Awareness and Risk Based Approach of ISO 9001:2015

PT. Yangtze Optical Fibre Indonesia

30-31 January 2023
introduction
 What we do?
Created in
1828

Testing, Inspection, Certification

and Technical Assistance

Helping clients meet their growing challenges

of quality, health & safety, environmental
protection and social responsibility
 Bureau Veritas - A world of knowledge at your service

Safety & performance verified

Timber legality & forest Coal & Minerals tested
management certified

Airworthiness verified
Sea water
quality
tested
Agricultural products tested

Water & air

emissions Oil tested
QHSE management Ships classed
controlled - Risk &
systems verified
conformity
assessed
Containers
certified
Disabled access verified
Automotive supply chain
& components verified
Fuel quality
tested
Consumer products
tested & inspected Imports &
exports
inspected
Industrial processes verified Fire safety
- Industrial & environmental inspected
risks monitored

Railway Energy Textiles & Electronic supply chain

maintenance performance garments Solidity
& components verified
& safety of certified tested verified
equipment
certified
Car safety Food health &
controlled safety tested
Smartphone conformity &
interoperability verified
Construction
materials tested
Elevator & escalator
Transport safety certified Code compliance verified safety inspected
Training
Schedule
 SHAPING
A WORLD
OF TRUST
WWW.BUREAUVERITAS.COM
T R A I N I N G 2 0 1 8

ISO 9001:2015
UNDERSTANDING & AWARENESS
A GLOBAL LEADER IN CERTIFICATION SERVICES
01. INTRODUCTION

02. COURSE OBJECTIVES

03. ISO 9001:2015 OVERVIEW

04. HLS

05. PREVIOUS SECTIONS

06. ANALYSIS CLAUSE-BY-CLAUSE

01
INTRODUCTION
 BUREAU VERITAS CERTIFICATION

10 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 HOUSE RULES

 Facilities
 Safety rules & evacuation routes
 Courtesy (mobile phones, pagers, recording devices)
 Local arrangements

11 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 METHODOLOGY

TUTORIAL DISCUSSIONS WORKSHOP PRESENTATIONS SHORT QUIZ

12 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 HANDOUT 1 | CASE STUDIES FOR GROUP WORK

 Form groups and study the requirements of clauses 1, 2, 3, 4, 5, 6, 7, 8, 9 and 10 against

the organisation allocated to your team.

 Identify what changes are to be done by this company in order to meet the requirements
of ISO 9001:2015.

 Present your understanding on flip charts for each clause.

13 ISO 9001:2015 | UNDERSTANDING & AWARENESS

02
COURSE
OBJECTIVES
 COURSE OBJECTIVES

Use ISO 9001:2015 as a framework for continual Describe the purpose of well-defined and managed
improvement. quality management systems

Recognise existing control mechanisms

in place which minimize risk and ensure
quality
Assist in the implementation of a management
system based on ISO 9001:2015.

15 ISO 9001:2015 | UNDERSTANDING & AWARENESS

03
ISO 9001:2015
OVERVIEW
 ISO 9001:2015
WHAT IS?

 ISO 9001 is one of ISO’s most well-known standards, with more

than 1.1 million certificates worldwide.

 It provides requirements to help companies demonstrate that

they can offer their customers consistent, good quality
products and services.

 It also provides a framework to help them streamline their

processes and become more efficient at what they do.

 ISO 9001 can be used by organizations of all types and sizes.

 The standard has inspired a series of documents for sector-

specific applications in a variety of specialist business sectors too.

17 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 ISO 9001:2015
PRINCIPLES

CUSTOMER ENGAGEMENT PROCESS

LEADERSHIP
FOCUS OF PEOPLE APPROACH

EVIDENCE-
RELATIONSHIPS BASED
IMPROVEMENT
MANAGEMENT DECISION
MAKING

18 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 QUALITY MANAGEMENT SYSTEM

 A Quality Management System (QMS) is a collection of

business processes focused on consistently meeting
customer requirements and enhancing their satisfaction.

 It is aligned with an organisation's purpose and

strategic direction.

 It is expressed as the organizational goals and

aspirations, policies, processes, documented information
and resources needed to implement and maintain it.

 Quality Management Systems are a vital tool for

successful businesses, whether externally certified or
not.

19 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 ISO 9001:2015 TERMINOLOGY

 The published International Standard documentation

uses the following terms:

 “Shall” indicates a requirement; failure to comply would

attract a non-compliance
 “Should” indicates a recommendation;
 “May” indicates a permission;
 “Can” indicates a possibility or a capability.

 Information marked as “NOTE” is for guidance in

understanding or clarifying the associated requirement.

20 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 ISO QUIZ

STATEMENT TRUE FALSE

ISO Certification is a legal requirement for businesses.

ISO develop high quality voluntary International Standards.

ISO Standards dictate how you must carry out your business.

ISO ensures all companies operate in exactly the same way.

Organisations design their own ways of working to suit their environment.

ISO audits the organisation to verify that operating practices meet the stated standards of the organisation.

If auditors identify serious non-conformities which go uncorrected, an organisation will lose their certificate

The way our organisation works and connects together optimises synergies across different departments.

