QUALITY MANAGEMENT MODEL –

ISO 9001:2015
EXAMPLES OF MOST POPULAR ISO CERTIFIED
SYSTEMS

 ISO 9 001 – Quality Management System

ISO 14 001 – Environmental Management System
 TS/ISO 16 949 – Quality Management System specification for the
automotive industry
 ISO 13 485 – Medical devices - Quality management system
ISO 27 001 - Information Security Management Systems
(ISMS)
 ISO 26 000 – Guidance on social responsibility
 ISO 22 000 – Food Safety Management System

# NEW! ISO 56002:2019 - Innovation management — Innovation

management system — Guidance
 WHAT IS ISO 9001?

ISO 9001 is a standard that sets out the

requirements for a quality management system.

It helps businesses and organizations to be more

efficient and improve customer satisfaction.
WHAT IS A QUALITY MANAGEMENT SYSTEM?
A quality management system is a way of
defining how an organization can meet the
requirements of its customers and other
stakeholders affected by its work.

• ISO 9001 is based on the idea of

continual improvement.
• It doesn’t specify what the objectives relating
to “quality” or “meeting customer needs”
should be, but requires organizations to define
these objectives themselves and continually
improve their processes in order to reach them.
 WHO IS ISO 9001 FOR?
• ISO 9001 is suitable for organizations of all types,
sizes and sectors.

• It is more applicable and accessible to all types of

enterprises.

• Smaller companies that do not have staff dedicated

to quality can still enjoy the benefits of
implementing the standard – ISO has many
resources to assist them.
 WHAT BENEFITS WILL IT BRING TO MY
BUSINESS OR ORGANIZATION?
Implementing a quality management system will
help for company:

 Assess the overall context of your organization to

define who is affected by your work and what they
expect from you. This will enable you to clearly
state your objectives and identify new business
opportunities.

 Put your customers first, making sure you

consistently meet their needs and enhance their
satisfaction. This can lead to repeat custom, new
clients and increased business for your
organization.
 ISO 9001: BENEFITS
 Work in a more efficient way as all
your processes will be aligned and
understood by everyone in the
business or organization. This
increases productivity and efficiency,
bringing internal costs down.

 Meet the necessary statutory and

regulatory requirements.

 Expand into new markets, as some

sectors and clients require ISO 9001
before doing business.

 Identify and address the risks

associated with your organization
 WHY AREISO 9001 REVISED?
• All ISO standards are reviewed and revised regularly to make
sure they remain relevant to the marketplace.

• ISO 9001 has been updated to take into account the different
challenges that businesses now face.

• For example, increased globalization has changed the way we

do business and organizations often operate more complex
supply chains, and there are increased expectations from
customers.

• ISO 9001 needs to reflect these changes in order to remain

relevant.
 SHOULD MY COMPANYBE CERTIFIED TO ISO 9001?

• Certification - when an independent

certification body audits your practices
against the requirements of the standard –
is not a requirement of ISO 9001, but is a
way of showing stakeholders that you have
implemented the standard properly.

• For some companies, third- party

certification may be a requirement. For
example, some governments or public
bodies may only contract suppliers that
have been certified to ISO 9001.
 HOW DO I GET STARTED WITH ISO 9001:2015?
Key tips
Tip 1 – Define your objectives. Why do you
want to implement the standard?

Tip 2 – Ensure senior management is on

board. It is crucial that everyone is supportive
of the initiative and its objectives.

Tip 3 – Identify your organization’s key

processes for meeting your objectives and
customers’ needs. Within each of these
processes, ensure you understand your
customers’ requirements and can guarantee
that these are met. This will form the basis of
your quality management system.
 ISO IN NUMBERS…
The nations with the most ISO
9001 certificates in 2018 were as
follows:

China – 295,703
Italy – 87,794
Germany – 47,482
Japan – 34,335
India – 31,795
Spain – 29,562
United Kingdom – 26,434
THE ISO 9001:2015
1. Introduction
A short overwiew of ISO 9001 users in the world
 ISO 9001:2015

Quality Management Systems –

requirements
QMS is an example of Business
Model
ISO 9000 SERIES
ISO 9000
Quality management
systems—Fundamentals and
vocabulary
Essential background for
the proper understanding and
implementation of
ISO 9001
ISO 9001
Quality management
systems—Requirements
Requirements aimed primarily
at giving confidence in the
products and services
an organization provides,
thereby improving
customer satisfaction
ISO 9004
Managing for the sustained
success of an organization—
A quality management
approach
Guidance for organizations that
choose to progress beyond ISO
9001 requirements to address
a broader range of topics that
can lead to continual
improvement of the
organization's overall
performance
INTRODUCTION
0.1 General • introduces the rationale
0.2 Quality management for the Standard
principles • more formally structured.
0.3 Process approach
0.4 Relationship with other
MSS
0.1 GENERAL

• identifies potential benefits

• it is not the intent of the standard to imply:
─ uniformity in the structure of different quality management systems

─ uniformity of documentation to align to the clauses of the Standard

─ impose specific terminology to be used.

