developing product safety compliance and testing ... · © 2014 metricstream, inc. all rights...
TRANSCRIPT
© 2014 MetricStream, Inc. All Rights Reserved.
Developing Product Safety Compliance and Testing Management Programs
Sonal SinhaAssociate Vice President Industry SolutionsMetricStream
Manu GopeendranAssociate Director MarketingMetricStream
© 2014 MetricStream, Inc. All Rights Reserved.
Federal Regulations
• Federal Trade Commission (FTC)
– Care labeling, fiber content labeling, environmental labeling, country of origin labeling, advertising etc.
• Consumer Product Safety Commission (CPSC)
– Children’s products, hazardous substances, Flammability
– Drawstring safety and Tracking label requirements
• Environmental Protection Agency (EPA)
– FIFRA, Toxic Substances Control Act (TSCA)
• Customs and Border Protection (CBP)
– Country of origin for most imported products
• U.S. Department of Agriculture (USDA)
– Organic claims
© 2014 MetricStream, Inc. All Rights Reserved.
Company Year Fine Program Allegation(s)
Family Dollar 2013 $602,438.00 FIFRA Misbranded Pesticide
Wal-Mart 2013 $110,700,750 RCRA, CWA, FIFRA, Criminal Fines, State law
Hazardous Waste Management, Distribution of Misbranded Pesticides, HW Disposal Down Drains, etc.
Home Depot 2013 $8,000,000.00 CAA High levels of VOC (coatings +)
Walgreens 2012 $16,600,000.00 RCRA, Customer Records
Hazardous Waste Disposal, Mismanagement of Customer Records
Costco 2012 $3,600,000.00 RCRA Hazardous Waste Disposal
CVS Pharmacy 2012 $13,750,000.00 RCRA Hazardous Waste Disposal
Home Depot 2011 $30,000,000.00 CAA High levels of VOC (coatings +)
EPA Regulations & Violations
© 2014 MetricStream, Inc. All Rights Reserved.
Consumer Product Safety Improvement Act
� Mandatory Third- Party Testing and Certification for Children’s Products (CPC)
� Requires well-defined testing strategy
� Sampling and Testing Plans, Testing Intervals
� Procedures for periodic testing and retesting due to material changes
� Policies and training to avoiding undue influence over testing labs
� Recordkeeping and documentation
� Corrective Actions
� Product specification management
� Restrictions on specific chemicals
� Certification of Non-children’s products (GCC)
� Regular updates, amendments and changes from CPSC
© 2014 MetricStream, Inc. All Rights Reserved.
CPSC Port Surveillance – Exponential Increase in # of Units Stopped
© 2014 MetricStream, Inc. All Rights Reserved.
Toxic Substances Control Act (TSCA)
� Lack of updates and effectiveness of federal oversight resulted in creation of state chemical laws
� 18 states have passed 71 chemical laws since 2003
� Pending major overhaul of TSCA (Chemical Safety Improvement Act) could impose significant new burdens
� Mainly applicable for manufacturers of chemicals and mixtures, processors as well as importers
� Current list has 84,000 chemicals of which only 5 of them have restrictions
� Requires reporting, recordkeeping, and testing of chemical substances and mixtures
� Restrictions on manufacturing, processing, distribution, or disposal of certain substances
� May require testing if chemicals present unreasonable risk of injury to health or the environment and there is insufficient data to determine its effects
© 2014 MetricStream, Inc. All Rights Reserved.
California Proposition 65 (Prop 65)
� Currently has 800 chemicals in the list and its updated yearly
� Once a chemical is listed, businesses have 12 months to comply with warning requirements
� Requires warning label on products / posters in workplace, leaflet distribution
� Prohibits businesses from
� Knowingly discharging listed substances into drinking water sources
� Land where the substances can pass into drinking water sources
� Potential reform of Prop 65
© 2014 MetricStream, Inc. All Rights Reserved.
