# 04 - A SYNOPSIS ON ISO 9001:2015 - Does ISO 9001:2015 certification assure excellent products and services?

# 04 - A SYNOPSIS ON ISO 9001:2015

Does ISO 9001:2015 certification assure excellent products and services?

While the framework of ISO 9001:2015 QMS is designed to ensure consistency of organization's processes rather than any particular outcome. ISO 9001:2015 certification is not a product or service certification. The certification provides confidence that the organization has a quality management system that demonstrate organization's ability to consistently provide products and services that meet customer and applicable legal requirements and aims to enhance customer satisfaction. ISO 9001:2015 helps an organization to improve its overall performance and provide a sound basis for sustinable development initiatives.

- Keshav Ram Singhal

# 03 - A SYNOPSIS ON ISO 9001:2015 - What is the relationship between ISO 9001:2015 and other quality initiatives?

# 03 - A SYNOPSIS ON ISO 9001:2015

What is the relationship between ISO 9001:2015 and other quality initiatives?

ISO 9001:2015 QMS standard provides a strategic approach that can help an organization to improve overall performance for achieving quality objectives. It provides a sound basis for sustainable development. ISO 9001:2015 provides a road map to implement the quality management system by indicating its requirements. Quality initiatives, such as BPR, CQI, TQM ... and there are many more, help organizations identify what they need to do in order to improve quality, or to provide product/service that meets a particular level of customer satisfaction. TQM is a concept that goes beyond ISO 9001:2015. It needs to be emphasized that ISO 9001 and TQM are not two different alternatives, nor is there any contradiction between them. ISO 9001:2015 QMS provides a strong base on which an organization can build a TQM culture with a focus on the customer involving all employees and demanding continual improvement.

BPR = Business process re-engineering
CQI = Continual quality improvement
TQM = Total quality management

- Keshav Ram Singhal

# 02 - A SYNOPSIS ON ISO 9001:2015 - What is the approach of ISO 9001:2015?

# 02 - A SYNOPSIS ON ISO 9001:2015

What is the approach of ISO 9001:2015?

Instead of certifying the end product or service, ISO 9001:2015 focuses on the system having the process approach and PDCA by which the product or service is produced. The framework underlying ISO 9001:2015 QMS is intended to provide assurance to customers that the product or service they receive from the organization will be consistent in the way in which it addresses enhancement of customer satisfaction. ISO 9001:2015 QMS is based on seven quality management principles, namely customer focus, leadership, engagement of people, process approach, improvement, evidence-based decision making and relationship management. ISO 9001:2015 provides a strong base for the effective application of the system. Designing and implementing a system as per ISO 9001:2015 QMS standard can result in more satisfied customers and more productive staff.

- Keshav Ram Singhal

# 01 - A SYNOPSIS ON ISO 9001:2015 - What does ISO 9001:2015 offer?

# 01 - A SYNOPSIS ON ISO 9001:2015

What does ISO 9001:2015 offer?

ISO 9001:2015 offers some important benefits:
- A single standard applicable to all organizations, regardless of their type or size, or the products and services they provide,
- An internationally consistent standard that supports global trade,
- An standard that requires meeting customer requirements,
- An standard that requires meeting applicable legal requirements,
- An standard that facilitates opportunities to enhance customer satisfaction,
- An standard that addresses risks and opportunities to achieve improved results and preventing negative effects,
- An standard that supports process approach and PDCA
- An opportunity for continual improvement

ISO 9001:2015 can help an organization to improve its overall performance and provide a sound basis for sustainable development initiatives.

ISO 9001:2015 standard can be used by internal and external parties, so an objective third-party verification of the system provides confidence to the organization and its interested parties including customers.

ISO 9001:2015 standard provides a strong base on which an organization can build TQM culture with focus on the customer involving all employees and carrying out continual improvement.

- Keshav Ram Singhal

OPERATION PLANNING AND CONTROL IN ISO 9001:2015 QMS

OPERATION PLANNING AND CONTROL IN ISO 9001:2015 QMS


Operation is the action of functioning of the organization to achieve its objectives.

Clause 8.1 of the standard stipulates requirements to plan, implement and control the operation processes necessary to meet the requirements for organization's products and services, and also consider the actions determined while addressing risks and opportunities, quality objectives and planning of changes as mentioned in clause 6 . Clause 4.4 of the standard also states to determine and implement processes needed for the quality management system. Most of the requirements mentioned in clause 4.4 of the standard support the requirements of clause 8.1.

In order to meet the requirements of clause 8.1, organizations are required to
- plan, implement and control processes,
- implement actions determined (i) to address risks and opportunities, (ii) to achieve quality objectives, and (iii) need for changes,
- determine requirements for products and services,
- establish the criteria for evaluating the processes in order to ensure that organization's processes are performing as expected and producing the intended outputs,
- establish the criteria for acceptance of products and services, so that products and services produced are further checked for meeting requirements for products and services,
- determine the resources needed in order to support operation,
- implement control as per established criteria (during in-process monitoring and measurement and final inspection, monitoring and measurement of the output of the process that may include inspection, test activities etc.,
- control changes planned and outsource processes, if any,
- review consequences of unintended changes and take necessary action to mitigate any adverse effect,
- determine documented information to maintain and retain to the extent necessary, maintain as determined and retained as determined.

What documented information can be determined to maintain?

Although the standard has left this on the organization to determine, however it is suggested to maintain documented information for organization's operational processes, procedures, product/service specifications, work instructions, monitoring and measurement criteria, workflow chart etc., to ensure desired results.

Outsourced processes

Outsourced processes needs to be controlled. In this regard requirements mentioned in clause 8.4 are relevant.


- Keshav Ram Singhal

For details on the Training Handbook on 'ISO 9001:2015 QMS Awareness', please CLICK HERE.

For details on 'Checklist for ISO 9001:2015 QMS', please CLICK HERE.

For Preview of Training Handbook on ISO 9001:2015 QMS Awareness for Management/Engineering Students, please CLICK HERE.

Preview of Training Handbook on ISO 9001:2015 QMS Awareness for Management / Engineering Students

To see the Preview, please CLICK HERE.

TRAINING HANDBOOK ON 'ISO 9001:2015 QMS AWARENESS' FOR MANAGEMENT / ENGINEERING STUDENTS

TRAINING HANDBOOK ON 'ISO 9001:2015 QMS AWARENESS' FOR MANAGEMENT / ENGINEERING STUDENTS

Trainer, Editor and Publisher
KESHAV RAM SINGHAL

Contents

# 01 - An introduction on 'ISO 9001:2015 QMS Awareness' Training to Management / Engineering Students
# 02 - Introduction - Historical background, Standard Development Timeline for ISO 9001:2015
# 03 - Overview of ISO 9001:2015 - Foreword, Introduction, QMS - Requirements Clauses, Scope, Normative references, Terms and definitions
# 04 - Understanding requirements of ISO 9001:2015 QMS standard - Context of the organization (Clause 4), Leadership (Clause 5), Planning (Clause 6), Support (Clause 7), Operation (Clause 8), Performance evaluation (Clause 9), Improvement (Clause 10)
# 05 - Transition Planning
# 06 - Developing and Implementing ISO 9001:2015 QMS
# 07 - ISO 9001:2005 - Quality Management Principles
# 08 - Post-training Test

To see the Preview of the Handbook, please send an email to keshavsinghalajmer@gmail.com.

