Risk and opportunities

New aspects in ISO 9001:2015 which does not specifically required in ISO 9001:2008

Risks and Opportunities

1. Clause 4.4.1 (f) of ISO 9001:2015: address the risks and opportunities as determined
2. Clause 5.1.2 of ISO 9001:2015: Top management to demonstrate leadership to ensure focusing on customer through determining the risk and opportunity
3. Clause 6.1.1 & 6.1.2 of ISO 9001:2015: Action to address risk and opportunities
4. Clause 9.1.3 (e )  of ISO 9001:2015: Analysis and evaluation of effectiveness of action addressing risks and opportunities
5. Clause 9.3.2 of ISO 9001:2015: Input of management review on effectiveness of action on risks and opportunities.
6. Clause 10.2.1 of ISO 9001:2015: to update risks and opportunities when there is an occurrence of nonconformity

Contact us now to get further info

Read More

Transition Period

Certification Transfer process for ISO 9001:2008 certified company

According to ISO

Recommendation for process steps.

1. Company to determine suitable date (current certificate will only valid until Sep 2018)
2. Readiness review
3. Liaise with certification body
4. Transfer audit (re-certification) based from IAF table
5. New full certificate with 3 years validity

We able to assist you for step 2, 3 and 4. Contact us now at HERE or email us at admin@osh-isis.com

Read More

Feedback Form

Please do feel free to contact us via online form below. Then, let's begin our partnership for your QMS implementation

Name:
Company Name:
Company address
Email Address:
no. tel
Status of QMS implementation	ISO 9001 certified In progress of upgrading to 2015 version Uncertified but implementing ISO9001 Not certify but has intention to develop QMS
Interested on;	Package 1 Package 2 Package 3 Package 4 Package 5 See this LINK to know further on products
Request for;	Quotation Further info (email) Further info (phone call) QMS Product Demo In-house training

Put a website form like this on your site.

Read More

Package

If you have an enquiry, please do feel free to fill up the Feedback Form or email to us at admin@osh-isis.com  

Read More

Interactive Quality Manual

New version of ISO 9001 has released by focusing on the effectiveness of operation with simplifying the fulfilment of requirement as now to be understood easily and more practical in application.

Therefore, it brought into the great idea for generating the QMS documentation which to be more user-friendly, simple and straight-forward. This is a new concept of documentation where the integration of all aspects required by the standard has been formatted in one platform for better accessibility.

As noted, new released standard does not published with stand alone ISO 9001:2015 requirement. They came with few sets of reference documents for complimenting the element addressed in the standard such as Annex A and ISO 9000:2015. Therefore, it demands for the user to seek a creativity on how to familiarize with the standard requirement to match against references document.

Why it called as an Interactive Quality Manual?

1. Documentation approach provides solution of any questionable issues in the requirement.
2.  Interactive Quality Manual adopted the same concept of e-book, where the important terms and phrases to be hyperlinked with original reference.
3. Integration of QMS documentation between standard requirement, Quality Manual and procedures to be established in one source
4. Reduce timing for searching and 'flipping' the documents.

Documents features

1. It consists Quality Manual, procedures, ISO 9001 Standard Requirement, Annex A and ISO 9000 formatted in the QMS documentation
2. It demonstrates interaction between all abovementioned documents.
3. Master Copy should be in soft copy.
4. Applicable for all type of industries.
5. Sample of manual is available in this blog

Grab this opportunity if your company has an intention to convert their system from ISO 9001:2008 to ISO 9001:2015.
Contact admin@osh-isis.com for product demo.

Click HERE to find the sample of the Quality Manual depicted into flow process mapping. It makes your learning process of new ISO9001 version to be more interesting and practical for its application 

Read More

Main Changes of ISO 9001:2015

The transition of ISO 9001:2008 to ISO 9001:2015 is mainly to emphasize on the following subjects;
 

High level structure and core text from „annex SL“

The new format of ISO 9001 standard is providing identical structure, text and common terms to be applied to the system user. It consist 10 elements of the requirement to simplify and to be easily understood by the system implementer (see details of ISO 9001:2015 Standard Requirement)

There is also explanatory item to clarify the new structure, terminology and concepts of this ISO 9001. It addressed as per Annex A of the standard.

Besides, ISO 9000:2015 specifies the terms and definitions that apply to all quality management and quality management system standards developed. It provides the answer of the term that repeatedly being used in ISO 9001:2015 Standard Requirement and Annex A.
 

Increased requirements for top management commitment and involvement.

