Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Pre-Course Notes
Improving performance,
reducing risk
Contents
Page
Introduction
10
Risk-based approach
16
The process-approach
21
26
27
Pre-course preparation
30
31
31
32
33
34
37
39
Note:
The following spelling is used throughout for consistency with the ISO 9000 series of
documents: Organization.
Page 1 of 62
Introduction
Introduction
Welcome to the Quality Management Systems Auditor/Lead Auditor training course.
Thank you for choosing LRQA.
We have designed the course to give you the knowledge and skills to perform audits of
management systems against ISO 9001 effectively and with confidence.
It meets the requirements of the International Register of Certificated Auditors (IRCA)
www.irca.org
Complete the course successfully and you will satisfy the formal training requirements
for IRCA certification to all grades of a Quality Management System auditor.
Course hours
Delegate assessment
We will fully explain at the start of the course the assessment criteria and
performance standards you need to achieve.
We will give you written feedback each day, and guidance on any improvements
needed.
You will complete a two hour written examination at the end of the course.
You must have some understanding of quality management principles and concepts
and knowledge of ISO 9001 requirements before starting the course. You may find
the Appendix useful to help your understanding of ISO 9001.
We are giving you this information in advance so we can make the course practical
and activity-based. This will help you to learn and make the course enjoyable.
This pack is part of your course notes.
What happens if I do not complete this pre-course work before the course
starts?
You will have missed a valuable opportunity to start building your knowledge.
You will almost certainly find it difficult to participate in some of the course exercises
and you will need to complete it in your own time in addition to your evening work.
You may well reduce your chance of successfully completing the course.
Page 2 of 62
Introduction
No, the course is not a test of memory but it will test your understanding. To be
successful you will need to apply this information during the course and show
during the exam that you understand the concepts covered in this pack. The exam
questions could relate to any aspect of this pre-course information, any aspects
covered on the course, and any requirements of ISO 9001.
During the exam you will be able to refer to a clean copy of ISO 9001 (i.e. one that
has not been annotated in any way). If appropriate you can also use a paper-based
bilingual dictionary. These are the only items permitted for reference.
Important
Please be sure you bring the completed pack and your personal copy of ISO 9001
with you when you attend the course.
Please complete your personal course objectives at the end of the pack. We will ask
you to present these at the start of the course.
Page 3 of 62
ISO 9001 and ISO 9004 are designed to complement each other, but can also be used
independently.
Most standards require periodic revision. Several factors combine to render a standard
out of date: technological evolution, new methods and materials, new quality and safety
requirements. To take account of these factors, ISO has established the general rule that
all ISO standards should be reviewed at intervals of not more than five years.
Page 4 of 62
Definitions
The following terms and definitions are quoted from ISO 9000 Quality management
systems - Fundamentals and vocabulary.
To help your understanding, we have grouped related terms together and separated
groups using this bullet symbol.
Quality
Degree to which a set of inherent characteristics of an object fulfils requirements.
System
Set of interrelated or interacting elements.
Management system
Set of interrelated or interacting elements of an organization to establish policies and
objectives and processes to achieve those objectives.
Quality management system
Part of a management system with regard to quality.
Process
Set of interrelated or interacting activities that use inputs to deliver an intended result.
Product
Output of an organization that can be produced without any transaction taking place
between the organization and the customer.
Procedure
Specified way to carry out an activity or a process.
Requirement
Need or expectation that is stated, generally implied or obligatory.
Nonconformity
Non-fulfilment of a requirement.
Correction
Action to eliminate a detected nonconformity.
for example rework.
Corrective action
Action to eliminate the cause of a nonconformity and to prevent recurrence.
Page 5 of 62
Context of an organization
Combination of internal and external issues that can have an effect on an organizations
approach to developing and achieving its objectives.
Interested parties
(stakeholder)
Person or organization that can affect, be affected by, or perceive itself to be affected
by a decision or activity.
Risk
Effect of uncertainty.
