Introduction to ISO 9001:2015
Quality Management System (QMS)
NURI CONSULTING & SERVICES, Malaysia
www.iso9001consultant.org
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
ISO 9001 HISTORY
First published in
1987
First revision in
1994
Second revision
in 2000
Third revision in
2008
Fourth revision in
September 2015
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Validity of certifications to ISO 9001:2008
One year after the publication of ISO 9001:2015 all accredited certifications
issued (new certifications or re-certifications) shall be to ISO 9001:2015.
Three years after publication by ISO of ISO 9001:2015, any existing
certification issued to ISO 9001:2008 shall not be valid.
WHY WAS ISO 9001:2008 REVISED?
• All ISO standards must undergo review and possible amendments by the assigned
technical committee every 5 years
• To comply with ISO Directive 2012 Annex SL
• To adapt to a changing world
• To enhance an organization's ability to satisfy its customers
• To provide a consistent foundation for the future
• To reflect the increasingly complex environments in which organizations operate
• To ensure the new standard reflects the needs of all relevant interested parties
• To align with other management systems
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Structure
ISO 9001:2008 versus ISO 9001:2015
ISO 9001:2008
1. Scope
2. Normative references
3. Terms and definitions
4. Quality management system
5. Management responsibility
6. Resource management
7. Product realization
8. Measurement, analysis and
improvement
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
ISO 9001:2015
1. Scope
2. Normative references
3. Terms and definitions
4. The organization and its context
5. Leadership
6. Planning
7. Support
8. Operation
9. Performance evaluation
10. Improvement
ISO 9001:2015 MODEL
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
ISO 9001:2008 MODEL
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
NURI CONSULTING & SERVICES
www.iso9001consultant.org ismail@iso9001consultant.org
ISO 9001:2015 is based on these principles:
1. Customer focus
2. Leadership
3. Engagement of people
4. Process approach
5. improvement
6. Evidence-based decision making
7. Relationship management
Important concepts in ISO 9001:2015
1. ISO 9001:2015 employs the process approach, which incorporates the
Plan-Do-Check-Act (PDCA] cycle and risk-based thinking. It involves
the systematic definition and management of processes, and their
interactions, so as to achieve the intended results.
2. PDCA cycle is employed with an overall focus on risk-based thinking
aimed at taking advantage of opportunities and preventing
undesirable results
3. Risk-based thinking is essential for achieving an effective quality
management system
4. The concept of risk-based thinking has been implicit in previous
editions of ISO 9001. For example, carrying out preventive and
corrective actions.
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Benefits of implementing ISO 9001:2015
• Your organization will be able to:
1. Consistently provide products and services that meet customer
and applicable statutory and regulatory requirements
2. Facilitate opportunities to enhance customer satisfaction
3. Address risks and opportunities associated with your
organization’s context and objectives
4. Demonstrate conformity to specified quality management system
requirements
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Purpose of ISO 9001:2015
The ISO 9001:2015 provides a framework for any organization to achieve the
following goals:
1. Be able to demonstrate its ability to consistently provide products and
services that meet customer and applicable statutory and regulatory
requirements, and
2. Be able to enhance customer satisfaction through the effective application
of the system, including processes for improvement of the system and the
assurance of conformity to customer and applicable statutory and
regulatory requirements.
