ISO 9001:2015 Revision
The revision to ISO9001 is now live, and IMSM are ready to assist organisations with their transition to ISO 9001:2015. The revised standard will ask organizations to pay particular attention to:
Contact IMSM Today
- Increased emphasis on top management engagement with ISO9001 (Clause 5)
- Managing change (Clause 6)
- Performance and evaluation (Clause 9)
- Management review (Clause 9)
- Risk-based approach (Clause 6)
Certified organizations recognise that the standard helps them to become a more consistent competitor in the marketplace. By ensuring that they develop a strong focus on quality management, ISO 9001 certified organizations are able to more effectively attract and subsequently meet the needs of high value customers.
To support the revision requirements and maintain your ISO 9001 standard certification, IMSM is pleased to introduce a range of additional support options, created to assist with your gradual transition from ISO 9001:2008 to the revised and improved ISO 9001:2015 standard.
IMSM provide clients with the necessary information and route to the new standard, at a pace dictated by the organization. Our services range from support packages to facilitate a self-managed transition to a full consultancy transition. We offer a step-by-step guide and continuous evaluation for optimally managed support across various levels of consultancy provision.
ISO 9001:2015 focuses greater emphasis on the roles of top management and their deployment as a key to success. Recognizing the emphasis on leadership at the core of its thinking is a key change in the new standard, with a greater emphasis on the objectives, measurement and change.
The 9001:2015 standard comprises of ten clauses instead of the previous eight used in the ISO 9001:2008.
More emphasis placed on Leadership will naturally drive top management to get involved in an organization’s quality management system. This helps to align and motivate company workforces towards the stated goals and strategic objectives.
Greater involvement in the management system by leadership teams helps to promote and motivate team buy-in to successfully achieve goals and business objectives, bringing quality and continuous improvement into the heart of your business.
ISO 9001: 2015 introduces “risk – based approach” focusing organizational resources on areas which are most likely to cause concern. A risk based compliance program will assist in identifying, managing, monitoring and reducing the compliance risks key to companies, making board and regulatory reporting easier to conduct and maintain with less work.
The introduction of risk and opportunity management reinforces the use of the management system as a tool helping to control and identify business opportunities that can contribute to bottom line improvements.
Self-governance and organizational behaviour have a direct influence on performance and the capacity to create value for customers and employees. Effective performance measurement and self-governance can result in higher levels of innovation, employee loyalty and customer satisfaction, as well as superior financial performance.
IMSM Help & Transition Service
Considering ISO 9001:2015 or already certified to ISO 9001:2008?
Now is the right time to discuss within your organization the implementation of the new standard. With significant business benefits, IMSM have created a choice of options to reflect your organizational business requirements to assist with the gradual transition from ISO 9001:2008 to the revised and improved ISO 9001:2015 standard.
Each option offers a step by step guide and continuous evaluation for optimum managed support across various levels of consultancy provision. Providing clients with the necessary information and route to the new standard, at a pace dictated by the organization with the appropriate support package necessary to complete a self-manage or full consultancy transition.
Our revision support options are convenient, portable and have been created to remove unnecessary upheaval and disruption to your working day to day business activities and of those that may impact on you achieving ISO 9001:2015.
Context of Organization
This clause is looking to require companies to identify, monitor and review issues that are relevant to the organization in terms of its performance that could have an impact on its quality management system.
Most successful businesses will already be monitoring such issues; however they are now required to provide evidence of this for assessment purposes.
4.2 Understanding the needs and expectations of interested parties
Organizations are being asked to identify ‘relevant requirements’ or ‘relevant interested parties’ and, once identified, monitor and review such information.
Interested parties could be groups or individuals, (such as suppliers, employees, shareholders, neighbours, etc.) who could impact on the organization’s ability to provide the product and/or service that meet their customer’s requirements, as well as those of any legal and regulatory nature.
As with the Clause above most successful businesses will already be monitoring their interested parties, but they are now required to provide evidence of this for assessment purposes.
4.3 Determining the scope of the quality management system
The scope of the quality management system (QMS) sets its boundaries, identifying what requirements of the QMS are applicable to and what are not. It should be done with consideration of the organization’s context (what your company does, what it wants to achieve, who you supply to, etc.) as well as the products and/or services it supplies; the scope shall be documented.
