4.1.1 General

The organization shall plan, establish, document, implement, and maintain at all times a quality management system in accordance with the requirements of this specification for product provided within the scope defined by the organization. The organization shall measure and improve the effectiveness of the quality management system.

Section 4.1.1 of API Specification Q1 outlines the foundational requirements for establishing a quality management system (QMS) within an organization involved in the petroleum, oil, and gas industries. This section is pivotal as it sets the stage for the comprehensive framework that organizations must adopt to ensure quality management and compliance with the standard. Below are the detailed requirements specified in section 4.1.1:

• Organizations are required to define, document, and implement a QMS that is appropriate to the scope of their operations. The QMS should be tailored to ensure the quality of products and services and to meet or exceed customer expectations alongside complying with legal and regulatory requirements.
• The QMS must be structured in such a way that it not only ensures the effective implementation of necessary processes but also supports the continual improvement and effectiveness of these processes.
• The QMS should be suitable for the organization, must reflect the complexities of the organization’s processes and interactions, and should be continually improved upon to ensure ongoing suitability and effectiveness.
• The QMS must ensure that the products and services conform to specified requirements established by customers and regulatory bodies.
• Although not explicitly detailed in every rendition of API Q1, integrating a risk-based approach to the QMS processes is essential to anticipate and address potential risks and opportunities, aligning with more recent perspectives on quality management systems.

This section essentially ensures that an organization’s QMS is comprehensively defined and documented. The emphasis is on a system that is not only compliant with specified standards but also effective in meeting customer and regulatory requirements, with mechanisms for continual assessment and improvement. The criteria laid out in Section 4.1.1 are crucial because they form the basis for all further specifications and requirements in API Spec Q1. This section ensures that organizations have a solid foundation upon which to build more specific procedures and controls related to product quality, safety, and reliability in the oil and gas industry.

The organization shall plan, establish, document, implement, and maintain at all times a quality management system in accordance with the requirements of this specification for product provided within the scope defined by the organization.

Planning a Quality Management System in accordance with the requirements of API specification Q1 for products provided within the scope defined by the organization.

Planning a Quality Management System (QMS) in accordance with API Specification Q1 involves a structured approach tailored to ensure the products and services provided meet the quality standards required in the oil and gas industry. This process involves several key steps, from defining the scope of the QMS to ensuring that it is adequately resourced and capable of achieving its intended outcomes. Here’s how an organization can plan a QMS in line with API Spec Q1:

• Identify Products and Services: Clearly delineate which products and services are included within the QMS and outline the operations related to their design, development, production, delivery, and servicing.
• Consider Regulatory Requirements: Understand and integrate all applicable statutory, regulatory, and customer requirements that are relevant to the products and services being offered.
• Internal and External Context: Evaluate both the internal and external factors that can impact the effectiveness of the QMS. This includes market conditions, customer requirements, technological advances, and competitive realities.
• Risk and Opportunity Assessment: Analyze risks and opportunities associated with product quality and compliance. This step is crucial for anticipating potential challenges and planning mitigative actions.
• Quality Objectives: Set clear, measurable quality objectives that align with the business strategy. These should be designed to meet customer and regulatory requirements and to drive continuous improvement.
• Quality Policy: Formulate a quality policy that reflects the organization’s commitment to quality and its objectives. This policy should be communicated across the organization and understood by all employees.
• Identify Key Processes: Identify and map out all key processes needed to achieve quality objectives, including procurement, production, quality control, and customer service.
• Process Interactions: Understand how these processes interact and impact each other. A well-defined process interaction map can help in visualizing and managing process flows.
• Human Resources: Determine the competencies required for staff involved in key quality-related roles and plan for training, development, and recruitment accordingly.
• Infrastructure and Environment: Assess the infrastructure and work environment needed to achieve conformity to product requirements and plan improvements if necessary.
• Technology and Information Systems: Evaluate the need for technological upgrades or new information systems that can enhance quality and process efficiency.
• Document Control Systems: Plan for a robust document control system that ensures all necessary documents are up-to-date, accessible, and secure.
• Record Keeping: Define procedures for maintaining records that demonstrate the QMS meets quality requirements and regulatory compliance.
• Performance Indicators: Develop key performance indicators to monitor process effectiveness and product quality.
• Audit and Review: Plan for regular internal and external audits to assess the QMS’s effectiveness and compliance with API Spec Q1. Also, include periodic management reviews to ensure continual improvement.
• Integration into Business Practices: Integrate quality management processes into the broader business practices to ensure that quality is maintained as a core business focus.

By following these steps, an organization can plan a robust and effective Quality Management System that not only complies with API Specification Q1 but also enhances overall operational efficiency and product quality. This strategic approach ensures that the QMS is not merely a compliance exercise but a vital component of the organization’s success in the competitive oil and gas industry.

Establishing a Quality Management System in accordance with the requirements of API specification Q1 for products provided within the scope defined by the organization.

Establishing a Quality Management System (QMS) in accordance with API Specification Q1 involves a methodical approach to ensure that the products and services provided by an organization in the oil and gas industry meet strict quality standards and customer requirements. Here is a comprehensive guide on how to establish a QMS based on API Spec Q1:

• Identify Products and Services: Clearly define which products and services are covered by the QMS. Include aspects such as design, manufacturing, procurement, testing, and delivery.
• Establish Boundaries: Determine the physical and organizational boundaries of the QMS, specifying which departments and processes are included.
• Management Commitment: Secure commitment from top management for developing, implementing, and continuously improving the QMS. This involves the allocation of necessary resources and leadership support.
• Quality Policy: Draft and implement a quality policy that reflects the organization’s commitment to quality and meets the requirements of API Spec Q1. The policy should be communicated to and understood by all employees.
• Quality Manual: Create a quality manual outlining the QMS’s structure and compliance with API Spec Q1. It should detail the scope of the QMS, policies, process interactions, and document control procedures.
• Documented Procedures and Work Instructions: Develop documented procedures required by API Spec Q1, which typically include handling non-conformances, corrective actions, and risk assessment methodologies. Ensure all documentation supports the operational needs and compliance requirements.
• Risk Identification: Identify risks associated with each process and product conformity. Use tools such as SWOT analysis, Failure Mode and Effects Analysis (FMEA), or other industry-specific methodologies.
• Risk Management: Develop strategies to mitigate identified risks, including preventive controls, to ensure product quality and compliance.
• Process Mapping: Outline and map all critical processes that affect product quality. Define how these processes interact and establish clear input and output requirements.
• Control Plans: Develop control plans for critical processes that detail monitoring, verification, and process controls. This ensures each process is capable of achieving its intended results.
• Human Resources: Define roles, responsibilities, and competencies for personnel involved in the QMS. Implement training programs to enhance skills and awareness of quality standards.
• Infrastructure and Work Environment: Ensure the work environment supports product requirements. This includes facilities, equipment, and support services necessary for the QMS.
• Employee Engagement: Foster a quality culture where all employees are engaged and motivated to achieve quality objectives. Promote open communication and feedback on process improvement.
• Continuous Training: Regularly conduct training and competency evaluations to ensure employees are proficient in quality management practices and understand their role within the QMS.
• Performance Indicators: Set up key performance indicators (KPIs) to track the effectiveness of each QMS process. Monitor these indicators to identify areas for improvement.
• Audits and Reviews: Schedule regular internal audits to assess compliance with API Spec Q1 and the effectiveness of the QMS. Use audit results to drive management reviews and continuous improvement efforts.
• Management Review: Conduct periodic management reviews of the QMS to ensure its continuing suitability, adequacy, and effectiveness. Address any changes in external and internal issues that affect the QMS.
• Continuous Improvement: Implement continuous improvement mechanisms based on performance data, audit outcomes, corrective actions, and management reviews.

Establishing a QMS as per API Spec Q1 requires thorough planning, dedicated resources, and ongoing commitment from all levels of the organization. It is a dynamic system that evolves with the organization and its operational environment, striving always to enhance customer satisfaction and comply with industry regulations.

Documenting a Quality Management System in accordance with the requirements of API specification Q1 for products provided within the scope defined by the organization.

Documenting a Quality Management System (QMS) according to API Specification Q1 is a critical component for organizations in the oil and gas industry, ensuring that all aspects of the QMS are clearly defined, controlled, and executed consistently. Effective documentation not only supports compliance and operational efficiency but also facilitates communication, training, and continuous improvement. Here’s a step-by-step guide on how to document a QMS in accordance with API Spec Q1:

1. Develop a Quality Manual
   Scope of the QMS: Clearly define the scope of the QMS, outlining the products and processes it covers.
   Exclusions: Justify any exclusion from the QMS requirements and explain how these exclusions do not affect the organization’s ability or responsibility to ensure the quality of its products.
   Documented Procedures and Process Interactions: Describe the sequence and interaction between the processes of the QMS.
2. Document Control Procedures
   Control of Documents: Establish procedures for approving, reviewing, updating, and retracting documents. Ensure all changes and revisions are logged and traceable. Documents must be readily available to those who need access and protected from unintended use.
   Control of Records: Define how records are identified, stored, protected, retrieved, retained, and disposed of. Ensure records provide evidence of conformity to requirements and the effective operation of the QMS.
3. Create Documented Procedures
   Critical Procedures: Depending on the nature of the business, typical procedures documented might include handling of customer requirements, design and development, procurement, production, non-conformance, corrective actions, risk assessment and management, and internal audits.
   Work Instructions: For each critical process, especially in areas like manufacturing or testing, develop detailed work instructions that describe how specific tasks should be performed to meet quality standards.
4. Define Quality Objectives and Policies
   Quality Policy: Document a quality policy that reflects the organization’s commitment to quality and its objectives. The policy should be communicated and accessible to all employees.
   Quality Objectives: Establish specific, measurable quality objectives at relevant functions and levels. Document how these objectives contribute to achieving the quality policy.
5. Process Documentation
   Process Maps and Flowcharts: Use visual tools like flowcharts and diagrams to document process flows. These tools help in understanding process inputs, outputs, controls, and interactions.
   Risk Management Documentation: Document how risks are identified, evaluated, and controlled. This includes methodologies, tools, and data used in risk assessments.
6. Operational Documentation
   Specifications and Standards: Document all technical specifications and standards that apply to the products and services, detailing how these are incorporated into design and production processes.
   Change Management: Document procedures for managing changes in processes, products, or the QMS itself, ensuring that all changes are controlled and verified.
7. Training Records
   Employee Competence: Document procedures for assessing, maintaining, and improving employee competence. Keep records of training sessions, skills assessments, and qualifications relevant to employees’ roles.
8. Audit and Review Documentation
   Internal Audits: Document procedures for conducting, reporting, and following up on internal audits. This should include audit frequency, methods, responsibilities, and information on how audit results are used for improvement.
   Management Reviews: Document procedures for management reviews, including scheduling, agenda, review inputs, expected outcomes, and follow-up actions.
9. Performance Monitoring and Improvement Documentation
   Performance Data: Document how performance data is collected, analyzed, and used for decision-making. Include details on key performance indicators, data analysis techniques, and reporting formats.
   

Effective documentation ensures that every aspect of the QMS is transparent, traceable, and transferable. It is a foundational component that supports consistent implementation of quality practices and enhances the organization’s ability to achieve and maintain compliance with API Spec Q1.

Implementing a Quality Management System in accordance with the requirements of API specification Q1 for products provided within the scope defined by the organization.

Implementing a Quality Management System (QMS) by API Specification Q1 involves several critical steps to ensure that the system not only complies with the standard but also effectively enhances product quality and organizational efficiency. Here is a detailed guide on how to implement a QMS as per API Spec Q1, tailored for organizations in the petroleum, oil, and gas industries:

1. Management Commitment and Leadership

• Secure Commitment: Begin by securing a strong commitment from top management. This involves management defining and promoting the organization’s quality policy, ensuring it aligns with the business objectives and committing necessary resources for the QMS implementation.
• Leadership Engagement: Ensure leaders at all levels are engaged and take accountability for their role within the QMS, fostering a culture that promotes meeting customer requirements and continuous improvement.

2. Define Organizational Roles, Responsibilities, and Authorities

• Clear Definitions: Clearly define roles, responsibilities, and authorities for personnel involved in managing, performing, and verifying work that affects quality performance.
• Communication: Establish effective internal communication processes to ensure QMS processes are understood, implemented, and maintained across all levels of the organization.

3. Develop and Document the QMS

• Documentation: As per API Spec Q1, document all core processes of the QMS including scope of the system, procedures, and interactions between processes. This documentation should include the quality manual, process maps, work instructions, and procedures for addressing non-conformances and corrective actions.
• Control of Documents: Implement a process for document control that ensures all necessary documents are appropriately approved, communicated, and regularly reviewed.

4. Process Design and Implementation

• Identify Processes: Identify and outline all key processes that impact the quality of products and services. This includes design, purchasing, manufacturing, inspection, and testing processes.
• Process Management: For each process, establish detailed instructions and criteria, assign responsibilities, and determine necessary resources. Define how these processes interact with each other.

5. Resource Management

• Provide Resources: Allocate suitable resources, including human resources, infrastructure, and work environment, needed to maintain the integrity of the QMS and achieve product conformity.
• Employee Competence: Ensure all personnel are competent based on education, training, skills, and experience. Provide training and keep records of competence.

6. Product Realization and Planning

• Customer Requirements: Clearly define and understand customer requirements and product specifications. This includes establishing criteria for acceptance and delivery.
• Design and Development: Plan and control design and development stages, if applicable, ensuring validation, verification, and monitoring of design changes.

7. Risk Assessment and Management

• Risk Analysis: Conduct risk assessments for each critical process to identify potential risks to quality and compliance. Implement appropriate measures to manage and mitigate these risks.
• Continual Risk Evaluation: Regularly review risk management strategies and effectiveness in the context of changes in processes, technologies, or market conditions.

8. Monitoring and Measurement

• Inspection and Testing: Implement monitoring and measuring activities required for the verification of compliance with specified requirements, including raw materials, in-process materials, and final products.
• Data Analysis: Analyze data obtained from monitoring activities to identify opportunities for improvement.

9. Internal Audit and Management Review

• Conduct Audits: Schedule and conduct internal audits to assess the effectiveness of the QMS and compliance with API Spec Q1.
• Management Review: Regularly review the performance of the QMS by top management to ensure its continuing suitability, adequacy, and effectiveness. Address potential changes and improvements.

10. Continual Improvement

• Improvement Initiatives: Use the outcomes of data analysis, internal audits, corrective actions, and management reviews to drive continual improvement of the QMS. Implement changes necessary to meet customer requirements and enhance overall performance.

11. Handling Non-Conformities and Corrective Actions

• Non-Conformance Processes: Develop procedures to identify, document, and handle non-conformities, including implementing corrective actions to prevent recurrence.

By following these steps and adhering to the principles and requirements of API Spec Q1, organizations can ensure their QMS is robust, compliant, and effective in delivering high-quality products and services in the petroleum, oil, and gas industries. This systematic approach helps not only in maintaining product quality and safety but also in fostering a culture of continuous improvement and customer satisfaction.

Maintaining a Quality Management System in accordance with the requirements of API specification Q1 for products provided within the scope defined by the organization.

Maintaining a Quality Management System (QMS) in accordance with API Specification Q1 requires ongoing effort to ensure the system remains effective and continues to improve over time. This involves regular monitoring, evaluation, and updating of the QMS to address changes in technology, business environment, customer requirements, and regulatory standards. Here’s how an organization can maintain a QMS as per API Spec Q1:

1. Management Commitment

• Continued Support: Secure continued commitment from top management for the maintenance and improvement of the QMS. Management should regularly review the QMS to ensure its alignment with the strategic goals of the organization and compliance with API Spec Q1.
• Provide Resources: Ensure that sufficient resources are allocated for the operation, monitoring, and improvement of the QMS. This includes staffing, training, tools, and financial resources.

2. Regular Monitoring and Measurement

• Performance Indicators: Utilize key performance indicators (KPIs) to assess the effectiveness and efficiency of QMS processes. These should include metrics related to product quality, customer satisfaction, process performance, and compliance.
• Process Audits: Conduct regular internal audits to check the conformity of processes to the established QMS requirements. Audits also help in identifying areas for improvement.

3. Management Review

• Scheduled Reviews: Organize periodic management reviews of the QMS to assess its continuing suitability, adequacy, effectiveness, and alignment with the strategic objectives of the organization.
• Review Inputs: Include the status of actions from previous management reviews, changes in external and internal issues that affect the QMS, and feedback from customers.
• Review Outputs: Decisions and actions related to improvements in the QMS, resource needs, and opportunities to change the QMS, including adjustments to quality objectives.

4. Employee Training and Competence

• Ongoing Training: Regularly evaluate and update training programs to ensure that all employees understand their role in the QMS and are competent to perform their duties. This is crucial for maintaining the integrity of the QMS.
• Skill Updates: As technologies and methods evolve, update the required skills and competencies accordingly. Provide training and cross-training to fill any gaps.

5. Document Control

• Document Updates: Ensure that all QMS documentation is periodically reviewed and updated to reflect current practices and compliance requirements. This includes the quality manual, process documentation, and standard operating procedures.
• Control of Records: Maintain comprehensive records to demonstrate conformity to requirements and the effective operation of the QMS. Ensure that records are readily available for analysis and review.

