ISO 9001:2015 Explained

By Charles A. Cianfrani and John (Jack) E. West

The 2015 edition of ISO 9001 has been modernized to update terminology and content to meet current and anticipated user needs. The major emphasis of ISO 9001:2015 is still consistent provision of products and services that meet customer and applicable statutory and regulatory requirements.

This book explains the meaning and intent of the requirements of ISO 9001:2015 and discusses the requirements as they relate to each of the product categories. Where appropriate, it includes an elaboration of why the requirements are important. It also includes typical audit-type questions that an organization may consider to assess conformity to internal needs and ISO 9001 requirements. Recommendations for implementation are also included.

This book addresses the needs of:
Users and organizations seeking a general understanding of the contents of ISO 9001:2015
Users and organizations desiring guidance to ensure their ISO 9001:2015 QMS meets the new version requirements
Users and organizations considering the use of ISO 9001:2015 as a foundation for the development of a comprehensive QMS
Educators who require a textbook to accompany a training class or course on ISO 9001:2015
Auditors who desire to increase their level of auditing competence

Authors Cianfrani and West, members of the expert group that developed ISO 9001:2015, strive to provide a context for all requirements to enable you to develop and deploy processes that will strengthen your QMS. Getting or retaining a certificate is not the real objective. Satisfied customers and organizational sustainability should be primary objectives for the organization.

• Language: English
• Publisher: ASQ Quality Press
• Release date: Sep 21, 2015
• ISBN: 9781953079749

Book preview

ISO 9001:2015 Explained

Fourth Edition

Charles A. Cianfrani

John E. (Jack) West

ASQ Quality Press

Milwaukee, Wisconsin

American Society for Quality, Quality Press, Milwaukee 53203

© 2015 by ASQ

All rights reserved.

Library of Congress Cataloging-in-Publication Data

Cianfrani, Charles A., author.

ISO 9001:2015 explained / Charles A. Cianfrani, John E. (Jack) West.

pages cm

Includes index.

ISBN 978-0-87389-901-7 (alk. paper)

1. ISO 9001 Standard. 2. Quality control—Standards. I. West, Jack,

1944– author. II. Title.

TS156.6.C45 2016

658.5′620218—dc23

2015033095

No part of this book may be reproduced in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher.

Publisher: Lynelle Korte

Acquisitions Editor: Matt Meinholz

Managing Editor: Paul Daniel O’Mara

Production Administrator: Randall Benson

ASQ Mission: The American Society for Quality advances individual, organizational, and community excellence worldwide through learning, quality improvement, and knowledge exchange.

Attention Bookstores, Wholesalers, Schools, and Corporations: ASQ Quality Press books, video, audio, and software are available at quantity discounts with bulk purchases for business, educational, or instructional use. For information, please contact ASQ Quality Press at 800-248-1946, or write to ASQ Quality Press, P.O. Box 3005, Milwaukee, WI 53201–3005.

To place orders or to request a free copy of the ASQ Quality Press Publications Catalog, visit our website at http://www.asq.org/quality-press.

ASQ-Logo-QPress-address-K.jpg

Preface

The ISO 9000 series of quality management system (QMS) standards was initially issued in 1987 and reissued with minor revisions in 1994. A major revision was issued in 2000 to update the standards and to make the documents more user-friendly. ISO 9001:2008 was the fourth edition of ISO 9001.

The 2015 edition of ISO 9001 has been modernized to update terminology and content to meet current and anticipated user needs. The major emphasis of ISO 9001:2015 is still consistent provision of products and services that meet customer and applicable statutory and regulatory requirements. The latest edition of ISO 9001 incorporates directly or indirectly all the requirements of its predecessor but the language may appear peculiar or unfamiliar. It also contains requirements that may be new for many organizations. The old, the new, and the repackaged requirements are addressed in this book.

A few areas that should receive your particular attention as you address the requirements of ISO 9001:2015 include:

Understanding the needs of the customer including consideration of internal and external issues and the needs and expectations of interested parties beyond a direct customer

Considering processes related to risks and opportunities

Understanding needs, meeting requirements, and monitoring information related to customer satisfaction

Use of a process approach, which considers all work in terms of suppliers, inputs, processing activities, process interactions, resources, outputs, and customers

Managing a system of effective processes rather than documenting the system in procedures

Emphasizing the role of top management

Setting measurable objectives and measuring product and process performance

Analyzing and using data to define opportunities for improvement

Continual improvement of processes and of QMS effectiveness

Use of wording that can be understood in all product sectors—not just hardware

New terminology especially for documented information

The lack of specific requirements for documented information in several places

The appearance of the elimination of preventive action (which has been replaced by the introduction of risk-based thinking)

All of the above are addressed in detail in this book. As was our objective in the previous three editions, we strive to provide a context for all requirements to enable you to develop and deploy processes that will strengthen your QMS. Getting or retaining a certificate is not the real objective. Satisfied customers and organizational sustainability should be primary objectives for the organization.

