2. LEARNING OBJECTIVES
Understand
Understand the basic
concepts and
terminology of ISO
9001:2015
Identify
Identify approaches to
implement the
requirements of ISO
9001:2015
Appreciate
Appreciate the
significance of
organizational context,
leadership and
adopting a risk-based
approach in process
management
Create
Create an action plan to
prepare for
implementation and
certification
3. WHAT ‘ISO’ IS
World’s largest developer of voluntary
international standards
Central Secretariat in Geneva, Switzerland
- An independent, non-governmental
organization
Operations began in February 1947 -
Membership of national standards bodies
of 162 countries
Since then around 20,500 International
Standards have been developed covering
almost all aspects of technology and
business
3
4. ISO 9000 SERIES
ISO 9001:2015
• sets out the
requirements
of a quality
management
system
ISO 9000:2015
• covers the
basic concepts
and language
ISO 9004:2009
• focuses on how
to make a
quality
management
system more
efficient and
effective
ISO
19011:2018
• sets out
guidance on
internal and
external audits
of quality
management
systems
5. ISO 9001 REVISIONS
INSERT TOPIC HERE 5
1987
First published
1994
First revision
2000
Second revision
2008
Third revision
2015
Fourth and the latest revision (Fifth
edition)
6. ISO 9001:2015 CERTIFICATION – HIGH LEVEL PROJECT PLAN
Nov
August
August
Dec.
Jan.
1. Management
Commitment
2. Organizational
Preparation
3. Process Designing, Analysis
and Implementation
4. Internal Assessment and
Review
5. External Assessment
6. Continual Improvement
Ongoing Activity
06 Months approx.
Start
• Finalization of Certification Project Plan, Kick-off Meeting & Core team
(Quality Leaders / Champions) Selection
• Team Orientation and Process / Scope Identification
• Development & Implementation of Quality Frameworks, Polices,
Manuals, System & Functional SOPs / WI / RISK / KPIs / Templates to
meet ISO 9001:2015 Requirements
• Internal Compliance/KPIs Monitoring, Internal
Audits, Management Review, Corrective and
Preventive actions.
• Transition Audit by Certification
Body & Annual Re-assessment.
8. VERBAL FORMS - EXPLAINED
“shall” indicates a requirement (needs to be done)
“should” indicates a recommendation
“may” indicates a permission
“can” indicates a possibility or a capability
9. 4 CONTEXT OF THE ORGANIZATION
4.1 Understanding the organization and its context
Identify, monitor and review external and internal issues that are relevant to the purpose of
organization and that can have an impact on the effectiveness of its quality management system.
4.2 Understanding the needs and expectations of interested parties
Determine the interested parties that are relevant to the quality management system and the
requirements of these interested parties.
10. 4 CONTEXT OF THE ORGANIZATION
4.3 Determining the scope of the quality management system
Scope will be established considering:
external and internal issues
requirements of interested parties
products and services of the organization
Justification in case a requirement of the standard cannot be applied
Context of OrganizationContext of the Organization.docx
11. 4.4 QUALITY MANAGEMENT SYSTEM AND ITS PROCESSES
Regarding the processes needed for the QMS, the organization is required to:
a)determine the inputs required and the outputs expected
b)determine the sequence and interaction of the processes
c)determine and apply the criteria and methods (including monitoring, measurements and related
performance indicators)
d)determine the resources needed and ensure their availability
e)assign responsibilities and authorities for these processes
f)address the risks and opportunities
g)evaluate the processes and implement any changes to achieve intended results
h)improve the processes and the QMS
13. PROCESS APPROACH
The key aspect of ‘Process Approach’ is actually understanding a process and it’s component
parts, i.e.
What are the inputs?
Who does the work?
What with?
How do they do it (and how monitored)?
What is the objective/target of the process?
What are the outputs?
What other processes support this process
Process Approach1. Sample Process Matrix.doc
14. 5 LEADERSHIP
‘Management Responsibility’ now becomes ‘Leadership’
Top Management need to demonstrate engagement in key QMS activities
A number of QMS requirements placed under the head of Leadership including the following:
accountability for the effectiveness of the QMS
quality policy and quality objectives are established
integration of the QMS requirements into the organization’s business processes
promoting the use of the process approach & risk based thinking.
resources needed for QMS are available
promoting improvement
supporting other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility.
15. 5 LEADERSHIP
5.1.2 Customer focus
Top management shall demonstrate leadership and commitment with respect to customer focus by
ensuring that:
a. customer and applicable statutory and regulatory requirements are determined, understood and
consistently met
b. risks & opportunities that can affect conformity of products and services and the ability to enhance
customer satisfaction are determined
c. focus on enhancing customer satisfaction is maintained.
