ISO 9001:2015 Support

7.1 Resources

7.1.1 General

The Requirement

The organization should determine and provide the resources needed to establish, implement, maintain, and continually improve the QMS. And should consider the capabilities of, and constraints on, existing internal resources; and what needs to be obtained from external providers.

Checklist Questions

How resources are determined for the establishment, implementation, maintenance, and continual improvement of the QMS.
Show how the capabilities and constraints on internal resources are considered.
Show how needs from external providers are considered.

Implementation Guidelines

The top management has the responsibility to ensure the availability of resources to develop and maintain your QMS. This is typically done through business and quality planning.
While planning for your resources needed the organization must consider what existing internal resources it has considering its capabilities and constraints and what needs to be obtained by external providers.
The actual amount of resources needed may vary from day to day and over time. This is one reason why top management must review QMS performance regularly

7.1.2 People

The Requirement

The organization should determine and provide the persons necessary for the effective implementation of its QMS and also for the operation and control of its processes.

Checklist Questions

1) How does the organization provide persons necessary to consistently meet customer, applicable statutory, and regulatory requirements for the QMS including the necessary processes?

Implementation Guidelines

1) This standard expects an organization to determine and provide the appropriate number of personnel to effectively implement the QMS and for the operation and control of its processes and also the proper allocation of staff in order to achieve the required outcome.

7.1.3 Infrastructure

The Requirement

The organization should determine, provide, and maintain the infrastructure for the operation of the processes to achieve conformity of products and services. Infrastructure may include buildings and associated utilities; equipment including hardware and software; transportation resource, information and communication technology.

Checklist Questions

1) How does the organization determine, provide and maintain the infrastructure for the operation of processes to achieve products and service conformity?

Implementation Guidelines

1) Essentially a company needs to consider all the things they will need in order to deliver a service/product to the customer/client. This needs to include:

buildings / water / gas / electric, etc.
equipment – for example, computers / operating systems (e.g. alarm master);
vehicles – for engineers/management/sales and survey staff;
information – standards that have to be applied, mobile phones/tablets, etc.

2) Any infrastructure changes related to product realization affecting customer requirements require notification to, and agreement from, the customer.

7.1.4 Environment for the Operation of Processes

The Requirement

The organization should determine, provide, and maintain the environment necessary for the operation of processes and to achieve conformity of products and services. A Suitable environment for the operation of processes can be a combination of human and physical factors such as social (for e.g. non-discriminatory, calm, non-confrontational, etc), psychological (for e.g. stress-reducing, burnout prevention, emotional protective), physical (for example, temperature, heat, humidity, light, airflow, hygiene, noise). These factors can differ depending on the type of product and service provided by the organization

Checklist Questions

How does the organization determine, provide and maintain the environment for the operation of processes to achieve products and service conformity?

Implementation Guidelines

1) Environment for the operation of processes can include physical, social, psychological, environmental, and other factors (such as temperature, humidity, ergonomics, and cleanliness). It includes

Equality Opportunities / whistleblowing / anti-bullying policy
Violence at work/counseling support / lone working
Office-based risk assessment, space, noise levels and other environment issues

7.1.5 Monitoring and Measuring Resources

The Requirement

7.1.5.1 General

The organization should determine and provide the resources needed for valid and reliable monitoring and measuring results, where monitoring or measuring is used for evidence of conformity of products and services to specified requirements. The organization should ensure that the resources provided are suitable for the type of monitoring and measurement activities being undertaken and are maintained to ensure continued fitness for their purpose. The Organization should retain appropriate documented information as evidence of fitness for purpose of monitoring and measurement resources.

7.1.5.2 Measurement Traceability

Where measurement traceability is a requirement(statutory or regulatory or customer or relevant interested party expectation) or considered by the organization to be an essential part of providing confidence in the validity of measurement results, measuring instruments must be verified or calibrated at specified intervals or prior to use against measurement standards traceable to international or national measurement standards. The organization must retain the basis used for calibration or verification as documented information if no such standard exists as documented information. Measuring instruments must be identified in order to determine their calibration status; It must be safeguarded from adjustments, damage, or deterioration that would invalidate calibration status and subsequent measurement results. The organization should determine if the validity of previous measurement results has been adversely affected when an instrument is found to be defective during its planned verification or calibration, or during its use, and take appropriate corrective action as necessary.

Checklist Questions

How are the resources determined for ensuring valid and reliable monitoring and measuring results, where used?
How does the organization ensure that resources provided are suitable for the specific monitoring and measurement activities and are maintained to ensure continued fitness for purpose?
Show the documented information which is evidence of fitness for purpose of monitoring and measurement resources.
Where applicable, show how measurement instruments are verified or calibrated at specified intervals against national or international measurement standards;
If there are no standards, show the documented information which is used as the basis used for calibration or verification.
Show how measurement instruments are identified to determine their calibration status.
Show how they are safeguarded from adjustments.
Show how they are safeguarded from damage and deterioration.
How do you determine the validity of previous measurements if you find an instrument to be defective during verification or calibration? What appropriate actions can you take?

Implementation Guidelines

This clause is applicable only with monitoring and measuring devices and equipment used to monitor the product (or service) and does not apply to monitoring and measuring the quality system.
Operation planning must determine the following what specific product and process characteristics need to be monitored and measured, the criteria for product acceptance, the type of Monitoring and Measurement Device needed, frequency i.e. at what stages of realization to do it, sample size, etc.
Requirements for what needs to be measured and the acceptance criteria may come from the customer, regulatory, industry, and own organization. The organization must then determine what Monitoring and Measurement Device is appropriate for each measuring or monitoring requirement.
To ensure valid measurement and monitoring results, the Monitoring and Measurement Device must be controlled. A process is required, to control the identification of monitoring measurement, selection, purchase, status, identification, calibration, verification, adjustment or readjustment, use, handling, maintenance and storage, training, handling of nonconforming Monitoring and Measurement Device’s, etc.
Personnel using Monitoring and Measurement Devices must have competence and training in the use of Monitoring and Measurement Devices in terms of their function, range and precision of measurement, reliability, use, and maintenance.
You must keep appropriate records to demonstrate effective operation and control of your Monitoring and Measurement Device processes. These records must include calibration and verification records traceable to national, international, or other benchmarks used for calibration.
Customer or internal engineering changes may result in a change in product measurement, requirements, and/or the Monitoring and Measurement Device to be used. These changes should be reflected in your quality plan.
Performance indicators such as the monthly trends in the number of out of calibration Monitoring and Measurement Device’s, or the number of Monitoring and Measurement Device’s past their calibration due date, number of Monitoring and Measurement Device’s being used and not controlled, reduction in untrained personnel found using Monitoring and Measurement Device’s, etc. Use these indicators to tighten and improve the effectiveness of your Monitoring and Measurement Device process.
Where a Monitoring and Measurement Device is found to be out of calibration, you must take appropriate corrective action to contain and re-verify the product affected, to the extent practical. This is in addition to containing, repair and recalibrating the defective Monitoring and Measurement Device.

Clause 7.1.6. Organizational Knowledge

The organization should determine the knowledge necessary for the operation of its processes and achieve conformity of products and services. This knowledge shall be maintained and made available to the extent necessary. When addressing changing needs and trends, the organization shall consider its current knowledge and determine how to acquire or access any necessary additional knowledge and required updates. Organizational knowledge is knowledge specific to the organization; it is generally gained by experience. It is information that is used and shared to achieve the organization’s objectives. Organizational knowledge can be based on: a) Internal Sources (e.g., intellectual property, the knowledge gained from experience, lessons learned from failures and successful projects, capturing and sharing undocumented knowledge and experience; the results of improvements in processes, products, and services); b) External Sources (e.g., standards, academia, conferences, gathering knowledge from customers or external providers).

Checklist Questions

How does the organization determine the necessary knowledge for the operation of processes?
How does the organization necessary the knowledge to achieve conformity of products and services?
How does the organization maintain this knowledge and make it available to the extent necessary?
How does the organization consider current knowledge and how do you acquire additional knowledge when addressing changing needs and trends?

