ISO 9001 - 2015 doc

Why implement ISO 9001:2015The standard can help you to reduce waste in terms of your procedures, can reduce the amount of paperwork by streamlining your systems.Improve the efficiency and productivity of the business.Demonstrate to customers that you are committed to Quality and able to meet their requirements.Help to secure new business and build on current relationships.Help to push the business along and seek new improvements, develop and growCan give you the competitive edge when quoting and marketing.

What is involved in implementing the ISO 9001 Standard?Identify the requirements of ISO 9001 and how they apply to your businessEstablish quality objectives and how they fit in to the businessProduce a documented quality policy and proceduresCommunicate them throughout the businessOnce developed, perform internal audits to ensure the systems and procedures are being adhered to.Perform management review meetings to review the business performance and set new targets and action points

What is the Certification Process?Introduce procedures in line with the ISO 9001 standardContact a UKAS Accredited Certification Body who will independently audit your systems and approve you to the ISO 9001:2008 Standard.Receive your Certificate and Logos and present to your customers to demonstrate your commitment to quality.Receive annual audits to ensure that your system remains compliant.What is the Certification Process

ISO 9000 Work ProgrammeGap Analysis (where you are now?)Draft Quality Manual and Procedures (where you need to be)Staff Awareness trainingReview and Amend Manual and ProceduresVerify & implement ProceduresCompile the Audit SchedulePerform Internal Audits and Management Review

Audit

An audit is a systematic evidence gathering process. Audits must beindependent and evidence must be evaluated objectively to determine how well audit criteria are being met. There are three types of audits: first-party, second-party, and third-party. First-party audits are internalaudits while second and third party audits are external audits.

Organizations use first party audits to audit themselves. First party audits are used to provide input for management review and for otherinternal purposes. They're also used to declare that an organization meets specified requirements (this is called a self-declaration).

Second party audits are external audits. Theyre usually done bycustomers or by others on their behalf. However, they can also be done by regulators or any other external party that has an interest in an organization. Third party audits are external audits as well. However, theyre performed by independent organizations such as registrars (certification bodies) or regulators.

ISO also distinguishes between combined audits and joint audits. When two or more management systems of different disciplines are audited together at the same time, it's called a combined audit; and when two or more auditing organizations cooperate to audit a single auditee organization it's called a joint audit.

Audit criteria

Audit criteria are used as a reference point and include policies,requirements, and other forms of documented information. They arecompared against audit evidence to determine how well they are being met. Audit evidence is used to determine how well policies are beingimplemented and how well requirements are being followed.

Audit evidence

Audit evidence includes records, factual statements, and other verifiableinformation that is related to the audit criteria being used. Audit criteriainclude policies, requirements, and other documented information.

Audit findings

Audit findings result from a process that evaluates audit evidence and compares it against audit criteria. Audit findings can show that audit criteria are being met (conformity) or that they are not being met (nonconformity). They can also identify best practices or improvement opportunities.

Audit program

An audit program (or programme) refers to a set of one or more audits that are planned and carried out within a specific time frame and are intended to achieve a specific audit purpose.

Characteristic

A characteristic is a distinctive feature or property of something.Characteristics can be inherent or assigned and can be qualitative or quantitative. An inherent characteristic exists in something or is a permanent feature of something while an assigned characteristic is a feature that is attributed or attached to something.

Competence

Competence means being able to apply knowledge and skill to achieve intended results. Being competent means having the knowledge and skill that you need and knowing how to apply it. Being competent means that youre qualified to do the job.

Complaint

In the context of ISO 9001, a complaint refers to an expression ofdissatisfaction with a product or service and is filed by a customer and received by an organization. Whenever a customer lodges a complaint, a response is either explicitly or implicitly required.

Concession

A concession is a special approval that is granted to release anonconforming product or service for use or delivery. Concessions are usually restricted to a specific use and limited by time and quantity and tend to specify that nonconforming characteristics may not violatespecified limits.

Conformity

Conformity is the "fulfillment of a requirement". To conform means to meet or comply with requirements and a requirement is a need,expectation, or obligation. There are many types of requirements including customer requirements, quality requirements, qualitymanagement requirements, management requirements, productrequirements, service requirements, contractual requirements, statutory requirements, and regulatory requirements.

Context of the organization

An organizations context is its business environment. It includes all of the internal and external factors and conditions that affect itsproducts and services, have an influence on its QMS, and are relevant to its purpose and strategic direction.

An organizations external context includes all of the needs andexpectations of interested parties, as well as its social, cultural, legal, technological, regulatory, and competitive environment. An organizations internal context includes its values, culture, knowledge, and performance.

ISO 9001 2015 expects you to consider your organizations internal and external context when you define the scope of its QMS and when you plan it's design and development.

