Clause 8 - Operation

Get compliant with ISO 9001:2015 and simplify compliance for your organisation. 

Provides details on the day-to-day processes and operations within a business, including how performance will be tracked.

Table of Contents

8.1 Operational planning and control

The purpose of this clause is to ensure that the organisation plans, implements and controls the processes necessary for the effective delivery of products or services.

 

To comply with this clause, an organisation needs to establish and maintain documented processes for operational planning and control.

 

This should include the identification of the resources needed to carry out the processes, such as personnel, equipment, and materials. The methods of operation need to be determined and documented, such as the procedures and work instructions required to deliver products or services.

 

The organisation also needs to establish criteria for measuring the effectiveness of the processes, such as quality objectives, key performance indicators (KPIs), or other relevant metrics.

 

The operational planning and control processes should cover all aspects of the organisation’s activities that contribute to the delivery of products or services, including procurement, production, delivery, and support activities.

 

These processes must be regularly reviewed and updated as necessary to ensure their continuing suitability, adequacy, and effectiveness.

8.2 Requirements for products and services

This section requires organisations to communicate with the customers in an effective manner, regarding its product or services, this should involve gathering information about their needs and expectations regarding the products and services offered by the organisation.

 

This can be achieved through a variety of channels, such as customer surveys, feedback forms, face-to-face meetings, or other forms of direct communication.

 

The organisation should also set clear communication about the products and services they offer. This can include providing clear and concise product descriptions, explaining the features and benefits of the products, and highlighting any potential limitations or risks associated with the product or service.

 

Furthermore, the organisation should ensure that the customer is fully aware of any relevant terms and conditions, including pricing, delivery times, and any other relevant information.

 

By maintaining an open and transparent communication channel, the organisation can ensure that the customer is fully satisfied with the product or service and can build a positive reputation in the marketplace.

8.2.2 Determining the requirements for products and services

This is a critical step in the product or service delivery process because it helps ensure that the organisation is meeting customer needs and expectations, as well as any relevant regulatory requirements.

 

The steps to follow :

 

  1. Determining the requirements to identify the customer needs and expectations. This may involve understanding the customer’s industry, the specific application or use of the product or service, and any unique requirements or specifications that the customer may have. The organisation may gather this information through direct communication with the customer, market research, or other means.

 

  2. Establish the specific requirements for its products and services. This includes determining the technical specifications,             features, performance characteristics, and any other specific requirements that must be met to satisfy the customer.

 

  3.The organisation should also consider any relevant regulatory requirements that must be met, such as safety or                            environmental standards.

 

During this process, the organisation may need to engage with its customers and other stakeholders to ensure that all requirements are identified and understood.

8.2.3 Review of the requirements for products and services

Organisations must review and verify the requirements for products and services before they are accepted or provided to the customer. This is an important step in ensuring that customer needs and expectations are fully understood and met.

 

During the review process, organisations should consider the following factors:

 

  • Completeness: Ensure that all requirements have been identified and are included in the review process.
  • Consistency: Ensure that the requirements are consistent with other customer needs, as well as with the organisation’s objectives and policies.
  • Feasibility: Determine whether the requirements can be met by the organisation, taking into account its resources, capabilities, and constraints.
  • Clarity: Ensure that the requirements are clear and unambiguous, and can be understood by all relevant parties.
  • Testability: Ensure that the requirements can be tested or verified, and that appropriate testing or verification procedures are in place.

 

Once the requirements have been reviewed and verified, the organisation should communicate any necessary changes to the customer, and obtain their agreement before proceeding with the provision of the products or services.

 

The results of the reviews and any new requirements received for the products and services must be documented and retained as documented information.

8.2.4 Changes to requirements for products and services

Requires organisations to establish a process to identify and review changes to requirements for products and services and to communicate any changes to relevant parties, including the customer.

 

The process for managing changes to requirements should include procedures for reviewing, approving, and implementing changes, as well as verifying the effectiveness of any changes made.

 

The organisation must also maintain documented information related to the changes and the results of any reviews and approvals.

 

The standard emphasises that any changes to requirements should be communicated to relevant parties in a timely manner, and that any necessary changes to the quality management system should be identified and implemented.

 

The organisation should also ensure that any changes made do not adversely affect its ability to meet customer requirements or compromise the quality of its products or services.

8.3 Design and development of products and services

Ensures that organisations have a structured approach to creating new products and services, or improving existing ones, that meet the needs and expectations of their customers.

