ISO 9001-2015 Registration

This Quality Management System (QMS) standard requires a design, manufacturing, and service company to identify, document, implement, and monitor its processes and procedures affecting the quality of its products and services. It was designed as a world quality standard for international trade and to establish consistent quality practices.

Our Quality Management System has been ISO 9001 registered since 1998. We accomplished our certification without the use of external consultants, though we did use the resources of the ISO Consortium sponsored by the State of Maryland. Our registrar, Intertek Testing Services, audits our Quality Management System annually to ensure compliance.

ISO 13485:2016 Compliance

ISO 13485:2016 specifies requirements for a quality management system where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer requirements and regulatory requirements applicable to medical devices and related services.

The primary objective of ISO 13485:2016 is to facilitate harmonized medical device regulatory requirements for quality management systems. As a result, it includes some particular requirements for medical devices and excludes some of the requirements of ISO 9001 that are not appropriate as regulatory requirements. ISO9001 is focused on continual improvement whereas, ISO13485 is more focused on risk management and the effectiveness of procedures, standards, etc.

All requirements of ISO 13485:2016 are specific to organizations providing medical devices, regardless of the type or size of the organization.

If regulatory requirements permit exclusions of design and development controls, this can be used as a justification for their exclusion from the quality management system. These regulations can provide alternative arrangements that are to be addressed in the quality management system. It is the responsibility of the organization to ensure that claims of conformity with ISO 13485:2016 reflect exclusion of design and development controls.

Quality Policy

Tristate is committed to manufacturing consistent quality products here in the United States. It is essential for all levels of our organization to strive for excellence and continual improvement in quality to maintain our competitive edge.

To accomplish this Tristate will:

  • Manufacture products in accordance with our customer’s expectations, specifications and
    documented procedures,
  • Involve, empower and train all employees continually to improve quality,
  • Maintain the effectiveness of the Quality Management System,
  • Fully commit to and ensure compliance with applicable regulatory requirements.

Tristate’s Quality Policy is fully endorsed by top management to ensure that it is communicated, understood, implemented, and maintained at all levels of our organization.

To measure our progress in achieving the quality policy goals and objectives, Tristate will continually utilize the following indicators:

  • On-Time Delivery,
  • Defect Data (in house and RMA),
  • First Piece Sample (internal) and First Article Inspection (customer) acceptance data,
  • Specific customer and regulatory data required for contract manufacturing of electronic assemblies and products for use in medical devices.

In addition, we will seek and utilize relevant customer ratings and feedback that will measure the customer’s view of our efforts.

NIST 800-171 CUI Policy

The National Institute of Standards and Technology (NIST) published special publication NIST 800-171 protecting controlled unclassified information in non-federal information systems and organizations in June 2015. The purpose of this NIST publication is to provide guidance to federal agencies to ensure that certain types of federal information are protected when processed, stored, and used in non-federal information systems. NIST 800-171 applies to controlled unclassified information shared by the federal government with a non-federal entity.

NIST 800-171 applies to us when the federal government shares controlled unclassified information with manufacturing organizations. There are 14 families of security requirements outlined in in NIST 800-171 comprising a total of 109 individual controls.

ITAR Policy

International Traffic In Arms Regulations (ITAR)

Management is fully committed to ensuring Tristate Electronic Manufacturing, Inc. will comply fully with all applicable U.S export control laws and regulations. This includes the Arms Export Control Act (AECA) and International Traffic in Arms Regulations (ITAR).

Conflict Minerals Policy

It is the policy of Tristate Electronic Manufacturing to support the legislation of the Dodd-Frank Wall Street Reform Act, Section 1502. We will not knowingly incorporate Conflict Minerals into our finished product. This is accomplished according to our internal procedures, and also through the survey of our vendors in regard to their compliance and support of the above mentioned legislation.

Tristate Electronic Manufacturing will supply supporting documentation only upon specific request in an effort to reduce the impact of these requirements upon small business.