written procedures or checklists by appropriately trained personnel not having responsibility for the audited area. Follow-up action is required, as appropriate, and audit results are required to be documented and reviewed by management responsible for the audited area.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to conduct internal audits to determine whether the quality management system conforms to requirements and is effectively implemented. An audit program is to be planned, established, implemented, and maintained to define criteria and scope for each audit, select auditors to ensure objectivity and impartiality, report results to relevant management, take corrective action without undue delay and retain evidence of implementation. ISO 19011 (Reference 14) is referenced for guidance on ensuring the competence of the audit team.
Potential Difference(s):
Audit procedures or checklists are not explicitly required. As noted in Criterion XVI, a review of corrective action effectiveness is required by ISO 9001:2015 but follow-up action, including reaudit of deficient areas, is not required.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies auditing requirements for activities that affect procured products or services as needed.
7.3 ISO 9001:2015 Requirements Consistent with the 10 CFR Part 50 Appendix B For the Appendix B criteria in this sub-section, the assessment documented in Appendix C of this document has determined that there are no potential gaps with ISO-9001:2015. Therefore, there is no need for additional procedural controls or procurement specifications that are needed by the Purchaser.
May 2025
© NEI 2025. All rights reserved.
nei.org 29
- 1. Fundamental Requirement from 10 CFR 50, Appendix B - Quality Assurance Program (2.D):
To accomplish activities affecting quality under suitably controlled conditions, including appropriate equipment and environment, and ensuring prerequisites for a given activity have been satisfied.
ISO 9001:2015 Comparison ISO 9001:2015 requires controls to achieve conformity of the products and services provided by the organization.
- 2. Fundamental Requirement from 10 CFR 50, Appendix B - Quality Assurance Program (2.G):
For management to regularly review the status and adequacy of the QA program.
ISO 9001:2015 Comparison ISO 9001:2015 requires a Management Review, with specifically required inputs and outputs, to ensure the continued suitability and adequacy of the QMS.
- 3. Fundamental Requirement from 10 CFR 50, Appendix B - Control of Purchased Material, Equipment, and Services (7.A):
To establish measures that ensure purchased material, equipment, and services conform to the procurement documents.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to ensure that externally provided processes, products, and services conform to the requirements.
- 4. Fundamental Requirement from 10 CFR 50, Appendix B - Inspection (10.C):
To provide indirect control by monitoring, if inspection is impossible or disadvantageous and to implement both inspection and monitoring when control is inadequate without both.
ISO 9001:2015 Comparison ISO 9001:2015 requires the implementation of monitoring and measurement activities (e.g., inspections and tests) at appropriate stages to verify that criteria for control of processes or outputs, and the acceptance criteria for products and services, have been met.
- 5. Fundamental Requirement from 10 CFR 50, Appendix B - Test Control (11.A):
To establish a test program, including proof tests or tests performed during facility operations, to demonstrate SSCs will perform satisfactorily in service.
May 2025
© NEI 2025. All rights reserved.
nei.org 30 ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to conduct validation activities to ensure the resulting products and services satisfy the intended use and to implement monitoring and measurement activities (e.g.,
inspections and tests) to ensure the acceptance criteria is met.
- 6. Fundamental Requirement from 10 CFR 50, Appendix B - Test Control (11.C):
To ensure test results are documented and evaluated to ensure that test requirements have been satisfied.
ISO 9001:2015 Comparison ISO 9001:2015 requires documented information that includes evidence of conformity with the acceptance criteria and traceability to the person(s) that authorized the release of the product or service.
- 7. Fundamental Requirement from 10 CFR 50, Appendix B - Control of Measuring and Test Equipment (12):
To establish measures that ensure measuring and test equipment is properly controlled, calibrated, and adjusted to maintain accuracy within necessary limits.
ISO 9001:2015 Comparison ISO 9001:2015 requires measuring equipment to be calibrated, identified, and safeguarded to provide confidence in the validity of measurement results.
- 8. Fundamental Requirement from 10 CFR 50, Appendix B - Handling, Storage, and Shipping (13.A):
To establish measures to control the handling, storage, shipping, cleaning, and preservation of items in accordance with work and inspection instructions to prevent damage or deterioration.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to preserve outputs during production to ensure conformity to requirements and notes that preservation can include identification, handling, contamination control, packaging, storage, transmission, or transportation and protection.
- 9. Fundamental Requirement from 10 CFR 50, Appendix B - Handling, Storage, and Shipment (13.B):
To specify and provide special protective environments, such as inert gas atmosphere, specific moisture content levels, and temperature levels, when necessary for particular products.
May 2025
© NEI 2025. All rights reserved.
nei.org 31 ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to determine, provide, and maintain the environment, including physical factors (e.g., temperature, heat, humidity, light, airflow, hygiene, and noise),
necessary for the operation of its processes and to achieve conformity of products and services.
- 10. Fundamental Requirement from 10 CFR 50, Appendix B - Nonconforming Materials, Parts, and Components (15):
To establish documented controls for nonconforming items, including identification, documentation, segregation, disposition, and client notification, as appropriate, to prevent their inadvertent use or installation.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to ensure nonconforming outputs are identified and controlled to prevent unintended use or delivery and to retain documented information that describes the nonconformity, the actions taken, concessions obtained, and the authority deciding the action for the nonconformity. Actions are to include correction, segregation, containment, return, or suspension of products, informing the customer, and obtaining acceptance of the nonconformity.
- 11. Fundamental Requirement from 10 CFR 50, Appendix B - Quality Assurance Records (17.A):
To maintain sufficient records to furnish evidence of activities affecting quality.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to determine the processes needed for the quality management system and their application throughout the organization and, to the extent necessary, retain documented information to have confidence the processes are carried out as planned and provide evidence the products conform with the acceptance criteria.
8 10 CFR PART 21 COMPLIANCE The Purchaser will use their gap assessment results, any supplemental requirements developed as a result of these assessments, and periodic supplier audits and surveillance activities as a means of ensuring the ISO 9001:2015 Suppliers activities are adequately controlled under the Purchasers 10 CFR 50 Appendix B-compliant program.
The Supplier is still considered to be a non-nuclear supplier, because the Purchaser is not passing down 10 CFR Part 50 Appendix B as the QA requirements, and the Supplier does not have a QA program that is endorsed by the NRC as meeting the requirements of 10 CFR Part 50 Appendix B. Therefore, the Purchaser also does not need to pass down Part 21 requirements. The accepted supplier controls and supplemental requirements are considered to be implemented under the umbrella of the Purchasers 10 CFR 50 Appendix B-compliant program, including the Purchasers process for compliance with 10 CFR Part 21.
The Purchaser is responsible for compliance with 10 CFR Part 21, because the Supplier is implementing a Non-nuclear QA program with additional Purchaser requirements to meet 10 CFR Part 50 Appendix B.
May 2025
© NEI 2025. All rights reserved.
nei.org 32 The Purchaser maintains responsibility for compliance with 10 CFR Part 21 and ensures the supplemental requirements, including requirements for notification of nonconforming items or conditions adverse to quality associated with the items or services procured, are imposed contractually.
This includes notification of applicable nonconformances from sub-tier suppliers. The Purchaser will utilize NEI 14-09 Guidelines for Implementation of 10 CFR Part 21 Reporting of Defects and Non-Compliance revision 1 to comply with 10 CFR Part 21 evaluation and reporting requirements (17).
9 REFERENCES
- 1. ISO 9001:2015, Quality management systems - Requirements
- 2. Code of Federal Regulations, Title 10, Part 50, Appendix B, Quality Assurance Criteria for Nuclear Power Plants and Fuel Reprocessing Plants
- 3. Code of Federal Regulations, Title 10, Part 21, Reporting of Defects and Noncompliance
- 4. NRC SECY-03-0117, Approaches for Adopting More Widely Accepted International Quality Standards
- 5. ASME NQA-1-(latest NRC endorsed version), Quality Assurance Requirements for Nuclear Facility Applications
- 6. NRC Inspection Procedure 43004Inspection of Commercial-Grade Dedication Programs, February 2023.
- 7. ISO 9000:2015, Quality management systems - Fundamentals and vocabulary
- 8. Plant Engineering: Guideline for the Acceptance of Commercial-Grade Items in Nuclear Safety-Related Applications: Revision 1 to EPRI NP-5652 and TR-102260. EPRI, Palo Alto, CA: 2014.
3002002982.
- 9. NUREG/BR-0500, Safety Culture Policy Statement, Revision 4, May 2018
- 10. NEI 14-05A, Guidelines for the use of accreditation in lieu of commercial grade surveys for procurement of laboratory calibration and test services, Revision 1, September 2020
- 11. AS9100D:2016, Quality Management Systems - Requirements for Aviation, Space, and Defense Organizations
- 12. IATF 16949:2016, Quality management system requirements for automotive production and relevant service parts organizations
- 13. ISO 19011:2018, Guidelines for auditing management systems
- 14. NEI Technical Report 18-04, Risk-Informed Performance-Based Technology Inclusive Guidance for Non-Light Water Reactor Licensing Basis Development, Revision 1, August 2019
- 15. NRC Regulatory Guide 1.233, Guidance for a Technology-Inclusive Risk-Informed, and Performance-Based Methodology to Inform the Licensing Basis and Content of Applications for Licensees, Certifications, and Approvals for Non-Light-Water React
May 2025
© NEI 2025. All rights reserved.
nei.org 33
- 16. Analysis and Comparison of ANSI/ISO/ASQ Q9001:2000 with 10CFR50, Appendix B: ISO 9000Gap Analysis. EPRI, Palo Alto, CA: 2003. 1007937.
- 17. NEI 14-09, Guidelines for Implementation of 10 CFR Part 21 Reporting of Defects and Non-Compliance, Revision 1, February 2016.
May 2025
© NEI 2025. All rights reserved.
nei.org A-1 APPENDIX A. SCREENING PROCESS A screening process may be a useful tool to estimate the level of effort needed to develop and implement additional actions for the Suppliers program to comply with the applicable elements of 10 CFR 50 Appendix B.
Suggested Screening Questions No.
Question Y
N N/A Comment Criterion 1: Organization Does your company have a quality policy statement relating to the quality management of the company?
(Please provide a copy)
See 7.1.1 Does your company have a documented Quality Management System (QMS) /
Quality Assurance Program (QAP)?
See 7.1.1 Does the system / program documentation include the scope of items and services to which it applies?
See 7.2.1 Have you documented / published the QMS in a company quality manual or via an electronic management system?
See 7.2.8 Does your company have a certi"ed management system in accordance with an industry standard (e.g. ISO, AS, etc.)?
(Please provide a copy of the certi"cate).
See 7.1.3 Does your company have a dedicated quality organization?
(Please provide organization chart or description.)
See 7.1.1 Is the quality organization independent from cost, schedule, and production concerns such that their ability to perform oversight is not compromised? Is this documented in the system / program?
See 7.1.2 Does the quality organization have access to upper layers of management to
May 2025
© NEI 2025. All rights reserved.
nei.org A-2 No.
Question Y
N N/A Comment ensure quality issues are adequately addressed?
See 7.1.2 Does the system / program ensure personnel performing quality veri"cation activities such as inspection, testing, NDE, and auditing) to be quali"ed?
See 7.2.13 Criterion 2: Quality Assurance Program Does the program / system de"ne controls for activities aecting quality of the required items or services to an extent consistent with their importance to safety?
See 7.2.2 Does the system / program require Management to regularly review the status and adequacy of the QMS?
See 7.3.2 Criterion 3: Design Controls Does the program / system ensure that design and development inputs are identi"ed and controlled, including functional / performance requirements, applicable codes and standards, statutory and regulatory requirements, and applicable requirements contained in contracts?
See 7.2.5 Does the program / system the suitability of application of materials, parts, equipment, and processes for the intended use?
See 7.2.6 Does the program / system provide the identi"cation and control of design interfaces?
See 7.1.4 Does the program / system require that reviews of design be conducted by personnel / groups independent of those responsible for developing the design?
See 7.1.5 Does the program / system require that veri"cation activities be conducted
May 2025
© NEI 2025. All rights reserved.
nei.org A-3 No.
Question Y
N N/A Comment using methods such as independent review, alternate calculations, or veri"cation testing?
See 7.1.5 Does the program / system require that changes to the design are controlled and approved?
See 7.1.6 Criterion 4: Procurement Document Control Does the program / system require that applicable requirements, including quality requirements are included or referenced in procurement documents?
See 7.2.7 Does the program / system require that contractual requirements imposed by the client are re"ected in procurement documents for sub-suppliers?
See 7.1.7 Does the program / system require that sub-suppliers are quali"ed to provide the items / services purchased?
See 7.2.3 Criterion 5: Instructions, Procedures, and Drawings Does the program / system control activities aect quality through the use of documentation (instructions, procedures, or drawings)?
See 7.2.5 Does the documentation include qualitative or quantitative acceptance criteria to ensure the desired result is obtained?
See 7.2.9 Criterion 6: Document Control Does the program / system establish measures to ensure that documentation is suitable and available for use?
See 7.2.10 Criterion 7: Control of Purchased Material, Equipment and Services
May 2025
© NEI 2025. All rights reserved.
nei.org A-4 No.
Question Y
N N/A Comment Does the system / program ensure that purchased material, equipment, and services conform to the procurement documents?
See 7.3.3 Does the system / program include provisions for source evaluation and selection, objective evidence of quality, inspection at the source, and examination of products upon delivery?
See 7.2.11 Does the system / program require sucient documentary evidence of product conformity to applicable requirements be available and retained?
See 7.2.12 Does the system / program periodically evaluate the eectiveness of sub-suppliers quality management consistent with the importance and complexity of the product or service?
See 7.2.13 Criterion 8: Identi"cation and Control of Materials, Parts, and Components Does the system / program establish measures for identi"cation and control of items throughout fabrication to prevent the use of incorrect or defective items?
See 7.2.14 Criterion 9: Identi"cation and Control of Special Processes Does the system / program use special processes?
See 7.1.8 Are the special processes controlled by quali"ed personnel using quali"ed procedures in accordance with applicable requirements?
See 7.1.8 Criterion 10: Inspection Does the system / program provide for inspections of activities aecting quality to verify conformance with documented requirements?
