ISO 9001:2015 Documentation Template

The following ISO 9001 document templates (toolkits) are provided totally  complimentary, free of charge to use as a starting point for ISO 9001:2015 compliance. These are the actual ISO 9001 documents currently in use  for  compliance with ISO 9001:2015 requirements. As each business is different , additional ISO 9001 documents or revisions would be required to meet your organization’s specific needs, requirements, context, risk profile, etc. ​​If after reading through all of these documents, you feel like you still need a consulting partner to help you develop your new ISO 9001 documents – Contact Us. We’re always looking for interesting new clients and projects.

Internal issues

Date (mm/dd/yy)

Internal Issue

Effects

Action

Result

 Final Status (Open/ Closed/ NA)

External issues

Date (mm/dd/yy)

External Issue

Effects

Action

Result

 Final Status (Open/ Closed/ NA)

Pest Analysis

Political Factors

Economic Factors

Technological Factors

Social Factors

SWOT Analysis

Strength

Weakness

Opportunities

Threat

Porter’s 5 Forces

Supplier power

BARRIERS TO ENTRY

RIVALRY

THREAT OF SUBSTITUTES

BUYER POWER

Needs and expectations of Interested Parties

Date (mm/dd/yyyy) Interested parties Needs and expectation Issues related to needs and expectation

Steps to derive scope of the organization

1) Purpose:
2) Organization’s vision:
3) Organization’s mission:
4) Organization’s values:
5) Strategic Direction:
6) External issues:
7) Internal issues:
8) Interested parties and relevant requirements:
9) Products and services of the organization:
10) Manufacturing sites/Offices:
11) Determined scope:
12) Applicability:

Process definition

1) Name of Process:
2) Process Purpose:
3) Process objectives:
4) Process Owners:
5) Process input:
6) Process steps:
7) Process outputs:
8) Resources:

Sample Quality Policy

Divine tooling’s Quality Policy:

Divine tooling’s is committed to understand, meet & where possible exceed our customer requirement through continual improvement of our process. We dedicate ourselves to deliver high quality products on time and at most competitive price.

This Quality Policy statement will be reviewed annually. Responsibility for compliance to this policy rests with the Board of Directors, who will monitor the effectiveness of the policy and its associated initiatives. This Quality Policy Statement will be displayed prominently, and access to the complete Quality manual detailing procedures will be available on the premises for reference by any employee.

Azurecontracting’s Quality Policy

We are committed to providing customers with service of the highest possible level of quality. In order to achieve this, we are continually improving processes, products and services, meeting and exceeding customer satisfaction at all times. The implementation of the quality policy is the responsibility of all staff members, with overall responsibility residing with the Board of Director. It is compulsory that all staff recognise and accept our philosophy of quality service delivery, accepting accountability for their own output.

Commitment:

  • Fully identify and conform to the needs of our customers, improving customer satisfaction.
  • Monitor and review our service provision and processes, identifying potential errors and implementing the necessary actions to eliminate them.
  • Provide extensive staff training, promoting a ‘do it right first time’ attitude towards quality.
  • Forge partnerships with our suppliers and major players in the Private and Public Sectors to ensure optimum business performance. We also ensure that our suppliers and partners that may be used in the delivery of our services also comply with our quality philosophy and company policies.
  • Achieving and maintaining a standard of excellence in the operation of our business.
  • Maintaining our reputation for honesty and integrity and ensuring that this is reflected throughout the organisation.
  • Providing sufficient resources and equipment to ensure that we can operate to the documented management system. The management system is based on the principles of ISO9001:2015, the International Standard for Quality Management Systems.
  • Ensuring that our quality management system provides a framework for the management and control of our activities for Quality, Environment and Health & Safety. It also assists in establishing and reviewing strategic objectives for the company.
  • Ensuring that all company policies and procedures have the full support of senior management.
  • Continually monitoring and reviewing our Quality Policy to ensure that it remains relevant and effective to the changing needs of our customers.
  • Continuous appraisal of our business to ensure that the quality of service we provide fully and consistently meets our customers’ expectations and all current and impending legislative requirements.
  • The effectiveness of our quality system is monitored by planned audits, management reviews and customer satisfaction surveys to ensure quality service delivery

Implementation 
This Quality Policy statement will be reviewed annually. Responsibility for compliance to this policy rests with the Board of Directors, who will monitor the effectiveness of the policy and its associated initiatives. This Quality Policy Statement will be displayed prominently, and access to the complete Quality manual detailing procedures will be available on the premises for reference by any employee.

Job Responsibilities

1) Job Title:
2) Department:
3) Locations:
4) Report to:
5) Minimum education qualification:
6) General Description:
7) Responsibilities:
8) Minimum skills:
9) Minimum experience:

Risk Register

Risk description

“Likelihood
(L)”

“Severity
(S)”

 “Risk level
(L * S)”

Risk Mitigation

Responsibility

Deadline

Evaluation date

Evaluation result

Opportunity Register

Opportunity description

“Likelihood
(L)”

“Benefit 
(B)”

 “Opportunity Factor
(L * B)”

Opportunity Pursuit Plan

Responsibility

Deadline

Evaluation date

Evaluation result

Quality Objective

Item   Quality Objective Action to Be Taken Action by Date for Completion Target / Measure of Success Resources required Reviewed by Date of review

Change Log

Change No.   Change Type Description of Change Requestor Date Submitted Acceptance after risk assessment Date Approved Status Comments

EMPLOYEE REQUISITION FORM

A)    REQUIREMENT:
1 Department:
2 Position & Grade:
3 Qualification:
4 Experience:
5 Requirement:
6 Nature of Vacancy Permanent  [  ] / Temporary [  ]
7 Period in case of Temporary : ______months ____days
B) JUSTIFICATION :
1.Vacancy to be filled up due to :    [   ]  Resignation of the present incumbent
   [   ] Termination of services of Mr./Ms
   [   ] Creation of new post
2. Justification for filling up post:
Date:
H.O.D.  Sign

LIST OF MACHINES

Sr. No. Machine No. Name of the Machine Used started from Capacity Make

Instruments Calibration history chart

Description: Location:
Identification no: Specification:
Acceptance criteria: Cal. Frequency:
Sr no.  Calibration Date Calibration.Agency Certificate. No. Calibration Status Cal.Due On Inspected By Approved By REMARKS

Calibration Schedule

Sr.No     Device ID NO. Description Calibration  Frequency Calibration Done on  (Date) Next  Calibration Due on  (Date) REMARKS

Lessons Learnt log

ID Date Entered By Subject Situation Recommendations & Comments

Communication Plan

Communications   item  what  Who Who attends When When Format

TRAINING NEEDS IDENTIFICATION

TRAINING NEEDS IDENTIFICATION FOR THE YEAR Jan-2018 TO Dec-2018
DEPARTMENT:
Sr.No. Name of Employee Emp No Training Topics
NOTE – MARK ” √ ” if particular employee needs training of specified topic
                                                                                                                                                                                                                                         HOD Name & Signature:

ON JOB TRAINING RECORD

Sr. No Name of employees Emp – No Date Time Department/ Section Training Topic Emp Sign Training Give By Training Effectiveness Remarks
                                                                                                                                                                 VERIFIED BY: Dept Head                                                     CHECKED BY: HR. IR & ADMIN


TRAINING ATTENDANCE SHEET

Theme :
Trainer / Faculty : Date :
Venue : Time :
Sr.No Name of Employee Emp .No Sign.
1
2
3
4
5
6

EMPLOYEE SATISFACTION SURVEY QUESTIONNAIRE

Please give your rating in scale of 1 to 10

S.N. QUESTIONNAIRE Rating
1 Your Opportunity For Growth and Development in your departmant
2 Work culture of the company
3 Your superiors encouragement & delegation to you for doing present job
4 Your salary package and position / designation
5 Work environment in your department
6 Training and Development
7 Safety environment in your department and your awareness & environment
Remarks :-
1 to 3 = Poor
4 to 6 = Good
7 to 8 = Very Good
9 to 10 = Excellent
Name of the Employee     :-_______________
T.No. & Designation        :- _______________
Department                       :- ______________
Date of Survey                 :- _______________

Document Matrix

Sr.No. Document Name and Identification Location Responsibility Revision Document Type Protection Retrieval Retention Time Disposition
(Soft/ Hard/ Both)

Master list of Forms and formats

Sr. No   Forms & Formats No. Description Location Retention Period Rev. No. Doc / Rec

Verbal order register

Date Customer product Name &  No Schedule Dispatch Dispatch % age
Qty Date Qty Date

Approved Supplier List

Sr No      Date Supplier ID#
(optional)
Supplier City State Status Notes: If supplier is restricted, define restrictions here.”

BREAKDOWN MAINTENANCE REPORT

  SR. No
DATE & TIME OF REPORTING M/C Name M/c No NATURE OF BREAKDOWN REASON ACTION TAKEN LOSS of Hrs. PROD. In-charge Sign

PREVENTIVE MAINTENANCE CHART

Tick Mark after completion
SR. NO. M/C NAME & NO CHECK POINTS WEEKLY MONTHLY
1 2 3 4

CONTRACT REVIEW CHECK LIST

Date
CUSTOMER DETAILS ORGANISATION DETAILS
CUSTOMER NAME ACCOUNT CODE
DRAWING NO. DRAWING NO.
MOD. NO. & DT. MOD. NO. & DT
PO NO. & DT. S.O. NO. & DT.
QUANTITY CHANGE ORDER NO. & DT.
VENDOR CODE
AS PER P.O. AS FINALISED REMARK
PRICE PER PIECE
DIE DEVP. CHARGES
EXCISE DUTY
SALES TAX
PAYMENT TERMS
PRICE BASE
PACKING INSTR.

Input Adequacy Report

CUSTOMER / REFERENCE :
SR. NO. Item / Specification / Feature Required Data
DESIGNATION:                                                                                                   SIGN & DATE:
RECEIVER  Sign :                                                                                              Date:

DESIGN REVIEW RECORD

Design no: Date:
CUSTOMER / REFERENCE :
PROJECT NO. :
REVIEW OF :
REVIEW MEMBERS :
TEAM LEADER:
SR. NO. REVIEW POINTS DECISION REMARK
Others Points
DESIGNATION :                                                                                 SIGN & DATE :

DESIGN VALIDATION RECORD

Design no: Date:
CUSTOMER / REFERENCE :
PROJECT NO. :
REVIEW OF :
REVIEW MEMBERS :
TEAM LEADER:
SR. NO. DESIGN PERFORMANCE PRODUCT PERFORMANCE VALIDATED BY
Others Points
DESIGNATION :                                                                                 SIGN & DATE :

DESIGN OUTPUT RECORD

Design no: Date:
CUSTOMER / REFERENCE :
PROJECT NO. :
REVIEW OF :
REVIEW MEMBERS :
TEAM LEADER:
SR. NO. DESIGN OUTPUT DETAIL OF REVIEW REMARK
Others Points
DESIGNATION :                                                                                 SIGN & DATE :

SUPPLIER & SUB CONTRACTOR ASSESSMENT FORM

1. Name of the Firm:
 Address & Tel No./ Fax No.
2. PARTNER / Director’s Name
3. Banker’s Name
4. Details of land & shade
5.Yearly turnover (approx.)
6.Exports if any (percentage turnover)
7. No. of shifts working
8. List of machinery
9. Total No. of Workmen 10. Total no. of staff / supervisor’s
11.   Weekly holiday
12.   Whether organization is ISO 9001:2015 certified
Prop./Director Signature :                                                                         Company / Firm Seal
CEO’s REMARKS –
APPROVED BY –
DATE

PURCHASE ORDER

PURCHASE ORDER No. :
Date           :
Please supply the under mentioned material / goods at our factory. Kindly write our purchase order No on  bills for processing of your bills.
SR. NO. DESCRIPTION QUANTITY RATE IN $ AMOUNT IN $
TOTAL
Taxes As Applicable.
PAYMENT TERMS
TRANSPORTATION
DELIVERY:
Purchase Manager Sign

LIST OF CUSTOMER DRAWING

Sr. No.     Customer Name Part Name  Part Number Drawing No Rev No

LIST OF CUSTOMER SUPPLIED ITEMS

Sr. No.     Customer Name Item Name & No   Qty Used for  Remarks

Stock Register

Sr.No. 

DATE OPENING BALANCE RECEIVED QUANTITY TOTAL QUANTITY CONSUMPTION / ISSUE CLOSING BALANCE
REMARK
RECEIVER SIGN

Sample Maintenance Agrement

Commencement Date:
Initial Term:
Name of Customer:
Address:

This agreement is made and entered effective as of the date shown above, by and between [AV Dealer] and the customer, whose name and address is set forth above.

