The document provides an overview of key changes and features in the new ISO 9001:2015 standard. It discusses that ISO 9001 needs to adapt to changing environments and reflect the needs of interested parties. Some key changes include a 10-clause structure aligned with other management standards, clearer requirements for understanding organizational context, and an increased emphasis on risk-based thinking and opportunities for improvement. The document also aims to dispel common myths about ISO 9001, such as that its implementation inhibits innovation or that certification is required to use the standard.

1. Insight into the new
ISO 9001:2015
Prepared by:- Anupam Ray

2. Key perspectives
ISO 9001 needs to change, to:
• adapt to a changing world
• reflect the increasingly complex environments in which
organizations operate
• provide a consistent foundation for the future
• reflect the increasingly complex environments in which
organizations operate
• ensure the new standard reflects the needs of all
relevant interested parties
• Ensure alignment with other management system
standards

3. Key feature changes
 10-clause structure and core text for all Management System
Standards (MSS)
 More compatible with services and non-manufacturing users
 Clearer understanding of the organization’s context is required
“one size doesn’t fit all”
 Process approach strengthened/more explicit
 Concept of preventive action now addressed throughout the
standard by risk identification and mitigation
 The term documented information replaces the terms
document and record
 Control of externally provided products and services replaces
purchasing/outsourcing
 Increased emphasis on seeking opportunities for improvement

4. Module 1
Some common myths, truth and
lies about ISO 9002:2015

5. Myth , Truth or Lie ??
• Myth
• Truth
• Lie

6. ISO means “International Sightseeing
Organization ” Myth, Truth Lie ??
• Myth
• Truth
• Lie

7. LIE !!!
• “ISO” = International Organization for
Standardization
• Confederation of National Standards Bodies Based in Geneva
• BIS is the National Standards Body for India
• ANSI is the National Standards Body for USA
• BSI is National Standards Body for UK
• etc

8. ISO 9001:2005 will revolutionize
quality management- Myth, Truth, Lie
??
•Myth
•Truth
•Lie

9. Myth !!
ISO 9001- evolution, not revolution !
• ISO 9001:1987/1994
• Prescriptive: clause - by – clause
• ISO 9001:2000/2008
• Process approach less documentation
• ISO 9001:2015
• Performance- based
• Process + Risk based thinking+ PDCA
• Forecast life span till 2030 !!

10. ISO has a portfolio of almost 20,000
standards- Myth, Truth or Lie ??
• Myth
• Truth
• Lie

11. Truth !!
Collections of 19,777
ISO standards
165 national members
98% of world GNI
97% or world
population
229 active TC’s/ PC’s
3483 technical bodies
4518 documents
under development
• 138 FTE

12. ISO’s standards are written by a
bunch of bureaucrats in Geneva-
Myth, Truth or Lie ??
• Myth
• Truth
• Lie

13. Lie !
• Standards development work is done by Technical
committees comprising expert nominated by the
national standards body of liaison organization.
• “TC1” was the first Technical Committee
(1948)Standardization of screw threads
• “TC 176”= Technical committee Number 176 for
Management and Quality Assurance.
• TC 176/SC2 is the subcommittee responsible for ISO 9001 9004 standards,
among others
• 80 countries voted on ISO 9001:2015, 75 vote in favor and 5 negative vote

14. ISO 9001 is ISO’s biggest selling standard of all
time- Myth, Truth or Lie ??
• Myth
• Truth
• Lie

15. TRUTH !!
• ISO 9001 is the top of the list !
• Others in the “top 10” include:
• ISO 14001( Environmental Management)
• ISO 9000 ( Quality Fundamentals & Vocabulary)
• ISO 9004 ( Using QMS for Sustained Success)
• ISO/IEC 17025 ( Laboratory requirements )
• ISO/IEC 27001 ( Information Security)
• ISO 19011 (Auditing management systems)

16. In Order to use ISO standards, you
have to become certified- Myth, Truth
or Lie ??
• Myth
• Truth
• Lie

17. LIE ??
ISO Mission:-
ISO develops high quality voluntary International
Standards which facilitate international
exchange of goods and services, support
sustainable and equitable economic growth,
promote innovation and protect health, safety
and the environment

18. ISO/TC176/SC2 Mission
• To devolve, maintain and support a portfolio of
products that enable organization to improve their
performance and benefits from the implementation of
robust quality management system
• To establish generic quality management system
requirement that provides the foundation to build
confident in goods and services delivered throughout
the supply chain to organization and people world wide
• To provide guide and support where needed, to ensure
the continued credibility of our products

19. ISO 9001
• “Specifies quality management system”
requirement for organization to:
• Demonstrate its ability to consistently provide product and
services that meets customer and applicable regulatory
requirement
• Enhance customer satisfaction…..
An organization that demonstrate it is meeting these
requirements can than chose to be “ÏSO 9001 certified” by an
independent certification body.

