FINAL IMS PPT - Read-Only - Compatibility Mode.pdf

INTERNAL AUDIT COURSE
ISO 9001 2015,
ISO 14001 2015,
ISO 45001 2018
IMS/ QEHS
What has Changed?
• new concepts are considered - more risk based thinking
• the customer remains the primary focus
• a new common ISO format has been developed for use
across all Management System Standards
• a significant re-ordering of the key clauses.
• a significant re-ordering of the key clauses
• International Focus on managing Occupational Health
and Safety
• First International Standard
• Supported by ISO and Industry for the prevention of
work-related injury and ill-health
What has changed?
• new concepts are considered - more risk based thinking
• a new common ISO format has been developed for use
across all Management System Standards
• a significant re-ordering of the key clauses.
What else?
• Strategic Environmental Management
▫ increased emphasis on strategic planning
▫ new requirement to understand the organisation’s context
▫ aim to identify and leverage opportunities for the benefit of both the
organisation and the environment
▫ issues or changing circumstances related to the needs and
expectations of interested parties and local, regional or global
environmental conditions that can affect, or be affected by, the
organisation
▫ if identified as a priority, actions to mitigate adverse risk or exploit
beneficial opportunities are integrated in the operational planning of
EMS.
2015 – Annex A

And more…….
• Leadership
▫ a new clause that assigns specific responsibilities for those in leadership
roles to promote environmental management
• Protecting the environment
▫ expectation on organisations has been expanded to commit to proactive
initiatives to protect the environment from harm and degradation,
consistent with the context of the organisation
▫ ‘protect the environment’ is not defined but it notes that it can include
prevention of pollution, sustainable resource use, climate change
mitigation and adaptation, protection of biodiversity and ecosystems, etc...
2015 – Annex A
And more……….
• Environmental performance
▫ emphasis with regard to continual improvement now improving
environmental performance
▫ Note - consistent with the organisation’s policy commitments
• Life-cycle thinking
▫ need to extend control and influence to the environmental impacts
associated with product use and end-of-life treatment or disposal
▫ Note - does not imply a requirement to do a life cycle assessment.
2015 – Annex A
And more!
• Communication
▫ must develop communications strategy with equal emphasis on
external and internal communication
▫ requirement to communicate consistent and reliable information
▫ establish mechanisms for persons working under the organisation's
control to make suggestions on improving the EMS
▫ Note - the organisation decides whether to communicate externally
but it must consider regulatory requirements and expectations of
interested parties
• Documentation
▫ term ‘documented information’ instead of ‘documents’ and ‘records’
▫ flexibility to determine when ‘procedures’ are needed.
2015 – Annex A
Key Changes
• increased emphasis on Achieving Value for the
organisation and its customers
• increased emphasis on understanding and control of
Risk to the organisation
• reduced emphasis on Documentation
• no stated requirement for Documented Procedures
• no reference to a Quality Manual.

And………
• no requirement for a Management Representative
• no formal requirement for Preventive Action
• outsourcing is now External Provision
• enhanced Leadership Requirements
• Organisational Context – responsiveness to changing
Business Environment
• No exclusions, only Not Applicable clauses!
High Level Structure
• the new standard adopts the high-level structure and
terminology of Annex SL (used for the development of all new
ISO standards)
• High Level Structure - identical core text and common terms
and core definitions for use in all Management System
Standards:
▫ purpose - enhance the consistency and alignment of
different management system standards
▫ organisations that integrate multiple standards (eg QMS,
EMS, OHS) will see the most benefit
▫ uses simplified language and writing styles to aid
understanding and consistent interpretations of
requirements.
Common structure for MSS
Introduction
1. Scope
2. Normative references
3. Terms and definitions
4. Context of the organization
5. Leadership
6. Planning
7. Support
8. Operation
9. Performance evaluation
10. Improvement.

Clause structure (4-6)
4. Context of the organization
Understanding the organization and its context
Understanding the needs and expectations of interested parties
Determining the scope of the XXX management system
XXX management system
5. Leadership
Leadership and commitment
Policy
Organizational roles, responsibilities and authorities
6. Planning
Actions to address risks and opportunities
Objectives and plans to achieve them.
Clause structure (7-10)
7. Support
Resources
Competence
Awareness
Communication
Documented information
8. Operation
Operational planning and control
9. Performance evaluation
Monitoring, measurement, analysis and evaluation
Internal audit
Management review
10. Improvement
Nonconformity and corrective action
Continual improvement.
Control
Outsourcing and purchasing External provision
Documents and records Documented information
Management representative Assigned responsibility and authority
Quality Manual
a) how scope is determined
b) QMS scope types of products and services
c) Details and justification for any exclusions details and justification for any n/a reqt
d) Documented procedures
e) Description of the interaction between QMS processes required inputs and expected outputs.
Top management requirements
5.1 Leadership and commitment
Top management shall demonstrate leadership and commitment by:
Ensuring (ie someone else can do it)
• the Quality Policy and quality objectives are established for the QMS and are
compatible with the context and strategic direction of the organisation
• the integration of QMS requirements into the organisation’s business processes
• the resources needed for the QMS are available
• the QMS achieves its intended results
Doing (ie they must do it themselves)
• take accountability for the effectiveness of the QMS
• promote the use of the process approach and risk-based thinking
• communicate the importance of effective quality management and of conforming
to QMS requirements
• engage, direct and support persons to contribute to the effectiveness of the QMS
• promote improvement
• support other relevant management roles to demonstrate their leadership as it
applies to their areas of responsibility.