CREATING AND DEVELOPING A PROCEDURE

Article - Creating and developing a procedure

CREATING AND DEVELOPING A PROCEDURE

ISO 9000:2015 standard defines the term 'procedure'. A procedure is a specified way to: (i) carry out an activity, or (ii) carry out a process that means carry out a set of interrelated or interacting activities that use inputs to deliver an intended result.

A procedure can be written (documented) or not. When a procedure is written (documented), it is usually referred to as a 'documented procedure'.

A documented procedure usually has the following description:
- Title,
- Document number,
- Reference,
- Cross-reference,
- Purpose,
- Scope,
- Responsibility - Who will do what,
- Procedure details - When, where and how to do,
- What resources (materials, equipment, document) will be used,
- How the activity or process will be controlled,
- How to retain documented information for the activity or process carried out

Steps to create and develop a procedure

Step 1 - Determine the need to create and develop a procedure.
Step 2 - Assign responsibility to someone to develop and write the procedure.
Step 3 - The author should - (i) establish the scope of the procedure, (ii) collect and document (write) all relevant information.
Step 4 - The author should prepare a draft by using a simple and easily understood language.
Step 5 - The author or QMSC should circulate the draft to persons concerned to obtain their comments.
Step 6 - The author should incorporate changes (modifications and additions) to the draft and prepare a final draft.
Step 7 - The author or QMSC should submit the final draft to the authority for approval for adequacy prior to issue.
Step 8 - The QMSC should issue the documented procedure for implementation.
Step 9 - Review of the procedure should be done after its implementation for some time (say three to six months) and amend/revise the procedure.
Step 10 - When you observe that the procedure is no longer useful, withdraw the procedure with information to persons and departments concerned.

QMSC = QMS Coordinator
QMS = Quality management system

- Keshav Ram Singhal


For details on the Training Handbook on 'ISO 9001:2015 QMS Awareness', please CLICK HERE.

For details on 'Checklist for ISO 9001:2015 QMS', please CLICK HERE.

Context of the organization - Determining external and internal issues

Context of the organization - Determining external and internal issues

Please read my earlier blog posts in this regard.

I designed a format for this purpose that may be useful.



Thanks,

Keshav Ram Singhal

Build A Risk Culture In Your Organization

Build A Risk Culture In Your Organization

If you wish to build a risk culture, organize a 'Building A Risk Culture Awareness' program (lecture series) in your organization and motivate all employees to answer the question 'What can go wrong at my desk/job function?' Compile information and address all relevant risk issues. This will facilitate in building a risk culture.

Risk-based thinking must be adopted in every organization.

Decision making should be on the basis risk-based thinking. Define unacceptable to desired in every process. Identify and critically prioritize the mechanisms that can influence the behaviour of employees to adopt risk-based thinking. Enforce risk-based thinking in the organization's activities as usual activities. Leaders (top management) need to continually live and breathe the risk-based culture values.

All the best,

Keshav Ram Singhal

ISO published 'Guidance for SMEs wishing to implement ISO 9001:2015 QMS'

ISO published 'Guidance for SMEs wishing to implement ISO 9001:2015 QMS'

International Organization for Standardization (ISO) has published its guidance handbook 'ISO 9001:2015 for Small Enterprises - What to do?' for SME’s wishing to implement ISO 9001:2015 QMS. The guidance handbook includes practical advice and concrete examples tailored specifically for small businesses.

The handbook is written by a group of experts from ISO/TC 176/SC 2, the technical subcommittee that developed ISO 9001:2015 QMS standard. The handbook includes useful information on everything from how to get started right through to guidance for those who choose to seek certification. It includes practical advice on the different ways of approaching a quality management system (QMS) as well as detailed guidance on each clause of ISO 9001:2015 standard.

The handbook can be purchased from national ISO member (BIS in India) or from the ISO Store. For more information, please visit ISO Website.

- Keshav Ram Singhal

ISO published ISO/TS 9002:2016 - Guidelines for application of ISO 9001:2015

ISO News -

ISO published ISO/TS 9002:2016 - Guidelines for application of ISO 9001:2015

International Organization for Standardization (ISO) has published ISO/TS 9002:2016 that has been developed to assist users to apply ISO 9001:2015 QMS standard's requirements.

The title of ISO/TS 9002:2016 is Quality management systems - Guidelines for the application of ISO 9001:2015. This technical specification document provides guidance on each clause of ISO 9001:2015 QMS standard. This document also provides examples of what an organization can do. The examples in this document are not definitive and only represent possibilities, not all of which are necessarily suitable for every organization.

ISO 9001:2015 QMS standard contains requirements that can be objectively audited or evaluated. ISO/TS 9002:2016 does not provide any additional requirements, but ISO/TS 9002:2016 includes examples, descriptions and options that aid both in the implementation of a quality management system and in strengthening its relation to the overall management system of an organization. While the guidelines in this document are consistent with the ISO 9001:2015 quality management system model, they are not intended to provide interpretations of the requirements of ISO 9001:2015 QMS standard or be used for audit or evaluation purposes.

As the requirements of ISO 9001:2015 QMS standard are generic, this document can be used by organizations of all types, sizes, levels of maturity and in all sectors and geographic locations. However, the way an organization applies the guidance can vary based on factors such as the size or the complexity of the organization, the management model it adopts, the range of the organization’s activities and the nature of the risks and opportunities it encounters.

ISO/TS 9002:2016 document can be purchased from national ISO member (BIS in India) or from the ISO Store. For more information, please visit ISO Website.


- Keshav Ram Singhal

RISK MATRIX

Risk Matrix

A Risk matrix is a matrix that is used during risk assessment to define the various levels of risk as the product of the harm probability categories and harm severity categories. This is a simple mechanism to increase visibility of risks and assist management decision making.

Risk Matrix Chart Diagram



Likelihood = How likely is the event of risk to occur
Rare / Very Unlikely = Only in exceptional circumstances
Unlikely = Might occur in future time
Moderate /Possible = Might occur at some time
Likely = Probably occur in most circumstances
Very likely = Almost certain = Expected in most circumstances

Impact = A marked effect or influence
Negligible = No injuries, No damages
Minor = Minor injuries, Minor damages, First aid required
Moderate = Some injuries, Medium damages, Medical help necessary
Major / Significant = Extensive injuries, High damages, Medical help necessary
Extreme / Severe = Death or major injuries, High level damages, Medical help necessary


Note: Above 'Risk Matrix Chart Diagram' is an example. Every organization may have its own Risk Matrix Chart.

ISO 9001 QMS CERTIFICATION WORLDWIDE - ISO SURVEY 2015

ISO 9001 QMS CERTIFICATION WORLDWIDE - ISO SURVEY 2015

International Organization for Standardization (ISO) has released the 2015 results of the ISO Survey, showing the number of certifications to ISO management systems worldwide. The ISO Survey of certifications is an annual survey of the number of valid certificates to ISO management system standards worldwide.