20. ISO 9001 has an important role to
play in sustainable development-
Myth, Truth or Lie ??
• Myth
• Truth
• Lie

21. Truth !
• ISO/TC176/SC2 Vision
“SC2 is products” are recognized and respected
worldwide, and used by organizations as an
integral component of sustainable
development.

22. DEAMING OF A SUSTAINABLE FUTURE !
.
Environmental
integrity
Social
responsibly
Economic growth
Sustainable
Development

23. …….BUT SIMPLY DREAMING IS NOT ENOUGH !!!
• Dr. W. Edwards Deming
“How could there be life without aims and hopes ?
Everyone has aims, hopes plans. But a goal that
lies beyond the means of accomplishment will
lead to discouragement, frustration,
demoralization
In other words, there must be a method to
achieve an aim…. BY WHAT METHOD ??”

24. “The Method”….
• Management system
• “Set of interrelated or interacting elements of an organization to
establish policy and objective and to achieve those objectives”( ISO
9000:2015 definition)
In other words…… RESULTS FOCUSED.
• ISO 9001- “Consistent conforming products”
• ISO 14001- “Prevention of pollution”
• ISO 45001- “Safe working conditions”
• ISO 50001- ”Efficient energy usage”
• ISO 22000- “Safe food”
• Etc

25. ISO 9001 promotes documentation
and inhabits innovation- Myth, truth
or lie??
• Myth
• Truth
• Lie

26. Myth !
“Management system”
A “documented system”- NOT a “ system of
documents”
IMPORTANT:
• System should not be “carved in stone”
• Should allow flexibility and agility
• To seize opportunities as they arise
• Adapt to the risk posed by the ever-changing
business context

27. ISO 9001:2015 has abandoned the
“Process approach”-Myth, truth or
lie ??
• Myth
• Truth
• Lie

28. Lie !
3 Core concept for ISO 9001:2015….
• Identify the processes needed to achieve the
planed results
• Continually monitor the risks (“Risk-based
thinking”)
• Understanding “cause and effect”
• Manage the processes and the system using
“PDCA”

29. PDCA
.
Act
How to
improve
next time?
Plan
What to do
How to do
Do
Do what was
planed?
Check
Did thing
happen
according to
plan?

30. Generic Process
“How to carry out Process”-Documented or not
Extent of planning depends on RISK
Interrelated
Activities
INPUTS
DESIRED
OUTPUT
PRODUCT
CUSTOMER
(Internal or External
Other interested
parties•Effect on Product conformance
•Environmental Aspects/Impacts
•Health and safety Risk
•Social Implications
•Energy usage etc
UNDESIRED OUTPUT
(“WASTE/POLLUTION”)
MONITOR/ MEASURE ( also depend on risk)

31. Generic Process
P
D
C
A
Interrelated
Activities
INPUT
DESIRED
OUTPUT CUSTOMER
(Internal or External)
PRODUCT
•Effect on Product conformance
•Environmental Aspects/Impacts
•Health and safety Risk
•Social Implications
•Energy usage etc
MONITOR/ MEASURE ( also depend on risk)
Other interested
parties
How to carry out Process”-Documented or not
Extent of planning depends on RISK

32. System of Processes
A P
DC
A P
DC
A P
DC
A P
DC
A P
DC
E
X
T
E
R
N
A
L
C
U
T
O
M
E
R
E
X
T
E
R
N
A
L
C
U
T
O
M
E
R
Interaction of Improvement of many PDCA cycle

33. ISO 9001 does not guarantee business
excellence- Myth, truth lie ??
• Myth
• Truth
• Lie

34. Truth…. The Quality Journey
No thoughts
Of quality
Disjointed
Quality
initiative
ISO 9001
ISO 9004
BUSINESS
EXECELLENCE
MODELES
Scientific and Technical
excellence
Use of Appropriate quality
Tool and methodology

35. Different Perspective
ISO 9004
ISO 9001
ISO 9004 perspective:
confidence in the organization
ISO 9001 perspective :
Confidence in the organization products

36. ISO 9004
• Provide “Guideline” for achieving sustained (Long-
term) success using the Quality management system.
• Focus on efficiency. includes topics such as:
• Financial resources and results
• Use of natural resources
• Competence and motivation
• Allow for self-assessments ( Maturity model)
• Not for certification
• Work on new revision begins Nov 2015

