9/30/2010

ISO 9001 Brief Understanding

By
Suhas Agawane
Chief Consulting Officer
Simple Solutions Consultant

1
 9/30/2010

General Info – ISO Standards

• ISO standards are published by International Organization for
Standardization
• ISO has it’s head quarters at Geneva and more than 180
countries are members of this institution
• ISO publishes various standards on technical specs , testing
methods as well as management systems
• In management system domain , following standards (which
are relevant to constructions sector) are available from ISO
ISO 9001 (QMS) ISO 9000 (Vocabulary)
ISO 14001 (EMS) ISO 9004 (Performance Improvement Guideline)
ISO / OHSAS 18001 (Safety) ISO 10007 (Project Mgt Guidelines)
ISO 27001 (ISMS) ISO 19011 (Audit Guidelines)

• ISO certificates are issued by certification bodies (CBs) & these

CBs are authorized to do so by accreditation boards
• ISO certificates are valid for 3 yrs. There are surveillance audit
conducted by CB every yr & re-registration audit every 3 years
• Latest standard edition for ISO 9001 is 2008. Superseded
editions includes 2000 , 1994 , 1987

2
 9/30/2010

What is Process

• Continued

3
 9/30/2010

Process Mapping
Inputs Purchasing Outputs
• Required item / Process Steps • Receipt of Materials
quantity / date on right conditions
• Applicable specs • Right Quality, Right
• Supplier source Quantity
• Suppliers capability Interactions to • Right Time.
to meet our •Storage
requirements •Inspection and Testing
•Manufacturing
•Finance

Customers
Suppliers Performance Measurements
•Production
•Finance •Delivery status – On-time, On
spec, NCP etc •Stores

•Supplier evaluation • Continued

4
 9/30/2010

Understanding fundamental terms

Requirement Characteristic
Need or expectation that is Distinguish feature
stated, generally implied or
obligatory

Quality
Conformity Degree to which a set of
Fulfilment of requirement inherent characteristics
fulfils requirements

Grade
Nonconformity Category or rank given to different
Non Fulfilment of quality requirements for products
requirement ,, processes or systems having the
• Continued same functional use

5
 9/30/2010

Understanding fundamental terms

DISPOSITION CONFORMITY
Action taken to resolve a T
non-conformity situation E DEFECT
M NON CONFORMITY (NC) Non-fulfilment of a
SCRAP P Non-fulfilment of a requirement related to an
requirement intended or specified use.
ALTERNATE USE S
O
RE-GRADE L PERMENANT / LT SOLUTIONS
DEVIATION / U
CONCESSION T
I CORRECTIVE ACTION PREVENTIVE ACTION
CORRECTION O Action to eliminate the Action to eliminate the
Action to eliminate a a N cause of a detected NC or cause of a potential NC or
detected nonconformity S other undesirable situation other undesirable situation

REWORK REPAIR
Action on NC product to make Action on a NC product to make
it conform to the requirements it acceptable for the intended use

6
 9/30/2010

Marco View of ISO 9001 Framework

• Continued

7
 9/30/2010

Marco View of ISO 9001 Framework

4 Quality 5 Management 6 Resource 7 Product 8 Measurement

Management Responsibility Management Realization Analysis &
System Improvements
Requirements

Management
General Commitment Provision of Planning General
Requirements Resources

Customer Focus Customer Monitoring &

Documentation Human Related
Requirements Resources Measurements
Processes
Quality Policy
Infrastructure Control of NCP’s
Design &
Development
Planning Analysis of Data
Work
Environment Purchasing
Responsibility, Improvements
Authority & Production &
Communication Service
Provision
Management
Reviews Calibration

8
 9/30/2010

Clause 4.1 General Requirements

• Determination of Org Process

• Sequence & Interaction of process
• Overall process management approach
• Outsourced processes & org's control over it

9
 9/30/2010

Clause 4.2.1 Documentation Requirement

• Structure of QMS
• QMS Coverage
• Policy Statement
• Objective Statement

10
 9/30/2010

Clause 4.2.2 Quality Manual

• Scope statement and Exclusion with justification

• Interaction of processes
• 6 Mandatory procedures ( Reference or details)