Page 6 of 62
Page 7 of 62
Page 8 of 62
Complete the Quality Management Principle and ISO 9001 cross reference section
that is part of the Verification of pre-course work section.
Page 9 of 62
Purpose
ISO 9001 introduces the concept of context of the organization to determine the
business environment of an organization. The concept of promoting the processapproach has been explicit and the concept of the risk-based approach has been implicit
in the previous edition of this International Standard. These three elements are the
basis inputs for a quality management system.
Determining the context of the organization is a new requirement of ISO 9001:2015.
The context of an organization is referred as Combination of internal and external
issues that can have an effect on an organizations approach to developing and
achieving its objectives.
Why is context important?
Because each organization is unique.
The intended purpose of a quality management system is to enable an organization to
consistently meet customer, statutory and regulatory requirements applicable to the
products and services it provides. Therefore a quality management system should be
designed and implemented to meet the specific needs of the organization, its
customers, its products and services and the business environment in which it operates
and the risks associated with that environment. This approach was promoted in ISO
9001:2008.
ISO 9001:2015 expands the concept of the organizational environment referenced in
ISO 9001:2008 to include not only the business environment, but also internal factors,
such as organizational culture, and external factors, such as socio-economic conditions
under which it operates. Moreover, ISO 9001:2015 moves from simply promoting such
an approach to introducing new and auditable requirements on context of the
organization.
Page 10 of 62
Drivers and trends that have an impact on the organization and its objectives.
Contractual relationships.
Issues are likely to change over time, some more slowly than others.
requirement is to monitor and review internal and external issues.
Hence the
Issues identified should be tested for relevance - are they relevant to the organizations
purpose and strategic direction, and do they have the ability to impact the quality
management systems intended results.
Page 11 of 62
Page 12 of 62
Page 13 of 62
As with ISO 9001:2008 where clause 4.1 follows the continual improvement cycle
(PDCA) and sets out general (high-level) requirements for the quality management
system, which are then developed in more detail in subsequent clauses, so it is with ISO
9001:2015. The significant new requirements throughout ISO 9001:2015 often have
their origins in clauses 4.1 and 4.2, in particular requirements to consider internal and
external issues and the associated risks and opportunities.
Planning for the quality management system Clause 6
ISO 9001:2015 requires that When planning for the quality management system, the
organization shall consider the issues referred to in 4.1 and the requirements of
interested parties referred to in 4.2 and determine the risks and opportunities that need
to be addressed.
The following slide illustrates the relationship between clause 4 Context of the
organization and clause 6 Planning for the quality management system.
Page 14 of 62
Plan
Plan
Act
Determine
scope of
your QMS
Do
considering:
External
issues
Check
Internal
issues
Risks
Opportunities
determine:
controlled by:
Interested
parties and
their
requirements
Purpose
Strategic
direction
Summary
Section 4 Context of the organization requires the organization to:
Determine external issues and internal issues that are relevant to its purpose and
strategic direction.
Determine the requirements of these interested parties that are relevant to the QMS.
These issues and requirements shall be considered when planning the quality
management system. The interrelating clauses of ISO 9001:2015 are 6.1 (actions to
address risks and opportunities) and 8.1 (Operational planning and control).
Typically actions to address risks and opportunities and actions needed to address the
needs of relevant interested parties will feature in the quality management system as
quality objectives and process criteria.
Page 15 of 62
The term risk is sometimes used when there is only the possibility of negative
consequences.
However, risk is generally interpreted as being about negative things whilst those
uncertainties that could bring additional benefits if they were to occur are known as
opportunities.
ISO 9001:2015 refers to risks and opportunities; so for general understanding its
reasonable to think of risk as negative and opportunity as positive.
For example, an organization may have identified changes in currency exchange rates as
an external issue that could lead to the risk of increasing the costs of materials and
components. The same issue could similarly open up opportunities to sell more
products in certain overseas markets.