16. 5 LEADERSHIP
5.2 Quality policy
Top management shall establish, review and maintain a quality policy that:
is appropriate to the purpose and context of the organization,
provides framework for setting of quality objectives,
includes commitment to satisfy applicable requirements.
Includes commitment to continual improvement of the QMS.
The policy shall be communicated to relevant interested parties.
17. 5 LEADERSHIP
5.3 Organizational roles, responsibilities and authorities
Top management shall assign the responsibility and authority for:
ensuring that the quality management system conforms to the requirements of this International
Standard,
ensuring that the processes are delivering their intended outputs,
reporting on the performance of QMS and opportunities for improvement, in particular to top
management,
ensuring promotion of customer focus throughout the organization,
ensuring that the integrity and effectiveness of the quality management system is maintained.
18. 6 - PLANNING
6.1 Actions to address risks and opportunities
Determine the risks and opportunities that can impact QMS, considering the organization’s
context and requirements of interested parties
Risk management methodology to be decided
Actions taken to address risks and realize opportunities
It is advisable for the risk assessments to be carried out by a team so that there are inputs from the functions that
could be affected.
19. WHAT IS “RISK-BASED THINKING”?
Risk-based thinking is something we all do automatically and often sub-consciously
The concept of risk has always been implicit in ISO 9001 – this revision makes it more explicit and
builds it into the whole management system
Risk-based thinking is already part of the process approach
Risk-based thinking makes preventive action part of the routine
Risk is often thought of only in the negative sense, risk-based thinking can also help to identify
opportunities - this can be considered to be the positive side of risk
20. WHAT SHOULD WE DO?
Analyze and prioritize the risks and
opportunities in your functional processes
What is acceptable?
What is unacceptable?
Plan actions to address the risks
How can I avoid or eliminate the risk?
How can I mitigate the risk?
Implement the plan – take action
Check the effectiveness of the actions – does it
work?
Learn from experience – continual
improvement
21. Descriptio
n
Rati
ng
Description
Major Non-
Conformanc
e
5
Cancelation of registration/affiliation,
Cancelation of Certification (Hold Certification
until Non Conformance is not removed), and/or
Legal action against organization.
Minor Non-
Conformanc
e
4
Compliance to procedures will get affected,
Warnings from regulatory authorities, and
interested parties satisfaction level will
decrease.
Opportunity
for
Improveme
nt
3 Objectives and Targets will not be achieved.
Acceptable 2
Slight effect on Quality Management System or
Quality of Services
Negligible 1
No Effect on Quality Management System or Quality
of Services
Risk Identification Chart
Rating Description Description
5 Almost Certain If activity occurs on Daily / Hourly basis
4 Likely If activity occurs on Weekly or Monthly basis
3 Possible If activity occurs on bi-annually basis
2 Unlikely If activity occurs on annually basis
1 Rare If activity occurred or can occur once in history
‹---
CO
NS
EQ
UE
NC
E--
-›
5
5 10 15 20 25
17-25 Unacceptable
Stop Activity & Make Immediate Improvements
4 4 8 12 16 20 10-16 High Risk
Look to Improve within specified time scale
3 3 6 9 12 15 5-9 Moderate Risk
Look to Improve at next review
2 2 4 6 8 10 3-4 Very Low Risk
Ensure controls are maintained
1 1 2 3 4 5 1-2 Acceptable Risk
No Further Action Required
1 2 3 4 5
Risk Scoring = Likelihood score (L) × Consequence score (C)
Risk Assessment Matrix Risk Category
Consequence (C )
Likelihood (L) score
22. 6 PLANNING
6.2 Quality objectives and planning to achieve them
Measureable quality objectives to be established at relevant functions, levels
and processes
be relevant to conformity of products and services and the enhancement of
customer satisfaction
be monitored, communicated and updated as appropriate
23. Quality Objectives & Action Plans
Department: Lab
Respective Section: Common for all sections
Objective No.: IDC-QO-01-2018
Objective Statement: Improve the Patient Satisfaction Level up to 95% by end of December 2018
Accountability & Responsibility: CEO/Director Lab & Manager Laboratory
Action Plan:
6 PLANNING
Action Step Description
(What will be Done)
Responsibility / Performer Key Resources & Support Needs
Target
Timelines for
Completion
Desired Outcome
(Targeted Value)
Monitoring &
Evaluation
Steps
Related Record
Team Discussion & Way Forward
Manager Lab & Functional
Heads
Management Plan and Approval of Key
Tasks. Admin Support
May 2018 Finalized Plan
Monthly
review
QOHB/Reports
Monitoring, Analysis and Reduction in number of
errors at registration / accession / phlebotomy
Supervisor Lab /
Phlebotomist
IT support /
Monitoring Tool / Training / New
Administrative Initiatives
June 2018 Reports / Stats
Monthly
review QOHB/Reports
Monitoring and improvement of examination
processes efficiency to achieve 99% reporting in
due time
Supervisor Lab / Lab Tech. IT support /
Monitoring Tool / Training / New
Administrative Initiatives
Aug 2018
Reports /
Stats
Monthly
review QOHB/Reports
Reduce the error in report / number of corrected
reports <01%
Supervisor Lab / Lab Tech.