• NOTE: The terms "product" or "service" only apply to products and services
intended for, or required by the customers
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
TERMS AND DEFINITIONS
• Quality is defined as the degree to which a set of inherent
characteristics fulfills requirements
• Management is a set of coordinated activities to direct and control an
organization
• A system is a set of interrelated or interacting elements
• A process is a set of interrelated or interacting activities which
transforms inputs into outputs
• Risk is the effect of uncertainty
• Nonconformity is the failure to fulfill a requirement
• Objective is the result to be achieved
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
• Correction is the action taken to eliminate a detected nonconformity
• Corrective action is the action taken to eliminate the cause of a detected
nonconformity
• Audit is a systematic, independent and documented process for
obtaining audit evidence and evaluating it objectively to determine the
extent to which audit criteria are fulfilled
• Objective evidence is the data supporting the existence or verity of
something
• Interested party is the person or organization that can affect, be affected
by, or perceive themselves to be affected by a decision or activity
• Requirement is the need or expectation that is stated, generally implied
or obligatory
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
1. "shall" indicates a requirement which must be implemented
2. "should" indicates a recommendation
3. "may" indicates a permission
4. "can" indicates a possibility or a capability
5. information marked as "NOTE" is for guidance in understanding or
clarifying the associated requirement
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
ISO 9001:2015 Lingo
ISO 9001:2015
Quality Management System (QMS)
Requirements
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
External and internal risks and
opportunities
• Relevant and significant risks and opportunities associated with the
external and internal environments of the QMS must be continually
determined, monitored and reviewed by the organization
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Needs and expectations of interested
parties
• The organization shall continually determine, monitor and review:
1. Interested parties that are relevant to the QMS
2. Relevant requirements of these interested parties
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Scope of the QMS
• The boundaries of the QMS must be defined in terms of the
following:
1. Relevant external and internal issues
2. Relevant interested parties and their requirements
3. Products and services of the organization
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Quality management system and its processes
• The organization shall determine the processes needed for the QMS and their
application throughout the organization, and shall:
1. determine the required inputs and the outputs
2. determine the sequence and interaction of these processes
3. determine and apply performance and monitoring criteria and methods
4. determine and provide the resources needed for these processes
5. assign the responsibilities and authorities for these processes
6. address risks and opportunities
7. evaluate these processes and implement any necessary changes
8. improve the processes and the quality management system
• The QMS must be supported by documented information (documents and
records) such as the Quality Manual and SOP’s
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Leadership and its commitment
1. Take accountability for QMS
2. Establish and communicate the
quality policy and QMS objectives
3. Integrate QMS requirements into
existing business processes
4. Promote the use of process
approach, risk-based thinking and
improvement
5. Communicate the importance of
conforming to QMS requirements
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
6. Ensure that the QMS achieves its
intended results
7. Engage, direct and support
persons to contribute to the
effectiveness of the quality
management system
8. Support other management roles
to demonstrate their leadership
within their areas of responsibility
9. Provide adequate resources
Customer focus
• Top management shall ensure that:
1. Customer and applicable statutory and regulatory
requirements are determined, understood and consistently
met
2. Risks and opportunities that can affect conformity of products
and services and the ability to enhance customer satisfaction
are determined and addressed
3. Focus on enhancing customer satisfaction is maintained
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Quality policy
Top management shall establish a policy that:
1. Is appropriate to the purpose and context of the organization and
supports its strategic direction
2. Provides a framework for setting quality objectives
3. Includes a commitment to satisfy applicable requirements
4. Includes a commitment to the continual improvement of the QMS
5. is available to interested parties as appropriate
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Organizational roles, responsibilities and authorities
• Top management assign responsibilities and authorities for:
1. Ensuring that the quality management system conforms to the
requirements of this International Standard
2. Ensuring that the processes are delivering their intended outputs;
3. Reporting on the performance of the quality management system and on
opportunities for improvement, in particular to top management
4. Ensuring the promotion of customer focus throughout the organization
5. Ensuring that the integrity of the quality management system is
maintained when changes to the quality management system are
planned and implemented
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Addressing risks and opportunities
• The organization shall plan actions to address risks and opportunities
and how to integrate and implement the actions into its quality
management system processes and evaluate the effectiveness of these
actions in order to:
1. give assurance that the quality management system can achieve its
intended results
2. enhance desirable effects
3. prevent, or reduce, undesired effects
4. achieve improvement
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Quality objectives
• The organization shall shall establish objectives and associated action
plans at relevant functions, levels and processes
• When planning how to achieve its quality objectives, the organization
shall determine:
1. What will be done
2. What resources will be required
3. Who will be responsible
4. When it will be completed
5. How the results will be evaluated
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Quality objectives shall:
1. Be consistent with the quality policy
2. Be measurable
