ISO 9001:2015 Awareness course

SCE / Quality Workshop / October 2018
SCE
Quality Management
Systems Workshop
Dr Ali AL-Zubaidi PhD, BSc (Eng.), Eur. Ing., CEng, CQP FCQI, MIChemE
Integrated Management Systems Associates (IMSA)
UK
ali_al-zubaidi@imsainternational.com
!1

SCE / Quality Workshop / October 2018 !2
Workshop Programme
1. Two Days (Monday 15th & Tuesday 16th October)
2. Starting Time 17:00 and Finishing Time 22:00
3. Refreshment BreakS (17:45 - 18:00 & 19:00 - 19:30)

Workshop Content
1. What is “Quality”? Key Related Concepts
2. Quality Management Concept and Key Related Issues
3. Quality Management Principles
4. Process Management
5. Risk Management
6. Continual Improvement Management
7. Management Systems Standards
8. Organisations Management Systems
9. Project Quality Management
10. Supply Chain Management
11. Verification Management
12. Incidents Investigation & Learning

!4
1. What is “Quality”? Key Related Concepts  
8

Quality Concepts
(ISO 9000:2015)
Quality
Degree to which a set of inherent characteristics fulfils
requirements.
Characteristic
Distinguishing feature.
Requirement
Need or other expectation that is stated, generally implied or
obligatory.

Evolution of Concept of Quality
1900: Specifications
1930: Inspection
1950: Quality Control
1970: Quality Assurance
1980: Total Quality Management
2000: Quality Management Systems (incorporating Process
Approach & Continual Improvement)
2008: QMS (re-enforced)
2015: QMS (incorporating Risk Management)

!7
Quality Control
“Part of quality management focused on fulfilling quality
requirements.”
Quality Assurance
“Part of quality management focused on providing
confidence that the quality requirements will be fulfilled.”
Quality Management
“Coordinated activities to direct and control an
organisation with regard to quality.”
Quality Concepts
15

8
Quality Management
Quality Management
16
?????
?????
?????
Quality Assurance
Quality
Control

!9
Quality Management
Quality Management
17
Quality Improvement
Quality Planning
Quality Policy & Objectives
Quality Assurance
Quality
Control

SCE / Quality Workshop / October 2018 10
Quality Policy
“Intentions and direction of an organisation, as formally expressed by top
management related to quality.”
Quality Objectives
“Result to be achieved, related to quality.”
Quality Planning
“Part of quality management focused on setting objectives and specifying
necessary operational processes and related resources to fulfil the quality
objectives.”
Quality Improvement
“Part of quality management focussed on increasing the ability to fulfil
quality requirements”
Quality Management Concepts
18

Evolution of Concept of Quality

!12
2. Quality Management Systems Concept and
Key Issues  
8

System
Set of interrelated or interacting elements (processes)
Management System
Set of interrelated or interacting elements of an
organisation to establish policies and objectives and
processes to achieve those objectives
XXX Management System
Part of management system with regard to XXX
Management Systems Concept
!13

Quality Management System Key Issues
Quality
Management
Systems
Context of
the
Organisation
Organisationa
l Culture &
Leadership
Stakeholders
Management
Risk
Management
Continual
Improvement
Process
Management
!14
Strategic
Planning

!15
▪ Combination of internal and external issues that can
have an effect on an organisation's approach to
developing and achieving its strategic objectives.
➢Objectives can be related to products, services,
investments and behaviour towards its interested
parties.
➢Can also be referred to as the “business or
organisation environment” .
Context of Organisation
35

!16
▪ Understanding context of the organisation is a process.
▪ Process should determine factors which influence the
organisation’s purpose, objectives and sustainable
development.
▪ Should consider internal factors such as values, culture,
knowledge and performance of the organisation.
▪ It should also consider external factors such as legal,
technological, competitive, market, cultural, social and
economic environments.
▪ An organisation's purpose can be expressed through its vision,
mission, polices and objectives.
Context of Organisation
34

Organisational Culture
▪ An organisation focused on “quality” promotes a culture
that results in existence of behaviours, attitudes,
activities and processes that deliver value through
fulfilling the needs and expectations of customers and
other relevant interested parties (stakeholders).
▪ Quality of an organisation's products and services is
determined by the ability to satisfy customers and the
intended and unintended impact on relevant interested
parties.
▪ Not just intended “function” and “performance” but also
their perceived value and benefit.

