| |
Search Options | |||
| Index | Site Map | FAQ | Facility Info | Reading Rm | New | Help | Glossary | Contact Us | |
|||
|
INFORMATION SECY-03-0117 July 9, 2003
To report the results of the staff's effort to review international quality assurance standards against the existing 10 CFR Part 50 Appendix B framework and assess approaches for adopting international quality standards for safety-related components in nuclear power plants into the existing regulatory framework. The staff reviewed ISO 9001-2000, "Quality Management System (QMS) -
Requirements," and performed a comparison to Appendix B quality requirements
(see attachment
The staff's review was conducted in response to a staff requirements memorandum (SRM) dated April 1, 2002, which directed the staff to assess options for adopting more widely accepted international quality standards like International Organization for Standardization (ISO) 9001. The review considered how international standards compare with the existing Appendix B framework. The staff looked at a number of quality standards, including widely adopted international standards such as ISO 9001-2000, "Quality Management System (QMS) - Requirements," American Society of Mechanical Engineers (ASME) NQA-1, "Quality Assurance Requirements for Nuclear Facility Applications," and International Atomic Energy Agency (IAEA) 50-C-QA, "Code on the Safety of Nuclear Power Plants: Quality Assurance." The staff solicited the views of various stakeholders and other industries regarding options for using these international standards. The staff compared Appendix B requirements for quality assurance to the ISO 9001-2000. The staff interviewed suppliers having experience with both Appendix B and ISO quality programs. Finally, the staff met with industry representatives and attended a number of meetings where the feasibility of adopting international standards was discussed. The regulatory framework for quality assurance is established by 10 CFR Part 50 Appendix B. The 18 criteria of Appendix B are implemented through quality assurance program descriptions, regulatory guides, and consensus standards such as ANSI N45.2, "Quality Assurance Requirements for Nuclear Facilities," and ASME NQA-1, "Quality Assurance Requirements for Nuclear Facility Applications." Regulatory Guide 1.28, "Quality Assurance Program Requirements (Design and Construction)," describes a method acceptable to the NRC staff for complying with the provisions of Appendix B with regard to establishing and implementing the requisite quality program. It states that ASME/ANSI NQA-1-1983 is an acceptable method for complying with the pertinent quality requirements of Appendix B. During the past 15 years, some suppliers of safety-related components have dropped their Appendix B programs to focus on larger commercial markets. Consequently, the number of suppliers from which licensees can procure safety-related parts and services has declined. Some licensees, in concert with the Electric Power Research Institute (EPRI), believe that in order to maintain a large supplier base in support of current operating nuclear plants, it may be necessary to evaluate the acceptability of procuring from suppliers with quality assurance programs other than Appendix B programs. International Organization for Standardization The International Organization for Standardization is a worldwide federation of national standards bodies. The federation promotes the development of standardization and related activities with a view to facilitate the international exchange of goods and services and to develop cooperation in the spheres of intellectual, scientific, technological, and economic activity. The results of ISO deliberations are agreements that are published as international standards. ISO membership represents the viewpoints of manufacturers, vendors and users, engineering professions, testing laboratories, public services, governments, consumer groups and research organizations in each of the 140-member countries. Some 12,000 international standards and technical reports have been published by the ISO since 1980. An organization adopts ISO standards for the purpose of meeting customer expectations and applicable regulatory requirements. ISO standards are considered generic management standards that are universally applicable and do not differentiate between large and small companies. They apply to all products, irrespective of whether the product is a picture frame or a nuclear component. These generic standards are used by business enterprises, public administrative organizations, and government agencies to define processes and systems implemented within an organization. One of the most widely known of these generic management standards is ANSI/ISO/ASQ Q9001-2000. The ISO 9001 standard specifies requirements for a quality management system where an organization needs to demonstrate its ability to provide products that fulfill customer and applicable regulatory requirements and aims to enhance customer satisfaction. To become ISO certified, an organization must go through an accreditation and supplier certification process. Accreditation is performed by a registrar