ISO 9001 QMS Certifications results as per ISO Survey 2015 are as under:

Number of ISO 9001 certificates in 2014 - 1,036,321*
Number of ISO 9001 certificates in 2015 - 1,033,936**

Change in comparison to 2014 - (-) 2,385
Change in % - (-) 0.2%

* All certificates in 2014 were issued to ISO 9001:2008
** In 2015 - 1.029,746 Certifications to ISO 9001:2008 + 4,190 Certifications to ISO 9001:2015 = 1,033,936

A total of 1,036,321 certificates were issued to ISO 9001 in 2014 and 1,033,936 certificates (including 4,190 issued to 2015 version) were issued to ISO 9001 in 2015, there has been a slight decrease of 0.2% on 2014 figures.

Top 10 countries

Top 10 countries (with number of certified organizations) for ISO 9001 certifications in 2015 are as under:

China - 292,559
Italy - 132,870
Germany - 52,995
Japan - 47,101
U.K. - 40,161
India - 36,305
U.S.A. - 33,103
Spain - 32,730
France - 27,844
Romania - 20,524

Although there is a slight decrease for ISO 9001 QMS certifications in 2015, however still this is the standard that is being used world-wide.

- Keshav Ram Singhal

Courtesy: ISO Website

RISKS AND OPPORTUNITIES IN ISO 9001:2015 QMS - PROCESS-DIAGRAM

RISKS AND OPPORTUNITIES IN ISO 9001:2015 QMS

PROCESS-DIAGRAM

- Keshav Ram Singhal

For details on the Training Handbook on 'ISO 9001:2015 QMS Awareness', please CLICK HERE.

For details on 'Checklist for ISO 9001:2015 QMS', please CLICK HERE.

World Standards Day 2016

World Standards Day 2016

Each year on 14 October, the members of the IEC, ISO and ITU celebrate World Standards Day. World Standards Day is a means of paying tribute to the collaborative efforts of the thousands of experts worldwide, who develop the voluntary technical agreements that are published as international standards.

The themes of earlier 'World Standards Day' were as under:

World Standards Day 2015 - "Standards - the world's common language"
World Standards Day 2014 - "Standards level the playing field"
World Standards Day 2013 - "International standards ensure positive change"
World Standards Day 2012 - "Less waste, better results - Standards increase efficiency"
World Standards Day 2011 - "International standards - Creating confidence globally"
World Standards Day 2010 - "Standards makes the world accessible for all"
World Standards Day 2009 - "Tackling climate change through standards"
World Standards Day 2008 - "Intelligent and sustainable buildings"
World Standards Day 2007 - "Standards and the citizen: Contributing to society"
World Standards Day 2006 - "Standards: big benefits for small contributors"
World Standards Day 2005 - "Standards for a safer world"
World Standards Day 2004 - "Standards connect the world"
World Standards Day 2003 - "Global standards for the global information society"
World Standards Day 2002 - "One Standard, one test, accepted everywhere"
World Standards Day 2001 - "The environment and standards: close together"
World Standards Day 2000 - "International standards for peace and prosperity"
World Standards Day 1999 - "Building on standards"
World Standards Day 1998 - "Standards in daily life"

The theme of 'World Standards Day 2016' is 'Standards build trust'.

IEC President Dr. Junji Nomura, ISO President Zhang Xiaogang and ITU Secretary-General Houlin Zhao, in their joint message have conveyed the following message on the World Standards Day 2016:

"Standards connect us with reliable modes of communication, codes of practice and trusted frameworks for cooperation. Introducing common interpretations on reciprocal sides of a communication or transaction, standards are essential to mutually beneficial trade and resource efficient international commerce.

Social interaction relies on common respect for fundamental sets of norms, concepts or meanings – international standards codify these norms to ensure that they are accessible to all.

A product or service conforming to an international standard is imbued with a trusted symbol of quality, safety or compatibility. Standards speak to the diversity of our interconnected world, introducing uniformity at the interfaces where we need to be certain that we are speaking on the same terms."

World Standards Cooperation

The World Standards Cooperation is a high-level collaboration between the IEC (International Electrotechnical Commission), ISO (International Organization for Standardization) and ITU(International Telecommunication Union). Under this banner, the three organizations preserve their common interests in strengthening and advancing the voluntary consensus-based International Standards system.

IEC, ISO and ITU have undertaken several initiatives that are organized under the World Standards Cooperation (WSC) banner. Such initiatives include workshops, education and training, and the promotion of the international standards system.

IEC, ISO and ITU believe that International Standards are an important instrument for global trade and economic development. They provide a harmonized, stable and globally recognized framework for the dissemination and use of technologies. They encompass best practices and agreements that encourage more equitable development and promote the overall growth of the Information Society.

International Standards are consensus based and transparent. They invite the contribution of all interested stakeholders through an extensive network of national members. International Standards increase market relevance and acceptance and are the corner stone of global trade and development.

International Organization for Standardization (ISO)

International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 163 national standards bodies. Through its members, it brings together experts to share knowledge and develop voluntary, consensus-based, market relevant International Standards that support innovation and provide solutions to global challenges. ISO has published more than 21000 International Standards and related documents, covering almost every industry, from technology, to food safety, to agriculture and healthcare. ISO International Standards impact everyone, everywhere.

Let us strive to create awareness on standards. Happy 'World Standards Day 2016'.

With best wishes,

- Keshav Ram Singhal

*Courtesy sources*

- ISO Website
- World Standards Cooperation Website

*Please keep visiting my blogs and keep commenting too.*

Blog on "Quality Concepts and ISO 9001:2015 QMS Awareness"

Blog on "Quality Concepts and ISO 9001:2008 QMS Awareness"

Blog on "Senior Citizen Awareness"

Blog on "ISO 9001 QMS Awareness" in Hindi

Blog on "Risk Management Awareness"

Blog on "EMS Awareness"

WHY WE NEED RISK-BASED THINKING?

WHY WE NEED RISK-BASED THINKING?

Please read my earlier articles:
(i) 'DETERMINING AND ADDRSSING RISKS AND OPPORTUNITIES'
(ii) 'A SIMPLE METHOD TO DETERMINE RISKS AND OPPORTUNITIES'.

Why we need risk-based thinking? A general question needs answer. Risk is an inherent part of daily life. Risk also depends on the fragilities and capacities in a system, which are often not manifested until there is a triggering event. Risk may lead to disaster. Risk may be a path to disaster if protective capabilities of the system cannot deal with the negative consequences of the event.



Risk is a dynamic concept as it changes over time as the vulnerabilities or weaknesses in the system or society changing in time. Risk is not static, constant but rather a dynamic term that is constantly adjusting to changing vulnerabilities, weaknesses and hazards.

Risk is a fundamental reflection of the normal life. We calculate and deal with risk in everyday life - wear safety belts to reduce the likelihood of injury, get vaccination to reduce the risk of illness. Life or any system without risk is generally neither possible nor conceivable. Our response to natural and environmental hazards is often influenced by our perception of risk. Sometimes we choose to take a risk, knowing the associated risk. For example, people choose to smoke or drink, knowing the risks associated to their health. Risk perception is influenced by past experience and knowledge. Understanding a risk allows us to make informed decision by weighing the risk of certain activity or process with the benefits or outcomes derived from that activity or process. Without factual information, or with misinformation, we are faced with making an uninformed decision.

Risk-based thinking thus helps us to understand risks through a systematic valuation of determining risks associated in each process or system.

- Keshav Ram Singhal


For details on the Training Handbook on 'ISO 9001:2015 QMS Awareness', please CLICK HERE.
For details on 'Checklist for ISO 9001:2015 QMS', please CLICK HERE.