Top Management Role
▪ Determining critical (core & supporting) processes and their
interactions.
▪ Determining & evaluating risks associated with processes
and interactions.
▪ Provision of adequate resources (human & infrastructure).
▪ Ensure competency of human resources and capability of
infrastructure.
▪ Implementing appropriate risks control measures.
▪ Monitoring of processes performance.
▪ Effective internal and external communication.
▪ Performing planned reviews to ensure effective
performance of implemented quality management system.

!19
Interested party (stakeholder) 
“person or organization that can affect, be affected by,
or perceive itself to be affected by a decision or
activity”
37
Interested Parties
(Stakeholders)

!20
▪ Focus should not be solely on the customers; it is important
to consider all relevant interested parties (stakeholders).
▪ Relevant interested parties; those that introduce significant
risks (degree of uncertainty) to the organization
performance if their needs and expectations are not met,
should be identified.
▪ Define what outcomes are necessary to deliver satisfaction
to the relevant interested parties and how to manage
associated risks in order to achieve their satisfaction.
▪ Attract, capture and retain engagement of relevant
interested parties.
Stakeholders (Interested Parties)
Management
38

!21
Do they include the typical ones listed below? Who else can
you add?
▪ Customers
▪ Consumers / End Users
▪ Owners / Share Holders
▪ Employees
▪ Contractors / Vendors / Suppliers
▪ Partners
▪ Regulatory Authorities
▪ Society / Community
▪ Pressure Groups
▪ Others (who are they?)
40
Interested Parties
(Stakeholders)

Strategic Planning
▪ Aspiration of what an organisation would like to become by
top management represents its “Vision”.
▪ Purpose for existing expressed by top management is the
organisation’s “Mission”.
▪ A “strategy” represents the organisation’s plans to achieve a
long-term or overall objective
▪ Planning is not a singular event, rather it is an ongoing
process.
▪ Plans evolve as organisations and circumstances change.
▪ Important to regularly monitor and evaluate the
performance of these plans, through carefully considered
key performance indicators.

!23
3. Quality Management Principles
8

24
Process
Approach
Customer
Focus
Improvement
Relation
Management
Evidence
based Decision
Making
Involvement
of People
Leadership
Quality Management Principles

RSAF / Quality Workshop / October 2018
!25
Quality Management Principles 
Statement
Management
Principle
Statement
Customer Focus
The primary focus of quality management is to meet customer requirements and
to strive to exceed customer expectations.
Leadership
Leaders at all levels establish unity of purpose and direction and create conditions in which
people are engaged in achieving the organisation’s quality objectives.
Involvement of
People
Competent, empowered and engaged people at all levels throughout the organization are
essential to enhance the organization’s capability to create and deliver value.
Process
Approach
Consistent and predictable results are achieved more effectively and efficiently when
activities are understood and managed as interrelated processes that function as a
coherent system.
Evidence Based
Decision Making
Decisions based on the analysis and evaluation of data and information are more likely to
produce desired results.
Relationship
Management
For sustained success, organizations manage their relationships with relevant interested
parties, such as providers.
Improvement Successful organizations have an ongoing focus on improvement.

