Tuesday, October 6, 2015

Verification

Verification

Verification is a process. It uses objective evidence to confirm that specified requirements have been met. Whenever specified requirements have been met, a verified status is achieved. There are many ways to verify that requirements have been met.

For example you could inspect something, you could do tests, you could carry out alternative calculations, or you could examine documents before you issue them.

Validation

Validation

Validation is a process. It uses objective evidence to confirm that the requirements which define an intended use or application have been met. Whenever all requirements have been met, a validated status is established.

Validation can be carried out under realistic use conditions or within a simulated use environment. There are several ways to confirm that the requirements which define an intended use or application have been met. For example you could do tests, you could carry out alternative calculations, or you could examine documents before you issue them.

Traceability

Traceability

Traceability is the ability to identify and trace the history, distribution, location, and application of products, parts, materials, and services.

A traceability system records and follows the trail as products, parts, materials, and services come from suppliers and are processed and ultimately distributed as final products and services.

Top management

Top management

The term top management normally refers to the people at the top of an organization. It refers to the people who provide resources and delegate authority and who coordinate, direct, and control organizations.

However, if the scope of a management system covers only part of an organization, then the term top management refers, instead, to the people who direct and control that part of the organization.

System

System

A system is defined as a set of interrelated or interacting elements. A management system is one type of system. It is a set of interrelated or interacting elements that organizations use to formulate policies and objectives and to establish the processes that are needed to ensure that policies are followed and objectives are achieved.

Supplier

Supplier

A supplier is a person or an organization that provides products or services. Suppliers can be either internal or external to an organization. Internal suppliers provide products or services to people within their own organization while external suppliers provide products or services to other organizations.

Examples of suppliers include organizations and people who produce, distribute, or market products, provide services, or publish information. While ISO still includes a definition for this term, the new ISO 9001 2015 standard no longer actually uses it. It prefers, instead, to use the term external provider.

Strategy

Strategy

A strategy is a plan for achieving an objective.

Statutory requirement

Statutory requirement

A statutory requirement is defined by a legislative body and is obligatory.

 

Service

Service

A service is an intangible output and is the result of a process that includes at least one activity that is carried out at the interface between the supplier (provider) and the customer.

Service provision can take many forms. Service can be provided to support an organization’s own products (e.g. warranty service or the serving of meals). Conversely, it can be provided for a product supplied by a customer (e.g. a repair service or a delivery service). It can also involve the provision of an intangible thing to a customer (e.g. entertainment, ambience, transportation, or advice).

Risk-based thinking

Risk-based thinking

Risk-based thinking refers to a coordinated set of activities and methods that organizations use to manage and control the many risks that affect its ability to achieve objectives.

Risk-based thinking replaces what the old standard used to call preventive action. While risk-based thinking is now an essential part of the new standard, it does not actually expect you to implement a formal risk management process nor does it expect you to document your organization’s risk-based approach.

Risk

Risk

According to ISO 9000, risk is the “effect of uncertainty on an expected result” and an effect is a positive or negative deviation from what is expected. The following two paragraphs will explain what this means.

This definition recognizes that all of us operate in an uncertain world. Whenever we try to achieve something, there’s always the chance that things will not go according to plan. Sometimes we get positive results and sometimes we get negative results and occasionally we get both. Because of this, we need to reduce uncertainty as much as possible. Uncertainty (or lack of certainty) is a state or condition that involves a deficiency of information and leads to inadequate or incomplete knowledge or understanding.

In the context of risk management, uncertainty exists whenever the knowledge or understanding of an event, consequence, or likelihood is inadequate or incomplete. While this definition argues that risk can be positive as well as negative, a note acknowledges that "the term risk is sometimes used when there is only the possibility of negative consequences".

Review

Review

A review is an activity. Its purpose is to figure out how well the thing being reviewed is capable of achieving established objectives.
Reviews ask the following question: is the subject (or object) of the review a suitable, adequate, effective, and efficient way of achieving established objectives? There are many kinds of reviews. Some of these include management reviews, design and development reviews, customer requirement reviews, nonconformity reviews, and peer reviews.

Requirement

Requirement

A requirement is a need, expectation, or obligation. It can be stated or implied by an organization, its customers, or other interested parties.

A specified requirement is one that has been stated (in a document for example), whereas an implied requirement is a need, expectation, or obligation that is common practice or customary. There are many types of requirements.

Some of these include customer requirements, quality requirements, quality management requirements, management requirements, product requirements, service requirements, contractual requirements, statutory requirements, and regulatory requirements.

Release

Release

To release means to grant permission to proceed to the next stage of a process. The term release is also used to refer to a version of software or documented information.

Regulatory requirement

Regulatory requirement

A regulatory requirement is an obligation that is specified by an authority which gets its mandate from a legislative body.

Quality policy

Quality policy

A quality policy should express top management's commitment to the quality management system (QMS) and should allow managers to set quality objectives.

It should be based on ISO’s quality management principles and should be compatible with your organization’s other policies and be consistent with its vision and mission. ISO's quality management principles ask you to focus on customers and interested parties, to provide leadership, to engage and involve people, to use a process approach, to encourage improvement, to use evidence to make decisions, and to manage corporate relationships.

Quality objective

Quality objective

A quality objective is a quality result that you intend to achieve. Quality objectives are based on or derived from an organization’s quality policy and must be consistent with it. They are usually formulated at all relevant levels within the organization and for all relevant functions. The adjective quality applies to objects and refers to the degree to which a set of inherent characteristics fulfills a set of requirements; and an object is any entity that is either conceivable or perceivable. Therefore, a quality objective can be set for any kind of object.

Quality management system

Quality management system

A quality management system (QMS) is a set of interrelated or interacting elements that organizations use to formulate quality policies and quality objectives and to establish the processes that are needed to ensure that policies are followed and objectives are achieved.

These elements include structures, programs, practices, procedures, plans, rules, roles, responsibilities, relationships, contracts, agreements, documents, records, methods, tools, techniques, technologies, and resources.

Quality management

Quality management

Quality management includes all the activities that organizations use to direct, control, and coordinate quality. These activities include formulating a quality policy and setting quality objectives.

They also include quality planning, quality control, quality assurance, and quality improvement.

Quality

Quality

The adjective quality applies to objects and refers to the degree to which a set of inherent characteristics fulfills a set of requirements.

An object is any entity that is either conceivable or perceivable and an inherent characteristic is a feature that exists in an object. The quality of an object can be determined by comparing a set of inherent characteristics against a set of requirements. If those characteristics meet all requirements, high or excellent quality is achieved but if those characteristics do not meet all requirements, a low or poor level of quality is achieved. So the quality of an object depends on a set of characteristics and a set of requirements and how well the former complies with the latter.

Provider

Provider

A provider is a person or an organization that supplies or provides products or services. Providers can be either internal or external to the organization. Internal providers supply products or services to people within their own organization while external providers supply products or services to other organizations.

Product

Product

A product is a tangible or intangible output that is the result of a process that does not include activities that are performed at the interface between the supplier (provider) and the customer. Products can be tangible or intangible.

According to a note to this definition, there are three generic product categories: hardware, processed materials, and software.

Many products combine several of these categories. For example, an automobile (a product) combines hardware (e.g. tires), software (e.g. engine control algorithms), and processed materials (e.g. lubricants).

Process-based quality management system

Process-based quality management system

A process-based quality management system uses a process approach to manage and control how its quality policy is implemented and how its quality objectives are achieved. A process-based QMS is a network of interrelated and interconnected processes.

Each process uses resources to transform inputs into outputs. Since the output of one process becomes the input of another process, processes interact and are interrelated by means of such input-output relationships. These process interactions create a single integrated process-based QMS.

Process approach

Process approach

The process approach is a management strategy. When managers use a process approach, it means that they manage and control the processes that make up their organization, the interaction between these processes, and the inputs and outputs that tie these processes together.

Process

Process

A process is a set of activities that are interrelated or that interact with one another. Processes use resources to transform inputs into outputs.

Processes are interconnected because the output from one process often becomes the input for another process. While processes usually transform inputs into outputs, this is not always the case. Sometimes inputs become outputs without transformation.

Organizational processes should be planned and carried out under controlled conditions. An effective process is one that realizes planned activities and achieves planned results.

Policy

Policy

A policy is a general commitment, direction, or intention and is formally stated by top management. A quality policy statement should express top management's commitment to the implementation and improvement of its quality management system and should allow managers to set quality objectives.

Performance indicator

Performance indicator

A performance indicator (metric) is a characteristic that is used to measure customer satisfaction and how well outputs are realized.

Performance

Performance

According to ISO, the term performance refers to a measurable result. It refers to the measurable results that activities, processes, products, services, systems and organizations are able to achieve. Whenever they perform well it means that acceptable results are being achieved and whenever they perform poorly, unacceptable results are achieved.

Outsource

Outsource

When an organization makes an arrangement with an outside organization to perform part of a function or process, it is referred to as outsourcing.

To outsource means to ask an external organization to perform part of a function or process normally done inhouse. While an outsourced organization is beyond the scope of your QMS, the outsourced process or function itself falls within your scope.

Output

Output

An output is the result of a process. Outputs can be either tangible or intangible. The output from one process is often the input for another process.

ISO 9001 lists four generic output categories: services, software, hardware, and processed materials. Outputs often combine several of these categories. For example, an automobile (an output) combines hardware (e.g. tires), software (e.g. engine control algorithms), and processed materials (e.g. lubricants).

Organization

Organization

An organization can be a single person or a group that achieves its objectives by using its own functions, responsibilities, authorities, and relationships. It can be a company, corporation, enterprise, firm, partnership, charity, association, or institution and can be either incorporated or unincorporated and be either privately or publicly owned. It can also be an operating unit that is part of a larger entity.

Objective evidence

Objective evidence

Objective evidence is data that shows or proves that something exists or is true. Objective evidence can be collected by performing observations, measurements, tests, or using other suitable methods.

Objective audit evidence

Objective audit evidence

Objective audit evidence is information that is verifiable and generally consists of records and other statements of fact that are relevant to the audit criteria being used.

