upload iso 9001 2015 presentation
TRANSCRIPT
ISO 9001 - 2008 TO 2015
Purpose of presentation:To Provide a summary of notable changes
from ISO 9001:2008 to ISO 9001:2015
WHO MADE THE CHANGES….
ISO 9001:2015 is published by ISO technical committee (TC) ISO/TC 176, sub-committee 2.
When the standard was revised and updated in 2015 the TC prepared some guidance documents to help organizations and companies implement the revised version of the standard.
NIGEL HOWARD CROFT(CHAIRMAN OF ISO’S TECHNICAL COMMITTEE TC 176/SC 2)
This revision is not a revolution but it is evolutionary process
And this ISO 9001:2015 is very much focused on the performance
WHY THIS REVISION?
Increased prominence of services .(Also there is a general perception that the old standard is leaned towards manufacturing)
Globalization (Integration of products and ideas from all parts of the world made possible by technology)
Cont..
WHY THIS REVISION? More complex supply chain (sub-
suppliers, suppliers, organization, distributors, wholesalers, online sellers, customer, etc.)
Increased interested parties’ expectations
Improvement of Information technology & Electronic Medium
BENEFICIAL CHANGES TO ISO 9001
Enhanced leadership involvement in the management system Risk-based thinking Simplified language, common structure
and terms Aligning QMS policy and objectives with
the strategy of the organization
BENEFICIAL CHANGES TO ISO 9001…PDCA
POTENTIAL BENEFITS TO THE USER
Focus on achieving planned results Flexibility for documented information Improved risk control Better process control leading to
improved results Improved customer satisfaction Customer retention and loyalty Improved image and reputation Greater credibility
KEY BENEFITS OF THECOMMON CLAUSE STRUCTUREA new common format has been developed
All ISO management systems standards will look the same with the same structure (some deviations)
More efficient to address multiple management system requirements
Provides the option of integrating management systems
Standardized core definitions
NEW FORMAT FOR ISO MANAGEMENT SYSTEM STANDARDS
ISO has just completed work to provide identical structure, text and common terms and definitions for management system standards of the future.
Both ISO 9001 and ISO 14001 revised standards followed the new outline
FROM THE NEW ANNEX SL
All technical committees developing management system standards have to follow Annex SL in the new consolidated ISO Supplement
High level structure : Clause 1 - Scope Clause 2 - Normative references Clause 3 - Terms and definitions Clause 4 - Context of the organization Clause 5 - Leadership Clause 6 - Planning Clause 7 - Support Clause 8 - Operation Clause 9 - Performance evaluation Clause 10 - Improvement
CLARIFICATION OF NEW STRUCTURE, TERMINOLOGY AND CONCEPTS1. Structure and terminology2. Products and services3. Understanding the needs and
expectations of interested parties4. Risk-based thinking5. Applicability6. Documented information7. Organizational knowledge8. Control of externally provided
processes, products and services
STRUCTURE AND TERMINOLOGY
The clause structure (i.e. clause sequence) and some of the terminology of this Standard have been changed to improve alignment with other management systems standards.
The structure of clauses is intended to provide a coherent presentation of requirements, rather than a model for documenting an organization’s policies, objectives and processes.
STRUCTURE AND TERMINOLOGYISO 9001:2008 ISO 9001:2015Products Products and servicesExclusions Not used
(See Clause A.5 for clarification of applicability)
Management representative
Not used(Similar responsibilities and authorities are assignedbut no requirement for a single management representative)
Documentation, quality manual, documented procedures,records
Documented information
Work environment Environment for the operation of processes
Monitoring and measuring equipment
Monitoring and measuring resources
Purchased product Externally provided products and services
Supplier External provider
PRODUCTS AND SERVICES
ISO 9001:2008 used the term “product” to include all output categories.
This edition of this International
Standard uses “products and services”. “Products and services” include all output categories (hardware, services, software and processed materials).
UNDERSTANDING CONTEXT OF ORGANIZATION
UNDERSTANDING THE NEEDS AND EXPECTATIONS OF INTERESTED PARTIES Sub clause 4.2 specifies requirements
for the organization to determine the interested parties that are relevant to the quality management system and the requirements of those interested parties.
