ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018 share the same high-level structure which simplifies the overall approach to consolidating their requirements to create a robust set of ISO 9001, ISO 14001 and ISO 45001 QEHSMS integrated management system manual and procedures. The integrated manual and procedures combine the requirements of ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018 as a framework to create a single, auditable integrated management system which reduces duplication and the potential for non-conformances during certification audits. The QEHSMS integrated management system manual adopts the key concepts, principles, and structure of ISO 9001, ISO 14001 and ISO 45001. The integrated manual templates allow all types of organization to implement the processes needed to achieve customer satisfaction, enhance sustainability, and satisfy the needs and expectations of workers, regulators and other interested parties. The integrated manual allows you to concentrate on effective implementation rather than dealing with the structure of document design and combining multiple requirements. IMS manual supports the requirements in ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018. Even though a management system manual is no longer required, there are still items that must be documented and information that is logical to maintain in a central management system manual.
The key to handling these standards efficiently is to understand the tremendous amount of commonality in requirements and expectations between them. For example, all of the management system standards require a policy, an objective, and a management review. Furthermore, each of them requires risk assessment and controls instituted for the risks identified. All of the standards require document and records control, internal audits, and corrective and preventive actions. This recognition of the common requirements has led to a methodology of integrated management systems (IMS) where requirements grouped together in the standard (clauses) can be satisfied by a single business process. Businesses can economically and efficiently meet these standards with integrated and standardized processes that meet the requirements of QMS, EMS, and OHSMS. The goal of the manual is to make executive management knowledgeable of IMS and the steps that they can take in guiding their organization towards IMS.
Integration of Management Systems
All management systems evolve from the continual improvement cycle called Plan Do Check Act (PDCA). This basic architecture has spawned common requirements in each of the steps of the PDCA cycle for the multiple standards. For example, in the planning step, all management system standards include defining a policy, setting objectives, and creating a plan to meet the objectives and to evaluate the risks to the business. These common requirements of management systems can be met by common procedures or processes. This is a fundamental truth in the path to integrated management system standards.
Business Building Blocks are Processes
The fundamental organizational building blocks are the processes of an organization. This understanding is fundamental to integrated and standardized management systems. Businesses accomplish all tasks through processes that cut across functions of the business. All management system standards have requirements that are fundamentally fulfilled when processes perform a task. Processes are typically first documented and then taught to the employees of an organization.
The manual provides direction and guidance on how an organization meets quality, environmental, and/or health and safety requirements. The procedures explain how functions work together to accomplish the fundamentals of the business including sales, design, and manufacturing. Work instructions are at the task level and tell someone exactly how to conduct an operation in a process or procedure. Forms and checklists are filled out when employees perform tasks in a process.
Example of IMS Manual
1.0 About the organization
XXXXXX has made the “Strategic Business Decision” to develop and implement an effective Integrated Management System (IMS) of ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018 across all areas of the Company. The implementation of the IMS is intended to improve and sustain the overall performance of our business, products, and services. Examples of benefits include:
- The ability to consistently provide products and services that meet customer and applicable Statutory and Regulatory requirements;
- The ability to plan our processes and their interactions by employing the Plan-Do-Check-Act (PDCA) cycle and risk-based thinking in our daily operations;
- The facilitating of opportunities to enhance customer satisfaction;
- Addressing risks and opportunities associated with its context and objectives.
- Improving the Environmental impact across the organization using the principle of sustainability
- Improving the overall health and safety within our organization
The IMS Manual is considered the normative basis of reference to the International Standard and shall be used internally to provide an overview of ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018 requirements and how they apply at XXXXXX The IMS Manual is used externally to introduce the elements of our IMS to our customers and other stakeholders to the extent necessary.
1.2 Process Approach
XXXXXX has adopted the “Process Approach” into our daily operations including the PDCA Cycle. We have considered the utilization of Risk-Based Thinking Philosophy when developing, implementing, and improving the effectiveness of our IMS. This approach will enable XXXXXX to enhance the overall performance of the XXXXXX by effectively controlling the interrelationships and the interdependencies among the QMS processes. The implementation of the “Process Approach” in our IMS enables:
- the understanding and consistency with achieving customer-specific requirements, Environmental requirements, and Health & safety requirements;
- the consideration of our processes in terms of added value;
- the achievement of effective process performance;
- Improvement of our processes based on the evaluation of data and information.
1.3 Plan-Do-Check-Act cycle
The PDCA cycle can be applied to all processes and to the Integrated management system as a whole.
Figure 1: PDCA cycle
The PDCA cycle can be briefly described as follows:
- Plan: establish the objectives of the system and its processes, and the resources needed to deliver results in accordance with IMS requirements and the XXXXXX policies, and identify and address risks and opportunities;
- Do: implement what was planned;
- Check: monitor and (where applicable) measure processes and the resulting products and services against policies, objectives, requirements and planned activities, and report the results;
- Act: take actions to improve performance, as necessary.
Note: The IMS requirements include requirements for customer, Environment, and Health & safety.
1.4 Risked-Based Thinking
The implementation of risk-based thinking is an essential tool for achieving and maintaining an effective IMS. XXXXXX effectively plans and implements various actions to address risks and opportunities to maximize the outcomes including, but not limited to achieving improved results and preventing negative effects of our products, services, and IMS.
1.5 XXXXXX Profile
Include your company profile
1.6 Organizational structure
The organization is headed by the Managing Director.
Figure 2: Organizational chart
2.0 Purpose, scope, and users
The Integrated Management System Manual documents the management system of XXXXXX (referred herein and in other documents as “XXXXXX”) and demonstrates the capability of XXXXXX to continuously provide products that address customer requirements.
2.1 Exclusions to ISO 9001:2015 standards
Exclusion of the QMS, 8.3 Design and development of products & 8.5.3 – Property belonging to customers or external providers. All other requirements of ISO 9001:2015 are applicable to XXXXXX. All requirements of ISO 14001:2015 and ISO 45001:2015 are applicable to XXXXXX.
3.0 Terms and definitions
For the purpose of this Integrated Management System Manual,
- For ISO 9001:2015 (QMS) XXXXXX references the terms and definitions listed in the ISO 9000:2015 QMS Fundamentals and Vocabulary document requirements with guidance for use. The 2015 revision of this document applies.
- For ISO 14001:2015 (EMS), the Definitions appearing in ISO 14001:2015 is applicable
- For ISO 45001:2018 (OHSMS), the Definitions appearing in ISO 45001:2018 is applicable
4.0 Context of the organization
4.1 Understanding the organization and its context <<Clause no. 4.1 of 9001:2015 >>,<<Clause no. 4.1 of 14001:2015 >>,<<Clause no. 4.1 of 45001:2018 >>
XXXXXX management has determined relevant external and internal issues and items that may become relevant to the XXXXXX purpose and strategic direction and may affect our ability to achieve the intended results of the IMS. XXXXXX shall monitor and review information about these external and internal issues. XXXXXX has considered the following external issues basically,
- Social and cultural, political, legal, regulatory, financial, technological, economic, natural and competitive environment whether international, national, regional or local.
