UnderstandIingISO9001 2015eBookSample PDF

Understanding ISO 9001:2015
Quality Management System Requirements
Copyright Notice
Copyright 2015 by Arthur J. Lewis - All rights reserved
No part (information or graphics) of this publication may be reproduced,

distributed, or transmitted or commercially exploited in any form or by any
means, including photocopying, recording, copy-typing or copying and pasting
onto your website, blog or elsewhere, or other electronic or mechanical methods,
without the prior written permission of the author, except in the case of brief
quotations embodied in critical reviews and certain other noncommercial uses
permitted by copyright law. For permission requests, please contact the author at
artjlewis@gmail.com
Disclaimer
The information provided within this eBook is based on my personal knowledge,
thoughts and interpretation of ISO 9001:2015 requirements and from 45 years of
experience in business. This book has not been created to be specific to any
organizations situation or needs. It is not intended to be the definitive word on
ISO 9001 interpretation and implementation. You may discover there are other
equally acceptable methods and information to accomplish the same end result.
While I have made every effort to ensure that the information in this eBook was
correct at the time of publication, I make no representations or warranties,
express or implied, about the completeness, accuracy, reliability, suitability or
availability with respect to the information or related graphics contained in this
eBook for any purpose.
I do not assume and hereby disclaim any liability to any party for any loss,
damage, or disruption caused by errors or omissions, whether such errors or
omissions result from accident, negligence, or any other cause.
2
2015 Copyright Art Lewis askartsolutions.com
About The Author
A. J. (Art) Lewis
Business Management Consultant
SUMMARY
Art applies over 45 years of strong business and operations management experience to
provide results-oriented ISO 9001, AS 9100 (aerospace) and TS 16949 (automotive)
consulting, using a risk management approach. His services include interpretation,
documentation, system development, training, project management and system audits
leading to successful certification to these quality management standards. He has earned
a reputation for getting his clients certified, on their first attempt, on time, and within
budget. He also provides business planning, process streamlining and other value-added
services.
EXPERIENCE / ACCOMPLISHMENTS
Consultancy: He has helped over 200 clients in a wide variety of industries achieve
ISO 9001, AS9100 and TS 16949 certification. Industries include automotive metal
stamping and screw machine, fabrication, machining, assembly, electrostatic and
chrome plating, heat-treating, coatings, glass, plastic and rubber product and services,
electrical and electronic equipment, assemblies & components, UPS and batteries,
computer hardware and software, printing, placement and temporary help,
warehousing and distribution, repair facilities, consumer credit counseling agencies,
banks, call centers, etc.
Training: He has delivered public and on-site quality management training to over
4,000 students. Courses include ISO/TS RAB approved Lead Auditor, Internal
Auditing, Implementation, Documentation, as well as customized ISO/AS/TS courses,
PPAP, FMEA, APQP and Control Plans. He has written the accredited Lead Auditor
Course for BSI in the US as well as Understanding ISO 9001:2008 and 2015 and other
related publications.
Auditing: He has conducted over 300 third party registration and surveillance audits
and dozens of gap, internal and pre-assessment audits to ISO/AS/TS Standards, in the
manufacturing and service sectors. He has worked as a freelance Lead Auditor with
major Registrars such as BSI, BV and SAI Global.
Other services: He has provided business planning, restructuring, asset
management, systems and lean manufacturing services to a variety of manufacturing
and service clients such as printing, plastics, automotive, transportation and custom
brokerage, warehousing and distribution, electrical and electronics, trading, equipment
leasing, etc.
Education & professional certification: Art has held IRCA certified Lead Auditor for
ISO 9000 as well as QS 9000 Lead Assessor certification. He holds a Bachelor of
Commerce degree and has a Canadian CPA and CMA designation. Prior to becoming a
business consultant more than 25 years ago, he has held senior financial (Vice
President - Finance & Administration and Controllership) positions in major Canadian
and US organizations.
For more on Arts work, please visit askartsolutions.com
3
Contents - ISO 9001:2015
Page
Copyright and Disclaimer 2
Authors biography 3
List of Contents 4
Foreword 6
Overview 7
Correlation matrices - ISO 9001:2008 to ISO 9001:2015 and vice versa 9
Key themes 14
Introduction 15
Quality management principles 23
Process approach 30
Risk based thinking 51
1 Scope 56
2 Normative references 59
3 Terms and definitions 59
4 Context of the organization 60
4.1 Understanding the organization and its context 60
4.2 Understanding the needs and expectations of interested parties 69
4.3 Determining the scope of the quality management system 81
4.4 Quality management system and its processes 86
5 Leadership 103
5.1 Leadership and commitment 104
5.1.1 General 104
5.1.2 Customer focus 114
5.2 Policy 118
5.2.1 Developing the quality policy 118
5.2.2 Communication the quality policy 121
5.3 Organizational roles, responsibilities and authorities 124
6 Planning 128
6.1 Actions to address risks and opportunities 129
6.2 Quality objectives and planning to achieve them 144
6.3 Planning of changes 157
7 Support
7.1 Resources 163
7.1.1 General 163
7.1.2 People 171
7.1.3 Infrastructure 175
7.1.4 Environment for the operation of processes 179
7.1.5 Monitoring and measuring resources 183
7.1.6 Organizational knowledge 193
7.2 Competence 198
7.3 Awareness 203
7.4 Communication 205
7.5 Documented information 208
7.5.1 General 209
7.5.2 Creating and updating 216
7.5.3 Control of documented information 218
4
Contents - ISO 9001:2015