11
 9/30/2010

Clause 4.2.3 Document Control

• Details of mandatory procedure on Doc control

• Approval authority for QMS docs
• Periodic Review & update criteria for QMS documents
• Changes & current revision identification
• Methodology to ensure availability of documents at point of
use (POU)
• Controls on document legibility & identification
• Determination of Ext origin docs , it's identification ,
distribution
• Obsolete marking , retention & use prevention approach

12
 9/30/2010

Clause 4.2.4 Record Control

• Details of mandatory procedure on Record control

• References / list of mandatory records
• Controls on identification , Storage , Retrieval , retention &
disposition

13
 9/30/2010

Clause 5.1 Management Commitment

• Role of Top mgt in establishing , improving QMS

• Top mgt's involvement in establishing Quality Policy ,
Objectives & conducting MRM
• How top mgt ensures availability of resources

14
 9/30/2010

Clause 5.2 Customer Focus

• Top mgt's role in spreading awareness about customer

requirements & enhancing customer satisfaction

15
 9/30/2010

Clause 5.3 Quality Policy

• Statement of Quality policy expressed by top mgt

• Relevance of policy to org's business , QMS scope
• Framework for translation into objectives
• Understanding of policy relevance to individual's roles
• Mechanism to keep this policy aligned to changes in
dynamic business environment

16
 9/30/2010

Clause 5.4 Quality Planning

• Objective list for relevant functions & Levels

• Objectives are in sync with policy statement
• Objective also to include those needed to meet
requirements for product
• Appropriate indicators are identified for objectives
• Controls to ensure integrity of QMS whiles carrying out
changes in QMS

17
 9/30/2010

Clause 5.5 Responsibility & Authority

• Organization chart with key & major staff positions

• Responsibilities & authorities , covering at least those
aspects which are essential as ISO 9001 of above staff
position
• Appointment of MR from org's own management team
• Role & empowerment of MR
• Framework / platforms used for communication QMS
effectiveness

18
 9/30/2010

Clause 5.6 Management Review

• Top mgt to undertake periodic review of QMS performance

• Such review meeting to include at least minimum as
defined in 5.6.2
• Records of outcome of such reviews to be maintained
• Outcome to include decisions & actions for QMS , Product
improvements and resource need

19
 9/30/2010

Clause 6.1 Provision of Resources

• How org determines resources required for implement &

main QMS , and improve QMS & customer satisfaction

20
 9/30/2010

Clause 6.2 Competency & Training

• Determination of competency requirement for various staff

positions
• How org assess competency of existing staff against what
is required
• How org ensures the competency gaps are filled (it's
actions and effectiveness)
• Records of competency of staff
• How staff is made aware about their roles

21
 9/30/2010

Clause 6.3 Infrastructure

• How org determine , provide & maintain various

infrasturcture requirements (Plant , Machinery , IT ,
Communication)
• Maintenance policies (preventive & break down)
• All asset inventory

22
 9/30/2010

Clause 6.4 Work Environoment

• Determine specific work environment direct needed to it's

product / service quality
• Determine indirect work environment factors which can
affect it's product / service quality
• How are these work environment requirements & factors
managed

23
 9/30/2010

Clause 7.1 Planning of Product

Realization
• How does org rollout newly designed / introduced products
, services
• Quality , process planning (including validation ,
measurement & monitoring requirements) for such newly
designed / introduced products & services
• Infrastructure (plant/ machine / Equipment ) requirements
for such products / services & it's provisions
• Determination of records required during product / service
realization process
• Documentation of outcome of such rollout process for
newly designed / introduced products / services

24
 9/30/2010

Clause 7.2 Customer Requirement

Determination & Review
• How org determine customer's stated requirement
(including for delivery & Post delivery) , implied
requirement , S & R requirement applicable for products
and any additional requirement t needed by org
• How org reviews these requirements before it's
commitment to supply (Enquiry stage and Order
acceptance stage)
• Records of such reviews & actions arising out this
• In case of verbal orders ( non documented requirements) ,
how these are confirmed to customers
• How changes to customer requirements are handled
• How customers keep informed about product info ,
Enquiry & Order Handling and feedback & complaints