Objective

Objective

An objective is a result you intend to achieve. Objectives can be strategic, tactical, or operational and can apply to an organization as a whole or to a system, process, project, product, or service.

Objectives may also be referred to as targets, aims, goals, or intended outcomes. Quality objectives are generally based on or derived from an organization’s quality policy and must be consistent with it.

Object

Object

An object is any entity that is either conceivable or perceivable. Objects can be real or imaginary and could be material or immaterial. Examples include products, services, systems, organizations, people, practices, procedures, processes, plans, ideas, documents, records, methods, tools, machines, technologies, techniques, and resources.

Nonconformity

Nonconformity

Nonconformity is a nonfulfillment or failure to meet a requirement.

A requirement is a need, expectation, or obligation. It can be stated or implied by an organization or interested parties.

Monitoring

Monitoring

To monitor means to determine the status of an activity, process, or system at different stages or at different times. In order to determine status, you need to supervise and to continually check and critically observe the activity, process, or system that is being monitored.

Measuring equipment

Measuring equipment

Measuring equipment includes all the things needed to carry out a measurement process. Accordingly, measuring equipment includes instruments and apparatuses as well as all the associated software, standards, and reference materials.

Measurement

Measurement

Measurement is a process that is used to determine a value. In most cases this value will be a quantity.

Management system

Management system

A management system is a set of interrelated or interacting elements that organizations use to formulate policies and objectives and to establish the processes that are needed to ensure that policies are followed and objectives are achieved.

These elements include structures, programs, procedures, practices, plans, rules, roles, responsibilities, relationships, contracts, agreements, documents, records, methods, tools, techniques, technologies, and resources.

There are many types of management systems. Some of these include quality management systems, environmental management systems, financial management systems, information security management systems, business continuity management systems, emergency management systems, disaster management systems, food safety management systems, risk management systems, and occupational health and safety management systems.

The scope or focus of a management system could be restricted to a specific function or section of an organization or it could include the entire organization. It could even include a function that cuts across several organizations.

Management

Management

The term management refers to all the activities that are used to coordinate, direct, and control organizations. These activities include developing policies, setting objectives, and establishing processes to achieve these objectives.

In this context, the term management does not refer to people. It refers to what managers do.

Knowledge

Knowledge

Knowledge is a collection of information and a justified belief that this information is true with a high level of certainty.

Involvement

Involvement

Involvement occurs when people share objectives and are actively engaged in and contribute to their achievement.

Interested party

Interested party

An interested party is anyone who can affect, be affected by, or believe that they are affected by a decision or activity. An interested party is a person, group, or organization that has an interest or a stake in a decision or activity.

Innovation

Innovation

Innovation is a process that results in a new or substantially changed object.
An object is any entity that is either conceivable or perceivable. Objects can be real or imaginary and could be material or immaterial. Examples include products, services, systems, organizations, people, practices, procedures, processes, plans, ideas, documents, records, methods, machines, tools, technologies, techniques, and resources.

Infrastructure

Infrastructure

The term infrastructure refers to the entire system of facilities, equipment, and support services that organizations need in order to function.

According to ISO 9001, section 7.1.3, the term infrastructure can include buildings, equipment, utilities, and technologies (both hardware and software).

Information system

Information system

In the context of this ISO 9001 standard, an information system is a network of communication channels used within an organization.

Information

Information

Information is “meaningful data”. While it's not entirely clear what the word “meaningful” is supposed to mean in this context, dictionaries tend to say that something is meaningful if it is significant, relevant, material, valid, or important.

Improvement

Improvement

Improvement is a set of activities that organizations carry out in order to enhance performance (get better results). Improvement can be achieved by means of a single activity or by means of a recurring set of activities.

Function

Function

A function is a role that is performed by a unit of an organization.

Feedback

Feedback

The term feedback is used to refer to a comment or an opinion expressed about a product or service or an interest expressed in a product or a service. It may also be used to refer to the customer complaints-handling process itself.

Effectiveness

Effectiveness

Effectiveness refers to the degree to which a planned effect is achieved. Planned activities are effective if these activities are actually carried out and planned results are effective if these results are actually achieved.

Documented information

Documented information

The term documented information refers to information that must be controlled and maintained and its supporting medium.

Documented information can be in any format and on any medium and can come from any source. Documented information includes information about the management system and related processes.

It also includes all the information that organizations need to operate and all the information that they use to document the results that they achieve (aka records).

Determination

Determination

To determine means to find or to identify the value of a characteristic.

Design and development

Design and development

Design and development is a process (or a set of processes) that uses resources to transform general input requirements for an object into specific output requirements. An object is any entity that is either conceivable or perceivable.

Objects can be real or imaginary and could be material or immaterial. Examples include products, services, systems, organizations, people, practices, procedures, processes, plans, ideas, documents, records, methods, tools, machines, technologies, techniques, and resources.

Defect

Defect

A defect is a type of nonconformity. It occurs when a product or service fails to meet specified or intended use requirements.

Data

Data

The term data is defined as any facts about an object.

Customer satisfaction

Customer satisfaction

Customer satisfaction is a perception. It's also a question of degree. It can vary from high satisfaction to low satisfaction. If customers believe that you've met their requirements, they experience high satisfaction. If they believe that you've not met their requirements, they experience low satisfaction. Since satisfaction is a perception, customers may not be satisfied even though you’ve met all contractual requirements. Just because you haven’t received any complaints doesn’t mean that customers are satisfied. There are many ways to monitor and measure customer satisfaction. You can use customer satisfaction and opinion surveys; you can collect product quality data (post delivery), track warranty claims, examine dealer reports, study customer compliments and criticisms, and analyze lost business opportunities.

Customer

Customer

A customer is anyone who receives products or services (outputs) from a supplier. Customers can be either people or organizations and can be either external or internal to the supplier organization. Examples of customers include clients, consumers, users, guests, patients, purchasers, and beneficiaries.

Corrective action

Corrective action

Corrective actions are steps that are taken to eliminate the causes of existing nonconformities in order to prevent recurrence. The corrective action process tries to make sure that existing nonconformities and potentially undesirable situations don’t happen again.

Correction

Correction

A correction is any action that is taken to eliminate a nonconformity. However, corrections do not address root causes. When applied to products, corrections can include reworking products, reprocessing them, regrading them, assigning them to a different use, or simply destroying them.

Contract

Contract

A contract is a binding agreement between two or more parties.

Continual improvement

Continual improvement

Continual improvement is a set of recurring activities that are carried out in order to enhance performance. Continual improvements can be achieved by carrying out audits, self-assessments, and management reviews. Continual improvements can also be realized by collecting data, analyzing information, setting objectives, and implementing corrective and preventive actions.

Context of the organization

Context of the organization

An organization’s context is its business environment. It includes all of the internal and external factors and conditions that affect its products and services, have an influence on its QMS, and are relevant to its purpose and strategic direction. An organization’s external context includes all of the needs and expectations of interested parties, as well as its social, cultural, legal, technological, regulatory, and competitive environment.

An organization’s internal context includes its values, culture, knowledge, and performance. ISO 9001 2015 expects you to consider your organization’s internal and external context when you define the scope of its QMS and when you plan it's design and development.

Conformity

Conformity

Conformity is the "fulfillment of a requirement". To conform means to meet or comply with requirements and a requirement is a need, expectation, or obligation. There are many types of requirements including customer requirements, quality requirements, quality management requirements, management requirements, product requirements, service requirements, contractual requirements, statutory requirements, and regulatory requirements.

Concession

Concession

A concession is a special approval that is granted to release a nonconforming product or service for use or delivery. Concessions are usually restricted to a specific use and limited by time and quantity and tend to specify that nonconforming characteristics may not violate specified limits.

Complaint

Complaint

In the context of ISO 9001, a complaint refers to an expression of dissatisfaction with a product or service and is filed by a customer and received by an organization. Whenever a customer lodges a complaint, a response is either explicitly or implicitly required.

Competence

Competence

Competence means being able to apply knowledge and skill to achieve intended results. Being competent means having the knowledge and skill that you need and knowing how to apply it. Being competent means that you’re qualified to do the job.

Characteristic

Characteristic

A characteristic is a distinctive feature or property of something. Characteristics can be inherent or assigned and can be qualitative or quantitative. An inherent characteristic exists in something or is a permanent feature of something while an assigned characteristic is a feature that is attributed or attached to something.

Audit program

Audit program

An audit program (or programme) refers to a set of one or more audits that are planned and carried out within a specific time frame and are intended to achieve a specific audit purpose.

Audit findings

Audit findings

Audit findings result from a process that evaluates audit evidence and compares it against audit criteria. Audit findings can show that audit criteria are being met (conformity) or that they are not being met (nonconformity). They can also identify best practices or improvement opportunities.

Audit Evidence

Audit evidence

Audit evidence includes records, factual statements, and other verifiable information that is related to the audit criteria being used. Audit criteria include policies, requirements, and other documented information.

Audit Criteria

Audit criteria

Audit criteria are used as a reference point and include policies, requirements, and other forms of documented information. They are compared against audit evidence to determine how well they are being met. Audit evidence is used to determine how well policies are being implemented and how well requirements are being followed.

Audit

Audit

An audit is a systematic evidence gathering process. Audits must be independent and evidence must be evaluated objectively to determine how well audit criteria are being met. There are three types of audits: first-party, second-party, and third-party.

First-party audits are internal audits while second and third party audits are external audits. Organizations use first party audits to audit themselves. First party audits are used to provide input for management review and for other internal purposes. They're also used to declare that an organization meets specified requirements (this is called a self-declaration).

Second party audits are external audits. They’re usually done by customers or by others on their behalf. However, they can also be done by regulators or any other external party that has an interest in an organization.

Third party audits are external audits as well. However, they’re performed by independent organizations such as registrars (certification bodies) or regulators. ISO also distinguishes between combined audits and joint audits. When two or more management systems of different disciplines are audited together at the same time, it's called a combined audit; and when two or more auditing organizations cooperate to audit a single auditee organization it's called a joint audit.