3. Take into account applicable requirements
4. Be relevant to conformity of products and services and to the enhancement
of customer satisfaction
5. Be monitored
6. Be communicated
7. Be updated as appropriate
8. Be defined in terms of what will be done, what resources will be required,
who will be responsible, when ii will be completed and how the results will be
evaluated
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Change management
• Changes to the QMS shall be planned by considering the following:
1. Purpose of the changes and their potential consequences;
2. Integrity of the quality management system
3. Availability of resources
4. Allocation or reallocation of responsibilities and authorities
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Supporting the QMS
The organization shall:
1. Determine and provide necessary resources such as people, infrastructure,
conducive work environment, monitoring and measuring equipment and
organizational knowledge (from internal and external sources)
2. Take actions to ensure that the workforce is competent on the basis of
appropriate education, training or experience (Appraisals, Training needs
3. Ensure that everyone is aware of the quality policy and objectives, how they
contribute towards the QMS and consequences of deviating from the quality
plan (Induction)
4. Determine what information needs to be communicated with internal and
external parties (what to communicate, when, to whom, how, who is
responsible)
5. Implement effective control of documented information used within the QMS
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Control of documented information
The organization shall ensure the following:
1. All documents shall have a title, date of issue, version number, distribution list
and the author’s name; Reference numbers may be assigned
2. All new and amended documents shall be reviewed and approved for
adequacy and suitability prior to distribution and use
3. Approved documents shall be made available at their points of use and
protected from loss of confidentiality, improper use or loss of integrity
4. Obsolete documents shall be removed from circulation
5. Records shall be labeled adequately and their legibility preserved
6. Records’ retention periods shall be defined and prior approval shall be
obtained before any disposal can take place
7. Records shall be safely stored and protected from any tampering
8. External documents shall be identified and updated as necessary
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
The organization shall:
1. Determine the requirements for the products and services
2. Establish criteria for the processes and the acceptance of products and
services
3. Determine the resources needed to achieve conformity to the product
and service requirements
4. Implement control of the processes in accordance with the criteria
5. Determine and keep documented information in order to have confidence
that the processes have been carried out as planned and demonstrate the
conformity of products and services to their requirements
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Operational control
The organization shall:
1. Provide information relating to products and services
2. Handle enquiries, contracts or orders, and changes
3. Obtain customer feedback relating to products and services, including
customer complaints
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Customer communication processes
The organization shall define:
1. Customer requirements
2. Any applicable statutory and regulatory requirements
3. Other requirements considered as necessary
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Requirements related to products and
services
The organization shall:
1. Review all requirements specified by the customer, including the requirements
for delivery and post-delivery activities
2. Review all requirements not stated by the customer, but necessary for the
specified or intended use, when known
3. Review all internal requirements specified by the organization
4. Review all statutory and regulatory requirements applicable to the products
and services
5. Resolve all differences
6. Get confirmation on all requirements when the customer does not provide a
documented statement of their requirements
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Review of requirements related to products
and services
The organization shall:
• Plan and control the design and development process, including the
interfaces between the various parties
• Define necessary inputs (functional, performance, previous designs,
standards, codes, failure analysis)
• Control the inputs and outputs via reviews, verification and validation
• Ensure that outputs meet input requirements
• Review and control all design and development changes
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Design and development of products and
services
1. Establishing processes for the evaluation, selection, monitoring and
re-evaluation of external providers based on their ability to fulfill
purchase requirements
2. Determining the type and extent of control to be applied to external
providers
3. Providing adequate and accurate purchase and control information to
external providers
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Control the purchasing process by
The organization shall:
1. Make available documented information that defines the characteristics
of the products to be produced, the services to be provided, the
activities to be performed and the results to be achieved
2. Use suitable monitoring and measuring resources
3. Implement monitoring and measurement activities at appropriate
stages to verify that criteria for control of processes or outputs and
acceptance criteria for products and services have been met
4. Use suitable infrastructure and environment for the operation of
processes
5. Appoint competent persons, including any required qualification
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Control of production and service provisions
6. Validate and revalidate the ability to achieve planned results of the
processes for production and service provision, where the resulting
output cannot be verified by subsequent monitoring or measurement
7. Implement actions to prevent human error
8. Ensure identification and traceability of products and services
9. Safeguard property belonging to customers and external providers
10. Preserve outputs to ensure conformity of products and services
11. Implement necessary post-delivery activities
12. Control all changes within the production and service provisions
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Release of products and services
The organization shall:
• Implement planned arrangements, at appropriate stages, to verify that
the product and service requirements have been met.