A SIMPLE METHOD TO DETERMINE RISKS AND OPPORTUNITIES

A SIMPLE METHOD TO DETERMINE RISKS AND OPPORTUNITIES

Please read my earlier article 'DETERMINING AND ADDRSSING RISKS AND OPPORTUNITIES'.

There may be various methods by which an organization can determine its risks and opportunities. My earlier article 'DETERMINING AND ADDRSSING RISKS AND OPPORTUNITIES' provides details of FEMA method, a commonly used method of risk identification and risk analysis.

ISO 9001:2015 QMS standard does not provide any specific procedure or method to determine risks and opportunities. It is for the organization to apply any procedure or method to determine risks and opportunities.

This article provides you a simple method by which, you can identify risks and opportunities associated with all functions and processes in the quality management system of your organization.

Top management of the organization should form a team of identified personnel, well versed with organization's processes and functions, with a coordinator to determine, monitor and review organization's risks and opportunities. The coordinator of the team should design a simple format for identification of risks and opportunities that should have following details:
- Process
- Department
- Risk/potential problem identified
- How critical is the risk/potential problem?
- Is risk acceptable or unacceptable?
- Proposed action to address the risk/potential problem (What should be done?)
- Opportunity identified with relevant details
- Proposed action to address the opportunity, so that it remains an opportunity and not turns to risk (What should be done?)
- Remark, if any

The above parameters are indicative. You can add a few more as per your needs. An illustrative example of the format designed for this purpose is shown in the below figure:




Suitable instructions should be issued to all process owners and department heads of the organization to fill the designed format and submit the same to the coordinator by a given date. For the first time, the management of the organization will set up a target date, but thereafter all process owners and department heads should report new identified risk or opportunity as soon as it comes to their notice. The coordinator of the team should collect relevant data, compile them, discuss with other team members through formal and informal meetings. He should make a summary of determined risks and opportunities with proposed actions and report the same to the top management. The top management of the organization should issue relevant guidelines and instructions within the organization, including department heads and process owners. This activity should not be a one-time activity. The top management and the coordinator need to take proactive active action regularly. Regular reviews (say quarterly or half-yearly) should be done and the author hopes that this simple method will be able to address the determined risks and opportunities in a proactive way.

A few examples of a few risks are mentioned in my earlier article. Here-in-below you will find a few examples about opportunities.

Opportunities

Opportunities lead to progress. Opportunities give assurance that the system can achieve its intended results. Opportunities enhance desirable effects. Opportunities prevent, or reduce, undesired effects. Opportunities achieve improvement.

Examples of opportunities

- NABL certified laboratory within the organization that provides verification and calibration services. Monitoring and measuring resources are verified and calibrated within the organization.
- Particular process is well defined and documented. Dealing person is well aware of the process.
- Learning from the past.
- Organization strives to implement 5-S Practice in the organization.
- Maintenance schedule is monitored and maintained.
- Process workers are trained and well-versed with the associated process.
- Organization provides complete engineering installation and commissioning service to customers.
- Organization provides after sales service support to its customers.
- Excellent team of work force.
- High standard of work culture.
- Use of information technology (IT)

- Keshav Ram Singhal

For details on the Training Handbook on 'ISO 9001:2015 QMS Awareness', please CLICK HERE.
For details on 'Checklist for ISO 9001:2015 QMS', please CLICK HERE.

ISO/TS 16949:2009 Revised: New Standard aligned with ISO 9001:2015 QMS

Awareness News

ISO/TS 16949:2009 Revised

IATF 16949:2016, the automotive quality management system (QMS) standard that’s based on ISO 9001 is published on 3rd October 2016.

IATF 16949:2016 has used the high-level structure of Annex SL. ISO 9001:2015 QMS standard has also used the high-level structure of Annex SL. IATF 16949:2016 is now aligned to ISO 9001:2015 QMS standard. IATF 16949:2016 standard includes the following 10-clause framework:

- Scope
- Normative references
- Terms and definitions
- Context of the organization
- Leadership
- Planning
- Support
- Operation
- Performance evaluation
- Improvement

IATF 16949:2016 standard includes several new requirements, not previously found in automotive standards, such as:

- enhance competency requirements for 1st and 2nd party auditors
- defining a "Whistle Blower" policy in order to report and escalate ethics issues
- a Code of Conduct policy that extends to the individual team member
- an Anti-bribery policy
- an increased focus on managing CSRs (customer-specific requirements)
- continued reduction of waste and variation in the supply chain
- increased focus on safety-related products and processes
- requirements for products with embedded software

All organizations currently certified to ISO/TS 16949:2009 will need to successfully transition to IATF 16949:2016 by 14th September 2018.

- Keshav Ram Singhal

Internal Audit - A Requirement of ISO 9001:2015 QMS Standard

Internal Audit - A Requirement of ISO 9001:2015 QMS Standard

Keshav Ram Singhal

Internal audit is a requirement of ISO 9001:2015 QMS standard. Clause 9.2 of the standard mentions requirements for internal audit, which are summarized hereinbelow:

Purpose - (i) Whether the QMS conforms to requirements of ISO 9001:2015 and requirements determined by the organization, (ii) Whether the QMS is effectively implemented and maintained.

Organization needs to:
Consider - Importance of processes concerned, changes affecting the organization, and results of previous audit(s).

Plan and establish - Audit programme (also include the frequency, methods, responsibilities, planning requirements and reporting)

Define - Audit criteria and scope (for each audit)

Select - Auditors to carry out internal audit (Ensure objectivity and impartiality)

Implement and maintain - Planned and established audit programme

Conduct - Internal audits at planned intervals (Ensure objectivity and impartiability)

Report (to relevant management) - Results of the audit

Take - Appropriate correction and corrective actions at an early date (without undue delay)

Retain documented information - (i) Implementing audit programme, (ii) Audit results

Although maintaining a documented information, describing the internal audit procedure, is not a requirement of the standard, however it is always better if an organization creates, update and maintains a documented information on internal audit describing the audit programme, frequency, methods, responsibilities, planning, conducting, reporting, scope, selection of internal auditors, retaining documented information as evidence etc.

For details on the Training Handbook on 'ISO 9001:2015 QMS Awareness', please CLICK HERE.

For details on 'Checklist for ISO 9001:2015 QMS', please CLICK HERE.

DETERMINING AND ADDRSSING RISKS AND OPPORTUNITIES

DETERMINING AND ADDRSSING RISKS AND OPPORTUNITIES

- Keshav Ram Singhal

One of the key changes in ISO 9001:2015 QMS standard is to establish a systematic approach to consider risks as an integral part of the QMS, rather than to treat 'prevention' as a separate need.

Risk is inherent in all aspects of the QMS. Each action we take has some risk or opportunity. All processes, functions and systems have some risks. Risk-based thinking helps to identify, consider and control all risks.

Risk can be defined as a deviation from the expected. It can be positive or negative. When a student appears in an examination, he may pass or fail depending upon his preparation and studies of the subject. Likewise, in an organization, all processes, functions and systems have some risks.

