Professional Documents
Culture Documents
Introduction of participants
The 5 Ws
Who are you ?
What is your preferred name in class?
keep
Punctuality
Data forms
Participation
Certificates
Phones
No smoking
Documentation
3
Agenda:
Course Objectives
ISO 9001 is a standard that sets out the
requirements for a quality management system.
It helps businesses and organizations to be more
efficient and improve customer satisfaction.
A new version of the standard, ISO 9001:2015,
has just been launched, replacing the previous
version (ISO 9001:2008).
Name Tag
What is ISO?
WI, SOPS
How
Record
(Evidence)
ISO Introduction
Revision Timeline
The working draft, ISO/DIS 9001:2015 was distributed for
review and comment on May 8, 2014. The Committee Draft
(CD) published in the run-up to this draft received around
3,000 comments and was approved by 80% of the countries
in a preliminary vote. The international community has been
invited to submit their comments on this interim working
draft by July 2014.
Publication of the official draft international standard (DIS) is
expected in September 2014. After the commenting period,
the final draft international standard (FDIS) will then be
passed before its presentation, scheduled for November
2014. Publication of the final version of ISO 9001:2015 is
expected in September 2015.
New Structure
It is certain that a high-level structure will replace
the existing structure. This structure is in
accordance with the requirement of the ISO
Directive, Annex SL 2013.
All management system standards developed in the
future will use a consistent structure and outline
such as identical core texts, common terms and core
definitions. This is to ensure that all sections of
management system standards share the same
section headings and core texts. The ISO 14001 and
BS OHSAS 18001 standards will also be revised in
accordance with the same structure.
These two clauses require the organization to determine the issues and
requirements that can impact the planning of the quality management
system (QMS) and can be used as input for the development of the QMS.
The stakeholder approach, considered one of the most modern corporate
governance principles, is new. This approach is based on the assumption
that long-term business success can only be ensured by considering the
requirements of company stakeholders. The approach has been described
for many years in ISO 9004:2009, Section 4.4 Interested parties, needs
and expectations, and has been introduced in the draft standard. In
comparison to Customer Relationship Management (CRM), which only
addresses the relationship between an organization and its customers, the
principle of Stakeholder Relationship Management (SRM) goes
significantly further. It tries to balance the relationship of the organization
with all, or with the most important, stakeholders/interested parties.
These could include direct consumers, suppliers and retailers and other
parties along the supply chain, authorities and other relevant interested
parties. As a new feature in this draft, the term interested parties now
also includes owners, people in an organization, bankers and even
competitors.
Process Approach
The ISO 9001:2008 standard promoted the
adoption of a process approach when developing,
implementing and improving QMS effectiveness.
The draft standard does so even more explicitly in
Section 4.4 Quality management system and its
processes. This sub-chapter lists the essential
requirements of a process-focused management
approach. Inputs and outputs of each process must
be defined. In the future, the standard will require
the measurement of performance indicators and the
assignment of responsibilities.
24
How do I do it?
To use the process approach an organization
should:
understand and define the processes
needed to meet its objectives
recognize that the processes are unique to
its own context
integrate all of the processes and their
interactions into a system that utilizes
risk-based thinking
.
26
27
28
Documented Information
The term documented information replaces
the previous terms documents and records.
The intention was to give users more flexibility.
This also applies to the description of processes.
The organization determines the extent of
documented information on processes,
depending on factors such as process complexity
or employee competence. Documented
procedures previously required by the standard
are no longer necessary.
Management Responsibilities
The draft standards increase management
responsibilities. In the future, responsibilities
previously held by the Quality Management
Representative will rest with top management
and a more precise assignment of roles and
responsibilities will be required.
Management Review
The scope of the management review is extended
by the addition of the aspects strategic direction
of the organization, consideration of the
relevant interested parties and assessment of
risks and opportunities at a strategic level.
33
Dr.Mohammed Ghorab
Q: What is Risk:
What is Risk ?
to the
metaphor that a frog put in boiling water
will jump out, while one in cold water
won't notice the danger if the
temperature heats up slowly.
What is Risk ?
Risk is
The level of exposure to uncertainties that the
enterprise/organization must understand and
effectively manage as it executes its strategies to
achieve its business objectives and create value.
Source: Alain LeBlanc, CD, B.Eng., M. Sc, M. Eng. 2011, Canadian Society of Value Analysis
Business objectives
Value
Lost value
Gained value-added value
Created value
External
Legislation
Market Forces
Exchange Rate Fluctuations
Risk is not only something bad will happen but also something
good will not happen (opportunities Vs. Problems)
4. Implement Countermeasures
5. Monitor and Review
Source: Andy Osborne, Risk Management Made Easy
1. Identify Risks
Categorize and differentiate between different
types of risks
Strategic Risks:
Business Planning
Business Growth
New Markets/ Products/Services
Mergers/Alliances
1. Identify Risks
Operational Risks:
Production
Distribution
Service delivery
Pollution/Environmental Issues
Financial Risks:
Cash Flow
Sales
Contracts
1. Identify Risks
Regulatory/Compliance Risks:
Breach of Regulation
Failure to meet Legal Requirements
Loss of Operating License
1. Identify Risks
Technology Risks:
IT Failure
Data Loss
Equipment Failure
Project Risks:
Failure to meet time scales
Increased Costs
Failure to meet business requirements
1. Identify Risks
List all the risks the business may face
Assess the loss from each risk
Focus on the most critical type of risk
2. Quantify Risks
Here we want to assess:
How likely a certain risk will happen ?
