It’s a new year and the new ISO 9001:2015 standards were recently implemented in September of 2015. The following observations were shared by Jim Lee and simpleQuE consultants after working with more than a dozen companies, including our own, on getting certified to ISO 9001:2015.
With risk-based thinking and risk management, we can assure you that it is not as challenging as many social media discussions tout. SimpleQuE has yet to have a single client be required to do anything extra to meet the ISO requirements for risk management and risk-based thinking. Companies simply need to know what existing processes to recognize, what evidence to show that actions were identified, and that those actions were effectively implemented. This happens on a weekly basis as a normal course of business, as long as companies know what to demonstrate as evidence.\
Another area requiring additional attention for upgrading to the 2015 standard is the process flow diagram. Outsourced processes need to be denoted in some way or another, whether partially or fully outsourced. This might be done with color-coding or some other means to show where a process may be outsourced.
We’ve educated our clients on how to talk about context and interested parties, and in some cases we have documented a paragraph or two in the quality manual for these topics. For those clients that have a documented strategic planning or business planning process, we’ve been able to see context and interested parties addressed as part of this process.
Also note, there are three additional topics that are called out for management reviews. Some companies needed to add these topics to their management review agendas; others already covered these extra items.
SimpleQuE consultants and our clients have found it useful to perform a special audit utilizing our Gap Audit Checklist – a tool to identify compliance with the differences between ISO 9001:2008 and ISO 9001:2015.
For more information on ISO9001:2015 please contact us at 740-305-0868.