Earlier version, ISO 9001:2008 QMS standard, has a separate clause on preventive action. But the new version, ISO 9001:2015 QMS standard, uses risk-based thinking, where consideration of risk is integral. It is now a proactive action, rather than to be reactive (as it appeared in the earlier version). With the introduction of risk-based thinking, we need to: (i) determine risks and opportunities in all processes and functions, and (ii) plan and take actions to address risks and opportunities.

Risk-based thinking is something every person does automatically and regularly every day, but sometimes there have been omission in taking the preventive action that may cause an unfortunate incident. When we cross a road, we look to the traffic risk on the road; or when we board a coach of a train, we look that we get into the coach safely. We strive to take proactive action so that unfortunate incident does not happen.

Risk-based thinking was in the earlier version of ISO 9001 as requirements of preventive action, however the new version, ISO 9001:2015 QM standard, builds it into the whole management system from the beginning and throughout the system. Now preventive action, present in risk-based thinking, is inherent to planning, operation, analysis and evaluation activities.

Process approach also includes risk-based thinking.

Risk-based thinking is evident/mentioned in the following Para and clauses of ISO 9001:2015 QMS standard:

- Introduction - This Para explains the concept.
- Clause 4 - Organization needs to address risks and opportunities in accordance with requirements.
- Clause 5 - Top management needs to (i) promote use of risk-based thinking, and (ii) ensure determining and addressing the risks and opportunities that can affect conformity of product/service.
Clause 6 - Organization needs to (i) determine risks and opportunities, (ii) plan actions to address risks and opportunities, (iii) ensure actions taken (to address risks and opportunities) must be in proportionate to the potential impact on product/service conformity.
Clause 7 - Organization needs to determine and provide necessary resources for QMS. Risk is inherent in all aspects of the QMS.
Clause 8 - Organization needs to manage operational processes. Risk is inherent in all aspects of QMS.
Clause 9 - Organization needs to analyze and evaluate data and information with regard to the risks and opportunities. Management review includes consideration of the effectiveness of the actions taken to address risks and opportunities.
Clause 10 - Organization needs to correct/prevent/reduce undesired effects and update risks and opportunities determined during planning.
Since the risk-based thinking is evident in various requirements of ISO 9001:2015 QMS standard, auditors will look to the objective evidence of risk-based thinking during audits, including internal, certification, and surveillance audits.


Benefits of using risk-based thinking

Risk-based thinking:
- promotes proactive culture in the organization that improves organization's governance,
- assists organization to comply legal requirements,
- assures consistency of product/service quality, and
- improves customer confidence and satisfaction.

Using risk-based thinking

First question comes in our mind, how to use risk-based thinking in the QMS. Simple, we need to identify, understand and then address risks. ISO 9001:2015 QMS standard does not provide any specific procedure or method to determine risks and opportunities. It is for the organization to apply any procedure or method to determine risks and opportunities. Risk analysis is the important step of identify potential problems. One commonly used method of risk identification and risk analysis is known as 'Failure Modes and Effect Analysis' (FMEA) that is done during the design of a product or process. The purpose of FMEA is to identify all potential problems that could arise in the product or process, identify how critical is the risk and decide what to do about it.

FMEA process includes four steps -
(i) Identify your risks - It can be done in a brainstorming from different areas of your organization. List all potential problems that could arise. Considering external and internal issues and interested parties (as determined as per clause 4.1 and 4.2 of the standard) will be helpful in identifying the risks.
(ii) Determine how critical each risk is - You should assess the risk against probability of occurrence, severity of occurrence and chance of detection of occurrence. Brainstorm each risk that you identify. What is the probability of risk occurring? What is its impact?
(iii) Rank the risk - You should decide the rank of the risk, whether the risk is acceptable or unacceptable. What is your priority with regard to the risk?
(iv) Determine actions - After understanding the risk, determine your actions, what should be done. What you plan? Plan actions to address the risks. Mention mitigation steps to eliminate or reduce the risks.

FMEA process is simple. It is easy to use. FMEA process gives results that are easy to determine acceptability, and thus provides a framework to assign resources to risk reduction that is easily supported. You should clearly understand that FMEA is a way of dealing risk analysis, and it is in no way mandated by ISO 9001:2015 QMS standard that you must use it. Any method you find useful, relevant and efficient can be used.

After FMEA process, you need to address the risk:
(i) Implement the plan - Take action
(ii) Check the effectiveness of the action
(iii) Improve your action on the basis of check results

Examples of some risk factors

(i) Lack of trained staff - Not aware of procedure, process, task adequately
(ii) Infrastructure - Availability of material in time
(iii) Project goals not clearly defined
(iv) Cultural risk - Employees take leave without prior information, Employer-employee relationship
(v) Changes in legislation
(vi) Theft
(vii) Competition - Entry of too many competitors in the market, market size shrinks
(viii) Poor production process, process not clearly defined
(ix) Inadequate equipment/tools
(x) Poor/unattractive packaging
(xi) Late delivery of incoming materials
(xii) Customer does not provide timely feedback
(xiii) Insufficient test resources
(xiv) Data security
(xv) Workplace safety
(xvi) Material handling
(xvii) Improper use of protective equipment (such as, eye-glass, safety shoes, gloves etc.)
(xviii) Injury to workers due to water/oil leakage

Above list is indicative.

Format for risk identification and determining actions

Design a format for risk identification and determining actions with following columns: (i) Serial number, (ii) Date, (iii)Details of risk identified, (iv) How critical is the risk, (v) Acceptable or unacceptable (vi) Action to address the risk (what should be done?). Ask each department head and process owner to fill the format as soon as a new risk is identified. A copy of this determined information should be sent by the department head and process owner to an authority (say, QMS Coordinator) in the organization, who should consolidate relevant information in a Risk Register and share the information within the organization for the benefit of others.

Risk Register

Maintaining or retaining a Risk Register is not a requirement of ISO 9001:2015 QMS standard. However, maintaining risk register and retaining appropriate data will be a good practice. Risk register may have following columns:
(i) Date
(ii) Details of risk
(iii) Risk type - Classification of risk
(iv) Likelihood of occurrence
(v) Severity of effect
(vi) Actions to be taken to prevent, reduce or transfer risk
(vii) Owner - Who is responsible to take action?
(viii) Status - Current or ended
(ix) Remark

The columns are indicative.

Conclusion

- Risk is inherent in all aspects of the QMS. Each action we take has some risk or opportunity. All processes, functions and systems have some risks. Risk-based thinking helps to identify, consider and control all risks.
- Risk-based thinking helps to improve processes, functions and systems.
- Risk-based thinking implementation helps building an effective quality management system.
- Effectiveness of the actions taken to address risks and opportunities are the inputs to management review.
- Risk-based thinking helps continual improvement that focuses on prevention.
- Auditors will look to the objective evidence of risk-based thinking during audits, including internal, certification, and surveillance audits.



Suggested reading - (i) Guidance document on 'Risk-based thinking in ISO 9001:2015'.published by International Organization for Standardization (ISO)
(ii) ISO 31000:2009, Risk management - Principles and guidelines

For details on the Training Handbook on 'ISO 9001:2015 QMS Awareness', please CLICK HERE.
For details on 'Checklist for ISO 9001:2015 QMS', please CLICK HERE.