accreditation board (RAB), which accredits registrars, who perform the certification process. Both the RAB and the registrars are commercial enterprises. There are many registrars; there is one RAB in the United States. For the purpose of certification, registrars audit suppliers to the requirements of ISO 9001. Auditors are employees of or work under contract to registrars. Suppliers contract with registrars for certification and recertification audits. When a new edition of ISO 9001 is issued, certification to the previous edition lapses and a company must be certified to the new edition. All ISO certified suppliers must be recertified to the 2000 edition of ISO 9001 by December 2003 or lose their certification status. ISO 9001 in Regulated Industries ISO 9001 has been adopted by many regulated industries, including the aerospace, telecommunications, and automotive industries. All regulated industries that have adopted ISO 9001 have developed sector-specific programs that supplement ISO 9001 requirements. The industry most aligned with the nuclear industry with its emphasis on safety is aerospace. The aerospace industry Quality Management System (QMS), AS9100, was first implemented in 1997, following cancellation of quality system specifications by the Department of Defense. Because the Federal Aviation Administration lacked a documented quality system, the aerospace industry independently developed a sector-specific quality program so that it could pass uniform requirements to its suppliers. The 2000 edition of AS9100, developed to conform to the 2000 edition of ISO 9001, added 80 additional requirements and amplified the original 18 requirements. Areas that the aerospace industry believed were not adequately addressed by ISO 9001 include design, development, manufacture, assembly, reliability, maintainability, servicing of aerospace products, and regulatory compliance. AS9001 is being considered for adoption or endorsement by Federal agencies, including National Aeronautics and Space Administration (NASA). ISO 9001 in Nuclear Applications To assess the applicability of ISO 9001 to the nuclear industry, the staff met with two manufacturers of nuclear steam supply systems, Framatome ANP and Westinghouse. The quality programs of these manufacturers comply with both Appendix B and ISO 9001 requirements. Both manufacturers were enthusiastic about the improvements in business performance that are possible through implementation of ISO 9001. They reported that ISO 9001 assists their companies by promoting teamwork within their organizations and helps them better understand customer needs. However, to meet regulatory requirements, these companies incorporate the requirements applicable to the countries in which they operate. With respect to international operations, Framatome ANP complies with several quality standards, including the generally recognized quality standard IAEA 50-C-Q. Framatome also complies with the specific quality standards of the countries in which it operates: the Ministerial Order of August 10, 1984 (France); Nuclear Safety Standards Commission (KTA) 1401 (Germany), and 10 CFR Part 50 Appendix B (U.S.). Similarly, Westinghouse complies with IAEA-50-C-Q and 10 CFR Part 50 Appendix B. Both companies follow the guidance of ASME NQA-1 in implementing their Appendix B quality assurance programs. As part of its assessment, the staff reviewed the guidelines issued by the IAEA to its international nuclear membership as well as the quality assurance practices of France and Canada. The IAEA has approximately 130 members, including the USA. To achieve its objectives, the IAEA is authorized to establish standards of safety for the protection of health and the minimization of danger to life and property. With respect to quality assurance, the IAEA has published Safety Series 50-C/SG-Q, "Quality Assurance for Safety in Nuclear Power Plants and other Nuclear Installations." This document includes the basic quality assurance requirements for safety and provides recommendations on how to fulfill these basic requirements in the safety guides. IAEA requirements and recommendations are generally used to establish nuclear safety requirements at the nuclear utility-regulatory interface level. In 2000, the IAEA published Safety Reports Series No. 22, "Quality Standards: Comparison between IAEA 50-C/SG-Q and ISO 9001-2000." The report notes differences between the IAEA and ISO 9001 quality programs and recommends additional requirements and guidance for implementing ISO 9001. The report is issued as guidance to nuclear utilities for specifying additional requirements when procuring items from suppliers complying with ISO 9001-2000. The report emphasizes that the objectives of the IAEA Code and ISO 9001-2000 are different, though not incompatible. Whereas the emphasis of the IAEA Code is on nuclear safety, the emphasis of ISO 9001-2000 is on meeting customer requirements. The report specifically states that ISO 9001 is not consistent with IAEA 50-C-Q Code requirements in areas such as the quality assurance program, training and qualification, design and independence of design verification, and independence of