Page
8 Operation 222
8.1 Operational planning and control 223
8.2 Requirements for products and services 226
8.2.1 Customer communication 226
8.2.2 Determining the requirements related to products and services 228
8.2.3 Review of requirements related to products and services 230
8.2.4 Changes to requirements for products and services 232
8.3 Design and development of products and services 234
8.3.1 General 235
8.3.2 Design and development planning 235
8.3.3 Design and development inputs 241
8.3.4 Design and development controls 246
8.3.5 Design and development outputs 250
8.3.6 Design and development changes 253
8.4 Control of externally provided processes, product and services 254
8.4.1 General 254
8.4.2 Type and extent of control 260
8.4.3 Information for external providers 268
8.5 Production and service provision 271
8.5.1 Control of production and service provision 271
8.5.2 Identification and traceability 278
8.5.3 Property belonging to customers or external providers 281
8.5.4 Preservation 283
8.5.5 Post-delivery activities 284
8.5.6 Control of changes 288
8.6 Release of products and services 289
8.7 Control of nonconforming outputs 291
9 Performance evaluation
9.1 Monitoring, measurement, analysis and evaluation 296
9.1.1 General 296
9.1.2 Customer satisfaction 300
9.1.3 Analysis and evaluation 305
9.2 Internal audit 308
9.3 Management review 314
9.3.1 General 314
9.3.2 Management review inputs 315
9.3.3 Management review outputs 318
10 Improvement 320
10.1 General 320
10.2 Nonconformity and corrective action 326
10.3 Continual improvement 329
Thank You! 333
5
Foreword
The purpose of this eBook is to provide:
A clear and in-depth understanding of the intent and implication of each
clause and sub-clause of the ISO 9001:2015 standard.
Ideas, direction and sufficient insight for a quality practitioner to develop

and implement an effective quality management system (QMS) based on
this latest Standard.
Though not meant as an audit guide, there is plenty of audit evidence

provided especially for the new requirements to make this eBook very useful
to internal and external auditors.
This eBook can help:

Beginners - to understand and apply ISO 9001 requirements.
QMS managers - to develop a more effective QMS for their organization.
QMS auditors - to conduct more effective QMS audits.
Top management - to gain an understanding of ISO 9001 as a business tool.
Consultants - to provide value-added service to their clients.
Organizations looking to smoothly transition from ISO 9001:2008 to ISO
9001:2015
Presentation of this eBook
The requirements of the ISO 9001:2015 standard are shown in the light
beige box by clause and sub-clause.
Below the requirements, I explain the specific concepts, principles and

requirements. You will find important points being repeated or further
elaborated in different parts of the standard. Whenever I make reference to
you or your QMS, I refer to your organizations or facilitys QMS.
At the end of each section I provide test questions to strengthen your

understanding of that section. The answers will generally be found within that
section.
How to get the maximum benefit out of this eBook
In going through this eBook, I suggest:

1. You read each section more than once.
2. Answer all test questions before moving on to the next section. Review the
section if your answer is not correct or incomplete.
3. As you go through each section, pick a business process or activity within
your organization and practice applying the information to it.
4. Take your time. Dont try and rush through the material. There are a lot of
golden nuggets of information you may overlook.
6
By diligently following this approach you will learn a lot faster; connect the dots
on the various requirements; and be able to effectively apply this knowledge to
implement or audit a QMS or provide value-added consulting services.
Overview
0. Introduction
1. Scope
2. Normative Reference
3. Terms and Definitions
4. Context of the organization
5. Leadership
6. Planning
7. Support
8. Operations
9. Performance Evaluation
10. Improvement
Overview
The ISO 9001 standard is organized under the major headings listed above (0 -
10). The first four headings (clauses 0-3) do not provide any requirements for a
QMS. They provide background information on key concepts and elements
that form the foundation or backbone of the standard.
The remaining seven headings (clauses 4 through 10) provide the mandatory
requirements for your QMS. Each major clause heading has several sub-clauses.
Collectively, these seven clauses set out the requirements for developing
and implementing your QMS.
The following is a summary explanation of these 11 headings of the ISO

9001:2015 standard.
Clause 0 Introduction
0.1 General
This subsection introduces a range of topics such as - the benefits of
implementing a QMS; concepts such as the process approach, PDCA (plan-do-
check-act), risk-based thinking, the need to adopt improvement, clarification of
terminology, and provision of flexibility in applying the requirements of the
standard to an organizations QMS, and that QMS requirements supplement
product and service requirements
0.2 Quality Management Principles
This subsection introduces the seven quality management principles that underlie
and form the basis for this standard.
0.3 Process approach
This subsection explains the process approach and the related PDCA (plan-do-
check-act) cycle, as well as the concept of risk-based thinking.
7
0.4 Relationship with other management systems
This subsection explains how this standard is related to ISO 9000 and ISO 9004.
Clause 1 Scope
This clause explains the scope of this standard
Clause 2 Normative references
This clause references the ISO 9000:2015 standard QMS fundamentals and
vocabulary, as being indispensable for applying ISO 9001:2015
Clause 3 Terms and definitions
This clause references ISO 9000:2015 for all terms and definitions used in ISO
9001:2015
Clause 4 Context of the organization sets requirements to understand the