Checklist for ISO 9001:2015 QMS

Checklist for ISO 9001:2015 QMS

I have designed a literature 'Checklist for ISO 9001:2015 QMS'. The objective of this literature is to train people and create awareness in order to implement ISO 9001:2015 QMS, carrying out initial survey and carrying out audit (including internal audit). 'Checklist for ISO 9001:2015 QMS' literature (soft copy) is sent by email to the outstation participant. This literature contains more than 350 checklist questions by which you can assess the health of a quality management system (QMS). Sufficient space is provided to mention your compliance notes and remarks. This literature is useful for ISO 9001:2015 QMS Implementation, Initial Survey and Audit Purpose including Internal Audit.

Contents of this literature are as under:

# 01 - Checklist Questions - This section contains 351 questions
# 02 - Internal Audit - A Requirement of ISO 9001:2015 QMS Standard - This section describes internal audit requirements in a summarized form
# 03 - Guidelines for auditing management systems - This section describes overview of ISO 19011:2011 standard
# 04 - Principles of auditing - This section mentions six principles of auditing
# 05 - Don't raise nonconformities against people !!! - This section provides an important guidance for improving the system
# 06 - Adding value to the audit - This section provides valuable tips for the benefit of the auditor including internal auditor, by which the auditor can add value to the audit
# 07 - Information - Training Handbook on 'ISO 9001:2015 QMS Awareness'

If you are interested to see the Preview of this literature, please send an email to keshavsinghalajmer@gmail.com mentioning that you are interested to see the Preview of 'Checklist for ISO 9001:2015 QMS'.

With best wishes,

Keshav Ram Singhal

"ISO 9001:2015 QMS Awareness" Distance Learning Training to Management and Engineering students

"ISO 9001:2015 QMS Awareness" Distance Learning Training to Management and Engineering students

Enhance knowledge.

"ISO 9001:2015 QMS Awareness" Distance Learning Training is available to Management (MBA/BBA) and Engineering (Be/BTech/MTech) students residing in India. Students are allowed a discount of 50% contribution on the Training Handbook. This is available for a limited period up to 30 September 2016. Please CLICK HERE to know the details on the Training Handbook.



Best wishes,

Keshav Ram Singhal

Today's Tweets #09.09.2016

Today's Tweets #09.09.2016

"ISO 9001:2015, self-assessment (SWOT analysis) may be good to determine internal-external issues. Consider all positive/negative factors."

"ISO 9001:2015, self-introspection is good way to determine internal and external issues. Consider all positive and negative factors."

External and internal issues of an organization

External and internal issues of an organization

ISO 9001:2015 QMS standard requires determining external and internal issues that are relevant to the organization's purpose and the organization's strategic direction and that affect the organization's ability to achieve the intended results of the QMS. I have posted an article 'Understanding the organization and its context' at this blog that provide an understanding on the standard's requirements and the suggested method to determine external and internal issues.

In this connection, note given at the end of the requirements of clause 4.1 is relevant. We should understand three basic points - (i) Issues may be positive and/or negative factors/conditions. (ii) External issues may arise from external environment that can be from legal, technological, competitive, market, cultural, social and economic environments. (iii) Internal issues are issues that an organization's people face in the organization due to internal environment. These are the issues related to values, culture, knowledge and performance of the organization.

Some external issues may relate to:

- Government regulations that affect the organization's performance,
- Changes in law that has an impact on the organization,
- Economic shifts in the organization's markets,
- Competition the organization is facing,
- Events (such as business fairs, customers meet etc) that may improve or affect corporate image of the organization,
- Changes in technology (yet not adopted by the organization),
- What others (external interested parties) require from the organization, such as bankers requires timely submission of statement related to hypothecated goods, customer requires timely delivery of the product/service etc.

Some internal issues may relate to:

- Accountability of the people working in the department/ organization - whether defined or not, whether defined adequately or not,
- Coordination with different groups/people/departments in the organization,
- Performance,
- Monitoring of activities,
- Allocation of individual tasks/responsibilities/job specifications,
- Formal reporting relationships,
- Grouping of people/department/processes,
- Communication,
- Delegation of authorities,
- Availability of the procedure for the activity performance, measurement, monitoring, evaluating,
- Product/service offerings,
- Organizational structure (needs changes),
- Policies,
- Assets (such as facilities, property, equipment, technology etc.),
- Capabilities of people,
- Information system within the organization,
- Relationship of people within the organization,
- Organization's culture,
- Standards/industry guidelines/business model adopted by the organization and its awareness among people within the organization,
- Habits of people, such as late coming, leaving early, taking frequent leave from work etc.

Internal context may be anything within the organization that may influence the way in which the organization manages its internal issues.

Best wishes,

Keshav Ram Singhal

For details on the Training Handbook on 'ISO 9001:2015 QMS Awareness', please CLICK HERE.

My organization wishes to move from ISO 9001:2008 to ISO 9001:2015. What to do?

My organization wishes to move from ISO 9001:2008 to ISO 9001:2015. What to do?

As you know, ISO 9001:2015 QMS standard has replaced the earlier version ISO 9001:2008 standard. Most organizations wish to move to new version. Transition period is moving fast. Don't wait for the last moment to come.

Every organization has its unique identity, different from others. You need to make efforts to move to new version.

A Few Tips to Organizations Using ISO 9001:2008 QMS

Tip 1 - Start as early as possible. Transition period is moving very fast. Don't wait for the last moment to come.

Tip 2 - Familiarize yourself with the new standard document. Provide ISO 9001:2015 QMS Awareness training to all those involved in QMS implementation.

Please CLICK HERE to know more about the ISO 9001:2015 QMS Awareness Training.

Tip 3 - Formulate an action plan for upgrading your QMS to ISO 9001:2015 QMS.

Tip 4 - Conduct an initial status survey. Find out any organizational gaps which need to be addressed to meet new requirements of ISO 9001:2015 QMS standard.

Tip 5 - Update your existing QMS to meet revised requirements.

You need to update your quality manual and documentation in line with new version requirement. Guidence on developing documentation based on ISO 9001:2015 is also available, for which you may contant me by sending your email stating your requirements.

Tip 6 - Conduct internal audit to check the effectiveness.

Tip 7 - Conduct management review

Tip 8 - Contact your certification body about transitioning to ISO 9001:2015, if your organization is certified.

Thanking you,

Keshav Ram Singhal

Email
keshavsinghalajmer@gmail.com
or
krsinghal@rediffmail.com

Understanding the organization and its context

Understanding the organization and its context

- Keshav Ram Singhal

ISO 9001:2015 QMS standard in its clause 4.1 makes emphasis on clear understanding of the organization's context. The standard requires organization to:
(i) determine external and internal issues (positive and negative factors or conditions) that are relevant to its purpose and its strategic direction and that affect organization's ability to achieve the intended result(s),
(ii) monitor and review information about the determined external and internal issues (positive and negative factors or conditions).

The intent of above requirements is to understand important issues that can affect, either positively or negatively, the way the organization manages its quality management system to achieve the desired result(s). Requirements mentioned in clause 4.1 is too general and one may think many issues that may not be relevant. Consider only those issues that are relevant to the quality management system.

Why an organization need to determine external and internal issues? one may answer, it is a requirement. But why is this a requirement? Because (i) the organization needs to take better decisions based on evidence, (ii) the potential benefits of implementing ISO 9001:2015 QMS standard to an organization is addressing risks and opportunities associated with its context and objectives. This leads to improvement in the quality management system.