21 ISO 9001:2015 | UNDERSTANDING & AWARENESS

04
HLS
 WHAT IS HLS

 The High Level Structure is a new common format has been developed for use in all
management system standards.
 Organizations implementing multiple management systems (e.g. quality, environmental,
information security) can achieve better integration and easier implementation

GUIDELINES
EXPLANATORY NOTES Internal
Quality Audits
Management

Medical
GENERIC HIGH LEVEL INDUSTRY Devices
STRUCTURE
Environmental
Management
STANDARDS (BASIC ELEMENTS AND
REQUIREMENTS)
STANDARDS Oil and gas

Health and
Safety
Management

GENERIC REQUIREMENTS

23 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 HLS
STRUCTURE

1. SCOPE

2. NORMATIVE REFERENCES

3. TERMS AND DEFINITIONS

4. CONTEXT OF THE ORGANIZATION

5. LEADERSHIP

6. PLANNING

7. SUPPORT

8. OPERATION

9. PERFORMANCE EVALUATION

10. IMPROVEMENT

24 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 HLS | STRUCTURE
ISO 9001:2015
PLAN DO CHECK ACT

4 5 6 7 8 9 10

CONTEXT OF THE PERFORMANCE

LEADERSHIP PLANNING SUPPORT OPERATION IMPROVEMENT
ORGANIZATION EVALUATION

Understanding the
Leadership and Actions to address Operational and Monitoring, measurement,
organization and its Resources analysis, and evaluation General
commitment risks and opportunities planning and control
context

Determination of
Quality objectives and requirements for Nonconformity and
planning to achieve Competence products and services Internal audit
Understanding the corrective action
Quality policy them
needs and
expectations of Design and
interested parties development of
products and services
Planning of changes Awareness Management review Continual improvement

Organizational roles, Control of externally

responsibilities and provided products and
Determining the scope authorities services
of the QMS
Communication
Production and service
provision

QMS and its Documented

processes information Release of products
and services

Control of
nonconforming
25 ISO 9001:2015 | UNDERSTANDING & AWARENESS process outputs,
products and services
05
PREVIOUS
SECTIONS
 0. INTRODUCTION
0.1 GENERAL

 Adoption of QMS is a strategic decision.

 Implementation of QMS is to help organizations to improve its overall performance &
part of sustainable development.
 Many factors can influence the design of QMS.
 Context of an organisation.
 Risks associated with its context and objectives.
 Requirements of QMS are complementary to those of products.
 Standard can be used by many parties.

27 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 0. INTRODUCTION
0.2 ISO STANDARDS FOR QUALITY MANAGEMENT

ANNEXES A & B FOR

INFORMATION ONLY

QMSs - Fundamentals & vocabulary ISO Guidelines

9000
ISO ISO
10012 19011

Measurement Audits

Managing for the sustained success of an

ISO ISO
organization – A Quality management QMS-Requirements
approach 9004 9001

TECHNICAL
REPORTS
…as needed (e.g. ISO/TR 10013)
28 ISO 9001:2015 | UNDERSTANDING & AWARENESS
 0. INTRODUCTION
0.3 PROCESS APPROACH

 Process approach to quality management encouraged

 Introduces the process model as conceptual presentation of QMS requirements
specified

PROCESS A PROCESS C
PROCESS,
INPUT OUTPUT
ACTIVITIES
RESOURCES PROCESS B PROCESS D

Name the parameters needed to identify a process…

29 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 0. INTRODUCTION
0.3 PROCESS APPROACH

4.1,4.2 & 4.3 IMPROVEMENT

CONTEXT & SCOPE

LEADERSHIP

4.4 QMS-GENERAL & PROCESS APPROACH

CUSTOMER & CUSTOMER
OTHER SATISFACTION
RELEVANT PERFORMANCE
INTERESTED PLANNING PRODUCTS &
EVALUATION
PARTIES SERVICES

OPERATIONS
INPUT OUTPUT

REQUIREMENTS SUPPORT PROCESSES REQUIREMENTS

30
 0. INTRODUCTION
0.4 PDCA CYCLE

 The model of a QMS provided in this standard follows the methodology known as “Plan-
Do-Check-Act” (PDCA)

ACT PLAN

A P

C D
CHECK DO

31 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 0. INTRODUCTION
0.4 PDCA CYCLE

ACT – incorporate PLAN - the process

improvements as (Extent of planning depends
necessary on RISK)

INPUTS OUTPUTS
DO – carryout the process

Schematic representation of a
single process within the
system
CHECK – monitor/measure
process performance
32 ISO 9001:2015 | UNDERSTANDING & AWARENESS
 0. INTRODUCTION
0.5 RISK- BASED THINKING

 Risk based thinking has been always an intent of the standard

 Now made more explicit and part of the “requirements”

 Organizations may choose to adopt more extensive risk based approach than required by the
standard.

 Level of risk may vary between various processes and the context

 “Risk based thinking” means considering risk qualitatively while planning for the QMS

33 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 0. INTRODUCTION
0.6 COMPATIBILITY WITH OTHER MANAGEMENT SYSTEM STANDARDS

 Adoption of “high level structure” has enabled:

 ISO to improve alignment among its international standards for management systems (Annex A of
this standard provides key elements of ‘high level structure”)
 Level of risk may vary between various processes and the context of the organization
 This standard defines requirements in an order that is in line with organizations’ planning and
process management. i.e.,
 Understanding the context of the organization. Its QMS & processes (Clause 4)
 Leadership, policy and responsibilities (Clause 5)
 Processes for planning & consideration of risks and opportunities (Clause 6)
 Processes for support, including resources, people and information (Clause 7)
 Operational processes related to customers, products and services ( Clause 8)
 Processes for performance evaluation (Clause 9)
 Processes for improvement (Clause 10)