37. Every management system standards
is written in a different way- Myth,
truth or lie ??
• Myth
• Truth
• Lie

38. Currently true:
Becoming Lie !
.
ISO 14064
TL 9000
ISO 5001
ISO 14001
ISO 14004
ISO 14006
As 9100
ISO27001
ISO/TS
16949
Energy
management
EMS
Requirement
EMS
Guideline
EMS
Greenhouse
EMS
Guideline
Eco system
ISO 9001
ISO 18001
ISO 20121
ISO 3100
ISO 22000
Telecom
QMS
Food safety
Automobile
IT Security
Aerospace
Risk
Management
sustainable
event
management
OHSAS

39. Alignment of Management system
standards !
• ISO Joint Technical Coordination Group
(“JTCG”)
• Joint vision for management system standards
• High level structure for all ISO management system
standards
• Identical sub clause titles under the high level structure
• Generic core vocabulary for management system
standards
• Aim is to make life easier for those who wish
to have a “Single management system”

40. ISO Directives “Annex SL”
• Incorporates the recommendation of the JTCG
work
• Defines the common structure and format for
all new ISO management system standards
and revision to existing standards
• Common text ( approx 30% or more of each
standard will be identical text)
• Significant impact on revisions of ISO 9001
and ISO 14001

41. “Annex SL” High Level Structure
1. Scope
2. Normative references
3. Term and definitions
4. Context of the organization
• Understanding the organization and its
context
• Need and expectation of interested parties
• Determining the scope
• Management system
5. Leadership
• Leadership and commitment
• Policy
• Role responsibilities
6. Planning
• Action to address risks & opportunities
• Objective and plans to achieve them
7. Support
• Resources
• Competence
• Awareness
• Communication
• Documented information
8. Operation
• Operational planning and control
9. Performance Evaluation
• Monitoring, measurement, analysis &
evaluation
• Internal audit
• Management review
10. Improvement
• Non conformity and corrective action
• Continual improvement

42. ISO/TC176/SC2/N1282
42
The common structure and ISO 9001:2015
additions
4 Context of
organization
5 Leadership 6 Planning 7 Support 8 Operation
9 Performance
Evaluation
10 Improvement
4.1 Understanding
context
4.2
Interested parties
4.3
Scope
4.4
QMS
5.1
Leadership and
commitment
6.1
Risks and
opportunities
6.2
Planning
7.1
Resources
9.1 Monitoring,
measurement,
analysis and
evaluation
10.1
General
10.3
Continual
improvement
7.3
Awareness
7.4 Communication
7.5
Documented
information
7.2
Competence 9.2
Internal audit
9.3
Management
review
8.1
Operational planning
and control
5.2
Policy
5.3
Organizational
roles,
responsibilities and
authorities
10.2
Nonconformity
and corrective
action

43. ISO/TC176/SC2/N1282
43
8.1 Operational planning and
control
8.3.6 Design and
development changes
8.5.3 Property belonging to
customers or external
providers
8.5 Production and service
provision
8.5.1 Control of production
and service provision
8.5.2 Identification and
traceability
8.5.6 Control of changes
8.7 Control of nonconforming
process outputs
8.5.4 Preservation
8.5.5 Post-delivery activities
8.6 Release of products and
services
8.2 Requirements for products
and services
8.2.1 Customer
communication
8.2.2 Determination of
requirements related to
products and services
8.2.3 Review of requirements
related to products and
services
8.3 Design and
development of products
and services
8.4 Control of externally
provided processes, products
and services
8.4.1 General
8.4.2 Type and extent of
control
8.4.3 Information for external
providers
8.3.1 General
8.3.2 Design and
development planning
8.3.3 Design and
development Inputs
8.3.4 Design and
development controls
8.3.5 Design and
development outputs
4
Context of
organization
5
Leadership
6
Planning
7
Support
8
Operation
9
Performance and
Evaluation
10
Improvement
8.2.4 Changes to requirements
for products and services

44. New ”Matrix” structure of
Management System Standards
Core structure format and text ( “Annex SL)”
+
+Quality (ISO 9001) Environmental (ISO 14001) HSMS (ISO 45001) etc
Oil & GasTelecomAerospaceAutomobile etc
+
Vodafone etcAirtel Honda

45. ISO 9001 : 2015 is based on 7 Quality
Management Principles- Myth, Truth
or Lie ??
• Myth
• Truth
• Lie

46. Truth !!
• 7 ( Yes, now only SEVEN !!) “Quality Management
Principles”
• Customer focus
• Leadership
• Engagement of people
• Process approach
• Improvement
• Evidence-based decision making
• Relationship Management
Details in ISO 9001:2015and
free Boucher on ISO website

47. Industry sectors are abandoning
ISO 9001 and will “decouple” their
standards- Myth, Truth or Lie
• Myth
• Truth
• Lie

