Connect981 – Content Dev

Glossary Tag: risk detection

  • Electronic Hold

    An electronic hold is a system-controlled status that prevents specified material, lots, serial numbers, work orders, inventory, or related records from being used, moved, processed, or shipped until the hold is reviewed and released. In manufacturing, it is commonly applied in MES, ERP, QMS, warehouse, or traceability systems to support containment and quality control workflows.

    Electronic holds are often used when material is suspected of being nonconforming, affected by a quality escape, awaiting inspection, pending disposition, or subject to a process restriction. A hold may include a reason code, scope, owner, timestamp, release authority, and links to related nonconformance, inspection, deviation, or corrective action records.

    An electronic hold is not the same as physical quarantine, although the two are often used together. The electronic hold blocks or flags transactions in software; physical quarantine separates or identifies the material on the shop floor or in storage. The effectiveness of an electronic hold depends on accurate traceability, correct master data, disciplined transactions, and integration between systems that control production, inventory, and shipment.

  • FOD control

    FOD control is the set of practices used to prevent, detect, remove, and document foreign objects in manufacturing, maintenance, and inspection areas. In industrial and aerospace settings, FOD commonly refers to both foreign object debris, meaning unwanted material in a work area or product, and foreign object damage, meaning damage caused by that material.

    FOD control is commonly applied in quality-sensitive operations where loose hardware, tools, packaging, dust, wire clippings, or other unintended items could affect product conformity, equipment condition, or traceability. It may include tool accountability, area cleaning, part protection, visual checks, material segregation, operator instructions, and records of inspections or findings.

    FOD control is related to housekeeping and 5S, but it is not the same thing. Housekeeping focuses broadly on workplace order and cleanliness. FOD control is specifically concerned with preventing foreign material from entering, remaining in, or damaging a product, assembly, machine, or controlled work zone.

    In software-supported operations, FOD control may appear in digital work instructions, inspection checklists, nonconformance workflows, audit records, or maintenance documentation. These records help show that required checks were performed, but the term itself refers to the operational control process rather than to any specific software feature or certification outcome.

  • Deviation Permit

    A deviation permit is a controlled authorization to temporarily depart from a specified requirement, process, drawing, material, inspection method, or other approved instruction. In manufacturing, it commonly applies to a defined lot, order, part number, operation, supplier shipment, or time period.

    A deviation permit is usually reviewed before the affected work is performed or accepted. It records what requirement is being deviated from, why the deviation is needed, who approved it, the permitted scope, any conditions, and when the permission expires. It may be used for cases such as an approved substitute material, a temporary process parameter change, or an alternate inspection approach.

    A deviation permit does not permanently change the baseline requirement. It should not be confused with an engineering change, which updates the approved design or process documentation. It is also related to, but not always the same as, a concession or waiver, which may be used to accept nonconforming output after it has occurred, depending on the organization’s terminology.

    In MES, QMS, ERP, or supplier quality workflows, deviation permits are often linked to traceability records, affected units, approvals, and quality evidence so that the temporary exception can be reviewed and contained within its approved limits.

  • Material hold

    Material hold is a controlled status applied to raw material, components, work in process, or finished goods to prevent their use, movement, shipment, or consumption until an authorized review or disposition is completed.

    In manufacturing, a material hold is commonly used when material may be nonconforming, lacks required documentation, is awaiting inspection, has a traceability concern, or is subject to an engineering, quality, or supplier review. The hold may be physical, such as moving parts to a quarantine area, digital, such as changing inventory status in an ERP, MES, WMS, or QMS, or both.

    A material hold does not by itself mean the material is scrap or rejected. It means the material is restricted pending a decision, such as release for use, rework, return to supplier, deviation approval, or rejection. It should not be confused with a production hold, which usually stops or restricts a process, order, or operation rather than a specific lot, batch, serial number, or inventory quantity.

  • Time-Controlled Component

    A time-controlled component is a part, material, or assembly whose use, status, or replacement is governed by an elapsed-time limit. The limit may relate to shelf life, storage duration, open time, cure time, service life, operating hours, or another defined time-based condition.

    In manufacturing and quality systems, time-controlled components are commonly tracked so that expired, over-age, or time-exceeded items are not used without the required disposition. Examples include adhesives with a limited pot life, materials with expiration dates, calibrated items with due dates, and aerospace components with defined service or replacement intervals.