As well as identifying and addressing negative threats, it is equally important to seek
and maximise opportunities, in order to optimise achievement of objectives. Some
opportunities come from removing threats, for example removing the threats that come
from being dependent upon a sole supplier could, through increased supplier
competition, create opportunity for reducing the cost of bought in items. Others are
pure opportunities unrelated to threats, which would produce real additional benefits if
they could be captured proactively and exploited.
Options to address risks and opportunities can include:
Avoiding risk.
Page 16 of 62
Page 17 of 62
Consider the issues and requirements and determine the risks and
opportunities that need to be addressed (6.1.1)
Plan actions to address these risks and opportunities and integrate and
implement the actions into the QMS processes (6.1.2) (8.1)
Plan how to evaluate the effectiveness of these actions (6.1.2)
Evaluate performance (9.1)
Review information, including trends and indicators on the
effectiveness of actions taken to address risks and opportunities (9.3)
Clause 6 (Planning) the organization is required to take action to identify risks and
opportunities.
Page 18 of 62
The organization is required to plan, implement and control the processes needed to
meet requirements and to implement the actions determined in clause 6.1 including by:
Following planning and implementation of actions to address risks and opportunities the
requirement is to evaluate the effectiveness of the actions taken. An organization may
do this by monitoring and measurement activities, as set out in clause 9.1 Monitoring,
measurement, analysis and evaluation. Here there is a requirement to retain appropriate
documented information as evidence of the results of monitoring and measurement
activities. Information on the quality performance is an input to management review of
the effectiveness of the actions taken to address risks and opportunities.
Page 19 of 62
Page 20 of 62
ACT
PLAN
CHECK
DO
This is the Plan-Do-Check-Act improvement cycle. You may hear it called the PDCA
cycle or the Deming cycle. You can apply it to all processes and you can use it to plan
and implement process change.
Plan Plan the improvement and plan how you will know if it has worked.
Act Act to maintain the improvement, address any shortfall and learn from
experience.
ISO 9001 aims to bring about continual improvement through the Plan-Do-Check-Act
cycle, which is embedded into ISO 9001 requirements.
Page 21 of 62
Page 22 of 62
Page 23 of 62
9.1.3 e)
9.3.2 c)
Requirement
Determine and apply the criteria and methods (including monitoring,
measurements and related performance indicators) needed to ensure
the effective operation and control of these processes.
Evaluate these processes and implement any changes needed to ensure
that these processes achieve their intended results.
Implementation of monitoring and measurement activities at
appropriate stages to verify that criteria for control of processes or
outputs, and acceptance criteria for products and services, have been
met.
Analyse and evaluate appropriate data and information arising from
monitoring and measurement. The results of analysis shall be used for
evaluation purposes.
Management review shall take into consideration information on the
performance and effectiveness of the quality management system,
including trends in:
3) process performance and conformity of products and services;
5) monitoring and measurement results.
The sequence above shows the PDCA cycle being applied through process monitoring
and measurement; leading to identification of process improvement opportunities as an
output of the review process.
ISO 9001:2015 clause 4.4 requirements
Organizations will need to demonstrate conformance with the requirements specified in
clause 4.4.1 of ISO 9001:2015; requirements 4.4.1 a) through to 4.4.1 h).
How an organization approaches demonstrating conformance and the extent to which
the organization uses documented information for this purpose will of course be up to
the organization, taking into consideration the context of the organization and the
needs of interested parties. One way would be to use a process template to provide a
documented overview of each process.
Page 24 of 62
The term conformity is used when discussing ISO management system standards in
preference to the term compliant, which is used when discussing statutory and
regulatory standards.
Effectiveness extent to which planned activities are realized and planned results
achieved.
Page 25 of 62
Applying a quality management system framework can help an organization meet the
current and future needs of its customers in an effective and efficient way, and ensure
that products and services consistently meet customer and regulatory requirements.
The achievement of certification to a standard by an independent body, or an award
against a recognised framework, provides public recognition that an organization meets
those standards, and can be a useful marketing tool.