48. Lie !!
• All the major sectors are adapting their own
standards to align with ISO 9001:2015
• Telecom (TL-9000)
• Aerospace (AS-9100)
• Automobile (TS-16949)

49. ISO 9001:2015 gives organizations
a lot more flexibility about how to
implement their QMS- Myth,
Truth or Lie ??
• Myth
• Truth
• Lie

50. Truth !!
Some examples
• No specific requirement for “Quality manual”
• No specific documented procedure
• Context of the organization
• What are the internal and external factors that affect the organization ability to
achieve planned results
• Every organization is different
• Identification of “Interested parties”
• Relevant needs and expectation of relevant interested parties.
• Customer continue to be the primary ( but not the only) interested party
• Action to address risks and opportunity
• Not all processes have the same impact
• Don’t all need the same level of planning and control
Organization will need to THINK more !!

51. ISO 9001:2015 no Longer requires preventive
action-Myth, Truth or Lie??
• Myth
• Truth
• Lie

52. Myth !!
• ISO 9001:2015 no longer require uses of term
“Preventive action” and there is no longer a
separate clause in the standard.
BUT
The concept still remains, and is actually
reinforced throughout the standard ( by
addressing “RISK”)

53. Chang in Focus
Old (Wrong !!)
• “A” in the “PDCA” cycle
• Correction
• Corrective action
• Preventive action
New ( Correct !!)
• “P” of the “PDCA” cycle:
• Risk identification and treatment/Mitigation ( Prevention)
• “A” of the “PDCA” cycle:
• Containment
• Correction
• Corrective action 9 to prevent recurrence)
• Improvement ( includes Kaizen, but also breakthrough improvements innovation
etc.)

54. ISO 9001:2015 will require
organizations to conduct formal risk
assessment-Myth, Truth or Lie ??
• Myth
• Truth
• Lie

55. Myth !!
ISO 9001:2015 Annex A4 explains…..
“Although Clause 6.1 specifies that the organization
shall plan actions to address risks , there is no
requirement for formal methods for risk
management or a documented risk management
process”
Organizations can decide whether or not to develop a
more extensive risk management methodology than
is required by ISO 9001:2015, e.g. Through the
application of other guidance or standards”

56. ISO is preparing guidance on the
implementation of ISO 9001:2015-
Myth, Truth or LIE??
• Myth
• Truth
• Lie

57. Truth !!
• ISO 9001 Annex A provides clarification of new
structure, terminology and concept for ISO
9001:2015.
• Work is underway to develop generic
implementation guidance for ISO 9001:2015
• Numbered as ISO/TS 9002
• DTS ( Draft Technical Specification ) due out soon
• ISO/TC 176 “Small Business Handbook” is also being
updated/
• Plus a lot of free guidance on the ISO website
www.iso.org

58. Module 2
A “ walk – through some of
the changes introduced in
ISO 9001:2015”

59. Annex A
• Clarification of new structure, terminology
and concepts for ISO 9001:2015
• There is a lot of good , useful guidance and
explanations in Annex A
• Many examples of what ISO 9001:2015 does not
require
• I recommend to start here !!

60. Beneficial changes
to ISO 9001
• Enhanced leadership involvement in the
management system
• Risk-based thinking
• Simplified language, common structure and terms
• Aligning QMS policy and objectives with the
strategy of the organization

61. Potential benefits
to the user
• Focus on achieving planned results
• Flexibility for documented information
• Improved risk control
• Better process control leading to improved results
• Improved customer satisfaction
• Customer retention and loyalty
• Improved image and reputation
• Greater credibility

62. Key benefits of the
common clause structure
A new common format has been developed
• All ISO management systems standards will look the
same with the same structure (some deviations)
 More efficient to address multiple management
system requirements
• Provides the option of integrating management
systems
• Standardized core definitions

63. A “sneaky” word in ISO 9001:2015 –
“DETERMINE”
• Determine ”Establish or find out with certainty by research examination or
calculation”
• ISODTS 9002:
• Based on what is to be determined and the completely critically or inherent risk , the result
may need to be maintained or retained as documented information
• It is the option of the organization to determine when documented information is needed
unless a specific documented information requirement is identified in ISO 9001(… or other
relevant standards)
• Auditors need to take care not be OBLIGE organization to keep recorded,
there may be other ways of obtaining objective evidence
• Remember- it is the organization’s responsibly to provide objective evidence of conformity
• Objective evidence- “Data supporting the existence or verity of something ”
(ISO 9001:2015)
• Note 1: Objective evidence can be obtained by observation, measurement, test or other
means
• Note 2: Objective evidence for the purpose of audit generally consist of records, statements of
facts or other information which are relevant to the audit criteria verified

64. 4.1“Understanding the organization
and its context”
• Organization shall:
• Determine external and internal issues that are relevant to
purpose and strategic direction and that affect ability to
achieve the intended result(s) of QMS.
• Monitor and review the information about these internal
and external issues.

