ISO 9001:2015 is an international standard dedicated to Quality Management Systems (QMS). It outlines a framework for improving quality and a vocabulary of understanding for any organization looking to provide products and services that consistently meet the requirements and expectations of customers and other relevant interested parties in the most efficient manner possible. The QMS is the aggregate of all the processes, resources, assets, and cultural values that support the goal of customer satisfaction and organizational efficiency
HIGH LEVEL STRUCTURE OF ISO 9001 - 2015
|
Section |
Description |
|
1.
Scope |
ISO
9001:2015 applies to organizations that want to show their ability to meet
customer requirements and regulatory obligations through the development of
consistent products and services. |
|
2.
Normative Reference |
ISO
9000:2015 Quality management systems – Fundamentals and vocabulary is the
primary supporting document outlining the principles and methodology of ISO
9001:2015. |
|
3.
Terms and Definitions |
The
controlled vocabulary of ISO 9001:2015 is contained in the document ISO 9000:
2015 Quality management systems - Fundamentals and vocabulary. |
|
4.
Context of the Organization |
Organizations
should identify all issues, requirements, and priorities that are relevant to
their objectives for their QMS, including those of any third-parties. They
should also determine and document the scope of the QMS and the processes
that will contribute to the creation, maintenance, and continuous improvement
of the QMS. |
|
5. Leadership |
Organizational
leadership should demonstrate its commitment to the QMS by ensuring alignment
with strategic objectives and processes, providing resources as necessary,
and ensuring the achievement of the intended results of customer satisfaction.
The organization must establish regular channels to communicate Quality
values to all employees and delegate responsibilities for maintaining the QMS
to well-trained subject matter experts. |
|
6.
Planning |
Organizations
should consider the context and requirements of all parties to enhance
desired effects, prevent undesired effects, and improve Quality processes.
They can then address the risks and opportunities, integrate actions into the
QMS processes, and evaluate those actions to determine their impact. They
should establish realistic Quality objectives and the means for measuring
their impact, and then implement any required changes to the QMS that are
within the scope of the resources available. |
|
7.
Support |
Organizations
should determine the resources (people, infrastructure, and environment)
required for the implementation and maintenance of the QMS. They should
ensure that all QMS professionals understand and are trained on their
responsibilities and that the principles of the QMS are communicated widely.
They should also create and maintain all required QMS documentation. |
|
8.
Operation |
Organizations
should implement the QMS according to the scope that was determined in the
planning stage, ensuring that it is suffciently documented and meets the
requirements of customers, regulators, and stakeholders. They should also
ensure that all suppliers and vendors conform to these same standards.
Products and services that are not ready to meet QMS standards should not be
released to the public, and all nonconformities should be documented and
addressed. |
|
9.
Performance Evaluation |
Organizations
should use internal audits to measure, analyze, and evaluate the
effectiveness of the QMS to ensure that it is meeting customer requirements
for consistent products and services. They must identify and take corrective
action on any non-conformity and should review the QMS regularly to ensure
that it aligns with the overall QMS strategy. |
|
10.
Improvement |
Organizations
should identify opportunities for continual improvement, take immediate
corrective actions for nonconformities, and retain controlled documentation
of all improvement activities on a continuing basis. |
|
Mandatory Documents |
ISO 9001:2015 Clause |
|
Scope of the Quality Management System |
4.3 |
|
Quality Policy |
5.2 |
|
Quality Objectives and Plans for Achieving
Them |
6.2 |
|
Mandatory Records |
ISO 9001:2015 Clause |
|
Record of Maintenance and Calibration of Monitoring and Measuring Equipment |
7.1.5.1 |
|
Competence
Records |
7.2 |
|
Product/Service
Requirements Review Record |
8.2.3.2 |
|
Record of New
Requirements for Product or Service |
8.2.3.2 |
|
Design and Development Inputs Record |
8.3.3 |
|
Record of Design and Development Controls |
8.3.4 |
|
Design and Development Outputs
Record |
8.3.5 |
|
Record of Design
and Development Changes |
8.3.6 |
|
Record of Evaluation of External Provider (supplier) |
8.4.1 |
|
Record of Product/Service Characteristics |
8.5.1 |
|
Record of Changes on Customer’s Property |
8.5.3 |
|
Record of Changes in Production/Service Provision |
8.5.6 |
|
Evidence of Product/Service Conformity |
8.6 |
|
Record of Nonconformity |
8.7.2, 10.2.2 |
|
Monitoring
Performance Information |
9.1.1 |
|
Internal
Audit Program and Results |
9.2.2 |
|
Management Review Results |
9.3 |
|
Nonconformities and Corrective Action |
10.2.2 |
These are the documents
and records that are required
to be maintained for the ISO 9001 Quality
Management System, but you should also maintain
any other records
that you have identified as necessary
to ensure your management system can function, be maintained, and improve over time.