inspection and testing activities. It also identifies those areas (documentation, nonconformance control, corrective actions, document control and records, inspection and testing, and audits) where ISO 9001 is not consistent with the IAEA 50-C-Q safety guide guidance. The conclusion of the Safety Report 22 is that "the IAEA Code 50-C-Q is focused on meeting the overall safety requirements for the plant, personnel, and society in general, whilst ISO 9001-2000 is focused on satisfying the requirements of the customer." The staff notes that the IAEA, which is chartered with a regulatory philosophy similar to the NRC's (i.e., protection of the public health and safety), has concluded that it is necessary to supplement the requirements of ISO 9001-2000 for use within the nuclear regulatory framework. The staff reviewed the French regulatory framework as part of its review of the French- manufactured replacement reactor pressure vessel head for North Anna Unit 2. The reactor head was manufactured to the French Nuclear Construction Code (RCC-M), 1993 edition through 1996 addenda. This RCC-M edition and addenda implement IAEA 50-C-Q Code quality assurance requirements. While the current French regulatory framework recognizes ISO 9001, it adds several supplementary requirements for procurement of components. These requirements include additional provisions for design verification, document and data control, purchasing data, product identification and traceability, inspection and testing, and control of nonconforming products. The staff also reviewed the Canadian quality program as part of its ongoing review of AECL Technologies' Advanced CANDU Reactor (ACR-700). AECL applies ISO 9000-1994 for procurement of components outside the primary system pressure boundary. Since some AECL suppliers have been reluctant to update their programs to ISO 9001-2000 because of the associated costs, AECL continues to procure from suppliers using the 1994 edition even though these companies may lose ISO certification at the end of 2003. AECL procurement specifications supplement ISO requirements, much like the French construction code. Finally, AECL performs independent audits of its ISO suppliers and has full access to audit reports issued by third-party auditors. Comparison of Appendix B and ISO 9001 Requirements One of the reasons for seeking an alternative to Appendix B quality requirements is the decrease in the number of qualified Appendix B suppliers in the United States. The nuclear industry has expressed concern that this has made it more difficult to procure replacement parts for operating plants. EPRI, through an industry task group, is developing an approach for procuring safety-related equipment from suppliers with ISO 9001-2000 quality programs. This approach would be proposed as an alternative Appendix B quality assurance program for qualifying suppliers to supply either safety-related basic components or commercial-grade items. The industry has not yet approached the staff with a proposal on how to accomplish this goal. The staff evaluation of the differences between Appendix B and ISO 9001
is summarized in the attachment
In addition to the differences between Appendix B and ISO 9001 requirements per se, related issues must be addressed. One issue concerns the actual independence of the ISO audits. Whereas Appendix B suppliers are audited independently by licensees, who bear the ultimate liability for the safety of procured items, ISO programs are reviewed and audited by auditors under a commercial contract to the supplier. These auditors would have no direct liability for defective components delivered to operating nuclear plants. Also, ISO auditors do not use standard checklists or criteria, which could result in more subjective ISO 9001 audit results than those performed under Appendix B and its implementing standards. The ISO standards body and process does not meet the ANSI definition of a consensus standard development organization. There is no consensus voting on new standards. Only member bodies, the most representative of standardization in their country, are entitled to participate and exercise full voting rights on any technical committee and policy committee. This does not allow for inquiry and interpretation or participation by a broad cross-section of stakeholders. ISO standards are updated about every five years. To remain certified, a company must be certified to the new edition. New editions of ISO do not reflect participation by all stakeholders or consensus voting. Therefore, an open issue is whether nuclear suppliers would opt for recertification under the revised edition with the requirement that licensees audit a supplier's quality assurance program if the supplier is no longer certified. Implicit in the imposition of Appendix B quality requirements through procurement documents is the complementary imposition of 10 CFR Part 21, "Reporting of Defects and Noncompliances." Part 21 addresses "basic components" as items designed and manufactured under a quality assurance program complying with 10 CFR Part 50 Appendix B or as commercial-grade items that have successfully undergone the dedication