!26
4. Process Management
8

Process
Set of interrelated or interacting activities that use
inputs to deliver an intended result
• Processes are planned & managed under
controlled conditions for effectiveness & efficiency
• Outputs from processes could be inputs to other
processes & vise-versa
• Some processes (special) have outputs which
cannot be readily or economically verified
Process Management
13

Process Management
!28

Process Approach
✓ Understanding & managing interrelated processes, as a
system, contributes to organisation's effectiveness and
efficiency in achieving its intended results.
✓ Enables control of the interrelationships and interdependencies
among the processes of the system, so that the overall
performance of the organisation can be enhanced.
✓ Systematic definition and management of processes, and their
interactions, so as to achieve the intended results in
accordance with strategic direction.
✓ Management of processes as a whole (system) can be
achieved using the PDCA cycle with an overall focus on risk-
based thinking aimed at taking advantage of opportunities and
preventing undesirable results.

Process Approach
Application of process approach in management
systems enables:
✓understanding and consistency in meeting
requirements;
✓the consideration of processes in terms of added
value;
✓the achievement of effective process performance;
✓improvement of processes based on evaluation of
data and information.

Processes Interactions
• Outputs from a process could be input for one or more
processes
• Processes and their interactions represent the
“management system”
• Processes require outputs verification and also capability
validation (special processes)
• Different Processes have both common and specific
uncertainties (risks)
• Critical Processes are of two main types:
• Core processes (production, design, etc)
• Supporting processes (such as procurement,
maintenance?, Human Resources, IT)

Process Management
Processes are managed for:
Effectiveness
Extent to which planned activities are realized
and planned results achieved.
Efficiency
Relationship between the result achieved and the
resources used.

Process Outputs Outcomes
!33
Deviation Permit

▪Procedure is very different from a Process.
▪Procedure is defined as:
“Specified way to carry out an activity or a process”
▪Procedure is only one element of control of a process.
▪Procedures could be documented or not!!
▪Decision of documentation can depend on a number
of factors.
▪Form of documentation could vary depending on
circumstances.
Process Management
20

!35
▪ Linking interrelated activities to transform inputs into
outputs and ensure more effective and efficient outcomes.
▪ Main focus on outcomes and optimizing process resources
and controls.
▪ Promotes continual improvement through collecting,
analyzing and acting on process performance information
▪ Enables systematic management of processes and their
interactions to achieve intended results (outcomes).
The process approach integrates processes into a holistic
system in order to achieve strategic and operational
objectives
Process Approach
27

Procedure Approach vs. Process
Approach
21

System Processes
29
Challenge - Managing Interfaces between
Processes

!38
5. Risk Management
8

▪ Organisations face internal and external factors and influences
that make it uncertain whether and when they will achieve their
objectives.
▪ Risk is “effect this uncertainty has on an organisation's objectives”.
▪ Manage risk by identifying it, analysing it and then evaluating
whether the risk should be modified by risk treatment in order to
satisfy their risk criteria.
▪ Communicate and consult with stakeholders and monitor and
review the risk and the controls that are modifying the risk in
order to ensure that no further risk treatment is required.
▪ Develop, implement and continuously improve a framework whose
purpose is to integrate the process for managing risk into the
organisation's overall governance, strategy and planning,
management, reporting processes, policies, values and culture.
Risk Management Concepts

Risk Management Framework

55
Process Risks & Control
Process Risk Profile

* Can vary according to particular circumstances
Risk Index Significance
Evaluation Matrix (5 x 6)*

Original
Risk Level
Risk
Owner
Control Action
Acceptable
Residual
Risk Level
Resource
Requirements
Performance
Measures
Monitoring
Requirements
Monitoring
Schedule
Process Risk Treatment Plan
!43

!44
6. Continual Improvement Management
8

Improvement can be realised through the PDCA Cycle
Continual Improvement
Plan
set objectives and define processes necessary to
deliver required outcomes
Do implement and manage processes planned
Check
(Verify)
measure and monitor processes performance against
set objectives
Act
take actions to improve processes performance and
generated outcomes
!45