organization and its context; understand the needs and expectations of
interested parties; determine the scope of the QMS; and establish and implement
the QMS and its processes.
Clause 5 - Leadership - sets requirements for top management to provide

leadership and commitment; promote customer focus; establish and
communicate the quality policy; and ensure that organizational roles,
responsibilities and authorities are assigned, communicated and understood
throughout the organization.
Clause 6 - Planning - sets requirements to determine and take actions to

address the risks and opportunities with reference to the context of the
organization and relevant interested parties; establish quality objectives and
plans to achieve them; and plan for changes to the QMS.
Clause 7 - Support - sets requirements to provide resources (people,

infrastructure, environment, monitoring and measuring; organizational
knowledge); ensure competence, awareness and communications; and control of
documented information needed for implementing, maintaining and improving
the QMS.
Clause 8 - Operations - sets requirements to plan and control the various

operational processes needed to provide products and services that meet
customer requirements. These processes cover customer requirements; design
and development; external providers of resources, processes, products and
services; production; and control of nonconforming product and services. There
are many sub-clauses within each of these main requirements.
Clause 9 Performance Evaluation - sets requirements to monitor, measure,

analyze and evaluate QMS and process performance. This clause covers customer
satisfaction feedback; internal audit and management review.
8
Clause 10 - Improvement - sets requirements to pursue opportunities to
improve product and services; manage risk and take corrective actions to
improve QMS performance, meet customer requirements and enhance customer
satisfaction.
Correlation Matrix - ISO 9001:2008 to ISO 9001:2015

ISO 9001:2008 Clauses ISO 9001:2015 Clauses
Contents Contents
Foreword Foreword
Introduction Introduction
0.1 General 0.1 General
0.2 Process approach 0.3 Process approach;
0.4 Plan-Do-Check-Act cycle
0.3 Relationship with ISO 9004 0.4 Relationship with other management systems
0.4 Compatibility with other management 0.4 Relationship with other management systems
systems
1. Scope 1. Scope
1.1 General 1. Scope
1.2 Application 4.3 Determining the scope of the QMS
2. Normative references 2. Normative references
3. Terms and definitions 3. Terms and definitions
4. Quality management system Removed.
4.1 General requirements 4.4 Quality management system and its processes
4.2 Documentation requirements 7.5 Documented information
4.2.1 General 7.5.1 General
4.2.2 Quality manual Removed.
4.2.3 Control of documents 7.5.2 Creating and updating;
7.5.3 Control of documented information
4.2.4 Control of records 7.5.2 Creating and updating
7.5.3 Control of documented information
5. Management responsibility 5. Leadership
5.1 Management commitment 5.1 Leadership and commitment
5.1.1 General
5.2 Customer focus 5.1.2 Customer focus
5.3 Quality policy 5.2 Quality policy
5.4 Planning 6. Planning
5.4.1 Quality objectives 6.2 Quality objectives and planning to achieve them
5.4.2 Quality management planning 6.1 Actions to address risks and opportunities
6.3 Planning of changes
5.5 Responsibility, authority, and 5.3 Organizational roles, responsibilities, and authorities
communication 7.4 Communication
5.5.1 Responsibility and authority 5.3 Organizational roles, responsibilities, and authorities
5.5.2 Management representative Removed.
5.5.3 Internal communication 7.4 Communication
5.6 Management review 9.3 Management review
5.6.2 Review input 9.3.2 Management review inputs
5.6.3 Review output 9.3.3 Management review outputs
6. Resource management 7.1 Resources
6.1 Provision of resources 7.1.1 General
7.1.2 People
6.2 Human resources Removed
6.2.1 General 7.2 Competence;
6.2.2 Competence, training, and awareness 7.2 Competence
7.3 Awareness
6.3 Infrastructure 7.1.3 Infrastructure
6.4 Work environment 7.1.4 Environment for the operation of processes
9
Correlation Matrix - ISO 9001:2008 to ISO 9001:2015