34 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 0. INTRODUCTION
0.6 COMPATIBILITY WITH OTHER MANAGEMENT SYSTEM STANDARDS

SCOPE CONTEXT OF THE DETERMINE THE

ORGANIZATION SCOPE OF QMS
INTERESTED PARTY
NORMATIVE REFERENCES INTERNAL AND
NEEDS AND
EXTERNAL ISSUES
EXPECTATIONS
INTENDED OUTCOMES
TERMS AND DEFINITIONS

CONTEXT OF THE ORGANIZATION

PLAN SUPPORT AND DO
OPERATION
LEADERSHIP

PLANNING
PERFORMANCE
PLANNING LEADERSHIP
EVALUATION
SUPPORT

OPERATION
IMPROVEMENT
ACT CHECK
PERFORMANCE EVALUATION

IMPROVEMENT

35 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 1. SCOPE
1.1 GENERAL

 The standard specifies requirements for a QMS where it:

a) needs to demonstrate its ability to consistently provide product or service that meets
customer and applicable statutory and regulatory requirements, and
b) aims to enhance customer satisfaction through the effective application of the system,
including processes for continual improvement of the system and the assurance of conformity to
customer and applicable statutory and regulatory requirements.

Note: Product & Service = products & services intended for, or required by, a customer. Statutory and
regulatory requirements can be expressed as legal requirements

36 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 2. NORMATIVE REFERENCES
3. TERMS AND DEFINITIONS
 ‘Clause 2 and 3 in the standard make reference to the supporting standard: ISO
9000:2015.
 This is a useful (and under utilized) reference point
 They include definitions for much of the vocabulary used in the 9001 standard, as well as
useful explanations about many of the concepts.
 ISO 9000:2015 is a reference document and not audited directly

37 ISO 9001:2015 | UNDERSTANDING & AWARENESS

ANALYSIS CLAUSE-
BY-CLAUSE
CLAUSE 4
CONTEXT OF ORGANIZATION
 4. CONTEXT OF THE ORGANIZATION
STRUCTURE

4.1. Understanding of the organisation and its context

4.2. Understanding the needs and expectations of interested parties

4.3. Determining the scope of the Quality Management System

4.4. Organisation’s Management System including documentation

40 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 4. CONTEXT OF THE ORGANIZATION
4.1. UNDERSTANDING THE ORGANISATION AND ITS CONTEXT

 Determine external and internal issues:

 That are relevant to its purpose & strategic direction &

 That affect its ability to achieve intended results

 Monitor and review the information about those issues

41 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 4. CONTEXT OF THE ORGANIZATION
4.2 UNDERSTANDING THE NEEDS AND EXPECTATION OF INTERESTED PARTIES

 Determine the interested parties that are relevant to the QMS

 Determine the requirements of these interested parties that are relevant to the QMS

42 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 4. CONTEXT OF THE ORGANIZATION
4.3. DETERMINING THE SCOPE OF QMS

 Determine the boundaries and applicability of the QMS to establish the scope &
document it.

 While determining the scope consider:

 The external and internal issued referred in 4.1

 Requirements of relevant interested parties referred in 4.2
 The products and services of the organization

 Where a requirement can not be applied within the defined scope it shall not affect
organization's ability or responsibility to ensure conformity to products and
services

43 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 4. CONTEXT OF THE ORGANIZATION
4.4. QMS AND ITS PROCESSES

 Organization shall determine the processes needed for the QMS and their application
including:

 Inputs and outputs from the processes, Their sequence and interaction
 Criteria, methods, including measurements and related performance indicators needed to ensure their effective
operation and control
 Inputs and outputs from the processes, Their sequence and interaction
 Criteria, methods, including measurements and related performance indicators needed to ensure their effective
operation and control
 The resources needed and ensure their availability
 The assignment of the responsibilities and authorities for these processes
 The risks and opportunities identified and actions to meet them
 Methods for monitoring , measuring as appropriate and evaluation of processes and , if needed the changes to
processes
 Opportunities for improvement of processes and the QMS

44 ISO 9001:2015 | UNDERSTANDING & AWARENESS

CLAUSE 5
LEADERSHIP
 5. LEADERSHIP
STRUCTURE

5.1. Leadership and commitment

5.2. Policy

5.3. Organizational roles, responsibilities and authorities

46 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 5. LEADERSHIP
5.1. LEADERSHIP AND COMMITMENT

 Top Management to demonstrate its leadership & commitment to QMS by:

 Owning accountability for the QMS

 Establishment of Quality Policy & Quality Objectives and they are compatible with the strategic direction and
context.
 Ensuring Quality Policy is communicated , understood and applied within the organization
 Promoting awareness of process approach, ensuring that the resources needed for the QMS area available
 Communicating the importance of effective QM and of conforming to the QMS requirements
 Ensuring QMS achieves its intended results
 Engaging, directing and supporting persons to contribute to the effectiveness of QMS
 Promoting continual improvement & supporting other relevant management roles to demonstrate their leadership.

47 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 5. LEADERSHIP
5.1. LEADERSHIP AND COMMITMENT

 Top Management to demonstrate its leadership & commitment to customer focus by

ensuring:

 Customer requirements & applicable statutory & regulatory requirements are determined and
met
 Risks and opportunities that can affect conformity to products and services and the ability to
enhance customer satisfaction are determined and addressed.
 The focus on consistently providing products and services that meet customer and applicable
statutory and regulatory requirements is maintained.
 The focus on enhancing customer satisfaction maintained.

48 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 5. LEADERSHIP
5.2. QUALITY POLICY

 Top Management to establish, review and maintain a quality policy that:

 Is appropriate to the purpose and context of the organization

 Provides a framework for setting and reviewing quality objectives
 includes a commitment to satisfy applicable requirements.
 Include a commitment to continual improvement of QMS

 The quality policy shall:

 be available as ………….;
 be communicated, understood and applied within the organization;
 be available to relevant interested parties, as appropriate.

49 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 5. LEADERSHIP
5.3. ORGANIZATIONAL ROLES, RESPONSIBILITIES & AUTHORITIES

 Top management shall ensure that the responsibilities and authorities for relevant roles
are assigned, communicated and understood within the organization.

 Top management shall assign the responsibility and authority for:

 Ensuring that the QMS conforms to the requirements of this International Standard;
 Ensuring that the processes are delivering their intended outputs;
 Reporting on the performance of the QMS, on opportunities for improvement and on the need for
change or innovation, and especially for reporting to top management;
 Ensuring the promotion of customer focus throughout the organization;
 Ensuring that the integrity of the QMS is maintained when changes to the QMS are planned and
implemented.

50 ISO 9001:2015 | UNDERSTANDING & AWARENESS

CLAUSE 6
PLANNING
 6. PLANNING
STRUCTURE

6.1. Actions to address risks and opportunities

6.2. SMART Objectives and plans to achieve them

6.3. Planning of Changes

52 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 6. PLANNING FOR THE QMS
6.1 ACTIONS TO ADDRESS RISKS AND OPPORTUNITIES

 When planning for the QMS, the organization shall consider the issues referred to in
4.1 and the requirements referred to in 4.2 and determine the risks and
opportunities that need to be addressed to:
 give assurance that the QMS can achieve its intended result(s);
 prevent, or reduce, undesired effects;
 achieve continual improvement.

 The organization shall plan:

 actions to address these risks and opportunities & how to:
 integrate and implement the actions into its QMS processes (see 4.4);
 evaluate the effectiveness of these actions.
 Note. Options to address risks and opportunities shall be proportionate to the potential impact on the conformity of products and services. order
to pursue an opportunity, eliminating the risk source, changing the likelihood or consequences, sharing the risk, or retaining risk by informed
decision.

53 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 6. PLANNING FOR THE QMS
6.2. QUALITY OBJECTIVES, AND PLANNING TO ACHIEVE THEM

 The organization shall establish quality objectives at relevant functions, levels and
processes.
 The quality objectives shall:
 be consistent with the quality policy; be measurable;
 take into account applicable requirements;
 be relevant to conformity of products and services and the enhancement of customer satisfaction;
 be monitored; be communicated; be updated as appropriate.
 The organization shall retain……of the quality objectives.
 When planning how to achieve its quality objectives, the organization shall determine:
 what will be done; what resources will be required; who will be responsible;
 when it will be completed; how the results will be evaluated.

54 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 6. PLANNING FOR THE QMS
6.2. QUALITY OBJECTIVES, AND PLANNING TO ACHIEVE THEM

THE SITUATION WE WANT HOW LONG ARE WE GOING

THE SITUATION NOW
TO ACHIEVE TO ALLOW.

 S.M.A.R.T. is a useful ‘system’ to use when setting and testing objectives.

SPECIFIC MEASURABLE ACHIEVABLE REALISTIC TIME-BOUND

55 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 6. PLANNING FOR THE QMS
6.2. QUALITY OBJECTIVES, AND PLANNING TO ACHIEVE THEM

OBJECTIVE 1 Section T4 will reduce rejection of wide angle lenses by 5%.

OBJECTIVE 2 Reduce waiting list for orthopaedic surgeries.

Reduce the service time for processing a standard 36 exposure 35 mm colour film with
OBJECTIVE 3 36 prints from current 2 hours to 1 hour within 6 months.

56 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 6. PLANNING FOR THE QMS
6.3 PLANNING OF CHANGES

 Where the organization determines the need for change to the QMS (see 4.4) the
change shall be carried out in a planned and systematic manner.

 The organization shall consider:

 the purpose of the change and any of its potential consequences;
 the integrity of the QMS;
 the availability of resources;
 the allocation or reallocation of responsibilities and authorities.

57 ISO 9001:2015 | UNDERSTANDING & AWARENESS

CLAUSE 7
SUPPORT
 7. SUPPORT
STRUCTURE

7.1. Resources

7.2. Competence

7.3. Awareness

7.4. Communication

7.5. Documented information

59 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 7. SUPPORT
7.1. RESOURCES

 The organization shall determine and provide the resources needed for the
establishment, implementation, maintenance and continual improvement of the QMS.

 The organization shall consider:

 the capabilities of, and constraints on, existing internal resources;
 what needs to be obtained from external providers.

 To ensure that the organization can consistently meet customer and applicable statutory
and regulatory requirements, the organization shall provide the persons necessary for
the effective operation of the QMS, including the processes needed.

 The organization shall determine, provide and maintain the infrastructure for the
operation of its processes to achieve conformity of products and services.

60 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 7. SUPPORT
7.1. RESOURCES

 The organization shall determine, provide and maintain the environment necessary for the
operation of its processes and to achieve conformity of products and services.

 Where monitoring or measuring is used for evidence of conformity of products and services to
specified requirements the organization shall determine the resources needed to ensure valid
and reliable monitoring and measuring results.