0.3 PROCESS APPROACH

understand and
manage interrelated
processes as a
system

enables consistent
and predictable
results

PDCA cycle is
fundamental

introduces risk
based thinking
(always been an
implied
requirement).
 0.4 RELATIONSHIP WITH OTHER MSS
now a framework to improve alignment among all
International Standards for management systems
better facilitates immigration.

2008 – Clause 0.4

 SECTION 1 - SCOPE
• consistently provide products and services to meet
requirements and enhance customer satisfaction – no
change
• all requirements are intended to be applicable to all
organisations, regardless of type, size and product
provided – no change
• removal of exclusions.

2008 – Clauses 1.1 & 1.2

 SECTION 2 – NORMATIVE REFERENCES
• ISO 9000:2015, Quality management systems –
Fundamentals and vocabulary
▫ also describes quality management principles in detail.

2008 – Clause 2
 SECTION 3 – TERMS AND DEFINITIONS
no terms and definitions
reference to ISO 9000 – no change
maintains clause numbering for consistency.

2008 – Clause 3
 SOME TERMS (DOCS)
• document – information and the medium on which it is
contained
• documented information - information required to be
controlled and maintained by an organisation and the
medium on which it is contained
• procedure – specified way to carry out an activity or a
process (can be documented or not)
• record – document stating results achieved or providing
evidence of activities performed.

2008 – Clause 3
 MORE TERMS (IMPROVEMENT)
• improvement – activity to enhance performance
• objective – result to be achieved
• nonconformity – non-fulfilment of a requirement
• correction – action to eliminate a detected nonconformity
• corrective action – action to eliminate the cause of a
nonconformity and prevent recurrence
• preventive action – action to eliminate the cause of a potential
nonconformity or other undesirable situation
• verification – confirmation that specified requirements have been
fulfilled
• validation – confirmation that requirements for a specified
intended use or application have been fulfilled.
2008 – Clause 3
 MORE TERMS (PRODUCT)
• product – output of an organisation that can be
produced without any transaction taking place between
the organisation and the customer
• service – output of an organisation with at least one
activity necessarily performed between the organisation
and the customer
• performance - measurable results
• risk - effect (positive or negative) of uncertainty
• outsource - to make an arrangement where an external organisation
performs part of an organisation’s function or process - Note: An external
organisation is outside the scope of the management system although the
outsourced function or process is within the scope.
2008 – Clause 3
 MORE TERMS (PEOPLE)
• top management – person or group of people who directs and
controls an organisation at the highest level
• QMS consultant – advisor on QMS realisation – can assist in
realising parts of a QMS
• interested party – person or organisation that can have an affect,
be affected by, or perceive itself to be affected by a decision or
activity
• competence – ability to apply knowledge and skills to achieve
intended results
• infrastructure – facilities, equipment & services
• work environment - conditions under which work is performed.

2008 – Clause 3
SECTION 4 – CONTEXT OF THE ORGANISATION
 SECTION 4 – CONTEXT OF THE ORGANISATION
4.1 Understanding the
• this clause provides a key
organisation and its context
insight into the
4.2 Understanding the needs organisation
and expectations of
interested parties
What constitutes the
4.3 Determining the scope of
organisation’s quality
the quality management
management system.
system
4.4 Quality management
system and its processes

2008 – No direct equivalent

 SECTION 4 – CONTEXT OF THE
ORGANISATION
4.1 Understanding the organisation and its context
4.2 Understanding the needs and expectations of interested
parties
4.3 Determining the scope of the quality management system
4.4 Quality management system and its processes

• determine external and internal issues relevant to the QMS

• must monitor these issues.

2008 – No direct equivalent

 SECTION 4 – CONTEXT OF THE
ORGANISATION
4.1 Understanding the organisation and its context
4.2 Understanding the needs and expectations of interested parties
4.3 Determining the scope of the quality management system
4.4 Quality management system and its processes

• determine interested parties relevant to the QMS

• determine their needs and expectations
• must monitor information about interested parties’ requirements.

2008 – No direct equivalent

SECTION 4 – CONTEXT OF THE
ORGANISATION
4.1 Understanding the organisation and its context
4.2 Understanding the needs and expectations of interested parties
4.3 Determining the scope of the quality management system
4.4 Quality management system and its processes

• establish scope by determining boundaries and applicability of the QMS

to consider external/internal issues, requirements of interested parties
and the organisation’s products and services
• scope must be documented and available, justify any clauses of ISO
9001 that is not applicable
• any N/A clauses must not effect conformity of products/services and
customer satisfaction.
2008 – Clauses 1.2 & 4.2.2
SECTION 4 – CONTEXT OF THE
ORGANISATION
4.1 Understanding the organisation and its context
4.2 Understanding the needs and expectations of interested parties
4.3 Determining the scope of the quality management system
4.4 Quality management system and its processes

• must establish, implement, maintain and continually improve the QMS

• interaction of processes required (but not documented!)
• assign responsibilities and authorities for processes
• retain documented information to ensure in the processes

Documented procedures are not necessarily required….

except where they are needed!

