Understanding of ISO 9001:2015

Sabar Kembaren
Date: 01 March 2017

PT. CATUR DAYA SOLUSI

1
Agenda

01 Why Change to ISO 9001:2015

02 How to build QMS

03 Quality Awareness

04 Understanding requirements and implementation

05 Summary

2
INTRODUCTION

PT. CATUR DAYA SOLUSI

3
PT. CATUR DAYA SOLUSI
4
01

• Why Change
to ISO
9001:2015

5
 Pre-Course
Discussion

Reasons For The Changes (2)

• Decrease the emphasis on Documentation

• Increase the emphasis on Achieving Value for the Organization and

its customers

• Increase emphasis on Risk Management to achieve objectives

PT. CATUR DAYA SOLUSI

6
Future Relevance of ISO 9001:2008
(9001 WW Survey Result)

Pre-Course
Discussion

PT. CATUR DAYA SOLUSI

7
World-wide Survey - Key User Inputs

• ISO 9001, as it is, must change to continue

be relevant
• Integrate with other MSS (EMS etc.)
• Provide one integral approach to the
management of the organization for
Leadership commitment & understanding,
strategic planning, management buy-in
• Need to work with ISO/CASCO and IAF to
ISO Input
For Future ensure efficiency/effectiveness of audits and
address problems in certification audits
• Include tools and risk management

Pre-Course
Discussion

PT. CATUR DAYA SOLUSI

8
Summary Changes (Based on ISO9001:2015)

• New revision process for ISO 9001:2015 already underway

• Major changes likely
• Update ISO 9001 to reflect modern business practices, changing business
environment etc, since last major revision
• Provide more emphasis on achieving product conformity
• Simplification of language
• Improve compatibility with other management system standards
• Validation projects will be undertaken with users
• Scheduled publication date is September 2015
• We will be working closely with IAF to define transition policy at the
appropriate time

PT. CATUR DAYA SOLUSI

9
 QMS ISO9001: 2015

 Competence The organization implementing a QMS would have to

identify the "competence" necessary for personnel doing work that
affects its quality performance, as well as ensuring that those
personnel are competent to do so. Competence would be defined as
the "ability to apply knowledge and skills to achieve intended results".

 Documented Information The terms "document“ and "record" used in

ISO 9001: 2008 would both be replaced throughout the new
requirements by the phrase "documented information".

PT. CATUR DAYA SOLUSI

10
 QMS ISO9001: 2015

 External Provision of Goods and Services An organisation would be

required to take a risk based approach to determine the type and extent of
controls appropriate to all types of external provider (whether it is by purchasing
from a supplier, for example, or through the outsourcing of processes and
functions, etc.) and all external provision of goods and services.

 Exclusions There would no longer be any requirement to identify any QMS

requirements that could not be applied due to the nature of the organisations
business (clause 1.2 in ISO 9001: 2008). This is because a different approach
has been taken to the way in which the requirements of the revised version of
ISO 9001 have been stated, so there would no longer be any reasons for an
organization’s QMS not to be able to meet all the requirements of the future
standard.

PT. CATUR DAYA SOLUSI

11
 QMS ISO9001: 2015

 Goods & Services Reference to "product" (as in ISO 9001 : 2008)

would be replaced by the phrase "goods and services".
 lmprovement The term "continual improvement" would be changed to
just "improvement".

 lnterested Parties An organization seeking to implement a QMS would

have to determine who are the "interested parties" relevant to its QMS,
as well as identifying what the requirements of those interested parties
are. An interested party (also referred to as a "stakeholder") would be
defined as any person or organization that can affect, be affected by, or
perceive themselves to be affected by a decision or activity of the
organization implementing the QMS.

PT. CATUR DAYA SOLUSI

12
 QMS ISO9001: 2015

 Preventive Action There would no longer be a specific requirement

for "preventive action". This main reason given for this is that one of
the key purposes of a QMS is to act as a preventive tool anyway.

 Process Approach There would be a specific requirement for

organizations to apply a process approach to their QMS as well as a
list of requirements identifying the essential elements of such an
approach.

PT. CATUR DAYA SOLUSI

13
 QMS ISO9001: 2015

 Risks and Opportunities When planning for its QMS the organization
would have to identify the risks and opportunities that need to be
addressed to ensure that the QMS can achieve its intended outcome(s).
Having done this, the organization would have to plan actions to address
these risks and opportunities, integrate and implement them into its QMS
processes and evaluate the effectiveness of these actions.

 ISO 9001: 2008 Transition The current intention is that the transition
period for users of ISO 9001: 2008 to transfer to the new version of this
Standard would be three years , though this has still to be formally
ratified.