Page 26 of 62
The diagram illustrates the relationship between customers and the supplying
organization. On the left-hand we have customer requirements. In the middle we have
the organization supplying the customer. On the right-hand we have the customers
perception as to whether the organization has met their requirements and of course the
products and/or services delivered.
The numbers are referring to the clauses in the standard:
4. Context of the organization (Plan)
Purpose: Clauses 4.1 and 4.2 help organizations to identify the variables that could
impact on their ability to carry out their operational activities and achieve their goals.
Using this information, organizations can prepare for a range of eventualities.
Clauses 4.3 and 4.4 ensure that organizations have all of the processes in place they
need for their management system to work effectively, given the unique characteristics
of their business.
Page 27 of 62
5. Leadership (Plan)
People do what their managers pay attention to. If meeting customer and regulatory
requirements, enhancing customer satisfaction and improvement of systems and
processes are important to top management, these will be the things they pay attention
to, and so will get done. Section 5 describes specific requirements for how top
management make their commitment to, and prioritising of, the customer and the
quality management system, and how they support these commitments in a practical
sense.
6. Planning (Plan)
This section is all about transforming ideas and words into tangible goals and actions, to
ensure that things get done, and making sure that changes are implemented in a
managed and coordinated way.
7. Support (Plan, D, C, A)
The purpose of this section is to make sure that all the processes and the people
operating them that are needed for the management system have the resources and
support they need to operate properly; including the tools and equipment, competent
people and up-to-date information.
8. Operation (Do)
This section covers the processes through which your organization provides products
and services for your customers. Its likely that most of what you do as an organization
is covered by the requirements in this section. Its purpose is to ensure that your
operational activities are planned and controlled systematically, so they work properly
and enable you to deliver products and services that meet customers needs and
expectations.
9. Performance evaluation (Check)
To ensure that all the processes in the management system are delivering their intended
results, and that the processes interact effectively in the overall system.
10. Improvement (Act)
The purpose of this section is to close the loop, making sure that improvements
identified in section 9 are implemented, which can be both reactive and proactive, and
that improvement objectives are fed back into plans (section 6).
Page 28 of 62
Page 29 of 62
Before attending the course you are required to have knowledge of the requirements of
ISO 9001.
Depending on your previous knowledge and experience, you may find it useful to
complete the following activities before the course, to consolidate your existing
knowledge and understanding:
1. Read through the guide to ISO 9001 requirements that is in the appendix to this
document.
2. Select some of the sections from the guide, maybe those that you are less familiar
with and find out what processes and procedures your own organization uses to
address these requirements. Now compare these with the requirements as they are
detailed in ISO 9001.
3. Review some of the internal and external audit reports for your organization, and
compare their findings with the relevant sections of ISO 9001.
4. Look at your organizations quality policy, quality objectives and documented
information, and compare their contents with the relevant ISO 9001 requirements.
5. If available, look at the inputs and outputs from your organizations management
review. How do they meet the requirements of 9.3.2 and 9.3.3? What is your
organization seeking to improve?
Page 30 of 62
Introduction to Auditing
Purpose
This section introduces some basic concepts of auditing. It contains essential
information, which you should know and understand before attending the course.
Read this section carefully. You will have an opportunity during the course to clarify any
points with the trainer.
Audit
Systematic, independent and documented process for obtaining audit evidence and
evaluating it objectively to determine the extent to which audit criteria are fulfilled.
Audit evidence
Records, statements of fact or other information, which are relevant to the audit criteria
and verifiable.
Audit criteria
Set of policies, procedures or requirements used as a reference against which objective
evidence is compared.
Auditor
Person who conducts an audit.
Audit team
One or more auditors conducting an audit, supported, if needed, by technical experts.
Note one auditor of the audit team is appointed as the audit team leader.
Technical expert
Person who provides specific knowledge or expertise to the audit team.
Audit client
Organization or person requesting an audit.
Auditee
Organization being audited.
Page 31 of 62
Audit programme
Set of one or more audits planned for a specific time frame and directed towards a
specific purpose.
Audit plan
Description of the activities and arrangements for an audit.