2008 – Clause 4.1

Clause 4.1 Understanding the organization and its
context

What are your external and internal issues?

Examples of common tools to identify issues

•PEST analysis - Political, Economic, Social and

Technological

•PESTLE analysis – PEST + Legal and

Environment

•SWOT analysis - Strengths, Weaknesses,

Opportunities and Threats

•Stakeholder analysis
 PESTLE ANALYSIS
A fancy term for issues that affect a
business but are outside of its control is
‘’macro drivers’’ sometimes grouped
together under the acronym P.E.S.T.L.E.
–Political
–Economic
–Socio-cultural
–Technological
–Legal
–Environmental

Some versions add Ethical too.

WHERE TO LOOK FOR TRENDS?? – THE ROLE OF
FUTUROLOGY

The paradigms of contemporary management were already well

anticipated in 1982 by John Naisbitt in the book entitled
"Megatrends. The New Directions Transforming Our Lives ".
The trends he already anticipated were: decentralization, network,
high technologies, information society.
At that time, they were surprising, today they are widely known
and felt at every step.
Already in 1997, he also announced the growing importance of
Asia, including China, in building business networks. Women
will play a major role in Asian companies, and Asia itself will
become the center of the world.
Naisbitt recognized that the Chinese network is an organizational
model of the 21st century.
FUTURIST IN MANAGEMENT – EXAMPLE
HTTPS://WWW.YOUTUBE.COM/WATCH?V=VEX7HOD -LRO&FEATURE=EMB_LOGO

53
FUTURIST IN MANAGEMENT - EXAMPLE

54
MAIN TRENDS AFFECTING MANAGEMENT

Generational changes
Telework / flexible forms of work.
Flexible working time:
hours of working time according to the needs of the employee. Not everyone works well in the
morning. Studies show that sleep deprivation costs the US economy an average of USD 2,000 for
each employee;
reduced working time - research indicates that shortened working time increases
productivity, health and retention of workers (Sweden slowly introduces a 6-hour
working day);
flexible working time - written policy of flexibility functions in 31% of global
companies (it is best in the UK and Ireland - 73% of organizations have written
policies)
Main trends affecting management

Experiments with unlimited holidays (Netflix, Virgin).

Stimulating employee engagement.
Stimulating the happiness of employees – e.g The Zappos created the CHO
position - "Chief Happiness Officer".
Experiments with flexible organizational structures - "holacracy" - lack of
hierarchy (The Zappos)
Building an organizational culture that encourages the development of skills and
continuous learning. Proposing internship systems for experienced employees to
make it easier for them to change their roles in the future.

Source: „Global Human Capital Trends 2016. The new organization different by design”
Clause 4.2 Interested Parties- needs and
expectations
Question 1 Who are the interested
parties that are relevant to your
Quality and Environmental
Management System?

Question 2 How do you determine

their requirements?

Question 3 Do you think that this

will require any changes to your
current system?

Question 4 What are the

opportunities generated here
Clause 4.2 Interested parties – examples
•Commercial Partners
•Local Officials
•Regulatory Bodies
•Employees
•Shareholders
•Other Industries, suppliers
•Customers, Clients
•Suppliers of Raw Materials
•Designers
•Non Government
organizations (Industrial)
•Non Government
organizations (Non-Industrial)
Stakeholder mapping :
4.4 QUALITY MANAGEMENT SYSTEM AND
ITS PROCESSES
The organization should:
 Identify processes;

 Define their sequences and interactions;

 Define criteria and methods for supervising

processes and ensuring their effectiveness;

 Provide resources and information to support

processes;

 Monitor, measure and analyze processes;

 Introduce risk and opportunity management,

 Evaluate the processes, including the implementation

of appropriate actions necessary for the processes to
achieve the intended results;

 The organization must also improve both its

processes and the entire QMS
TYPICAL DOCUMENTATION IN ISO 9001
 SECTION 5 - LEADERSHIP

2008 – Clause 5
 SECTION 5 – LEADERSHIP
5.1 Leadership and • top management to now
commitment have a greater involvement
in the QMS
5.2 Policy
5.3 Organisational roles,
responsibilities and What is required by top
authorities management?
 SECTION 5 - LEADERSHIP
5.1 Leadership and commitment
5.1.1 General
5.5.1 Customer focus
5.2 Policy
5.3 Organisational roles, responsibilities and authorises

Leadership must take accountability for the QMS’ effectiveness

• ensure Quality Policy and quality objectives are established
• ensure QMS is integrated into business processes
• ensure resources are available;
 SECTION 5 - LEADERSHIP
5.1 Leadership and commitment
5.1.1 General…cont
5.1.2. Customer focus
5.2 Policy
5.3 Organisational roles, responsibilities and authorises

• communicate importance of effective QMS and conformance

• ensure QMS achieves intended results
• promote improvement
• support other management to demonstrate leadership.

