Présentation au sujet: "Risk in conformity assessment"— Transcription de la présentation:
1 Risk in conformity assessment AFNOR RusRisk in conformity assessmentLeonid DVORKINAFNOR Certification is the leading systems, services, products and competencies certification and assessment body in France and one of thetop-ranking leaders worldwide. AFNOR Certification solutions comprehensively cover your business needs: from performance assessment through to creating broader market awareness and recognition of the quality of your organization, products and/or services and competencies mastered by the people in your teams.We can also help spread the word on your stringent compliance with national, European or international regulatory requirements. AFNOR Certification handles a portfolio spanning over 500 products, making it one of the most comprehensive market offers out there. Our product range runs from AFAQ and NF marks to Ecolabels and on to the CE mark…Any company, organization or administration can file an application for certification of its products, services or management system. The target audience is first and foremost the end-customer, whether they are a consumer or a user. Certification gives objective proof that the product or service purchased or delivered presents a set of characteristics defined in a standard or a benchmark document, and is controlled and checked on a regular basis. This means buyers, users or consumers of certified products or services are provided a guaranteed level of quality, in the broadest sense of the word.Certification is one of the very first criteria guiding choice between several offerings. The credibility of this guarantee hinges not just on the competency of a certification body like AFNOR Certification, but also on its impartiality. Note this: certification bodies are themselves audited by independent accreditation bodies, like the COFRAC in France.Certification is delivered based on an assessment of the systems, services, products or professional competencies targeted in the application. The assessment measures the characteristics claimed. Certification will be issued if these characteristics fully match those set down in the benchmark reference.25 November
2 Responses adapted for the needs of our clients Guarantee conformance of productsStandards, specifications, directives,norms national, european or internationalManaging organisationISO 9001, ISO 14001, OHSAS 18001, ISO 27001, ISO 50001ISO 22000, ISO 13485, ISO/TS 16949, AS 9100, IRISÉvaluating and valorising obligationsManagement models, universal and specificMeasuring today to prepare tomorrowProduct certification revolves mainly around the NF, GS, Kitemark, GOST R or other national marks, targeting household appliances, consumer goods, electrical appliances, safety equipment, industrial products, buildings, 'green' goods... and the list goes on, covering hundreds of thousands of individual products, all certified NF-compliant.AFNOR Certification's product certifications package also features the Keymark, designed to attest product conformity to European standards, and Ecolabels, which flag environmentally-friendly products. The range also extends to the AFNOR Validation mark which certifies commercially-available microbiological test kits widely used in the food business and by water industry professionals.AFAQ Global Performance. AFAQ 1000NRSuperior pilotage models. Solutions for sustainable development…
3 Risk definition Risk - effect of uncertainty on objectives NOTE 1 An effect is a deviation from the expected — positive and/or negative.NOTE 2 Objectives can have different aspects (such as financial, health and safety, and environmental goals) and can apply at different levels (such as strategic, organization-wide, project, product and process).NOTE 3 Risk is often characterized by reference to potential events (2.19) and consequences (2.20), or a combination of these.NOTE 4 Risk is often expressed in terms of a combination of the consequences of an event (including changes in circumstances) and the associated likelihood (2.21) of occurrenceNOTE 5 Uncertainty is the state, even partial, of deficiency of information related to, understanding or knowledge of anevent, its consequence, or likelihood.ISO Guide 73:2009, definition 1.1ISO 31000Now we can use ISO for universal definitions of risk: it is an effect of uncertainty on objectives.Meanwhile more habitual (usual) ISO Guide 73 definition is also quite applicable.