Monday, October 5, 2015

ISO 9000:2015 Quality management systems — Fundamentals and vocabulary

Audit

An audit is a systematic evidence gathering process. Audits must be independent and evidence must be evaluated objectively to determine how well audit criteria are being met. There are three types of audits: first-party, second-party, and third-party.

First-party audits are internal audits while second and third party audits are external audits. Organizations use first party audits to audit themselves. First party audits are used to provide input for management review and for other internal purposes. They're also used to declare that an organization meets specified requirements (this is called a self-declaration).

Second party audits are external audits. They’re usually done by customers or by others on their behalf. However, they can also be done by regulators or any other external party that has an interest in an organization.

Third party audits are external audits as well. However, they’re performed by independent organizations such as registrars (certification bodies) or regulators. ISO also distinguishes between combined audits and joint audits. When two or more management systems of different disciplines are audited together at the same time, it's called a combined audit; and when two or more auditing organizations cooperate to audit a single auditee organization it's called a joint audit.

Audit criteria

Audit criteria are used as a reference point and include policies, requirements, and other forms of documented information. They are compared against audit evidence to determine how well they are being met. Audit evidence is used to determine how well policies are being implemented and how well requirements are being followed.

Audit evidence

Audit evidence includes records, factual statements, and other verifiable information that is related to the audit criteria being used. Audit criteria include policies, requirements, and other documented information.

Audit findings

Audit findings result from a process that evaluates audit evidence and compares it against audit criteria. Audit findings can show that audit criteria are being met (conformity) or that they are not being met (nonconformity). They can also identify best practices or improvement opportunities.

Audit program

An audit program (or programme) refers to a set of one or more audits that are planned and carried out within a specific time frame and are intended to achieve a specific audit purpose.

Characteristic

A characteristic is a distinctive feature or property of something. Characteristics can be inherent or assigned and can be qualitative or quantitative. An inherent characteristic exists in something or is a permanent feature of something while an assigned characteristic is a feature that is attributed or attached to something.

Competence

Competence means being able to apply knowledge and skill to achieve intended results. Being competent means having the knowledge and skill that you need and knowing how to apply it. Being competent means that you’re qualified to do the job.

Complaint

In the context of ISO 9001, a complaint refers to an expression of dissatisfaction with a product or service and is filed by a customer and received by an organization. Whenever a customer lodges a complaint, a response is either explicitly or implicitly required.

Concession

A concession is a special approval that is granted to release a nonconforming product or service for use or delivery. Concessions are usually restricted to a specific use and limited by time and quantity and tend to specify that nonconforming characteristics may not violate specified limits.

Conformity

Conformity is the "fulfillment of a requirement". To conform means to meet or comply with requirements and a requirement is a need, expectation, or obligation. There are many types of requirements including customer requirements, quality requirements, quality management requirements, management requirements, product requirements, service requirements, contractual requirements, statutory requirements, and regulatory requirements.

Context of the organization

An organization’s context is its business environment. It includes all of the internal and external factors and conditions that affect its products and services, have an influence on its QMS, and are relevant to its purpose and strategic direction. An organization’s external context includes all of the needs and expectations of interested parties, as well as its social, cultural, legal, technological, regulatory, and competitive environment. An organization’s internal context includes its values, culture, knowledge, and performance. ISO 9001 2015 expects you to consider your organization’s internal and external context when you define the scope of its QMS and when you plan it's design and development.

Continual improvement

Continual improvement is a set of recurring activities that are carried out in order to enhance performance. Continual improvements can be achieved by carrying out audits, self-assessments, and management reviews. Continual improvements can also be realized by collecting data, analyzing information, setting objectives, and implementing corrective and preventive actions.

Contract

A contract is a binding agreement between two or more parties.

Correction

A correction is any action that is taken to eliminate a nonconformity. However, corrections do not address root causes. When applied to products, corrections can include reworking products, reprocessing them, regrading them, assigning them to a different use, or simply destroying them.

Corrective action

Corrective actions are steps that are taken to eliminate the causes of existing nonconformities in order to prevent recurrence. The corrective action process tries to make sure that existing nonconformities and potentially undesirable situations don’t happen again.

Customer

A customer is anyone who receives products or services (outputs) from a supplier. Customers can be either people or organizations and can be either external or internal to the supplier organization. Examples of customers include clients, consumers, users, guests, patients, purchasers, and beneficiaries.

Customer satisfaction

Customer satisfaction is a perception. It's also a question of degree. It can vary from high satisfaction to low satisfaction. If customers believe that you've met their requirements, they experience high satisfaction. If they believe that you've not met their requirements, they experience low satisfaction. Since satisfaction is a perception, customers may not be satisfied even though you’ve met all contractual requirements. Just because you haven’t received any complaints doesn’t mean that customers are satisfied. There are many ways to monitor and measure customer satisfaction. You can use customer satisfaction and opinion surveys; you can collect product quality data (post delivery), track warranty claims, examine dealer reports, study customer compliments and criticisms, and analyze lost business opportunities.

Data

The term data is defined as any facts about an object.

Defect

A defect is a type of nonconformity. It occurs when a product or service fails to meet specified or intended use requirements.

Design and development

Design and development is a process (or a set of processes) that uses resources to transform general input requirements for an object into specific output requirements. An object is any entity that is either conceivable or perceivable. Objects can be real or imaginary and could be material or immaterial. Examples include products, services, systems, organizations, people, practices, procedures, processes, plans, ideas, documents, records, methods, tools, machines, technologies, techniques, and resources.

Determination

To determine means to find or to identify the value of a characteristic.

Documented information

The term documented information refers to information that must be controlled and maintained and its supporting medium.

Documented information can be in any format and on any medium and can come from any source. Documented information includes information about the management system and related processes.

It also includes all the information that organizations need to operate and all the information that they use to document the results that they achieve (aka records).

Effectiveness

Effectiveness refers to the degree to which a planned effect is achieved. Planned activities are effective if these activities are actually carried out and planned results are effective if these results are actually achieved.

Feedback

The term feedback is used to refer to a comment or an opinion expressed about a product or service or an interest expressed in a product or a service. It may also be used to refer to the customer complaints-handling process itself.

Function

A function is a role that is performed by a unit of an organization.

Improvement

Improvement is a set of activities that organizations carry out in order to enhance performance (get better results). Improvement can be achieved by means of a single activity or by means of a recurring set of activities.

Information

Information is “meaningful data”. While it's not entirely clear what the word “meaningful” is supposed to mean in this context, dictionaries tend to say that something is meaningful if it is significant, relevant, material, valid, or important.

Information system

In the context of this ISO 9001 standard, an information system is a network of communication channels used within an organization.

Infrastructure

The term infrastructure refers to the entire system of facilities, equipment, and support services that organizations need in order to function.

According to ISO 9001, section 7.1.3, the term infrastructure can include buildings, equipment, utilities, and technologies (both hardware and software).

Innovation

Innovation is a process that results in a new or substantially changed object.
An object is any entity that is either conceivable or perceivable. Objects can be real or imaginary and could be material or immaterial. Examples include products, services, systems, organizations, people, practices, procedures, processes, plans, ideas, documents, records, methods, machines, tools, technologies, techniques, and resources.

Interested party

An interested party is anyone who can affect, be affected by, or believe that they are affected by a decision or activity. An interested party is a person, group, or organization that has an interest or a stake in a decision or activity.

Involvement

Involvement occurs when people share objectives and are actively engaged in and contribute to their achievement.

Knowledge

Knowledge is a collection of information and a justified belief that this information is true with a high level of certainty.

Management

The term management refers to all the activities that are used to coordinate, direct, and control organizations. These activities include developing policies, setting objectives, and establishing processes to achieve these objectives.

In this context, the term management does not refer to people. It refers to what managers do.

Management system

A management system is a set of interrelated or interacting elements that organizations use to formulate policies and objectives and to establish the processes that are needed to ensure that policies are followed and objectives are achieved.

These elements include structures, programs, procedures, practices, plans, rules, roles, responsibilities, relationships, contracts, agreements, documents, records, methods, tools, techniques, technologies, and resources.

There are many types of management systems. Some of these include quality management systems, environmental management systems, financial management systems, information security management systems, business continuity management systems, emergency management systems, disaster management systems, food safety management systems, risk management systems, and occupational health and safety management systems.

The scope or focus of a management system could be restricted to a specific function or section of an organization or it could include the entire organization. It could even include a function that cuts across several organizations.

Measurement

Measurement is a process that is used to determine a value. In most cases this value will be a quantity. Measuring equipment Measuring equipment includes all the things needed to carry out a measurement process. Accordingly, measuring equipment includes instruments and apparatuses as well as all the associated software, standards, and reference materials.

Monitoring

To monitor means to determine the status of an activity, process, or system at different stages or at different times. In order to determine status, you need to supervise and to continually check and critically observe the activity, process, or system that is being monitored.

Nonconformity

Nonconformity is a nonfulfillment or failure to meet a requirement.

A requirement is a need, expectation, or obligation. It can be stated or implied by an organization or interested parties.

Object

An object is any entity that is either conceivable or perceivable. Objects can be real or imaginary and could be material or immaterial. Examples include products, services, systems, organizations, people, practices, procedures, processes, plans, ideas, documents, records, methods, tools, machines, technologies, techniques, and resources.

Objective

An objective is a result you intend to achieve. Objectives can be strategic, tactical, or operational and can apply to an organization as a whole or to a system, process, project, product, or service.

Objectives may also be referred to as targets, aims, goals, or intended outcomes. Quality objectives are generally based on or derived from an organization’s quality policy and must be consistent with it.

Objective audit evidence

Objective audit evidence is information that is verifiable and generally consists of records and other statements of fact that are relevant to the audit criteria being used.

Objective evidence

Objective evidence is data that shows or proves that something exists or is true. Objective evidence can be collected by performing observations, measurements, tests, or using other suitable methods.

Organization

An organization can be a single person or a group that achieves its objectives by using its own functions, responsibilities, authorities, and relationships. It can be a company, corporation, enterprise, firm, partnership, charity, association, or institution and can be either incorporated or unincorporated and be either privately or publicly owned. It can also be an operating unit that is part of a larger entity.

