543662-TEMPUS-1-2013-1- ME-TEMPUS-JPHES IMPROVEMENT OF PARTNERSHIP WITH ENTERPISES BY ENHENCEMENT OF A REGIONAL QUALITY MANAGEMENT POTENTIALS IN WBC

The new ISO 9001:2015: key diferences and impact in the organisations Paulo Baptista Kragujevac, June 2015

The new ISO 9001:2015 1. Introduction A short overwiew of ISO 9001 in the world

The new ISO 9001:2015 1. Introduction A short overwiew of ISO 9001 in the world

The new ISO 9001:2015 1. Introduction A short overwiew of ISO 9001 in the world

The new ISO 9001:2015 1. Introduction A short overwiew of ISO 9001 in the world

The new ISO 9001:2015 2. Why ISO 9001 is being revised All ISO management system standards are subject to a regular review under the rules by which they are written. Following a substantial user survey the ISO Committee responsible for ISO 9001 decided that a review was appropriate and created the following objectives to maintain its relevance in today’s market place:

The new ISO 9001:2015 Maintain relevance Integrate with other management systems / standards Provide an integrated approach to organizational management Provide a consistent foundation for the long-term (next 10-25 years) Increase adoption of the standard Address increasing complexity of business environment (e.g. non-office/virtual office) Address increased variety of business users (e.g. service industries; office environments) Enhance an organization’s ability to satisfy it’s customers.

The new ISO 9001:2015 2.1 The Common Framework Standardize and effectively develop standards Enhance alignment and compatibility of standards Useful for organizations which pursue multiple standards Some standards already under Common Framework: ISO 22000, ISO 20001, ISO 50001 Under revision to the Common Framework: ISO 14001, ISO 27001, ISO 9001

The new ISO 9001:2015 3.1. What is changing? ISO 9001:2008 0. Introduction 1. Scope 2. Normative References 3. Terms and Definitions 4. Quality Management System 5. Management Responsibility 6. Resource Management 7. Product Realization 8. Measurement, Analysis and Improvement

The new ISO 9001:2015 ISO 9001:2015 4. Context of the Organization 0. Introduction 1. Scope 2. Normative References 3. Terms and Definitions 4. Context of the Organization 5. Leadership 6. Planning 7. Support 8. Operations 9. Performance Evaluations 10.Improvement

The new ISO 9001:2015 ISO 9001:2015 will be based on Annex SL – the new high level structure (HLS) that brings a common framework to all management systems. This helps to keep consistency, align different management system standards, offer matching subclauses against the top-level structure and apply common language across all standards. Based on the PDCA approach, ISO 9001:2015 will follow this structure. With the new standard in place, organizations will find it easier to incorporate their quality management system into the core business processes and get more involvement from senior management.

The new ISO 9001:2015 4. What are the significant proposed changes? 1. The emphasis on leadership 2. Organizational Context Responsiveness to business environment 3. The focus on risk based management Preventive action 4. Emphasis on objectives, measurement and change 5. Increase emphasis on achieving value for organization and its customers 6. Communication and awareness

The new ISO 9001:2015 Others: 7. Fewer prescriptive requirements. 8. Documented Information Decreased emphasis on documentation 9. Outsourcing is now External Provision 10. No requirement for Management Representative 11. No requirement for Quality Manual

The new ISO 9001:2015 4.1. Leadership and organizational context Firstly, the organization will need to determine external and internal issues that are relevant to its purpose, i.e. what are the relevant issues, both inside and out, that have an impact on what the organization does, or that would affect its ability to achieve the intended outcome(s) of its management system. It should be noted that the term ‘issue’ covers not only problems, which would have been the subject of preventive action in previous standards, but also important topics for the management system to address, such as any market assurance and governance goals that the organization might set for its management system.

The new ISO 9001:2015 This means that senior managers need to be able to demonstrate an understanding of the wider business environment, social, cultural and regulatory and how that impacts or could impact on the organization’s ability to meet customer requirements. In the same context they need to have a grasp of the organization’s internal strengths and weaknesses and how these could impact on the ability to deliver their products or services.

The new ISO 9001:2015 This will strengthen the concept of business process management including the need now to allocate specific responsibilities for processes, and demonstrate an understanding of the key risks associated with each process and the approach taken to manage, reduce or transfer the risk. Top management now have a greater involvement in the management system. They have to make sure that the requirements of the management system are integrated into the organization’s processes and that the policy and objectives are compatible with the strategic direction of the organization.

The new ISO 9001:2015 4.2. Focus on risk based management Senior management must be able to demonstrate an understanding of business risks and how they could impact on the ability to meet customer requirements. An effective risk management process will be critical for successful certification to the new version. It must ensure the management system can achieve its intended outcomes and achieve continual improvement. Clause 6.1 Actions to address risks and opportunities, is where this is covered and it addresses the ‘what, who, how and when of risk management.

The new ISO 9001:2015 The organization should plan actions to address these risks and opportunities, how to integrate and implement the actions into its management system processes and evaluate the effectiveness of these actions. Risk management replaces preventive action. Organisation will need to identify where risk arises and ensure controls are in place to manage it. Remember that risk is defined as ‘the effect of uncertainty on an expected on result and the new standard makes risk-based thinking more explicit throughout.

The new ISO 9001:2015 4.3. Objectives and measurement The requirements around quality objectives have also been made more detailed. They need to be consistent with the quality policy, measurable (if practicable), monitored, communicated, and updated as appropriate. They also have to be established at relevant functions and levels. Objectives should include plans on how to achieve them as well as how the results will be evaluated.