65. “Context of the organization”
• External context includes*
• Cultural, Social, Political ,Legal, regulatory, financial ,Technological,
Economic ,natural and competitive , environmental, Whether,
international ,national ,regional or local
• Relationships with ,and perceptions/values of external stockholders
• Internal context includes*
• Corporate culture
• Governance ,organizational structure ,roles and accountability :
• Policies ,objectives and strategies
• Resources (Capital time ,people processes , system, technologies):
• Information system ,information flow and decision-making
processes (both formal and informal)
*(Taken from ISO 31000)

66. 4.2“Understanding the needs and
expectation of interested parties”
• The Organization shall:
• Determine the interested parties that are relevant to the QMS.
• Determine the related requirement of these interested parties that are
relevant to the QMS.
• Monitor and review the information about these interested parties and
their relevant requirements
• ISO 9001:2015focuses attention on those
interested parties that can impact the
organization’s ability consistently provide
conforming products and services
(no significant change for FDIS)

67. 4.3 Determining the scope of the
QMS
The organization shall determine the boundaries and
applicability of the QMS to establish its scope
Must consider
• The external and internal issues referred to in 4.1
• The requirement referred to in 4.1
• Products and services provided
ISO 9001:2015 includes comments that:
• All requirements are applicable
• If a requirement can not be applies, it must
• Not affected the ability to provide conforming products
• Be justified

68. 4.4 Quality management system and
its processes
“Establish implement ,maintain and continually
improve the QMS , including the processes needed and
their interactions, In accordance with the requirements
of this standard”
( This is key to maintaining the “process approach ”Which will
now be embedded in ALL ISO management system standards)
Plus a “ beefed–up” version of current clause 4.1 of ISO
9001:2008, with new requirement as follow:

69. 4.4 QMS and its processes (contd..)
Organization shall determine:
• Input required and output expected from the QMS
processes:
• Criteria ,methods, including monitoring,
measurements and related performance indicators;
• Assignment of the responsibilities and authorities
for processes ;
• Address risks and opportunities

70. 5.1 Leadership and commitment
• Top managements shall demonstrate leadership and commitment
with respect to the quality management system by
• Taking accountability for effectiveness of the QMS
• Ensuring policy and objectives are compatible with strategic direction
• Ensuring quality policy is communicated , understood and applied.
• Ensuring integration of the QMS requirement in to business
processes
• Promoting awareness of the process approach and risk based
thinking );
• Communicating importance of effective quality management ;
• Ensuring that the system achieve its intended result
• Engaging direction and supporting person
• Promoting continual improvement
• Supporting other relevant management roles

71. 5.2 Customer Focus
Top management is also required to ensure :
• Customer requirement and applicable
statutory/regulatory requirements are
determine ,understood and met :
• Risk and opportunity that can affect
conformity of products and services are
determined and addressed
• The focus on enhancing customer satisfaction
is maintained

72. 5.3 Quality Policy
……………….The quality policy shall
Be available to interested parties ,as
appropriate.

73. 5.4 Organizational roles responsibility
and authorities
• Top management shall assign the
responsibility and authority for ….
• Ensuring that the processes are delivering
their intended outputs;
• Reporting on the performance of the quality
management system and opportunity for
improvement
• Reporting to top management ;
No requirement for a
specific MR and the
responsibility now
handle with top
management

74. 6.1 Actions to address risk &
opportunities
• Determine the risk and opportunities that need to address to
• give assurance that the QMS can achieve its intended result(s)
• Enhance desirable effects
• Prevent or reduce undesired effects
• Achieve improvements
Plan:
a) Action to be address these risk and opportunities and
b) How to
• Integrate and implement these actions in to the QMS processes
• Evaluate the effectiveness of these action.
Action taken to address risks and opportunities shall be proportionate to the
potential impact on the conformity of products and services.
Note : Option can include: avoiding risk in order to pursue an opportunity
,eliminating the risk sources, changing the likelihood or consequences sharing
the risk or retaining risk by informed decision .

75. 6.2 Quality objectives and planning to
achieve them
“ The organization shall establish quality objective
at relevant function, level and processes ”
“ when planning how to achieve its quality
objectives, the organization shall determine
• What will be done.
• What resources will be required .
• Who will be responsible
• When it will be completed
• How the result will be evaluated ”

76. 6.3 Planning of changes
Where there is a need for change the QMS this
must be done in a planned and systematic
manner considering :
• The purpose of the change potential
consequences
• The integrity of the QMS
• The availability of resources;
• Allocation or reallocation of responsibilities
and authorities.