Output

An output is the result of a process. Outputs can be either tangible or intangible. The output from one process is often the input for another process.

ISO 9001 lists four generic output categories: services, software, hardware, and processed materials. Outputs often combine several of these categories. For example, an automobile (an output) combines hardware (e.g. tires), software (e.g. engine control algorithms), and processed materials (e.g. lubricants).

Outsource

When an organization makes an arrangement with an outside organization to perform part of a function or process, it is referred to as outsourcing.

To outsource means to ask an external organization to perform part of a function or process normally done inhouse. While an outsourced organization is beyond the scope of your QMS, the outsourced process or function itself falls within your scope.

Performance

According to ISO, the term performance refers to a measurable result. It refers to the measurable results that activities, processes, products, services, systems and organizations are able to achieve. Whenever they perform well it means that acceptable results are being achieved and whenever they perform poorly, unacceptable results are achieved.

Performance indicator

A performance indicator (metric) is a characteristic that is used to measure customer satisfaction and how well outputs are realized.

Policy

A policy is a general commitment, direction, or intention and is formally stated by top management. A quality policy statement should express top management's commitment to the implementation and improvement of its quality management system and should allow managers to set quality objectives.

Process

A process is a set of activities that are interrelated or that interact with one another. Processes use resources to transform inputs into outputs.

Processes are interconnected because the output from one process often becomes the input for another process. While processes usually transform inputs into outputs, this is not always the case. Sometimes inputs become outputs without transformation.

Organizational processes should be planned and carried out under controlled conditions. An effective process is one that realizes planned activities and achieves planned results.

Process approach

The process approach is a management strategy. When managers use a process approach, it means that they manage and control the processes that make up their organization, the interaction between these processes, and the inputs and outputs that tie these processes together.

Process-based quality management system

A process-based quality management system uses a process approach to manage and control how its quality policy is implemented and how its quality objectives are achieved. A process-based QMS is a network of interrelated and interconnected processes.

Each process uses resources to transform inputs into outputs. Since the output of one process becomes the input of another process, processes interact and are interrelated by means of such input-output relationships. These process interactions create a single integrated process-based QMS.

Product

A product is a tangible or intangible output that is the result of a process that does not include activities that are performed at the interface between the supplier (provider) and the customer. Products can be tangible or intangible.

According to a note to this definition, there are three generic product categories: hardware, processed materials, and software.

Many products combine several of these categories. For example, an automobile (a product) combines hardware (e.g. tires), software (e.g. engine control algorithms), and processed materials (e.g. lubricants).

Provider

A provider is a person or an organization that supplies or provides products or services. Providers can be either internal or external to the organization. Internal providers supply products or services to people within their own organization while external providers supply products or services to other organizations.

Quality

The adjective quality applies to objects and refers to the degree to which a set of inherent characteristics fulfills a set of requirements.

An object is any entity that is either conceivable or perceivable and an inherent characteristic is a feature that exists in an object. The quality of an object can be determined by comparing a set of inherent characteristics against a set of requirements. If those characteristics meet all requirements, high or excellent quality is achieved but if those characteristics do not meet all requirements, a low or poor level of quality is achieved. So the quality of an object depends on a set of characteristics and a set of requirements and how well the former complies with the latter.

Quality management

Quality management includes all the activities that organizations use to direct, control, and coordinate quality. These activities include formulating a quality policy and setting quality objectives.

They also include quality planning, quality control, quality assurance, and quality improvement.

Quality management system

A quality management system (QMS) is a set of interrelated or interacting elements that organizations use to formulate quality policies and quality objectives and to establish the processes that are needed to ensure that policies are followed and objectives are achieved.

These elements include structures, programs, practices, procedures, plans, rules, roles, responsibilities, relationships, contracts, agreements, documents, records, methods, tools, techniques, technologies, and resources.

Quality objective

A quality objective is a quality result that you intend to achieve. Quality objectives are based on or derived from an organization’s quality policy and must be consistent with it. They are usually formulated at all relevant levels within the organization and for all relevant functions. The adjective quality applies to objects and refers to the degree to which a set of inherent characteristics fulfills a set of requirements; and an object is any entity that is either conceivable or perceivable. Therefore, a quality objective can be set for any kind of object.

Quality policy

A quality policy should express top management's commitment to the quality management system (QMS) and should allow managers to set quality objectives.

It should be based on ISO’s quality management principles and should be compatible with your organization’s other policies and be consistent with its vision and mission. ISO's quality management principles ask you to focus on customers and interested parties, to provide leadership, to engage and involve people, to use a process approach, to encourage improvement, to use evidence to make decisions, and to manage corporate relationships.

Regulatory requirement

A regulatory requirement is an obligation that is specified by an authority which gets its mandate from a legislative body.

Release

To release means to grant permission to proceed to the next stage of a process. The term release is also used to refer to a version of software or documented information.

Requirement

A requirement is a need, expectation, or obligation. It can be stated or implied by an organization, its customers, or other interested parties.

A specified requirement is one that has been stated (in a document for example), whereas an implied requirement is a need, expectation, or obligation that is common practice or customary. There are many types of requirements.

Some of these include customer requirements, quality requirements, quality management requirements, management requirements, product requirements, service requirements, contractual requirements, statutory requirements, and regulatory requirements.

Review

A review is an activity. Its purpose is to figure out how well the thing being reviewed is capable of achieving established objectives.
Reviews ask the following question: is the subject (or object) of the review a suitable, adequate, effective, and efficient way of achieving established objectives? There are many kinds of reviews. Some of these include management reviews, design and development reviews, customer requirement reviews, nonconformity reviews, and peer reviews.

Risk

According to ISO 9000, risk is the “effect of uncertainty on an expected result” and an effect is a positive or negative deviation from what is expected. The following two paragraphs will explain what this means.

This definition recognizes that all of us operate in an uncertain world. Whenever we try to achieve something, there’s always the chance that things will not go according to plan. Sometimes we get positive results and sometimes we get negative results and occasionally we get both. Because of this, we need to reduce uncertainty as much as possible. Uncertainty (or lack of certainty) is a state or condition that involves a deficiency of information and leads to inadequate or incomplete knowledge or understanding.

In the context of risk management, uncertainty exists whenever the knowledge or understanding of an event, consequence, or likelihood is inadequate or incomplete. While this definition argues that risk can be positive as well as negative, a note acknowledges that "the term risk is sometimes used when there is only the possibility of negative consequences".

Risk-based thinking

Risk-based thinking refers to a coordinated set of activities and methods that organizations use to manage and control the many risks that affect its ability to achieve objectives.

Risk-based thinking replaces what the old standard used to call preventive action. While risk-based thinking is now an essential part of the new standard, it does not actually expect you to implement a formal risk management process nor does it expect you to document your organization’s risk-based approach.

Service

A service is an intangible output and is the result of a process that includes at least one activity that is carried out at the interface between the supplier (provider) and the customer.

Service provision can take many forms. Service can be provided to support an organization’s own products (e.g. warranty service or the serving of meals). Conversely, it can be provided for a product supplied by a customer (e.g. a repair service or a delivery service). It can also involve the provision of an intangible thing to a customer (e.g. entertainment, ambience, transportation, or advice).

Statutory requirement

A statutory requirement is defined by a legislative body and is obligatory. Strategy A strategy is a plan for achieving an objective.

Supplier

A supplier is a person or an organization that provides products or services. Suppliers can be either internal or external to an organization. Internal suppliers provide products or services to people within their own organization while external suppliers provide products or services to other organizations.

Examples of suppliers include organizations and people who produce, distribute, or market products, provide services, or publish information. While ISO still includes a definition for this term, the new ISO 9001 2015 standard no longer actually uses it. It prefers, instead, to use the term external provider.

System

A system is defined as a set of interrelated or interacting elements. A management system is one type of system. It is a set of interrelated or interacting elements that organizations use to formulate policies and objectives and to establish the processes that are needed to ensure that policies are followed and objectives are achieved.

Top management

The term top management normally refers to the people at the top of an organization. It refers to the people who provide resources and delegate authority and who coordinate, direct, and control organizations.

However, if the scope of a management system covers only part of an organization, then the term top management refers, instead, to the people who direct and control that part of the organization.

Traceability

Traceability is the ability to identify and trace the history, distribution, location, and application of products, parts, materials, and services.

A traceability system records and follows the trail as products, parts, materials, and services come from suppliers and are processed and ultimately distributed as final products and services.

Validation

Validation is a process. It uses objective evidence to confirm that the requirements which define an intended use or application have been met. Whenever all requirements have been met, a validated status is established.

Validation can be carried out under realistic use conditions or within a simulated use environment. There are several ways to confirm that the requirements which define an intended use or application have been met. For example you could do tests, you could carry out alternative calculations, or you could examine documents before you issue them.

Verification

Verification is a process. It uses objective evidence to confirm that specified requirements have been met. Whenever specified requirements have been met, a verified status is achieved. There are many ways to verify that requirements have been met.

For example you could inspect something, you could do tests, you could carry out alternative calculations, or you could examine documents before you issue them.

Sunday, October 4, 2015

Quality Manual

Quality Manual

SECTION1: INTRODUCTION

1.1 About the Company

Company adopts the ISO 9001:2015 Quality Management System. Requirement as the principle for developing this Quality Management System (QMS). The extent of this QMS established is based on the nature of our organization, complexity and interaction of the processes and competency of our personnel. The Top Management of Company shall demonstrate its full commitment in establishing, documenting, implementing, maintaining and continual improvement of this QMS in accordance with the ISO 9001:2015 requirements.
To implement this quality management system, Company has :-
  1. Identified the processes needed for the quality management system;
  2. Determined the sequence and interaction of these processes;
  3. Determined criteria and methods required to ensure the effective operation and control of these processes
  4. Ensured the availability of information necessary to support the operation and monitoring of these processes;
  5. Measured, monitored and analyzed these processes, and implemented action necessary to achieve planned results and continual improvement.
Company shall be committed to control outsourced process to ensure such processes are carried out based on the contractual requirements. The extent of control shall be as followed:
  1. Potential impact that the product is provided
  2. Degree to which the control of the process is shared
  3. Capability of achieving the control through clause 7.4 Communication of this Quality Manual

1.2 Objective of this Quality Manual

This Quality Manual specifies requirements for a quality management system (QMS) to be applied to [Company] when an organization:
  1. needs to demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements, and
  2. aims to enhance customer satisfaction through the effective application of the system, including processes for improvement of the system and the assurance of conformity to customer and applicable statutory and regulatory requirements.
  3. to be certified according to ISO 9001
All the requirements of this Quality Manual are intended to be applicable to Company. This manual is also provides the guideline to implement the process in systematic way and where necessary, the generation of procedures could be important as an explanatory statement for each unit of operation to run the process.
If procedure is required to be outlined, it should be addressed in this manual remarked as reference.