Continual improvement

Continual improvement is a set of recurring activities that are carried out in order to enhance performance. Continual improvements can beachieved by carrying out audits, self-assessments, and managementreviews. Continual improvements can also be realized by collecting data, analyzing information, setting objectives, and implementingcorrective and preventive actions.

Contract

A contract is a binding agreement between two or more parties.

Correction

A correction is any action that is taken to eliminate a nonconformity.However, corrections do not address root causes. When applied toproducts, corrections can include reworking products, reprocessing them, regrading them, assigning them to a different use, or simplydestroying them.

Corrective action

Corrective actions are steps that are taken to eliminatethe causes of existing nonconformities in order to preventrecurrence. The corrective action process tries to make sure that existing nonconformities and potentiallyundesirable situations dont happen again.

Customer

A customer is anyone who receives products or services (outputs) from a supplier. Customers can be either people or organizations and can be either external or internal to the supplier organization. Examples of customers include clients, consumers, users, guests, patients, purchasers, and beneficiaries.

Customer satisfaction

Customer satisfaction is a perception. It's also a question of degree. It can vary from high satisfaction to low satisfaction. If customersbelieve that you've met their requirements, they experience highsatisfaction. If they believe that you've not met their requirements, they experience low satisfaction.

Since satisfaction is a perception, customers may not be satisfied even though youve met all contractual requirements. Just because you havent received any complaints doesnt mean that customers are satisfied.

There are many ways to monitor and measure customer satisfaction. You can use customer satisfaction and opinion surveys; you can collect product quality data (post delivery), track warranty claims, examine dealer reports, study customer compliments and criticisms, and analyze lost business opportunities.

Data

The term data is defined as any facts about an object.

Defect

A defect is a type of nonconformity. It occurs when a product or service fails to meet specified or intended use requirements.

Design and development

Design and development is a process (or a set of processes) that usesresources to transform general input requirements for an object intospecific output requirements.

An object is any entity that is either conceivable or perceivable. Objects can be real or imaginary and could be material or immaterial. Examplesinclude products, services, systems, organizations, people, practices,procedures, processes, plans, ideas, documents, records, methods, tools, machines, technologies, techniques, and resources.

Determination

To determine means to find or to identify the value of a characteristic.

Documented information

The term documented information refers to information that must be controlled and maintained and its supporting medium. Documented information can be in any format and on any mediumand can come from any source.

Documented information includes information about the managementsystem and related processes. It also includes all the information thatorganizations need to operate and all the information that they useto document the results that they achieve (aka records).

Effectiveness

Effectiveness refers to the degree to which a planned effect is achieved.Planned activities are effective if these activities are actually carried out and planned results are effective if these results are actually achieved.

Feedback

The term feedback is used to refer to a comment or an opinion expressed about a product or service or an interest expressed in a product or a service. It may also be used to refer to the customer complaints-handling process itself.

Function

A function is a role that is performed by a unit of an organization.

Improvement

Improvement is a set of activities that organizations carry out in order to enhance performance (get better results). Improvement can be achieved by means of a single activity or by means of a recurring set of activities.

Information

Information is meaningful data. While it's not entirely clear what the word meaningful is supposed to mean in this context, dictionaries tend to say that something is meaningful if it is significant, relevant, material, valid, or important.

Information system

In the context of this ISO 9001 standard, an information system is a network of communication channels used within an organization.

Infrastructure

The term infrastructure refers to the entire system of facilities, equipment, and support services that organizations need in order to function. According to ISO 9001, section 7.1.3, the term infrastructure can include buildings, equipment, utilities, and technologies (both hardware and software).

Innovation

Innovation is a process that results in a new or substantially changedobject. An object is any entity that is either conceivable or perceivable.Objects can be real or imaginary and could be material or immaterial.Examples include products, services, systems, organizations, people,practices, procedures, processes, plans, ideas, documents, records,methods, machines, tools, technologies, techniques, and resources.

Interested party

An interested party is anyone who can affect, be affected by, or believe that they are affected by a decision or activity. An interested party is a person, group, or organization that has an interest or a stake in a decision or activity.

Involvement

Involvement occurs when people share objectives and are actively engaged in and contribute to their achievement.

Knowledge

Knowledge is a collection of information and a justified belief that this information is true with a high level of certainty.

Management

The term management refers to all the activities that are used to coordinate, direct, and control organizations. These activities includedeveloping policies, setting objectives, and establishing processes to achieve these objectives. In this context, the term management does not refer to people. It refers to what managers do.

Management system

A management system is a set of interrelated or interacting elements that organizations use to formulate policies and objectives and to establish the processes that are needed to ensure that policies arefollowed and objectives are achieved. These elements include structures, programs, procedures, practices, plans, rules, roles,responsibilities, relationships, contracts, agreements, documents, records, methods, tools, techniques, technologies, and resources.

There are many types of management systems. Some of these includequality management systems, environmental management systems, financial management systems, information security management systems, business continuity management systems, emergency management systems, disaster management systems, food safetymanagement systems, risk management systems, and occupational health and safety management systems.

