Clarification of ISO 9001:2015 Clause 8.5.6 Control of Changes

btu32s

Registered
Hi all,
Firstly, i need clarification on the meaning of this phrase in the clause:
"Results of the review of changes", "any necessary actions arising from the review"

Does the requirement above refer to outcome of Review of changes after implementation of the said changes? or it could mean outcome of review prior to implementation of change?


Secondly, for changes to the QMS that arise from nonconformity, can Corrective Action/Improvement Request and Nonconformity Report whereby corrective action would include changes to the QMS, be used as record to fulfill this clause requirements?
 
Last edited:
B

BoardGuy

In the olden days of ISO 9001:2008 this would have been addressed by Clause 7.3.7 Design and Development Outputs. ISO 9000:2015 Term 3.3.10 defines change control as “Activities for the control of the output after formal approval of its product configuration information”.

In reality this clause is asking the organization to make changes in a thoughtful manner and to consider the potential impact to other process, product and possibly the customer. Key items to consider are:

- Is the impact of the change evaluated as its effects work in process and parts/product already delivered?

- What process control documentation (procedures, travelers, forms, etc.) will need updating as the result of change to be implemented?

- When change will be made was it approved prior to implementation including, if applicable, approval by the customer, statutory or regulator authority?

- Does retained documented indicate the source of change and information on necessary actions and approvals?
 

Kronos147

Trusted Information Resource
Does the requirement above refer to outcome of Review of changes after implementation of the said changes? or it could mean outcome of review prior to implementation of change?

Hello,

I think if you go through some steps you end up with both, but I think it is the review of the results of the change. The standard did not abandon PDCA (Plan-Do-Check-Act).

Secondly, for changes to the QMS that arise from nonconformity, can Corrective Action/Improvement Request and Nonconformity Report whereby corrective action would include changes to the QMS, be used as record to fulfill this clause requirements?

I say the corrective action is the PERFECT record. You already have it, you already use it, so minimal retraining is required, you don't have to invent some new process, it has the ability to satisfy all requirements, and is potentially effective.
 
J

Jim Green

I was wondering if someone could give a real world example of how to implement this??? Already ISO 9001 2008.

Steel Processing facility - Is it something we may be doing already and I am to dense to see it.

Thanks
 
Last edited by a moderator:
B

BoardGuy

[FONT=&quot]One example would be the effect of automating a process. An organization I worked for automated a press line before understanding the existing process. The result was unusable product because they did not take into account dwell time during pressure ramp-up. While the manual process pressure regulators applied pressure as a slower rate, the new automated system applied full pressure immediately. Result, nonconforming product that could not be reworked and lots of $$$ in scrap.[/FONT]
 

AndyN

Moved On
I was wondering if someone could give a real world example of how to implement this??? Already ISO 9001 2008.

Steel Processing facility - Is it something we may be doing already and I am to dense to see it.

Thanks

Jim:
One of the reasons this was added to the standard is that changes was only addressed in certain places: Changes to customer requirements (contracts), changes to product designs and document changes.

We know that having planned the production processes, there's often a need to change things - process parameters, materials, inspections and so on. It simply needs a way to control those, through planning, so that the consequences are considered. As you know, sometimes changes are not reversible...
 
J

Jim Green

I just don't want to get caught up in more matrix creation and chasing paper for an auditor...



Monitor and review "Context of the organization". You have got to be kidding me. Risk Management? right... These are the critical quality aspects that have been missing all along ? After 20 years of doing this, MY eves have seen the glory.

Becoming frustrated, angry, and cynical. Sorry... Thanks so much for your help.
 

Golfman25

Trusted Information Resource
I just don't want to get caught up in more matrix creation and chasing paper for an auditor...



Monitor and review "Context of the organization". You have got to be kidding me. Risk Management? right... These are the critical quality aspects that have been missing all along ? After 20 years of doing this, MY eves have seen the glory.

Becoming frustrated, angry, and cynical. Sorry... Thanks so much for your help.
I hear ya. Makes you want to stick your head in a vice.

For change control I would just keep it as simple as possible and document what you currently do. My guess is when you want to change something you meet, discuss, and analyze on some level and then implement. Good luck.
 

AndyN

Moved On
I just don't want to get caught up in more matrix creation and chasing paper for an auditor...

Then don't! I simply don't understand why people here are always harping on about what their auditor tells them to do or how they fear not "pleasing the auditor". We've been at this stuff for 25+ years. It's about time someone treated their CB like any other supplier and started complaining about things which aren't right! Your other suppliers don't make you jump through hoops, do they? If something's not right, you reject it and send a SCAR, right? So why are you all whinging about what your auditor wants?
 

AndyN

Moved On
Monitor and review "Context of the organization". You have got to be kidding me. Risk Management? right... These are the critical quality aspects that have been missing all along ? After 20 years of doing this, MY eves have seen the glory.

Did you read the requirement? It doesn't say review the context does it? I'm of the impression you don't completely understand what this is about. Internal and external issues can represent risks and opportunities. Are you suggesting that these don't change, over time? You aren't required to do "risk management" it's not in the standard. I really believe that folks haven't sat down and fully understood what's required here. I guess if you then have an auditor come in and go off the rails, things are going to go badly. You've gotta understand the requirements. There are no "silver bullets"...
 
Top Bottom