Category Archives: ISO 9001

9001:2015, ISO 9001, Planning

Planning – 9001:2015 Draft of Section 6

Leave a comment

As a work of the U.S. federal government, the image is in the public domain.“Plans are nothing; planning is everything.” – Dwight D. Eisenhower

ISO 9001:2015, according to the latest Committee Draft (CD), has an entirely new layout and some new content. In the past, we’ve looked at section 4, “Context, and then section 5, “Leadership.

Continuing along in the series, here’s a look at the next section – section 6, “Planning“.

There are only three subsections, making the whole piece relatively short:

  1. “Actions to address risks and opportunities”,
  2. “Quality objectives and planning to achieve them”, and
  3. “Planning of changes”

Actions to address risks and opportunities requires that a company consider external and internal issues, referring to context and interested parties (see our preview of section 4), as well as determine the risks and opportunities implied by them.

Context, to save you a click, refers to both Internal and external context. External means issues arising from legal, technological, competitive, cultural, social, economic and natural environment. Internal refers to perceptions, values and culture of the organization.

As a result of these considerations the organization must assure that the intended outcomes of the QMS are achievable (implies that we know what the intended outcomes are, right?). Also, that product conformity (product = goods and services) along with customer satisfaction is maintained. As a result of planning, the company has to prevent, or reduce undesired effects and – improve.

With the above considerations in mind, an action plan is made to address risks and opportunities and this will include how to integrate (the standard actually says “implement”) these actions into the QMS.

Risk DeterminationAnd, after doing that – the effectiveness of this plan must be evaluated.  The standard goes on to say, essentially, that the actions must be proportionate to the effects. A note suggests avoidance, mitigation and acceptance as options for dealing with risk. Bigger risk should equal stronger planning.

You should come to the conclusion that somewhere along the line you’d need some way to measure the effectiveness of the plan, and have some basis on which to measure improvement.

Well, you’d be right, as the standard goes on to require that quality objectives be established at all “relevant” functions.  This text is the same in the current version though in the 2015 the requirement becomes more formalized. Note that if you have a function, level or process without any objectives then you’d have to say that function, level or process isn’t relevant – if that is so, then why have it? (“Will all non-essential personnel please report to the parking lot…”)

The last bit within section six relates to handling changes – and that changes shall be planned. Again, an expansion of a current requirement.

A few examples of possibly applicable changes:

  • New management or management representative,
  • New ownership or partner,
  • Different context (internal or external),
  • New machinery,
  • Alien invasion (good luck!).

New situations must be accounted for, and a plan developed (glasses of water – everywhere).

Section Summary

Let’s try and summarize all that. Is the standard now asking for a document called “Quality Plan”? I vote “nope”, or “mostly nope” – in the case of a change, there will likely be something documented specific to the event. In most other situations, though, “Plan” can be either a noun, or a verb (as has always been the case).

section 6

For some, it will be an actual document, or a set of documents specific to a product or process that includes all of the considerations prescribed (noun). Some of you may know of the concept of “Control Plan” – this would be something like that. Generated for a specific product, or prior to each job, for example. A job router may serve this purpose, if it indeed considers what needs considering.

For others, the system itself; the various procedures, work instructions, machinery etc. – is the result of the exercise in planning (verb). “We planned, taking into consideration risk and opportunities, etc. etc. – and we came up with THIS.” a broad sweep of the arm to indicate the factory space and the documented system that describes and controls it.

There really isn’t a new requirement here – an added level, I hesitate to call it a burden, of record keeping perhaps – something showing the risks and opportunities and metrics measuring how the processes are behaving in light of them.

There will be some initial head scratching, but I think this section will be relatively easy to implement.

Thanks for your attention; go forth – calibrate thyself. Or – come up with a plan first, then calibrate thyself.

Sal

9001:2015, Improvement, ISO 9001, Leadership

“Leadership” – 9001:2015 Draft of Section 5

Leave a comment

Leadership: The art of getting someone else
to do something you want done
because he wants to do it. – Dwight D. Eisenhower

ISO 9001:2015 has an entirely new layout and some new content. A few weeks ago, we looked at section 4, “Context. Continuing along in the series, here’s a look at the next section.

ISO 9001:2015 Draft – Section 5 “Leadership”

The entire section borders on an exercise in semantics as this concept is an offshoot of the previous version’s “Management Commitment”, at least as a starting point. There are some definite differences though, so I wouldn’t gloss over it.