Implementation Guidelines

Organizational knowledge can include information such as intellectual property and lessons learned.
To obtain the knowledge required, the organization can consider internal sources (e.g. learning from failures and successful projects, capturing undocumented knowledge and experience of topical experts within the organization) and external sources (e.g. standards, academia, conferences, gathering knowledge with customers or providers).
The organization shall determine the knowledge necessary for the operation of the QMS, ensure conformity of products and services, enhance customer satisfaction. The organization is responsible for maintaining, protecting, and making sure the knowledge is available
Depending on the size and complexity of the organization, the risks and opportunities it needs to address, the need for accessibility of knowledge, the process for considering and controlling past, existing, and additional knowledge needs is to be considered.
Knowledge is to be considered when making changes to the organization

7.2 Competence

The organization must determine the necessary competence of person(s) doing work under its control that affects the performance and effectiveness of its QMS; It must ensure that these persons are competent on the basis of appropriate education, training, or experience and where applicable, take actions to acquire the necessary competence, and evaluate the effectiveness of the actions taken; It must retain documented information as evidence of competence. Applicable actions can include, for example, training, mentoring, or reassignment of currently employed persons; or hiring or contracting of competent persons. “Competence” is defined in the section on terms as the ability to apply knowledge and skills to achieve intended results. Demonstrated competence is sometimes referred to as “qualification”.

Checklist Questions

How does the organization determine the necessary competence of its employees whose work affects the performance and effectiveness of the QMS?
How does the organization ensure that its employees are competent on basis of appropriate education, training, or experience?
How does the organization take applicable actions to acquire the necessary competence and evaluate the effectiveness of action taken?
Show the appropriate documented information as evidence of competence?

Implementation Guidelines

HR process must include determining competency criteria, skills evaluation, identification of training needs, types of training, provision of training, how training effectiveness is evaluated, methods to communicate an awareness of the importance of quality requirements, and meeting quality objectives, to all employees.
Applicable actions to acquire competency can include, for example, the provision of training to, the mentoring of, or the reassignment of currently employed persons; or the hiring or contracting of competent persons.
Criteria for competency must be developed based on appropriate education, skills, training, and experience for activities, tasks, functions, and processes. The level and detail of such qualifications, skills, training, and experience will depend upon the complexity of the product, process, technology, and customer and regulatory requirements. Appropriate record of employees skills, education, training, the experience must be maintained
A “Skills Matrix” is a useful tool used by organizations to determine and manage the competency levels required by different activities and functions. An organization may create a comprehensive training program based on the skill Matrix that is fully integrated with the quality management system. The appropriate record must be kept of training which must include the evaluation of the training

7.3 Awareness

Persons doing work under the organization’s control must be aware of the quality policy; relevant quality objectives; their contribution to the effectiveness of the QMS, including benefits of improved quality performance; and the implications of not conforming with system requirements.

Checklist Questions

How does the organization ensures that the persons doing work under the organization’s control are aware of its quality policy, relevant quality objectives, their contribution to the effectiveness of QMS including the benefits of improved performance and the implications of not meeting QMS requirements?

Implementation Guidelines

The process to promote quality awareness may include the use of methods such as – cross-functional teams, involvement in quality planning, quality circles, improvement suggestions, product workshops, zero defect programs, product review checklist, etc.
Organizational personnel must be motivated to achieve the organization’s quality objectives. The process to motivate employees may include the use of methods such as – employee recognition awards, ongoing training programs, performance reviews, employee surveys, poster campaigns, etc,.
Performance indicators to measure the effectiveness of the HR process in determining competency and training needs of the workforce could include – employee turnover, employee complaints, number of instances unqualified personnel was found performing QMS activity, number of instances competency criteria were not met, and number of instances no training or competency records maintained; etc.

7.4 Communication

The organization should determine the internal and external communications relevant to the QMS, including: on what it will communicate; when to communicate; with whom to communicate; how to communicate.

Checklist Questions

How does the organization determine the internal and external communication relevant to the QMS including what it will communicate, when to communicate, with whom to communicate, how to communicate, and who communicates?

Implementation Guidelines

Top management must plan for internal and external communication methods and resources at a high level using the business planning process and deploy these methods through the information technology, logistic, and HR processes.
Each process owner must identify the methods of communication such as a computer, documents, telephone, meetings, directives, visual, etc, used and determine whether these methods are appropriate and are they effective for the purpose intended?
Communication plan can include: a) What will be communicated, b) When you will communicate, c) With whom you will communicate, d) How you will communicate, e) Who will do the communication.

7.5 Documented Information

7.5.1 General

The Organization’s QMS must include all documented information required by ISO 9001 and the documented information determined by the organization as being necessary for the effectiveness of the QMS. The extent of documented information can differ from one organization to another due to the size of the organization and its type of activities, processes, products, and services; complexity of processes and their interactions; competence of persons.

7.5.2 Creating and Updating

When creating and updating documented information the organization must ensure appropriate identification and description (e.g., a title, date, author, or reference number); format (e.g., language, software version, graphics), and media (e.g., paper, electronic); review and approval for suitability and adequacy.

7.5.3 Control of Documented Information

7.5.3.1

Documented information required by Your QMS and by ISO 9001 must be controlled to ensure it is available and suitable for use, where and when it is needed; It must is adequately protected from loss of confidentiality, improper use, or loss of integrity.

7.5.3.2

For the control of documented information, the organization must address, as applicable: distribution, access, retrieval, and use; storage and preservation, including preservation of legibility; control of changes (e.g., version control); retention and disposition. Documented information of external origin determined by the organization to be necessary for the planning and operation of the system must be identified as appropriate and controlled. Access can imply a decision regarding the permission to view the documented information only, or the permission and authority to view and change the documented information.

Checklist Questions

What documented information is included in the organization’s QMS as required by ISO 9001:2015 and determined by the organization necessary for the effectiveness of the QMS?
While creating and updating documented information, how does the organization ensure it is appropriate in terms of identification & descriptions?
Show how does the organization control documented information.
Show how it is made available and suitable for use.
How do you protect the organization’s documented information?
When controlling documented information, how do you address the following:
Distribution, Access, Retrieval, Use, Legibility, Control of changes, Retention and disposition, Storage and preservation;
How does the organization identify as appropriate and control documented information of external origin which has been determined as necessary for the QMS?

Implementation Guidelines

The term “documented procedure” and “record” have both been replaced by “documented information”.“Documents”, “Documentation” and “Records” are combined to become “Documented information”. The document is expressed as maintaining documented information and the record is expressed as Retain documented information.
Access can imply a decision regarding the permission to view the documented information only, or the permission and authority to view and change the documented information.
The extent of documented information for a quality management system will depend on:
a) the size of the organization and its type of activities, processes, products, and services;
b) the complexity of processes and their interactions;
c) the competence of persons.

Documented Information if applicable

For more information on Support click here

Mail us at:

ISO 9001:2015 Planning

6.1 Actions to address risks and opportunities

The Requirement

6.1.1

When planning for the quality management system, the organization shall consider the issues referred to in Understanding the organization and its context (4.1) and the requirements referred to in Understanding the needs and expectations of interested parties(4.2) and determine the risks and opportunities that need to be addressed to give assurance that the quality management system can achieve its intended results so as to prevent, or reduce, undesired effects and to achieve continual improvement.

6.1.2

The organization must plan actions to address the risks and opportunities determined in clause 6.1.1. The organization must also plan on how to integrate and implement the actions into its quality management system processes and evaluate the effectiveness of these actions. Actions taken to address risks and opportunities must be proportionate to the potential impact on the conformity of products and services. Options to address risks can include but not limited to avoiding, risk, taking the risk in order to pursue an opportunity, eliminating the risk source, changing the likelihood or consequences, sharing the risk, retaining risk by informed decision, or implementing standards like ISO 31000. It is the prerogative of the management to adopt any one of the practices. Opportunities can lead to the adoption of new practices, launching new products, opening new markets, addressing new customers, building partnerships, using new technology, and other desirable and viable possibilities to address the organization’s or its customer’s needs.

