ISO9001:2015 Upgrade Diary

#1
Every time that I must tweak my QMS manual for a new revision of ISO9001, I agree a little more with He Who Shall Not Be Named that this certification business is a huge scam. Right now, there are hundreds of CB auditors (not the good ones) that have a list of "gotchas" where the most common mistakes will be made. Here's my list:

4.1 Understanding the organization and its context
Just wow. Really? Fortunately for the vague and ambiguous language here, my company already knows how to do this. We have four full day meetings per year with Executive Management and the folks that physically execute the elements required to achieve our strategic plan. Two meetings the Executives tell us the results of their analysis (i.e., The Strategic Plan). Two alternating meetings we tell the Executives what we shall do to make the plan possible and the ongoing results of those activities. We call these Strategic Alignment Meetings (SAM).

  • Need some vague and ambiguous verbiage in the QA Manual about this.
4.2 Understanding the needs and expectations of interested parties
  • Need a to document a list of interested parties (e.g. stakeholders, customers, UL, CSA, etc.) in Management Review
  • Need to point at documentation in the Product Development Control Process (PDCP) where requirements are determined
  • Need to point at list of customers that require ISO certification
5.1 Leadership and commitment
5.1.1d) promoting the use of the process approach and risk-based thinking
  • Need to coach Executives on specific Management Review Items where we have made risk/reward decisions
  • Need to point to the process diagrams on every team metric board
6.1 Actions to address risks and opportunities
6.1.2
  • Need to point at the above mentioned PDCP and SAM
6.2 Quality objectives and how to achieve them
6.2.2 Fortunately, the previous version of ISO14001 already had this gem so
  • Need to copy the ISO14001 ENVIRONMENTAL objectives list in Management Review of what will be done, what resources will be required, who will be responsible, when it will be completed and how the results will be evaluated and translate for my QUALITY objectives
7.4 Communication
Once again, ISO14001 is ahead on this one.
  • Need to document relevant internal and external communications about the QMS: what will it communicate, when, with whom, how and who will do it

Then TC176 ran out of gas and shuffled around and reworded the Product Realization and Measurement, Analysis and Improvement sections of ISO9001:2008. So, any of you RAB certified auditors working for CB's want to share the gotcha list they gave you what they taught you for the 2015 upgrade?
 
Elsmar Forum Sponsor

DRAMMAN

Quite Involved in Discussions
#2
Are you looking at this from just a pass the audit perspective? Is possible for the 2015 changes to add value to your management system?

For example..is there anything in Organizational Context that can be a beneficial input to your companies Strategic Planning process?
 

Mike S.

Happy to be Alive
Trusted Information Resource
#3
Icy! Long time no see -- glad to see you here! :agree1:

Ignoring the elephant of reasons behind the constant revisions of standards for a moment....

Word I got from a registrar auditor is that the key "focus" areas are gonna be risks associated with key processes and leadership, commitment and accountability of top management. And ya know, I don't have a problem with them focusing there, especially in the latter areas, because I so often see those areas lacking.
 

DRAMMAN

Quite Involved in Discussions
#4
I don't know if I would call the changes constant. It is just once every 7 years. If they did not revisit the standard it would become obsolete.

I would suggest to anyone that they talk to their CB auditor to understand what they will be looking for regarding compliance. All of the major CB's are offering free training webinars and classes at minimal costs. This will at least help alleviate concerns regarding what objective evidence you need to avoid NC's.
 
#5
Are you looking at this from just a pass the audit perspective? Is possible for the 2015 changes to add value to your management system?
Since I haven't been on for a while, you probably don't know my background. I rarely do anything just to pass the audit. However, I don't like getting caught by some useless shall that is interpreted in the most arcane way by the registrar's auditor. I have been running an TS16949 system since 2005. I have a long history of running a "best for business" QMS. There are some requirements that can have an incredibly positive impact on any business (e.g. the entirity of Section 8, Operation). There are other requirements that are virtually useless. I have a record that tracks incidents of premium freight in Management Review. Of course, we were tracking it before in accounting but the auditor did not accept that the Finance Department's $$$ tracking of the % of premium freight vs. regular freight was tracking "incidents".