1.Equipment Schedules: This Agreement covers the equipment listed on the Equipment Schedule. If we or the manufacturer replace equipment that is under warranty with the same model number, the replacement equipment will also be covered. Except for this type of replacement, no new or additional equipment is covered by this agreement unless it is listed on an equipment schedule.
2.Relationship with warranties: This Agreement isn’t a warranty. Equipment purchased from [AV Dealer] is covered by the manufacturer’s warranty. Replacement and repair of defective parts is also covered by the manufacturer’s warranty.
3.Service: For the fee set forth below, [AV Dealer] will inspect on a regular basis, and maintain in good operating condition, the equipment itemized on such Equipment Schedule. Inspection and maintenance of equipment will vary by the nature of the equipment, and is set forth on the Equipment Schedule.
4.Fees: The fee for services to be performed under this Agreement are:
5.Terms of Payment: Unless an Equipment Schedule provides otherwise, all Customer Maintenance Agreements are to be prepaid for each maintenance period.
6.Limited/Warranty:
a.We will re-perform any maintenance service that proves defective during the term of this agreement. If we cannot provide any maintenance service due to our fault, we will refund that portion of your fee.
b.Any materials provided during maintenance services are covered by that materials specific warranty. This agreement does not warrant any materials.
c.THE WARRANTY SET FORTH IN 6 (a) CONSTITUTES THE SOLE LIABILITY OF [AV DEALER] AND THE SOLE REMEDY OF THE CUSTOMER FOR DEFECTIVE WORKMANSHIP, WHETHER ARISING UNDER CONTRACT, TORT, STRICT LIABILITY OR OTHER FORM OF ACTION. ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ARE EXCLUDED HEREFROM.
7.Term: The term of this Agreement shall be for the initial term set forth above starting on the Commencement date. This Agreement shall automatically renew for additional terms of one (1) year each unless either You or We gives notice of cancellation in writing to the other at least thirty (30) days prior to the expiration of the then current term. In the event of any such renewal period, the maintenance fees You will pay during such period shall be as set forth above.
8.Exclusions: Except as otherwise set forth in the Equipment Schedule, the services to be provided for a quarterly service fee do not include:
a.Service required as a result of abuse, misuse, electrical storms, power failures or fluctuations, glass breakage or damage, failure to follow user maintenance and operating instructions, or the failure or results of failure of interconnected equipment not specified on an Equipment Schedule, including, but not limited to, wiring, conduit, or voice or data transmission equipment or facilities;
b.Consumable items including, but not limited to, light bulbs, batteries, video cassettes or…………………………………
c.Services required because of service, inspection, or tampering with equipment by anyone other than [AV Dealer].
d.Requested service outside our normal hours of operation.
If [AV Dealer] determines that the service requested by the Customer is excluded pursuant to the above, and the Customer requests [AV Dealer] to perform such service, the service will be provided under section 10.
9.Parts: Unless an Equipment Schedule indicates that parts are included, You will pay [AV Dealer] then current list price for any replacement parts necessary for the performance of service on equipment.
10.Other Services: You may from time to time request that [AV Dealer] provide other services not included in the service plan for equipment described on a specific Equipment Schedule, or for which no Equipment Schedule has been completed. [AV Dealer] will use reasonable efforts to provide such service at 90% of its then current and standard hourly rates.
11.Termination:
a.The fees listed above are non-refundable, even if you decide to cancel maintenance appointments.
b.If you fail to make any payment in a timely manner, We will give you written notice, and if you still do not pay, for an additional 10 days after that notice, We can terminate this agreement.
12.  General:
a.This Agreement and Equipment Schedule(s) constitute the entire agreement between the parties concerning any service provided by [AV Dealer] to the Customer, and no representation, inducement, promises or agreements not embodied herein shall be of any force or effect.
b.This Agreement shall be governed by and interpreted in accordance with the laws of the province of Alberta, applicable to contract to be performed wholly within such province by resident thereof.
c.CUSTOMER ACKNOWLEDGES HAVING READ AND UNDERSTOOD ALL PAGES OF THIS AGREEMENT.

[AV Dealer]                                                                                 (Customer)

___________________                                                             ______________________

EQUIPMENT SCHEDULE:

NOTES:

Nonconforming Service Report (NSR)

Date: Reported by: Recorded by:
Summarize the reported service nonconformity. Attach or reference applicable documentation (emails, etc.)
Initial Review: ◙ Nonconformity affirmed, proceed with investigation
◙ Nonconformity could not be affirmed or replicated; stop and monitor for further occurrences.
◙ No nonconformity; stop.
Initial Review by: Date:
Root cause analysis:
Disposition (check all that apply) ◙ Issue Refund
◙ Provide corrected service. Details:
◙ Provide new services. Details:
◙ File [CAR Form Abbreviation]; reference [CAR Form Abbreviation] #:
◙  Customer waiver. Details:
◙ Other action. Details:
Remark:
Disposition Approval by: Date:
Customer Approval by:

CUSTOMER COMPLAINT REGISTER

Date
Customer Item Name & No Dispatch Qty Complaint Qty Complaint Details Correction Root Cause Corrective Action Review of CAR

List of Internal Auditor

Sr. No. Name of Internal Auditor Designation Reporting to
Criteria for selection of Internal Auditor w.r.t. experience & skill –

NCR Status Log

S No.      NCR No NCR issued to Date Action completion date Proposed follow-up date Date NCR closed Remarks MR (Sign)

NCR

PRE DISPATCH INSPECTION REPORT

PDI


Nonconforming Part Disposition

Nonconforming Part Disposition

Tags

Tags

Production Plan and Status Report

Project Plan

Process Quality Plan

Process Quality plan

Training feedback

Training effectiveness

competency

Risk Assessment


Design Data Input Sheet

D & D plan


Design change record

D & D verification record

SCR log

Supplier Performance Record

Receipt inspection report

Daily Production report


out of tolerance impact study

Problem Analysis Report

problem analysis report

CUSTOMER SATISFACTION SURVEY FORM

Customer Satifation survey form

Annual Internal Audit Plan

IA plan

Internal Audit Schedule

IA schedule

Internal Audit Report

IA report

MRM

Reach us at Kuwait office

Trace International, Office no 717, 7th floor, AL Rehab Complex, Tunis Street, Hawally , Kuwait

Tel: +96522623203, Mobile: +96565019055

Mail us at:

 

ISO 9001:2015 Improvement

10.1 General

The Requirement

The organization must determine and select opportunities for improvement and implement any necessary actions to meet customer requirements and enhance customer satisfaction. These actions must include  improving products and services to meet requirements, as well as, address future needs and expectations; correcting, preventing, or reducing undesired effects; improving the performance and effectiveness of the quality management system. Examples of improvement can include correction, corrective action, continual improvement, breakthrough change, innovation, and reorganization.

Checklist Questions

  1. How does the organization determine and select opportunities for improvement?
  2. What necessary actions have been implemented to met customer requirements and enhanced customer satisfaction?
  3. Show how has the organization Improved processes to prevent nonconformities;
  4. Show how has the organization Improved products and services to meet known and predicted requirements;
  5. Show how the organization Improved QMS results .

Implementation Guidelines

  1. Process improvement, product improvement, and management practices improvement must work together towards improving the organization as a whole, working towards a common aim.
  2. Based on the results of the management review, the organization must make decisions and take actions that will drive it towards continual improvement. Those actions can be in the form of corrective actions, trainings, reorganization, innovation, and so on.
  3. There is now a requirement for organisations to focus clearly on customer satisfaction and customer needs by improving:
    a) products and services, now and for the future;
    b) fixing and controlling business issues to reduce things going wrong and improving the QMS
  4. Improvement can be effected reactively (e.g. corrective action), incrementally (e.g. continual improvement), by step change (e.g. breakthrough), creatively (e.g. innovation) or by re-organization (e.g. transformation).

10.2 Nonconformity and Corrective Action

The Requirement

10.2.1

When a nonconformity occurs, including any arising from complaints, the organization must  react to the nonconformity and, as applicable  take action to control and correct it; and deal with the consequences.The organization must also  evaluate the need for action to eliminate the causes of the nonconformity so it does not recur or occur elsewhere, by  reviewing and analyzing the nonconformity,  determining the causes of the nonconformity and determining if similar nonconformities exist, or could potentially occur. The organization must  implement any action needed and  review the effectiveness of any corrective action taken; It must  update risks and opportunities determined during planning, if necessary and  make changes to the quality management system, if necessary. The corrective actions must be appropriate to the effects of the nonconformities encountered.

10.2.2

The organization must “retain” documented information as evidence of the  nature of the nonconformities and any subsequent actions taken and  results of any corrective action.

Checklist Questions

  1. When any nonconformity (including complaints) occurs, how does the organization take action to control and correct it and deal with the consequences?
  2. When any nonconformity (including complaints) occurs, does the organization evaluate the need for action to eliminate the causes of the non-conformity?
  3. How does the organization reviews and analyzes the nonconformity?
  4. How does the organization determine the causes of the nonconformity?
  5. How does the organization determine similar nonconformity exist or could potentially occur?
  6. How does the organization implemented any action needed?
  7. How does the organization reviewed the effectiveness of the corrective action taken?
  8. How does the organization updated risk and opportunities determined during planning if necessary?
  9. Has the organization made changes to the QMS if necessary?
  10. Show how correction actions were appropriate to the effects of the nonconformities encountered.
  11. What documented information can you show as evidence for the nature of the nonconformities and subsequent actions taken and the results of any corrective action.

Implementation Guidelines

  1. Corrective action is action taken to eliminate the cause of a detected nonconformity to prevent recurrence, whereas preventive action is action taken to eliminate the cause of a potential nonconformity or other undesirable situation, to prevent occurrence.
  2. Corrective action can reduce the likelihood of recurrence to an acceptable level.
  3. In some instances, it can be impossible to eliminate the cause of a nonconformity.
  4. Your corrective action process which must address the following control requirements:
    a) Identify detected nonconformities that relate to your products, QMS processes, resources, suppliers and outsourced work, product shipped to customers, customer complaints, cost of quality reports, and things gone wrong reports.
    b) Define your process for identifying nonconformities and consider using appropriate problem-solving tools to determine the underlying root cause(s) of the nonconformity
    c)Problem-solving tools may include analysis of failure mode, capability studies, correlation diagrams, data collection, fishbone diagram (Ishikawa diagram), histograms, Pareto analysis, probability charts, stratification of data, graphic representations, etc. Ensure that personnel applying these tools are competent and trained.
  5. Actions taken to eliminate the cause of nonconformity must flow from your problem-solving activity. Actions may involve changes to product, process, resources, documentation, controls, etc. or any combination of these. Conduct follow-up tests to determine whether these actions have indeed eliminated the cause(s) of the nonconformity and prevented recurrence.
  6. Evaluate the significance of nonconformities in terms of their impact on operating costs, cost of nonconformity and its correction, product performance, safety, dependability, regulatory requirements, affect on customers product and processes, any other risks, and customer satisfaction.
  7. You must update risks and opportunities. Keep records of all non-conformities, what you did to resolve them, implement additional measures,followup action etc
  8. You must monitor your corrective action records on an ongoing basis, for any recurrence of the nonconformity you took corrective action on. If you found that the problem has occurred again, then perhaps your analysis of root cause may have been incorrect or incomplete. Keep appropriate records of all corrective action steps.

10.3 Continual Improvement

The Requirement

The organization must continually improve the suitability, adequacy, and effectiveness of the quality management system. The organization must consider the results of analysis and evaluation, and the outputs from management review, to determine if there are needs or opportunities that must be addressed as part of continual improvement.

Checklist Questions

  1. Demonstrate that you continually improve the suitability, adequacy and effectiveness of the QMS.
  2. Demonstrate that outputs of analysis and evaluation and the outputs from management review are considered to confirm if there are areas of underperformance or opportunities that shall be addressed as part of continual improvement.
  3. What applicable tools and methodologies for investigation of the causes of underperformance and to support continual improvement are selected?

Implementation Guidelines

  1. The continual improvement process can be conducted by small-step ongoing improvement activities conducted by personnel within existing processes (Kaizen Events).
  2. Useful tools that are often used to continually improve, include: capability studies, design of experiments, risk analysis, SPC, supplier evaluation, test and measurement technology, theory of constraints, overall equipment effectiveness, technology, benchmarking, analysis of motion/ergonomics and error-proofing. Ensure that personnel applying these tools are competent and trained.

Documented Information if applicable

  1. NCR status Log
  2. Non Conformance Report

For more information on Improvement click here

Reach us at Kuwait office

Trace International, Office no 717, 7th floor, AL Rehab Complex, Tunis Street, Hawally , Kuwait

Tel: +96522623203, Mobile: +96565019055

Mail us at:

 

ISO 9001:2015 Performance Evaluation

9.1 Monitoring, measurement, analysis and evaluation

9.1.1 General

The Requirement

The organization should determine what needs to be monitored and measured. It must also determine the methods for monitoring, measurement, analysis, and evaluation needed to ensure valid results. When the monitoring and measuring must be performed. Also when the results from monitoring and measurement must be analyzed and evaluated. The organization should also evaluate the performance and effectiveness of the quality management system. It must retain appropriate documented information as evidence of the results.

Checklist Questions

  1. Show how does the organization determine what needs to be monitored and measured?
  2. Show how does the organization determine what methods for monitoring, measurement, analysis and evaluation to ensure valid results?
  3. Show how does the organization determine what to perform monitoring and measuring?
  4. Show how does the organization determine what results shall be analyzed and evaluated?
  5. What documented information can you show that monitoring and measurement activities have been implemented in accordance with determined requirements?
  6. Show how the organization evaluates the quality performance and the effectiveness of the QMS.

Implementation Guidelines

  1. The organization must must plan and implement processes that monitors,measure, analyze and evaluate the health of your QMS. The focus of these processes must be on product/service conformity, process conformity and improving QMS effectiveness.
  2. You must monitor your processes:
    a) First to determine and establish capability of new processes to conform to requirements.
    b) And secondly, to monitor these processes over time to verify ongoing stability and capability to meet requirements.
    c) And thirdly to determine and achieve levels of continual improvement
  3. The monitoring and measurement techniques, sampling plans, acceptance criteria should be documented or referenced in your quality plan, or you could use a combination of specific practices, procedures, documents and methods.

 9.1.2  Customer Satisfaction

The Requirement

The organization should monitor customer perceptions of the degree to which their needs and expectations have been fulfilled and must determine the methods for obtaining, monitoring, and using this information. Some of the methods by which monitoring of customer perceptions can include customer surveys, customer feedback on delivered products or services, meetings with customers, market-share analysis, compliments, warranty claims, and dealer reports.

