Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11275 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
ISO 9001 in outsourcing company
Answer:
Yes, ISO 9001 is definitely suitable for your type of business since it helps you demonstrate your ability to deliver quality products and services and also that you care about your customer satisfaction.
For more information see:
- Six Key Benefits of ISO 9001 Implementation https://advisera.com/9001academy/knowledgebase/six-key-benefits-of-iso-9001-implementation/ -
One department in scope of ISO 9001:2015
Answer:
Yes, you can have only one department of our organization within the scope of your quality management system, you only need to state that clearly in your document about QMS scope. Once you decide to go for ISO 9001 certification you will receive the certificate that refers only to that department.
For more information, see: How to define the scope of the QMS according to ISO 9001:2015 https://advisera.com/9001academy/knowledgebase/how-to-define-the-scope-of-the-qms-according-to-iso-90012015/ -
Internal and external issues and risks and opportunities prioritization
Answer:
Internal and external issues differ from organization to organization but there are some that are common for all organization. Internal issues can be the organizational structure, the culture of the organization, issues related to your employees (current competence vs needed competence, their needs and expectations, etc), issues related to technology and equipment your organization use, etc.
External issues are related to the external environment in which the company operates, this can be economical and political situation in your country, legislation, but also needs and expectations of external interested parties such as your supplier, subcontractors, customers, etc.
Determining internal and external issues is closely related to the identification of needs and expectations of interested parties and that can be e asier and can provide you with inputs on what to consider when addressing internal and external issues. There is no formal requirement to document context of the organization but it can be very useful to do so when you are doing it for the first time.
For more information, see:
- How to identify the context of the organization in ISO 9001:2015 https://advisera.com/9001academy/blog/2015/05/26/how-to-identify-the-context-of-the-organization-in-iso-90012015/
- How to determine interested parties and their requirements according to ISO 9001:2015 https://advisera.com/9001academy/blog/2015/11/10/how-to-determine-interested-parties-and-their-requirements-according-to-iso-90012015/
The crucial step in identifying risks and opportunities is to properly determine context of the organization. Once you have this information you can start thinking about the risks and opportunities regarding your QMS. There is no single way to prioritize risks and opportunities but you should start with risks and opportunities that are directly affecting quality of your products and services and customer satisfaction, or start with ones that require least resources and time and can be resolved easily. Important thing is to make plan to address risks and opportunities, meaning to define resources, responsibilities and actions to address each risk and opportunity.
For more information, see:
- Methodology for ISO 9001 Risk Analysis https://advisera.com/9001academy/blog/2015/09/01/methodology-for-iso-9001-risk-analysis/
- The Role of Risk Assessment in the QMS https://advisera.com/9001academy/blog/2014/01/07/role-risk-assessment-qms/ -
Where to start with ISO 9001:2015 implementation
educational institution (University), so I want advice I started with
reading the mandatory documents & records but does it right to start with
that? and if not where should I start.
Answer:
The first step is to do a GAP analysis, meaning to compare your current state with requirements of the standard. Identifying mandatory documents is only a part of this step but a very good one. So beside determining mandatory documents, I suggest you to do a GAP analysis and find out what other requirements you need to meet. Than you can make a project plan to fill in the gaps and make your department compliant with the standard.
For more information see:
- List of mandatory documents required by ISO 9001:2015 https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/
- Checklist of ISO 9001 implementation & certification steps https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/ -
After certification
Answer:
After the initial certification you will have surveillance audits in the next year, in the year after that you will have recertification audit. Surveillance and recertification audits are not so different from the certification audit and they usually cost almost the same.
For more information, see:
- How to deal with nonconformities in an ISO 9001 certification audit https://advisera.com/9001academy/blog/2015/06/09/how-to-deal-with-nonconformities-in-an-iso-9001-certification-audit/
- ISO 9001 Certification https://advisera.com/9001academy/iso-9001-certification/
- How should you pick an ISO 9001 certification body? https://advisera.com/blog/2021/01/11/how-to-choose-an-iso-certification-body/ -
Risks in ISO 9001:2015
ISO 9001:2015 sólo te obliga a analizar riesgos en tu Sistema de Gestión de Calidad, no te obliga a gestionar riesgos de manera activa, y hay muchas maneras de analizar riesgos en tu negocio. Este artículo te resultará interesante Methodology for ISO 9001 Risk Analysis : https://advisera.com/9001academy/blog/2015/09/01/methodology-for-iso-9001-risk-analysis/
Por cierto, ISO 31000 es un código de buenas prácticas que puedes usar para desarrollar tu propia metodología (este estándar es para cualquier tipo de riesgo). Tu puedes comprar y descargar la ISO 31000 desde el sitio oficial de iso.org: https://www.iso.org/standard/43170.html -
Integrating ISO 9001 and ISO 14001
Answer:
Integration of ISO 9001 and ISO 14001 become much easier with new revisions of both standards, similarities spread throughout most of the clauses and the clause numbers are the same for common requirements.
