Search results

Key Performance Indicators for a QMS

I will give you some examples, but you must be aware that Key Performance Indicators (KPIs) should be aligned with the strategic orientation of an organization. A fast fashion retail organization may have some KPIs very different from those applicable to a luxury retail organization. And even about those that are common, they may be followed with a different set of priorities and mindset.

• Gross profit, sales and cost of goods sold are the basic three
• You can have average sales per purchase, sales per square foot, sales per visitors
• You can have inventory to sales, return rate, backorder rate
• You can have employee satisfaction.

You can find more information below:

• How to define Key Performance Indicators for a QMS based on ISO 9001 - https://advisera.com/9001academy/24/define-key-performance-indicators-qms-based-iso-9001/-iso-9001/
• Analysis of measuring and monitoring requirements in ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/analysis-of-measuring-and-monitoring-requirements-in-iso-90012015/
• Free webinar on demand - Measurement, analysis, and improvement according to ISO 9001:2015 - https://advisera.com/9001academy/webinar/measurement-analysis-and-improvement-according-to-iso-9001-2015-free-webinar/
• Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
   

Cambio del alcance del servicio

Para realizar un cambio en el alcance del Sistema de Gestión de Calidad debe tener en cuenta la revisión de cada uno de los procesos que lo integran, empezando por el contexto de la organización, por ejemplo: ¿el cambio en los límites del SGC implica una modificación en la determinación de las cuestiones externas e internas de la organización?. Por otro lado, deberá de revisar si hay modificaciones en las partes interesadas del SGC así como en sus necesidades y expectativas. A su vez, y ligado al contexto de la organización deberá de revisar los riesgos y oportunidades asociados al nuevo alcance definido y llevar a cabo las acciones necesarias para abordar los nuevos riesgos y oportunidades. 

En resumen, la implementación de un cambio en el SGC tiene que realizarse sin afectar la integridad del mismoy debe llevarse a cabo con un plan de implantación del cambio . Por otro lado, es necesario que se informe al líder de gestión de los cambios para que ponga el cambio en conocimiento de las personas relevantes y puedan programarse las acciones necesarias. 

Finalmente al cambiar el alcance debe de ponerse en contacto con la entidad de certificación para llegar a un acuerdo y obtener su confirmación

Para más información sobre cambios en el alcance de la organización, puede ver los siguientes materiales:

- Artículo - Cómo definir el alcance del SGC de acuerdo con la ISO 9001:2015: https://advisera.com/9001academy/pt-br/kit-de-documentacao-da-iso-9001/nowledgebase/como-definir-el-alcance-del-sgc-de-acuerdo-a-la-iso-90012015/

- Artículo - QMS change management in 7 steps: https://advisera.com/9001academy/blog/2016/11/29/qms-change-management-in-7-steps/

- Formación gratuita online - Curso de Fundamentos ISO 9001:2015: https://advisera.com/es/formacion/curso-fundamentos-iso-9001/

- Libro - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

Quality audit steps

Describe the steps in conducting a quality audit, key inputs, activities and outcomes in each step..??

Clause 7.5.3.2 external documents

The answer to that question will depend on each organization. The most common external documents are standards, legislation and regulation.

Please check this article that develops the theme more profoundly - What does “external documents control” mean in ISO 9001? - https://advisera.com/9001academy/blog/2019/02/04/what-does-external-documents-control-mean-in-iso-9001/

Process mapping VS Process flow chart

Let me start with the management system definition according to ISO 9000:2015. Something like, a system to establish a policy, translate it into a set of objectives and work to meet them.

ISO 9001:2015 promotes the use of the process approach. Consistent and predictable results are achieved more effectively and efficiently when everyday activities are seen and managed as interrelated processes that work as a coherent system.

So, if you open that black box called “System” you will see a set of interrelated processes:

In our webinar - Free webinar – The Process Approach - What it is, why it is important, and how to do it - https://advisera.com/9001academy/webinar/iso-9001-process-approach-free-webinar-on-demand/ - we use this example for process mapping:

Process mapping is about designing a model of how an organization works as a set of interrelated processes.

Now, you want to zoom each process and see how work is actually done. So, for each process you design a flow chart. In the same webinar, we use the following example:

While process mapping is about the flow inter-processes, flowcharting is about the flow intra-process.

You can find more information below:

• ISO 9001 – ISO 9001: The importance of the process approach - https://advisera.com/9001academy/blog/2015/12/01/iso-9001-the-importance-of-the-process-approach/
• ISO 9001:2015 process vs. procedure – Some practical examples - https://advisera.com/9001academy/blog/2016/01/19/iso-90012015-process-vs-procedure-some-practical-examples/
• Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book – Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/

Supplier classification

What does your organization expect from a supplier?