That said, my system was written against the guidance in ISO9000 and ISO9004, not just "the standard". Please see the OP. My company is already so far ahead of this standard it's laughable. We have two global quality objectives: Keep warranty returns low and keep on time deliveries high. It looks like I only need to create the what, what, who, when, how for these so that there is a trail of breadcrumbs for the auditor. I know from experience that our day-to-day documentation of these items in support of our Environmental Objectives was not sufficient to satisfy the auditor. Yet, it was sufficient for us to achieve our objectives. Do you see the dichotomy?

Every team in my system has its own sub-goals that support both the global objectives and the strategic plan. Things like productivity, process yield, scrap, rework, utilization, etc. We have process diagrams, metric boards, continual improvement initiatives as requirements for all of these teams. We recognize and reward these teams with cash money for achieving their goals. My system is already exemplary, I don't need TC176 revising their thinking to help me improve my QMS. It merely subtracts from the time available to work on continual improvements that I know will benefit my company.
I don't know if I would call the changes constant. It is just once every 7 years. If they did not revisit the standard it would become obsolete.
Register to ISO9001, ISO14001, whatever it is now 16949 while also keeping up with the CS requirements and requirements for other standards like VDA and the changes are pretty much constant.

The vast majority of companies could implement a rather simple system that addresses the 9 pages of MIL-Q9858A (released 1963) or the simple the 18 sections of 10CFR50 Appendix B and have an extremely effective quality system. The rest of this is window dressing.
I would suggest to anyone that they talk to their CB auditor to understand what they will be looking for regarding compliance. All of the major CB's are offering free training webinars and classes at minimal costs. This will at least help alleviate concerns regarding what objective evidence you need to avoid NC's.
I started with my CB auditor. Most are not so helpful, lest they be suspected of "consulting". The Elsmar Cove is Quality Assurance and independent validation.
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#6
Word I got from a registrar auditor is that the key "focus" areas are gonna be risks associated with key processes and leadership, commitment and accountability of top management.
Sounds like wishful thinking to me. There is a substantial percentage of 3[sup]rd[/sup] party auditors, which spend very little time with process owners and even less with "top management".

They overwhelmingly occupy their time with the "quality person" during an audit.
 

DRAMMAN

Quite Involved in Discussions
#7
that is because prior ISO versions allowed for assigning the QMS to the MRQ. Now that there is no MRQ the intent is for the auditors to spend more time focuse don senior management.
 
#8
Finally, as promised, my EFMEA form. Includes the trinity you need to prove that you have addressed in environmental aspects,the risks and opportunities in your Environmental Management System: EFMEA form, leads to Environmental Normative Reference and the Environmental Impacts Form. All three are reviewed and updated as necessary at Management Review.

P.S. Since we have been running a 16949 compliant system, DFMEA, PFMEA, the proprietary assessments of risk/reward that we do at the front end of APQP along with our comprehensive Management Review cover the whole identification of risks and opportunities for ISO9001. Not to mention the exhaustive Design Validation Plan and Reporting requirements to assure that products meet the design intent (all embedded in our Product Development and Control Process).
 

Attachments

Last edited:

Sidney Vianna

Post Responsibly
Staff member
Admin
#9
that is because prior ISO versions allowed for assigning the QMS to the MRQ. Now that there is no MRQ the intent is for the auditors to spend more time focuse don senior management.
There was no "assigning" the QMS to the management representative function; the standard had clear responsibilities designated to the MR, but it was never intended that s/he would own the system. Previous versions of 9001 have always and clearly assigned ultimate responsibility of the QMS to top management. Auditors shy away from interfacing with top management for many reasons, but the standard was never a valid one.
 

Mike S.

Happy to be Alive
Trusted Information Resource
#10
Sounds like wishful thinking to me. There is a substantial percentage of 3[sup]rd[/sup] party auditors, which spend very little time with process owners and even less with "top management".

They overwhelmingly occupy their time with the "quality person" during an audit.
Maybe, maybe not. The registrar auditor who told me this works for our registrar so it may be more applicable to their customers than in general. I am sure some auditors will focus there, others will focus more elsewhere. Just sayin' what I heard.

