ISO 9001:2015

What is new an overview

(Presented for ASQ India members)

Govind Ramu, P.Eng. ASQ Fellow

ASQ CMQOE, CQE, CSSBB, CQA, CSQE, CRE

Agenda

Key advantages
Key changes Executive Summary
Interested parties identification
Process approach
Leadership requirement
Documented information
Organizational knowledge
Risk Based Thinking
Transition Strategy
ISO 9001:2015 Certification - Transition Timeline
Q & A 15 Min

Key advantages of new revision

Better alignment with other management systems (IMS friendly)
Less emphasis on documentation* and more emphasis on process
Requirements of QMS integration into organizations business
process, tying business strategy with QMS
Emphasis on Risk based thinking, process approach and
improvement
Making the standard relevant to recent developments data
protection, knowledge retention challenges, etc.
Recognition of influence of People component in a QMS and
address competence, awareness and communication

QMS= Quality Management System, IMS= Integrated Management System

*Depends on size, type, activity, process, product, service, complexity, competence requirement

ISO 9001:2015 Key changes Executive summary

Requirements

ISO 9001:2008 (Previous

version)

ISO 9001:2015 (Effective Sep 2015)

Top Management requirements

Limited requirements directly

under top management. Quality
Management Representative
share additional management
requirements

Additional requirements moved under Top

management. Management representative
role eliminated

Context of the organization and

interested parties

No requirement

Understanding operating environment,

interested parties requirements, internal and
external issues relevant to organizations
strategic direction

Risks and Opportunities

No requirement

Actions to address risks* and opportunities for

improvement** from internal and external
issues. Integration and implementation of
actions into QMS (Risk based thinking)

Corrective and Preventive action

Corrective and Preventive action

were two sections of
requirements

Risk based thinking and Corrective action.

(Prevention first). Also a Leadership
responsibility to promote

Organizational Learning

No requirement

Organization knowledge determine,

maintain, address changing needs and trends,
continue to capture new knowledge

Process Approach

Implied expectation on process

approach to process definition
and management

Explicit requirements on process approach.

as a leadership responsibility to promote

Services

Implied expectation that QMS

requirements are applicable to
products (and services)

Explicit requirements that QMS requirements

are applicable to products and services.

*Risk can include positive and negative factors for consideration (new interpretation) **Improvement can include innovation and re-organization

Interested parties identification

Your

Organization

Ref: ISO 9000:2015 3.2.3 Interested party

Customer
Employees
External providers
Owners
Shareholders
Bankers
Regulators
Union
Partners
Society
Competition
Opposing groups

Mapping interested party requirements to business process

Interested Party

Requirements

Which business process will

cover?
Note: If there is no existing
process addressing a given
requirement point this as a
GAP and recommend a process
to be developed. If a process
exists, name that process in this
cell.

What is the process approach?

The systematic management of processes and their
interactions to achieve intended results
All organizations use processes to:
set interrelated or interacting activities
transform inputs into outputs
build in checks to meet objectives and promote
continuous improvement
The process approach integrates processes into a complete
system to achieve strategic and operational objectives

Courtesy: Slide from ISO TC 176/SC2/ N1290

Single Process Schematics (simplified version)

To use the process approach an organization should:

understand and define the processes needed to meet its objectives
recognize that the processes are unique to its own context
integrate all of the processes and their interactions into a system that
utilizes risk-based thinking
Source: ISO 9001:2015 Figure 1 (Page viii), ISO TC 176/SC2/ N1290

Leadership requirement
Taking accountability for the effectiveness of the quality management
system
Compatible with the context and strategic direction of the organization
Ensuring the integration of the quality management system
requirements into the organizations business processes
Promoting the use of the process approach and risk-based thinking
Communicating the importance of effective quality management and
of conforming to the quality management system requirements
Ensuring that the quality management system achieves its intended
results
Engaging, directing and supporting persons to contribute to the
effectiveness of the quality management system;
Promoting improvement

Documented information
The organization shall maintain documented information to the extent
necessary to support the operation of processes (4.4)
Scope
Quality Policy
information determined by the organization as being necessary for the
effectiveness of the quality management system
information of external origin determined by the organization
Where requirements for products and services are changed, relevant
documented information is amended

Note: There is no requirement for the structure of an organizations QMS

documentation to mirror that of this international standard.
ISO 9001:2015 Annex, A new look- QP Sep 2014,

Documented information
No requirement for a quality manual (7.5). There is no
longer a requirement for mandated procedures.
When creating and updating documented information the
organization shall ensure appropriate: b) format (e.g.
language, software version, graphics) and media (e.g.
paper, electronic); (7.5.2)
it is adequately protected (e.g. from loss of confidentiality,
improper use, or loss of integrity). (7.5.3)
Summary: appropriate, protected.
Dominance of electronic information in the last several
years.