8.3.1 General

This section highlights the importance of a structured and systematic approach to design and development, including the use of appropriate resources and methods to ensure that products and services are designed and developed to meet customer requirements.

 

The section emphasises the importance of identifying and managing the risks associated with the design and development process. This includes the need to identify and mitigate potential problems early in the process to minimise the risk of errors and delays.

 

The standard requires organisations to establish, implement, and maintain a documented process for design and development that includes planning, input, control, output, and changes to the design and development process.

 

These requirements ensure that the design and development process is managed effectively from start to finish.

 

Design and development process should take into account relevant statutory and regulatory requirements, as well as any additional requirements specified by the customer or the organisation itself.

8.3.2 Design and development planning

Requires organisations to establish and maintain a documented process for planning the design and development of their products and services.

 

The planning process must consider the following aspects:

 

  • The objectives of the design and development activities.
  • The input requirements for the design and development process.
  • The resources required for the design and development process, including personnel, equipment, and facilities.
  • The design and development stages, duration, and their sequence.
  • The criteria for the review, verification, and validation of the design and development output.
  • The methods for controlling, and reviewing changes to the design and development output.
  • The design and development plan should be reviewed and updated as necessary to ensure that it remains effective and meets the organisation’s needs.

 

The plan should also be communicated to all members involved to ensure that they understand their roles and responsibilities in the design and development process.

8.3.3 Design and development inputs

Organisations are required to consider the following requirements as inputs when conducting the design and development process:

 

  • Functional and quality requirements
  • Past design and activities that are similar
  • Legal requirements
  • Applicable standards or codes of practice
  • Risk assessment of potential failures associated with the nature of the products and services.

 

The inputs should be adequate, complete, and clear for the design and development process, and any conflicting inputs should be addressed.

 

The organisation must maintain documented information on the design and development inputs.

8.3.4 Design and development controls

Requires organisations to have controls in place to ensure that the design and development process is properly managed and monitored. This is important to ensure that the design meets the intended objectives and requirements.

 

The first thing we should consider is verification, which involves checking the design at various stages to ensure that it meets the requirements that were established in the planning phase. Verification activities can include design reviews, prototyping, simulations, or testing.

 

The second is validation, which involves testing the final product or service to ensure that it meets the requirements and is fit for its intended use. This can include field testing, user acceptance testing, or other types of evaluation.

 

The third, is the approval of changes to the design to resolve any problem encountered during the review.

 

Any changes to the design should be reviewed and approved to ensure that they do not have any negative impact on the product or service’s quality, safety, or effectiveness.

8.3.5 Design and development outputs

The design output determines what an organisation will produce to fulfil the design input requirements.

 

The output represents the transformed input and it should be documented.

 

To comply with ISO 9001:2015 standard, the organisation must ensure that the design outputs meet several requirements:

 

  • The design output must meet the input requirements to help the organisation develop a new or improved product that meets the customers’ and market’s expectations.

 

  • The outputs must be adequate for subsequent processes for the provision of products and services. The design outputs serve as a means of communication and should guide different departments on how to successfully develop a new product.

 

  • The outputs must specify monitoring, measuring requirements (as appropriate), and acceptance criteria that define acceptable product quality. These acceptance criteria apply not only to product design but also to the design of services that the organisation may provide. The nature of the product determines the type of acceptance criteria utilised.

 

  • The outputs must specify the characteristics of products and services that are essential for their intended purpose and safe and proper provision. This includes indicating the safe and acceptable use of the product to prevent injury or death from incorrect use. Organisations that fail to do this may face costly lawsuits, bankruptcy, and criminal prosecution.

8.3.6 Design and development changes

Outlines the requirements for controlling changes to the design and development process.


This section emphasises the importance of documenting and controlling any changes to the design to ensure that they are properly reviewed, approved, and implemented.


This are the key factors:

 

  • Information on design and development changes: The organisation must maintain documentation that clearly identifies the changes made to the design and development process. This includes details such as the reason for the change, the scope of the change, and the impact of the change on the product or service.

 

  • Results of review : The organisation must also document the results of any reviews conducted to assess the impact of the proposed changes. This could involve updating schematics or other design documents to reflect the changes being made.

 

  • Identify who authorised the changes, so that there is accountability for any deviations from the original design.

 

  • Controls to stop things being done incorrectly: The organisation must also have controls in place to ensure that the changes are implemented correctly and that they do not negatively impact the quality of the product or service.

