Welcome

Welcome!
Thanks for visiting this blog. Please share information about this blog among your friends interested in ISO 9001:2015 QMS Awareness.
- Keshav Ram Singhal
krsinghal@rediffmail.com
keshavsinghalajmer@gmail.com
Blog on 'Quality Concepts and ISO 9001: 2008 Awareness' at http://iso9001-2008awareness.blogspot.in

Academic comments are invited. Please join this site. Reproduction of articles from this blog is encouraged, provided prior information is provided. Please give credit to the blog and the writer, and also send a copy of the published material to the editor of the blog.

Various information, quotes, data, figures used in this blog are the result of collection from various sources, such as newspapers, books, magazines, websites, authors, speakers, information from google search, ChatGPT (a large language model trained by OpenAI), Gemini Google, Bing Copilot and other AI tools etc. Unfortunately, sources are not always noted. The editor of this blog thanks all such sources.

Encouragement Support - Please become a member of NCQM - National Centre for Quality Management

People from following (more than 90) countries/economies have visited this blog: Albania, Algeria, Argentina, Australia, Austria, Azerbaijan, Bahamas, Bahrain, Bangladesh, Belgium, Bosnia and Herzegovina, Brazil, Bulgaria, Burundi, Cambodia, Canada, Chile, China, Colombia, Croatia, Denmark, Ecuador, Egypt, Estonia, Ethiopia, European Union, Finland, France, Georgia, Germany, Gibraltar, Greece, Hong Kong, Iceland, India, Indonesia, Ireland, Israel, Italy, Japan, Kenya, Luxembourg, Lebenon, Macedonia, Malawi, Malaysia, Malta, Mauritius, Mexico, Moldova, Monaco, Morocco, Myanmar, Namibia, Nepal, Netherlands, Nigeria, Oman, Pakistan, Peru, Philippines, Poland, Portugal, Qatar, Romania, Russia, Saudi Arabia, Serbia, Seychelles, Singapore, Slovakia, Slovenia, South Africa, South Korea, Spain, Sri Lanka, Sudan, Sweden, Taiwan, Tanzania, Thailand, Trinidad and Tobago, Tunisia, Turkey, Uganda, Ukraine, United Kingdom, United Arab Emirates, United States, Venezuela, Vietnam, Yemen, Zimbabwe.

Saturday, August 29, 2015

Outsourcing or Externally Provided Processes, Products, Services and Property in ISO 9001:2015




Keshav Ram Singhal

'Outsourcing' is an important external source activity for an organization. 'Outsource' can be defined as 'making an arrangement where an external organization performs part of the organization's role, function or process (interrelated and interacting activities).

ISO 9001:2008 QMS standard however mentioned requirements to ensure controls over outsource process, but it was not specific on the externally provided products and services. According to ISO 9001:2008 QMS standard, where an organization chooses to outsource any process, the organization needs to ensure control over such process.

Forthcoming ISO 9001:2015 QMS standard not only deals with externally provided process or processes, but it also mentions detailed requirements of the control on externally provided processes, products, services and property. There may be situations, when:
(i) outsource products and services are intended for incorporation into the organization's products and services,
(ii) an external provider on behalf of the organization provides products and services directly to the customer,
(iii) an external provider provides a process or part of a process to the organization,
(iv) an external provider provides its property for use or incorporation into the organization's products and services.

With respect to the externally provided processes, products, services and property, requirements mentioned in following clauses are relevant:
Clause 8.4 - Control of externally provided processes, products and services
Clause 8.5.3 - Property belonging to customers or external providers

According to the requirements of forthcoming ISO 9001:2015 QMS standard, an organization needs to carry out the following activities:

Consider
(i) Potential impact of externally provided processes, products and services on the organization's ability to meet requirements (customer and legal)
(ii) Effectiveness of the controls applied by external providers

Determine
(i) Controls to be applied to the externally provided processes, products and services
(ii) Criteria for the evaluation, selection, performance monitoring and re-evaluation of external providers
(iii) Verification and other activities to ensure that externally provided processes, products and services meet requirements

Ensure
(i) Externally provided processes, products and services conform to requirements
(ii) Externally provided processes, products and services remain with the organization's control
(iii) Adequacy of requirements to be communicated to the external providers

Define
Controls to be applied to
(i) External providers, and
(ii) Resulting output

Communicate to the external providers adequate requirements for the
(i) Processes, products and services
(ii) Approval of products and services
(iii) Approval of methods, processes and equipment
(iv) Release of products and services
(v) Required competence (including qualification)
(vi) External providers' interactions with the organization
(vii) Control and monitoring of the external providers' performance to be applied
(viii) Verification and validation activities to be performed at the external providers' premises by the organization or its customers

Apply
Determined controls, criteria and other activities


Controls on external providers' property

The organization is also required to exercise care with the property (such as material, components, tools, equipment, premises, intellectual property and personal data) belonging to the external providers while the same is under the organization's control or being used by the organization. The organization needs to identify, verify, protect and safeguard the property provided for the use or incorporation into the products and services.

When any property belonging to an external provider is lost, damaged or otherwise found to be unsuitable for use, the organization must (i) report the same to the external provider, and (ii) retain documented information of the same.

Please note:
International Organization for Standardization (ISO) has released ISO/FDIS 9001:2015 for voting to be completed on 9 September 2015 and thereafter ISO 9001:2015 QMS standard will be published. This article is based on the draft versions of the forthcoming standard and there may be some changes after the final standard is published.