Leadership Section 5The section starts out with “Leadership and commitment” and that it shall be demonstrated. One might ask how – well, specifically by eight methods. I’ve decided not to hash into the three that already exist (almost verbatim) as requirements in ISO 9001:2008, but there are a few differences or at least accentuations of previous focus:

  • Promoting awareness of the process approach. An interesting one there. Auditors would expect some level of training. Will likely be a valuable debate as to the difference between “awareness” and “training”. This is an important distinction, because if it is training, then there has to be some measure of training effectiveness.
  • Ensuring that the quality management system achieves its intended outputs. Not exactly new, but it does highlight the focus on the process approach. It implies the outputs have to be defined.
  • Engaging, directing and supporting persons to contribute to the effectiveness of the quality management system. This should be interesting from an audit perspective; some kind of evidence will need to be present.
  • Promoting continual improvement and innovation. I get a small kick out of this one, because it mentions “continual improvement” – when the word “continual” has been stricken from the gospel in the 2015 version. Ultimately, I expect this to read “Promoting improvement and innovation”… and “innovation”? I’m as interested as you are in what one might look for to show innovation. Benchmarking? Innovation in what context? There are some business models that thrive on creating for the status quo. Questions that I hope the next draft iron out.
  • Supporting other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility. This is referring to a pass-down effect to avoid islands of leadership within the larger organization.

The next subsection is “Leadership and commitment with respect to the needs and expectations of customers”.

Two main concepts here, “customer focus” and “risks”- both are combined to address the determination of customer requirements including any applicable statutory and regulatory requirements, as well as enhancing customer satisfaction by meeting them.

Really, other than risk – which is more deeply ingrained in another section – not too different than what exists.

Quality policy is within element 5, no big surprises with regard to content. Let’s not worry about it for now.

And lastly, the section contains “organizational roles, responsibilities and authorities” again, nothing new here, other than a focus on intended outputs. Very much an expansion of the old section 5.5 with a few related consolidations from other sections.

There you have it, a quick summary of what is currently in the draft of the next version of ISO 9001. Naturally, the content of the draft is likely to change to some degree, so I wouldn’t make too many changes to your current system or documentation. But it does give a good indicator of what direction the standard is going toward, namely one of simplicity and consistency. How far it gets in that endeavor, remains to be seen.

Thanks for following along – go forth now, and calibrate thyself.
Sal

 

9001:2015, Context, ISO 9001

9001:2015 Draft of Section 4 – “Context”

Leave a comment

“Priority is a function of context.” –  Stephen R. Covey

Even as clients deal with the real-world challenges offered by ISO 9001:2008, the new draft of ISO 9001:2015 will offer a few more concepts to adapt to. I hear about them nearly every day. What this new section reveals is not exactly a new angle for ISO 9001, but it will require some getting used to.

What follows in an overview of the newly drafted Section 4, “Context” in the latest CD (Committee Draft) that will become ISO 9001:2015.

ISO 9001:2015 Draft – Section 4 “Context of the Organization”

Context - Section 44.1 Understanding the organization and its context
4.2 Understanding the needs and expectations of interested parties
4.3 Determining the scope of the quality management system
4.4 Quality management system

Context” – new word for ISO 9001; the conditions in which an entity exists. My definition, the standard doesn’t give one specifically.

It divides context into both Internal and External.

There’s a note that covers what External Context entails very well, “legal, technological, competitive, cultural, social, economic and natural environment, whether international, national, regional or local.”

This would be an expansion of the current pieces referring to Statutory and Regulatory. For most this will include the Code of Federal Regulations (CFR); OSHA, DOT and the International Traffic in Arms Regulations (ITAR), typically. There are other examples, of course – I have California clients that must address requirements for earthquake resistance to comply with the “California Building Code”.

Massachusetts clients must comply with that state’s General Law Chapter 93H and its new regulations 201 CMR 17.00 for Personal Information Security – these are just a few. The point being that the standard expects the question of what external forces are relevant to the business and how do they impact the ability to meet customer needs – to be answered. This is a slight shift, by the way, from the 2008 stance of treating these external concerns as customers, if obliquely.

External context would also imply benchmarking as a standard practice (want to know more about benchmarking? Leave a note in the comments or send me an email and I’ll make a blog entry on it).

Customer feedback would tie here as well, and market analysis in general. To me this would imply something along the lines of “House of Quality” and “Quality Functional Deployment” (QFD) tools and techniques.

An analysis of those involved with the supply chain is also a required consideration.

Internal Context refers to perceptions, values and the culture of the organization. These are going to be the more familiar elements of a Process-based quality system; defining inputs, processes, and outputs. And, of course, defining the scope of the QMS (within limits).

So, the major addition is the concept of External Context, and this is merely a logical expansion of what already exists in 9001: 2008.

For companies wishing to be ready for the next version a deeper review of the context in which they do business would be in order. Most auditors won’t have any specific knowledge of what these would be, but they could certainly ask the question, “By what means have you investigated the context of the business, and what external laws or regulations apply here?” They will, of course have some knowledge from similar companies…

As always, if there’s something in particular you’d like covered, drop me a note or comment. And check out my Facebook page: QMSC

Thank you – go forth, and calibrate thyself.

Sal

P.S. – Section 5, Leadership – is covered HERE