California Safer Consumer Products Regulation
• Created/Enforced by California Dept. of Toxic Substances Control (DTSC)
• Applicable from Oct 1, 2013 and relevant for Manufacturers, Retailers, Assemblers and Importers that sell consumer products in CA
• Current Status
– List of candidate chemicals (CC) already available
– Already proposed 3 Priority products
• Upcoming
– DTSC will classify candidate chemicals associated with priority products as chemicals of concern (CoC)
– Final list of priority products (PP) in 2015
© 2014 MetricStream, Inc. All Rights Reserved.
Sample Candidate Chemical List & Product Categories
• Nonylphenol ethoxylates
• Per and poly-flurinated (PFOAs)
• Metals
– Nickel, Lead, Cadmium
• AZO Dyes
• Phthalates
• Solvents
• Toys
• Apparel & Leather
• Footwear
• Cook wear
• Electronic products
• Water & Stain Resistant Coatings
• Automotive Components
• Waxes
• Paints
• Personal-care products
• Medical devices
Candidate Chemicals Product Categories
© 2014 MetricStream, Inc. All Rights Reserved.
Steps / Actions Required After DTSC Finalizes Priority Products
• Notify DTSC with details of PPs that they sell and the course of action decided
– Cease sale / production of products
– Remove / Replace chemical of concern (CoC) from products
– Prove that products contains less than threshold amount of CoC and has quality controls in place
– Perform alternatives analysis, identify alternatives and propose implementation plan
• Actions required based on DTSC response
– Change existing / additional labels to warn consumers on chemicals
– Cease sale / production of products
– Restrict usage of chemicals
– Implement safety measures or end-of-life management plans
– Additional commitments to make products safe
© 2014 MetricStream, Inc. All Rights Reserved.
Other State Regulations
• Washington Children’s Safe Product Act
– Currently include list of 66 chemicals
– Manufacturers of children’s products containing Chemicals of High Concern to Children (CHCC) must annually report
• Maine Toxic Chemicals in Children’s Product Law
– Currently include list of 49 chemicals
– Requires reports and notifications on the use of chemicals
• Vermont
– Identify and publish list of chemicals by July 2015
– Requires notification and replacement of chemicals
© 2014 MetricStream, Inc. All Rights Reserved.
And the List Continues
• Connecticut: An Act Concerning Child Safe Products
• Illinois: Toxic Chemical Safety Act
• Minnesota: Children’s Health Protection from Toxic Chemicals in Products
• New York: An Act to Amend the Environmental Conservation Law, in Relation to Regulation of Toxic Chemicals in Children’s Products
• Oregon: A Bill Relating to Chemicals in Children’s Products
© 2014 MetricStream, Inc. All Rights Reserved.
Increasing Testing Programs and Mandates from Retailers
• Changing testing protocols
• Going beyond legal requirements and actively enforcing testing for all products / SKUs
• Increasing testing requirements for certain product/shipment types
• Testing and inspections required for even legacy existing products
© 2014 MetricStream, Inc. All Rights Reserved.
Proactive Approaches to Ensure Compliance
Enforce policies & controls across supply chain
Improve visibility and traceability in the supply chain
Centrally manage multiple compliance programs
Develop and implement a comprehensive testing strategy
Identify potential risks and implement risk mitigation plans
Quality Assurance and Control programs to ensure effectiveness
Record retention programs to ensure all required documents are in place
© 2014 MetricStream, Inc. All Rights Reserved.
Proactive Approaches to Ensure Compliance
• Enforce Policies & Controls across Supply Chain
– Product specifications, quality controls in the supply chain
– Communicate requirements to suppliers
– Supplier certifications to ensure hazardous chemicals are not in the products
– Training and capacity building programs to educate suppliers
• Improve visibility & traceability in the supply chain
– Which factories are producing
– List of retailers carrying them
– Detailed product specification
– Differentiate by design / manufacturing / contract manufacturing ownership
– Chemicals, Hazardous / Restricted substance lists
– Source of Raw-Materials and Ingredients
– Material change impact
© 2014 MetricStream, Inc. All Rights Reserved.
Proactive Approaches to Ensure Compliance
• Compliance Management
– Centrally manage multiple compliance regulations, retailer / brand requirements by products, product categories and locations
– Link products, chemicals to regulations and compliance requirements
– Develop and implement controls to ensure compliance
– Harmonize controls to avoid duplication of effort
– Provide policies, compliance training to employees, and means to report concerns
– Regulatory Intelligence to manage changes to compliance requirements
• Testing Strategy
– Risk-based testing for high risk chemicals
– Collaborate with suppliers and third-party labs on testing and certifications
– Centrally manage testing requirements, plans, protocols, schedules etc.
– Sampling strategy
– Production testing, Periodic and Random Testing
– Remediation action plans for test failures
© 2014 MetricStream, Inc. All Rights Reserved.
Proactive Approaches to Ensure Compliance
• Risk Management
– Suppliers, products, components, chemicals and materials etc.
– Risk identification, analysis, assessment and mitigation
– Assess impact and likelihood for various risk types and categories
– Leverage risk metrics to prioritize programs and tasks
• Quality Assurance & Control programs
– Assessments of suppliers, manufacturing facilities, production, processing, transportation, storing processes etc.
– Final & In-line Inspections
– Leverage both external and internal auditors
• Record Retention / Documentation
– Bill of materials, Product specification Supplier Declaration, Test results, Material changes, Certifications etc.
© 2014 MetricStream, Inc. All Rights Reserved.
Quality Management & EU Product Safety – Leading French Retailer
• Ensure compliance with upcoming 2015 EU product safety compliance requirements
• Automate, and integrate End-to-End quality assurance
– Inspection Management
– Quality Audit Management
– Product Risk Management
– Product Testing
– Product & Supplier Non-conformance
– Investigations and root cause analysis
– Preventive actions, and curative actions including product blocking, and recall management
© 2014 MetricStream, Inc. All Rights Reserved.
Creation
&
Design
Development
Testing
Materials
&
Specifications
Production Testing
Distribution / Retail
Disposal
Integrate Safety Compliance into Product Lifecycle
• General requirements• Regulatory requirements• Standards & certifications
• Test plans and requirements
• Packaging & labeling requirements
• Product Integrity• Raw materials,
specifications, RSLs
• Tracking / traceability
• Process controls• Audits & certification• Issue & CAPA
• Sustainability• Recycling
• Customer Complaints & Claims
• Product Recalls
© 2014 MetricStream, Inc. All Rights Reserved.
Supplier Information
Management
Policy Communication
Third-party Due-
Diligence
Collaborate with other Supplier Assurance Programs
CSR Policies
Supplier Surveys and Self-Assessments
Supplier & Factory Audits
Compliance Monitoring
NCM & Corrective Actions
Capacity Building Programs
CSR Policies
Supplier Surveys and Self-Assessments
Supplier & Factory Audits
Compliance Monitoring
NCM & Corrective Actions
Capacity Building Programs
Supplier EHS policies
Raw Material Sourcing
Environment Responsibility Audits
Fire & Building Safety Audits
Waste Generation, storage and disposal
Energy Use, Transport, GHG Emissions
Supplier EHS policies
Raw Material Sourcing
Environment Responsibility Audits
Fire & Building Safety Audits
Waste Generation, storage and disposal
Energy Use, Transport, GHG Emissions
Product Information
Quality & Safety Standards
Risk Analysis & Hazard Reduction
Quality & Production Capacity Audit
Product Compliance
Product Testing
NCM & Corrective Action
Product Information
Quality & Safety Standards
Risk Analysis & Hazard Reduction
Quality & Production Capacity Audit
Product Compliance
Product Testing
NCM & Corrective Action
Supplier Governance
Supply Chain Structure
Security Policies
Record Retention & Evidence
Risk Assessments & Analysis
Self-Assessments & Internal Audits
Supplier & Factory Audits
Inspections
Supply Chain Structure
Security Policies
Record Retention & Evidence
Risk Assessments & Analysis
Self-Assessments & Internal Audits
Supplier & Factory Audits
Inspections
Supplier On-
Boarding
Supplier On-
Boarding
© 2014 MetricStream, Inc. All Rights Reserved.
Automating Supply Chain Governance
Optimizing the efficiency and agility of a supply chain governance program
“I’ve gotten really good
feedback from the
business units and teams
that are using the
system. They like having
something that they
know is going to work.
They like knowing that
they’re not going to get
20 different emails. It’s
really easy from my
standpoint too. When I
log onto the system, I
can see what projects
people are working on,
where we’re at, what’s
overdue…it just makes
life easier.”
Susan Van Houten -Senior Director of Global Sourcing at HD Supply
© 2014 MetricStream, Inc. All Rights Reserved.
Maturity of the Product Quality & Safety Compliance Program
Reactive
Integrated
Proactive
Maturity of the Product Quality & Safety Compliance Program
Str
ate
gic
Effectiveness
Basic
Supplier dependent; Relies on Tier 1 suppliers for all relevant information, lack of effective product documentation
Multiple programs and fragmented approach; Safety & quality policies, processes in place to address after adverse events
Integrated approach to quality and safety programs; Centralized and collaborative approach with suppliers
Embedding culture of quality and safety; management commitment, risk-based approach
© 2014 MetricStream, Inc. All Rights Reserved.
Integrated GRC & Quality Management
• Automate, and integrate multiple governance, risk, compliance and audit management programs
– Quality & Safety Compliance
– Supplier Governance, Risk and Compliance
– Legal, Corporate & Regulatory Compliance
– Enterprise Risk Management
– Internal Audit
– IT GRC
© 2014 MetricStream, Inc. All Rights Reserved.
Technology Strategy for Product Safety Compliance and Testing Management Programs
© 2014 MetricStream, Inc. All Rights Reserved.
Automate and Integrate Relevant Programs
Product Compliance
Information Management
Policy & Compliance
Risk Management
Testing Management
Validation Management
NCM & CAPA
© 2014 MetricStream, Inc. All Rights Reserved.
• Risk 1
• Risk 2
• Risk 3
………
Risks
• Control 1
• Control 2
• Control 3
………
Controls
• Standard 1
• Standard 2
• Standard 3
………
Functions
• Materials
• Specifications
• RSLs
………
Product Information
• Test Plan
• Survey
• Self-Assessment………
Tests
• Risk-Based
• Requirement-Based
• Business Unit-Based
Assessment
• Action Plan
• Implement
• Monitor
Issues
• GPSD
• CPSIA
• CA Prop 65
• CCPA
• …
Area ofCompliance
• Assertion 1
• Assertion 2
Assertions
• Procedure 1
• Document 1
• Work Instruction 1………
Policies/Documents
Leverage Robust and Flexible Information Model
© 2014 MetricStream, Inc. All Rights Reserved.
Automation to Enhance Collaboration
• Alerts and notifications for regular communication to stake holders
• Collaboration between suppliers and third-party testing labs
• Supplier surveys to gather information
• Automate and manage Product Testing, certification etc.
• Collaborate with suppliers to remove / replace candidate chemicals
• Manage non-conformance & corrective actions
• Capacity Building & Training Programs
Organization
Testing LabsSuppliers
© 2014 MetricStream, Inc. All Rights Reserved.
Supplier Information & Product Specification Management
• Capture and map relevant product information from supply chain
• Include components, raw-materials, specifications, chemicals, thresholds etc.
• Automate material change process
• Facilitate supplier declaration through supplier surveys
• Leverage BOM, MSDS etc.
• Manage supplier and sub-supplier information, labs, third-party auditors
• Manage relationships between supplier, product, material, attribute and compliance
• Enable traceability and visibility across the supply chain
Product
Compliance Regulation
Raw-Materials
Chemicals SupplierCountry of
Origin
© 2014 MetricStream, Inc. All Rights Reserved.
Policies for Effective Compliance
• Create, communicate and manage policies, controls & expectations
– Product safety
– Compliance
– Testing
– Quality
• Update procurement and supplier policies to facilitate compliance
• Harmonize & Map policies to multiple compliance requirements
• Regular training & capacity building programs on regulations
• Collaborate with suppliers on policy exceptions and potential risks
• Leverage supplier surveys & assessments to ensure compliance
Create & Organize Policies
Capacity Building -Awareness and Training
Tracking and Visibility
Map Policies to Standards
& Compliance Requirements
Policy Exception
Management
Supplier Surveys & Assessments
© 2014 MetricStream, Inc. All Rights Reserved.
Centrally Manage Multiple Compliance Requirements
• Create centralized compliance library
– CPSIA, TSCA, Toy Directive,, WA, Maine, CA Prop 65
• Map Standards & Requirements to Products
• Leverage regulatory intelligence
– Identify new requirements
– updates on existing requirements
• Facilitate compliance assessments through surveys and audits
• Store and manage certifications
• Monitor and track compliance violations, progress of corrective and preventive actions
© 2014 MetricStream, Inc. All Rights Reserved.
Case Study: Fortune 500 Retail Chain
• Streamlining and integrating compliance programs across BUs and functions
• Integrated framework to streamline compliance with HR policies and procedures, training and certification requirements, privacy policies, diversity affairs, legal requirements, risk management, internal audit, IT security and SOX
• Selected MetricStream for its flexible and extensible data model and reporting capabilities that are designed to support multiple regulatory requirements in an integrated manner
© 2014 MetricStream, Inc. All Rights Reserved.
Product Testing Management
Product & Chemical Management
Test Requests &
Data Gathering
Product Testing Statius
Test Planning &
Management
Compliance Certification
Management
Test Failures &
CAPA Management
© 2014 MetricStream, Inc. All Rights Reserved.
Product Risk Assessment & Management
• Supplier & Product Risk Assessment & Management
• Identify and manage risks in central library
– Design hazard risk analysis
– Failure mode analysis for both design and production
• Regular risk assessments on products and suppliers
• Facilitate Risk-based audits, tests
• Create and manage controls & procedures including risk mitigation plans
© 2014 MetricStream, Inc. All Rights Reserved.
Product Safety & Compliance Audits
Audit Scoping
Executive Program Management
Planning & Scheduling
Audit Execution
Audit Review & Completion
Final Audit Report
Audit Remediation
© 2014 MetricStream, Inc. All Rights Reserved.
Product Non-Conformance & Corrective Action Management
• Capture non-conformance from all program elements
– policy non-conformance
– Test failures
– risk assessments
– safety audits
– Customer complaints
• Collaborate with supplier and internal teams to develop and implement corrective actions
– Product Recall
• Track and Monitor implementation to closure
© 2014 MetricStream, Inc. All Rights Reserved.
Leading Retail Chain in South Africa
• Optimize and automate supplier information, inspection and audit management processes
• Integrated solution for auditing and reporting across stores, supplier manufacturing plants, warehouses and farms
• Facilitated collaboration with third-party auditors and suppliers.
• Suppliers can access any policy documents, templates, design artworks
• Allows suppliers to upload their certificates and customer complaints which in-turn can be accessed and reviewed by internal compliance team
© 2014 MetricStream, Inc. All Rights Reserved.
MetricStream Corporate Overview
Integrated Governance, Risk & Compliance (GRC) for
Risk-Driven Intelligence and Better Business PerformanceVision
Solutions
Partners
Differentiators
• Technology - Enterprise GRC Platform – 9 Patents • Breadth of Solutions – Single Vendor for all GRC needs• Cross-industry Best Practices and Domain Knowledge• ComplianceOnline.com - Largest Compliance Portal on the Web
RecognitionLeader in Gartner GRC Magic Quadrant: 2008 to present
Leader in Forrester GRC Wave
• Store Audit & Loss Prevention
• Supply Chain Security Management
• Compliance Management
• Audit Management
• Policy & Document Management
• Supplier Governance, Risk & Compliance
• Social Compliance & Factory Audits
• Product Quality & Safety Compliance
• Risk Management
• EHS & Sustainability
© 2014 MetricStream, Inc. All Rights Reserved.
Thank YouSonal SinhaAssociate Vice President Industry [email protected]
Manu GopeendranAssociate Director [email protected]