May 2025
© NEI 2025. All rights reserved.
nei.org A-5 No.
Question Y
N N/A Comment See 7.2.21 Are inspections performed by personnel other than those that performed the activity being inspected?
See 7.1.9 Does the system / program establish measures to identify required hold or witness points in appropriate documents?
See 7.2.16 Criterion 11: Test Control Does the system / program establish a testing program performed to demonstrate that required items will perform satisfactorily in service?
See 7.3.5 Does the system / program ensure test procedures are developed to assure all prerequisites are met, adequate and quali"ed instrumentation is available and used, and that tests are performed under suitable environmental conditions?
See 7.2.17 Does the system / program ensure test results are evaluated to ensure that test requirements have been satis"ed?
See 7.3.6 Criterion 12: Control of Measuring and Test Equipment Does the system / program ensure measuring and test equipment is properly controlled and calibrated to maintain accuracy within necessary limits?
See 7.3.7 Criterion 13: Handling, Storage, and Shipping Does the system / program establish measures to control the handling, storage, shipping, cleaning, and preservation of items in accordance with work and inspection instructions to prevent damage or deterioration?
See 7.3.8
May 2025
© NEI 2025. All rights reserved.
nei.org A-6 No.
Question Y
N N/A Comment Does the system / program specify and provide special protective environments, such as inert gas atmosphere, speci"c moisture content levels, and temperature levels, when necessary for particular products?
See 7.3.9 Criterion 14: Inspection, Test, and Operating Status Does the system / program establish measures to indicate the status of inspections and test? Examples include stamps, tags, labels, routing cards, or other suitable means.
See 7.2.18 Criterion 15: Nonconforming Materials, Parts, and Components Does the system / program establish documented controls for nonconforming items, including identi"cation, documentation, segregation, disposition, and client noti"cation, as appropriate, to prevent their inadvertent use or installation?
See 7.2.19 Criterion 16: Corrective Action Does the system / program ensure that conditions adverse to quality (nonconformities) are promptly identi"ed and corrected, ensure that the cause of the condition is determined, corrective action to prevent repetition is taken, and appropriate levels of management are noti"ed?
See 7.2.19 Criterion 17: Quality Assurance Records Does the system / program ensure that sucient records to furnish evidence of activities aecting quality are generated and maintained? Examples of records may include:
Results of reviews Inspection records Test records
May 2025
© NEI 2025. All rights reserved.
nei.org A-7 No.
Question Y
N N/A Comment Monitoring records Materials analysis Qualifications of personnel, procedures, and equipment.
See 7.3.11 Does the system / program ensure that records are identi"able and retrievable?
See 7.2.20 Does the system / program establish requirements for record retention, duration, location, and assigned responsibilities?
See 7.2.22 Does the system / program require inspection and test records to identify:
the inspector or data recorder the type of observation the results the acceptability the actions taken to address any de"ciencies noted?
See 7.2.21 Criterion 18: Audits Does the system / program establish a comprehensive system of planned and periodic audits that verify all aspects of the system / program and determine its eectiveness?
See 7.2.23 Does the system / program require that audits are performed in accordance with written procedures, checklists or other documentation by appropriately trained, independent personnel?
See 7.2.23 Does the system / program require follow-up action, where appropriate to address audit results?
See 7.2.23 Does the system / program require the audit results to be documented and reviewed by management responsible for the audited area?
See 7.2.23
May 2025
© NEI 2025. All rights reserved.
nei.org B-1 APPENDIX B. 10 CFR 50 APPENDIX B GAP ASSESSMENT CHECKLIST The following checklist was derived from the gap analysis documented in Appendix C of this report and is intended for use in performing and documenting the gap assessment of the suppliers program for compliance with 10 CFR 50 Appendix B.
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 1 of 24 Assessment No.:
© NEI 2025. All rights reserved.
SUMMARY
SHEET GENERAL INFORMATION SUPPLIER INFORMATION SUPPLIER NUMBER:
SUPPLIER:
ADDRESS:
CITY:
STATE: ZIP CODE:
TELEPHONE NUMBER:
FAX NUMBER:
PRODUCT/SERVICE:
SUPPLIER CONTACTS COMPANY WEB ADDRESS:
SENIOR COMPANY OFFICER:
TITLE:
PHONE:
SENIOR QA OFFICER:
TITLE:
PHONE:
E-MAIL:
ASSESSMENT INFORMATION GAP ASSESSMENT ID NO.:
GAP ASSESSMENT DATES:
SUPPLIERS CERTIFICATE(S):
SUPPLIERS PROGRAM DOCUMENT(S):
REVISION/DATE:
GAP ASSESSMENT TEAM INFORMATION GAP ASSESSMENT TEAM NAME PHONE EMAIL:
CHECKLIST SECTIONS ASSESSED TEAM LEADER TEAM MEMBER TEAM MEMBER TECHNICAL SPECIALIST (SPECIFY DISCIPLINE)
ASSESSMENT TEAM LEADER:
DATE:
REVIEWER:
DATE:
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 2 of 24 Assessment No.:
© NEI 2025. All rights reserved.
RESULTS
SUMMARY
ITEM / SERVICE (specify):
SAFETY FUNCTION (specify):
SPECIAL CONSIDERATIONS (software, special processes, etc.,):
Criterion SAT / UNSAT Gaps for Compliance 1
Organization 2
Quality Assurance Program 3
Design Control 4
Procurement Document Control 5
Instructions, Procedures, and Drawings 6
Document Control 7
Control of Purchased Material, Equipment, and Services 8
Identification and Control of Materials, Parts, and Components 9
Identification and Control of Special Processes 10 Inspection 11 Test Control 12 Control of Measuring and Test Equipment 13 Handling, Storage, and Shipping 14 Inspection, Test, and Operating Status 15 Nonconforming Materials, Parts, and Components 16 Corrective Action 17 Quality Assurance Records 18 Audits CONCLUSIONS
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 3 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT CRITERION I: ORGANIZATION 1.A Has the supplier established and executed a quality assurance program and retained responsibility for any delegated work? Is the requirement for retaining responsibility explicitly stated within the program?
Relevant ISO 9001:2015 References: 4.4.1, 8.4.1 NEI 22-04 reference: 7.1.1 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OJECTIVE EVIDENCE REVIEWED / WITNESSED:
GAPS IDENTIFIED:
CRITERION I: ORGANIZATION 1.B Has the supplier established authorities and duties for persons or organizations performing activities affecting the safety function for the equipment they supply including activities for attaining quality objectives and QA functions?
Relevant ISO 9001:2015 References: 5.3, 6.2.1, 8.6, 9.2.1 NEI 22-04 reference: 7.1.5 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 4 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT CRITERION I: ORGANIZATION 1.C Does the program establish sufficient authority, organizational freedom, independence from cost and schedule, and direct access to management for personnel and organizations performing QA functions? Does the program define a QA Department with specific functions, such as inspections and tests, that QA personnel are authorized to perform?
Relevant ISO 9001:2015 References: 5.3, 8.6 NEI 22-04 reference: 7.1.2 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION II: QUALITY ASSURANCE PROGRAM 2.A Has the supplier established a documented QA program with policies, procedures, and/or instructions to provide controls consistent with the regulatory requirements of 10 CFR 50 Appendix B? Is the program documented sufficiently for a nuclear application?
Relevant ISO 9001:2015 References: 4.4.1, 4.4.2, 8.5.1 NEI 22-04 reference: 7.1.3 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 5 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT CRITERION II: QUALITY ASSURANCE PROGRAM 2.B Does the program indicate that the required items or services are covered by the program? Does the program identify the major organizations participating in the program and designate required functions for the organizations?
Relevant ISO 9001:2015 References: 4.1, 4.2, 4.3 NEI 22-04 reference: 7.2.1 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION II: QUALITY ASSURANCE PROGRAM 2.C Does the program define controls for activities affecting quality of the required items or services to an extent consistent with their importance to safety?
Relevant ISO 9001:2015 References: 4.4.1 NEI 22-04 reference: 7.2.2 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION II: QUALITY ASSURANCE PROGRAM
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 6 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT 2.D Does the program require activities affecting quality to be accomplished under suitably controlled conditions, including appropriate equipment and environment, and ensuring prerequisites for a given activity have been satisfied?
Relevant ISO 9001:2015 References: 7.1.3, 7.1.4, 8.5.1 NEI 22-04 reference: 7.3.1 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION II: QUALITY ASSURANCE PROGRAM 2.E Does the program consider the need for special controls, equipment, and skills to attain the required quality? Does the program require activities affecting quality to be verified by inspection and test? Are the typical inspections and tests performed sufficient for a nuclear application? Are the methods of qualifying personnel performing quality verification activities (e.g., inspection, test, NDE, Auditors, and Lead Auditors) suitable for a nuclear application?
Relevant ISO 9001:2015 References: 7.2, 8.5.1 NEI 22-04 reference: 7.2.3 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION II: QUALITY ASSURANCE PROGRAM
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 7 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT 2.F Does the program require indoctrination and training to establish and maintain suitable proficiency for personnel performing activities affecting quality? Are the level and methods of training suitable for a nuclear application?
Relevant ISO 9001:2015 References: 7.2, 8.5.1 NEI 22-04 reference: 7.2.4 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION II: QUALITY ASSURANCE PROGRAM 2.G Does the program require Management to regularly review the status and adequacy of the QA program?
Relevant ISO 9001:2015 References: 9.3.1, 9.3.2, 9.3.3 NEI 22-04 reference: 7.3.2 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION III: DESIGN CONTROL 3.A Does the supplier have a process for correctly translating contractual and design basis requirements into specifications, drawings, etc.?
Are quality standards specified in design documentation? Does the supplier implement controls to ensure deviations from quality standards are controlled?
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 8 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT Relevant ISO 9001:2015 References: 8.3.3, 8.3.5 NEI 22-04 reference: 7.2.5 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION III: DESIGN CONTROL 3.B Has the supplier established measures for selection and review for suitability of application of materials, parts, equipment, and processes essential to the safety-related functions of the required items or services?
Relevant ISO 9001:2015 References: 8.3.3, 8.3.5 NEI 22-04 reference: 7.2.6 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION III: DESIGN CONTROL 3.C Has the supplier established measures for identification and control of design interfaces, including the establishment of procedures among design organizations for the review, approval, release, distribution, and revision of documents involving design interfaces?
Relevant ISO 9001:2015 References: 8.3.2
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 9 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT NEI 22-04 reference: 7.1.4 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION III: DESIGN CONTROL 3.D Does the supplier perform independent verification of the design by design review, alternate calculation, or testing a prototype under the most adverse conditions? Are the suppliers acceptance criteria for inspections and tests appropriate for ensuring the required item or service is suitable for the intended application?
Relevant ISO 9001:2015 References: 8.3.4, 8.3.5 NEI 22-04 reference: 7.1.5 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION III: DESIGN CONTROL 3.E Has the supplier established measures for control of design changes, including field changes, commensurate with those applied to the original design and approved by the organization that performed the original design?
Relevant ISO 9001:2015 References: 8.3.6
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 10 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT NEI 22-04 reference: 7.1.6 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION IV: PROCUREMENT DOCUMENT CONTROL 4.A Has the supplier established measures to ensure that applicable requirements, which are necessary to ensure quality, are included or referenced in procurement documents, whether purchased by its contractors or subcontractors?
Relevant ISO 9001:2015 References: 8.4.3 NEI 22-04 reference: 7.2.7 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION IV: PROCUREMENT DOCUMENT CONTROL 4.B Does the supplier subcontract any activities that impact the quality of items or services supplied under their program? Does the supplier adequately control subcontracted activities and ensure applicable requirements are satisfied? Are the suppliers controls sufficient for the intended nuclear application? Does the supplier have controls for procurement of items or services from the clients approved suppliers?
Relevant ISO 9001:2015 References: 8.4.2
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 11 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT NEI 22-04 reference: 7.1.7 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION V: INSTRUCTIONS, PROCEDURES, AND DRAWINGS 5.A Are activities affecting quality prescribed sufficiently and accomplished by documented instructions, procedures, or drawings?
Relevant ISO 9001:2015 References: 4.4.2, 7.5.1, 7.5.3.1, 8.5.1 NEI 22-04 reference: 7.2.8 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION V: INSTRUCTIONS, PROCEDURES, AND DRAWINGS 5.B Do the suppliers instructions, procedures, or drawings include quantitative or qualitative acceptance criteria for important activities?
Are the suppliers acceptance criteria suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 8.3.5, 8.5.1 NEI 22-04 reference: 7.2.9
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 12 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION VI: DOCUMENT CONTROL 6
Has the supplier established measures for control of documents affecting quality to ensure they are suitable and available for use?
Relevant ISO 9001:2015 References: 7.5.2, 7.5.3.1, 7.5.3.2 NEI 22-04 reference: 7.2.10 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION VII: CONTROL OF PURCHASED MATERIAL, EQUIPMENT, AND SERVICES 7.A Has the supplier established measures that ensure purchased material, equipment, and services conform to the procurement documents? Are the suppliers measures suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 8.4.1 NEI 22-04 reference: 7.3.3 SUPPLIER PROCEDURE(S):
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 13 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION VII: CONTROL OF PURCHASED MATERIAL, EQUIPMENT, AND SERVICES 7.B Does the suppliers program include provisions for source evaluation and selection, objective evidence of quality, inspection at the source, and examination of products upon delivery? Is the suppliers process suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 8.4.1, 8.4.2 NEI 22-04 reference: 7.2.11 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION VII: CONTROL OF PURCHASED MATERIAL, EQUIPMENT, AND SERVICES 7.C Does the supplier require sufficient documentary evidence of product conformity to applicable requirements be available and retained? Is the documentary evidence maintained by the supplier suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 8.4.1 NEI 22-04 reference: 7.2.12 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 14 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION VII: CONTROL of PURCHASED MATERIAL, EQUIPMENT, and SERVICES 7.D Does the supplier assess the effectiveness of their suppliers quality controls at intervals consistent with the importance, complexity, and quantity of the product or service? Is the suppliers process suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 8.4.1, 8.4.2 NEI 22-04 reference: 7.2.13 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION VIII: IDENTIFICATION AND CONTROL OF MATERIALS, PARTS, AND COMPONENTS 8
Has the supplier established measures for identification and control of items throughout fabrication to prevent the use of incorrect or defective items? Are the suppliers measures suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 8.5.2 NEI 22-04 reference: 7.2.14 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 15 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION IX: IDENTIFICATION AND CONTROL OF SPECIAL PROCESSES 9
Has the supplier established measures to ensure special processes are controlled by qualified personnel using qualified procedures in accordance with applicable requirements? Are the suppliers methods of validation / revalidation and the applicable codes, standards, or specifications used by the supplier suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 8.5.1 NEI 22-04 reference: 7.1.8 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION X: INSPECTION 10.A Has the supplier established and executed a program for inspection of activities affecting quality to verify conformance with the documented instructions, procedures, and drawings? Are the inspections required to be performed by individuals other than those that performed the activity being inspected?