77. ISO/TC176/SC2/N1282
77
Clause 6.3
Changes to the QMS should be carried out in a planned
manner
The standard has evolved to enable organizations to adapt to
changing environments or circumstances
Note: It is important to know that change is addressed in the
following clauses:
 Clause 6.3 - Planning/implementing changes to the QMS
 Clause 7.1.6 - Organizational knowledge - for addressing
changing needs and trends, with respect to knowledge
 Clause 8.1 - Controlling operational changes, planned and
unintentional
 Clause 8.5.6 - Addressing changes affecting products &
services
6
Planning
6.1
Actions to address risk and
opportunity
6.2
Objectives and planning
6.3
Planning of changes

78. 7.1 Resources
• ……..Consider
• Capabilities or constraints on existing internal
resources :
• What need to be obtained from external provider :
• ISO 9001:2015 will include additional requirements:
• People
• Infrastructure
• Process environment
• Monitoring and measuring resources
• Organizational Knowledge .

79. 7.1.6 Organizational Knowledge
• Determine knowledge necessary of operation and process
and conformity of products and services .
• Knowledge shall be maintained and made available to be
extent necessary.
• When addressing changing needs and trends, consider its
current knowledge and how to acquire or access the
necessary additional knowledge
• Can include information such as intellectual property and
lesson learned
• (eg. failure and successful project capturing undocumented
knowledge and experience of logical expert ):
• External sources (eg. Standers ,academia, conferences,
gathering ,knowledge with customs or providers)

80. 7.2 Competence
The organization shall
Determine the necessary competence of person(s)
doing work under its control that affects its quality
performance and QMS effectiveness
Note: Applicable actions may include ,for example :
the provision of training to ,the mentoring of ,or
reassignment of currently employed person :or
hiring or contracting of competent person.”

81. 7.3 Awareness
• “Relevant person doing work under the
organization’s control shall be aware of:
• The Quality policy and relevant objectives
• Their contribution to the effectiveness of the
QMS, including the benefits of improved
quality performance .
• The implication of not conforming with the
QMS requirements.”

82. 7.4 Communication
• “The organization shall determine the internal
and external communication relevant to the
QMS including
• On what it will communicate
• When to communicate
• With whom to communicate
• How to communicate
• Who communicates”

83. 7.5 Documented information
• Previously known as “Documents and records”
• “Documents” needs to be “maintained ”as
documented information “
• “Records” needs to be “retained” as
documented information.

84. ISO/TC176/SC2/N1282
84
Clause 7.5.1
Requirements that used to be required for a quality manual
have been enhanced and made more flexible to allow for the
use of documented information needed for the quality
management system
Clause 7.5.2
Enhanced requirement for the creation and updating of
documented information, e.g. description, format & suitability
Clause 7.5.3
Control of documented information – now explicitly includes
confidentiality, integrity and access
7
Support
7.1
Resources
7.3
Awareness
7.4
Communication
7.5
Documented information
7.2
Competence
7.1.4
Environment for operation
of processes
7.1.5
Monitoring and measuring
resources
7.1.2
People
7.1.3
Infrastructure
7.1.6
Organizational knowledge

85. 8.1 Operation planning and control
“Plan implement and control processes needed to meet
requirements for provision of products and services by:
• Establishing criteria for the processes and acceptance
criteria
• Determining resources needed
• Implementing the control processes
• Determining the need for documented information ”
“Control planned changes and review the consequences of
unintended changes taking action to mitigate any adverse
effects ,as necessary ”
“ Ensure that outsourced processes are controlled ”

86. 8.2 Requirements for products and
services
8.2.1 Customer communication
• Establish the process for communicating with customer in
relation :
• Specific requirements for contingency action when
relevant
8.2.2 Determination of requirements
• When determining requirements for products and services
to be offered to customer
• Ensuring organization can meet the claims for the products
and services it offered
8.2.2 Review of requirements
8.2.2 Changes of requirements

87. 8.3 Design and development of
product and services
• Organization shall establish ,implement and
maintain a design and development process
appropriate to ensure subsequent provision of
products and services.
• Reminder of design and development clauses
has been maintained and/or simplified
compared to ISO 9001:2006

88. ISO/TC176/SC2/N1282
88
Clause 8.3
This section on design and development of products and
services has substantively changed and simplified:
Clause 8.3.2
 Design and development has been restructured to allow for a
more process orientated approach
 Involvement of customers and users as part of design
planning to be considered
Clause 8.3.3
 Design and development inputs – explicit requirements for
internal and external resource needs, potential consequences
of failure, level of control expected by customers
Clause 8.3.4
 Design and development controls – new clause combining
Reviews, Verification & Validation
8 Operation
8.3.6 Design and
development changes
8.3 Design and
development of products
and services
8.3.1 General
8.3.2 Design and
development planning
8.3.3 Design and
development inputs
8.3.4 Design and
development controls
8.3.5 Design and
development outputs