Checklist Questions

How are the internal & external issues and needs & expectations of interested parties considered when planning for the QMS?
Has the organization determined the risks and opportunities that have to be addressed so that QMS can achieve its intended results, enhance desirable effects, prevent, or reduce undesired effects and achieve improvement?
How are actions planned to address risks and opportunities?
How actions are integrated and implemented into the QMS processes?
How do you evaluate the effectiveness of the actions?
How are actions taken to address risks and opportunities determined as being appropriate to the potential impact on the conformity of products and services?

Implementation Guidelines

Options to address risks and opportunities can include: avoiding risk, taking a risk in order to pursue an opportunity, eliminating the risk source, changing the likelihood or consequences, sharing the risk, or retaining risk by informed decision.
Top management must provide direction, authorization and, resources, and review for QMS planning for determining customer & regulatory requirements, design, development, manufacture, delivery, and customer support,. QMS planning requires you to identify all your QMS processes and describe their sequence and interaction.
When planning its QMS, the top management must implement and promote a culture of risk-based thinking throughout the organization to determine and address the risks and opportunities to provide conforming products and services, enhance customer satisfaction, promote desirable effects and improvement and prevent, or mitigate, undesired effects.
The organization must integrate the actions to address these risks and opportunities into its QMS processes. This planning must be periodically reviewed and updated as necessary when taking corrective actions or at management reviews.
Planning also requires monitoring and measuring these actions and gathering, analyzing, and evaluating appropriate data and information to determine the effectiveness of such actions.
Steps to conduct risk management
1. Identify the risks and opportunities
2. Analyze the Risk
3. Prioritize (risks and opportunities)
4. Classify (acceptable / unacceptable)
5. If unacceptable, Plan action (How to avoid or eliminate the risk? How can I mitigate risks?)
6. Implement the plan
7. Check the effectiveness of action
8. Learn from experience – continual improvement

6.2 Quality Objectives and Planning to Achieve Them

The Requirement

6.2.1

The organization must establish quality objectives at relevant functions, levels, and processes. The quality objectives must be consistent with the quality policy. If practicable it must be measurable. It must be based on application requirements. It must be relevant to the conformity of products and services and the enhancement of customer satisfaction. It must be monitored and communicated. It must be updated as appropriate. The organization should maintain a documented information on the quality objectives.

6.2.2

When planning how to achieve the quality objectives, the organization must determine what will be done; what resources will be required; who will be responsible; when it will be completed; how the results will be evaluated.

Checklist Questions

Where are the quality objectives and are these at all relevant functions, levels, and processes?
Are they consistent with the quality policy?
Are they measurable?
Do they consider applicable requirements?
Are they relevant to the conformity of products and services and do they enhance customer satisfaction?
Are they monitored? How? How often?
How are they communicated?
How are they updated?
Where is the documented information on the quality objectives?
How does the organization determine what will be done, with what resources, when completed and how will results be evaluated for quality objectives?

Implementation Guidelines

An objective should include a description of who is responsible, what is the target, when is it planned to be achieved. Progress must be monitored.
Ensure that whatever objectives you implement are SMART ie Specific, Measurable, Achievable, Realistic and Time-bound
Quality objectives should make sure they comply with the law and industry standards and conform to the products and services requirements.
Top management must provide the leadership, organization, and resources to deploy and achieve planned quality objectives.
Quality objectives may be set at various functional levels of the organization – top management, departments, processes, functional groups, work cells, project teams, individuals, etc.
Employees at all of these levels must be made aware of the importance of and how they must contribute to the achievement of these objectives.
Quality objectives may be documented in any or all of these documents such as quality manual, QMS processes, procedures, quality plans, etc.
A review of the quality objectives should be part of the management review process. After the review, the Quality objectives may be updated as appropriate.

6.3 Planning of Changes

The Requirement

Where the organization determines the need for change to the quality management system, the change must be carried out in a planned and systematic manner. The organization must consider the purpose of the change and any of its potential consequences; integrity of the quality management system, availability of resources, allocation or reallocation of responsibilities, and authorities.

Checklist Questions

While determining changes for the QMS, are changes carried out in a planned manner?
While planning for change, does the organization consider the purpose of the change and their potential consequence; the integrity of the QMS; the availability of resources; and allocation and reallocation of responsibilities and authorities?

Implementation Guidelines

1) When a business changes something, the impact of the change needs to be considered before a change is made. The organization must :

Define the specifics of what is to be changed
Have a plan (tasks, timeline, responsibilities, authorities, budget, resources, needed information, others).
Develop a communication plan (appropriate people within the organization, customers, suppliers, interested parties, etc. may need to be informed)
Use a cross-functional team to review the plan to provide feedback related to the plan and associated risks
Train People
Measure the effectiveness

Documented Information if applicable

For more information on Planning click here

Mail us at:

ISO 9001:2015 Leadership

Clause 5.1 Leadership and commitment

The Requirement

5.1.1 General

The top management has to demonstrate their leadership and commitment to the quality management system. This can be done by taking accountability for the effectiveness of the organization’s quality management system. Top management needs to ensure that the organization’s quality policy and quality objectives are established for the QMS and are compatible with the organization’s overall strategic direction and also with the Organization’s context. Top management shall also ensure that the requirements of the quality management system are an integral part of the organization’s business practices and they should promote the use of risk-based thinking and the use of process approaches throughout their organization. Top management must ensure that the required resources needed for the effective implementation of QMS are available. Top Management must ensure that the importance of effective Quality management is communicated throughout the organization as well as conforming to the QMS requirements. The Top Management must ensure that the quality management system achieves its intended outcomes outputs, by engaging, directing, and supporting persons to contribute to the effectiveness of the quality management system and promoting improvement. The Top Management should be supporting other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility. The meaning of “Business” means those activities that are core to the purposes of the organization‘s existence, irrespective of the fact whether the organization is for-profit, Not for profit, public or private.

5.1.2 Customer focus

Top management is required to take the lead on demonstrating leadership and commitment to customer focus by ensuring that all applicable statutory, regulatory and customer requirements are determined, well understood by the organization, and are consistently met. The organization has to determine all the risks and opportunities that can affect the conformity of the product and services or have the ability to affect the enhancement of customer requirements. The associated risk and opportunities must be adequately addressed. At all times the focus of enhancing customer satisfaction should be maintained.

Checklist Questions

Does the top management demonstrate leadership and commitment w.r.t. the QMS by taking accountability of the effectiveness of the QMS?
How are the quality policy and objectives established for the QMS and how are they compatible with the strategic direction and the organizational context?
How is the quality policy communicated within the organization? Show how this is understood and applied.
How are the requirements of the QMS integrated into the business processes?
How do you promote awareness of the process approach?
How do you ensure that resources needed for the QMS are available?
How do you communicate the importance of effective quality management?
How do you communicate the importance of conforming to the QMS requirements?
How do you ensure that the QMS achieves its intended results?
How do you engage, direct and support people to contribute to the effectiveness of the QMS?
How do you promote continual improvement?
How do you support other relevant management roles to demonstrate leadership in their areas of responsibility?
Show me how top management demonstrates leadership and commitment w.r.t. customer focus ensuring requirements and applicable statutory and regulatory requirements are determined and met.
How are risks and opportunities that can affect the conformity of products and services determined?
How is the ability to enhance customer satisfaction determined and addressed?
How is the focus on consistently providing products and services that meet customer and applicable statutory and regulatory requirements maintained?
How is customer satisfaction maintained?

