Get compliant with ISO 9001:2015 and simplify compliance for your organisation.
Provides details on the day-to-day processes and operations within a business, including how performance will be tracked.
The purpose of this clause is to ensure that the organisation plans, implements and controls the processes necessary for the effective delivery of products or services.
To comply with this clause, an organisation needs to establish and maintain documented processes for operational planning and control.
This should include the identification of the resources needed to carry out the processes, such as personnel, equipment, and materials. The methods of operation need to be determined and documented, such as the procedures and work instructions required to deliver products or services.
The organisation also needs to establish criteria for measuring the effectiveness of the processes, such as quality objectives, key performance indicators (KPIs), or other relevant metrics.
The operational planning and control processes should cover all aspects of the organisation’s activities that contribute to the delivery of products or services, including procurement, production, delivery, and support activities.
These processes must be regularly reviewed and updated as necessary to ensure their continuing suitability, adequacy, and effectiveness.
This section requires organisations to communicate with the customers in an effective manner, regarding its product or services, this should involve gathering information about their needs and expectations regarding the products and services offered by the organisation.
This can be achieved through a variety of channels, such as customer surveys, feedback forms, face-to-face meetings, or other forms of direct communication.
The organisation should also set clear communication about the products and services they offer. This can include providing clear and concise product descriptions, explaining the features and benefits of the products, and highlighting any potential limitations or risks associated with the product or service.
Furthermore, the organisation should ensure that the customer is fully aware of any relevant terms and conditions, including pricing, delivery times, and any other relevant information.
By maintaining an open and transparent communication channel, the organisation can ensure that the customer is fully satisfied with the product or service and can build a positive reputation in the marketplace.
This is a critical step in the product or service delivery process because it helps ensure that the organisation is meeting customer needs and expectations, as well as any relevant regulatory requirements.
The steps to follow :
2. Establish the specific requirements for its products and services. This includes determining the technical specifications, features, performance characteristics, and any other specific requirements that must be met to satisfy the customer.
3.The organisation should also consider any relevant regulatory requirements that must be met, such as safety or environmental standards.
During this process, the organisation may need to engage with its customers and other stakeholders to ensure that all requirements are identified and understood.
Organisations must review and verify the requirements for products and services before they are accepted or provided to the customer. This is an important step in ensuring that customer needs and expectations are fully understood and met.
During the review process, organisations should consider the following factors:
Once the requirements have been reviewed and verified, the organisation should communicate any necessary changes to the customer, and obtain their agreement before proceeding with the provision of the products or services.
The results of the reviews and any new requirements received for the products and services must be documented and retained as documented information.
Requires organisations to establish a process to identify and review changes to requirements for products and services and to communicate any changes to relevant parties, including the customer.
The process for managing changes to requirements should include procedures for reviewing, approving, and implementing changes, as well as verifying the effectiveness of any changes made.
The organisation must also maintain documented information related to the changes and the results of any reviews and approvals.
The standard emphasises that any changes to requirements should be communicated to relevant parties in a timely manner, and that any necessary changes to the quality management system should be identified and implemented.
The organisation should also ensure that any changes made do not adversely affect its ability to meet customer requirements or compromise the quality of its products or services.
Ensures that organisations have a structured approach to creating new products and services, or improving existing ones, that meet the needs and expectations of their customers.
This section highlights the importance of a structured and systematic approach to design and development, including the use of appropriate resources and methods to ensure that products and services are designed and developed to meet customer requirements.
The section emphasises the importance of identifying and managing the risks associated with the design and development process. This includes the need to identify and mitigate potential problems early in the process to minimise the risk of errors and delays.
The standard requires organisations to establish, implement, and maintain a documented process for design and development that includes planning, input, control, output, and changes to the design and development process.
These requirements ensure that the design and development process is managed effectively from start to finish.
Design and development process should take into account relevant statutory and regulatory requirements, as well as any additional requirements specified by the customer or the organisation itself.
Requires organisations to establish and maintain a documented process for planning the design and development of their products and services.
The planning process must consider the following aspects:
The plan should also be communicated to all members involved to ensure that they understand their roles and responsibilities in the design and development process.