Audit scope
Extent and boundaries of an audit.
First party or internal audit is the term used when the auditor works for the
organization being audited. First party audits are used for internal purposes. The
person managing the audit programme will decide the scope of the audit.
Second party or supplier audit is the term used when the auditor works for the
client buying from the auditee. Second party audits are used to help select and
monitor suppliers. The audit client will decide the scope of the audit.
Third party or independent audit is the term used when the auditor works for an
independent auditing organization. For example those carrying out certification
audits. The auditee organization may include all of its products within the audit, or
it may want to limit the audit to a selected range. The independent audit body will
audit all applicable parts of the organizations quality management system and
evaluate conformance with all applicable requirements of ISO 9001.
Note determining conformity with ISO 9001 or another recognised standard is the
primary purpose of a third party audit.
Page 32 of 62
Organizations.
Accreditation bodies audit certification bodies against the requirements of ISO 17021
Conformity assessment Requirements for bodies providing audit and certification of
management systems.
Accredited certification bodies will generally follow the guidelines contained in ISO
19011 Guidelines for auditing management systems.
ISO 19011 is a guidance document whereas ISO 17021 is an auditable document. And
where ISO 17021 only applies to certification bodies, ISO 19011 is also referenced by
many organizations operating first party (internal) or second party (supplier) audit
systems.
There is no statutory requirement for certification bodies to be accredited, but the
credibility of certification can be greatly undermined if they are not. Using an accredited
certification body gives stakeholders the assurance that:
Certified organizations have systems and processes that enable them to consistently
meet the requirements of their customers, and of ISO 9001;
Certified organizations are audited regularly to ensure that they continue to conform
to requirements, and certification will be withdrawn if they do not.
Page 33 of 62
TERM
Def.
DEFINITION
Specified way to carry out an activity or a
process.
Management system.
Procedure.
Action to eliminate
nonconformity.
Corrective action.
Nonconformity.
Process.
Set of interrelated
elements.
Non-fulfilment of a requirement.
Effect of uncertainty.
or
detected
interacting
2. In the space below, describe the difference between correction and corrective action
and give an example of each.
Page 34 of 62
4. Complete this cross reference guide by identifying five specific requirements in ISO
9001 that support each of the quality management principles listed below.
Quality Management
Principle
Customer focus
Leadership
Engagement of people
Improvement
Evidence-based
Decision Making
Page 35 of 62
5. With reference to this pre-course work and ISO 9001, who has overall responsibility
for the organizations quality policy and quality objectives?
6. With reference to this pre-course work and ISO 9001 describe in the space below
the purpose of Management review.
-----------------------------------------------------------------------------------------------------------------
Page 36 of 62
What you need to do to meet the IRCA requirements for Auditors. You may find it
beneficial to visit the IRCA website for more details of the requirements for
becoming an IRCA certificated auditor www.irca.org
Any other expectations which you or your employer have from the course.
Please now write your personal objectives using the form on the next page and bring it
with you to the course.
Page 37 of 62
Company:
QMS Auditor/ Lead Auditor
My current auditing experience is: (please give a brief description of your auditing
experience including the type of audits you have completed or been involved in).
My future auditing role will be: (please give a brief description of how you see
your role as an auditor developing in the future and include also the type of audits
you expect to be involved in).
My objectives for the course are: (please list between three and five specific
things that you want to be able to do as a result of completing the course).
No
Dont know
Please take a copy of this page and bring it with you to the course. You will be asked to
discuss and present your course objectives to your group and LRQA trainer.
Page 38 of 62
Page 39 of 62
1 Scope
This section describes the overall purpose of ISO 9001, which can be thought of as a
tool to help organizations to:
Consistently provide products and services that meet customer and regulatory
requirements.
Enhance customer satisfaction.
Improve the quality management system.
2 Normative references
Some of the terms used in ISO 9001 are defined in a document called ISO 9000. This
document also describes the quality management principles that underpin ISO 9001
requirements, so this is a useful document to refer to.