The scope or focus of a management system could be restricted to a specific function or section of an organization or it could include the entire organization. It could even include a function that cuts across several organizations.

Measurement

Measurement is a process that is used to determine a value. In most cases this value will be a quantity.

Measuring equipment

Measuring equipment includes all the things needed to carry out a measurement process. Accordingly, measuring equipment includes instruments and apparatuses as well as all the associatedsoftware, standards, and reference materials.

Monitoring

To monitor means to determine the status of an activity, process, or system at different stages or at different times. In order to determinestatus, you need to supervise and to continually check and criticallyobserve the activity, process, or system that is being monitored.

Nonconformity

Nonconformity is a nonfulfillment or failure to meet a requirement. A requirement is a need, expectation, or obligation. It can be stated or implied by an organization or interested parties.

Object

An object is any entity that is either conceivable or perceivable. Objects can be real or imaginary and could be material or immaterial.Examples include products, services, systems, organizations, people,practices, procedures, processes, plans, ideas, documents, records,methods, tools, machines, technologies, techniques, and resources.

Objective

An objective is a result you intend to achieve. Objectives can be strategic, tactical, or operational and can apply to an organization as a whole or to a system, process, project, product, or service. Objectives may also be referred to as targets, aims, goals, or intended outcomes.

Quality objectives are generally based on or derived from an organizations quality policy and must be consistent with it.

Objective audit evidence

Objective audit evidence is information that is verifiable and generally consists of records and other statements of fact that are relevant to the audit criteria being used.

Objective evidence

Objective evidence is data that shows or proves that something exists or is true. Objective evidence can be collected by performingobservations, measurements, tests, or using other suitable methods.

Organization

An organization can be a single person or a group that achieves itsobjectives by using its own functions, responsibilities, authorities, and relationships. It can be a company, corporation, enterprise, firm,partnership, charity, association, or institution and can be eitherincorporated or unincorporated and be either privately or publiclyowned. It can also be an operating unit that is part of a larger entity.

Output

An output is the result of a process. Outputs can be either tangible or intangible. The output from one process is often the input for another process.

ISO 9001 lists four generic output categories: services, software, hardware, and processed materials. Outputs often combine several of these categories. For example, an automobile (an output) combineshardware (e.g. tires), software (e.g. engine control algorithms), andprocessed materials (e.g. lubricants).

Outsource

When an organization makes an arrangement with an outside organization to perform part of a function or process, it is referred to as outsourcing. To outsource means to ask an external organizationto perform part of a function or process normally done inhouse. While an outsourced organization is beyond the scope of your QMS, theoutsourced process or function itself falls within your scope.

Performance

According to ISO, the term performance refers to a measurable result. It refers to the measurable results that activities, processes, products, services, systems and organizations are able to achieve. Whenever theyperform well it means that acceptable results are being achieved andwhenever they perform poorly, unacceptable results are achieved.

Performance indicator

A performance indicator (metric) is a characteristic that is used to measure customer satisfaction and how well outputs are realized.

Policy

A policy is a general commitment, direction, or intention and is formally stated by top management. A quality policy statement shouldexpress top management's commitment to the implementation andimprovement of its quality management system and should allowmanagers to set quality objectives.

Process

A process is a set of activities that are interrelated or that interact with one another. Processes use resources to transform inputs into outputs. Processes are interconnected because the output from one process often becomes the input for another process.

While processes usually transform inputs into outputs, this is not always the case. Sometimes inputs become outputs without transformation.

Organizational processes should be planned and carried out under controlled conditions. An effective process is one that realizes planned activities and achieves planned results.

Process approach

The process approach is a management strategy. When managers use a process approach, it means that they manage and control theprocesses that make up their organization, the interaction between these processes, and the inputs and outputs that tie these processes together.

Process-based quality management system

A process-based quality management system uses a process approach to manage and control how its quality policy is implemented and how its quality objectives are achieved. A process-based QMS is a network of interrelated and interconnected processes.

Each process uses resources to transform inputs into outputs. Since the output of one process becomes the input of another process, processes interact and are interrelated by means of such input-output relationships. These process interactions create a single integrated process-based QMS.

Product

A product is a tangible or intangible output that is the result of a process that does not include activities that are performed at the interface between the supplier (provider) and the customer.

Products can be tangible or intangible. According to a note to this definition, there are three generic product categories: hardware,processed materials, and software. Many products combine several of these categories. For example, an automobile (a product) combineshardware (e.g. tires), software (e.g. engine control algorithms), andprocessed materials (e.g. lubricants).

Provider

A provider is a person or an organization that supplies or providesproducts or services. Providers can be either internal or external to the organization. Internal providers supply products or services to people within their own organization while external providers supply products or services to other organizations.