Probability/ Likelihood to happen
2. Quantify Risks
Impacts
Ratings
2. Quantify Risks
Likelihood
Ratings
2. Quantify Risks
2. Quantify Risks
2. Quantify Risks
A Risk Matrix: a tool used to rate the
significance of the identified risks based on the
impacts and likelihood ratings.
Different forms of the risk matrix can be used,
however, the simplest one is
3 X 3 Grid
2. Quantify Risks
Example:
4 X 4 Matrix
2. Quantify Risks
Risk Assessment Summary
2. Quantify Risks
The risk rating which is a
combination of likelihood
and impact is a rating of
the significance of each
identified risk.
The nearer is the risk to
the top-right right corner
of the matrix,
the more significant is
the risk.
Impact
3. Identify Countermeasures
After the assessment of the identified risk and
prioritizing the risks.
3. Identify Countermeasures
Risk responses based on significance
3. Identify Countermeasures
How to response to risks ?
3. Identify Countermeasures
Risk Acceptance: When ?
Likelihood = Low & Impact = Low
Costs of addressing risk > Potential loss
3. Identify Countermeasures
Risk Management: When ?
Likelihood = High & Impact = Low
Approaches through training, education and
monitoring, improving processes
3. Identify Countermeasures
Contingency Planning: When ?
Likelihood = Low & Impact = High
E.g. Large financial losses, reputation damage
3. Identify Countermeasures
Contingency Plans could be:
- Crisis
Management
- Communication with customers and
stakeholders
- Alternative ways of supply and
distribution
- Relocation and recovery of critical
business functions
3. Identify Countermeasures
Insurance
Outsourcing
Risk
Transfer
74
75
How do I do it?
Identify what your risks are it depends on
context
Use risk-based thinking to prioritize the way you
manage your processes
How do I do it?
Balance risks and opportunities
Conclusions
Risk-based thinking:
is not new
is something you probably do already
is ongoing
ensures greater knowledge of risks and improves
preparedness
increases the probability of reaching objectives
reduces the probability of negative results
makes prevention a habit
80
History
ISO 9001:2015 version follows the new highlevel structure and comprises ten sections:
ISO 9001:2008
ISO 9001:2015
0. Introduction
0. Introduction
1. Scope
1. Scope
2. Normative reference
2. Normative reference
5. Management responsibility
5. Leadership
6. Planning
6. Resource management
7. Support
7. Product realisation
8. Operation
9. Performance evaluation
10. Improvement
ISO 9001:2015
Products
Documented information
Work environment
Purchased product
Supplier
External provider
Assignment 1:
What does it require to eat an excellent
sandwich?
Sandwich process:
Detailed ISO:
HLS
ISO 9001:2008
Clause 4.1 (Quality management system General
requirements) of ISO 9001:2008 requires:
The organization shall establish, document,
implement and maintain a quality management
system .
In addition clause 4.2.1 (Documentation
requirements General) of ISO 9001:2008 requires
organizations to have a Quality Manual as a part of
documentation.
Clause 4.2.2 (Quality manual) provides the details
on what should be included in the Quality Manual.
Determined opportunity
Internal audit results
Management review results
Identified nonconformity
Many others
Other considerations:
Prior to making a change, the organization
should consider unintended consequences
After making a change the organization should
monitor the change to determine its
effectiveness and to identify any additional
problems that might be created
Records of some changes may be needed as part
of the Quality Management System
Pyramid of Quality
CLAUSE
#
TITLE
CONTENT
Scope
Normative
references
Terms and
definations
Leadership
Planning
10
Support
Operation
Performance
Evaluation
Improvement
Tip 1
Familiarize yourself with the new document.
While some things have indeed changed, many
remain the same. A correlation matrix, available
from ISO/TC 176/SC 2, will help you identify if
parts
of the standard have been moved to other
sections.
Tip 2
Identify any organizational gaps which need to
be addressed to meet the new requirements.
1. Baseline measurement
Perform a baseline measurement in your
organization. Make a complete overview of the
current status of your quality management
system and your organization's conduct of
business.
2. Plan of approach
Draw up a plan based on the baseline
measurement. Thanks to this plan, you can take
the time to make changes and to implement
improvements step by step.
3. Implementation
Implement the changes in accordance with the
plan of approach. Incorporate measurement
points and milestones.
4. Auditing and process analysis
Measure whether the changes have had the
desired effect. Measure the input and output of
the processes you consider to be important
because they are critical or risky, for example.
5. Certification
Have your organization certified according to
ISO 9001:2015.
6. Communication with interested parties
Show your interested parties not just the
certificate, but also show them the results with
pride. Let them see how well your organization
manages its processes and continuously
improves them.
Exam:
Retain and Maintain documented information
Differentiate and specify the clause Nr.
Checklist formation for one clause or a part- how
could you ask, please enumerate all available Q.
Risk Based Thinking is which Clause, please
identify according to the ISO Standard
What are the main differences between ISO
9001:2008 and ISO 9001:2015