process. ISO 9001 does not have equivalent requirements to those in Part 21 for reporting deficiencies in safety-related components. Finally, Part 21 authorizes NRC to inspect the activities of suppliers of basic components under Appendix B. The existing regulatory structure does not provide the staff authority to inspect a supplier using ISO or other commercial standards unless the licensee invokes Part 21 in the procurement documents. Comparison of ISO 9001 to NQA-1 Requirements Although ISO 9001 and Appendix B are similar in format and text, they are substantially different in their implementation. Appendix B requirements are amplified and defined through consensus standards which licensees and Appendix B suppliers have committed to implement. Many licensees and suppliers have committed to follow the guidance of NQA-1, "Quality Assurance Requirements for Nuclear Facility Applications." As previously discussed, the NRC endorsed NQA-1-1983 in Regulatory Guide 1.28. The ASME Board on Nuclear Codes and Standards, in a letter to the NRC dated November 4, 2002, provided its perspective on the use of ISO 9001-2000 as a supplement or replacement for 10 CFR Part 50 Appendix B quality assurance requirements. In the letter, the ASME cautioned that, although ISO 9001 may seem initially appealing, it is less appealing when objectively evaluated. ISO 9001 is a management or process standard, not a safety standard. To develop an ISO-based product standard for the nuclear industry, there would need to be industry-specific requirements developed, much like the programs for other regulated industries. ASME is developing guidance to identify additional requirements that an ISO supplier would need to include to meet the NQA-1 standard. ASME further stated that the development of nuclear quality assurance standards through the ANSI consensus process include the participation of all stakeholders. The process has been successfully applied to the commercial nuclear industry in the United States. In contrast, changes to ISO 9001 are developed and approved by the ISO without the participation of all stakeholders potentially affected by these changes. ASME NQA-1 is a single source document that consolidates current regulatory requirements, incorporates lessons learned from over 30 years of safe operation, and addresses new technology used in risk-informed initiatives. Requirements in NQA-1 were found to be more definitive than ISO 9001 in areas such as:
The staff recently approved NQA-1-1994 for the Exelon Nuclear operating fleet. Other licensees plan to adopt NQA-1-1994 for their plants through the provisions of the 50.54(a) process. This allows licensees to make changes to selected elements of their quality assurance program without having to obtain prior NRC approval. The staff is working with the NQA-1 committee on establishing an effective method for approving future editions of the standard. Nuclear Sector-Specific ISO Program A sector-specific ISO program, similar to the successful aerospace industry program, is a potential approach for application to the nuclear industry. Sector-specific quality programs have been found acceptable in various industry sectors because they provide a uniform standard and uniform oversight through the registration and accreditation process. Sector-specific programs commonly have three attributes: Standardization: Industries should have common regulations, laws, or processes for measuring the level of performance or quality for business activities. Quality Requirements: Industries that have higher performance expectations should develop industry controls and requirements to supplement basic ISO requirements. Registration and Accreditation: Sector-specific programs use a certification process of registering organizations and provide an accreditation process to verify the organizations' compliance. This process has the effect of obtaining compliance with the sector-specific program through the purchaser's procurement documents that require sector-specific program certification. In effect, an organization has to be a registered ISO sector-specific program organization to be a qualified supplier in the sector. Certain materials and components are procured from organizations that are accredited or authorized by a certifying organization such as ASME. The nuclear industry provides consolidated oversight of its procurement process through the Nuclear Procurement Issues Committee (NUPIC), a utility auditing group that conducts audits based on a standard evaluation process and format. NUPIC audit reports of suppliers are shared by participating utilities, who make specific determinations as to the adequacy of a supplier's quality program. NUPIC is unlike an ISO registrar in that it has no formal registration or certification process and maintains no formal list of certified suppliers. The existing process for the qualification of a supplier in the nuclear sector is a process that can involve multiple organizations. In reality, NUPIC already provides the uniform oversight and sector-specific qualification process that adoption of the ISO system of registration would provide. The three attributes noted above