Organisations are required to consider the following requirements as inputs when conducting the design and development process:
The inputs should be adequate, complete, and clear for the design and development process, and any conflicting inputs should be addressed.
The organisation must maintain documented information on the design and development inputs.
Requires organisations to have controls in place to ensure that the design and development process is properly managed and monitored. This is important to ensure that the design meets the intended objectives and requirements.
The first thing we should consider is verification, which involves checking the design at various stages to ensure that it meets the requirements that were established in the planning phase. Verification activities can include design reviews, prototyping, simulations, or testing.
The second is validation, which involves testing the final product or service to ensure that it meets the requirements and is fit for its intended use. This can include field testing, user acceptance testing, or other types of evaluation.
The third, is the approval of changes to the design to resolve any problem encountered during the review.
Any changes to the design should be reviewed and approved to ensure that they do not have any negative impact on the product or service’s quality, safety, or effectiveness.
The design output determines what an organisation will produce to fulfil the design input requirements.
The output represents the transformed input and it should be documented.
To comply with ISO 9001:2015 standard, the organisation must ensure that the design outputs meet several requirements:
Outlines the requirements for controlling changes to the design and development process.
This section emphasises the importance of documenting and controlling any changes to the design to ensure that they are properly reviewed, approved, and implemented.
This are the key factors:
This clause ensures that any changes made to the design and development process are properly documented, controlled, and reviewed to minimise the risk of errors or defects in the final product or service.
This section applies to all types of external providers, including suppliers, contractors, and subcontractors, who are involved in the organisation’s quality management system.
The purpose of this section is to ensure that external providers conform to the organisation’s quality requirements and that the organisation takes responsibility for the quality of the products and services provided to its customers.
Requires organisations to ensure effective management of their suppliers and subcontractors.
The QMS must provide detailed information about how the organisation will manage its suppliers and subcontractors, including clear guidelines for post-delivery activities. This clause emphasises the need to extend the purchasing process beyond just the supplier approval process to include the expectations of the organisation once the supplier begins delivering. This includes defining how the organisation will monitor and verify that purchased products or services conform to purchase orders, delivery notes, product specifications, and relevant national or international standards.
The organisation must also have a process in place for handling nonconforming products or services received from suppliers and subcontractors. Additionally, the QMS should outline how the organisation will communicate with suppliers and subcontractors and how it will evaluate their performance.
By effectively managing its suppliers and subcontractors, the organisation can ensure that it consistently meets its customers’ requirements and expectations.
The aim of clause 8.4.3 is to establish effective communication with external providers and to ensure that they have a complete understanding of the organisation’s expectations.
This is essential to ensure that the external providers can supply products or services that meet the specified requirements.
To achieve this, the organisation must provide clear and concise information to the external providers regarding the products or services they are expected to supply, including any applicable specifications, standards, or requirements.
The organisation should also establish a method of verifying that the external providers have understood the requirements and are capable of meeting them. This clause emphasises the importance of maintaining open communication with external providers and ensuring that they are well-informed about the organisation’s expectations from the outset of the engagement.
This control requires organisations to document information in order to record the activities and results of monitoring and measurement processes.
Monitoring and measurement activities include checks that personnel may undertake, such as human checks.
To ensure effective monitoring and measurement, the following should be in place:
All of these factors are critical to ensuring that the product or service meets the specified requirements and that the customer is satisfied
Organisations must have a system in place to identify and trace their products and services throughout their entire life cycle, from the initial stage of receiving the order to the final stage of delivery to the customer.
The purpose of identification is to ensure that products and services are correctly identified at all stages of production, processing, and delivery. This means that products and services must be labelled or marked in a manner that enables them to be easily identified and tracked.
Traceability enables organisations to identify any issues or defects in products or services, and to take corrective action to prevent future problems.
Organisations must establish and maintain a system for the identification and traceability of their products and services. This system must include the following:
This clause requires organisations to have a system in place for the control and management of property that belongs to customers or external providers.
Organisations should ensure that the handling of customer property is extended to external providers as well. To control the product and service provision process, a procedure and forms can be used.
Communication with customers regarding the handling and treatment of their property must be established, along with contingency plans and actions in case of non-conformities. Examples of good sources of information include returned goods, warranty claims, revised invoices, credit notes, media articles, consumer websites, and direct communication with customers.