Here are the similarities and how they should be met:
clause 4 Context of the organization - Both standards require context of the organization to be identified, along with internal and external issues relevant to ISO 9001 and ISO 14001. The requirements of both standards can be met in a single document (e.g. Procedure for Determining the Context of the Organization and corresponding records).
clause 5 Leadership - Each standard requires appropriate policy to be established, but the requirements for Quality Policy and Environmental Policy are different so it would be better to have separate documents, but it is not a mistake to create one policy for int egrated management system.
clause 7 Support - This clause has the same requirements in both standards so, only one procedure for competence training and awareness will cover the requirements of both standards, as well as the Procedure for Document and Record Control. The only thing to be mentioned here is, when creating the procedure make sure that you stated that the scope of the procedure is integrated management system and in reference documents section list both standards.
clause 9 Performance evaluation - Requirements that can be merged from this clause are internal audit and management review. Since the process of internal audit and management review are the same for both standards, the same procedure can apply for both standards. Only thing that is different are the requirements to be audited during the internal audit so different checklist should be kept but the Procedure for Internal Audit and the rest of the records can be used for both standards, and also for management review the same procedure can be used only the input and output elements are different so Management Review Minutes can be kept separately or merged in one record.
clause 10 Improvements - Nonconformities regarding different standards can be resolved by the same corrective action process, therefore the same Procedure for Managing Nonconformities and Corrective Actions can be used for both standards.
For more information, see:
- Integrating ISO 9001 and ISO 14001 https://advisera.com/9001academy/blog/2013/11/19/integrating-iso-9001-iso-14001/ -
Document hierarchy
Answer:
The purpose of the document hierarchy is to demonstrate the importance of different types of documents and to show the relationships between them. The document hierarchy reflects also the responsibilities within the company regarding the documents, e.g. the top management is responsible for defining the policies, while the workers are responsible for filling in the records.
You cannot have or don't have the documentation hierarchy, it is defined as you define responsibilities for documents and define their type and purpose. The policy will always be above the procedures, work instructions and records. The benefits of having document hierarchy is that the organization and employees are always aware of the importance and relationships between the documents in organization's documentation system.
For more information, see:
- How to structure quality management system documentation https://advisera.com/9001academy/knowledgebase/how-to-structure-quality-management-system-documentation/ -
External audit 2nd year
Answer:
Unlike the objective of the first external audit that is mainly focused on compliance to the requirements of the standard, the second audit is more focused on maintenance of your system. Meaning that the auditors will be more interested on how you conduct your internal audit, management review and how did you resolve nonconformities if there were any.
Another important thing is how did you handle results from your previous audit, meaning have you resolved all nonconformities and addressed recommendations.
For more information see:
- Checklist of ISO 9001 implementation & certification steps https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/
- How to deal with nonconformities in an ISO 9001 certification audit http:/ /advisera.com/9001academy/blog/2015/06/09/how-to-deal-with-nonconformities-in-an-iso-9001-certification-audit/ -
Risks and opportunities
Answer:
Identifying risks and opportunities can be done by using several different methodologies and it depends on the size of the company and complexity of its processes. However, the standard does not requires organization to document the methodology. For initial stage and introduction of risk-based thinking in an organization it is better to apply some more simple tools such as SWOT analysis or you can simply gather all relevant people in your organization and arrange brainstorming session regarding risks and opportunities in your organization, and the minutes from that meeting can be the evidence that the risks and opportunities are identified.
Risks and opportunities to be identified are the ones emerging from the context of the organization and you need to consider all internal and external issues related to your quality management system.
Plans for addressing risks and opportunities can also come in different forms, it can be q uality objective, some new or updated procedure or work instruction or introduction of some new processes and technologies.
For more information, see:
- How to identify the context of the organization in ISO 9001:2015 https://advisera.com/9001academy/blog/2015/05/26/how-to-identify-the-context-of-the-organization-in-iso-90012015/
- Risk-based thinking replacing preventive action in ISO 9001:2015 The benefits https://advisera.com/9001academy/blog/2015/09/08/risk-based-thinking-replacing-preventive-action-in-iso-90012015-the-benefits/
- Methodology for ISO 9001 Risk Analysis https://advisera.com/9001academy/blog/2015/09/01/methodology-for-iso-9001-risk-analysis/
- The Role of Risk Assessment in the QMS https://advisera.com/9001academy/blog/2014/01/07/role-risk-assessment-qms/