ISO 9001:2008 Clauses ISO/DIS 9001:2015 Clauses
7. Product realization 8. Operation
7.1 Planning of product realization 8.1 Operational planning and control
7.2 Customer-related processes 8.2 Determination of requirements for products and
services
7.2.1 Determination of requirements related to 8.2.2 Determination of requirements related to products
the product and services;
8.5.5 Post-delivery activities
7.2.2 Review of requirements related to the 8.2.3 Review of requirements related to products and
product services
7.2.3 Customer communication 8.2.1 Customer communication;
7.4 Communication
7.3 Design and development 8.3 Design and development of products and services
7.3.1 Design and development planning 8.3.1 General;
8.3.2 Design and development planning
7.3.2 Design and development inputs 8.3.3 Design and development inputs
7.3.3 Design and development outputs 8.3.5 Design and development outputs
7.3.4 Design and development review 8.3.4 Design and development controls
7.3.5 Design and development verification 8.3.4 Design and development controls
7.3.6 Design and development validation 8.3.4 Design and development controls
7.3.7 Control of design and development 8.3.6 Design and development changes
changes
7.4 Purchasing 8.4 Control of externally provided products and services
7.4.1 Purchasing process 8.4.1 General
8.4.2 Type and extent of control of external provision
7.4.2 Purchasing information 8.4.3 Information for external providers
7.4.3 Verification of purchased product 8.4.2 Type and extent of control of external provision
8.4.3.f Information for external providers
7.5 Production and service provision 8.5 Production and service provision (title only)
7.5.1 Control of production and service 8.5.1 Control of production and service provision
provision 8.5.5 Post-delivery activities
7.5.2 Validation of processes for production 8.5.1 Control of production and service provision
and service provision
7.5.3 Identification and traceability 8.5.2 Identification and traceability
7.5.4 Customer property 8.5.3 Property belonging to customers or external
providers
7.5.5 Preservation of product 8.5.4 Preservation
7.6 Control of monitoring and measuring 7.1.5 Monitoring and measuring resources
equipment
8. Measurement, analysis, and improvement 9. Performance evaluation
9.1 Monitoring, measurement, analysis, and evaluation
8.1 General 9.1.1 General
8.2 Monitoring and measurement 9.1 Monitoring, measurement, analysis, and evaluation
8.2.1 Customer satisfaction 9.1.2 Customer satisfaction
8.2.2 Internal audit 9.2 Internal audit
8.2.3 Monitoring and measurement of 9.1.1 General
processes 9.1.3 Analysis and evaluation
8.2.4 Monitoring and measurement of product 8.6 Release of products and services
8.3 Control of nonconforming product 8.7 Control of nonconforming outputs
8.4 Analysis of data 9.1.3 Analysis and evaluation
8.5 Improvement 10. Improvement
8.5.1 Continual improvement 10.1 General
10.3 Continual improvement
8.5.2 Corrective action 10.2 Nonconformity and corrective action
8.5.3 Preventive action 6.1 Actions to address risks and opportunities
10
Correlation Matrix ISO 9001:2015 to ISO 9001:2008

Introduction Introduction
0.1 General 0.1 General
0.2 Quality Management Principles New
0.3 Process approach 0.2 Process approach
0.3.1 General 0.2 Process approach
0.3.2 Plan-Do-Check-Act Cycle 0.2 Process approach
0.3.3 Risk-based thinking New
0.4 Relationship with other management 0.3 Relationship with ISO 9004
systems 0.4 Compatibility with other management systems
4. Quality management system - Requirements 1. Quality management system - Requirements
1. Scope 1. Scope general and application
2. Normative references 2. Normative references
3. Terms and definitions 3. Terms and definitions
4. Context of the organization 4. Quality management system
4.1 Understanding the organization and its 0.1 General
context
4.2 Understanding the needs and expectations New.
of interested parties
4.3 Determining the scope of the quality 1.2 Application
management system 4.2.2 Quality manual
4.4 Quality management system and its 4.1 General requirements
processes
5. Leadership 5. Management responsibility
5.1 Leadership and commitment 5. Management responsibility
5.1.1 General 5.1 Management commitment
5.1.2 Customer focus 5.2 Customer focus
5.2 Quality policy 5.3 Quality policy
5.3 Organizational roles, responsibilities and 5.5.1 Responsibility and authority
authorities 5.5.2 Management representative
5.4.2b Quality management system planning
6. Planning 5.4 Planning
6.1 Actions to address risks and opportunities 5.4.2 Quality management system planning
8.5.3 Preventive action
6.2 Quality objectives and planning to achieve 5.4.1 Quality objectives
them
6.3 Planning of changes 5.4.1 Quality objectives
5.4.2b Quality management system planning
7. Support New; Merged from old 6,
7.6, Control of measuring and monitoring equipment
7.1 Resources 6. Resource management
7.1.1 General 6.1 Provision of resources
7.1.2 People 6.1 Provision of resources
7.1.3 Infrastructure 6.3 Infrastructure
7.1.4 Environment for the operation of 6.4 Work environment
processes
7.1.5 Monitoring and measuring resources 7.6 Control of monitoring and measurement
equipment
7.1.6 Organizational knowledge New.
7.2 Competence 6.2 Human Resources
7.3 Awareness 6.2.2.d Competence, training, and awareness
7.4 Communication 5.5.3 Internal communication
7.2.3 Customer communication
11