- Key drivers and trends having an impact on the objectives of XXXXXX.
- Relationship with and perception and value of external interested parties.
XXXXXX has considered the following internal issues basically,
- Governance, XXXXXX’s structure, roles and
- Policies, objectives and the strategies that are in place to
- Capabilities understood in terms of resources and knowledge and competence (e.g., capital, time, people, processes, systems, and technologies)
- Relationship with and perception and values of internal interested
- XXXXXX’s culture
- Standards, guidelines, and models adopted by XXXXXX
- The form and extent of the contractual relationship and
- Identifying key interfaces between system, potential conflicts that may arise and a process for resolving
NOTE 1: Issues can include positive and negative factors or conditions for consideration.
NOTE 2: Understanding the external context can be facilitated by considering issues arising from the legal, technological, competitive, market, cultural, social and economic environments, whether international, national, regional or local.
NOTE 3: Understanding the internal context can be facilitated by considering issues related to values, culture, knowledge, and performance of the organization
4.2 Understanding the needs and expectations of interested parties <<Clause no. 4.2 of ISO 9001:2015>>,<<Clause no. 4.2 of ISO 14001:2015>>,<<Clause no. 4.2 of ISO 45001:2018>>
The effect or potential effect on our organization’s ability to consistently provide products and services that meet our customer and applicable statutory and regulatory requirements, XXXXXX has determined the following:
- the interested parties relevant to the IMS;
- the requirements of the identified interested parties relevant to the IMS;
XXXXXX is committed to continually monitoring, reviewing and analyzing information and relevant requirements of the interested parties to assure their requirements are effectively managed in the IMS. Some of the internal and external interested parties are listed below are considered for understanding the needs and expectations.
Citizen/public at large XXXXXX Media Customers Management Neighbours Bank insurers Top Management Emergency products, process & services Government Those accountable for IMS policy and its implementation Transport products, process & services Regulators Those who implement, maintain IMS & Risk procedures Dependents of staff Stake Holders Other staff & contractors Products, process & providers
Figure 4: Interested parties
4.3 Determining the scope of the Quality Management System <<Clause no.4.3 of ISO 9001:2015>>,<<Clause no. 4.3 of ISO 14001:2015>>,<<Clause no.4.3 of ISO 45001:2018>>
XXXXXX has determined the boundaries and the applicability of the IMS and how it relates to our Business Core Competency. XXXXXX is committed to applying all applicable requirements of the International Standard to the intent and Scope of our IMS. The Scope of our IMS shall always be available to internal and external parties and maintained as documented information. The IMS was determined, designed, and implemented to cover and support XXXXXX Scope.
4.4 Integrated Management System and its processes <<Clause no.4.4 of ISO 9001:2015 >>,<<Clause no. 4.4 of ISO 14001:2015 >>,<<Clause no.4.4 of ISO 45001:2018 >>
XXXXXX has established and implemented the IMS, which is maintained and continually improved according to the requirements of the ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018 standards including processes needed and their interactions. XXXXXX determined the processes needed for the IMS and their application through the organization.
XXXXXX determined required inputs and desired outputs of the processes, criteria, and methods needed for effective operation and control of these processes, as well as resources needed and responsibilities and authorities for processes in the IMS Cross Reference. Sequences and interactions between the processes are described in Figure 5: Process Map. During management review, top management of XXXXXX evaluates processes and makes changes needed in order to ensure that the processes achieve intended results and improve processes and the IMS.
Figure 5: Process Map
5.1 Leadership and commitment <<Clause no.5.1 of ISO 9001:2015 >>,<<Clause no. 5.1 of ISO 14001:2015 >><<Clause no.5.1 of ISO 45001:2018 >>
5.1.1. General <<Clause no. 5.1.1 of ISO 9001:2015 >>,<<Clause no. 5.1.1 of ISO 14001:2015 >><<Clause no. 5.1.1 of ISO 18001:2018>>
Top management of XXXXXX is taking accountability for the effectiveness of the QMS and providing resources to ensure that the Quality, Environmental, Health & Safety Policy and IMS Objectives are compatible with the strategic direction and the context of XXXXXX. Top management ensures that IMS requirements are integrated into XXXXXX business processes and that the IMS is achieving the intended results. Top management communicates the importance of an effective IMS, promotes continual improvement, a process approach, and risk‐based thinking, and supports relevant management roles to demonstrate leadership to their areas of responsibility.
Figure 6: Leadership PDCA Cycle
5.1.2. Customer focus <<Clause no. 5.1.2 of ISO 9001:2015>>
Top management of XXXXXX demonstrates leadership and commitment with respect to customer focus through ensuring:
- That customer and statutory and regulatory requirements are defined, understood, and consistently met
- The risks and opportunities that can affect the conformity of products and the ability to enhance customer satisfaction are determined and addressed
- The focus on enhancing customer satisfaction is maintained
5.2 Quality, Environmental, Health & Safety Policy <<Clause no.5.2 of ISO 9001:2015>>,<<Clause no.5.2 of ISO 14001:2015>>,<<Clause no. 5.2 of ISO 45001:2018>>
XXXXXX has defined the 5.2. Quality, Environmental, Health & Safety Policy as a separate document and made it available to employees and the public. This Policy represents the framework for planning and improving the IMS, and setting general and specific quality objectives. The Integrated Management System policy is appropriate to METAL PRODUCT COMPANY’s processes, products, and services, is derived from the overall policies, context, and strategy, and provides a framework for establishing and reviewing objectives. The Integrated Management System policy is approved by the DIRECTOR and is displayed in the work/prominent areas of Plants. This policy is made available in the English/Arabic language as well. Whenever required, DIRECTOR reviews the policy for its continuing suitability. IMS policy also includes a commitment to satisfy applicable requirements and continual improvement of the IMS. Our integrated quality, environmental, and Health & Safety policy are:
XXXXXX is committed to:
- The satisfaction of our customers in all respects by supplying high-quality products, complying to the relevant standards, always on time
- Fulfil our commitment through total involvement of all at XXXXXX and with continual improvement in our integrated management system.
- Identify, prevent, control and minimize adverse environmental impacts associated with our operational activities.
- Comply with all quality, environmental, Health & Safety requirements.
- Develop and maintain a highly motivated and trained workforce for effective management of the quality, environment, and Health & Safety issues.
- Communicate our environmental commitment to clients, employees and other interested parties.
- Strive to continually improve our quality, environmental and Health & Safety performance keeping in view the regulatory requirements, Health & Safety requirements, environmental requirements, community concerns, and technological advancements. Establish & maintain a healthy work environment.
- Comply with applicable legal requirements.