However, 4.2 does not imply extension of quality management system requirements beyond the scope of this International Standard
RISK-BASED THINKING One of the key purposes of a quality
management system is to act as a preventive tool.
Consequently, this International Standard does not have a separate clause or sub clause on preventive action. The concept of preventive action is expressed through the use of risk-based thinking in formulating quality management system requirements.
RISK-BASED THINKING There is no requirement for formal
methods for risk management or a documented risk management process
Organizations can decide whether or not to develop a more extensive risk management methodology than is required by this International Standard, e.g. through the application of other guidance or standards.
RISK-BASED THINKING The Main Objectives of International
Standards is : • To provide confidence in the
organization’s ability to consistently provide customers with conforming goods and services
• To enhance customer satisfaction The concept of “risk” in the context of
the international standards relates to the uncertainty in achieving these objectives
WHAT IS “RISK-BASED THINKING Risk-based thinking is something we all do
automatically and often sub-consciously The concept of risk has always been implicit in
ISO 9001 – the 2015 revision makes it more explicit and builds it into the whole management system
Risk-based thinking is already part of the process approach
Risk-based thinking makes preventive action part of the routine
Risk is often thought of only in the negative sense. Risk-based thinking can also help to identify opportunities. This can be considered to be the positive side of risk
WHAT SHOULD I DO? - “RISK-BASED THINKING Identify what the risks and opportunities
are in your organization – it depends on context –ISO 9001:2015 will not automatically require you to carry out a full, formal risk assessment, or to maintain a “risk register”
ISO 31000 (“Risk management — Principles and guidelines”) will be a useful reference (but not mandated)
DOES IT HELP YOU? - “RISK-BASED THINKING
KEY POINTS TO REMEMBER
Risk Based Thinking = Preventative Action
Risk Based Thinking is everybody’ s business! – Risk Based Thinking is not just the responsibility of management
– Risk Based Thinking must become an integral part of the organizational culture
APPLICABILITY This International Standard does not
refer to “exclusions” in relation to the applicability of its requirements to the organization’s quality management system.
But the organization can decide that a requirement is not applicable if its decision will not result in failure to achieve conformity of products and services.
DOCUMENTED INFORMATION “Documented information” is used for
all document requirements. Documented information is the
information required to be controlled and maintained by an organization and the medium on which it is contained.
DOCUMENTED INFORMATION
The organization is responsible for determining what documented information needs to be retained, the period of time for which it is to be retained and the media to be used for its retention
The organization can decide whether or not it is necessary or appropriate to maintain documented information
ISO9001:2015 - REQUIRED DOCUMENTSSNo “Maintain” as Documented
Information ISO 9001 Clause
1 Documented information stating the scope of quality management system
4.3
2 Documented information to extent necessary to support operation of processes
4.4
3 Documented information available for quality policy
5.2.2.a
4 Documented information required by this International Standard
7.5.1.a
5 Documented information determined by the organization as being necessary for the effectiveness of the quality management system
7.5.1.b
6 Documented information of external origin determined by the organization to be necessary for the planning and operation of the quality management system
7.5.3.2
ISO9001:2015 – REQUIRED RECORDS Open the attached PDF
Documents & Records-Documented-Information.pdf
ORGANIZATIONAL KNOWLEDGE Requirements regarding organizational
knowledge were introduced for the purpose of:
a) safeguarding the organization from loss of knowledge, e.g.
— through staff turnover;— failure to capture and share information; b) encouraging the organization to acquire
knowledge, e.g.— learning from experience;— mentoring;— benchmarking.
CONTROL OF EXTERNALLY PROVIDED PROCESSES, PRODUCTS AND SERVICES All forms of externally provided
processes, products and services are addressed in 8.4, e.g. Whether through:
a) purchasing from a supplier;b) an arrangement with an associate
company;c) outsourcing processes to an external
provider.