It has been defined specifically in the section 5 of the standard. This requires involvement of top management to ensure maintenance of the QMS. It can be realized through demonstrates of leadership and commitment (clause 5.1.1),  lead to the team in focusing on customer requirement (clause 5.1.2), Generation of Quality Policy (clause 5.2.1) and assigning the right person to manage the organization's QMS (clause 5.3).
Top management also must take part in reviewing and evaluating the effectiveness of their QMS through Management Review process (clause 9.3)

Emphasis on risk-based thinking

Details explanation of risk based thinking has been elaborated in A.4 of Annex A.
The concept of risk based thinking is also being part of responsibility of top management for promoting them in the operation (see clause 5.1.1 of ISO 9001:2015)

Increased emphasis on achieving value for the organization and its customers (“output matters”)

'Internal customer' requirement should be respected for assuring good output to be produced. It has been explained in clause 4.4.1 of the standard.
Proactive measures can be seen in the new version of standard where the control of nonconforming products is now used the phrase of controlling the nonconforming output to emphasize effective implementation and preventing the defect to be generated in the operation (see clause 8.7.1 of the standard)

Need to understand the context of the organization and the needs and expectations of interested parties

The new standard emphasizes for organization to look potential issues that may effected to product conformity besides it hall meet with customer requirement. That is including legal requirement aspect, internal and external issue that may influence the smoothness of company's activities.
Broader views has put into the attention for company to identify, manage and maintain as it was addressed in the standard requirement in clause 4.1, 4.2, 6.1.1 and 6.1.2.
Most of the system users interpret this new requirement are replacing the clause of preventive action in ISO 9001:2008. However, the scope and coverage of the risk management in new standard are comprehensively described in wider range than focusing on product quality only.

Increased flexibility on the use of documentation

The used of documented information to integrate the terminology of procedure, document and record under one application without significant change being shown. This aspect has been specifically explain in A.6 of Annex A.

Read More

ISO 9001:2015 Standard (clause-by-clause)

NOTE: This chapter provides an index of standard requirement for the reader to acknowledge on each of clause of ISO 9001:2015. The input of the content is just extracted from the header or sub-header of the element addressed by the standard.

The user is just only need to click on the respective clause and the requirement of the standard will appear by opening with new window.

Anyway, the full sets of requirement can be referred through this LINK.

 

4. context of the organization

4.1 Understanding the organization and its context

4.2 Understanding the needs and expectations of interested parties

4.3 Determining the scope of the quality management system

4.4 Quality management system and its processes

• 4.4.1 System establishment..

• 4.4.2 Necessity..

5. Leadership

5.1 Leadership and Commitment

• 5.1.1 General

• 5.1.2 Customer focus

5.2 Policy

• 5.2.1 Developing the quality policy

• 5.2.2 Communicating the quality policy

5.3 Organizational Roles, Responsibility and Authorities

6. Planning

6.1 Action to address risks and opportunities

• 6.1.1 When planning for the quality management system, the organization shall..

• 6.1.2 The organization shall plan..

6.2 Quality Objectives and planning to achieve them

• 6.2.1 The organization shall establish..

• 6.2.2 When planning how to achieve..

6.3 Planning of changes

7. Support

7.1 Resources

• 7.1.1 General

• 7.1.2 People

• 7.1.3 Infrastructure

• 7.1.4 Environment for the operation of processes

• 7.1.5 Monitoring and measuring resources

• 7.1.6 Organizational knowledge

7.2 Competence

7.3 Awareness

7.4 Communication

7.5 Documented Information

• 7.5.1 General

• 7.5.2 Creating and updating

• 7.5.3 Control of documented information

8. Operation

8.1 Operational planning and control

8.2. Requirement for products and services

• 8.2.1 Customer communication

• 8.2.2 Determining the requirements related to products and services

• 8.2.3 Review of requirements related to products and services

• 8.2.4 Changes to requirements for products and services

8.3 Design and development of products and services

• 8.3.1 General

• 8.3.2 Design and development planning

• 8.3.3 Design and development inputs

• 8.3.4 Design and development controls

• 8.3.5 Design and development outputs

• 8.3.6 Design and development changes

8.4 Control of externally provided processes, products and services

• 8.4.1 General

• 8.4.2 Type and extent of control

• 8.4.3 Information for external providers

8.5 Production and service Provision

• 8.5.1 Control of production and service provision

• 8.5.2 Identification and traceability

• 8.5.3 Property belonging to customers or external providers

• 8.5.4 Preservation

• 8.5.5 Post-delivery activities

• 8.5.6 Control of changes

8.6 Release of products and services

8.7 Control of nonconforming outputs

• 8.7.1 The organization shall ensure that outputs that do not conform..