42
Correction
“Action to eliminate a detected nonconformity.”
Corrective Action
“Action to eliminate the cause of a nonconformity and to
prevent recurrence.”
Preventive Action
“Action to eliminate the cause of a potential nonconformity or
other potential undesirable situation.”
Continual Improvement Actions
Reactive
Proactive

!47
7. International Management Standards
8

▪ Standards are documents that provide requirements,
specifications, guidelines or characteristics that can be used
consistently to ensure that materials, products, processes
and services are fit for their purpose.
▪ ISO International Standards designed to ensure products
and services are safe, reliable and of good quality.
▪ Should be considered as strategic tools to reduce costs by
minimizing waste and errors, and increasing productivity.
▪ Should enable access to new markets and facilitate free
and fair global trade.
International Standards (ISO)
!48

Standards Expressions of Provisions are:
▪ Requirements – “Shall” or “Shall not”
▪ Recommendation – “Should” or “Should not”
▪ Permission – “May” or “May not”
▪ Possibility & Capability – “Can” or “Cannot”
▪ External Constraint – “Must” (not specified in standards
themselves)
ISO/IEC Directives, Part 2, 2016
!49

ISO Management Systems Standards
▪ ISO 9000 Family
➢Help develop Quality Management Systems
▪ ISO 14000 Family
➢Help develop Environmental Management Systems
▪ ISO 45000 Family (ex. OHSAS 18000 Family)
➢Help develop Occupational Health & Safety Management Systems
➢Help develop Food Safety Management Systems
➢Help develop Information Security Management Systems
➢Help develop Energy Management Systems
➢Help ensure Asset Integrity Management System
➢Help manage Risks that affect Performance
▪ ISO 37100
➢Helps implement a management system for sustainable development
!50

Annex SL
Management
Systems High Level
7. Support6. Planning
5.
Leadership
10.
Improvement
8.
Operations
9.
Performance
Evaluation
4. Context of
the
Organisation
of

Annex SL
Management Systems
High Level Structure
5.
Leadership
10.
Improvement
8.
Operations
9.
Performance
Evaluation
4. Context of
the
Organisation
7.1 Resources
7.2
Competence
7.3 Awareness
7.4
Communication
7.5 Documented
information
4.1 Understanding
the organization
and its context
4.2
Understanding
the needs and
expectations of
interested parties
4.3 Determining
the scope of the
XXX management
system
4.4 XXX
management
system and its
processes
5.1 Leadership
and
commitment
5.2 Policy
5.3
Organizational
roles,
responsibilities
and authorities
6.1 Actions to
address risks
and
opportunities
6.2 XXX
objectives and
planning to
achieve them
8.1 Operational
planning and
control
9.1 Monitoring,
measurement,
analysis and
evaluation
9.2 Internal
audit
9.3
Management
review
10.1
Nonconformity
and corrective
action
10.2 Continual
improvement
!52

Quality Management
System standard (ISO
9001)
5.
Leadership
10.
Improvement
8.
Operations
9.
Performance
Evaluation
4. Context of
the
Organisation
7.1 Resources
7.2
Competence
7.3 Awareness
7.4
Communication
7.5 Documented
information
4.1
Understanding
the organization
and its context
4.2 Understanding
the needs and
expectations of
interested parties
4.3 Determining the
scope of the quality
management system
management system
4.4 Quality
management
system and its
processes
5.1 Leadership
and
commitment
5.2 Quality
Policy
5.3
Organizational
roles,
responsibilities
and authorities
6.1 Actions to
address risks
and
opportunities
6.2 Quality
objectives and
planning to
achieve them
8.1 Operational
planning and
control
9.1 Monitoring,
measurement,
analysis and
evaluation
9.2 Internal
audit
9.3
Management
review
10.2
Nonconformity
and corrective
action
10.3 Continual
improvement6.3 Planning of
changes
8.2 Requirements
for products and
services
8.4 Control of
externally provided
processes, products
and services
8.5 Production
and service
provision
8.6 Release of
products and
services
8.7 Control of
nonconforming
outputs
8.3 Design and
development of
products and
services
10.1 General
!53

