ISO/CEN PARALLEL PROCESSING
This
draft has been developed within the International Organization for Standardization
(ISO), and processed under the ISO Lead mode of collaboration as
defined in the Vienna Agreement. This
draft is hereby submitted to the ISO member bodies and To the CEN member bodies
for a parallel five month enquiry. Should
this draft be accepted, a final draft, established on the basis Of comments received,
will be submitted to a parallel two-month approval vote in ISO and formal
vote in CEN. To
expedite Distribution, this document is circulated as received from the committee
secretariat. ISO Central Secretariat work of editing and Text composition
will be undertaken at publication stage.
Quality Management systems — Requirements
Systèmes de management de la qualité — Exigences
Reference
number
ISO/DIS
9001:2014(E)
DRAFT
INTERNATIONAL STANDARD
ISO/DIS 9001
THIS
DOCUMENT IS A DRAFT CIRCULATED FOR
COMMENT AND APPROVAL. IT IS THEREFORE
SUBJECT TO CHANGE AND MAY NOT
BE REFERRED TO AS AN INTERNATIONAL STANDARD
UNTIL PUBLISHED AS SUCH. IN
ADDITION TO THEIR EVALUATION AS BEING
ACCEPTABLE FOR INDUSTRIAL, TECHNOLOGICAL,
COMMERCIAL AND USER
PURPOSES, DRAFT INTERNATIONAL STANDARDS
MAY ON OCCASION HAVE TO BE
CONSIDERED IN THE LIGHT OF THEIR POTENTIAL
TO BECOME STANDARDS TO WHICH
REFERENCE MAY BE MADE IN NATIONAL
REGULATIONS. RECIPIENTS
OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS
OF WHICH THEY ARE AWARE AND TO PROVIDE
SUPPORTING DOCUMENTATION.
ISO/TC 176/SC 2 Secretariat:
BSI ISO/DIS 9001:2014(E) ii © ISO 2014 – All rights reserved
ISO copyright
office : Case postale 56 •
CH-1211 Geneva 20 Tel. + 41 22 749 01
11
Fax + 41 22 749 09
47 E-mail
copyright@iso.org Web www.iso.org
Reproduction may be
subject to royalty payments or a licensing agreement.
Violators may be
prosecuted.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
141 Foreword
142 ISO (the International Organization for Standardization) is a
worldwide federation of national standards
143 bodies (ISO member bodies). The work of preparing
International Standards is normally carried out
144 through ISO technical committees. Each member body interested
in a subject for which a technical
145 committee has been established has the right to be represented
on that committee. International
146 organizations, governmental and non-governmental, in liaison
with ISO, also take part in the work. ISO
147 collaborates closely with the International Electrotechnical
Commission (IEC) on all matters of
148 electrotechnical standardization.
149 The procedures used to develop this document and those
intended for its further maintenance are
150 described in the ISO/IEC Directives, Part 1. In particular the
different approval criteria needed for the
151 different types of ISO documents should be noted. This
document was drafted in accordance with the
152 editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
153 Attention is drawn to the possibility that some of the
elements of this document may be the subject of
154 patent rights. ISO shall not be held responsible for
identifying any or all such patent rights. Details of
155 any patent rights identified during the development of the
document will be in the Introduction and/or
156 on the ISO list of patent declarations received (see www.iso.org/patents).
157 Any trade name used in this document is information given for
the convenience of users and does not
158 constitute an endorsement.
159 For an explanation on the meaning of ISO specific terms and
expressions related to conformity
160 assessment, as well as information about ISO's adherence to
the WTO principles in the Technical
161 Barriers to Trade (TBT) see the following URL: Foreword - Supplementary information
162 The committee responsible for this document is Technical
Committee ISO/TC 176, Quality
163 management and quality
assurance, Subcommittee SC2, Quality systems.
This 5th edition of ISO 9001 cancels and replaces the 4th 164
edition (ISO 9001:2008). This new edition
165 represents a technical revision compared to the earlier
edition, through the adoption of a revised
166 clause sequence, the adaptation of the revised "quality
management principles" and of new concepts.
167
168 NOTE TO THIS TEXT (which will not
be included in the published International Standard):
169
170 This text has been prepared using
the “high-level structure” (i.e. clause sequence, common text and terminology)
171 provided in Annex SL, Appendix 2
of the ISO/IEC Directives, Part 1, Consolidated ISO Supplement, 2013. This is
172 intended to enhance alignment
among ISO’s management system standards, and to facilitate their
173 implementation for organizations
that need to meet the requirements of two or more such standards
174 simultaneously.