• 8.7.2 Retain documented information

9. Performance Evaluation

9.1 Monitoring, measurement, analysis and evaluation

• 9.1.1 General

• 9.1.2 Customer satisfaction

• 9.1.3 Analysis and evaluation

9.2 Internal Audit

• 9.2.1 Performing an internal audit..

• 9.2.2 Execution of internal audit

9.3 Management Review

• 9.3.1 General

• 9.3.2 Management review inputs

• 9.3.3 Management review outputs

10. Improvement

10.1 General

10.2 Nonconformity and corrective action

• 10.2.1 When a nonconformities occurs..

• 10.2.2 Retain documented information

10.3 Continual Improvement

Read More

Internal Audit Procedure

GENERAL REQUIREMENT

This procedure provides guideline to extent information explained in clause Internal Audit of the Quality Manual.

The requirement is also enable to provide conformity to clause 9.2.2 (Internal Audit) of ISO 9001:2015 Standard Requirement.

COMMON DEFINITION USED

The definitions addressed are mainly refer to IS0 9000:2015

RESPONSIBILITY AND AUTHORITY

SELECTION OF AUDITORS

1. QMR shall nominate an Internal Auditor;
2. Selected auditor should be complied with one of the following criteria
• a) Experienced and/or trained in ISO 9001.
• b) Third party appointed and recognized by the Top Management with proven of competency qualification.
• c) Where necessary, training will be arranged for internal auditor to assure their competency. The process shall follow as per 7.2 Competence of the Quality Manual

PRE-AUDIT ACTIVITY

1. Lead auditor will prepare the Audit Plan.
2. The Audit Plan should define the audit criteria, scope and process need to be audited.
3. Determination of audit intensity
• a. All active projects shall be audited.
• b. If there is no active project is running, scope of audit may focus on adequacy of QMS process (such as Organizational Context of company, Leadership and commitment, Management of Risks and Quality Objectives, section 7 Support, section 9. Performance Evaluation and section 10. Improvement, or,
• c. If QMR identified that there is no project is running and no change in QMS implementation, he has authority to decide the necessity of internal audit to be conducted due with circumstances reason should be determined.
4. Lead Auditor has to ensure the selection of auditors is meeting the objectivity and impartiality of the audit process.
5. Lead auditor will organize the auditors which not audit their own work.
6. Audit Plan will be distribute to the auditor prior assessment conducted

DURING AUDIT ACTIVITY

1. Auditor will conduct audit as per Audit Plan
2. Audit tools need to be used;
• a. Audit Checklist
• b. ISO 9001 Standard, where necessary
3. Audit Method
• a. Based from records (It shall consistently meet with Documented Information Control Procedure
• b. Cross reference with the procedure and work instruction (It shall consistently maintained as per clause 8. Operation of Quality Manual)
• c. Observation of process to meet with clause 8. Operation of Quality Manual.
• d. Interview to the process owner to obtain input for justifying the effectiveness of process defined in Quality Manual in clause 7 Support, 7.1 Resource, 7.2 Competence, 7.3 Awareness and 7.4 Communication.
4. All findings should be recorded down to the Audit Checklist.
5. Classification of findings;
• a. Comply and fulfil with the ISO 9001 Requirement Standard and company QMS established (Quality Manual and procedures).
• b. Observation or OFI
• c. NC: Non-compliance with the with the ISO 9001 Requirement  and company QMS established (Quality Manual and procedures)
6. Next to do for the findings;
• a. All OFI should be listed in the Audit Summary for Lead Auditor take further action
• b. Any NC, Auditor should follow action determined in the Corrective Action Procedure and submit to Lead Auditor

POST-AUDIT ACTIVITIES

1. Lead Auditor compile the OFI and keep as an input for management review to meet with clause 9.3 Management Review of Quality Manual.
2. CAR  form will issue to the respective parties and should follow with Corrective Action Procedure.

Read More

Corrective Action Procedure

GENERAL REQUIREMENT

This procedure provides guideline to extent information explained in clause 10.2 Nonconformity and corrective action of the Quality Manual.

The requirement requirement is also enable to provide conformity to clause 10.2 Nonconformity and corrective action of ISO 9001:2015 Standard Requirement.