Quality

The adjective quality applies to objects and refers to the degree towhich a set of inherent characteristics fulfills a set of requirements. An object is any entity that is either conceivable or perceivable and an inherent characteristic is a feature that exists in an object.

The quality of an object can be determined by comparing a set of inherent characteristics against a set of requirements. If thosecharacteristics meet all requirements, high or excellent quality is achieved but if those characteristics do not meet all requirements, a low or poor level of quality is achieved. So the quality of an objectdepends on a set of characteristics and a set of requirements and how well the former complies with the latter.

Quality management

Quality management includes all the activities that organizations use to direct, control, and coordinate quality. These activities includeformulating a quality policy and setting quality objectives. They alsoinclude quality planning, quality control, quality assurance, and quality improvement.

Quality management system

A quality management system (QMS) is a set of interrelated or interacting elements that organizations use to formulate quality policies and quality objectives and to establish the processes that are needed to ensure that policies are followed and objectives areachieved. These elements include structures, programs, practices,procedures, plans, rules, roles, responsibilities, relationships, contracts, agreements, documents, records, methods, tools, techniques, technologies, and resources.

Quality objective

A quality objective is a quality result that you intend to achieve. Quality objectives are based on or derived from an organizations quality policy and must be consistent with it. They are usually formulated at all relevant levels within the organization and for all relevant functions.

The adjective quality applies to objects and refers to the degree to which a set of inherent characteristics fulfills a set of requirements; and an object is any entity that is either conceivable or perceivable.Therefore, a quality objective can be set for any kind of object.

Quality policy

A quality policy should express top management's commitment to thequality management system (QMS) and should allow managers to setquality objectives. It should be based on ISOs quality managementprinciples and should be compatible with your organizations other policies and be consistent with its vision and mission.

ISO's quality management principles ask you to focus on customers and interested parties, to provide leadership, to engage and involve people, to use a process approach, to encourage improvement, to useevidence to make decisions, and to manage corporate relationships.

Regulatory requirement

A regulatory requirement is an obligation that is specified by an authority which gets its mandate from a legislative body.

Release

To release means to grant permission to proceed to the next stage of a process. The term release is also used to refer to a version of software or documented information.

Requirement

A requirement is a need, expectation, or obligation. It can be stated orimplied by an organization, its customers, or other interested parties.A specified requirement is one that has been stated (in a document forexample), whereas an implied requirement is a need, expectation, orobligation that is common practice or customary.

There are many types of requirements. Some of these include customerrequirements, quality requirements, quality management requirements,management requirements, product requirements, service requirements,contractual requirements, statutory requirements, and regulatoryrequirements.

Review

Reviews are done to figure out how well objects achieve establishedobjectives. Reviews ask the following question: is the object a suitable,adequate, and effective way of achieving established objectives?

There are many kinds of reviews. Some of these include managementreviews, design and development reviews, customer requirement reviews, nonconformity reviews, and peer reviews.

Risk

According to ISO 9000, risk is the effect of uncertainty on an expectedresult and an effect is a positive or negative deviation from what isexpected. The following two paragraphs will explain what this means.

This definition recognizes that all of us operate in an uncertain world.Whenever we try to achieve something, theres always the chance thatthings will not go according to plan. Sometimes we get positive resultsand sometimes we get negative results and occasionally we get both.Because of this, we need to reduce uncertainty as much as possible.

Uncertainty (or lack of certainty) is a state or condition that involvesa deficiency of information and leads to inadequate or incompleteknowledge or understanding. In the context of risk management,uncertainty exists whenever the knowledge or understanding of an event, consequence, or likelihood is inadequate or incomplete.

While this definition argues that risk can be positive as well as negative, a note acknowledges that "the term risk is sometimes used when there is only the possibility of negative consequences".

Risk-based thinking

Risk-based thinking refers to a coordinated set of activities and methods that organizations use to manage and control the many risks that affect its ability to achieve objectives. Risk-based thinkingreplaces what the old standard used to call preventive action.

While risk-based thinking is now an essential part of the new standard, it does not actually expect you to implement a formal risk management process nor does it expect you to document your organizations risk-based approach.

Service

A service is an intangible output and is the result of a process that includes at least one activity that is carried out at the interface between the supplier (provider) and the customer.

Service provision can take many forms. Service can be provided to support an organizations own products (e.g. warranty service or the serving of meals). Conversely, it can be provided for a productsupplied by a customer (e.g. a repair service or a delivery service). It can also involve the provision of an intangible thing to a customer (e.g. entertainment, ambience, transportation, or advice).

Statutory requirement

A statutory requirement is defined by a legislative body and is obligatory.

Strategy

A strategy is a plan for achieving an objective.

Supplier

A supplier is a person or an organization that provides products orservices. Suppliers can be either internal or external to an organization.Internal suppliers provide products or services to people within their own organization while external suppliers provide products or services to other organizations.