Implementation Guidelines

The top management must establish strategic quality management policies, directives, and objectives consistent with the purpose and capabilities of the organization.
The top management must establish the organizational structure and internal environment that motivates personnel to achieve the organization’s quality management goals and objectives.
Ensuring the integration of the quality management system requirements into the organization’s business processes is the prime responsibility of the top management.
The responsibility of promoting the awareness of the process approach lies with the top management.
The top management must ensure that the quality management system achieves its intended outcomes /outputs by clear identification of key result areas for achieving the objectives, preparing the action plans, working as per that plan, reviewing the action and results, and taking suitable corrective and preventive actions.
The top management must provide adequate resources to develop, implement, maintain and improve the QMS.
The top management must periodically review QMS performance to determine its suitability, adequacy, and effectiveness.
Business planning, quality planning, management review, internal communication, organization structure, etc. are process required from the top Management
Top management must communicate regularly to the organization on the importance of meeting customer and regulatory requirements. Top management may communicate in any number of ways including meetings, documented policies, memos, directives, email, etc.
The organization must understand the current and future needs of customers in terms of products, price, delivery communication, service, and support. It must meet their requirements and strive to exceed their expectations.
The organization must have an effective communication process between customer and organization, for discussion, review, timing, action, and responsibility
Customer focus can be included in the following processes – business planning; communications; sales and marketing; and customer satisfaction feedback; etc. It must also identify what specific documents may be needed for effective planning, operation, and control of these processes. Examples of such documents may include a business plan, statement of customer-related policies and objectives, etc
Reference to “business” can be interpreted broadly to mean those activities that are core to the purposes of the organization’s existence; whether the organization is public, private, for-profit, or not for profit

5.2 Policy

The Requirement

5.2.1 Establishing the Quality Policy

Top management is required to establish, implement and maintain a quality policy that is in line with the purpose and context of the organization while at the same time supporting its strategic direction. It should provide a framework for the organization’s quality objectives and must include a commitment to satisfy applicable requirements and must be the basis on which the continual improvements in the quality management system can be achieved.

5.2.2 Communicating the Quality Policy

The Quality Policy should be applied within the organization by ensuring that it communicated and understood within the organization. The Quality Policy should be maintained as documented information and as appropriate should be made available to relevant Interested parties.

Checklist Questions

How does top management establish, review and maintain a quality policy?
How is the quality policy determined to be appropriate to the purpose and context of the organization?
Does the quality policy provide a framework for setting and reviewing quality objectives?
Does the quality policy contain a commitment to satisfy applicable requirements?
Does the quality policy include a commitment to continual improvement of the QMS?
Where is the quality policy available as documented information?
How is the quality policy communicated? How it is understood and applied within the organization.
How have you made it available to relevant interested parties?

Implementation Guidelines

The quality policy should provide top management’s vision on quality management for the organization. It must provide the organization with focused direction, i.e. high-level goals and objectives for quality management.
The quality policy must be consistent with the scope of the QMS and other business, management, and organizational strategies within the organization.
The quality policy must specify the commitment to ‘satisfy applicable requirements’ such as being complied with the customer, regulatory, ISO 9001, etc and ‘continually improve the effectiveness of your QMS’
The quality policy must clearly state a commitment to continually improve the effectiveness of the QMS. it may also include other complementary and important policies for business growth, product or manufacturing technology, workforce competence, business flexibility, etc.
The quality policy must lead to establishing quality objectives, e.g. if you state in your quality policy that you will “meet customer requirements”, then from this, you might derive customer-focused objectives for – product defects; customer complaints and returns; on-time delivery, etc.
As and when required, the Quality policy should be made available to the relevant interested parties.
The quality policy is communicated throughout the organization.
The quality policy must be reviewed periodically by top management, for significant changes in your organization, e.g. management, ownership, relocation, product, a shift in customer base, etc.

5.3 Organizational Roles, Responsibilities, and Authorities

The Requirement

Top management must ensure that the responsibilities and authorities for relevant roles are assigned, communicated, and understood within the organization. Top Management must assign the responsibility and authority to ensure that the system conforms to the requirements of ISO 9001 and that the processes are delivering their intended outputs; Top Management must assign the responsibility and authority for the report on the performance of the system, on opportunities for improvement, and on the need for change or innovation, and especially for reporting to top management; Top Management must assign the responsibility and authority to ensure the promotion of customer focus throughout the organization and ensure that integrity of the system is maintained when changes to the system are planned and implemented.

Checklist Questions

How does top management ensure that responsibilities and authorities for relevant roles are assigned, communicated, and understood within the organization?
How does top management assign the responsibility and authority for ensuring that the QMS conforms to the international standard?
How does top management assign the responsibility and authority for ensuring processes are delivering their intended outputs?
How are the performance of the QMS, opportunities for improvement, and the need for change or innovation reported to top management?
How is customer focus promoted within the organization?
How is the integrity of the QMS maintained when changes to the QMS are planned and implemented?

Implementation Guidelines

Top Management must define the structure, hierarchy, and lines of reporting to ensure that duties, responsibilities, and authority of all personnel are defined and communicated.
Organization charts, job descriptions, standard operating procedures, work instructions, etc, are some of the many ways that top management may use to define and document this.
Organization responsibilities and authorities must be communicated and deployed, as applicable, throughout the organization. Orientation training, appointment postings, training on procedures and work instructions, etc, are some of the many ways in accomplishing this.
The top Management must ensure that the integrity of the management system is maintained when changes are planned and implemented.
Some of the tasks may be delegated, but it is the management’s responsibility to ensure they are planned, implemented, and achieved.

Documented Information if applicable

For more information on Leadership click here–

Mail us at:

ISO 9001:2015 Context of organization

Clause 4.1 Understanding the Organization and its context

The Requirement

The organization should determine external and internal issues for the organization relevant to its purpose, strategic planning and which affect the organization’s ability to achieve its objectives. The Organization should monitor and review the information about external and internal issues. The organization must consider issues related to values, cultural knowledge, and performance of the organization for the understanding of internal issues. The organization must consider issues related to arising from legal, technological, competitive, market, cultural, social, and economic environments, whether international, national, regional, or local for the understanding of the external context. For considering internal context as well as external factors both positive as well as negative factors must be considered. The organization must determine whether climate change is a relevant issue.

Checklist Questions

How has the organization determined external and internal issues relevant to its purpose and strategic direction?
How do these affect the ability to achieve the intended result of the QMS?
How do you monitor and review information about these internal and external issues?
Has the organization determined whether climate change is a relevant issue?

Implementation Guidelines

Internal issues are all positive and negative factors related to values, culture, knowledge, and performance of the
External issues are all positive and negative external factors arising from the legal, technological, competitive, market, cultural, social, and economic environments, whether international, national, regional, or local.
An organization’s internal context is the internal environment within which the organization seeks to achieve its sustainability goals.
Internal and external context can also be defined as anything within the organization that may influence how the organization manages its internal and
Once the internal and external context is understood, one can conduct the macro-environmental external analysis using “PEST” (political, economic, social, and technological) analysis. This analysis determines which factors can influence how the organization operates. The organization cannot control these factors, but it must seek to adapt to them. The PEST factors can be classified as opportunities and threats in a SWOT (strengths, weaknesses, opportunities, and threats) analysis. Alternatively, you might use Porter’s “Five Forces Model.” These methods are used to review a strategy or position or direction of an organization. Completing a pest analysis is simple and helps the individuals involved in the organization to understand and find ways to deal with the context.
The organization must periodically review(min once in six months) the internal and external issues.

Clause 4.2 Understanding the needs and expectations of interested parties.

The Requirement

The organization shall determine relevant interested parties and relevant requirements of relevant interested parties. Relevant interested parties to be considered are those that could affect or potentially affect the organization’s ability to constantly provide products and services that meet customer and applicable statutory and regulatory requirements. Monitor and review information related to interested parties and relevant requirements. Relevent interested parties can have requirements related to climate changes.

Checklist Questions

How have you determined what interested parties are relevant to the QMS?
How have you determined what requirements those parties have that are relevant to the QMS?
How has an impact or potential impact been determined?
Does the organization monitor and review the information about these interested parties and their relevant requirement?