Checklist Questions

  1. How does the organization monitor customer perception of the degree to which requirements have been met?
  2. How does the organization obtain information relating to customer views and opinions of products and services?
  3. What are the methods for obtaining and using this information?

Implementation Guidelines

  1. Information related to customer views can include customer satisfaction or opinion surveys, customer data on delivered products or services quality, market-share analysis, compliments, warranty claims and dealer reports.
  2. Customer requirements may relate to the design, manufacture, delivery, servicing and support of product, QMS, communication and financial requirements, etc.
  3. The organization should consider both external as well as internal customer satisfaction. The organization must monitor trends in customer satisfaction indicators and use these as a baseline for continual improvement.

9.1.3 Analysis and Evaluation

The Requirement

The organization should analyze and evaluate appropriate data and information arising from monitoring and measurement. Use the results of the analysis to evaluate conformity of products and services, the degree of customer satisfaction, the performance and effectiveness of the quality management system. The organization must also evaluate if planning has been effectively implemented and the effectiveness of actions taken to address risks and opportunities. The performance of external providers and the need for improvements within the quality management system must also be evaluated. Methods to analyze data can include statistical techniques.

Checklist Questions

  1. Show how does the organization analyse and evaluate data and information arising from monitoring, measurement and other sources.
  2. Show how the output of analysis and evaluation is used to:
    a) Demonstrate conformity of products and services to requirements?
    b) Assess and enhance customer satisfaction?
    c) Ensure conformity and effectiveness of the QMS?
    d) Demonstrate that planning has been successfully implemented?
    e) Assess process performance?
    f) Assess performance of external providers?
    g) Determine the need or opportunities for improvements within the QMS?
  3. Show me where the results of analysis and evaluation are used to provide inputs to management review.

Implementation Guidelines

  1. You must collect and analyze QMS data that relate to the performance, effectiveness and efficiency of products, services, QMS processes, production output, external provider (supplier) performance, use of resources, cost of poor quality, customer satisfaction, etc.
  2. You must sort and summarize the data you collect into things gone right and things gone wrong and present them separately. Management can then focus on continual improvement of things gone right and take corrective action on things gone wrong.
  3. A summary of QMS performance data must be included in your periodic management review.

9.2 Internal Audit

The Requirement

9.2.1

The organization should conduct internal audits at planned intervals to provide information on whether the quality management system conforms to the organization’s own requirements, the requirement of ISO 9001:2015 standards and is effectively implemented and maintained

9.2.2

The organization must plan, establish, implement, and maintain an audit program, which must include frequency, methods, and responsibilities, planning requirements and reporting. While making an audit program, consideration must be given to the  importance of concerned processes, changes impacting the organization and the results of previous audits. It must define audit criteria and scope for each audit. It must select auditors and conduct audits for impartial and objective audit process. It must ensure results of audits are reported to relevant management. it must take necessary correction and corrective actions without undue delay. It must  retain evidence of audit program implementation and audit results.

Checklist Questions

  1. Are internal audits being conducted at planned intervals? Do they determine whether the QMS conforms to the requirements of ISO 9001 and to the other requirements established by Organization? (Review records to demonstrate conformance)
  2. Do they determine whether the QMS is effectively implemented and maintained? (Review records)
  3. Can you show audit programme(s) that takes into consideration the quality objectives, importance of the processes, customer feedback, changes impacting the organization and the results of previous audits?
  4. What are the audit criteria and scope for audit?
  5. Can you demonstrate that selection of auditors and the conduct of audits are objective and impartial and that auditors don’t audit their own work?
  6. How are audit results reported to relevant management?
  7. Can you demonstrate that necessary correction and corrective actions are taken without undue delay?
  8. Can you show documented information of the audit programme and the audit results?

Implementation Guidelines

  1. Audit process must address the responsibilities for conducting the audits, ensuring independence, recording results, and reporting to management.
  2. Audits obtain objective evidence of conformity with requirements. The evidence must be based on fact and may be obtained through observation, measurement, test, or by other means. Evaluating the extent to which audit criteria are fulfilled involves an assessment of both implementation and effectiveness.
  3. The scope of your internal audit program must cover the
    a) Audit of operation processes to determine conformity of product / services and their processes to customer and applicable regulatory requirements.
    b) Audit of the QMS to determine conformity to the ISO 9001 standard and organizational requirement.
    c) Audit of QMS processes and their interaction to determine if the QMS has been effectively implemented and maintained
  4. In determining the time frame for your audit program, you should consider organization size, complexity of product and processes, health of the QMS, customer, registrar and regulatory requirements, etc. The most common time frame is six months.
  5. Consider adjusting the audit frequency and perhaps even the audit scope, of specific processes or group of processes, when:
    a) You experience internal or external nonconformities.
    b) Get customer complaints.
    c) Have critical or high risk processes.
    d) Have frequent or significant changes to processes and product.
  6. During the audit Auditors should ensure that the objectivity and impartiality of the audit is not compromised. Auditors cannot audit their own work.

9.3 Management Review

The Requirement

9.3.1 General 

The Top Management of the organization should review the Organization’s QMS at planned intervals to ensure its continuing suitable, adequacy,  effectiveness and it should be aligned with the strategic direction of the organization.

9.3.2 Management review inputs

Plan and carry out management review considering status of actions from previous management reviews, changes in external and internal issues relevant to QMS, the adequacy of resources, opportunities for improvement and the effectiveness of actions taken to address risks and opportunities as explained in clause 6.1. The organization must also consider information on quality performance and effectiveness , including trends in non conformities  and corrective actions, customer satisfaction and feedback from relevant interested parties, Monitoring and measurement results, Audit results, extent to which quality objectives have been met, process performance, conformity of product and services, the performance of  external providers 

9.3.3 Management review outputs

Outputs from the management review must include decisions and actions related to opportunities for improvement, any need for changes to QMS, and resource needs. The organization should retain documented information as evidence of the results of management reviews.

Checklist Questions

  1. What is the frequency that top management reviews the organization’s QMS? How is the QMS deemed suitable, adequate and effective?
  2. What kinds of information are reviewed in management reviews? Do they include:
    a)     actions status of previous reviews;
    b)     changes to internal/external issues relevant to the QMS;
    c)     issues that affect strategy;
    d)     KPIs for nonconformities and corrective actions;
    e)     monitor and measurement of results;
    f)      audit results;
    g)     customer satisfaction;
    h)     issues concerning external providers;
    i)      issues concerning other relevant parties;
    j)      adequacy of resources and effectiveness of QMS;
    k)     process performance;
    l)      conformity of products and services;
    m)   actions taken to address risks and opportunities and their effectiveness;
    n)     new potential opportunities for continual improvement.
  3. Show that management reviews include decisions and actions relating to:
    a)     Continual improvement opportunities;
    b)     The need for changes to the QMS including resource needs.
  4. Show what documented information you have as evidence of management reviews.

Implementation Guidelines

  1. Though not required by the standard, there should be a procedure for management review as it has specific requirements for management review inputs, value-adding review activities and outputs. The procedure should address the frequency, schedule, quorum and agenda for review meetings to be attended by top management.
  2. For the management review process itself to be effective, top management must plan the review all agenda items with some regularity and take timely action to change or improve any part of it, including the quality policy and objectives.
  3. The Top Management can incorporate QMS agenda items into regular monthly or quarterly operational meetings.
  4. Management review input should preferably be in summary form, showing QMS and operational performance measured against the business and quality plans, customer and regulatory objectives and goals.
  5. Review decisions and actions must relate to improving products and processes or even creating new ones, providing more resources or perhaps improving the efficiency of existing resources, improving QMS controls, objectives, improving overall QMS effectiveness and customer satisfaction.
  6. Responsibilities and timelines should accompany these decisions and actions.
  7. The performance of these actions must be followed up at subsequent management review meetings.
  8. You must also identify what specific documents are needed for effective planning, operation and control of this process . These documents may include – a documented information, review on, schedule, agenda and action forms etc., combined with unwritten practices, procedures and methods.
  9. Management review records must include topics discussed, decisions, responsibilities for corrective or improvement actions and related timelines, provision of resources, and follow-up actions from previous management reviews.

Documented Information if applicable

  1. Problem Analysis Report
  2. Customer Satisfaction Survey Form
  3. Customer Complaint Register
  4. Annual Internal Audit Plan
  5. Internal Audit Schedule
  6. Internal audit report
  7. List of internal auditor
  8. Management Review Meeting record

For more information on Performance evaluation click here

Reach us at Kuwait office

Trace International, Office no 717, 7th floor, AL Rehab Complex, Tunis Street, Hawally , Kuwait

Tel: +96522623203, Mobile: +96565019055

Mail us at:

 

ISO 9001:2015 Operations

8.1 Operational Planning and Control

The Requirement

The Organization should plan, implement, and control the processes, as outlined in 4.4, needed to meet requirements for the provision of products and services and to implement the actions determined in 6.1 by  determining product and services requirements; establishing criteria for the processes and for the acceptance of products and services; determining the resources needed to achieve conformity to product and service requirements; implement control of the processes in accordance with the criteria; determining, maintaining and retain documented information to the extent necessary to have confidence that the processes have been carried out as planned and to demonstrate conformity of products and services to requirements. The output of this planning should be suitable for the organization’s operations. The organization should control planned changes and review consequences of unintended changes, taking action to mitigate any adverse effects, as necessary. The organization should ensure  outsourced processes are controlled in accordance with 8.4.

Check list Questions

  1. How are processes needed to meet requirements for provision of products and services planned, implemented and controlled?
  2. How are requirements for products and services determined?
  3. How is criteria for processes and acceptance for products and services determined?
  4. How are resources determined?
  5. How is process control implemented?
  6. Show the documented information that shows confidence in that the processes have been carried out as planned and can demonstrate conformity of products and services.
  7. How the organization does determine that the output from the planning process is suitable for its operations?
  8. How does the organization control planned changes? How are the consequences of unintended changes reviewed? What action is taken to mitigate any adverse effects?
  9. How is outsourced processes controlled?

Implementation Guidelines

  1. The focus of clause 8.1 is on controls governing the making of product to meet customer requirements and all the QMS processes that, directly or indirectly, make this happen. Operation processes may include customer related processes (sales and marketing), design and development, production, shipping, receiving, packaging, measurement and monitoring of product and processes, etc., whether performed onsite or off-site.
  2. The output of Operation planning may be implemented in many different ways such as product /project quality plan, drawings, machine set-up, inspection criteria, process sheets etc. These must be readily available to those performing these processes.
  3. Quality plans should include the processes needed, process sequence and control parameters, specific resources needed to make, verify and deliver product, product acceptance criteria and quality objectives, product and process monitoring and measurement controls, plans to control and correct any product or process nonconformities, reference to support processes, documents needed such as work instructions or engineering specifications, etc. and details of records to be kept.
  4. You must also identify what specific documents are needed for effective planning, operation and control of production processes. These documents may include contracts, specifications, orders, product quality plans, work instructions, a documented procedure etc., combined with unwritten practices, procedures and methods.
  5. Quality objectives may include defect rates, scrap rates, etc. Requirements or criteria for the product may include physical properties, dimensional , functional, etc, and their related measurements, tolerances and acceptance levels. In many instances, depending on the nature of the product, the customer may specify objectives and requirements and criteria for the product realization processes as well.
  6. Steps to Operation planning may includea)    Create a quality plan for a product or service to describe how the QMS will be modified and applied to all operations. Such a plan could include or reference procedures and records to be maintained and analyzed.b)    Consider using the product design and development process approach for designing processes. This is a requirement in the automotive industry. It has become a best practice demonstrated in many organizations even though ISO 9001 does not explicitly require adherence to the design and development requirements for internal process designs. This enhances both the effectiveness and the efficiency of processes.c)    Identify key performance measures for both products and processes and align them with your quality and business objectives.

8.2 Determination of Requirements for Products  and Services

The Requirement

8.2.1 Customer Communication

The organization must establish the processes for communicating with customers  to provide information relating to products and services; inquiries, contracts, or order handling, including changes;  obtaining customer feedback relating to product and services including customer complaints; handling or controlling customer property, and establishing specific requirements for contingency actions, when relevant.

8.2.2 Determination of Requirements related to Products and Services

The  organization must ensure, while  determining the requirements for the products and services to be offered to  customers that the product and service requirements (including those considered necessary by the organization), and applicable legal requirements, are defined. The organization must also ensure that it has the ability to meet the defined requirements and substantiate the claims for the products and services it offers.

8.2.3 Review of Requirements for Product and services

8.2.3.1 The organization must ensure that it has the ability to meet the requirements for products and services to be offered to customers. The organization shall conduct a review before committing to supply products and services to a customer. The review should include the  requirements specified by the customer, including the requirements for delivery and post-delivery activities; requirements not stated by the customer, but necessary for the specified or intended use, when known, requirements specified by the organization, statutory and regulatory requirements applicable to the products and services, contract or order requirements differing from those previously expressed. The organization must ensure that contract or order requirements differing from those previously defined are resolved.  When the customer does not provide a documented statement of their requirements, the organization must confirm them before accepting them.  In some situations, such as internet sales, when a formal review is impractical for each order, the review can cover relevant product information, such as catalogues.

8.2.3.2 The organization should retain documented information  on the results of the review and  on any new requirements for the products and services.

8.2.4 Changes to requirements for products and services

The organization should ensure that relevant documented information is amended, and that relevant persons are made aware of the changed requirements. when the requirements for products and services are changed.

