Professional Documents
Culture Documents
Joseph W. Krolikowski
QMS Program Manager
All participants have been muted.
Concluding remarks/Questions
When ISO 9001:2015 was published, it was
the first version of ISO 9001 to include an
explanatory Appendix (Appendix A.)
Key Points
◦ As with all other requirements within ISO 9001, the actual controls
established for this requirement are at the discretion of the organization.
Acceptable controls observed in past audits for this requirement have
included internal schedules, procedural stipulations, and automated
reminders.
The management review shall be planned and carried out taking into
consideration:
◦ Changes in external and internal issues that are relevant to the quality management system;
◦ The effectiveness of actions taken to address risks and opportunities (see 6.1);
Key Points
select auditors and conduct audits to ensure objectivity and the impartiality of the
audit process;
ensure that the results of the audits are reported to relevant management;
◦ Be measurable;
In most cases (in the United States) this is going to be the National Institute
of Standards and Technology (NIST.)
In situations where an NIST traceable method is not available (note that this
is rare) it is typically acceptable for calibration to be performed by the device
manufacturer.
◦ Suppliers;
◦ Subcontractors;
◦ Outside Partners;
◦ Risk
◦ Interested Parties
The term “risk” is used 16 times in the auditable portion of the
ISO 9001:2015;
Expands the idea of Risk aversion to one that affects all of the
various areas of the Quality Management System.
d) achieve improvement.
Clause 6.1.2 of the ISO 9001:2015 standard states:
◦ The organization shall plan:
b) how to:
1) integrate and implement the actions into its quality management system processes (see 4.4);
2) evaluate the effectiveness of these actions.
◦ Actions taken to address risks and opportunities shall be proportionate to the potential
impact on the conformity of products and services.
NOTE 1
◦ Options to address risks can include avoiding risk, taking risk in order to pursue an opportunity,
eliminating the risk source, changing the likelihood or consequences, sharing the risk, or retaining
risk by informed decision.
NOTE 2
◦ Opportunities can lead to the adoption of new practices, launching new products, opening new
markets, addressing new clients, building partnerships, using new technology and other desirable
and viable possibilities to address the organization's or its customers’ needs.
ISO 9002 provides further guidance in this area, and
identifies the following possibilities:
◦ This webinar explores the critical topic of exemptions and the right
approach to take in determining which apply to you.
◦ This webinar explores the crucial topic of processes and how to correctly
understand them.
Questions?