LAC.part 1. 2022_Nota Nisah

Quality Objectives (KPI) addressing (8.2.2)
1. Competence
- satisfactory PT /ILC results
- appropriate training and evaluation
- external assessment by third parties results
- extension of test/calibration scope
2. Impartiality

- code of conduct, declaration of no conflict
(sign yearly or sign for each job assignment)
3. Consistent operations
- customer survey
- complains
- internal & external audit results
- turn around time for issuance of reports

8.3 Control of management system documents
8.3.1 The laboratory shall control the documents (internal and external) that relate to the fulfilment of this
document.
8.3.2 The laboratory shall ensure that:
a) documents are approved for adequacy prior to issue by authorized personnel;
b) documents are periodically reviewed, and updated as necessary;
c) changes and the current revision status of documents are identified;
d) relevant versions of applicable documents are available at points of use and, where necessary, their
distribution is controlled;
e) documents are uniquely identified;
f) the unintended use of obsolete documents is prevented, and suitable identification is applied to
them if they are retained for any purpose.
- document master list, distribution list, amendment history, document template Document review is perform prior

management review

8.4 Control of records Records readable (boleh dibaca)
8.4.1 The laboratory shall establish and retain legible records to demonstrate fulfilment of the
requirements in this document
8.4.2 The laboratory shall implement the controls needed for the identification, storage, protection, back- up,
archive, retrieval, retention time, and disposal of its records. The laboratory shall retain records for a period
consistent with its contractual obligations. Access to these records shall be consistent with the confidentiality
commitments and records shall be readily available.
Policy to control records, master list of forms, retention period of min 6 years (SP1), signing of NDA for access
to records

8.5 Actions to address risks and opportunities ( replace preventive action )

8.5.1 The laboratory shall consider the risks and opportunities associated with the laboratory activities
in order to:
a) give assurance that the management system achieves its intended results;
b) enhance opportunities to achieve the purpose and objectives of the laboratory;
Reason for doing

c) prevent, or reduce, undesired impacts and potential failures in the laboratory activities; risk and
opportunities

d) achieve improvement. Policy on risk and opportunities

8.5.2 The laboratory shall plan:
a) actions to address these risks and opportunities;
b) how to:
— integrate and implement the actions into its management system;
— evaluate the effectiveness of these actions. (refer to Risk Register)

Conduct risk analysis and prepare a risk register for areas the lab considers will have high impact on the
competence of the laboratory. Conduct “brain storming” sessions to highlight risk and opportunities and
address them appropriately.

8.5.3 Actions taken to address risks and opportunities shall be proportional to the potential impact on the
validity of laboratory results. (actions taken according to severity of the NC)
NOTE 1 Options to address risks can include identifying and avoiding threats, taking risk in order to pursue
an opportunity, eliminating the risk source, changing the likelihood or consequences, sharing the risk, or
retaining risk by informed decision.
NOTE 2 Opportunities can lead to expanding the scope of the laboratory activities, addressing new
customers, using new technology and other possibilities to address customer needs.
8.6 Improvement
8.6.1 The laboratory shall identify and select opportunities for improvement and implement any
necessary actions.
NOTE Opportunities for improvement can be identified through the review of the operational procedures,
the use of the policies, overall objectives, audit results, corrective actions, management review, “suggestions
from personnel”, risk assessment, analysis of data, and proficiency testing results.
8.6.2 The laboratory shall seek feedback, both positive and negative, from its customers. The feedback shall be
analysed and used to improve the management system, laboratory activities and customer service.
NOTE Examples of the types of feedback include customer satisfaction surveys, communication records and
review of reports with customers. Look for: Analysis report

Reference: ISO 31010 Risk assessment techniques

1
2

3
4

ISO IEC 31010
Risk management — Risk assessment techniques

Fig 1

ISO IEC 31010
Risk management — Risk assessment techniques

EXAMPLE OF RISK REGISTER

Risk Probability Impact Exposure Mitigation Contingency

(what we are doing to avoid the risk) (what we will do if it happens)

Risk: Laboratory face Medium High High 1.Personnel to be covered by group - All personnel are reminded to be
legal actions due to (2) (3) (6) insurance (professional indemnity) careful in discharging their duties and
unethical or careless when the liability of reporting an be liable for any breach in the code
behavior by staff. invalid result is considered very high. of ethical conduct.
(impartiality,
confidentiality). 2. Ensure all relevant staff signed - Legal action to be taken against lab
legally binding “undertaking of personnel.
Causes:No professional ethical practices”
indemnity against - Insurance coverage to protect
liabilities. company liabilities

Opportunities: Improve administration
of laboratory in terms of confidentiality
and impartiality. Customers’ confidence.