Do they comply with quality? Do they deliver on time? These are topics relevant for all kinds of suppliers.

What about their price? These are topics relevant if your organization competes on price.

Are they flexible enough? Do they allow small quantities and variety? These are topics relevant if your organization expects service.

Do they deliver innovation or design? Are they fast with novelties? These are topics relevant if your organization expects premium offers.

You can use an evaluation based on the opinion of those that contact with suppliers, or another based on more objective criteria like number of occurrences per number of orders.

You can get much more information in the following links:

• ISO 9001 document template: Procedure for Purchasing and Evaluation of Suppliers - https://advisera.com/9001academy/documentation/procedure-purchasing-evaluation-suppliers/
   

Retention of documented information

According to ISO 9001:2015 there is mandatory documents or records concerning clause 8.4.2. I recommend organizations to have a plan about how to control subcontractors, and products or services received from suppliers. I also recommend organizations to keep records that evidence control of subcontractors and suppliers.

You can find more information below:

• List of mandatory documents required by ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/
• New approach to document and record control in ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/06/30/new-approach-to-document-and-record-control-in-iso-90012015/
• Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
   

IT Resilience Requirements

The best way to make IT Resilience Requirements for IT and for Projects comprehensive would be to base it on a risk assessment and risk treatment process because this way it would cover the aspects that may disrupt IT and project activities.

To see how a risk assessment and risk treatment looks like, please see the free demo of our ISO 27001/ISO 22301 Risk Assessment Toolkit at this link: https://advisera.com/27001academy/iso-27001-22301-risk-assessment-toolkit/

This article will provide you a further explanation about risk assessment:

• ISO 27001 risk assessment & treatment – 6 basic steps https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/

This material will provide you a further explanation about risk assessment:

• The basics of risk assessment and treatment according to ISO 27001 [free webinar on demand] https://advisera.com/27001academy/webinar/basics-risk-assessment-treatment-according-iso-27001-free-webinar-demand/

ISO 9001 doubts

1. Please explain what is contingency action as per 8.2.1?

Answer:

A contingent action is an action from a contingency plan. A contingency plan helps an organization respond effectively to an important event that can be foreseen. For example, supply a customer by air freight when goods cannot be delivered by normal truck due to a severe storm.

2. Please explain "Organization can meet the claims for Products & services it offered" as per 8.2.2

Answer:

Clause 8.2.2 a) is about specifications. They are written.

Clause 8.2.2 b) is about allegations. For example, claiming “with our product you will reduce your energy consumption by 25%”. Claims that depend not only of the product or service per se but also from the customer’s context.

3. Design engineer can perform Internal Audit of Design Department in same organization.? I think it's a violation of 9.2.2 (c). Please confirm.

Answer:

Yes, it is.

4. Customer satisfaction to be monitored as per 9.1.2. No Documented information to be retained. Is it so.?

Answer:

There is no mandatory record to be kept according to ISO 9001:2015. As a good practice I recommend organizations to keep it.

5. I couldn't find 'preventive action' word. Is it removed from current version.? Please confirm.

Answer:

Yes, it was removed from ISO 9001:2015. In a certain way it is included, without the wording, in the risk based approach.

6. What does mean by "Organization shall ensure"....? I think documented information to be maintained whenever require but if only above statement is mentioned then no requirement of maintaining the documented information. Is it correct?

Answer:

“Shall” means it is a requirement.

When we read “shall maintain documented information” it means there must be a document. “Maintain” is the key word.

When we read “shall retain documented information” it means there must be a record. “Retain” is the key word.

You can find more information below:

• Risk-based thinking replacing preventive action in ISO 9001:2015 – The benefits - https://advisera.com/9001academy/knowledgebase/risk-based-thinking-replacing-preventive-action-in-iso-90012015-the-benefits/ 
• List of mandatory documents required by ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/
• New approach to document and record control in ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/06/30/new-approach-to-document-and-record-control-in-iso-90012015/
• Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
• Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
   

Postponing Management Review

According to the ISO 13485:2016 requirement 5.6.1 Management review General, is stated that Top management must review management system at documented planned intervals to ensure that the system is stable, adequate and efficient. Therefore, if your planned interval is one year, and usually it is done in May, than you should do it in May. If you had shorter interval of doing the management review, then it would be acceptable to postpone it, but since one year is a very long period of time, it is not advisable to postpone it.

For more information How to perform management review according to ISO 13485, please read an article on the following link: 

https://advisera.com/13485academy/blog/2017/11/09/how-to-perform-management-review-according-to-iso-13485/