Check list Questions

  1. What are the processes for communicating with customers? How does the organization communicates information relating to Products, Services, Enquiries, Contracts, Order handling, Customer views, perceptions and complaints, Handling or treatment of customer property, Specific requirements for contingency actions?
  2. What is the process to determine the requirements for products and services to be offered to potential customers? How this process is established, implemented and maintained?
  3. How does the organization define product and service requirements including statutory and regulatory requirements?
  4. How do you ensure that you have the ability to meet the defined requirements and substantiate any claims for your products and services?
  5. How the organization does reviews customer requirements for delivery and post-delivery?
  6. How the organization does review requirements necessary for customers’ specified or intended use, where known?
  7. How the organization does review additional statutory and regulatory requirements applicable to products and services?
  8. How the organization does review any other contract or order requirements?
  9. Show that the review is conducted prior to your commitment to supply products and services to your customers. How do you resolve contract or order requirements which differ from those previously defined?
  10. How does the organization confirms customer requirements where the customer does not provide a documented statement?
  11. What documented information are retained which describes results of the review including any new or changed requirements?
  12. Show the documented information containing changes to products and services. How do you ensure that relevant personnel are made aware of those changes?

Implementation Guidelines

  1. This Customer’s communication must include information related to the products or services, handling inquiries, contracts or orders, customer feedback, handling and controlling customer property and, if needed, establishing specific requirements for contingency actions. Ensure that the customer has a clear written quotation and specification relating to the product/ services they want. Communication with customers needs to ensure is that customer requirements and other requirements for the product or service are clearly understood.
  2. To avoid customer complaints or dissatisfaction, even for “requirements” that are not clearly stated (e.g., regulatory requirements or marketplace norms), the organization should consider a comprehensive understanding of customer requirements, perhaps even performing Risk assessment on the processes.
  3. Clause 8.2.2 requires the organization to determine the requirements related to its products and services. This includes:a) Establishing a process for determining the requirements for the products offered to potential customersb) Determining requirements of the customer, For the organization and from applicable statutes and regulations.c)Determining that the organization has the ability to meet the requirements and substantiate claims related to its products and services
  4. It is recommended that you maintain documented information to describe the process for determination of all aspects of product and service requirements. The documented information should include both product requirements specified by the customer and product requirements not specified by the customer but necessary for intended or specified use. Also, unique regulatory and statutory requirements should be considered as well as commercial terms and conditions.
  5. The organization must review the requirements of products and services, which includes:a) Customer-specific requirements for the product or service, including any requirements for delivery or post-delivery actionsb) Requirements known to be needed by the organization even though not specified by the customerc) Applicable statutory and regulatory requirements applying to the product or serviced) Requirements of the final contract or order differing from those previously provided by or discussed with the customer
  6. Changes are required to be controlled and documented information updated to ensure that changes are properly included in documented information. When changes to product requirements, orders, contracts, or quotations occur, the organization is required to ensure that relevant documented information is amended and communicated, as appropriate, within the organization.

 8.3 Design and Development of Products and Services

The Requirement

8.3.1 General

The organization should establish, implement, and maintain a design and development process. such that they are adequate for subsequent production or service provision.

8.3.2 Design and Development Planning

While planning for design and development, the organization must consider the following  in determining the stages and controls for design and development:

  1. the nature, duration and complexity of the design and development activities;
  2. the required process stages, including applicable design and development reviews;
  3. the required design and development verification and validation activities; 
  4. the responsibilities and authorities involved in the design and development process;
  5. the internal and external resource needs for the design and development of products and services;
  6. the need to control interfaces between persons involved in the design and development process;
  7. the need for involvement of customers and users in the design and development process;
  8. the requirements for subsequent provision of products and services; 
  9. the level of control expected for the design and development process by customers and other relevant interested parties;
  10. the documented information needed to demonstrate that design and development requirements have been met

8.3.3 Design and Development Inputs

The organization must determine the   requirements essential for the specific type of products and services being designed and developed, including, as applicable, functional and performance requirements; applicable legal requirements; information derived from previous similar design and development activities;  standards or codes of practice the organization has committed to implement;  potential  consequences of failure  due to the nature of products and services;  Ensure inputs are adequate for design and development purpose, complete, and unambiguous. Resolve conflicts among Design and Development  inputs.

8.3.4 Design and Development Controls

The organization should apply controls to the design and development process to ensure that  results to be achieved by the design and development activities are clearly defined; Design and development reviews are conducted as planned; Verification activities are conducted to ensure that the design and development outputs have met the design and development input requirements; Validation activities are conducted to ensure that the resulting products and services are capable of meeting the requirements for the specified application or intended use (when known). The organization must take  any necessary actions on the  problems determined during the reviews, or verification and validation activities. The organization must maintain any documented information of these activities. Design and development reviews, verification and validation have distinct purposes. They can be conducted separately or in any combination. as is suitable for the products and services of the organization.

8.3.5 Design and Development Outputs

The organization must ensure that design and development outputs  meet the input requirements for design and development. They should be  adequate for the subsequent processes for the provision of products and services. They must include or have a reference of monitoring and measuring requirements, and acceptance criteria, as applicable. They must  ensure products to be produced, or services to be provided, are fit for intended purpose and their safe and proper use. The organization must retain the documented information resulting from the design and development process.

8.3.6 Design and Development Changes

The organization should identify, review and control changes made (during the design and development of products and services, or subsequently) to design inputs and design outputs to the extent that there is no adverse impact on conformity to requirements. The organization must retain documented information on design and development changes, the result of review, the authorization of changes and action taken to prevent adverse impact.

Checklist Questions

  1. Where detailed requirements of the products and services are not already established or defined by the customer or other parties, how does the organization establish, implement and maintain a design and development process?).
  2. When determining the stages and control for design and development, show how does the organization consider:a) The nature, duration and complexity of the activities;b) Requirements that specify particular process stages including applicable reviews;c) Required verification and validation;d) Responsibilities and authorities;e) How interfaces are controlled between individuals and parties;f) The need for involvement of customer and user groups.
  3. Show the documented information that confirms design and development requirements have been met.
  4. Can you show me how does the organization determines the requirements essential for the type of products and services being designed and developed, including Functional & performance requirements as applicable.
  5. Can you show me how does the organization determines the Statutory & regulatory requirements;
  6. Can you show me how does the organization determines the Standards or codes of practice where there is a commitment to implement.
  7. Can you show me how does the organization determines the Internal and external resources needed for
  8. Can you show me how does the organization determines the design and development of products and services.
  9. Can you show me how does the organization determines the Potential consequences of failure.
  10. Can you show me how does the organization determines the level of control expected of the design and development process by customers and other relevant parties.
  11. How the organization does determine that inputs are adequate, complete and unambiguous for design and development? How do you resolve conflicts among inputs?
  12. How do controls that are applied to the design and development process ensure:a) Results achieved by design and development activities are clearly defined?b) Design and development reviews are conducted as planned?c) Outputs meet the input requirements by verification/ Validation is conducted to ensure that the resulting products and services are capable of meeting the requirements for the specified application or intended use when known?
  13. How do you ensure that design and development outputs meet the input requirements for design and development?
  14. How do you ensure that design and development outputs are adequate for the subsequent processes for the provision of products and services?
  15. How do you ensure that design and development outputs include or reference monitoring and measuring requirements, and acceptance criteria, as applicable?
  16. How do you ensure that design and development outputs ensure products to be produced, or services to be provided, are fit for intended purpose and their safe and proper use?
  17. Show me the documented information which results from the design and development process.
  18. How do you review, control and identify changes made to the design inputs and outputs during design and development of products and services ensuring no impact on conformity to requirements?
  19.  Show me the documented information for design and development changes.

Implementation Guidelines

  1. The scope of your design and development activity must consider all aspects of the product and product realization processes to ensure its conformity to requirements. This includes product identification, handling, packaging, storage and protection during internal processing and delivery to the customer.This clause is equally applicable for designing and developing manufacturing processes. It is required to include the following:a) Planning to determine design stages considering activities such as verification and validation, control of design interfaces, design review, resources needed for design and development, customer involvement, and the documented information needed to confirm that input requirements are met.b) Determination of the design and development inputs required, including such things as functional requirements, regulatory and statutory requirements, applicable standards or codes, information from earlier projects, and potential consequences of failure. Conflicting requirements are required to be resolved.c) Design and development controls, including clear delineation of the results to be achieved, planning and conducting design and development reviews and verification activities to ensure design outputs meet input requirements, and validation to ensure the products and services meet the requirement for the application intended.d) Design and development outputs are required to meet input requirements, to be adequate for subsequent processes in the provision of the product or service, and to ensure the products and services are fit for their intended purpose.e)Design and development changes are required to be identified, reviewed, and controlled. This includes changes to design inputs or outputs. Controls are required to ensure that changes do not have an impact on the products and service conformity.f)The organization is required to retain documented information resulting from the design and development process, including design and development changes.
  2. D& D Requirements need to be established review, verification, and validation into the D & D project. The organization needs to determine how communications will be structured e.g., weekly meetings, periodic reports, or other methods.
  3. One must take a multi-disciplinary approach that includes as needed, other functions (besides design) such as quality, engineering, purchasing, sales, tooling, production, etc. Your plan must clearly identify these other functions and their specific role and responsibilities regarding the project. Consider including customer and supplier personnel at appropriate stages to do work and review results or progress
  4. D& D plan must specify the D & D stages, activities and tasks, responsibilities, timeline and resources, specific tests, validations, and reviews, and outcomes. There are many tools available for planning ranging from a simple checklist to complex software. The degree and details of planning may vary according to size and length of contract or project, complexity, risk, product life, customer and regulatory requirements, past experience with similar product, etc.
  5. D & D plan must be dynamic and updated as requirements and circumstances change. The organization must track progress against the D & D plan at regular intervals or project milestones and update the plan as activity progresses. It must include methods to communicate information, responsibilities, results, discussions, reviews and resources.
  6. You must also identify what specific documents are needed for effective planning, operation and control of production activities These documents may include contracts, technical drawings and specifications, a documented plan for design and development, work instructions, a documented procedure etc., combined with unwritten practices, procedures and methods.
  7. The design and development project plan serves as both a document and a record as it is updated for completion for various activities.
  8. There must be a process that should be part of D & D plan to identify, document, review , deploy and use design input information such as documents coming from various sources such as customer contracts, drawings and specifications, organization’s database of previous design and development projects, competitor analysis, industry standards, feedback from suppliers, field data.
  9. The organization must identify and include any special and safety characteristics in the process control documents such as quality plans, product drawings, operator instructions and other documents used to make or verify product.
  10. You must review all input requirements, review design and development progress, verify product design and validate developed product at various stages of your design and development process. The nature, frequency and scope of these controls must be defined in your design and development plan or other document. You must carry out these controls according to your plan and keep appropriate records .
  11. Do design reviews at one or more milestones of the design and development project, depending on customer requirements, the size, complexity and risks involved. The purpose of these reviews is to evaluate results to requirements, check project progress and costs to plan and take actions on any problems encountered.
  12. There must be a multi-disciplinary approach for doing these reviews and keep appropriate records of issues discussed, actions to be taken, responsibilities and timeline for completion. All design and development reviews must be included in your design and development plan.
  13. Product design Verification includes design reviews, comparing the new design to a similar proven design if available, performing alternate calculations, performing tests and simulations, reviewing the design documents before release, etc.
  14. Manufacturing process design verification include design review , process capability studies, testing various process parameters, performing tests and trials, reviewing the manufacturing process design documents before release, etc.
  15. Verification is checking product or process to input requirements, whereas validation is checking product or process is suitable for its intended use does it perform/function in the way intended by your customer or your organization. Product and manufacturing process validation includes – design reviews, comparison between customer requirements and internal development plans, design and development validation against customer requirements and design and development input requirements, corrective action and lessons learned from documented process failures and product nonconformities.
  16. Any problem you have encountered during the verification and validation or identified during review must be resolved.
  17. Design and development output may be product or documentation or both. Product may be prototype or finished product and documentation could be a computerized or hard copy drawing or specification. Check design and development output against the input requirements , before you use it any further.
  18. Many documents are created from the design and development output stage such as drawings, quality plans, work instructions, etc.Where any sophisticated design and development tools such as AutoCAD are used requiring specific competency or training, ensure you provide and keep appropriate records of competency and training of personnel performing design and development activities and use of these tools.
  19. Provide appropriate design and development output information to:a) Purchasing material or service specificationsb) Production output such as product specifications, special characteristics, drawings, diagnostics, etc.c) Service output such as product specifications; performance reliability and maintenance criteria.
  20. D & D Changes may come from internal, customer or regulatory sources. Get all requests for product or manufacturing process design changes in writing from your customer. Impact of the change must be evaluated on materials used, design process, manufacturing process, characteristics and use of developed product, regulatory compliance, cost etc.
  21. Make sure your process for design and development changes follow appropriate steps ie define plan, have inputs and outputs, verify and validate to the extent necessary to meet customer requirements and control product, quality and business risks.
  22. Documented information on design and development changes, the result of review, the authorization of changes and action taken to prevent adverse impact must be maintained.

8.4 Control of Externally Provided Products and Services

The Requirement

8.4.1 General

The organization must ensure that externally provided processes, products, and services conform to specified requirements. The organization must apply the specified requirements for control of externally provided products and services when products and services are provided by external providers for incorporation into organization’s own products and services; products and services are provided directly to the customer by external providers on behalf of the organization;  a process or part of a process is provided by an external provider as a result of a decision by organization to outsource a process or function. The organization must determine and apply criteria for evaluation, selection, monitoring of performance, and re-evaluation of external providers based on their ability to provide processes or products and services in accordance with specified requirements. The organization must retain  appropriate documented information of the above mentioned activities and any necessary action arising out of evaluation.

