BUSINESS ASSURANCE GUIDANCE FOR THE TRANSITIONING FROM ISO 9001:2008 TO ISO 9001:2015 SAFER, SMARTER, GREENER

Transcription

1 BUSINESS ASSURANCE GUIDANCE FOR THE TRANSITIONING FROM ISO 9001:2008 TO ISO 9001:2015 SAFER, SMARTER, GREENER

2 2 ISO 9001 ABOUT THIS DOCUMENT The purpose of this document is to provide you with some useful insights on the transitioning to ISO 9001:2015. It provides info related to the contents and clause structure of the revised standard, the transition timeline and key dates and the requirements for the transition, as well as explaining how DNV GL can support your process to ensure a smooth transition.

3 ISO ISO Background First published in 1987, ISO 9001 has been around for many years, but has been regularly reviewed and updated to ensure it is adapted to the current business environment. However, this is the first major revision since 2000, as the 2008-edition only entailed minor changes. A change was needed to bring it up to date in response to vast changes in technology and digitalization, business diversity and global commerce. ISO 9001:2015 incorporates elements such as a strong focus on stakeholders and the wider context of an organization to fit the evolving needs of modern business. ISO 9001 can be used by any organization, large or small, regardless of its field of activity. It is by far the most recognized and used international standard for quality management systems. More than one million companies and organizations in over 170 countries are certified to ISO 9001.

4 4 ISO 9001 Transition timeline 15 Sept 2015 Publication of ISO 9001: YEARS PERIOD Perform an ISO 9001:2015 transition audit to ensure your certificate is renewed before 15 September Sept 2018 Transition period ends. ISO 9001:2008 certificates cease to be valid.

5 ISO Transition to ISO 9001:2015 REQUIREMENTS FOR THE TRANSITION The International Accreditation Forum (IAF) decided early on that there was to be a threeyear transition period from the ISO 9001:2015 publication date, which was 15 September To transfer your ISO 9001:2008 certificate to the new edition, DNV GL needs to perform a transition audit as the basis for recommending certification to the new standard. The transition audit should preferably be done during a scheduled periodic or recertification audit, as this is better and more cost-effective. However, the transition may also be done during a special "off-cycle" audit, in agreement with your organization. DNV GL is ready to perform the transition audit and holds the needed accreditations. The transition audit will normally entail a need for additional time to evaluate compliance with the new or revised requirements in the new edition, but will typically not exceed 1 extra man-day. WHAT YOU SHOULD DO For any organizsation, the degree of necessary changes will be dependentdepend upon the maturity and effectiveness of the current management system and on the organizsational structure and practices. Organizations using ISO 9001:2008 are recommended to do the following: 1 2 Familiarize yourself with ISO 9001:2015. Perform a gap analysis to identify the differences that need to be addressed to ensure your QMS meet all new and revised requirements. 3 4 Based on the results of the gap analysis, develop an implementation plan. Provide appropriate training for all individuals involved in implementing ISO Modify the existing 5QMS to meet the new requirements and ensure proper implementation in your organization. It is recommended that you conduct an internal audit to check effective implementation. For the proper planning and scheduling of a transition audit, it is beneficial that this is agreed on as early as possible between the organiszation and DNV GL.

6 6 ISO 9001 How can DNV GL support your transition? During the transition period, we can help by providing a number of services delivered to you by the local staff you already know: AWARENESS SESSIONS: seminars, webinars and e-learnings where you typically learn about the revisions and obtain a basic overview of the content and key changes in the standards, the transition process, etc. TUTORED TRAINING COURSES, IN-COMPANY OR PUBLIC: these are interactive courses where the objective is to provide deeper insight into the changes and the required steps for a transition. These are modular courses where the level of detail can be tailored to your needs. WORKSHOP WITH YOUR MANAGEMENT TEAM AND/OR OTHER KEY RESOURCES: to build knowledge and understanding of the changes and how they impact the existing management systems. The focus can be tailored to your needs. GAP-ANALYSIS: assessment of your management system against the requirements of the new standard to identify the gaps that need to be addressed. This will provide useful input both on your readiness to comply with the new standard and to your process for ensuring such compliance. The level of detail of such an assessment can be tailored to your needs. If you have questions, please do not hesitate to get in touch with your normal DNV GL contact or the local DNV GL - Business Assurance unit.