Annex SL & Management Systems Standards
Annex SL
Environmental
Management
Systems (ISO
14001)
Occupational
Health & Safety
Management
Systems (ISO
45001)
Quality
Management
Systems (ISO
9001)
Energy
Management
Systems (ISO
50001)
Asset
Management
Systems (ISO
55001)
Food Safety
Management
Systems (ISO
22000)
Information
Security
Management
Systems (ISO
27001)
!54

Quality Management Systems (QMS) Standards
ISO 9000:2015
Quality Management Systems - Fundamentals and Vocabulary
ISO 9001:2015
Quality Management Systems – Requirements
ISO/TS 9002: 2016
Quality Management Systems - Guidelines for the application of
ISO 9001:2015
ISO 9004:2018
Quality Management Systems – Quality of an Organisation -
Guidance to achieve sustained success
!55

ISO 9001:2015, in line with Annex SL
stipulations, uses following verbal forms:
▪ “shall” indicates a requirement
▪ “should” indicates a recommendation
▪ “may” indicates a permission
▪ “can” indicates a possibility or a capability
ISO 9001:2015 Family Standards Provisions
36

Leadership
(5)
Improvement
(10)
Support (7) &
Operation (8)
Planning (6)
Performance
Evaluation (9)
Plan Do
Check
Act
ISO 9001:2015 Standard Model

Implications of Annex SL on Sector-specific
Management Systems Standards
Annex SL
Quality
Management
Systems (ISO
9001)
Oil & Gas,
Petrochemical Quality
Management Systems
(ISO 29001)
Automotive Industry
Quality Management
Systems (???/TS
16949)
Aviation, Space &
Defence Quality
Management Systems
(BS/EN 9100)

Annex SL
ISO 9001
(QMS)
AS 9100 AS 911O AS 912O AS 9115
Quality Management Systems Standards
– Aviation, Space & Defence Industries

125
Clause 1
Scope
• New process model
• Added a PDCA model
• Added “Risk-based thinking”
• Emphasis on defining context of
organization
Clause 2 ISO 9000:2015 referenced
Clause 3
Terms &
Definitions
ISO 9001 terms & definition from ISO 9000.
Added a number of definitions, including
“Product Safety” & Counterfeit parts”
Clause 4
Context of the
organization
• Maintained documented information is
required, can be named Quality Manual
▪ Justified exclusions not limited to
Realization/Operations processes
▪ QMS processes have performance
indicators
Clause 5
Leadership
▪ QMS compatible with strategic direction
▪ QMS requirements integrated into
business processes
▪ Processes deliver their intended Outputs
Clause 6
Planning
• When planning the QMS, determine
the actions needed to address
opportunities and risks (prevention)
•Increases requirements for planning of
changes
Clause 7
Support
• Determine knowledge management
requirements
• Awareness on product conformity,
product safety, ethical behavior
Clause 8
Operation
• Planning for product obsolescence
• Plan activities needed to assure
product safety
• Prevention of counterfeit parts
•Process to validate test reports for raw
material based on risks
• Release of products and services
Clause 9
Performance
evaluation
• Assess performance of QMS
processes
• Added Note to evaluate performance
indicators on internal audits
Clause 10
Improvement
Consider human factors in
nonconformity / corrective action
AS 9100:2016 Structure
ISO 9001:2015, Additional Requirements

Risk
Merges current AS 9100 series (operation) risk management requirements
with new ISO 9001:2015 requirements on risk-based thinking, which permeate
the entire management system (merged current 9100 requirements with new
ISO requirements and emphasis on risks in operational processes).
Configuration management
Clause clarified and considerably improved to address stakeholder needs to
specify requirements in more simplified terms for physical and functional
attributes during the product life cycle (clarified and improved to address
stakeholder needs).
Product safety
Plan, implement and control processes needed to ensure product safety during
the entire life cycle, as appropriate to the organization (added in a separate
clause and in selected areas).
AS 9100: 2016 New Features
149