2008 – Clause 5
 SECTION 5 - LEADERSHIP
5.1 Leadership and commitment
5.1.1 General
5.1.2. Customer focus
5.2 Policy
5.3 Organisational roles, responsibilities and authorises

• top management must ensure:

• customer and regulatory requirements are met

• risks and opportunities are determined and addressed
• focused on enhancing customer satisfaction.
CUSTOMER ORIENTATION

Top management should ensure

that the customer's needs and
expectations are defined,
translated into requirements
and met in order to achieve
customer satisfaction, also
internal, i.e. employee.

70
WHO WHO ARE THE CUSTOMERS?

Who are the CUSTOMERS?

 Defined as: “Any person or organization that receives a product or service
(Output) from the work activities (Process)”
 Whose needs must be met for this process to be successful?

Types of “customers”:
 External: Individuals or organizations outside of your business who are usually
associated with paying money for your products and services
 Internal: Colleagues who receive products, services, support or information
from your process – i.e. Engineering, Manufacturing, Quality, Marketing,
Regulatory: Any government agency that has standards the process or
product must conform to – i.e. OSHA, EPA, FDA, UL, MilSpec,etc.

Which customer?
 Customers can often be logically placed into groups or segments (not all customers
should be treated equally)
 SAMPLE AUDIT QUESTIONS:

Does the company know what customers expect Examples of evidence

from the organisation's products and services? of compliance:
How does the company research customer needs  Assessment of
and satisfaction? surveys conducted
What is the organization doing to increase customer among customers
satisfaction?  Market analysis
(sales volume)
 Analysis of customer
complaints
 WHAT THE
CONCEPT IS “VOICE
VOICE OFOF
THETHE CUSTOMER”
CUSTOMER : ?
HTTPS://WWW.YOUTUBE.COM/WATCH?V=IVRGWL2POPU

“Voice of the Customer” (VOC) is the expression of

customer needs and desire.

Voice of customer - unprocessed information, which

includes, among others: complaints, articulated needs,
functional requirements, expectations regarding product
materials, behavior, etc.
HOW DO OUR CUSTOMERS COMMUNICATE
WITH US? Sources of Customer Voices
Types of Voices (in healtcare)
Complaints
Compliments Patient
Behavior
Surveys
Research
Outbound
Face to Face Communic Market
ations Intellige
Market share changes nce

Customer defections Customers

Customer referrals
Informal Inbound
Through their attorneys /Formal
Communi
Transacti
ons cations
Staff Meetings
Casual
Contact
 CUSTOMERS DEFINE “QUALITY”
Flexibility
and Options

Timeliness Accuracy

Customers

You must understand

Ease
what the customers of Use
Aesthetics
care about as it
relates to your Price
process. and
Cost
 “Didn’t know I Satisfaction

KANO’S MODEL –
wanted it but I
like it.”
Satisfier
One Dimensional
Desired Quality

TOOL FOF MESUARING

Delighters
Excited Quality

Service Service

VOICE OF THE CUSTOMER

Performance Performance

Dissatisfier
Must-be “Cannot increase
Expected Quality my satisfaction, but
can decrease.”
HTTPS://WWW.YOUTUBE.COM/WATCH?V=BS2HMX0KI54

Dissatisfaction
SECTION 5 – LEADERSHIP
5.1 Leadership and commitment
5.2 QUALITY Policy
5.3 Organisational roles, responsibilities and authorities

• now split into two sub-clauses to save the confusion in the

previous version of what must be in the policy and what
must be done with the policy
• must be documented
• must be available internally and to interested parties.
5.2. QUALITY POLICY

OBLIGATORY REQUIREMENT TO DEVELOP A

QUALITY POLICY
The Quality Policy should be:
Suitable for the purposes of the organization
It includes a commitment to meet the requirements
of the QMS and continuous improvement
The basis for defining and reviewing quality goals
Communicated in the organization
Understandable for all employees udokumentowana informacja!
Revised to keep it current
QUALITY POLICY - EXAMPLE
 SECTION 5 – LEADERSHIP
5.1 Leadership and commitment
5.2 Policy
5.3 Organisational roles, responsibilities and authorities

• ensures responsibilities and authorities for relevant roles are assigned,

communicated and understood
• no formal requirement for specific management representative
• specific mention of changes to QMS.
5.3 ROLES, RESPONSIBILITIES AND POWERS

Top management should assign responsibility and authority to

the QMS Representative for:
 ensuring compliance of the QMS with the requirements
 ensure that processes are delivering their intended outputs;
reporting on the performance of the system promoting
customer orientation;
 ensuring that the integrity of the QMS is maintained;

