JEMO Limited 11 Willowbank, Chippenham Wiltshire SN14 6QG, United Kingdom Phone: +44 (0) 1249 447 544 Fax: +44 (0) 1249 400 200 E-mail: [email protected]www.jemo.co.uk This guide provides details of the High Level Structure requirements based on DIS 9001: 2014. It concentrates on the core requirements that should not change when ISO 9001: 2015 is published. ISO 9001: 2015 – A Guide to Understanding and Implementing the High Level Structure (HLS) JeffMonk
15
Embed
ISO 9001: 2015 – A Guide to Understanding and · PDF filediscipline specific requirements to ISO 14001, ISO 22000 (food management) ... the roles and the MR responsibilities need
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
The major changes to the core (HLS/Annex SL) requirements
There are ten clauses instead of eight
Whilst ISO 9001: 2008 has eight clauses, the 2015 version has ten. This would not be an issue if
clauses had simply been sub-divided, but most of the clauses have new requirements. The common
clause titles and sequence are shown in Table 1 with comments on the changes:
Clause Title Comment
1 Scope Basically as the 2008 version
2 Normative references There are no normative references – they are now contained within the standard
3 Terms and definitions These are now contained within the standard
4 Context of the organization This is a completely new requirement and is significant
5 Leadership This involves top management leading the quality management system (QMS). The management representative role is now redundant – significant change
6 Planning This now involves risk assessment and management and is significant
7 Support This develops “Resources” of the 2008 version to a higher level. Significant changes in terminology
8 Operation This develops “product realization” of the 2008 version to a higher level. Significant changes.
9 Performance evaluation This develops several 2008 requirements for monitoring and measuring the QMS and the processes, products and services.
10 Improvement This develops Non-conformance, Corrective action and Improvement of ISO 9001: 2008. Preventive action is dropped – the whole standard is aimed at prevention.
Table 1 The ISO 9001: 2015 clauses and sequence
Changes to terminology
There are some significant changes to terminology that will need to be understood by you and your
auditors. As examples:
documented procedures are not now referred to but you do need to maintain documented
information – wherever you see the verb maintain this means document
records are not referred to and are embraced by documented information – wherever you see
the verb retain this means record
product is replaced by products and services – emphasising that the standard is equally
applicable to services
Guide to ISO 9001: 2015 – the requirements that should not change
Auditors who are not familiar with risk management techniques should not be auditing you. Expect
experienced auditors to look for tangible evidence that you are evaluating the risks and effectively
eliminating them or reducing them to an acceptable level. They will examine your resources and
competencies to do this. A useful tool for this is a risk register. ISO 31000 provides useful guidance
on risk management.
They should be familiar with how to audit your objectives and planning of changes and may spend
more time with your top management on this.
Clause 7 Support
This has the following HLS/Annex SL clauses:
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
There are also sub-sub clauses but with the exception of 7.5 below these are quality specific and so are listed but not discussed here.
7.5 Documented information – this has the following sub-sub clauses that are HLS/Annex SL:
7.5.1 General
7.5.2 Creating and updating
7.5.3 Control of documented information
In general, this is a development of existing ISO 9001: 2008 requirements for support to your main operational processes. The human resources (i.e. your colleagues) need to be demonstrably competent and aware of the requirements that apply to them and the consequences of not following the “rules” of the QMS.
Your communication systems need to be robust and include external and internal communications. A gap in the ISO 9001: 2008 standard has been filled – communication with your suppliers and external providers has to be as robust as communication with your customers
The documented quality system may not have to include your quality manual, documented
procedures or work instructions but there should be something that does a similar job for instruction
and control. This is called documented information. Much of what you already have can still suffice,
although you may want to take this opportunity to examine your documentation to see what can be
retained, what is superfluous and if it is all in the right format and media for your current and future
needs.
Your top management could, as part of their leadership role, engage the workforce in deciding what
they really need in the documentation and the media that is most suitable for them.
Guide to ISO 9001: 2015 – the requirements that should not change
There are many additional quality related requirements here under sub-clauses - in particular in
clause 7.1 which has six sub-clauses with significant additional requirements. We have listed these in
Tables 6 but do not discuss them in detail here as we are focusing on the HLS/Annex SL
requirements.
Clause Title Comment
7.1.1 General
Basically as ISO 9001: 2008 - you must determine and obtain the resources needed to run your QMS – from inside and outside your organization
7.1.2 People Basically as ISO 9001: 2008
7.1.3 Infrastructure Basically as ISO 9001: 2008
7.1.4 7.1.4 Environment for the operation of processes
This extends the work environment of ISO 9001: 2008 to include environments for the effective operation of processes
7.1.5 7.1.5 Monitoring and measuring resources
This is a substantial development of the ISO 9001: 2008 requirements and now embraces the “calibration control” of people used in monitoring and measurement
7.1.6 Organizational knowledge
This is a new requirement which covers the knowledge needed by your organization and how you obtain and control this and keep it up to date
Table 6 Clause 7.1 Resources
For comprehensive tools for implementing and auditing all of the changes please visit
All the rest are quality specific. We list these but do not look at them in detail
This takes the “strategic planning” you did for clause 6 and focuses down onto the planning of the
specific processes for creating products and providing services. This extends beyond your internal
process chain to include processes that you outsource. A new requirement is for you to have controls
for unplanned changes as well as the changes you plan to make.
The quality related requirements.
There are many quality specific requirements here, much of which you will probably be doing already.
We have listed these in Table 7, but it is beyond the scope of this brief to cover them in detail.
Clause Title Comment
8.2 Determination of requirements for products and services
8.2.1 Customer communication An extension of ISO 9001; 2008 to include contingency and other quality related communications
8.2.2 Determination of requirements related to the products and services
Subtle change from ISO 9001: 2008 including a need to substantiate all claims you make for your products and services
8.2.3 Review of requirements related to products and services
Basically as ISO 9001: 2008 but extended to include other interested party requirements
8.3 Design and development of products and services
This has six sub-clauses, amalgamating some of the sub-clauses of ISO 9001: 2008. The only significant change relates to reviewing experience from previous design – now dropped, and determining the risk of design failure. We consider this significant omissions
8.4 Control of externally provided products and services
This has three sub-clauses similar to ISO 9001: 2008. The range of supply is extended to include anything including sub-contracted processes that is provided (excluding property provided by your customer)
8.5 Production and service provision This has six sub-clauses, including new requirements for post-delivery activities and the control of unplanned process changes
8.7 Control of nonconforming process outputs, products and services
This is basically as ISO 9001: 2008
If you require comprehensive tools for implementing and auditing all of the changes please visit