- Adopt the best practice of operations to prevent ill health & injuries
5.3 Organizational roles, responsibilities, and authorities <<Clause no.5.3 of ISO 9001:2015>>,<<Clause no. 5.3 of ISO 14001:2015>>,<<Clause no. 5.3 of ISO 45001:2018>>
Responsibilities and authorities for relevant roles are assigned by top management and communicated within XXXXXX Top management assigns roles and responsibilities for ensuring that the IMS conforms to ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018 and reporting on the performance of the IMS, including the IMS performance, to top management, the following responsibility and authority to:
1.ensure IMS conforms to the requirements of international standard ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018 ;
2. ensure the interaction of processes and their ability to achieve planned results;
3. report to top management on the results achieved by the IMS, possibilities for improvements and the needs of changes or innovations;
4. maintain IMS integrity when planning and implementing changes;
5. promote awareness of customer focus throughout the organization;
6. act as a liaison with external parties such as customers or auditors on matters relating to the IMS;
7. Resolve all matters pertaining to quality issues. The responsibility, accountability, and authority of all personnel involved in the IMS are to be defined, documented and communicated in order to facilitate effective IMS. This is to include any responsibilities and accountability that is imposed by legislation.
8. Responsibilities, accountabilities, and authorities are documented in position descriptions and throughout the IMS.
9. Where suppliers are involved, their responsibilities and accountabilities are to be clarified and documented by the responsible employee with authority.
10. All employees and Suppliers will comply with their responsibilities.
11. The Management Team are to:
- Ensure organization-wide compliance to the IMS.
- Appoint the IMS Management Representative.
- Ensure that the assigned roles, responsibilities and authorities are communicated and understood.
- Communicate the importance of meeting customer, statutory and regulatory requirements.
- Establish appropriate policies that include a commitment to continual improvement of the IMS.
- Establish IMS objectives.
- Ensure that all employees are aware of:
- Current IMS objectives, targets and plans.
- The importance of compliance with the IMS.
- Their contribution to the effectiveness of the IMS, including the benefits of improved performance.
- Potential consequences of non-compliance with the IMS requirements.
- Hold people accountable for carrying out assigned responsibilities and the results delivered.
- Make resources available.
- Participate in IMS meetings including the Management Review.
- Actively promote and participate in IMS initiatives.
The Management Representative is to:
- Ensure that the:
- IMS is established implemented and maintained in accordance with the requirements of the standards.
- IMS processes are delivering their intended outputs.
- Promotion of customer focus throughout the company.
- The integrity of the IMS is maintained when changes to the IMS are planned and implemented.
- Report on the performance of the IMS for review and as a basis for continual improvement.
- Perform the role of Administrator which has the authority to ensure access rights in the IMS, for individuals, are in-line with their levels of authorities and responsibility in the organization.
- Monitor, communicate and incorporate changes in the legal and other requirements in the IMS.
- Communicate amendments to the IMS.
- Advise and provide guidance to ensure compliance to the IMS is maintained.
- Provide guidance in developing action plans and conducting management system reviews.
- Ensure that audits and inspections are conducted in accordance with the schedule.
- Ensure that Mango is effectively utilized to administer and control the IMS.
- Provide and or arrange for ongoing training and coaching to personnel with respect to IMS matters.
- Coordinate and participate in IMS meetings including the Management Review.
- Publish and control all IMS documents.
- Actively promote and participate in IMS initiatives.
- Coordinate and administer arrangements with the certification agency.
Employees are to:
- Ensure that the IMS is effectively implemented and maintained within their area of responsibility.
- Actively encourage all personnel to contribute towards the continual improvement of the IMS.
- Incorporate the IMS as part of the site and departmental inspections and reviews.
- Determine and escalate the need for resource requirements for the effective operation of the IMS.
- Participate in IMS meetings including the Management Review.
- Actively promote and participate in IMS initiatives
- Promptly report any unsafe working conditions, faulty equipment, hazards/risks, injuries or incidents
Suppliers and Contractors are to:
- Comply with the requirements of the IMS and participate in IMS promotions.
- Promptly report any unsafe working conditions, faulty equipment, hazards/risks, injuries or incidents
- The Company recognizes that the structure of the organization needs to constantly evolve in order to meet the changing needs of clients, the market and compliance obligations.
- The Management Team is responsible for ensuring the structure of the organization is appropriate to the current business needs and will ensure that the organization chart is regularly reviewed and maintained.
6.1 Actions to address risks and opportunities <<Clause no. 6.1 of ISO 9001:2015>>, <<Cluase no. 6.1 of ISO 14001:2015>>,<<Cluase no. 6.1 of ISO 45001:2018>>
6.1.1 General<<Cluase no. 6.1.1 of ISO 9001:2015>>,<<Cluase no. 6.1.1 of ISO 14001:2015>>,<<Cluase no. 6.1.1 of ISO 45001:2018>>
When planning our IMS, XXXXXX has taken into consideration potential issues and has determined the risks and opportunities that need to be addressed to:
- provide assurance that the IMS can achieve its intended result;
- enhance desirable effects;
- prevent, or reduce, undesired effects;
- achieve improvement;
XXXXXX has planned actions to address the above risks and opportunities and has initiated appropriate procedures to integrate and implement appropriate actions into our QMS including the evaluation of the effectiveness of our IMS processes. Any actions taken to address risks and opportunities shall be proportionate to the potential impact on the conformity of products and services.
Figure 7: Risks and Opportunities
While planning for the IMS, XXXXXX has considered the issues referred to in 4.1 and the requirements referred to in 4.2 and developed a mechanism to identify the risk and opportunity that need to be addressed to
- Assure the IMS in place can achieve the intended outcome
- Enhance desirable effects,
- Prevent, or reduce undesired effects
- Achieve improvement.
XXXXXX has ensured actions to address these risks and opportunities which are proportional to the potential impact on, the conformity of its products, process and services, interested parties needs, and expectations or its compliance obligations. XXXXXX has planned as to how to
A. Integrate and implement the actions into its IMS processes (as per clause 4.4)
B. Evaluate the effectiveness of the actions planned and implemented
While planning products, process, and its operation, departments take into consideration, the issues related to company objectives, requirement for products, process and service, health & safety concerns.
Business Risk and Opportunity assessment are done as per the internal and external issues to XXXXXX under its business context, interested parties needs and expectations, contracts and customer requirements, and its vision and mission in consideration. The qualitative/quantitative assessment is carried out to ensure that these risks remain under the control of XXXXXX and will not affect XXXXXX’s values, business, process, products, and services performance in the long and short run with a proper mitigation plan in a systematic manner. The effective measures will then be review and integrated with the management system in place through a proper change management process.