81
EMPOWERING THE REPRESENTATIVE FOR QMS IN THE STRUCTURE OF COMPANY
SECTION 6 – PLANNING
 SECTION 6 – PLANNING

6.1 Actions to address risks • introduces risk based

and opportunities approach to planning
6.2 Quality objectives and • addresses risks, opportunities
planning to achieve and quality objectives
them
6.3 Planning of changes How quality planning is
achieved.
Clause 6 Planning Quality
Clause 4.2 Needs
and expectations Clause 10.2
Clause 4.1
Context Corrective
action

PLANNING
Clause 9.13 Clause 6.1 actions to Clause 9.3.2
Analysis address risks and Management
review
opportunities
PLAN
Clause 4.4.1
Clause 5.1 QMS Processes
Leadership Clause 5.1
Customer focus

Clause 7.1.6
Knowledge
ISO 9001
6. PLANNING

Planning covers three areas:

 risk management (6.1),
quality goals and their planning (6.2),
shift planning (6.3).

When defining risk management issues, the standard requires that

the process takes into account both the context of the organization
and defined stakeholders.
Risks and opportunities should also be taken into account so as to
ensure the achievement of the intended results by the QMS,
increase the desired and prevent the occurrence of undesirable
effects, and achieve the improvement of the system.

87
6. PLANNING
6.1 ACTIONS TO ADDRESS RISKS AND OPPORTUNITIES

One of the requirements of ISO 9001: 2015 is the use of

an approach based on risk and opportunities in
managing the organization.
Reading the standard, it is easy to notice that the auditors
of the standard approached the subject very generally.
Chapter 6.1 states that: When planning a quality
management system, an organization should consider its
context and the requirements of interested parties, and
identify the risks and opportunities that need to be addressed
to: undesirable effects or reduce them
 RISK DECISIONS CAN BE RELATED TO:

reducing the probability of risk

 reducing the probability of negative results of an
event or completely eliminating the possibility of its
occurrence;
reducing the effects of risk - aimed at reducing losses;
this includes measures taken both before and after
the risk situation;
sharing or transferring risk - partial or total;
risk avoidance - refraining from or ceasing the
exposing activity.
RISK ANALYSIS
HTTPS://WWW.YOUTUBE.COM/WATCH?V=SRUXGETRHPA
6.2 QUALITY GOALS AND PLANNING TO ACHIEVE THEM

The organization must establish quality objectives for the

relevant functions and processes in the QMS.

The organization shall maintain documented information

on the quality objectives.

udokumentowana informacja!

91
SECTION 6 – PLANNING

6.1 Actions to address risks and opportunities

6.2 Quality objectives (goals) and planning to achieve them
6.3 Planning of changes

• quality objectives need to be established at relevant functions, levels and processes

• these objectives should be:

─ consistent with the Quality Policy, measurable and take into account applicable
requirements
─ relevant to conformity of products and services, and the enhancement of
customer satisfaction
─ monitored, communicated and updated as appropriate

• must determine what, how, who, when, etc

• quality objectives must be documented.

QUALITY GOALS AND PLANNING TO ACHIEVE THEM
6.3 PLANNING CHANGES

The changes are OK, but

in a planned manner
Should be considered:
purpose and possible
consequences of changes,
integrity of the QMS
resource, availability
separation of
responsibilities and
powers
SECTION 7 - SUPPORT
SECTION 7 - SUPPORT
7.1 Resources

7.2 Competence The support required to meet

the organisation’s goals.
7.3 Awareness

7.4 Communication

7.5 Documented information

SECTION 7 - SUPPORT

7.1 Resources
7.1.1 General
7.1.2 People
7.1.3 Infrastructure
7.1.4 Environment for the operation of processes
7.1.5 Monitoring and measuring resources
7.1.6 Organisational knowledge

• must provide resources for the implementation and maintenance of the

QMS
• must consider constraints of existing resources and what may be
provided from external providers.
WYMAGANIA ISO 9001
CHAPTER 7 RESOURCES

7.1 Resources
The organization should:
a) Provide the resources necessary to establish, implement, maintain
and continuously improve the QMS, including the analysis of the
possibilities and limitations of internal resources of the organization,
as well as resources necessary to obtain from outside
b) Identify and provide the persons necessary for the effective
implementation and operation of the QMS.
c) Define and provide the necessary infrastructure necessary for the
functioning of the processes and maintaining the conformity of
products and services.
d) Define, provide and maintain the environment required to operate
the processes and maintain the compliance of products and services.
e) To identify and provide the resources necessary to maintain valid
and reliable compliance verification results for products and services.
WYMAGANIA ISO 9001
R. 7. SUPPORT

7.1 Resources
The organization should:
f) Provide traceability, if required.
g) Moreover, the standard specifies the methods of supervision over
measuring equipment.
h) Determining the knowledge necessary for the proper conduct of
processes and achieving compliance of products and services, its
maintenance and sharing in the appropriate scope.
i) The organization must also review needs and trends to identify gaps
between what is known and what is needed and how to fill them.
WYMAGANIA ISO 9001
R. 7. SUPPORT

7.2 Competencies:
The competences of people performing work that have an impact on the effects of the QMS and the
effectiveness of ensure that these people are competent - through appropriate education,
training or experience. If necessary, complete the necessary competences and evaluate the effectiveness of
these activities, Maintain documented information as a record of competence, proof of compliance.
7.3 Awareness:
Employees of the organization must be aware of the Quality Policy, the most important and related to them
quality objectives, their contribution to the QMS and the consequences of non-compliance with the requirements
of the QMS.