25
 9/30/2010

Clause 7.3.1 D&D Planning

• Determination of design & development stages

• How review , verification & validation done during these
stages
• Roles , interface & authorities for staff / groups involved
• Updating D&D planning

26
 9/30/2010

Clause 7.3.2 D&D Input

• Determination of product input requirements (Functional &

Performance , applicable S & R , info from previous similar
design , etc)
• Records of such inputs
• How these are reviewed to ensure adequacy , completeness
and its free from ambiguity & conflict

27
 9/30/2010

Clause 7.3.3 D&D Output

• List out what are outputs of D & D process

• Outputs to be compared with inputs considered
• Output to provide info for production , purchasing as well
as acceptance criteria

28
 9/30/2010

Clause 7.3.4 D&D Review

• Systematic review of D & D project including arrangement

listed in D & D plan
• review to evaluate D & D ability to meet requirement
• Review to discuss problems & decide necessary actions
• Records of results of reviews & necessary actions

29
 9/30/2010

Clause 7.3.5 D&D Verification

• Verification of D & D output to check it meet D & D input as

per arragement listed in D & D plan
• Records of results of verification and necessary actions

30
 9/30/2010

Clause 7.3.6 D&D Validation

• Validation of Designed product ( as per arragement listed

in D & D plan) to check it is capable of meeting
requirements in intended use for specified application D &
D input
• Records of results of validation and necessary actions

31
 9/30/2010

Clause 7.3.7 D&D Changes

• Design changes , it's identification and change procedure

including change impact study , approval
• Records of design changes
• Changed details to be verified , validated as appropriate
• Records of results of review of changes & necessary action

32
 9/30/2010

Clause 7.4 Purchasing

• Criteria Supplier capability assessment and selection ,

evaluation & re-evaluation
• Records of results evaluation and necessary action arising
from it
• Methodology for communicating (including review of
adequacy ) purchase requirement information to supplier
• Describe type & extent of control regarding purchasing &
selection of supplier
• Describe the inspection & / or verification of purchase
material activity

33
 9/30/2010

Clause 7.5.1 Production / Service

Provision Control
• Describe important information that needed for product /
service provision & it's availability
• List out plant & machinery , equipment needed
• What test & monitoring equipments needed
• How product / service provision monitored & measured
• How products / services released , delivered and what are
post delivery activities supported

34
 9/30/2010

Clause 7.5.2 Process Validation

• Determine processes which requires validation

• Describe validation arrangements & outcome for the above
process - covering criteria for review & approval process ,
approval of equipment & operator , methods & procedures ,
records and re-validating plan
• Validation records

35
 9/30/2010

Clause 7.5.3 Identification and

Tracebility
• Methodology of identification of material , inspection
outcome status
• Traceability control including unique identification of
product
• Traceability records

36
 9/30/2010

Clause 7.5.4 Customer Property

Control
• How org receives & protect customer property and report
issues related to it
• Customer property includes material , proprietary info /
document , working at customer site
• Records of reporting of unsuitable / damaged / lost
customer property

37
 9/30/2010

Clause 7.5.5 Storage & Preservation

• Methodology for identification , storage , handling ,

preservation of product during it's realization processes &
stages including delivery ( related to packaging)
• This to include shelf life product control , slow moving
inventory control
• This also includes stores transaction methods

38
 9/30/2010

Clause 7.6 Calibration Control

• Describe / list out what measurement & monitoring undertaken

during realization processes / stages to provide evidence of
determined product requirements
• List of monitoring & measuring equipment
• Monitoring & measurement processes to demonstrate ability
measurement & monitoring done is in consistent with determined
requirement
• Methodology for calibration , verification of M & M Eqpt
(including adjustment / re-adjustment , safeguard against
adjustment ) at specified intervals against national / international
measurement stds
• List out wherever required traceability is not possible/ addressed
with justification and alternate calibration basis
• Guidelines / practices for safe eqpt handling
• List out steps when eqpt found out of calibration including
subsequent actions
• Records of results of calibration & verification

