No more, ‘I wasn’t aware of that’!!
Clause 7.3 ‘Awareness’ is now a clause in its own right: people working under an organisation’s control should be aware of the quality policy, objectives, their contributions to QMS, implications of non-conformities etc. There will be an increased emphasis on awareness to ensure that everyone knows the implications of not conforming to the management system requirements.
Which leads into Clause 7.4 ‘Communication’ – internal and external communications are now a requirement. It’s up to you to decide what/who/when and how you are communicating. Communication is important for both internal and external stakeholders and an organisation must develop a communication plan. It is important to decide who will own the communication and ensure that they have the appropriate authority, competencies and knowledge.
The communication plan can include a variety of mediums including briefings, meetings, seminars, conferences and newsletters.
In my experience, many problems in organisations stem from poor communication, and so I believe this new requirement is going bring real benefits to organisations that embrace the new ISO 9001 standard.
This new requirements is going to cause a few headaches!
Firstly, the organisation will need to determine external and internal issues that are relevant to its purpose, i.e. what are the relevant issues, both inside and out, that have an impact on what the company does, or that would affect its ability to achieve the intended outcome(s) of its management system.
I should point out that that the term ‘issue’ covers not only problems (which would have been the subject of preventive action in previous standards), but also important topics for the management system to address, such as any market assurance and governance goals that the organisation might set for its management system. This means that senior managers need to be able to demonstrate an understanding of the wider business environment, social, cultural and regulatory and how that impacts or could impact on the organisation’s ability to meet customer requirements.
In the same context they need to have a grasp of the organisation’s internal strengths and weaknesses and how these could impact on the ability to deliver their products or services. This will strengthen the concept of business process management including the need now to allocate specific responsibilities for processes, and demonstrate an understanding of the key risks associated with each process and the approach taken to manage, reduce or transfer the risk. I personally think this is positive and powerful addition to the new version of the standard.
Top management now have a greater involvement in the management system. They (not one person) have to ensure that the requirements of the management system are integrated into the organisation’s processes and that the policy and objectives are compatible with the strategic direction of the organisation.
Although this might sound a little complicated, the end result will be a business management system that drives the business forward and ultimately meets the goals and objectives it has set.
Just about every client, prospect and contact whom I engage with about standards claim they are ‘accredited’ to ISO 9001, or seek ‘accreditation’.
What they really mean is ‘certification’. Whilst it’s easy to get the 2 mixed up, they actually mean very different things.
Accreditation: Accreditation is the formal recognition by an accreditation authority to the technical and organisational competence of a conformity assessment body to carry out a specific service in accordance to the standards and technical regulations as described in their scope of accreditation. Therefore, UKAS provide BSI (and other certification companies) with accreditation for their assessment services.
Certification is the procedure by which a third party gives written assurance that a product, process, system or person conforms to specified requirements. Therefore, BSI provide you with certification to ISO 9001.
Hope that helps!
Are you ready for risk?
Senior management must be able to demonstrate an understanding of business risks and how they could impact on the ability to meet customer requirements. In my opinion, an effective risk management process will be critical for successful certification to the new version of ISO 9001. It must ensure the management system can achieve its intended outcomes and achieve continual improvement. Clause 6.1 ‘Actions to address risks and opportunities’, is where this is covered and it addresses the ‘what, who, how and when of risk management.
The organisation should plan actions to address these risks and opportunities, how to integrate and implement the actions into its management system processes and evaluate the effectiveness of these actions.
Risk replaces preventive action. You will need to identify where risk arises and ensure controls are in place to manage it. Remember that risk is defined as ‘the effect of uncertainty on an expected result’ and the new standard makes risk-based thinking more explicit throughout.
Now are you ready for risk?
In the new version of the standard, the requirements around quality objectives have been made more detailed. They need to be consistent with the quality policy, measurable (if practicable), monitored, communicated, and updated as appropriate. They also have to be established at relevant functions and levels.
Objectives should include plans on how to achieve them as well as how the results will be evaluated. This means that your objectives need to be given some real thought and ensure they are planned rather than just reported.
The organisation must determine who will be responsible for the delivery of the objectives, resources required, what needs to be done and by when. So remember that when establishing quality objectives you need to demonstrate how you plan to achieve them.
And remember that the objectives (results to be achieved) – can be technical, strategic or operational.
The new 9001 standard is likely to be published sometime in December 2015. But that doesn’t mean you have to wait until January 2016 to start to think about the changes you need to make to your management system.
The new version of the standard is a huge improvement, and means that ISO 9001 will become the business management and improvement standard that it was always intended to be.
So why wait until 2016…or later? Yes, you will have 3 years to make the full transition, but the benefits of the new standard far out weigh the effort needed to update your management system.
Currently, I am actively working on 3 separate projects that include ISO 9001, and each one incorporates the new version of the standard. It really is a fantastic update, and my clients deserve the best management system that is as future-proof as possible.
So what are you waiting for?
- Bringing Quality and Continuous Improvement into the heart of your business
The revised standard will ensure that quality management is now completely integrated and aligned with the business strategies of your organisation
Greater involvement in the management system by the leadership team will ensure the whole organisation will be motivated towards the organizations goals and objectives.
- Introduction of Risk & Opportunity Management
Reinforces use of the management system as a governance tool and will help identify business opportunities that contribute to bottom line improvements.
- An Integrated Approach
With the new structure applicable to all new ISO management systems standards it will be much easier to implement multiple, integrated management systems.