Relevant ISO 9001:2015 References: 7.1.5.1, 8.5.1 NEI 22-04 reference: 7.1.9 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 16 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION X: INSPECTION 10.B Does the supplier perform examinations, measurements, or tests for each work operation where necessary to assure quality? Are the suppliers methods for performing these activities suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 7.1.5.1, 8.5.1 NEI 22-04 reference: 7.2.15 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION X: INSPECTION 10.C Does the supplier provide indirect control by monitoring, if inspection is impossible or disadvantageous, and implement both inspection and monitoring when control is inadequate without both? Are the suppliers methods for performing these activities suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 7.1.5.1. 8.5.1 NEI 22-04 reference: 7.3.4 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 17 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION X: INSPECTION 10.D Has the supplier established measures to identify required hold or witness points in appropriate documents?
Relevant ISO 9001:2015 References: 8.6 NEI 22-04 reference: 7.2.16 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION XI: TEST CONTROL 11.A Has the supplier, Purchaser, or other third party established a test program, including proof tests or tests performed during facility operations, to demonstrate the required items will perform satisfactorily in service?
Relevant ISO 9001:2015 References: 8.3.4, 8.3.5, 8.5.1 NEI 22-04 reference: 7.3.5 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 18 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT GAPS IDENTIFIED:
CRITERION XI: TEST CONTROL 11.B Does the supplier ensure test procedures include provisions for assuring all prerequisites are met, adequate instrumentation is available and used, and that tests are performed under suitable environmental conditions? Do the test procedures include content and a level of detail suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 8.5.1 NEI 22-04 reference: 7.2.17 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION XI: TEST CONTROL 11.C Does the supplier ensure test results are documented and evaluated to ensure that test requirements have been satisfied? Is the level of documentation for test results suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 8.6 NEI 22-04 reference: 7.3.6 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 19 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT GAPS IDENTIFIED:
CRITERION XII: CONTROL OF MEASURING AND TEST EQUIPMENT 12 Has the supplier established measures that ensure measuring and test equipment is properly controlled, calibrated, and adjusted to maintain accuracy within necessary limits? Are these controls suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 7.1.5.1, 7.1.5.2 NEI 22-04 reference: 7.3.7 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION XIII: HANDLING, STORAGE, AND SHIPPING 13.A Has the supplier established measures to control the handling, storage, shipping, cleaning, and preservation of items in accordance with work and inspection instructions to prevent damage or deterioration? Are these measures suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 8.5.4 NEI 22-04 reference: 7.3.8 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 20 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT GAPS IDENTIFIED:
CRITERION XIII: HANDLING, STORAGE, AND SHIPPING 13.B Does the supplier specify and provide special protective environments, such as inert gas atmosphere, specific moisture content levels, and temperature levels, when necessary for particular products? Are these provisions suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 7.1.4, 8.5.4 NEI 22-04 reference: 7.3.9 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION XIV: INSPECTION, TEST, AND OPERATING STATUS 14 Has the supplier established measures to indicate the status of inspections and tests by the use of markings, such as stamps, tags, labels, routing cards, or other suitable means? Are these status indicators suitable for the intended nuclear application?
Relevant ISO 9001:2015 References: 8.5.2 NEI 22-04 reference: 7.2.18 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 21 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT GAPS IDENTIFIED:
CRITERION XV: NONCONFORMING MATERIALS, PARTS, AND COMPONENTS 15 Has the supplier established documented controls for nonconforming items, including identification, documentation, segregation, disposition, and client notification, as appropriate, to prevent their inadvertent use or installation? Are the suppliers controls, including the level of documentation, suitable for a nuclear application?
Relevant ISO 9001:2015 References: 8.7.1, 8.7.2 NEI 22-04 reference: 7.3.10 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION XVI: CORRECTIVE ACTION 16 Has the supplier established measures that ensure conditions adverse to quality are promptly identified and corrected and, in the case of significant conditions adverse to quality, ensure that the cause of the condition is determined, corrective action to prevent repetition is taken, and appropriate levels of management are notified? Are the suppliers measures, including the level of documentation, suitable for a nuclear application?
Relevant ISO 9001:2015 References: 10.2.1, 10.2.2 NEI 22-04 reference: 7.2.19 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 22 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT GAPS IDENTIFIED:
CRITERION XVII: QUALITY ASSURANCE RECORDS 17.A Does the supplier maintain sufficient records to furnish evidence of activities affecting quality?
Relevant ISO 9001:2015 References: 4.4.1, 4.4.2, 8.6 NEI 22-04 reference: 7.3.11 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION XVII: QUALITY ASSURANCE RECORDS 17.B Does the supplier maintain records that include operating logs and the results of reviews, inspections, tests, audits, monitoring of work performance, materials analyses and closely-related data such as qualifications of personnel, procedures, and equipment?
Relevant ISO 9001:2015 References: 4.4.2, 7.1.5.1, 7.1.5.2 a), 7.2 d), 8.1 e), 8.2.3.1, 8.2.3.2 a), 8.3.2 j), 8.4.1, 8.5.2, 8.6, 8.7.1, 8.7.2, 9.1.1, 9.2.2 f), 9.3.3, 10.2.2 NEI 22-04 reference: 7.2.20 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 23 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT GAPS IDENTIFIED:
CRITERION XVII: QUALITY ASSURANCE RECORDS 17.C Does the supplier require inspection and test records to, as a minimum, identify the inspector or data recorder, the type of observation, the results, the acceptability, and the action taken in connection with any deficiencies noted?
Relevant ISO 9001:2015 References: 8.5.1, 8.6, 10.2.2 NEI 22-04 reference: 7.2.21 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
CRITERION XVII: QUALITY ASSURANCE RECORDS 17.D Does the supplier ensure records are identifiable and retrievable and establish requirements for record retention, duration, location, and assigned responsibilities consistent with applicable regulatory requirements?
Relevant ISO 9001:2015 References: 7.5.3.1, 7.5.3.2 NEI 22-04 reference: 7.2.22 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
10 CFR 50 APPENDIX B - GAP ASSESSMENT CHECKLIST Revision 0 Supplier Name:
Page 24 of 24 Assessment No.:
© NEI 2025. All rights reserved.
DETAILED GAP ASSESSMENT CRITERION XVIII: AUDITS 18 Has the supplier established a comprehensive system of planned and periodic audits to verify all aspects of the QA program and determine its effectiveness? Are the audits required to be performed in accordance with written procedures or checklists by appropriately trained personnel not having responsibility for the audited area? Does the suppliers process require follow-up action, as appropriate? Are the audit results required to be documented and reviewed by management responsible for the audited area?
Relevant ISO 9001:2015 References: 9.2.1, 9.2.2 NEI 22-04 reference: 7.2.23 SUPPLIER PROCEDURE(S):
INVESTIGATION
SUMMARY
OBJECTIVE EVIDENCE REVIEWED / WITNESSED GAPS IDENTIFIED:
May 2025
© NEI 2025. All rights reserved.
nei.org C-1 APPENDIX C. DETAILED COMPARISON OF 10 CFR 50 APPENDIX B TO ISO 9001:2015 The table below provides a detailed gap analysis for ISO 9001:2015 compliance with 10 CFR 50 Appendix B. To perform the analysis, each criterion from 10 CFR 50 Appendix B was decomposed into discrete fundamental requirements and corresponding requirements from ISO 9001:2015 were identified. Potential gaps for compliance with the regulation are noted. High-level recommendations for closing the gaps are provided.
Table C.1: 10 CFR 50, Appendix B, Criterion I - Organization 10 CFR 50, Appendix B, Criterion I The applicant shall be responsible for the establishment and execution of the quality assurance program. The applicant may delegate to others, such as contractors, agents, or consultants, the work of establishing and executing the quality assurance program, or any part thereof, but shall retain responsibility for the quality assurance program.
While the term "applicant" is used in these criteria, the requirements are, of course, applicable after such a person has received a license to construct and operate a nuclear power plant or a fuel reprocessing plant or has received an early site permit, design approval, design certification, or manufacturing license, as applicable. These criteria will also be used for guidance in evaluating the adequacy of quality assurance programs in use by holders of construction permits, operating licenses, early site permits, design approvals, combined licenses, and manufacturing licenses.
ISO 9001:2015 (excerpts) 4.4 Quality management system and its processes 4.4.1 The organization shall establish, implement, maintain and continually improve a quality management system, including the processes needed and their interactions, in accordance with the requirements of this International Standard.
8.4 Control of externally provided processes, products and services 8.4.1 General The organization shall ensure that externally provided processes, products and services conform to requirements.
The organization shall determine and apply criteria for the evaluation, selection, monitoring of performance, and re-evaluation of external providers, based on their ability to provide processes or products and services in accordance with requirements.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish and execute a quality assurance program and retain responsibility for any delegated work.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to develop a quality management system (QMS) and to ensure externally provided activities conform to requirements.
Potential Gap(s):
ISO 9001:2015 implies that the Supplier retains responsibility for delegated work. However, this requirement is not explicitly stated.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
The Purchaser requires the Supplier to retain responsibility for any activities delegated or subcontracted by the Supplier.
May 2025
© NEI 2025. All rights reserved.
nei.org C-2 Table C.2: 10 CFR 50, Appendix B, Criterion I - Organization 10 CFR 50, Appendix B, Criterion I (cont.)
The authority and duties of persons and organizations performing activities affecting the safety-related functions of structures, systems, and components shall be clearly established and delineated in writing.
These activities include both the performing functions of attaining quality objectives and the quality assurance functions.
The quality assurance functions are those of (1) assuring that an appropriate quality assurance program is established and effectively executed; and (2) verifying, such as by checking, auditing, and inspecting, that activities affecting the safety-related functions have been correctly performed.
ISO 9001:2015 5.3 Organizational roles, responsibilities and authorities Top management shall ensure that the responsibilities and authorities for relevant roles are assigned, communicated and understood within the organization.
6.2 Quality Objectives and planning to achieve them 6.2.1 The organization shall establish quality objectives at relevant functions, levels and processes needed for the quality management system.
8.6 Release of products and services The organization shall implement planned arrangements, at appropriate stages, to verify that the product and service requirements have been met.
9.2 Internal Audit 9.2.1 The organization shall conduct internal audits at planned intervals to provide information on whether the quality management system:
a) conforms to:
- 1) the organization's own requirements for its quality management system;
- 2) the requirements of this International Standard; b) is effectively implemented and maintained.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish authorities and duties for persons or organizations performing activities affecting SSC safety functions, including activities for attaining quality objectives and QA functions.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to assign responsibilities and authorities for ensuring product/service conformity and effective QMS implementation.
Potential Gap(s):
ISO 9001:2015 does not explicitly require people to perform QA functions, such as inspections and tests.
Additional Purchaser Requirements in Procurement Specifications (if not addressed within the Suppliers program):
Purchaser gap assessment confirms appropriate QA roles and responsibilities are defined and properly implemented and the safety function and associated technical and quality requirements are specified in the contract. Purchaser specifies required QA functions to close the identified gaps.
May 2025
© NEI 2025. All rights reserved.
nei.org C-3 Table C.3: 10 CFR 50, Appendix B, Criterion I - Organization 10 CFR 50, Appendix B, Criterion I (cont.)
The persons and organizations performing quality assurance functions shall have sufficient authority and organizational freedom to identify quality problems; to initiate, recommend, or provide solutions; and to verify implementation of solutions.
The persons and organizations performing quality assurance functions shall report to a management level so that the required authority and organizational freedom, including sufficient independence from cost and schedule when opposed to safety considerations, are provided.
Because of the many variables involved, such as the number of personnel, the type of activity being performed, and the location or locations where activities are performed, the organizational structure for executing the quality assurance program may take various forms, provided that the persons and organizations assigned the quality assurance functions have the required authority and organizational freedom.
Irrespective of the organizational structure, the individual(s) assigned the responsibility for assuring effective execution of any portion of the quality assurance program at any location where activities subject to this appendix are being performed, shall have direct access to the levels of management necessary to perform this function.
ISO 9001:2015 5.3 Organizational roles, responsibilities and authorities Top management shall ensure that the responsibilities and authorities for relevant roles are assigned, communicated and understood within the organization. Top management shall assign responsibility and authority for:
a) ensuring that the quality management system conforms to the requirements of this International Standard; b) ensuring that the processes are delivering their intended outputs; c) reporting on the performance of the quality management system and on opportunities for improvement, in particular to top management; 8.6 Release of products and services The organization shall implement planned arrangements, at appropriate stages, to verify that the product and service requirements have been met.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish sufficient authority, organizational freedom, independence from cost and schedule, and direct access to management for personnel and organizations performing QA functions and to define a specific list of functions they shall be authorized to perform.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to assign responsibilities and authorities for ensuring product/service conformity and effective QMS implementation.
Potential Gap(s):
ISO 9001:2015 does not explicitly require persons to perform QA functions, does not define specific QA functions to be performed, such as inspections and tests, and does not require organizational freedom, independence for cost and schedule, or direct access to management.
Additional Purchaser Requirements in Procurement Specifications (if not addressed within the Suppliers program):
Purchaser specifies the required QA functions and associated requirements for independence and requires a project-specific organizational chart, if necessary, to confirm organization structure facilitates organizational freedom and ensures direct access to appropriate levels of management.
May 2025
© NEI 2025. All rights reserved.
nei.org C-4 Table C.4: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program 10 CFR 50, Appendix B, Criterion II The applicant shall establish at the earliest practicable time, consistent with the schedule for accomplishing the activities, a quality assurance program which complies with the requirements of this appendix.