89. 8.4 Control of externally provided
processes, products and services
• Ensure that externally provided processes ,products and services
conform to requirements
• Apply the specified requirement for control of externally provided
product and services when;
• Product and services provided by external provider for incorporation in
the organization’s own product and services
• Product and services are provided directly to the customer(s) by
external provider on behalf of the organization . (Technical support
,maintains etc.)
• A process or part of the process is provided by an external provider as
a result of a decision by the organization.(Outsourced)
• Type and extend of control to be applied depends on :
• Potential impact of the external provider process ,product and services
• Perceived effectiveness of control applied by external provider.

90. 8.5 Production and service provision
• Implement control condition for production ands services
provision ,including delivery and post- delivery activities can
include :
• Definition of product and service characteristics activities to
be performed and measurement and acceptance criteria:
• Monitoring measurement and acceptance criteria
• Suitable infrastructure and process environment:
• Availability and use of suitable monitoring and measuring
resources :
• Competent and ,where applicable ,qualified persons
• Validation and periodic revalidation ,of “special processes”:
• Action to prevent human error.
• Release ,delivery and post- delivery activities.

91. 8.5 Production and services provision
( Continued..)
• Identification and traceability
• Property belonging to customers or external
providers
• Preservation
• Post-delivery activities- Consider
• Control of changes
• Statutory and regulatory requirements
• Potential undesired consequences
• Nature, use and intended lifetime
• Customer requirements and feedback
• Review and control changes to ensure continuing conformity

92. 8.6 Release of products and services
• ( Previously Clause 8.2.4 of ISO 9001:20080

93. 8.7 Control of nonconforming outputs
• Action to be based on nature of the NC and its effect on
conformity of products and services.
• Deal with NC in in or more of the following ways:
• Document details of concessions and person or authority
that made the decision regarding dealing with the NC
•Correction:
•Segregation, containment, return or suspension of provision of products
and services:
•Informing the customer:
•Obtaining authorization for acceptance under concession:

94. 9.1 Monitoring , measurement, analysis
and evaluation
• Determine
• Retain appropriate documented information
• Evaluate quality performance and QMS Effectiveness
• Customer satisfaction
• Analysis and evaluation
• NOW INCLUDES “RISK AND OPPOPRTUNITIES”
•What needs to be monitored and measured
•Methods for monitoring, measurement , analysis and evaluation as
applicable to ensure valid result.
•When the monitoring and measuring shall be performed
•When the results from monitoring and measurement shall be analyzed
and evaluated

95. ISO/TC176/SC2/N1282
95
Clause 9.1.3
 There are specific requirements for analysis and evaluation
when using results as inputs to management review
 Effective implementation of planning and actions to
address risks and opportunities are new requirements in
this clause
9
Performance
evaluation
9.2
Internal audit
9.3
Management review
9.1.2
Customer satisfaction
9.1.3
Analysis and evaluation
9.1.1
General
9.1
Monitoring, measurement,
analysis and evaluation

96. 9.2 internal audit
• Auditor can not audit its own work
Nothing Really new

97. ISO/TC176/SC2/N1282
97
Clause 9.2
 Internal audit program now has explicit
considerations for: quality objectives, customer
feedback and changes impacting the organization;
management responsibility for action is now
implicit whereas previously this was explicit
 An auditor is now required to be impartial versus
in the previous version they could not audit their
own work
9
Performance
Evaluation
9.1
Monitoring, measurement,
analysis and evaluation
9.2
Internal audit
9.3
Management review
9.1.2
Customer satisfaction
9.1.3
Analysis and evaluation
9.3.1
General
9.3.3
Management review output
9.3 .2
Management review input

98. 9.3 Management review
Includes requirements to consider:
• Status of actions from previous reviews
• Changes in external and internal issues that are
relevant to the QMS and strategic direction:
• Information on the performance and
effectiveness of QMS Including Trends
• Adequacy of resources
• Effectiveness of actions taken to address risks and
opportunities
• Opportunities of improvements

99. 10.1 Improvement
Implement actions to meet customer requirements and enhance
customer satisfaction by:
NOTE: “Improvement” includes more than just continual
improvements (“Kaizen”)
•Improving product and services to meet requirements and future needs
and expectations:
•Correcting , preventing or reducing undesired effects
•Improving performance & effectiveness of QMS
•May also include correction, corrective action, breakthrough change,
innovation and re-organization

