QMS ISO9001:2015 Nacoss_Fire Gold checklist

• Company name

• Conducted on

  Date

4 - Context of the Organisation

• 4.1 Understanding the organisation and its context

• 4.1.1 Has the company determined all issues, internal and external, relevant to its purpose and strategic direction and does any issue affect the ability to achieve the intended result of the QMS?

• 4.1.2 How does the company monitor and review information about internal and external issues?

• 4.1.3 Have the company identified all out-sourcing? Ie Screening, sub-contractors, ARC’s

• 4.2 Understanding the needs and expectations of interested parties

• 4.2.1 Has the company identified who are the interested parties that are relevant to its QMS, what requirements those parties have and the impact of those requirements?

• 4.2.2 How does the company monitor and review information about interested parties and their relevant requirements?

• 4.3 Determining the scope of the Quality Management System

• 4.3.1 Have the company fully determined & documented the scope of its operations and is the scope fully in compliance with the accreditation.

• 4.4 Quality Management System

• 4.4.1 Is there evidence of a process based QMS? For example, Business Process Maps covering the normal day-to-day quality-related functions of the company?

• 4.4.2 Is access to product standards available, in use as well as being quoted on relevant documents? BS/EN/NSI/NFCC/BAFE etc

5.0 Leadership and commitment

• 5.1 Management commitment - General

• 5.1.1 Are top management involved in day-to-day control of the QMS?

• 5.1.1 If the company has employeed a consultant do they still have full control and understanding of the QMS ?

• 5.1.2 Can top management demonstrate that they maintain a focus on ensuring customer satisfaction?

• 5.2 Quality Policy

• 5.2.1 Have the company developed a Quality Policy and is there a vehicle for reviewing and maintaining that policy?

• 5.2.2 Has the Quality Policy been sufficiently communicated to interested parties ?

• 5.3 Responsibility & authority

• 5.3.1 Have the responsibilities of nominated designers, screening controller and system performance manager been identified within the QMS?

• 5.3.1. Are the responsibilities and duties of those involved in the management and day-to-day running of the QMS shown in the Quality Manual?

6.0 Planning

• 6.1.1 Is there a system in place for the senior management to assess and consider Risks and Opportunities for the control of the company and its scope?

• 6.1.2 Is there a Risk Analysis Chart/register in place and is it in use and updated when required?

• 6.2 Quality Objectives and planning to achieve them?

• 6.2.1 Have Quality Objectives been set?

• 6.2.1 Are they, where and when possible measurable?

• 6.2.1 Have these been communicated to staff?

7.0 Support

• 7.1 Resources

• 7.1.1 Have the Directors supplied sufficient human and hardware resources to meet contract requirements? ( MINIMUM STAFF LEVELS AS PER NSI APPROVAL CRITERIA)

• 7.1.2.1 Have the Directors supplied sufficient staff to run the QMS and have the appointed staff received sufficient Quality Training?

• 7.1.2.2 Are all staff inc directors & Sub-contractors been Security Screened to 7858:2019 and DBS/NPCC screened? Is their a suitably trained staff member listed as the screening controller in the company structure ?

• 7.1.2.2 Have all staff been provided with an ID card meeting the requirements of PD6662:2017

• 7.1.3 Is the infrastructure of the company compliant with NSI criteria? Suitable premises, vehicles, test equipment and info systems?

• 7.1.4 Is the environment within the company’s premises suitable for the day-to-day processes?

• 7.1.5 Is there suitable calibrated equipment and calibration system within the company and are engineer’s : • Multi meters • Insulation testers • DB sound meters • Battery testers etc included in a register and calibrated according to schedule with results traceable to national standards? How is this equipment safeguarded from adjustments/Damage Are sub-contractors equipment also included Are the calibration intervals detailed in the QM?

• 7.2 Competence

• 7.2.1 How do the company ensure they receive up-to-date knowledge of the industry and is that knowledge disseminated to staff?

