ISO 9001:2015 requires your organisation’s quality policy to be appropriate to both its purpose and context. This means that once your organisation has determined its context and the relevant requirements of its interested parties, Top Management must review the quality policy in light of that information. You should review your organisation’s existing quality policy to determine whether it is appropriate to the context of the organisation and its purpose, that there is a commitment to continually improving the quality management system, and the quality objectives are consistent with the quality policy. Top management should demonstrate that the quality policy is compatible with the strategic direction and context of the organisation, as required by Clause 5.1.1 b. Your organisation will need to review its policies as necessary to ensure that any changes in context, interested parties or their requirements is reflected in the quality policy and whether your organisation’s objectives are affected (6.2.1 a). The policy does not have to include objectives but should create a framework for establishing them. The policy should be stated in such a way that it shows you are working towards continual improvement. It should be reviewed and possibly revised to meet higher aspirations. Develop and implement a policy that is consistent with the company’s codes of conduct and business practices. The policy should be signed by Top Management and commit to:
The standard does not require that the quality policy includes the words ‘continual improvement,’ however it must be clear that processes of continual improvement are implied and known throughout the organisation. To meet the intent of this clause, you simply need a clearly defined management system quality policy that is sufficiently detailed to provide a framework for the subsequent objectives which can be monitored for continual improvement. It’s there to assist an organisation in meeting their business objectives, better customer satisfaction and eventually more market share, which, in time, brings more profits for the organisation. For multi-site/corporate certifications, the policy must be applicable for all sites and be fully integrated with the objectives. If you would like to look at how to implement an ISO 9001 quality management system, then simply contact us. Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses).
0 Comments
Customer focus involves determining customer requirements and ensuring that processes exist to meet the requirements and achieve customer satisfaction. Enhance customer satisfaction by ensuring that customer requirements are identified. The principal message that Top Management must convey is that the objective of the business is to satisfy your customers by ensuring a process exists to achieve the following:
When auditing customer focus, you should assess whether customer satisfaction is adequately determined and whether appropriate corrective action is undertaken when things go wrong. The customer feedback process should be audited as a process in its own right and not just as a clause in the standard. Determine how this process is planned, implemented and improved as these factors will affect the processes’ ability to provide meaningful information about the effectiveness of the management system. Top Management must also ensure that customer and applicable statutory and regulatory requirements are identified and consistently met and that the focus on enhancing customer satisfaction is maintained. Top Management must also determine and address the risks and opportunities that can affect conformity of products and/or services and the organisation’s ability to enhance customer satisfaction. You should seek and record evidence that Top Management is taking a ‘hands-on’ approach to the management of the management system, so be prepared to constructively challenge Top Management’s commitment. Top Management’s commitment can likely be demonstrated by their actions, and by their views on the what the Management System policies mean to the everyday activities of your organisation, as well as policies’ relationship with your organisation’s strategic direction.
If you would like to look at how to implement an ISO 9001 quality management system, then simply contact us. Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses). Whichever management system you put in place, Top management must ensure that the requirements of the management system, including the policies and objectives, are consistent with the strategic context and direction of your organisation, and that the policies and objectives are established whilst ensuring that the human and financial resources needed for implementing the management system are available. Top Management should take a ‘hands-on’ approach to the management system during interviews and whilst recording compliance to other requirements e.g. determining organisational context, policies, objectives, management review minutes, provision of resources etc.
Without solid management commitment, you will not have a successful management system. This is not a commitment in words, it is the continuous and active demonstration to everyone in the organisation that the need to meet customers’ expectations is vital. The actions required of Top Management must include:
If you would like to look at how to implement an ISO 9001 quality management system, then simply contact us. Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses). Outsourced processes must be controlled by the organisation and these controls must be defined and described within their system. Organisations are required to identify the controls they apply for any outsourced processes. Examples of some outsourced processes include:
If an outsourced process is controlled through purchasing, there must be documented objective evidence to ensure that these processes are being controlled beyond the basic purchasing requirements, which are focused on controlling products not processes. Outsourced processes may be controlled through such methods as, but not limited to, auditing, contractual agreements, process performance data review on an on-going basis of purchasing processes. Ensuring control over outsourced processes does not absolve the organisation of the responsibility for conforming to customer, statutory and regulatory requirements. The type and extent of control to be applied to the outsourced process can be influenced by factors such as the potential impact of the outsourced process on the organisation’s capability to provide a product or service that conforms to requirements, the degree to which the control of the process is shared, or the capability of achieving the necessary control through the application of the purchasing process. You should expect to see evidence that your organisation has determined their processes and interactions. If your organisation calls it a ‘process’, it must be monitored for effectiveness and improved. Look for evidence that your organisation has undergone a process to initially identify these groups, and then to identify any of their requirements that are relevant to your organisation’s management system. You should also determine whether these groups’ requirements are reviewed and updated as changes in their requirements occur, or when changes to your organisation’s management system are planned. If you would like to look at how to implement an ISO 9001 quality management system, then simply contact us. Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses). Processes such as design and development, manufacturing, customer service and purchasing are key to giving the customer what they want. Supporting processes do not contribute directly to what the customer wants but do help the key processes to achieve their output. Support processes include often human resources, finance, document control, training and facilities maintenance, etc. A good way look at this is to think about how work flows through your organisation. Consider how the inputs and outputs to the key processes flow from one process to the next, what sub-processes might exist within it and how the support processes link in. For now, ignore the standard, in fact put it in a draw and forget it exists. Instead focus on your key processes and how your departments interface with each other. When defining your processes, try to keep it simple. A process such as ‘receiving inspection’ could be a a sub-process of the ‘purchasing’ process, for example. You are looking for a process model that explains the key processes of the business and how each relates and links to the others. The depth of process explanation may be as detailed as your company chooses. It should be based on its customer and applicable regulations or statutory requirements, the nature of its activities and its overall corporate strategy. In determining which processes should be determined and documented the organisation may wish to consider factors such as:
Once you have defined the processes and interfaces, go back to the standard and determine which processes are responsible for meeting which requirements. When defining your organisation’s processes, think about each process and department and try to define those processes around the current organisational model and not around the requirements of the standard. For each process, ensure that is has:
You want to make sure that your organisation has determined your processes and that the interactions are also defined, preferably (but not necessarily) within a management system manual. Subsequently, this includes the actual and technical inputs and outputs of the processes to show their inter-relationship. This requires that the description of the interactions between the processes should include process names, process inputs and process outputs in order define their interactions. Interaction means how one influences the other. The description of the interactions of the processes cannot be done if the processes are not determined (e.g. named). As part of the standards, the organisation is not required to produce system maps, flow charts, lists of processes etc as evidence to demonstrate that the processes and their sequence and interactions have been determined - but certainly such documents will be useful, if not mandatory. Graphical representation such as flow-charting is perhaps the most easily understandable method for describing the interaction between processes. If you would like to look at how to implement an ISO 9001 quality management system, then simply contact us. Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses). |
WelcomeHere you'll find the latest blog articles on all things compliance, particularly focussed on quality, environment, health & safety and information security. Get a completely free, no obligation, totally tailored ISO Gap Analysis for your business...
Categories
All
Archives
October 2023
|