Examples of suppliers include organizations and people who produce,distribute, or market products, provide services, or publish information. While ISO still includes a definition for this term, the new ISO 9001 2015standard no longer actually uses it. It prefers, instead, to use the termexternal provider.

System

A system is defined as a set of interrelated or interacting elements. A management system is one type of system. It is a set of interrelated or interacting elements that organizations use to formulate policies and objectives and to establish the processes that are needed to ensure that policies are followed and objectives are achieved.

Top management

The term top management normally refers to the people at the top of an organization. It refers to the people who provide resources and delegate authority and who coordinate, direct, and controlorganizations.

However, if the scope of a management system covers only part of an organization, then the term top management refers, instead, to the people who direct and control that part of the organization.

Traceability

Traceability is the ability to identify and trace the history, distribution,location, and application of products, parts, materials, and services.A traceability system records and follows the trail as products, parts,materials, and services come from suppliers and are processed andultimately distributed as final products and services.

Validation

Validation is a process. It uses objective evidence to confirm that therequirements which define an intended use or application have been met. Whenever all requirements have been met, a validated status isestablished. Validation can be carried out under realistic use conditions or within a simulated use environment.

There are several ways to confirm that the requirements which define an intended use or application have been met. For example you could do tests, you could carry out alternative calculations, or you could examine documents before you issue them.

Verification

Verification is a process. It uses objective evidence to confirm that specified requirements have been met. Whenever specifiedrequirements have been met, a verified status is achieved.

There are many ways to verify that requirements have been met. For example you could inspect something, you could do tests, you could carry out alternative calculations, or you could examine documents before you issue them.

ISO DIS 9001 2015 is an "Interim Working Draft". It's not the final version of the standard. According to ISO, the final official version "is due to be published by the end of 2015".

4. Context

4.1 Understand your organization and its unique context

Identify and understand your organization's context.

Identify and understand your organization's context before you establish its quality management system (QMS).

Consider the external issues that are relevant to your organization's purpose and strategic direction and think about the influence these issues could have on its QMS and the results it intends to achieve.

Consider the internal issues that are relevant to your organization's purpose and strategic direction and think about the influence these issues could have on its QMS and the results it intends to achieve.

Monitor information about your organization's context.

Consider the impact changes in context could have on your organization's quality management system (QMS).

4.2 Clarify the needs and expectations of interested parties

Identify the parties who affect or could affect your QMS.

Consider how interested parties affect or could affect your ability to provide products and services that meet customer requirements.

Consider how interested parties affect or could affect your ability to provide products and services that meet statutory and regulatory requirements.

Clarify and understand their unique needs and expectations.

Monitor and review information about your interested parties.

4.3 Define the scope of your quality management system

Clarify boundaries and think about what your QMS should apply to.

Use boundary and applicability information to define your scope.

Consider your organization's context when you define your scope.

Document the scope of your quality management system (QMS).

Use your scope document to describe the boundaries of your organization's QMS and to explain what it applies to.

Use your scope document to identify and describe the products and services that will be included in your organization's QMS.

Use your scope document to explain that every ISO 9001 requirement is mandatory and may only be excluded if it cannot be applied.

Control the document that defines the scope of your QMS.

Maintain your organization's scope document.

4.4 Establish a QMS that complies with this standard

Develop a process-based quality management system (QMS).

Determine the processes that your QMS needs.

Determine process sequences and interactions.

Determine methods needed to manage processes.

Determine resources needed to support processes.

Determine process responsibilities and authorities.

Determine risks and opportunities for each process.

Determine methods needed to check your processes.

Determine opportunities to improve your processes.

Implement your process-based quality management system.

Support your process-based quality management system.

Improve your process-based quality management system.

5. Leadership

5.1 Provide leadership by focusing on quality and customers

5.1.1 Provide leadership by encouraging a focus on quality

Accept responsibility for your QMS.

Demonstrate a commitment to your QMS.

Ensure that a quality policy is developed.

Ensure that quality objectives are established.

Ensure that requirements are built into processes.

Ensure that your QMS achieves all intended results.

Communicate your commitment to the QMS.

Explain why quality management is important.

Expect managers to be accountable for their QMS.

Encourage your personnel to support their QMS.

Promote an awareness of the process approach.

5.1.2 Provide leadership by encouraging a focus on customers

Expect personnel to focus on customers.

Expect personnel to manage all relevant requirements.

Expect personnel to provide compliant products and services.

Expect personnel to manage relevant risks and opportunities.

Expect personnel to focus on enhancing customer satisfaction.

5.2 Provide leadership by establishing a suitable quality policy

5.2.1 Provide leadership by formulating your quality policy

Develop an appropriate quality policy.

Make sure that it supports your organization's purpose.

Make sure that it deals with your organization's context.

Make sure that it can be used to set quality objectives.

Formulate your organization's quality policy.

Make a commitment to satisfy applicable requirements.

Make a commitment to continual QMS improvement.