• Release of products and services to the customer shall not proceed until
the planned arrangements have been satisfactorily completed, unless
otherwise approved by a relevant authority and, as applicable, by the
customer.
• Retain documented information on the release of products and services
such as evidence of conformity with the acceptance criteria and
traceability to the person(s) authorizing the release.
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Control of nonconforming outputs
The organization shall:
• Ensure that outputs that do not conform to their requirements are
identified and controlled to prevent their unintended use or delivery
• Deal with nonconforming outputs in one or more of the following ways:
1. Correction
2. Segregation, containment, return or suspension of provision of
products and services
3. Informing the customer
4. Obtaining authorization for acceptance under concession
• Retain documented information that describes the nonconformity,
describes the actions taken, describes any concessions obtained, identifies
the authority deciding the action in respect of the nonconformity.
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Performance evaluation
The organization shall:
1. Monitor and measure key performance indicators
2. Monitor and measure customer satisfaction levels
3. Analyse and evaluate all KPI data
4. Implement annual internal audits
5. Annually review the QMS performance and make decisions with regards
to opportunities for improvement, changes to the QMS and resource
needs
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
Improvement
The organization shall:
1. Improve products and services via innovation and meeting future
customer expectations
2. Improve the QMS by addressing risks and opportunities, and
controlling nonconformities
3. Improve the QMS by taking actions on the results of data analysis and
management review
NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org

Introduction to 9001 2015

  • 1.
    Introduction to ISO9001:2015 Quality Management System (QMS) NURI CONSULTING & SERVICES, Malaysia www.iso9001consultant.org NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 2.
    ISO 9001 HISTORY Firstpublished in 1987 First revision in 1994 Second revision in 2000 Third revision in 2008 Fourth revision in September 2015 NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org Validity of certifications to ISO 9001:2008 One year after the publication of ISO 9001:2015 all accredited certifications issued (new certifications or re-certifications) shall be to ISO 9001:2015. Three years after publication by ISO of ISO 9001:2015, any existing certification issued to ISO 9001:2008 shall not be valid.
  • 3.
    WHY WAS ISO9001:2008 REVISED? • All ISO standards must undergo review and possible amendments by the assigned technical committee every 5 years • To comply with ISO Directive 2012 Annex SL • To adapt to a changing world • To enhance an organization's ability to satisfy its customers • To provide a consistent foundation for the future • To reflect the increasingly complex environments in which organizations operate • To ensure the new standard reflects the needs of all relevant interested parties • To align with other management systems NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 4.
    Structure ISO 9001:2008 versusISO 9001:2015 ISO 9001:2008 1. Scope 2. Normative references 3. Terms and definitions 4. Quality management system 5. Management responsibility 6. Resource management 7. Product realization 8. Measurement, analysis and improvement NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org ISO 9001:2015 1. Scope 2. Normative references 3. Terms and definitions 4. The organization and its context 5. Leadership 6. Planning 7. Support 8. Operation 9. Performance evaluation 10. Improvement
  • 5.
    ISO 9001:2015 MODEL NURICONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 6.
    ISO 9001:2008 MODEL NURICONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 7.
    NURI CONSULTING &SERVICES www.iso9001consultant.org ismail@iso9001consultant.org ISO 9001:2015 is based on these principles: 1. Customer focus 2. Leadership 3. Engagement of people 4. Process approach 5. improvement 6. Evidence-based decision making 7. Relationship management
  • 8.