7.5 Documented information 4.2 Documentation requirements
7.5.2 Creating and updating 4.2.3 Control of documents
4.2.4 Control of records
7.5.3 Control of documented information 4.2.3 Control of documents
4.2.4 Control of records
8. Operation 7. Product realization
8.1 Operational planning and control 7.1 Planning of product realization
8.2 Requirements for products and services 7.2 Customer-related processes
8.2.1 Customer communication 7.2.3 Customer communication
8.2.2 Determining requirements related to 7.2.1 Determination of requirements related to the
products and services product
8.2.3 Review of requirements related to products 7.2.2 Review of requirements related to the
and services product
8.3 Design and development of products and 7.3 Design and development (title only)
services
8.3.1 General New.
8.3.2 Design and development planning 7.3.1 Design and development planning
8.3.3 Design and development inputs 7.3.2 Design and development inputs
8.3.4 Design and development controls 7.3.4 Design and development review
7.3.5 Design and development verification
7.3.6 Design and development validation
8.3.5 Design and development outputs 7.3.3 Design and development outputs
8.3.6 Design and development changes 7.3.7 Control of design and development changes
8.4 Control of externally provided products and 7.4 Purchasing
services
8.4.1 General 7.4.1 Purchasing process
8.4.2 Type and extent of control of external 7.4.1 Purchasing process
provision 7.4.3 Verification of purchased product
8.4.3 Information for external providers 7.4.2 Purchasing information
7.4.3 Verification of purchased product
8.5 Production and service provision 7.5 Production and service provision
8.5.1 Control of production and service provision 7.5.1 Control of production and service provision
7.5.2 Validation of processes for production and
service provision
8.5.2 Identification and traceability 7.5.3 Identification and traceability
8.5.3 Property belonging to customers or external 7.5.4 Customer property
providers
8.5.4 Preservation 7.5.5 Preservation of product
8.5.5 Post-delivery activities 7.2.1 Determination of requirements related to the
product (7.2.1.a)
7.5.1 Control of production and service provision
(7.5.1.f)
8.5.6 Control of changes New
8.6 Release of products and services 7.4.3 Verification of purchased product
8.2.4 Monitoring and measurement of product
8.7 Control of nonconforming outputs 8.3 Control of nonconforming product
12

9. Performance evaluation New.
9.1 Monitoring, measurement, analysis, and 8. Measurement, analysis, and improvement
evaluation
9.1.1 General 8.1 General
8.2.3 Monitoring and measurement of processes
9.1.2 Customer satisfaction 8.2.1 Customer satisfaction
9.1.3 Analysis and evaluation 8.4 Analysis of data
9.2 Internal audit 8.2.2 Internal audit
9.3 Management review 5.6 Management review
9.3.2 Management review inputs 5.6.2 Review input
9.3.3 Management review outputs 5.6.3 Review output
10. Improvement 8.5 Improvement (title only)
10.1 General 8.5.1 Continual improvement
10.2 Nonconformity and corrective action 8.3 Control of nonconforming product
8.5.2 Corrective action
10.3 Continual improvement 8.5.1 Continual improvement
Annex A Clarification of new structure, New.
terminology, and concepts
Annex B Other international standards on New.
quality management and quality management
systems developed by ISO/TC 176
Bibliography Bibliography
13
Key themes:
To help you get the most out this eBook, you might find it useful to follow key
themes that the ISO 9001 standard has emphasized. These include:
Your must use two tools - the process approach and the PDCA (plan-do-
check-act to improve) cycle as a consistent framework to manage QMS
processes and activities in an organized and disciplined way.
Your QMS processes and activities must be operated under controlled

conditions which are the requirements specified by the standard.
The controlled conditions must focus on the prevention of undesirable

outcomes by planning and implementing actions (risk-based thinking) to
reduce or eliminate risk and exploit opportunities for improvement (desirable
outcomes).
Internal and external contextual factors must be considered in applying

risk-based preventive controls to your QMS.
Your QMS must add value to your organization and customers by

improving its performance and the quality of products and services.
QMS processes and activities must be customer-focused. All personnel must

be aware of and strive to meet internal, regulatory and customer and
requirements.
Your QMS must always strive to enhance customer satisfaction.
The themes outlined above are all part of the seven management principles
(described in detail later) which form the backbone of the ISO 9001 standard
As you go about developing and implementing your QMS, ask yourself Have I
addressed these key themes in each of my QMS processes?
Test your understanding of this section before you proceed to the

next section:
1. Which clause headings set out requirements to develop and implement your
QMS?
2. What information do the first four clause headings provide?
3. What is the common thread underlying the key themes listed in this section?
14
0.1 Introduction
0.1 General:
The adoption of a QMS is a strategic decision for an organization
that can help improve its overall performance and provide a sound
basis for sustained development initiatives.
The potential benefits to an organization of implementing a quality
management system based on this International standard are:
a) The ability to consistently provide product and services that

meet customer and applicable statutory and regulatory
requirements;
b) Facilitation opportunities to enhance customer satisfaction;
c) Addressing risks and opportunities associated with its context

and objectives;
d) The ability to demonstrate conformity to specified quality

management requirements
This International Standard can be used by internal and external

parties.
It is not the intention of this International Standard to imply the

need for:
Uniformity in the structure of different quality management

systems;
Alignment of documentation to the clause structure of this

international standard;
The use of the specific terminology of this international standard

within the organization.
The quality management system requirements specified in this

International Standard are complementary to requirements for
product and services.
This International Standard employs the process approach, which

incorporates the Plan-Do-Check-Act (PDCA) cycle and risk-based
thinking.
The process approach enables an organization to plan its processes

and their interactions.
The PDCA cycle enables an organization to ensure that its processes

are adequately resourced and managed and that opportunities for
improvement are determined and acted upon.
15
Riskbased thinking enables an organization to determine the factors
that could cause its processes and is quality management system to
deviate from the planned results, to put in place preventive controls
to minimize negative effects and to make maximum use of
opportunities as they arise (see Appendix A4).
Consistently meeting requirements and addressing future needs and