Counterfeit parts
Introduces prevention of counterfeit or suspected counterfeit parts in carefully
selected areas to establish basic requirements appropriate to the product
(added in a separate clause and in selected areas).
Awareness
Reinforces requirements for awareness of the individual contribution to product
or service conformity, contribution to product safety and importance of ethical
behavior (reinforced requirements for awareness of individual contribution to
quality).
Human factors
Organizations should consider human factors when determining causes of a
nonconformity to ensure a true root cause is identified and nonconformities do
not recur (factors included as a consideration in nonconformity / corrective
action).
AS 9100: 2016 New Features
150

!63
8. Organisations Management Systems
8

NOT ONLY
MS ≠ Standards
MS = Standards+++++
Standards are Generic
while
MS is Specific
Standards
(Requirements
& Guidelines)
Stakeholders
Requirements
(Needs &
Expectations)
Statutory &
Legal
Requirements
Specific
Business
Requirements
Management
Systems
(MS)
Management Systems vs. Management Standards
!64

Management Systems Key Elements
Context of Organization
Stakeholders Needs
Process
Management
Risk
Management
Continual
Improvement
Management
!65

Process Management
A desired result is achieved more effectively and efficiently
when activities, related resources and controls are
managed as a process
Risk Management
Coordinated activities to direct and control an organisation
with regard to risk
Continual Improvement Management
Recurring activity to increase the ability to fulfil
requirements
Management Systems Key Elements
!66

QMS Development
▪ A quality management system should be dynamic;
evolving over time through concept of continual
improvement.
▪ Every organisation has “inherent” quality management
activities; however, these need to be planned and
managed in a systemic way.
▪ Developing a quality management system enables
organisation to focus on activities that really add value to
it and its stakeholders.
▪ Such a system provides framework for planning,
executing, monitoring and improving performance
activities within organisation.

!68
9. Project Quality Management
8

Project Characteristics
▪ Unique, non-repetitive phases consisting of processes and
activities
▪ Have some degree of risk and uncertainty
▪ Expected to deliver specified (minimum) quantified results with
predetermined parameters
▪ Planned start and finishing dates with clearly specified cost and
resource constraints
▪ Personnel maybe temporarily assigned to a project
organisation for the duration of the project and maybe subject
to change as the project progresses
▪ Maybe of a long duration and subject to changing internal and
external influences over time
!69

• Project scope includes a description of project’s deliverables, their
characteristics and how they are to be measured and assessed.
• Project scope is concerned with:
• Concept definition and development
• Scope boundaries control
• Definition of corresponding activities, and
• Control of activities
• Project related processes aim to:
• Translate customers’ and other stakeholder’s needs and expectations into
activities to be carried out to achieve the objectives of the project and to
organise these activities
• Ensure that personnel work within project scope during realisation of
these activities, and
• Ensure that activities are carried out in the project meet requirements
described in the scope
!70
Project Characteristics

Project Processes
▪ Project Processes & Phases are two different
concepts.
▪ Projects may be divided into independent phases and
processes to enable planning and realisation of
objectives and assessing related risks.
▪ Project processes are those that are necessary for
realising the project and its outcomes.
▪ Processes consist of two types; core and supporting
processes.
▪ Processes are grouped according to their affinity to
one another.
!71

Project Processes Management
• Project management processes includes:
• Planning
• Organisation & Execution
• Risk Identification & Control
• Performance Monitoring
• Analysis & Review
• Improvement Actions (Correction, Corrective & Preventive
Actions)
• Project quality management system should be aligned with
organisation’s quality management system.
• Documents should be created to ensure effective planning,
implementation and control of the project & its processes.
!72