7.4 Communication:
The organization must define internal communication related to the QMS, including what and when to
communicate, with whom and how to communicate, and who communicates.
7.2 Competencies
Human resources department and the basic issues related to the
implementation of ISO 9001

The ISO 9001 standard relates directly to the issue of

training - the training requirements it contains provide that
the organization should:
 Determine the necessary competences of the personnel
performing activities affecting the product compliance;
 Provide training or other measures to meet the training
needs of employees;
 Assess the effectiveness of the actions taken;
 Ensure that organisation's personnel are aware of the
nature and importance of their activities and how they
are contributing to the achievement of quality objectives;
Maintain appropriate records of education, training, skills
and experience
7.5 DOCUMENTED INFORMATION

An organization's quality management system should

include:
a) documented information required by ISO 9001;
b) documented information determined by the
organization to be necessary for the effectiveness of
the quality management system.

105
7.5 EXAMPLE OF DOCUMENTED
INFORMATION - RECORDS REQUIRED BY THE STANDARD

a) Documented information needed to be

maintained by the organization for the purposes of
establishing a QMS (high level transversal
documents).

These include:

The scope of the quality management system

(clause4.3).
Documented information necessary to suport the
operation of processes (clause4.4).
The quality policy (clause5.).
The quality objectives (clause6.2).
7.5 EXAMPLE OF DOCUMENTED INFORMATION
- RECORDS REQUIRED BY THE STANDARD
b)Documented information maintained by the organization for the purpose of
communicating the information necessary for the organization to operate
EXAMPLES
− Organization charts
− Process maps, proces flowcharts and/or proces descriptions
− Procedures
− Work and/or test instructions
− Specifications
− Documents containing internal communications
− Production schedules
− Approved supplier lists
− Test and inspection plans
− Quality plans
− Quality manuals
− Strategic plans

107
7.5.2 DEVELOPMENT AND UPDATING

let's ensure:
 appropriate identification
and description of ISO 9001
documents: procedures,
instructions (e.g. title, date,
author or reference number);
 the correct format of ISO
9001 documents: procedures,
instructions (e.g. language,
software version) and medium
(e.g. paper, electronic);
 review and approval of
documents in terms of
suitability and adequacy.

108
109
7.5.3 SUPERVISION OF DOCUMENTED
INFORMATION

PLEASE ENSURE:
 availability and suitability adequate
protection (e.g. against loss of
confidentiality)
 distribution,
 access and use;
 storage and preservation;
 monitoring changes (e.g. version
control);
 storage and disposal.

110
SECTION 8 - OPERATION
SECTION 8 - OPERATION

8.1 Operational planning and control

8.2 Requirements for products and
services
8.3 Design and development of
products and services
8.4 Control of externally provided The heart of the
processes, products and services management system
(the business).
8.5 Production and service provision
8.6 Release of products and services
8.7 Control of nonconforming outputs
8.1 OPERATIONAL PLANNING AND CONTROL

 Requirements for products should be specified;

 Criteria for the processes should be established;
 Resources must be identified;
 Processes should be supervised;
 Define, maintain and store documented
information to the extent necessary to prove
that the processes were performed as planned;
(demonstration of product compliance with the
requirements).

113
8.2 REQUIREMENTS FOR PRODUCTS AND
SERVICES

 Communication with the client

concerns: provide information
related to products; handling
inquiries, contracts and
including changes;
 obtaining customer feedback,
including customer complaints;
 handling customer property;
 establishing specific
requirements for emergency
actions, if necessary.

114
8.2 REQUIREMENTS FOR PRODUCTS AND SERVICES

Defining product requirements:

 product requirements are to be defined,
including any applicable legal and
regulatory requirements. The organization
must be able to fulfill the product
declarations it offers.

115
8.4 SUPERVISION OF PROCESSES, PRODUCTS AND SERVICES PROVIDED
FROM OUTSIDE

Ensure that externally supplied processes, products and services

conform to requirements.

116
8.4 SUPERVISION OF PROCESSES, PRODUCTS AND SERVICES PROVIDED FRO M OUTSIDE

The organization shall determine the control of externally

provided processes, products and services when:
 goods and services from external suppliers are intended to
be incorporated into own products;
 goods and services are delivered directly to the customer by
external suppliers on our behalf;
 the process or part of it is provided by an external supplier.
8.5 PROVISION OF PRODUCTS / SERVICES

Supervising the delivery of products / services.