5.2.2 Provide leadership by implementing your quality policy

Document your organization's quality policy.

Communicate your organization's quality policy.

Apply your organization's quality policy.

5.3 Provide leadership by defining roles and responsibilities

Assign QMS roles, responsibilities, and authorities.

Communicate QMS roles, responsibilities, and authorities.

6. Planning

6.1 Define actions to manage risks and address opportunities

6.1.1 Consider risks and opportunities when you plan your QMS

Plan the development of your organization's QMS.

Identify the risks and opportunities that could influence the performance of your organization's QMS or disrupt its operation.

Consider how your organization's context could affect how well its QMS is able to achieve intended results.

Consider how your organization's interested parties could affect how well its QMS is able to achieve intended results.

Figure out what you need to do to address the risks and opportunities that could influence the performance of yourorganization's QMS or disrupt its operation.

6.1.2 Plan how youre going to manage risks and opportunities

Consider your organization's risk treatment options.

Define actions to address risks and opportunities.

Define actions that you can take to address the risks and opportunities that could influence the performance of your QMS or disrupt or damage its operation.

6.2 Set quality objectives and develop plans to achieve them

6.2.1 Establish quality objectives for all relevant areas

Clarify criteria for setting quality objectives.

Set quality objectives in all relevant areas.

Communicate your quality objectives.

Document your quality objectives.

Monitor your quality objectives.

Update your quality objectives.

6.2.2 Develop plans to achieve objectives and evaluate results

Establish plans to achieve quality objectives.

Plan how you're going to evaluate your results.

6.3 Control changes to your quality management system

Plan changes to your quality management system.

Consider the purpose of the changes you intend to make.

Consider responsibilities and authorities whenever you make changes.

Consider the consequences that changes could potentially produce.

7. Support

7.1 Support your QMS by providing the necessary resources

7.1.1 Provide internal and external resources for your QMS

Determine the resources that your QMS needs.

Provide the resources that your QMS needs.

7.1.2 Provide suitable people for your QMS and your processes

Provide the people that your QMS needs to be effective.

Provide the people that you need in order to be sure that your organization is capable of meeting customer requirements on a consistent basis.

Provide the people that you need in order to be sure that your organization is capable of meeting all applicable statutory and regulatory requirements on a consistent basis.

7.1.3 Provide the infrastructure that your processes must have

Determine the infrastructure that your processes need.

Identify the infrastructure that your organization needs in order to support process operations and to achieve conformity of products and services.

Provide the infrastructure that your processes need.

7.1.4 Provide the appropriate environment for your processes

Determine the environment that your processes need.

Identify the environment that your organization needs in order to support process operations and to achieve conformity of products and services.

Provide the environment that your processes need.

7.1.5 Provide suitable monitoring and measuring resources

Determine monitoring and measuring resource requirements.

Identify the monitoring and measuring resources that you need in order to be sure that you can provide products and services that meet all relevant requirements.

Determine your measurement traceability requirements.

Identify the measurement traceability resources that customers and interested parties expect you to have.

Identify the measurement traceability resources that governmental agencies expect you to have.

7.1.6 Provide knowledge to facilitate process operations

Determine the knowledge that your organization needs to have.

Acquire the knowledge that your organization needs to have.

Make organizational knowledge available to the extent necessary.

Monitor relevant trends and changes in knowledge and information.

Maintain the organizational knowledge that has been acquired.

7.2 Support your QMS by ensuring that people are competent

Identify those under your control who do work that affects quality.

Clarify your organization's quality competence requirements.

Acquire competence whenever shortcomings are discovered.

Document the competence of those whose work affects quality.

Evaluate the effectiveness of actions taken to acquire competence.

7.3 Support your QMS by explaining how people can help

Make personnel aware of your organization's QMS.

Share information about your QMS with the people who carry out work that is under your organization's control.

7.4 Support your QMS by managing your communications

Support your QMS by managing QMS communications.

Figure out how internal communications will be handled.

Figure out how external communications will be handled.

7.5 Support your QMS by controlling documented information

7.5.1 Include the documented information that your QMS needs

Figure out how extensive documented QMS information should be.

Consider your activities when you establish documents and records.

Consider your personnel when you establish documents and records.

Consider your processes when you establish documents and records.

Consider your products when you establish documents and records.

Consider your services when you establish documents and records.

Consider your size when you establish documents and records.

Select all the documents and records that your QMS needs.

Select all the internal documents and records that your QMS needs.

Select all the external documents and records that your QMS needs.

7.5.2 Manage the creation and revision of documented information

Manage the creation and revision of documented information.

Make sure that your organizations QMS documents and records are properly identified and described.

Make sure that your organizations QMS documents and records are properly formatted and presented.

Make sure that your organizations QMS documents and records are properly reviewed and approved.

7.5.3 Control the management and use of documented information

7.5.3.1 Control your organization's QMS documents and records

Select all of the QMS documents and records that you need.

