The Evolution of ISO 9001
In the original ISO 9001 of 1987, the Quality Management System (QMS) was basically considered and treated as independent of the business plan. The focus was on how organizations applied the various clauses to their business. When ISO 9001:2000 was published, the focus shifted. As it stands today, the QMS Quality Policy and Quality Objectives are aligned with and expected to support the business plan.
With ISO 9001:2015, the expectation changed again with the addition of another step in a continual evolution of the QMS. With the new standard, the QMS is expected to fully integrate into the business plan - becoming one and the same. Instead of the QMS being something the Quality department is expected to control, the control now rests with Top Management. This is also evidenced by the elimination of the position of the Management Representative.
If you are Top Management, you will need to not only fully understand ISO 9001:2015, you will also have to take ownership of the QMS and use it as an integral part of your business plan/model to operate your business. The more you understand ISO 9001:2015, the more this integration makes sense.
One of the new phrases you will be hearing with ISO 9001:2015 is the concept of Risk Based Thinking (RBT). RBT is first mentioned in the introductory part of ISO 9001:2015 (part 0.3.3). It states: “Risk-based thinking is essential for achieving an effective quality management system.” It is explained in detail in Annex A-4. The ISO 9001:2008 section on Preventive Action has been removed and replaced with the concept of RBT. Understanding risks is brought up in several different places in the revised standard, emphasizing the need to look at risks as part of the normal planning and operation of processes.
Annex A-4 states: “…there is no requirement for formal methods for risk management or a documented risk management process.” This provided organizations the flexibility to address the risks in a manner that best suits the organization and allows for varying risks to be addressed in different ways. It is up to the organization to determine “whether or not to retain documented information as evidence of its determination of risks.”
As you proceed down the ISO 9001:2015 road, you need to consider what your risks and uncertainties are of your business and how you they will be addressed. More than likely you already perform some type of risk analysis on new jobs. Organizations will also need to decide what kind of evidence is required to demonstrate the risks were examined and reacted to appropriately.
Knowledge is Key
New for many in ISO 9001:2015 is the concept of Organizational Knowledge. Found in Clause 7.1.6, it states: “The organization shall determine the knowledge necessary for the operation of its processes and to achieve conformity of products and services.” That may sound a bit confusing, so we look to Annex A.7 for guidance. This requirement was introduced for two reasons:
- Safeguard the organization from knowledge loss. The annex points out two instances where this can occur. One is through staff turnover. Many of our more seasoned employees hold a lot of what is referred to as tribal knowledge. It is informal, experiential in nature and rarely recorded. How do we ensure that knowledge is not lost when that person leaves? The second way is through the failure to capture and retain knowledge. How many times have you looked for information from a past job or project that could be applied to something current, only it was unable to be found?
- Encouraging the organization to acquire knowledge. As individuals, and the organization itself, we gain knowledge through experience, training, mentoring, benchmarking and a host of other means. Currently, most companies do a poor job at capturing and sharing knowledge for the overall benefit of the organization.
ISO 9001:2015 is on the minds of many Michigan manufacturers. Stay on top of ISO 9001:2015 by joining MMTC quality experts at the 2015 Proud to Manufacture in Michigan Conference from September 23-24. Hear more information about to what to expect with the revised standard in the months to come. MMTC also offers ISO 9001:2015 Transition courses to help organizations navigate the change. Visit mmtc.org for more information.
Since 1991, MMTC has assisted Michigan’s small and medium-sized businesses compete and grow. Through personalized services fitted to meet the needs of clients, we develop more effective business leaders, drive product and process innovation, promote company-wide operational excellence and foster creative strategies for business growth and greater profitability. Find us at www.mmtc.org