Addressing risks and opportunities lead to proactively managing uncertainties that lead to better decisions based on evidence. This reminds 'evidence-based decision making' principle among the seven quality management principle on which ISO 9001:2015 QMS standard is based. Clause 0.1 also has a reference of the potential benefits of implementing ISO 9001:2015 QMS.

Internal context of an organization is the environment in which organization targets to achieve its objectives. Issues that need to be considered are related to culture, beliefs, values, or principles inside the organization, as well as the complexity of processes and organizational structure. Typical examples of internal context related issues may be - Products/services offerings, Governance, Organizational structure, Roles, Responsibilities and authorities, Organizational assets (facilities, building, machinery, equipment, technology), Information system and decision making process, Relationship of staff, Perception of internal stakeholders (owners, suppliers, partners), Organization culture, Guidelines etc.

External context of an organization relates to the issues that may arise from legal, cultural, social, technological, competitive, economic environment that can be global, national, regional or local. Typical examples of external context related issues may be - Government regulations, changes in law, market competition, events (such as trade fairs), etc. These factors should be considered, while managing risks, uncertainty and opportunities and also at the time when you make decisions that may affect quality of the product/service your organization provides.

ISO 9001:2015 QMS standard does not speak on the method to determine such issues. It is for the organization to apply its own suitable method. One such method to determine the internal and external issues may consists following steps - (i) The top management of the organization should constitute a team of identified persons, who are well-versed with organization and its processes, (ii) The team members should think individually as well as collectively and identify positive/negative factors and conditions that are relevant and that can affect achievement of organization's goals/objectives, (iii) All such identified issues should summed-up, (iv) the team should also monitor and review identified issues from time to time.

While auditing the standard's requirements, auditor would look into the objective evidence how you determined the issues related to the context of the organization.

Please CLICK HERE to refer to the earlier post 'ISO 9001:2015 QMS - Understanding the organization and its context'.

Understanding the organization and its context

Understanding the organization and its context

- Keshav Ram Singhal

ISO 9001:2015 QMS standard in its clause 4.1 makes emphasis on clear understanding of the organization's context. The standard requires organization to:
(i) determine external and internal issues (positive and negative factors or conditions) that are relevant to its purpose and its strategic direction and that affect organization's ability to achieve the intended result(s),
(ii) monitor and review information about the determined external and internal issues (positive and negative factors or conditions).

The intent of above requirements is to understand important issues that can affect, either positively or negatively, the way the organization manages its quality management system to achieve the desired result(s). Requirements mentioned in clause 4.1 is too general and one may think many issues that may not be relevant. Consider only those issues that are relevant to the quality management system.

Why an organization need to determine external and internal issues? one may answer, it is a requirement. But why is this a requirement? Because (i) the organization needs to take better decisions based on evidence, (ii) the potential benefits of implementing ISO 9001:2015 QMS standard to an organization is addressing risks and opportunities associated with its context and objectives. This leads to improvement in the quality management system.

Addressing risks and opportunities lead to proactively managing uncertainties that lead to better decisions based on evidence. This reminds 'evidence-based decision making' principle among the seven quality management principle on which ISO 9001:2015 QMS standard is based. Clause 0.1 also has a reference of the potential benefits of implementing ISO 9001:2015 QMS.

Internal context of an organization is the environment in which organization targets to achieve its objectives. Issues that need to be considered are related to culture, beliefs, values, or principles inside the organization, as well as the complexity of processes and organizational structure. Typical examples of internal context related issues may be - Products/services offerings, Governance, Organizational structure, Roles, Responsibilities and authorities, Organizational assets (facilities, building, machinery, equipment, technology), Information system and decision making process, Relationship of staff, Perception of internal stakeholders (owners, suppliers, partners), Organization culture, Guidelines etc.

External context of an organization relates to the issues that may arise from legal, cultural, social, technological, competitive, economic environment that can be global, national, regional or local. Typical examples of external context related issues may be - Government regulations, changes in law, market competition, events (such as trade fairs), etc. These factors should be considered, while managing risks, uncertainty and opportunities and also at the time when you make decisions that may affect quality of the product/service your organization provides.

ISO 9001:2015 QMS standard does not speak on the method to determine such issues. It is for the organization to apply its own suitable method. One such method to determine the internal and external issues may consists following steps - (i) The top management of the organization should constitute a team of identified persons, who are well-versed with organization and its processes, (ii) The team members should think individually as well as collectively and identify positive/negative factors and conditions that are relevant and that can affect achievement of organization's goals/objectives, (iii) All such identified issues should summed-up, (iv) the team should also monitor and review identified issues from time to time.

While auditing the standard's requirements, auditor would look into the objective evidence how you determined the issues related to the context of the organization.

Please CLICK HERE to refer to the earlier post 'ISO 9001:2015 QMS - Understanding the organization and its context'.

Training Handbook on 'ISO 9001:2015 QMS Awareness'

Training Handbook on 'ISO 9001:2015 QMS Awareness'

For details on the training handbook, please CLICK HERE.

Thanks,

Keshav Ram Singhal

Auditing against ISO 9001:2015

Auditing against ISO 9001:2015

- Krishna Gopal Misra
Email: qualitymeter@gmail.com


It is easy doing an audit by records and documents i.e. acts of "doing" but an audit of a process is actually an audit of the "thinking" behind that "doing".

Typical example of operation is that of a dancer who is performing ( doing) on the stage and audiences ( auditor or clients) keep seeing it. But audiences do not at all, see the song writer and musicians playing background music and choreographer. Do not you think that it is the thinking "process" which is behind every successful dance (performance) and dancer( performer)? Actual purpose of management is to set the process ( thinking) and let operators operate ( doing) the dance or whatever ( be it design of machine or producing product or delivering services).

Did not you see that I have been doing it already in opening meeting with top management and kept discussing risks and opportunities in overall business context?

This is the shift in philosophy in mind of writers of standard and their guilt for revisions of standard. ISO 9001: 2008 standard was known more as documentation and records and often people joked at saying that "do what you write and write what you do". Quality management in earlier versions of standards were focused more at operations ( "doing" or performance ) rather than the process ("thinking" goal and roadmap and risk and opportunities).

Quality manual is done away with. It was most neglected document and dust over it was cleaned only when external auditors ask for. In most quality manuals, it was just an answer of requirements of standard by clause by clause. It could be of some help to auditors who go by standard but is none of the business of the organization. Reputation of auditor is lost when their context is not the organization but how clauses of standard were some how addressed.

With doing away of quality manual, mandatory procedures like document control and internal audit and nonconformity control and corrective action, are gone too. These are not actually gone but taken care by competence of people and where errors ( human or process both) could be cause of risks or actual defect (incident). For example, the reason or rationale of scheduling an internal audit is certainly audited but not the procedure as mandated in quality manual. Document control in these days of technology are very different than they once were, in days of paper and pen. Software tools, pictures and reports sent by WhatsApp and video records of meetings are unknown earlier. These are also documents and are more simple and authentic and therefore controls are left to organization to decide and make it goal or purpose oriented rather than procedure oriented.

Management representative is also not necessary to fix. It is a matter to be decided by an organization whether or not management needs such a role in the organization. ISO can not prescribe it for organizations as a requirement of quality management. Mostly, this formality is only to take care of internal coordination and arranging external audit and deal with certification bodies. Frankly speaking management representative gets noticed only temporarily during audits and certification.