STRUCTURE OF ISO 9001:2015 (1/3)
1 Scope 2 Normative references 3 Terms and definitions
4 Context of the organization 4.1 Understanding the organization and its context 4.2 Understanding the needs and expectations of
interested parties4.3 Determining the scope of the quality management system 4.4 Quality management system and its processes
5 Leadership 5.1 Leadership and commitment5.2 Policy 5.3 Organizational roles, responsibilities and
authorities 6 Planning
6.1 Actions to address risks and opportunities 6.2 Quality objectives and planning to achieve them 6.3 Planning of changes
STRUCTURE OF ISO 9001:2015 (2/3)
7 Support 7.1 Resources 7.2 Competence 7.3 Awareness 7.4 Communication 7.5 Documented information
8 Operation 8.1 Operational planning and control8.2 Requirements for products and services 8.3 Design and development of products and
services 8.4 Control of externally provided processes,
products and services8.5 Production and service provision8.6 Release of products and services8.7 Control of nonconforming outputs
STRUCTURE OF ISO 9001:2015 (3/3)
9 Performance evaluation 9.1 Monitoring, measurement, analysis and
evaluation 9.2 Internal audit 9.3 Management review
10 Improvement 10.1 General10.2 Nonconformity and corrective
action 10.3 Continual improvement
Clause 4.1 Determine what the relevant external and internal issues are for your organization, and that are relevant to its strategic direction
4 Context of
organization
4.1 Understanding
context
4.2 Interested
parties
4.3 Scope
4.4 QMS
Clause 4.2Identify the relevant interested parties and their relevant requirements
4 Context of
organization
4.1 Understanding
context
4.2 Interested
parties
4.3 Scope
4.4 QMS
Clause 4.3 and 4.4The requirement for the scope is now better defined, must be documented and consider:
external and internal issues requirements of relevant interested
parties the products and services covered
(must also be stated in scope) allowing applicability of specific
requirements justification for any case where a
requirement cannot be applied (exclusion)
4 Context of
organization
4.1 Understanding
context
4.2 Interested
parties
4.3 Scope
4.4 QMS
Clause 5.1.1Leadership is required to ensure:
take accountability for the effectiveness of the quality management system
ensure the quality policy and quality objectives are compatible with the context and strategic direction of the organization
ensure the integration of the QMS requirements into the organization’s business processes
promote the use of the process approach and risk-based thinking
ensure that the QMS achieves its intended results
engage, direct and support persons to contribute to the effectiveness of the QMS
supporting relevant management roles promotion of improvement
Clause 5.1.2 Top management needs to ensure customer satisfaction through:
customer and applicable statutory and regulatory requirements being determined and met
risk and opportunities are being addressed
the focus on products and services meeting customers and other requirements
5 Leadership
5.1 Leadership and commitment
5.2Policy
5.3Organizational
roles, responsibilities and authorities
5 Leadership
5.1 Leadership and commitment
5.3Organizational roles, responsibilities and
authorities
5.2 Policy
Clause 5.2 Clear requirement to apply the policy
Clause 5.2 Explicit requirement to apply the policy
Clause 5.3 Explicit requirement for relevant roles
to be assigned, communicated and understood
No requirement for a specific management representative and the responsibility now resides with top management to assign and manage
Requirement for defining responsibility and authority for ensuring processes are delivering their intended outputs
5 Leadership
5.1 Leadership and commitment
5.2Policy
5.3Organizational
roles, responsibilities and
authorities
Clause 6.1 Considering the issues raised and
relevant interested parties’ requirements identified (4.1 and 4.2), this clause requires the determination of risks and opportunities which need to be addressed, actions to be taken and evaluation of the effectiveness of these actions
6 Planning
6.1 Actions to
address risks and opportunities
6.2 Objectives and
planning
6.3 Planning of
changes
Clause 6.2Objectives should be: established for processes relevant to the QMS in line with customer requirements in line with products and services conformity monitored, communicated & updated
6 Planning
6.1 Actions to address
risks and opportunities
6.2 Objectives and
planning
6.3 Planning of changes
Clause 6.3Changes to the QMS should be carried out in a planned mannerThe standard has evolved to enable organizations to adapt to changing environments or circumstancesNote: It is important to know that change is addressed in the following clauses:
Clause 6.3 - Planning/implementing changes to the QMS
Clause 7.1.6 - Organizational knowledge - for addressing changing needs and trends, with respect to knowledge
Clause 8.1 - Controlling operational changes, planned and unintentional
Clause 8.5.6 - Addressing changes affecting products & services
6 Planning
6.1 Actions to address
risk and opportunity
6.2 Objectives and
planning
6.3 Planning of
changes
7.1 Resources
7.3 Awareness
7.4 Communication
7.5 Documented information
7.2 Competence
7.1.4 Environment for the
operation of processes
7.1.5 Monitoring and
measuring resources
7.1.2 People
7.1.3 Infrastructure
7.1.6 Organizational
knowledge
Clause 7.1There should be adequate resources to ensure effectiveness of the QMS. Resource considerations now include: internal resources external providers people monitoring and measuring resources organizational knowledge required to ensure the
processes provide conforming products and services
external communication
.