    Important concepts inISO 9001:2015 1. ISO 9001:2015 employs the process approach, which incorporates the Plan-Do-Check-Act (PDCA] cycle and risk-based thinking. It involves the systematic definition and management of processes, and their interactions, so as to achieve the intended results. 2. PDCA cycle is employed with an overall focus on risk-based thinking aimed at taking advantage of opportunities and preventing undesirable results 3. Risk-based thinking is essential for achieving an effective quality management system 4. The concept of risk-based thinking has been implicit in previous editions of ISO 9001. For example, carrying out preventive and corrective actions. NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 9.
    Benefits of implementingISO 9001:2015 • Your organization will be able to: 1. Consistently provide products and services that meet customer and applicable statutory and regulatory requirements 2. Facilitate opportunities to enhance customer satisfaction 3. Address risks and opportunities associated with your organization’s context and objectives 4. Demonstrate conformity to specified quality management system requirements NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 10.
    Purpose of ISO9001:2015 The ISO 9001:2015 provides a framework for any organization to achieve the following goals: 1. Be able to demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements, and 2. Be able to enhance customer satisfaction through the effective application of the system, including processes for improvement of the system and the assurance of conformity to customer and applicable statutory and regulatory requirements. • NOTE: The terms "product" or "service" only apply to products and services intended for, or required by the customers NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 11.
    TERMS AND DEFINITIONS •Quality is defined as the degree to which a set of inherent characteristics fulfills requirements • Management is a set of coordinated activities to direct and control an organization • A system is a set of interrelated or interacting elements • A process is a set of interrelated or interacting activities which transforms inputs into outputs • Risk is the effect of uncertainty • Nonconformity is the failure to fulfill a requirement • Objective is the result to be achieved NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 12.
    • Correction isthe action taken to eliminate a detected nonconformity • Corrective action is the action taken to eliminate the cause of a detected nonconformity • Audit is a systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled • Objective evidence is the data supporting the existence or verity of something • Interested party is the person or organization that can affect, be affected by, or perceive themselves to be affected by a decision or activity • Requirement is the need or expectation that is stated, generally implied or obligatory NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 13.
    1. "shall" indicatesa requirement which must be implemented 2. "should" indicates a recommendation 3. "may" indicates a permission 4. "can" indicates a possibility or a capability 5. information marked as "NOTE" is for guidance in understanding or clarifying the associated requirement NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org ISO 9001:2015 Lingo
  • 14.
    ISO 9001:2015 Quality ManagementSystem (QMS) Requirements NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 15.
    External and internalrisks and opportunities • Relevant and significant risks and opportunities associated with the external and internal environments of the QMS must be continually determined, monitored and reviewed by the organization NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 16.
    Needs and expectationsof interested parties • The organization shall continually determine, monitor and review: 1. Interested parties that are relevant to the QMS 2. Relevant requirements of these interested parties NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 17.
    Scope of theQMS • The boundaries of the QMS must be defined in terms of the following: 1. Relevant external and internal issues 2. Relevant interested parties and their requirements 3. Products and services of the organization NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 18.
    Quality management systemand its processes • The organization shall determine the processes needed for the QMS and their application throughout the organization, and shall: 1. determine the required inputs and the outputs 2. determine the sequence and interaction of these processes 3. determine and apply performance and monitoring criteria and methods 4. determine and provide the resources needed for these processes 5. assign the responsibilities and authorities for these processes 6. address risks and opportunities 7. evaluate these processes and implement any necessary changes 8. improve the processes and the quality management system • The QMS must be supported by documented information (documents and records) such as the Quality Manual and SOP’s NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 19.
    Leadership and itscommitment 1. Take accountability for QMS 2. Establish and communicate the quality policy and QMS objectives 3. Integrate QMS requirements into existing business processes 4. Promote the use of process approach, risk-based thinking and improvement 5. Communicate the importance of conforming to QMS requirements NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org 6. Ensure that the QMS achieves its intended results 7. Engage, direct and support persons to contribute to the effectiveness of the quality management system 8. Support other management roles to demonstrate their leadership within their areas of responsibility 9. Provide adequate resources
  • 20.