IT support /
Monitoring Tool / Training / New
Administrative Initiatives
Sept. 2018
Reports /
Stats
Monthly
review QOHB/Reports
Improve timely and accurate retrieval of the
stored samples up to 90% in 1 hours & 100% in 2
hours
Supervisor Lab / Lab Tech.
IT support /
Monitoring Tool / Training / New
Administrative Initiatives
Sept. 2018
Reports /
Stats
Monthly
review QOHB/Reports
Monitor %age of urgent examinations reporting
in due time
Supervisor Lab / Lab Tech.
IT support /
Monitoring Tool / Training / New
Administrative Initiatives
Sept. 2018
Reports /
Stats
Monthly
review QOHB/Reports
Monitor %age of complaints resolved in due
time
Sales & Marketing
IT support /
Monitoring Tool / Training / New
Administrative Initiatives
Sept. 2018
Reports /
Stats
Monthly
review QOHB/Reports
Finalize the above action stats and presentation
of report the management
Manager Lab
IT support /
Monitoring Tool / Training / New
Administrative Initiatives
Sept. 2018
Reports /
Stats
Monthly
review QOHB/Reports
24. 6 PLANNING
6.3 Planning of changes
Changes to the QMS shall be carried out in a planned and systematic manner considering:
the purpose of the change and its potential consequences
the integrity of the quality management system
the availability of resources
the allocation or reallocation of responsibilities & authorities
25. 7 SUPPORT : 7.1 RESOURCES
7.1.1 General
The organization shall determine and provide the resources for an effective QMS
considering:
a) the capabilities of, and constraints on, existing internal resources
b) what needs to be obtained from external providers
26. 7 SUPPORT : 7.1 RESOURCES
7.1.2 People
The organization shall provide persons for an effective QMS considering customer and
applicable statutory and regulatory requirements.
27. 7 SUPPORT : 7.1 RESOURCES
7.1.3 Infrastructure
Determine, provide and maintain infrastructure including:
building and associated utilities
equipment including hardware and software
transportation
information and communication technology
28. 7 SUPPORT : 7.1 RESOURCES
7.1.4 Environment for the operation of processes
“Work environment” now becomes “environment” necessary for the operation of processes
Environment for the operation of processes can include physical, social, and psychological
factors
29. 7 SUPPORT : 7.1 RESOURCES
7.1.5 Monitoring and measuring resources
Monitoring and measuring ‘equipment’ now becomes ‘resources’ which includes humans as well
Monitoring and measuring equipment to be calibrated at specified intervals against (national
or international) traceable standards
Provided resources are suitable for the specific type of monitoring & measurement activities
being undertaken
Equipment are identified in order to determine their status
Equipment shall be safeguarded from adjustments, damage or deterioration that would
invalidate the calibration status & subsequent measurement results.
30. 7 SUPPORT : 7.1 RESOURCES
7.1.6 Organizational Knowledge
Determine the knowledge necessary for the
operation of processes and to achieve
conformity of products and services
This knowledge shall be maintained, and
made available to the extent necessary
31. 7 SUPPORT
7.2 Competence
No significant change here, however, existing system needs to be reviewed in order to
ensure that:
competence requirements are established for person(s) doing work under the control of the
organization that affects its quality performance
actions are taken to acquire the necessary competence, and their effectiveness evaluated
Applicable actions can include, for example, the provision of training to, the mentoring of, or the re-assignment of currently employed
persons; or the hiring or contracting of competent persons
32. 7 - SUPPORT
7.3 Awareness
Now a separate clause and covers all persons doing work under organization’s control. Persons
will be aware of:
Quality policy
Relevant quality objectives
Their contribution to the effectiveness of the quality management system, including the benefits of
improved performance
The implications of not conforming with the quality management system requirements
33. 7 SUPPORT
7.4 Communication
Explicit requirements on both internal and external communication processes:
a)on what it will communicate
b)when to communicate
c)with whom to communicate
d)how to communicate
e)who communicates
34. 7 SUPPORT
7.5 Documented information
All sort of documentation (manual, procedures and records) now replaced with the term
‘documented information’
Requirements now explained with more clarity including very much needed aspects like
medium of documents and confidentiality
Contd.