Structure of new standard has coined few words like "Leadership". Leader is not a job title. Informal attitude "walk the talk" inspires the organization; whereas, formal titles and printed documents and records are just footprints. Leadership is not just limited to top management but it is a thought process or culture that integrates the organization, and makes it goal oriented. Leadership is demonstrated in the culture of organization rather than formalities. See how do people at helm of affairs keep in touch with other employees in person which instills confidence in them, is a leadership. People felt connected and share freely their voices in interest of organization.

Formalizing management policies, transparency and access to information and real time communication are examples of leadership. Management decisions or polices such as setting rules of business and giving authorization to people are formally implemented using IT enabled ERP enterprise resource planning or project management tool. These electronic instructions should be protected from unauthorized changes. This necessity of document (configuration control) is a safety from forgetfulness and disputes. This degree of formality is unavoidable. Forgetfulness is not always a bad thing as cleaning of memory is an important activity. Memory ( including document and records) is useful only for a recall value. This means, if we cannot go ahead with self confidence; at least, we can return back home. Retreat ( coming back) without records is impossible. Leaders are good at deciding what is needed to be remembered and what must be cleaned up. Use of white board for writing by non-permanent ink is one thing and printed documents like certificates or agreements are another. Retention of memory is context based.

ISO 9001: 2015 also has remodeled its style to meet its structure with other standards such as environmental management and occupation health etc. This is useful because people would not get unduly worried for references of clause numbers in different standards under umbrella of same ISO when they get audited.

The new version refers suppliers as external providers. Similarly, standards such as ASTM used in work are also external. Do not worry. It is not necessary to start calling suppliers, external provider. Standard has no such intent. It is just another name representing a logic or thinking.

Preventive action is eliminated. Any proactive approach which does not let a defect happen, at first chance, is called preventive action. Purpose of quality system such as roles and responsibility, training and competence and suitable equipment and so on are by itself proactive approach and therefore developing and implementing a quality system is itself a preventive action.

Risk based thinking is not about documenting risk. You can think but how can you document thoughts? Nobody is going to ask you a risk register and why this risk is more riskier than another. That would be funny. Standard is clever enough to not cause a confusion in fields of wild imagination in pick and choose risks.

"Quality Objectives" are the outcome of "risk based thinking". In earlier version of standards, there used to be a clause for "quality objectives" but it was not known how should that arrived at. There can be no other way of fixing goal and objectives at different levels in the organization other than the thinking of the risk and opportunities.

This natural behavior of management is included in the revised standard. Risk is unknown consequences. If consequence are known, you either know it that you have it or if you do not like you can plan for getting rid of it in near or long term. This is the way objectives are arrived at. Quality objectives at an organization level and at each process must be good enough to safeguard the quality, and if defects or unpleasant situations occur, that should be limited by defining quality objectives.

What is process ? How is a process different from operations? Process is all about a roadmap to set a goal and achieve it. For example, if you have to go to Delhi from Thimbu Bhutan, the goal is Delhi and various ways ( or valid possibilities) of reaching Delhi are called processes. The goal is product itself or av certain ambition of individual or organization. If there is no product or goal, there is obviously no process. Rice is same but its goals demand processes suitable for it. For example, dosa by one process and idli by another process.

Coming back to earlier scenario, to manage reaching a goal is challenged by constraints such as 1. cost of travel, 2. punctuality (in time arrival) and 3. comfortable journey. As long as goal is fixed, these constraints decide which process one should choose in the given condition. One can use taxi to airport and fly to Delhi. This is a high cost option but it gives comfort and timely arrival. In another case, one can take train to Delhi, which also meets same goal but is less expensive yet uncertain for timely arrival and not very comfortable. There can be an opportunity to buy discount air fare and journey is planned in such a way that cost and time and comfort, all three are favorable. So, there are options in work, and making choice of suitable process is what a manager is expected doing. Manager is setting goal, thinking and planning and takes decisions but not operates. He or she has not to act as taxi driver, or piloting aero plane, or run train. These are operations. Process is goal focused and accordingly, assembly of unit operations and resources takes place. Process is a mental roadmap ( decision making) to achieve a goal within given constraints called risks and opportunities. Operations are acts of implementing a decision. In earlier example of a dancer performing a show is "operation" or act of dancing but "process" is the thinking behind success of the show which involves song writers and musicians and choreographer.

People thought that doing a work as per given procedure was iso 9001. People joked in name of iso that you do what you write and write what you do. Iso did not get right kind of reputation for such an understanding.

New revision is about goal orientation and how best it ( process or decision making) is achieved given the risk and opportunities.

This gives people flexibility and understanding of various difference in approach and applicable risk and opportunities.

Revised standard is more realistic and natural representation of work in a successful organization. Unnecessary things are weeded out at every revision and quality now is given more emphasis than standardization. Quality standard is combination of two words. Quality is moving and standard is standing or keeps sitting. Standard is like safety railings on both sides of a staircase so that you do not fall sideways when moving up. But these standards should not become obstacles for users of stairs. Standards only act as safety or risk prevention and quality is all about Value (usefulness or desirability). Remember !! There are three elements in quality assurance 1. Value ( usefulness), 2. Variation ( consistency or standardized) and 3. Risk ( unknown consequence).

ISO 9001 is a management standard. Can there be any standard for management? It (management) is human understanding and is not a typical enforcement or practice like law or accounting or mechanical engineering. Management is a combination of formal as well as informal. Formal part is just a tip of iceberg. Standards in management have evolved as do writers of standard get insight in actual working of management. This (ISO 9001) is just one of attempts of servicing industry and commercial establishments with certain ideas of meeting customer requirement. It is not a substitute of quality management or quality engineering or such august body of knowledge. Standards provide framework which clients can choose voluntarily but ISO is not liable in anyway for performance of an organization or claims associated with it.

COURTESY NOTE: I am thankful to Shri Krishna Gopal Misra of Gurgaon (Haryana, India) for his kind permission to republish the article. - Keshav Ram Singhal

Use of 'shall', 'should', 'may' and 'can' in Standards?

Standards generally use words, like 'shall', 'should', 'may' and 'can', in mentioning their requirements or guidelines. What these words mean?

Whenever 'shall' is used in a standard, it indicates a requirement that is necessary to follow.

Whenever 'should' is used in a standard, it indicates a recommendation that is recommended to follow the guideline.

Whenever 'may' is used in a standard, it indicates a permission to follow the guideline.

Whenever 'can' is used in the standard, it indicates a possibility or a capability.

With best wishes,

Keshav Ram Singhal

How to determine opportunities?

An opportunity is a time or set of circumstances that makes it possible to do something. Opportunities can lead to something better, such as, adopting new practices, launching or introducing new product/service, opening new markets, addressing new clients or users, building partnership, using new technology, other desirable and viable possibilities to address needs of the organization or its customers. No specific procedure or methodology is mentioned in ISO 9001:2015 QMS standard to determine 'risks and opportunities'. To determine opportunities, I suggest to make a small group (team) in your organization that should consider circumstances that make it possible to do something better in the organization.

With best wishes,

Keshav Ram Singhal

For details on the Training Handbook on ISO 9001:2015 QMS Awareness, please CLICK HERE.