4 Operational efficiency Ecology/security Risks mapping for coal industry 4 main risk centers on results of operational and financial activitiesStrategy risksHigh oil prices increase coal consumptionCO2 emissions reduce coal extractionOperational efficiencymanual labor substitution to equipmentfor extraction in hard conditionsassets diversificationfor shareholders effectivenessEcology/securitymonitoringfor law complianceincidents investigationfor minimizationRiskcentreFinancialrisksprice instability affects on cash flowpercentage yields affects on profitsIt was mentioned that any management operates with profits and risks.Like this in cola industry four main risks centers could be describedStrategically coal market effected by economic growth and concurrence from oil and gas. Now carbonic gas regulations reduce coal extraction.Further development of operational efficiency stipulates replacement of manual labor for the benefit of modern equipment.Recourses which necessary to achieve ecology and safety objectives could be inappropriately high.Approbated methods described in standard ISO models could help different organizations to reach holistic view and to optimize business expenses..Главный финансовый риск связан с нестабильностью мировых цен на уголь. Хотя годовой Value-at-Risk цен на уголь меньше чем соответствующий показатель для нефти и газа, модель цен на базе последних 15 лет показывает, что cash-flow может падать до 30% вследствие ценового шокаМодель ценообразования угольного рынка включает две компоненты: потребление угля, зависящее от экономического роста, и «конкуренцию» со стороны других источников энергии, в основном, нефти, газа и ядерной энергииДля экспортеров всегда остается существенным валютный рискУгольная промышленность требует существенных инвестиций, поэтому процентный риск может оказать серьезное воздействие на доход. Так если, компания выпустила год назад обязательство в USD, привязанное к LIBOR, процентные расходы за этот период выросли почти на 40%Крупные угольные экспортеры активно используют производные инструменты для хеджирования финансовых рисковПо мнению ряда угольных компаний существенным риском является также кредитный риск дебиторской задолженности
5 CE Marking (e.g.Medical Devises) Conformity Procedures Manufacturer‘self-declaration’Annex VIITechnicalFile(>5 year)AType examinationAnnex IIIBFullQualityAssuranceAnnex IIISO 13485HDesigndossierDESIGNPRODUCTINProductQualityAssuranceAnnex VIISO /-EProductionQualityAssuranceAnnex VISODProductVerificationAnnex IVFStatis-tical100%Product assessment intended to miniize risk for customers and users and first of all to guarantee safety of consumer goods or tools and equipment, such as. medical devises The CE mark is compulsory in Europe for any product targeted under one or more EU Directives. It indicates that the CE-labelled product meets all the essential requirements on safety, public health and consumer protection laws. CE-marked products are free to trade throughout the European single market whwn notified body such as AFNOR Certification has been given notification on relevant directives in relation to construction products, personal protective equipment, lifts, pressure equipment.The choice of relevant conformity procedure based on the results of risk anlyses in respect to obligatory Directives requirements, e g.Active Implantables, AIMD (90/385/EEC) Obligatory since January 1, 1995Medical Devices, MDD (93/43/EEC) Obligatory since June 14, 1998In Vitro Diagnostics, IVDD (98/79/EC)Obligatory since December 7, 2003(distribution ‘old-devices’: until December 7, 2005)CE-markNo NBNOTIFIED BODYAssessment
6 CE Marking Medical Devises Preparation Technical fileDesign controlProduct information & specificationDesign / Type test reports (Ess. Req.)Risk analysisLabel & user information (translationProduction controlManufacturing process informationFinal test reports> Quality Assurance system for:design, process and/or final testRisk classification18 classification rules:External / internal the bodyDuration: 1 hour / 30 days / long-termLocation in the body:central circulatory or nervous systemTherapeutic / diagnosticAdminister energy / substances (medicines)Active / non-activeSterile or measurement functionSpecial devices (i.e. blood-bagsIt means that initially organization preparing technical file carry out risk analyze based on risk classification
7 CE Marking Medical Devises Assessment Risk classesLow riskclass I: i.e. non - invasiveMedium risk (low danger)class IIa: i.e. invasive - short (60 min - 30 days)Medium risk (hazardous)class IIb: i.e. invasive - long (> 30 days)High riskclass III: i.e. contact vital organ important for the assessment procedure only!Conformity proceduresdepends on:Risk classification;Availability of informationQuality system implementation / certificationSuppliers and sub-contractorsManufacturer decisionAnd after that notification body defines the assessment scheme based on risk classes.It should be also true for product certification.
8 ISO 31000 – base for management system integration QMSISO 14001EMSOHSAS 18001OHSSISOICMSISO50001EEM…and basis for management system integration. The assessment services enable business to deploy simple yet well-geared tools for continually assessing process performance quality, environment, OH&S, food safety, information security, energy managementAFNOR Certification draws on unparalleled expertise in the audit sector to offer businesses an assessment services package.. AFAQ 1000 NR assessments cover the complete business management system end-to-end, targeting the company's ability to efficiently deploy their vision and sustainable development objectives.In addition to quality, safety and environment management certifications, AFNOR Certification has also engineered a performance assessment solution. This assessment solution enables AFNOR Certification to issue customers with a scheduled assessment as groundwork to a full-blown certification audit. This solution involves a snapshot taken at time T to assess the management system in terms of all-round conformity or level of maturity.All AFNOR Certification assessments factor in the customer's values, corporate culture, core activities and business objectivesISO Risk-management
9 ISO 14001/OHSAS 18001 Risk analyses Actual dataDrainage systemsDumping contentSpecificationNormsPublic expensesCarrying-awayPenalty chargesReviewActivitiesProductionServicesProcessesEcology and OH&S significancePrevious and current actionsEcology aspects – risks for environmentHazards – risks for healthThough risk is not the mandatory requirement of ISO 14001,Business concernsStakeholder expectations - shareholders expect minimum environmental liability and regulators expect regulatory compliance.Regulatory requirements - specify discharge standards and management practices.Public perception - effect on public image of the organizationIndustry leading practices - Chemical Industry Association Responsible Care, optional standards & codes of practices.Abatement costs - costs of changing/reducing the impact.Production - effect of changing/reducing the impact on other activities and processes.and Environmental concernsRelative contribution - contribution of factor compared to local/regional/ global contribution.Scientific evidence - no evidence of effects of CFCs in the 1970s whilst now there is evidence, over time scientific evidence may support further effects.Sensitivity of receiving environment - quality and use of surface water into which you are discharging and speed at which environment recovers from impact. Temporal and spatial variations affecting sensitivity.Scale of impact - graphical scale of impact e.g. local, regional, global.Probability of occurrence - likelihood of impact occurring e.g., high, medium, low - this is important for abnormal and emergency activities.Duration of impact - length (temporal) of impact (including whether impact is reversible).Make it’s application quite sensible and cost profitable.