IMO any additional focus on Top Management vs. the lower levels, even if only 5 minutes more per audit, is a good thing. YMMV
 
Thread starter Similar threads Forum Replies Date
S Are there ISO9001:2015 Requirements for Preventive Maintenance? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 36
A ISO9001:2015 Document control and training aids ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
S ISO9001:2015 Clause 9.1 - What the external auditor will look at? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
S ISO9001:2015 6.3 - Planning of Changes - OFI from auditor ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 20
I ISO9001:2015 9.1.2 - Customer Satisfaction Feedback ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
L Is writing out the ISO9001:2015 standard full name a requirement ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 37
E Interesting Discussion Was this the fastest ever stage 2 ISO9001:2015 audit? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 76
ScottK Question for Auditors on 7.1.4 in the ISO9001:2015 revision ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
qualprod ISO9001:2015 Cl. 9.1.1 and 9.1.3 evidenced with only improvement actions? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
G Effect of ISO9001 2015 transition on ISO IEC 80079-34 Other ISO and International Standards and European Regulations 2
A ISO9001:2015 Process Matrix with clauses General Auditing Discussions 13
S ISO9001:2015 Cl. 4.4.1 - What Processes Do I Need Documented ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
Q ISO9001:2015 Cl. 6.1 - What evidences of risk addressing is needed? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
B Bare Bones/Under the Radar ISO9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
W Is ISO9001:2015 required for AS9100:2016 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
Icy Mountain ISO9001:2015 & IATF 16949:2016 Gap Analysis Tool IATF 16949 - Automotive Quality Systems Standard 7
D Internal Audit During the Transition Period from ISO9001:2008 to ISO9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
D Does ISO9001:2015 require any specific "processes"? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
N ISO9001:2015 clause 7.1.5 "Resources" (Formerly "Equipment") ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
S ISO9001:2015 and ISO14001:2015 Readiness/Self Evaluation Checklists wanted ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
J Understanding ISO9001:2015 - 8.3: Design and Development of Products and Services ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
W ISO9001:2015 - Clause 7.5.2 - Requirements for Creating & Updating Documents ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
C Process Map Transition from ISO9001:2008 to ISO9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
A ISO9001:2015 Auditor Training Materials Training - Internal, External, Online and Distance Learning 2
M ISO9001:2015 Clause 8.4 Control of External Processes and Purchased Goods & Materials ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
L Corporate Manual - Global Multi-Site ISO9001:2015 Certification ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
A ISO9001:2015 comparison with AS9100:2016 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
C Auditing Clause 5 - Leadership in ISO9001:2015 Internal Auditing 4
S Informational ISO9001:2015 Process Interactions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 65
S ISO9001:2015 Section 4.4.1 - Support Processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
C Risks involved in requesting Cert to ISO9001:2015 right when released ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
T Changes in ISO9001:2015 to the requirements for a management representative ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
L Customer Waiver in ISO9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
L Lean in the ISO9001:2015 World Lean in Manufacturing and Service Industries 1
A Has anyone made an ISO9001:2015 vs. ISO9001:2008 Matrix ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 32
D ISO9001 for one man company ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
S What's meant by ISO9001 clause 8.7 non conforming output? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
G Calibration: Conforming to ISO9001 Requirements General Measurement Device and Calibration Topics 6
H Communication plan according to ISO9001 - Pharmaceutical field Pharmaceuticals (21 CFR Part 210, 21 CFR Part 211 and related Regulations) 3
R Major nonformance finding was given during a closing meeting of a ISO9001 certification audit General Auditing Discussions 76
N Is consultant prohibited in ISO9001 audit? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 66
R ISO13485/ISO9001 Convenient Document Management System Document Control Systems, Procedures, Forms and Templates 3
R ISO9001 & ISO13485 QMS for 2 types of products ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
T In house Calibration? Measurement equipment traceability requirements - ISO9001 General Measurement Device and Calibration Topics 12
a_bardi Excluding ISO9001 Cl. 8.4 - Supplier Selection and Evaluation ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
M Can Six sigma support ISO9001? If yes, in what ways? Lean in Manufacturing and Service Industries 5
C Checklist comparison between ISO9001:2008 and ISO 3834 Quality Management System (QMS) Manuals 1
Y The challenge of why should we have ISO9001 and process audit ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
G BCARs/EASA to ISO9001/AS9100 cross reference matrix/table wanted EASA and JAA Aviation Standards and Requirements 1
4 ISO9001:2008 Prototype Requirements ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6

Similar threads

Top Bottom