7 Support
7.1 Resources
7.3 Awareness
7.4 Communication
7.5 Documented information
7.2 Competence
7.1.4 Environment for the
operation of processes
7.1.5 Monitoring and
measuring resources
7.1.2 People
7.1.3 Infrastructure
7.1.6 Organizational
knowledge
Clause 7.3 and 7.4Relevant persons doing work under the organization’s control need to have awareness and communication (internal and external) of the QMS and benefits of improving performance
7 Support
Clause 7.5.1Requirements that used to be required for a quality manual have been enhanced and made more flexible to allow for the use of documented information needed for the quality management system
Clause 7.5.2 Enhanced requirement for the creation and updating of documented information, e.g. description, format & suitability
Clause 7.5.3Control of documented information – now explicitly includes confidentiality, integrity and access
7 Support
7.1 Resources
7.3 Awareness
7.4 Communication
7.5 Documented information
7.2 Competence
7.1.4 Environment for
operation of processes
7.1.5 Monitoring and
measuring resources
7.1.2 People
7.1.3 Infrastructure
7.1.6 Organizational
knowledge
Clause 8.1.b explicit requirement for establishing
criteria for processesClause 8.2.1 explicit considerations are now linked
to: customer communications; customer property, and contingency actions
Clause 8.2.2 Determination of requirements; this
requires a process and is explicit with regard to substantiating claims for products and services being offered
8.1 Operational planning and control
8.2 Requirements for products and services
8.2.1 Customer communication
8.2.2 Determination of requirements related to products and services8.2.3 Review of requirements related to products and services
8 Operation
8.2.4 Changes to requirements for products and services
Clause 8.3This section on design and development of products and services has substantively changed and simplified: Clause 8.3.2 Design and development has been restructured
to allow for a more process orientated approach
Involvement of customers and users as part of design planning to be considered
Clause 8.3.3 Design and development inputs – explicit
requirements for internal and external resource needs, potential consequences of failure, level of control expected by customers
Clause 8.3.4 Design and development controls – new clause
combining Reviews, Verification & Validation
8 Operation
8.3.6 Design and development changes
8.3 Design and development of products and services
8.3.1 General
8.3.2 Design and development planning
8.3.3 Design and development inputs
8.3.4 Design and development controls
8.3.5 Design and development outputs
Clause 8.4 The terms which previously referred to
purchasing and ‘outsourcing’ is now ‘Control of externally provided processes, products and services’
Clause 8.4.1 Conditions are applied when controls are
required for externally provided processes, products and service
Terminology has changed from ‘supplier’ to ‘external provider’
Clause 8.4.2 Type and extent of control of external provision
previous notes in 4.1 (ISO 9001:2008) now turned into requirements
Clause 8.4.3 Information for external providers are now more
detailed and explicit
8.4 Control of externally provided processes products and services
8.4.1 General
8.4.2 Type and extent of control
8.4.3 Information for external providers
8 Operation
Clause 8.5.1This clause specifically considers: monitoring and measurement activities
will ensure the control of processes and output (clauses 8.2.3 and 8.2.4 of ISO 9001:2008 have been moved to 8.5.1)
acceptance criteria for products and services are met
the use, and control of suitable infrastructure and process environment
suitable monitoring and measuring resources
Requires competent persons
8.5.3 Property belonging to customers or external providers
8.5 Production and service provision
8.5.1 Control of production and service provision
8.5.2 Identification and traceability
8.5.6 Control of changes
8.5.4 Preservation
8.5.5 Post-delivery activities
8 Operation
Clause 8.5.2 The identification and traceability now focus on
‘outputs’ rather than on ‘product’ (includes intermediate products and services) rather than on ‘product’
Clause 8.5.3 Customer property has been expanded to