NOTE 1 In this Quality Manual, the terms “product” or “service” only apply to products and services offered to customer as addressed in section 4.3 of the ISO9001 Standard. NOTE 2 Statutory and regulatory requirements can be expressed as legal requirements.

SECTION 2. COMPANY PROFILE

A brief statement about organization and its activities

SECTION 3: ABBREVIATION


SECTION 4: DESCRIPTION OF QUALITY MANUAL

4. ORGANIZATIONAL CONTEXT

4.1 Understanding the context of the company

The management of Company shall determine external and internal issues that are relevant to its purpose and its strategic direction and that affect its ability to achieve the intended result(s) of its quality management system.
Information of the issued has been demonstrated by the Risk Analysis document. Realization of the Risk Analysis will follow according to section 6.1 Risk Management of this Quality Manual
Company shall monitor and review the Risk Analysis document to ensure prevention of the negative impact to Company business and consequences of the issues will not jeopardize the opportunity of Companyin this industy
Notes;
  1. Issues can include positive and negative factors or conditions for consideration
  2. Understanding the external context can be facilitated by considering issues arising from legal, technological, competitive, market, cultural, social and economic environments, whether international, national, regional or local.
  3. Understanding the internal context can be facilitated by considering issues related to values, culture, knowledge and performance of the organization.
Any changes in external and internal issues that are relevant to the quality management system, the input shall be reviewed by top management of Company as it required by clause 9.3 Management Review of this Quality Manual

Note: This section is addressed to meet the requirement of clause 4.1, Understanding the organization and its context of ISO 9001

4.2 Understanding the needs and expectations of interested parties

Due to their effect or potential effect on the Company’s ability to consistently provide best services that meet customer and applicable statutory and regulatory requirements, the top management of Company shall determine:
  1.  the interested parties that are relevant to the quality management system implemented within Company
  2. the requirements of these interested parties that are relevant to the quality management system. These includes the fulfillment of requirement to meet the product specification and compliance with the applicable laws.
The information of the interested parties demonstrated by the List of Stakeholders. The organization shall monitor and review this document to maintain the compliance of needs of interested parties and their relevant requirements.

Note: This section is addressed to meet the requirement of clause 4.2, Understanding the needs and expectations of interested parties of ISO 9001

4.3 Scope of Quality Management System

The top management of Company shall determine the boundaries and applicability of the quality management system to establish its scope for certification. Consideration is important for Company before determining the scope of certification
  1. the external and internal issues referred to in clause 4.1 Understanding the organization and its context of the ISO 9001 standard
  2. the requirements of relevant interested parties referred to in clause 4.2 Understanding the needs and expectations of interested parties of the ISO 9001 standard
  3. the products and services of Company.
  4. Company shall apply all the requirements of ISO 9001 if applicable within the determined scope of quality management system.
Therefore the scope of certification to be justified for Company is;
[scope of activity]
To run their activities at below site address;
[Company Address]
By stating the abovementioned scope, justification is also being provided to determine any requirement of ISO 9001 Standard that Company is not applicable to the scope of quality management system.

Company confirmed that the following elements are not applicable and does not affect the organization’s ability or responsibility to ensure the conformity of its products and services and the enhancement of customer satisfaction;
Clause: XXXXXX
Clause: XXXXXX
Note: This section is addressed to meet the requirement of clause 4.3, Determining the scope of the quality management system of ISO 9001

4.4 Quality Management System and determined processes

The top management of Company shall establish, implement, maintain and continually improve a quality management system, including the processes needed and their interactions, in accordance with the requirements of ISO 9001.
Company has determined the processes needed for the quality management system and its application throughout the company as follows:
  • determined inputs required and the outputs expected from the processes; determined sequence and interaction of the processes; Reference: Business Process Mapping
  • determine and apply the criteria and methods Reference: Datermination of process is through Quality Manual; 1. Clause 8.1 Operational Planning, 2. Clause 8.2. Requirement for products and services, and 3. Clause 8.4 Control of externally provided processes, products and services Application of process is demonstrated by clause 8.5 Production and service provision
  • monitoring, measurements and related performance indicators) needed to ensure the effective operation and control of these processes; Reference: KPI Monitoring (Application of this shall follow as per clause 6.2 Quality Objective of this Quality Manual)
  • determine the resources needed for these processes and ensure their availability Refer to clause 7.1 Resource of this Quality Manual
  • assign the responsibilities and authorities for these processes Refer to clause 5.3 Organizational Roles, Responsibility and Authorities
  • address the risks and opportunities as determined in accordance with the requirements of 6.1of the standard Refer to Risk Analysis document (Application of this shall follow as per clause 6.1 Risk Management of this Quality Manual)
  • evaluate these processes and implement any changes needed to ensure that these processes achieve their intended results; Refer to 1. Internal Audit Procedure 2. Risk Management Procedure and, 3. Management Review (as defined in clause 9.3 Management Review of this Quality Manual) Where applicable, the change needed shall follow according to Documented Information Control Procedure
  • improve the processes and the quality management system. Refer to; 1. KPI Monitoring, 2. Corrective Action Procedure, and, 3. Management Review (as defined in clause 9.3 Management Review of this Quality Manual)
All abovementioned documented information shall be maintained and controlled through Documented Information Control Procedure

Note: This section is addressed to meet the requirement of clause 4.4.1, and 4.4.2 Quality management system and its processes of ISO 9001

5 LEADERSHIP AND COMMITMENT

Top management of Company shall demonstrate leadership and commitment with respect to the quality management system through;

5.1 General responsibilities;

  1. taking accountability for the effectiveness of the quality management system
  2. ensuring that the quality policy and quality objectives are established for the quality management system and are compatible with the context and strategic direction of the organization;
  3. ensuring the integration of the quality management system requirements into the organization’s business processes
  4. promoting the use of the process approach and risk-based thinking;
  5. ensuring that the resources needed for the quality management system are available;
  6. communicating the importance of effective quality management and of conforming to the quality management system requirements;
  7. ensuring that the quality management system achieves its intended results;
  8. engaging, directing and supporting persons to contribute to the effectiveness of the quality management system;
  9. promoting improvement;
  10. supporting other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility.
Top management of Company shall demonstrate leadership and commitment with respect to customer focus by:
  • customer requirements are determined, understood and consistently met Refer to clause 8.2. Requirement for products and services of this Quality Manual
  • applicable statutory and regulatory requirements are determined, understood and consistently met Reference: Legal Register List and Evaluation
  • the risks and opportunities that can affect conformity of products and services Reference:  Risk Analysis document
  • ability to enhance customer satisfaction are determined and addressed and maintaining to focus for enhancing customer satisfaction Reference: Clause 9.1.2 Customer satisfaction of this Quality Manual
Note: This section is addressed to meet the requirement of clause 5.1.1 and 5.1.2, Leadership and Commitment of ISO 9001

5.2 Quality Policy

Top management of Company established, implemented and maintained a quality policy that:
  1. is appropriate to the purpose and context of the organization and supports its strategic direction
  2. provides a framework for setting quality objectives
  3. includes a commitment to satisfy applicable requirements
  4. includes a commitment to continual improvement of the quality management system.
The Quality Policy statement of [Company] is;

Statement of Quality Policy here

This quality policy shall be:
  1.  maintained as documented information; and controlled through clause 7.5 Documented Information of this Quality Manual
  2. communicated, understood and applied within the organization; through clause 7.3 Awareness of this Quality Manual
  3. available to relevant interested parties, as appropriate.
Note: This section is addressed to meet the requirement of clause 5.2.1 and 5.2.2, Developing the Quality Policy of ISO 9001

5.3 Organizational Roles, Responsibility and Authorities

Top management of Company shall ensure that the responsibilities and authorities for relevant roles are assigned, communicated and understood within the organization. Top management of Company shall assign the responsibility and authority for executing the below tasks:
  • Responsibility: ensuring that the quality management system conforms to the requirements of ISO 9001 Standard How to achieve? 1. Internal Audit (refer to clause 9.2 Internal Audit of this Quality Manual and 2. Management review as per clause 9.3 Management Review of this Quality Manual Awareness of every staff through clause 7.3 Awareness of this Quality Manual PIC: QMR
  • Responsibility: ensuring that the processes are delivering their intended outputs;How to achieve? 1. Business Process Mapping, 2. Clause 8.5.1 Production control of this Quality Manual PIC: QMR
  • Responsibility:Reporting on the performance of the quality management system How to achieve? KPI, management review PIC: QMR
  • Responsibility: Reporting on opportunities for improvement (see 10.1), in particular to top management of Company How to achieve? Refer to Quality Manual 1. Clause 10.2 Nonconformity and corrective action, and 2. Clause 10.3 Continual Improvement PIC: QMR
  • Responsibility: ensuring the promotion of customer focus throughout Company How to achieve? Refer to Quality Manual; 1. Clause 5.1 General responsibilities; 2. Clause 7.3 Awareness PIC: QMR
  • Responsibility: ensuring that the integrity of the quality management system is maintained when changes to the quality management system are planned and implemented How to achieve?According to Documented Information Control Procedure PIC: QMR ,Document Controller
Note: This section is addressed to meet the requirement of 5.3 Organizational Roles, Responsibility and Authorities of ISO 9001

6 MANAGEMENT OF RISKS AND QUALITY OBJECTIVES

6.1 Risk Management

When planning for the QMS, Company had considered the issues addressed in clause 4.1 of the standard and the requirements addressed in clause 4.2 of the standard.