Select all the documentation that you need in order toprotect the confidentiality, integrity, and use of information.

Select all of the documentation that is required by ISO 9001.

Control all the QMS documents and records that you need.

Control all the internal documentation that your QMS needs.

Control all the external documentation that your QMS needs.

7.5.3.2 Control how QMS documents and records are controlled

Control how QMS documents and records are controlled.

Control how QMS documents and records are created.

Control how QMS documents and records are identified.

Control how QMS documents and records are distributed.

Control how QMS documents and records are accessed.

Control how QMS documents and records are retrieved.

Control how QMS documents and records are stored.

Control how QMS documents and records are used.

Control how QMS documents and records are changed.

Control how QMS documents and records are protected.

Control how QMS documents and records are preserved.

8. Operations

8.1 Develop, implement, and control your operational processes

Plan the implementation and control of operational processes.

Prepare operational process implementation and control plans.

Use your plans to implement and control operational processes.

Control planned operational process changes and modifications.

Retain suitable operational process documents and records.

8.2 Clarify how product and service requirements will be managed

8.2.1 Clarify how communications with customers will be handled

Establish processes for communicating with customers.

Establish how customer enquires should be handled.

Establish how orders and contracts should be handled.

Establish how customer feedback should be handled.

8.2.2 Clarify how product and service requirements will be specified

Establish a process for managing product and service requirements.

Implement your product and service requirement management process.

Maintain your product and service requirement management process.

8.2.3 Clarify how product and service requirements will be reviewed

Review product and service requirements before you accept an order.

Confirm all unwritten customer requirements before you accept them.

Clarify differences between your original proposal and the final order.

Resolve differences between your original proposal and the final order.

Retain and control documents that describe the results of your reviews.

8.3 Establish a process to design and develop products and services

8.3.1 Create a design and development process when necessary

Establish a design and development process (when necessary).

Establish a design and development process whenever product and service requirements are unavailable or inadequate.

Implement a design and development process (when necessary).

8.3.2 Plan product and service design and development activities

Plan your design and development stages and controls.

Consider design and development process complexities.

Consider design and development process requirements.

Consider design and development process participation.

Consider design and development process interfaces.

Consider design and development process responsibilities.

Consider design and development process documentation.

8.3.3 Determine product and service design and development inputs

Clarify your product and service design and development inputs.

Define product and service design and development resource needs.

8.3.4 Specify how design and development process will be controlled

Establish your design and development controls.

Ensure that your results are clearly defined.

Ensure that your reviews are done as planned.

Ensure that output verifications are performed.

Ensure that output validations are carried out.

8.3.5 Clarify how design and development outputs will be produced

Control product and service design and development outputs.

Ensure that outputs can be compared against input requirements.

Ensure that outputs are capable of supporting product provision.

Ensure that outputs include or refer to acceptance criteria.

Ensure that outputs can be used to validate proposals.

Control design and development output documents and records.

8.3.6 Review and control all design and development changes

Identify changes made to design inputs and outputs.

Review changes made to design inputs and outputs.

Control changes made to design inputs and outputs.

8.4 Monitor and control externally provided products and services

8.4.1 Confirm that external products and services meet requirements

Confirm that externally provided processes, products, and services meet requirements.

Confirm that externally provided products and services meet requirements if they are incorporated into your organization's own products and services.

Confirm that externally provided processes and functions meet your organization's requirements.

Establish criteria to select and evaluate external providers.

8.4.2 Establish controls for externally provided products and services

Consider controls for external providers, processes, products, and services.

Consider the potential impact that externally provided processes, products, and services could have on your organization's ability to consistently meet external requirements.

Consider the controls that external process, product, and serviceproviders have implemented and think about how effective theircontrols actually are.

Develop controls for external providers, processes, products, and services.

Implement controls for external providers, processes, products, and services.

8.4.3 Discuss your organizations requirements with external providers

Clarify what you expect from external providers.

Clarify your organization's process requirements.

Clarify your organization's product requirements.

Clarify your organization's service requirements.

Clarify your organization's equipment requirements.

Clarify your organization's interaction requirements.

Clarify your organization's verification requirements.

Clarify your organization's competence requirements.

Clarify your organization's methodological requirements.

Clarify your organization's monitoring and control requirements.

Discuss your organization's requirements with external providers.

8.5 Manage and control production and service provision activities

8.5.1 Establish controls for production and service provision

Implement controlled conditions.

Implement controlled conditions for production.

Implement controlled conditions for service provision.

Implement controlled conditions for delivery process.

Implement controlled conditions for post-delivery process.

8.5.2 Identify process outputs and control their unique identity

Use suitable means to identify process outputs.

Identify process outputs throughout production.

Identify process outputs throughout service provision.

Control the unique identify of process outputs.

Control output identity if traceability is a requirement.