6. Risk Management

• Continuous Risk Assessment: Continuously identify and assess risks associated with processes and quality objectives. Update risk mitigation measures based on findings from performance data and audits.
• Proactive Measures: Implement proactive measures to address potential risks before they impact the QMS or product quality.

7. Corrective and Preventive Actions

• Nonconformity Handling: Implement and maintain procedures for dealing with nonconformities, including investigation, actions to prevent recurrence, and evaluation of the effectiveness of those actions.
• Improvement Actions: Use data from audits, nonconformities, and management reviews to drive continual improvement initiatives across the organization.

8. Customer Feedback

• Feedback System: Maintain a robust system for gathering and analyzing customer feedback. Use this information to improve product quality and customer service.
• Customer Satisfaction: Regularly assess customer satisfaction to identify areas where the QMS can be enhanced to better meet customer needs and expectations.

9. Continuous Improvement

• Improvement Projects: Initiate continuous improvement projects to enhance the effectiveness of the QMS and increase efficiency across processes. Use lessons learned to foster a culture of improvement.

By following these steps, an organization can maintain a robust QMS that not only complies with API Specification Q1 but also drives continual improvement and sustained customer satisfaction. Regular evaluation, coupled with a proactive approach to addressing potential issues, ensures that the QMS remains effective and relevant to the organization’s needs and objectives.

The organization shall measure and improve the effectiveness of the quality management system.

Measuring and improving the effectiveness of a Quality Management System (QMS) are crucial aspects of maintaining compliance with standards such as API Specification Q1 and ensuring the organization continually meets customer and regulatory requirements. Here are the key strategies and methods that organizations should implement to measure and enhance their QMS effectively:

1. Define Measurable Objectives
   Quality Objectives: Establish clear, measurable objectives at relevant functions and levels throughout the organization. These objectives should align with the quality policy and be designed to enhance customer satisfaction and product quality.
   Specific Metrics: Develop specific metrics that reflect performance relative to those objectives. These might include product defect rates, customer satisfaction scores, on-time delivery rates, or internal audit results.
2. Regular Monitoring and Measuring
   Process Performance: Regularly monitor and measure the performance of various processes within the QMS. This could involve checking the efficiency of production processes, the accuracy of product testing, and the effectiveness of service delivery.
   Product Quality: Use quality control tools and techniques, such as statistical process control, to monitor and ensure product quality continuously. This data helps in identifying trends and potential areas of improvement.
3. Internal Audits
   Scheduled Audits: Conduct regular internal audits to assess the QMS against the set quality objectives and compliance with API Spec Q1. These audits help identify inconsistencies, areas of non-conformance, and opportunities for improvement.
   Audit Results: Utilize audit findings to initiate corrective actions and refine QMS processes. This proactive approach helps in maintaining compliance and enhancing system effectiveness.
4. Management Review
   Regular Reviews: Hold management reviews at planned intervals to ensure the continuing suitability, adequacy, and effectiveness of the QMS.
   Review Inputs: Include data on process performance, outcomes of audits, customer feedback, the performance of external providers, the status of preventive and corrective actions, follow-up actions from previous management reviews, changes that could affect the QMS, and recommendations for improvement.
   Actionable Outcomes: Decisions and actions coming out of these reviews should focus on resource needs, changes to policies or objectives, and improvement strategies.
5. Customer Feedback and Satisfaction
   Feedback Collection: Implement a system for collecting and analyzing customer feedback. This could include surveys, customer service logs, and direct customer communications.
   Customer Satisfaction: Analyze feedback to gauge customer satisfaction levels and identify areas needing improvement. Responsive actions should aim to address any issues raised by customers.
6. Corrective and Preventive Actions
   Systematic Approach: Establish a systematic approach to handling nonconformities, including investigating the root causes, implementing corrective actions to prevent recurrence, and monitoring the effectiveness of those actions.
   Preventive Measures: Analyze data and trends to identify potential issues before they occur and take preventive measures to mitigate risks.
7. Continuous Improvement
   Improvement Initiatives: Encourage a culture of continuous improvement within the organization. Use tools like Six Sigma, lean methodologies, or Kaizen to enhance process efficiency and effectiveness.
   Innovation and Updates: Stay abreast of technological advancements or changes in industry standards that could improve the QMS. Implement these changes where applicable to maintain competitive advantage and compliance.
8. Training and Development
   Ongoing Training: Provide ongoing training and development to ensure employees are competent and knowledgeable about QMS requirements and improvements.
   Skill Enhancement: Regularly assess and enhance the skills of employees to keep pace with changes in technology, processes, and standards.
   

Implementing these practices ensures that the QMS remains effective, compliant, and aligned with business goals. Through regular assessment and adaptation, organizations can achieve higher levels of product quality and customer satisfaction, thereby maintaining their competitive edge in the market.

0. Introduction

0.1 The Company

// Include your company profile

 0.2 Products & Services

// Include your company’s product and services

1.    SCOPE

This is the official quality management system manual of XXX. It describes the approach, structured to comply with the ISO 29001:2020 Quality management system (QMS). This system applies to all activities and operations performed at XXX. Through this Quality management system XXX,

1.  Demonstrates the ability to provide consistently products and services that meet customer and applicable statutory and regulatory requirements
2.  Aims to enhance customer satisfaction through the effective application of system, including processes for improvement of the system and assurance of conformity to customer and applicable statutory and regulatory requirements
3.  To have a systematic approach to environmental management that will provide information to build success over the long term and create options for contributing to sustainable development, the organization and interested parties.

2. NORMATIVE REFERENCES

Documents related to this integrated management system manual include:

• ISO 29001:2022, Petroleum, petrochemical and natural  gas industries — Sector-specific quality management systems —  Requirements for product and service  supply organizations
• Annex 001 of QMS manual Quality policy statement
• Annex 002 of QMS manual Process interaction chart
• Annex 003 of QMS manual Organization chart,
• Annex 004 of QMS manual QMS  Objectives (A, B and C)
• Annex 005 of QMS manual Scope document

3 TERMS AND DEFINITIONS

Quality management system: a set of interrelated and coordinated activities to direct and control an organization with respect to quality. The advantages of conducting an quality management system approach are:

• Providing a framework for continual improvement to increase the probability of enhancing customer satisfaction and the satisfaction of other interested parties.
• Ensuring that the service level provided by the company satisfies customers’ stated and implied needs.
• The implementation of such system will lead to minimizing non-conformity level and eliminating their causes.
• Increasing the potential for improvement of the organization.

Note: A Management system is a set of interrelated elements used to establish policy and objectives and to achieve those objectives. A management system includes organizational structure, planning activities (including for example, risk assessment and the setting of objectives) responsibilities, practices procedures, processes and resources.

• Integrated management system manual: a document specifying the quality, health, safety and environmental management system of an organization. The integrated management system manual is an overall controlling document that contains full reference to all supporting operational procedures that describe the routine functioning of each department within QBC.
• QHSE policy: the overall intentions, objectives, and directions of an organization related to quality, health, safety and environmental management system.
• Quality plan: specification of the procedures and associated resources to be applied when and by whom to a specific object.
• Resources: all needed requirements that enable the organization to fulfil all the client’s requirements.  Resources could be one of 4 M’s: Material, Manpower, Machines, and Money.
• Procedure: documentary instructions to the operation of the related integrated management system of the standards and defining responsibilities and activities for the operations.
• Internal Audit: Systematic, interdependent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the environmental management system audit criteria set by the Organization are fulfilled
• Infrastructure: Organization (system) of facilities, equipment and services needed for the operation of an organization
• Incident: Work related event(s) in which an injury or ill health ( regardless of severity ) or fatality occurred or could have occurred
• Improvement: Activity to enhance performance
• Non Conformity: Non fulfilment of requirement
• Performances: Measurable results of an organization’s management of Risk (in terms of all applied standards)
• Risk : Effect of uncertainty
• Validation: Conformation, through the provision of objectives that the requirements for the specific intended use or application have been fulfilled

4.0 CONTEXT OF THE ORGANIZATION

4.1 Understanding the organization and its context

XXX reviews and analyses the key aspects of itself and its stakeholders to determine the strategic direction of the organization. Internal and external issues that make impact on the XXX’s core business process and its stakeholder’s interest are taken into consideration, monitored and implemented. Changes in the market, technologies, laws, regulations, economy, government policies competitors, cultural and social responsibilities, are also being taken into consideration while carrying out business operation, by:

• Understanding our core products and services, and scope of management system
• Maintaining a Register for the internal and external issues determined by XXX which is reviewed annually.
• Identifying “interested parties” (stakeholders) who receive our (Products or Services), or who may be impacted by them, or those parties who may otherwise have a significant interest in our organization’s business. These  interested parties are identified during the management system risk assessment process  

Note: Outsourcing of activities are strictly controlled and ensured that the requirements of the product and QA/QC requirements of the XXX are maintained throughout the product manufacturing lifecycle.

Ref: Risk assessment (PR 002)

4.2 Understanding the needs and expectations of the interested parties

Understanding needs and expectations of the interested parties are of key concern to XXX and have ensured through regular meeting with relevant section managers to clearly understand who they are and how they can affect the organizational ability to consistently perform.  For this XXX,

•  Maintains a register for determining who are the relevant interested parties  and are monitored in regular frequency (annex to the risk assessment procedure)
•  Regularly updates the needs and expectations of the interested parties so that they are clearly understood and met
•  Where applicable to be added as legal and other requirements the respective process owners shall inform the management and update it.

This information is then used by the top management (General Manager) to determine the XXX’s strategic direction. This is defined in records of management review, and periodically updated as conditions and situations change.

Ref: Risk assessment (PR 002)

4.3 Determining the scope of the QMS

Based on an analysis of the above issues of concern, interests of stakeholders, and in consideration of its products and services, XXX has determined the scope of the management system. The QMS is structured to provide a robust, comprehensive, and a continuously improving management system in a manner that ensures customer satisfaction, an improved Quality performance. For determining the scope the organization, has considered

1. the external and internal issues
2.  the requirements relevant to the interested parties
3.  the products and services of the organization,
4.  the works related activities performed
5.  organizational functions and physical boundaries
6.  the compliance obligations
7.  Its authority and ability to exercise control and influence

The scope the QMS for XXX is documented below,

• …………………………………………………………………………………………………………………………………………………..
• ……………………………………………………………………………………………………………………………………
• ……………………………………………………………………………………………………………………………………
• ……………………………………………………………………………………………………………………………………
• ……………………………………………………………………………………………………………………………………
• ……………………………………………………………………………………………………………………………………
• …………………………………………………………………………………………………………………………………..

All the requirements given in the standards ISO 29001:2022 are applicable to the scope of XXX and same is advised to the interested parties as determine in 4.2 when requested by them.

4.4 Quality management system and its processes

The QMS has been established in line with the ISO 29001:2020 standard to implement, maintain and continually improve the effectiveness of the system as well as the business processes of XXX. For effective implementation the following has been:

Identified and determined:

1. Process flow and their sequence, major processes through process flow which are  identified in document master list;
2. All the key processes, its applications and its interactions through process interaction chart (Annex 002);
3. Aspects which have significant impact on the environment, achievable programs for continual improvement;
4. Assessed risks which have been rated as extremely high and control measures and supporting action plans as and when required.
5. Management system risk identification, determination of risk treatment and opportunities for improvement for all critical management system activities within the organization
6. Processes and documented information required to meet the requirement of interested parties.

Defined:

1. Operational criteria;
2. Policy statement, objectives and targets for quality processes;
3. Measuring and monitoring of aspects from various activities/process which have significant impact on the risk control activities, management system risk assessment and risk treatment, through various clauses of this manual, established procedures, work instructions and job descriptions;
4. Details of activities of the company through procedures, work instruction, process flows and various clauses of this manual;
5. Method of control through established documents which are listed in document master list (QMSF002);
6. Method for periodically reviewing and evaluating the quality management system, as well as to identify the opportunities for improvement;
7. Outsource processes and their controls which affect the product conformity are identified through purchasing procedure (Controls applied to externally provided services PR-008).

All the above mentioned processes are established, documented, implemented, monitored and analyzed for the performance to achieve the planned results and continual improvement of these processes as per analysis of data and management review as detailed later in this manual. The system is applicable to all the activities, product, processes and services of XXX. For adapting to changing circumstances, XXX shall be periodically reviewing and evaluating its management system in order to identify the opportunities for improvement and their implementation.

5.0 LEADERSHIP

5.1 Leadership and commitment

5.1.1 General

The XXX’s top management which includes the General Manager is committed to the implementation and development of the documented QMS and to continually improve the effectiveness of the system by:

• Taking accountability for the effectiveness of the Quality management system, including prevention of work-related injury and ill health, as well as the provision of safe and health workplaces and activities.
• Ensuring that the Quality policy statements and objectives are established for the QMS is compactable with the context of the organization and strategic direction of the organization.
• Ensuring that the integration of the QMS requirements into the business processes
• Promoting risk based thinking and process based approach
• Communicating to the company the importance of meeting the customers as well as statutory and regulatory requirements.
• Establishing and communicating the company policy to all employees in the company and explaining that satisfying the requirements of the Quality management system will lead to effective implementation of the company policy.
• Ensuring that all necessary resources whether human, financial, equipment, or material are available for efficiently conducting Quality management system tasks.
• Providing the proper training for newly hired employees as well as the available employees in order to be able to perform all job requirements and duties each in his position.
• Assuring that, where necessary, personnel have the authority to identify and record quality problems requiring resolution and analysis, or improve the applied systems and procedures after communicating them to the related department head and the management representative.
• Ensuring that there is active participation of workers in QMS system and removing any barriers or obstacles to participation.
• Initiating, recommending, and providing solutions to prevent the occurrence of non-conformance.
• Ensuring that the QMS achieves its intended results.
• Engaging, directing and supporting persons to contribute to the effectiveness of the QMS.
• Promoting and ensuring continual improvement in all the processes.
• Promoting and leading a positive culture with regards to the Quality management system.
• Protecting workers from reprisals when reporting risks and opportunities.
• Supporting all the relevant process owners and managers in their roles to demonstrate leadership and to achieve the indented result of the QMS.

5.1.2 Customer focus

XXX ensures that all the customer requirements are determined and fulfilled to meet their expectations and thereby achieving customer satisfaction. The management system is established and maintained keeping in view the further enhancement of the same by:

1. Determining requirements stated and implied by customer
2. Identifying, establishing, maintaining and updating the legal and statutory requirements those which are applicable to the activities, products or services provided.
3. Ensuring that the customers are aware of the requirements related delivery and post-delivery activities
4. Identifying the environmental aspects of its activities, which have significant impact on the environment, and informing the customer, employees and interested parties them about the significance, where required.
5. Implementation of necessary control measures to ensure that customers have a risk free product or service.
6. Providing information related to products and services through company profile.
7. Ensuring that the risks and opportunities that can affect the conformity of products and services are and the ability to enhance customer satisfaction are determined and addressed
8. Ensuring that the focus on enhancing customer satisfaction is maintained. 

5.1  Policy

5.2.1 Establishing the QUALITY policy

In XXX, the QUALITY policy has been made in line with the requirements of ISO 29001:2020. The QUALITY policy statement has been defined and published and can be found with the General Manager endorsement in the QMS manual. The top management shall establish, maintain and implement the policy based on the discussion and agreement with the process owners in considerations of the interested parties. The strategy to achieve the company policy is through the implementation and maintenance of very well established objectives, which provides a framework for implementing the Quality management system described in this manual, compliance to applicable legal and other requirements and the associated procedures. The policy statement shall be reviewed (and revised as needed) during management review to ensure the continuing suitability to the established QMS and the changing needs of the customer.

5.2.2 Communicating the QUALITY policy

Employees at all levels of the organization are expected to understand and fulfil the requirements of this policy in all of their works, related efforts and decisions. The top management shall ensure that the commitment to workers participation and consultations are documented and demonstrated. The QUALITY policy is considered as a major part of the Quality management system; accordingly it shall be reviewed for continuous suitability and its support in the strategic direction of the company. The top management have ensured that the policy is

1. Available and maintained as documented information
2. Communicated, understood and applied within the organization through effective communication, training and supervision
3. Available for relevant interested parties as applicable through brochures, manuals, websites, etc.
4. QUALITY policy statement is also included in the induction training of the new employees as well as in the QMS training, contractor’s training and process trainings conducted periodically

Ref: QUALITY policy statement (Annex 001)

5.3 Organizational roles, responsibilities and authorities

The organizational chart (in Annex 03) provides the positions of all that manage, perform and verify works affecting quality. All relevant roles are well defined in each procedure. The responsibilities, accountability and the authorities of all relevant affecting QMS, facilities and processes are defined through the

• Employment offer
• Contract agreement (Recruitment phase)
• Organization chart,
• Job descriptions
• Induction training, On job training
• Internal memos/tool box meetings
• Trainings – refreshment and development

The top management ensures that all the assigned roles have their responsibilities and authorities defined and communicated effectively.  The steps taken shall ensure that the requirements of the established Quality management system are well understood by the process owners and employees to confirm to the ISO 29001:2020 standard as well as the desired outputs from the team. The top management shall ensure that the performance of the Quality  management system and opportunities for improvement are identified and communicated to them by the process owners.  The process owners shall ensure that the objectives and performance indicators of the intended outputs are reported to the Top Management. The job descriptions of the individual are communicated through training (induction/on job), regular meetings, notice boards and work instruction. Apart from the defined responsibilities, accountabilities and authorities, respective process linkages and the interrelation of the all the organizational processes are defined in process interaction chart (Annex 02).