8.4.2 Type and Extent of Control

The organization should ensure that externally provided  processes, products and services do not adversely affect the organization’s ability to consistently deliver conforming products and services to  its customers. The organization should  ensure that externally provided processes remain within the control of its quality management system. It should  define both the controls that it intends to apply to an external provider and those it intends to apply to the resulting output.  In determining type and extent of controls to be applied to external provision of processes, products and services, organization must consider the  potential impact of the externally provided processes, products, and services on the organization’s ability to consistently meet customer and applicable legal requirements and effectiveness of the controls applied by the external provider. The organization must establish and implement verification or other activities necessary to ensure the externally provided processes, products, and services meet the requirements. 

8.4.3 Information on External Providers

The organization must ensure the adequacy of specified requirements prior to their communication to external providers. The organization should communicate to external providers applicable requirements for the following:

  1. products and services to be provided or the processes to be performed on behalf of the organization;
  2. approval or release of products and services, methods, processes or equipment;
  3. competence of personnel, including necessary qualification;
  4. their interactions with the organization’s quality management system;
  5. control and monitoring of the external provider’s performance to be applied by the organization;
  6. verification activities that the organization, or its customer, intends to perform at the external provider’s premises.

Check list Questions

  1. How does the organization ensure externally provided processes, products and services conform to specified requirements?
  2. Show how the organization applies specified requirements for the control of externally provided products and services when:a) Products and services are provided by external providers for incorporation into products and services;b) Products and services directly to customers by external providers on your behalf;c) A process or part-process is provided by an external provider as a result of a decision to outsource a process or function.
  3. Show how does the organization establishes and apply criteria for evaluation, selection, monitoring of performance and re-evaluation of external providers. How do you assess their ability to provide processes or products and services in accordance with specified requirements?
  4. What documented information is available as results of evaluations, monitoring of performance and reevaluations of external providers?
  5. How does the organization determine the controls applied to the external provision of processes, products and services and take into consideration?a) The potential impact of the externally provided processes, products and services on the ability to consistently meet customer and applicable statutory and regulatory requirements?b) The perceived effectiveness of the controls applied by the external provider?
  6. What verification or other activities does the organization have to ensure externally provided processes, products and services do not adversely affect its ability to consistently deliver conforming products and services to customers?
  7. When processes or functions have been outsourced to external providers, how do you define the controls intended to be applied to the external provider and to the resulting process output?
  8. Show how the organization communicates to external providers, applicable requirements for:a) Products and services to be provided or the processes to be performed on behalf of the organization;b) Approval or release of products and services, methods, processes or equipment;c) Competence of personnel, including necessary qualification;d) Their interactions with the organization’s quality management system;e) The control and monitoring of the external provider’s performance to be applied by the organization;f) Verification activities that the organization, or its customer, intends to perform at the external provider’s premises.
  9. Before you communicate with external providers, how do you ensure the adequacy of specified requirements?

Implementation Guidelines

  1. Externally provided processes, products and services includes purchasing from a supplier, an arrangement with an associate company and outsourcing processes to an external provider.The organization can apply risk-based thinking to determine the type and extent of controls appropriate to particular external providers and externally provided processes, products and services;
  2. You must have specifications/criteria for purchased product. These specifications may come from your organization, customer, regulatory bodies, supplier or industry.The purchased product may include materials, production equipment, tooling, measuring and test equipment, facilities, transport vehicles, returnable packaging, intellectual property (drawings, specifications or proprietary information), product returned for servicing under warranty, product sent for outsourced work etc.
  3. Many times the customer may require the use of pre-approved purchased products and suppliers. The onus is still on you to ensure that purchased product from customer-designated sources meets all requirements.
  4. You must control both, the product you buy, as well as the supplier you buy from. Your controls must primarily be based on prevention of nonconformities in both product and supplier performance.
  5. Based on how important the purchased product is to design, manufacture, assemble and maintain your end product, categorize your purchased products and services accordingly. Then determine what controls you need to ensure consistent purchased product quality and consistent supplier performance. You can then apply different controls for different purchased products. These controls must be included or referenced in your quality or inspection plans.
  6. There are several ways to evaluate your suppliers. Besides product quality, your criteria for supplier selection and evaluation may include the potential supplier’s financial capability, technical and manufacturing capability and capacity, reliability, reputation, flexibility to handle changes, support, service, cost etc.
  7. You must maintain a list of all qualified suppliers. In addition to the initial evaluation and approval of suppliers, you are required to carry out ongoing monitoring and measurement of their performance.
  8. You must identify your purchasing processes whether on site or off site.
  9. Use supplier monitoring indicators to evaluate the consistency, capability and reliability of their performance for quality, On-time delivery, support, etc. On-time delivery is very important and disruptions (due to waiting for materials) at your customers or even your own facility must be avoided.
  10. For each process, you must document the controls for purchased product and suppliers. You must also show the linkage and interaction of purchasing processes with other processes such as design, manufacturing, tooling maintenance, calibration.
  11. You must keep records of all supplier evaluations (whether initial or periodic), including any corrective actions placed on them for any nonconformities. You must identify and document all processes addressing this clause as part of your QMS. For these processes, you must also identify what specific documents, controls and resources are needed .You could use a documented procedure or other combination of specific practices, procedures, documents and methods.
  12. Consider using supplier quality plans, inspection plans, etc., to verify that purchased product meets specified purchase (product and QMS) requirements.Your inspection process must define and document the acceptance criteria and sampling plan for product conformity and what measurement tools needed and records needed to show effective control of purchased product quality and supplier performance.
  13. Where any of your controlled suppliers have gone through a significant organizational change you must verify the continuity and effectiveness of their QMS.
  14. Your purchase documents such as purchase order, contract, blanket order, your organization’s supplier quality manual, etc. must specify your requirements for the purchased product, the suppliers QMS and any other initial or on-going controls you deem necessary for ensuring consistent supplier performance.
  15. You must define how you ensure the adequacy of these documents before you communicate them to your supplier. A review of adequacy of purchasing documents may include their completeness, accuracy, correctness, quantity, timing, cost, approval, etc.,
  16. You must show evidence of carrying out (issue purchase documents) and review of these documents.
  17. An outsourced process is any value-adding or conversion activity related to your product or service, that is performed by an external organization such as a subcontractor, sister facility, etc.
  18. You must be able to demonstrate sufficient controls over outsourced processes to ensure that such processes are performed according to the relevant requirements of ISO 9001:20015
  19. Outsourced processes may be controlled in any number of ways, e.g., providing the vendor with product specifications, supplier quality manual that they must meet, asking for inspection and test results or certificates of compliance, validation of outsourced  process, conducting product and QMS audits of vendor; etc.

CLAUSE 8.5 Production and Service Provision

8.5.1 Control of Production and Service

The Requirement

The organization should implement production and service provision  under controlled conditions. Include these controlled conditions, as applicable:

  1. availability of documented information that defines characteristics of products and services.
  2. availability of documented information that defines activities to be performed and results to be achieved.
  3. availability and use of suitable monitoring and measuring resources
  4. implementation of  monitoring and measurement activities at appropriate stages to verify that criteria for control of processes and process outputs, and acceptance criteria for products and services, have been met.
  5. use and control of suitable infrastructure and process environment for operation of process.
  6. appointment of competent person and, where applicable, required qualification of persons;
  7. validation, and periodic revalidation, of ability to achieve planned results of any process for production and service provision where resulting output cannot be verified by subsequent monitoring or measurement.
  8. implementation of products and services release, delivery, and post-delivery activities.

Check list Questions

  1. How the organization does implements the production and service provision under controlled conditions?
  2. Can you show availability of any documented information that defines the characteristics of the product, services or activities to be performed and the results to be achieved?
  3. Can you show controlled condition for monitoring and measurement activities at appropriate stages to verify that criteria for control of processes and process outputs, and acceptance criteria for products and services, have been met?
  4. Can you show controlled condition for the use, and control of suitable infrastructure and process environment?
  5. Can you show controlled condition for the availability and use of suitable monitoring and measuring resources?
  6. Can you show controlled condition for the competence and, where applicable, required qualification of persons?
  7. Can you show controlled condition for the validation, and periodic revalidation, of the ability to achieve planned results of any process for production and service provision where the resulting output cannot be verified by subsequent monitoring or measurement?
  8. Can you show controlled condition for the implementation of products and services release, delivery and post-delivery activities?

Implementation Guidelines

  1. To improve your QMS, it will be very useful to draw a flow chart to link the flow and interaction of the activities and sub-processes.
  2. Use your product, project or contract quality plan to control your operation activities.Quality plans address what has to be made, how much has to be made, when it has to be made, by whom, in what sequence, how it has to be made, what equipment to use, what measurement and monitoring tools to use, what to inspect, when to inspect, how much to inspect, what to do if problems arise, etc.Your quality plan must cover all operation process steps from receipt of materials, production, packaging, storage, delivery and even post-delivery activities such as installation or training.
  3. Schedule your operations taking into consideration customer delivery requirements, production capacity and capability, material availability and usage, personnel availability and usage; storage; etc. Carefully define and document the interaction of your operation scheduling process with your logistics processes such as inventory management, customer communication, traffic and shipping control, packaging and labeling, sales and billing.
  4. Your quality plans are dynamic and must be updated for the changes in product specifications or process parameters; resources used; monitoring or measurement requirements, etc. Your quality plans should reference any work instructions specified for the process steps.
  5. Work instructions may exist in may forms such as narrative, graphical, audio, video, physical display etc.If any work instructions are needed at specific points in your process, then they must be readily available and relevant i.e. current or right version.
  6. You must also identify what specific documents are needed for effective planning, operation and control of production activities. These documents may include – a product quality plan; work instructions; documented procedure; etc., combined with unwritten practices, procedures and methods.
  7. Validation is usually required where product cannot be verified without damaging or destroying the product, e.g. some types of welding, heat-treatment, painting, electroplating, rust-proofing, etc.Validation involves conducting capability studies using a combination of resources technology, equipment, materials, environment, competent personnel, and production and testing methods that consistently result in a quality product or service. Validation requires customer or regulatory approval of the process.
  8. You must keep appropriate records of process validation showing both the achievement of planned results as well as the ongoing maintenance of such capability. It is up to each organization to determine what combination of resources and methods will provide the required consistent process capability and quality of product or service. Include as appropriate, these validation controls in your quality plans.
  9. If you change any part of the proven process capability for e.g. materials, equipment or personnel, etc., you must revalidate i.e re-prove the changed process.

8.5.2 Identification and Traceability

The Requirement

The organization should use suitable means to identify “process outputs” where necessary to ensure conformity of products and services. THe  organization should identify status of “process outputs” with respect to monitoring and measurement requirements throughout production and service provision. The organization should control unique identification of “process outputs” where traceability is a requirement. It should retain any documented information necessary to maintain traceability. “Process outputs” are results of any activities which are ready for delivery to customer or to an internal customer (e.g., receiver of inputs to next process). “Process outputs” can include products, services, intermediate parts, components, etc.

Checklist Questions

  1. What suitable means is used by the organization to identify output when it is necessary to ensure the conformity of products and services?
  2. How is the status of outputs with respect to monitoring and measuring requirements throughout the production and service provision being identified by the organization?
  3. How does the organization control the unique identification of the outputs when traceability is a requirement?
  4. Shot the documented information necessary to enable traceability, when traceability is a requirement?

Implementation Guidelines

  1. Product status: It means knowing the quality status (good or bad) of materials and product through each of the above stages. Product status can be controlled using physical and electronic methods.
  2. Product identification: It means knowing the identity of yours or customer supplied product from incoming receipt of materials, raw material storage, use in production, work in progress, finished product storage, and delivery of product to the customer. Product identification can be controlled using physical and electronic methods.
  3. Unique Product Identification: This usually involves keeping detailed records of product manufacturer such as material, equipment, personnel, processes, production, inspection and test details, etc., for individual products or production batches. These records help to troubleshoot product and process problems, resolve customer complaints, and enables continual improvement of product and process. Depending on the product, the OEM may specify the degree of unique identification and traceability required.
  4. Specific Documented information may be included in your Operation processes through your product quality plans, work instructions and other specific documentation. Examples of product identification and test status include physical tags, barcode labels linked to computer records; MRP systems tracking specific production runs/lots, automated production transfer processes, etc.
  5. Process outputs are the results of any activities which are ready for delivery to the organization’s customer or to an internal customer (e.g. receiver of the inputs to the next process); they can include products, services, intermediate parts, components, etc

8.5.3 Property Belonging to Customers or External Providers

The Requirement

The organization should exercise care with property belonging to customers or external providers while under the organization’s control or being used by organization. The organization should identify, verify, protect, and safeguard the customer’s or external provider’s property provided for use or incorporation into products and services. It should report to the customer or external provider when their property is incorrectly used, lost, damaged, or otherwise found to be unsuitable for use. Customer property can include material, components, tools and equipment, customer premises, intellectual property, and personal data.

Checklist Questions

  1. What care does the organization provide for customer or external provider’s property while under its control?
  2. How does the organization identify, verify, protect and safeguard the customer property which is provided for use or incorporation into products or services?
  3. What means does the organization use to report to the customer or external provider if their property is incorrectly used, lost, damaged or found to be unsuitable for use?

Implementation Guidelines

  1. Customer or External provider property may include material, production equipment, tooling, measuring and test equipment, facilities, transport vehicles, returnable packaging, intellectual property such as drawings, specifications or proprietary information, product returned for servicing under warranty, product sent for outsourced work, etc.
  2. All customer property is exposed to the risk of being damaged, lost, misused, misplaced, stolen, become unsuitable or obsolete for use. Notify the customer/ External provider in writing if their property is lost, damaged or otherwise found to be unsuitable such as perishable past its shelf life for use
  3. Control to minimize the risks to customer/External provider property include inventory management, preservation and storage, identification, status and traceability indicators, maintenance, notification, traffic flow, authorized use, restricted access, etc.

