ISO 9001 2015 Bill Mizak PDF

INTRODUCTION
TO
ISO 9001:2015
1
Copyright 2015 DAC Audit Services All rights reserved
ISO 9001:2015 HAS BEEN APPROVED

The revised standard will be published
and available to purchase on
September 23, 2015.
2
TRANSITION
Organizations who are currently certified to
ISO 9001 :2008 have a three year transition
period from the date of publication for ISO
9001:2015.
3
RECOMMENDED ACTIONS
Identify organizational gaps
Develop an implementation plan
Provide training and awareness for all parties that have an

impact on the effectiveness of the organization
Update the existing QMS to meet the revised requirements, if
necessary
Conduct liaison activities with certification body to determine
their transition plans
4
CHANGES
1) Structure
9) Management Rep.
2) Terminology
10) Quality Management principles
3) Context of the organization
11) Exclusions
4) Documented information
12) Planning
5) Process Approach
13) Work environment
6) Quality Manual
14) Supplier
7) Preventive Action (dropped)
15) Purchased product
8) Risk based approach

5
CHANGES
Fewer prescribed requirements
Improved applicability for services
Requirement to define the boundaries of the QMS
Greater emphasis on achieving results to Improve customer satisfaction
6
REVIEW OF CHANGES
1. STRUCTURE CHANGES
ISO 9001:2015
ISO 9001:2008
0. Introduction
1. Scope
2. Normative references
3. Terms and definitions
4. Context of the organization
5. Leadership
6. Planning
7. Support
8. Operation
9. Performance evaluation
10. Improvement
0.
1.
2.
3.
4.
5.
6.
7.
8.
8
Introduction
Scope
Normative references
Terms and definitions
Quality management system
Management Responsibility
Resource Management
Product Realization
Measurement, analysis and improvement
2. TERMINOLOGY CHANGES:
ISO 9001:2015 (DIS)
Products and services
Documented information
Environment for the operation of processes
Externally provided products and services
External provider
---Not Used --
9
ISO 9001:2008
Products
Documentation and Records
Work environment
Purchased product
Supplier
Exclusions
NO MANDATORY PROCEDURES.
No mandatory procedures. Where the ISO9001:2008 required six
procedures, the recently released ISO9001:2015 does not suggest any
specific procedures to be developed.
10
3. CONTEXT OF THE ORGANIZATION

There are two new clauses relating to the context of the organization,
4.1 Understanding the organization and its context
4.2 Understanding the needs and expectations of interested parties.

Together these clauses require the organization to determine the issues and
requirements that can impact on the planning of the quality management system
This will require the organization to consider itself and its context, to determine
the scope of its quality management system.
11
4. DOCUMENTED INFORMATION
Replaces both procedures and records. Documented information is found
in the 4.3 and 4.4 sections of the standard while there is more clarification
in the Annex A.
Where ISO 9001:2008 would have referred to documented procedures, it is
now expressed as a requirement to maintain documented information.

Where ISO 9001:2008 would have referred to records this is now expressed
as a requirement to retain documented information.

12
PROCEDURES
The recently released ISO9001:2015 FDIS does not suggest any specific
procedures to be developed.
This has been left open for organizations to decide based on the context of the
organization. This gives more flexibility to the organization to decide.
13
5. PROCESS APPROACH
ISO 9001:2015 promotes the process approach beyond the existing
requirements of ISO 9001:2008. A whole sub-section within the
Introduction section is dedicated to explaining the Process Approach.
It also has its own clause 4.4. That requires businesses to
systematically define and manage not just their processes, but also the
interaction between them.
14
5. PROCESS APPROACH CONTINUED

The process approach is a way of obtaining a desired result, by
managing activities and related resources as a process. Although
the clause structure of ISO 9001:2015 follows the Plan-Do-CheckAct sequence, the process approach is still the underlying
concept for the QMS.