4.4 Quality management system and its processes
This clause requires organizations to establish processes that, once established, are maintained and continually improved. Organizations are also asked to set performance indicators that enable the effective operation and control of the processes established by the organization.
Leadership and commitment
5.1.1 Leadership and commitment to the quality management system
This clause will require management to demonstrate their leadership and commitment to the quality management system by taking responsibility for the effective running of the organization’s quality management system. They can do this by ensuring that the organization’s quality policy, quality objectives and commitment is consistent with the organization’s overall business plan.
Top management shall also ensure that the requirements of the quality management system are aligned with the organization’s business practices and they should promote awareness of the system throughout their organization.
5.1.2 Customer focus
Top management are required to take the lead in demonstrating customer commitment within the organization by ensuring that all applicable statutory, regulatory and customer requirements are identified and achieved while, at the same time, ensuring that the organization continues to provide the products and services expected by their customer.
5.2 Quality Policy
Top management are required to establish a quality policy that is in line with the purpose and context of the organization (see clause 4.1) while, at the same time, providing a framework for the organization’s quality objectives and the basis on which the improvements in the quality management system can be achieved.
The policy shall be available as documented information and communicated and understood throughout the organization and by relevant interested parties.
5.3 Organizational roles, responsibilities and authorities
Top management need to ensure that individuals are given the responsibility and authority to enable them to carry out their duties in line with the requirements of the quality management system.
6.1 Actions to address risks and opportunities
Organizations are required to think about the internal and external issues they face and the relevant requirements of their interested parties and how this may impact on their quality management system. The organization must then determine the risks and opportunities that need to be addressed. This is in order to provide confidence that the quality management system can achieve its intended outcomes and to achieve continual improvement.
Once the organization has identified the risks and opportunities it faces, it must then determine how it wishes to address these; however the organization may take an informed decision to keep the risk, in effect taking no action beyond identifying and evaluating the risk or opportunity.
6.2 Quality objectives and planning to achieve them
This Clause requires an organization to set quality objectives for relevant areas within its quality management system. It is for the organization to decide which areas are relevant. The quality objectives must be consistent with the organization’s quality policy and be relevant to products and services it provides, and the enhancement of customer satisfaction. Quality objectives must be measurable, take into account applicable customer, statutory and regulatory requirements and be monitored in order to determine whether they are being met. They must also be communicated across the organization and be updated as and when the need arises.
The organization must undertake planning in order to determine how its quality objectives will be achieved.
6.3 Planning of changes
When the organization decides that there is a need to change the quality management system, they are to be carried out in a controlled manner. Changes need to be planned and then acted upon. The organization needs to be clear as to what it is attempting to achieve.
Requires an organization initially to determine and then subsequently provide the resources necessary to establish, implement, maintain and continually improve its quality management system.
This requires an organization to provide those people necessary for the effective operation of its quality management system and its processes in order that it can consistently meet customer, statutory and regulatory requirements.
Requires an organization to identify, provide and maintain the infrastructure necessary to enable processes to operate effectively.
7.1.4 Environment for the operation of processes
Requires an organization to “determine, provide and maintain” a suitable environment for the business to operate.
7.1.5 Monitoring and measuring resources
Where an organization uses monitoring or measuring to demonstrate that its products and services conform to requirements, it must make sure that it provides the necessary resources to ensure that its monitoring and measuring results are valid.
7.1.6 Organizational knowledge
This requires an organization to ensure that it has or obtains the knowledge necessary to respond to changing business environments, changing customer needs and expectations and, where applicable, related improvement initiatives.
The organization must determine the competency levels necessary for those people performing work under its control. Once these competency levels have been determined, the organization must then ensure that those people possess the necessary competencies, either on the basis of their education, training or experience.
The requirements apply to all “persons doing work under the organization’s control” – this can include contractors. People doing work under the organization’s control are to be aware of the organization’s quality policy, any quality objectives that are relevant to them, how they are contributing to the effectiveness of the QMS and the implications for not conforming to the QMS requirements
An Organization must determine how it wishes to communicate on QMS matters, to whom it will communicate and when such communications will be made.