6.0 PLANNING

6.1 Actions to address risks and opportunities

XXX shall ensure that the risk assessment is done for the critical processes, products and services within the Quality management system. While performing the risk assessment and opportunity identification, XXX shall ensure that

1. The relevant internal and external issues related to the products and services are  considered
2. The needs and expectations of the external interested parties which affects the products and services are incorporated
3. The techniques, tools and their application for identification and assessment of risks and opportunities, and prevention and mitigation of risks are determined;
4. The sources of risk and opportunity, areas of impacts, events and their causes, and their potential consequences are determined.
5. The potential risk and opportunity by determining consequences and their likelihood are analysed ;
6. The risk and opportunity and develop controls for them are evaluated;
7. Appropriate risk treatments and opportunity realization plans are applied.

The details of the methodologies used for identification of risks and opportunities are documented in the procedure for management system Risk assessment (PR 002). Formal risk management may not be utilized in all instances; instead, the level of risk assessment, analysis, treatment and record keeping will be performed to the level deemed appropriate for each circumstance or application. XXX considers risks and opportunities when taking actions within the management system, as well as when implementing or improving the management system; likewise, these are considered relative to products and services.

Ref: Risk Assessment (PR 002).

6.2 Objectives and planning to achieve them

Objectives (Annex 04) shall be in line with the stated quality policy, measurable and monitored. The General Manager in co-ordination with the respective section manager(s) reviews and recommends, where needed, to process owners to revise the objectives in the management review meeting to ensure that the objectives are relevant to the conformity of products and services provided to the customers and serves to enhance customer satisfaction. The top management worked on establishing objectives that are extracted from XXX’s company policy. The management made sure that the objectives are:

• Consistent with the QUALITY policy statement
• Established after taking into account the applicable legal and other requirements
• SMART: Specific, Measurable, Achievable, Realistic and Timely.
• Established risks including the commitments to the prevention of injury and ill health, legal and other requirement, technological options, financial, operations and business and the views of interested parties
• Established at relevant functions and levels within the organization for achieving conformity to products and service requirements and to enhancement of customer satisfaction and are monitored through objective measurement charts.
• Planning taking into account, the applicable requirements, results of the risks and opportunities, results of consultation with workers and QUALITY representative
• These objectives shall be reviewed continuously through the management review meetings and internal audits as described in the management review procedure for suitability and updating.

While planning for achieving the objectives are met, the process owners shall determine;

• What will be done
• What resources will be required
• Who will be responsible
• When it will be completed
• How the results will be evaluated

Ref: Functional quality objectives (Appendix 04),

6.3 Planning of changes

When the organization determines the need for changing the Quality  management system, the changes shall be carried out in a planned manner. When there are changes required in the existing service requirements, management ensures through management review that the suitability & integrity of the management system is maintained during the planning and the implementation to the smooth transition of the system. When changes are required existing objectives, the Management Representative shall ensure through review the purpose and potential consequences of the change and its suitability and integrity with the existing QMS. In case of need for availability of resources or need for the allocation or reallocation of responsibilities and authorities for the changes in the objectives, it shall be duly addressed prior to formalizing the objectives. Management programs, identified risk control measures and Action Plans are amended, if required. If necessary, planning is also carried out through review meetings. Any risk and opportunities arising out of the changes are managed as per the procedure of Risk assessment.

Regarding management of change (MOC) the organization shall identify the risks associated with changes in the organization, Quality management system, or its activities, prior to the introduction of the changes. The organization also ensures that the results of these assessments are considered for determining the appropriate controls. Documented Information for the management of changes are maintained. The relevant process owners along with the Management Representative shall plan to take actions to address its changes to the management system processes.

The Management Representative along with the process owners shall review and determine how to integrate and implement the relevant actions into the Quality  management system and shall evaluate the effectiveness of these actions and shall consider

• The purpose of the changes and its potential consequences
• The integrity of the QMS
• Availability of resources
• Allocation of re-allocation of responsibilities and authorities

The requirements for quality requirements are met by the establishment and implementation of Quality  management system which allows effective planning prior to the changes in the system.

• The Quality  management system has been assembled and documented in a format to suit this method of operation.
• XXX will give timely consideration to conduct revision of the Quality  management system through management review meetings, and interactions with the process owners.

While planning its actions XXX shall ensure the best practices, technological options, financial, operational and business requirements are met.

Ref: Management of change (PR 021)

7.0 SUPPORT

7.1 Resources

7.1.1 General

XXX’s Top management has assured the availability of resources needed for the effective implementation and the maintenance of the QMS and enhance the effectiveness of the system by providing resources on time. The General Manager shall consider the capabilities of, and constraints on, existing internal resources and what it needs from the external providers. By providing resources on time, the management ensures that there is:

• Continual improvement in the QMS.
• Enhances customer satisfaction by meeting and exceeding the requirements of the customer

7.1.2 People

XXX’s Top management has ensured that there are adequate personals available for the services provided and to enhance the quality performance of the Quality  management system. Personnel performing work affecting service are competent on the basis of appropriate education, training, skills and experience. The top management ensures this through proper recruitment of the most appropriate personnel for the required jobs. Competence requirements are determined through job descriptions. Where additional training is required to enhance the competence of personnel, this is handled in accordance with Procedure for Training (PR 007).

The Admin/HR Representative ensures that the process of requirement of competent people is being arranged for the respective department either through recruitment or through outsourced activities.

Ref: Training (PR 007)

7.1.3 Infrastructure

The infrastructure facilities required to achieve planned results (as per the scope of service) are identified and maintained as per procedure for Maintenance (PR 022), this includes,

• All equipment required for provision of services (is identified and made available).
• Risk based Maintenance activities are carried out which includes preventive and predictive maintenance, reliability centred maintenance, mean time between failures,  system, design and process failure mode and effects analysis,  failure mode and criticality effects analysis, process control plans and  others that are in context of the organization and its risks.
• Software and hardware (information systems) (used are controlled and maintained to ensure the availability of licensed and updated versions as required).
• Equipment and supporting services (are identified and maintained as per the established preventive maintenance system).
•  Preservation – (Incoming materials and finished products are maintained as per the required conditions by providing adequate storage and protection).

The availability of the process equipment and supporting services such as communication and transport are reviewed by top management during the management review meeting and internal meetings, for the capability to meet to the requirements of customers (both internal and external) and interested parties. XXX ensures the availability of latest versions of software that may be needed for carrying out the activities as required. Arrangements are made with the relevant suppliers for updates.

Ref: Maintenance (PR 022)

7.1.4 Environment for the operation of processes

The present work environment is determined to be suitable for the range and scopes of services carried out. The process owners ensure that the environment for operational process are defined and complied to.

The respective managers along with the QA/QC representative reviews the suitability of the work environment needed to achieve the conformity of the product requirements and to enhance the organization in achieving the quality requirements on a regular basis.

A work environment suitable for achieving conformance to product requirements are maintained. Data from the QMS system is also evaluated to determine if the work environment is sufficient for achieving conformance to the requirements, or if corrective action related to the work environment is to be taken. The present work environment is determined to be suitable to the range and scopes of the service carried out by XXX:

• Work instructions are available for all general safety rules.
• Safety rules and protective equipment – To create awareness, respective safety instructions are displayed and provided with the necessary protective equipment.
• Other welfare facilities are also provided to the employees like drinking water facility, transport from the accommodation to the work place, free accommodation facilities and food.
• Proper housekeeping is maintained taking safety into consideration.
• Dust free atmosphere for critical processes
• Maintaining the environment by planting trees and promoting greenery in the camp areas. Providing adequate breaks for staff to ensure that they are not over stressed
• Motivating employees through performance appraisal, incentives, and real involvement of employees.

Note: The term “environment for the operations of processes” relates to those conditions under which work is performed including physical, environmental and other factors (such as Social, Psychological, physical)

Top management reviews the suitability of the work environment needed to achieve the conformity of the product requirements and to enhance the organization in achieving the QUALITY policy, objectives, targets and system performance etc. through management review meeting.

7.1.5 Monitoring and measuring resources

7.1.5.1 General

XXX’s Top management considers providing resources as one of its top priorities in having an effective Quality  management system, so when it comes to monitoring and measuring resources, the management ensures that it provides those resources which will give valid and reliable results for its products and services.  The management shall ensure that these resources are suitable for the specific type of monitoring and measurement activities of XXX and are maintained by the authorized person for continuing fitness for their purpose.  

Ref: Measurement and Monitoring (PR 025)

7.5.5.2 Measurement traceability

All inspection, measuring, and test equipment used for demonstrating the conformity of the product is controlled and maintained on a regular basis. A list of measuring equipment shall be established to define accuracy needed and frequency of calibration. Such measuring and test equipment is subject to either external calibration by independent bodies or in house by qualified personnel (where applicable). Results of calibration, indicating calibration status, shall be recorded and maintained. Calibration data or results will be afforded to customer on request. Calibration certificates shall provide traceability to national or international standards. Defective equipment shall be taken out of service for repair or disposal.  If defective equipment was used to verify product acceptance the effect upon product quality shall be re-assessed. If calibration is carried out in-house, it will be done under suitable environmental conditions by qualified personnel. Master instruments traceability will be to the international or national standards. All master instruments will be maintained, protected from damage or loss to sustain accuracy needed. The calibration and control of monitoring and measuring devices is explained in the calibration procedure

Ref: Calibration procedures (PR018)

7.1.6 Organizational knowledge

XXX’s top management values the knowledge and skills of the employees that it has recruited and shall strive towards maintaining them within the organizations for growth and effectiveness of the processes. XXX’s top management shall determine knowledge necessary to perform process/operations to meet customer expectations and subsequently, plan the methods to achieve the identified knowledge goals by means of training, learning on the job etc.

XXX shall exchange in-house and maintain this knowledge through internal knowledge sharing sessions which ensure dedicated exchange of knowledge and sharing of lessons learned from projects and specific external training programmes.

The respective process owners and top management shall evaluate knowledge and identify opportunities for improvement in line with changes in the market or in technology and analyzing the extent to which they influence the knowledge that XXX requires.

7.2 Competence

Competence requirements are determined through job descriptions. Where additional training is required to enhance the competence of personnel, this is handled in accordance with Training procedure (PR 007).

The HR department ensures that the process of recruitment of competent people is being arranged for the respective process either through recruitment. It is the responsibility of the respective manager to ensure that all personnel carrying out activities are made aware of the relevance and importance of their activities and how they contribute to the achievement of the objectives and the importance of conformance to XXX’s QUALITY policy, Quality procedures. Company objectives are deployed at the functional levels and all relevant personnel made aware of their roles.

In terms of QMS, the management shall ensure that actions taken to ensure competence, shall take into account

• The Risk and Opportunity assessed by the organization
• Preventive and control measures resulting from the risk assessment process
• Assigned roles and responsibilities
• Individual capabilities, including experience, language skills and literacy
• The relevant updating of competencies made necessary to the context of the work changes
• The evaluation of the competence or workers according to the determined necessary competence

Ref: Training procedures (PR 007)

7.3 Awareness

XXX’s top management understands and maintains that it is the responsibility of the respective manager to ensure that all personnel carrying out activities are

• Made aware of the QUALITY Policy statement, relevant objectives, customer & regulatory requirements, risk mitigation and conformity assessment requirements.
• how they contribute to the achievement of the Quality  management system and the benefits of the enhanced performance 
• the implications of not conforming with the Quality  management system, including consequences, actual or potential to their work activities
• Information and lessons learned concerning Quality issues

Awareness sessions shall be carried out through the established training procedure and the by the procedure for communication, participation and consultation.

Ref: Training procedures (PR 007)

7.4 Information and communication

The internal communication among XXX’s staff is ensured by the well-established reporting system, which is covered by the application of the ISO 29001:2020 Quality  management system. Records and information flow are available through two kinds of media: soft copies through the active networks and through hard copies. The process sequence, linkage/interrelation, interactions, method of operation and control and process criteria of monitoring  and measurement are carried out as stated in general requirement and are communicated across all levels of the organization through the QMS. As a part of this QMS, effective communication is established throughout organization via:

• Internal memo
• Intranet
• Verbal instructions
• Display of quality policy statements and objectives
• Circulars
• Monitoring and measurement reports

Method for receiving, documenting and response to relevant communication from external interested parties of has been defined in the procedure for communication, participation and consultation (PR 012).

XXX’s top management has decided to communicate externally about its significant environmental aspects to interested parties if they ask or enquire about it. It will be the responsibility of the management representative on how to give a report to the interested parties on any Quality matters. Change of decision to communicate would be discussed during MRM and method for the same will be finalized.

A clear method of communication internal and external has been identified and defined in procedure for communication(PR012). Method for internal communication among the various levels and functions of XXX has been defined in the same procedure. With respect to information to external or interested parties, XXX shall ensure that they

• Define the intent to be achieved by informing and communicating and shall evaluate whether the objectives have been met
• Take into account diversity aspects, where they exist, when considering its information and communication needs

Ref: Communication (PR 012).

7.5 Documented information

XXX has established a documented procedure to maintain control of all documents and data relating to the requirements of ISO 29001:2020 standard. This also includes, if applicable, documents of external origin determined by XXX to be necessary for the planning and operation of the quality management system, such as standards and/or customer supplied documents.

The documented procedure covers the following issues:

1. The management representative is responsible for the issuance, amendment and recall of the entire documented Quality  management system.
2. Amendments to the documented system may arise at any time as a result of but not limited to the following:
3. Changes to the Quality  management system standard,
4. Internal and external audits.
5. Changes in technical standards.
6. System reviews.
7. Requests for amendments from Concerns.
8. Business expansion, development and improvement.
9. Amendments to the Quality  management system might be requested by any employee and are forwarded to the management representative using the appropriate document as stated in the documents control procedure (PR 001)
10. The management representative shall review and approve any amended/new document for adequacy prior to issue.
11. To ensure that documents remain legible and readily identifiable, the management representative holds a copy of the current version of the Quality  management system documents as a master reference in the system master file.
12. The document controller is responsible for issuing all manuals and maintaining a log of all issues. The Quality  management system, which includes all approved documents, is distributed to all locations/departments where operations essential to the effective functioning of the QMS management system are performed.
13. Quality  manual, procedures, and support documentation are issued as “controlled” documents.
14. When a change to the documented system has been agreed, the management representative advise all the internal document holders of the new revisions by changing the revision in the documentation master list and distributes this new version to all the holders.
15. All obsolete and/or invalid documents shall be taken from the holders and disposed.
16. The document controller retains copies of the superseded documents for a stated period of time.
17. Documents of external origin determined by XXX to be necessary for the planning and operation of the Quality  management system shall be identified and their distribution shall be controlled.
18. Practices employed by XXX to integrate into its operating process any  external specification requirements, including addenda, errata, and updates, used in the design or manufacture of a product or service,

XXX has established documented procedures for records control (PR 001) whereby the records are retained for defined periods, identified, filed/stored, maintained, and are always accessible and retrievable. Records may be in hard copies, electronic copies or other media formats. Where information is stored in a computer system, appropriate methods are taken to preserve data including data back-up copies.

The documented procedure includes controls for:

• Records identification: this is covered in the documentation procedure (PR 001) where each record has a unique identification number and revision number.
• Records storage and protection: all records shall remain legible by using appropriate storage methods to guarantee that they are readily retrievable. They are stored in a manner that prevents loss, damage, or deterioration.
• Retention and disposition of records: retention period is stated for each record after which records are disposed. The retention period is specified according to the importance and the need of the document for a specific period of time.
• Retained records demonstrate conformance to the ISO 29001:2020 and requirements and provide evidence of the effective operation of the Quality  management system. Also, these records are considered as the basic input for the analysis of data used for measuring and improving the applied activities and processes.

Ref: Documented information procedure (PR 001)

8.0    OPERATION

8.1 Operational planning and control

8.1.1 General

Planning and realization of service is an on-going process. The controls needed to achieve service conformity are established and maintained through various process flow diagrams or procedures. Procedures and process flows diagrams for the key processes are documented. During planning the following are determined:

• The  requirements of the customer’s scope and product characteristics
• The need to establish criteria for processes and acceptance of the products and services
• The needs of resources to achieve conformity to the product and service.
• Required verification, validation, monitoring, inspection and test activities specific to the requirement and the criteria for service acceptance. (Calibration of key equipment, validation, inspection and test activities as per quality plan/requirement)
• Implementation of controls for the criteria
• Records needed to provide evidence that the realization process (planning, review, production, delivery, etc) and resulting outputs meets contractual and product requirements.
• The output of this planning process is the product itself and the records to prove its acceptance/service requirements by the customer shall be maintained.