Risk-based approach
• organisations are required to understand its context
(Clause 4.1) and determine the risks and opportunities that
need to be addressed (Clause 6.1)
• one of the key purposes of a QMS is to act as a preventive
tool
• there is no separate clause or sub-clause titled “preventive
action”
• the concept of preventive action is expressed through a
risk-based approach to formulating QMS requirements.
2015 – Annex A
Applicability
• no specific reference to “exclusions” when determining
applicability of requirements to the organisation’s QMS
• an organisation will need to review the applicability of
requirements due to the size of the organisation, the
management model it adopts, the range of activities and
the nature of the risks and opportunities it encounters.
2015 – Annex A
• a common clause of “Documented Information” has
been adopted
• the terms “documented procedure” and “record” have
both been replaced throughout the requirements by
“documented information”
• documented procedures (eg to define, control or support
a process) are now expressed as a requirement to
maintain documented information
• records are now expressed as a requirement to retain
documented information.
2015 – Annex A
Organisational knowledge
• organisational knowledge (Clause 7.1.6) addresses the
need to determine and maintain the knowledge obtained
by the organisation and its personnel, to ensure that it can
achieve conformity of products and services
• the process for considering and controlling knowledge
needs to take account the organisation’s context, its size
and complexity, the risks and opportunities it needs to
address and the need for accessibility of knowledge
• the balance between knowledge held by competent
people and knowledge made available by other means is
at the discretion of the organisation.
2015 – Annex A

Control of externally provided
processes, products and services
• control of externally provided products and services (Clause
8.4) addresses all forms of external provision, whether by:
▫ purchasing from a supplier
▫ an arrangement with an associate company
▫ the outsourcing of processes and functions of the
organisation, or by any other means
• now required to take a risk-based approach to determine the
type and extent of controls appropriate to external providers
and externally provided products and services.
2015 – Annex A
ISO 9001:2015
Quality Management Systems – requirements.
Introduction
0.1 General
0.2 Quality management
principles
0.3 Process approach
0.4 Relationship with other
MSS
• introduces the rationale
for the Standard
• more formally structured.
0.1 General
• identifies potential benefits
• it is not the intent of the standard to imply:
─ uniformity in the structure of different quality
management systems
─ uniformity of documentation to align to the clauses
of the Standard
─ impose specific terminology to be used.

0.2 Quality management principles
• ISO 9001:2008 was based on eight quality
management principles whereas the revised version
refers to just seven
• the principle of “a systems approach to
management” has been dropped
• the last principle is now called “Relationship
management” instead of “Mutually beneficial
supplier relationships”.
New Quality Management Principles
1. Customer Focus
2. Leadership
3. Engagement of People
4. Process Approach
5. Improvement
6. Evidence-based Decision
Making
7. Relationship
Management.
0.3 Process Approach
• understand and manage interrelated processes as a
system
• enables consistent and predictable results
• PDCA cycle is fundamental
• introduces risk based thinking (always been an implied
requirement).
Plan-Do-Check-Act
Leadership &
Worker (5)
Support and
Operation
(7, 8)
Performance (9)
Improvement
(10)
Planning (6)
28
Needs and
Expectations of
relevant interested
parties
Intended
outcomes
Context of the
organisation

0.4 Relationship with other
Management System Standarad
• now a framework to improve alignment among all
International Standards for management systems
• better facilitates immigration.
Section 1 - Scope
• consistently provide products and services to meet
requirements and enhance customer satisfaction – no
change
• all requirements are intended to be applicable to all
organisations, regardless of type, size and product
provided – no change
• removal of exclusions.
Section 2 – Normative references
• ISO 9000:2015, Quality management systems –
Fundamentals and vocabulary
▫ also describes quality management principles in detail.
Section 3 – Terms and Definitions
• no terms and definitions
• reference to ISO 9000 – no change
• maintains clause numbering for consistency.

Some Terms (docs)
• document – information and the medium on which it is
contained
• documented information - information required to be
controlled and maintained by an organisation and the
medium on which it is contained
• procedure – specified way to carry out an activity or a
process (can be documented or not)
• record – document stating results achieved or providing
evidence of activities performed.
More Terms (improvement)
• improvement – activity to enhance performance
• objective – result to be achieved
• nonconformity – non-fulfilment of a requirement
• correction – action to eliminate a detected nonconformity
• corrective action – action to eliminate the cause of a
nonconformity and prevent recurrence
• preventive action – action to eliminate the cause of a potential
nonconformity or other undesirable situation
• verification – confirmation that specified requirements have
been fulfilled
• validation – confirmation that requirements for a specified
intended use or application have been fulfilled.
More Terms (product)
• product – output of an organisation that can be produced without
any transaction taking place between the organisation and the
customer
• service – output of an organisation with at least one activity
necessarily performed between the organisation and the
customer
• performance - measurable results
• risk - effect (positive or negative) of uncertainty
• outsource - to make an arrangement where an external
organisation performs part of an organisation’s function or
process - Note: An external organisation is outside the scope of
the management system although the outsourced function or
process is within the scope.
More Terms (people)
• top management – person or group of people who directs and
controls an organisation at the highest level
• QMS consultant – advisor on QMS realisation – can assist in
realising parts of a QMS
• interested party – person or organisation that can have an affect,
be affected by, or perceive itself to be affected by a decision or
activity
• competence – ability to apply knowledge and skills to achieve
intended results
• infrastructure – facilities, equipment & services
• work environment - conditions under which work is performed.