Page 40 of 62
Guidance
We often use the term issue in a negative context, focussing on problems. But in this
context an issue can be seen as an important topic or characteristic, which might have
positive or negative implications for the organization.
External issues might include political, financial, economic, social, technological,
legal/regulatory and environmental.
Internal issues would include the size, structure and locations of the organization, its
values and culture, how it performs, its internal resources, including the competence
and demographics of the workforce, the nature of plant and equipment, IT resources
etc.
Issues are likely to change over time, some more slowly than others. Hence the
requirement is to monitor and review internal and external issues.
Issues identified should be tested for relevance - are they relevant to the organizations
purpose and strategic direction and could they impact the quality management systems
intended results?
Page 41 of 62
Page 42 of 62
Guidance
A process is something that happens; all activities are processes or parts of processes. A
well designed process will deliver its intended results and fit snugly with the other
processes in the system. This requirement encourages organizations to consciously and
deliberately design and manage processes so that collectively they achieve the purpose,
strategy and results the organization desires.
Processes needed for the quality management system would include:
Operational processes needed to produce products and services for customers.
Support processes to facilitate operational processes.
Externally-facing processes that connect the management system with the wider
world (e.g. interfaces with customers, suppliers, regulators and other interested
parties).
Other processes needed to fulfil ISO 9001 requirements, including processes to
determine external and internal issues and interested parties, processes to monitor
and review issues and interested parties, management review etc.
5 Leadership
People do what their managers pay attention to. If meeting customer and regulatory
requirements, enhancing customer satisfaction and improvement of systems and
processes are important to top management and seen to be so, these will be the things
people pay attention to and so will get done. Section 5 describes specific requirements
for how top management communicate their commitment to the customer and the
quality management system and how they support these commitments in a practical
sense.
This section supports the Plan phase of the Plan-Do-Check-Act cycle.
5.1.1. General
Purpose: To get top management to show leadership for the quality management
system.
Requirements
This section assigns some specific responsibilities that top management must personally
carry out, i.e. that cannot be delegated. These include:
Taking accountability for the effectiveness of the quality management system, in
other words, the buck stops here and top management are expected to take full
ownership for the quality management system.
Promoting risk-based thinking, the process approach and improvement.
Communicating the importance of adhering to quality management system
requirements.
Engaging and directing others to contribute to the effectiveness of the quality
management system and supporting them to do so.
Supporting other leaders and managers in the organization to show leadership in
relation to the quality management system.
QMS Auditor/Lead Auditor
Page 43 of 62
There are some further requirements for which top management have overall
responsibility and accountability, but where the use of the word ensure means that
they can delegate or involve others in these areas. These include:
Ensuring that quality is an integral part of the business, supporting the business
strategy; that quality policy, objectives and processes are aligned with the business
strategy and context and are fully integrated into business management systems and
operational processes.
Making sure that the resources needed for the quality management system to
achieve its intended results are available, including people, premises, plant,
equipment, IT etc.
Making sure the system achieves the intended results and taking action if it does
not.
Guidance
Top management is defined as the person or group of people who directs and controls
an organization at the highest level (but if the scope of the quality management
system covers only part of an organization then top management refers to those who
direct and control that part of the organization) (ISO 9000).
In practice, top management need to be hands-on and show tangible leadership for
quality as an integral part of their business strategy. They need to involve themselves in
the Plan-Do-Check-Act cycle, planning the goals and intended results, implementing
and resourcing the plan, checking, monitoring and measuring and reviewing
performance and taking decisions and acting on the performance data to ensure the
quality management system achieves its intended results.
Page 44 of 62
5.2 Policy
Purpose: For top management to communicate their intent in relation to quality and to
give focus and direction for the organization and what it should achieve.
Requirements
Top management should:
Establish and document a quality policy that:
Reflects the organizations strategy and context and provides long term direction.
Includes top managements commitment to meet customer and regulatory
requirements and to continual improvement.
Is a high-level document from which specific objectives can be derived.
Communicate the policy throughout the organization and to other interested parties
if needed.
