Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11272 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Where to start with ISO 9001:2015 implementation
educational institution (University), so I want advice I started with
reading the mandatory documents & records but does it right to start with
that? and if not where should I start.
Answer:
The first step is to do a GAP analysis, meaning to compare your current state with requirements of the standard. Identifying mandatory documents is only a part of this step but a very good one. So beside determining mandatory documents, I suggest you to do a GAP analysis and find out what other requirements you need to meet. Than you can make a project plan to fill in the gaps and make your department compliant with the standard.
For more information see:
- List of mandatory documents required by ISO 9001:2015 https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/
- Checklist of ISO 9001 implementation & certification steps https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/ -
After certification
Answer:
After the initial certification you will have surveillance audits in the next year, in the year after that you will have recertification audit. Surveillance and recertification audits are not so different from the certification audit and they usually cost almost the same.
For more information, see:
- How to deal with nonconformities in an ISO 9001 certification audit https://advisera.com/9001academy/blog/2015/06/09/how-to-deal-with-nonconformities-in-an-iso-9001-certification-audit/
- ISO 9001 Certification https://advisera.com/9001academy/iso-9001-certification/
- How should you pick an ISO 9001 certification body? https://advisera.com/blog/2021/01/11/how-to-choose-an-iso-certification-body/ -
Risks in ISO 9001:2015
ISO 9001:2015 sólo te obliga a analizar riesgos en tu Sistema de Gestión de Calidad, no te obliga a gestionar riesgos de manera activa, y hay muchas maneras de analizar riesgos en tu negocio. Este artículo te resultará interesante Methodology for ISO 9001 Risk Analysis : https://advisera.com/9001academy/blog/2015/09/01/methodology-for-iso-9001-risk-analysis/
Por cierto, ISO 31000 es un código de buenas prácticas que puedes usar para desarrollar tu propia metodología (este estándar es para cualquier tipo de riesgo). Tu puedes comprar y descargar la ISO 31000 desde el sitio oficial de iso.org: https://www.iso.org/standard/43170.html -
Integrating ISO 9001 and ISO 14001
Answer:
Integration of ISO 9001 and ISO 14001 become much easier with new revisions of both standards, similarities spread throughout most of the clauses and the clause numbers are the same for common requirements.
Here are the similarities and how they should be met:
clause 4 Context of the organization - Both standards require context of the organization to be identified, along with internal and external issues relevant to ISO 9001 and ISO 14001. The requirements of both standards can be met in a single document (e.g. Procedure for Determining the Context of the Organization and corresponding records).
clause 5 Leadership - Each standard requires appropriate policy to be established, but the requirements for Quality Policy and Environmental Policy are different so it would be better to have separate documents, but it is not a mistake to create one policy for int egrated management system.
clause 7 Support - This clause has the same requirements in both standards so, only one procedure for competence training and awareness will cover the requirements of both standards, as well as the Procedure for Document and Record Control. The only thing to be mentioned here is, when creating the procedure make sure that you stated that the scope of the procedure is integrated management system and in reference documents section list both standards.
clause 9 Performance evaluation - Requirements that can be merged from this clause are internal audit and management review. Since the process of internal audit and management review are the same for both standards, the same procedure can apply for both standards. Only thing that is different are the requirements to be audited during the internal audit so different checklist should be kept but the Procedure for Internal Audit and the rest of the records can be used for both standards, and also for management review the same procedure can be used only the input and output elements are different so Management Review Minutes can be kept separately or merged in one record.
clause 10 Improvements - Nonconformities regarding different standards can be resolved by the same corrective action process, therefore the same Procedure for Managing Nonconformities and Corrective Actions can be used for both standards.
For more information, see:
- Integrating ISO 9001 and ISO 14001 https://advisera.com/9001academy/blog/2013/11/19/integrating-iso-9001-iso-14001/ -
Document hierarchy
Answer:
The purpose of the document hierarchy is to demonstrate the importance of different types of documents and to show the relationships between them. The document hierarchy reflects also the responsibilities within the company regarding the documents, e.g. the top management is responsible for defining the policies, while the workers are responsible for filling in the records.
You cannot have or don't have the documentation hierarchy, it is defined as you define responsibilities for documents and define their type and purpose. The policy will always be above the procedures, work instructions and records. The benefits of having document hierarchy is that the organization and employees are always aware of the importance and relationships between the documents in organization's documentation system.
For more information, see:
- How to structure quality management system documentation https://advisera.com/9001academy/knowledgebase/how-to-structure-quality-management-system-documentation/ -
External audit 2nd year
Answer:
Unlike the objective of the first external audit that is mainly focused on compliance to the requirements of the standard, the second audit is more focused on maintenance of your system. Meaning that the auditors will be more interested on how you conduct your internal audit, management review and how did you resolve nonconformities if there were any.