 

This clause ensures that any changes made to the design and development process are properly documented, controlled, and reviewed to minimise the risk of errors or defects in the final product or service.

8.4 Control of externally provided processes, products and services

8.4.1 General

This section applies to all types of external providers, including suppliers, contractors, and subcontractors, who are involved in the organisation’s quality management system.

 

The purpose of this section is to ensure that external providers conform to the organisation’s quality requirements and that the organisation takes responsibility for the quality of the products and services provided to its customers.

8.4.2 Type and extent of control

Requires organisations to ensure effective management of their suppliers and subcontractors.

 

The QMS must provide detailed information about how the organisation will manage its suppliers and subcontractors, including clear guidelines for post-delivery activities. This clause emphasises the need to extend the purchasing process beyond just the supplier approval process to include the expectations of the organisation once the supplier begins delivering. This includes defining how the organisation will monitor and verify that purchased products or services conform to purchase orders, delivery notes, product specifications, and relevant national or international standards.

 

The organisation must also have a process in place for handling nonconforming products or services received from suppliers and subcontractors. Additionally, the QMS should outline how the organisation will communicate with suppliers and subcontractors and how it will evaluate their performance.

 

By effectively managing its suppliers and subcontractors, the organisation can ensure that it consistently meets its customers’ requirements and expectations.

8.4.3 Information for external providers

The aim of clause 8.4.3 is to establish effective communication with external providers and to ensure that they have a complete understanding of the organisation’s expectations.

 

This is essential to ensure that the external providers can supply products or services that meet the specified requirements.

 

To achieve this, the organisation must provide clear and concise information to the external providers regarding the products or services they are expected to supply, including any applicable specifications, standards, or requirements.

 

The organisation should also establish a method of verifying that the external providers have understood the requirements and are capable of meeting them. This clause emphasises the importance of maintaining open communication with external providers and ensuring that they are well-informed about the organisation’s expectations from the outset of the engagement.

8.5 Production and service provision

8.5.1 Control of production and service provision

This control requires organisations to document information in order to record the activities and results of monitoring and measurement processes.

 

Monitoring and measurement activities include checks that personnel may undertake, such as human checks.

 

To ensure effective monitoring and measurement, the following should be in place:

 

  • A description of the product, including specifications, manufacturers’ guidance, and quotations
  • Clear definition of what the customer wants.
  • Availability of necessary tools and equipment to measure and test systems installed.
  • Identification of tests that should be conducted and when, such as testing electric output before, during, and after installation.
  • Adequate support from the office and site to complete the job, including ordering the right parts for delivery to the site
  • Competent and trained staff
  • A clear process to test and check the installation during delivery to ensure that it is done correctly
  • Safety measures to prevent mistakes during installation
  • A process for completing an installation when it is finished.

 

All of these factors are critical to ensuring that the product or service meets the specified requirements and that the customer is satisfied

8.5.2 Identification and traceability

Organisations must have a system in place to identify and trace their products and services throughout their entire life cycle, from the initial stage of receiving the order to the final stage of delivery to the customer.

 

The purpose of identification is to ensure that products and services are correctly identified at all stages of production, processing, and delivery. This means that products and services must be labelled or marked in a manner that enables them to be easily identified and tracked.

 

Traceability enables organisations to identify any issues or defects in products or services, and to take corrective action to prevent future problems.

 

Organisations must establish and maintain a system for the identification and traceability of their products and services. This system must include the following:

 

  • A system for identifying the product or service, such as serial numbers, part numbers, or batch numbers.

 

  • A system for marking or labelling the product or service with the identification information.

 

  • A system for recording and maintaining the identification information.

 

  • A system for tracing the product or service throughout its life cycle, including any testing, inspection, or verification activities.

 

  • A method for maintaining the status of the product or service with respect to monitoring and measurement requirements, such as calibration or testing requirements.

8.5.3 Property belonging to customers or external providers

This clause requires organisations to have a system in place for the control and management of property that belongs to customers or external providers.

 

Organisations should ensure that the handling of customer property is extended to external providers as well. To control the product and service provision process, a procedure and forms can be used.

 

Communication with customers regarding the handling and treatment of their property must be established, along with contingency plans and actions in case of non-conformities. Examples of good sources of information include returned goods, warranty claims, revised invoices, credit notes, media articles, consumer websites, and direct communication with customers.

 

If any products, materials, or tools owned by customers are on your organisation’s premises, all employees must exercise care to prevent loss or damage.