    Customer focus • Topmanagement shall ensure that: 1. Customer and applicable statutory and regulatory requirements are determined, understood and consistently met 2. Risks and opportunities that can affect conformity of products and services and the ability to enhance customer satisfaction are determined and addressed 3. Focus on enhancing customer satisfaction is maintained NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 21.
    Quality policy Top managementshall establish a policy that: 1. Is appropriate to the purpose and context of the organization and supports its strategic direction 2. Provides a framework for setting quality objectives 3. Includes a commitment to satisfy applicable requirements 4. Includes a commitment to the continual improvement of the QMS 5. is available to interested parties as appropriate NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 22.
    Organizational roles, responsibilitiesand authorities • Top management assign responsibilities and authorities for: 1. Ensuring that the quality management system conforms to the requirements of this International Standard 2. Ensuring that the processes are delivering their intended outputs; 3. Reporting on the performance of the quality management system and on opportunities for improvement, in particular to top management 4. Ensuring the promotion of customer focus throughout the organization 5. Ensuring that the integrity of the quality management system is maintained when changes to the quality management system are planned and implemented NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 23.
    Addressing risks andopportunities • The organization shall plan actions to address risks and opportunities and how to integrate and implement the actions into its quality management system processes and evaluate the effectiveness of these actions in order to: 1. give assurance that the quality management system can achieve its intended results 2. enhance desirable effects 3. prevent, or reduce, undesired effects 4. achieve improvement NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 24.
    Quality objectives • Theorganization shall shall establish objectives and associated action plans at relevant functions, levels and processes • When planning how to achieve its quality objectives, the organization shall determine: 1. What will be done 2. What resources will be required 3. Who will be responsible 4. When it will be completed 5. How the results will be evaluated NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 25.
    Quality objectives shall: 1.Be consistent with the quality policy 2. Be measurable 3. Take into account applicable requirements 4. Be relevant to conformity of products and services and to the enhancement of customer satisfaction 5. Be monitored 6. Be communicated 7. Be updated as appropriate 8. Be defined in terms of what will be done, what resources will be required, who will be responsible, when ii will be completed and how the results will be evaluated NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 26.
    Change management • Changesto the QMS shall be planned by considering the following: 1. Purpose of the changes and their potential consequences; 2. Integrity of the quality management system 3. Availability of resources 4. Allocation or reallocation of responsibilities and authorities NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 27.
    Supporting the QMS Theorganization shall: 1. Determine and provide necessary resources such as people, infrastructure, conducive work environment, monitoring and measuring equipment and organizational knowledge (from internal and external sources) 2. Take actions to ensure that the workforce is competent on the basis of appropriate education, training or experience (Appraisals, Training needs 3. Ensure that everyone is aware of the quality policy and objectives, how they contribute towards the QMS and consequences of deviating from the quality plan (Induction) 4. Determine what information needs to be communicated with internal and external parties (what to communicate, when, to whom, how, who is responsible) 5. Implement effective control of documented information used within the QMS NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 28.
    Control of documentedinformation The organization shall ensure the following: 1. All documents shall have a title, date of issue, version number, distribution list and the author’s name; Reference numbers may be assigned 2. All new and amended documents shall be reviewed and approved for adequacy and suitability prior to distribution and use 3. Approved documents shall be made available at their points of use and protected from loss of confidentiality, improper use or loss of integrity 4. Obsolete documents shall be removed from circulation 5. Records shall be labeled adequately and their legibility preserved 6. Records’ retention periods shall be defined and prior approval shall be obtained before any disposal can take place 7. Records shall be safely stored and protected from any tampering 8. External documents shall be identified and updated as necessary NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 29.
    The organization shall: 1.Determine the requirements for the products and services 2. Establish criteria for the processes and the acceptance of products and services 3. Determine the resources needed to achieve conformity to the product and service requirements 4. Implement control of the processes in accordance with the criteria 5. Determine and keep documented information in order to have confidence that the processes have been carried out as planned and demonstrate the conformity of products and services to their requirements NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org Operational control
  • 30.