8.5.4 Preservation

The Requirement

The organization should ensure the preservation of “process outputs” during production and service provision, to the extent necessary to maintain conformity to requirements. Preservation can include identification, handling, packaging, storage, transmission or transportation, and protection.

Checklist Questions

  1. How the organization does ensures preservation of process outputs during production and service provision to maintain conformity to product requirements?

Implementation Guidelines

  1. Preservation can include identification, handling, packaging, storage, transmission or transportation, and protection.
  2. All raw materials, work in progress, finished product, supplies, customer provided materials or product, product sent for outsourced work, etc., are subject to risk of being damaged, lost, misused, misplaced, stolen, become unsuitable ,perishable or obsolete i.e. past shelf life for use.
  3. These could be controlled using identification, status and traceability indicators, inventory cycle counts and condition evaluation, stock rotation methods such as FIFO, just in time, tracking shelf life, special, controls for restricted access, handling and storage of hazardous materials, climate and environment, maintenance procedures, barcodes, training, use of special equipment for handling, condition reports, etc.
  4. Documented information may be included in your product realization processes through your product quality plans, work instructions and other specific documentation.

8.5.5 Post-Delivery Activities

The Requirement

The organization should meet requirements, as applicable, for post-delivery activities associated with products and services. In determining the extent of post-delivery activities that are required the organization should consider risks associated with products and services; Customer feedback; legal requirements; nature, use, and intended lifetime of products and services; Post-delivery activities can include actions under warranty provisions, contractual obligations (such as maintenance services) and supplementary services (such as recycling or final disposal)

Checklist Questions

  1. How does the organization meet requirements for post-delivery activities associated with products and services?
  2. When determining the extent of post-delivery activities required with products and services, How does the organization determine the risk, customer feedback and Nature , use and intended lifetime ?

Implementation Guidelines

  1. Post-delivery activities can include actions under warranty provisions, contractual obligations such as maintenance services, and supplementary services such as recycling or final disposal.
  2. Post Delivery activities means based on customer agreement or other agreement, the organization may be responsible for providing support for their product or services after delivery. This could include technical support, routine maintenance or total recall, recycling, reusable packaging, returnable containers, etc .
  3. The extent of post-delivery activity will depend on statutory and regulatory requirements, the potential undesired consequences associated with its products and services, the nature, use and intended lifetime of its products and services, customer requirements and customer feedback.

8.5.6 Control of Changes

The Requirement

The organization should review and control  changes for production or service provision to extent necessary to ensure continuing conformity with requirements. The organization should retain documented information describing results of review of changes, personnel authorizing change, and any necessary actions arising from review.

Checklist Questions

  1. How does the organization review and control unplanned changes to ensure continuing conformity with specified requirements?
  2. What documented information does the organization has which describes the results of reviews of changes, the personnel authorizing change and any necessary actions?

Implementation Guidelines

  1. Changes, in general, create instability and a robust change management process is critical to ensure changes are fully reviewed, approved, communicated, understood and validated when they are implemented. Records describing results of review of changes, personnel authorizing change, and any necessary actions arising from review has to be maintained.
  2. The organization is required to review and control changes for all of the previously discussed “production and service provision” topics including 8.5.1 Control of production and service provision (all of the controls established in the first place), 8.5.2 Identification and traceability, 8.5.3 Property belonging to customers or external providers, 8.5.4 Preservation and 8.5.5 Post-delivery activities.

8.6 Release of Products and Services

The Requirement

The organization should implement planned arrangements at appropriate stages to verify product and service requirements have been met. Retain evidence of conformity with acceptance criteria. The  release products and services to the customer should not proceed  until the planned arrangements for verification of conformity have been satisfactorily completed unless otherwise approved by a relevant authority and, as applicable, by customer.  The organization should retain documented information for traceability to the person(s) authorizing release of products and services for delivery to the customer. The organization  should also retain documented information for evidence of conformity with the acceptance criteria. 

Checklist Questions

  1. Show how planned arrangements have been implemented at appropriate stages to verify product and service requirements have been met. Show what evidence the organization retains.
  2. Show how the release of products and services is held until planned arrangements for verification of conformity have been satisfactorily completed, unless approved by a relevant authority, or the customer if applicable.
  3. Show documented information which shows traceability to the person authorizing release of products and services.

Implementation Guidelines

  1. Before you release your product to your customer , You must plan what characteristic(s) to measure, type of measurements, what measurement device to use, how often to measure, sample size, acceptance criteria, and records needed for each product or product type. Use your quality plan to document these controls. Where practical, consider completing all missed planned inspections and measurements before product delivery.
  2. If you plan on releasing during any stage of production or shipping finished product, where all planned inspections and measurements to that stage have not been completed, ensure that you obtain prior written approval/waiver from a relevant internal authority or the customer.
  3. You must identify and document all product realization processes e.g. receiving, production, shipping, etc. For such processes, you must also identify what specific documents are needed for effective planning, operation and control.
  4. You could use a product quality plan, any documented information or other combination of specific practices, procedures and methods.

8.7 Control of Nonconforming Process Outputs, Products, and Service

The Requirement

8.7.1 

The organization should ensure process outputs, products, and services that do not conform to requirements are identified and controlled to prevent unintended use or delivery. The organization should take appropriate action based on nature of nonconformity and its impact on conformity of products and services. This is applicable also to nonconforming products and services detected after delivery of products  during or after provision of service.The organization should deal with nonconforming outputs in one or more of these ways:

  • correction;
  • segregation, containment, return, or suspension of provision of products and services;
  • informing  the customer;
  • obtaining authorization for acceptance under concession. 

The  organization should verify conformity to requirements when nonconforming process outputs, products, and services are corrected.

8.7.2

The organization should retain documented information that describes the nonconformity, action taken,  concessions obtained, identifies the person or authority that made decision regarding dealing with nonconformity.

Check list Questions

  1. How the organization does identifies and controls process outputs, products and services that do not conform to requirements and prevent their unintended use or delivery?
  2. What appropriate corrective actions are taken based on the nature of the nonconformity and its impact on the conformity of products and services? How the organization does apply this to nonconformity detected after delivery?
  3. How the organization deals with nonconforming process outputs, products and services in terms of:a) Correction;b) Segregation, containment, return or suspension of provision of products and services?c)  Informing the customer?d) Obtaining authorization for use as-is?e) Release, continuation or re-provision of the products and service?f) Acceptance under concession?
  4. How the organization does verifies conformance where process outputs, products and services are corrected following nonconformance?
  5. What documented information is kept following actions taken to address nonconformities, including any concessions obtained and on the person or authority that made the decision regarding dealing with the nonconformance?

Implementation Guidelines

  1. This is applicable to processes, products and services that does not conform to customer requirements, applicable regulatory requirements or your own organization requirements. Nonconformities may relate to suppliers and outsourced work, organizational activities or product shipped to customers.
  2. Organization must have controls and responsibilities to identify, contain i.e. prevent further processing or use, keep records of the nature and other details of the nonconformity, notify appropriate personnel and customer, where appropriate, evaluate what disposition action needs to be taken, carry out timely disposition, determine policies for release for further processing or shipment to the customer, obtain customer concessions, rework and re-verification, establish performance indicators to measure the effectiveness of the control of nonconformance process, etc.
  3. Product or material found with no identification or its quality status is not known, should be treated as nonconforming product and controlled as mentioned above.
  4. If you find that nonconforming product has been shipped, without a customer concession, you must take appropriate action to reduce the immediate and consequential effect of the nonconformity.
  5. Depending upon the seriousness and scope of the nonconformity, you might consider taking action to eliminate the nonconformity as well as corrective action to eliminate the root causes of the nonconformity.
  6. It might be appropriate in specific circumstances to notify the customer and resolve the situation to your customer’s satisfaction.
  7. You need to be aware of any reporting requirements imposed by regulatory bodies and comply with them.
  8. All product realization processes must show the interaction with your process for nonconforming product.
  9. A concession authorization allows you to ship nonconforming product, under controlled conditions.
  10. A deviation authorization allows you to manufacture product different from the original specification, under controlled conditions.
  11. In both these situations, make sure that you obtain these authorizations in writing prior to shipping or manufacturing nonconforming product.

Documented Information if applicable

  1. Process Quality plan
  2. Production plan and status
  3. Contract Review checklist
  4. Risk Assessment – Business Enquiry
  5. verbal order Register
  6. Input Adequacy Report
  7. Design Data Input Sheet
  8. Design and Development plan
  9. Design change record
  10. Design Review Record
  11. Design verification record.
  12. Design validation record
  13. Design output record
  14. Approved Supplier List
  15. Supplier Corrective Action Request (SCAR) Log
  16. Supplier performance report
  17. Supplier & Subcontractor Assessment Form
  18. Purchase order
  19. Receipt Inspection Report
  20. Daily Production & Inspection Record
  21. Breakdown Maintenance Report
  22. Preventive Maintenance Chart
  23. Tags
  24. List Of Customer Drawing
  25. List Of Customer Supplied Items
  26. Stock Register
  27. Sample Maintenance agreement
  28. Pre Dispatch Inspection Report
  29. Nonconforming Part Disposition
  30. Nonconforming Service Report
  31. Out of tolerance impact study

For more information on Operations click here

Reach us at Kuwait office

Trace International, Office no 717, 7th floor, AL Rehab Complex, Tunis Street, Hawally , Kuwait

Tel: +96522623203, Mobile: +96565019055

Mail us at:

 

ISO 9001:2015 Support

7.1 Resources

7.1.1 General

The Requirement

The organization should determine and provide resources needed to establish, implement, maintain, and continually improve the QMS. And should  consider the capabilities of, and constraints on, existing internal resources; and  what needs to be obtained from external providers.

Check list Questions

  1. How resources are determined for the establishment, implementation, maintenance and continual improvement of the QMS.
  2. Show how the capabilities and constraints on internal resources are considered.
  3. Show how needs from external providers are considered.

Implementation Guidelines

  1. Top management has the responsibility to ensure the availability of resources to develop and maintain your QMS. This is typically done through business and quality planning.
  2. While planning for your resources needed the organization must consider what existing internal resources it has considering its capabilities and constraints and what needs to be obtain by external providers.
  3. The actual amount of resources needed may vary day to day and over time. This is one reason why top management must review QMS performance regularly

7.1.2 People

The Requirement

The organization should determine and provide the  persons necessary for the effective implementation of its QMS and also for operation and control of its processes.

Check list Questions

1) How does the organization  provide persons necessary to consistently meet customer, applicable statutory and regulatory requirements for the QMS including the necessary processes? 

Implementation Guidelines

1) This standard expects an organization to determine and provide the appropriate number of personnel to effectively implement the QMS and for the operation and control of its processes and also proper allocation of staff in order to achieve the required outcome.

7.1.3 Infrastructure

The Requirement

The organization should determine, provide, and maintain the infrastructure for the operation of the processes to achieve conformity of products and services. Infrastructure may include  buildings and associated utilities; equipment including hardware and software; transportation resource, information and communication technology.

Check list Questions

1) How does the organization determine, provide and maintain the infrastructure for the operation of processes to achieve products and service conformity?

Implementation Guidelines

1) Essentially a company needs to consider all the things they will need in order to deliver a service/product to the customer/client. This needs to include:

  1.  buildings / water / gas / electric, etc.
  2. equipment – for example computers / operating systems (e.g. alarm master);
  3. vehicles – for engineers / management / sales and survey staff;
  4. information – standards that have to be applied, mobile phones / tablets, etc.

2) Any infrastructure changes related to product realization affecting customer requirements requires notification to, and agreement from, the customer.

7.1.4 Environment for the Operation of Processes

The Requirement

The organization should determine, provide, and maintain environment necessary for the operation of processes and to achieve conformity of products and services. A Suitable environment  for operation of processes can be a combination of human and  physical factors such as social (for e.g. non-discriminatory, calm, non-confrontational etc), psychological (for e.g. stress reducing, burnout prevention, emotional protective), physical (for example, temperature, heat, humidity,light, airflow,hygiene, noise). These factors can differ depending on type of product and service  provided by the organization

Check list Questions

  1. How does the organization determine, provide and maintain the environment for the operation of processes to achieve products and service conformity?

Implementation Guidelines

1) Environment for the operation of processes can include physical, social, psychological, environmental and other factors (such as temperature, humidity, ergonomics and cleanliness). It includes

  1. Equality Opportunities / whistleblowing / anti-bullying policy
  2. Violence at work / counselling support / lone working
  3. Office based risk assessment, space, noise levels and other environment issues

7.1.5 Monitoring and Measuring Resources

The Requirement

7.1.5.1 General

The organization should determine and provide  the resources needed for valid and reliable monitoring and measuring results ,where monitoring or measuring is used for evidence of conformity of products and services to specified requirements. The organization should ensure that the resources provided are suitable for type of monitoring and measurement activities being  undertaken and are  maintained to ensure continued fitness for their purpose. The Organization should retain appropriate documented information as evidence of fitness for purpose of monitoring and measurement resources.

7.1.5.2 Measurement Traceability

Where measurement traceability is a requirement(statutory or regulatory  or customer or relevant interested party expectation) or considered by the organization to be an essential part of providing confidence in the validity of measurement results,  measuring instruments must be verified or calibrated at specified intervals or prior to use against measurement standards traceable to international or national measurement standards. The organization must retain the basis used for calibration or verification as documented information if no such standard exists as a documented information. Measuring instruments must be identified in order to determine their calibration status; It must be safeguarded from adjustments, damage, or deterioration that would invalidate calibration status and subsequent measurement results. The organization should determine if validity of previous measurement results has been adversely affected when an instrument is found to be defective during its planned verification or calibration, or during its use, and take appropriate corrective action as necessary.

