If you are transitioning to ISO 9001:2015 you may find these correlation matrices published by the International Standard Organization helpful. Just click on the title to read the document.
Okay, you have your initial assessment in the rear view mirror and now it’s time for your first surveillance audit. Sometimes this is one of the harder audits to get through because the energy and momentum can decline after the ramp up for the initial assessment.
As a certification body, we expect your system will conform to the requirements of the Standard to which you are certified. This is your commitment as a certified organization. Being certified isn’t about getting into conformance, it’s about staying in conformance!
You can relax a little remembering that Platinum auditors will be practical about auditing your business operations. We don’t expect a perfect audit without nonconformities. We never search for nonconformities, but instead look for conformance. If we find nonconformities, we clearly define them so that you can easily address them. We want your audit experience to be as stress-free and comfortable as possible.
Platinum must follow the Standard, which requires us to look at some key areas every time we come and do an audit. To prepare for the audit, you should review your processes in these areas which we are required to review:
- management review,
- internal audits,
- a review of actions taken on nonconformities during the previous audit,
- complaint handling,
- the effectiveness of the management system to achieving your business objectives and the intended results of your management system,
- continued operational control,
- review of any changes and use of marks and/or other references to certification.
At recertification, we always review any audit result trends.
Common Omission: Reviewing previous audit results
Repeating nonconformances usually result in an escalation of the nonconformance from minor to major as well as an additional nonconformance being raised regarding the effectiveness of the corrective action system. However, certified clients commonly forget to revisit the previous audit results when they prepare for their certification audits. Requiring a step in your management system to review previous certification audit results and verify that corrective actions taken were effective can save you stress, client issues, money, and work.
Being vigilant can provide you with confidence in your corrective action system so you don’t have to worry about recurring nonconformities and the impact they may have on your business.
According to the ANAB, there are key advantages of early transition in the last 12 months of the transition period. Benefits to having your ISO 9001:2015 certificates in hand sooner rather than later may include:
- More flexibility with scheduling and make the scheduling process with your Certification Body (CB) easier.
- Reduced risk and anxiety in the event of nonconformities. Any nonconformities identified during the audit must be addressed with responses and approved by the CB before a decision can be made by the CB. All this must happen prior to the transition deadline.
- Improved management processes and a risk-based approach to managing your business. This may ensure that your organization can identify risks and opportunities more effectively, improve operational efficiency, and reduce duplication to save both time and money.
- Reduced costs that would be required to maintain a management system conforming to both the old and new versions throughout the time of transition.
- Minimal questions from your customers about your certification status as the deadline draws near.
ANAB reminds us that as people procrastinate, organizations wishing to transition into 2018 are very likely to have difficulty arranging desired audit dates and audit teams. In addition, and in step with previous transitions, …the International Accreditation Forum (IAF) will not extend the transition period. Unfortunately, organizations that do not complete the transition process with their CB by the deadline will no longer be certified.
One thing we can say for certain now is – transition is not that tough! Our transitioned clients have done a beautiful job of looking over the new and revised requirements and implementing them in a meaningful way to keep their business objectives on the radar and improve operations! This ISO 9001 & 14001 transition has afforded clients the opportunity to simplify their business processes for optimal organizational benefit.
So…for those of you yet to make the transition, we’ve got you covered! We are working hard to make sure that all of you have realistic dates scheduled for your audits. That way – you get first choice at securing the best time for your organization to do the transition audit, without worrying about resources to support you through the process.
It’s our objective to make the transition as cost-effective and easy for you as possible.
Please make sure you send us a copy of your application for transition as soon as possible if you haven’t already.
If you are needing a little encouragement or help confirming your approach – just give us a call. Don’t forget that we have developed tools and lots of guidance to help you through transition. Check out our website under the “Just for Clients” tab. If you have lost the pass-code – let us know. We are happy to help you.
Section 6.2: Quality objectives and planning to achieve them
“You can’t manage what you don’t see” and “You can’t improve what you don’t measure” are old management sayings that are still true today. With any process, your organization will experience increased success when Management provides defined quality objectives and monitors the outputs of your business process against these objectives. Without defined objectives, management and employees are left to operate based upon “gut instinct.” Real numbers and real data always provides better results.
The 9001:2015 Standard hasn’t changed that much from the 9001:2008 Standard, but it has been improved with more detail and clarity of expectations. Management will use their expertise and knowledge to establish quality objectives at relevant functions, levels, and processes. The quality objectives should provide information on how your business is performing so that you can make changes proactively to minimize negative effects and promote positive effects to the organization.
According to the Standard, quality objectives must be:
- consistent with the quality policy,
- meet applicable requirements,
- be relevant to conformity of products and services and to the enhancement of customer satisfaction,
- communicated, and
Quality objectives must be maintained as documented information. Yes, like before, we will be expecting to see them documented somewhere!
