Answers to the 9 Most commonly asked Questions about ISO 9001:2015
Q: - How many new documents and / or procedures are going to be required? Is it not be six mandatory procedures anymore? Does the new version of the standard give the companies more freedom? Is this an advantage or disadvantage?
Answer:-
The 2015 version is not going to explicitly require any new document or procedure. Giving organizations “more freedom”. A few of the documents will not be required anymore, like the Quality manual for instance. Our recommendation is to use common sense to ensure this “freedom” is to your advantage. Instead of eliminating the Quality manual and some procedures that are not mandatory anymore, we are advising our customers to revise them to confirm its compliance with the new concepts in the new standard. This will ensure they remain valuable tools to support the organization’s management system and ultimately the organization’s business. If they are not adequate to serve at least one of the mentioned purposes, then they can be shamelessly eliminated.
Q: - What is the time-frame for adopting the new version? When should an organization get started with the transition? What is going to be the approach adopted by the registrars once the standard is released?
Answer:-
We know, that’s actually three questions, but we have one answer. The Standard approval process is complete and its release will take place in September 2015 (September 23rd to be exact). There will be a three-year transition period for organizations to have its certification converted to revision 5 (version 2015), giving you until the end of 2018. A well-executed conversion may take between 6 and 12 months, but do not plan to get started by Jan 2018 because if you have issues then you will miss the deadline. Call your registrar now to understand their approach. Registrars will grant first-time certifications post Q2 2018 exclusively under the new revision. But a concentration of converted certifications will happen in Q3/Q4 2018. Furthermore, you may want to call your customers now because some of them may require a shorter timeframe to adopt the new standard. And you don’t want to lose a customer because you started late.
Q: - How to sell the QMS leadership team? Who is going to be in charge of QMS if there will not be MR (Management Representative) requirement anymore?
Answer:-
The intent in the new version is crystal clear on this topic. The leadership team has to adopt QMS leadership one way or another and demonstrate that business management has incorporated QMS because it cannot be sustained as a satellite set of processes and procedures anymore. Organizations may decide to keep their MR professional, but her/his roles and responsibilities will be different once the QMS leaders will be the business process owners, therefore, part of the plant leadership team.
Q: - If a QMS MR is not required anymore, does that means the whole leadership team (process owners) needs to be trained in QMS and ISO 9001:2015?
Answer:-
We strongly recommend training the entire leadership team. Companies may not want to invest in a full lead auditor training for the entire leadership team, but every process owner should attend at last a QMS and ISO 9001:2015 awareness training to fully understand, engage and implement her/his role adequately.
Q: - Will registrars’ auditors and organization internal auditors need to be re-trained and certified to the new version? Will auditors need to have a different assessment approach?
Answer:-
Yes, auditors will need to adopt a different approach. Registrars’ auditors may not need to be re-certified. But we are strongly recommending that internal auditors, including experienced ones, be re-trained in the 2015 version of the Standard. An example of why is because instead of auditors focusing on documented procedures and records, they will need to watch the processes to look for evidence that may not need to be written anymore.
Q: - Who are the interested parties and how do we identify them and their requirements or needs?
Answer:-
The new version brings the expanded concept of customers. Interested parties are the actual customers and many others like internal customers, community, government representatives, suppliers, employees and contractors, in summary, anyone that can somehow express an interest in the organization’s business performance. There will not be a written requirement, meaning a template is not provided to gather the list of interested parties and respective requirements or needs. However, we recommend an internal procedure to facilitate this task. For those companies who already gather customer specific requirements, the same repository may be adapted to collect other interested parties requirements or needs.
Q: - How should we document the context of the organization? Is the Quality Policy a good place to describe the new context of the organization?
Answer:-
No, the Quality Policy is not a good place for the context of the organization. The context of the organization can be documented, in the Quality manual, if the organization decides to keep it. While some documents and procedures will not be mandatory anymore they can be kept and serve as a good repository for evidence of compliance to new concepts brought by the new standard version.
Q: - How do we demonstrate and provide evidence for risk-based thinking? How is risk-based thinking different from risk management? How do we document the opportunities rather than risks?
Answer:-
Risk-based thinking is simpler than risk management. Auditors will not require documented records, but simply verbal justification that it was performed. The standard will not require the usage of a specific tool or methodology to prove evidence of risk-based thinking, neither for identification of risks and opportunities and nor for the subsequent action plan. Companies, intuitively apply risk-based thinking, which will replace preventive action in the new version of the standard. However, businesses do require risk management and mitigation plans, regardless. There are several common risk analysis tools; most of them listed in the Standard ISO 30010, which we strongly advise adopting for the sake of results effectiveness. Firms may want to use simple tools like SWOT (Strengths, Weaknesses, Opportunities and Threats) Analysis and nine box, or expand the usage of their FTA (Fault Tree Analysis) or PFMEA (Process Failure Mode and Effects Analysis) if you are already using these tools due to your industry or a customer requirement. By the way, the BCP (Business Continuity Plan) is another adequate tool for this information and actions.
Q: - Continual or Continuous improvement?
Answer:-
Continuous never stops until perfection is achieved. While continual presumes a set target is to be achieved at a certain point or time-frame, and when achieved, a new target is set and the cycle continues with no concept of perfection. Therefore, Continuous is Theoretical (the continuous improvement program of the company) while Continual is Practical (a specific project of the company). The standard refers to continual improvement in several clauses.
All the Best………