• 7.2.2 Are the company providing training to staff, Product as well as Health and Safety? Have nominated designers , Installers, Commissioning engineers, maintenance engineers and Sub contractors had sufficient industry recognized Fire systems training ? How many staff/ Engineers/ Sub-contractors are involved in the company?

• 7.2.3 Has a staff member been appointed to record training?

• 7.2.6 Is there a company Competency Matrix and is it up to date? Does it include sub contractors

• 7.2 Have staff had relevant safe isolation training, specifically those involved in Maintenance of fire systems and those who may be required to remove fuse spurs to install flex cables for equipment ( BAFE Sp203-1 15) and NSI approval criteria wiring rules.

• 7.3 Awareness

• 7.3.1 Do new employees receive induction training and as part of the induction process are they made aware of the Quality Policy and their respective duties to relevant Quality Objectives?

• 7.3.2 If undertaking new duties within the company do staff receive training in those duties and is that training recorded?

• 7.3.3 Are all staff aware of their respective duties in conforming to the QMS, How is this communicated?

• 7.4 Communication

• 7.4.1 Is Internal communication between management, staff effective?

• 7.4.1 Is External communication between staff and suppliers, ARC’s, NSI, local authorities etc effective ?

• 7.5 Documented information

• 7.5.1 Are company procedures sufficiently well documented?

• 7.5.2 Is the creation and updating of new company documents, internal and external, effective?

• 7.5.3 Is there an organised method of controlling those documents?

8.0 Operation

• 8.1.1 Are there agreed contracts in place between the company and clients? Are Design specifications correct in detail and meet the requirements of the relevant standards? Are components correct and fit for purpose? Is there evidence of Insp/Test/Commissioning paperwork meeting the required standards?

• 8.2.1 Is all customer communication relating to contracts handled correctly and maintained through contract life, how is it retained?

• 8.2.2 Is there evidence that a trained surveyor has completed a full survey and risk assessment as per the relevant standards and is it retained in the customer file survey notes? Is allowance made to amend specifications after customer required amendments?

• 8.2.3 Is Contract Review taking place and is it being recorded?

• 8.3 Design & Development of Products and Services

• 8.3.2 Does design specification /quotation letter /drawings list equipment. And meet the relevant standards/codes of practice requirements Are the appropriate stages of design followed? Are theoretical Battery Calculations made and are they in the job file for fire systems? Is there in the design system allowance for variations to be made and are they recorded?

• 8.3.3 Are T&C’s included in the design proposal sent to the customer?

• 8.3.4 Does the Specification quote relevant British Standards and NSI and Police standards etc? Has a design review including verification taken place by a qualified nominated designer? Is there a Handover Checklist, Completion Certificate and module cets (fire) for all systems meeting the relevant standards/codes of practice?

• 8.3.6 Following a variation/change in design, has the Specification/As Fitted document been amended and has the Customer received a copy?

• 8.4 Control of externally provided Products & Services.

• 8.4.1.1 Is there evidence that suppliers, Sub-contractors have been evaluated, added to a List of Approved Suppliers and that that List is maintained?

• 8.4.2.1 Are goods inspected when received and identified for storage and stock rotation purposes? Are Batteries stored safely and segregated?

• 8.4.3 Are supplier/sub-contractor Purchase Orders properly made out and have the company communicated to the supplier the expected requirements

• 8.5 Property belonging to customers or external providers

• 8.5.3.2 When the company take-over a client’s system is it carried out correctly? Clause 46 fire special inspection NSI Annex 4 of the NSI Regulations. SSQS101 /SFQS 121 issue 8 clause 8.5.3

• 8.5.4 Does the company supply containers or battery containers to assist material handling in vans/ stores?

• 8.5.5 On completion of installation is there a suitable method of passing the system through to the Service Department? How is this completed?

• 8.5 Has the relevant Maintenance paperwork been implemented that meets the requirements of the standards/codes of practice? How is this completed/retained and recalled as needed ? How on fire systems to the company ensure 100% device checks are carried out over the course of 12 months

• 8.6 Release of Products and Services

• 8.6.1 Is a full technical review of the design completed by a competent person prior to the installation being carried out.