Where required the respective section managers shall control planned changes and review the consequences of unintended changes taking action to mitigate any adverse effects as necessary.  The outsourced processes shall be controlled and records maintained for conformity. Where there is a requirement by the client for Quality / Service plan or Inspection and test plan, the QA/QC representative and the respective section manager shall prepare a quality plan or Inspection and test plan and submit for approval.

Changes to operational processes are done in accordance with the procedure for Management of change(PR 021).

Contingency plans are established as a risk treatment in accordance with the Procedure for Contingency plan (PR 023).

Ref: Management of change (PR 021), Contingency plan (PR 023).

8.2 Requirements for products and services

8.2.1 Customer communication

For the effective implementation to meet the requirements of customer, appropriate channels of communication are established in relation to product information, enquiries, contracts, order handling, amendments, contract information, enquiries, and feedback including customer complaints etc.

The various modes of communication used are:

• E- mail through Internet
• Fax/Letters
• Telephone
• Displays
• Personal meetings with clients
• Brochures
• Visits of clients to  facilities

The complaints received from the customers are reported in Customer Complaint Register where required. Customer communication records are also retained throughout the project, or until the project is declined. The method for handling complaints is identified in the procedure for communication, participation and consultation (PR-012).

Ref: Communication, participation and consultation (PR 012).

8.2.2 Determining the requirements for products and services

The requirements related to the services (stated/implied) as below, but not limited to:

1. Customer/Market needs
2. Cost involved
3. Statutory  & regulatory requirements
4. Reference to the international standard
5. Organizational codes of Practice
6. Organizational policies & Objectives
7. Organizational capability
8. Relevant similar past experience in new product/service launching
9. Source of purchase
10. Mode of transportation
11. Present storage, handling & delivery methods,
12. Present over heads
13. Storage reliability
14. Suppliers reliability
15. Product/Service reliability
16. Competitors Product/Service
17. Competency of personnel
18. Inspection requirements
19. Anticipated market requirements
20. Inventory cost
21. Identification & Traceability
22. Product specifications
23. Stages of inspection and requirement
24. Reports of qualification tests
25. Transport requirement
26. Post-delivery activities

8.2.3 Review of the requirements for product and services

XXX shall review the requirements related to the contract and service prior to the commitment to supply to the client by reviewing the requirements from the client. The review is carried out by the respective section manager(s) and the relevant engineers who determines if the service can be provided or not. In case of tenders the “Estimation department” ensures that all the requirements are adequately reviewed.

Requirements related to the client are also identified clearly at the tendering process itself. The scope of work and the project deliverables clearly indicates the needs of the client. The specifications and instructions that accompany the tender documents are clear in identifying the requirements of the client related to the contract.

Clarifications and further information is received through the pre-tender meetings, or discussions and meetings with the client, visits to the site or proposed site areas, etc. Document and records which are controlled during the contract period are as follows:

1. Tender documents
2. Authorisation for pricing
3. Order transfer note
4. Progress report
5. Supplier quotation
6. Quotation to customer
7. Job card
8. QA/QC documents
9. Estimation sheets
10. Order receipt
11. Customer and contract document
12. Intermediate completion of services
13. Customer product / data sheet
14. Contract review comments and communicate the same

The review requirements of the products are done as per the following table

The Procedure for contract Review (PR 024) is maintained which describes the process in details.

Ref: Contract Review (PR 024)

8.2.4 Changes to requirements for products and services

In situations where the client is not providing any documented statement of their requirement, the standard specification of the product is confirmed before making final commitment. Where contract requirements are changed, it is ensured that the relevant documentation is amended and relevant personnel are made aware of the changed requirements. Records of review are maintained by the sections.

When changes are required existing QMS, the management representative shall ensure through review the purpose and potential consequences of the change and its suitability and integrity with the existing management system. In case of need for availability of resources or need for the allocation or reallocation of responsibilities and authorities for the changes in the Objectives, it shall be duly addressed prior to formalizing the objectives. Management programs, identified risk control measures and action plans are amended, if required. If necessary, planning is also carried out through management review meetings. Regarding management of change (MOC) the organization shall identify the Risks associated with changes in the organization, Quality management system, or its activities, prior to the introduction of the changes. The organization also ensures that the results of these assessments are considered for determining the appropriate controls. These activities are further defined in the procedure Management of Change (PR 021)

Ref: Management of change (PR 021)

8.3 Design and development of products and services

8.3.1 General

XXX shall determine all the requirements of design of the products and services to fulfil products requirements and meet the entire satisfaction of customer. Required processes have been established and carried out the design and development as per the design and development procedure (PR 017). Although, the development shall not be restricted to this procedures because development and research always looks for better improvement of products in order to exceed the customer satisfaction.

8.3.2 Design and development planning

XXX prepare the plan and control the design for the development of products and services. The design engineer verifies the customer requirements prepare the effective plan for the proper designing. The design and development stages are clearly defined. The design and development stages are reviewed, verified and validated to ensure the requirements of the products have been meet with the requirements. The design engineer shall be responsible for the planning of design processes. The process owner shall review, verify and approval the design and development stages. Any risk and opportunities arising out of the design and development are managed as per the procedure of Risk assessment (PR 002).

These activities are further defined in the procedure Contract Review (PR 024)

Ref: Contract Review (PR 024)

8.3.3 Design and development inputs

The inputs of design and development of the products requirements are determined by the design engineer. The inputs are maintained as per the documentation requirements including the functional and performance requirements, environment and safety condition and output of the risk and Opportunity Process. Also XXX determines the information of previous design of delivered products and takes as a feedback to develop forthcoming products in the better way.

8.3.4 Design and development controls

Design and development review:

While designing the products and services, at suitable stages systematic reviews of design and development are performed in accordance with planned arrangements. Reviews status and comments are clearly marked and documented to give feedback and proposal to take necessary actions to meet the products requirements.

Design and development verification

Design verifications are carried out according to the plans and records of the verifications are maintained. It has been ensured that design and development outputs have met the design and development input requirements.

Design and development validation

The production engineer shall do validation of design and development as per the planned arrangements to ensure that resulting products are qualified and capable of meeting the requirements for the specified application and intended use. Validation is done prior to final use or delivers to customer. As necessary the customer also can validate the design and development.

8.3.5 Design and development outputs

The output of design and development is verified against the design and development input and approved prior to release. The output of design and development shall meet the input requirements. Instructions for the productions, information required for the purchasing of materials required for the products, as well as storage and handling information are also provided. Design outputs are in a format that will furnish all information required for the end user. 

8.3.6 Design and development changes

The products and services designed and developed on the basis requirements and ready for the intended use. If the changes are required by the client, clear information for the required changes is received, and design engineer reviews and verifies the changes. Prior to implementation the changes are reviewed, verified, validated and approved. The changes records are documented and will be part of the contractual documents. Where required, design and development stages are detailed in the project quality plans and procedures issued by XXX.  Various forms are design for the entire design and development process to keep as quality records.

Ref: Design and development procedure (PR 017).

8.4 Control of externally provided products and services

8.4.1 General

XXX has established a system to demonstrate its commitment and method through following section on its commitment and method for purchasing process, purchasing information and verification of purchased products.

8.4.2 Type and extend of control

Purchasing documents clearly and completely describe ordered products, including quality requirements. Purchasing documents are reviewed and approved prior to release. Purchased products are verified before they are used or delivered to end users. Details of purchasing process are documented in the procedure for control of externally provided services (PR 008). All new suppliers are evaluated with regard to their quality and process capability. All potential suppliers are evaluated based on the criteria of Quality and process as documented in the (PR 008). Supplier evaluation & re-evaluation is done in order to introduce them in the approved supplier list. The General Manager and the Management Representative establish the criteria for selection of suppliers, and purchasing staffs conduct supplier evaluation.

All potential suppliers are evaluated at least once in a year based on the criteria of Quality and process are documented in the procedure for Purchasing (PR 008) and once approved records are maintained in Approved supplier list.

XXX extend the control over supplier and outsourced processes and to the purchased products through the procedure for control of externally provided services (PR 008). The type and extent of controls will depend on the risk and opportunity associated with the product or service purchase.   Quality performance of suppliers are monitored. Suppliers showing inadequate performance may be asked to implement corrective actions, and be downgraded or discontinued. In case there are identified risks of goods, equipment and services purchased, the controls are identified and if required communicated to the supplier or sub-contractor. Purchased products are inspected by requestor or the relevant managers. This includes verification of product identity and quantity, visual inspection and, where applicable, verification that all requested certificates and quality records are available. Record of the inspection are maintained.

Review also ensures that the purchased product meets the specified requirements. When deviations are identified, the supplier is contacted to discuss the corrective action. Where specialized services are required and have to be outsourced, the suppliers of such services are also identified, selected and approved in a manner similar to that mentioned above. Same controls are established for such activities.

Ref: Control of externally provided services procedure (PR 008).

8.4.3 Information for external providers

Purchasing documents are prepared by the purchasing in charge. The documents clearly and completely describe ordered products, including precise product identification and quality requirements. The General Manager or his appointed deputy reviews and approves all purchasing documents prior to release. Purchasing documents may be in the form of fax, e-mail, or other documented communication sent to the supplier, these clearly specify the requirements, specifications, terms and conditions. The document also includes the requirements for approval of product, procedures to follow (if applicable), requirements for qualification of personnel (where applicable) and Quality  management system requirements. The documents are reviewed for adequacy of specified requirements and approved before sending to the supplier. The requirements to be followed by the suppliers/contractors are communicated by purchasing section at the time of signing the contract or along with purchase orders.

The procurement in charge shall ensure that procurement process have adequately defined and applied criteria for the selection of contractors. The procurement in charge shall ensure that outsourced functions and processes are controlled. The procurement in charge shall ensure that its outsourcing arrangements are consistent with legal requirements and other requirements and with achieving the intended outcomes of the Quality management system. The type and degree of control to be applied to these functions and processes shall be defined within the Quality management system as per the nature of work outsourced.

Ref: Control of externally provided services procedure (PR 008).

8.5 Production and service provision

8.5.1 Control of production and service provision

XXX establish control procedures covering all areas of company like general working areas, project sites, contract/project management, manufacturing, installation etc. to make sure its activities are carried out under controlled conditions. Controlled conditions include the following (where applicable):

• The availability of information that describes the characteristics of the products and services offered,
• The availability of work instructions as necessary,
• The availability of information that describes the characteristics of the project through timing plan and method statement,
• The use of suitable equipment identified through resource planning,
• The availability and use of monitoring and measuring equipment,
• The implementation of monitoring and measurement, and
• The implementation of product release, delivery, and post-delivery activities.

To ensure this, XXX have developed method statements/Work instructions as per relevant national and international standards to be followed by the clients or the projects. A standard method statement contains the details on how to ensure quality of the products, Quality  services, resource requirements, safety for the safe working conditions, measurement and control of process in line with the requirements of the customer. The method of statement of works is prepared and submitted to the client, consultant or contractors for their approval prior to execute the production/projects.

However, these can be modified and customized in accordance with project specification. XXX can function as prime, joint venture, or subcontractor, according to clients’ preferences. The final customization is approved by the process owners and relevant engineers prior to sending out to the client for approval. XXX also has own production facility to manufacture. These are produced as per standard specifications and project requirements. The products are designed as per the standards , special needs of clients are determined & are built as per specifications of products.

QA/QC requirements

The project manager has the full authority to run the project according to the plan drawn up with the General Manager. Working procedures are laid down taking into consideration of the customer’s requirement and quality aspects. Coordination, follow up and checking is duties assigned to the site staff, and are assured by regular meetings at suitable intervals.

Plant & equipment maintenance:

Plants are regularly maintained as per manufacturer’s maintenance schedule and manual. Maintenance is done by the respective sections. Moving vehicles, equipment, machines & etc. are maintained by mechanical engineering workshop regularly as well as the respective foreman in the department. Other hardware and software are regularly checked & maintained by IT department. Section heads are responsible to ensure the adequacy of all plant and equipment under their possession. The equipment are listed and included in the service/maintenance schedule as per type of equipment and its requirements. Outsource requirements for the maintenance (for specialized equipment) are requested and done as per purchasing procedures and as defined in the 8.4 in this manual.

Measuring and monitoring equipment:

Requirements for measuring and monitoring equipment are determined by Production and Quality Assurance. This is in accordance with process control and product verification programs defined in product realization planning (refer to Section 8.1 of this manual).

Validation of processes for production & service provision:

Processes where the resulting output cannot be verified by subsequent measurement or monitoring are designated as special processes.   The relevant section heads are tasked with the responsibility of handling special processes and to ensure that the process is controlled and validated prior to delivery to the client. Special processes are validated and controlled by applicable methods, equipment and personnel qualification, and work instructions and process procedures. The use of specific methods and procedures are resorted to as applicable. Special process records are established and maintained as appropriate. Depending on the control measures implemented, these records may include process qualification and validation reports, equipment qualification and maintenance records, inspections and tests, operator qualification and training records, and so forth. If there is need for revalidation, that is also considered and handled accordingly.

Welding is considered as a special process and where required validation and revalidation is done for these special processes and works done. Welding procedures is prepared as per relevant standards.  Only qualified welders are allowed to do the special welding jobs. Their practical experiences and skills are considered to assign the job to them. Monitoring or inspection of welding activities is done by competent engineer designated by Section Head. Where required third party inspection and certificates for the same will be maintained. The consumables storage, weld repair will be carried out as per the work instructions approved for the specific projects. XXX utilizes some “special processes” where the result of the process cannot be verified by subsequent monitoring or measurement. The special processes in use and the methods of validation of each are defined in Procedure for Validation of process (PR 026)

Ref: Validation of process (PR 026)

8.5.2 Identification and traceability

Purchased products are identified with its names and unique number used as necessary. The identification is the same as, or is cross-referenced with, the designations used in drawings, specifications, bills of materials, Products list, Purchase orders, etc. Purchased products are identified by marking, labelling, or tagging the products or their packaging, or by identification of the area where the products are held or per-codes (as per our new program). During all stages of production, products are usually identified by work orders and other documents that accompany them through the production cycle. Parts and components may also be identified by labels or tags, or the containers in which they are held. Final products are identified by their name, which is labelled by tags on the products. Projects are identified by their project numbers. When required by contracts, laws and regulations, or voluntary standards traceability is implemented to the extent specified. Traceability may also be implemented for internal reasons, to facilitate corrective action.  As required, traceability may apply to materials, components, parts, production processes, environmental conditions, inspection and testing, and personnel responsible for processing and verification of products. The scope of traceability is documented in product manufacturing specifications or the production work order. The documented procedure Identification & traceability (PR 027) defines these methods in detail.

Ref: Identification & traceability (PR 027)

8.5.3 Property belonging to customers or external providers

Materials, tools, moulds & etc. provided by customer for the processing of products are received and inspected, in the event such products fail to meet the inspection criteria, or are not suitable for any other reason, the same shall be reported to customer and records shall be maintained. Storage, handling, and preservation of customer’s materials follow the same procedures that apply to purchase products. Customer’s software, documents, and other intellectual property are protected to the same extend as would internal documents of similar content, unless there are contractual requirements for special measure to protect customer’s intellectual property. When specified in a contract, special handling instructions from customers will take precedent over the company’s standard procedures. Customers are contacted in the event of loss, damage, deterioration, or unsuitability of their products by the relevant engineers. Customer’s vehicles and personnel entering to our yard to collect products and services are managed. Traffic flow is controlled by flagmen. All the loading activities are done under surveillance of safety personnel in order to avoid any damages or loss to the customer’s vehicles and personnel. This activity is defined in greater detail in the Procedure Customers or External Providers property (PR 028)

Ref:  Customer or External Providers property (PR 028)

8.5.4 Preservation

Preservation of product by XXX describes in the relevant procedures, the conformity of its product at every stage from receipt of raw materials to delivery to its intended destination. It includes the identification, handling, storage and protection of both the products and the constituents of the products in order to maintain the conformity requirements. The section heads are responsible for product handling and preservation, and that products are adequately protected during production and storage. Where required, storage, and holding areas are controlled by the section that brings in new stock or uses the area. Only products that are properly identified and that have passed required inspections are authorized to enter and leave the store area. Products with limited shelf life are identified with expiration dates. These perishable products are also rotated in the storeroom to ensure that the oldest product is used first. The documented procedure Preservation of products (PR 029) defines the methods for preservation of product.

Ref:  Preservation of products (PR 029)

8.5.5 Post-delivery activities

XXX shall ensure that all the post-delivery activities associated with the products and services. In determining the extent of post-delivery activities that are required, the organization shall consider

1. Statutory and regulatory requirements
2. The potential undesired consequences associated with its products services
3. The nature, use and intended lifetime of its products and services
4. Customer requirements and feedbacks.

For road construction, projects completion and warrantee certificates is given upon completion of the works as per contract requirements. Such warrantee is subject to the defect on the workmanship and materials supplied by XXX to be rectified immediately.  All other warrantees are subject to the contracts terms and conditions.