Implementation Guidelines

Firstly, the organization will need to determine external and internal issues that are relevant to its purpose.
Next, the organization has to determine relevant interested parties and relevant requirements of relevant interested parties. An interested party is a person or organization that can affect, be affected by, or perceive themselves to be affected by a decision or activity that’s within the scope of the management system.
The organization must periodically review(min once in six months) the requirements of the relevant interested parties

Clause 4.3. Determining the scope of the quality management system

The Requirement

The organization must establish the scope of the quality management system by determining the boundaries and applicability of the quality management system. While determining the scope the organization must consider the internal and external issues determined in 4.1., the requirements of relevant interested parties in 4.2. and the products and services of the organization. Requirements from these International standards that can be applied by the organization shall be applied within the scope of the QMS. Requirements from this International standard that cannot be applied by the organization and which does not affect the organization’s ability or responsibility to provide product and services that meet the conformity of its product and services and enhancement of the customer satisfaction. The organization must make available the scope and must maintain scope as documented information stating the Products and services covered by the QMS and any Justification where a requirement of this International Standard cannot be applied.

Checklist Questions

Has the organization established the scope of its QMS?
How have the boundaries and applicability of the QMS been used to establish the scope of the organization?
Does the scope state the types of products and services covered?
While determining the scope, has the organization determined the external and internal issues, requirements of relevant interested parties, products, and services of the organization?
How has the application of the International Standard within the scope been determined, and how has it been applied by the organization?
How have any requirements of the International Standard been determined as not applicable? Can you justify how instances of requirements of the QMS cannot be applied? Show me how the conformity of products and services is not affected by this.
Where is the scope available? Where is it maintained as documented information?

Implementation Guidelines

1) To start, there are three considerations to be included when determining the scope:

External and internal issues that are relevant to the purpose of the organization, the strategic direction, and the ability to achieve intended results
Requirements of relevant interested parties
The product and service of the organization

2) the scope is to include any requirements of the ISO 9001 standard that can be applied, and if a requirement is determined to not apply,

Clause 4.4 Quality management system and its processes

The Requirement

Clause 4.4.1

The organization must establish, implement, maintain and continually improve its quality management system as per the requirement of this standard by determining the process needed and its application throughout the organization. While determining the processes, the organization must determine the inputs required and the outputs expected from these processes, the sequence, and interaction of these processes, The organization must control these processes to ensure its effective operation. The organization must establish the criteria and methods which include monitoring, measurements, and other related performance indicators to ensure the effective operation and control of these processes. The organization must determine and ensure the availability of the resources needed for the effective operation of these processes. The personnel having authority and responsibilities for these processes must be identified. As per clause 6.1, the organization must determine risks and opportunities, analyze them, and must take appropriate action to address them. There must be methods for monitoring, measuring, as appropriate, and evaluating these processes. The organization must make changes in its process if it fails to achieve the intended result. The organization must look for opportunities for improvement of these processes and for Quality management system as a whole.

Clause 4.4.2

The organization shall maintain documented information to the extent necessary to support the operation of processes and retain documented information to the extent necessary to have confidence that the processes are being carried out as planned.

Checklist Questions

How has the QMS been established? Show how this is implemented. How is it maintained and continually improved? How have the processes been determined and how do they interact?
How have the processes been determined for the QMS?
What are the inputs and outputs for those processes?
What is the sequence and interaction of the processes?
What are the criteria, methods, measurement and related performance indicators needed to operate and control those processes?
What resources are needed and how are these made available?
How are responsibilities and authorities assigned for those processes?
How are risks and opportunities considered and what plans are made to implement actions to address them?
What methods are used to monitor, measure and evaluate processes and, if needed, what changes are made to achieve intended results?
How are opportunities to improve the processes and the QMS determined?
What documented information exists to support the operation of processes? How is this documented information retained? How confidence that the processes are being carried out as planned determined?

Implementation Guidelines

Clause 4.4.1 requires the ‘Process Approach’ to be used in defining your QMS. QMS processes including processes for operations, management(leadership) activities, Planning which includes risk assessment, support processes (such provision of resources, communication, etc), Operation, performance evaluation, and Improvement
Based on these factors, you must determine what processes need to be documented and how you will document them. Not all processes need to be documented; your documents must also include a description of the interaction between your QMS processes.
A number of different methods can be used to document processes, such as graphical representations, written instructions, checklists, flow charts, visual media, or electronic methods, etc.
Process flowcharts or block diagrams can show how policies, objectives, influential factors, job functions, activities, material, equipment, resources, information, people and decision making interact and/or interrelate in a logical order.
Procedures may be an acceptable way to document processes provided they describe inputs and outputs, appropriate responsibilities, controls, and resources needed to satisfy customer requirements.
the organization shall have to ensure that adequate responsibilities and authorities are assigned
when planning its QMS, the top management must implement and promote a culture of risk-based thinking throughout the organization

Documented Information if applicable

For more information on Context of organization click here-

ISO 9001:2015 Certificate Consultant

Introduction

ISO 9001:2015 is the international standard that specifies requirements for a quality management system (QMS). Organizations use the standard to demonstrate the ability to consistently provide products and services that meet customer and regulatory requirements. It is the most popular standard in the ISO 9000 series and the only standard in the series to which organizations can certify.

ISO 9001:2015 applies to any organization, regardless of size or industry. More than one million organizations from more than 160 countries have applied the ISO 9001 standard requirements to their quality management systems. Organizations of all types and sizes find that using the ISO 9001 standard helps them:

Organize processes
Improve the efficiency of processes
Continually improve

All organizations that use ISO 9001 are encouraged to transition to ISO 9001:2015 as soon as possible. This includes not only organizations that are certified to ISO 9001:2008, but also any organizations involved in training or certifying others.

We provide authoritative, comprehensive and value-added consulting, training and certification services for either new certification for ISO 9001:2015 or helping organizations migrate from ISO 9001:2015 standard.

We provide awareness training, implementation training, internal auditor training, lead auditor training to impart a required level of skill, knowledge, and competence for the employees. We also provide a complete set of consulting services to help your organization identify requirements as per ISO 9001:2015 new standard and map the compliance requirements as per ISO 9001 revision to your current processes.

Start your ISO 9001:2015 certification journey today in the most effective manner. Contact at preteshbiswas@gmail.com to get started with ISO 9001 revision, ISO 9001 up-gradation and ISO 9001:2015 certification.

ADDENDUM TO ISO 9001:2015 in January 2024

This addendum takes into account the notion of climate change and concerns clauses 4.1 and 4.2, i.e. the understanding of the organization and its context, as well as the needs and expectations of stakeholders. Non-prescriptive, these changes only require taking into account global warming as a potential problem or as a subject of possible requirements of said stakeholders. ISO has published an amendment to clause 4.1 of ISO 9001 (ISO 9001:2015/ Amd1:2024), along with all other management system standards, adding the requirement for the organisation to determine if climate change is a relevant issue (when determining the issues relevant to its purpose and that affects its ability to achieve the intended results of its management system). The amendment also adds a note to clause 4.2 of the standard, indicating that relevant interested parties may have climate change-related requirements. This change takes effect immediately, and it would appear from the International Accreditation Forum(IAF)’s decision log that there will be no lead-in period for the change for certified organisations, certification bodies(CBs) and accreditation bodies (ABs) and that certification bodies can raise findings about the new requirement with immediate effect. These amendments should not be confused with the current ongoing revision of ISO 9001 which is expected to be published in around 2 years and would then be subject to the usual 3-year transition period. So, what is the real-world impact of this amendment for certified organisations? In a nutshell, you need to be able to demonstrate to your third party that you have specifically determined whether or not climate change is an issue relevant to your management system or or not. There is no actual requirement to document the issues you have determined to be relevant, although many organisations choose to do so. You could include it in your next management review, or schedule an additional review to make this assessment. IAF have indicated that ABs expect to ensure that CBs have assessed how the decision has been made. If it is a relevant issue, or you identify that interested parties do have requirements you would then need to demonstrate how the quality management system is addressing them, if you haven’t done so already.

how could climate change relate to a Quality management system?