Project Life Cycle Phases
!73
Assess Select Define Execute Operation Decommission
Risk Management
Decision
Gate
Controls
Key ActivitiesKey Activities Key ActivitiesKey Activities Key Activities Key Activities
Decision
Gate
Decision
Gate
Decision
Gate
Decision
Gate

Project Processes
Project
Organisation
Stakeholders
Communication
Resource
Management
Performance
Evaluation
Execution
Performance
Analysis &
Review
Information
Management
Risk
Management
Planning
!74

!75
9. Supply Chain Management
8

Suppliers /
Vendors /
Contractors
Planning &
Coordination
Function
Purchasing
Function
Finance
Function
Contracts
Function
Verification
Function
Customers
Challenge: Managing Functional Interfaces
Supply Chain Management Process
!76

Cumulative Risk
Annual
Spend
(2017)
Criticality of
Provider
Criticality of
Product /
Service
Frequency
of Use
Cumulative
Risk
10% 40% 25% 25% 100%
!77

Performance Evaluation
Quality
Performance
Delivery
Performance
Responsiveness
Performance
Relationship
Management
Cumulative
Performance
30% 30% 20% 20% 100%

External Provider Ranking
(Traffic Lights Ranking)
Cumulative Risk Cumulative Performance
League Ranking
(Management Time)
9.20 (***) 6.4 (***) ******
11.20 (***) 5.20 (***) ******
11.20 (***) 5.60 (***) ******
7.20 (***) 8.00 (**) *****
7.20 (***) 8.00 (**) *****
8.60 (***) 7.20 (**) *****
9.20 (***) 8.00 (**) *****
7.20 (***) 8.00 (**) *****
12.00 (***) 8.00 (**) *****
11.20 (***) 12.00 (*) ****
8.00 (***) 9.20 (*) ****
7.00 (***) 12.00 (*) ****

!80
10. Verification Management
8

Policy &
Objectives
Planning & Implementation
of Operational Controls
Commitment,
Leadership &
Accountability
Communication
Organisational
Structure
Risk
Management
Verification
Activities
Correction,
Corrective &
Preventive Actions
Management
Review
Management Systems Elements

Verification Activities
Audit
Systematic, independent and documented process for obtaining
audit evidence and evaluating it objectively to determine the
extent to which audit criteria are fulfilled
Inspection
Conformity evaluation by observation and judgement
accompanied as appropriate by measurement, testing or gauging
Review
Activity undertaken to determine the suitability, adequacy and
effectiveness of the subject matter to achieve established
objectives

Verification Activities Linkage
Process Performance
(KPI’s)
Process Customers
Feedback
Technical
Inspections
Audits
(Processes)
Review

Process Verification vs. Validation
Verification
Confirmation, through the provision of objective evidence, that specified
requirements have been fulfilled.
➢Verification results, in the form of objective evidence, can be obtained either
by performing certain activities other forms of determination, such as
performing alternative calculations or reviewing documentation such as
records
➢Such activities can include testing
Validation
Confirmation, through the provision of objective evidence, that the
requirements for a specific intended use or application have been fulfilled.
➢Objective evidence can be result of a process “qualification” or reviewing the
validity of planned arrangements
➢Validation can be “real” or “simulated”

!85
21
Planning Phase
Risk-based
Audits
Programme
Execution Phase
Reporting Phase
Follow-up Phase
Analysis &
Improvement
Process
Management Review
Process
Audits
Findings
Closure
Audit
Report
Audit Plan,
Schedule &
Checklist
Audit Objectives,
Scope & Criteria
Audit Findings &
Actions Database
Lessons
Learned
RSAF Systems
Learning Sharing
Process

!86
21
Audit Planning
• Establishing Audit Objectives, Scope & Criteria
• Communication with Concerned Parties (Client, Auditee & Team)
• Agreeing Composition of Team & Allocation of Tasks
• Conducting Document Review
• Creating Audit Plan & Schedule
• Creating Checklists
Audit Execution
• Collecting information to Establish Body of Evidence
• Arriving at Audit Findings
Audit Reporting
• Creating Audit Reports and documenting Audit Findings & Conclusions
Audit Follow-up
• Verifying Effectiveness of Actions taken by Audiee as a response to Audit Findings
Audit Process Phases Activities