8.5.6 Control of changes

XXX shall review and control changes for production or service provision, to the extent necessary to ensure continuing conformity with requirements. All the documented information’s regarding the changes and results of changes shall be retained by XXX, which shall also contain the details of the person(s) authoring the change and any necessary actions arising from the review. In case any change impacts the product or services, XXX shall notify the customer about the changes either through email or by calling telephonically. Corrective action shall be taken as per the procedure for Corrective Action (PR 006). Assessment of Risk and Opportunity shall be done as per Procedure Risk Assessment (PR 002). Processes are monitored and controlled through variety of approaches, activities and techniques. The system is designed to control:

1. Information, material and human input into the process;
2. Technology, tools and equipment used;
3. Process environment and performance; and
4. Process output.
5. Organization structure
6. Key or essential personnel
7. Critical providers
8. Design
9. Management system

Process change management is defined in the Procedure  Management of change. Documents are changed in accordance with procedure Control of documented information.

Ref: Risk Assessment (PR 002); Corrective Action (PR 006) Management of change (PR 021); Control of documented information (PR 001).

8.6 Release of products and services

The release of the products and services shall be as per the planned arrangements and by a competent authority as per procedure of Product Release (PR 030). Where there is a release otherwise it shall be approved by the respective departmental authority or as applicable by the customer requirements.

Documented information (Records) related to the stages of the production process and communications related to the acceptance of the product/service by clients will be maintained. Evidence of conformity to product requirements with acceptance criteria will be maintained with the traceability to the person(s) authorizing the release.

All products are released for delivery only after all specified activities have been satisfactorily completed. Regular tests are carried out to ensure the consistency of quality; Lab verifications, plant trails are done in witness of authorities (MOE or consultant) and conformity of the product are obtained. The designs are certified by Ministry of Environment. Documents are changed in accordance with procedure Control of documented information. All products are released after the approval of the client.

Final site inspection is done by the Consultant and the client. If any deviations found during inspection are corrected on the spot or redone as per consultant or client recommendation. A guarantee period of 400 days or else specified in the contract for the materials and workmanship defect and rectification on immediate basis is defined in all road construction projects. Any rectification requested by client within guarantee period has been verified and carried out on immediate basis.

Ref: Release of Product (PR 030)

8.7 Control of non-conforming outputs

XXX have taken special care to ensure that the outputs which do not conform to the planned arrangement or as per the requirements are identified and controlled to prevent unintended use or delivery. The following methods shall be adopted when dealing with non-conforming outputs can be:

• correction
• segregation, containment, return or suspension of provision of products and services
• informing the customer
• obtaining the authorization for acceptance under concession

Non-conforming materials are identified and segregated from conforming materials to prevent unintended use or confusion and mixing with conforming materials. A system is established for identifying, controlling, handling and taking proper action on detected non-conformity. These methods are defined through the procedure for control of non-conforming outputs (PR 005).

Ref: Control of non-conforming output procedure (PR 005).

9 PERFORMANCE EVALUATION

9.1 Monitoring, measurement analysis and evaluation

9.1.1 General

The Integration of the whole measuring and improvement system will cover the required improvement processes needed to demonstrate conformity to product requirements, to ensure conformity of the Quality  management system and to continually improve the effectiveness of the Quality  management system.

Major processes include:

• Sales, production and service
• Inspection and testing
• Purchasing
• Control of non-conforming outputs
• Internal auditing
• Customer satisfaction
• Corrective actions
• Data analysis
• Legal requirements and compliance
• Objective achievement
• Operational effectiveness
• Performance

The effectiveness of the QMS, including the policy and objectives, is monitored by conducting internal audits, and operational reviews, and is measured by customer satisfaction and key performance indicators. The results from the monitoring and measurement shall be analysed and evaluated by the top management.

9.1.2 Customer satisfaction

Customer satisfaction is measured by collecting and analysing direct customer feedback, and by measuring secondary indicators of customer satisfaction. Customer satisfaction data is used by the top management to identify opportunities and priorities for improvement. The procedure of measuring Customer satisfaction has been established as per Procedure for Customer Satisfaction (PR 031). The process owners/department managers is responsible for developing suitable indicators of customer satisfaction, and for defining methods for collecting and analysing the pertinent information in their areas. Information and data pertaining to customer satisfaction are collected from several sources such as but not limited to:

1. On-going feedback from customers,
2. Surveys using customer satisfaction survey form at the completion of each project and orders,
3. Analysis of trends of customer satisfaction/complaints/safety reports issued by client,
4. Awards and recognitions,
5. Repeat customer rates, and market share,
6. Lost business analysis.

Results of customer satisfaction surveys and the perception of the customers is analysed by the management representative and presented during the management review meetings.

Ref: Customer Satisfaction (PR 031)

9.1.3 Analysis and evaluation

XXX collects, complies and analyses information and data required for evaluating the suitability and effectiveness of the management system and for identifying opportunities for continual improvement. Data and information available in records are compiled and analysed periodically to determine trends in the performance and effectiveness of the management system and to identify opportunities for improvement. The Management Representative is responsible for coordinating these activities and for reporting conclusions and trends to the top management. This is usually done within the framework of management reviews of the QMS. Following categories of information and data are recorded, compiled and analysed:

1. Quality performance and records of communication from employees.
2. Conformance to product/service requirements (Objectives)
3. Status of non-conforming products and areas of re-occurrence.
4. Action against non-conformances (including audits)
5. Characteristics and trend of processes and products
6. Supplier performance recorded in supplier re-Evaluation and evaluated for trends by purchasing dept.
7. Customer satisfaction levels – recorded in customer satisfaction survey form
8. Customer complaints –evaluated for trends.
9. Effectiveness of training – recorded in training record.
10. Effectiveness of Quality  management system – recorded in audit observation sheet and evaluated for trends.
11. Analysis of shall be conducted as per the Procedure for Analysis of Data (PR 032)

Ref: Analysis of Data (PR 032)

9.2  Internal audit

9.2.1 Planning and scheduling

Management representative establishes an internal audit plan ensuring that every activity and area is audited at least once a year. Selected activities are audited more frequently, depending on their importance, risk and opportunities associated with the process, result performance evaluation of process, results of past audits and quality performance history. The audit criteria, scope, frequency and methods are defined in an internal audit plan which also lists the audit criteria, auditor, auditee, date, and time.

9.2.2 Audit team and preparation for audit 

Only suitably trained and qualified personnel independent of the audited activities are assigned to conduct internal audits.  A list of trained internal auditors is maintained by the Management Representative in list of trained internal auditors form. Also Management Representative can identify third part auditor to conduct internal audit as necessary. The qualified auditors from different sections may audit different section. Auditors prepare for audits by reviewing applicable standards and procedures, analyzing quality records, and establishing questionnaires and checklists.

Conducting the audit 

Auditors seek objective evidence indicating whether the audited activities comply with the requirements of the documented QMS system, and whether the QMS system is effective. The evidence is collected by observing activities, interviewing personnel, and examining records. Findings are recorded on an audit observation sheet. Negative findings are reported as non-conformities and documented using non-compliance report form. Also the third party’s audit report also can be used to monitor and follow up for corrective actions. Audits are conducted in a way that minimizes disruption of the audited activities.

Corrective action and follow up 

When nonconforming conditions are identified, the process owner for the affected area or process is requested to propose and implement a corrective action. Implementation and effectiveness of the action are verified by a follow-up audit. The non-compliance report form is used for monitoring and recording the implementation of the corrective actions. Non-compliance reports are closed out by the Management Representative after evaluating effectiveness of action taken. Where a non-compliance is raised against the activities of the Management Representative, only the General Manager is authorized to close out these reports.

Reporting 

When the auditing cycle is completed, all nonconformity reports established during the cycle are compiled and analysed, and are presented at the management review meeting by the Management Representative.  Internal audits aQMS to verify conformance of the planned arrangements to the requirements of the standards and to that of the Quality  management system established.

Ref: Internal audit procedure (PR 004).

9.3 Management review

9.3.1 General

XXX reviews established QMS to ensure its suitability, adequacy and effectiveness which includes assessment for opportunities for improvement and the need for changes to the QMS as per the procedure for management review (PR 003).

Management review meeting is conducted at least once a year. The review committee consists of the following members and is chaired by the General Manager.

• General manager (GM)
• Assistant manager
• Management representative (MR)
• Document controller (DC)
• All section heads/ managers
• HSE
• Any other special invitee

Method, duration, responsibility, authority, review input/output for the management review is defined through the procedure (PR003) for management review.

9.3.2 Management review inputs

Inputs for the period of review to management review meeting related to the process performance are prepared by the process owners & QUALITY representatives and the system related performances are provided by the management representative.

9.3.3 Management review outputs

The output of the meeting includes the decisions and actions related to the improvement of the effectiveness of the QMS. The minutes, after approval by the General Manager, is circulated to attendees and management representative for further review and discussion and following up the implementing the actions decided in the meeting. The outputs of the management review meeting shall include decisions and actions related to

1. Opportunities for improvement
2. Any need for changes to the QMS
3. Resource needs

The management representative shall maintain the documented information of the results of the review meeting.

Ref: Management review procedure (PR 003).

10 IMPROVEMENT

10.1 General

XXX has deployed continual improvement principle throughout the entire organization. The improvement effort is driven by goals defined in the policy and objectives. Improvement shall include:

1. Improving products and services to meet requirements as well as to address the future needs and expectations
2. Correcting, preventing or reducing undesired effects
3. Improving the performance and effectiveness of the Quality  management system

Improvement opportunities are identified by analysing quality performance data and information. Improvement projects are defined and implemented through the system of corrective actions, and management review actions. Causes of identified non-conformities are investigated and, where appropriate, corrective actions are implemented to ensure that non-conformities do not recur. Corrective actions taken are recorded and are followed up to ensure that they have been properly implemented and that they are effective.

10.2 Non conformity and corrective action

Nonconforming products/ services are identified, documented, evaluated, and prevented from being used or delivered to the customer. Repaired or reworked products are re-inspected. Appropriate actions are taken when product nonconformity is identified after delivery. When appropriate, corrective actions are implemented to prevent recurrence of identified nonconformities.

Identification and documentation

XXX identifies and documents all product/ service nonconformities, regardless of how insignificant they seem to be or how easily they can be repaired or reworked. Product nonconformity records are invaluable for tracking performance and trends, and for identifying areas where corrective actions should be implemented.

During purchasing of materials or services or sub-contracting parts of the service, non-conforming products are segregated and reported to the supplier or sub-contractor for corrective actions. 

Nonconforming products/ services are documented using a non-compliance report form. It describes the nonconformity, documents the disposition decision, and records close-out of follow-up activities (re-inspection, concessions, corrective actions, etc.). It is a company policy not to deliver nonconforming products/ services to clients and the responsibility for this rests with the Section heads.

Therefore no segregation/ tagging methods are required. Adherence to specifications including delivery times is of prime importance.

Nonconformity review and disposition:

Review of non-conforming products/ services are carried out with the sole intention of re-working and correcting the non-conformity, after which it is delivered to the customer. Under no circumstances, non-conforming products/ services are delivered intentionally to the customers.

Re-verification of repaired or reworked product:

Reworked products are re-inspected and their conformity with the requirements of the customer confirmed prior to delivery. This may also involve interaction with the client and obtaining their acceptance of the product/ service prior to delivery.

All such actions related to control of nonconforming products/ services are recorded in the relevant project files.

If product nonconformity is detected internally after delivery or use has started, customers are informed and instructed what to do with the product. In situations when the nonconformity may create a safety or other hazard, the product may be recalled. Only the General Manager or his appointed deputy is authorized to make recall decisions. Details of the process are available in control of non-conforming outputs (PR 005)

The need for corrective action is determined on the basis of identified actual non-conformities. Corrective action requests are typically triggered by such events as a failed inspection, customer complaint and/or product return, non-conforming delivery from a supplier, or a system audit finding.

The need for corrective action is determined on the basis of identified actual non-conformities. Corrective action requests are typically triggered by such events as a failed inspection, customer complaint, deviation from work instruction/legal requirements/regulations, non-conforming delivery from a supplier, or a system audit finding. XXX has established a procedure for handling corrective actions as below, details of which are available in (PR 006):

Requirement for corrective actions are documented in a noncompliance report form where the nature of the non-compliance is recorded. The process owner identifies the proposed corrective action and sets reasonable time frames for implementation. After the due date, the management representative reviews the action taken and evaluates the effectiveness of the corrective action. The purpose of the corrective action is to:

1. Review the nonconformities including the customer complaints
2. Determining the root causes of the non-conformity
3. Taking action to eliminate the root cause of the problem to ensure that the non-conformity does not recur
4. Determining and implementing the action needed
5. Record the result of the actions taken
6. Reviewing and recording the effectiveness of the action taken

The management representative maintains records of all the corrective actions initiated analyses and reports trends periodically and during management review meetings.

Ref: Control of non-conforming procedure (PR 005), Corrective actions procedure (PR 006).

10.3 Continual improvement

XXX top management ensures the improvement in effective implementation and performance of the Quality  management system by systematically reviewing and updating the QUALITY policy, quality objectives, analysing audit results and other data from monitoring and measurement relevant to quality, environment and safety performance, corrective action and the management review. System performance is evaluated by respective section managers and reported in the management reviews of the QMS. Where the performance falls short of a defined objective, the management review identifies specific improvement actions to reach the objective. When an objective is reached, the management review may set a new, higher objective in this area and specify new improvement actions for reaching it.

In addition to management reviews, process owners identify improvement opportunities continually, based on the feedback from their operations and other activities. Employees are also encouraged to come forward with ideas for improving products, processes, systems, productivity, and working environment. These improvement opportunities are evaluated and prioritized by the engineers and section managers and where appropriate they are implemented. Where additional plans and resources are required, these are discussed in the management reviews and approved sought from the management. Changes arising out of the Continual improvement shall be managed as per the Procedure Management of change (PR 021). The section managers shall collate the continual improvement done in there are and present in the continual improvement plan format as per the procedure for continual improvement (PR016)

Ref: Continual improvement procedure (PR 016).

API Q1 Specification for Quality Management System Requirements for Organizations Providing Products for the Petroleum and Natural Gas Industry

The American Petroleum Institute (API) developed API Spec Q1 10th Edition specifically for Organizations Providing Products for the Petroleum and Natural Gas Industry. It’s one of the most prestigious company-based certifications that your organization can obtain to demonstrate its commitment to a sound quality management system. Furthermore, it allows your organization to meet the global demands of an increasingly competitive environment. For starters, ISO 9001:2015 is the basis for most (if not all) of the industry-specific quality management standards. It’s a flexible international standard that outlines the framework and guiding principles for quality management. Achieving ISO certification allows manufacturers to improve the quality of products or services while simultaneously lowering the cost of quality. On the other hand, API Spec Q1 10th Edition structurally deviates from the standard ISO 9001 series, but the results of a compliant quality management system are still the same. API Spec Q1 builds upon the classic structure of the ISO 9001 series by addressing risk and other QMS elements, but takes a different approach to quality management by bringing risk assessment and risk management into the fold. Additionally, there are some other key differences between ISO 9001 and API Q1, including:

• Formalizing employee competency and training
• Reinforcing risk assessment and risk management throughout the standard
• Contingency planning
• Controlling the supply chain
• Preventative maintenance
• Validation of designs
• Change management

API Monogram Licensing Program Requirements Part 1 – General Requirements

1. The information contained herein details the applicable requirements for Organizations seeking approval to use the API Monogram Mark.
2. To obtain and retain an API Monogram license, an Organization must have a documented and functioning quality management system in place that meets both the requirements of API Spec Q1® (Quality Programs for the Petroleum, Petrochemical and Natural Gas Industry), and at least one of the applicable API Product Specifications.
3. Issuance of the license(s) is dependent upon a successful evaluation of the Organization’s quality manual, API Spec Q1 Conformity Matrix and satisfactorily passing an on-site audit of the Organization’s facility and processes by API through its designated auditors. Site audits are required to verify demonstrated capability of the Organization to meet program requirements. Associated audit expenses will be paid by the facility.
4. Review the requirements stated in API Spec Q1 and the applicable API Product Specification(s) for which your Organization is seeking a license. If your Organization feels that its manufacturing processes meet all the stated quality requirements to obtain an API Monogram License for one or more product specifications, please complete and submit the following:
   • API Certification Programs Application If your Organization is seeking one or more API Monogram licenses and/or registrations, this form must be completed and signed.
   • API Monogram License Agreement For each API Product Specification for which you are requesting licensing, a separate License Agreement must be completed and signed. NOTE: The applicant is not allowed to use the API Monogram until all steps in the process have been completed (including satisfactorily passing an on-site audit), the applicant has paid the applicable fees, the applicant has agreed to comply with all terms and conditions of the agreement, and signed the License Agreement.
   • Licensing Information Form: For each API Product Specification for which you are requesting licensing, a separate Licensing Information Form must be completed. Please submit the appropriate forms as applicable to the Product Specification(s).

If you do not have a Licensing Information Form for any of the API Product Specifications listed, you may obtain one online at website at www.api.org/certifications/monogram/documents/licensing-forms.cfm.