39
 9/30/2010

Clause 8.1 Measurement & Monitoring

• Product M & M processes

• Processes to ensure QMS Conformity & improve it's
effectiveness
• Process to include determination of applicable methods ,
statistical tech with extent of their use

40
 9/30/2010

Clause 8.2.1 Customer Satisfaction

• Methods for obtaining customer perception feedback &

how to use this info for improvement of QMS

41
 9/30/2010

Clause 8.2.2 Internal Audit

• Procedure for conducting internal audit

• Procedure to address periodicity , selection &
independency of auditor , planning , reporting of results &
records
• Scope of audit to address compliance to 9K1 requirements
, requirements identified during planning of product
realization , and other QMS requirements
• This scope also to include determination that these are
effective & maintain
• How org considers the status & importance of areas
audited in audit planning
• Records of internal audits
• how timeliness and promptness of correction . corrective
action to audit issues reported, including follow up actions
to verify by action

42
 9/30/2010

Clause 8.2.3 Process Measurement &

Monitoring
• Methodology / approach for monitoring &/or measurement
of QMS processes
• This approach to provide info ability of processes to
achieve planned results
• Linking outcome to correction , corrective action as
necessary

43
 9/30/2010

Clause 8.2.4 Product Measurement &

Monitoring
• Framework for monitoring & measuring characteristics of
products / services at various stages during it's realization
stage
• Records of evidence to conformity
• Spell out the concession methodology (if it is practiced) to
release products / services to next stage (excluding
delivery to customer) even though it is not passed in earlier
stage

44
 9/30/2010

Clause 8.3 Nonconformity Control

• Documented Procedure for NC products

• Responsibilities & authorities for dealing with NC
• Describe what type of actions (disposition) taken (including
concession/ deviation) , who authorizes & how it is re-
verified
• Approach on impact analysis & actions as necessary in
case of already delivered products
• Records of NC and subsequent actions

45
 9/30/2010

Clause 8.4 Analysis of Data

• List out data / specify data - which will be analyzed

periodically o improve QMS process effectiveness &
suitability
• Plan to include to provide information on - customer
satisfaction , product / service conformity & it's trend ,
process performance trends , supplier

46
 9/30/2010

Clause 8.5.1 Continual Improvement

• Describe how org improving QMS using quality policy ,

objective , results of audit , analysis of data, preventive &
corrective actions and MRM

47
 9/30/2010

Clause 8.5.2 Corrective Action

• Documented procedure on corrective action

• Describe how org handles customer complaints
• Who , how frequently & how non conformities & complaints
are reviewed
• how org determines the causes of NC
• Describe how org evaluate & prioritize need for CA
• How actions to remove the causes , determined &
implemented
• When , how & by whom CA effectiveness are reviewed
• Records of results of CA taken

48
 9/30/2010

Clause 8.5.3 Preventive Action

• Documented procedure on preventive action

• Describe how potential nonconformities determined
• how org determines the causes of potential NC
• Describe how org evaluate & prioritize need for PA
• How actions to remove the causes , determined &
implemented
• When , how & by whom PA effectiveness are reviewed
• Records of results of PA taken

49
 9/30/2010

Document Control
• Document – The source of information where information is
dynamic
• Use of Document –
– Action criteria
– Reference information for monitoring / execution
– Basis for decision making
• These can be in any form
• Why need control
– Dependability
– Authenticity
– Likelihood of changes
– Information is collated in context of business
• What controls
– Check for correctness
– Management/ Authority Endorsement
– Know latest changes
– Change counter reference
– Periodically reflect business context / changes into document

50
 9/30/2010

Record Control

• Record – These are special type of documents .