Check list Questions

  1. How are the resources determined for ensuring valid and reliable monitoring and measuring results, where used?
  2. How does the organization ensure that resources provided are suitable for the specific monitoring and measurement activities and are maintained to ensure continued fitness for purpose?
  3. Show the documented information which is evidence of fitness for purpose of monitoring and measurement resources.
  4. Where applicable, show how measurement instruments are verified or calibrated at specified intervals against national or international measurement standards;
  5. If there are no standards, show the documented information which is used as the basis used for calibration or verification.
  6. Show how measurement instruments are identified to determine their calibration status.
  7. Show how they are safeguarded from adjustments.
  8. Show how they are safeguarded from damage and deterioration.
  9. How do you determine the validity of previous measurements if you find an instrument to be defective during verification or calibration? What appropriate actions can you take?

Implementation Guidelines

  1. This clause is  applicable only with monitoring and measuring devices and equipment used to monitor the product (or service) and does not applies to monitoring and measuring of the quality system.
  2. Operation planning must determine the following  what specific product and process characteristics needs to be monitored and measured, the criteria for product acceptance, the type of Monitoring and Measurement Device needed, frequency i.e. at what stages of realization to do it, sample size, etc.
  3. Requirements for what needs to be measured and the acceptance criteria may come from the customer, regulatory, industry and  own organization.  The organization must then determine what Monitoring and Measurement Device is appropriate for each measuring or monitoring requirement.
  4. To ensure valid measurement and monitoring results, Monitoring and Measurement Device’s must be controlled. A process is required, to control the identification of monitoring measurement,  selection, purchase, status, identification, calibration, verification, adjustment or re- adjustment, use, handling, maintenance and storage, training, handling of nonconforming  Monitoring and Measurement Device’s, etc.
  5. Personnel using Monitoring and Measurement Device’s must have competence and training in the use of Monitoring and Measurement Device’s in terms of their function, range and precision of measurement, reliability, use and maintenance.
  6. You must keep appropriate records to demonstrate effective operation and control of your Monitoring and Measurement Device processes. These records must include calibration and verification records traceable to national, international or other benchmark used for calibration.
  7. Customer or internal engineering changes may result in a change in product measurement, requirements and/or the Monitoring and Measurement Device to be used.  These changes should be reflected in your quality plan.
  8. Performance indicators such as the monthly trends in  the number of out of calibration Monitoring and Measurement Device’s, or the number of Monitoring and Measurement Device’s past their calibration due date, number of Monitoring and Measurement Device’s being used and not controlled, reduction in untrained personnel found using Monitoring and Measurement Device’s, etc. Use these indicators to tighten and improve the effectiveness of your Monitoring and Measurement Device process.
  9. Where an Monitoring and Measurement Device is found to be out of calibration, you must take appropriate correction action to contain and re-verify the product affected, to the extent practical. This is in addition to containing, repair and recalibration of the defective Monitoring and Measurement Device.

Clause 7.1.6.  Organizational Knowledge

The Organization should determine the knowledge necessary for the operation of its processes and to achieve conformity of products and services. This knowledge shall be maintained and made available to the extent necessary. When addressing changing needs and trends, the organization shall consider its current knowledge and determine how to acquire or access any necessary additional knowledge and required updates. Organizational knowledge is knowledge specific to the organization; it is generally gained by experience. It is information that is used and shared to achieve the organization’s objectives. Organizational knowledge can be based on: a) Internal Sources (e.g., intellectual property, knowledge gained from experience, lessons learned from failures and successful projects, capturing and sharing undocumented knowledge and experience; the results of improvements in processes, products and services); b) External Sources (e.g., standards, academia, conferences, gathering knowledge from customers or external providers).

Check list Questions

  1. How does the organization determine necessary knowledge for the operation of processes?
  2. How does the organization necessary knowledge to achieve conformity of products and services?
  3. How does the organization maintain this knowledge and make it available to the extent necessary?
  4. How does the organization consider current knowledge and how do you acquire additional knowledge when addressing changing needs and trends?

Implementation Guidelines

  1. Organizational knowledge can include information such as intellectual property and lessons learned.
  2. To obtain the knowledge required, the organization can consider internal sources (e.g. learning from failures and successful projects, capturing undocumented knowledge and experience of topical experts within the organization)  and  external sources (e.g. standards, academia, conferences, gathering knowledge with customers or providers).
  3. The organization shall determine the knowledge necessary for the operation of the QMS, ensure conformity of products and services, enhance customer satisfaction. The organization is responsible for maintaining, protecting and making sure the knowledge is available
  4. Depending on the size and complexity of the organization, the risks and opportunities it needs to address, the need for accessibility of knowledge, the process for considering and controlling past, existing and additional knowledge needs is to be considered.
  5. Knowledge is to be considered when making changes to the organization

7.2 Competence

The organization must  determine the necessary competence of person(s) doing work under its control that affects the performance and effectiveness of its QMS; It must ensure that  ensure that these persons are competent on the basis of appropriate education, training, or experience and where  applicable, take actions to acquire the necessary competence, and evaluate the effectiveness of the actions taken; It must  retain documented information as evidence of competence. Applicable actions can include, for example, training, mentoring, or reassignment of currently employed persons; or hiring or contracting of competent persons. “Competence” is defined in the section on terms as the ability to apply knowledge and skills to achieve intended results. Demonstrated competence is sometimes referred to as “qualification”.

Check list Questions

  1. How does the organization determine the necessary competence of its employees whose work affects the performance and effectiveness of the QMS?
  2. How does the organization ensure that its employees are competent on basis of appropriate education, training or experience?
  3. How does the organization take applicable actions to acquire the necessary competence and evaluate the effectiveness of action taken?
  4. Show the appropriate documented information as evidence of competence?

Implementation Guidelines

  1. HR process must include determining competency criteria, skills evaluation, identification of training needs, types of training, provision of training, how training effectiveness is evaluated, methods to communicate awareness of the importance of quality requirements and meeting quality objectives, to all employees.
  2. Applicable actions to acquire competency can include, for example, the provision of training to, the mentoring of, or the reassignment of currently employed persons; or the hiring or contracting of competent persons.
  3. Criteria for competency must be developed based on appropriate education, skills, training and experience for activities, tasks, functions and processes. The level and detail of such qualifications, skills, training and experience will depend upon the complexity of product, process, technology and customer and regulatory requirements. Appropriate record of employees skills, education, training, experience must be maintained
  4. A “Skills Matrix” is a useful tool used by organizations to determine and manage the competency levels required by different activities and functions. An organization may create a comprehensive training program based on the skill Matrix that is fully integrated with the quality management system. Appropriate record must be keep of training which must include the evaluation of the training

7.3 Awareness

Persons doing work under the organization’s control must be aware of  the quality policy; relevant quality objectives; their contribution to effectiveness of the QMS, including benefits of improved quality performance; and the  implications of not conforming with system requirements.

Check list Questions

  1. How does the organization ensures that the persons doing work under the organization’s control are aware of its quality policy, relevant quality objectives, their contribution to the effectiveness of QMS including the benefits of improved performance and the implications of not meeting QMS requirements?

Implementation Guidelines

  1. The process to promote quality awareness may include the use of methods such as – cross-functional teams, involvement in quality planning, quality circles, improvement suggestions, product workshops, zero defect programs, product review checklist etc.
  2. Organizational personnel must be motivated to achieve the organization’s quality objectives. The process to motivate employees may include the use of methods such as – employee recognition awards, ongoing training programs, performance reviews, employee surveys, poster campaigns etc,.
  3. Performance indicators to measure the effectiveness of the HR process in determining competency and training needs of the workforce, could include – employee turnover, employee complaints, number of instances unqualified personnel were found performing QMS activity, number of instances competency criteria were not met and number of instances no training or competency records maintained; etc.

7.4 Communication

The organization should determine the internal and external communications relevant to the QMS, including: on what it will communicate; when to communicate; with whom to communicate; how to communicate.

Check list Questions

  1. How does the organization determine the internal and external communication relevant to the QMS including on what it will communicate, when to communicate, with whom to communicate, how to communicate, and who communicates?

Implementation Guidelines

  1. Top management must plan for internal and external communication methods and resources at the high level using the business planning process and deploy these methods though the information technology, logistic and HR processes.
  2. Each process owner must identify the methods of communication such as computer, documents, telephone, meetings, directives, visual, etc,used and determine whether these methods are appropriate and are they effective for the purpose intended?
  3. Communication plan can include:  a) What will be communicated , b) When you will communicate, c) With whom you will communicate, d) How you will communicate, e) Who will do the communication.

7.5 Documented Information

7.5.1 General

The Organization’s QMS must include all  documented information required by ISO 9001 and the documented information determined by organization as being necessary for the effectiveness of the QMS. The extent of documented information can differ from one organization to another due to the  size of organization and its type of activities, processes, products, and services; complexity of processes and their interactions;  competence of persons.

7.5.2 Creating and Updating

When creating and updating documented information the organization must ensure appropriate  identification and description (e.g., a title, date, author, or reference number); format (e.g., language, software version, graphics), and media (e.g., paper, electronic); review and approval for suitability and adequacy.

7.5.3 Control of Documented Information

7.5.3.1

Documented information required by Your QMS and by ISO 9001 must be controlled to ensure it is  available and suitable for use, where and when it is needed;  It must is adequately protected  from loss of confidentiality, improper use, or loss of integrity.

7.5.3.2

For the control of documented information, organization must address, as applicable: distribution, access, retrieval, and use;  storage and preservation, including preservation of legibility; control of changes (e.g., version control); retention and disposition. Documented information of external origin determined by the organization to be necessary for the planning and operation of the system must be identified as appropriate, and controlled. Access can imply a decision regarding the permission to view the documented information only, or the permission and authority to view and change the documented information.

Check list Questions

  1. What documented information are include in organization’s QMS as required by ISO 9001:2015 and determined by the organization necessary for the effectiveness of the QMS?
  2. While creating and updating documented information, how does the organization ensure it is appropriate in terms of identification & descriptions?
  3. Show how does the organization control documented information.
  4. Show how it is made available and suitable for use.
  5. How do you protect organization’s documented information?
  6. When controlling documented information, how do you address the following:
    Distribution, Access, Retrieval, Use, Legibility, Control of changes, Retention and disposition ,Storage and preservation;
  7. How does the organization identify as appropriate and control documented information of external origin which has been determined as necessary for the QMS

Implementation Guidelines

  1. The term “documented procedure” and “record” have both been replaced by “documented information”.“Documents”, “Documentation” and “Records” are combined to become “Documented information”. Document is expressed as maintain documented information and record is expressed as Retain documented information.
  2. Access can imply a decision regarding the permission to view the documented information only, or the permission and authority to view and change the documented information.
  3. The extent of documented information for a quality management system will depend on:
    a) the size of organization and its type of activities, processes, products and services;
    b) the complexity of processes and their interactions;
    c) the competence of persons.

Documented Information if applicable

  1. Employee Requisition Form
  2. List of Machines
  3. Instruments Calibration history chart
  4. Calibration Schedule
  5. Lesson learnt log
  6. Competency matrix
  7. Training Needs Identification.
  8. On Job training
  9. Training attendance sheet
  10. Training feedback form
  11. Training effectiveness form
  12. Employee Satisfaction Survey Questionnaire
  13. Communication plan
  14. Document Matrix
  15. Master list of forms and formats

For more information on Support click here

Reach us at Kuwait office

Trace International, Office no 717, 7th floor, AL Rehab Complex, Tunis Street, Hawally , Kuwait

Tel: +96522623203, Mobile: +96565019055

Mail us at:

 

ISO 9001:2015 Planning

6.1 Actions to address risks and opportunities

The Requirement

6.1.1

When planning for the quality management system, the organization shall consider the issues referred to in Understanding the organization and it context (4.1) and the requirements referred to in Understanding the needs and expectations of interested parties(4.2) and  determine the risks and opportunities that need to be addressed to  give assurance that the quality management system can achieve its intended results so as to  prevent, or reduce, undesired effects and to  achieve continual improvement.

6.1.2

The organization must plan actions to address the risks and opportunities determine in clause 6.1.1. The organization must also plan on  how to integrate and implement the actions into its quality management system processes and evaluate the effectiveness of these actions. Actions taken to address risks and opportunities must be proportionate to the potential impact on the conformity of products and services. Options to address risks can include but not limited to avoiding, risk, taking risk in order to pursue an opportunity, eliminating the risk source, changing the likelihood or consequences, sharing the risk, retaining risk by informed decision or implementing standards like ISO 31000. It is the prerogative of the management to adopt any one of the practices. Opportunities can lead to the adoption of new practices, launching of new products, opening new markets, addressing new customers, building partnerships, using new technology and other desirable and viable possibilities to address the organization’s or its customer’s needs. 

 Check list Questions

  1. How are the internal & external issues and needs & expectation of interested parties considered when planning for the QMS?
  2. Has the organization determined the risks and opportunities that has to be addressed so that QMS can achieve its intended results, enhance desirable effects, prevent, or reduce undesired effects and achieve improvement?
  3. How are actions planned to address risks and opportunities?
  4. How actions are integrated and implemented into the QMS processes?
  5. How do you evaluate the effectiveness of the actions?
  6. How are actions taken to address risks and opportunities determined as being appropriate to the potential impact on the conformity of products and services? 