 

In case of loss or damage, it should be recorded, and the customer must be informed. A process should be established and implemented to manage property supplied by customers, including identifying and maintaining records of customer-supplied products.

8.5.4 Preservation

This clause emphasises the need to ensure that products and services are adequately preserved from damage, deterioration, or other forms of degradation that could negatively affect their performance or functionality.

 

Preservation activities can include, but are not limited to, appropriate handling, storage, packaging, preservation, and protection of products and services.

 

The organisation must establish and maintain appropriate preservation processes to ensure that the products and services are kept in good condition and maintain their conformity throughout their lifecycle.

 

This clause also requires the organisation to establish and maintain documented information on the preservation processes, including any special handling or storage requirements, to ensure that the preservation requirements are clearly defined, understood, and implemented by all relevant personnel.

 

The documented information should also include any relevant monitoring and measurement activities to verify the effectiveness of the preservation processes.

8.5.5 Post-delivery activities

Ongoing support to customers after delivery of the product or service is necessary. Organisations should have processes in place to monitor, analyse and use information related to the use of products and services, customer feedback, and complaints to identify opportunities for improvement and take appropriate corrective actions.

 

Post-delivery activities can include a range of actions such as maintenance, repairs, warranties, and other forms of customer support. These activities are aimed at ensuring that customers continue to receive the expected level of quality from the product or service and that there is a system in place to address any difficulty.

 

The clause requires organisations to establish and maintain procedures for addressing customer complaints and to investigate the root causes of any non-conformities identified in the product or service.

 

The clause also requires organisations to keep records of post-delivery activities, which should include information on any changes made to the product or service, and any corrective or preventive actions taken.

 

By keeping records of post-delivery activities, organisations can track the performance of their products and services over time, identify trends, and make necessary improvements to enhance customer satisfaction.

8.5.5 Post-delivery activities

Ongoing support to customers after delivery of the product or service is necessary. Organisations should have processes in place to monitor, analyse and use information related to the use of products and services, customer feedback, and complaints to identify opportunities for improvement and take appropriate corrective actions.

 

Post-delivery activities can include a range of actions such as maintenance, repairs, warranties, and other forms of customer support. These activities are aimed at ensuring that customers continue to receive the expected level of quality from the product or service and that there is a system in place to address any difficulty.

 

The clause requires organisations to establish and maintain procedures for addressing customer complaints and to investigate the root causes of any non-conformities identified in the product or service.

 

The clause also requires organisations to keep records of post-delivery activities, which should include information on any changes made to the product or service, and any corrective or preventive actions taken.

 

By keeping records of post-delivery activities, organisations can track the performance of their products and services over time, identify trends, and make necessary improvements to enhance customer satisfaction.

8.5.6 Control of changes

It is required to document any changes made to the product or service after delivery and keep records of the changes, including details of the person who approved the change and the resulting actions taken.

 

Organisations should implement controls to manage any changes to products or services that could affect their quality or conformity to requirements.

 

The controls can include documentation, approval processes, testing, and validation.

 

The purpose of this clause is to ensure that any changes made after delivery of products or services are controlled to prevent unintended consequences, such as negative impacts on customer satisfaction or safety.

8.6 Release of products and services

Ensures that products and services are released only after they have been verified to meet all specified requirements and are fit for their intended use.

 

The following requirements should be taking into account:

 

  • All activities specified in the planning process have been satisfactorily completed.(Clause 8.1)
  • Products and services released for delivery meet all specified requirements, including those agreed upon with customers.
  • Products and services are properly identified and traceable.

 

The organisation shall maintain documented information that provides evidence of conformity with the acceptance criteria and of the authority responsible for release of the product or service.

8.7 Control of nonconforming outputs

The ISO 9001 standard is concerned with the control of nonconforming outputs, which refers to any product or service that does not meet the specified requirements. The purpose of this clause is to ensure that nonconforming outputs are identified, controlled, and prevented from being delivered to customers or further processed.

 

The clause requires organisations to establish and implement procedures for identifying and controlling nonconforming outputs, which includes defining the responsibilities and authorities for determining the disposition of nonconforming outputs, and documenting the actions taken to eliminate the nonconformity.

 

The organisation is also required to take appropriate corrective action to prevent the recurrence of the nonconformity, as well as to identify the root cause of the nonconformity and implement actions to address it. Finally, the organisation must record the nature of the nonconformity and any subsequent actions taken, and review the effectiveness of its control of nonconforming outputs in order to continuously improve its processes.