35. 7.5 DOCUMENTED INFORMATION
identification and description of documented information (e.g. a title, date, author, or reference
number)
format (e.g. language, software version, graphics) and media (e.g. paper, electronic)
available and suitable for use, where and when it is needed
adequately protected (e.g. from loss of confidentiality, improper use, or loss of integrity)
distribution, access, retrieval and use
storage and preservation, including preservation of legibility
other requirements remain the same as in ISO 9001:2008.
37. 8 OPERATION
8.1 Operational planning and control
‘Planning of product realization’ replaced with ‘Operational planning and control’
Requirements generally remain the same as in ISO 9001:2008 but now with more
emphasis on process approach
38. 8 OPERATION
8.1 Operational planning and control
determine requirements for products & services
establish criteria for the processes and the acceptance of products & services
determine resources
implement control of the processes in accordance with the criteria
determine / maintain / retain documented information
39. 8 OPERATION
8.2 Requirements for products and services
8.2.1 Customer communication
The organization shall establish processes for communicating with customers for:
providing information relating to products and services
handling enquires/orders/contracts, including changes
obtaining customer feedback including complaints
handling or controlling customer property
establishing specific requirements for contingency actions
40. 8 OPERATION
8.2.2 & 8.2.3 Determination and review of requirements
The organization shall determine the requirements for the products and services to be offered to
customers
Product and service requirements include those considered necessary by the organization,
applicable statutory and regulatory requirements, those of customers and interested parties
The organization shall ensure that it has the ability to meet the requirements, by conducting a
review, before making any commitment
41. 8.3 DESIGN AND DEVELOPMENT OF PRODUCTS
AND SERVICES
Organization shall establish, implement and maintain a design and development
process including the following aspects:
Planning
Inputs
Controls (reviews, verification and validation activities)
Outputs
Changes
42. 8.4 CONTROL OF EXTERNALLY PROVIDED PRODUCTS
AND SERVICES
The standard requires to apply controls to the following types of externally provided
products and services:
a)products and services provided by external providers for incorporation into the
organization’s own products and services
b)products and services provided directly to the customer(s) by external providers on
behalf of the organization
c)a process or part of a process is provided by an external provider as a result of a
decision by the organization to outsource a process
43. 8.4 CONTROL OF EXTERNALLY PROVIDED PRODUCTS
AND SERVICES
Type and extent of control will depend upon the potential impact of the externally provided processes,
products and services on the organization’s processes, products and services
Processes of the organization which have been outsourced to an external provider shall remain within the
control of the organization’s quality management system
The organization shall communicate complete information to external providers regarding the processes,
products and services to be provided
Criteria to be established for evaluation, selection, performance monitoring and re-evaluation of external
providers
44. 8.5 PRODUCTION AND SERVICE PROVISION
8.5.1 Control of production and service provision
Previous clauses 7.5.1 and 7.5.2 have been combined in this one clause with the following aspects:
products and services criteria and standards
documented information that defines the activities to be performed (previously work instructions)
suitable infrastructure, process environment and suitable monitoring and measuring resources
appointment of competent persons
validation and revalidation of special processes
implementation of actions to prevent human error
implementation of release, delivery & post delivery activities
45. 8.5 PRODUCTION AND SERVICE PROVISION
8.5.2 Identification and traceability
Requirements remain the same as in ISO 9001:2008, however, the term ‘product’ is now
replaced by ‘process output’
Process outputs are the results of any activities which are ready for delivery to the
organization’s customer or to an internal customer (e.g. receiver of the inputs to the next
process); these may include products, services, intermediate parts, components, etc.
46. 8.5 PRODUCTION AND SERVICE PROVISION
8.5.3 Property belonging to customers or external providers
Customer property now extended with property of external providers. Property
further explained as:
Property can include materials, components, tools and equipment, premises, intellectual
property and personal data.
47. 8.5 PRODUCTION AND SERVICE PROVISION
8.5.4 Preservation
Again the term ‘product’ is replaced by ‘process output’. Scope of preservation now
explained in the form of following note, previously part of the clause:
“Preservation can include identification, handling, contamination control, packaging,
storage, transmission or transportation, and protection”
48. 8.5 PRODUCTION AND SERVICE PROVISION
8.5.5 Post-delivery activities (New clause)
The organization shall meet requirements for post-delivery activities associated with the products and services.