PT. CATUR DAYA SOLUSI

14
02

• How to Build
QMS?

15
 Key terms and definitions

Management ?
“Coordinated activities to direct and
control an organization”

Quality Management ?
“Management with regard to
quality”
Quality Management System ?
“Management system with regard
to quality”

PT. CATUR DAYA SOLUSI

16
Key concepts (1): Process
With what? With who?
(resources) (responsibilities,
authorities)

Inputs?
(what, Outputs?
from PROCESS (what,
whom) to whom)

How done? What results?

(criteria, methods/controls (monitoring, measurements,
documentation) performance indicators)

PT. CATUR DAYA SOLUSI

17
 Key concepts (2): Process Approach
A Coherent System:

(Interactions)
Activities
understood
Understanding (Outputs) and managed as
(Inputs) interrelated
requirements
processes
Process
Intended
results

Consistent,
predictable results
Processes adding value Meeting requirements
Processes providing effective performance Customer satisfaction
Improvements (through evaluation) of data/information
PDCA (process) methodology

PT. CATUR DAYA SOLUSI

18
• Questions:
• Who is the owner of Process?

PT. CATUR DAYA SOLUSI

19
2
0 Process Classification

Monitoring, Measure,
Management
Analysis
Process
and Improvement Process

Interested Interested
Parties Core Process/ Parties
/Customers Realization Process /Customers

Supporting Process

PT. CATUR DAYA SOLUSI

20
Common Process explore from ISO-MS

•Management & Planning •Supporting Process

- Setup Policy, Objective and Target
- Business Risk Analysis/SWOT
- Management Review
MMA Process
- NC Corrective Action
- Internal Audit
- Customer Satisfaction Measurement
- Documented Information Process (prev. Control
of document and records)
- Control of infrastructure
- Corrective and preventive maintenance
- Recruitment
- Training & Human Development
- Waste control
Realization Process (Depend of Organization)
- Production

- Accident Investigation - In-Process Inspection

- Final Inspection
- Warehouse
- Complaint Handling
- Etc.

PT. CATUR DAYA SOLUSI

22
03

• Quality
• Awareness

23
What is quality?
Kaoru Ishikawa
• Quality mean customer satisfaction
(1915 – 1989)

Philip Bayard Crosby • Quality mean Compliance with requirements

(1926-2001):

Joseph Moses Juran • Quality mean Compliance with user

(1904 – 2008)

William Edwards • Comply and Exceed expectation and need of customer and
continuous improvement
Deming (1900-1993)

ISO 9001 • Degree to which a set of inherent characteristics (3.5.1) fulfils

requirements (3.1.2)

PT. CATUR DAYA SOLUSI

24
Quality Management System Evolution

ZERO DEFECT CONTINUOSLY &

(ISO 9001:2015)
Q Performance
INTERESTED PARTIES SATISFCATION
SUSTANAIBILITY
(ISO 9001:2008)
CUSTOMERS SATISFCATION CONSISTENTLY
QUALITY
MANAGEMENT
ZERO DEFECT CONTINUOSLY &
CUSTOMERS SATISFCATION
Quality
Assurance PERFORMANC E
ZERO DEFECT CONTINUOSLY
Quality Control

ZERO DEFECT
COMPLIANCE
Quality Inspection

Non Quality Culture

Time

PT. CATUR DAYA SOLUSI

25
Copyright © 2013 BSI. All rights reserved. 2
6
 ISO 9000 Series evolution

ISO 9001 historical change

BS 5750 1st edition : 2nd edition : 3rd edition : 4th edition : 5th edition :
ISO 9001:1987 ISO 9001:1994 ISO 9001:2000 ISO 9001:2008 ISO 9001:2015
Part 2:1979
ISO 9002:1987 ISO 9002:1994
ISO 9003:1987 ISO 9003:1994

PT. CATUR DAYA SOLUSI

27
04

• Understanding
Requirements
and
implementation

28
 High Level Structure Process Flow – QMS ISO9001: 2015

PLAN DO CHECK ACT

4 Context of the 9 Performance

5 Leadership 6 Planning 7 Support 8 Operation 10 Improvement
organization Evaluation

Actions to Monitoring, Nonconformity

Understanding of Operational
Leadership and measurement,
the organization address risk and Resources planning and and corrective
and its context commitment control
analysis and
opportunity evaluation action

Determination of
Expectations of Quality objectives market needs and
interactions with
Continual
interested Policy and planning to Competence Internal audit
achieve them customers improvement
parties