8.5.3 Protect property owned by customers and external providers

Identify property owned by your customers and external providers.

Verify property owned by your customers and external providers.

Protect property owned by your customers and external providers.

Monitor property owned by your customers and external providers.

8.5.4 Preserve outputs during production and service provision

Preserve process outputs during production and service provision.

Consider using suitable identification methods to preserve outputs.

Consider using suitable packaging methods to preserve outputs.

Consider using suitable handling methods to preserve outputs.

Consider using suitable storage methods to preserve outputs.

8.5.5 Clarify and comply with all post-delivery requirements

Clarify your organization's post-delivery requirements.

Identify the activities that must be carried out after product delivery.

Identify the activities that must be carried out after service delivery.

Comply with your organization's post-delivery requirements.

8.5.6 Control changes for production and service provision

Review unplanned changes related to production and service provision.

Document review results, actions taken, and who authorized change.

Control unplanned changes related to production and service provision.

8.6 Implement arrangements to control product and service release

Establish planned arrangements to verify products at each stage.

Verify that product requirements were met at appropriate stages.

Establish planned arrangements to verify services at each stage.

Verify that service requirements were met at appropriate stages.

8.7 Control nonconforming process outputs, products, and services

Identify nonconforming process outputs, products, and services.

Control nonconforming process outputs, products, and services.

Control the unintended use or delivery of outputs, products, and services that do not conform to requirements.

Document the actions and decisions taken to prevent the unintended use or delivery of outputs, products, and services that do not conform to requirements.

Prevent nonconforming process outputs, products, and services.

9. Evaluation

9.1 Monitor, measure, analyze, and evaluate QMS performance

9.1.1 Plan how youre going to monitor, measure, analyze, and evaluate

Plan how to monitor, measure, analyze, and evaluate your QMS.

Monitor, measure, analyze, and evaluate your organization's QMS.

Monitor the performance and effectiveness of your QMS.

Measure the performance and effectiveness of your QMS.

Analyze the performance and effectiveness of your QMS.

Evaluate the performance and effectiveness of your QMS.

9.1.2 Obtain customer information and monitor customer satisfaction

Establish methods for obtaining and using customer information.

Obtain information about the opinions and perceptions of customers.

Monitor the perceptions, opinions, and attitudes of your customers.

9.1.3 Analyze and evaluate your monitoring and measurement results

Analyze and evaluate the data and information you have collected.

Use analytical results and evaluations to generate relevant outputs.

Use outputs to show that requirements are being met.

Use outputs to demonstrate that your plans are working.

Use outputs to assess performance, compliance, and effectiveness.

Use outputs to identify QMS improvement needs and opportunities.

Use outputs to evaluate the performance of your QMS processes.

Use outputs to provide inputs for management review process.

9.2 Use internal audits to examine conformance and performance

9.2.1 Audit your quality management system at planned intervals

Conduct internal QMS audits at planned intervals.

Find out if your organization's QMS meets requirements.

Examine the effectiveness of your organization's QMS.

9.2.2 Develop an internal audit program for your organization

Plan the development of your internal audit program.

Develop a program that can find out if QMS meets requirements.

Develop a program that can determine if your QMS is effective.

Establish your organization's internal audit program.

Establish internal audit responsibilities.

Establish internal audit planning requirements.

Establish internal audit reporting requirements.

Establish internal audit schedules.

Establish internal audit methods.

9.3 Review the suitability, adequacy, and effectiveness of your QMS

9.3.1 Plan and perform management reviews at planned intervals

Plan your management review activities.

Schedule QMS reviews at planned intervals.

Review your organization's QMS at regular intervals.

Review QMS suitability, adequacy, and effectiveness.

9.3.2 Generate management review outputs and document results

Generate suitable management review outputs.

Document the results of your management reviews.

10. Improvement

10.1 Determine improvement opportunities and make improvements

Consider ways of enhancing customer satisfaction.

Consider opportunities to support innovation.

Consider opportunities to take corrective action.

Consider opportunities to transform your operations.

Consider opportunities to make incremental changes.

Meet customer requirements and enhance satisfaction.

10.2 Control nonconformities and take appropriate corrective action

10.2.1 Correct nonconformities and address causes and consequences

React to your organization's nonconformities.

Control and correct your nonconformities.

Evaluate the need to eliminate causes.

Develop corrective actions to address causes.

Implement corrective actions to address causes.

Review the effectiveness of your corrective actions.

10.2.2 Document your nonconformities and the actions that are taken

Document your organization's nonconformities.

Document the actions taken to address nonconformities.

Document your organization's corrective action results.

10.3 Enhance the suitability, adequacy, and effectiveness of your QMS

Consider evaluation, analytical, and management review outputs.

Use outputs to confirm that QMS improvement opportunities exist.

Select methodologies to analyze causes and support improvement.

Improve the suitability, adequacy, and effectiveness of your QMS.