• 8.6.1 Does the Install Engineer check the kit supplied against the specification before loading into their vans receiving from suppliers or proceeding with Installation?

• 8.7 Control of Non-Conforming Product

• 8.7.1.1 Is non-conforming product segregated in stores?

• 8.7.1.2 Are there systems in place to deal with Product Return, FAM, and inadequate maintenance performance? Are False Alarm statistics recorded and reported? Are Response Times to call-outs recorded and reported? Are Preventative Maintenance Statistics recorded and reported?

9.0 Performance Evaluation

• 9.1.1 Does the company monitor feedback from the results of customer satisfaction surveys either direct customer contact or other means?

• 9.1.2 What information is gathered that can determine Customer Satisfaction?

• 9.1.3.1 Check that Maintenance contracts are in place and are fulfilled in accordance with the agreed requirements?

• 9.2 Internal Audit

• 9.2.2 Ensure that the whole of the internal QMS system is audited at least once a year?

• 9.2.2 Ensure that each employed engineer and all sub-contracted engineers are Technically audited at least once a year on their relevant section (install/Maintenance/Both) and over the course of three years audited on all their skills? How is this managed? Is there appropriate documentation supporting these audits?

• 9.3 Management Review

• 9.3 Have the company completed an organized Management Review system that includes meetings as and when required?

• 9.3.2 Does the Agenda for the Management Review meeting cover the following items as required by SSQS & SFQS

• The status of actions from previous management reviews;

  Yes

  No

  N/A

• • Changes in internal and external issues that are relevant to the quality management system (including changes in legislation, changes in police policies)

  Yes

  No

  N/A

• • Information on the performance and effectiveness of the quality management system, including trends in:

  Yes

  No

  N/A

• • Customer satisfaction and feedback from relevant interested parties (including the analysis of complaints);

  Yes

  No

  N/A

• • The extent to which quality objectives have been met;

  Yes

  No

  N/A

• • Process performance and conformity of products and services (including performance and KPI trend analysis for routine maintenance, response to emergency call outs and false alarms (where applicable);

  Yes

  No

  N/A

• • Non-conformities and corrective actions;

  Yes

  No

  N/A

• • Monitoring and measurement results;

  Yes

  No

  N/A

• • Audit results;

  Yes

  No

  N/A

• • The performance of external providers (including suppliers, subcontractors and alarm receiving centres);

  Yes

  No

  N/A

• • Effectiveness of continual improvement initiatives

  Yes

  No

  N/A

• • Adequacy of resources (including human, equipment, and facilities);

  Yes

  No

  N/A

• • The effectiveness of actions taken to address risks and opportunities;

  Yes

  No

  N/A

• • Opportunities for improvement (including assessment of new software and hardware);

  Yes

  No

  N/A

• • Review adequacy of Quality Policy and Quality Objectives

  Yes

  No

  N/A

• • Training needs and requirements

  Yes

  No

  N/A

• • Infrastructure (when appropriate)

  Yes

  No

  N/A

• • Evaluation of legal compliance

  Yes

  No

  N/A

• 9.3.3 Have Minutes of the meetings been taken and distributed as appropriate ? Have actions been taken where and when required?

NSI approval criteria

• Does the company have sufficient public liability and employers Liability insurance?

• Efficacy/product liability Insurance ( min £1m) ?

Bafe

• How many engineers/designers are involved with Fire

Remote Working, no physical office premises additional items ( infastructure )

• information on cyber essentials can be found hear: https://www.ncsc.gov.uk/cyberessentials/overview

• Does the company hold Cyber essentials ?

• Does the company have regular cyber security training ?

• Are laptop hard drives encrypted ?

• 2FA authentication for remote access to software such as customer database systems, Cloud storage ?

• Limited access to database from field devices ?

• Field devices such as PDA's Tablets and phones have encryption, password locks and under company central management ?

• Security of field equipment ie vans tracked, van vaults, Thatcham grade alarms , Deedlocks ?

• Has the company completed for NSF740 to apply for concession ?