In determining the extent of post-delivery activities that are required, the organization shall consider:
a)statutory and regulatory requirements
b)the potential undesired consequences associated with its product & services
c)the nature, use & intended lifetime of its products & services
d)customer requirements
e)customer feedback
NOTE: Post-delivery activities can include actions under warranty provisions, contractual obligations such as maintenance services, and supplementary services
such as recycling or final disposal.
49. 8.5 PRODUCTION AND SERVICE PROVISION
8.5.6 Control of changes
(New clause)
The organization shall review and control
changes essential for production or service
provision, to the extent necessary to ensure
continuing conformity with requirements.
The organization shall retain documented
information describing the results of the
review of changes, the person(s) authorizing
the change, and any necessary actions
arising from the review.
50. 8.6 RELEASE OF PRODUCTS AND SERVICES
Previous clause (as in ISO 9001:2008) ‘Monitoring and measurement of product’
rephrased as ‘Release of products and services’ with no change in requirements.
51. 8.7 CONTROL OF NONCONFORMING OUTPUTS
Take appropriate action based on the nature of the nonconformity and its
effect on the conformity of products and services
This would also include the scenario when nonconformity detected after
product delivery, during or after service provision
Retain records
52. 9.1 MONITORING, MEASUREMENT, ANALYSIS
AND EVALUATION
9.1.1 General
The organization shall determine:
a)what needs to be monitored and measured
b)the methods for monitoring, measurement, analysis and evaluation needed to ensure valid results
c)when the monitoring and measuring shall be performed
d)when the results from monitoring and measurement shall be analyzed and evaluated
53. 9.1 MONITORING, MEASUREMENT, ANALYSIS
AND EVALUATION
9.1.2 Customer satisfaction
The organization shall monitor customers’ perception of the degree to which their
needs and expectations have been fulfilled.
Methods for obtaining, monitoring and reviewing this information shall be determined
54. 9.1 MONITORING, MEASUREMENT, ANALYSIS
AND EVALUATION
9.1.3 Analysis and evaluation
Appropriate data and information arising from monitoring and measurement shall
be analyzed. The results of analysis shall be used to evaluate:
conformity of products and services
degree of customer satisfaction
performance and effectiveness of QMS
effective implementation of planning
performance of external provider(s)
effectiveness of actions taken to address risks & opportunities
need for improvement to the QMS
55. 9.2 INTERNAL AUDIT
The organization shall:
conduct audits at planned intervals
have detailed audit programme(s)
define criteria and scope for each audit
provide competent auditors
ensure impartiality
ensure reporting of results to relevant management
take appropriate corrections and corrective actions without undue delay
retain documented information
Internal auditors should be trained on the process approach, risk assessment etc.
56. 9.3 MANAGEMENT REVIEW
Input requirements have been enhanced and made more explicit, including:
changes in external and internal issues that are relevant to the QMS
information on the performance and effectiveness of the QMS, including trends in:
- feedback from relevant interested parties
- performance of external providers
- monitoring and measurement results
adequacy of resources
the effectiveness of actions taken to address risks and opportunities
57. 9.3 MANAGEMENT REVIEW
Outputs of the management review shall include decisions and actions related to:
a)opportunities for improvement
b)any need for changes to the QMS
c)resource needs
Documented information to be retained
58. 10 IMPROVEMENT
10.1 General (New clause)
‘Continual improvement’ now modified as ‘improvement’ - more broader concept
The new approach includes:
a)improving products and services to meet requirements as well as to address future needs and expectations
b)correcting, preventing or reducing undesired effects
c)improving the performance and effectiveness of the QMS
Note: Improvement can be effected reactively (corrective action), incrementally (continual improvement), by step change (breakthrough), creatively
(innovation) or by re-organization (transformation).
59. 10 IMPROVEMENT
10.2 Nonconformity and corrective action
More explicit requirements given with respect to handling a nonconformity, the changes include:
take action to control and correct it (correction)
deal with the consequences
evaluate the need for action to eliminate the cause(s) of the nonconformity, in order that it does not
recur or occur elsewhere
update risks and opportunities determined during planning
make changes to the quality management system, if necessary
60. 10 IMPROVEMENT
10.3 Continual improvement
The organization shall continually
improve the suitability, adequacy, and
effectiveness of the quality management
system.
The organization shall consider the
results of analysis and evaluation, and
the outputs from management review, to
determine if there are needs or
opportunities that shall be addressed as
part of continual improvement.
#9:Interested party:
person or organization that can affect, be affected by, or perceive itself to be affected by a decision or activity.
Interested parties can be external and/or internal