Risk: Equipment was Medium High High 1. TUR to be clearly documented in - Non-conforming work investigation
used without ensuring (2) (3) (6) the policy for selection of to ensure customers results are not
it is capable of meeting equipment. All test or calibration invalid.
the accuracy required.
accuracy requirements to be - Test/calibration results to be recalled
clearly documented. if confirmed to be invalid.
Causes:Test uncertainty 2. All calibration uncertainties of
ratio was not test equipment or reference Opportunities: Review and document
considered in selecting standards to be clearly equipment capability and ensure that
equipment for the test
or calibration documented and easily available correct equipment is used at all times.
for reference

Evidence of
effectiveness



8.5 Actions to address risks and opportunities

NOTE 1 Options to address risks can include identifying and avoiding threats, taking risk in order to pursue
an opportunity, eliminating the risk source, changing the likelihood or consequences, sharing the risk, or
retaining risk by informed decision.
Take action

NOTE 2 Opportunities can lead to expanding the scope of the laboratory activities, addressing new
customers, using new technology and other possibilities to address customer needs.

Risk: Defend to prevent failure
Opportunities: Coming goals (ex: EOS)

Unacceptable Acceptable
risk risk

8.7 Corrective action

8.7.1 When a nonconformity occurs, the laboratory shall:
a) react to the nonconformity and, as applicable:
— take action to control and correct it;
— address the consequences;
b) evaluate the need for action to eliminate the cause(s) of the nonconformity, in order that it does not
recur or occur elsewhere, by: (Root cause analysis required)
— reviewing and analysing the nonconformity;
— determining the causes of the nonconformity;
— determining if similar nonconformities exist, or could potentially occur;
c) implement any action needed;
d) review the effectiveness of any corrective action taken; In report: Effectiveness could be evaluation for 3 mths after implementation. If no
recurrence, then close the report
e) update risks and opportunities determined during planning, if necessary; (CAR forms could .include
risk and opportunities)
f) make changes to the management system, if necessary.

8.7.2 Corrective actions shall be appropriate to the effects of the nonconformities encountered.
8.7.3 The laboratory shall retain records as evidence of: (CAR form)
a) the nature of the non-conformities, causes and any subsequent actions taken
b) the result of any corrective actions

8.8 Internal audit

8.8.1 The laboratory shall conduct internal audits at planned intervals to provide information on
whether the management system:
a) conforms to:
— the laboratory’s own requirements for its management system, including the laboratory activities;
— the requirements of this document;
b) is effectively implemented and maintained.
- must have a “conclusion” in the internal audit report & must address requirements of (a), (b )

Look for: In the internal audit report must have conclusion (1) conform to management system & (2) effective

8.8.2 The laboratory shall:
a) plan, establish, implement and maintain an audit programme including the frequency, methods,
responsibilities, planning requirements and reporting, which shall take into consideration the
importance of the laboratory activities concerned, changes affecting the laboratory, and the results of
previous audits; (Policy and procedure)
b) define the audit criteria and scope for each audit; (audit scope, plan, audit checklist)
c) ensure that the results of the audits are reported to relevant management; (audit summary report)
d) implement appropriate correction and corrective actions without undue delay; (timeliness)
e) retain records as evidence of the implementation of the audit programme and the audit results.

Look for: checklist yang dah digunakan masa conduct audit

NOTE ISO 19011 provides guidance for internal audits.