Climate change can relate to a Quality Management System (QMS) in several ways, impacting both internal processes and external factors that influence product and service quality. Here are some key ways in which climate change can intersect with a QMS:

Resource Management: Climate change can affect the availability and quality of resources used in production processes, such as water, energy, and raw materials. A QMS can incorporate measures to monitor and optimize resource usage to mitigate the impact of climate-related resource constraints or fluctuations.
Supply Chain Management: Climate change can disrupt supply chains through extreme weather events, changes in agricultural productivity, transportation disruptions, and shifts in demand patterns. A robust QMS can include risk management processes to identify, assess, and address climate-related risks in the supply chain, ensuring continuity of supply and minimizing disruptions to product quality and delivery schedules.
Product Lifecycle Assessment: Climate change considerations can be integrated into product lifecycle assessments within the QMS, evaluating the environmental impacts of products from raw material extraction to end-of-life disposal or recycling. This can involve assessing carbon footprints, energy consumption, emissions, and waste generation associated with products and identifying opportunities for reducing environmental impacts throughout their lifecycle.
Regulatory Compliance: Climate change-related regulations, standards, and reporting requirements can impact product design, manufacturing processes, and business operations. A QMS can ensure compliance with relevant environmental regulations and standards, such as emissions limits, energy efficiency requirements, waste management regulations, and carbon reporting obligations.
Customer Expectations: Increasingly, customers are demanding environmentally sustainable products and services, driving businesses to adopt greener practices. A QMS can help organizations understand and meet customer expectations related to climate change by incorporating environmental criteria into product specifications, quality criteria, and customer satisfaction metrics.
Risk Management: Climate change poses various risks to organizations, including physical risks (e.g., extreme weather events, supply chain disruptions), regulatory risks (e.g., compliance obligations, carbon pricing), reputational risks (e.g., negative public perception, brand damage), and financial risks (e.g., increased costs, market volatility). A QMS can include risk assessment and mitigation processes to proactively identify, evaluate, and manage climate-related risks to ensure business continuity and protect product quality and brand reputation.
Continuous Improvement: Climate change adaptation and mitigation efforts require ongoing monitoring, evaluation, and improvement. A QMS facilitates continuous improvement by establishing processes for setting environmental objectives, monitoring performance indicators, conducting audits and reviews, and implementing corrective and preventive actions to enhance environmental sustainability and resilience in response to climate change.

In summary, climate change can significantly impact the effectiveness of a Quality Management System by influencing resource availability, supply chain resilience, regulatory compliance, customer expectations, risk management, and continuous improvement efforts. Integrating climate change considerations into a QMS helps organizations adapt to environmental challenges, enhance product quality, and ensure long-term business sustainability.

ISO 9001:2015/Amd 1:2024(en) Quality management systems — Requirements — AMENDMENT 1: Climate action changes

4.1 Add the following sentence at the end of the subclause:

The organization shall determine whether climate change is a relevant issue.

4.2 Add the following note at the end of the subclause:

NOTE Relevant interested parties can have requirements related to climate change.

Determining whether climate change is a relevant issue

Determining whether climate change is a relevant issue while identifying external and internal issues relevant to the Quality Management System (QMS) involves systematically evaluating factors that may impact the organization’s ability to achieve its quality objectives. Here’s how an organization can determine the relevance of climate change as an issue during this process:

External issues:
- Market Trends and Regulatory Landscape: Assess how climate change may influence market trends, customer preferences, and regulatory requirements relevant to the organization’s products and services. Consider whether there are emerging regulations related to environmental sustainability, greenhouse gas emissions, energy efficiency, or other climate-related issues.
- Supply Chain Vulnerability: Evaluate the vulnerability of the organization’s supply chain to climate-related risks, such as disruptions in raw material availability, transportation delays, or changes in supplier reliability. Consider whether climate change impacts on suppliers or transportation routes could affect the organization’s ability to deliver quality products and services.
- Stakeholder Expectations: Consider the expectations of stakeholders, including customers, suppliers, investors, regulators, and communities, regarding the organization’s response to climate change. Assess whether there is increasing pressure from stakeholders for businesses to address environmental sustainability and climate-related risks.
Internal Issues:
- Operational Impacts: Evaluate how climate change may directly or indirectly affect the organization’s operations, facilities, and resources. Consider whether changes in weather patterns, extreme weather events, or resource constraints (e.g., water scarcity) could impact production processes, quality control measures, or infrastructure resilience.
- Resource Management: Assess the organization’s resource management practices, including energy usage, waste generation, and water consumption, in the context of climate change. Identify opportunities to improve resource efficiency, reduce greenhouse gas emissions, and enhance environmental sustainability as part of the QMS.
- Risk Management: Evaluate the organization’s risk management processes to identify and mitigate climate-related risks that could impact product quality, customer satisfaction, or business continuity. Consider whether existing risk assessment methodologies adequately address climate-related hazards and vulnerabilities.
Integration with QMS:
- Alignment with Quality Objectives: Determine whether addressing climate change aligns with the organization’s quality objectives, strategic goals, and commitment to customer satisfaction. Consider whether improvements in environmental sustainability and resilience to climate-related risks can contribute to enhancing overall product and service quality.
- Documentation and Monitoring: Document the organization’s assessment of climate change as a relevant issue within the context of the QMS. Establish mechanisms for monitoring and measuring performance related to climate-related objectives, targets, and key performance indicators (KPIs) to ensure continuous improvement and compliance with relevant standards.

By systematically evaluating the external and internal factors relevant to the QMS, including climate change considerations, organizations can effectively identify and prioritize issues that may impact their ability to deliver quality products and services while managing associated risks and opportunities.

Relevant interested parties can have requirements related to climate change.

Relevant interested parties in the context of a Quality Management System (QMS) can indeed have requirements related to climate change. Here are some examples of interested parties whose needs and expectations might involve climate change considerations:

Customers: Customers may increasingly prioritize environmentally sustainable products and services. They may expect the organization to demonstrate environmental responsibility by minimizing greenhouse gas emissions, reducing energy consumption, using renewable resources, and implementing eco-friendly practices throughout the product lifecycle. Climate change concerns could influence their purchasing decisions, making it essential for organizations to address these expectations to maintain customer satisfaction.
Regulators and Government Agencies: Regulatory bodies may impose requirements related to climate change mitigation, adaptation, and reporting. These requirements could include regulations aimed at reducing greenhouse gas emissions, improving energy efficiency, promoting renewable energy sources, managing waste and emissions, or disclosing environmental performance metrics. Organizations must ensure compliance with relevant regulations and anticipate future regulatory developments related to climate change.
Investors and Shareholders: Investors and shareholders may consider climate change risks and opportunities when evaluating the organization’s financial performance and sustainability practices. They may expect transparency and disclosure regarding the organization’s exposure to climate-related risks, its resilience strategies, and its commitment to environmental stewardship. Addressing climate change concerns can enhance investor confidence and support long-term financial sustainability.
Suppliers and Business Partners: Suppliers and business partners may be subject to climate-related risks and regulatory requirements that could impact their ability to fulfill contractual obligations. Organizations may need to assess the climate resilience of their supply chain, collaborate with suppliers to mitigate shared risks, and incorporate climate considerations into procurement practices and supplier selection criteria.
Employees and Labor Organizations: Employees and labor organizations may have concerns about the organization’s environmental impact, workplace safety, and job security in the context of climate change. They may expect the organization to provide a safe and healthy work environment, support sustainable practices, offer training on climate-related issues, and engage in meaningful dialogue and collaboration on environmental initiatives.
Local Communities and Non-Governmental Organizations (NGOs): Local communities and NGOs may advocate for climate action and environmental protection initiatives that affect the organization’s operations and reputation. They may expect the organization to be a responsible corporate citizen, engage in community outreach and partnerships, address environmental concerns, and contribute positively to local sustainability efforts.

In summary, understanding the needs and expectations of interested parties in the context of a QMS requires recognizing the relevance of climate change considerations. Organizations must engage with relevant stakeholders, assess their climate-related requirements, and integrate climate change considerations into their quality objectives, processes, and performance measurement mechanisms to effectively address stakeholder expectations and ensure long-term sustainability.