10 ISO/14001/OHSAS 18001 PLANNING Policy Management Objectives programs RiskAssessmentRisk assessments is mandatory requirement in OHSAS 18001:2007, it is also legislation requirement in many countries and it means that organization should use results of risk assessment for management programs.Legislation
11 Risk = Threat x Vulnerability x Value Information security risksExploitVulnerabilitiesThreatsExposeProtect AgainstIncreaseIncreaseAssetsControlsRisksIncreaseReduceHaveIndicateMet byAsset ValuesSecurityRequirementsThe same concerns for risks in information security, which is also one of he main conditions of business community. Asset values could be used in three dimensional calculation additionally to size and likelihood of threats.Potential Impact on BusinessRisk = Threat x Vulnerability x Value
12 ISO 22000/HACCP risks Biological Physical Chemical Dangerous factors BacteriaMold fungiYeast fungiProtozoaPeoplePlantsPremisesEquipemnPackagingVerminRemainsContactsContaminationsBiologicalPhysicalChemicalThe most number of sector’s standard such as medicine or food industry contain risk assessment as mandatory requirement.
13 insignificant serious critical catastrophically Risk matrixfrequentlylikelyrandomlyunlikelyimpossibleincredibleinsignificant serious critical catastrophicallyFrequency occurrenceBoundary zoneUnacceptablezoneAcceptable zoneThe usual method ranking frequency occurrence and damage degree is quite understandable and practically effective.Damage weight
14 Preparing the audit QES Risk activity classification EA SECTORIAL SKILLS/EA CODESQualityEnviron- mentSafetyExceptions1dFishingNormalHighQ- H for fish products3Food products, beverage & tobaccoNQ – H for meat, dairy, child food17bPressure VesselsH25Production & distribution of electricityQ - H if nuclear hydraulic, thermalH - if basic nuclear installation28aConstruction, civil engineering
15 Preparing the audit Allocation of audit team NormalHighLA on his/her ownGeneralist (or specialist)Qualified on the scope of competence concernedSpecialistAudit teamOne of the auditors is qualified on the scope of competence concernedOne of the auditors is qualified on the scope of competence
16 Conducting the audit. Finding results Non-conformity - failure to satisfy a standard requirement affecting the organisation introducing a proven risk of recurring or unique non respect of a specified requirementThe risks to be taken into account concerned are as follows:In quality, they mainly concern Clients.In health and safety, they mainly concern Staff.In environment, they mainly concern the Community in a broad sense.Minor Non Conformity - failure to satisfy a requirement of the reference criteria affecting the organisation, not leading to a significant risk of non respect of a specified requirement.System Weakness - Element of the Management System, upon which audit evidence shows that the organisation risks no longer reaching the reference criteria requirements, in the short or long term.