To request a form, please contact API Certification Programs:

API Certification Programs 1220 L Street, NW Washington, DC 20005-4070, USA

Phone: (+1) 202-962-4791 Fax: (+1) 202-682-8070

Email: certification@api.org Web: www.api.org/monogram

Do not submit a Licensing Information Form(s) without a completed API Monogram License Agreement(s) (see Part 4 – API Monogram License Agreement), your API Certification Programs Application, your Quality Manual, API Spec Q1 Conformity Matrix and License Fee. For instructions on where to send your submission, see Part 6 – Fee Schedule.

Introductions

API Q1 has been created to deal with quality management systems for organizations in the petroleum and natural gas sector. It lays out the essential requirements for organizations claiming compliance with API Q1. It can be used by organizations providing products for use in this industry. API Q1 defines “product” as the output intended for customers. Earlier versions only applied to organizations making physical products, providing services for physical products, or involved in manufacturing processes. The aim of API Q1’s requirements is to reduce the chance of errors. While API Q1 might include some aspects of other management systems, it doesn’t cover all their specific requirements. It can be used alongside other industry guidelines. Both internal and external parties, including certification bodies, can use API Q1 to check if an organization meets customer, legal, and its own requirements. API Q1 encourages integrating a process approach when developing, implementing, and improving the effectiveness of a quality management system. This ensures continuous control over requirements and facilitates the overlap of processes. To function effectively, an organization must manage various connected activities. Any activity that turns inputs into outputs can be seen as a process. These process activities involve identifying needs, providing resources, realizing products, sequencing activities, monitoring effectiveness, and making necessary changes or corrections. API Spec Q1 10th Edition addresses the following types of organizations in the petroleum and natural gas industry.

• manufacturing
• engineering/design
• physical product realization activity providers such as those performing:
• welding
• heat treating
• coating/plating
• machining
• inspection
• testing
• servicing
• physical product-related activity providers such as those performing:
• distribution
• logistics
• software development

The verbal forms used to express the provisions in this document are as follows.

Shall: As used in a standard, “shall” denotes a minimum requirement to conform to the standard.
Should: As used in a standard, “should” denotes a recommendation or that which is advised but not required to conform to the standard.
May: As used in a standard, “may” denotes a course of action permissible within the limits of a standard.
Can: As used in a standard, “can” denotes a statement of possibility or capability

Goal of API QI

The aim is to establish the essential criteria for creating a quality management system that encourages dependability and allows for ongoing enhancements. The focus is on preventing errors, reducing differences, and avoiding inefficiencies. This specification does not aim to suggest that all quality management systems should have the same structure or documentation.

Structure of API Q1: 10^th Edition

1.Scope

This section review section 1, scope, of the API Q1 10^th edition specification. This specification established the minimum quality management system requirements for organizations that provide products for use in the petroleum and natural gas industry..

2.0 Normative references

The text makes reference to API Q1, and some or all of its content serves as requirements for API Q1. For dated references, only the tenth edition mentioned is applicable. For undated references, the most recent edition (including any addenda) is applicable.

ISO1 9000:2015, Quality management systems—Fundamentals and vocabulary

3.0 Terms, Definition and Abbreviations

3.1 Terms and Definition

For the purpose of API Q1: 10^th Edition, the terms and definitions given in ISO 9000 and the following shall apply:

3.1.1 acceptance criteria: Specified limits of acceptability applied to process or product characteristics.

3.1.2 acceptance inspection: Demonstration through monitoring or measurement that the product conforms to specified requirements.

3.1.3 calibration: Process of comparison to a standard of known accuracy, comparison of results against TMMDE (testing, measuring, monitoring, and detection equipment) acceptance criteria, and, if applicable, making needed adjustment.

NOTE Calibration of non-adjustable equipment can be referred to as verification.

3.1.4 compliance: Act of satisfying (verb) or the status of having satisfied (noun) legal requirements.

3.1.5 critical: Deemed by the organization, product specification, or customer to be of significant importance and requiring specific action.

3.1.6 delivery: Point in time at which the agreed transfer of ownership takes place.

3.1.7 design acceptance criteria (DAC): Requirements applied to characteristics or combinations of those characteristics, of materials, products, or components to achieve conformity to the specified design requirements and/or required design performance.
NOTE 1 DAC can be equal to MAC.
NOTE 2 Required design performance is often stated in technical specifications.

3.1.8 design validation: Process of proving a design by testing to demonstrate that the product conforms to design requirements and performs as intended.
NOTE Design validation can include one or more of the following (this is not an all-inclusive list):
a) prototype tests,
b) functional and/or operational tests,
c) tests specified by industry standards and/or regulatory requirements,
d) field performance tests and reviews.

3.1.9 design verification: Process of examining design outputs to determine conformity with specified requirements.
NOTE Design verification activities can include one or more of the following (this is not an all-inclusive list):
a) confirming the accuracy of design results through the performance of alternative calculations,
b) review of design output documents resulting from design activities,
c) comparing new designs to similar proven designs.

3.1.10 key performance indicator (KPI): Quantifiable measure that an organization uses to gauge or compare performance.

3.1.11 legal requirement: Statutory or regulatory requirements.

3.1.12 management [noun]:
A person or group of persons with authority and responsibility for the conduct and control of all or part of an organization.
NOTE For some organizations, top management (see ISO 9000) and management are the same.

3.1.13 manufacturing acceptance criteria (MAC): Requirements applied to characteristics or combinations of those characteristics, of materials, products, or components to achieve conformity to DAC and other product manufacturing requirements.
NOTE 1 MAC can be equal to DAC.
NOTE 2 For services, product realization can be substituted for product manufacturing.

3.1.14 outsource [outsourced activity]: Function or process that is performed by an external supplier on behalf of the organization.

3.1.15 preventive maintenance: Systematic servicing of equipment, machines and/or facilities for the purpose of maintaining a satisfactory operating condition.

3.1.16 procedure: Organization’s documented method for performing an activity under controlled conditions to achieve conformity to specified requirements.
NOTE 1 This definition was previously identified as a “control feature” in earlier editions of this specification.
NOTE 2 A procedure can be in many forms, e.g. work instructions, flow diagrams and manuals.

3.1.17 product: Output of an organization intended to be provided to a customer.
NOTE As used in this document, the term ‘product’ can include, but is not limited to, hardware, software, production activities, or product related activities such as: servicing, storage, distribution, and logistics.

3.1.18 product realization: Set of interrelated or interacting activities (processes) necessary to provide product.

3.1.19 remote assessment: Assessment conducted by person(s) not physically present at the location being assessed.

3.1.20 risk: A situation or circumstance that has both a probability of occurring and a potentially negative consequence.

3.1.21 servicing: Maintenance, adjustment, and/or repair performed on a product after delivery and/or on-site installation.

3.1.22 supply chain: Suppliers and associated sub-supplier(s) required for product realization.

3.2 Abbreviations

For the purposes of this specification, the following abbreviations shall apply.

DAC: design acceptance criteria
ITP: inspection test plan
KPI: key performance indicator
MAC: manufacturing acceptance criteria
MOC: management of change
MPS: manufacturing process specification
PCP: process control plan
QAP: quality activity plan
QMS: quality management system
QP: quality plan
TMMDE: testing, measuring, monitoring, and detection equipment

4 Quality Management System Requirements

4.1 Quality Management System

4.1.1 General

The organization must always plan, set up, record, put into action, and keep up a quality management system in line with this specification’s demands for the product within the organization’s defined scope. Additionally, the organization needs to assess and enhance the effectiveness of this quality management system.

4.1.2 Quality Policy

The organization’s commitment to quality must be clearly outlined, documented, reviewed, and endorsed by top management. The quality policy should:

1. Align with the organization’s goals and guide its strategic path,
2. Serve as a foundation for setting quality objectives,
3. Be effectively communicated, understood, put into practice, and upheld within the organization,
4. Be accessible to relevant stakeholders as determined by the organization, and
5. Include a pledge to meet requirements and consistently enhance the efficiency of the quality management system.

4.1.3 Quality Objectives

Quality objectives, including those necessary to fulfill product and customer needs, must be set at appropriate functions and levels within the organization by management, with approval from top management. These objectives should be measurable, communicated, and aligned with the quality policy.

4.1.4 Planning the Quality Management System

4.1.4.1 General

The planning of the quality management system must be conducted. While planning, the organization must specify the scope of the quality management system, including the products covered and any limitations or exclusions. The organization must recognize external and internal factors relevant to the organization’s long-term objectives and goals. Identify relevant stakeholders and their requirements for the quality management system. The organization must establish the sequence and interaction between the processes of the quality management system. The organization must determine and oversee the criteria and methods necessary for the efficient operation and control of quality management system processes. The organization must set quality objectives, detailing actions, resources, responsibilities, timeframes, and methods for monitoring and evaluation. It must address identified risks. It addresses opportunities for improvement. It must identify key personnel involved in the quality management system.

4.1.4.2 Exclusions

If an organization carries out activities covered by API Q1, whether internally or through outsourcing, it cannot claim exclusion of those activities. Excluding certain activities should not impact the organization’s capability or obligation to deliver products that meet customer and legal standards. If any exclusions are made, the reasoning behind them must be documented. When an organization performs activities addressed by this specification, no claims to exclusion of those activities are permitted. When exclusions are permitted, they are limited to the following sections:

4.1.5 Communication

4.1.5.1 Internal

The organization must set up internal communication processes. These processes should involve communicating, at appropriate levels and functions within the organization the significance of meeting customer, legal, and other relevant requirements; and the outcomes of data analysis.

4.1.5.2 External Communications

The organization must create and put into action a procedure for communicating with external entities, including customers. This process should cover:

1. Handling inquiries, contracts, or order processing, and any modifications;
2. Understanding and meeting requirements during contract execution and product creation;
3. Providing product details, including any non-conformities;
4. Addressing feedback and customer complaints;
5. Sharing quality plans and any subsequent adjustments; and
6. Communicating changes and associated risks.

4.2 Management Responsibility

4.2.1 General

Top management must show leadership and dedication to setting up, implementing, maintaining, and enhancing the quality management system by endorsing the creation of quality objectives at relevant functions and levels within the organization. Top management must allocate necessary resources for the quality management system. These resources can encompass human resources, specialized skills, organizational infrastructure, financial assets, and technology. Top management must involving and backing personnel in implementing and sustaining the quality management system and designating responsibilities and authorities to ensure that processes achieve intended outcomes.

4.2.2 Responsibility and Authority

The duties, powers, and responsibilities of personnel within the organization’s quality management system must be clearly outlined, documented, and communicated across the organization.

4.2.3 Management Representative

Top management must appoint and retain a member of the organization’s management who, regardless of other duties, holds responsibility and authority that involves guaranteeing compliance of the quality management system with the requirements of this specification. Establishing, implementing, and maintaining processes necessary for the quality management system. Providing reports to top management regarding the performance of the quality management system and any areas requiring improvement. Initiating actions to rectify nonconformities. Ensuring the promotion of awareness of customer requirements throughout the organization.

4.3 Organization Capability

4.3.1 Resources and Knowledge

4.3.1.1 Resources

The organization must identify and allocate the necessary resources to implement, maintain, and enhance the effectiveness of the quality management system.

4.3.1.2 Knowledge

The organization must identify the expertise required to sustain the operation of its processes and ensure the consistent conformity of its products. This knowledge should be preserved and accessible as per the organization’s discretion.

Note: Knowledge may be gained through experience, study, training, lessons learned, best practices, or other means.

4.3.2           Human Resources

4.3.2.1       Personnel Competence

Personnel involved in the organization’s quality management system responsibilities must be competent. The organization should uphold a documented procedure concerning personnel competence. This procedure should cover:

1. Identifying and documenting required competencies.
2. Identifying necessary education, training, experience, or other actions to attain competence.
3. Evaluating the effectiveness of measures taken to acquire competencies.
4. Establishing criteria and methods for assessing, maintaining, and re-assessing competencies.
5. Designating personnel responsible for assessing competency.

Records of personnel competence must be retained.

4.3.2.2  Training

The organization must establish and uphold a training procedure. The organization must identifying the content and frequency of necessary training. The organization must provide training on the quality management system. It must provide job-specific training, including raising awareness among personnel about the significance of their tasks and their contribution to achieving the organization’s quality objectives. It must offer customer-specified or customer-provided training when necessary. It must assess the effectiveness of the training. It must document the required training records. Records of personnel training must be retained.

4.3.3  Work Environment

The organization must identify, furnish, oversee, and sustain the work environment necessary to ensure product conformity. This work environment encompasses:

1. Facilities, workspaces, and related utilities;
2. Process equipment, including both hardware and software;
3. Ancillary services (e.g., transportation, communication, information systems); and
4. Work conditions, covering physical, environmental, or other influencing factors.

4.4 Documentation Requirements

4.4.1 General

The documentation of the quality management system should consist of:

1. An outline of the quality management system’s scope, defining the products covered and providing reasons for any exclusions;
2. Declarations of the quality policy and quality objectives;
3. Listing legal and other relevant requirements that the organization must adhere to in order to ensure product conformity;
4. Explanation of how the quality management system fulfills each requirement outlined in this specification;
5. Identification of processes requiring validation; and
6. Procedures, documents, and records necessary for planning, executing, and controlling processes, as well as for meeting specified requirements.

Note: Traditionally, some of this documentation has been incorporated into a quality manual, but it can take various formats and may be presented as either a single document or multiple documents.

4.4.2 Procedures

Every procedure mandated by this specification must outline the organization’s approach to conducting an activity. These procedures must be documented, put into action, and upheld to ensure ongoing appropriateness.

Note: One procedure can encompass the requirements for one or more documented procedures. Likewise, multiple procedures can fulfill any requirement for a documented procedure.

4.4.3 Control of Internal Documents

The organization must maintain a documented procedure for managing internal documents required by the quality management system and this specification, including revisions, translations, and updates. This procedure must cover:

1. Responsibilities for approval and re-approval;
2. Review and approval for adequacy before issuance and use;
3. Periodic reviews for ongoing suitability and necessary revisions;
4. Identification of changes and current revision status;
5. Ensuring legibility and proper identification of documents;
6. Availability of documents at locations where activities are carried out.

Obsolete documents must be removed from all points of distribution or use, or appropriately marked to prevent unintended usage if retained for any purpose. Procedures, work instructions, and forms mandated by the quality management system must be controlled.

4.4.4 Control and Use of External Documents

The organization must uphold a documented procedure for managing documents from external sources necessary for product realization and use, including API or other external specifications. This procedure should cover:

1. Identifying and documenting the necessary external documents;
2. Managing access to and distribution of required documents, including relevant versions;
3. Incorporating requirements from external documents into product realization and any affected processes;
4. Establishing a process for identifying changes to required documents, such as addenda, errata, and updates;
5. Assessing the impact of changes;
6. Incorporating relevant changes.

Note: Normative references specified within API product or other external specifications, essential during product realization, may also be regarded as external documents.

4.5 Control of Records

Records, including those originating from outsourced activities, must be established and managed to demonstrate conformity to requirements and the organization’s quality management system. The organization must maintain a documented procedure outlining the controls and responsibilities for managing records. This procedure should cover:

1. Identifying records;
2. Collecting records;
3. Ensuring legibility of records;
4. Correcting records when necessary;
5. Storing records securely;
6. Safeguarding records from unintended alteration, damage, or loss;
7. Retrieving records as needed;
8. Determining retention periods;
9. Disposing of records when appropriate.

Records must be retained for a minimum of ten years or as required by customer, legal, and other relevant requirements, whichever is longer.

5 Product Realization

5.1 Contract Review
5.1.1 General

The organization must uphold a documented procedure for reviewing requirements related to product provision. This procedure should cover determining requirements, reviewing requirements, and making changes to requirements.

5.1.2 Determination of Requirements

The organization must identify requirements outlined by the customer, legal regulations, and any other applicable criteria, as well as requirements not explicitly mentioned by the customer but deemed necessary by the organization for providing the product. In cases where the customer hasn’t provided documented requirements, the organization must confirm these requirements and keep records of the confirmation process.

5.1.3 Review of Requirements

The organization must assess the requirements regarding product provision. This assessment must occur before the organization commits to delivering the product to the customer. It should confirm that requirements are identified and documented, resolve any discrepancies from previously identified requirements, and ensure the organization can meet the documented requirements. If contract requirements change, the organization must update relevant documents and inform relevant personnel of the changes. Records of the review outcomes, including any resulting actions, must be kept.

5.2 Planning

The organization must identify and strategize the processes and documents necessary for product realization. During planning, the organization should address the following:

1. Management of required resources and work environment.
2. Product and customer-specified requirements.
3. Legal and other applicable requirements.
4. Design specifications.
5. Contingency planning.
6. Specific verification, validation, monitoring, measurement, inspection, and testing activities for the product, along with acceptance criteria.
7. Management of change (MOC).
8. Records needed to demonstrate that product realization aligns with requirements.

The outcome of this planning must be documented and regularly updated to reflect changes. These plans should be organized in a structure suitable for the organization’s operational.

5.3 Risk Management
5.3.1 General

The organization must maintain a documented procedure for identifying and managing risks related to product delivery and quality. The procedure should cover:

• Techniques for identifying and assessing risks.
• The use of risk assessment tools and their application.
• Criteria for determining the severity of risks, including potential consequences of product failure.
• Actions for mitigating risks.
• Assessing the remaining risks.
• Contingency planning, including when a contingency plan is necessary based on the assessment of remaining risks.

Risk assessment may involve evaluating severity, probability of occurrence, and detectability. It can also be linked to corrective action.

5.3.2 Risk Assessment
5.3.2.1 Product Delivery

Risk assessment related to product delivery must consider factors such as facility and equipment availability, including maintenance, as well as supplier delivery performance and material availability/supply.

5.3.2.2 Product Quality

Risk assessment concerning product quality must encompass factors such as the delivery of nonconforming products and the availability of competent personnel.

5.3.2.3 Changes Impacting Product Quality

If any of the listed alterations have the potential to adversely affect product quality, a risk assessment concerning product quality must be conducted:

1. Changes in the organizational structure;
2. Changes in key personnel;
3. Alterations in the supply chain of critical products, components, or activities;
4. Modifications to the management system scope or procedures; and
5. Adjustments to the organization’s capacity to execute the processes needed for product realization.

Note: Changes may originate internally or externally.

5.3.3 Contingency Planning

If the organization deems it necessary to have a contingency plan due to assessed risks, the plan must, at a minimum, outline actions needed to mitigate the impact of disruptive incidents, assign responsibilities and authorities, and establish controls for internal and external communication. These contingency plans must be documented, communicated to relevant personnel, and revised as necessary.

5.3.4 Records

Records documenting risk assessment and management, including the actions implemented, must be retained.

5.4 Design
5.4.1 General

If the organization is accountable for product design, it must adhere to the requirements outlined in section 5.4. However, these design requirements do not apply if the product is involved in production activities, servicing, storage, distribution, or logistics.

Note: In previous editions, the term “design” was denoted as “design and development.”

5.4.2 Design Planning

The organization must uphold a documented procedure for planning and overseeing the design process. This procedure should cover:

a) Planning, including updates to the plan(s), used for design.
b) Various stages of the design process.
c) Allocation of resources, responsibilities, authorities, and their interactions.
d) Review, verification, and validation activities required for each design stage.
e) Requirements for a final review of the design.
f) Criteria and approval process for design changes.

When design activities are outsourced or carried out at different locations within the organization, the procedure should outline controls to ensure compliance with design requirements. If design activities are outsourced, the organization remains accountable for design and must ensure that the supplier meets outsourcing requirements.

Note: Design review, verification, and validation serve distinct purposes but can be conducted and recorded separately or in any combination, as appropriate for the product and the organization.

5.4.3 Design Inputs

Inputs must be identified and assessed for adequacy, completeness, clarity, and absence of conflicts. Any identified issues must be resolved. Inputs may encompass functional and technical requirements, along with the following, if applicable:

1. Customer-specified requirements;
2. Requirements from external sources, including API product specifications;
3. Environmental and operational conditions;
4. Documentation of methodologies, assumptions, and formulas; e) Historical performance and other data from similar previous designs;
5. Legal requirements; and
6. Potential consequences of product failure, as required by legal mandates, industry standards, customer specifications, or deemed necessary by the organization.

Records of design inputs must be retained.

5.4.4 Design Outputs

The documentation of outputs must enable verification against the requirements outlined in the design inputs. These outputs should:

• Meet the requirements specified in the design inputs.
• Provide information for purchasing, production, inspection, testing, and servicing, as applicable.
• Identify or reference design acceptance criteria (DAC).
• Include identification of, or reference to, products, components, and/or activities considered critical to the design.
• Incorporate the results of relevant calculations.
• Specify the characteristics of the product essential for its intended purpose and safe and proper function.

Records of design outputs must be retained.

Note: Identification of criticality of products, components, and/or activities may be managed separately from the design process.

5.4.5 Design Review

At appropriate stages, evaluations must be conducted to assess the suitability, adequacy, and effectiveness of the outcomes of design stages in meeting specified requirements, and to identify any issues and recommend required actions. These reviews must involve representatives from relevant functions associated with the design stages under review. Records of the review outcomes and any subsequent actions must be retained.

5.4.6 Design Verification and Final Review

To confirm that the design outputs meet the design input requirements, design verification and a final review must be carried out and documented according to the organization’s procedure. Records of design verification, any required actions, and the final review must be preserved.

5.4.7 Design Validation and Approval

The organization’s procedure must include conducting design validation to ensure that the resulting product can fulfill the specified requirements. Whenever feasible, validation must be concluded before product delivery. After validation, the finalized design must be approved by competent individuals other than those who developed the design. Records of design validation, approval, and any required actions must be retained.

5.4.8 Design Changes

Design changes must be identified and subjected to review, verification, and validation as necessary before being approved for implementation. The review of design changes must assess their impact on the product and its component parts at relevant stages of product realization, including already delivered products. Additionally, the review must evaluate whether customer notification is necessary if the changes adversely affect the specified performance capability of the product. All design changes, including modifications to design documents, must adhere to the organization’s procedure. Records of design changes, reviews, and any required actions must be documented and maintained.

5.5 Purchasing
5.5.1 Purchasing Control
5.5.1.1 Procedure

The organization must maintain a documented procedure for purchasing products, components, and/or activities necessary for product realization. This procedure should cover:

1. Identifying critical products, components, and/or activities.
2. Initial assessment and selection of suppliers.
3. Using identified risks to determine the initial assessment method of the supplier’s capability for critical purchases.
4. Determining the type and extent of control applied to the supply chain for critical products, components, or activities. Note: Additional requirements for outsourced activities are specified in section 5.5.1.7.
5. Establishing criteria, scope, frequency, and methods for re-evaluating suppliers.
6. Identifying approved suppliers and defining the scope of approval.
7. Identifying customer-specified suppliers and suppliers limited by proprietary and/or legal requirements when section 5.5.1.3 applies.

5.5.1.2 Initial Supplier Evaluation—Critical Purchases

For critical products, components, or activities, the initial evaluation of suppliers who have not been previously approved must consider the scope of supply and be specific to each supplier. This evaluation must include:

1. Verifying the implementation of the supplier’s quality management system and its conformity to the organization’s specified quality system requirements for suppliers.
2. Verifying the type and extent of control applied by the supplier internally and throughout their supply chain to meet the organization’s requirements.
3. Assessing the supplier’s capability to meet the organization’s specified requirements. This can be done through one or more of the following methods based on identified risks:
   • Conducting an on-site assessment to verify that relevant product realization processes are performed by process controls and effectively achieve conformity to requirements.
   • Conducting a remote assessment to verify that relevant product realization processes are performed using process controls and effectively achieve conformity to requirements.
   • Performing inspection, testing, or verification of relevant characteristics of received products.

For suppliers of critical purchases with high-risk severity, identified by the organization for which an on-site assessment is not conducted, the evaluation of the supplier’s capability must include a remote assessment and inspection, testing, or verification. When conducting a remote assessment, it must include verification of objective evidence through real-time audio/visual observation of required activities and documentation using information and communication technology. Additionally, any additions to a supplier’s scope of approval or change from an approved site to a new site of supply must also undergo evaluation as per the requirements outlined in this section.

5.5.1.3 Initial Supplier Evaluation – Critical Purchases – Customer Specified, Proprietary, and/or Legal Limited

For critical products, components, or activities where the supplier is specified by the customer or involves proprietary and/or legal requirements that restrict the application of Initial Supplier Evaluation, the initial evaluation process shall involve verifying the implementation of the supplier’s quality management system and its conformity to the quality system requirements specified by the organization and/or the customer’s requirements and identifying how the supplied product, component, or activity conforms to specified requirements. The scope of approval for customer-specified suppliers shall be restricted to the relevant customer contract in cases where an assessment has not been conducted.

5.5.1.4 Initial Supplier Evaluation—Noncritical Purchases

For the procurement of noncritical products, components, or activities that influence product realization or the final product, the organization’s criteria for evaluating suppliers must either meet the requirements of Initial Supplier Evaluation—Critical Purchases or fulfill one or more of the following:

1. Verifying that the supplier’s quality management system aligns with the quality system requirements specified for suppliers by the organization.
2. Assessing the supplier’s ability to meet the organization’s purchasing requirements.
3. Evaluating the product or component upon delivery, or activity upon completion.

5.5.1.5 Supplier Reevaluation

For suppliers previously approved for products, components, or activities, the organization must determine the frequency of supplier reevaluation based on identified risk and supplier quality performance. For the reevaluation of suppliers providing critical products, components, or activities, the provisions of section 5.5.1.2 shall be followed. For the reevaluation of suppliers providing critical products, components, or activities specified by the customer or restricted by proprietary and/or legal requirements, the requirements outlined in section 5.5.1.3 shall be adhered to. For the reevaluation of suppliers providing non-critical products, components, or activities that affect product realization or the final product, the guidelines detailed in section 5.5.1.4 shall be followed.

5.5.1.6 Records

Records of evaluation results, comprising objective evidence and any subsequent actions, must be retained. Additionally, records of approved suppliers, customer-specified suppliers, and suppliers bound by proprietary and/or legal requirements must be kept.

5.5.1.7 Outsourcing

When an organization decides to delegate a process or activity from its quality management system to an external supplier, it must ensure that the supplier meets the relevant requirements of the organization’s quality management system. If an organization opts to outsource a process or activity related to product realization, it must retain accountability for ensuring that the product meets specified requirements, which may include relevant API or other external specifications. Documentation of outsourced activities must be retained, including evidence of conformity.

5.5.2 Purchasing Information

The organization must verify the adequacy of specified purchasing information before transmitting it to the supplier. Purchasing information provided to the supplier must be documented and clearly outline the product, component, or activity to be procured. This documentation should include, as appropriate:

• a) Acceptance criteria;
• b) Requirements for approving the supplier’s procedures, processes, and equipment;
• c) Relevant technical data such as specifications, drawings, process requirements, inspection instructions, and traceability requirements;
• d) Criteria for qualifying the supplier’s personnel;
• e) Requirements related to the quality management system;
• f) Conditions for approving product release; and
• g) If either the organization or its customer intends to conduct verification at the supplier’s premises, the intended verification arrangements.

Note: Applicable specifications may encompass or derive from customer requirements, API specifications, design output, and/or industry standards.

5.5.3 Verification of Purchased Products, Components or Activities
5.5.3.1 General

The organization must uphold a documented procedure outlining the verification needed to ascertain whether purchased products, components, or activities adhere to specified purchase requirements.

5.5.3.2 Critical Purchases

For critical products, components, or activities, the organization’s verification procedure should cover:

1. Reviewing the required documentation provided by the supplier;
2. Ensuring that the correct versions were utilized when specifying specifications, drawings, process requirements, inspection instructions, traceability requirements, and other relevant technical data as outlined in section 5.5.2 item c;
3. Defining the inspection, testing, and/or verification requirements, including methods, frequency, and the responsible party. The organization should determine these aspects based on identified risks and supplier quality performance.

5.5.3.3 Noncritical Purchases

The organization’s documented procedure must verify noncritical products, components, or activities.

5.5.3.4 Records

Documentation of verification activities and evidence demonstrating conformity to specified requirements must be retained.

5.6 Control of Product Realization
5.6.1 General

The organization must uphold a documented procedure outlining controls related to product realization. This procedure should cover:

1. Establishing and applying manufacturing acceptance criteria (MAC);
2. Identifying and documenting critical processes involved in product realization;
3. Executing the quality plan, if applicable;
4. Ensuring compliance with design requirements and associated modifications, if applicable;
5. Utilizing and ensuring the availability of product realization equipment and TMMDE (unless excluded);
6. Following relevant work instructions;
7. Employing process control documents;
8. Maintaining identification and traceability requirements throughout the product realization process;
9. Executing monitoring and measurement activities.

5.6.2 Quality Plan

When stipulated by contract, the organization must create a quality plan delineating the processes of the quality management system, including product realization, and the resources allocated to a product. This plan should cover the following minimum aspects:

1. Description of the product or the quality plan’s scope;
2. Required processes and documentation, encompassing necessary inspections, tests, and record-keeping to ensure compliance with requirements;
3. Identification of outsourced activities and references to their management;
4. Identification of each procedure, specification, or document referenced or utilized in each activity;
5. Specification of the required hold points, witnessing, monitoring, and document review stages.

The quality plan, along with any modifications, must be documented and endorsed by the organization. Additionally, the quality plan and its revisions should be communicated to the customer.

Note: A quality plan may consist of one or more documents and may be known by various terms, such as product quality plan (PQP), inspection and test plan (ITP), manufacturing process specification (MPS), process control plan (PCP), or quality activity plan (QAP).

5.6.3 Process Control Documents

The organization is required to document process controls, which must encompass or make reference to Criteria for verifying compliance with relevant quality plans, API product specifications, customer requirements, and/or other pertinent product standards/codes; Instructions and criteria for processes, tests, inspections, and; When relevant, points designated for the customer’s inspection hold, witnessing, monitoring, and document review.

Note: Process controls may take the form of routings, travelers, checklists, process sheets, or similar controls, and may be electronic or hard copy.

5.6.4 Validation of Processes

The organization is obligated to validate processes in cases where the resulting output cannot be verified through subsequent monitoring or measurement, leading to the detection of deficiencies after product delivery or during its usage. Validation must demonstrate these processes’ capability to achieve planned outcomes. Process validation shall adhere to either of the following:

1. If a product specification specifies particular processes necessitating validation, only those specified processes shall require validation for the relevant product. (Note: The organization may, at its discretion, opt to validate additional processes beyond those outlined in a product specification.)
2. If there is no applicable product specification or the specification does not identify processes requiring validation, processes necessitating validation for the product, if applicable, shall include, at a minimum: nondestructive examination (NDE)/nondestructive test (NDT), welding, heat treating, and coating and plating (when deemed critical to product performance by the product specification or the organization).

The organization must maintain a documented procedure for process validation, detailing the review and approval methods. This procedure should cover required equipment; personnel qualification; specific methods, including defined operating parameters; identification of process acceptance criteria; record-keeping requirements; and revalidation criteria. In cases where the organization outsources a process requiring validation, it must retain evidence confirming compliance with the stipulations outlined in section 5.6.4.

5.6.5 Identification and Traceability

The organization is responsible for establishing and preserving identification throughout product realization, encompassing relevant delivery and post-delivery activities. This entails acknowledging traceability requirements outlined by the organization, the customer, and/or pertinent product specifications. The organization must uphold a documented procedure for identification and traceability while the product remains within its control, covering the following:

1. Methods employed for identification.
2. Necessary information for traceability, if mandated.
3. Criteria for maintaining and/or reinstating identification and/or traceability.
4. Measures to rectify instances of lost identification and/or traceability.

Records documenting traceability must be retained. Please note that “product” may encompass components or raw materials.

5.6.6 Inspection/Test Status

The organization is required to uphold a documented procedure for maintaining the identification of inspection and/or test status throughout product realization, clearly indicating whether the product conforms or exhibits nonconformity.

5.6.7 Externally Owned Property

The organization must uphold a documented procedure for managing externally owned property, including customer property, incorporated into the product while under the organization’s control. This property encompasses intellectual property and non-publicly available data. The procedure should cover identification, verification, safeguarding, preservation, maintenance, and reporting loss, damage, or unsuitability for use to the external owner. Records concerning the control and disposition of externally owned property must be retained.

5.6.8 Preservation of Product

The organization must uphold a documented procedure outlining the approaches employed to maintain the integrity of the product and its component parts during product realization and delivery. This procedure should cover identification and traceability marking, storage procedures (including designated storage areas or stock rooms), periodic condition assessments as specified by the organization, transportation, handling, packaging, and protection. Records of assessment results must be retained.

5.6.9 Inspection, Testing, and Verification
5.6.9.1 General

The organization must maintain a documented procedure for inspecting, testing, and/or verifying the product to ensure that requirements have been met. This procedure should cover:

1. Methods and application of in-process inspection, testing, and/or verification.
2. Methods and application of final inspection, testing, and/or verification.
3. Creation and retention of records.

It’s important to note that in-process and final inspection may be combined into one or more activities, and certain product characteristics may necessitate final inspection/verification during product realization.

5.6.9.2 In-process Inspection, Testing, and Verification

The organization must conduct inspections, tests, and/or verifications of products at predetermined stages as specified by the quality plan, process control documents, and/or documented procedures. Evidence demonstrating conformity with the acceptance criteria must be retained.

5.6.9.3 Final Inspection, Testing, and Verification

The organization must conduct final inspection, testing, and/or verification of the product in accordance with the quality plan, process control documents, and/or documented procedures to ascertain and document conformity of the completed product with the specified requirements. Unless conducted by an automated system, individuals other than those involved in or directly overseeing the product realization process shall carry out final acceptance inspection at scheduled stages of the product realization process.

5.6.9.4 Records

Records documenting all necessary inspection, testing, verification, and final acceptance activities must be preserved.

5.6.10 Preventive Maintenance

The organization must uphold a documented procedure for conducting preventive maintenance on equipment utilized for product realization. This procedure should outline the equipment types subject to maintenance, the frequency of maintenance tasks, and the individuals responsible for carrying them out. Records detailing preventive maintenance activities must be retained.

Note: Preventive maintenance protocols can be devised based on various factors such as risk assessment, system reliability, usage patterns, historical data, industry best practices, applicable regulations, manufacturer recommendations, or other relevant criteria.