7 ISO The structure and contents of ISO 9001:2015 ISO 9001:2015 was developed using ISO s common framework for management system standards, containing a unified High Level Structure (HLS) and common text and terminology. This to ensure better alignment and compatibility with other ISO standards such as ISO 14001:2015, ISO/IEC 27001:2013 and many others. The clause structure of ISO 9001:2015 is shown below. Clauses in black text are those induced through the common HLS, while clauses in blue are additional clauses specific for ISO 9001: 1. Scope 2. Normative references 3. Terms and definitions 4. Context of the organization 4.1. Understanding the organization and its context 4.2. Understanding the needs and expectations of interested parties 4.3. Determining the scope of the quality management system 4.4. Quality management system and its processes 5. Leadership 5.1. Leadership and commitment General Customer focus 5.2. Policy Establishing the quality policy Communicating the quality policy 5.3. Organizational roles, responsibilities and authorities 6. Planning for the quality management system 6.1. Actions to address risks and opportunities 6.2. Quality objectives and planning to achieve them 6.3. Planning of changes 7. Support 7.1. Resources General People Infrastructure Environment for the operation of processes Monitoring and measuring resources General Measurement traceability Organizational knowledge

8 8 ISO Competence 7.3. Awareness 7.4. Communication 7.5. Documented information General Creating and updating Control of documented information 8. Operation 8.1. Operational planning and control 8.2. Requirements for products and services Customer communication Determining the requirements for products and services Review of requirements for products and services Changes to requirements for products and services 8.3. Design and development of products and services General Design and development planning Design and development inputs Design and development controls Design and development outputs Design and development changes 8.4. Control of externally provided processes, products and services General Type and extent of control Information for external providers 8.5. Production and service provision Control of production and service provision Identification and traceability Property belonging to customers or external providers Preservation Post-delivery activities Control of changes 8.6. Release of products and services 8.7. Control of nonconforming outputs 9. Performance evaluation 9.1. Monitoring, measurement, analysis and evaluation General Customer satisfaction Analysis and evaluation 9.2. Internal audit 9.3. Management review General Management review inputs Management review outputs 10. Improvement General Nonconformity and corrective action Continual improvement

9 ISO This clause structure is quite different to that of ISO 9001:2008. An organization is of course not required to copy this structure for its management system. The purpose of the new structure is to provide a clear presentation of the requirements, not to be a model for documenting your management system. ISO 9001 incorporates the Plan-Do-Check-Act approach as shown below QUALITY MANAGEMENT SYSTEM (4) ORGANISATION AND ITS CONTEXT (4) CUSTOMER REQUIREMENTS P Planning (6) CUSTOMER SATISFACTION NEEDS AND EXPECTATIONS OF RELEVANT INTERESTED PARTIES (4) A Improvement (10) LEADERSHIP (5) Support & operation (7,8) D RESULTS OF THE QMS Performance evaluation (9) PRODUCT AND SERVICES C For information on the key changes in ISO 9001:2015 compared with the 2008 edition, please refer to the separate presentation prepared by DNV GL.

10 SAFER, SMARTER, GREENER DNV GL - Business Assurance assurance.dnvgl.com business.assurance@dnvgl.com DNV GL As a world-leading certification body, DNV GL helps businesses assure the performance of their organizations, products, people, facilities and supply chains through certification, verification, assessment, and training services. Partnering with our customers, we build sustainable business performance and create stakeholder trust. The trademarks DNV GL and the Horizon Graphic are the property of DNV GL AS. DNV GL AS All rights reserved.