ISSUES IN IMPLEMENTING

ISO 9001 : 2015

Presented By:
Abd Razak Abu Bakar
Head/ Principal Consultant
Management Systems Standard Section (MSSS)

"Enhancing Your Most Valuable Asset Human Capital

ENABLING BUSINESSES. ENHANCING LIVES

Session Plan

Introduction
Common Implementation Issues
Action Plan
Timeline for upgrading

BACKGROUND

MAJOR
CHANGE

MINOR
CHANGE

ISO 9001:1987

ISO 9001:1994

Process Based

ISO 9001:2000

ISO 9001:2008

Risk Based

ISO 9001:2015

Inspection Based

ISO 9001:20??

Whats new?
Used of High Level
Structure
Understand the context
ISO 9001:2015

Strengthen
Process approach
Less emphasis on
documentation
Risk Based thinking

Leadership

ISO 9001:2015 Key Clauses

Clause 1
Clause 2
Clause 3
Clause 4
Clause 5
Clause 6
Clause 7
Clause 8
Clause 9
Clause 10

: Scope
: Normative References
: Terms and Definitions
: Context of the Organization
: Leadership
: Planning
: Support
: Operation
: Performance Evaluation
: Improvement

PDCA CYCLE
QMS (4)
ORGANIZATION
& ITS CONTEXT
(4)

SUPPORT
&
OPERATIO
N (7,8)

CUSTOMER
REQUIREMENTS

PLANNIN
G (6)

LEADERSH
IP (5)

ACT
NEEDS &
EXPECTATIONS
OF RELEVENT
INTERESTED
PARTIES (4)

CUSTOMER
SATISFACTION

DO

PLAN

PERFORMAN
CE
EVALUATION
(9)

CHECK
IMPROVEMENT
(10)

RESULTS
OF QMS

PRODUCT
S&
SERVICES

PROCESS APPROACH
Start
Sources of
Inputs
PREDECESSOR
PROCESSES
Eg at providers
(int or ext) at
customers, at
other relevant
interested
parties

Inputs

Activities

End
Outputs

MATTER,
ENERGY,
INFORMATION

MATTER,
ENERGY,
INFORMATION

E.g. in the form

of materials,
resources,
requirements

E.g. in the form

of product,
service,
decision

Possible
controls &
check points
to monitor &
measure
performance

Receivers
of Outputs
SUBSEQUENT
PROCESSES
Eg at
customers (int
or ext) at other
relevant
interested
parties

Top Issues in implementing ISO

9001:2015

Understanding the organization and its

context -4.1
Shall determine internal and external issues
that are relevant to its purpose and its
strategic direction .
Shall monitor and review information
relating to internal and external issues.

4.2 - Understanding the needs and

expectations of interested parties
To consistently provide products and services
that meet customer and statutory and
regulatory requirements, the organization shall
determine:

Shall determine the interested parties that are

relevant to the quality management system.
Shall determine the requirements of these interested
parties that are relevant to the QMS
Shall monitor and review the information about
these interested parties

What the challenges

Two new clauses (4.1 and 4.2) require
greater consideration of the context
surrounding the organization.
They require a context analysis, as well as
the stakeholder identification and the
understanding of their expectations.

Understanding the organization and its context

Organization
External Issues:
(International/ National/
Regional/ Local):
legal
technology
competitive
market
Cultural
social
economic environment

Intended
Outcomes
of the QMS
Internal Issues:
Values, culture
knowledge
people
processes, systems

organization purpose

Strategic direction

Monitor and review

12

12

Example of External Issues (PESTLE)

Example of External Issues (PESTLE)

NATIONAL
AGENDA

NATIONAL THRUST
MISSION

6 NKRAs

12 NKEAs
NEW MODEL
ECONOMY

AGENSI

KRA AND KPI

ISO 9001:2015

Strategic plan and Execution

External and
Internal Issues
(PESTLE)

Management
Review

SWOT
Risk
Management

Performance
Evaluation
Strategy

Quality Objective

Operation

16

Understanding the needs and

expectations of interested parties
Government
Manufacturers

Products

Regulatory
authority

Importers/Wholesalers
/Retailers

Experts

Prescribers

Patients/Consumers

17

Definition of interested parties

An interested party is a person or
organization that can affect, be affected by, or
perceive themselves to be affected by a
decision or activity thats within the scope of
the management system.