New to the Standard is the requirement that the organization determine:
- what will be done,
- what resources will be required,
- who will be responsible,
- when will it be completed and
- how the quality objective results will be evaluated.
These outputs count and you should be able to demonstrate that people know their responsibilities and their deadlines for completion. Employees have a vested interested in the success of their organizations and they can’t be guessing about what is important to management. When they know, they really help steer the business in the right direction!
Keep the Objectives Simple and Fluid
A common pitfall we have seen is over complicating the list of objectives. You don’t have to tackle everything you want to see the organization do in one year! Too many objectives can dilute the objectives that are important to your interested parties. Keeping it simple can increase the bandwidth of resources needed to make real progress. Most importantly, you’re in charge here. Your auditors only assess your approach, you get to decide what makes the most sense for your organization. If you focus on objectives that bring real value to your organization’s success, you can never go wrong.
Reviewing performance and redirecting is key for improvement! One of the key components of management review is the evaluation of the organizations’ quality objectives. Objectives should be fluid. Yes – they can change! Once you have achieved an objective – you can replace it with another one. However, if you find your objectives changing every year without achieving them, then you should rethink your process to make it effective for your operations.
Section 9.3 Management review
The Management Review process remains largely unchanged from the previous version of ISO 9001. Mostly the requirements have been re-ordered, but some requirements have been modified to address risks and opportunities. Creating an agenda to address each requirement listed in the Standard has historically proven effective.
Management’s review of its quality management system is important to business success. In our observations, we see organizations perform either annual review meetings or more frequent reviews combined with other agendas. You can do them any way you want, based upon what you feel works best for your organization.
Because management reviews are crucial to organizational success, Platinum Registration reviews the company’s management review process and quality objectives during every assessment whether that is an initial, surveillance or reassessment.
Once a year, Platinum sends out a Client Satisfaction Survey to ensure that the quality of our services are the best that they can be for our clients.
We just got the results from our 2016 QMS Client Survey and, while we always strive for the best customer service, we have to say…they are even better than expected.
Top 10 things that are important to our clients
We have hundreds of clients from a wide variety of industries and no two clients are alike, but some of the most important things that clients said they were looking for in a certification body seem to apply across the board, according to our survey results.
And we delivered.
Here are the Top 10 must-haves our clients told us were of utmost importance to them in a certification body and why they had such a high satisfaction rate with Platinum meeting these needs:
- Knowledge of the Standards
- Assistance in understanding the Standards
- Cost effectiveness
- An understanding of clients’ business/industry
- Fair and honest audits – no “creative interpretation” of the Standards
- Clear verbal communication and concise written reports – no guesswork required
- Expert technical knowledge
- Responsiveness – never having to wait
- Customer service – going the extra mile
- Auditors are approachable and make clients feel at ease
Why we’re good at it.
We have been in business for nearly 20 years, providing cost-effective ISO certifications for a wide range of service and manufacturing industries. Platinum’s President and Audit Operations Manager sit on the national committee that helps to shape the Standards themselves, giving our clients information they need when they need it in real-time, Platinum’s management is very picky about who we hire, so all of our auditors:
- Are certified, professional auditors.
- Have training or experience in your industry (knowledge of common key processes, terminology and regulations).
- Are pleasant, approachable and will put you at ease during the audit process.
- Are trained on Platinum processes and updated appropriately.
- Are reviewed with management involvement and oversight through:
- Witnessed performance audits
- Annual performance reviews
- Consideration of client feedback (We send a survey after each audit)
We want you to succeed. If you look good, we look good. Thanks to all of our clients for the valuable feedback – we literally couldn’t do it without you!
Whether at home, on the road or at work, risk and opportunities are part of life. Some risks have a higher probability of occurring than others, and we evaluate each of these risks either actively (planning ahead) or passively (as they come). In business, the proactive evaluation of risk is a key component of success or failure of a project, program, invention, product design or of the business itself. Proactive methods for looking for opportunities is a skill demonstrated by successful people and businesses as well.
Risk prevention has been a component of the ISO 9001 Standard since its inception, but was only inferred through the requirements of continual improvement activities — most specifically, the Preventive Action Process. The ISO 9001:2015 version now specifically brings “risk based” thinking into the forefront of your quality management system in a way that is much more representative of how businesses actually function. In fact, risk is mentioned 50 times and is included in Sections 4 (context of the organization), 5 (Leadership), 6 (Planning), 9 (Performance Evaluation) and 10 (Improvement), so there really is a heavy focus on this activity.
Not all risks are equal in their impact on an organization, nor do they always stay the same from year to year. Some are short term and others are long term. Either way, successful managers, informally or formally evaluate risk every day to keep the business moving forward and to reduce unnecessary costs and inefficiencies.
Just like anything else in life, there is no “one size fits all” with risk management and, as a result, the standard has no requirement on how you define, evaluate, and manage your risks, but because successful businesses consistently evaluate and mitigate risks, it requires that you develop a process to ensure that you do it in a consistent, reliable and person-independent manner. A good management system is process-based, not people/individual-based.