The product should be delivered under supervised conditions, which should
include:
 availability of documented information that defines the properties of the
product to be supplied availability and use of adequate resources for
monitoring and measurement;
 implementation of monitoring and measurement at appropriate stages;

118
8.5.2 IDENTIFICATION AND TRACEABILITY

 The organization shall identify the

output status with respect to the
monitoring and measurement
requirements throughout the delivery of
products.
 Supervise the unequivocal identification
of output data when traceability is
required and keep the documented
information necessary to enable
traceability.

119
8.5.3 PROPERTY OWNED BY CUSTOMERS OR THIRD PARTY SUPPLIERS

The organization shall identify, verify, protect and safeguard

customer or external supplier property provided for use or
incorporation into products.

120
8.5.4 SECURITY

The organization should secure

output data when delivering
products to the extent necessary
to ensure compliance with the
requirements.

121
8.5.5 POST-DELIVERY ACTIVITIES

When determining the scope of required post-

delivery activities, the organization should
consider:
 legal and regulatory requirements;
 potential undesirable effects associated with
its products;
 the nature, use and intended "life" of the
products;
 customer requirements; feedback from
customers.
122
 8.6 PRODUCT RELEASE

 The release of the products to the customer should not take

place until the planned arrangements are completed,
unless another decision has been approved by an
authorized person.
 Documented information should include: evidence of
meeting the admission criteria; the traceability of the
person deciding on the dismissal.

123
SECTION 9 – PERFORMANCE EVALUATION

9.1 Monitoring, Determining what is to be

measurement, analysis monitored, measured, analysed
and evaluation and evaluated will enable the
organisation to determine ‘if the
9.2 Internal audit management system suitable,
9.3 Management review adequate and effective ?’

How performance of the QMS

is evaluated.
CHAPTER 9. ASSESSMENT OF THE EFFECTS OF ACTIVITY

Specify:
 what to monitor and measure;
 methods of monitoring, measurement, analysis and evaluation;
 when to monitor and measure;
 when to analyze and evaluate the results.
9.1.2 CUSTOMER SATISFACTION

The organization should monitor the extent to which customer needs

and expectations have been met.

Examples of customer perception monitoring can include surveys,

customer feedback, customer meetings, praise, claims, and reports.

126
9.1.3 ANALYSIS AND EVALUATION

The organization shall analyze data and information from monitoring and
measurement of:
 product compliance customer satisfaction;
 the effects of activities and the effectiveness of the quality management
system;
 whether the planning has been successfully implemented;
 the effectiveness of the actions taken to address the risks and opportunities;
 the effects of external suppliers;
 the need to improve the QMS. 127
9.2 INTERNAL AUDIT

Internal audits should be performed

at scheduled intervals to find out
whether the QMS:
 complies with the organisation's
own requirements concerning the
quality management system and
the requirements of the standard;
 is effectively implemented and
maintained.

128
INTERNAL AUDIT:

Internal audits are self-examination done by the company itself at

least once per calendar year.
They are performed on-site and are useful in determining conformity,
effectiveness, and opportunities for improvement.
By going through internal auditing your organization will be able to
compare your quality management system to the required standard(s)
and prepare for the certification audit.
Your certification auditor, or external auditor, holds a lot more power
in a sense because this is the person who is a representative of your
certification body and will determine if you achieve third-party
certification to ISO 9001.
9.2 INTERNAL AUDIT

The organization should:

 plan, implement and maintain an audit program,
 define the audit criteria and scope of each audit;
 select auditors and conduct audits in a manner that
ensures objectivity and impartiality;
 ensure reporting of results to management;
 carry out appropriate corrections and corrective
actions;
 keep documented information as evidence of
program implementation and audit results.

130
9.2 Internal audit – check list
EXTERNAL AUDIT:

An external audit is performed by a third-party auditor

associated with your hired Certification Body.
The external auditor will conduct a certification audit or
surveillance audit at least once during each calendar year to
determine if your organization should be recommended for ISO
certification or continue to hold your current certificate.
An external auditor must perform audits based on a set of rules
from their own ISO Standard for auditing best practices and must
obtain strict qualifications set by the certification bodies.
EXTERNAL AUDIT:

Auditors must also be selected by a certification body with

consideration to the organization’s industry, the auditor’s
understanding of their industry and the specific industry codes the
auditor must hold to conduct the audit.
An external audit scope may include any number of processes,
and the scope will be detailed to you ahead of time in an audit
plan so you and your people can be prepared and present.
In the 3-year cycle of certification, each process must be audited
during the initial certification or recertification audit and at least
once per the 2-year surveillance cycle to evaluate effectiveness.
9.3 MANAGEMENT REVIEW = MEETING OF THE MANAGEMENT BOARD AND KEY EMPLOYEES AT LEAST
ONCE A YEAR

9.3.2 INPUT DATA

A management review should be planned

and performed taking into account:
 status of follow-up to previous
management reviews;
 changes in external and internal
factors relevant to the quality
management system;
 information on the operation and
effectiveness of the quality
management system, including trends.

