Management Responsibility has always been a part of ISO 9001, as it is intended to be a Top Management-supported and implemented Quality Management System. It’s no surprise, then, that ISO 9001:2015 has management responsibilities. With that said, there have been changes to the standard, specifically around Top Management and Leadership.
That Was Then
In the past, management had an identified management representative to handle communication of the QMS and top management to employees. This representative is no longer a requirement of the standard.
This is Now
ISO 9001:2015 now requires Top Management to be more engaged in the overall management and functioning of the QMS. While Section 5 of ISO 9001:2015 called “Leadership” hasn’t changed significantly, it has been expanded and includes several items that must be addressed by Top Management including:
- Having accountability for the effectiveness of the QMS;
- Ensuring the organization’s quality policy and quality objectives are identified and communicated;
- Ensuring that the QMS is aligned with its business processes;
- Promoting and communicating the QMS throughout the organization, including the process approach, risk-based thinking and effectiveness;
- Ensuring that resources are identified and available;
- Ensuring that the QMS achieves the intended results;
- Engaging, directing and supporting employees to contribute to the effectiveness of the QMS.
It is ultimately the responsibility of Top Management to ensure the QMS is functioning properly and meeting the goals and expectations set by management, but the individual responsibilities listed above can be delegated.
Who’s in Charge Anyway?
Now, does this mean that Executive Management is required to “run” the QMS?
Clearly, they need to be involved in setting the pace for the organization with the quality policy, organizational objectives, assessing risk and opportunities, and overall communication of the QMS. They also need to understand the status of their system – how well it is meeting goals and the system’s overall effectiveness for assuring quality.
As with any organizational process, some of these items can be delegated to other personnel as necessary for the proper functioning of the system.
This involvement doesn’t mean that Executive Management functions as a manager of the QMS, but they do need to understand, drive, support and communicate the QMS for its usefulness. Top Management must be available for at least some part of 3rd party audits to go over objectives, risk/opportunities and effectiveness of the QMS. Level of involvement will depend on the complexity of the system developed and how it is implemented by the organization.
What Does ISO Want?
What ISO 9001:2015 really wants from Top Management is confirmation that they are accountable for answering the following:
- How the company is performing?
- What are risks to the organization?
- Where are the potential opportunities for the organization?
- Are organization goals being met?
- How effective are the processes implemented?
To Document or Not to Document: That is the Question
While the ISO 9001:2008 required organizations to have more documentation, ISO 9001:2015 actually requires less. It gives management the flexibility to decide what type and how much documentation the organization needs. Management is in control.
However, just because the new standard requires you to document less, that doesn’t necessarily mean that you should. There are still things to consider.
Unless you have a photographic memory, having your processes documented and available to discuss how the organization is adjusting to the system with your auditor will make running your organization a lot smoother. Only things that are defined can be improved. Good documentation can make your colleagues day-to-day life easier and help with problem resolution and improvement. Also remember: defined processes can be transferred to new employees with clarity, leaving a lot less room for things to slip through the cracks.
It really is an individual decision and comes down to how confident you and employees are with your new QMS and how stable and secure your organization is. The risk of under-documenting should be considered if that is the route you choose.
Questions from the Audience – What Do You Want to Know?
If there is a specific question or concern about ISO 9001:2015 that you’d like to see addressed in this article series, please contact us – we take requests!
For more information or to talk to a Platinum representative, email us at firstname.lastname@example.org or call (303) 639-9001