    The organization shall: 1.Provide information relating to products and services 2. Handle enquiries, contracts or orders, and changes 3. Obtain customer feedback relating to products and services, including customer complaints NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org Customer communication processes
  • 31.
    The organization shalldefine: 1. Customer requirements 2. Any applicable statutory and regulatory requirements 3. Other requirements considered as necessary NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org Requirements related to products and services
  • 32.
    The organization shall: 1.Review all requirements specified by the customer, including the requirements for delivery and post-delivery activities 2. Review all requirements not stated by the customer, but necessary for the specified or intended use, when known 3. Review all internal requirements specified by the organization 4. Review all statutory and regulatory requirements applicable to the products and services 5. Resolve all differences 6. Get confirmation on all requirements when the customer does not provide a documented statement of their requirements NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org Review of requirements related to products and services
  • 33.
    The organization shall: •Plan and control the design and development process, including the interfaces between the various parties • Define necessary inputs (functional, performance, previous designs, standards, codes, failure analysis) • Control the inputs and outputs via reviews, verification and validation • Ensure that outputs meet input requirements • Review and control all design and development changes NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org Design and development of products and services
  • 34.
    1. Establishing processesfor the evaluation, selection, monitoring and re-evaluation of external providers based on their ability to fulfill purchase requirements 2. Determining the type and extent of control to be applied to external providers 3. Providing adequate and accurate purchase and control information to external providers NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org Control the purchasing process by
  • 35.
    The organization shall: 1.Make available documented information that defines the characteristics of the products to be produced, the services to be provided, the activities to be performed and the results to be achieved 2. Use suitable monitoring and measuring resources 3. Implement monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs and acceptance criteria for products and services have been met 4. Use suitable infrastructure and environment for the operation of processes 5. Appoint competent persons, including any required qualification NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org Control of production and service provisions
  • 36.
    6. Validate andrevalidate the ability to achieve planned results of the processes for production and service provision, where the resulting output cannot be verified by subsequent monitoring or measurement 7. Implement actions to prevent human error 8. Ensure identification and traceability of products and services 9. Safeguard property belonging to customers and external providers 10. Preserve outputs to ensure conformity of products and services 11. Implement necessary post-delivery activities 12. Control all changes within the production and service provisions NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 37.
    Release of productsand services The organization shall: • Implement planned arrangements, at appropriate stages, to verify that the product and service requirements have been met. • Release of products and services to the customer shall not proceed until the planned arrangements have been satisfactorily completed, unless otherwise approved by a relevant authority and, as applicable, by the customer. • Retain documented information on the release of products and services such as evidence of conformity with the acceptance criteria and traceability to the person(s) authorizing the release. NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 38.
    Control of nonconformingoutputs The organization shall: • Ensure that outputs that do not conform to their requirements are identified and controlled to prevent their unintended use or delivery • Deal with nonconforming outputs in one or more of the following ways: 1. Correction 2. Segregation, containment, return or suspension of provision of products and services 3. Informing the customer 4. Obtaining authorization for acceptance under concession • Retain documented information that describes the nonconformity, describes the actions taken, describes any concessions obtained, identifies the authority deciding the action in respect of the nonconformity. NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 39.
    Performance evaluation The organizationshall: 1. Monitor and measure key performance indicators 2. Monitor and measure customer satisfaction levels 3. Analyse and evaluate all KPI data 4. Implement annual internal audits 5. Annually review the QMS performance and make decisions with regards to opportunities for improvement, changes to the QMS and resource needs NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org
  • 40.
    Improvement The organization shall: 1.Improve products and services via innovation and meeting future customer expectations 2. Improve the QMS by addressing risks and opportunities, and controlling nonconformities 3. Improve the QMS by taking actions on the results of data analysis and management review NURI CONSULTING & SERVICES www.iso9001consultant.org ismail@iso9001consultant.org