Organizational knowledge
The organization shall determine the knowledge necessary
for the operation of its processes and to achieve conformity
of products and services.
This knowledge shall be maintained, and made available
to the extent necessary.
When addressing changing needs and trends, the
organization shall consider its current knowledge and
determine how to acquire or access the necessary
additional knowledge.
Summary: knowledge assessment, maintenance,
dissemination, dynamic, acquisition, and accessibilityKnowledge management

Risk Based Thinking

Balance risks and opportunities
Analyse and prioritize your risks
what is acceptable?

what is unacceptable?
Plan actions to address the risks
how can I avoid, eliminate or mitigate risks?
Implement the plan; take action
Check the effectiveness of the action; does it
work?
Learn from experience; improve
Courtesy: Slide from ISO TC 176/SC2/ N1283

Risk Based Thinking

Organization and shall determine risks and opportunities
in accordance with the requirements
that can affect conformity of products and services and the ability to
enhance customer satisfaction
give assurance that the quality management system can achieve its
intended result
prevent, or reduce, undesired effects
achieve continual improvement
integrate and implement the actions into its quality management
system processes
evaluate the effectiveness of these actions
post-delivery - associated with the products and services
Effectiveness of actions management review

Transition Strategy
Planning

Communication

Purchase a copy of ISO

9001:2015 Standard.
Register the external
document in the
system.

Present key changes of

the current standard to
your management team

Read and understand

transition guidance
documents, from ISO
TC 176/SC2 website,
ASQ ISO 9001
knowledge center site,
and your registrar
organization
Compare the changes
to the ISO 9001: 2008
and develop key list of
major changes.
Review impact
assessment with your,
internal quality auditors
and extended QMS
Team (Process owners)

Publish newsletter for

all employees general
awareness that the ISO
9001 standard revision
and implementation
plan
Let your registrar know
when your organization
is planning this
transition (year 1,2 or3)

Execution
Start making any
required changes to
your existing
documentation
Develop a high level
training.
Conduct training for
internal auditors and
process owners
Conduct gap analysis
based on the release
standard

If ISO 9001 is
contractually required
by your customers, let
them know of your
transition plan.

Present the gap to

management team at
management review or
a special scheduled
meeting.

Let your supplier quality

function enquire your
key suppliers transition
plan during the periodic
audits.

Obtain management
commitment for
addressing the gaps in
a timely manner

Also see: http://www.iaf.nu/upFiles/IAFID9Transition9001PublicationVersion.pdf

ISO 9001:2015 Certification - Transition Timeline

2015

2016

2017

2018

September 2015
Published International
Standard

September 2015 start of 3 years transition period

to September 2018
Certifications to ISO 9001:2008 will no longer be
valid after September 2018

Courtesy: Slide from ISO TC 176/ SC 2/ N1282

Q&A

References and bibliography

ISO 9000:2015 - Quality management systems -Fundamentals and vocabulary
ISO 9001:2015 - Quality management systems -Requirements
TC 176 SC2 home page
ASQ ISO 9001:2015 knowledge center
All Hands on Deck (Govind Ramu)
Quality in Outsourcing 2.0 (Govind Ramu)

Single Process (detailed version)

Sources of
Inputs
Interested
parties?

Inputs

Person

Machine
(Hardware &
Software)
(H/W & S/W)

Material

Method

Environment

Measurement

Skills
Knowledge
Training
Qualification/Re-qualification

Selection criteria
Capability
Qualification
H/W-S/W integration
Maintenance
Calibration
Safety
Initial Qualification
Incoming Quality Control
Preservation/Expiration
Material stability
Important Consumables,
Direct and Indirect Materials
Work Instruction
Non-Documented Instructions
Handling, Error proofing
Setting, Alignment, measurement
Process condition

Temperature
Humidity
Ergonomics
Clean room Particle count
Electro Static Discharge (ESD)
Hazardous substances
Measurement Equipment Selection
criteria
Measure System Analysis and
stability

Process

Process Steps,
Controls:
SPC, OCAP,
Process
Changes

Outputs

Customer

Interim and End

Products,
Characteristics
(Information),
Process Yields,
throughput, Cycle time,
process time (data,
analysis)

Measurement
sequence

Feedback from output

Ref: Process audit memory aide Govind Ramu