6.1.2 Identification and evaluation of Environmental aspects, Hazard identification. <<Clause no. 6.1.2 of ISO 14001:2015>>,<<Clause no. 6.1.2 of ISO 45001:2018>>
The planning process commences with the identification and updating of environmental aspects. In order to evaluate the impacts of its activities to the environment, XXXXXX shall establish, implement and maintain a procedure to identify the environmental aspects of its activities, products or services that it can control and those that it can influence taking into account planned or new developments, or new or modified activities, products, and services. These aspects, inclusive of those arising from works carried out by contractors, are registered in the “Aspects and impacts register”. XXXXXX shall ensure that all environmental aspects that may pose significant impacts on the environment are under control and prioritized for improvements. XXXXXX shall keep this information up-to-date.
Hazard identification and Assessment of Risk and Opportunities
Identification of Hazard and Risk Analysis (HIRA) is performed for all activities of XXXXXX as per Procedure for determination of Hazard & Risk Assessment &Control. Hazards which are related to OH&S legal requirements are considered as significant; Risks which are above acceptable risk priority number are identified as significant risks, those are either covered through OH&S objectives to improve OH&S performance or controlled through operational control procedures, measuring & monitoring, training & awareness, emergency preparedness and response or combination thereof. The significant risks and aspects are reviewed annually by different departments to plan mitigation measures to minimize the impact and adoption of new technology and revising the objectives if needed.
Assessment of EH&S risks and other risks to the EH&S management system
The XXXXXX has established, implemented and maintained processes to:
a) Assess EH&S risks from the identified Environmental aspect, OH&S hazards, while taking into account the effectiveness of existing controls;
b) Determine and assess the other risks related to the establishment, implementation, operation, and maintenance of the OH&S management system.
The XXXXXX’s methodologies and criteria are defined with respect to the risk associated with their scope, nature, and timing to ensure they are proactive rather than reactive and are used in a systematic way. Documented information shall be maintained and retained on the methodologies and criteria.
Assessment of EH&S opportunities and other opportunities to the EH&S management system
The XXXXXX has established, implemented and maintained processes to assess:
a) EH&S opportunities to enhance EH&S performance, while taking into account planned changes to the organization, its policies, processes or its activities and:
- Opportunities to adapt work for the organization and work environment to workers;
- Opportunities to eliminate hazards and reduce EH&S risks;
b) Other opportunities for improving the EH&S management system.
NOTE EH&S risks and EH&S opportunities can result in other risks and other opportunities to the organization.
6.1.3 Compliance obligation or Determination of Legal and Other Requirements<<Clause 6.1.3 of ISO 14001:2015>>, <<Clause 6.1.3 of ISO 45001:2018>>
- XXXXXX is to ensure that all relevant legislative and other requirements are identified.
- Legislative and other requirements may include, but are not limited to:
- Acts and Regulations.
- Codes of Practice.
- Agreements with clients, communities or public authorities.
- Corporate requirements.
- Industry standards or codes.
- Voluntary commitments.
- Details of all relevant legislative and other requirements are to be contained within the Compliance Module. These will include mitigations and control methods. The verification of compliance will be reviewed by the Board.
- The Management Team are to ensure that where possible, they are notified of changes and/or additions to legal and other requirements as those changes occur.
- The means of ensuring notification of changes and/or additions may include:
- Agreements with external legal or consulting organizations to monitor and advise of any changes.
- Registering with Standards New Zealand.
- Advice from the employer or industry associations.
- When changes and/or additions occur they are to be included in the Compliance module and the means of verifying compliance is to be defined as previously described.
- A review of the Compliance module will be conducted as per the annual work plan in the Board meeting. These will include:
- Confirm that all updates to applicable legal and other requirements have been captured and included.
- Confirm that the means of ensuring and verifying compliance are appropriate.
- The company is to ensure that all changes, additions, and updates to the Compliance module are communicated to relevant employees, contractors, and other stakeholders.
6.2 IMS Quality objectives and planning to achieve them <<Cluase no. 6.2 of ISO 9001:2015>>,<<Cluase no. 6.2 of ISO 9001:2015>>,<<Cluase no. 6.2 of ISO 9001:2015>>
IMS Objectives have been established at all corresponding levels and processes throughout XXXXXX to implement the IMS Policy, meet and exceed requirements for product and processes, and to improve the IMS and its performance
IMS Objectives: IMS objectives are strategic, apply to the entire Company and shall:
- be consistent with the Quality Policy;
- be measurable and monitored;
- take into account applicable requirements;
- be communicated;
- be updated as appropriate;
- Be relevant to the conformity of products, services and enhance customer satisfaction.
IMS Performance Objectives are measurable targets for improving operational performance to ensure process conformity and customer satisfaction. They apply to all departments and functions having direct responsibility for activities that require improvement. Performance objectives and goals are established by management and through employee involvement and monitored within the framework of management reviews. XXXXXX retains documented information on the status of our QMS quality objectives. If shortfalls are identified, management may revise objectives, issue corrective action requests, or take other appropriate actions to address the issue.
6.3 Planning changes <<Clause 6.3 of ISO 9001:2015 >>
When changes to QMS are deemed necessary, XXXXXX shall ensure the change will comply with the requirements of QMS and shall consider:
- the purpose of the changes and their potential consequences;
- the integrity of QMS;
- the availability of resources;
- the allocation or reallocation of responsibilities and authorities.
7.1 Resources <<Clause7.1 of ISO 9001:2015>>,<<Clause 7.1 of ISO 14001:2015>>,<<Clause 7.1 of ISO459001:2018>>
7.1.1 General <<Clause7.1.1 of ISO 9001:2015>>,<<Clause 7.1 of ISO 14001:2015>>, <<Clause 7.1 of ISO459001:2018>>
XXXXXX is fully committed to providing adequate resources required for the establishment, implementation, maintenance and continual improvement of IMS. Our committed resources include competent employees, state of the industry equipment, well-maintained work environment, and financial resources. The process for determining and communicating resource requirements is an integral part of our management review process. Our infrastructure resource considerations include:
- management review meeting inputs and outputs;
- capabilities and constraints on existing internal and external resources;
- requirements and expectations provided by our external providers/vendors
7.1.2 People<<Clause7.1.2 of ISO 9001:2015 >>
XXXXXX identifies personnel training needs, provides the required training, and evaluates the effectiveness of the training provided. Personnel assigned to perform specific tasks, operations and processes are qualified on the basis of appropriate education, experience or training. Employees are made aware of the relevance and importance of their activities and how they contribute to the achievement of IMS objectives. Records of personnel qualifications and training are maintained.
7.1.3 Infrastructure <<Clause7.1.3 of ISO 9001:2015 >>
XXXXXX has determined and provided resources necessary for the establishment, implementation, maintenance and continual improvement of the IMS. Our infrastructure resource considerations include:
- buildings, workspace and associated utilities;
- equipment including (hardware and software);
- transportation resources;
- Information and communication technology.