The new ISO 9001:2015 The organization must determine who will be responsible for the delivery of the objectives, resources required, what needs to be done and by when. So remember that when establishing quality objectives organization needs to demonstrate how they plan to achieve them. And remember that the objectives (results to be achieved) – can be technical, strategic or operational.

The new ISO 9001:2015 4.4. Communication and awareness Clause 7.3 Awareness is now a clause in its own right: people working under an organization’s control should be aware of the quality policy, objectives, their contributions to QMS, implications of non-conformities etc. There is an increased emphasis on awareness to ensure that everyone knows the implications of not conforming to the management system requirements.

The new ISO 9001:2015 Which leads into Clause 7.4 Communication – internal and external communications are now a requirement. It’s up to the organisations to decide what/who/when and how they are communicating. Communication is important for both internal and external stakeholders and an organization must develop a communication plan. It is important to decide who will own the communication and ensure that they have the appropriate authority, competencies and knowledge. The communication plan can include a variety of mediums including briefings, meetings, seminars, conferences and newsletters.

The new ISO 9001:2015 4.5. Fewer prescriptive requirements Much will be made of the fact that the new version of the standard has no requirements for procedures but it does have requirements for documentation. Clause 7.5 Documented Information deals with documented information and is split into 3 sub-clauses – general, creating and updating and control.

The new ISO 9001:2015 An organization must decide what information they wish to retain, how these are updated and controlled and adequately protected Clause 8 Operations includes: Requirements for customer communication (from information on products to contracts and invoicing) Review of design and development changes Information for external providers Identification and traceability Release of products and services now part of operational controls Non-conforming processes, outputs and product and services

The new ISO 9001:2015 5. High Level Structure New Clause Numbers 1. Scope 2. Normative References 3. Terms and Definitions 4. Context of the Organization 4.1. Understanding the Organization and its context 4.2. Needs and expectations 4.3. Scope 4.4. Management system

The new ISO 9001:2015 5. Leadership 5.1. Management commitment 5.2. Policy 5.3. Roles, Responsibility and Authority 6. Planning 6.1. Actions to address risks and opportunities 6.2. Objectives and plans to achieve them 7. Support 7.1. Resources 7.2. Competence 7.3. Awareness 7.4. Communications 7.5. Documented Information

The new ISO 9001:2015 8. Operations 8.1. Operational planning and control 9. Performance evaluation 9.1. Monitoring, measurement, analysis and evaluation 9.2. Internal audit 9.3. Management review 10. Improvement 10.1. Nonconformity and corrective action 10.2. Continual improvement

The new ISO 9001:2015 6. Some Requirements – Examples 4. CONTEXT OF THE ORGANISATION 4.1. Understanding the organization and its context The organization must determine external and internal issues relevant to its purpose and that affect its ability to achieve the intended outcome(s) of its QMS.

The new ISO 9001:2015 4.2. Understanding the needs and expectations of interested parties The organization must determine interested parties relevant to the QMS, and the requirements of these interested parties List of interested parties the organization must consider: Direct customers End users Suppliers, distributors, retailers or others involved in the supply chain Regulators, and Any other relevant interested parties

The new ISO 9001:2015 4.4. Quality management system The organization must establish, implement, maintain and improve a QMS, including the processes needed and their interactions, in accordance with the requirements of this standard "Process approach" is maintained, and it will be embedded in all ISO management system standards.

The new ISO 9001:2015 5.1. Leadership Top management must demonstrate leadership and commitment with respect to the quality management system, by ... Ensuring the integration of the QMS requirements into the organization's business processes, Promoting awareness of the process approach, Supporting other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility. Top management must demonstrate leadership and commitment with respect to customer focus.

The new ISO 9001:2015 6.1. Actions to address risks and opportunities When planning for the QMS, the organization must consider the issues... in 4.1 and the requirements ... in 4.2 and determine the risks and opportunities that need to be addressed to: Assure the QMS can achieve its intended outcome(s) Prevent or reduce undesired effects Achieve improvement The organization must plan: Actions to address these risks and opportunities, and how to: Integrate and implement the actions into its OMS processes and Evaluate the effectiveness of these actions

The new ISO 9001:2015 7.1. Resources The organization must determine and provide the resources needed for the OMS (establishment, implementation, maintenance and improvement of the OMS). Resources may include: Infrastructure (7.1.2 ) Process environment (7.1.3) Monitoring (7.1.4 ) Knowledge (7.1.5)

The new ISO 9001:2015 8.1. Operational Planning and Control The organization must plan, implement and control the processes needed to meet requirements and to implement the actions determined in 6.1, by: Establishing criteria for those processes Implementing the control of the processes in accordance with the criteria Keeping sufficient documented information to demonstrate the processes have been carried out as planned

The new ISO 9001:2015 The organization must control planned and review the consequences of unintended changes, taking action to mitigate any adverse effects, as necessary. The organization must ensure the operation of a function or process of the organization by an external provider is controlled (outsourcing ).

The new ISO 9001:2015 8.4. Control of External Provision of Goods and Services The organization must ensure that externally provided goods and services satisfy the specified requirements. Note: These include outsourcing.

The new ISO 9001:2015 9. PERFORMANCE EVALUATION 9.1. Monitoring, measurement, analysis and evaluation 9.2. Internal audit 9.3 Management review

The new ISO 9001:2015 7. The revision and transition plan May 2014 – The Draft International Standard (DIS) is made available for public comment July 2015 – The Final Draft International Standard (FDIS). September 2015 – The International Standard is published September 2018 – The transition is complete