Benefits of ISO 9001:2015

Competitive advantage

ISO 9001 should be top-management-led, which ensures that senior management takes a strategic approach to their management systems. Our assessment and certification process ensures that the business objectives constantly feed into your processes and working practices to ensure you maximize your assets.

Improves business performance and manages business risk

ISO 9001 helps your managers to raise the organization’s performance above and beyond competitors who aren’t using management systems. Certification also makes it easier to measure performance and better manage business risk.

Attracts investment, enhances brand reputation and removes barriers to trade

Certification to ISO 9001 will boost your organization’s brand reputation and can be a useful promotional tool. It sends a clear message to all interested parties that this is a company committed to high standards and continual improvement.

Saves you money

Evidence shows that the financial benefits for companies that have invested in and certified their quality management systems to ISO 9001 include operational efficiencies, increased sales, higher return on assets and greater profitability.

Streamlines operations and reduces waste

The assessment of your quality management system focuses on operating processes. This encourages organizations to improve the quality of products and the service provided and helps to reduce waste and customer complaints.

Encourages internal communication and raises morale

ISO 9001 ensures that employees feel more involved through improved communication. Continued Assessment visits can highlight any skills shortages sooner and uncover any teamwork issues.

Increases customer satisfaction

The ‘Plan, Do, Check, Act’ structure of ISO 9001 ensures that the needs of the customer are being considered and met.

How to achieve ISO 9001 certification – ISO 9001 implementation / Certification steps

I can offer a well-defined and globally proven implementation methodology for ISO 9001:2015 certification.

Gap Analysis
Awareness Training
Process Identification and Definition
Documentation Design and finalization
Implementation
Internal Auditor Training and conduct of the internal audit
Management Review Meeting
Review of Implementation
Pre-assessment
Stage 1 – certification audit
Stage 2 – certification audit
Award of ISO 9001 certification
Continual improvement of the system through value-added consulting and training services

What are the requirements of the ISO 9001 standard?

determine the internal and external context that affects the organization
determine the need and expectations of interested parties
determine the scope of the quality management system
determine the input required and output expected of these processes
determine the interaction of these process
determine the criteria, and methods, including measurement and related performance indicators needed to ensure effective operation and control of these processes
determine the resources needed for these processes and ensure their availability
assigning responsibilities and authorities for these processes by adopting a Stakeholder approach to quality management.
determine risks and opportunities in accordance with these processes and appropriate actions to address them.
Determine the methods to monitor, measure and evaluate the processes
Determine opportunities for improvement in processes and quality management system
Makes it easier for the Service industry with the word product replaced by goods and services.
Determine the amount of documented information on processes.

Documents needed by the organization to ensure the effective planning, operation and control of its processes:
There are several requirements of ISO 9001:2015 where an organization could add value to its QMS and demonstrate conformity by the preparation of other documents, even though the standard does not specifically require them. Examples may include:

Process maps, process flow charts and/or process descriptions
Organization charts
Specifications
Work and/or test instructions
Documents containing internal communications
Production schedules
Approved supplier lists
Test and inspection plans
Quality plans

Integrate ISO 9001 with other management system standards

ISO 9001 is designed to be compatible with other management systems standards and specifications, such as OHSAS 18001, ISO 22000, ISO 17025, ISO 27001, ISO 14001 Environment and other ISO standards. They can be integrated seamlessly through the Integrated Management system approach. They share many principles so choosing an integrated management system can offer excellent value for money and an easier approach to implement, manage and improve multiple standards simultaneously.

What is offered in the field of ISO 9001 standards and certification?

I can provide unmatched expertise and technical competence to ensure that your ISO 9001 quality management system certification project adds value to your organization. We provide consulting, training, internal audits, pre-assessment audits and facilitation during the ISO 9001 certification audit.

Contact now, to get your organization ISO 9001:2015 certified most effectively and efficiently while realizing the true benefits of the certification using our specialized ISO implementation methodology that is less time-consuming, fast, easy to understand and implement, result-oriented, time-bound and cost-effective. Get ISO 9001 certified now

Steps for ISO Certification

https://preteshbiswas.com/wp-content/uploads/2018/07/ISO-Certification_-A-Step-by-Step-Implementation-Guide.wav

There is no quick step-by-step for implementing ISO standards according to ISO into any other serious standard. Many have publicized it, but there are too many steps to do and to go through thoroughly, making the implementation process complicated. In this approach, we claim that all the needed elements are discussed. What is not needed is not discussed.

The implementation of a formal management system is best handled as a specific project with a professional project manager, who should be a key member of the organization’s management team and have sufficient authority and trust of the personnel involved. In the ideal situation, this person will also be the Management Representative, but skills in project management are essential. It is important that none of the stages in the flow chart are omitted.

The existing system of management and working practices must be known in some detail before the framework of the formal Management system documentation can be designed. The system is best designed around existing processes as the development of new systems that require additional resources may simply delay the implementation process. The total flow chart for the implementation of the Management System is visualized.

On the following pages, each step of the implementation process is described that has to be carried out before moving to the next step.

It is advised to get more people involved in decision making and not to leave the decision to move to the next step up to one person only. Everybody involved must feel comfortable that a part is under control and that the organization is ready to move on.

The total implementation process for implementing any ISO Standards takes fourteen steps. Communicate with the employees what has done, what has to be done and when it is expected to be completely implemented. This creates interest and involvement and will speed-up the process of implementation.

STEP 1: Evaluate the organization’s objectives and targets for implementing the iso Standard.

The need for implementing an ISO standard may arise from repeated customer complaints, frequent warranty returns, delayed deliveries, too-high inventories, frequent production hold-ups or a high level of rework or rejection of products or services, environmental issues, Health and safety issues, Information security issues, Energy issues, Disaster management and risk assessment etc

Also, it could be that the need for implementing iso standards comes from the market, that is demanding a certification, or otherwise, it is impossible to operate in this market, or supply this dominant customer.

Strong technologically driven markets such as the aircraft and automotive business put this demand on their contractors and subcontractors for cost reasons but also for safety and liability reasons. This third-party certification demonstrates the abilities of the organization to the potential customer.

At this stage, identify the goals and objectives which should be achieved through a Management system, such as an improved company structure, greater efficiency, better profitability, reliable suppliers etc.

Introduce the Management principles to top management and get them motivated and committed to applying these principles.

Checklist at this stage:

Check that the management has adopted the Management principles and is motivated and committed to applying them.
Communicate the objectives and targets for the implementation of the Management System with all the staff.

STEP 2: Obtain knowledge about the ISO standard and establish responsibilities

Decide on the responsibilities of the person who will be involved in developing and documenting the Management system, including the appointment of a person who will oversee the implementation of the management system. The person made responsible for the process of implementing the MS should understand the requirements of ISO standards.

Checklist at this stage:

Check to see that responsibilities for implementing ISO standard has been allocated.
Check that the contents and the philosophy of ISO standard have been made clear and have been accepted.

STEP 3: Organize the resources

Decide on the responsibilities of the person who will be involved in developing an documenting the MS, including the appointment of a Person who will oversee the implementation of the MS. Establishing a project or ISO-team may also prove to be useful to oversee progress and in providing resources wherever required. The ISO team should consist of involved employees from different levels. Some authority can be given by top management to speed up the process.

If within the organization no adequate competence is available, or no resources such as time and knowledge can be made available, then a consultant should be appointed.

Before doing so, it is good to realize that with subcontracting a part of the implementation process, a part of the knowledge and the commitment is lost. An organization can learn more and better from its mistakes and own developments, than from just doing what a consultant is recommending. Prepare a cost estimate and procure and allocate the resources for this project. Raise commitment from the top management.

Checklist at this stage:

Check that the management has decided upon the individual who will develop the MS and about its authority.
At this stage, check that the supporting ISO-team is established and the objectives for the team should have been made clear.
Check if commitment has been made at this stage to the implementation process, if not, it should be stopped here.
Don’t continue if there is no support group such as an ISO-team or a similar solution.
Check that the needed resources such as manpower, money and time have been made available to the Management Representative and the ISO-team.