Ensure there is a way of checking that people understand what the policy means and
that the policy has been effectively applied.
Page 45 of 62
6 Planning
This section is all about transforming ideas and words into tangible goals and actions, to
ensure that things get done and making sure that changes are implemented in a
managed and coordinated way.
This section supports the Plan phase of the Plan-Do-Check-Act cycle.
Page 46 of 62
Page 47 of 62
7 Support
The purpose of this section is to make sure that all the processes needed for the
management system and the people operating those processes, have the resource and
support they need to operate properly, from tools and equipment to competent people
and up to date information.
This section supports all phases of the Plan-Do-Check-Act cycle.
7.1 Resources
Purpose: To make sure all the resources are in place for the processes to operate
effectively and deliver the results needed.
Requirements
The organization needs to work out what resources are needed, including to maintain
and improve the quality management system and whether those resources already exist
internally, or if they need to be obtained from outside.
They then need to provide the resources required, including:
People.
Infrastructure (buildings, utilities, plant and equipment, IT, etc.)
Environment in which processes can operate. This could include physical factors
needed to ensure conformity of product and service, such as heat, light, cleanliness
etc. and human factors such as the social and psychological environment needed for
people to perform their roles.
Organizational knowledge and learning, including intellectual property and lessons
learned that can be shared across the organization.
Guidance
The environment for the operation of processes could include processes that are
conducted off-site, such as at a customers premises.
Organizational knowledge includes what the organization needs to know today,
including lessons learned from previous experience. It is important when implementing
changes or forward planning to identify what additional knowledge the organization
will need and how it will obtain this.
Page 48 of 62
7.2 Competence
Purpose: To make sure people can do their jobs properly and achieve the results
needed.
Requirements
Identify what competencies are required for people doing work for which the
organization is responsible (including employees, suppliers of outsourced processes,
sub-contractors, agency staff etc).
Make sure that people are competent and have the training, education and
experience required.
Where there are competence gaps, take action to acquire the competence and
check that the actions worked.
Keep records of competence.
7.3 Awareness
Purpose: If people are clear about whats expected they are more likely to do it.
Requirements
To make sure that people doing work for the organization know about the quality policy
and objectives and their role in making sure the quality management system is effective,
including the need for improvement and the implications of not conforming to the
quality management system.
7.4 Communication
Purpose: To make sure people know what they need to know.
Requirements
Decide what needs to be communicated, inside and outside the organization, who will
communicate, when, how and to whom.
Page 49 of 62
Page 50 of 62
8 Operation
This section covers the processes through which organizations provide products and
services for their customers. Its likely that most of what your organization does is
covered by the requirements in this section. Its purpose is to ensure that operational
activities are planned and controlled systematically, so they work properly and enable
organizations to deliver products and services that meet customers needs and
expectations.
This section supports the Do phase of the Plan-Do-Check-Act cycle.
Page 51 of 62
Page 52 of 62
Page 53 of 62
Page 54 of 62
Page 55 of 62
Page 56 of 62
Page 57 of 62
9 Performance evaluation
This section is intended to ensure that all the processes in the management system are
delivering their intended results and that the processes interact effectively in the overall
system.
This section supports the Check phase of the Plan-Do-Check-Act cycle.
Page 58 of 62
Page 59 of 62
Page 60 of 62
10 Improvement
The purpose of this section is to close the loop, making sure that improvements
identified in section 9 are implemented, which can be both reactive and proactive, and
that improvement objectives are fed back into plans (section 6).
This section supports the Act phase of the Plan-Do-Check-Act cycle.
10.1 General
Purpose: To drive improvement.
Requirements
Identify what needs to be improved in order to better meet customer needs and
enhance their satisfaction, including:
Current or future improvements to products and services.
Resolving existing problems and preventing others.
Improving processes and the overall quality management system so that it works
better.
Guidance
All the information from section 9 would feed into the identification of what needs to
be improved, particularly through the management review process.
Page 61 of 62
Page 62 of 62