7.5 Documented information
An Organization’s quality management system should include documented information required by the standard and that identified by the organization as being necessary for the effective operation of their quality management system.
7.5.2 Creation and updating
When documented information is created or updated, the organization must ensure that it is appropriately identified and described and reviewed and approved for suitability and adequacy.
7.5.3 Control of documented information
An Organization is required to control documented information in order to ensure that it is available where needed and that it is suitable for use.
The organization must determine how it will distribute, access, retrieve and use documented information.
8.1 Operational Planning & Control
Requires an organization to plan, implement and control processes identified in clause 4.4 in order to meet requirements for the delivery of their products and services and to put into place the actions determined as a result of risk assessment.
8.2 Determination of requirements for products & services
Requires an organization to put processes in place to enable communication with clients on matters relating to their products and services. To put in place processes to ensure product or service requirements are known and that any statutory and regulatory requirements including customer requirements are also known. To review the requirements related to their products and services and those specified by their customer, including any statutory and regulatory requirements.
8.3 Design and development of products and services
Requires an organization who designs and develops their own products and services to implement a design and development process, plan and control the design and development of products or services, determine specific inputs into its design and development process, apply controls to design and development process, ensure that outputs from design and development process meet input requirements and that changes to the design and development input or output must be controlled
8.4 Control of externally provided products and services
Requires an organization to ensure that externally provided products and services meet specified requirements; they shall decide the type and extent of controls it wishes to apply and the information it needs to give to external providers.
8.5 Production and service provision
Requires an organization to control the way they supply their products and services, to be able to identify and trace their product and service, if necessary, to take care of property belonging to customers or external providers and to preserve its product. It also requires an organization decide on the extent of post-delivery activities and to control of changes made to the provision of their product or service.
8.6 Release of products and services
Requires an organization carry out checks to ensure its products and services are correct and meet all necessary requirements before release to their customers.
8.7 Control of nonconforming process outputs, products and services
Requires an organization to ensure that any issues or problems with their products and services are identified and controlled so that they are not used or delivery to customers. Actions will be taken to correct any problems this includes where the product or service has been delivered.
9.1 Monitoring, measurement, analysis and evaluation
Requires an organization to decide what needs to be monitored and measured to ensure they fully understand the performance of their management system. The organization shall monitor their customer’s satisfaction in relation to their opinion of their products and services and they shall analyse and evaluate data and information relevant to their business and management system operation.
9.2 Internal audit
Requires an organization to carry out internal audits of their management system at regular intervals and to create a structure to plan, establish, implement and maintain an audit programme that will detail the objectives of the audit programme including the scope, who will be carrying out the audit and when they will take place. Results of these audits will be made available to senior managers to review at their management review meeting.
9.3 Management review
Requires an organization’s top management to review the organization’s management system at regular intervals using information gathered during the review period.
Requires an organization to find opportunities for improvement in relation to their management system with a view to enhance customer satisfaction
10.2 Nonconformity and corrective action
Requires an organization to act when nonconformity is identified, take action to control and correct it and deal with any consequences. They should also take action to ensure that the issue doesn’t occur elsewhere
10.3 Continual improvement
Requires an organization to continually improve the performance of their management system
The new standard is modelled around the ISO Directive Annex SL, a high level structure (HSL) based on the Plan-Do-Check-Act methodology and common language developed by ISO for use in all new management system standards.
The new 9001:2015 standard comprises of ten clauses instead of the previous eight used in the ISO 9001:2008.
- Normative References
- Terms and Definitions
- Context of the Organization
- Performance Evaluation
The use of Annex SL across all management system standards will aid in the integration of different systems as almost a third of text is common across all standards under Annex SL.
The revised standard brings the ISO 9001 QMS right up to date as much has changed in the business world during the past 15 years. ISO 9001:2015 offers clients a standard that is up to date with the very best in management practice.
Review the options available to your company to transition from the ISO 9001:2008 to ISO 9001:2015 standard.
For a free Quotation or On-Site presentation by an ISO Specialist, contact us today!
IMSM Canada Ltd
The Exchange Tower, PO Box 427
130 King Street West, Suite 1800, Toronto
Ontario, M5X 1E3