are already embodied in the current regulatory structure. Federal regulations like 10 CFR Part 50 Appendix B, consensus standards like ASME NQA-1, the ASME Code accreditation process, the NUPIC joint utility audit program, licensing of facilities, and NRC inspection oversight already provide standardization and enforceable oversight of quality and nuclear safety requirements for suppliers and subsuppliers to licensees. Improvements to the Regulatory Framework for Quality Assurance The regulatory framework for quality assurance established by 10 CFR Part 50 Appendix B has worked effectively for 30 years. Since the late 1980s, the staff has completed several initiatives to improve the efficiency and effectiveness of the regulatory framework for quality assurance. In 1989, the staff issued Generic Letter (GL) 89-02, "Actions to Improve the Detection of Counterfeit and Fraudulently Marketed Products," and in 1991, GL 91-05, "Licensee Commercial Grade Procurement and Dedication Programs." These generic letters documented the staff's position on the process for the procurement and dedication of commercial-grade items. In GL 89-02, the staff conditionally endorsed the June 1988 EPRI NP-5652, "Guideline for the Utilization of Commercial-Grade Items in Safety Related Applications (NCIG-07)." Historically, the commercial-grade dedication process has proven to be an effective method for procuring items from the commercial market and demonstrating their suitability for use in safety-related applications. In the early 1990s, the staff facilitated the change control process for administrative controls described in Regulatory Guide 1.33, "Quality Assurance Program Requirements (Operation)," by allowing these controls to be relocated from the technical specifications to the quality assurance program. In 1998, the staff issued Regulatory Guide 1.176, "An Approach for Plant-Specific, Risk-Informed Decision Making: Graded Quality Assurance," which defines a method acceptable to the staff for grading the requirements of Appendix B. Subsequently, the staff recommended in SECY-98-300, "Options for Risk-Informed Revisions to 10 CFR Part 50, Domestic Licensing of Production and Utilization Facilities," that risk-informed approaches to the application of special treatment requirements be developed. In 1999, the Commission amended 50.54(a) to allow licensees to make certain changes to their quality assurance programs without prior NRC review. This includes changes such as the use of a QA standard approved by the NRC which is more recent that the QA standard in the licensee's current QA program, using a quality assurance alternative or exception approved by an NRC safety evaluation (provided that the basis of the NRC approval is applicable to the licensee's facility), and generic organizational changes. The number of license amendments and changes to quality assurance (QA) programs have declined as a result of these initiatives. In an NEI August 15, 2000, letter to the staff, NEI stated, "The direct final rule was promulgated thirteen months prior to the workshop, providing adequate time for the industry to ascertain the short-term worth of the rule in reducing unnecessary burden while maintaining the integrity of a comprehensive QA program. It was evident to the industry participants during the course of the workshop that the direct final rule has been beneficial. A separate rulemaking on 10 CFR 50.54(a) is not needed since QA special treatment requirements are being addressed under the Risk-Informing Part 50, Option 2 initiative." The staff has reviewed risk-informed applications in many areas. In this respect, the staff has been successful in developing and implementing a regulatory means for factoring risk insights into the current regulatory framework. Recently, the staff has taken steps to reduce the scope of equipment subject to the requirements of Appendix B. The ongoing 10 CFR 50.69 rulemaking provides an alternative to full scope implementation of Appendix B for treatment of low risk significant safety-related SSCs. Appendix B contains provisions for applying a graded approach to quality assurance according to a component's importance to safety. The 50.69 process recognizes that components may differ in importance and implements a graded approach based on a risk-informed categorization process. This approach significantly reduces the scope of SSCs subject to special treatment requirements, including quality assurance programmatic requirements. The proposed rule would implement new treatment requirements based on the risk significance of SSCs and should give the licensees' quality assurance programs more flexibility to use quality standards that meet these programmatic requirements, including international standards. Licensee Approaches for Potential ISO 9001 Implementation Approach 1: Acceptance of ISO 9001 as an Alternative to Appendix B ISO 9001 specifies QMS requirements for supplier process controls for
meeting customer and regulatory requirements and for enhancing customer
satisfaction. The staff performed a review of the ISO quality standard
ISO 9001-2000, "Quality Management System - Requirements." The staff broke