Operational
Roles, planning process
Scope of the Planning Management
responsibilities Awareness
QMS Changes review
and authorities

Control of external
provision of
Quality goods and services
Management Communication
System
Development of
goods and services

Documented
information
Production of goods and
provision of services

TEN CLAUSES
Release of goods and
services

Nonconforming
goods and services

PT. CATUR DAYA SOLUSI

29
Context of the
Organization

4
1. Understanding the organization and its context
Q:2008 : 4.1, 4.2.2, 5.2
2. Understanding the needs and expectation of interested parties

3. Determining the scope of the quality management system

4. Quality management system (QMS)

PT. CATUR DAYA SOLUSI

30
 4.1. Understanding the organization and its
context
4.2. Understanding the needs and expectations of interested parties
“SOLUTION FOR YOUR BUSINESS

Citizens The Organization Competitors

Customers Management Media
• Top Management
Distributors Commentators
• Those accountable
Shareholders for Quality policy Trade groups
Investors and implementation Neighbors
Those who implement
Owners Pressure groups
and maintain the QMS
Insurers • Those who maintain Emergency services
Government QMS and risk Other response
procedures
Regulators agencies
Other Staff
Recovery service Transport services
Contractors
suppliers Staff dependents
4.3. Determining the scope of the QMS
4.4. QMS and its Processes
Understanding the needs and expectations of
interested parties
There will be many people, entities, and organizations which will be either
interested in or have an impact on, the environmental performance of the
organization and its activities.
It is important to consider who is affected or involved in the environmental
related activity
Employees Company
Recruitment and
Decision
retention Makers
Competitors Competitive
advantage Informed
decisions
Owners and
Financial
Access to Community
Input Costs capital
Organization
Supply Chain
Regulatory
Constraints Changing
markets

Reputational Social Customers

Risk license to
Government operate

Non-
governmental Communities
organisations

PT. CATUR DAYA SOLUSI

32
Understanding the needs and expectations
of interested parties

What are the stakeholder’s needs and expectations?

An organization is expected to gain a general (i.e. high-level, not detailed)
understanding of the expressed needs and expectations of those internal and
external interested parties that have been determined by the organization to
be relevant

Which ones become obligations?

Some interested party are mandatory because they have been incorporated
into laws, regulations, permits and licenses by governmental or even court
decision.
The organization may decide to voluntarily agree to or adopt other
requirements of interested parties

PT. CATUR DAYA SOLUSI

33
 Determining the scope
The scope is - physical boundaries and organizational boundaries

It is not permissible to exclude activities, products and services from the

control of the EMS if included within the identified scope

When determining the scope, the organisation shall considered:

• External and internal issues
• Compliance obligations
• Organizational units, functions and physical boundaries
• Activities, products and services
• Authority and ability to exercise control and influence
A scope statement must be documented and made available to
interested parties

PT. CATUR DAYA SOLUSI

34
Leadership

5
1.Leadership and Commitment

Q:2008 : 5.1, 5.3, 5.5 2.Policy

3.Organizational role, responsibility and authoritirs

PT. CATUR DAYA SOLUSI

35
 Leadership and
commitment for the
quality management
system
5.1. Leadership and
commitment

Customer focus

5. Leadership 5.2. Policy

5.3. Organizational
roles,
responsibilities and
authorities

PT. CATUR DAYA SOLUSI

36
5.2 Policy
Top management shall establish, implement and maintain an environmental policy

appropriate to the purpose includes a commitment includes a commitment to fulfil

and context of the organization to continual improvement its compliance obligations

communicated, understood maintained as provides a framework for setting

and applied within the documented information objectives
organization
available to interested
parties

PT. CATUR DAYA SOLUSI

37
5.3 Organizational roles, responsibilities and authorities
Top management shall ensure that the responsibilities and authorities for relevant
roles are assigned and communicated within the organization.
Top management shall assign the responsibility and authority for:
a) ensuring that the management system conforms to the requirements of this
International Standard;
b) reporting on the performance of the management system, including
environmental performance, to top management
Common

b) ensuring that the processes are delivering their intended outputs;

d) ensuring the promotion of customer focus throughout the organization;
e) ensuring that the integrity of the quality management system is maintained
when changes to the quality management system are planned and
implemented.
QMS

PT. CATUR DAYA SOLUSI

38
Planning

6
Q:2008 : 4.1, 5.4.1, 5.4.2, 6.4,
7.1, 7.2, 7.3, 7.4, 7.5
1.Actions to address risk and
opportunities
2.QMS Objectives and planning to
achived them
3.Planning Change