It is post event / action outcome
Once prepared can’t be changed
• Interesting examples regarding records–
– Death Will
– Degree / Birth Certificate
– Purchase Order (Before Vs After Receipt)
– Blank form Vs Filled up form
– Project Plan Vs Project Review record
• There are no revisions for record , but it might get amendment
• They can be in any form – hard / soft copy , database files
• Use of Record
– Evidence what happened
– Framework for gathering relevant data for various information
– Statutory & regulatory requirements
• Continued
– To establish traceability

51
 9/30/2010

Record Control

• Attribute for record use , influencing type of control

– Records are kept for substantial period even 10 – 20 years
– Records are likely to be recalled any time during it’s retention period
– Records may be recalled a another person/s who has not kept it
initially
– Records might contain crucial information
• Principal of Record – Record in the File and File is at the
location
• Records controls include
– To list out
– Retention period
– Filing approach to facilitate easy retrieve - ability over complete
retention period as well as by another person
– Access & disposition
– Prevent deteroriation / damage of record during retention period

52
 9/30/2010

Mastering CA-PA
• Corrective action (CA) – does ensure the similar NCs does not
recur again or it’s frequency reduces
• Preventive action (PA) – does ensure that potential NC does
not occur or it’s probability reduces
• Steps for CA – PA

A. Evaluate need for CA/PA

B. Root / Vital cause/s analysis
C. Working appropriate action/s to eliminate these root /vital cause /s
D. Authorization of action /s plan /s
E. Deployment / implement plans
F. Monitor outcome
G. Verify effectiveness

53
 9/30/2010

MRM Meeting Requirements

• MRMs are conducted periodically once in 3/6 months

• Objective of MRM is to review organizational process
performance review
• Important agenda includes following
– Quality objective and process indicator status review
– Internal audit result review
– Review of customer complaints , satisfaction and feedback
– Resource requirements and training plan
– Improvement planned – Analysis reports and CA-PA status
– Review of previous MRM decisions / actions
– BEM re-visit and QMS changes
– Project performance (Cost-Time-Quality)
• Concerned HODs needs to present following during meeting
– Process indicator status and data
– Departmental analysis report & CA-PA Log
– Actions for & status of internal audit NCs
– Status & progress on actions from previous MRM

54
 9/30/2010

What is mean by Policy & Objective

• Policy gives direction and framework for operational activity

focus as well as decision making
• Various elements of policy needs to be interpreted by
concerned functional team in terms how it is relevant to them
• Certain elements relevant to all functional team where as some
are relevant to few functional team
• Objectives are statement on performance goals with targets
• Quality Objectives are at apex level and responsibility is
assigned to main contributing function
• Various other functional team then needs to contributed
through supporting these objectives in it’s relevant functional
parameter
• These objectives should & can be linked to appropriate
process indicators for various functional team
• Objective targets needs to be SMART
Stretchable , Measurable , Achievable , Relevant , Time-bound

55
 9/30/2010

PDCA (Demings Cycle)

• It talks about the continual improvements in small steps which

are cascaded
• Plan the actions > Execute the actions > check the outcome
> take necessary corrective measures wherever results are
not as expected

56
 9/30/2010

Outsourcing process control

(Why & How)
• Organization buys products & services
• These products & services are of three categories
a. Supplier’s own branded / standard products
b. Products & services supplied as organization requirements and
of which quality can checked through inspection
c. Products & services supplied as organization requirements and of
which quality can not be checked through inspection
• The category ‘c’ case is called as outsourcing
• This outsourcing in some cases goes complete back to back
activity e.g. – Third party licensing manufacturing of pharma
products , Complete construction work sub-contracting
• Whether you carry out the process or your supplier , ISO 9001
requirements must be met.
• So in outsourcing process control , first thing required is to
identify which are ISO 9001 requirements shall be applicable
for particular out sourced
• Continued

57
 9/30/2010

Outsourcing process control

(Why & How)
• Next step is to discuss what kind of controls the specific
supplier can establish for these applicable requirements
• For non addressed requirements , then workout suitable
alternate controls that organization should put in place
• If supplier is ISO certified , organization may consider this
third party certification for it’s control

58
 9/30/2010

END OF SESSION START APPLYING

ANY QUESTIONNNNNNNNNNNNNNs ?

59