This book addresses the needs of:

Users and organizations seeking a general understanding of the contents of ISO 9001:2015

Users and organizations desiring guidance to ensure their ISO 9001:2015 QMS meets the new version requirements

Users and organizations considering the use of ISO 9001:2015 as a foundation for the development of a comprehensive QMS

Educators who require a textbook to accompany a training class or course on ISO 9001:2015

Auditors who desire to increase their level of auditing competence

This book explains the meaning and intent of the requirements of ISO 9001:2015 and discusses the requirements as they relate to each of the product categories. Where appropriate, it includes an elaboration of why the requirements are important. It also includes typical audit-type questions that an organization may consider to assess conformity to internal needs and ISO 9001 requirements.

Recommendations for implementation are also included. Each clause has a section on tips for implementation. New tips have been added as appropriate to accommodate new terminology and requirements. ISO 9001:2015 provides requirements for what activities and processes are needed; it does not tell the user how to carry out these requirements. Therefore, the authors have included some recommendations for implementation actions that have proven to be successful. It should be recognized that this implementation guidance may go beyond the requirements of ISO 9001:2015. It is provided because much of what is needed for a successful QMS involves how the requirements are implemented, not the requirements themselves.

There is also a new chapter, Integrating the Process Approach and Systems Thinking.

The contents of ISO 9001:2015 have been paraphrased in this book. Paraphrased text by its very nature can introduce differences in understanding and interpretation. This book should be used in conjunction with:

ISO 9001:2015 Quality management systems—Requirements

ISO 9000:2015 Quality management systems—Fundamentals and vocabulary

This book is intended to facilitate an understanding of the process approach and related systems thinking and how to apply it in any organization to create, deploy, and improve a QMS. The intended outcome should be a QMS that achieves internal operating effectiveness and improved performance as viewed by customers and other interested parties.

For simplicity, the book often refers to specific editions of ISO 9001 by the year only (i.e., ISO 9001:2015 is referred to as 2015).

1

ISO 9001:2015: What’s New and How to Get Started on the ISO 9001:2015 Journey

Plus ça change, plus c’est la même chose. (The more things change, the more they stay the same.)

—French proverb

Ah, is it just me or does anybody see

The new improved tomorrow isn’t what it used to be

Yesterday keeps comin’ ’round, it’s just reality

It’s the same damn song with a different melody

—Jon Bon Jovi

Background

Before addressing ISO 9001:2015, the fifth edition of ISO 9001, let us consider the events that brought us from the first edition, in 1987, to the current time.

In 1987 the first edition of ISO 9001 was published by the International Organization for Standardization (ISO). That standard created a common worldwide language for quality assurance. Two additional International Standards were published at the same time that were derivatives of, and less comprehensive than, ISO 9001. The intent at that time was to provide a global set of minimum requirements for quality systems. If an organization could demonstrate conformity with this minimum set of requirements, its customers anywhere in the world could have confidence in the products and services that the organization provided, and international trade would be facilitated.

The first edition did not include the words quality assurance or quality management in its title—just quality systems. Over the years the standard has changed in many ways in both its form and content, but its essence and intent have remained the same—the articulation of a minimum set of requirements that an organization should consider in structuring and deploying its quality management system (QMS). The second edition of ISO 9001 was published in 1994, the third edition in 2000, and the fourth in 2008.

In its initial release, ISO 9001 was created as one element of a family of standards—ISO 9000, ISO 9001, and ISO 9004. ISO 9001 was a requirements document, meaning that it stated requirements. ISO 9000 and ISO 9004 were guidance documents that did not contain requirements. The primary use of ISO 9000 was as a quality dictionary, although it contained much additional quality-related information. ISO 9004 was a guideline document that provided its readers with areas and processes an organization could consider to expand the breadth and depth of its quality system. ISO 9004 has always been intended to serve as a stepping-stone for organizations that desired to expand their quality systems beyond a minimum set of processes to world-class levels of quality.

We now have the fifth edition of ISO 9001 available to us.

What Is New (if Anything) in ISO 9001:2015?