Understanding the needs and expectations

of interested parties

Communities
Suppliers
Regulators
NGOs
Investors

Needs and
expectations
(Requirements)

Customers

Employees
3.06 : Interested parties

Relevant
statutory &
regulatory
requirement

Monitor and
review

19

EXAMPLE OF LEGAL
REQUIREMENTS (MALAYSIA)

Electricity Supply Act 1990

Land Acquisition Act 1960
Medical Device Act 2012
National Land Code Act 1963
Pembangunan Sumber Manusia Berhad Act 2001
Factories and Machinery Act 1973
Poison Act 1952
Medicines (Advertisement and Sale Act 1956)
Dangerous Drugs Act 1952
Personal Data Protection Act 2010
Private Healthcare Facilities and Services Act 1998
20

INTEGRATE QUALITY SYSTEM WITH

REGULATION
Regulation

Improve

Plan
Continual
Improvement

Implement
Changes

Implement

Analyze

21

Management Review Inputs

Top management shall take into consideration:

The status of action from previous management review

Changes in external and internal issues that are relevant to quality

management system

Information on quality performance:

Customer Satisfaction and feedback from relevant interested

parties

The extent to which quality objectives have been met

Process performance and conformity of products and services

Nonconformities and corrective actions

Monitoring and measurement results

Audit results

Process performance of external providers

Adequacy of resources

The effectiveness of action taken to address risk

Opportunities for continual improvement

Leadership and Commitment

Demonstrate leadership and commitment through :
Accountable for QMS effectiveness
Ensure Quality policy & objectives
compatible with strategic direction
Ensure Integration QMS requirements
into core business process
Promote process approach and risk
based thinking

Ensure resources

Communicate

Ensure achieve intended outcomes

Direct and support other persons
Promote improvement
Support other relevant management
roles to demonstrate their leadership
23

LEADERSHIP AND COMMITMENT

STRATEGIC
DIRECTION

Q
M
S
&
K
P
I

RESOURCES

COMMUNICATION

SUPPORT

PROMOTE
24

I
N
T
E
N
D
E
D
O
U
T
C
O
M
E

domain of ownership
Accountability
Authority

Responsibility

Key vulnerabilities in Accountability

No one accountable
Delegate accountability
Lack of clarity
Excuses
Lack of systems thinking
Lack of understanding
Wrong perception on ISO 9001
Lack of resources

27

28

ENSURING LEADERS LED

29

6.1 Action to address risk and

opportunities
consider the issues

30

4.4 Quality Management System and its

Processes
The new standard further promote the process approach beyond the
existing requirements in ISO 9001:2008. The organization shall
determine the processes needed for the QMS and determine:
The inputs and outputs of the processes
The sequence and interaction of these processes
The criteria, methods, including measurements and related
performance indicator
The resources needed
The assignment of the responsibilities and authorities
The risks and opportunities
The method for monitoring, measuring and evaluation
Opportunities for improvement

31

IMPLEMENTING RISK MANAGEMENT

PRACTICE

32

Establishing the context

Risk assessment
Risk identification
Communication
and
consultation

Risk analysis

Risk evaluation

Risk treatment

Monitoring
and
review

Identify what your risks are it depends on

context

34

Establishing the context

Social Issues

Event

Economic Issues

translate
Technological Issues

Risk
Political Issues

Riskbased thinking, PDCA and the

process approach

PDCA operates as a cycle of continual improvement, with riskbased

thinking at each stage

36

Determine Processes and their interaction

PROCESS APPROACH

ACT
Incorporate
improvements
as necessary

INPUT

Plan the Process

(Extent of Planning
depends on RISK)

PROCESS
Do Carry Out the
process

OUTPUT

CHECK Monitor/ measure

process performance

38

Simple Risk Register

No

Activity

Risk
Category

Risk

Effects

Risk
Level

Action

Resp

Greater document flexibility

40

Challenge in flexibility

41

No more quality manual

42

7.5 Documented Information

43

7.5 Documented Information need to

be maintained

44

7.5 Documented Information need to

be retained

45

RECOMMENDATION BY IAF

Conduct a gap analysis

Develop an implementation plan and timetable
Provide appropriate training for all parties
Update existing QMS documentation
Involve your certification partner early in the
process

ISO 9001:2015 Timeline

Draft
Standard (DIS)
Published

2014

ISO 9001:2015
Published

2015

2016

Transition period to ISO

9001:2015

2017

2018

Final Draf
Standard (FDIS)
Published
September 2015 start of 3 years transition period
to September 2018
Certifications to ISO 9001:2008 will no longer be
valid after September 2018

Abd Razak Abu Bakar

arazak@sirim.my
017-9362125