17 Conducting the audit Documented report Nonconformity ReportOrganisation: XXXXX - Audit: [02/2009]Minor N° 01Nonconformity notedRequirement reference – Standard clause number or procedure reference ISO 9001:Evidence: Findings results.Description of nonconformity / System NC:Lack of identification system for pre-cast concrete units at production stages (marking and cutting of reinforcingsteel, assembling and welding of carcasses, concreting in forms, warehousing and delivering).Risk (client/product/process/system): Inequality, for productionb processes.Sites concerned: Reinforcing workshop, assembling workshopExecutive Summary of StrengthsCustomers / BusinessProcedures - organisation – business line – operational expertiseLearning Curve – resources – continuous improvementsObserved best practices Strong pointsExecutive Summary of WeaknessesIdentified risk –Impacts of the management systemWeak pointsIdentified opportunities for improvementTechnical aspects of the auditExclusions - Outsourcing – JustificationsRequirements linked to regulations and legislation:Handling of client complaints
18 AFAQ 100NR Sustainable development. Integration of three spheres Well-being of peopletaking health into accountrespect people (diversity)considering employee as a stakeholdermanage relations with Unions, government representatives, neighbourhoodAccess to new markets,share the added value,earn money,increase stakeholders confidence,minimize risks,attract investors,Innovate, find new valuessocial corporate investmentsSocialEconomyEnvironmentSustainableRespect the environmentUse clean technologytake biodiversity into accountEco designWastes, recyclingRe useWhat is sustainable development?Forward-thinking sustainable development solutions, spanning both the investment input and potential opportunities output, have now been scaled and quantified. The solutions are tailored to word from the business world. From an ethical, environmental and social responsibility stance, sustainability is set to be a mid-term factor driving increased turnover, lower expenditure, and better growth in profitability.The AFNOR is one of the leading protagonists in the area. The AFNOR is part of the team responsible for the upcoming market release of standard ISO 26000, which is set to mark the same kind of revolutionary step forward as ISO 9001 was for quality and ISO for the environmentDevelopment that responds to current needs without compromising the capacity of future generations to respond to theirs.Two concepts are inherent to this notion:• the concept of “needs”, in particular the essential needs of the world’s poor to which overriding priority should be given;• the idea of the limitations imposed by the state of technology and social organization on the environment’s ability to meet present and future needs.”Brundtland Report: “Our Common Future” 1987
19 Ecological footprint and human development indicator High HDI levelDamaged environmentDeveloped economyUnder-developed economyProtected environmentSustainabledevelopment12345678910Ecological footprint (ha / inhabitant)Needs of future generations0,10,20,30,40,50,60,70,80,911Human development indicator –HDINeeds of current generationsLevel of ecological sustainabilitySource: Aurélien Boutaud, ENSMSE, RAEE
21 Risk and sustainable development Sustainable development improvements are compatible with the goals of risk assessment: to protect nature, human health while maintaining sustainable forms of economic development.The concept of sustainable risk suggests that cost-benefit analysis can also be applied to a broader economic development issue,The burden on future generations shall be minimized by- selecting disposal options for radioactive wastes which do not rely on long-term institutional controls as a necessary safety feature;- implementing these disposal options at an appropriate time, technical, social, and economic factors being taken into account;ensuring that there are no predicted future risks to human health and environment that would not be currently acceptedMichael D. MehtaFrom its inception, the concept of environmental sustainability meant considering the economic impacts of decisions on resource use and allocation. It implies that economic instruments like emissions credits and shadow pricing mechanisms makes environmental stewardship more profitable for some industries, improves the health and well-being of ecosystems and humans overall, and stimulates the impetus for greater social and economic equity. These improvements are compatible with the goals of risk assessment; namely, to protect human health while maintaining sustainable patterns of economic development. Although risk assessment is not normally understood in this way, it is essential that the links with sustainable development be made stronger (or more obvious) in order to promote better, fairer (equitable), and more timely environmental policy
22 1. Strategic approach and managerial practices AFAQ 1000NR: Measure your responsible strategic approach today to prepare for tomorrowAssessment1. Strategic approach and managerial practices2. Results1.1 Vision and strategy1.2 Managing the strategic approach1.3 Modes of production, consumption and sustainability of products1.4 Territorial involvement1.5 Managing human resources2.1 Environmental results2.2 Social results2.3 Economic results
23 AFAQ 1000NR assessment criteria Criterions1.1.4 The company determines its significant issues based especially on the identification of risksThe information and data on products, activities and the system are analyzed and used: risk data in the economic, social and environmental fields are identified and used1.4.1 The company integrates the characteristics of its territory in its risk analysis2.1.4 Biodiversity : habitats are located in zones affected by the activities, listed by level of risk of extinction2.2.6 Human rights: activities identified as presenting a significant risk of incidents2.2.7 Civil society: percentage and total number of strategic business areas analyzed for the risks related to corruption.2.3.1 Economic performance: financial implications and other risks and opportunities for the organisation’s activities as a result of climate change1. Strategic approach and managerial practices1.1 Vision and strategy1.2 Managing the approach1.4 Territorial presence2. Results2.1 Environmental results2.2 Social results2.3 Economic results
24 E-mail: email@example.com RESUMERisk management in conformity assessment helps to ensure confidence for products and systems and to minimize risks for today business and customers taking into account the needs of future generations.Thanks for attention!