As new infrastructure requirements are determined to be necessary, they will be documented in quality plans and other documents as required
7.1.4 Environment for the Operation of Processes <<Clause7.1.4 of ISO 9001:2015 >>
Management identifies and manages the human and physical factors of the work environment considered to be important to control processes and to achieve conforming of products and services. Evaluations include:
- assessment of product requirements to identify where human and/or physical factors will affect product quality this is also conducted during advanced product quality planning,
- Assessment of current working environment conditions to determine if the work environment is suitable to achieve the conforming product.
- Implementation of work environment improvements needed to achieve the conforming product.
- Continual assessment of the work environment to ensure that adequate human and physical factors are maintained.
7.1.5 Monitoring and Measuring Resources <<Clause7.1.5 of ISO 9001:2015 >>
18.104.22.168 General<<Clause22.214.171.124 of ISO 9001:2015 >>
XXXXXX has determined the necessary monitoring, measurement, and resources to be initiated across our IMS. The structure of internal resources includes but is not limited to:
- monitoring and measuring equipment;
- documented procedures and forms;
- competent and qualified personnel
126.96.36.199 Measurement Traceability <<Clause188.8.131.52 of ISO 9001:2015 >>
Documented procedures outline the processes that control monitoring and measurement equipment used to accept products during production and service operations. The procedures also include controls prior to, and after delivery of products to our customers. Appropriate documented information is maintained and provides objective evidence of compliance and conformity.
7.1.6 Organizational Knowledge<<Clause7.1.6 of ISO 9001:2015 >>
XXXXXX considers the specific knowledge necessary for each operation and considers this as an important resource to ensure our people and processes are consistent and will achieve conformity of the product and services provided by the Company. Specific organizational knowledge is defined, maintained, and available to the extent necessary within appropriate procedures.
7.2 Competence <<Clause7.2 of ISO 9001:2015>>,<<Clause 7.2 of ISO 14001:2015>>,<<Clause 7.2 of ISO 45001:2018>>
XXXXXX has determined to the extent necessary the below elements of competence for people performing work that may affect the effectiveness of the IMS.
- ensure employees are competent on the basis of their education, training, and experience;
- initiate job descriptions including specific competency provisions;
- measure job performance for each employee on an annual basis;
- provide job and career training programs to the extent necessary;
- Take actions when necessary to assist employees that exhibit less than desirable results.
XXXXXX ensures that the necessary competence is available for the effective operation of the processes. HODs take necessary actions regarding the following:
- Determine the necessary competence on the basis of education, training, skills, and experience for personnel performing work affecting IMS
- Analyze the competence required against what is
- Provide training or any other actions to satisfy needs. Training helps to identify the safety and health responsibilities of both management and employees at the Appropriate training programs are conducted for employees to ensure that employees are aware of the safety hazards to which they may be exposed and the proper methods for avoiding such hazards. Evaluate the effectiveness of the action taken.
- Ensure by proper briefing and through an internal communication system that personnel are aware of the relevance and importance of their activities and how they contribute to the achievement of company
- Maintain records of education, training, skills, and experience of the
7.3 Awareness <<Clause7.3 of ISO 9001:2015>>,<<Clause7.3 of ISO 14001:2015>>,<<Clause7.3 of ISO 45001:2018>>
XXXXXX has determined to the extent necessary persons performing work are:
- aware of the IMS Policy;
- aware of relevant IMS objectives;
- aware of their contribution to the IMS effectiveness, including improved performance;
- Implications of non-compliance to our QMS requirements.
7.4 Communication <<Clause7.4 of ISO 9001:2015>>,<<Clause7.4 of ISO 14001:2015>>,<<Clause7.4 of ISO 45001:2018>>
Top Management is responsible for determining internal and external communications relevant to the IMS, including subject, timing, method of communication, as well as who and with whom will communicate.
7.4.1 General <<Clause7.4.1 of ISO 14001:2015>>,<<Clause7.4.1 of ISO 45001:2018>>
Systems have been established within XXXXXX for internal as well as external communication regarding the effectiveness of the Integrated Management System. Plant Heads ensures that appropriate communication processes are established within XXXXXX and that communication takes place regarding the effectiveness of the IMS.
7.4.2 Internal Communication <<Clause7.4.2 of ISO 14001:2015>>,<<Clause7.4.2 of ISO 45001:2018>>
The various departments of XXXXXX determine and plan effective arrangements for communicating with customers and relevant interested parties in relation to products, process, and service information, HSE matters, inquiries, contracts or order handling and amendments Suitable systems are developed to receive customer feedback and handling customer complaints.
7.4.3 External communication <<Clause7.4.3 of ISO 14001:2015>>,<<Clause7.4.3 of ISO 45001:2018>>
Effective arrangements have been established and implemented ON WHAT, WHEN, WITH WHOM, HOW AND WHO Communicates for,
- Internal communication among various functions and levels are defined.
- Receiving, recording and responding to relevant Communication with external interested parties as per its compliance obligations are also defined.
XXXXXX has established, implemented and maintained processes for the participation of workers by their involvement in consultation processes and consultation with contractors, including ensuring they clearly understand their responsibilities within the IMS.
Wherever appropriate, XXXXXX consults relevant external interested parties about IMS matters. XXXXXX ensures the method of communication and language used is appropriate to the needs of the workforce and in a form that they can easily understand the information being provided to them.
7.5 Documented information <<Clause7.5 of ISO 9001:2015>>,<<Clause7.5 of ISO 14001:2015>>,<<Clause7.5 of ISO 45001:2018>>
7.5.1 General<<Clause7.5.1 of ISO 9001:2015>>,<<Clause7.5.1 of ISO 14001:2015>>,<<Clause7.5.1 of ISO 45001:2018>>
Documented information required to support the effectiveness of our IMS is controlled to ensure:
- it is available and suitable for use, where and when it is needed;
- it is adequately protected from loss of confidentiality, improper use, or loss of integrity.
- distribution, access, retrieval, and use;
- storage and preservation, including preservation of legibility;
- control of changes;
- Retention and disposition.
Documented information of external origin determined to be necessary for the planning and implementation of the QMS is identified as appropriate and controlled in accordance with QMS Procedures and Forms.
7.5.2 Creating and updating<<Clause7.5.2 of ISO 9001:2015>>, <<Clause7.5.2 of ISO 14001:2015>>,<<Clause7.5.2 of ISO 45001:2018>>
When creating and updating documented information, XXXXXX shall ensure appropriate:
- Identification and description (e.g. a title, date, author, or reference number);
- Format (e.g. language, software version, graphics) and media (e.g. paper, electronic);
- Review and approval for suitability and adequacy.
7.5.3 Control of documented information <<Clause7.5.3 of ISO 9001:2015>>, <<Clause7.5.3 of ISO 14001:2015>>,<<Clause7.5.3 of ISO 45001:2018>>
184.108.40.206 Documented information required by the IMS and by this International Standard shall be controlled to ensure:
- it is available and suitable for use, where and when it is needed;
- it is adequately protected (e.g. from loss of confidentiality, improper use, or loss of integrity).