Further guidance, please refer to the Support Package module: Guidance on
the Concept and Use of the Process Approach for management systems.
15
6. QUALITY MANUAL,
No specified requirement for a "Quality Manual".
Organizations are still required to maintain documented information

necessary for the effectiveness of the quality management system (QMS).
But there are many ways to do this and a quality manual is just one. If it is
convenient and appropriate for an organization to continue to describe its
quality management system in a quality manual then that is perfectly
acceptable.
This reflects the fact that many of todays businesses manage their
documentation (policies, procedures, instructions, forms, records etc.)
electronically e.g. shared drives, public folders, intranet etc.
16
7.
PREVENTIVE ACTION HAS BEEN DROPPED.
The explanation for removing Preventative Action is the QMS itself

is supposed to act as a preventive tool.
The Annex A of the Standard states that "one of the key purposes
of the QMS is to act as a preventive tool".
As a result the formal preventive active requirement no longer
exists in the current draft. This has been replaced with risk based
approach
17
9. MANAGEMENT REPRESENTATIVE
No requirement for a person to be specifically assigned. Instead, there will
be an increased demand on top management to demonstrate organizational
leadership.
Replaced by new section/ requirement
5 Leadership - 5.1 Leadership and commitment
Top management shall demonstrate leadership and commitment
with respect to the quality management system
18
9. MANAGEMENT REPRESENTATIVE
There is no requirement for a person to be specifically assigned. Instead,
there is an increased demand on top management to demonstrate
organizational leadership
Although the prescriptive title of a management representative has been
deleted, it is up to top management to ensure that the roles and
responsibilities are assigned for reporting on the performance of the QMS.
Some organizations might just maintain their current structure, with a single
person carrying out this role. Others might take advantage of the flexibility to
consider other structures depending on their organizations structure.
19
8. RISK BASED APPROACH

More emphasis is on risk based thinking when setting up the quality
management system (QMS). It will be a requirement to identify and
understand risks and opportunities from external as well as internal
factors and take these into account when setting up the management
system.
Although it is required by the organization to determine and address
risks, there is no requirement for implementing a formal risk
management process.
20
10. QUALITY MANAGEMENT PRINCIPLES

There are now seven quality management principles on which the ISO portfolio of
standards are based:
a) Customer focus
b) Leadership
c) Engagement of People
d) Process approach
e) Improvement
f) Evidence-based decision making
g) Relationship management (suppliers)

The Annex B provides a statement describing each principle and a rationale explaining why an 1703
21
organization should address the principle.

11. EXCLUSIONS
There will no longer be a requirement to specify and justify Exclusions.
Annex A of the standard clarifies that the organization can-not decide a

requirement to be not applicable if it falls under the scope of its QMS.
Also non-applicability is not allowed if that could lead to failure to
achieve the conformity or to enhance customer satisfaction
However, it is recognized that an organization might need to review the
applicability of requirements due to the size of the organization, the
management model it adopts, the range of the organizations activities, and
the nature of the risks and opportunities it counters.
22
EXCLUSIONS ALLOWED?
ISO 9001:2015 no longer refers to exclusions in relation to the applicability of
its requirements to the organizations quality management system. However, an
organization can determine the applicability of requirements.
All requirements in the new standard are intended to apply. The organization can
only decide that a requirement is not applicable if its decision will not affect its
ability or responsibility to ensure the conformity of products and services and
the enhancement of customer satisfaction.

23
12. PLANNING:
Now has its own section (6) and requires risks and opportunities
to be taken into account when planning the QMS.

Other requirements for planning i.e. planning to achieve quality
objectives and changing the QMS in a planned manner have been

carried forward from ISO 9001:2008.
24
WHAT CHANGED IN TERMS OF PLANNING?

ISO 9001:2015 requires the organization to address risks and opportunities, quality
objectives and planning of changes throughout the organization. When new

products, technologies, markets and business opportunities develop, we expect
organizations will want to take full advantage of the opportunities.
This must be done in a controlled manner, and be balanced against the potential
risks involved, which could lead to undesirable side-effects.
25
13. WORK ENVIRONMENT

The term "work environment" used in ISO 9001:2008 has been replaced
with "Environment for the operation of processes
14. SUPPLIER
The term "supplier" has been replaced with "External provider".
Organizations do not need to change this term in their QMS as well.
Organizations can still maintain the term "supplier", "vendor",
"contractor", "consultant" etc. as per their own need.
26
15. PURCHASED PRODUCT

The term "purchased product" has been replaced with "externally provided
products and services".
This now refers to the "external provider" as opposed to the "supplier" to help
clarify that activities (products and services) which are outsourced e.g.
subcontract treatments, services and hire are included and must be controlled as
appropriate.
Previously the emphasis was on controlling purchased product

27
RISK - BASED THINKING

Risk-based thinking is something we all do automatically and often subconsciously to get the best result
The concept of risk has always been implicit in ISO 9001 this revision makes it
more explicit and builds it into the whole management system
Risk-based thinking ensures risk is considered from the beginning of a process
and throughout the process
Risk-based thinking makes preventive action part of strategic planning
Risk is often thought of only in the negative sense. Risk-based thinking can also
help to identify opportunities. This can be considered to be the positive side of
risk
28
RISK IN THE ISO9001:2015 CLAUSES