135
9.3.2. INPUT TO MANAGEMENT REVIEW

... about trends in:

 customer satisfaction and feedback from
relevant stakeholders;
 the extent to which quality objectives have
been met;
 the effects of the functioning of processes and
compliance of products / services;
 non-conformities and corrective actions;
 monitoring and measurement results;
 audit results; activities of external suppliers;
 the adequacy of resources and the 136
effectiveness of actions taken taking into
account the risks and opportunities
 opportunities for continuous improvement.
9.3.3 OUTPUT FROM MANAGEMENT REVIEW

The output from the management review

should include decisions and actions
related to:
 opportunities for improvement;
 any need for changes to the quality
management system;
 resource needs.

The organization shall retain documented

information as evidence of the results of
the management reviews.
137
 SECTION 10 - IMPROVEMENT

10.1 General • QMS must continually

improve
10.2 Nonconformity and
corrective action • nonconformities must be
identified and reacted to
10.3 Continual improvement • corrective action must be
considered
Continual improvement
remains a core focus of the
QMS.
SECTION 10 – IMPROVEMENT
10.1 General
10.2 Nonconformity and corrective action
10.3 Continual improvement

• opportunities for improvement must be determined

• action must be taken to meet customer requirements and enhance
customer satisfaction:
▫ improve products and service
▫ correcting, preventing or reducing undesired effects
▫ improve performance and effectiveness of the QMS.
SECTION 10 - IMPROVEMENT
10.1 General
10.2 Nonconformity and corrective action
10.3 Continual improvement

• nonconformities (including complaints) must be reacted to and

applicable action taken
• root cause analysis must be considered based on its significance
• effectiveness of corrective action must be reviewed
• change Quality Management System if required
• evidence of action taken from nonconformities must be documented
• evidence of results of corrective action must be documented.
SECTION 10 – IMPROVEMENT

10.1 General
10.2 Nonconformity and corrective action
10.3 Continual improvement

• organisations must continually improve the suitability,

adequacy and effectiveness of the QMS
• must consider results of analysis and evaluation, and
outputs from management review.
WHAT DOES THE ISO 9001 QUALITY SYSTEM CERTIFICATE
CONFIRM?

It confirms the organization's

compliance to meet quality
requirements, and as a result - the
ability to manufacture products or
provide services to a stable,
repeatable quality. The certificate
is valid for 3 years

142
THREE ELEMENTS OF THE QUALITY SYSTEM
CERTIFICATION PROCESS

System development according to ISO

9001
Implementation of the system
Maintaining and improving the system
STAGES OF DEVELOPMENT, IMPLEMENTATION AND MAINTENANCE OF THE QUA LITY
SYSTEM CERTIFICATION

1. Decision making on the certification of the quality system.

2. Deciding how to design and implement the quality system
(independently or with the participation of consultants).
3. Assessment of the degree of adaptation of the organization's pro-
quality activities to the requirements of the standard.
4. Implementation of adaptation works to these requirements;
development of system documentation, implementation of
standard requirements.
5. Conducting a series of internal audits, removing identified non-
conformities.
6. Selection of a certification body and conducting a certification
audit by it.
7. Issuing a certificate; supervision over the quality system by the
certification body (periodic surveillance audits); most often after
three years another quality system certification.
CERTIFICATION BODIES - EXAMPLES
WHAT TO CHECK DURING THE CERTIFICATION AUDIT ?

Those areas of the organization that relate to the requirements of

the standard.

 Have the necessary processes and elements of the system been

identified and described?
 Are they effective?
 Is their introduction provable?
BARRIERS AND PROBLEMS DURING THE CERTIFICATION OF THE QUALITY SY STEM

 Enormous effort on the part of employees - social cost.

 Company reorganization.
 Costs of obtaining and maintaining the certificate.
 Cases of poorly prepared system implementation (general
nature, neglect of important details)
 The quality system certificate is no longer a distinguishing
feature on the market.
WIARYGODNOŚĆ CERTYFIKATÓW SYSTEMU JAKOŚCI
(PRZYCZYNY DEPRECJACJI)?

Coraz większa konkurencja na rynku usług certyfikacyjnych.

Silna presja ze strony organizacji chcących mieć tylko certyfikat, a nie potwierdzenie zdolności do
spełnienia wymagań jakościowych, wywierana na jednostki certyfikujące.

Uzależnienie jednostek certyfikujących od klientów; postępowanie jednych i drugich niezgodnie z etyką.

Zbyt mała liczba dobrze wyszkolonych i kompetentnych auditorów.

Niedostateczne nadzorowanie jednostek certyfikujących przez organ akredytacyjny (w Polsce Polskie

Centrum Akredytacji – PCA). 148
WHAT DOES THE IMPLEMENTATION OF "ISO" MEAN?

Positive customer attitude

 Consistency in action - full management cycle (PDCA
loop)
Getting down to business
Linking human resources with activities
Enforcement of the application of the rules
Continuous improvement
Changing the perception of the organization
ANY QUESTIONS?