    This term should not be confused with a timing device or an electronic component that controls time. It describes how the component is managed, not what the component does. It is also distinct from lot-controlled or serial-controlled tracking, although the same item may be controlled by lot, serial number, and time at the same time.

  • Regulatory Surveillance

    Regulatory surveillance is ongoing oversight, monitoring, or review used to assess whether regulated products, processes, records, or organizations continue to meet applicable requirements. In manufacturing, it commonly refers to activities by regulators, customers, or authorized oversight bodies, as well as internal monitoring designed to detect compliance risks before formal findings occur.

    Regulatory surveillance may include inspections, review of quality records, monitoring of nonconformance trends, follow-up on corrective actions, supplier oversight, reporting obligations, or review of post-release product performance. In digital manufacturing environments, it often depends on controlled records, audit trails, traceability data, version history, and evidence from systems such as MES, QMS, ERP, or document control platforms.

    The term should not be confused with general shop-floor monitoring or production analytics. Those activities may support regulatory surveillance, but regulatory surveillance specifically concerns oversight against external requirements, approved procedures, or defined compliance obligations. It also does not by itself imply certification, validation, or acceptance by an authority.

  • Safety-critical task

    A safety-critical task is a task where an error, omission, incorrect configuration, wrong part, missed inspection, or incomplete record could affect product safety, airworthiness, or continued safe operation. In manufacturing and MRO environments, the term is commonly used to identify work steps that require tighter control, verification, documentation, or authorization.

    Safety-critical tasks may appear in production routings, maintenance procedures, inspection plans, digital work instructions, quality records, and MES or MRO execution workflows. Examples include installing a flight-critical component, applying a required torque value, performing an independent inspection, or confirming a configuration-controlled part.

    The label is usually based on approved engineering or maintenance data, design authority requirements, customer flowdowns, site risk controls, and applicable procedures. It should not be confused with a task that is merely urgent, costly, or schedule-critical. A task can be business-critical without being safety-critical, and a safety-critical task may be routine but still require controlled execution and traceable evidence.

  • Counterfeit Part Prevention

    Counterfeit part prevention is the set of procurement, quality, traceability, and handling controls used to reduce the risk that counterfeit, suspect, or unauthorized parts enter manufacturing, maintenance, or delivered product.

    In manufacturing and regulated supply chains, the term commonly applies to purchased components, electronic parts, raw materials, fasteners, tooling-related items, and replacement parts where authenticity and provenance matter. Controls may include buying from approved or authorized sources, supplier evaluation, purchase order flowdown, certificate and lot traceability, receiving inspection, test or verification activities, segregation of suspect parts, and documented disposition.

    Counterfeit part prevention is not the same as general incoming inspection. Incoming inspection may check conformance to specifications, while counterfeit part prevention focuses on authenticity, source legitimacy, traceable records, and response to suspected misrepresentation. It also does not guarantee that counterfeit parts cannot occur; it describes a risk-control process used to identify, prevent, and manage that risk.

    The term is especially common in aerospace, defense, electronics, and other quality-sensitive sectors. In AS9100-related contexts, counterfeit part prevention is one of the added supply chain and product integrity controls beyond a general ISO 9001 quality management system.

  • ISO/IEC 27001:2022

    ISO/IEC 27001:2022 is the 2022 edition of the international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). It provides a structured framework for managing information security risks for all types of organizations, including manufacturers operating regulated production and OT/IT environments.

    The standard covers how an organization defines the scope of its ISMS, assesses information security risks, selects and applies controls, and monitors performance and improvement. It is technology neutral and can be applied to on-premises systems, cloud services, operational technology (OT), and integrated IT/OT architectures.

    Key elements

    ISO/IEC 27001:2022 commonly refers to:

    • ISMS requirements: Clauses that define management-system practices such as context, leadership, planning, support, operation, performance evaluation, and improvement.
    • Annex A reference controls: A catalog of information security controls organized into themes such as organizational, people, physical, and technological controls. These are references for risk treatment, not a mandatory checklist.
    • Risk-based approach: The requirement to identify information security risks, define risk criteria, choose treatments, and document decisions in a statement of applicability.
    • Continuous improvement: Expectations for monitoring, internal audits, management review, and corrective actions to keep the ISMS effective and up to date.