220.127.116.11 For the control of documented information, XXXXXX shall address the following activities, as applicable:
- distribution, access, retrieval, and use;
- storage and preservation, including preservation of legibility;
- control of changes (e.g. version control);
- retention and disposition.
Documented information of external origin determined by XXXXXX to be necessary for the planning and operation of the quality management system shall be identified as appropriate, and be controlled. Documented information retained as evidence of conformity shall be protected from unintended alterations.
NOTE: Access can imply a decision regarding the permission to view the documented information only, or the permission and authority to view and change the documented information.
8.0 Operation <<Clause8 of ISO 9001:2015>>,<<Clause 8 of ISO 14001:2015>>,<<Clause 8 of ISO 45001:2018>>
8.1 Organizational planning and control <<Clause8.1 of ISO 9001:2015>>,<<Clause 8.1 of ISO 14001:2015>>,<<Clause 8.1 of ISO 45001:2018>>
XXXXXX defines the expectation and implements controls for each of our IMS processes. The planning of controls is required to ensure consistent acceptability of products and services. Planning processes include the definition of QMS quality objectives, development for required processes, the establishment of appropriate verification programs, and the requirement for records necessary to demonstrate the process and products conform to intended requirements. Operational planning and control are required prior to new and/or revised products or processes being implemented. During the planning phase, management will identify:
- requirements for the products and services;
- criteria for the processes and the acceptance of products and services;
- resources needed to achieve conformity to the product and service requirements;
- control of the processes in accordance with the criteria;
- Documented information to the extent necessary to have confidence that the processes have been carried out as planned and to demonstrate the conformity of products and services to their requirements.
The output of operational planning and control includes documented quality plans, resource requirements, processes, equipment requirements, procedures, test data, and design outputs.
Figure 8: Operational planning and control
8.1.2 Eliminating hazards and reducing OH&S risks <<Ref. Clause No. 8.1.2 of ISO 45001:2018>>
XXXXXX has established, implemented and maintained a process for the elimination of hazards and reduction of OH&S risks using the following “hierarchy of control”:
- Eliminate the hazard;
- Substitute with less hazardous processes, operations, materials or equipment;
- Use engineering controls and reorganization of work;
- Use administrative controls, including training;
- Use adequate personal protective equipment.
8.1.3 Management of change<<Ref. Clause No. 8.1.3 of ISO 45001:2018>>
XXXXXX has established a process for the implementation and control of planned temporary and permanent changes that impact OH&S performance, including:
a) New products, services, and processes, or changes to existing products, services, and processes, including:
- Workplace locations and surroundings;
- work organization;
- working conditions;
b) Changes to legal requirements and other requirements;
c) Changes in knowledge or information about hazards and OH&S risks;
d) Developments in knowledge and technology.
XXXXXX has reviewed the consequences of unintended changes, taking action to mitigate any adverse effects, as necessary.
8.1.4 Procurement <<Clause no. 8.1.4 of ISO 45001:2018>>
18.104.22.168 General <<Clause no. 8.1.4,1 of ISO 45001:2018>>
XXXXXX has established, implemented and maintained a process to control the procurement of services in order to ensure their conformity to its OH&S management system.
22.214.171.124 Contractors<<Clause no. 126.96.36.199 of ISO 45001:2018>>
XXXXXX will coordinate with its contractors, to identify hazards and to assess and control the OH&S risks, arising from the:
a) contractor’s activities and operations that impact the organization;
b) the organization’s activities and operations that impact the contractors’ workers;
c) contractors’ activities and operations that impact other interested parties in the workplace.
XXXXXX has ensured that the requirements of its OH&S management system are met by contractors and their workers through a defined contractors policy or agreements. The organization’s procurement process(es) shall define and apply occupational health and safety criteria for the selection of contractors.
NOTE: It can be helpful to include the occupational health and safety criteria for the selection of contractors in the contractual documents.
188.8.131.52 Outsourcing<<Clause no.184.108.40.206 of ISO 45001:2018>>
XXXXXX has ensured that outsourced functions and processes like labours are controlled. XXXXXX has ensured that its outsourcing arrangements are consistent with legal requirements and other requirements and with achieving the intended outcomes of the OH&S management system. The type and degree of control to be applied to these functions and processes are defined within the OH&S management system.
NOTE Coordination with external providers can assist an organization to address any impact outsourcing has on its OH&S performance.
8.2 Requirements for products and services <<Clause no. 8.2 of ISO 9001:2015 >>
Communication with customers, the process of determining and reviewing the requirements related to products and changes to requirements for products are defined in the Customer Requirements and Production Planning Process Flowchart and the Customer Requirements and Production Planning Process Flow Chart.
8.2 Emergency preparedness and response <<Clause no. 8.2 of ISO 14001:2015>>,<<Clause no. 8.2 of ISO 45001:2018>>
XXXXXX has developed procedures to ensure that XXXXXX is able to respond to the accidents and foreseeable emergency/disaster situation and for preventing and mitigating the impacts associated with them considering the total business risk on XXXXXX. After identifying the potential risks or emergency situations and past experiences, action plans have been developed to overcome the emergency. (Procedure for Emergency Preparedness and Response Plan) In case of occurrence of such a situation, an H&S committee is formed to analyze the risk and necessary corrective and preventive action taken to prevent its recurrence.
List of Health & Safety Emergencies:
- Heart Attack
- Snake/Dog bite
- Falling from Height
- Injuries during operation/material handling
- Oil Spills
- Chemical accidents
- toxic waste dumping
- groundwater pollution
XXXXXX has established, implemented and maintained a process needed to prepare for and respond to potential emergency situations, as identified in 220.127.116.11, including:
a) Establishing a planned response to emergency situations, including the provision of first aid;
b) Providing training for the planned response;
c) Periodically testing and exercising the planned response capability; Wherever practicable, mock drills to check the emergency preparedness are carried out at regular intervals as per (Procedure for Emergency preparedness and response plan).
d) Evaluating performance and, as necessary, revising the planned response, including after testing and in particular after the occurrence of emergency situations;
e) Communicating and providing relevant information to all workers on their duties and responsibilities;
f) Communicating relevant information to contractors, visitors, emergency response services, government authorities and, as appropriate, the local community;
g) Taking into account the needs and capabilities of all relevant interested parties and ensuring their involvement, as appropriate, in the development of the planned response.
XXXXXX has maintained and retained documented information on the processes and on the plans for responding to potential emergency situations.
8.3 Design and development of products <<Clause no.8.3 of ISO 9001:2015 >>
XXXXXX has not identified the need for Design and development of products (Refer to 2.1 – Exclusions).
8.4 Control of externally provided processes, products, and services <<Clause no.8.4 of ISO 9001:2015 >>
8.4.1 General<<Clause no.8.4.1 of ISO 9001:2015 >>
The organization shall ensure that externally provided processes, products, and services conform to requirements. The organization shall determine the controls to be applied to externally provided processes, products and services when:
a) products and services from external providers are intended for incorporation into the organization’s own products and services;
b) products and services are provided directly to the customer(s) by external providers on behalf of the organization;
c) a process, or part of a process is provided by an external provider as a result of a decision by the organization.