PT. CATUR DAYA SOLUSI

39
 Clause 6: Planning
6.1. Actions to address risks and opportunities
6.2. Quality objectives and planning to achieve them
6.3. Planning of changes

4.1

Issues

6.1
Determine risks and opportunities

9.2

6.1
Plan actions to address risks and opportunities

PT. CATUR DAYA SOLUSI

40
 Risk Analysis

Risk Risk Risk

Assessment Management Monitoring

Process
Identification Control It
Level

Share or Activity
Measurement
Transfer It Level

Diversify or
Prioritization Entity Level
Avoid It

PT. CATUR DAYA SOLUSI

41
 Risk assessment tools
Simple risk estimator

Severity of loss
Likelihood of loss Slight Moderate Extreme

Very unlikely Very low risk Very low risk High risk

Unlikely Very low risk Medium risk Very high risk

Likely Low risk High risk Very high risk
Very likely Low risk Very high risk Very high risk

PT. CATUR DAYA SOLUSI

42
 Current Future
Situation progressing Situation

Risk Analysis
Risk A
Objectives A Vision
OBJECTIVE AND EFFORT OF THE WHOLE
INSTITUTION Risk B
Objectives B Mission

Risk C
Objectives C Organization
objectives

Performance
indicators
Copyright © 2013 BSI. All rights reserved.
6.3. ‘Planning of Changes’

• Planning/implementing QMS changes (6.3),

• Controlling operational changes, planned and unintentional (8.1)
• Addressing unplanned changes affecting products & services (8.5.6)
• See also 7.1.6 Organizational knowledge - for addressing changing needs
and trends, with respect to knowledge

PT. CATUR DAYA SOLUSI

44
Support

7
1.Resources

2.Competence

Q:2008 : 4.2, 5.5.1, 5.5.3, 6.1, 6.2, 6.3, 7.2.3 3.Awareness

4.Communication

5.Documented information

PT. CATUR DAYA SOLUSI

45
7.1 Resources
Human resources - specialized skills and knowledge
Natural resources
Infrastructure - organization’s buildings, equipment,
underground tanks and drainage system
Technology and financial resources.

PT. CATUR DAYA SOLUSI

46
7.1.6 Organizational knowledge
The organization shall determine the knowledge necessary for the operation of its
processes and to achieve conformity of products and services.
This knowledge shall be maintained and be made available to the extent
necessary.
When addressing changing needs and trends, the organization shall consider its
current knowledge and determine how to acquire or access any necessary
additional knowledge and required updates.

NOTE 1 Organizational knowledge is knowledge specific to the organization; it is generally gained by

experience. It is information that is used and shared to achieve the organization’s objectives.
NOTE 2 Organizational knowledge can be based on:
a) internal sources (e.g. intellectual property; knowledge gained from experience; lessons learned from
failures and successful projects; capturing and sharing undocumented knowledge and experience; the
results of improvements in processes, products and services);
b) external sources ( e.g. standards; academia; conferences; gathering knowledge from customers or
external providers).

PT. CATUR DAYA SOLUSI

47
7. 2 Competency
The organization shall:
a) determine the necessary competence of person(s) doing work under
its control that affects its environmental performance and its ability to
fulfil its compliance obligations; person(s) doing work under its
control that affects the performance and effectiveness of the QMS
b) ensure that these persons are competent on the basis of appropriate
education, training or experience;
c) determine training needs associated with quality management
system;
d) where applicable, take actions to acquire the necessary
competence, and evaluate the effectiveness of the actions taken.

PT. CATUR DAYA SOLUSI

48
7.3 Awareness

The organization shall ensure that persons doing work under the organization’s
control are aware of:
a) the quality policy;
b) their contribution to the effectiveness of the environmental management
system, including the benefits of enhanced quality performance; effectiveness
of QMS,
d) the implications of not conforming with the quality management system
requirements, including not fulfilling the organization’s compliance obligations

PT. CATUR DAYA SOLUSI

49
 Interaction
Job roles-Competency-Training-Promotion

Job Roles,
Organization
Responsibility
Structure
and Authority

Promotion &
Career Impact, Risk &
development Opportunity
Company
Business evaluation
Standard of result
Planning
Competency Gap of
Level Competency Suggestion
analysis from
Competency Department
Level
Measurement Training Need
Analysis
Applicable
Training Legal
Effectiveness Training
Evaluation Plan
Training
PT. Execution
CATUR DAYA SOLUSI
50
7.4 Communication

Internal communication and

External communication
Equal treatment
Decide on communicating significant aspects
externally
Consistent and reliable communications

The organization shall determine the internal and external communications

relevant to the IMS management system, including:
a) on what it will communicate;
b) when to communicate;
c) with whom to communicate;
d) how to communicate;
e) who communicates.