COMMON DEFINITION USED

The definitions addressed are mainly refer to IS0 9000:2015

RESPONSIBILITY AND AUTHORITY

IDENTIFICATION OF NON-CONFORMITY OCCURRENCE

1. 1 Identification of non-conformity can be defined as following inputs;
• a) Nonconformity of output in the project occurred as per Control of Non-Conformity Output Procedure
• b) Nonconformity raised during Internal Audit as per Internal Audit Procedure
• c) Customer complaint through evidence from documented information as in clause 8.5 Provision of construction project management of Quality Manual. E.g. Work Progress Report, Inspection Report etc.
• d) Valid feedback received from interested parties associated with the risk to the project conformity defined as per clause 6.1 Risk Management of the Quality Manual.
2. 2 All nonconformity received shall be validated first before further measure can be taken.

CORRECTIVE ACTION

1. Whenever nonconformity is confirmed, QMR shall verify and record the nonconformity in the form.
2. Where required, he shall than call respective person and arrange for meeting. Input of meeting then will be used in determining root caused and measures need to be taken.
3. The root cause of the problem shall be determined and a suitable solution to the nonconformity shall be initiated.
4. Evaluations of the nonconformities shall indicate what corrective actions to take to eliminate the root causes of the nonconformities or potential nonconformities.
5. The personnel responsible in providing and implementing the corrective action shall complete the with the following information :-
• Action Proposed to prevent recurrence so as action taken to rectify the problem.
• Date which the corrective action shall be completed.
• Where appropriate, analysis and support data is necessary to address the potential occurrence of problem.
6. QMR shall verify that the corrective actions are taken and are effective.
7. Where come into situation of corrective action taken being reported other than such as PQP, CAR format from customer etc., the tracking of documented information shall be demonstrated. 
8. If the action taken is not effective in resolving the problem, QMR shall bring it to the attention of the relevant party concerned and another corrective action plan may be initiated.
9. If there any is unable to close within the dateline given, QMR should get feedback from the relevant parties and stating the valid reason of unclosed issue.
10. At time, the action implemented may result in changes of affected documents; any amendment of document shall follow according to Documented Information Control Procedure.
11. The trends in nonconformities and corrective actions shall be reviewed by top management of Company as it required by clause 9.3 Management Review of the Quality Manual

Read More

Control of Nonconforming Output Procedure

GENERAL REQUIREMENT

This procedure provides guideline to extent information explained in clause 8.7 Control of Nonconforming output of the Quality Manual.

The requirement is also enable to provide conformity to clause 8.7.1 and 8.7.2 of Control of nonconforming outputs of ISO 9001:2015 Standard Requirement.

COMMON DEFINITION USED

The definitions addressed are mainly refer to IS0 9000:2015

• Complaint
• Correction
• Quality
• Defect
• Concession
• Supplier
• Release
• Corrective action
• Conformity
• Verification
• Requirement
• Nonconformity

RESPONSIBILITY AND AUTHORITY

IDENTIFICATION OF NON-CONFORMITY

Nonconformity of output in the [scope of activity] activity can be identified throughout one or combination of following occurrence;

1. Inappropriate planning as described in clause 8.1 Project Planning of this Quality Manual
2. Defect detected by the personnel during construction where it does not meet with specification as defined in clause 8.5.1 Project management control of this Quality Manual
3. Absence of competent person if it is required by the clause 7.2 Competence of this Quality Manual
4. Defective purchased material or out of specification material as defined in clause 8.4 Control of externally provided processes, products and services of this Quality Manual caused by supplier.
5. Other potential undesired consequences associated with services (example; measurement faulty caused by unfit measurement instrument as per clause 7.1.5 Monitoring and measuring resources of Quality Manual)
6. Customer complaint
7. Complaint received during warranty period

CONTROL OF NONCONFORMITY

1. Whenever nonconformity is detected;
• Nonconformity with regard to the facility or material or physical property, the On-Hold tag must be placed to the defect unit accordingly.
•  If related to the human resources, proceed to the clause 7.2 Competence of Quality Manual.
• Review possibility of occurrence due to weaknesses of communication factor as described in clause 7.4 Communication of Quality Manual
2. The nonconformity shall be reviewed by for disposition, which may be any of the following;
• Hold or must not to be used, or
• Concession by authorized person
3. The concession of nonconformity is not accepted for concession if high impact to the quality issues or jeopardize the company reputation as defined in Risk Analysis.
4.  Results of the review shall be recorded by on the CPAR form
5. The shall be responsible to review the nature and seriousness of nonconformity.
6. For nonconforming condition that have been accepted by concession when regulatory requirements are met. The record of the identity of the person(s) authorizing the concession shall be maintained.
7. If action will be taken other than decision stated in #2, the non-conformity shall be corrected. will verify the measures taken before release non-conformance status.
8. Designated person will decide whether the issuance of CAR form, the nonconformity need further investigation throughout the Corrective Action Procedure or used as record purpose only.
9. For purchased material/part which are found defective or out of specification, [designated person] shall arrange to return the item to the supplier for replacement or further action. CPAR form should be issued.
10. Any defective purchased material requested for concession, the process should follow step as described in the #9.
11. Top management will decide for necessity to inform the nonconformity depends on the severity of the issues.
12. QMR shall maintain CPAR status log.
13.  Status of CAR shall be highlighted for management review meeting.