100. 10.2 Nonconformity and corrective
action
“When a nonconformity occurs (including
complaints). Organization shall:
React to nonconformity as applicable
• Evaluate need for action to eliminate the cause of NC, in order that it does not
recur or occur elsewhere by:
• Implement any action needed:
• Review effectiveness' of corrective action taken:
• Update risks and opportunities determined during planning
• Make changes to the QMS, if necessary
”
• Take action to control and correct it and
•Deal with the consequences:
• Analyzing NC
•Determining the causes
•Determining if similar nonconformities exist, or could potentially occur

101. 10.3 Continual improvement
• Continually improve suitability, adequacy, and
effectiveness of QMS
• Consider results of analysis and evaluation,
and outputs from management review, to
determine if there are needs or opportunities
to be addressed as part of continual
improvement.

102. Summary
 Determining the organizational context enables a more effective
implementation of the quality management system
 Greater emphasis on processes being managed to achieve planned
results
 Alignment with strategic direction
 Integration of the QMS into organization’s business processes
 Determining risks and opportunities increase the effectiveness of the
organization’s QMS
 Change management has been expanded to add emphasis that the
QMS should be carried out in a planned manner
 The concept of organizational knowledge introduced to ensure the
organization acquires and maintains the necessary knowledge
 Communication expanded to include external

103. Module 3
ISO 9002:2015-
Challenges for internal
and external auditors

104. ISO 0001:2015 has to be auditable
“Auditable ”
X
“Easy to audit”
Not the same thing

105. •15 Years ago……
• Feature of ISO 9001:2000…..
• More “soft” requirements ( harder to audit)
• Commitment
• Awareness
•Work environment
•Communication
•Customer perception

106. Today ( 2015)
• The challenges remain very similar…..
• ISO 9001:2015 has:
• Less focus on documents
• Greater focus on achieving outcomes
• Typical comment received during validation process for DIS
9001:2015
• “Auditing will requite auditors who understand the business….
“tick-the-box” auditors will find this almost impossible to
audit”

107. Difficulties in Auditing ( 2000)
• “Understanding the business of the organization”
• Quality Management vs Quality Assurance
• Timidity in dealing with top management
• Need to focus more one results and less on
documentation.
• Need to look outside the MR office !
• Common sense in auditing “ Subjective”
requirements

108. Difficulties in Auditing ( 2015)
• Difficulties identified in Validation of DIS 9001
• Further emphasizes the need to move away
from “clause-by- clause auditing”
•“Organizational Context
•Relevant Interested parties
•Actions to address risks and opportunities
•Organizational knowledge
•Type and extent of control of external provision”

109. The common link- “Risk”
Risk = “The effect of uncertainty” ( on
objectives/ expected results)
• ISO 9001:2015 recognizes that not all processes have
the same impact on the organization’s “ability to
consistently provide conforming product”
• ISO 19011_ recognizes that organizations can focus
audit effort on matters of significance to the
management system.
• ISO/IEC 17021:2015 introduces the principle of “risk
based auditing”

110. ISO 19011:2011
• “Priority should be given to allocating resources to
audit those matters of significance within the
management system”
• May include:
• NOTE This concept is commonly known as risk-based
auditing
•Key characteristics of product quality
•Hazards related to health and safety
•Significant environmental aspects
•etc

111. Auditor competence (ISO 19011:2011)
• Auditors should understand:
• The types of risks associated with auditing.
• Risk management principles, methods and
technique relevant to the discipline and
sector, such that the auditor can evaluate
and control the risks associated with the
audit programme

112. ISO 19011 Annex B- Sampling
• Objective of sampling is to provide
information for the auditor to have confidence
that audit objectives will be achieved.
• Risk is that samples may not representation:
auditor’s conclusion may be biased
• B.5.2 judgment based sampling
• B.5.3 Statistical sampling

113. IAF ID 9:2015
• Developed in liaison between SO/TC 176/SC2
WG23 and IAF TC
•Summary of main changes to ISO 9001
•Guidance for relevant interested parties
I. Organizations certified and/ or using ISO 9001:2008
II. Accreditation Bodies (ABs)
III. Certification Bodies (CBs)
IV. Training bodies and consultants

114. Specific guidance for interested
parties
• Degree of change necessary will depend on:
• Impact analysis/ gap assessment is strongly
recommended in order to identify realistic
resource and time implications.
•Maturity and effectiveness of the current
management system
•Organizational structure and parties

115. Organization using ISO 9001:2008
• Identify gaps that need to be addressed
• Develop implementation plan
• Provide appropriate training and awareness
for all relevant parties
• Update existing QMS to meet the revised
requirements and verify effectiveness
• Where applicable, liaise with CB for transition
arrangements

116. Thank You!