!87
Audit Findings
33
Audit Finding
Positive
Practice Observation Non-conformity
Opportunity for
Improvement

40
▪ Defined as non-fulfilment of a requirement not a
clause
▪ Should contain:
➢ Details of relevant evidence
➢ Specific requirement (shall) from audit criteria
▪ Should provide clear indication of concern being raised
▪ Provide clarifications but try not to be drawn into a
long debate or suggest required response actions
▪ Make auditee management aware of findings prior to
closing meeting
Nonconformity

Process Review & Improvement
Evidence collected through:
Process KPI’s – process to demonstrate the ability to fulfil specified
requirements.
Process Customers Feedback – ability to satisfy not only the
requirements of the customer but also the needs of the
process customers.
Process Inspections – determination of conformity to specified
requirements.
Process Audits – systematic, independent and documented process
for obtaining audit evidence and evaluating it objectively to determine
the extent to which audit criteria are fulfilled .

!90
Follow-up Phase
38
Agreeing response actions timeframe
Root causes investigation
Formulation of relevant response actions
Communication & coordination between audit team, audit client & auditee
Findings close-out
Implementation of required actions
Auditee verification of implemented actions

39
!91

46
•Can you see the issuance of NCR as adding value or just a
reflection of non-conformance / non-compliance?
•What are the responsibilities of the auditor when determining
and documenting a non-conformity with respect to the
following:
✦Attributes of the evidence collected and documented
✦Does the auditor need to refer to the audit criteria. If so,
should he refers to a clause or a specific requirement
(shall)?
✦What should become clear when the reader compares the
evidence against the requirement (specific shall)?
•What kind of actions are required in response and by whom?
•What is the role of the auditor when closing a non-conformity?
Best Practice Auditing

45
•Are audits just a tool of compliance or both compliance and
improvement?
•If you agree that it is about ensuring improvement in the system,
is it just the auditor who contribute to improvement realisation?
•Can we remind ourselves of the differences between the following
actions:
• correction
• corrective action
• preventive action
• To arrive at corrective actions, do we need to identify root causes?
• Can we determine root causes without conducting required root
causes investigations?
Best Practice Auditing

!94
11. Incidents Investigations & Learning
8

!95
Incidents
9
Incidents
Accidents
Near-
misses

!96
Determining
Root Causes
Identifying
Required
Actions
Formulating
Required
Actions
Data
Gathering
Investigation
Team
Selection
Implementing
Required
Actions
Verifying
Effectiveness of
Implemented
Actions
Review of
Effectiveness of
Implemented
Actions
Embed Learning
Agree & Formalise
System &
Operational
Changes
Investigation & Learning Process
Communicate and
Monitor System &
Operational Changes
End

“Why Why” Analysis
• Also referred to as “tree diagrams”
• “Why Why” Analysis provides guidance on the
likely cause of a problem
• Used with structured brainstorming and analytical
discussion
• Sometimes referred to as ‘5 Whys’ – reflecting
the 5 rounds of vertical and not horizontal
questioning
!97

“Why Why” Analysis
!98
Why?
Why?
5
4
3
6
1
Original
Problem
Most Strongly
Scored
“possible” root
cause is now
taken further 2
Why?
Why?
Why?
Why?

Why?
Why?
Why?
Why?
Why?
1
Why?
Original
Problem
Why?
Why?
Why?
Why?

Cause & Effect Analysis  
(Fishbone or Ishikawa Diagrams)
!100

ISO 9001:2015 Awareness course

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie ISO 9001:2015 Awareness course

Ähnlich wie ISO 9001:2015 Awareness course (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

ISO 9001:2015 Awareness course