This program shall be documented by written policies, procedures, or instructions and shall be carried out throughout plant life in accordance with those policies, procedures, or instructions.
ISO 9001:2015 4.4 Quality management system and its processes 4.4.1 The organization shall establish, implement, maintain and continually improve a quality management system, including the processes needed and their interactions, in accordance with the requirements of this International Standard.
4.4.2 To the extent necessary, the organization shall:
a) maintain documented information to support the operation of its processes; b) retain documented information to have confidence that the processes are being carried out as planned.
8.5 Production and service provision 8.5.1 Control of production and service provision The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
a) the availability of documented information that defines:
- 1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed;
- 2) the results to be achieved.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish a QA program in time to accomplish activities in accordance with applicable requirements, which is documented by written policies, procedures, or instructions and complies with the regulation.
ISO 9001:2015 Comparison ISO 9001:2015 requires a quality management system to be established that includes documented information as needed to ensure the requirements of the ISO standard are satisfied, required processes are implemented properly, and the desired results are achieved.
Potential Gap(s):
ISO 9001:2015 does not identify specific policies, procedures, or instructions that are required to be documented in accordance with nuclear regulatory requirements.
Additional Purchaser Requirements in Procurement Specifications (if not addressed within the Suppliers program):
Purchaser requires submittal of project-specific procedures, policies and instructions confirming accordance with nuclear regulatory requirements. However, that may not be practical for programs with only a few documented instructions. ISO 9001:2015 Suppliers that do not have well documented programs are unlikely to be good candidates for acceptance based on their program.
May 2025
© NEI 2025. All rights reserved.
nei.org C-5 Table C.5: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program 10 CFR 50, Appendix B, Criterion II (cont.)
The applicant shall identify the structures, systems, and components to be covered by the quality assurance program and the major organizations participating in the program, together with the designated functions of these organizations.
ISO 9001:2015 4.1 Understanding the organization and its context The organization shall determine external and internal issues that are relevant to its purpose and its strategic direction and that affect its ability to achieve the intended result(s) of its quality management system.
4.2 Understanding the needs and expectations of interested parties Due to their effect or potential effect on the organization's ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements, the organization shall determine:
a) the interested parties that are relevant to the quality management system; b) the requirements of these interested parties that are relevant to the quality management system.
4.3 Determining the scope of the quality management system The organization shall determine the boundaries and applicability of the quality management system to establish its scope.
When determining this scope, the organization shall consider:
a) the external and internal issues referred to in 4.l; b) the requirements of relevant interested parties referred to in 4.2; c) the products and services of the organization.
Fundamental Requirement from 10 CFR 50, Appendix B:
To identify the SSCs covered by the program, major organizations participating in the program and designated functions of these organizations.
ISO 9001:2015 Comparison ISO 9001:2015 requires the scope of the QMS, which drives the development of the QMS and associated activities to be performed, to be established based on the products and services supplied and requirements from interested parties, including customer and regulatory requirements.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser retains responsibility for ensuring suitability of the design and adds nuclear industry specific requirements in the contract, at the Purchasers discretion.
May 2025
© NEI 2025. All rights reserved.
nei.org C-6 Table C.6: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program 10 CFR 50, Appendix B, Criterion II (cont.)
The quality assurance program shall provide control over activities affecting the quality of the identified structures, systems, and components, to an extent consistent with their importance to safety.
ISO 9001:2015 4.4 Quality management system and its processes 4.4.1 The organization shall establish, implement, maintain and continually improve a quality management system, including the processes needed and their interactions, in accordance with the requirements of this International Standard.
The organization shall determine the processes needed for the quality management system and their application throughout the organization, and shall:
a) determine the inputs required and the outputs expected from these processes; b) determine the sequence and interaction of these processes; c) determine and apply the criteria and methods (including monitoring, measurements and related performance indicators) needed to ensure the effective operation and control of these processes; d) determine the resources needed for these processes and ensure their availability; e) assign the responsibilities and authorities for these processes; f) address the risks and opportunities as determined in accordance with the requirements of Section 6.1; g) evaluate these processes and implement any changes needed to ensure that these processes achieve their intended results; h) improve the processes and the quality management system.
Fundamental Requirement from 10 CFR 50, Appendix B:
To control activities affecting quality of the SSCs to an extent consistent with their importance to safety.
ISO 9001:2015 Comparison ISO 9001:2015 requires control of activities needed to ensure the QMS and associated processes achieve the intended results.
Potential Gap(s):
ISO 9001:2015 is not explicitly focused on nuclear safety related activities.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser retains responsibility for ensuring suitability of the design and adds nuclear industry specific requirements in the contract, at the Purchasers discretion.
May 2025
© NEI 2025. All rights reserved.
nei.org C-7 Table C.7: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program 10 CFR 50, Appendix B, Criterion II (cont.)
Activities affecting quality shall be accomplished under suitably controlled conditions. Controlled conditions include the use of appropriate equipment; suitable environmental conditions for accomplishing the activity, such as adequate cleanness; and assurance that all prerequisites for the given activity have been satisfied.
ISO 9001:2015 7.1.3 Infrastructure The organization shall determine, provide and maintain the infrastructure necessary for the operation of its processes and to achieve conformity of products and services.
7.1.4 Environment for the operation of processes The organization shall determine, provide and maintain the environment necessary for the operation of its processes and to achieve conformity of products and services.
8.5.1 Control of production and service provision The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
a) the availability of documented information that defines:
- 1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed;
- 2) the results to be achieved; b) the availability and use of suitable monitoring and measuring resources; c) the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met; d) the use of suitable infrastructure and environment for the operation of processes; Fundamental Requirement from 10 CFR 50, Appendix B:
To accomplish activities affecting quality under suitably controlled conditions, including appropriate equipment and environment, and ensuring prerequisites for a given activity have been satisfied.
ISO 9001:2015 Comparison ISO 9001:2015 requires controls to achieve conformity of the products and services provided by the organization.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Recommendation(s) (if not addressed within the Suppliers program):
No additional purchaser procedural controls or procurement specifications are required.
May 2025
© NEI 2025. All rights reserved.
nei.org C-8 Table C.8: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program 10 CFR 50, Appendix B, Criterion II (cont.)
The program shall take into account the need for special controls, processes, test equipment, tools, and skills to attain the required quality, and the need for verification of quality by inspection and test.
ISO 9001:2015 7.2 Competence The organization shall:
a) determine the necessary competence of person(s) doing work under its control that affects the performance and effectiveness of the quality management system; 8.5.1 Control of production and service provision The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
a) the availability of documented information that defines:
- 1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed;
- 2) the results to be achieved; b) the availability and use of suitable monitoring and measuring resources; c) the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met; d) the use of suitable infrastructure and environment for the operation of processes; e) the appointment of competent persons, including any required qualification Fundamental Requirement from 10 CFR 50, Appendix B:
To consider the need for special controls, equipment, and skills to attain the required quality and for verification of quality by inspection and test.
ISO 9001:2015 Comparison ISO 9001:2015 requires controls, infrastructure, (e.g., tools and equipment), competence (including required qualification), and implementation of monitoring and measurement activities (e.g., inspection and test) to ensure products and services conform to the acceptance criteria.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation. However, ISO 9001:2015 Suppliers may not qualify their processes or personnel in a manner consistent with nuclear regulatory requirements.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser t assesses whether the processes and personnel are properly qualified to perform their function and whether the planned inspections and tests meet regulatory requirements or specifies qualification and inspection / test requirements needed to close the identified gaps.
May 2025
© NEI 2025. All rights reserved.
nei.org C-9 Table C.9: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program 10 CFR 50, Appendix B, Criterion II (cont.)
The program shall provide for indoctrination and training of personnel performing activities affecting quality as necessary to assure that suitable proficiency is achieved and maintained.
ISO 9001:2015 7.2 Competence The organization shall:
a) determine the necessary competence of person(s) doing work under its control that affects the performance and effectiveness of the quality management system; b) ensure that these persons are competent on the basis of appropriate education, training, or experience; c) where applicable, take actions to acquire the necessary competence, and evaluate the effectiveness of the actions taken; d) retain appropriate documented information as evidence of competence.
8.5.1 Control of production and service provision The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
e) the appointment of competent persons, including any required qualification.
Fundamental Requirement from 10 CFR 50, Appendix B:
To provide indoctrination and training as needed to establish and maintain suitable proficiency for personnel performing activities affecting quality.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to determine the competence, including any required qualification, needed for personnel performing work that affects the performance and effectiveness of the QMS and ensure the required level of competency is established and maintained.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Additional Purchaser Procedure Controls (if not addressed within the Suppliers program):
Purchaser assesses supplier personnel training and qualifications meet regulatory requirements and specify additional training and qualification requirements ifneeded to close the identified gaps.
May 2025
© NEI 2025. All rights reserved.
nei.org C-10 Table C.10: 10 CFR 50, Appendix B, Criterion II - Quality Assurance Program 10 CFR 50, Appendix B, Criterion II (cont.)
The applicant shall regularly review the status and adequacy of the quality assurance program.
Management of other organizations participating in the quality assurance program shall regularly review the status and adequacy of that part of the quality assurance program which they are executing.
ISO 9001:2015 9.3 Management review 9.3.1 General Top management shall review the organization's quality management system, at planned intervals, to ensure its continuing suitability, adequacy, effectiveness and alignment with the strategic direction of the organization.
9.3.2 Management review inputs The management review shall be planned and carried out taking into consideration:
a) the status of actions from previous management reviews; b) changes in external and internal issues that are relevant to the quality management system; c) information on the performance and effectiveness of the quality management system, 9.3.3 Management review outputs The outputs of the management review shall include decisions and actions related to:
a) opportunities for improvement; b) any need for changes to the quality management system; c) resource needs.
The organization shall retain documented information as evidence of the results of management reviews.
Fundamental Requirement from 10 CFR 50, Appendix B:
For management to regularly review the status and adequacy of the QA program.
ISO 9001:2015 Comparison ISO 9001:2015 requires a Management Review, with specifically required inputs and outputs, to ensure the continued suitability and adequacy of the QMS.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Recommendation(s) (if not addressed within the Suppliers program):
No additional purchaser procedural controls or procurement specifications are required.
May 2025
© NEI 2025. All rights reserved.
nei.org C-11 Table C.11: 10 CFR 50, Appendix B, Criterion III - Design Control 10 CFR 50, Appendix B, Criterion III Measures shall be established to assure that applicable regulatory requirements and the design basis, as defined in § 50.2 and as specified in the license application, for those structures, systems, and components to which this appendix applies are correctly translated into specifications, drawings, procedures, and instructions.
These measures shall include provisions to assure that appropriate quality standards are specified and included in design documents and that deviations from such standards are controlled.
ISO 9001:2015 8.3.3 Design and development inputs The organization shall determine the requirements essential for the specific types of products and services to be designed and developed. The organization shall consider:
a) functional and performance requirements; b) information derived from previous similar design and development activities; c) statutory and regulatory requirements; d) standards or codes of practice that the organization has committed to implement; e) potential consequences of failure due to the nature of the products and services.
Inputs shall be adequate for design and development purposes, complete and unambiguous. Conflicting design and development inputs shall be resolved.
8.3.5 Design and development outputs The organization shall ensure that design and development outputs:
a) meet the input requirements; b) are adequate for the subsequent processes for the provision of products and services; c) include or reference monitoring and measuring requirements, as appropriate, and acceptance criteria; d) specify the characteristics of the products and services that are essential for their intended purpose and their safe and proper provision.
The organization shall retain documented information on design and development outputs.
Fundamental Requirement from 10 CFR 50, Appendix B:
To correctly translate regulatory and design basis requirements into specifications, drawings, etc., to specify quality standards in design documentation and ensure deviations from quality standards are controlled.
ISO 9001:2015 Comparison ISO 9001:2015 requires design outputs to satisfy the applicable design inputs, including regulatory requirements and standards; to be documented adequately for subsequent processing of products and services; to include monitoring and measurement (e.g., inspection and test) requirements, including the acceptance criteria; and to specify characteristics essential for their intended purpose and their safe and proper provision.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser retains responsibility for ensuring suitability of the design, including the specified standards, and impose nuclear industry specific requirements in the contract, as applicable.
May 2025
© NEI 2025. All rights reserved.
nei.org C-12 Table C.12: 10 CFR 50, Appendix B, Criterion III - Design Control 10 CFR 50, Appendix B, Criterion III (cont.)
Measures shall also be established for the selection and review for suitability of application of materials, parts, equipment, and processes that are essential to the safety-related functions of the structures, systems and components.
ISO 9001:2015 8.3.3 Design and development inputs The organization shall determine the requirements essential for the specific types of products and services to be designed and developed. The organization shall consider:
a) functional and performance requirements; b) information derived from previous similar design and development activities; c) statutory and regulatory requirements; d) standards or codes of practice that the organization has committed to implement; e) potential consequences of failure due to the nature of the products and services.
Inputs shall be adequate for design and development purposes, complete and unambiguous. Conflicting design and development inputs shall be resolved.
8.3.5 Design and development outputs The organization shall ensure that design and development outputs:
a) meet the input requirements; b) are adequate for the subsequent processes for the provision of products and services; c) include or reference monitoring and measuring requirements, as appropriate, and acceptance criteria; d) specify the characteristics of the products and services that are essential for their intended purpose and their safe and proper provision.
The organization shall retain documented information on design and development outputs.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish measures for selection and review for suitability of application of materials, parts, equipment, and processes essential to the safety-related functions of SSCs.
ISO 9001:2015 Comparison ISO 9001:2015 requires design outputs to satisfy the applicable design inputs, including functional and performance requirements to be documented adequately for subsequent processing of products and services and to specify characteristics essential for their intended purpose and their safe and proper provision.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser retains responsibility for ensuring suitability of the design and imposes nuclear industry specific requirements in the contract, as applicable.
May 2025
© NEI 2025. All rights reserved.
nei.org C-13 Table C.13: 10 CFR 50, Appendix B, Criterion III - Design Control 10 CFR 50, Appendix B, Criterion III (cont.)
