Disaster Contingency - Is it a requirement in ISO 9001?

[Eastman]

good afternoon all,

we deal with ceramic parts of complex geometry's, we are ISO 9001 2008

certified and are moments away from an [FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold]ISO 9001:2015(E) cert. today a[/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold][/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold]customer asked for a disaster contingency/business resumption plan. we [/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold][/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold]currently have nothing in place and was wondering if it is in fact a [/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold][/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold]requirement for either 2008 or 2015 thanks for your time.[/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold][/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold]regards, [/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold][/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold]Eastman
[/FONT][/FONT][/FONT]

​

​

​

​

​

​

​

 

[howste]

Re: disaster contingency

Welcome to The Cove!

...and was wondering if it is in fact a requirement for either 2008 or 2015 thanks for your time.

Short answer: No.

The automotive standard ISO/TS 16949, which is based on ISO 9001, does have this requirement.

 

[QAMTY]

Re: disaster contingency

Is not a requirement from ISO.
However some customers require this to suppliers, it depends on you if want tp keep your customer. It is also known as BCP,bussiness continuity plan.
Hope this helps.

 

[Sidney Vianna]

Re: disaster contingency

There are several standards dealing specifically with business continuity, including an ISO Standard: https://www.iso.org/obp/ui/#!iso:std:50038:en
ISO 22301:2012

 

[BoardGuy]

Re: disaster contingency

To help you think along the process of how you might address this, the following is from ISO/TS 16949:2009, Clause 6.3.2 Contingency plans:

“The organization shall prepare contingency plans to satisfy customer requirements in the event of an emergency such as utility interruptions, labor shortage, key equipment failure and field returns.”

This would now relate to ISO 9001:2015, Clause 7.1.3. I used this basic information to write a business interruption plan for AS9100C customer by putting it into our process control procedure.

 

[yodon]

I would think that if you truly adopt "Risk Based Thinking" then somewhere along the line you'd need to address business continuity / contingency planning.

 

[Claes Gefvenberg]

I would think that if you truly adopt "Risk Based Thinking" then somewhere along the line you'd need to address business continuity / contingency planning.

Good point. No actual requirement, but the issues you dig up under 4.1 could very well form the basis of a contingency plan, and it certainly makes sense to have one.

 

[somashekar]

good afternoon all,

we deal with ceramic parts of complex geometry's, we are ISO 9001 2008

certified and are moments away from an [FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold]ISO 9001:2015(E) cert. today a[/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold][/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold]customer asked for a disaster contingency/business resumption plan. we [/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold][/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold]currently have nothing in place and was wondering if it is in fact a [/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold][/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold]requirement for either 2008 or 2015 thanks for your time.[/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold][/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold]regards, [/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold][/FONT][/FONT][/FONT]
[FONT=Cambria,Bold][FONT=Cambria,Bold][FONT=Cambria,Bold]Eastman
[/FONT][/FONT][/FONT]

​

​

​

​

​

​

​

Do not look at the ISO9001 standard as a prescriptive standard any more. The standard now is opening up your thoughts on your context and your risk based thinking. You must be adopting now several new plans based upon requirements of your interested parties in order to do and sustain your business purpose.

 

[Mike S.]

Good point. No actual requirement, but the issues you dig up under 4.1 could very well form the basis of a contingency plan, and it certainly makes sense to have one.

Exactly! How would you answer an auditor or customer who asks how you would handle storm damage or fire damage or whatever kind of disaster that may hit a business? “Uh uh uh….” is not a good reply, regardless of what ISO9001 requires.

 

[BoardGuy]

Mike S does have a good point that you must be ready for these kinds of off the wall questions an auditor might ask and under 0.1 you have the following protection parse:

“It is not the intent of this International Standard to imply the need for:

- uniformity in the structure of different quality management systems;
- alignment of documentation to the clause structure of this International Standard;
- the use of the specific terminology of this International Standard within the organization.”

The answer you might give should start with “based on the context of the organization....” and then state why it is not applicable. It then becomes the auditor's job to determine if it is an issue based on the requirements of the standard, active contractual requirements of the customer, applicable regulatory requirements etc.