Section 3 – Terms and Definitions
2004 – clause 3
• environmental aspect – element of an organisation’s
activities, products or services that interacts or can
interact with the environment – the activity
• environmental impact – change to the environment
(adverse or beneficial), wholly or partly resulting from the
organisation’s environmental aspects – potential
change or harm.
Some more terms
• environmental performance – performance related to
the management of environmental aspects
• life cycle – consecutive and interlinked stages of a
product (or service) system, from raw material acquisition
or generation from natural resources to final disposal.
2004 – clause 3
Terms and Definitions
Organisation
“persons of group of people that has its own functions with
responsibilities, authorities and relationships to achieve its
objectives”
Interested party
“person or organisation that can affected, be affected by, or
perceive itself to be affected by a decision or activity”
Contractor
“external organisation providing services to the organisation at
a workplace in accordance with agreed specifications, terms
and conditions”
39
Terms and definitions
Worker
“person performing work or work related activities under
the control of the organisation
Note1: persons perform work or work related activities
under various arrangements- paid/unpaid
Note2: workers include top management, managerial and
non-managerial
Note 3: work or work related activities performed by
workers employed by another organisation – insourced
activities
40

Continued ..
Participation
“involvement of workers in decision-making”
Consultation
“seeking the views making a decision”
Workplace
“place under the control of the organisation where a
person needs to be or go by reason of work”
Note 1: the organisation responsibilities depends on
the degree of control
41
Continued ..
Risk
“effect of uncertainty”
OH&S Risk
“combination of the likelihood of occurrence of a work
related hazardous event and exposure(s) and severity of
injury and ill-health that can be caused by the event or
exposure(s)
Injury and ill-health
“adverse effect on the physical, mental or cognitive condition
of a person”
Note 1 – adverse effects includes occupational disease, illness and
death
42
What Does Hazard Mean
• A hazard is any object, situation, or behavior that has the potential to cause injury,
ill health, or damage to property or the environment.
• Health and safety hazards exist in every workplace. Some are easily identified and
corrected, while others are necessary risks of the job and must be managed in
other ways (for instance, by using protective equipment).
• Most occupational hazards are inactive or have a low potential of actually
occurring; however, employers must be prepared to deal with them since a hazard
becoming active can generate an emergency situation
Hazards can be classified as:
• Physical Hazards: These are the most common hazards and they include extremes
of temperature, ionizing or non-ionizing radiation, excessive noise, electrical
exposure, working from heights, and unguarded machinery.
• Mechanical Hazards: These are usually created by machinery, often with
protruding and moving parts.
• Chemical Hazards: These appear when a worker is exposed to chemicals in the
workplace. Some are safer than others, but for workers who are more sensitive to
chemicals, even common solutions can cause illness, skin irritation, or breathing
problems.
• Biological Hazards: These include the viruses, bacteria, fungus, parasites, and any
living organism that can infect or transmit diseases to human beings.
• Ergonomic Hazards: Including considerations of the total physiological demands of
the job upon the worker, even beyond productivity, health, and safety.
• Psychosocial Hazards: These may arise from a variety of psychosocial factors that
workers may find to be unsatisfactory, frustrating, or demoralizing.

Examples of Hazards and Their Effects
Workplace Hazard Example of Hazard Example of Harm Caused
Thing Knife Cut
Substance Benzene Leukemia
Material
Mycobacterium
tuberculosis
Tuberculosis
Source of Energy Electricity Shock, electrocution
Condition Wet floor Slips, falls
Process Welding Metal fume fever
Practice Hard rock mining Silicosis
Behaviour Bullying Anxiety, fear, depression
Verbal Words
• “shall” indicates a requirement
• “should” indicates a recommendation
• “may” indicates a permission
• “can” indicates a possibility or capability
• “Note” is guidance/clarification on requirements
• “Note to entry” additional information that
supplements the terminology
47
Section 4 – Context of the Organisation

Section 4 – Context of the Organisation
4.1 Understanding the
organisation and its context
4.2 Understanding the needs
and expectations of
interested parties
4.3 Determining the scope of
the quality management
system
4.4 Quality management
system and its processes
• this is a new clause and
provides a key insight
into the organisation
What constitutes the
organisation’s quality
management system.
Section 4 – Context of the organisation
4.1 Understanding the organisation and its context
4.2 Understanding the needs and expectations of interested parties
4.3 Determining the scope of the quality management system
4.4 Quality management system and its processes
• determine external and internal issues relevant to the
QMS/EMS/OH&S
• must monitor these issues.
• External context – cultural, social, political, key trends in industry
• Internal context- governance, policies, objectives, culture, trends
• determine interested parties relevant to the QMS/EMS/OH&S
• determine their needs and expectations
• must monitor information about interested parties’ requirements.
• which ones are compliance obligations
• Needs and expectations of managerial and non-managerial workers
• Other interested parties – legal and regulatory authorities, includes
workers, customers and clients
• Applicable legal requirements
• establish scope by determining boundaries and applicability of the
QMS/EMS/OH&S to consider external/internal issues, requirements of
interested parties and the organisation’s products and services
• scope must be documented and available, justify any clauses of
QMS/EMS/OH&S that is not applicable
• any N/A clauses must not effect conformity of products/services and
customer satisfaction.