expectations poses a challenge for organizations in an increasingly
dynamic and complex environment. To achieve this objective, the
organization might find it necessary to adopt various forms of
improvement in addition to correction and continual improvement,
such as breakthrough change, innovation and re-organization.
In this International Standard, the following verbal forms are used:
Must indicates a requirement;
Should indicates a recommendation;
May indicates a permission;
Can indicates a possibility or a capability.
Information marked as NOTE is for guidance in understanding or

clarifying the associated requirement.
0.1 Introduction
The purpose of an organization is to identify and meet the needs and
expectations of its customers and other stakeholders and gain competitive
advantage. One of the strategies it might use to achieve this goal is to employ
universally recognized business tools to improve the effectiveness and efficiency
of its capabilities.
ISO 9001:2015 is a powerful business tool that organizations may use to
achieve this. Organizations use ISO 9001 to achieve goals and objectives related
to meeting customer and regulatory requirements and enhancing customer
satisfaction.
While the focus is on quality management, the ISO 9001 business model may be
applied just as well to manage the entire organization. The standard
embodies business concepts and principles universally recognized and applied for
sound business management. As such, ISO 9001 is a strategic management tool
that can be used as a starting point towards achieving sustained business
success.
As a strategic tool, it can be used as the framework to integrate other
strategic activities related to sales and marketing; technology; and product,
service and process design and development; corporate environment, structure,
culture and governance; product and service realization, delivery and support;
16
facility and asset management, etc. it can also be integrated with other
business management systems such as environmental management system
(EMS) and occupational health and safety (OHS).
The various parts of an organizations management system, including its QMS,
can be integrated as a single management system. The objectives,
processes and resources related to quality, growth, funding, profitability,
environment, occupational health and safety, energy, security and other aspects
of the organization can be more effectively and efficiently achieved and used
when the QMS is integrated with other management systems.
Sustained business success can be achieved by developing growth and
improvement programs and initiatives that add value by addressing the present
and longer term needs of its interested parties that include customers, end-
users, investors/ shareholders (owners), people employed by the organization,
external providers, regulatory bodies, lending institutions, unions, partners,
interest groups and communities.
What this means is that the organization must take a long-term outlook to
attaining business success as well as addressing a broader scope of
stakeholder requirements, needs and expectations, not just its immediate
customers. In pursuing ISO 9001 certification and undertaking longer term
improvement initiatives, it must seek to achieve a balance between its economic-
financial interests and those of the social and ecological environment that it
operates in. The goals and objectives that it seeks to achieve must also strike a
balance between incremental improvement and breakthrough accomplishments.
The QMS that you develop for your organization (based on meeting the
applicable requirements of this ISO 9001 standard) must comprise of
interacting processes and activities which to some extent can be
predetermined, but at the same time must be flexible and adaptable to the
complexities of your environmental context. The ability to change may
sometimes require innovation to achieve breakthrough improvements.
Your organization must understand its internal and external context and
identify the needs and expectations of relevant interested parties. This
information must be used to develop your QMS to achieve organizational
sustainability. Although often appearing to be comprised of similar processes,
each organization and its QMS are unique.
The processes of your QMS can be defined, measured and improved. These
processes interact to deliver results consistent with your organizations objectives
and cross functional boundaries. Some processes can be critical while others are
not.
People collaborate within a process to carry out their daily activities. Some
activities are prescribed and depend on an understanding of the objectives of the
organization, while others are not and react to external stimuli to determine their
nature and execution.
17
Every organization has quality management activities, whether they have been
formally planned or not. ISO 9001 provides requirements on how to develop a
formal system to manage these activities. It is necessary to determine activities
which already exist in the organization and their suitability regarding the context
of the organization. ISO 9001 along with guidance from ISO 9000 and ISO 9004
can be used to assist the organization to develop a cohesive QMS. I will make
many references to information from these standards to give you a solid
understanding of ISO 9001.
A formal QMS provides a framework for planning, executing, monitoring and
improving the performance of quality management activities. The QMS does not
need to be complicated; rather it needs to accurately reflect the needs of the
organization.
A QMS is a dynamic system that evolves over time through periods of
improvement. QMS planning is not a static activity, but an ongoing process. Plans
evolve as the organization learns and adapts to its changing environment. Your
QMS planning must take into account all quality activities of your organization
and ensure that all applicable requirements of ISO 9001 are addressed. The plan
is implemented upon approval.
It is important for your organization to regularly monitor and evaluate both
the implementation of QMS planning and the performance of the QMS. Carefully
considered indicators facilitate these monitoring and evaluation activities.
Auditing is a means of evaluating the effectiveness of the QMS, in order to
identify risks and to determine the fulfillment of requirements. In order for audits
to be effective, tangible and intangible evidence needs to be collected. Actions
are taken for correction and improvement based upon analysis of the evidence
gathered. The knowledge gained could lead to innovation, taking QMS
performance to higher levels.
Your QMS must be able to identify risks and pursue opportunities to improve its
processes, products and services in order to achieve and enhance customer
satisfaction. ISO guidance documents suggest that many issues such as
innovation, ethics, trust and reputation could be regarded as parameters within
the QMS.
It is important to state here that ISO 9001 certification must not be the ultimate
goal of QMS implementation. Your primary long-term focus must be to
improve the effectiveness and efficiency of the organization for the benefit of all
its stakeholders. Obtaining certification must be considered as just a stepping
stone in this journey. Organizations that understand and follow this approach will
get the most benefit from QMS development and implementation.
The potential benefits from implementing a QMS based on ISO 9001 include:
a. The ability to consistently provide product and services that meet customer
and applicable statutory and regulatory requirements;
b. Facilitation opportunities to enhance customer satisfaction;
18
c. Addressing risks and opportunities associated with its context and objectives;
d. The ability to demonstrate conformity to specified quality management