Measures shall be established for the identification and control of design interfaces and for coordination among participating design organizations.
These measures shall include the establishment of procedures among participating design organizations for the review, approval, release, distribution, and revision of documents involving design interfaces.
ISO 9001:2015 8.3.2 Design and development planning In determining the stages and controls for design and development, the organization shall consider:
a) the nature, duration and complexity of the design and development activities; b) the required process stages, including applicable design and development reviews; c) the required design and development verification and validation activities; d) the responsibilities and authorities involved in the design and development process; e) the internal and external resource needs for the design and development of products and services; f) the need to control interfaces between persons involved in the design and development process; g) the need for involvement of customers and users in the design and development process; h) the requirements for subsequent provision of products and services; i) the level of control expected for the design and development process by customers and other relevant interested parties; j) the documented information needed to demonstrate that design and development requirements have been met.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish measures for identification and control of design interfaces for coordination among participating design organizations, including the establishment of procedures among design organizations for the review, approval, release, distribution, and revision of documents involving design interfaces.
ISO 9001:2015 Comparison ISO 9001:2015 requires design and development planning activities to consider the responsibilities and authorities involved in the design process, the internal and external resource needs, and the need to control interfaces between persons involved in the design process.
Potential Gap(s):
ISO 9001:2015 requires the organization to consider the need for interface controls but does not explicitly require procedures among the participating design organizations to define how those interfaces will be controlled.
Additional Purchaser Requirements in Procurement Specifications (if not addressed within the Suppliers program):
Purchaser requires the supplier to identify the participating design organizations and define how the interfaces and coordination among the design organizations will be controlled.
May 2025
© NEI 2025. All rights reserved.
nei.org C-14 Table C.14: 10 CFR 50, Appendix B, Criterion III - Design Control 10 CFR 50, Appendix B, Criterion III (cont.)
The design control measures shall provide for verifying or checking the adequacy of design, such as by the performance of design reviews, by the use of alternate or simplified calculational methods, or by the performance of a suitable testing program.
The verifying or checking process shall be performed by individuals or groups other than those who performed the original design, but who may be from the same organization.
Where a test program is used to verify the adequacy of a specific design feature in lieu of other verifying or checking processes, it shall include suitable qualifications testing of a prototype unit under the most adverse design conditions.
Design control measures shall be applied to items such as the following:
reactor physics, stress, thermal, hydraulic, and accident analyses; compatibility of materials; accessibility for in-service inspection, maintenance, and repair; and delineation of acceptance criteria for inspections and tests.
ISO 9001:2015 8.3.4 Design and development controls The organization shall apply controls to the design and development process to ensure that:
a) the results to be achieved are defined; b) reviews are conducted to evaluate the ability of the results of design and development to meet requirements; c) verification activities are conducted to ensure that the design and development outputs meet the input requirements; d) validation activities are conducted to ensure that the resulting products and services meet the requirements for the specified application or intended use; e) any necessary actions are taken on problems determined during the reviews, or verification and validation activities; f) documented information of these activities is retained.
8.3.5 Design and development outputs The organization shall ensure that design and development outputs:
c) include or reference monitoring and measuring requirements, as appropriate, and acceptance criteria; d) specify the characteristics of the products and services that are essential for their intended purpose and their safe and proper provision.
Fundamental Requirement from 10 CFR 50, Appendix B:
To perform independent verification of the design by review, alternate calculation, or testing a prototype under the most adverse conditions, and to apply design control measures to activities such as reactor physics, accident analyses, material compatibility, in-service inspection, and acceptance criteria for inspections and tests.
ISO 9001:2015 Comparison ISO 9001:2015 requires design verification and validation activities (i.e., the result of an inspection or test or other form of determination, such as alternate calculations or reviews) to ensure the design outputs meet the input requirements and to ensure the products and services meet the requirements for the specified application or intended use. ISO 9001:2015 also requires design outputs to define requirements for monitoring and measuring and the acceptance criteria.
Potential Gap(s):
ISO 9001:2015 does not require verification and validation activities to be performed by persons other than those that performed the design and does not explicitly require testing to consider the most adverse conditions. ISO 9001:2015 Suppliers do not address nuclear safety applications in their QMS scope and do not have the knowledge needed to ensure the design is suitable for a nuclear application.
Additional Purchaser Requirements in Procurement Specifications (if not addressed within the Suppliers program):
Purchaser requires verification and validation activities to be performed by persons other than those that performed the design and requires testing to consider the most adverse conditions. Purchaser retains responsibility for ensuring suitability of the design and adds nuclear industry specific requirements in the contract, as applicable.
May 2025
© NEI 2025. All rights reserved.
nei.org C-15 Table C.15: 10 CFR 50, Appendix B, Criterion III - Design Control 10 CFR 50, Appendix B, Criterion III (cont.)
Design changes, including field changes, shall be subject to design control measures commensurate with those applied to the original design and be approved by the organization that performed the original design unless the applicant designates another responsible organization.
ISO 9001:2015 8.3.6 Design and development changes The organization shall identify, review and control changes made during, or subsequent to, the design and development of products and services, to the extent necessary to ensure that there is no adverse impact on conformity to requirements.
The organization shall retain documented information on:
a) design and development changes; b) the results of reviews; c) the authorization of the changes; d) the actions taken to prevent adverse impacts.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish measures for control of design changes, including field changes, commensurate with those applied to the original design and approved by the organization that performed the original design.
ISO 9001:2015 Comparison ISO 9001:2015 requires review and control of changes made during or after the design and development planning activities to the extent necessary to ensure there is no impact on conformity to requirements.
Potential Gap(s):
ISO 9001:2015 does not explicitly require design changes to be controlled in a manner commensurate with the original design or approval by the original design organization.
Additional Purchaser Requirements in Procurement Specifications (if not addressed within the Suppliers program):
Purchaser retains responsibility for ensuring suitability of the design and imposes nuclear industry specific requirements in the contract, as applicable. Purchaser should confirms that the supplier has a design change control process including field changes, commensurate with those applied to the original design and approved by the organization that performed the original design.
May 2025
© NEI 2025. All rights reserved.
nei.org C-16 Table C.16: 10 CFR 50, Appendix B, Criterion IV - Procurement Document Control 10 CFR 50, Appendix B, Criterion IV Measures shall be established to assure that applicable regulatory requirements, design bases, and other requirements which are necessary to assure adequate quality are suitably included or referenced in the documents for procurement of material, equipment, and services, whether purchased by the applicant or by its contractors or subcontractors.
ISO 9001:2015 8
Control of externally provided processes, products and services 8.4.3 Information for external providers The organization shall ensure the adequacy of requirements prior to their communication to the external provider.
The organization shall communicate to external providers its requirements for:
a) the processes, products and services to be provided; b) the approval of:
- 1) products and services;
- 2) methods, processes and equipment;
- 3) the release of products and services; c) competence, including any required qualification of persons; d) the external providers' interactions with the organization; e) control and monitoring of the external providers' performance to be applied by the organization; f) verification or validation activities that the organization or its customer, intends to perform at the external providers' premises.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish measures to assure that applicable requirements, which are necessary to assure quality, are included or referenced in procurement documents, whether purchased by the licensee, or its contractors or subcontractors.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to ensure the adequacy of requirements communicated to external providers.
Potential Gap(s):
ISO 9001:2015 Suppliers may not have the knowledge needed to ensure applicable nuclear regulatory and design bases requirements are communicated to their suppliers.
Additional Purchaser Procedural Controls) (if not addressed within the Suppliers program):
Purchaser defines the applicable requirements to be passed down to suppliers.
May 2025
© NEI 2025. All rights reserved.
nei.org C-17 Table C.17: 10 CFR 50, Appendix B, Criterion IV - Procurement Document Control 10 CFR 50, Appendix B, Criterion IV (cont.)
To the extent necessary, procurement documents shall require contractors or subcontractors to provide a quality assurance program consistent with the pertinent provisions of this appendix.
ISO 9001:2015 8
Control of externally provided processes, products and services 8.4.2 Type and extent of control The organization shall ensure that externally provided processes, products and services do not adversely affect the organization's ability to consistently deliver conforming products and services to its customers.
The organization shall:
a) ensure that externally provided processes remain within the control of its quality management system; b) define both the controls that it intends to apply to an external provider and those it intends to apply to the resulting output; c) take into consideration:
- 1) the potential impact of the externally provided processes, products and services on the organization's ability to consistently meet customer and applicable statutory and regulatory requirements;
- 2) the effectiveness of the controls applied by the external provider; d) determine the verification, or other activities, necessary to ensure that the externally provided processes, products and services meet requirements.
Fundamental Requirement from 10 CFR 50, Appendix B:
To the extent necessary, require contractors or subcontractors to implement a quality assurance program that complies with 10 CFR 50, Appendix B.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to ensure externally provided processes do not prevent the organizations ability to deliver conforming products and services, which includes ensuring that externally provided processes remain in control and applying controls or verification activities, as needed, based on the potential impact the external provider has on the product or service and the effectiveness of the controls applied by the external provider.
Potential Gap(s):
ISO 9001:2015 does not require procurement documents to impose a QA program that, to the extent necessary, complies with 10 CFR 50, Appendix B.
Additional Purchaser Requirements in Procurement Specifications) (if not addressed within the Suppliers program):
Purchaser assesses whether the supplier adequately controls products and services under their program, including controls applied to subcontracted activities, to ensure applicable requirements are satisfied. Purchaser may need to supply qualified materials or require the use of Purchaser-approved suppliers for subcontracted items and services that are not adequately controlled.
May 2025
© NEI 2025. All rights reserved.
nei.org C-18 Table C.18: 10 CFR 50, Appendix B, Criterion V - Instructions, Procedures, and Drawings 10 CFR 50, Appendix B, Criterion V Activities affecting quality shall be prescribed by documented instructions, procedures, or drawings, of a type appropriate to the circumstances and shall be accomplished in accordance with these instructions, procedures, or drawings.
ISO 9001:2015 4.4.2 To the extent necessary, the organization shall:
a) maintain documented information to support the operation of its processes; 7.5 Documented information 7.5.1 General The organization's quality management system shall include:
a) documented information required by this International Standard; b) documented information determined by the organization as being necessary for the effectiveness of the quality management system.
7.5.3.1 Documented information required by the quality management system and by this International Standard shall be controlled to ensure:
a) it is available and suitable for use, where and when it is needed; 8.5.1 Control of production and service provision The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
a) the availability of documented information that defines:
- 1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed;
- 2) the results to be achieved; Fundamental Requirement from 10 CFR 50, Appendix B:
To ensure activities affecting quality are prescribed and accomplished by documented instructions, procedures or drawings.
ISO 9001:2015 Comparison ISO 9001:2015 requires the quality management system to include documented information as needed to operate its processes and ensure the documented information is available and suitable for use.
Potential Gap(s):
ISO 9001:2015 does not identify specific procedures or instructions that are required to be documented.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser requires submittal of project-specific procedures, as needed.
May 2025
© NEI 2025. All rights reserved.
nei.org C-19 Table C.19: 10 CFR 50, Appendix B, Criterion V - Instructions, Procedures, and Drawings 10 CFR 50, Appendix B, Criterion V (cont.)
Instructions, procedures, or drawings shall include appropriate quantitative or qualitative acceptance criteria for determining that important activities have been satisfactorily accomplished.
ISO 9001:2015 8.3.5 Design and development outputs The organization shall ensure that design and development outputs:
c) include or reference monitoring and measuring requirements, as appropriate, and acceptance criteria; d) specify the characteristics of the products and services that are essential for their intended purpose and their safe and proper provision.
The organization shall retain documented information on design and development outputs.
8.5.1 Control of production and service provision The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
a) the availability of documented information that defines:
- 1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed;
- 2) the results to be achieved; Fundamental Requirement from 10 CFR 50, Appendix B:
To ensure instructions, procedures or drawings include quantitative or qualitative acceptance criteria for important activities.
ISO 9001:2015 Comparison ISO 9001:2015 requires design and development outputs to include acceptance criteria for monitoring and measuring requirements and to specify characteristics of the products and services that are essential for their intended use and their safe and proper provision. Documented information that defines the characteristics of the products or services and the results to be achieved are required to be available for use. ISO 9000 notes that a characteristic can be qualitative or quantitative.
Potential Gap(s):
ISO 9001:2015 Suppliers may not have the knowledge needed to determine whether the characteristics and acceptance criteria are adequately defined for a nuclear application.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser assesses whether the suppliers acceptance criteria are suitable for their nuclear application and impose technical and quality requirements as needed to ensure the acceptance criteria for important activities are adequately defined.
May 2025
© NEI 2025. All rights reserved.
nei.org C-20 Table C.20: 10 CFR 50, Appendix B, Criterion VI - Document Control 10 CFR 50, Appendix B, Criterion VI Measures shall be established to control the issuance of documents, such as instructions, procedures, and drawings, including changes thereto, which prescribe all activities affecting quality.
These measures shall assure that documents, including changes, are reviewed for adequacy and approved for release by authorized personnel and are distributed to and used at the location where the prescribed activity is performed.
Changes to documents shall be reviewed and approved by the same organizations that performed the original review and approval unless the applicant designates another responsible organization.
ISO 9001:2015 7.5 Documented information 7.5.2 Creating and updating When creating and updating documented information, the organization shall ensure appropriate:
a) identification and description (e.g., a title, date, author, or reference number);
b) format (e.g., language, software version, graphics) and media (e.g., paper, electronic);
c) review and approval for suitability and adequacy.
7.5.3 Control of documented information 7.5.3.1 Documented information required by the quality management system and by this International Standard shall be controlled to ensure:
a) it is available and suitable for use, where and when it is needed; b) it is adequately protected (e.g., from loss of confidentiality, improper use, or loss of integrity).
7.5.3.2 For the control of documented information, the organization shall address the following activities, as applicable:
a) distribution, access, retrieval and use; b) storage and preservation, including preservation of legibility; c) control of changes (e.g., version control);
d) retention and disposition.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish measures for control of documents affecting quality to ensure they are suitable and available for use.
ISO 9001:2015 Comparison ISO 9001:2015 requires documented information to be reviewed and approved for suitability and adequacy and available for use where and when it is needed. Changes to documented information are required to be controlled.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation. However, ISO 9001:2015 does not require changes to be reviewed and approved by the same organization as the original.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser requires documents with impact on quality, including document changes, to be submitted for review and approval.