• must establish, implement, maintain and continually improve the
QMS/EMS/OH&S
• interaction of processes required (but not documented!)
• assign roles, responsibilities and authorities for processes
• retain documented information to ensure in the processes
Documented procedures are not necessarily required….
except where they are needed!
Section 5 - Leadership
Section 5 – Leadership
5.1 Leadership and
commitment
5.2 Policy
5.3 Organisational roles,
responsibilities and
authorities
• top management to now
have a greater involvement
in the QMS/EMS/OH&S
What is required by top
management.
5.1.1 General
5.5.1 Customer focus
5.2 Policy
5.3 Organisational roles, responsibilities and authorises
• must take accountability for the QMS/EMS/OH&S effectiveness
• ensure QMS/EMS/OH&S Policy and objectives are established
• ensure QMS/EMS/OH&S is integrated into business processes
• ensure resources are available;

5.1.1 General…cont
5.2 Policy
• communicate importance of effective QMS/EMS/OH&S and conformance
• ensure QMS/EMS/OH&S achieves intended results
• promote continual improvement
• support other management to demonstrate leadership.
• Developing, leading and promoting a culture supporting OH&S
• Consider need to establish H&S committees
• Ensuring active participation of workers, worker representation using
consultation
5.1.1 General
5.2 Policy
• top management must ensure:
• customer and regulatory requirements are met
• risks and opportunities are determined and addressed
• focused on enhancing customer satisfaction.
5.2 Policy
5.3 Organisational roles, responsibilities and authorities
• must be documented
• must be available internally and to interested parties.
• OH&S policy set of principles and overall sense of direction
• H&S policy on consultation with workers at all levels and communicated
• Commitment to provide safe and healthy working conditions
• Prevention of injury and ill-health
• Policy appropriate to size and context of organization
• Specific nature of it OH&S risk and OH&S opportunities
• Communication of policy
5.2 Policy
5.3 Organisational roles, responsibilities and authorities
5.4 Consultation and participation
• ensures responsibilities and authorities for relevant roles are assigned, communicated
and understood
• no formal requirement for specific management representative
• specific mention of changes to QMS.
• no requirement for a specific management representative
• however those duties must be assigned.
• Establish, implement, maintain process(es) for consultation and participation in
developing, planning, evaluation and actions for improvement in OH&S
• Provide mechanisms, time, training and resources necessary for participation
• Provide timely access to clear, understandable and relevant information on OH&S

Section 6 – Planning
6.1 Actions to address risks
and opportunities
6.2 Quality objectives and
planning to achieve
them
6.3 Planning of changes
• introduces risk based
approach to planning
• addresses risks,
opportunities and quality
objectives
How quality planning is
achieved.
6.1 Actions to address risks and opportunities
6.2 Quality objectives and planning to achieve them
• when planning, must consider external/internal issues and interested parties
• determine risks to ensure QMS/EMS/OH&S achieves results, enhance desirable
effect and achieve improvement
• determine the risks related to environmental aspects, compliance obligations and
other issues
• Hazard identification and assessment of risks and opportunities
• Determination of applicable legal requirements and other requirements
• must evaluate effectiveness of actions
• must be risk based.
• 6.1 Actions to address risks and opportunities
6.1.2 Environmental aspects
6.1.3 Compliance obligations
6.1.4 Planning action
• requires criteria for significant environmental aspects
to be established
• environmental aspects must be communicated within
the organisation
• environmental aspects and associated environmental
impacts must be documented.

• “compliance obligations” in lieu of legal and
other requirements
• compliance obligations must be documented.
• organisations must plan to take action to
address significant environmental aspects,
compliance obligations and risks/opportunities
• must also plan to implement actions into the
EMS and evaluate effectiveness of the actions.
6.1.2 Hazard identification and assessment of
risk and opportunities
6.1.2 Hazard
identification and
assessment of risks and
opportunities
6.1.2.1 hazard identification
6.1.2.2 assessment of OH&S risk
and other risks to OH&S
management system
6.1.2.3 assessment of OH&S
opportunities and other
opportunities
67
6.1.2 Hazard Identification and assessment of
risk and opportunities
6.1.2.1 Hazard
identification
• Ongoing proactive identification of hazards
• Past incidents, emerging trends
• Routine & non-routine activities and situations
• Emergency situations
• Human factors
• Other issues – design, situations in the vicinity of
workplace, situations not controlled by
organisations
• Changes or proposed changes
• Change in knowledge
• How work is organised, social factors, workload,
work hours, leadership and culture
68

OH&S risks
6.1.2.2 Assessment of
OH&S risks and other risk
to the OH&S management
system
• Assess OH&S risks from hazards
identified
• Take account of issues from
context 4.1 & needs and
expectations of interested
parties 4.2
• Define methodology and criteria
• Methodologies and criteria be
maintained and retained as
documented information
69
OH&S risks
6.1.2.3
Identification of OH&S
opportunities and other
opportunities
• New!
• Opportunities to enhance OH&S
performance taking into account:
▫ Planned changes
▫ Opportunities to eliminate or reduce risk
▫ Opportunities to adapt work, work
organisation and work environment to
workers
• Opportunities for improving OH&S
management system
70
6.1.3 Determination of applicable legal
requirements and other requirements
6.1.3
Determination of applicable
legal requirements and
other requirements
• Process replaces procedure
• Determine and have access to up to
date legal requirements
• Determine how these apply and will
be communicated
• Take into account when
establishing, implementing
• Maintain and retain documented
information
71
• Address risk and opportunities (6.1.2.2 &
6.1.2.3)
• Address applicable legal requirements
(6.1.3)
• Emergency preparedness emergency
situation (8.2)
• Integrate actions to other business
process(s) – Business Continuity,
Financial or HR
• Eliminating hazards and reducing OH&S
risk (HoC) (8.1.2)
• Best practice
72