8.9 Management reviews

8.9.1 The laboratory management shall review its management system at planned intervals, in order to
ensure its continuing suitability, adequacy and effectiveness, including the stated policies and objectives
related to the fulfilment of this document. Look for: Conclusion management review to cover 3 items

8.9.2 The inputs to management review shall be recorded and shall include information related to the
following: (agenda)
a) changes in internal and external issues that are relevant to the laboratory;
b) fulfilment of objectives; (review achievement of documented KPI)
c) suitability of policies and procedures;
d) status of actions from previous management reviews;
e) outcome of recent internal audits;
f) corrective actions;
the nature of the nonconformities, cause(s) and any subsequent actions taken; the results of any
corrective action.
g) assessments by external bodies;
h) changes in the volume and type of the work or in the range of laboratory activities; (EOS)
i) customer and personnel feedback; (suggestions from personnel ,8.6.1, how to achieve KPI of the lab)
j) complaints;
Note: Personnel feedback : suggestion/ ideas lab could do to improve/achieve KPI

k) effectiveness of any implemented improvements;

l) adequacy of resources;
m) results of risk identification; (Risk register and assessment report)
n) outcomes of the assurance of the validity of results; and (ILC, PT) (1) clause 6.2
o) other relevant factors, such as monitoring activities (personnel competence- matrix of
competent staff , suitability of accommodation – lab layout, performance of external
providers – re approve list of suppliers
(2) clause 6.6.3 (3) clause 6.6.2 (b)

and training (training plan & training needs analysis).

8.9.3 The outputs from the management review shall record all decisions and actions
related to at least:
a) the effectiveness of the management system and its processes;
b) improvement of the laboratory activities related to the fulfilment of the requirements
of this document;
c) provision of required resources;
d) any need for change Must have any specific sentence: Do need to change or need change

Conclusion regarding the management system and actions taken to be recorded in the
minutes of meeting (MR) must include 8.9.3 (a)-(d)

SAMM REQUIRMENT DOCUMENTS https://www.jsm.gov.my/samm-publication#.Yp2iihNByRs

MS/ISO IEC 17025:2017 SAMM Accreditation Standard
AP 1 Policy on the Use of Accreditation Symbol and Reference to Accreditation
SP1 Terms and condition governing SAMM
SP2 Policy on traceability of measurement results
SP3 Condition on the use of the SAMM logo
SP4 Policy on Proficiency Testing Requirements
SP5 Policy on Measurement Uncertainty for Testing Laboratories
SP6 Requirements for Approved Signatory
SP8 Requirement for the accreditation of site testing
SP10 Grading of non-conformities SP10 is for guideline
Specific Criteria e.g. SC1.2 Chemical Testing, 1.4 Electrical Testing
SC1.5 Mechanical Testing and Non-Destructive Testing (NDT)
SAMM Technical Circular e.g. supplementary requirements for accreditation of calibration
laboratories 3/2021; STR1:13 Specific Tech Req Software testing lab
Specific Technical Requirements STR 1:10 Specific Technical Requirements for Accreditation of
information technology security evaluation and testing: common criteria

117

ACCREDITATION POLICY 1 (AP 1) – Policy on the Use of Accreditation Symbol and
Reference to Accreditation
Disclimers:
- Conformity assessment activities marked "Not Accredited" in this
report/certificate are not included in the scope of accreditation of our CAB'.
-Conformity assessment activities marked "Externally provided and accredited”
-Opinions and interpretations expressed herein are outside the scope of
accreditation’

SAMM POLICY 1 (SP1) – TERMS AND CONDITIONS GOVERNING THE LABORATORY ACCREDITATION SCHEME OF
MALAYSIA
3.4 Frequency of Internal Audit and Management Review
3.4.1 Internal audits shall be performed at least once every 12 months…may be reduced if the laboratory can
demonstrate that its management system continues to be effectively implemented and proven stability. The
maximum interval for internal audit shall not exceed 18 months.
4.1 (m) retain all records as stated in the accreditation standard as required by law, or national guidelines or at
least six (6) years.
4.2 Impartiality and Integrity
(a) The remuneration of the personnel engaged in testing or calibration activities shall not depend on the number
of tests or calibrations carried out nor on the results of such tests or calibrations; b) When products are tested by
bodies, (e.g. manufacturers) who have been concerned with their design, manufacture or sale, a clear separation
of different responsibilities shall be made known in the laboratory’s documented information.
4.5 Liabilities
(b) The laboratory is hereby advised to acquire professional indemnity insurance against risks that may arise from
the use of the results of test/calibration performed.

