ISO 9001 is an international standard for quality management systems. It was first published in 1987 and has been revised several times since to keep up with changes in business and quality practices. The latest version, ISO 9001:2015, includes several changes from previous versions, including a new annex called Annex SL that establishes a common framework for all ISO management system standards. This high level structure includes elements like scope, leadership responsibilities, planning, support, operations, performance evaluation, and improvement. The standard emphasizes risk-based thinking, organizational context, leadership involvement, and flexibility over documentation requirements. It aims to help organizations better meet customer and regulatory requirements through an effective quality management approach.

1. Copy Right.© Dr. Madhu Aman Sharma
Internal
Auditor
Training

2. Training Objectives
About ISO
Quality Management
System
What Internal Audit
Audit Reporting & Practice3 Days

3. Day-1

4. Day-1
ISO is an independent, non-governmental international
organization with a membership of 164 national standards
bodies.
Through its members, it brings together experts to share
knowledge and develop voluntary, consensus-based, market
relevant International Standards that support innovation and
provide solutions to global challenges.

5. Day-1 History
The ISO story began in 1946 when delegates from 25 countries met at
the Institute of Civil Engineers in London and decided to create a new
international organization ‘to facilitate the international coordination
and unification of industrial standards’.
On 23 February 1947 the new organization, ISO, officially began
operations.
Today ISO have members from 164 countries and 3900 technical
bodies to take care of standards development.
More than 135 people work full time for ISO’s Central Secretariat in
Geneva, Switzerland.
ISO has published 21515 International Standards and related documents,
covering almost every industry, from technology, to food safety, to
agriculture and healthcare.
ISO International Standards impact everyone, everywhere.

6. Day-1 How does ISO develop standards?
ISO standards are developed by the people that need them, through
a consensus process.
Experts from all over the world develop the standards that are
required by their sector. This means they reflect a wealth of
international experience and knowledge
Key principles in standard development
1. ISO standards respond to a need in the market
2. ISO standards are based on global expert opinion
3. ISO standards are developed through a multi-stakeholder process
4. ISO standards are based on a consensus

7. Day-1 Quality Management System
ISO 9001:2015
1987
1994
2000
2008
2015
Revisions
First published in 1987, ISO 9000 has consistently been ISO’s
most popular series of standards.

8. Annex SL is not a standard, but rather a guide to
help standards developers write management systems
standards. It forms part of the ‘ISO Directives, Part 1 —
Consolidated ISO Supplement — Procedures specific to
ISO document, which is currently in its 6th edition
ISO has over the years published many management
system standards for topics ranging from quality and
environment to information security, business continuity
management and records management. Despite sharing
common elements, ISO management system standards
come in many different shapes and structures.
Annex SL is freely available; it is contained within the
ISO Supplement, Procedures specific to ISO.
Day-1 Annex SL
Introduction:

9. The HLS (High Level Structure) is the outcome of the work of the ISO/TMB/JTCG
‘Joint technical Coordination Group on MSS’.
The structure has been mandated by the ISO TECHNICAL MANAGEMENT
BOARD (TMB) (based on ISO/TMB Resolution 18/2012) and the belief is that this
will enhance consistency, make it more generic and more easily applicable to
service industries.
Accordingly, ISO 9001:2015 has adopted this. The HLS is based on
published information related to Annex SL and not directly the result of
any particular published study or survey. ‘The aim of the HLS is to enhance
the consistency and alignment of ISO MSS by providing a unifying and
agreed upon high level structure, identical core text and common terms and
definitions
The intended audience of this HLS is the ISO Technical Committees (TC),
Subcommittees (SC) and Project Committees (PC) and others involved in the
development of MSS.'(SL 9.1). This approach is intended to increase value of
such standards to users: particularly those operating multiple MSS
simultaneously contained within one MSS (Integrated)
High level structure
Day-1

10. The audience for this annex is primarily ISO technical committees who develop
management system standards; however the impact of Appendix 2 of Annex
SL will be felt by all users of management system standards in the future.
Appendix 2 is in three parts:
• high level structure,
• identical core text,
• common terms and core definitions.
In future all management system standards will need to have these
elements. In addition, there will be less confusion and inconsistency
because common terms will all have the same definition and there will be
common requirements across all the management system standards
The high level structure (i.e. major clause numbers and titles) cannot be
changed, however sub-clauses can be added. Discipline-specific text can
also be added;
High level structure
Day-1

11. Day-1 Quality Management System
ISO 9001:2015
ISO 9001:2015
High quality voluntary International Standard
Facilitate international exchange of goods & services
Support sustainable and equitable economic growth
Promote innovation
Protect health, safety and environment
The latest edition of ISO 9001, ISO's flagship quality management systems standard
High level structure

12. Day-1 ISO 9001:2015 Clauses
ISO 9001:2015
0. Introduction
1. Scope
2. Normative References
3. Terms and Definitions
4. Context of the Organization
5. Leadership
6. Planning
7. Support
8. Operations
9. Performance Evaluations
10.Improvement
High level structure

13. Day-1 Key Emphasis
ISO 9001:2015
 Emphasis on Risk-based management
• – Preventive action
 Increase emphasis on achieving value for
organization and its customers
 Documented Information
• Decreased emphasis on documentation
• Expands concept of documentation
• Replaces Documents and Records
 Organizational Context
Responsiveness to business environment
 Outsourcing is now External Provision
 Enhanced leadership requirements
 No requirement for Management Representative
 No requirement for Quality Manual

14. Day-1

15. Day-1
1. What does ISO stands For?
2. When ISO Organisation was Founded?
3. How Many Standards ISO has published So Far?
4. How Many members Courtiers are in ISO?
5. What is Annex SL?
6. What is High Level Structure?

16. Day-1 High Level Structure
Clause Numbers
1. Scope
2. Normative References
3. Terms and Definitions
4. Context of the Organization
4.1 Understanding the Organization and
its context
4.1 Needs and expectations
4.2 Scope
4.3 Management system
5. Leadership
5.1 Management commitment
5.2 Policy
5.3 Roles, Responsibility and Authority
6. Planning
6.1 Actions to address risks and
6.2 opportunities
6.3 Objectives and plans to achieve
them

17. Day-1 High Level Structure
Clause Numbers
7. Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communications
7.5 Documented Information
8. Operations
8.1 Operational planning and control
9. Performance evaluation
9.1 Monitoring, measurement, analysis and
9.2 Evaluation
9.3 Internal audit
9.4 Management review
10. Improvement
10.1 Nonconformity and corrective action
10.2 improvement

18. Day-1 4.1 Understanding the Organisation and its
context
Clause 4.1 requires the organization to: "… determine external
and internal issues that are relevant to its purpose and its
strategic direction and that affect its ability to achieve the
intended result(s) of its quality management system."1
"context of the organization“
is that an organization must fully explore and understand the
internal and external conditions under which it operates.
This is like a football team understanding the rules of the game,
the nature of the playing field, and the strengths and weaknesses
of its own team and the competition.

19. Day-1 4.2 Understanding Needs & Expectations of
interested parties
The clause 4.2 has two more terms :
understanding the "needs and expectations" of "interested
parties.“
Interested Parties
The organisation must consider
Direct Customers
End Users
Suppliers and distributors involved in supply chain
Regulators
And even society
In most cases, the needs and expectations of customers are
most important, but other interested parties might include
regulatory agencies, suppliers and even society in general,
especially if environmental implications are related to the
realization or use of an organization’s products.

20. Day-1 4.3 Determining the scope of the quality
management system
Section 4.3 of the standard details the requirements for determining the
scope of the Quality Management System
There are three considerations to be included when determining the scope:
1. External and internal issues that are relevant to the purpose of the
organization, the strategic direction, and the ability to achieve intended
results
2. Requirements of relevant interested parties
3. The product and service of the organization

21. Day-1 4.4. Quality Management System
Has two Main Clauses
4.4.1. General
4.4.2. Process Approach
Should Determine:
1. Inputs required and outputs expected
2. Sequence and interaction of processes
3. Criteria and methods needed to ensure effective
operation and control (performance indicators)
4. Resources needed and ensure their availability
5. Assignment of the responsibilities and authorities
6. Address risks and opportunities
7. evaluation of processes and, if needed, the changes
to processes to ensure that these achieve intended
results
8. improve of the processes and the system.

22. Day-1

23. Day-1 Clause 5. Leadership
5.1 Leadership & Commitment
The top management has to to demonstrate their leadership, and commitment to the
quality management system. This can be done by taking accountability for the
effectiveness of the organization’s quality management system. Top management needs
to ensure that the organization’s quality policy and quality objectives are established
for the QMS and is compatible with the organization’s overall strategic direction and
also with the Organization’s context.
5.2 Quality Policy
5.3 Organizational Roles,
5.4 Responsibilities & Authorities
As per ISO Leadership is defined as
” Leadership is the person or group of people who directs and
controls an organization at the highest level.”
No Requirement of Management Representative.
The ISO 9001:2015 places particular emphasis on leadership, not just
management as set out in previous standards.
This means top management now has greater accountability and
involvement in the organization’s management system.

24. Day-1 Clause 6. Planning
6.1 Actions to address risks & opportunities
6.2 Quality objectives & planning to achieve them
6.3 Planning of changes
ISO 9001:2015 Clause 6 Planning ensures the organization has the building
blocks in place to determine that the QMS can achieve its intended
outcome(s) through inclusion of specific requirements around
risk identification and analysis.
Clause 6 Planning brings risk-based thinking to the front.
Where the organization determines the need for change to the
quality management system, the change must be carried out in
a planned and systematic manner. The organization must
consider the purpose of the change and any of its potential
consequences; integrity of the quality management system;
availability of resources; allocation or reallocation of
responsibilities and authorities.

25. Day-1 Clause 7. Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
7.5 Documented Information
7.5.1 General
7.5.2 Control of Documented Information
7.5.3 Updating and Creating

26. Day-1 Clause 8. Operation
8.1 Operational Planning & Control
8.2 Determination of Market needs & interactions with customers
8.3 Operational Planning process
8.4 Control of external Provision of Goods & Services
8.5 Development of Goods & Services
8.6 Production of goods and provision of services
8.7 Release of goods and services
8.8 Nonconforming goods & services

27. Day-1 Clause 9. Performance evaluation
9.1 Monitoring, measurement , analysis and evaluation
9.1.1.General,
9.1.2.customer satisfaction,
9.1.3. Analysis & evaluation of data
9.2 Internal Audit
9.3 Management Review

28. Day-1 Clause 10. Improvement
10.1 Nonconformity and Corrective Action
10.2 Improvement
The ISO 9001:2015 requires that the organization
must react to a nonconformity by first controlling
and correcting it, as well as, dealing with its
consequences.

29. Day-1
Questions?