Commonly used non-mandatory documents
|
Non-Mandatory Procedures |
ISO 9001 Clause |
|
Determining
Context of the Organization and Interested Parties |
4.1, 4.2 |
|
Procedure for Addressing Risks and Opportunities |
6.1. |
|
Competence, Training and Awareness Procedure |
7.2, 7.3 |
|
Procedure for Control of Documents and Records |
7.5 |
|
Sales Procedure |
8.2 |
|
Procedure for Design
and Development |
8.3 |
|
Procedure for Control of Externally Provided Processes, Products
and Services (outsourced processes) |
8.4.1 |
|
Procedure for Production and Service Provision |
8.5 |
|
Warehousing
Procedure |
8.5.4 |
|
Procedure for Measuring
Customer Satisfaction |
9.1.2 |
|
Procedure for Internal
Audit |
9.2 |
|
Procedure for Management Review |
9.3 |
|
Procedure for Nonconformity and Corrective Action |
10.2 |
While ISO 9001 does not require that you document all of the procedures, there are several processes that are mandatory to be established in order to generate the required records that are outlined in the first section. Remember these processes and procedures are not required to be documented; however, many companies choose to do so. One rule of thumb when deciding if you want to document a process is this: if there is a chance that the process won’t be carried out as planned, then you should document it. In many cases this is the best way to ensure that your Quality Management System is reliably implemented.
HOW TO STRUCTURE DOCUMENT AND RECORDS
QMS Scope
This document is usually rather short, and written at the beginning of the ISO 9001 implementation. Its purpose is to define the boundaries of the QMS and to determine to which parts of the organization the QMS applies. Normally, it is a standalone document called Scope of the QMS, although it can be merged into a Quality Manual.
Quality Policy
The Quality Policy is intended to be a company’s documented intention to comply with appropriate requirements, increase customer satisfaction, and continually improve. The policy is the focus for the company to work toward and should readily convey the goal of the organization. It is a standalone document, but is often documented in a Quality Manual and sometimes posted throughout the organization as a way of communicating to all employees, since it is important that every employee understand how the policy relates to his or her job. For more information, see How to Write a Good Quality Policy.
Risks and Opportunities that need to be addressed
This is a new requirement that introduces significant changes to the QMS. According to the new version, the risks and opportunities regarding the QMS must be identified and addressed, but there is no requirement to use any methodology or write a procedure. The process of addressing risks and opportunities includes consideration of internal and external issues relevant to the QMS, interested parties, and scope of the QMS. Considering the importance of this new requirement and the fact that it introduces a completely new process into the organization, it is recommended that it be documented in the form of a procedure.
Quality Objectives and Plans for Achieving Them
The requirements regarding setting the quality objectives remained as they were in the previous version of the standard; they still need to be measurable and timed. However, the standard now requires plans for achieving the objectives, meaning that the organization will have to assign responsibilities and dedicate resources for achieving the objectives. These requirements can be met in separate documents, but it is much easier to create a Quality Objectives document and fulfill all the above-mentioned requirements
Competence, Training and Awareness records
Introducing quality management into an organization often requires additional training of relevant employees. Describing the process of managing human resources by documenting a procedure that defines identification of training needs, training planning, conducting and evaluation of training effectiveness, as well as assigning responsibilities for this, is the best way to ensure that the requirements are met. Although it is not a requirement of the standard, good practice shows that the Procedure for Competence, Training and Awareness can be of great help to an organization. The standard explicitly requires only the evidence of competence, and that is the Training Record.
Procedure for Control of Documents and Records
Managing documented information is defined by many requirements within clause 7.5 in the standard. Activities of approval, update, managing changes, and ensuring that the relevant version of the document is in use are best to be defined in a documented procedure. The company must also define rules to maintain its records that show the QMS is implemented and maintained, including how they identify, store, and protect the records so that they can be retrieved as necessary, for the correct amount of time, and destroyed when no longer needed but not before. If you need more information, see New approach to document and record control in ISO 9001:2015.
Procedure for Design and Development
Requirements regarding the design and development process are among the most demanding in the standard. Every step of the design and development process needs to be documented in the form of a record, from design and development inputs, controls, and outputs, to changes in design and development. Considering all the requirements regarding the design and development process, it is best to document the Procedure for Design and Development and define all mandatory records that should accompany the procedure.
Procedure for control of externally provided processes
Products and services (outsourced processes) Creators of the standard decided to use this rather robust formulation of something that is basically the Procedure for Purchasing and Evaluation of Suppliers. Although the purchasing process doesn’t have to be documented, the standard requires companies to establish control over its externally provided processes, products, and services. The standard does require the criteria for evaluation, selection, monitoring, and re-evaluation of the suppliers to be documented, and the best way to do it is through the procedure.
Procedure for production and service provision
The standard requires production and service provision processes to be under control in terms of availability of necessary documented information about product or service characteristics, intended results, availability of needed resources, monitoring and measurement activities, etc. This rather complex process will hardly achieve the intended outcomes without clearly defined rules documented in the Procedure for Production and Service Provision.
Warehousing procedure
The importance and necessity of this procedure will vary depending on the type of business the company performs, but the requirement for product preservation is one of the most crucial ones in the way of the product or service toward the end user. In cases when the storage conditions can have great influence on the product quality, rules for preservation of the product during storage should be documented in the Warehousing Procedure.
Monitoring performance information
The new version of the standard emphasizes the importance of measuring and evaluation of QMS performance. The organization needs to determine what should be monitored, how, and when. This doesn’t have to be in one document, meaning that necessary monitoring and measuring is usually included in related process procedures. But, it is good to have an overview of key performance indicators and their status in the form of a Matrix of Key Performance Indicators.
Internal audit
How do you audit your Quality Management System to make sure that it is performing as planned and is effective? Who is responsible for planning and carrying out the audits? How do you report the results, and what records are kept? How do you follow up on corrective actions noted in audits? Learn more in this article about the Five Main Steps in ISO 9001 Internal Audit. You must also keep records of these activities to show QMS conformance and improvement.
Management review
Management review as a process hasn’t suffered any changes in the new ISO 9001:2015 revision in terms of how and how often it should be conducted. However, the mandatory inputs and outputs of the management review have changed. It is now required for the top management to review internal and external issues relevant to the QMS, as well as the effectiveness of actions taken to address risks and opportunities. As a result of the management review, there should be decisions regarding opportunities for improvement of the QMS, need for changes of the system, and resources needed. The best way to keep track of what needs to be reviewed and the expected results of the management review is to document the Procedure for Management Review.
Nonconformity and corrective action
What actions are in place, and who is responsible for making sure that a nonconformity is addressed? How do you ensure that corrections are made, and what records are kept of the process? Find out more here: Understanding dispositions for ISO 9001 nonconforming product. How do you review nonconformities, determine causes, and evaluate the need for actions to correct them? How do you implement the necessary actions, review that the actions were effective, and keep records of the actions taken? With the Quality Management System you will find that you have non-conformances occur within your processes that you will need to correct; and when you investigate the root cause of these problems, you will have corrective actions taken. You will also need to keep records of these activities to show improvement. Learn how to do this with Seven Steps for Corrective and Preventive Actions to support Continual Improvement.
SEVEN QUALITY PRINCIPLES
Principle
Description
Customer Focus
Customer focus means exceeding customer expectations and providing satisfaction and value with every customer interaction. It requires an organization to link every business objective to customer needs and to recognize that customers are those that have both direct and indirect relationships with an organization.
Leadership
Leadership must commit to ensuring the availability of all resources for Quality projects and to providing positive role models through active participation, proactive communication of vision and strategy, and an organization-wide engagement with a Culture of Quality.
Engagement of People
Organizations must engage and empower competent and motivated workers while encouraging everyone to contribute and collaborate.
Process Approach
A process approach recognizes that processes must be part of a unified and consistent system that produces predictable results, illuminates elements that require improvement, and addresses all risks that have an impact on process outcomes.
Improvement
An ongoing dedication to improvement reacts to changes in external and internal conditions to create new opportunities by focusing on root-cause determination and preventative and corrective actions.
Evidence-Based Decision Making
Making decisions based on statistical evidence provides greater objectivity, effectiveness, and effciency to an organization and makes it easier to review results for ongoing improvement.
Relationship Management
Organizations must account for and manage relationships with all vendors, partners, and suppliers to understand the constraints, opportunities, and risks for each.
SEVEN BASIC QUALITY TOOLS
Tool Description Cause-and-Effect Diagram This is also known as the “Ishikawa” or “fishbone chart” and can be used to identify the possible causes of a problem. Check Sheet This is a generic tool for capturing the frequencies and patterns of events such as defects or problems. Control Chart This is a graph that tracks how processes change over time. Histogram This is a tool for frequency distribution that shows how often different values occur. Pareto Chart This is a bar graph that shows the frequency of events in a process and determines which are the most significant. Scatter Diagram This is a graph that pairs variables and looks for relationships between them. Stratification This is a technique for separating and analyzing data from different sources to uncover patterns.