SAMM POLICY 4 (SP4) - POLICY FOR PARTICIPATION IN PROFICIENCY TESTING ACTIVITIES

An accredited laboratory/inspection body shall participate in at least one available PT activity relevant to its
scope of accreditation for each field within one accreditation cycle
The participation of a laboratory/inspection body in a PT activity
i) International/Regional/National PT programmes organised by International/Regional cooperation bodies,
accreditation bodies, PT providers including those mandated by regulators. This includes Measurement Audits.
ii) Formal interlaboratory comparison programmes involving several independent laboratories/inspection
bodies (e.g. organised by association, professional bodies, etc.).
iii) Less formal interlaboratory comparison programmes between two or more accredited
laboratories/inspection bodies initiated by the laboratory/inspection body.
For a calibration laboratory, the laboratory shall select participating laboratories with accredited Calibration
and Measurement Capability (CMC) better than or of equivalent to its own.
Note: In the case of testing laboratories/inspection bodies where accredited testing laboratories/inspection
bodies are not available for the interlaboratory comparison programmes, the use of non-accredited testing
laboratories/inspection bodies may be considered.

SAMM POLICY 5 (SP5) – POLICY ON MEASUREMENT UNCERTAINTY
REQUIREMENTS FOR SAMM TESTING LABORATORIES
6 Tests for which uncertainty does not apply The following types of test methods do
not require estimate of the measurement uncertainty:
6.1 Qualitative tests. (Test results are not numerical such as pass/fail;
positive/negative or other qualitative expressions).
7 Tests for which uncertainty applies Where a test produces numerical results (or
the reported result is based on numerical result), those uncertainty of those
numerical results shall be estimated.

9.2 Reporting expanded uncertainty The result x should be stated together with the
expanded uncertainty U calculated using coverage factor k=2. The following form is
recommended: “(Result): (x +/- U) (units)”

SAMM POLICY 6 (SP 6) – REQUIREMENTS FOR SAMM APPROVED SIGNATORY
4.7 Non-resident signatory 4.7.1 A non-resident signatory can only be approved if the accredited
laboratory has a permanent resident signatory. 4.7.4 A non-resident signatory shall have direct
interaction with the laboratory on-site at least once a month.
5 Requirements for signatory approval
5.1 Legal requirements 5.2 Qualification and experience 5.2.1 Education qualification and working
experience:
5.3 Technical and operational requirements
5.3.1 Knowledge and understanding of the technical and laboratory operational requirements:
i) Requirements of MS ISO/IEC 17025 and all related SAMM requirements (e.g.: SP series, SC and
STR) and relevant regulatory requirements.
ii) The principles of testing, calibration or measurement.

iii) The standards, methods and specifications for accreditation sought or held.
iv) The estimation of measurement uncertainties for the accreditation sought or held. 5.3.2 Working at least
three (3) months in the current laboratory and be knowledgeable of its management system.

SAMM CIRCULAR 3/2021 :SUPPLEMENTARY REQUIREMENTS FOR ACCREDITATION
OF CALIBRATION LABORATORIES
3. Calibration and Measurement Capability (CMC)
3.1 With reference to ILAC P14:09/2020[2], a CMC is a calibration and measurement
capability available to customers under normal conditions
4.3 The numerical value of the expanded uncertainty shall be given to, at most, two
significant digits
4.5 As the definition of CMC implies, accredited calibration laboratories shall not
report a smaller measurement uncertainty than the uncertainty described by the
CMC for which the laboratory is accredited.
5. Statement of Metrological Traceability on Calibration Certificates
8. Recalibration date in calibration certificate and calibration label

What are the specific clauses and requirements of the standard which addresses:

1. Competence:

6.2 Personnel
6.3 External provider
8.2.2 Policy and objective address competence, impartiality and consistent operation

2. Impartiality:

4.1 Impartiality and subclauses 4.1.1 until 4.1.5
8.2.2 Policy and objective address competence, impartiality and consistent operation

3. Consistent Operation:

8.2.2 Policy and objective address competence, impartiality and consistent operation