This also in line with the aspect described in clause 4.1 Understanding the context of the company of this Quality Manual for Company where the internal and external issues shall be addressed.

Therefore, determination to the risks and opportunities is needed to:
  1. give assurance that the quality management system can achieve its intended result(s);
  2. enhance desirable effects;
  3. prevent, or reduce, undesired effects;
  4. achieve improvement.
The planning of risk management has concerned on the following aspects;
  • a) actions to address these risks and opportunities;
  • b) how to:
  • 1) integrate and implement the actions into its QMS (according to 4.4 of the standard), and
  • 2) evaluate the effectiveness of the actions taken. (see clause 9.2.1 and 9.3.1 of the standard)
Actions taken to address risks and opportunities shall be proportionate to the potential impact on the conformity of products and services.

In the context of Company, risk management shall taking into account on the following aspects
  • 1. Applicable legal compliance
  • 2. Working environment (see 7.1.4 Environment for the operation of processes of this manual)
Reference: Risk Management Procedure, Risk Analysis document

In conformance with clause 4.4, Quality Management System and determined processes of this Quality Manual, documented information of risk management shall be established, implemented and maintained. The requirement of Documented Information Control Procedure is followed

The effectiveness of actions taken to address risks and opportunities shall be reviewed by top management of Company as it required by clause 9.3 Management Review of this Quality Manual

Note: This section is addressed to meet the requirement of 6.1.1 and 6.1.2 Action to address risks and opportunities of ISO 9001

6.2 Quality Objective

Company established quality objectives at relevant functions, levels and processes needed for the QMS. The quality objectives shall:
  • a) be consistent with the quality policy;
  • b) be measurable;
  • c) take into account applicable requirements;
  • d) be relevant to conformity of products and services and to enhancement of customer satisfaction;
  • e) be monitored;
  • f) be communicated;
  • g) be updated as appropriate.
The planning how to achieve quality objectives, Company shall determine:
  • a) what will be done;
  • b) what resources will be required;
  • c) who will be responsible;
  • d) when it will be completed;
  • e) how the results will be evaluated.
Reference: KPI monitoring

In conformance with clause 4.4, Quality Management System and determined processes of this Quality Manual, documented information of Quality Objectives shall be established, implemented and maintained.

The requirement of Documented Information Control Procedure is regulated.

Note: This section is addressed to meet the requirement of 6.2.1 and 6.2.2 Quality Objectives and planning to achieve them of ISO 9001

6.3 Planning of changes

When Company determines the need for changes to the QMS, the changes shall be carried out in a planned manner (according to clause 4.4.1 and 4.4.2 of the standard).

It shall consider:
  • a) the purpose of the changes and their potential consequences; see clause 6.1 (Risk Management of this Quality Manual)
  • b) the integrity of the quality management system; (See 7.5 of this Quality Manual)
  • c) the availability of resources; (see clause 7.1.1 of this Quality Manual
Where the changes is applied, it shall follow according to Documented Information Control Procedure

Note: This section is addressed to meet the requirement of 6.3 Planning of changes of ISO 9001

7 SUPPORT

7.1 Resource

7.1.1 General

Company shall determine and provide the resources needed for the establishment, implementation, maintenance and continual improvement of the QMS. Determination shall include:
  • a) the capabilities of, and constraints on, existing internal resources;
  • b) what needs to be obtained from external providers
The adequacy of resources laid down in clause 7.1.2 People, 7.1.3 Infrastructure, 7.1.4 Environment for the operation of processes, 7.1.5 Monitoring and measuring resources and 7.1.6 Organizational Knowledge shall be reviewed by top management of Company as it required by clause 9.3 Management Review of this Quality Manual

7.1.2 People

The organization shall determine and provide the persons necessary for the effective implementation of its quality management system and for the operation and control of its processes.

Determination of qualified personnel will be addressed in clause 7.2 Competence of this Quality Manual

Note: This section is addressed to meet the requirement of clause 7.1.2 People, of ISO 9001

7.1.3 Infrastructure

Company shall determine, provide and maintain the infrastructure necessary for the operation of its processes and to achieve conformity of products and services. Determination of Infrastructure within Company is including:
  • a) buildings and associated utilities;
  • b) equipment, including hardware and software;
  • c) transportation resources;
  • d) information and communication technology.
All abovementioned infrastructure shall be appropriately maintained in order to facilitate towards positive outcome and to ensure the smoothness of process control as it defined in clause 8.5.1 Production control of this Quality Manual

Note: This section is addressed to meet the requirement of clause 7.1.3 Infrastructure of ISO 9001


7.1.4 Environment for the operation of processes

Company shall determine, provide and maintain the environment necessary for the operation of its processes and to achieve conformity of products and services.

A suitable environment within Company can be a combination of human and physical factors, such as:
  • a) social (e.g. non-discriminatory, calm, non-confrontational);
  • b) psychological (e.g. stress-reducing, burnout prevention, emotionally protective);
  • c) physical (e.g. temperature, heat, humidity, light, airflow, hygiene, noise).
These abovementioned factors can be associated with the elements defined in section 6.1 Risk Management.

The maintenance of environment is also important to ensure the smoothness of process control as it defined in clause 8.5.1 Production control of this Quality Manual

Note: This section is addressed to meet the requirement of clause 7.1.4 Environment for the operation of processes of ISO 9001

7.1.5 Monitoring and measuring resources

Company shall determine and provide the resources needed to ensure valid and reliable results when monitoring or measuring is used to verify the conformity of products and services to requirements.

Therefore, Company will ensure that the resources provided:
  • a) are suitable for the specific type of monitoring and measurement activities being undertaken;
  • b) are maintained to ensure their continuing fitness for their purpose.
Evidence of fitness for purpose of the monitoring and measurement resources shall retain as documented information and controlled according to Documented Information Control Procedure

When measurement traceability is a requirement, or is considered by the organization to be an essential part of providing confidence in the validity of measurement results, measuring equipment shall be:
  • a) calibrated or verified, or both, at specified intervals, or prior to use, against measurement standards traceable to international or national measurement standards; when no such standards exist, the basis used for calibration or verification shall be retained as documented information;
  • b) identified in order to determine their status;
  • c) safeguarded from adjustments, damage or deterioration that would invalidate the calibration status and subsequent measurement results.

Where the validity of previous measurement results has been adversely affected when measuring equipment is found to be unfit for its intended purpose, action shall be taken in accordance with clause 8.7 Control of Nonconforming output of this Quality Manual.


Note: This section is addressed to meet the requirement of clause 7.1.5 Monitoring and measuring resources of ISO 9001

7.1.6 Organizational Knowledge

Company shall determine the knowledge necessary for the operation of its processes and to achieve conformity of products and services.

This knowledge shall be maintained and be made available to the extent necessary. When addressing changing needs and trends, the organization shall consider its current knowledge and determine how to acquire or access any necessary additional knowledge and required updates.

Organizational knowledge is knowledge specific to demonstrate conformity to positive outcome of Company scope of certification as addressed in section 4.3 of this Quality Manual.

Organizational knowledge can gained by experience. It is information that is used and shared to achieve the organization’s objectives. Organizational knowledge also can be based on:
  • a) internal sources (e.g. intellectual property; knowledge gained from experience; lessons learned from failures and successful projects; capturing and sharing undocumented knowledge and experience; the results of improvements in processes, products and services);
  • b) external sources (e.g. standards; academia; conferences; gathering knowledge from customers or external providers). Management of organizational knowledge will be addressed in clause 7.2 Competence of this Quality Manual
Note: This section is addressed to meet the requirement of clause 7.1.6 Organizational Knowledge of ISO 9001

7.2 Competence

7.2.1 Determination of competence

  • a) The personnel / function competency can be determined from respective Job Description or JD. JD elaborates qualification needed for staff doing the work under their control that affects the performance and effectiveness of the quality management system.
  • b) The competency of personnel is also important to ensure the smoothness of process control as it defined in clause 8.5.1 Production control of this Quality Manual
  • c) Consideration of competency may associate the subjects addressed in this Quality Manual through following clause;
    • a. Clause 5.3 Organizational Roles, Responsibility and Authorities
    • b. Clause 7.1.2 People
    • c. Clause 7.1.6 Organizational Knowledge
    • d. Clause 7.3 Awareness
  • d) Competency determined when issue being raised from Control of Non-Conformity Procedure

7.2.2 Maintaining the competency

  • a) Job Description of key functions will describe based from education, experience and related skill
  • b) Skill of function may defined from the training attended by the staff to demonstrate appropriate expertise to provide effectiveness of QMS.
  • c) Where the training is applicable, evaluation of effectiveness to measure the positive impact after the personnel attended the training.
  • d) Update JD as necessary
  • e) Retain appropriate documented information and comply with Documented Information Control Procedure
Note: This section is addressed to meet the requirement of clause 7.2 Competence, of ISO 9001

7.3 Awareness

Company shall ensure that persons doing work under the organization’s control are aware of:
  • a) the quality policy;
  • b) relevant quality objectives;
  • c) their contribution to the effectiveness of the quality management system, including the benefits of improved performance;
  • d) the implications of not conforming with the quality management system requirements
Where necessary, training should be conducted and process should follow according to section 7.2 Competence of this Quality Manual.

Note: This section is addressed to meet the requirement of clause 7.3 Awareness, of ISO 9001

7.4 Communication

Company shall determine the internal and external communications relevant to the quality management system, including:
  • a) on what it will communicate;
  • b) when to communicate;
  • c) with whom to communicate;
  • d) how to communicate;
  • e) who communicates.