Opportunities – take them or leave them
But wait — the standard also identifies the need to have a formal process for determining, evaluating, and acting on opportunities for the business.
Opportunities are there for the taking. Sometimes, we just need to stop, ask and listen to the stakeholders associated with our organizations to see them. Who doesn’t want to gain the benefits from unrealized opportunities?
Some of the products and services we all consume have seen increased sales by the manufacturer or service provider simply changing their packaging or marketing – causing us to use and buy more of the product or service. Packaging/marketing changes are great examples of opportunities to be had with a little creative thinking.
Reduce Risk and Excel through Opportunities: Using the Organization’s Brains
It may sound overly simplistic, but following the steps below, you can put these requirements in perspective, and integrate processes in your management system to ensure that your business doesn’t get caught out or miss a money maker.
- Brainstorm: Management systems are only as good as the knowledge and investment of the people who develop and implement them. It’s probable that the process for identification of risks does not happen at the same time you identify opportunities. When and how do you or will you brainstorm to determine risks and opportunities?
- Record: Write the risks and opportunities down in a place or places defined in your business management system.
- Advise: Tell stakeholders about the risks and opportunities that you have identified. Work with them to evaluate the likelihood of occurrence and their tolerance of risks. Consider the costs and benefits of risk prevention and the costs and advantages of opportunities not yet realized.
- Investigate: Work with personnel to determine methods to mitigate risks and grab opportunities.
- Negotiate: Determine what management and stakeholders feel are the best use of resources and what they want to act on. Remember, it’s okay to have a tolerance for risk. You don’t have to, probably can’t and won’t eliminate all risks or act on all opportunities.
- Summarize your planned actions somewhere in your management system. This doesn’t have to be anything elaborate, there are no requirements to assign levels of risk, but identify the risks and opportunities and your planned actions related to them. Don’t forget to address how you will incorporate your actions into your management system and then how you will review your progress and the effectiveness of the actions taken.
The latest revision to ISO 13485 was released last February, replacing the previous 2003 version. Current ISO 13485:2003 certificates will EXPIRE on February 28, 2019.
For the next three years until February 28, 2019, both ISO 13485:2003 and ISO 13485:2016 standards will be valid. This 3-year window will allow organizations the necessary time to transition their systems to the new standard. Before expiration of 9001:2008, separate certificates will be issued to clients who conform to the ISO 13485:2003 standard.
After February 28, 2019, any existing certificates issued to ISO 13485:2003 will not be valid. On September 15, 2018, all separate ISO 9001:2008 certificates will become obsolete.
Best Methods for Transitioning to ISO 9001:2015
You’ve been busy, workloads are up and you are using most of your day just keeping up with normal business activities. You know that management expects you to get your ISO system ready for ISO 9001:2015 transition, but you don’t know where to even begin so you’ve been waiting and working on things that you do know how to do. Each day, the stress and weight of the transition is beginning to grow and take up more of your mindshare.
Now – stop worrying! You need to remember that Platinum Registration is here for you. In fact, we’ve been thinking a lot about you! We want to give you tools to help you work through the process and reduce your stress.
Here are the steps:
- Purchase a copy of the Standard – get it from www.asq.org. Click on Books and Standards. Look for ASQ/ANSI/ISO 9001:2015: QUALITY MANAGEMENT SYSTEMS – REQUIREMENTS. There are paper and electronic versions. The electronic version will allow you to download the copy straight away.
- Create a checklist using the requirements of the Standard.
- Compare your processes to the requirements of the Standard. Identify gaps and brainstorm on how your organization would like to change or create new processes to address the gaps.
- Work from the standpoint that you are a functioning business and therefore you probably naturally satisfy the requirements for ISO 9001:2015. You just need to be a detective and figure out how it occurs. Ask management how they do things…they probably can tell you how much of their activities are accomplished.
- Set-up systems to assure the communication and repeatability of the processes as described by management. You have a lot of flexibility in documentation for new requirements. Put what you need to have in place for control, but don’t overdo it! Many companies are doing this my modifying existing processes (i.e., management review)
- Check your system using your internal audit system.
- Perform a management review.
- If you are still concerned about your approach, contact us and set-up a pre-assessment. While we can’t consult, we can certainly identify areas of nonconformance and opportunities for improvement.
The Difference Maker Movement that Platinum supports was started by a young boy named Kylan when he was just 9 years old, because, in his words, he wanted to change the world. He met some very special people who believed he could. Kylan’s desire is to show others that no matter your age or income, you can make a difference to someone. It could be someone in your neighborhood, in your school, or around the world.
Colorado is so lucky to have this young philanthropist in our midst. His work has been recognized by local news and by our Governor in the creation of Difference Maker Day
Did you know that anyone can be a Difference Maker? For ideas on how you can impact your community, visit the Difference Maker website.