PT. CATUR DAYA SOLUSI

51
7.5 Documented information

Focus on the implementation of the quality management

system and on quality performance, not on a complex
documented information control system.

Documented information does not require manual, and

may be integrated with other information management
systems implemented by the organization.

Documented information can include:

 paper
 electronic documents maintained on computers and
remote servers.

PT. CATUR DAYA SOLUSI

52
Operation

8
1. Operational Planning and Control
2. Determination of market needs and interactions with customers
3. Operational planning process
4. Control of external provision of goods and services
5. Development of goods and services
Q : 6.4, 7.1, 7,3, 7.5.1, 7.5.2,
6. Production of goods and provision of services
8.2, 8.3
7. Release of goods and services
8. Nonconforming goods and services

9.

PT. CATUR DAYA SOLUSI

53
Operational Planning and Controls

Operational Planning and Controls should:

1. Plan, implement and control the processes (see 4.4) needed to meet
the requirements for the provision of products and services (QMS)
2. To implement the actions identified in 6.1 and 6.2, by:
– — establishing operating criteria for the process(es);
– — implementing control of the process(es), in accordance with the
operating criteria.
3. The organization shall control planned changes and review the
consequences of unintended changes, taking action to mitigate any
adverse effects, as necessary.
• The organization shall ensure that outsourced processes are
controlled or influenced. The type and extent of control or influence to
be applied to the process(es) shall be defined within the environmental
management system.

PT. CATUR DAYA SOLUSI

54
 Performance
Evaluation

9
1.Monitoring, measurement, analysis and
evaluation
2.Internal Audit
Q: 2008 : 5.6, 8.2, 8.3, 8.4
3.Management Review

PT. CATUR DAYA SOLUSI

55
Performance evaluation

Global performance Results analysis

indicators Evaluated
and performance
Determine performance
evaluation
monitoring
required Performance
indicators specific to
an activity or piece of Conformity
equipment evaluation to
operational
requirements

Non-conformity
management
Commitment
Compliance confirmation Objectives
obligations and authority to
act

PT. CATUR DAYA SOLUSI

56
 INTERNAL AUDITS
Confirm:
“SOLUTION FOR YOUR BUSINESS

QMS confirms to the requirements of the standard

QMS Properly implemented and maintained
QMS Effectiveness
Provide information to management
Identify opportunities for improvement

!!! Selection of auditors and conduct of audits shall ensure

objectivity and impartiality
Management review

Involve Top Management

• Determine if QMS is
• Continuingly Suitable
• Adequate
• Effective
• Determine if QMS needs to be CHANGED

NEED:
- Management Review Schedule
- Documented Minutes

PT. CATUR DAYA SOLUSI

58
 MANAGEMENT REVIEW
CONSIDER: WHAT NEEDS
TO CHANGE?
“SOLUTION FOR YOUR BUSINESS

Previous actions/
status
! !
External/ Opportunities (C.I)
internal issues

N/C’s,
corrective actions

Monitoring/
Measurement
REVIEW
Changes to QMS
Audit results

Customer satisfaction

External providers

Adequacy of
Resource needs
resources

QMS performance

Risks and
opportunities

Continual Doc. Information

improvement (C.I)
Communication
Improvement

Q : 8.5.1, 8.5.2, 8.5.3

10 1.Nonconformity and corrective action

2.Continual Improvement

PT. CATUR DAYA SOLUSI

60
Improvement: Nonconformity and
corrective action

PT. CATUR DAYA SOLUSI

61
Nonconformity and corrective actions

“React” to the non-conformity:

Actions to control it
Deal with the “consequences
Eliminate the cause
Review
Determining their cause
Other similar nonconformities do or potentially could exist
Implement actions
Review the effectiveness
Changes if necessary to the QMS

PT. CATUR DAYA SOLUSI

62
05

• Summary

63
Summary
• Building process of organization based on organization needed
• New management system standard based on HLS
• Context organization to sustainability of organization
• Leadership engagement
• Planning including risk and opportunity and in aligned with objective, target
and program
• Support process deeper in organizational knowledge management,
managing of work environment, awareness, communication, and
documented information
• Operation: control all aspect influence quality to meet quality by clearly
determined requirement of process, proper operational control,
preservation and after services)
• Performance evaluation on QMS including quality performance,
achievement of target, management performance
• Improvement including control of NC

PT. CATUR DAYA SOLUSI

64
Any Questions?

PT. CATUR DAYA SOLUSI

65