7.4.1 Importance of effective communication

It is important for company to take into account for internal and external communication input from interested parties to ensure that message from them will be managed in proper way

7.4.2 Communication approach

  • Who?: Employee Communication Tools: Email, Memo, CAR, Notice Board Receiver: Employee / customer / stakeholder
  • Who?: Customer  Communication Tools: Email, written official letter/notice Receiver: Employee
  • Who?: Stakeholders  Communication Tools: Email, written official letter/notice  Receiver: Employee

Maintenance of communication tools shall follow according to section 7.1.3 Infrastructure of this Quality Manual

The sign of fail communication may possible cause the following cases to be occurred;
  • a) Complaint from customer or stakeholder
  • b) Output does not able to achieve the intended result(s) of its quality management system.
  • c) The process is not delivering their intended outputs;
Where appropriate, the problem solving should follow according to Control of Non-Conformity Procedure and Corrective Action Procedure

Note: This section is addressed to meet the requirement of clause 7.4 Communication, of ISO 9001

7.5 Documented Information

Top Management of Company shall ensure the quality management system shall include:
  • a) documented information required by ISO 9001;
  • b) documented information determined by Companyas being necessary for the effectiveness of the quality management system.
Therefore, Company has determined the necessary documented information to be applied within the organization as follows;

Management Document
  • Quality Policy
  • Quality Objectives
Resources
  • Monitoring & measurement document
  • Competency document
Operation
  • Planning document
  • Service requirement review
  • Control of external provider
  • Process control document
  • Identification & traceability
  • Customer property document
  • Process changed document
  • Release of product
  • Non-conformity
Design and development
  • Design input
  • Design control 
  • Design output
  • Design change
Monitoring and evaluation
  • Performance monitoring
  • Internal audit
  • Management review
Improvement
  • Nonconformity
  • Corrective action
Control of documented information shall follow according to Documented Information Control Procedure

Note: This section is addressed to meet the requirement of clause 7.5.1 and 7.5.2 Documented Information, of ISO 9001

8. OPERATION

8.1 Operational Planning

Company shall plan, implement and control the processes;
  • 1. as defined in clause 4.4 Quality Management System and determined processes of this Quality Manual that needed to meet the requirements for the provision of scope of which Company being certified (Provision of Construction Services for Building and Civil Works), and
  • 2. to implement the actions determined in clause 6 of this Quality Manual (Management of Risks and Quality Objectives) , by following table;
QMS PLANNING TABLE
  • Description: a). determining the requirements for the products and services Realization: Refer to clause 8.2. Requirement for products and services of this Quality Manual
  • Description: b). establishing criteria for: 1. the processes; 2. the acceptance of products and services Description: c). implementing control of the processes in accordance with the criteria Realization: Refer to 1. Business Process Mapping to overview the process criteria, 2. Clause 8.4 Control of externally provided processes, products and services of Quality Manual for purchasing activities or if outsourced process is applicable 3. Clause 8.5.1 Production control of this Quality Manual for operational control process, and 4. Clause 8.6 Release of products and services of this Quality Manual for handing over process
  • Description: d). determining the resources needed to achieve conformity to the product and service requirements Realization:  Refer to; 1. Clause 7.1 Resource of this Quality Manual 2. If outsourced processes or external provided process are applied, clause 8.4 Control of externally provided processes, products and services of this Quality Manual shall be refered.
  • Description: e). determining and keeping documented information to the extent necessary: 1. to have confidence that the processes have been carried out as planned; 2. to demonstrate the conformity of products and services to their requirements. Realization:  Control of documented information shall according to clause 7.5 Documented Information
All abovementioned activity shall be maintained in order to ensure;
  • 1. The output of this planning remain suitable for Company’s operations.
  • 2. Ability of the planning adequately controlled and consequences of unintended changed can be reviewed so that action can be taken to mitigate any adverse effects, as necessary
Note: This section is addressed to meet the requirement of clause 8.1 Operational planning and control, of ISO 9001

8.2. Requirement for products and services

8.2.1 Customer communication

Communication with customers shall follow according to clause 7.4 Communication of this Quality Manual in order to ensure the smoothness of the following process
  • a) providing information relating to products and services; during tendering / bidding process
  • b) handling enquiries, contracts or orders, including changes;
  • c) obtaining customer feedback relating to products and services, Whenever receive complaints from customer solution process shall follow according to clause 10.2 Nonconformity and corrective action of this Quality Manual
  • d) handling or controlling customer property, if applicable. (Refer to clause 8.5.3 Property belonging to customers or external providers of this Quality Manual for details)
  • e) establishing specific requirements for contingency actions, when relevant.
Note: This section is addressed to meet the requirement of clause 8.2.1 Customer communication, of ISO 9001

8.2.2 Determining the requirements related to products and services

When determining the requirements for the products and services to be offered to customers, the designated person shall ensure that:
  • a) the requirements for the products and services as defined in the Contract Document , including:
    • 1) any applicable statutory and regulatory requirements;
    • 2) those considered necessary by the Company;
  • b) the organization can meet the claims for the products and services it offers as defined in the contract document.
Note: This section is addressed to meet the requirement of clause 8.2.2 Determining the requirements related to products and services, of ISO 9001

8.2.3 Review of requirements related to products and services

Company shall ensure that it has the ability to meet the requirements for products and services to be offered to customers. Company shall conduct a review before committing to supply products and services to a customer, to include:

REVIEW REQUIREMENT TABLE
  • Description of requirement: requirements specified by the customer, including the requirements for delivery and post-delivery activities; Source:  Contract Document
  • Description of requirement: requirements not stated by the customer, but necessary for the specified or intended use, when known; Source:   Legal Requirement
  • Description of requirement: requirements specified by the organization; Source:   As per clause 8. Operation of this Quality Manual
  • Description of requirement: statutory and regulatory requirements applicable to the products and services; Source:   As per contract document As per Risk Analysis
  • Description of requirement: contracts or order requirements differing from those previously expressed. Source:   As per contract document
Designated person shall ensure that contracts or order requirements differing from those previously defined are resolved.

The customer’s requirements shall be confirmed by the authorized person before acceptance, when it is the case of customer does not provide a documented statement of their requirements.

Documented information, shall be control according to clause 7.5 Documented Information of this Quality Manual as applicable when:
  • a) on the results of the review;
  • b) on any new requirements for the products and services
Note: This section is addressed to meet the requirement of clause 8.2.3 Review of requirements related to products and services, of ISO 9001

8.2.4 Changes to requirements for products and services

Designated person shall ensure that relevant documented information shall follow clause 7.5 Documented Information for the amendment process.

Also, the team member shall aware of the changed requirements, when the requirements for products and services are changed according to clause 7.4 Communication of this Quality Manual

Where applicable, the process shall follow according to Documented Information Control Procedure

Note: This section is addressed to meet the requirement of clause 8.2.4 Changes to requirements for products and services, of ISO 9001

8.3 Design and development of products and services


Review the applicability

8.4 Control of externally provided processes, products and services

Company shall ensure that externally provided processes, products and services or commonly known as purchasing process conform to requirements.

Note: Scope of activity of externally provided processes has been elaborately explained in Annex A.8 Control of externally provided processes, products and services of the ISO 9001 standard.

Control of externally provided process are including
  • a) Determination of purchasing control including selection, evaluation, re-evaluation and monitoring of external provider (supplier)
  • b) Type and extent of control of purchasing process
  • c) Effective communication to external provider or supplier
Detail of externally provided process control should refer to Purchasing Procedure Result of performance of external provider shall be reviewed by top management of Company as it required by clause 9.3 Management Review of this Quality Manual

Note: This section is addressed to meet the requirement of clause 8.4.1 and 8.4.2 of Control of externally provided processes, products and services, of ISO 9001

8.5 Production and service provision

8.5.1 Production control

Company shall implement production and service provision under controlled conditions. Controlled conditions of process control is as follows:
PROCESS CONTROL TABLE
  • Description: a) the availability of documented information that defines: 1) the characteristics of the products to be produced, the services to be provided, or the activities 2) be performed; 3) the results to be achieved; Reference: Process Control Procedure
  • Description: b) the availability and use of suitable monitoring and measuring resources; Reference:  Process Control Procedure and clause 7.1.5 Monitoring and measuring resources
  • Description: c) the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met; Reference:  Process Control Procedure
  • Description: d) the use of suitable infrastructure and environment for the operation of processes; Reference:  Refer to; 7.1.3 Infrastructure 7.1.4 Environment for the operation of processes
  • Description: e) the appointment of competent persons, including any required qualification Reference:  Refer to; 7.2 Competence
  • Description: f) the validation, and periodic revalidation, of the ability to achieve planned results of the processes for production and service provision, where the resulting output cannot be verified by subsequent monitoring or measurement; Reference:  Process Control Procedure
  • Description: g) the implementation of actions to prevent human errorReference: Risk Analysis Nonconformance and Corrective Action
  • Description: h) the implementation of release, delivery and post-delivery activities.  Reference:  Process Control Procedure
Note: This section is addressed to meet the requirement of clause 8.5.1 Control of production and service provision, of ISO 9001

8.5.2 Identification and traceability

Company shall use suitable means to identify outputs when it is necessary to ensure the conformity of products and services. That is including the control of;
  • 1. Identification of status of outputs with respect to monitoring and measurement requirements throughout production and service provision as defined in 8.5.1 Production control
  • 2. The unique identification of the outputs when traceability is a requirements through the process defined in clause 8.2.2 Determining the requirements related to products and services and clause 8.2.3 Review of requirements related to products and services of this Quality Manual.
To maintain the identification and traceability by retaining the documented information according to Documented Information Control Procedure.

Note: This section is addressed to meet the requirement of clause 8.5.2 Identification and traceability, of ISO 9001

8.5.3 Property belonging to customers or external providers

Company shall exercise care with property belonging to customers or external providers while it is under the organization’s control or being used by the organization.

Company shall identify, verify, protect and safeguard customers’ or external providers’ property provided for use or incorporation into the products and services.

When the property of a customer or external provider is lost, damaged or otherwise found to be unsuitable for use, the designated personnel shall report this to the customer or external provider and retain documented information on what has occurred.

Note: A customer’s or external provider’s property can include material, components, tools and equipment, premises, intellectual property and personal data.