The organization shall determine and apply criteria for the evaluation, selection, monitoring of performance, and re-evaluation of external providers, based on their ability to provide processes or products and services in accordance with requirements. The organization shall retain documented information of these activities and any necessary actions arising from the evaluations.
8.4.2 Type and extent of control<<Clause no.8.4.2 of ISO 9001:2015 >>
The organization shall ensure that externally provided processes, products, and services do not adversely affect the organization’s ability to consistently deliver conforming products and services to its customers. The organization shall:
a) ensure that externally provided processes remain within the control of its quality management system;
b) define both the controls that it intends to apply to an external provider and those it intends to apply to the resulting output;
c) take into consideration:
- the potential impact of the externally provided processes, products, and services on the organization’s ability to consistently meet customer and applicable statutory and regulatory requirements;
- the effectiveness of the controls applied by the external provider;
d) determine the verification, or other activities, necessary to ensure that the externally provided processes, products, and services meet requirements.
8.4.3 Information for external providers<<Clause no.8.4.3 of ISO 9001:2015 >>
The organization shall ensure the adequacy of requirements prior to their communication to the external provider. The organization shall communicate to external providers its requirements for:
a) the processes, products, and services to be provided;
b) the approval of:
- products and services;
- methods, processes, and equipment;
- the release of products and services;
c) competence, including any required qualification of persons;
d) the external providers’ interactions with the organization;
e) control and monitoring of the external providers’ performance to be applied by the organization;
f) verification or validation activities that the organization, or its customer, intends to perform at the external providers’ premises.
8.5 Production and service provision <<Clause no.8.5 of ISO 9001:2015 >>
8.5.1 Control of production and service provision <<Clause no.8.5.1 of ISO 9001:2015 >>
XXXXXX shall implement production and service provision under controlled conditions. Controlled conditions shall include, as applicable:
a) the availability of documented information that defines:
1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed;
2) the results to be achieved;
b) the availability and use of suitable monitoring and measuring resources;
c) the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met;
d) the use of suitable infrastructure and environment for the operation of processes;
e) the appointment of competent persons, including any required qualification;
f) the validation, and periodic revalidation, of the ability to achieve planned results of the processes for production and service provision, where the resulting output cannot be verified by subsequent monitoring or measurement;
g) the implementation of actions to prevent human error;
h) the implementation of release, delivery, and post-delivery activities.
8.5.2 Identification and traceability<<Clause no.8.5.2 of ISO 9001:2015 >>
XXXXXX shall use suitable means to identify outputs when it is necessary to ensure the conformity of products and services. XXXXXX shall identify the status of outputs with respect to monitoring and measurement requirements throughout production and service provision. XXXXXX shall control the unique identification of the outputs when traceability is a requirement and shall retain the documented information necessary to enable traceability.
8.5.3 Property belonging to customers or external providers<<Clause no.8.5 of ISO 9001:2015 >>
XXXXXX has not identified the need for Property belonging to customers or external providers in its operation (Refer to 2.1 – Exclusions).
8.5.4 Preservation <<Clause no.8.5.4 of ISO 9001:2015 >>
XXXXXX shall preserve the outputs during production and service provision, to the extent necessary to ensure conformity to requirements.
NOTE Preservation can include identification, handling, contamination control, packaging, storage, transmission or transportation, and protection.
8.5.5 Post-delivery activities <<Clause no.8.5.5 of ISO 9001:2015 >>
XXXXXX shall meet requirements for post-delivery activities associated with the products and services. In determining the extent of post-delivery activities that are required, XXXXXX shall consider:
a) statutory and regulatory requirements;
b) the potential undesired consequences associated with its products and services;
c) the nature, use and intended lifetime of its products and services;
d) customer requirements;
e) customer feedback.
NOTE: Post-delivery activities can include actions under warranty provisions, contractual obligations such as maintenance services, and supplementary services such as recycling or final disposal.
8.5.6 Control of changes <<Clause no.8.5.6 of ISO 9001:2015 >>
XXXXXX shall review and control changes for production or service provision, to the extent necessary to ensure continuing conformity with requirements. XXXXXX shall retain documented information describing the results of the review of changes, the person(s) authorizing the change, and any necessary actions arising from the review.
8.6 Release of products and services <<Clause no.8.6 of ISO 9001:2015 >>
XXXXXX shall implement planned arrangements, at appropriate stages, to verify that the product and service requirements have been met. The release of products and services to the customer shall not proceed until the planned arrangements have been satisfactorily completed, unless otherwise approved by a relevant authority and, as applicable, by the customer. XXXXXX shall retain documented information on the release of products and services. The documented information shall include:
a) Evidence of conformity with the acceptance criteria;
b) Traceability to the person(s) authorizing the release.
8.7 Control of nonconforming outputs <<Clause no.8.7 of ISO 9001:2015 >>
8.7.1 XXXXXX shall ensure that outputs that do not conform to their requirements are identified and controlled to prevent their unintended use or delivery. <<Clause no.8.7.1 of ISO 9001:2015 >>
XXXXXX shall take appropriate action based on the nature of the nonconformity and its effect on the conformity of products and services. This shall also apply to nonconforming products and services detected after delivery of products, during or after the provision of services. XXXXXX shall deal with nonconforming outputs in one or more of the following ways:
b) segregation, containment, return or suspension of the provision of products and services;
c) informing the customer;
d) obtaining authorization for acceptance under concession.
Conformity to the requirements shall be verified when nonconforming outputs are corrected.
8.7.2 XXXXXX shall retain documented information that: <<Clause no.8.7.2 of ISO 9001:2015 >>
a) describes the nonconformity;
b) describes the actions taken;
c) describes any concessions obtained;
d) identifies the authority deciding the action in respect of the nonconformity.
9.0 Performance evaluation<<Clause no.9.0 of ISO 9001:2015>>,<<Clause no. 9.0 of ISO 14001:2015>>,<<Clause no. 9.0 of ISO 45001:2018>>
9.1 Monitoring, measurement, analysis and evaluation <<Clause no.9.1 of ISO 9001:2015>>,<<Clause no. 9.1 of ISO 14001:2015>>,<<Clause no. 9.1 of ISO 45001:2018>>
9.1.1. General <<Clause no.9.1.1 of ISO 9001:2015>>,<<Clause no. 9.1.1 of ISO 14001:2015>>,<<Clause no. 9.1.1 of ISO 45001:2018>>
The ownership teams, Operations Managers and process owners in XXXXXX define what will be monitored and measured, as well as the methods and timing for monitoring and measuring. Results of the monitoring and measuring will be evaluated at appropriate levels and functions in XXXXXX and the top‐level management will evaluate the performance of the QMS during the management review. XXXXXX shall determine:
a) what needs to be monitored and measured;
b) the methods for monitoring, measurement, analysis, and evaluation, as applicable, to ensure valid results;
c) the criteria against which XXXXXX will evaluate its environmental performance and appropriate indicators;
d) when the monitoring and measuring shall be performed;
e) when the results from monitoring and measurement shall be analyzed and evaluated.