May 2025
© NEI 2025. All rights reserved.
nei.org C-21 Table C.21: 10 CFR 50, Appendix B, Criterion VII - Control of Purchased Material, Equipment, and Services 10 CFR 50, Appendix B, Criterion VII Measures shall be established to assure that purchased material, equipment, and services, whether purchased directly or through contractors and subcontractors, conform to the procurement documents.
ISO 9001:2015 8.4 Control of externally provided processes, products and services 8.4.1 General The organization shall ensure that externally provided processes, products and services conform to requirements.
The organization shall determine the controls to be applied to externally provided processes, products and services when:
a) products and services from external providers are intended for incorporation into the organization's own products and services; b) products and services are provided directly to the customer(s) by external providers on behalf of the organization; c) a process, or part of a process, is provided by an external provider as a result of a decision by the organization.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish measures that ensure purchased material, equipment, and services conform to the procurement documents.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to ensure that externally provided processes, products, and services conform to the requirements.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Recommendation(s) (if not addressed within the Suppliers program):
No additional purchaser procedural controls or procurement specifications are required.
May 2025
© NEI 2025. All rights reserved.
nei.org C-22 Table C.22: 10 CFR 50, Appendix B, Criterion VII - Control of Purchased Material, Equipment, and Services 10 CFR 50, Appendix B, Criterion VII (cont.)
These measures shall include provisions, as appropriate, for source evaluation and selection, objective evidence of quality furnished by the contractor or subcontractor, inspection at the contractor or subcontractor source, and examination of products upon delivery.
ISO 9001:2015 8.4 Control of externally provided processes, products and services 8.4.1 General The organization shall determine and apply criteria for the evaluation, selection, monitoring of performance, and re-evaluation of external providers, based on their ability to provide processes or products and services in accordance with requirements. The organization shall retain documented information of these activities and any necessary actions arising from the evaluations.
8.4.2 Type and extent of control The organization shall:
a) ensure that externally provided processes remain within the control of its quality management system; b) define both the controls that it intends to apply to an external provider and those it intends to apply to the resulting output; c) take into consideration:
- 1) the potential impact of the externally provided processes, products and services on the organization's ability to consistently meet customer and applicable statutory and regulatory requirements;
- 2) the effectiveness of the controls applied by the external provider; d) determine the verification, or other activities, necessary to ensure that the externally provided processes, products and services meet requirements.
Fundamental Requirement from 10 CFR 50, Appendix B:
To include provisions for source evaluation and selection, objective evidence of quality, inspection at the source, and examination of products upon delivery.
ISO 9001:2015 Comparison ISO 9001:2015 requires evaluation and selection of external providers based on their ability to satisfy the requirements, and requires controls applied to external providers and their outputs to be defined based on the potential impact on the ability to satisfy requirements and the effectiveness of the providers controls.
Potential Gap(s):
The ISO 9001:2015 evaluation and selection process would not explicitly consider requirements compliance with 10 CFR 50, Appendix B.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser assesses whether the supplier adequately controls products and services under their program, including their controls applied to subcontracted activities, to ensure applicable requirements are satisfied. The Purchaser may need to supply qualified materials or require the use of Purchaser approved suppliers for subcontracted items and services that are not adequately controlled.
May 2025
© NEI 2025. All rights reserved.
nei.org C-23 Table C.23: 10 CFR 50, Appendix B, Criterion VII - Control of Purchased Material, Equipment, and Services 10 CFR 50, Appendix B, Criterion VII (cont.)
Documentary evidence that material and equipment conform to the procurement requirements shall be available at the nuclear powerplant or fuel reprocessing plant site prior to installation or use of such material and equipment.
This documentary evidence shall be retained at the nuclear powerplant or fuel reprocessing plant site and shall be sufficient to identify the specific requirements, such as codes, standards, or specifications, met by the purchased material and equipment.
ISO 9001:2015 8.4 Control of externally provided processes, products and services 8.4.1 General The organization shall ensure that externally provided processes, products and services conform to requirements.
The organization shall determine the controls to be applied to externally provided processes, products and services when:
a) products and services from external providers are intended for incorporation into the organization's own products and services; b) products and services are provided directly to the customer(s) by external providers on behalf of the organization; c) a process, or part of a process, is provided by an external provider as a result of a decision by the organization.
The organization shall determine and apply criteria for the evaluation, selection, monitoring of performance, and re-evaluation of external providers, based on their ability to provide processes or products and services in accordance with requirements. The organization shall retain documented information of these activities and any necessary actions arising from the evaluations.
Fundamental Requirement from 10 CFR 50, Appendix B:
To require sufficient documentary evidence of product conformity to applicable requirements be available and retained at the nuclear facility.
ISO 9001:2015 Comparison ISO 9001:2015 requires documented information of product conformity to be retained.
Potential Gap(s):
ISO 9001:2015 does not require the documented information to be supplied to the client and retained at the nuclear facility.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser maintains responsibility for obtaining the required documentary evidence and ensuring it is available at the nuclear facility. Purchaser specifies requirements for submittal of documentary evidence in the contract.
May 2025
© NEI 2025. All rights reserved.
nei.org C-24 Table C.24: 10 CFR 50, Appendix B, Criterion VII - Control of Purchased Material, Equipment, and Services 10 CFR 50, Appendix B, Criterion VII (cont.)
The effectiveness of the control of quality by contractors and subcontractors shall be assessed by the applicant or designee at intervals consistent with the importance, complexity, and quantity of the product or services.
ISO 9001:2015 8.4 Control of externally provided processes, products and services 8.4.1 General The organization shall determine and apply criteria for the evaluation, selection, monitoring of performance, and re-evaluation of external providers, based on their ability to provide processes or products and services in accordance with requirements.
8.4.2 Type and extent of control The organization shall ensure that externally provided processes, products and services do not adversely affect the organization's ability to consistently deliver conforming products and services to its customers.
The organization shall:
a) ensure that externally provided processes remain within the control of its quality management system; b) define both the controls that it intends to apply to an external provider and those it intends to apply to the resulting output; c) take into consideration:
- 1) the potential impact of the externally provided processes, products and services on the organization's ability to consistently meet customer and applicable statutory and regulatory requirements;
- 2) the effectiveness of the controls applied by the external provider; d) determine the verification, or other activities, necessary to ensure that the externally provided processes, products and services meet requirements.
Fundamental Requirement from 10 CFR 50, Appendix B:
To assess the effectiveness of supplier quality controls at intervals consistent with the importance, complexity, and quantity of the product or service.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to re-evaluate external providers based on their ability to satisfy the requirements, ensure externally provided processes remain in control, and apply controls or verification activities, as needed, based on the potential impact the external provider has on the product or service and the effectiveness of the controls applied by the external provider.
Potential Gap(s):
The ISO 9001:2015 assessment for effectiveness may not explicitly consider requirements for compliance with 10 CFR 50, Appendix B.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser assesses whether the supplier adequately controls products and services under their program, including their controls for ensuring subcontracted activities remain in compliance. The Purchaser may need to supply qualified materials or require the use of Purchaser approved suppliers for subcontracted items and services that are not adequately controlled.
May 2025
© NEI 2025. All rights reserved.
nei.org C-25 Table C.25: 10 CFR 50, Appendix B, Criterion VIII - Identification and Control of Materials, Parts, and Components 10 CFR 50, Appendix B, Criterion VIII Measures shall be established for the identification and control of materials, parts, and components, including partially fabricated assemblies.
These measures shall assure that identification of the item is maintained by heat number, part number, serial number, or other appropriate means, either on the item or on records traceable to the item, as required throughout fabrication, erection, installation, and use of the item.
These identification and control measures shall be designed to prevent the use of incorrect or defective material, parts, and components.
ISO 9001:2015 8.5.2 Identification and traceability The organization shall use suitable means to identify outputs when it is necessary to ensure the conformity of products and services.
The organization shall identify the status of outputs with respect to monitoring and measurement requirements throughout production and service provision.
The organization shall control the unique identification of the outputs when traceability is a requirement, and shall retain the documented information necessary to enable traceability.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish measures for identification and control of items throughout fabrication to prevent the use of incorrect or defective items.
ISO 9001:2015 Comparison ISO 9001:2015 requires a suitable means to identify outputs when necessary to ensure conformity and unique identification when traceability is a requirement.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Additional Purchaser Procedural Controls) (if not addressed within the Suppliers program):
Purchaser specifies requirements for identification and control as needed to close the identified gaps, including traceability.
May 2025
© NEI 2025. All rights reserved.
nei.org C-26 Table C.26: 10 CFR 50, Appendix B, Criterion IX - Control of Special Processes 10 CFR 50, Appendix B, Criterion IX Measures shall be established to assure that special processes, including welding, heat treating, and nondestructive testing, are controlled and accomplished by qualified personnel using qualified procedures in accordance with applicable codes, standards, specifications, criteria, and other special requirements.
ISO 9001:2015 8.5.1 Control of production and service provision The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
a) the availability of documented information that defines:
- 1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed;
- 2) the results to be achieved; b) the availability and use of suitable monitoring and measuring resources; c) the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met; d) the use of suitable infrastructure and environment for the operation of processes; e) the appointment of competent persons, including any required qualification; f) the validation, and periodic revalidation, of the ability to achieve planned results of the processes for production and service provision, where the resulting output cannot be verified by subsequent monitoring or measurement; Fundamental Requirement from 10 CFR 50, Appendix B:
To establish measures to ensure special processes are controlled by qualified personnel using qualified procedures in accordance with applicable requirements.
ISO 9001:2015 Comparison ISO 9001:2015 requires documented information to define the activities to be performed and the results to be achieved, competent persons, including required qualification, and validation / periodic revalidation of the ability to achieve planned results of processes where the resulting output cannot be verified by subsequent monitoring or measurement.
Potential Gap(s):
ISO 9001:2015 does not explicitly require procedures and personnel to be qualified.
Additional Purchaser Requirements in Procurement Specifications (if not addressed within the Suppliers program):
Purchaser assesses whether the special process controls are sufficient, and specify special process requirements as needed to meet 10 CFR Part 50 Appendix B or require special processes to be performed by Purchaser approved suppliers.
May 2025
© NEI 2025. All rights reserved.
nei.org C-27 Table C.27: 10 CFR 50, Appendix B, Criterion X - Inspection 10 CFR 50, Appendix B, Criterion X A program for inspection of activities affecting quality shall be established and executed by or for the organization performing the activity to verify conformance with the documented instructions, procedures, and drawings for accomplishing the activity.
Such inspection shall be performed by individuals other than those who performed the activity being inspected.
ISO 9001:2015 7.1.5 Monitoring and measuring resources 7.1.5.1 General The organization shall determine and provide the resources needed to ensure valid and reliable results when monitoring or measuring is used to verify the conformity of products and services to requirements.
The organization shall ensure that the resources provided:
a) are suitable for the specific type of monitoring and measurement activities being undertaken; 8.5.1 Control of production and service provision The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
a) the availability of documented information that defines:
- 1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed;
- 2) the results to be achieved; b) the availability and use of suitable monitoring and measuring resources; c) the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met; e) the appointment of competent persons, including any required qualification.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish and execute a program for inspection of activities affecting quality to verify conformance with the documented instructions, procedures, and drawings. The inspections are required to be performed by individuals other than those that performed the activity being inspected.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to determine and provide resources for ensuring valid and reliable results when monitoring or measuring (e.g., inspection and testing) is used to verify the conformity of products and services to the requirements. This includes the appointment of competent persons, and any required qualification, as well as documented information that defines the characteristics of the products and the results to be achieved.
Potential Gap(s):
ISO 9001:2015 does not explicitly require a program for inspection activities and does not require personnel performing inspection activities to be independent.
Additional Purchaser Requirements in Procurement Specifications (if not addressed within the Suppliers program):
Purchaser specifies inspection program requirements as needed, including inspector independence to close the identified gaps.
May 2025
© NEI 2025. All rights reserved.
nei.org C-28 Table C.28: 10 CFR 50, Appendix B, Criterion X - Inspection 10 CFR 50, Appendix B, Criterion X (cont.)
Examinations, measurements, or tests of material or products processed shall be performed for each work operation where necessary to assure quality.
ISO 9001:2015 7.1.5 Monitoring and measuring resources 7.1.5.1 General The organization shall determine and provide the resources needed to ensure valid and reliable results when monitoring or measuring is used to verify the conformity of products and services to requirements.
The organization shall ensure that the resources provided:
a) are suitable for the specific type of monitoring and measurement activities being undertaken; 8.5.1 Control of production and service provision The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
a) the availability of documented information that defines:
- 1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed;
- 2) the results to be achieved; b) the availability and use of suitable monitoring and measuring resources; c) the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met; e) the appointment of competent persons, including any required qualification; Fundamental Requirement from 10 CFR 50, Appendix B:
To perform examinations, measurements, or tests for each work operation where necessary to assure quality.
ISO 9001:2015 Comparison ISO 9001:2015 requires the implementation of monitoring and measurement activities (e.g., inspections and tests) at appropriate stages to verify that criteria for control of processes or outputs, and the acceptance criteria for products and services, have been met.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies inspection requirements as needed to close the identified gaps.
May 2025
© NEI 2025. All rights reserved.
nei.org C-29 Table C.29: 10 CFR 50, Appendix B, Criterion X - Inspection 10 CFR 50, Appendix B, Criterion X (cont.)
If inspection of processed material or products is impossible or disadvantageous, indirect control by monitoring processing methods, equipment, and personnel shall be provided. Both inspection and process monitoring shall be provided when control is inadequate without both.
ISO 9001:2015 7.1.5 Monitoring and measuring resources 7.1.5.1 General The organization shall determine and provide the resources needed to ensure valid and reliable results when monitoring or measuring is used to verify the conformity of products and services to requirements.
The organization shall ensure that the resources provided:
a) are suitable for the specific type of monitoring and measurement activities being undertaken; 8.5.1 Control of production and service provision The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
a) the availability of documented information that defines:
- 1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed;
- 2) the results to be achieved; b) the availability and use of suitable monitoring and measuring resources; c) the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met; e) the appointment of competent persons, including any required qualification; Fundamental Requirement from 10 CFR 50, Appendix B:
To provide indirect control by monitoring, if inspection is impossible or disadvantageous and to implement both inspection and monitoring when control is inadequate without both.