    Use in industrial and regulated manufacturing environments

    In manufacturing, ISO/IEC 27001:2022 is commonly used to structure information security around systems such as MES, ERP, historians, lab systems, and OT networks. Typical applications include:

    • Defining how access to production and quality systems is governed and logged.
    • Aligning network segregation, remote access, and patching practices for OT assets with formal risk assessments.
    • Coordinating information security with quality management, document control, and audit readiness processes.
    • Supporting supplier and customer expectations around information security governance, without implying any specific certification outcome.

    Relation to other ISO/IEC 27000-series documents

    ISO/IEC 27001:2022 sits within the broader ISO/IEC 27000 family of information security standards. For example:

    • ISO/IEC 27002 provides guidance on implementing controls conceptually aligned with the Annex A controls of ISO/IEC 27001:2022.
    • Other 27000-series documents address topics such as OT security, incident management, and sector-specific guidance.

    Organizations often use 27001 as the management-system core and reference additional 27000-series standards for more detailed practices.

    Common confusion

    • Standard vs. certification: ISO/IEC 27001:2022 is a written standard. Certification is a separate process conducted by external bodies. The term “ISO 27001” is often used loosely to mean both, which can cause misunderstanding.
    • “Four categories” of controls: Training materials sometimes group Annex A controls into a small number of categories for teaching purposes. ISO/IEC 27001:2022 itself defines its own control structure and naming; it does not formally define a “four category” model.
    • 27001 vs. 27002: ISO/IEC 27001:2022 defines ISMS requirements and references control themes. ISO/IEC 27002 provides detailed implementation guidance for controls. They are related but not interchangeable.

    Context of the 2022 edition

    The 2022 edition updates and replaces earlier editions of ISO/IEC 27001. It aligns its Annex A controls with the revised ISO/IEC 27002 structure, streamlines and renames several controls, and reflects current practices in areas such as cloud services and modern networked environments. When organizations refer to “ISO 27001” in current projects or contracts, they often mean ISO/IEC 27001:2022 unless an earlier edition is explicitly specified.

  • Manufacturing work instructions

    Manufacturing work instructions are controlled documents that describe, step by step, how to perform specific production, inspection, or test activities to make a defined product or component. They translate higher-level process descriptions and product specifications into clear, executable tasks for operators and technicians on the shop floor.

    Manufacturing work instructions typically include the sequence of operations, required tools and materials, key parameters and setpoints, inspection or measurement steps, and acceptance or rejection criteria. In regulated or quality-critical environments, they are subject to document control, version management, and formal review and approval.

    How manufacturing work instructions are used

    In industrial and regulated manufacturing environments, manufacturing work instructions commonly:

    • Guide operator actions for assembly, machining, mixing, packaging, testing, or inspection
    • Reference related documents such as drawings, specifications, recipes, bills of materials, and standard operating procedures
    • Capture critical quality steps, sign-offs, and required checkpoints
    • Provide visual aids such as diagrams or photos to clarify tasks
    • Serve as a basis for training and qualification on specific operations
    • Record production data or confirmations when implemented digitally through MES or electronic work instruction systems

    What manufacturing work instructions are not

    • They are not high-level policies or quality manuals, which describe overarching requirements.
    • They are not full process descriptions or SOPs when those focus on broader procedures rather than task-level steps.
    • They are not engineering drawings or specifications, although they often reference those documents.

    Common confusion

    The term “manufacturing work instructions” is sometimes used interchangeably with:

    • Standard operating procedures (SOPs): SOPs usually describe how to perform a class of activities at a procedural level. Manufacturing work instructions tend to be more detailed and operation-specific.
    • Work orders or production orders: These authorize and schedule work for specific quantities and time periods. Manufacturing work instructions describe how to do the work but do not schedule or authorize it.
    • Digital work instructions: Digital work instructions are an electronic implementation of manufacturing work instructions within MES or other systems, but the underlying concept of task-level guidance is the same.

    Context: MWI acronym

    In many manufacturing environments, the acronym “MWI” is commonly used to mean “manufacturing work instructions.” Sites may use different acronyms or document types, so the meaning should be verified against local document control practices and system configuration.