If any products, materials, or tools owned by customers are on your organisation’s premises, all employees must exercise care to prevent loss or damage.
In case of loss or damage, it should be recorded, and the customer must be informed. A process should be established and implemented to manage property supplied by customers, including identifying and maintaining records of customer-supplied products.
This clause emphasises the need to ensure that products and services are adequately preserved from damage, deterioration, or other forms of degradation that could negatively affect their performance or functionality.
Preservation activities can include, but are not limited to, appropriate handling, storage, packaging, preservation, and protection of products and services.
The organisation must establish and maintain appropriate preservation processes to ensure that the products and services are kept in good condition and maintain their conformity throughout their lifecycle.
This clause also requires the organisation to establish and maintain documented information on the preservation processes, including any special handling or storage requirements, to ensure that the preservation requirements are clearly defined, understood, and implemented by all relevant personnel.
The documented information should also include any relevant monitoring and measurement activities to verify the effectiveness of the preservation processes.
Ongoing support to customers after delivery of the product or service is necessary. Organisations should have processes in place to monitor, analyse and use information related to the use of products and services, customer feedback, and complaints to identify opportunities for improvement and take appropriate corrective actions.
Post-delivery activities can include a range of actions such as maintenance, repairs, warranties, and other forms of customer support. These activities are aimed at ensuring that customers continue to receive the expected level of quality from the product or service and that there is a system in place to address any difficulty.
The clause requires organisations to establish and maintain procedures for addressing customer complaints and to investigate the root causes of any non-conformities identified in the product or service.
The clause also requires organisations to keep records of post-delivery activities, which should include information on any changes made to the product or service, and any corrective or preventive actions taken.
By keeping records of post-delivery activities, organisations can track the performance of their products and services over time, identify trends, and make necessary improvements to enhance customer satisfaction.
Ongoing support to customers after delivery of the product or service is necessary. Organisations should have processes in place to monitor, analyse and use information related to the use of products and services, customer feedback, and complaints to identify opportunities for improvement and take appropriate corrective actions.
Post-delivery activities can include a range of actions such as maintenance, repairs, warranties, and other forms of customer support. These activities are aimed at ensuring that customers continue to receive the expected level of quality from the product or service and that there is a system in place to address any difficulty.
The clause requires organisations to establish and maintain procedures for addressing customer complaints and to investigate the root causes of any non-conformities identified in the product or service.
The clause also requires organisations to keep records of post-delivery activities, which should include information on any changes made to the product or service, and any corrective or preventive actions taken.
By keeping records of post-delivery activities, organisations can track the performance of their products and services over time, identify trends, and make necessary improvements to enhance customer satisfaction.
It is required to document any changes made to the product or service after delivery and keep records of the changes, including details of the person who approved the change and the resulting actions taken.
Organisations should implement controls to manage any changes to products or services that could affect their quality or conformity to requirements.
The controls can include documentation, approval processes, testing, and validation.
The purpose of this clause is to ensure that any changes made after delivery of products or services are controlled to prevent unintended consequences, such as negative impacts on customer satisfaction or safety.
Ensures that products and services are released only after they have been verified to meet all specified requirements and are fit for their intended use.
The following requirements should be taking into account:
The organisation shall maintain documented information that provides evidence of conformity with the acceptance criteria and of the authority responsible for release of the product or service.
The ISO 9001 standard is concerned with the control of nonconforming outputs, which refers to any product or service that does not meet the specified requirements. The purpose of this clause is to ensure that nonconforming outputs are identified, controlled, and prevented from being delivered to customers or further processed.
The clause requires organisations to establish and implement procedures for identifying and controlling nonconforming outputs, which includes defining the responsibilities and authorities for determining the disposition of nonconforming outputs, and documenting the actions taken to eliminate the nonconformity.
The organisation is also required to take appropriate corrective action to prevent the recurrence of the nonconformity, as well as to identify the root cause of the nonconformity and implement actions to address it. Finally, the organisation must record the nature of the nonconformity and any subsequent actions taken, and review the effectiveness of its control of nonconforming outputs in order to continuously improve its processes.