requirements.
These benefits will be discussed in ample detail as we cover the various clauses
of the standard
So we can see from the above that ISO 9001 is just a good starting block for
sound business management. There are other standards, guidance documents
(e.g. ISO 9004) and business tools that go well beyond ISO 9001 and your
organization is encouraged to pursue these, once certification is obtained as it
charts its course towards achieving sustained business success.
Structure and terminology

The clause structure (i.e. clause sequence) and some of the terminology of this
edition of this International Standard, in comparison with the previous edition
(ISO 9001:2008) have been changed to improve alignment with other
management standards.
There is no requirement in this International Standard for its structure and
terminology to be applied to the documented information of an organizations
quality management system.
The structure of clauses is intended to provide a coherent presentation of
requirements, rather than a model for documenting an organizations policies,
objectives and processes. The structure and content of documented information
related to a QMS can often be more relevant to its users if it relates to both, the
processes operated by the organization and information maintained for other
purposes.
There is no requirement for the terms used by an organization to be replaced by
the terms used in this International Standard to specify quality management
system requirements. Organizations can choose to use terms which suit their
operations (e.g. using records, documentation or protocols rather than
documented information; or supplier, partner or vendor rather than
external provider).
Table A.1 show the major differences in terminology between this edition of this
International Standard and the previous edition.
Major differences in terminology between ISO 9001:2008 and ISO

9001:2015
Product and services Product and services
Exclusions Not used

(See clause A.5 for clarification of
applicability)
Management Representative Not used

(Similar responsibilities and authorities
19
are assigned but no requirement for a
single management representative)
Documentation, quality manual, Documented information

documented procedures, records
Work environment Environment for the operation of

processes.
Monitoring and measuring equipment Monitoring and measuring resources
Purchased product and services Externally provided product and

services.
Supplier External provider
It is important to remember that each organization must use the requirements of

ISO 9001 to design and develop a QMS that fits the specific needs of its
business for it to be effective. Using a boilerplate approach that forces the
business to adapt to ISO 9001 will result in a superficial QMS and will not
generate buy-in from the workforce and will rarely be effective.
The ISO 9001 standard defines a generic set of requirements for all
organizations, regardless of the nature of product or service, for profit or not for
profit, size, complexity or industry sector. The standard define control
requirements for your quality management system (QMS) that focus on
improving the effectiveness of your QMS in meeting customer requirements and
thus enhancing customer satisfaction.
It is important to note that the ISO 9001 standard does not specify
requirements for product and services or service quality. Requirements for
products and services come from customers, end-users, regulatory bodies and
other interested parties. The standard sets generic control requirements for QMS
processes and activities to ensure that they consistently and effectively meet
these (customer product and service) requirements, needs and expectations to
drive sustained improvement, business growth and enhance customer
satisfaction.
The focus of all ISO 9001 generic control requirements is on your QMS and its
processes. By effectively controlling and continually improving your QMS
processes, there will obviously be a positive impact on product and service
quality and conformity to customer requirements.
Organizations implementing an ISO 9001 based QMS must conform to all
applicable requirements that the standard specifies. This provides internal and
external parties (customers, registrars and regulatory bodies), the basis (i.e. a
benchmark) against which to assess the organizations ability to meet customer,
regulatory and internal requirements. It is now a common practice to use ISO
9001 certification as a requirement for making contractual decisions.
QMS design and implementation will vary from organization to another. ISO
9001 allows this flexibility because organizations may have differing - goals and
20
objectives; business risks; range and complexity of product and services;
processes and resources; organizational size and structure; workforce
competence and stability; etc. This flexibility may also relate to QMS scope
You must ensure that the scope of your QMS addresses all customer
requirements. Customer requirements may show up in contracts, blueprints,
their supplier quality manuals, commercial terms and conditions, or referenced to
applicable industry and regulatory standards and codes, etc. QMS scope will be
covered in more detail under clause 1.0 and 4.3.
Under this clause, the standard introduces the PDCA (plan-do-check-act)
cycle. The PDCA is a structured approach that enables an organization to plan its
QMS processes and their interactions; ensure the processes are adequately
resourced and managed; and allows opportunities for improvement to be
determined and acted upon.
This section also introduces the concept of risk-based thinking, which enables
an organization to:
Determine the factors that cause the QMS and its processes to deviate
(positively or negatively) from planned results as defined by your PDCA;
To put in place preventive controls to remove or mitigate negative effects or