Implementation Guidelines

  1. Options to address risks and opportunities can include: avoiding risk, taking risk in order to pursue an opportunity, eliminating the risk source, changing the likelihood or consequences, sharing the risk, or retaining risk by informed decision.
  2. Top management must provide direction, authorization and, resources and review for QMS planning for determining customer & regulatory  requirements, design, development, manufacture, delivery and customer support,. QMS planning requires you to identify all your QMS processes and describe their sequence and interaction.
  3. When planning its QMS, the top management must implement and promote a culture of risk-based thinking throughout the organization to determine and address the risks and opportunities to  provide conforming products and services, enhance customer satisfaction, promote desirable effects and improvement and prevent, or mitigate, undesired effects.
  4. The organization must integrate the actions to address these risks and opportunities into its QMS processes . This planning must be periodically reviewed and updated as necessary when taking corrective actions or at management reviews.
  5. Planning also requires monitoring and measuring these actions and gathering, analyzing and evaluating appropriate data and information to determine the effectiveness of such actions.
  6. Steps to conduct risk management
    1. Identify the risks and opportunities
    2. Analyze the Risk
    3. Prioritize (risks and opportunities)
    4. Classify (acceptable / unacceptable)
    5. If unacceptable , Plan action (How to avoid or eliminate the risk? How can I mitigate risks?)
    6. Implement the plan
    7. Check the effectiveness of action
    8. Learn from experience – continual improvement

6.2 Quality Objectives and Planning to Achieve Them

The Requirement

6.2.1

The organization must establish quality objectives at relevant functions, levels, and processes. The quality objectives must be consistent with the quality policy. If practicable it must be  measurable. It must be based on applicable requirements. It must be relevant to conformity of products and services and enhancement of customer satisfaction. It must be monitored and communicated. It must be updated as appropriate. The organization should maintain  a documented information on the quality objectives.

6.2.2

When planning how to achieve the quality objectives, the organization  must  determine what will be done; what resources will be required; who will be responsible; when it will be completed; how the results will be evaluated. 

 Check list Questions

  1. Where are the quality objectives and are these at all relevant functions, levels and processes?
  2. Are they consistent with the quality policy?
  3. Are they measureable?
  4. Do they consider applicable requirements?
  5. Are they relevant to the conformity of products and services and do they enhance customer satisfaction?
  6. Are they monitored? How? How often?
  7. How are they communicated?
  8. How are they updated?
  9. Where is the documented information on the quality objectives?
  10.  How does the organization determine what will be done, with what resources, when completed and how will results be evaluated for quality objectives?

Implementation Guidelines

  1. An objective should include a description of who is responsible, what is the target, when is it planned to be achieved. Progress must be monitored.
  2. Ensure that whatever objectives you implement they are SMART ie Specific, Measurable, Achievable, Realistic and Time bound
  3. Quality objectives  should make sure they comply with law and industry standards and conform with the products and services requirements.
  4. Top management must provide the leadership, organization and resources to deploy and achieve planned quality objectives.
  5. Quality objectives may be set at various functional levels of the organization – top management, departments, processes, functional groups, work cells, project teams, individuals, etc.
  6. Employees at all of these levels must be made aware of the importance of and how they must contribute to the achievement of these objectives.
  7. Quality objectives may be documented in any or all of these documents  such as quality manual, QMS processes, procedures, quality plans etc.
  8. A review of the quality objectives should be part of  management review process. After the review the Quality objectives may be updated as appropriate.

6.3 Planning of Changes

The Requirement

Where the organization determines the need for change to the quality management system, the change must be carried out in a planned and systematic manner. The organization must consider the purpose of the change and any of its potential consequences; integrity of the quality management system, availability of resources,  allocation or reallocation of responsibilities and authorities.

Check list Questions

  1. While determining changes for the QMS, are changes carried out in planned manner?
  2. While planning for change, does the organization consider the purpose of the change and their potential consequence; the integrity of the QMS; the availability of resources; and allocation and reallocation of responsibilities and authorities?

Implementation Guidelines

1) When a business changes something, the impact of the change needs to be considered before a change is made. The organization must :

  1. Define the specifics of what is to be changed
  2. Have a plan (tasks, timeline, responsibilities, authorities, budget, resources, needed information, others).
  3. Develop a communication plan (appropriate people within the organization, customers, suppliers, interested parties, etc. may need to be informed)
  4. Use a cross functional team review the plan to provide feedback related to the plan and associated risks
  5. Train People
  6. Measure the effectiveness

Documented Information if applicable

  1. Risk Register
  2. Opportunity Register
  3. Quality objectives
  4. Change log

For more information on Planning click here

Reach us at Kuwait office

Trace International, Office no 717, 7th floor, AL Rehab Complex, Tunis Street, Hawally , Kuwait

Tel: +96522623203, Mobile: +96565019055

Mail us at:

 

ISO 9001:2015 Leadership

Clause 5.1 Leadership and commitment

The Requirement

5.1.1 General

The top management has to to demonstrate their leadership, and commitment to the quality management system. This can be done by  taking accountability for the effectiveness of the organization’s quality management system. Top management needs to ensure that the organization’s quality policy and quality objectives are established for the QMS and is compatible with the organization’s overall strategic direction and also with the Organization’s context. Top management shall also ensure that the requirements of the quality management system are an integral part of the organization’s business practises and they should promote the use of risk based thinking and  and use of process approach throughout their organization. Top management must ensure that the required resources needed for effective implementation of QMS are available. Top Management must ensure that importance of effective Quality management is communicated throughout the organization as well as the conforming to the QMS requirements.The Top Management must ensuring that the quality management system achieves its intended outcomes outputs, by  engaging, directing, and supporting persons to contribute to the effectiveness of the quality management system and promoting improvement. The Top Management should be supporting other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility. The meaning of “Business” means those activities that are core to the purposes of the organization ‘s existence, irrespective of the fact whether the organization is for profit, Not for profit, public or private.

5.1.2 Customer focus

Top management are required to take the lead on demonstrating  leadership and commitment to customer focus  by ensuring that all applicable statutory, regulatory and customer requirements are determined, well understood by the organization and are consistently met.  The organization has to determine all the risk and opportunities that can affect the conformity of the product and services or has the ability to affect the enhancement of customer requirement. The associated risk and opportunities must be adequately addressed. At all times the focus of enhancing customer satisfaction should be maintained. 

Check list Questions

  1. Does the top management demonstrate leadership and commitment w.r.t. the QMS by taking accountability of the effectiveness of the QMS?
  2. How is the quality policy and objectives established for the QMS and how are they compatible with the strategic direction and the organizational context?
  3. How is the quality policy communicated within the organization? Show  how this is understood and applied.
  4. How are the requirements of the QMS integrated into the business processes?
  5. How do you promote awareness of the process approach?
  6. How do you ensure that resources needed for the QMS area available?
  7. How do you communicate the importance of effective quality management?
  8. How do you communicate the importance of conforming to the QMS requirements?
  9. How do you ensure that the QMS achieves its intended results?
  10. How do you engage, direct and support people to contribute to the effectiveness of the QMS?
  11. How do you promote continual improvement?
  12. How do you support other relevant management roles to demonstrate leadership in their areas of responsibility?
  13. Show me how top management demonstrates leadership and commitment w.r.t. customer focus ensuring requirements and applicable statutory and regulatory requirements are determined and met.
  14. How are risks and opportunities that can affect conformity of products and services determined?
  15. How is the ability to enhance customer satisfaction determined and addressed?
  16. How is the focus on consistently providing products and services that meet customer and applicable statutory and regulatory requirements maintained?
  17. How is customer satisfaction maintained?

Implementation Guidelines

  1. The top management must establish strategic quality management policies, directives and objectives consistent with the purpose and capabilities of the organization.
  2. The top management must establish the organizational structure and internal environment that motivates personnel to achieve the organization’s quality management goals and objectives.
  3. Ensuring the integration of the quality management system requirements into the organization’s business processes is the prime responsibility of the top management.
  4. The responsibility of promoting the awareness of the process approach lies with the top management.
  5. The top management must ensure that the quality management system achieves its intended outcomes /outputs by clear identification of key result areas for achieving the objectives, preparing the action plans, working as per that plan, reviewing the action and results, and taking suitable corrective and preventive actions.
  6. The top management must provide adequate resources to develop, implement, maintain and improve the QMS.
  7. The top management  must periodically review QMS performance to determine it suitability, adequacy and effectiveness.
  8. Business planning, quality planning, management review, internal communication, organization structure etc. are process required from the top Management
  9. Top management must communicate regularly to the organization on the importance of meeting customer and regulatory requirements. Top management may communicate in any number of ways including meetings,documented policies, memos, directives, email etc.
  10. The organization must understand current and future needs of customers in terms of terms of products, price, delivery communication, service and support. It must meet their requirements and strive to exceed their expectations.
  11. The organization must must have an effective communication process between  customer and  organization, for discussion, review, timing, action and responsibility
  12. Customer focus can be included the following processes – business planning; communications; sales and marketing; and customer satisfaction feedback; etc. It must also identify what specific documents may be needed for effective planning, operation and control of these processes. Examples of such documents may include a business plan, statement of customer related policies and objectives etc
  13. Reference to “business”  can be interpreted broadly to mean those activities that are core to the purposes of the organization’s existence; whether the organization is public, private, for profit or not for profit

5.2 Policy

The Requirement

5.2.1 Establishing the Quality Policy

Top management are required to establish, implement and maintain a quality policy that is in line with the purpose and context of the organization while at the same time supporting its strategic direction. It should  provide a framework for the organization’s quality objectives and  must include a commitment to satisfy applicable requirements and must be the basis on which the continual improvements in the quality management system can be achieved.

5.2.2 Communicating the Quality Policy

The Quality policy should be applied within the organization by ensuring that it communicated and understood within the organization. The Quality policy should be maintained as a documented information and as appropriate should be made available to relevant Interested parties.

 Check list Questions

  1. How does top management establish, review and maintain a quality policy?
  2. How is the quality policy determined to be appropriate to the purpose and context of the organization?
  3. Does the quality policy provide a framework for setting and reviewing quality objectives?
  4. Does the quality policy contain a commitment to satisfy applicable requirements?
  5. Does the quality policy include a commitment to continual improvement of the QMS?
  6. Where is the quality policy available as documented information?
  7. How is the quality policy communicated? How it is understood and applied within the organization.
  8. How have you made it available to relevant interested parties?

Implementation Guidelines

  1. Quality policy should provides top management’s vision on quality management for the organization. It must provides the organization with focused direction, i.e. high level goals and objectives for quality management.
  2. Quality policy must be consistent with the scope of the QMS and other business, management and organizational strategies within the organization.
  3. Quality policy must specify the commitment to ‘satisfy applicable requirements’  such as being complied with customer, regulatory, ISO 9001, etc and   ‘continually improve the effectiveness of your QMS’
  4. Quality policy must  clearly state  commitment to continually improve the effectiveness of the QMS. it may also include other complementary and important policies for business growth, product or manufacturing technology, workforce competence, business flexibility, etc.
  5. Quality policy must lead to establishing quality objectives, e.g. if you state in your quality policy that you will “meet customer requirements”, then from this, you might derive customer focused objectives for – product defects; customer complaints and returns; on time delivery, etc.
  6. As and when required , Quality policy should be made available to the relevant interested parties.
  7. Quality policy is communicated throughout the organization.
  8. Quality policy must be reviewed  periodically by top management, for significant changes in your organization, e.g. management, ownership, relocation, product, shift in customer base, etc.

 5.3 Organizational Roles, Responsibilities, and Authorities

The Requirement

Top management must ensure that the responsibilities and authorities for relevant roles are assigned, communicated, and understood within the organization. Top Management must assign the responsibility and authority to ensure that the system conforms to the requirements of ISO 9001 and  that the processes are delivering their intended outputs; Top Management must assign the responsibility and authority for report on the performance of the system, on opportunities for improvement, and on the need for change or innovation, and especially for reporting to top management; Top Management must assign the responsibility and authority to ensure the promotion of customer focus throughout the organization and ensure that integrity of system is maintained when changes to system are planned and implemented.

 Check list Questions

  1. How does top management ensure that responsibilities and authorities for relevant roles are assigned, communicated and understood within the organization?
  2. How does top management assign the responsibility and authority for ensuring that the QMS conforms to the international standard?
  3. How does top management assign the responsibility and authority for  ensuring processes are delivering their intended outputs?
  4. How is the performance of the QMS, opportunities for improvement and the need for change or innovation reported to top management?
  5. How is customer focus promoted within the organization?
  6. How is the integrity of the QMS maintained when changes to the QMS are planned and implemented? 

Implementation Guidelines

  1. Top Management must  define the structure, hierarchy and lines of reporting to ensure that duties, responsibilities and authority of all personnel are defined and communicated.
  2. Organization charts, job descriptions, Standard operating procedures, work instructions, etc, are some of the many ways that top management may use to define and document this.
  3. Organization responsibilities and authorities must be communicated and deployed, as applicable, throughout the organization. Orientation training, appointment postings, training on procedures and work instructions, etc, are some of the many ways in accomplishing this.
  4. The top Management must ensure that the integrity of the management system is maintained when changes are planned and implemented.
  5. Some of the  tasks may be delegated, but it is the management’s responsibility to ensure they are planned, implemented and achieved.

Documented Information if applicable

  1. Sample Quality Policy
  2. Job Responsibility

For more information on Leadership click here

Reach us at Kuwait office

Trace International, Office no 717, 7th floor, AL Rehab Complex, Tunis Street, Hawally , Kuwait

Tel: +96522623203, Mobile: +96565019055

Mail us at: