Quality management systems -- Guidance for the application of ISO 19443:2018

This document provides guidance on the implementation of the ISO 19443 requirements, with examples of possible steps an organization can take to meet the requirements. It does not add to, subtract from, or in any way modify those requirements. This document does not prescribe mandatory approaches to implementation, or provide any preferred method of interpretation.

Systèmes de management de la qualité -- Lignes directrices pour l'application de l'ISO 19443:2018

General Information

Status
Published
Publication Date
17-Sep-2020
Current Stage
5060 - Close of voting Proof returned by Secretariat
Start Date
19-Aug-2020
Completion Date
19-Aug-2020
Ref Project

Buy Standard

Technical report
ISO/TR 4450:2020 - Quality management systems -- Guidance for the application of ISO 19443:2018
English language
55 pages
sale 15% off
Preview
sale 15% off
Preview
Draft
ISO/PRF TR 4450 - Quality management systems -- Guidance for the application of ISO 19443:2018
English language
55 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

TECHNICAL ISO/TR
REPORT 4450
First edition
2020-09
Quality management systems —
Guidance for the application of ISO
19443:2018
Systèmes de management de la qualité — Lignes directrices pour
l'application de l'ISO 19443:2018
Reference number
ISO/TR 4450:2020(E)
ISO 2020
---------------------- Page: 1 ----------------------
ISO/TR 4450:2020(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2020

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2020 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/TR 4450:2020(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Context of the organization ....................................................................................................................................................................... 1

4.1 Understanding the organization and its context ....................................................................................................... 1

4.2 Understanding the needs and expectations of interested parties .............................................................. 1

4.3 Determining the scope of the quality management system ............................................................................. 1

4.4 Quality management system and its processes .......................................................................................................... 1

5 Leadership .................................................................................................................................................................................................................. 2

5.1 Leadership and commitment ..................................................................................................................................................... 2

5.1.1 General...................................................................................................................................................................................... 2

5.1.2 Customer focus .................................................................................................................................................................. 2

5.1.3 Nuclear safety culture ................................................................................................................................................. 2

5.2 Policy ............................................................................................................................................................................................................... 3

5.2.1 Establishing the quality policy ............................................................................................................................. 3

5.2.2 Communicating the quality policy .................................................................................................................... 3

5.3 Organizational roles, responsibilities and authorities.......................................................................................... 3

6 Planning ......................................................................................................................................................................................................................... 3

6.1 Actions to address risks and opportunities ................................................................................................................... 3

6.2 Quality objectives and planning to achieve them ...................................................................................................... 6

6.3 Planning of changes ............................................................................................................................................................................ 6

7 Support ........................................................................................................................................................................................................................... 6

7.1 Resources ..................................................................................................................................................................................................... 6

7.1.1 General...................................................................................................................................................................................... 6

7.1.2 People ........................................................................................................................................................................................ 7

7.1.3 Infrastructure ..................................................................................................................................................................... 7

7.1.4 Environment for the operation of processes ........................................................................................... 7

7.1.5 Monitoring and measuring resources ........................................................................................................... 7

7.1.6 Organizational knowledge ....................................................................................................................................... 8

7.2 Competence ............................................................................................................................................................................................... 8

7.3 Awareness ................................................................................................................................................................................................... 8

7.4 Communication ...................................................................................................................................................................................... 8

7.5 Documented information ............................................................................................................................................................... 8

7.5.1 General...................................................................................................................................................................................... 9

7.5.2 Creating and updating ................................................................................................................................................. 9

7.5.3 Control of documented information ............................................................................................................... 9

8 Operation ..................................................................................................................................................................................................................10

8.1 Operational planning and control .......................................................................................................................................10

8.1.1 Provisions for Counterfeit, Fraudulent or Suspect (CFS) items ...........................................10

8.2 Requirements for products and services ......................................................................................................................10

8.2.1 Customer communication .....................................................................................................................................10

8.2.2 Determination of requirements related for products and services ..................................10

8.2.3 Review of requirements related for products and services .....................................................10

8.2.4 Changes to requirements for products and services .....................................................................10

8.3 Design and development of products and services ..............................................................................................10

8.4 Control of externally provided processes, products and services ...........................................................10

8.4.1 General...................................................................................................................................................................................10

8.4.2 Type and extent of control ....................................................................................................................................11

8.4.3 Information for external providers ...............................................................................................................12

© ISO 2020 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/TR 4450:2020(E)

8.5 Production and service provision ........................................................................................................................................12

8.5.1 Control of production and service provision ........................................................................................12

8.5.2 Identification and traceability ...........................................................................................................................12

8.5.3 Property belonging to customers or external providers ............................................................12

8.5.4 Preservation ......................................................................................................................................................................12

8.5.5 Post-delivery activities ............................................................................................................................................12

8.5.6 Control of changes .......................................................................................................................................................13

8.6 Release of products and services .........................................................................................................................................13

8.7 Control of nonconforming outputs .....................................................................................................................................13

9 Performance evaluation ............................................................................................................................................................................13

9.1 Monitoring, measurement, analysis and evaluation ............................................................................................13

9.1.1 General...................................................................................................................................................................................13

9.1.2 Customer satisfaction ...............................................................................................................................................13

9.1.3 Analysis and evaluation ..........................................................................................................................................13

9.2 Internal audit .........................................................................................................................................................................................13

9.3 Management review ........................................................................................................................................................................13

9.3.1 General...................................................................................................................................................................................13

9.3.2 Management review inputs .................................................................................................................................13

9.3.3 Management review outputs .............................................................................................................................13

10 Improvement .........................................................................................................................................................................................................14

10.1 General ........................................................................................................................................................................................................14

10.2 Nonconformity and corrective action ..............................................................................................................................14

10.3 Continual improvement ...............................................................................................................................................................14

Annex A (informative) Additional requirements of ISO 19443:2018 versus ISO 9001:2015.................15

Annex B (informative) How to perform a risk analysis for the project? .......................................................................18

Annex C (informative) Determination of ITNS items and activities ..................................................................................22

Annex D (informative) Practical example of determination of ITNS items and activities .........................24

Annex E (informative) Typical (general) example for graded approach .....................................................................27

Annex F (informative) Practical example of graded approach ...............................................................................................29

Annex G (informative) Metrological guidelines .....................................................................................................................................32

Annex H (informative) Competence and qualification ....................................................................................................................35

Annex I (informative) Awareness training for personnel ............................................................................................................38

Annex J (informative) List of ISO 19443 additional requirements related to documented

information .............................................................................................................................................................................................................42

Annex K (informative) Good practices for 8.3 ..........................................................................................................................................45

Annex L (informative) Demonstration of the evidence of provisions for monitoring activities .........50

Annex M (informative) Example of scheme for non-conformance information and request

for approval along supply chain ........................................................................................................................................................53

Bibliography .............................................................................................................................................................................................................................54

iv © ISO 2020 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/TR 4450:2020(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The relationship of ISO standards to the IAEA safety standards (http:// www -ns .iaea .org/ standards/ )

needs to be understood to avoid confusions.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www .iso .org/patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www .iso .org/

iso/ foreword .html.

This document was prepared by the Technical Committee ISO/TC 85, Nuclear energy, nuclear

technologies, and radiological protection WG 4, Management systems and conformity assessment.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/members .html.
© ISO 2020 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO/TR 4450:2020(E)
Introduction
As general consideration, this guideline document:

— has been developed to assist users to apply the quality management system requirements of

ISO 19443:2018 by organizations in the supply chain of the nuclear energy sector supplying products

[1]
and services important to nuclear safety (ITNS) ,
— does not add to, subtract from, or in any way modify those requirements,

— does not prescribe mandatory approaches to implementation, or provide any preferred method of

[2]

interpretation of ISO 19443:2018 requirements supplementing those of ISO 9001:2015 , but only

provide examples of possible solutions an organization can implement to meet the requirements,

— proposes also good practices for some clauses of ISO 9001 when applied to ISO 19443.

[2]

Where there is no supplementary text to ISO 9001 (refer also to Annex A which gives a global picture

of additional requirements of ISO 19443:2018 versus ISO 9001:2015), the sentence “No ISO 19443

additional requirement to ISO 9001” has been included. In this case, for guidance on the initial text of

ISO 9001, refer to:
[2]
• ISO 9001:2015 , Annex A,
[3]
• ISO/TS 9002 , and
[4]
• ISO/IAF Auditing Practices Group .

Where it is considered that the added text is self-explanatory and thus no guidance has been added, the

sentence “No supplementary guidance provided “ has been included.

This guidance follows the layout of ISO 19443 and thus, users need to clearly understand the vocabulary

of ISO 9000 and ISO 9001, which underlie it, before addressing the added text in ISO 19443.

The delivery of all products or services will involve tiers (See Figure 1) to which the Licensee

requirements will be cascaded through Contractor(s) using technical specifications, procedures,

management system (including Quality Assurance and Quality Control) requirements, and other

contractual documents.

At each level, the external provider (called hereby “contractor”, “supplier” or “sub-supplier”) will be

potentially in position to be “the organization” considered by ISO 19443.
vi © ISO 2020 – All rights reserved
---------------------- Page: 6 ----------------------
ISO/TR 4450:2020(E)
Figure 1 — Schematic breakdown of tiers.
0.1 General
No ISO 19443 additional requirement to ISO 9001.
0.2 Quality management principles
No supplementary guidance provided.
0/3 Process approach
No ISO 19443 additional requirement to ISO 9001.
0.4 Relationship with other management system standards
No supplementary guidance provided.
© ISO 2020 – All rights reserved vii
---------------------- Page: 7 ----------------------
TECHNICAL REPORT ISO/TR 4450:2020(E)
Quality management systems — Guidance for the
application of ISO 19443:2018
1 Scope

This document provides guidance on the implementation of the ISO 19443 requirements, with examples

of possible steps an organization can take to meet the requirements.
It does not add to, subtract from, or in any way modify those requirements.

This document does not prescribe mandatory approaches to implementation, or provide any preferred

method of interpretation.
2 Normative references
There are no normative references in this document.
No ISO 19443 additional requirement to ISO 9001.
3 Terms and definitions
No terms and definitions are listed in this document.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
4 Context of the organization
4.1 Understanding the organization and its context

As part of risk-based thinking of ISO 19443:2018, 0.3.3, the organization should consider any risks and

the nuclear safety implications to its activities.
Refer also to Annex B.
4.2 Understanding the needs and expectations of interested parties
No ISO 19443 additional requirement to ISO 9001.
4.3 Determining the scope of the quality management system
No ISO 19443 additional requirement to ISO 9001.
4.4 Quality management system and its processes
4.4.1 No ISO 19443 additional requirement to ISO 9001.
4.4.2 No ISO 19443 additional requirement to ISO 9001.
© ISO 2020 – All rights reserved 1
---------------------- Page: 8 ----------------------
ISO/TR 4450:2020(E)
[5]

4.4.3 Refer to ISO 9000:2015 for definition of quality manual or quality plan and to following

standards referenced in ISO 9001:2015, Annex B:
[6]

— ISO 10005, Quality management systems — Guidelines for quality plans . This document provides

guidance on establishing and using quality plans as a means of relating requirements of the process,

product, project or contract, to work methods and practices that support product realization.

Benefits of establishing a quality plan are increased confidence that requirements will be met, that

processes are in control and the motivation that this can give to those involved.

[7]

— ISO 10006, Quality management systems — Guidelines for quality management in projects . This

document is applicable to projects from the small to large, from simple to complex, from an individual

project to being part of a portfolio of projects. ISO 10006 is to be used by personnel managing

projects and who need to ensure that their organization is applying the practices contained in the

ISO quality management

The intent of this subclause is for the organization to demonstrate compliance with ISO 19443

requirements, whatever the form, format or media. Quality manual and/or quality plan are examples

of typical ways to comply with this clause, but any other means (e.g. matrix, correspondence table, etc.)

can be used.
5 Leadership

Material can be found as guidelines for whole chapter 5 in the following documents.

[21]
— IAEA, Safety Series No.75-INSAG-4, 1991 – Safety Culture
[22]
— INPO – “Principles for a Strong Nuclear Safety Culture”
[23]
— WANO – Principles PL | 2013-1 - Traits of a Healthy Nuclear Safety Culture
[24]
— IAEA, No.INSAG-10, 1996 – Defence in Depth in Nuclear Safety
[25]

— AIEA, No.INSAG-13, 1999 – Management of Operational Safety in Nuclear Power Plants

[26]
— IAEA, No.INSAG-15, 2002 – Key Practical Issues in Strengthening Safety Culture
[27]
— IAEA Bulletin 50-1 – September 2008 – The mind-set of nuclear safety
[28]

— IAEA General Safety Requirements - GSR Part 2:2016 - Leadership and Management for Safety

— IAEA Safety Guide No. GS-G-3.1:2006 - Application of the Management System for Facilities and

[29]
Activities
[30]

— IAEA Safety Reports Series No 83:2016 - Performing Safety Culture Self-assessments

5.1 Leadership and commitment
5.1.1 General
No supplementary guidance provided.
5.1.2 Customer focus
No ISO 19443 additional requirement to ISO 9001.
5.1.3 Nuclear safety culture
[8]
Definition of IAEA Safety glossary :
2 © ISO 2020 – All rights reserved
---------------------- Page: 9 ----------------------
ISO/TR 4450:2020(E)

The assembly of characteristics and attitudes in organizations and individuals which establishes that, as an

overriding priority, protection and safety issues receive the attention warranted by their significance.

Section 5.1.3 of the standard addresses the principles of nuclear safety culture as a contribution to

nuclear safety, see Figure 2:
Figure 2 — Nuclear safety and nuclear safety culture
5.2 Policy
5.2.1 Establishing the quality policy

Appropriate nuclear safety considerations of 5.2.1 e) should take into account nuclear safety culture

aspects.

It’s up to the organization to develop separated policies for quality and safety or an integrated one.

5.2.2 Communicating the quality policy
No ISO 19443 additional requirement to ISO 9001.
5.3 Organizational roles, responsibilities and authorities
No supplementary guidance provided.
6 Planning
6.1 Actions to address risks and opportunities
No supplementary guidance provided.
© ISO 2020 – All rights reserved 3
---------------------- Page: 10 ----------------------
ISO/TR 4450:2020(E)

6.1.1 The only ISO 19443 additional requirement to ISO 9001 is the requirement to maintain and retain

documented information issued to identify actions to address risks and opportunities. As reminder of

the state of the art, the following can be considered as a good practice for both 6.1.1 and 6.1.2.

The organization should develop a documented risk management method, related to the achievement of

applicable requirements. This includes, as appropriate to the organization and the product:

a) assignment of responsibilities for risk management;

b) definition of risk criteria (e.g., likelihood, consequences, risk acceptance), which could require use

of probabilistic model;

c) identification, assessment and communication of risks throughout product realization including

supply chain;

d) identification, implementation and management of actions to mitigate risks that exceed the defined

risk acceptance criteria;
e) tolerability of risks remaining after implementation of mitigating actions.
See Annex B for proposed practical solution.
6.1.2 See above 6.1.1.
6.1.3 Determination of ITNS items and activities

Depending on the context of the product or service, the determination of ITNS items and activities

can generally be performed by the following technical analysis performed in two consecutive steps as

shown in Figure 3.

Figure 3 — Determination of ITNS items and activities (see practical example In Annex D)

4 © ISO 2020 – All rights reserved
---------------------- Page: 11 ----------------------
ISO/TR 4450:2020(E)
Annex D - Step #3 is performed in two steps.

— Step #3-1: The product or service would normally be broken down in different items or activities

[see ISO 19443:2018, 6.1.3 a)]. When relevant and depending on the complexity of product and

service, following analysis methods can be used: F.A.S.T. (Functional Analysis System Technique),

Value engineering, etc.

— Step #3-2: Identification of the impact of the potential failure or malfunction of each item or activity

on the product or service function(s) specified by the customer as related to nuclear safety [see

ISO 19443:2018, 6.1.3 b)]:

— a risk analysis, performed for each item or activity, would support this identification, considering

that the conclusion should be formulated in a binary sense (ITNS or non-ITNS);

— it is recommended to refer to one of the different type of risk analysis methods as listed in

[9]
IEC/ISO 31010 , e.
...

TECHNICAL ISO/TR
REPORT 4450
First edition
Quality management systems —
Guidance for the application of ISO
19443:2018
Systèmes de management de la qualité — Lignes directrices pour
l'application de l'ISO 19443:2018
PROOF/ÉPREUVE
Reference number
ISO/TR 4450:2020(E)
ISO 2020
---------------------- Page: 1 ----------------------
ISO/TR 4450:2020(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2020

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii PROOF/ÉPREUVE © ISO 2020 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/TR 4450:2020(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Context of the organization ....................................................................................................................................................................... 1

4.1 Understanding the organization and its context ....................................................................................................... 1

4.2 Understanding the needs and expectations of interested parties .............................................................. 1

4.3 Determining the scope of the quality management system ............................................................................. 1

4.4 Quality management system and its processes .......................................................................................................... 1

5 Leadership .................................................................................................................................................................................................................. 2

5.1 Leadership and commitment ..................................................................................................................................................... 2

5.1.1 General...................................................................................................................................................................................... 2

5.1.2 Customer focus .................................................................................................................................................................. 2

5.1.3 Nuclear safety culture ................................................................................................................................................. 2

5.2 Policy ............................................................................................................................................................................................................... 3

5.2.1 Establishing the quality policy ............................................................................................................................. 3

5.2.2 Communicating the quality policy .................................................................................................................... 3

5.3 Organizational roles, responsibilities and authorities.......................................................................................... 3

6 Planning ......................................................................................................................................................................................................................... 3

6.1 Actions to address risks and opportunities ................................................................................................................... 3

6.2 Quality objectives and planning to achieve them ...................................................................................................... 6

6.3 Planning of changes ............................................................................................................................................................................ 6

7 Support ........................................................................................................................................................................................................................... 6

7.1 Resources ..................................................................................................................................................................................................... 6

7.1.1 General...................................................................................................................................................................................... 6

7.1.2 People ........................................................................................................................................................................................ 7

7.1.3 Infrastructure ..................................................................................................................................................................... 7

7.1.4 Environment for the operation of processes ........................................................................................... 7

7.1.5 Monitoring and measuring resources ........................................................................................................... 7

7.1.6 Organizational knowledge ....................................................................................................................................... 8

7.2 Competence ............................................................................................................................................................................................... 8

7.3 Awareness ................................................................................................................................................................................................... 8

7.4 Communication ...................................................................................................................................................................................... 8

7.5 Documented information ............................................................................................................................................................... 8

7.5.1 General...................................................................................................................................................................................... 9

7.5.2 Creating and updating ................................................................................................................................................. 9

7.5.3 Control of documented information ............................................................................................................... 9

8 Operation ..................................................................................................................................................................................................................10

8.1 Operational planning and control .......................................................................................................................................10

8.1.1 Provisions for Counterfeit, Fraudulent or Suspect (CFS) items ...........................................10

8.2 Requirements for products and services ......................................................................................................................10

8.2.1 Customer communication .....................................................................................................................................10

8.2.2 Determination of requirements related for products and services ..................................10

8.2.3 Review of requirements related for products and services .....................................................10

8.2.4 Changes to requirements for products and services .....................................................................10

8.3 Design and development of products and services ..............................................................................................10

8.4 Control of externally provided processes, products and services ...........................................................10

8.4.1 General...................................................................................................................................................................................10

8.4.2 Type and extent of control ....................................................................................................................................11

8.4.3 Information for external providers ...............................................................................................................12

© ISO 2020 – All rights reserved PROOF/ÉPREUVE iii
---------------------- Page: 3 ----------------------
ISO/TR 4450:2020(E)

8.5 Production and service provision ........................................................................................................................................12

8.5.1 Control of production and service provision ........................................................................................12

8.5.2 Identification and traceability ...........................................................................................................................12

8.5.3 Property belonging to customers or external providers ............................................................12

8.5.4 Preservation ......................................................................................................................................................................12

8.5.5 Post-delivery activities ............................................................................................................................................12

8.5.6 Control of changes .......................................................................................................................................................13

8.6 Release of products and services .........................................................................................................................................13

8.7 Control of nonconforming outputs .....................................................................................................................................13

9 Performance evaluation ............................................................................................................................................................................13

9.1 Monitoring, measurement, analysis and evaluation ............................................................................................13

9.1.1 General...................................................................................................................................................................................13

9.1.2 Customer satisfaction ...............................................................................................................................................13

9.1.3 Analysis and evaluation ..........................................................................................................................................13

9.2 Internal audit .........................................................................................................................................................................................13

9.3 Management review ........................................................................................................................................................................13

9.3.1 General...................................................................................................................................................................................13

9.3.2 Management review inputs .................................................................................................................................13

9.3.3 Management review outputs .............................................................................................................................13

10 Improvement .........................................................................................................................................................................................................14

10.1 General ........................................................................................................................................................................................................14

10.2 Nonconformity and corrective action ..............................................................................................................................14

10.3 Continual improvement ...............................................................................................................................................................14

Annex A (informative) Additional requirements of ISO 19443:2018 versus ISO 9001:2015.................15

Annex B (informative) How to perform a risk analysis for the project? .......................................................................18

Annex C (informative) Determination of ITNS items and activities ..................................................................................22

Annex D (informative) Practical example of determination of ITNS items and activities .........................24

Annex E (informative) Typical (general) example for graded approach .....................................................................27

Annex F (informative) Practical example of graded approach ...............................................................................................29

Annex G (informative) Metrological guidelines .....................................................................................................................................32

Annex H (informative) Competence and qualification ....................................................................................................................35

Annex I (informative) Awareness training for personnel ............................................................................................................38

Annex J (informative) List of ISO 19443 additional requirements related to documented

information .............................................................................................................................................................................................................42

Annex K (informative) Good practices for 8.3 ..........................................................................................................................................45

Annex L (informative) Demonstration of the evidence of provisions for monitoring activities .........50

Annex M (informative) Example of scheme for non-conformance information and request

for approval along supply chain ........................................................................................................................................................53

Bibliography .............................................................................................................................................................................................................................54

iv PROOF/ÉPREUVE © ISO 2020 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/TR 4450:2020(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The relationship of ISO standards to the IAEA safety standards (http:// www -ns .iaea .org/ standards/ )

needs to be understood to avoid confusions.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www .iso .org/patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www .iso .org/

iso/ foreword .html.

This document was prepared by the Technical Committee ISO/TC 85, Nuclear energy, nuclear

technologies, and radiological protection WG 4, Management systems and conformity assessment.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/members .html.
© ISO 2020 – All rights reserved PROOF/ÉPREUVE v
---------------------- Page: 5 ----------------------
ISO/TR 4450:2020(E)
Introduction
As general consideration, this guideline document:

— has been developed to assist users to apply the quality management system requirements of

ISO 19443:2018 by organizations in the supply chain of the nuclear energy sector supplying products

[1]
and services important to nuclear safety (ITNS) ,
— does not add to, subtract from, or in any way modify those requirements,

— does not prescribe mandatory approaches to implementation, or provide any preferred method of

[2]

interpretation of ISO 19443:2018 requirements supplementing those of ISO 9001:2015 , but only

provide examples of possible solutions an organization can implement to meet the requirements,

— proposes also good practices for some clauses of ISO 9001 when applied to ISO 19443.

[2]

Where there is no supplementary text to ISO 9001 (refer also to Annex A which gives a global picture

of additional requirements of ISO 19443:2018 versus ISO 9001:2015), the sentence “No ISO 19443

additional requirement to ISO 9001” has been included. In this case, for guidance on the initial text of

ISO 9001, refer to:
[2]
• ISO 9001:2015 , Annex A,
[3]
• ISO/TS 9002 , and
[4]
• ISO/IAF Auditing Practices Group .

Where it is considered that the added text is self-explanatory and thus no guidance has been added, the

sentence “No supplementary guidance provided “ has been included.

This guidance follows the layout of ISO 19443 and thus, users need to clearly understand the vocabulary

of ISO 9000 and ISO 9001, which underlie it, before addressing the added text in ISO 19443.

The delivery of all products or services will involve tiers (See Figure 1) to which the Licensee

requirements will be cascaded through Contractor(s) using technical specifications, procedures,

management system (including Quality Assurance and Quality Control) requirements, and other

contractual documents.

At each level, the external provider (called hereby “contractor”, “supplier” or “sub-supplier”) will be

potentially in position to be “the organization” considered by ISO 19443.
vi PROOF/ÉPREUVE © ISO 2020 – All rights reserved
---------------------- Page: 6 ----------------------
ISO/TR 4450:2020(E)
Figure 1 — Schematic breakdown of tiers.
0.1 General
No ISO 19443 additional requirement to ISO 9001.
0.2 Quality management principles
No supplementary guidance provided.
0/3 Process approach
No ISO 19443 additional requirement to ISO 9001.
0.4 Relationship with other management system standards
No supplementary guidance provided.
© ISO 2020 – All rights reserved PROOF/ÉPREUVE vii
---------------------- Page: 7 ----------------------
TECHNICAL REPORT ISO/TR 4450:2020(E)
Quality management systems — Guidance for the
application of ISO 19443:2018
1 Scope

This document provides guidance on the implementation of the ISO 19443 requirements, with examples

of possible steps an organization can take to meet the requirements.
It does not add to, subtract from, or in any way modify those requirements.

This document does not prescribe mandatory approaches to implementation, or provide any preferred

method of interpretation.
2 Normative references
There are no normative references in this document.
No ISO 19443 additional requirement to ISO 9001.
3 Terms and definitions
No terms and definitions are listed in this document.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
4 Context of the organization
4.1 Understanding the organization and its context

As part of risk-based thinking of ISO 19443:2018, 0.3.3, the organization should consider any risks and

the nuclear safety implications to its activities.
Refer also to Annex B.
4.2 Understanding the needs and expectations of interested parties
No ISO 19443 additional requirement to ISO 9001.
4.3 Determining the scope of the quality management system
No ISO 19443 additional requirement to ISO 9001.
4.4 Quality management system and its processes
4.4.1 No ISO 19443 additional requirement to ISO 9001.
4.4.2 No ISO 19443 additional requirement to ISO 9001.
© ISO 2020 – All rights reserved PROOF/ÉPREUVE 1
---------------------- Page: 8 ----------------------
ISO/TR 4450:2020(E)
[5]

4.4.3 Refer to ISO 9000:2015 for definition of quality manual or quality plan and to following

standards referenced in ISO 9001:2015, Annex B:
[6]

— ISO 10005, Quality management systems — Guidelines for quality plans . This document provides

guidance on establishing and using quality plans as a means of relating requirements of the process,

product, project or contract, to work methods and practices that support product realization.

Benefits of establishing a quality plan are increased confidence that requirements will be met, that

processes are in control and the motivation that this can give to those involved.

[7]

— ISO 10006, Quality management systems — Guidelines for quality management in projects . This

document is applicable to projects from the small to large, from simple to complex, from an individual

project to being part of a portfolio of projects. ISO 10006 is to be used by personnel managing

projects and who need to ensure that their organization is applying the practices contained in the

ISO quality management

The intent of this subclause is for the organization to demonstrate compliance with ISO 19443

requirements, whatever the form, format or media. Quality manual and/or quality plan are examples

of typical ways to comply with this clause, but any other means (e.g. matrix, correspondence table, etc.)

can be used.
5 Leadership

Material can be found as guidelines for whole chapter 5 in the following documents.