ISO 9001:2015 Comparison ISO 9001:2015 requires the implementation of monitoring and measurement activities (e.g., inspections and tests) at appropriate stages to verify that criteria for control of processes or outputs, and the acceptance criteria for products and services, have been met.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Recommendation(s) (if not addressed within the Suppliers program):
No additional purchaser procedural controls or procurement specifications are required.
May 2025
© NEI 2025. All rights reserved.
nei.org C-30 Table C.30: 10 CFR 50, Appendix B, Criterion X - Inspection 10 CFR 50, Appendix B, Criterion X (cont.)
If mandatory inspection hold points, which require witnessing or inspecting by the applicant's designated representative and beyond which work shall not proceed without the consent of its designated representative are required, the specific hold points shall be indicated in appropriate documents.
ISO 9001:2015 8.6 Release of products and services The organization shall implement planned arrangements, at appropriate stages, to verify that the product and service requirements have been met.
The release of products and services to the customer shall not proceed until the planned arrangements have been satisfactorily completed, unless otherwise approved by a relevant authority and, as applicable, by the customer.
The organization shall retain documented information on the release of products and services. The documented information shall include:
a) evidence of conformity with the acceptance criteria; b) traceability to the person(s) authorizing the release.
Fundamental Requirement from 10 CFR 50, Appendix B:
To identify required hold or witness points in appropriate documents.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to implement planned arrangements, at appropriate stages, to verify that the requirements have been met and to retain documented information providing evidence of conformity to the acceptance criteria and traceability to the person(s) authorizing the release.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies inspection requirements, including requirements for hold and witness points, as needed to close the identified gaps.
May 2025
© NEI 2025. All rights reserved.
nei.org C-31 Table C.31: 10 CFR 50, Appendix B, Criterion XI - Test Control 10 CFR 50, Appendix B, Criterion XI A test program shall be established to assure that all testing required to demonstrate that structures, systems, and components will perform satisfactorily in service is identified and performed in accordance with written test procedures which incorporate the requirements and acceptance limits contained in applicable design documents.
The test program shall include, as appropriate, proof tests prior to installation, preoperational tests, and operational tests during nuclear power plant or fuel reprocessing plant operation, of structures, systems, and components.
ISO 9001:2015 8.3.4 Design and development controls The organization shall apply controls to the design and development process to ensure that:
d) validation activities are conducted to ensure that the resulting products and services meet the requirements for the specified application or intended use; f) documented information of these activities is retained.
8.3.5 Design and development outputs The organization shall ensure that design and development outputs:
c) include or reference monitoring and measuring requirements, as appropriate, and acceptance criteria; d) specify the characteristics of the products and services that are essential for their intended purpose and their safe and proper provision.
8.5.1 Control of production and service provision The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
a) the availability of documented information that defines:
- 1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed;
- 2) the results to be achieved; c) the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met; e) the appointment of competent persons, including any required qualification; Fundamental Requirement from 10 CFR 50, Appendix B:
To establish a test program, including proof tests or tests performed during facility operations, to demonstrate SSCs will perform satisfactorily in service.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to conduct validation activities to ensure the resulting products and services satisfy the intended use and to implement monitoring and measurement activities (e.g., inspections and tests) to ensure the acceptance criteria is met.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Recommendation(s) (if not addressed within the Suppliers program):
Purchaser retains responsibility for ensuring suitability of the design and applicable testing requirements.
May 2025
© NEI 2025. All rights reserved.
nei.org C-32 Table C.32: 10 CFR 50, Appendix B, Criterion XI - Test Control 10 CFR 50, Appendix B, Criterion XI (cont.)
Test procedures shall include provisions for assuring that all prerequisites for the given test have been met, that adequate test instrumentation is available and used, and that the test is performed under suitable environmental conditions.
ISO 9001:2015 8.5.1 Control of production and service provision The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
a) the availability of documented information that defines:
- 1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed;
- 2) the results to be achieved; b) the availability and use of suitable monitoring and measuring resources; c) the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met; d) the use of suitable infrastructure and environment for the operation of processes; e) the appointment of competent persons, including any required qualification; Fundamental Requirement from 10 CFR 50, Appendix B:
To ensure test procedures include provisions for assuring all prerequisites are met, adequate instrumentation is available and used, and that tests are performed under suitable environmental conditions.
ISO 9001:2015 Comparison ISO 9001:2015 requires the availability of documented information that defines the characteristics (e.g., physical or functional) of the products to be produced and for implementation of monitoring and measurement activities (e.g., inspections and tests) at appropriate stages to verify that criteria for control of processes or outputs, and the acceptance criteria for products and services, have been met. ISO 9001:2015 also requires a suitable infrastructure and environment for the operation of processes.
Potential Gap(s):
ISO 9001:2015 does not explicitly require documented information to include test procedures that satisfy the requirements of the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies testing requirements if needed to close the identified gaps and requires submittal of applicable test procedures for review and approval.
May 2025
© NEI 2025. All rights reserved.
nei.org C-33 Table C.33: 10 CFR 50, Appendix B, Criterion XI - Test Control 10 CFR 50, Appendix B, Criterion XI (cont.)
Test results shall be documented and evaluated to assure that test requirements have been satisfied.
ISO 9001:2015 8.6 Release of products and services The organization shall implement planned arrangements, at appropriate stages, to verify that the product and service requirements have been met.
The release of products and services to the customer shall not proceed until the planned arrangements have been satisfactorily completed, unless otherwise approved by a relevant authority and, as applicable, by the customer.
The organization shall retain documented information on the release of products and services. The documented information shall include:
a) evidence of conformity with the acceptance criteria; b) traceability to the person(s) authorizing the release.
Fundamental Requirement from 10 CFR 50, Appendix B:
To ensure test results are documented and evaluated to assure that test requirements have been satisfied.
ISO 9001:2015 Comparison ISO 9001:2015 requires documented information that includes evidence of conformity with the acceptance criteria and traceability to the person(s) that authorized the release of the product or service.
Potential Gap(s):
Recommendation(s) (if not addressed within the Suppliers program):
Purchaser retains responsibility for verifying test results are acceptable.
May 2025
© NEI 2025. All rights reserved.
nei.org C-34 Table C.34: 10 CFR 50, Appendix B, Criterion XII - Control of Measuring and Test Equipment 10 CFR 50, Appendix B, Criterion XII Measures shall be established to assure that tools, gages, instruments, and other measuring and testing devices used in activities affecting quality are properly controlled, calibrated, and adjusted at specified periods to maintain accuracy within necessary limits.
ISO 9001:2015 7.1.5 Monitoring and measuring resources 7.1.5.1 General The organization shall determine and provide the resources needed to ensure valid and reliable results when monitoring or measuring is used to verify the conformity of products and services to requirements.
The organization shall ensure that the resources provided:
a) are suitable for the specific type of monitoring and measurement activities being undertaken; b) are maintained to ensure their continuing fitness for their purpose.
The organization shall retain appropriate documented information as evidence of fitness for purpose of the monitoring and measurement resources.
7.1.5.2 Measurement traceability When measurement traceability is a requirement, or is considered by the organization to be an essential part of providing confidence in the validity of measurement results, measuring equipment shall be:
a) calibrated or verified, or both, at specified intervals, or prior to use, against measurement standards traceable to international or national measurement standards; when no such standards exist, the basis used for calibration or verification shall be retained as documented information; b) identified in order to determine their status; c) safeguarded from adjustments, damage or deterioration that would invalidate the calibration status and subsequent measurement results.
The organization shall determine if the validity of previous measurement results has been adversely affected when measuring equipment is found to be unfit for its intended purpose, and shall take appropriate action as necessary.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish measures that ensure measuring and test equipment is properly controlled, calibrated, and adjusted to maintain accuracy within necessary limits.
ISO 9001:2015 Comparison ISO 9001:2015 requires measuring equipment to be calibrated, identified, and safeguarded to provide confidence in the validity of measurement results.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Recommendation(s) (if not addressed within the Suppliers program):
May 2025
© NEI 2025. All rights reserved.
nei.org C-35 Table C.35: 10 CFR 50, Appendix B, Criterion XIII - Handling, Storage, and Shipping 10 CFR 50, Appendix B, Criterion XIII Measures shall be established to control the handling, storage, shipping, cleaning and preservation of material and equipment in accordance with work and inspection instructions to prevent damage or deterioration.
ISO 9001:2015 8.5.4 Preservation The organization shall preserve the outputs during production and service provision, to the extent necessary to ensure conformity to requirements.
NOTE Preservation can include identification, handling, contamination control, packaging, storage, transmission or transportation, and protection.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish measures to control the handling, storage, shipping, cleaning, and preservation of items in accordance with work and inspection instructions to prevent damage or deterioration.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to preserve outputs during production to ensure conformity to requirements and notes that preservation can include identification, handling, contamination control, packaging, storage, transmission or transportation and protection.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Recommendation(s) (if not addressed within the Suppliers program):
May 2025
© NEI 2025. All rights reserved.
nei.org C-36 Table C.36: 10 CFR 50, Appendix B, Criterion XIII - Handling, Storage, and Shipping 10 CFR 50, Appendix B, Criterion XIII (cont.)
When necessary for particular products, special protective environments, such as inert gas atmosphere, specific moisture content levels, and temperature levels, shall be specified and provided.
ISO 9001:2015 7.1.4 Environment for the operation of processes The organization shall determine, provide and maintain the environment necessary for the operation of its processes and to achieve conformity of products and services.
NOTE A suitable environment can be a combination of human and physical factors, such as:
a) social (e.g., non-discriminatory, calm, non-confrontational);
b) psychological (e.g., stress-reducing, burnout prevention, emotionally protective);
c) physical (e.g., temperature, heat, humidity, light, airflow, hygiene, noise).
These factors can differ substantially depending on the products and services provided.
8.5.4 Preservation The organization shall preserve the outputs during production and service provision, to the extent necessary to ensure conformity to requirements.
NOTE Preservation can include identification, handling, contamination control, packaging, storage, transmission or transportation, and protection.
Fundamental Requirement from 10 CFR 50, Appendix B:
To specify and provide special protective environments, such as inert gas atmosphere, specific moisture content levels, and temperature levels, when necessary for particular products.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to determine, provide, and maintain the environment, including physical factors (e.g., temperature, heat, humidity, light, airflow, hygiene, and noise), necessary for the operation of its processes and to achieve conformity of products and services.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Recommendation(s) (if not addressed within the Suppliers program):
May 2025
© NEI 2025. All rights reserved.
nei.org C-37 Table C.37: 10 CFR 50, Appendix B, Criterion XIV - Inspection, Test, and Operating Status 10 CFR 50, Appendix B, Criterion XIV Measures shall be established to indicate, by the use of markings such as stamps, tags, labels, routing cards, or other suitable means, the status of inspections and tests performed upon individual items of the nuclear power plant or fuel reprocessing plant. These measures shall provide for the identification of items which have satisfactorily passed required inspections and tests, where necessary to preclude inadvertent bypassing of such inspections and tests.
Measures shall also be established for indicating the operating status of structures, systems, and components of the nuclear power plant or fuel reprocessing plant, such as by tagging valves and switches, to prevent inadvertent operation.
ISO 9001:2015 8.5.2 Identification and traceability The organization shall use suitable means to identify outputs when it is necessary to ensure the conformity of products and services.
The organization shall identify the status of outputs with respect to monitoring and measurement requirements throughout production and service provision.
The organization shall control the unique identification of the outputs when traceability is a requirement, and shall retain the documented information necessary to enable traceability.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish measures to indicate the status of inspections and tests by the use of markings, such as stamps, tags, labels, routing cards, or other suitable means, and to indicate the operating status of SSCs in nuclear facilities.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to use suitable means to identify outputs when necessary to ensure conformity and to identify the status of outputs with respect to monitoring and measurement requirements throughout production.
Potential Gap(s):
The regulatory requirements for indicating the operating status of SSCs in nuclear facilities do not apply to non-licensees, such as ISO 9001:2015 suppliers. The ISO 9001:2015 objectives are consistent with the regulatory requirements for indication of inspection and test status. ISO 9001:2015 does not explicitly list suitable methods for indicating the status of monitoring and measurement requirements. However, ISO 9001:2015 Suppliers typically use stamps, tags, and routing cards for this purpose.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies requirements for indicating the inspection and test status as needed to close the identified gaps.
May 2025
© NEI 2025. All rights reserved.
nei.org C-38 Table C.38: 10 CFR 50, Appendix B, Criterion XV - Nonconforming Materials, Parts, or Components 10 CFR 50, Appendix B, Criterion XV Measures shall be established to control materials, parts, or components which do not conform to requirements in order to prevent their inadvertent use or installation.
These measures shall include, as appropriate, procedures for identification, documentation, segregation, disposition, and notification to affected organizations.
Nonconforming items shall be reviewed and accepted, rejected, repaired or reworked in accordance with documented procedures.
ISO 9001:2015 8.7 Control of nonconforming outputs 8.7.1 The organization shall ensure that outputs that do not conform to their requirements are identified and controlled to prevent their unintended use or delivery.
The organization shall take appropriate action based on the nature of the nonconformity and its effect on the conformity of products and services. This shall also apply to nonconforming products and services detected after delivery of products, during or after the provision of services.
The organization shall deal with nonconforming outputs in one or more of the following ways:
a) correction; b) segregation, containment, return, or suspension of provision of products and services; c) informing the customer; d) obtaining authorization for acceptance under concession.
Conformity to the requirements shall be verified when nonconforming outputs are corrected.