down the 18 criteria of Appendix B into 69 elements and then compared
them to the specific requirements of ISO 9001. The comparison, or "gap
analysis" is summarized in the attachment
Approach 2: Nuclear Sector-Specific ISO Program As discussed above, a sector-specific ISO quality program has been successfully implemented in other industries. However, implementation of a nuclear sector-specific ISO quality program would need significant supplementary requirements to meet the needs of industries that have safety as their primary goal. The current NRC regulatory framework includes the necessary elements comprising a sector-specific quality program. Efforts to convert ISO 9001 to a sector-specific quality program that would meet the needs of the nuclear industry appears to be feasible, but would be redundant to existing programs. Significant resources would be required by licensees and the staff to develop a nuclear sector-specific ISO 9001 quality assurance program that would meet the current regulatory framework. Approach 3: Licensee-Specific Controls for ISO 9001 Certified Suppliers Licensees could provide additional controls, where necessary, within their individual QA program, to procure safety-related items. These controls may take the form of specifying quality or technical requirements in the procurement documents to augment the supplier's ISO QMS program requirements. This may include receipt inspections and/or tests to detect failure of the supplier's ISO QA program to provide items of sufficient quality. This approach appears to be feasible, however these additional licensee controls would seem to negate the benefits of using ISO 9001. Implementation of this approach would require significant resources from a regulatory oversight perspective because it would require a staff review of individual licensee quality programs. Approach 4: ISO 9001 Certified Suppliers for Commercial-Grade Item Procurement The use of suppliers with ISO 9001-2000 certification by licensees would be appropriate for replacement parts purchased as commercial-grade items. The procurement of commercial-grade items and commercial-grade dedication are discussed earlier in this paper. Licensees could perform commercial-grade dedication under their existing quality programs for parts purchased from ISO 9001 suppliers. This approach appears to be feasible in that it would have minimal resource impact for licensees and the staff. This paper has discussed the feasibility of incorporating ISO 9001 into
the existing regulatory framework of quality assurance requirements and
identified four potential approaches for implementation. Two of the approaches
were determined to be more suitable for further development. These were
approaches three and four. ISO has found general acceptability as a management
and process standard for promoting customer satisfaction through establishing
a system of quality assurance requirements that can be used by suppliers,
irrespective of size, business type, product or service. This universality
necessitated development of supplementary requirements to be applied to
the ISO 9001 QMS by other regulated industries and their regulating bodies.
Similarly, the NRC staff would expect supplemental quality requirements
be applied to ISO 9001-2000 QMS as described in the attachment
This paper also reviewed existing NRC quality assurance requirements and efforts to improve their effectiveness and efficiency. The staff concluded that considerable actions have already been taken or are in progress to reduce unnecessary regulatory burden on licensees resulting from compliance with Appendix B requirements. We are aware of ongoing industry initiatives that are looking at alternatives to Appendix B requirements and we expect to see industry initiatives and licensee submittals in this area. The staff will continue to work with stakeholders in utilizing the current and proposed regulatory framework. No additional staff resources were deemed necessary at this time. The Office of the General Counsel has reviewed this paper and has no legal objection to its content. The Office of the Chief Financial Officer (OFCO) has reviewed this paper for resource implications and has no objections.
|
|
Privacy Policy |
Site Disclaimer |
).
Based on this review, the staff concluded that supplemental quality requirements
would need to be applied when implementing ISO 9001 within the existing
regulatory framework. The staff developed four potential approaches for
licensee implementation of ISO 9001. Two of the approaches were determined
to be more suitable for further development. These were licensee-specific
controls for ISO 9001 certified suppliers during procurement and using
ISO 9001 certified suppliers for procuring commercial-grade items. The
staff would expect supplemental quality requirements be applied to ISO
9001 for the areas described in the attachment. The staff also concluded
that considerable actions have already been taken or are in progress to
reduce regulatory burden associated with Appendix B. The proposed 50.69
risk-informed rulemaking will provide a more efficient and effective regulatory
process while continuing to maintain safety.