[21]
— IAEA, Safety Series No.75-INSAG-4, 1991 – Safety Culture
[22]
— INPO – “Principles for a Strong Nuclear Safety Culture”
[23]
— WANO – Principles PL | 2013-1 - Traits of a Healthy Nuclear Safety Culture
[24]
— IAEA, No.INSAG-10, 1996 – Defence in Depth in Nuclear Safety
[25]

— AIEA, No.INSAG-13, 1999 – Management of Operational Safety in Nuclear Power Plants

[26]
— IAEA, No.INSAG-15, 2002 – Key Practical Issues in Strengthening Safety Culture
[27]
— IAEA Bulletin 50-1 – September 2008 – The mind-set of nuclear safety
[28]

— IAEA General Safety Requirements - GSR Part 2:2016 - Leadership and Management for Safety

— IAEA Safety Guide No. GS-G-3.1:2006 - Application of the Management System for Facilities and

[29]
Activities
[30]

— IAEA Safety Reports Series No 83:2016 - Performing Safety Culture Self-assessments

5.1 Leadership and commitment
5.1.1 General
No supplementary guidance provided.
5.1.2 Customer focus
No ISO 19443 additional requirement to ISO 9001.
5.1.3 Nuclear safety culture
[8]
Definition of IAEA Safety glossary :
2 PROOF/ÉPREUVE © ISO 2020 – All rights reserved
---------------------- Page: 9 ----------------------
ISO/TR 4450:2020(E)

The assembly of characteristics and attitudes in organizations and individuals which establishes that, as an

overriding priority, protection and safety issues receive the attention warranted by their significance.

Section 5.1.3 of the standard addresses the principles of nuclear safety culture as a contribution to

nuclear safety, see Figure 2:
Figure 2 — Nuclear safety and nuclear safety culture
5.2 Policy
5.2.1 Establishing the quality policy

Appropriate nuclear safety considerations of 5.2.1 e) should take into account nuclear safety culture

aspects.

It’s up to the organization to develop separated policies for quality and safety or an integrated one.

5.2.2 Communicating the quality policy
No ISO 19443 additional requirement to ISO 9001.
5.3 Organizational roles, responsibilities and authorities
No supplementary guidance provided.
6 Planning
6.1 Actions to address risks and opportunities
No supplementary guidance provided.
© ISO 2020 – All rights reserved PROOF/ÉPREUVE 3
---------------------- Page: 10 ----------------------
ISO/TR 4450:2020(E)

6.1.1 The only ISO 19443 additional requirement to ISO 9001 is the requirement to maintain and retain

documented information issued to identify actions to address risks and opportunities. As reminder of

the state of the art, the following can be considered as a good practice for both 6.1.1 and 6.1.2.

The organization should develop a documented risk management method, related to the achievement of

applicable requirements. This includes, as appropriate to the organization and the product:

a) assignment of responsibilities for risk management;

b) definition of risk criteria (e.g., likelihood, consequences, risk acceptance), which could require use

of probabilistic model;

c) identification, assessment and communication of risks throughout product realization including

supply chain;

d) identification, implementation and management of actions to mitigate risks that exceed the defined

risk acceptance criteria;
e) tolerability of risks remaining after implementation of mitigating actions.
See Annex B for proposed practical solution.
6.1.2 See above 6.1.1.
6.1.3 Determination of ITNS items and activities

Depending on the context of the product or service, the determination of ITNS items and activities

can generally be performed by the following technical analysis performed in two consecutive steps as

shown in Figure 3.

Figure 3 — Determination of ITNS items and activities (see practical example In Annex D)

4 PROOF/ÉPREUVE © ISO 2020 – All rights reserved
---------------------- Page: 11 ----------------------
ISO/TR 4450:2020(E)
Annex D - Step #3 is performed in two steps.

— Step #3-1: The product or service would normally be broken down in different items or activities

[see ISO 19443:2018, 6.1.3 a)]. When relevant and depending on the complexity of product and

service, following analysis methods can be used: F.A.S.T. (Functional Analysis System Technique),

Value engineering, etc.

— Step #3-2: Identification of the impact of the potential failure or malfunction of each item or activity

on the product or service function(s) specified by the customer as related to nuclear safety [see

ISO 19443:2018, 6.1.3 b)]:

— a risk analysis, performed for each item or activity, would support this identification, considering

that the conclusion should be formulated in a binary sense (IT
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.