Read More

Documented Information Control Procedure

GENERAL REQUIREMENT

This procedure provides guideline to extent information explained in clause 7.5 Documented Information of the Quality Manual.

The requirement requirement is also enable to provide conformity to clause 7.5 Documented Information of ISO 9001:2015 Standard Requirement. (Clause 7.5.1, 7.5.2 and 7.5.3)

Type of Documented information applied in Company is as follows;

• a) Information type 1: Instruction or guideline document such as manual, procedure, work instruction, flow chart and others.
• b) Information type 2: Blank format
• c) Information type 3: Filled-up document such as record.

COMMON DEFINITION USED

The definitions addressed are mainly refer to IS0 9000:2015 RESPONSIBILITY AND

INFORMATION CONTROL PROCESS

New Creation of Document

1. Document that required to be controlled is as defined in clause clause 7.5 Documented Information of the Quality Manual. It applies to documented information type 1 and type 2.
2. Any new document proposal must be approved by QMR. Endorsement will be made Managing Director where necessary
3. Approved document shall be listed in the Document Master List
4. Revision history should be determined through;
1. Revision history table at front page of document (e.g. procedure or work instruction)
2. Address in the footer of the document in case of form, checklist or other similar type of document
5. Document will consider as official once being formated in PDF version and retained by QMR.
6. Document shall be controlled as section Management of Controlled Document of this procedure

Amendment of Existing Document

1. Any proposal of revision to the existing document must through QMR. It applies to documented information type 1 and type 2.
2. Those changes made for the form, old version of document need to be cleared first before use of revised document. Where applicable, Document Controller or QMR has authority to stop the usage of old document if reflected to the quality service conformity.
3. Revision history as determined in #4 of section New Creation of Document shall be updated

Management of Controlled Document

1. Control requirement for document is covered for internal and external document.
2. Master Copy shall be in soft copy, protected in PDF file and retained by QMR.
3. Copy of document is allowed but shall obtain approval from QMR before issuance.
4. Original soft copy only kept by the Document Controller for reference or to be used upon requires for changed.
5. Maintenance of soft copy should be in appropriate manner and back-up system should be activated through external hard disc or USB drive or other appropriate methods
6. No hard copy is allowed. However, QMR will justify the method of distribution if hard copy of controlled document is really need and does not against MISB‘s integrity of quality management system.
7. Distributed copies shall be indicated with CONTROLLED in red on the first page of Revision History. 8 Any controlled document need to be distributed to the third party, it shall be approved by QMR and indicated with UNCONTROLLED

Management of Controlled Records

This section is applied to documented information type 3.

Identification and traceability of Records

1. All records shall be filed in sequence and/or dated to allow easy identification and retrieval.
2. Unique identification of the version used is generated as described in #3 and #4 of section New Creation of Document of this procedure.
3. Unique identification for referring to the product, services or output of Company can refer to clause 8.5.2 Identification and traceability of the Quality Manual
4. QMR shall be responsible to maintain the List of Records. If any changes to the list of their records, the list shall be updated accordingly.
5. Records should be kept at the designated location to ensure the traceability and person in charge is defined

Storage, Protection and Retention

1. All records shall be stored and maintained and retrievable by the respective functions.
2. Record’s legibility must be preserved.
3. Records shall be stored in hard copy and/or soft copy as appropriate. For non-critical records, storage in normal file cabinet is sufficient. For critical records, if any, the records shall be protected from potential fire, theft, unauthorized removal and other damage.
4. Also, critical records on electronic media shall be secured from inadvertent deletion, computer viruses and corruption of files; hard copies shall be produced and kept at a different location / area.
5. Records on soft copy shall be backed-up and back-up records shall be protected accordingly from damage or loss.
6. All records shall be retained for a minimum period as specified in the List of Records. Designated person shall be responsible to establish the retention period.

Retrieval and Disposal

1. All records shall be made available for inspection by management committee or as requested by the interested parties.
2. The records shall be stored in such a way that they are readily retrievable for review. For any request for records by external parties,
3. Records only can be disposed once obtained approval from QMR
4. Records shall be disposed-off by any suitable means. Confidential records shall be disposed-off by shredding.

Read More