The question many of us ask about ISO 9001:2015 is Are there any new requirements in ISO 9001:2015? The answer to this question is It depends. If an organization has a QMS designed and deployed to meet or exceed the intent of the requirements contained in ISO 9001:2008, the answer to the question could be Although several new terms appear in 2015, and the structure and many of the words appear to be different, in many cases these new words do not provide new requirements in the 2015 edition. This is the belief of the authors regarding the content of the latest edition. If, however, an organization has achieved only minimal conformity with the requirements of ISO 9001:2008 (e.g., just to pass an outside certification audit), the answer would be quite different and along the lines of We will need to develop and deploy several new processes in order to be able to provide objective evidence of compliance. For many organizations, the actual situation will be somewhere between these two extremes.

In Chapters 2–9 we provide details of the content of each clause of ISO 9001:2015. For each clause we provide you with the following information to enhance your understanding of the explicit and implicit requirements and to facilitate your consideration of the options you have to develop and deploy compliant value-adding processes:

What does the clause say? (paraphrased)

What does the clause mean?

Consider the potential interactions as they apply to your QMS

Implementation tips

Questions to ask to assess conformity

Definitions (refer to ISO 9000:2015)

Considerations for documented information to be maintained and/or retained

In addition, after addressing each of the requirements clauses, we provide chapters on the following topics related to the requirements:

Annexes A and B of ISO 9001:2015

Auditing implications (internal and external)

Integrating the process approach and systems thinking

Selected sector applications of ISO 9001:2015 (automotive, aerospace, and telecommunications)

To start our journey to obtain a working knowledge of ISO 9001:2015, we provide an overview of the content that we believe may appear to be new to many users of the standard, recognizing that what is considered new will vary from organization to organization. This overview will heighten your attention to these areas when we explore the specifics in Chapters 2–9. Our list of content that may be considered new includes:

Annex SL structure

Understanding the organization and its context

Understanding the needs and expectations of interested parties

Actions to address risks and opportunities

Organizational knowledge

Details for each of these will be provided in the body of this book. Here, we provide a few high-level comments:

Annex SL structure—In ISO 9001:2008 the requirements are contained in clauses 4–8. In ISO 9001:2015 the requirements are contained in clauses 4–10. The new structure of the requirements clauses is made mandatory by the ISO Directives. It is intended for use by all ISO management system standards (MSSs) with the intent expressed by ISO headquarters (which is arguable) that a common structure for MSSs will facilitate compliance by organizations.

Some will view the new structure as new. Others will shrug their shoulders and comment that this new structure is nothing more than reshuffling the deck. After you work with 2015 you can decide whether the new structure makes sense and adds any value. Your authors have their own opinion, which is discussed in Chapter 1.

Understanding the organization and its context—These words are new to ISO 9001 and are an attempt to require the organization to consider its strategic direction so it can determine issues of real or potential impact and plan and deploy processes and controls to manage such issues. Although the words may be new, many organizations have strategic and tactical planning processes in place to address such a requirement. If such processes do not exist, 2015 provides an incentive to consider implementation. To provide a frame of reference for this concept, Figure 1.1 provides an overview picture of the processes of the QMS and the extent of what may be included in the appraisal of the context of the organization.

Understanding the needs and expectations of interested parties—Interested parties? What does this mean? In prior editions of ISO 9001 there was strong concern for meeting customer, statutory, and regulatory requirements but no reference to any other parties. However, given the requirement related to the organization and its context, there is now a need to consider other relevant interested parties in addition to the customer. Much more on this later in Chapters 3 and 5.

Actions to address risks and opportunities—Although we view the requirements around the concept of risk as vague, the intention of introducing risk into ISO 9001 is to encourage making preventive action an explicit element of the QMS. For many organizations, this will not be regarded as new. For others, new processes and thinking may be required. Although the wording in the standard may be vague and non-prescriptive to some, the concept is well worth attention if it has been ignored in the past. Chapter 5 discusses this in detail.

Organizational knowledge—Knowledge? A new concept? This requirement, although vague, could have been viewed as an implicit requirement of clause 6 in ISO 9001:2008 by some organizations. For others, the concept and the processes required to meet explicit and implicit requirements in 2015 will be new initiatives.

H1476f0101.jpg

There are no requirements in clauses 4–10 to consider processes related to innovation. It is mentioned in the introduction and in a note to one of the requirements in the improvements clause (clause 10). We bring your attention to the decision to remove requirements to consider innovation processes since we believe that innovation is and will continue to be an essential component of a QMS. Even though it is not an explicit requirement of ISO 9001:2015, many organizations will consider including innovation requirements in their QMS from a sustainability viewpoint.

In addition to the concepts that may appear to be new in ISO 9001:2015, there has been a change in some of the