6.2 OH&S objectives
6.2 OH&S objectives • Maintain and improve OH&S management
system and OH&S performance
• Take into account results of assessment of
OH&S risk and opportunities and other risks
and opportunities
• Take into account outputs of consultation
with workers and workers representative
• Be measurable or capable of evaluation
• Clearly communicated
73
6.2.2. Planning to achieve OH&S
objectives
6.2.2. Planning to
achieve OH&S objectives
• What will be done
• What resources
• Who will be responsible
• When completed
• How measured through indicators if
practicable, monitored and frequency
• How actions will be integrated into
overall business processes
information
74
• quality objectives need to be established at relevant functions, levels and
processes
• these objectives should be:
─ consistent with the Quality Policy, measurable and take into account
applicable requirements
─ relevant to conformity of products and services, and the enhancement
of customer satisfaction
─ monitored, communicated and updated as appropriate
• must determine what, how, who, when, etc
• quality objectives must be documented.
• 6.2 Environmental objectives and planning to achieve them
• 6.2.1 Environmental objectives
• 6.2.2 Planning actions to achieve environmental objectives
• only really requires objectives for significant environmental aspects
and associated compliance obligations
• environment objectives must be updated
• they must be documented.

• 6.2 Environmental objectives and planning to achieve them
• 6.2.1 Environmental objectives
• 6.2.2 Planning actions to achieve environmental objectives
• requires planning to determine what, how, who, when, how the
objectives will be monitored and how the results will be evaluated
• must consider how environmental objectives can be integrated into
the organisations processes.
6.2 OH&S objectives
6.2 OH&S objectives • Maintain and improve OH&S management
system and OH&S performance
• Take into account results of assessment of
OH&S risk and opportunities and other risks
and opportunities
• Take into account outputs of consultation
with workers and workers representative
• Be measurable or capable of evaluation
• Clearly communicated
78
6.2.2. Planning to achieve OH&S
objectives
6.2.2. Planning to
achieve OH&S objectives
• What will be done
• What resources
• Who will be responsible
• When completed
• How measured through indicators if
practicable, monitored and frequency
• How actions will be integrated into
overall business processes
information
79
• where change is needed, it needs to be carried out in a planned and
systemic manner
• must ensure integrity of QMS.

8.1.3 Management of Change
• Establish a process for the
implementation and control of
planned changes
• Changes include:
▫ Work processes
▫ Legalisation
▫ Knowledge and information about
hazards and related OH&S risk
▫ Developments in knowledge and
technology
• Control changes to mitigate against
adverse impact on OH&S
81
Section 7 - Support
Section 7 - Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
7.5 Documented information
The support required to meet
the organisation’s goals.
Section 7 - Support
7.1 Resources
7.1.1 General
7.1.2 People
7.1.3 Infrastructure
7.1.4 Environment for the operation of processes
7.1.5 Monitoring and measuring resources
7.1.6 Organisational knowledge
• must provide resources for the implementation and maintenance of
the QMS
• must consider constraints of existing resources and what may be
provided from external providers.

7.1 Resources
7.1 Resources
• Determine resources and provide
resources needed for OH&S
• Resources can include HR, natural
resources, infrastructure and
technology
• Human resources includes -
diversity, skills and knowledge
85
Section 7 - Support
7.1 Resources
7.1.1 General
7.1.2 People
• must determine and provide people necessary for effective
information of QMS and operations/control of processes.
Section 7 - Support
7.1 Resources
7.1.1 General
7.1.2 People
The organization shall determine, provide and maintain the
infrastructure needed to achieve conformity to product
requirements.
Infrastructure includes, as applicable,
a) buildings, workspace and associated utilities,
b) process equipment (both hardware and software), and
c) supporting services (such as transport, communication or
information systems).
Section 7 - Support
7.1 Resources
7.1.1 General
7.1.2 People
Work environment
The organization shall determine and manage the work environment needed to achieve
conformity to product requirements. A suitable environment can be a
combination of human and physical factors, such as:
a) social (e.g. non-discriminatory, calm, non confrontational);
b) psychological (e.g. stress-reducing, burnout prevention, emotionally protective);
c) physical (e.g. temperature, heat, humidity, light, airflow, hygiene, noise).
These factors can differ substantially depending on the products and services provided

Section 7 - Support
7.1 Resources
7.1.1 General
7.1.2 People
• determine resources needed to ensure valid and reliable monitoring
and measuring results resources must be suitable for the activity
and maintained as fit for purpose evidence of fit for purpose must
be retained other requirements for measuring equipment
unchanged.
Section 7 - Support
7.1 Resources
7.1.1 General
7.1.2 People
• clause required to determine, maintain and make available the
knowledge necessary for the operation of its processes and to achieve
conformity of products and services
• particular care required for changing need and trends.
7.1.6 Organisational Knowledge
Note:
• organisational knowledge can include information such as intellectual
property and lessons learned
• may consider:
─ internal sources (eg learning from failures and successful projects,
capturing undocumented knowledge and expert experience)
─ external sources (eg standards, training, conferences, knowledge
from customers or providers).
Section 7 - Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
a) determine the necessary competence for personnel performing work affecting conformity to product
requirements,
b) where applicable, provide training or take other actions to achieve the necessary competence,
c) evaluate the effectiveness of the actions taken,
d) ensure that its personnel are aware of the relevance and importance of their activities and how they
contribute to the achievement of the quality objectives, and
e) maintain appropriate records of education, training, skills and experienceremoval of providing ‘training’ to
‘competence’ Criteria for each role
f) must now evaluate the effectiveness of action taken to address competence
g) Workers evaluated periodically to ensure continued competence for their roles
documented information (record) must be obtained, retain of competence.