XXXXXX shall ensure that calibrated or verified monitoring and measurement equipment is used and maintained, as appropriate. XXXXXX shall evaluate its environmental performance and the effectiveness of the environmental management system. XXXXXX shall communicate relevant environmental performance information both internally and externally, as identified in its communication process and as required by its compliance obligations. XXXXXX shall retain appropriate documented information as evidence of the monitoring, measurement, analysis and evaluation results.
9.1.2. Customer satisfaction<<Clause no. 9.1.2 of ISO 9001:2015 >>
XXXXXX monitors information relating to customer perception of our continual ability to fulfil their requirements. Maintaining customer satisfaction is one of the principal objectives of the IMS. Collecting and analyzing customer feedback and complaints, and customer satisfaction is conducted during management review. Customer satisfaction data is used by management to identify opportunities for improvement
9.1.2 Evaluation of compliance<<Clause no. 9.1.2 of ISO 14001:2015 >>,<<Clause no. 9.1.2 of ISO 45001:2018 >>
XXXXXX has established, implemented and maintained a process for evaluating compliance with legal requirements and other requirements. XXXXXX has:
a) determined the frequency and methods for the evaluation of compliance;
b) Evaluate compliance and take action if needed;
c) Maintain knowledge and understanding of its compliance status with legal requirements and other requirements;
d) Retain documented information about the compliance evaluation results.
9.1.3. Analysis and evaluation of compliance<<Clause no. 9.1.3 of ISO 9001:2015 >>
XXXXXX analyzes and evaluates appropriate data and information arising from monitoring and measurement. The results of the analysis are used to evaluate:
- conformity of products;
- the degree of customer satisfaction;
- the performance and effectiveness of the QMS;
- if planning has been implemented effectively;
- the effectiveness of actions taken to address risks and opportunities;
- the performance of external providers;
- the need for improvements to the QMS.
- determine the frequency that compliance will be evaluated;
- evaluate compliance and take action if needed;
- Maintain knowledge and understanding of its compliance status.
XXXXXX shall retain documented information as evidence of the compliance evaluation result(s).
9.2 Internal audit <<Clause no.9.2 of ISO 9001:2015>>,<<Clause no. 9.2 of ISO 14001:2015>>,<<Clause no. 9.2 of ISO 45001:2015>>
XXXXXX plans and conducts internal audits at planned intervals. Internal audits are conducted to verify quality activities and related results comply with planned expectations including customer contractual requirements and other IMS requirements as deemed necessary and applicable. The Business Manager is responsible for organizing and coordinating the internal audit to ensure that the audit scope, the frequency, and methods are defined, and the following requirements are satisfactorily achieved:
- definition of audit responsibilities;
- definition of requirements for planning and conducting the audit including taking appropriate correction and corrective actions without undue delay;
- assurance of auditor independence;
- recording of audit results;
- communication of audit results to management;
9.3Management review <<Clause no.9.3 of ISO 9001:2015>>,<<Clause no. 9.3 of ISO 14001:2015>>,<<Clause no. 9.3 of ISO 45001:2018>>
Top Management of XXXXXX conducts regular reviews of the QMS, approximately every Six months, according to the Procedure for Management Review.
10. Improvement<<Clause no. 10.0 of ISO 9001:2015>>, <<Clause no. 10.0 of ISO 14001:2015>>, <<Clause no. 10.0 of ISO 45001:2018>>
10.1. General <<Clause no. 10.1 of ISO 9001:2015>>, <<Clause no. 10.1 of ISO 14001:2015>>, <<Clause no. 10.1 of ISO 45001:2018>>
XXXXXX determines and selects opportunities for improvement and implements any necessary actions to meet customer requirements and enhance customer satisfaction. These include:
- improving products to meet requirements, as well as to address future needs and expectations;
- correcting, preventing, or reducing undesired effects;
- improving the performance and effectiveness of the QMS.
10.2. Incidents, Nonconformity and corrective action <<Clause no. 10.2 of ISO 9001:2015>>, <<Clause no. 10.2 of ISO 14001:2015>>, <<Clause no. 10.2 of ISO 45001:2018>>
XXXXXX handles nonconformities in order to control and correct them and deal with the consequences, according to the Procedure for evaluating non‐conforming product ‐ material and documenting CARs. XXXXXX has established a corrective action system to investigate and document the root cause and actions to correct supplier, internal, and customer‐reported nonconformities. Corrective actions are assigned to a responsible individual and tracked by number and completion date according to the Procedure for evaluating non‐conforming product ‐ material and documenting CARs.
10.3 Incident investigation <<Clause no. 10.2 of ISO 45001:2018>>
XXXXXX has established, implemented, and maintained a procedure to record, investigate and analyze incidents in order to
Determine underlying OH&S deficiencies and other factors that might be causing or contributing to the occurrence of incidents;
Identify the need for corrective action;
Identify opportunities for preventive action;
Identify opportunities for continual improvement;
Communicate the results of such investigations.
The investigations will be performed in a timely manner. The results of incident investigations shall be documented and maintained. When an incident or a nonconformity occurs
a) React in a timely manner to the incident or nonconformity and, as applicable:
Take action to control and correct it;
deal with the consequences;
b) Evaluate, with the participation of workers (see 5.4) and the involvement of other relevant interested parties, the need for corrective action to eliminate the root cause of the incident or nonconformity, in order that it does not recur or occur elsewhere, by:
Investigating the incident or reviewing the nonconformity;
Determining the causes of the incident or nonconformity;
Determining if similar incidents have occurred, nonconformities exist, or if they could potentially occur;
c) review existing assessments of OH&S risks and other risks, as appropriate (see 6.1);
d) determine and implement any action needed, including corrective action, in accordance with the hierarchy of controls (see 8.1.2) and the management of change (see 8.1.3);
e) Assess OH&S risks that relate to new or changed hazards, prior to taking action;
f) Review the effectiveness of any action taken, including corrective action;
g) Make changes to the OH&S management system, if necessary.
10.3 Continual improvement <<Clause no. 10.3 of ISO 9001:2015>>, <<Clause no. 10.3 of ISO 14001:2015>>, <<Clause no. 10.3 of ISO 45001:2018>>
XXXXXX continually improves the suitability, adequacy, and effectiveness of the IMS.XXXXXX considers the results of analysis and evaluation, and the outputs from management review, to determine if there are needs or opportunities to be addressed as part of continual improvement. Projects, project status, and responsibilities are recorded in the Continual Improvement Project Log.