include external providers’ propertyClause 8.5.4 Preservation of product has been changed to
preservation of the outputClause 8.5.5 Post-delivery activities is a new clause Clause 8.5.6 A new requirement for the control of changes is
addressed in the slide introducing the concept of change
8.5 Production and service provision
8.5.1 Control of production and service provision
8.5.2 Identification and traceability
8.5.6 Control of changes
8.5.5 Post-delivery activities
8.5.3 Property belonging to customers or external providers
8.5.4 Preservation
8 Operation
Clause 8.6 The release of products and services is
now part of the operational requirements
Clause 8.7 The control of nonconforming output is
more explicit; it now considers the options to apply correction and corrective action
Nonconforming product changed to nonconforming output
8.6 Release of products and services
8.7 Control of nonconforming outputs
8 Operation
Clause 9.1.1 In 8.1 ISO 9001:2008 (clause 8.1)
there was a requirement for planning. This is replaced with identifying what needs monitoring and measuring, and the methods to be used
Clause 9.1.3 There are specific requirements for
analysis and evaluation when using results as inputs to management review
Effective implementation of planning and actions to address risks and opportunities are new requirements in this clause
9 Performance
evaluation
9.2Internal audit
9.3 Management review
9.1.2Customer satisfaction
9.1.3 Analysis and evaluation
9.1.1 General
9.1 Monitoring,
measurement, analysis and evaluation
Clause 9.2 Internal audit program now has explicit considerations
for: quality objectives, customer feedback and changes impacting the organization; management responsibility for action is now implicit whereas previously this was explicit
An auditor is now required to be impartial versus in the previous version they could not audit their own work
Clause 9.3 There are now additional requirements for
management review. These include: changes in external and internal issues (such as
strategic direction) performance concerning external providers adequacy of resources for effective QMS and
effectiveness of actions taken addressing risks & opportunities
Clause 9.3.1 Management reviews should be aligned to the
strategic direction of the organizationClause 9.3.3 Management review outputs have been enhanced to
include many of the new areas of focus
9 Performance
Evaluation
9.1 Monitoring,
measurement, analysis and evaluation
9.2Internal audit
9.3 Management review
9.1.2Customer satisfaction
9.1.3 Analysis and evaluation
9.3.1 General
9.3.3 Management review
output
9.3 .2Management review
input
Clause 10.1 This clause is new, it addresses more comprehensive
opportunities for improvement; not only continual improvement
Addresses improvement of products and services and future needs and expectations
Emphasis is now on improving processes to prevent nonconformities and improving products and services
Clause 10.2 The nonconformity referred to in this clause concerns the
entire QMS and not specifically the products or services which are addressed under clause 8.7
Clause 10.2.1 New emphasis is placed on nonconformity and corrective
action Consequences are now included thus actions taken now
recognize the potential occurrence of a similar nonconformity elsewhere
Risks and opportunities now need to be updated when required following a nonconformity
Clause 10.2.2 Documented information is now required on the nature of
the nonconformity and subsequent actions takenClause 10.3 Opportunities shall be addressed as part of continual
improvement
10 Improvement
10.2 Nonconformity and corrective action
10.3 Continual improvement
10.1 General
Summary Determining the organizational context enables a more
effective implementation of the quality management system
Greater emphasis on processes being managed to achieve planned results
Alignment with strategic direction Integration of the QMS into organization’s business
processes Determining risks and opportunities increase the
effectiveness of the organization’s QMS Change management has been expanded to add
emphasis that the QMS should be carried out in a planned manner
The concept of organizational knowledge introduced to ensure the organization acquires and maintains the necessary knowledge
Communication expanded to include external