Section 7 - Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
• specific clause for awareness
• Aspect Impact
• must be aware of Policy, objectives, contribution to effective QMS/EMS/OH&S
and implication of not conforming with QMS/EMS/OH&S.
• Implication of not conforming with OH&S requirements
• Information and outcomes of investigations of relevant incidents
• OH&S hazards and risk relevant for them
Section 7 - Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
• much expanded clause for communication
• must now determine what will be communicated internally and
externally about the QMS/EMS/OH&S, when, to whom, how and by
whom.
• Environmental parameter
7.4 Communication
7.4 Communication
• Determine the need for internal or
external information and
communication relevant to
QMS/EMS/OH&S What , when, who
and when it will inform and
communicate
• Who – internally, externally with
interested parties, contractors or
visitors to the workplace
• how it will received, maintain
documented information and respond
to relevant communications
95
Section 7 - Support
7.5.1 General
7.5.2 Creating and updating
7.5.3 Control of documented information
• QMS/EMS/OH&S needs documented information required by the
Standard and as determined by the organisation
Note: the extent of documented information can differ from one
organisation to another due to its size, activities, processes, products
and services, complexity of processes and their interactions, and the
competence of people.

Section 7 - Support
7.5.1 General
7.5.3 Control of documented information
• documented information requires:
▫ identification and description
▫ format and media
▫ review and approval.
7.5.1 General
7.5.3 Control of documented
information
• Replaces documented
“documentation”, “documented
procedure” and “records”
• Extent and nature of
dependant on complexity of
organisation
• Access by workers of
• Confidentiality of personal
information of workers
98
• Clause where reference to documented
information
• 4.3, 5.2, 5.3, 6.1.1, 6.1.2.2,6.1.3, 6.2.2, 7.2,
7.4, 7.5.1. 7.5.3, 8.1.1., 8.2, 9.1.1, 9.1.2,
9.2.2, 9.3, 10.1 & 10.2
99
Section 8 - Operation

8.1 Operational planning and control
8.2 Requirements for products and
services
8.3 Design and development of
products and services
8.4 Control of externally provided
processes, products and services
8.5 Production and service provision
8.6 Release of products and services
8.7 Control of nonconforming outputs
• covers many of the
Product Realisation
requirements
contained in Clause 7
of the 2008 version
The heart of the
management system
(the business).
• must plan, implement and control processes needed to meet requirements for
the provision of products and services
• must control planned changes and review unintended changes
• any outsourced processes must be controlled.
• similar intent but also includes controlling changes
• also addresses outsourcing processes are controlled
• introduces lifecycle perspective to ensure organisation controls environmental
requirements for the lifecycle of products and services
• must communicate these requirements
• consider transport, delivery, use and final disposal
• documented information is to be maintained as considered necessary by the
organisation.
8.1.1 General
• Implement controls in Clause 6
• Establishing criteria for process(s)
• Implementing control defined in
criteria
• Keeping documented information
• Absence of documented information
could lead to deviations
• Adapting work to workers including
induction of new workers (A 8.1.1)
103
8.1.2 Eliminating hazards and
reducing OH&S risks
• Establish a process and determine
controls for achieving reduction in
OH&S risks using Hierarchy of
Controls;
▫ Eliminate
▫ Substitute
▫ Engineering controls
▫ Administrative controls
▫ Provide and ensure safe use of
PPE
▫ Note provision of PPE at not
extra cost to workers
104

8.2 Requirements for products and services
8.2.1 Customer communication
8.2.2 Determining the requirements for products and services
8.2.3 Review of requirements for products and services
8.2.4 Changes to requirements for products and services
The organization shall determine and implement effective arrangements for
communicating with customers in relation to
a) product information,
b) enquiries, contracts or order handling, including amendments, and
c) customer feedback, including customer complaints.
d) includes communicating with customers about handling and controlling
their property, establishing contingency requirements, when relevant.
8.2 Determination of requirements for products and services
The organization shall determine
a) requirements specified by the customer, including the requirements
for delivery and post-delivery activities,
b) requirements not stated by the customer but necessary for specified
or intended use, where known,
c) statutory and regulatory requirements applicable to the product, and
d) any additional requirements considered necessary by the
organization.plus the organisation must meet the claims of products or
services it offers.
8.2 Determination of requirements for products and services
a) requirements specified by the customer, including the requirements for delivery and post-delivery activities,
b) requirements not stated by the customer but necessary for specified or intended use, where known,
c) statutory and regulatory requirements applicable to the product, and
d) any additional requirements considered necessary by the organization.
e) documented information required on results of the review and any new requirements.
1.) product requirements are defined,
2) contract or order requirements differing from those previously expressed are resolved, and
3) the organization has the ability to meet the defined requirements.
Section 8 - Operation Section 8 - Operation
• 8.1 Operational planning and control
• 8.2 Emergency preparedness and response
• The organisation shall establish and maintain procedures to identify
potential emergency situations and potential accidents that can
have an impact on the environment and how it will respond to them.
It shall respond to actual emergencies and accidents and prevent or
mitigate associated adverse environmental aspects The
organisation shall periodically review and, were necessary, revise its
emergency preparedness and response procedures, in particular,
after the occurrence of accidents or emergency situation
documented information is to be maintained as considered
necessary by the organisation.