STEP 4: Raise awareness and provide training:

Raise awareness about MS requirements among all personnel performing activities and tasks that affect quality. Plan for and provide specific training on how to develop quality manual, procedures and work instructions. Besides that, it is important to instruct people how to identify and implement improvement processes and how to audit compliance with the MS. Appoint a certain number of people to be the internal auditors and provide sufficient training. The ISO-team and/or the consultant should be resources for assistance during the training.

Checklist at this stage:

Check that training has been provided to the people involved in the writing of procedures and work instructions. Make sure that the written documents reflect the actual situation and not the desired situation.
Check if a number of people have been selected as internal auditors and that the internal auditor training has been provided.
Check that the ISO team assists in providing insight into the MS to the other employees by means of presentations, newsletters and other ways of communication.
Develop forms that can replace difficult status reporting and provide instruction on how to use them.

STEP 5: Gap Analysis

Evaluate the gaps between the existing MS and the requirements of ISO Standards. Prepare how to bridge these gaps, including the planning for any additional resources required. Gap analysis may be carried out through self-assessment, by the ISO-team or by an external consultant.

Checklist at this stage:

Check that the gap analysis has been carried out and study the outcome.
With this analysis it should be possible to identify the gaps when it is compared with the ISO standard
Check that a plan has been developed to bridge the found gaps. Make sure that the plan also contains a time schedule and that the actions are realistic and can be finished in time.
Check that the results of the gap analysis and the actions to bridge the gaps have been reported to top management and that management is also committed.

STEP 6: Operation processes

Review clause 8 of ISO standards relating to Operations to determine how the requirements apply or do not apply to the company’s MS. Flowchart each process in detail and discuss these flowcharts with the experts, in other words, the people that work with these processes. Draft the framework of the management system and identify the supporting documents. Then develop the MS documentation.

Checklist at this stage:

Check to see that all the processes have been properly documented.
Have this documentation done by the experts, the people who are responsible for these processes.
Check on the requirements of the standard and exclude the elements that do not apply to the organization.
Get approval from top management for these exclusions

STEP 7: Planning and time frame

In this stage, the allocation of the resources for the MS project should be defined. Prepare a complete plan including the plan to close the gaps identified in the Gap Analysis, to develop the MS processes.

In the plan, include activities to be performed, resources required, responsibilities and an estimated completion time for each activity. Build in checkpoint to ensure in-time completion.

The total time required for each phase (planning, documentation, implementation and evaluation) depends on the extent of the gaps in the existing MS.

Communicate the master plan to all staff, but especially the ISO team and the people involved.

Checklist at this stage:

Check that the plan is complete, including the actions to bridge the gaps, a time schedule and the allocation of resources such as manpower, money and time.
Check that enough effort has been made to communicate the plan and the result of it to all staff. If needed provide extra information to key people and the ISO team.

STEP 8: Draft and develop a Policy

Draft the policy for the organization. Get the policy committed by top management.

Make sure that the policy is a strong statement, original and applies to the organization.

Checklist at this stage:

Check that there is an adequate policy developed, that top management is committed and it is a strong statement. Do not continue without this policy statement.
Check that everybody in the organization has seen it, understands it and can repeat it in his/her own words.
Keep it simple.
If there is still not sufficient commitment from top management, don’t continue.

STEP 9: Draft the Documentation, design the MS and implement it

The implementation has two parts. The implementation of the MS, and that of the supporting paperwork. The implementation of the MS is another way of working. Define the structure and get the people involved committed to work accordingly. Introduce the documentation structure to the top management. Explain the document structure and how it fits in the MS. After the op management introduction, middle management should be made aware of the document structure. Top management should be showing that they are working according to the leadership principles.

After company-wide commitment, procedures have to be written. ISO standards outline clearly what has to be documented. What is not needed can be decided by the organization. In principle, the employees who work with the documents must write these procedures. The procedures should reflect the actual situation, not the desired one. After the completion and implementation of the procedures, the next level will be the work instructions. Here the same system applies. Get the experts to describe their work and activities.

Finally, a complete documentation set should be available. The key is that the people involved, work according to these documents. Maintain the MS for three months before internal auditing should take place. Correct the MS where needed.

Checklist at this stage:

Check that the elements of the standards are implemented in the organization.
Elements such as continual improvement, leadership principles and customer orientation.
Check that all the needed procedures have been developed and that the work instructions have been written.
Check that the process owners are involved in the development of the work instructions.

STEP 10: Carry out internal audits

During the phase of implementation of some three to six months after the documentation has been written, the trained auditors should carry out one or two internal audits covering all activities for the MS, and concerned management should take corrective action on the audit findings without delay. Wherever required, revise the documented information, procedures and objectives. After each internal audit, the top management should review the effectiveness of the system and provide resources for corrective actions and improvements.

Checklist at this stage:

Check that the responsible people have been trained for the internal auditor function.
Record their training results and data.
Check that internal auditors do not audit their own department or work area.
Check that the results of the internal audits are fed back into the system and lead to improvement of the MS, the processes and the documents.
Check that the results of the internal audits are reviewed on the top management level and that appropriate action has been taken.
Check that there is a time schedule for internal audits and that it is maintained.

STEP 11: Conduct a Management Review

It is important in this stage to have a formal management review that shows the commitment of all levels. The recommendations from this review have to be carried out.

Use the Management Review procedure developed for the organization.

Checklist at this stage:

Check that the result of the management review is functioning well and that all people involved know what is expected from them. Check the involvement and commitment of the top management.
Check that actions are taken and decisions are made.
Check that the main focus is on the customer’s satisfaction.
Check that the decision-makers are present.

STEP 12: Pre-assessment. Apply for certification

Carry out a pre-assessment. Correct the MS and the documentation where needed. Re-assessment can be done with the help of an external certification body, but also by local consultants or by consultants from the branch organization. On satisfactory completion of the previous step, and if the company decides to obtain third-party certification, an application for certification should be made to a certification body.

Checklist at this stage:

Carry out a pre-assessment to win trust and confidence among the people involved in the certification process.
Check that actions are taken and decisions are made based on the results of the pre-assessment.
Check that the right partner has been found to carry out the pre-assessment.
Check that a certification body has been approached for the final assessment.

STEP 13: Conduct periodic evaluations and initiate corrective actions

After certification, the organization should periodically conduct internal audits to review the effectiveness of the MS and see how it can be continually improved. The organization should evaluate periodically if the purpose and goals for which the MS was developed are being achieved, including its continual improvement.

It is needed to look at the organization’s overall systems performance and then decide when and where the most effective improvements can be realized. Then objectives have to be set for those improvements and a periodic evaluation has to be conducted to monitor achievements. Improvements could be the reduction of cycle time within a process or the reduction of contamination in a manufacturing process.

Checklist at this stage:

Check that internal audits are periodically planned and conducted.
Check that the non-conformities from the final assessment are resolved as soon as possible.
Check that the organization will review its goals and objectives on a regular basis.
Check that management reviews are planned and conducted periodically

STEP 14: Evaluation

The certification is certainly not the last phase. The people involved need to measure the success of the implementation of the MS during the implementation process and by the conclusion of the process. Measurements should be made against the original aims and goals and the key indicators of an effective MS as stated below:

Checklist at this stage:

Check that senior management is fully committed to the MS and owns the appropriate processes.
Check that the MS is designed around business processes and not around ISO or any other standard.
Check that staff knows how to access the MS documentation.
Check that the visibility of processes and the clarity of the instructions in the MS documentation set are clear, concise, readable and understandable. The people involved maintain their own documents
Check that the organizational culture is a culture of opportunities, focused on continual improvement rather than a person-to-blame culture.
Check that the quality management representative is a key organization person rather than a sideline person.
Check that internal auditing is seen as adding value and part of the continual improvement of the MS.
Ensure that there is Continual improvement in the system.
Keep up with regular internal audits and Management Reviews.