8.7.2 The organization shall retain documented information that:
a) describes the nonconformity; b) describes the actions taken; c) describes any concessions obtained; d) identifies the authority deciding the action in respect of the nonconformity.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish documented controls for nonconforming items, including identification, documentation, segregation, disposition, and client notification, as appropriate, to prevent their inadvertent use or installation.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to ensure nonconforming outputs are identified and controlled to prevent unintended use or delivery and to retain documented information that describes the nonconformity, the actions taken, concessions obtained, and the authority deciding the action for the nonconformity. Actions are to include correction, segregation, containment, return or suspension of products, informing the customer, and obtaining acceptance of the nonconformity.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Recommendation(s) (if not addressed within the Suppliers program):
May 2025
© NEI 2025. All rights reserved.
nei.org C-39 Table C.39: 10 CFR 50, Appendix B, Criterion XVI - Corrective Action 10 CFR 50, Appendix B, Criterion XVI Measures shall be established to assure that conditions adverse to quality, such as failures, malfunctions, deficiencies, deviations, defective material and equipment, and nonconformances are promptly identified and corrected.
In the case of significant conditions adverse to quality, the measures shall assure that the cause of the condition is determined and corrective action taken to preclude repetition.
The identification of the significant condition adverse to quality, the cause of the condition, and the corrective action taken shall be documented and reported to appropriate levels of management.
ISO 9001:2015 10.2 Nonconformity and corrective action 10.2.1 When a nonconformity occurs, including any arising from complaints, the organization shall:
a) react to the nonconformity and, as applicable:
- 1) take action to control and correct it;
- 2) deal with the consequences; b) evaluate the need for action to eliminate the cause(s) of the nonconformity, in order that it does not recur or occur elsewhere, by:
- 1) reviewing and analyzing the nonconformity;
- 2) determining the causes of the nonconformity;
- 3) determining if similar nonconformities exist, or could potentially occur; c) implement any action needed; d) review the effectiveness of any corrective action taken; e) update risks and opportunities determined during planning, if necessary; f) make changes to the quality management system, if necessary.
Corrective actions shall be appropriate to the effects of the nonconformities encountered.
10.2.2 The organization shall retain documented information as evidence of:
a) the nature of the nonconformities and any subsequent actions taken; b) the results of any corrective action.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish measures that assure conditions adverse to quality are promptly identified and corrected and, in the case of significant conditions adverse to quality, assure that the cause of the condition is determined, corrective action to prevent repetition is taken, and appropriate levels of management are notified.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to react appropriately to a nonconformity to control and correct it and deal with the consequences. The organization is required to evaluate the need for action to eliminate the cause by analyzing the nonconformity, determining the cause, and determining if similar nonconformities exist or could occur. The organization is required to implement needed actions, review the effectiveness of actions taken, and update the quality management system, if necessary. The organization is required to retain documented information of the nonconformity, actions taken, and the results of corrective actions.
Potential Gap(s):
ISO 9001:2015 does not explicitly require management notification.
Additional Procurement Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies requirements for management notification.
May 2025
© NEI 2025. All rights reserved.
nei.org C-40 Table C.40: 10 CFR 50, Appendix B, Criterion XVII - Quality Assurance Records 10 CFR 50, Appendix B, Criterion XVII Sufficient records shall be maintained to furnish evidence of activities affecting quality.
ISO 9001:2015 4.4 Quality management system and its processes 4.4.1 The organization shall establish, implement, maintain and continually improve a quality management system, including the processes needed and their interactions, in accordance with the requirements of this International Standard.
The organization shall determine the processes needed for the quality management system and their application throughout the organization, and shall:
c) determine and apply the criteria and methods (including monitoring, measurements, and related performance indicators) needed to ensure the effective operation and control of these processes; g) evaluate these processes and implement any changes needed to ensure that these processes achieve their intended results; h) improve the processes and the quality management system.
4.4.2 To the extent necessary, the organization shall:
a) maintain documented information to support the operation of its processes; b) retain documented information to have confidence that the processes are being carried out as planned.
8.6 Release of products and services The organization shall retain documented information on the release of products and services. The documented information shall include:
a) evidence of conformity with the acceptance criteria; b) traceability to the person(s) authorizing the release.
Fundamental Requirement from 10 CFR 50, Appendix B:
To maintain sufficient records to furnish evidence of activities affecting quality.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to determine the processes needed for the quality management system and their application throughout the organization and, to the extent necessary, retain documented information to have confidence the processes are carried out as planned and provide evidence the products conform with the acceptance criteria.
Potential Gap(s):
The ISO 9001:2015 objectives are consistent with the regulation.
Recommendation(s) (if not addressed within the Suppliers program):
May 2025
© NEI 2025. All rights reserved.
nei.org C-41 Table C.41: 10 CFR 50, Appendix B, Criterion XVII - Quality Assurance Records 10 CFR 50, Appendix B, Criterion XVII (cont.)
The records shall include at least the following: Operating logs and the results of reviews, inspections, tests, audits, monitoring of work performance, and materials analyses.
The records shall also include closely-related data such as qualifications of personnel, procedures, and equipment.
ISO 9001:2015 4.4 Quality management system and its processes 4.4.2 To the extent necessary, the organization shall:
a) maintain documented information to support the operation of its processes; b) retain documented information to have confidence that the processes are being carried out as planned.
7.1.5 Monitoring and measuring resources 7.1.5.1 General The organization shall retain appropriate documented information as evidence of fitness for purpose of the monitoring and measurement resources.
7.1.5.2 Measurement traceability a) the basis used for calibration or verification shall be retained as documented information; 7.2 Competence The organization shall:
d) retain appropriate documented information as evidence of competence.
8.1 Operational planning and control The organization shall plan, implement and control the processes (see 4.4) needed to meet the requirements for the provision of products and services, and to implement the actions determined in Clause 6 (Planning) by:
e) determining, maintaining and retaining documented information to the extent necessary:
- 1) to have confidence that the processes have been carried out as planned;
- 2) to demonstrate the conformity of products and services to their requirements.
8.2.3 Review of the requirements for products and services 8.2.3.1 The organization shall ensure that it has the ability to meet the requirements for products and services to be offered to customers. The organization shall conduct a review before committing to supply products and services to a customer, 8.2.3.2 The organization shall retain documented information, as applicable:
a) on the results of the review;
May 2025
© NEI 2025. All rights reserved.
nei.org C-42 8.3.2 Design and development planning In determining the stages and controls for design and development, the organization shall consider:
j) the documented information needed to demonstrate that design and development requirements have been met.
8.4 Control of externally provided processes, products and services 8.4.1 General The organization shall determine and apply criteria for the evaluation, selection, monitoring of performance, and re-evaluation of external providers, based on their ability to provide processes or products and services in accordance with requirements. The organization shall retain documented information of these activities and any necessary actions arising from the evaluations.
8.5.2 Identification and traceability The organization shall control the unique identification of the outputs when traceability is a requirement, and shall retain the documented information necessary to enable traceability.
8.6 Release of products and services The organization shall implement planned arrangements, at appropriate stages, to verify that the product and service requirements have been met.
The organization shall retain documented information on the release of products and services. The documented information shall include:
a) evidence of conformity with the acceptance criteria; b) traceability to the person(s) authorizing the release.
8.7 Control of nonconforming outputs 8.7.1 The organization shall ensure that outputs that do not conform to their requirements are identified and controlled to prevent their unintended use or delivery.
8.7.2 The organization shall retain documented information that:
a) describes the nonconformity; b) describes the actions taken; c) describes any concessions obtained; d) identifies the authority deciding the action in respect of the nonconformity.
9.1 Monitoring, measurement, analysis and evaluation 9.1.1 General The organization shall evaluate the performance and the effectiveness of the quality management system.
The organization shall retain appropriate documented information as evidence of the results.
9.2 Internal audit 9.2.2 The organization shall:
May 2025
© NEI 2025. All rights reserved.
nei.org C-43 f) retain documented information as evidence of the implementation of the audit programme and the audit results.
9.3.3 Management review outputs The organization shall retain documented information as evidence of the results of management reviews.
10.2 Nonconformity and corrective action 10.2.2 The organization shall retain documented information as evidence of:
a) the nature of the nonconformities and any subsequent actions taken; b) the results of any corrective action.
Fundamental Requirement from 10 CFR 50, Appendix B:
To maintain records that include operating logs and the results of reviews, inspections, tests, audits, monitoring of work performance, materials analyses, and closely-related data such as qualifications of personnel, procedures, and equipment.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to retain documented information for various activities, including those providing confidence that processes are carried out as planned, providing evidence of competence, demonstrating conformity of products and services, demonstrating design and development requirements were met, providing information on nonconformities, and providing evidence of audit program implementation.
Potential Gap(s):
The documented information required by ISO 9001:2015 is consistent with the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies the records requirements as needed.
May 2025
© NEI 2025. All rights reserved.
nei.org C-44 Table C.42: 10 CFR 50, Appendix B, Criterion XVII - Quality Assurance Records 10 CFR 50, Appendix B, Criterion XVII (cont.)
Inspection and test records shall, as a minimum, identify the inspector or data recorder, the type of observation, the results, the acceptability, and the action taken in connection with any deficiencies noted.
ISO 9001:2015 8.5.1 Control of production and service provision The organization shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
c) the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met; h) the implementation of release, delivery and post-delivery activities.
8.6 Release of products and services The organization shall implement planned arrangements, at appropriate stages, to verify that the product and service requirements have been met.
The organization shall retain documented information on the release of products and services. The documented information shall include:
a) evidence of conformity with the acceptance criteria; b) traceability to the person(s) authorizing the release.
10.2 Nonconformity and corrective action 10.2.2 The organization shall retain documented information as evidence of:
a) the nature of the nonconformities and any subsequent actions taken; Fundamental Requirement from 10 CFR 50, Appendix B:
To require inspection and test records to, as a minimum, identify the inspector or data recorder, the type of observation, the results, the acceptability, and the action taken in connection with any deficiencies noted.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to implement monitoring and measuring activities (e.g., inspections and tests) at appropriate stages to verify acceptance criteria for products and services were met and to retain evidence of conformity with the acceptance criteria with traceability to the person(s) authorizing the release. The organization is also required to retain documented information as evidence of the nature of nonconformities and any subsequent actions taken.
Potential Gap(s):
ISO 9001:2015 does not explicitly define minimum content requirements for inspection and test records. However, inspection and test records from ISO 9001:2015 Suppliers typically include the required information.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies records requirements as needed.
May 2025
© NEI 2025. All rights reserved.
nei.org C-45 Table C.43: 10 CFR 50, Appendix B, Criterion XVII - Quality Assurance Records 10 CFR 50, Appendix B, Criterion XVII (cont.)
Records shall be identifiable and retrievable. Consistent with applicable regulatory requirements, the applicant shall establish requirements concerning record retention, such as duration, location, and assigned responsibility.
ISO 9001:2015 7.5.3 Control of documented information 7.5.3.1 Documented information required by the quality management system and by this International Standard shall be controlled to ensure:
a) it is available and suitable for use, where and when it is needed; b) it is adequately protected (e.g., from loss of confidentiality, improper use, or loss of integrity).
7.5.3.2 For the control of documented information, the organization shall address the following activities, as applicable:
a) distribution, access, retrieval and use; b) storage and preservation, including preservation of legibility; c) control of changes (e.g., version control);
d) retention and disposition.
Documented information retained as evidence of conformity shall be protected from unintended alterations.
Fundamental Requirement from 10 CFR 50, Appendix B:
To ensure records are identifiable and retrievable and to establish requirements for record retention, duration, location and assigned responsibilities consistent with applicable regulatory requirements.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to ensure documented information is available and suitable for use where and when it is needed and adequately protected from improper use or loss of integrity. The organization is required to control documented information to address requirements for distribution, access and retrieval, storage and preservation, including preservation of legibility, retention and disposition, and protection from unintended alterations.
Potential Gap(s):
The ISO 9001:2015 requirements for control of documented information are consistent with the regulation.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies records requirements and submittal of records needed to satisfy applicable regulatory requirements, for retention in accordance with the Purchasers program.
May 2025
© NEI 2025. All rights reserved.
nei.org C-46 Table C.44: 10 CFR 50, Appendix B, Criterion XVIII - Audits 10 CFR 50, Appendix B, Criterion XVIII A comprehensive system of planned and periodic audits shall be carried out to verify compliance with all aspects of the quality assurance program and to determine the effectiveness of the program.
The audits shall be performed in accordance with the written procedures or check lists by appropriately trained personnel not having direct responsibilities in the areas being audited.
Audit results shall be documented and reviewed by management having responsibility in the area audited.
Follow-up action, including reaudit of deficient areas, shall be taken where indicated.
ISO 9001:2015 9.2 Internal audit 9.2.1 The organization shall conduct internal audits at planned intervals to provide information on whether the quality management system:
a) conforms to:
- 1) the organization's own requirements for its quality management system;
- 2) the requirements of this International Standard; b) is effectively implemented and maintained.
9.2.2 The organization shall:
a) plan, establish, implement, and maintain an audit program(s) including the frequency, methods, responsibilities, planning requirements and reporting, which shall take into consideration the importance of the processes concerned, changes affecting the organization, and the results of previous audits; b) define the audit criteria and scope for each audit; c) select auditors and conduct audits to ensure objectivity and the impartiality of the audit process; d) ensure that the results of the audits are reported to relevant management; e) take appropriate correction and corrective actions without undue delay; f) retain documented information as evidence of the implementation of the audit program and the audit results.
Fundamental Requirement from 10 CFR 50, Appendix B:
To establish a comprehensive system of planned and periodic audits to verify all aspects of the QA program and determine its effectiveness. The audits are required to be performed in accordance with written procedures or checklists by appropriately trained personnel not having responsibility for the audited area. Follow-up action is required, as appropriate, and audit results are required to be documented and reviewed by management responsible for the audited area.
ISO 9001:2015 Comparison ISO 9001:2015 requires the organization to conduct internal audits to determine whether the quality management system conforms to requirements and is effectively implemented. An audit program is to be planned, established, implemented and maintained to define criteria and scope for each audit, select auditors to ensure objectivity and impartiality, report results to relevant management, take corrective action without undue delay and retain evidence of implementation. ISO 19011 (Reference 13) is referenced for guidance on ensuring the competence of the audit team.
Potential Gap(s):
Audit procedures or checklists are not explicitly required. As noted in Criterion XVI, a review of corrective action effectiveness is required by ISO 9001:2015 but follow-up action, including reaudit of deficient areas, is not required.
Additional Purchaser Procedural Controls (if not addressed within the Suppliers program):
Purchaser specifies auditing requirements for activities that affect procured products or services as needed.