Another important thing is how did you handle results from your previous audit, meaning have you resolved all nonconformities and addressed recommendations.
For more information see:
- Checklist of ISO 9001 implementation & certification steps https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/
- How to deal with nonconformities in an ISO 9001 certification audit http:/ /advisera.com/9001academy/blog/2015/06/09/how-to-deal-with-nonconformities-in-an-iso-9001-certification-audit/ -
Risks and opportunities
Answer:
Identifying risks and opportunities can be done by using several different methodologies and it depends on the size of the company and complexity of its processes. However, the standard does not requires organization to document the methodology. For initial stage and introduction of risk-based thinking in an organization it is better to apply some more simple tools such as SWOT analysis or you can simply gather all relevant people in your organization and arrange brainstorming session regarding risks and opportunities in your organization, and the minutes from that meeting can be the evidence that the risks and opportunities are identified.
Risks and opportunities to be identified are the ones emerging from the context of the organization and you need to consider all internal and external issues related to your quality management system.
Plans for addressing risks and opportunities can also come in different forms, it can be q uality objective, some new or updated procedure or work instruction or introduction of some new processes and technologies.
For more information, see:
- How to identify the context of the organization in ISO 9001:2015 https://advisera.com/9001academy/blog/2015/05/26/how-to-identify-the-context-of-the-organization-in-iso-90012015/
- Risk-based thinking replacing preventive action in ISO 9001:2015 The benefits https://advisera.com/9001academy/blog/2015/09/08/risk-based-thinking-replacing-preventive-action-in-iso-90012015-the-benefits/
- Methodology for ISO 9001 Risk Analysis https://advisera.com/9001academy/blog/2015/09/01/methodology-for-iso-9001-risk-analysis/
- The Role of Risk Assessment in the QMS https://advisera.com/9001academy/blog/2014/01/07/role-risk-assessment-qms/ -
Context of the organization
Answer:
Context of the organization includes all internal and external issues related to the QMS.
An organizations internal context is the environment in which it aims to achieve its objectives. Internal context can include its approach to governance, its contractual relationships with customers, and its interested parties. Things that need to be considered are related to the culture, beliefs, values, or principles inside the organization, as well as complexity of processes and organizational structure.
For more information, see:
- How to identify the context of the organization in ISO 9001:2015 https://advisera.com/9001academy/blog/2015/05/26/how-to-identify-the-context-of-the-organization-in-iso-90012015/ -
Control of business processes according to ISO 9001
Answer:
Implementation of ISO 9001 includes establishing criteria for processes in order to ensure that the processes will deliver intended results. When defining necessary controls for processes it is important to identify activities in the process where something might go wrong and establish control to prevent it from happening.
The best way to establish controls is through procedure where you will define what should be controlled, by whom and who is responsible to monitor execution of controls.
For more information, see these articles:
- Deciding Which Procedures to Document in QMS https://advisera.com/9001academy/blog/2013/11/26/deciding-procedures-document-qms/
- Watch Your Language! Dont confuse processes with procedures https://advisera.com/9001academy/blog/2014/11/04/watch-language-dont-confuse-processes-procedures/
- How links between processes can increase level of quality https://advisera.com/9001academy/blog/2015/04/07/how-links-between-processes-can-increase-level-of-quality/ -
Auditing production process
Answer:
There are some steps in conducting internal audit that are applicable to any process and they will prevent you from missing something out.
First thing you should do is to review the documentation related to the production process, meaning all procedures, SOPs, records, etc. This will help you perform a second step and that is to develop the audit plan where you will define the processes you want to audit, the people and functions you want to interview and precise timing for all this. Then, you should conduct the audit according to the plan. Since it is your first time to perform the audit it is recommendable to create internal audit checklist for the production process and list all requirements that you need to audit.
Once you finish the internal audit, you need to create an internal audit report and to deliver it to relevant authority in your organization.
If you noticed some problems or nonconformities during the audit you will also need to perform a follow-up to ensure that the problems are resolved, but this step will be taken in agreements with the top management.
For more information, read this articles:
13 Steps for ISO 9001 Internal Auditing using ISO 19011 https://advisera.com/9001academy/knowledgebase/13-steps-for-iso-9001-internal-auditing-using-iso-19011/
Five Main Steps in ISO 9001 Internal Audit https://advisera.com/9001academy/knowledgebase/five-main-steps-in-iso-9001-internal-audit/
Writing an Audit Checklist for ISO 9001 Processes https://advisera.com/9001academy/blog/2014/11/25/writing-audit-checklist-iso-9001-processes/