In the Introduction the concept of risk-based thinking is explained.
In Clause 4 (Context of the Organization) the organization is required to
determine the risks which can affect its ability to meet business/quality
objectives.
In Clause 5 (Leadership)- top management is required to commit to ensuring

Clause 4 is followed.
In Clause 6 (Planning for the quality management system) - the organization is
required to take action to identify risks and opportunities
29
RISK IN THE ISO9001:2015 CLAUSE (CONTD)

5) Clause 8 (Operation) - the organization is required to implement
processes to address risk
6) Clause 9 (Performance evaluation) - the organization is required to
monitor, measure, analyze and evaluate the risks and opportunities
7) In Clause 10 (Improvement) - the organization is required to improve by
responding to changes in risk
30
WHY RISK-BASED THINKING?

Successful companies intuitively take a risk-based approach because it
brings benefits
To improve customer confidence and satisfaction

To assure consistency of the quality of products and services
To establish a proactive culture of prevention and improvement.
31
WHAT SHOULD MY COMPANY DO TO PREPARE?

Use a risk driven approach in all organizational processes:
- Identify what the risks and opportunities are in your organization.
- Have a Readiness audit performed by an accredited and certified senior lead
auditor.
Notes:
- ISO9001:2015 does not require a formal risk assessment or a specific single
document.
- The information must be kept available and could be electronic, audio, video,
written or any other type of media.
32
- ISO31000 (Risk management Principles and Guidelines) may be useful for

companies that want a more formal process but it is not mandatory.
SUMMARY
In a nutshell, Risk based thinking is to:
Analyse and prioritize the risks and opportunities in your organization

what is acceptable?
what is unacceptable?
which opportunities should be acted on?
Plan actions to address the risks and opportunities
how can I avoid, eliminate or mitigate the risk?
how can I realize opportunities?
Implement the plan take action
Check the effectiveness of the actions does it work?
Learn from experience continual improvement
33
REMEMBER!
Risk Based thinking is not New!
It is:
something you do already

is continuous
ensures greater knowledge and preparedness
increases the probability of reaching objectives
reduces the probability of poor results
makes prevention a habit
34
Thank you for joining us.
35

ISO 9001 2015 Bill Mizak PDF

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

ISO 9001 2015 Bill Mizak PDF

Uploaded by

Copyright:

Available Formats

INTRODUCTION

ISO 9001:2015 HAS BEEN APPROVED

Provide training and awareness for all parties that have an

10) Quality Management principles

3) Context of the organization

13) Work environment

7) Preventive Action (dropped)

15) Purchased product

8) Risk based approach

Greater emphasis on achieving results to Improve customer satisfaction

Copyright 2015 DAC Audit Services All rights reserved

3. CONTEXT OF THE ORGANIZATION

4.2 Understanding the needs and expectations of interested parties.

now expressed as a requirement to maintain documented information.

as a requirement to retain documented information.

interaction between them.

5. PROCESS APPROACH CONTINUED

concept for the QMS.

Organizations are still required to maintain documented information

PREVENTIVE ACTION HAS BEEN DROPPED.

The explanation for removing Preventative Action is the QMS itself

8. RISK BASED APPROACH

10. QUALITY MANAGEMENT PRINCIPLES

g) Relationship management (suppliers)

organization should address the principle.

Annex A of the standard clarifies that the organization can-not decide a

the enhancement of customer satisfaction.

to be taken into account when planning the QMS.

objectives and changing the QMS in a planned manner have been

WHAT CHANGED IN TERMS OF PLANNING?

objectives and planning of changes throughout the organization. When new

13. WORK ENVIRONMENT

15. PURCHASED PRODUCT

Previously the emphasis was on controlling purchased product

RISK - BASED THINKING

RISK IN THE ISO9001:2015 CLAUSES

In Clause 5 (Leadership)- top management is required to commit to ensuring

RISK IN THE ISO9001:2015 CLAUSE (CONTD)

WHY RISK-BASED THINKING?

To improve customer confidence and satisfaction

WHAT SHOULD MY COMPANY DO TO PREPARE?

- ISO31000 (Risk management Principles and Guidelines) may be useful for

Analyse and prioritize the risks and opportunities in your organization

something you do already

Thank you for joining us.

You might also like