8.2 Emergency Preparedness and Response
8.2 Emergency
Preparedness and
Response
• Identify potential emergency situations
• Assess OH&S risks associated with these
• Preventative controls
• Planned response to emergency situations
including provision of first aid
• Periodic testing and exercise of emergency
response capabilities
• Evaluate and revise plans
• Communicate information relevant to their
duties
• Training
• Needs and capabilities of interested parties
• Maintain and retain documented information
109
8.3 Design and development of products and services
• where the detailed requirements of the organisation’s products and
services are not already established or not defined by the customer
or by other interested parties, such that they are adequate for
subsequent production or service provision, the organisation shall
establish, implement and maintain a design and development
process;
8.3 Design and development of products and services…cont
• changes are mainly terminology and simplified wording
• there is, however, a significantly increased focus on the role the
customer has in all stages of the design process
• the need for documented information to confirm appropriateness of all
stages is also clearly stated
• any changes made to design inputs and design outputs during the
design and development must be clearly identified.
8.4 Control of externally provided processes, products and services
8.4.1 General
8.4.2 Type and extent of control
8.4.3 Information for external providers
• changes are mainly terminology and revised wording (ie suppliers
become ‘external providers!’)
• much as before, each stage of the purchasing process, including
evaluation, selection, performance monitoring and re-evaluation remains
a key requirement
• there is a significant increase in the steps needed to control external
provision.

8.5.1 Control of production and service provision
8.5.2 Identification and traceability
8.5.3 Property belonging to customers or external providers
8.5.4 Preservation
8.5.5 Post-delivery activities
8.5.6 Control of changes
• the most significant change is the move of monitoring and measuring
equipment to Section 7
• reference to ‘changes and post delivery activities’ have been strengthened.
8.5.4 Preservation
The organization shall plan and carry out production and service provision under controlled
conditions. Controlled conditions shall include, as applicable,
a) the availability of information that describes the characteristics of the product,
b) the availability of work instructions, as necessary,
c) the use of suitable equipment,
d) the availability and use of monitoring and measuring equipment,
e) the implementation of monitoring and measurement, and
f) the implementation of product release, delivery and post-delivery activities.
The organization shall validate any processes for production and service provision where the
resulting output cannot be verified by subsequent monitoring or measurement and, as a
consequence, deficiencies become apparent only after the product is in use or the service has
been delivered. Validation shall demonstrate the ability of these processes to achieve planned
results. The organization shall establish arrangements for these processes including, as applicable,
a) defined criteria for review and approval of the processes,
b) approval of equipment and qualification of personnel,
c) use of specific methods and procedures,
d) requirements for records and
e) revalidation.
8.5.4 Preservation
Where appropriate, the organization shall identify the product by suitable
means throughout product realization.
The organization shall identify the product status with respect to
monitoring and measurement requirements throughout product
realization.
Where traceability is a requirement, the organization shall control the
unique identification of the product and maintain records

8.5.4 Preservation
The organization shall exercise care with customer property while it is
under the organization's control or being used by the organization. The
organization shall identify, verify, protect and safeguard customer
property provided for use or incorporation into the product. If any
customer property is lost, damaged or otherwise found to be unsuitable
for use, the organization shall report this to the customer and maintain
records
8.5.4 Preservation
The organization shall preserve the product during internal processing
and delivery to the intended destination in order to maintain
conformity to requirements. As applicable, preservation shall include
identification, handling, packaging, storage and protection.
Preservation shall also apply to the constituent parts of a product.
• .
8.5.4 Preservation
• The organization shall meet requirements for post-delivery activities
associated with the products and services. In determining the extent
of post-delivery activities that are required, the organization shall
consider: a) statutory and regulatory requirements; b) the potential
undesired consequences associated with its products and services; c)
the nature, use and intended lifetime of its products and services; d)
customer requirements; e) customer feedback.
8.5.4 Preservation
• specific clause for control of changes to ensure continuing conformity
• documented information must be retained describing the review of
changes and any action arising.

• Establish a process for the
implementation and control of
planned changes
• Changes include:
▫ Work processes
▫ Legalisation
▫ Knowledge and information about
hazards and related OH&S risk
▫ Developments in knowledge and
technology
• Control changes to mitigate against
adverse impact on OH&S
121
8.6 Release of products and services
• must verify that product and service requirements have been meet
and evidence of conformity retained
• release to customer does not proceed until the planned verification
of conformity has been satisfactorily completed, unless otherwise
approved by a relevant authority and by the customer
• documented information to provide traceability to the person(s)
authorising release for delivery to the customer.
8.7 Control of nonconforming outputs
The organization shall ensure that product which does not conform to product
requirements is identified and controlled to prevent its unintended use or delivery. A
documented procedure shall be established to define the controls and related
responsibilities and authorities for dealing with nonconforming product.Where applicable,
the organization shall deal with nonconforming product by one or more of the following
ways:
a) by taking action to eliminate the detected nonconformity;
b) by authorizing its use, release or acceptance under concession by a relevant authority
and, where applicable, by the customer;
c) by taking action to preclude its original intended use or application;
d) by taking action appropriate to the effects, or potential effects, of the nonconformity
when nonconforming product is detected after delivery or use has started.
When nonconforming product is corrected it shall be subject to re-verification to
demonstrate conformity to the requirements.documented information required describing
nonconformity, actions taken, any concessions and authority for taking action.
Section 9 – Performance Evaluation