Note: This section is addressed to meet the requirement of clause 8.5.3 Property belonging to customers or external providers, of ISO 9001

8.5.4 Preservation

Company shall preserve the outputs during production and service provision, to the extent necessary to ensure conformity to requirements.

NOTE Preservation can include identification, handling, contamination control, packaging, storage, transmission or transportation, and protection.

Note: This section is addressed to meet the requirement of clause 8.5.4 Preservation, of ISO 9001

8.5.5 Post-delivery activities

Company shall meet requirements for post-delivery activities associated with the products and services. In determining the extent of post-delivery activities that are required, consideration has been made through below information:


  • Description: a) statutory and regulatory requirements Reference: Legal Register
  • Description: b) the potential undesired consequences associated with its products and services Reference: Risk Analysis and Clause 8.7 Control of Nonconforming output of this Quality Manual
  • Description: c) the nature, use and intended lifetime of its products and services Reference: Warranty claim, claimable period
  • Description: d) customer requirements Reference: Refer to clause 8.2.2 Determining the requirements related to products and services
  • Description: e) customer feedback Reference: Refer to Quality Manual; 1. Clause 8.2.1 Customer communication 2. Clause 9.1.2 Customer satisfaction 3. Clause 10.2 Nonconformity and corrective action
Note: Post-delivery activities can include actions under warranty provisions, contractual obligations such as maintenance services, and supplementary services such as recycling or final disposal.


Note: This section is addressed to meet the requirement of clause 8.5.5 Post-delivery activities, of ISO 9001

8.5.6 Control of changes

Companyshall review and control changes for production or service provision, to the extent necessary to ensure continuing conformity with requirements. The organization shall retain documented information describing the results of the review of changes, the person(s) authorizing the change, and any necessary actions arising from the review. Where the changes are applied, Documented Information Control Procedure must follow to comply.


Note: This section is addressed to meet the requirement of clause 8.5.6 Control of changes, of ISO 9001

8.6 Release of products and services

Company shall implement planned arrangements, at appropriate stages, to verify that the product and service requirements have been met. The release of products and services to the customer shall not proceed until the planned arrangements have been satisfactorily completed in accordance with clause 8.5.1 Production control of this Quality Manual Any abnormality which does not meet with requirement from customer, resolution should be made through clause 8.7 Control of Nonconforming output of this Quality Manual where, the product only can be released unless obtained approval by a determined authority and, as applicable, by the customer. The record of released product shall be retained as documented information in accordance with Documented Information Control Procedure to ensure;
a) evidence of conformity with the acceptance criteria;
b) traceability to the person(s) authorizing the release.


Note: This section is addressed to meet the requirement of clause 8.6 Release of products and services, of ISO 9001

8.7 Control of Nonconforming output

Company shall ensure that outputs that do not conform to their requirements are identified and controlled to prevent their unintended use or delivery.
Company shall take appropriate action based on the nature of the nonconformity and its effect on the conformity of products and services. This shall also apply to nonconforming products and services detected after delivery of products, during or after the provision of services. The ways of dealing with nonconforming outputs must be according to one or more of the following measures:
  • a) correction;
  • b) segregation, containment, return or suspension of provision of products and services;
  • c) informing the customer;
  • d) obtaining authorization for acceptance under concession. Conformity to the requirements shall be verified when nonconforming outputs are corrected.
The organization shall retain documented information that:
  • a) describes the nonconformity;
  • b) describes the actions taken;
  • c) describes any concessions obtained;
  • d) identifies the authority deciding the action in respect of the nonconformity Control of nonconforming outputs shall follow according to Control of Non-Conformity Procedure Information on nonconformities shall be reviewed by top management of Companyas it required by clause 9.3 Management Review of this Quality Manual


Note: This section is addressed to meet the requirement of clause 8.7.1 and 8.7.2 of Control of nonconforming outputs, of ISO 9001

9. PERFORMANCE EVALUATION

9.1 Monitoring, measurement, analysis and evaluation

9.1.1 General

Company shall
  • 1. Determine:
  • a) what needs to be monitored and measured;
  • b) the methods for monitoring, measurement, analysis and evaluation needed to ensure valid results;
  • c) when the monitoring and measuring shall be performed;
  • d) when the results from monitoring and measurement shall be analysed and evaluated.
  • 2. Evaluate the performance and the effectiveness of the quality management system.
  • 3. Retain appropriate documented information as evidence of the results according to Documented Information Control Procedure

9.1.2 Customer satisfaction

Company shall monitor customers’ perceptions of the degree to which their needs and expectations have been fulfilled.

The organization shall determine the methods for obtaining, monitoring and reviewing this information. Method of evaluation should refer to clause 9.1.3 Analysis and evaluation of this Quality Manual Result of monitoring activity shall be reviewed by top management of Companyas it required by clause 9.3 Management Review of this Quality Manual

9.1.3 Analysis and evaluation

Company shall analyse and evaluate appropriate data and information arising from monitoring and measurement. The results of analysis shall be used in accordance with below table;

EVALUATION ANALYSIS WHAT METHOD OF MONITORING & EVALUATION FREQUENCY OF MONITORING (DATA COLLECTION) FREQUENCY OF ANALYSIS ON RESULT
  • a) conformity of products and services; KPI Monthly Quarterly b) customer satisfaction Customer Satisfaction evaluation Annually Annually
c) Performance and effectiveness of the quality management system KPI Monthly Quarterly d) Effectiveness of quality management system planning Internal Audit Annually Annually e) the effectiveness of actions taken to address risks and opportunities; 1. Internal Audit, and 2. Clause 10.2 Nonconformity and corrective action Annually Monthly Annually Monthly f) the performance of external providers; Supplier evaluation Annually Annually g) Needs for improvements to the quality management system. Management Review Annually Annually Result of analysis and evaluation shall be reviewed by top management of Companyas it required by clause 9.3 Management Review of this Quality Manual

9.2 Internal Audit

Companyshall conduct internal audits at least by annually to provide information on whether the quality management system: a) conforms to 1) the organization’s own requirements for its quality management system; 2) the requirements of ISO 9001; b) is effectively implemented and maintained. Execution of internal audit shall include; a) plan, establish, implement and maintain an audit programme(s) including the frequency, methods, responsibilities, planning requirements and reporting, which shall take into consideration the importance of the processes concerned, changes affecting the organization, and the results of previous audits; b) define the audit criteria and scope for each audit; c) select auditors and conduct audits to ensure objectivity and the impartiality of the audit process; d) ensure that the results of the audits are reported to relevant management; e) take appropriate correction and corrective actions without undue delay f) retain documented information as evidence of the implementation of the audit programme and the audit results. Details of internal audit activities shall follow according to Internal Audit Procedure Result of internal audit activity shall be reviewed by top management of Companyas it required by clause 9.3 Management Review of this Quality Manual

9.3 Management Review

9.3.1 General

Top management of Companyshall review the organization’s quality management system, at least by annually, to ensure its continuing suitability, adequacy, effectiveness and alignment with the strategic direction of Company.

9.3.2 Management Review Inputs

The management of Company review shall be planned and carried out taking into consideration: a) the status of actions from previous management reviews; b) changes in external and internal issues that are relevant to the quality management system; c) information on the performance and effectiveness of the quality management system, including trends in: 1) customer satisfaction and feedback from relevant interested parties; 2) the extent to which quality objectives have been met; 3) process performance and conformity of products and services; 4) nonconformities and corrective actions; 5) monitoring and measurement results; 6) audit results; 7) the performance of external providers; d) the adequacy of resources; e) the effectiveness of actions taken to address risks and opportunities (see 6.1); f) opportunities for improvement.

9.3.3 Management Review Outputs

The outputs of the management review shall include decisions and actions related to: a) opportunities for improvement; b) any need for changes to the quality management system; c) resource needs. Documented information of Management Review outputs shall be retained as an evidence of the results of management reviews

10. IMPROVEMENT

10.1 General

Companyshall determine and select opportunities for improvement and implement any necessary actions to meet customer requirements and enhance customer satisfaction. These shall include: a) improving products and services to meet requirements as well as to address future needs and expectations; b) correcting, preventing or reducing undesired effects; c) improving the performance and effectiveness of the quality management system. NOTE Examples of improvement can include correction, corrective action, continual improvement, breakthrough change, innovation and re-organization. The input of opportunity for improvement shall be reviewed by top management of Companyas it required by clause 9.3 Management Review of this Quality Manual

10.2 Nonconformity and corrective action

When a nonconformity occurs, including any arising from complaints, the designated personnel shall:
  • a) react to the nonconformity and, as applicable:
  • 1) take action to control and correct it;
  • 2) deal with the consequences;
  • b) evaluate the need for action to eliminate the cause(s) of the nonconformity, in order that it does not recur or occur elsewhere, by:
  • 1) reviewing and analysing the nonconformity;
  • 2) determining the causes of the nonconformity;
  • 3) determining if similar nonconformities exist, or could potentially occur;
  • c) implement any action needed;
  • d) review the effectiveness of any corrective action taken; e) update risks and opportunities determined during planning, if necessary;
  • f) make changes to the quality management system, if necessary. Corrective actions shall be appropriate to the effects of the nonconformities encountered. shall retain documented information as evidence of:
  • a) the nature of the nonconformities and any subsequent actions taken;
  • b) the results of any corrective action. Details of step measures for taking action on nonconformity shall follow according to Corrective Action Procedure Information on nonconformities and corrective action shall be reviewed by top management of Companyas it required by clause 9.3 Management Review of this Quality Manual
  • 10.3 Continual Improvement

    The organization of Company shall continually improve the suitability, adequacy and effectiveness of the quality management system. The consideration shall be taken based from following inputs a) Results of analysis and evaluation as defined in clause 9.1.3 Analysis and evaluation of this Quality Manual, and b) The outputs from management review as defined in clause 9.3.3 Management Review Outputs Based from inputs from the abovementioned, top management of Companyhas to determine if there are needs or opportunities that shall be addressed as part of continual improvement. The input of opportunity for improvement shall be reviewed by top management of Companyas it required by clause 9.3 Management Review of this Quality Manual