outcomes;
And to capitalize on opportunities as they arise.
I will provide more coverage on PDCA and risk-based thinking in later clauses.
This section also makes the point that in order to achieve sustained success in
an increasingly dynamic and complex business, social and political environment,
the organization must do more than just make incremental improvements
and correction as advocated in previous versions of the ISO 9001 standard. It
must undertake more significant actions such as breakthrough change,
innovation and reorganizatiion.
The standard clarifies the use of various terms used throughout the standard:
Shall - indicates a requirement that is contractually binding where the
requirement is included in the QMS scope; its implementation is mandatory
and must be verifiable for certification purposes. In my explanation of the
standard, I will use the word must instead of shall as it lends more
emphasis and urgency to implementing a requirement.
There are around 275 shalls requirements in the ISO 9001 standard.
Should indicates a recommendation. It is a requirement that is non-

mandatory but desirable and worth implementing and the outcome while
deemed more likely to be positive, may not always be fully verifiable for
certification purposes.
May indicates a permission. It is not mandatory, rather provides a choice of

whether to or not implement something depending upon the circumstances of
the situation. However if the choice is taken with deliberation to include an
21
activity in the QMS scope, then it attracts all the attention of a must. For
example in clause 4.3 Determining QMS scope (last paragraph)-Conformity
to this International Standard may only be claimed if the requirements
determined as not being applicable do not affect the organizations ability.
Can indicates a possibility or capability; be able to; there is a possibility of;

it is possible to; and relates to having the ability, power or the means to do
something. The word can is mostly found in the notes to various clauses for
example in clause 4.1 understanding the organization and its context all 3
notes use the word can.
Test your understanding of this section before you proceed to the

next section:
1. Why is implementing a QMS based on ISO 9001 a strategic decision?
2. Why would you apply the requirements of ISO 9001 to manage your whole
organization?
3. What is meant by sustained business success?
4. Who are interested parties?
5. What should your QMS comprise of?
6. Why should your QMS be dynamic?
7. Why should your QMS be regularly monitored and evaluated?
8. What should your long-term quality management focus be?
9. Should you model your QMS aligned with the structure and terminology of
the ISO 9001 standard?
10. Why should you use the requirements of ISO 9001 to develop your QMS?
11. Why does the ISO 9001 standard not specify requirements for products and
services?
12. What is the focus of ISO 9001 requirements?
13. Why do QMSs differ from one organization to another?
14. What is the PDCA cycle?
15. What is the concept of risk-based thinking?
16. What is the difference between shall and should in the context of the ISO
9001 standard?
17. What is the difference between May and Can in the context of the ISO
9001 standard?
22

UnderstandIingISO9001 2015eBookSample PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

UnderstandIingISO9001 2015eBookSample PDF

Uploaded by

Copyright:

Available Formats

Understanding ISO 9001:2015

Quality Management System Requirements

No part (information or graphics) of this publication may be reproduced,

Contents - ISO 9001:2015

Thank You! 333

Ideas, direction and sufficient insight for a quality practitioner to develop

Though not meant as an audit guide, there is plenty of audit evidence

This eBook can help:

Presentation of this eBook

Below the requirements, I explain the specific concepts, principles and

At the end of each section I provide test questions to strengthen your

How to get the maximum benefit out of this eBook

In going through this eBook, I suggest:

The following is a summary explanation of these 11 headings of the ISO

Clause 4 Context of the organization sets requirements to understand the

Clause 5 - Leadership - sets requirements for top management to provide

Clause 6 - Planning - sets requirements to determine and take actions to

Clause 7 - Support - sets requirements to provide resources (people,

Clause 8 - Operations - sets requirements to plan and control the various

Clause 9 Performance Evaluation - sets requirements to monitor, measure,

Correlation Matrix - ISO 9001:2008 to ISO 9001:2015

Correlation Matrix - ISO 9001:2008 to ISO 9001:2015

Correlation Matrix ISO 9001:2015 to ISO 9001:2008

Correlation Matrix ISO 9001:2015 to ISO 9001:2008

Correlation Matrix ISO 9001:2015 to ISO 9001:2008

Your QMS processes and activities must be operated under controlled

The controlled conditions must focus on the prevention of undesirable

Internal and external contextual factors must be considered in applying

Your QMS must add value to your organization and customers by

QMS processes and activities must be customer-focused. All personnel must

Your QMS must always strive to enhance customer satisfaction.

Test your understanding of this section before you proceed to the

a) The ability to consistently provide product and services that

b) Facilitation opportunities to enhance customer satisfaction;

c) Addressing risks and opportunities associated with its context

d) The ability to demonstrate conformity to specified quality

This International Standard can be used by internal and external

It is not the intention of this International Standard to imply the

Uniformity in the structure of different quality management

Alignment of documentation to the clause structure of this

The use of the specific terminology of this international standard

The quality management system requirements specified in this

This International Standard employs the process approach, which

The process approach enables an organization to plan its processes

The PDCA cycle enables an organization to ensure that its processes

Consistently meeting requirements and addressing future needs and

In this International Standard, the following verbal forms are used:

Must indicates a requirement;

Should indicates a recommendation;

May indicates a permission;

Can indicates a possibility or a capability.

Information marked as NOTE is for guidance in understanding or

b. Facilitation opportunities to enhance customer satisfaction;

d. The ability to demonstrate conformity to specified quality management

Structure and terminology

Major differences in terminology between ISO 9001:2008 and ISO

Product and services Product and services

Exclusions Not used

Management Representative Not used

Documentation, quality manual, Documented information

Work environment Environment for the operation of

Monitoring and measuring equipment Monitoring and measuring resources

Purchased product and services Externally provided product and