9.1 Monitoring,
measurement, analysis
and evaluation
9.2 Internal audit
9.3 Management review
Determining what is to be
monitored, measured, analysed
and evaluated will enable the
organisation to determine ‘if the
management system suitable,
adequate and effective ?’
How performance of the QMS
is evaluated.
9.1 Monitoring, measurement, analysis and evaluation
9.1.1 General
9.1.2 Customer satisfaction
9.1.3 Analysis and evaluation
• must determine what needs to be monitored and measured, the
methods for monitoring, measurement, analysis and evaluation, as
applicable, to ensure valid results
• additionally, when the monitoring and measuring is to be performed and
when the results from monitoring and measurement is to be analysed
and evaluated
• retain appropriate documented information as evidence of the results.
9.1.1 General
• performance of the quality management system, the organization
shall monitor information relating to customer perception as to
whether the organization has met customer requirements. The
methods for obtaining and using this information shall be
determined.
• 9.1 Monitoring, measurement, analysis and evaluation
• 9.1.1 General
• 9.1.2 Evaluation of compliance
• frequency of compliance evaluation must be determined
• must understand compliance status
• evidence of compliance evaluation is to be documented.

9.1 Performance monitoring, measurement,
analysis and evaluation
9.1.2 Evaluation of
compliance
• Determine frequency
• Evaluate compliance
• Take action (10.1)
• Maintain knowledge and
understanding of its status
of compliance
• Retain documented
information of results
129
9.1.1 General
• information resulting from monitoring and measuring appropriate
data should be analysed and evaluated
• the results of analysis is to be used to evaluate seven specific
criteria described.
9.2 Internal audit
• split into two sub-clauses
• still at planned intervals
• evidence of internal audits and results must be documented.
• A documented procedure shall be established to define the responsibilities and
requirements for planning and conducting audits, establishing records and
reporting results.
• Competent auditors
• Relevant findings reported to relevant workers
• Take appropriate action to addresses non-conformities and continually improve
its OH&S performance
9.2 Internal audit
• still at planned intervals
• clearer agenda items (inputs)
• evidence of management review results must be documented.

9.3 Management Review
9.3 Management Review
• Additional requirements
• OH&S performance including trends in:
▫ Incidents
▫ Worker participation and outputs of
consultations
▫ OH&S risks, risks and OH&S opportunities
• Relevant communication with interested
parties
• Adequacy of resources for maintaining
effective OH&S
• Actions needed when objectives not
achieved
133
Section 10 - Improvement
10.1 General
10.2 Nonconformity and
corrective action
10.3 Continual improvement
• QMS must continually
improve
• nonconformities must be
identified and reacted to
• corrective action must be
considered
Continual improvement
remains a core focus of the
QMS.
Section 10 – Improvement
10.1 General
10.2 Nonconformity and corrective action
• opportunities for improvement must be determined
• action must be taken to meet customer requirements and enhance
customer satisfaction:
▫ improve products and service
▫ correcting, preventing or reducing undesired effects
▫ improve performance and effectiveness of the QMS.

10.1 General
• nonconformities (including complaints) must be reacted to and applicable
action taken
• root cause analysis must be considered based on its significance
• effectiveness of corrective action must be reviewed
• change QMS if required
• evidence of action taken from nonconformities must be documented
• evidence of results of corrective action must be documented.
10.1 General
• organisations must continually improve the suitability, adequacy and
effectiveness of the QMS
• must consider results of analysis and evaluation, and outputs from
management review.
• 10.1 General
• 10.2 Nonconformity and corrective action
• 10.3 Continual improvement
• nonconformities must be reacted to, applicable action taken and deal
with any mitigation
• root cause analysis must be considered based on its significance
• effectiveness of corrective action must be reviewed
• change EMS if required
• evidence of action taken from nonconformities must be documented
• evidence of results of corrective action must be documented.
• 10.1 General
• 10.2 Nonconformity and corrective action
• 10.3 Continual improvement
• organisations must continually improve the suitability, adequacy and
effectiveness of the EMS to enhance environmental performance.

10.2 Incident, nonconformity and corrective
action
10.2 Incident, non-
conformity and
corrective action
• React to incidents in timely manner
• Take direct action to control and correct
• Evaluate the root cause
• Determine action based on HoC and MoC
• Review of assessment of OH&S risks prior
to taking action (6.1)
• Communicate documented information to
relevant workers
• Note: reporting of incidents without
delay can assist in removal of hazard
141
10.3 Continual
improvement
• Enhance OH&S performance
• Promote a positive OH&S culture
• Promoting the participation of
workers in implementing actions
• Communicate results
• Retain documented information
142
Annex A – Clarification
• information on new structure, terminology and concepts.
Annex B – Other (informative)
• other international standards on quality management
and quality management systems developed by
ISO/TC 176.

Summary of Changes
• better format and ease for integration
• increased emphasis of achieving value
• enhanced leadership requirements
• risk based thinking
• documentation requirements
• interested parties.
Any Questions?

FINAL IMS PPT - Read-Only - Compatibility Mode.pdf

More Related Content

Similar to FINAL IMS PPT - Read-Only - Compatibility Mode.pdf (20)

Recently uploaded (20)

FINAL IMS PPT - Read-Only - Compatibility Mode.pdf