 The organization shall ensure that the resources provided:

 are suitable for the specific type of monitoring and measurement activities being undertaken;
 are maintained to ensure their continued fitness for their purpose.

 The organization shall retain appropriate documented information as evidence of fitness for
purpose of monitoring and measurement resources.

61 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 7. SUPPORT
7.1. RESOURCES

 Where measurement traceability is a statutory or regulatory requirement, a customer or

relevant interested party expectation; or considered by the organization to be an essential
part of providing confidence in the validity of measurement results; measuring
instruments shall be:

 verified or calibrated at specified intervals or prior to use against measurement standards

 traceable to international or national measurement standards. Where no such standards exist, the
basis used for calibration or verification shall be retained as documented information;
 identified in order to determine their calibration status;
 safeguarded from adjustments, damage or deterioration that would invalidate the calibration
status and subsequent measurement results.

62 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 7. SUPPORT
7.1. RESOURCES

 The organization shall determine if the validity of previous measurement results has
been adversely affected when an instrument is found to be defective during its planned
verification or calibration, or during its use, and take appropriate corrective action as
necessary.

 The organization shall determine the knowledge necessary for the operation of its
processes and to achieve conformity of products and services.

 This knowledge shall be maintained, and made available to the extent necessary.

 When addressing changing needs and trends, the organization shall consider its current
knowledge and determine how to acquire or access the necessary additional knowledge.

63 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 7. SUPPORT
7.2 COMPETENCE

 The organization shall:

 determine the necessary competence of person(s) doing work under its control that affects its
quality performance;
 ensure that these persons are competent on the basis of appropriate education, training, or
experience;
 where applicable, take actions to acquire the necessary competence, and evaluate the
effectiveness of the actions taken;
 retain appropriate ………………………….as evidence of competence.

64 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 7. SUPPORT
7.3. AWARENESS

 Persons doing work under the organization’s control shall be aware of:

 quality policy; relevant quality objectives;

 their contribution to the effectiveness of the QMS, including the benefits of improved quality
performance;
 the implications of not conforming with the QMS requirements.

65 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 7. SUPPORT
7.4. COMMUNICATION

 The organization shall determine the internal and external communications relevant to
the QMS including:

 on what it will communicate;

 when to communicate;
 with whom to communicate;
 how to communicate.

66 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 7. SUPPORT
7.5. DOCUMENTED INFORMATION

 The organization’s QMS shall include:

 documented information required by this International Standard;
 documented information determined by the organization as being necessary for the effectiveness
of the QMS.
 When creating and updating documented information the organization shall ensure
appropriate:
 identification and description (e.g. a title, date, author, or reference number);
 format (e.g. language, software version, graphics) and media (e.g. paper, electronic);
 review and approval for suitability and adequacy.
 Documented information required by the QMS and by this International Standard shall be
controlled to ensure:
 it is available and suitable for use, where and when it is needed;
 it is adequately protected (e.g. from loss of confidentiality, improper use, or loss of integrity)

67 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 7. SUPPORT
7.5. DOCUMENTED INFORMATION

 For the Control of documented information the organization shall address the following
activities, as applicable:

 Distribution, access, retrieval and use;

 Storage and preservation, including preservation of legibility;
 Control of changes (e.g. Version control);
 Retention and disposition.

 Documented information of external origin determined by the organization to be

necessary for the planning and operation of the QMS shall be identified as appropriate,
and controlled.

68 ISO 9001:2015 | UNDERSTANDING & AWARENESS

CLAUSE 8
OPERATIONS
 8. SUPPORT
STRUCTURE

8.1. Operational planning & control

8.2. Requirements for products and services

8.3. Design and development of products and services

8.4. Control of externally provided products and services

8.5. Production and service provision

8.6. Release of goods and services

8.7. Control of non-conforming process outputs, products and services

70 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.1. OPERATIONAL PLANNING AND CONTROL

 The organization shall plan, implement and control the processes, as outlined in 4.4, needed to
meet requirements for the provision of products and services and to implement the actions
determined in 6.1 by:
 Determining requirements for the product and services;
 Establishing criteria for the processes and for the acceptance of products and services;
 Determining the resources needed to achieve conformity to product and service requirements;
 Implementing control of the processes in accordance with the criteria;
 Retaining documented information to the extent necessary to have confidence that the processes have
been carried out as planned and to demonstrate conformity of products and services to requirements.
 The output of this planning shall be suitable for the organization's operations.
 The organization shall control planned changes and review the consequences of unintended
changes, taking action to mitigate any adverse effects, as necessary.
 The organization shall ensure that outsourced processes are controlled in accordance with 8.4.

71 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.2 DETERMINATION OF REQUIREMENTS FOR PRODUCTS AND SERVICES

 The organization shall establish the processes for communicating with customers in
relation to:
 Information relating to products and services;
 Enquiries, contracts or order handling, including changes;
 Obtaining customer views and perceptions, including customer complaints;
 The handling or treatment of customer property, if applicable;
 Specific requirements for contingency actions ,when relevant.
 The organization shall establish, implement and maintain a process to determine the
requirements for the products and services to be offered to potential customers.
 The organization shall ensure that:
 Product and service requirements (including those considered necessary by the organisation), and
applicable statutory and regulatory requirements, are defined;
 It has the ability to meet the defined requirements and substantiate the claims for the products and
services it offers.

72 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.2 DETERMINATION OF REQUIREMENTS FOR PRODUCTS AND SERVICES

 The organization shall review, as applicable:

 Requirements specified by the customer, including the requirements for delivery and post-delivery
activities;
 Requirements not stated by the customer, but necessary for the customers' specified or intended
use, when known;
 Additional statutory and regulatory requirements applicable to the products and services;
 Contract or order requirements differing from those previously expressed.

73 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.2 DETERMINATION OF REQUIREMENTS FOR PRODUCTS AND SERVICES

 This review shall be conducted prior to the organization’s commitment to supply

products and services to the customer and shall ensure contract or order requirements
differing from those previously defined are resolved.

 Where the customer does not provide a documented statement of their requirements, the
customer requirements shall be confirmed by the organization before acceptance.

 Documented information describing the results of the review, including any new or
changed requirements for the products and services, shall be retained.

 Where requirements for products and services are changed, the organization shall
ensure that relevant documented information is amended and that relevant personnel are
made aware of the changed requirements.

74 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.3 DESIGN AND DEVELOPMENT OF PRODUCTS AND SERVICES

 Where the detailed requirements of the organization’s products and services are not
already established or not defined by the customer or by other interested parties, such
that they are adequate for subsequent production or service provision, the organization
shall establish, implement and maintain a design and development process.

 In determining the stages and controls for design and development, the organization shall
consider:

 The nature, duration and complexity of the design and development activities;
 Requirements that specify particular process stages, including applicable design and development
reviews;
 The required design and development verification and validation;

75 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.3 DESIGN AND DEVELOPMENT OF PRODUCTS AND SERVICES

 The responsibilities and authorities involved in the design and development process;
 The need to control interfaces between individuals and parties involved in the design and
development process;
 The need for involvement of customer and user groups in the design and development process;
 The necessary documented information to confirm that design and development requirements
have been met.

 The organization shall determine:

 Requirements essential for the specific type of products and services being designed and
developed, including, as applicable, functional and performance requirements;
 Applicable statutory and regulatory requirements;

76 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.3 DESIGN AND DEVELOPMENT OF PRODUCTS AND SERVICES

 Standards or codes of practice that the organization has committed to implement;

 Internal and external resource needs for the design and development of products and services;
 The potential consequences of failure due to the nature of the products and services;
 The level of control expected of the design and development process by customers and other
relevant interested parties.

 Inputs shall be adequate for design and development purposes, complete, and
unambiguous conflicts among inputs shall be resolved.

77 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.3 DESIGN AND DEVELOPMENT OF PRODUCTS AND SERVICES

 The controls applied to the design and development process shall ensure that:

 The results to be achieved by the design and development activities are clearly defined;
 Design and development reviews are conducted as planned;
 Verification is conducted to ensure that the design and development outputs have met the design
and development input requirements;
 Validation is conducted to ensure that the resulting products and services are capable of meeting
requirements for the specified application or intended use (when known).

78 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.3 DESIGN AND DEVELOPMENT OF PRODUCTS AND SERVICES

 The organization shall ensure that design and development outputs:

 Meet the input requirements for design and development;

 Are adequate for the subsequent processes for the provision of products and services;
 Include or reference monitoring and measuring requirements, and acceptance criteria, as
applicable;
 Ensure products to be produced, or services to be provided, are fit for intended purpose and their
safe and proper use.
 The organization shall retain the documented information resulting from the design and
development process.

79 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.3 DESIGN AND DEVELOPMENT OF PRODUCTS AND SERVICES

 The organization shall review, control and identify changes made to design inputs and
design outputs during the design and development of products and services or
subsequently, to the extent that there is no adverse impact on conformity to requirements.

 Documented information on design and development changes shall be retained.

80 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.4 CONTROL OF EXTERNALLY PROVIDED PRODUCTS AND SERVICES

 The organization shall ensure that externally provided processes, products, and services
conform to specified requirements.

 The organization shall apply the specified requirements for the control of externally
provided products and services when:

 Products and services are provided by external providers for incorporation into the organization’s
own products and services;
 Products and services are provided directly to the customer(s) by external providers on behalf of
the organization;

81 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.4 CONTROL OF EXTERNALLY PROVIDED PRODUCTS AND SERVICES

 A process or part of a process is provided by an external provider as a result of a

decision by the organization to outsource a process or function.

 The organization shall establish and apply criteria for the evaluation, selection,
monitoring of performance and re-evaluation of external providers based on their ability to
provide processes or products and services in accordance with specified requirements.

 The organization shall retain appropriate ………..Of the results of the evaluations,
monitoring of the performance and re-evaluations of the external providers.

82 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.4 CONTROL OF EXTERNALLY PROVIDED PRODUCTS AND SERVICES

 In determining the type and extent of controls to be applied to the external provision of
processes, products and services, the organisation shall take into consideration:

 The potential impact of the externally provided processes, products and services on the
organization’s ability to consistently meet customer and applicable statutory and regulatory
requirements
 The perceived effectiveness of the controls applied by the external provider.

83 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.4 CONTROL OF EXTERNALLY PROVIDED PRODUCTS AND SERVICES

 The organization shall establish and implement verification or other activities necessary
to ensure the externally provided processes, products and services do not adversely
affect the organisation's ability to consistently deliver conforming products and services to
its customers.

 Processes or functions of the organization which have been outsourced to an external

provider remain within the scope of the organization’s qms; accordingly, the organization
shall consider a) and b) above and define both the controls it intends to apply to the
external provider and those it intends to apply to the resulting process output.

84 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.4 CONTROL OF EXTERNALLY PROVIDED PRODUCTS AND SERVICES

 The organization shall communicate to external providers applicable requirements for

the following:
 the products and services to be provided or the processes to be performed on behalf of the
organization;
 approval or release of products and services, methods, processes or equipment;
 competence of personnel, including necessary qualification;
 their interactions with the organization's QMS;
 the control and monitoring of the external provider’s performance to be applied by the
organization;
 verification activities that the organization, or its customer, intends to perform at the external
provider’s premises.
 The organization shall ensure the adequacy of specified requirements prior to their
communication to the external provider.

85 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.5 PRODUCTION AND SERVICE PROVISION

 The organization shall implement controlled conditions for production and service provision,
including delivery and post-delivery activities.
 Controlled conditions shall include, as applicable:
 The availability of documented information that defines the characteristics of the products and services;
 The availability of documented information that defines the activities to be performed and the results to
be achieved;
 Monitoring and measurement activities at appropriate stages to verify that criteria for control of processes
and process outputs, and acceptance criteria for products and services, have been met.
 The use, and control of suitable infrastructure and process environment;
 The availability and use of suitable monitoring and measuring resources;
 The competence and, where applicable , required qualification of persons
 The validation, and periodic revalidation, of the ability to achieve planned results of any process for
production and service provision where the resulting output cannot be verified by subsequent monitoring
or measurement;
 The implementation of products and services release, delivery and post-delivery activities.

86 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.5 PRODUCTION AND SERVICE PROVISION

 Where necessary to ensure conformity of products and services, the organization shall use suitable
means to identify process outputs.

 The organization shall identify the status of process outputs with respect to monitoring and
measurement requirements throughout production and service provision.

 Where traceability is a requirement, the organization shall control the unique identification of the
process outputs, and retain any documented information necessary to maintain traceability.

 The organization shall exercise care with property belonging to the customer or external providers
while it is under the organization's control or being used by the organization. The organization shall
identify, verify, protect and safeguard the customer’s or external provider’s property provided for use or
incorporation into the products and services.

 When property of the customer or external provider is incorrectly used, lost, damaged or otherwise
found to be unsuitable for use, the organization shall report this to the customer or external provider.

87 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.5 PRODUCTION AND SERVICE PROVISION

 The organization shall ensure preservation of process outputs during production and service
provision, to the extent necessary to maintain conformity to requirements.
 As applicable, the organization shall meet requirements for post-delivery activities associated
with the products and services.
 In determining the extent of post-delivery activities that are required, the organisation shall
consider:
 The risks associated with the products and services;
 The nature, use and intended lifetime of the products and services;
 Customer feedback;
 Statutory and regulatory requirements.
 The organization shall review and control unplanned changes essential for production or
service provision to the extent necessary to ensure continuing conformity with specified
requirements.
 The organization shall retain ……….describing the results of the review of changes, the
personnel authorizing the change, and any necessary actions.

88 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.6 RELEASE OF PRODUCTS AND SERVICES

 The organization shall implement the planned arrangements at appropriate stages to

verify that product and service requirements have been met. Evidence of conformity with
the acceptance criteria shall be retained.

 The release of products and services to the customer shall not proceed until the planned
arrangements for verification of conformity have been satisfactorily completed, unless
otherwise approved by a relevant authority and, as applicable, by the customer.
Documented information shall provide traceability to the person(s) authorizing release of
products and services for delivery to the customer

89 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.7 CONTROL OF NONCONFORMING PROCESS OUTPUTS, PRODUCTS AND SERVICES

 The organization shall ensure process outputs, products and services that do not
conform to requirements are identified and controlled to prevent their unintended use or
delivery.

 The organization shall take appropriate corrective action based on the nature of the
nonconformity and its impact on the conformity of products and services. This applies also
to nonconforming products and services detected after delivery of the products or during
the provision of the service.

 The organization shall ensure process outputs, products and services that do not
conform to requirements are identified and controlled to prevent their unintended use or
delivery.

90 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 8. OPERATION
8.7 CONTROL OF NONCONFORMING PROCESS OUTPUTS, PRODUCTS AND SERVICES

 The organization shall take appropriate corrective action based on the nature of the
nonconformity and its impact on the conformity of products and services. This applies also to
nonconforming products and services detected after delivery of the products or during the
provision of the service. As applicable, the organization shall deal with nonconforming process
outputs, products and services in one or more of the following ways:
 Correction;
 Segregation, containment, return or suspension of provision of products and services;
 Informing the customer;
 Obtaining authorization for: use “as-is’; release, continuation or re-provision of the products and
services; acceptance under concession.
 Where nonconforming process outputs, products and services are corrected, conformity to the
requirements shall be verified.
 The organization shall retain documented information of actions taken on nonconforming
process outputs, products and services, including on any concessions obtained and on the
person or authority that made the decision regarding dealing with the nonconformity,

91 ISO 9001:2015 | UNDERSTANDING & AWARENESS

CLAUSE 9
PERFORMANCE EVALUATION
 9. PERFORMANCE EVALUATION
STRUCTURE

9.1. Monitoring measurement, analysis and evaluation

9.2 . Internal Audit

9.3 . Management Review

93 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 9. PERFORMANCE EVALUATION
9.1 MONITORING, MEASUREMENT, ANALYSIS AND EVALUATION

 The organization shall determine:

 What needs to be monitored and measured;
 The methods for monitoring, measurement, analysis & evaluation, as applicable, to ensure valid results;
 When the monitoring and measuring shall be performed;
 When the results from monitoring and measurement shall be analysed and evaluated.
 The organization shall ensure that monitoring and measurement activities are implemented in
accordance with the determined requirements and shall retain appropriate documented
information as evidence of the results.
 The organization shall evaluate the quality performance and the effectiveness of the QMS. The
organization shall monitor customer perceptions of the degree to which requirements have been
met.
 The organization shall obtain information relating to customer views and opinions of the
organisation and its products and services. The methods for obtaining and using this information
shall be determined.

94 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 9. PERFORMANCE EVALUATION
9.1 MONITORING, MEASUREMENT, ANALYSIS AND EVALUATION

 The organization shall analyse and evaluate appropriate data and information arising
from monitoring, measurement and other sources.

 The output of analysis and evaluation shall be used to:

 demonstrate conformity of products and services to requirements;
 assess and enhance customer satisfaction;
 ensure conformity and effectiveness of the QMS;
 demonstrate that planning has been successfully implemented;
 assess the performance of processes;
 assess the performance of external provider(s);
 determine the need or opportunities for improvements within the QMS.

 The results of analysis and evaluation shall also be used to provide inputs to
management review.

95 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 9. PERFORMANCE EVALUATION
9.2 INTERNAL AUDIT

 The organization shall conduct internal audits at planned intervals to provide information on
whether the QMS;
 Conforms to:
 The organization’s own requirements for its QMS;
 The requirements of this international standard;
 Is effectively implemented and maintained.
 The organization shall:
 Plan, establish, implement and maintain an audit programme(s) including the frequency, methods,
responsibilities, planning requirements and reporting, which shall take into consideration the quality
objectives, the importance of the processes concerned, customer feedback, changes impacting on the
organisation, and the results of previous audits;
 Define the audit criteria and scope for each audit;
 Select auditors and conduct audits to ensure objectivity and the impartiality of the audit process;
 Ensure that the results of the audits are reported to relevant management;
 Take necessary correction and corrective actions without undue delay;
 Retain documented information as evidence of the implementation of the audit programme and the audit
results.

96 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 9. PERFORMANCE EVALUATION
9.3 MANAGEMENT REVIEW

 Top management shall review the organization's QMS, at planned intervals, to ensure its
continuing suitability, adequacy, and effectiveness.
 The management review shall be planned and carried out taking into consideration:
 the status of actions from previous management reviews;
 changes in external and internal issues that are relevant to the QMS including its strategic
direction;
 information on the quality performance, including trends and indicators for:
 nonconformities and corrective actions;
 monitoring and measurement results;
 audit results;
 customer satisfaction;
 issues concerning external providers and other relevant interested parties;
 adequacy of resources required for maintaining an effective QMS;
 process performance and conformity of products and services;
 the effectiveness of actions taken to address risks and opportunities (see clause 6.1);

97 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 9. PERFORMANCE EVALUATION
9.3 MANAGEMENT REVIEW

 New potential opportunities for continual improvement.

 The outputs of the management review shall include decisions and actions related to:

 continual improvement opportunities;

 any need for changes to the QMS, including resource needs.

 The organization shall retain documented information as evidence of the results of

management reviews.

98 ISO 9001:2015 | UNDERSTANDING & AWARENESS

CLAUSE 10
IMPROVEMENT
 10. IMPROVEMENT
STRUCTURE

10.1. General Improvement

10.2. Non-conformity and corrective action

10.3. Continuous improvement

100 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 10. IMPROVEMENT
10.1 GENERAL

 The organization shall determine and select opportunities for improvement and
implement necessary actions to meet customer requirements and enhance customer
satisfaction.

 This shall include, as appropriate:

a) improving processes to prevent nonconformities;

b) improving products and services to meet known and predicted requirements;
c) improving QMS results.

101 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 10. IMPROVEMENT
10.2 NONCONFORMITY AND CORRECTIVE ACTION

 When a nonconformity occurs, including those arising from complaints, the organization
shall:

a) react to the nonconformity, and as applicable:

1. take action to control and correct it;

2. deal with the consequences;

b) evaluate the need for action to eliminate the cause(s) of the nonconformity, in order that it
does not recur or occur elsewhere, by:

1. reviewing the nonconformity;

2. determining the causes of the nonconformity;
3. determining if similar nonconformities exist, or could potentially occur;

102 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 10. IMPROVEMENT
10.2 NONCONFORMITY AND CORRECTIVE ACTION

c) implement any action needed;

d) review the effectiveness of any corrective action taken;

e) make changes to the QMS, if necessary.

 Corrective Actions shall be appropriate to the effects of the non conformities encountered
 The organization shall retain documented information as evidence of:

a) the nature of the nonconformities and any subsequent actions taken;

b) the results of any corrective action.

103 ISO 9001:2015 | UNDERSTANDING & AWARENESS

 10. IMPROVEMENT
10.3 CONTINUAL IMPROVEMENT

 The organization shall continually improve the suitability, adequacy, and effectiveness of
the QMS.

 The organization shall consider the outputs of analysis and evaluation, and the outputs
from management review, to confirm if there are areas of underperformance or
opportunities that shall be addressed as part of continual improvement.

 Where applicable, the organization shall select and utilise applicable tools and
methodologies for investigation of the causes of underperformance and for supporting
continual improvement.

104 ISO 9001:2015 | UNDERSTANDING & AWARENESS