5.7 Product Release

The organization must retain a documented procedure concerning the release of products to customers. Product release should not occur until all planned arrangements have been satisfactorily fulfilled. Only products that conform to requirements or have been authorized under concession shall be released by the organization. Records must be kept to facilitate the identification of the individual responsible for authorizing product release.

5.8 Testing, Measuring, Monitoring, and Detection Equipment (TMMDE)

5.8.1 General

The organization must establish the testing, measuring, monitoring, and detection requirements necessary to demonstrate conformity to specified standards. This includes the necessary Test, Measurement, Monitoring, and Detection Equipment (TMMDE). TMMDE, whether owned and maintained by the organization, owned by employees, or obtained from external sources such as third-party vendors, proprietary sources, or customers, must be controlled. Calibration of TMMDE must occur at specified intervals, with documentation of the date of first use when the calibration interval is determined based on this date.

5.8.2 Procedure

The organization must uphold a documented procedure for controlling Test, Measurement, Monitoring, and Detection Equipment (TMMDE). This procedure must encompass specific equipment types and include:

1. Unique identification;
2. Calibration status;
3. Traceability to international or national measurement standards. If such standards are absent, the basis for calibration must be recorded;
4. Calibration method and acceptance criteria;
5. Calibration frequency and the commencement of calibration intervals;
6. Documentation of calibration measurements before and after adjustments, known respectively as ‘as-found’ and ‘as-left’ measurements. If no adjustments are made, ‘as-found’ and ‘as-left’ measurements are the same;
7. Measures to prevent unintended use of TMMDE identified as out-of-calibration, beyond calibration intervals, or out-of-service;
8. Assessment of the validity of previous measurements and actions to be taken on the TMMDE and product if TMMDE is found to be out of calibration, including maintaining records and evidence of customer notification if suspect product has been shipped;
9. Utilization of third-party, proprietary, employee-owned, and customer-owned TMMDE;
10. Maintenance; and
11. Suitability for planned monitoring and measurement activities.

5.8.3 Equipment

TMMDE identified in 5.8.1 must adhere to the following:

1. a) Undergo calibration;
2. b) Have its calibration status identifiable by the user before and during use;
3. c) Be safeguarded from adjustments or modifications that could invalidate the measurement result or calibration status;
4. d) Be protected from damage and deterioration during handling, maintenance, and storage; and
5. e) Be utilized under environmental conditions suitable for the calibrations, inspections, measurements, and tests being performed.

When utilized in testing, monitoring, measurement, or detection to meet specified requirements, the suitability of computer software to fulfill the intended application must be confirmed before initial use and reconfirmed as necessary.

5.8.4 TMMDE Equipment from Other Sources

When utilizing TMMDE that is third-party, proprietary, or customer-owned, the organization must ensure the equipment is calibrated before use. If constrained by customer, contract, or licensing agreement limitations, the requirements outlined in 5.8.2, Item c), 5.8.2, Item d), 5.8.2, Item e), 5.8.2, Item f), 5.8.2, Item j), and 5.8.2, Item k) shall not be applicable.

5.8.5 Records

The organization is required to uphold a registry documenting the TMMDE outlined in 5.8.1, with each piece of equipment assigned a unique identification. Furthermore, the results of calibration as per 5.8.2 must be documented and retained. In cases where calibration of third-party, proprietary, and customer-owned TMMDE is constrained by customer, contractual, or licensing agreements, the organization must uphold records detailing the imposed limitations.

5.9 Control of Nonconforming Product
5.9.1 Procedure
5.9.1.1 General

The organization must uphold a documented procedure that outlines controls, along with the corresponding responsibilities and authorities, for managing nonconforming products throughout product realization and post-delivery.

5.9.1.2 Nonconforming Product During Product Realization

The procedure for handling a nonconforming product discovered during product realization must encompass guidelines for product identification and control to avoid unintended use or delivery, addressing the identified nonconformity, implementing measures to prevent its initial intended use or delivery, and obtaining authorization for its use, release, or acceptance under concession from the appropriate authority and, if necessary, from the customer.

5.9.1.3 Nonconforming Product After Delivery

The procedure for handling a nonconforming product discovered during product realization must encompass guidelines for product identification and control to avoid unintended use or delivery, addressing the identified nonconformity, implementing measures to prevent its initial intended use or delivery, and obtaining authorization for its use, release, or acceptance under concession from the appropriate authority and, if necessary, from the customer.

5.9.2 Nonconforming Product

The organization shall manage nonconforming products by executing one or more of the following actions:

1. a) Conducting repair or rework followed by subsequent inspection to ensure compliance with specified requirements;
2. b) Re-grading for alternative applications;
3. c) Releasing under concession; and/or
4. d) Rejecting or scrapping the product.

5.9.3 Release of Nonconforming Product Under Concession

Nonconforming products that do not meet manufacturing acceptance criteria (MAC) may be released under concession if authorized by the organization’s relevant authority, given that:

1. a) The products still meet the applicable design acceptance criteria (DAC) and customer criteria;
2. b) It is determined that the violated MAC is unnecessary to meet the applicable DAC and/or customer criteria; or
3. c) The DAC has been modified, and the affected products comply with the revised DAC and associated MAC requirements. If the DAC was previously agreed upon with the customer, any changes to the DAC must be authorized by the customer.

The organization is not permitted to release products that do not conform to DAC or contract requirements without authorization from the customer.

5.9.4 Customer Notification of Nonconforming Product

The organization is required to inform customers of any delivered product that does not meet the agreed design acceptance criteria (DAC) or contractual requirements. Records of such notifications must be maintained by the organization.

5.9.5 Records

Records documenting nonconformities must be retained, encompassing details of the nonconformity, actions taken thereafter including any concessions secured, the reasoning behind approving product release under concession, and the pertinent authority involved.

5.10 Management of Change (MOC)
5.10.1 General

The organization is required to uphold a documented procedure for Management of Change (MOC) to ensure the integrity of the quality management system amid changes. This MOC procedure shall cover:

1. a) Description and justification of the change;
2. b) Allocation and availability of resources, including personnel;
3. c) Assessment of potential risks associated with the change;
4. d) Review, approval, and execution of the change;
5. e) Notifications regarding the change;
6. f) Verification of the completion of MOC activities and assessment of their impact on the Quality Management System (QMS).

5.10.2 MOC Application

The organization must utilize Management of Change (MOC) for alterations that could adversely affect the product’s quality.

5.10.3 MOC Notification

The organization must inform pertinent internal staff about the change and its associated risks. If mandated by contract, the organization must also notify the customer of the change and its associated risks. Documentation of MOC notifications is required.

5.10.4 Records

Records of MOC activities must be maintained

6 Quality Management System Monitoring, Measurement, Analysis, and Improvement

6.1 General

The organization is responsible for planning and executing the processes for monitoring, measuring, analyzing, and improving the quality management system to ensure compliance with the requirements of this specification and to enhance the system’s effectiveness over time. This includes identifying appropriate methods, including data analysis techniques, and determining their utilization extent.

6.2 Monitoring, Measuring, and Improving
6.2.1 Customer Satisfaction

The organization must have a documented procedure for monitoring customer satisfaction, detailing the frequency and methods for assessing it, along with key performance indicators. Records of customer satisfaction data must be retained.

6.2.2 Internal Audit
6.2.2.1 General

The organization must conduct internal audits to assess the implementation, maintenance, and conformity of the quality management system to both this specification and the organization’s internal quality management system requirements. A documented procedure outlining responsibilities for planning, conducting, and documenting internal audits must be maintained. This procedure should identify audit criteria, scope, frequency, and methods, considering previous audit results, process criticality, and changes to the quality management system. All processes within the quality management system must undergo audits at least once every 12 months, with audits staggered throughout the year if necessary. Critical processes related to product realization must be audited to ensure compliance with requirements, including observation of activities and evaluation of conformity.

6.2.2.2 Performance of Internal Audit

Competent personnel, separate from those involved in or directly overseeing the audited activity, must conduct audits to ensure objectivity and impartiality. Audit records should offer objective evidence of the implementation and maintenance of the quality management system. Note: product specification requirements may be integrated into various quality management system processes and may be audited alongside one or more of these processes.

6.2.2.3 Audit Review and Closure

The organization must define timeframes for responding to identified nonconformities. Management accountable for the audited area must ensure that any required corrections and corrective actions adhere to the specifications outlined in section 6.4.2. Internal audit records must be retained.

6.3 Analysis of Data

The output of data analysis should furnish insights, including trends, regarding:

• a) Customer satisfaction.
• b) Non conformity to product requirements during product realization.
• c) Instances of nonconformities and product failures detected post-delivery or post-use, provided there is accessible product documentation or evidence to facilitate root cause determination.
• d) Process performance.
• e) Supplier performance.
• f) Attainment of quality objectives.

The organization must utilize data to assess areas where continual enhancement of the quality management system’s effectiveness is possible.

6.4 Improvement
6.4.1 General

The organization is required to enhance the effectiveness of the quality management system continuously. This is achieved by assessing, selecting, and implementing improvement opportunities utilizing quality objectives, internal audits, data analysis, corrective actions, and management review.

6.4.2 Corrective Action

The organization must uphold a documented procedure to manage nonconformities, including those arising from customer complaints, and to implement corrective actions both internally and with suppliers. Corrective actions should correspond to the impact of the encountered nonconformity, which can pertain to both quality management system processes and trends in nonconforming products.

The procedure should cover:

1. Criteria for initiating the corrective action process;
2. Reviewing the nonconformity;
3. Determining and implementing corrections;
4. Identifying the root cause of the nonconformity and assessing the need for corrective actions;
5. Implementing corrective action to minimize the likelihood of recurrence;
6. Defining the timeframe and responsible parties for addressing corrections and corrective action;
7. Verifying the effectiveness of the corrections and corrective action taken;
8. Updating risks and opportunities identified during planning;
9. Management of Change (MOC) when corrective actions necessitate new or modified controls within the quality management system; and
10. Assessing similar potential nonconformities and implementing preventive actions as appropriate.

Records of corrective action process activities should be maintained, including activities conducted to confirm the effectiveness of the corrective actions taken.

6.5 Management Review
6.5.1 General

The organization’s management must conduct a review of the quality management system at least once every 12 months (by the end of the same calendar month as the previous year’s review) to assess its ongoing suitability, adequacy, and effectiveness. This review should encompass evaluations of opportunities for improvement, sufficiency of resources, and the necessity for adjustments to the quality management system, including the quality policy and objectives.

6.5.2 Input Requirements

The minimum inputs required for management review shall encompass:

• a) Evaluation of the status and effectiveness of measures taken based on prior management reviews;
• b) Findings from internal audits and audits conducted by external parties.
• c) Identification of potential changes that may impact the quality management system, encompassing alterations to legal and other relevant requirements (e.g., industry standards), as well as shifts in internal and external factors pertinent to the quality management system.
• d) Assessment of customer satisfaction.
• e) Consideration of feedback received from customers and other concerned parties.
• f) Evaluation of process performance.
• g) Review of risk assessment outcomes and the effectiveness of risk mitigation measures. h) Status update on corrective actions.
• i) Analysis of supplier performance.
• j) Examination of product conformity analysis, including post-delivery or post-use nonconformities;
• k) Comparison of actual performance with quality objectives; and
• l) Proposals for improvement.

6.5.3 Output Requirements

The outcomes of the management review must comprise:

1. A concise evaluation of the quality management system’s effectiveness,
2. Any necessary modifications to processes,
3. Determinations and ensuing actions,
4. Essential resource allocations, and
5. Enhancements aimed at better meeting customer needs.

Senior management is responsible for reviewing and endorsing the results of management reviews. Documentation of management reviews is mandatory, and records of such reviews must be retained.

Annex A Use of API Monogram by Licensees

A.1 Scope

The API Monogram® serves as a registered certification mark, owned by API and sanctioned for licensing by the API Board of Directors. Under the API Monogram Program, API grants product manufacturers the authorization to affix the API Monogram to products meeting product specifications and manufactured under a quality management system in compliance with API Q1 requirements. API maintains a comprehensive, searchable record of all Monogram Licensees on the API Composite List website.

Application of the API Monogram and license number on products signifies a representation and guarantee by the Licensee to API and purchasers that, as of the indicated date, the products were manufactured under a quality management system adhering to API Q1 requirements and fully comply with the relevant standard(s) or product specification(s). API Monogram Program licenses are granted following an on-site audit confirming that an organization has implemented and consistently upheld a quality management system meeting API Q1 requirements, and that resultant products meet the specifications of the applicable API product specification(s) and/or standard(s). While any manufacturer may assert that its products meet API product requirements without featuring the Monogram, only those licensed by API can affix the API Monogram to their products.

In conjunction with the stipulations of the API Monogram license agreement, this annex outlines the prerequisites for organizations seeking voluntary API licensing to furnish API-monogrammed products meeting the criteria of the applicable API product specification(s) and/or standard(s), along with API Monogram Program requirements.

A.2 Normative References

API Q1, Specification for Quality Management System Requirements for Manufacturing Organizations for the Petroleum and Natural Gas Industry

A.3 Terms and Definitions

The following terms and definitions apply.

• A.3.1 API monogrammable product: Product that has been manufactured by an API Licensee utilizing a fully implemented API Q1 compliant quality management system and that meets all the API-specified requirements of the applicable API product specification(s) and/or standard(s).
• A.3.2 API product specification: Prescribed set of rules, conditions, or requirements attributed to a specified product that address the definition of terms; classification of components; delineation of procedures; specified dimensions; manufacturing criteria; material requirements, performance testing, design of activities; and the measurement of quality and quantity with respect to materials; products, processes, services, and/or practices.
• A.3.3 API-specified requirements: Requirements, including performance and Licensee-specified requirements, set forth in API Q1 and the applicable API product specification(s) and/or standard(s).
• NOTE Licensee-specified requirements include those activities necessary to satisfy API-specified requirements.
• A.3.4 design package: Records and documents required to provide evidence that the applicable product has been designed in accordance with API Q1 and the requirements of the applicable product specification(s) and/or standard(s).
• A.3.5 Licensee: Organization that has successfully completed the application and audit process and has been issued a license by API.

A.4 Quality Management System Requirements

Any organization affixing the API Monogram to products must establish, uphold, and consistently operate a quality management system in accordance with API Q1.

A.5 Control of the Application and Removal of the API Monogram

Each Licensee is responsible for regulating the application and removal of the API Monogram according to the following guidelines:

1. Products that do not meet API-specified requirements should not display the API Monogram.
2. Each Licensee must establish and uphold an API Monogram marking procedure outlining the monogramming specifications outlined in this annex and any relevant API product specification(s) and/or standard(s). This procedure should:
   • designate the authority responsible for applying and removing the API Monogram;
   • specify the method(s) for applying the Monogram;
   • indicate the location on the product where the API Monogram should be placed;
   • mandate the inclusion of the Licensee’s license number and the product’s date of manufacture alongside the API Monogram;
   • stipulate that the date of manufacture must include at least two digits for the month and two digits for the year (e.g., 05-12 for May 2012), unless specified otherwise in the applicable API product specification(s) or standard(s); and
   • include controls for applying any additional API product specification(s) and/or standard(s) marking requirements, as applicable.
3. Only an API Licensee is authorized to affix the API Monogram and its corresponding license number to API monogrammable products.
4. The API Monogram license is site-specific, and therefore the API Monogram should only be applied at the licensed facility’s designated location.
5. The API Monogram may be applied at any appropriate stage during production, but it must be removed according to the Licensee’s API Monogram marking procedure if the product is later found to be non-conforming with any requirements outlined in the applicable API product specification(s) and/or standard(s) and API Monogram Program.

For specific manufacturing processes or product types, alternative API Monogram marking procedures may be acceptable. Detailed requirements for alternative API Monogram marking can be found in the API Policy, API Monogram Program Alternative Marking of Products License Agreement, accessible on the API Monogram Program website.

A.6 Design Package Requirements

Every Licensee or applicant seeking licensing must uphold an updated design package for all relevant products covered by each Monogram license. The design package should offer tangible proof that the product design aligns with the requirements outlined in the relevant and latest API product specification(s). These design package(s) should be accessible during API audits conducted at the facility. In certain cases, the exclusion of design activities is permissible under the Monogram Program, as elaborated in Advisory #6, which can be found on the API Monogram Program website.

A.7 Manufacturing Capability

The API Monogram Program is structured to recognize facilities that have proven their capacity to produce equipment in accordance with API specifications and/or standards. API reserves the right to decline initial licensing or suspend existing licenses depending on the manufacturing capabilities of a facility. If API deems it necessary to conduct further evaluation, additional audits (at the organization’s cost) may be carried out on any subcontractors to verify their adherence to the requirements outlined in the relevant API product specification(s) and/or standard(s).

A.8 API Monogram Program: Nonconformance Reporting

API requests information regarding products that do not meet API-specified requirements, as well as instances of field failures or malfunctions attributed to specification deficiencies or nonconformities with API-specified requirements. Customers are encouraged to notify API of any issues encountered with API monogrammed products. Nonconformances can be reported using the API Nonconformance Reporting System accessible at http://compositelist.api.org/ncr.asp.