175
176 The clause sequence of ISO
9001:2008 has been changed to be consistent with “Annex SL”. The text of Annex
177 SL is highlighted in the main
body of the text (clauses 1 to 10) by the use of blue font. This is only to facilitate
178 analysis and will not be
incorporated in the final version of ISO 9001.
179
180 This new harmonized approach
allows for the addition of discipline-specific (in this case quality-specific)
text
181 which has been applied by
including the following:
182
183 a) specific quality management
system requirements considered essential to meet the scope of the ISO
184 9001 standard;
185 b) text to reflect the use of the
Quality Management Principles that form the basis for ISO’s quality
186 management system standards;
187 c) requirements and notes to clarify and ensure consistent
interpretation and implementation of the
188 common text in the context of a
quality management system.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 6 ISO/TC 176/SC2/WG24/N111
189 Introduction
190 0.1 General
191 The adoption of a quality management system ought to be a
strategic decision for an organization. A
192 robust quality management system can help an organization to
improve its overall performance and
193 forms an integral component of sustainable development
initiatives. The design and implementation of
194 an organization's quality management system is influenced by
the context of the organisation and the
195 changes in that context, particularly with respect to:
196 a) its specific objectives;
197 b) the risks associated with its context and objectives;
198 c) the needs and expectations of its customers and other
relevant interested parties;
199 d) the products and services it provides;
200 e) the complexity of processes it employs and their
interactions;
201 f) the competence of persons within or working on behalf of
the organization;
202 g) its size and organizational structure.
203 The context of an organization can include internal factors
such as organizational culture, and external
204 factors such as the socio-economic conditions under which it
operates; consequently all the
205 requirements of this International Standard are generic but the
ways in which they are applied can
206 differ from one organization to another. Accordingly, it is
not the intent of this International Standard to
207 imply the need for uniformity in the structure of different
quality management systems, or uniformity of
208 documentation to align to the clause structure of this
International Standard, or to impose specific
209 terminology to be used within the organization.
210 The quality management system requirements specified in this
International Standard are
211 complementary to requirements for products and services.
212 Information marked “NOTE” is for guidance in understanding or
clarifying the associated requirement.
213 This International Standard can be used by internal and
external parties, to assess the organization's
214 ability to consistently meet customer, statutory and
regulatory requirements applicable to the products
215 and services it provides, the organization's own requirements
and its aim to enhance customer
216 satisfaction.
217 0.2 The ISO standards for quality management
218 This International Standard is one of the three core standards
in the ISO portfolio of quality
219 management system standards.
220
221 ISO
9000 Quality management systems —
Fundamentals and vocabulary provides
an essential
222 background for the proper understanding and implementation of
this International Standard. The
223 quality management principles described in detail in ISO 9000
were developed by ISO/TC 176,
224 and have been taken into consideration during the development
of this International Standard.
225 These principles are not requirements in themselves, but they
form the foundation of the
226 requirements specified by this International Standard. An
outline of the quality management
227 principles is included in an Annex B to this International
Standard.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 7 ISO/TC 176/SC2/WG24/N111
ISO 9001 (this International Standard) specifies
requirements aimed primarily at 228 giving confidence
229 in the products and services provided by an organization and
thereby improving customer
230 satisfaction (see clause 1 Scope). Its proper implementation
can also be expected to bring other
231 organizational benefits such as improved internal
communication, better understanding and
232 control of the organization’s processes, and reduction in
defects and waste.
233
234 ISO
9004 Managing for the sustained
success of an organization - A quality management
235 approach provides guidance for organizations that choose to
progress beyond the requirements of
236 this International Standard to address a broader range of
topics that can lead to continual
237 improvement of the organization's overall performance. ISO
9004 includes guidance on a self238
assessment methodology for an organization to be able to evaluate
the level of maturity of its
239 quality management system.
240
241 Other standards that have been developed to support the
implementation of a quality management
242 system include those in the ISO 10000 number range. These
include guidelines on customer
243 satisfaction, quality plans, quality management in projects,
configuration management, measurement
244 processes and measuring equipment, documentation, financial
and economic benefits of quality
245 management, training, statistical techniques, the involvement
and competence of people, selection of
246 quality management system consultants and auditing of
management systems. These standards are
247 described further in Annex C of this International Standard.
248 0.3 Process approach
249 Consistent and predictable results are achieved more
effectively and efficiently when activities are
250 understood and managed as interrelated processes that function
as a coherent system. This
251 International Standard promotes the adoption of a process
approach when developing, implementing
252 and improving the effectiveness of a quality management system,
to enhance customer satisfaction by
253 meeting customer requirements. Clause 4.4 of this
International Standard includes specific
254 requirements considered essential to the adoption of a process
approach.
255 The process approach applies systematic definition and
management of processes and their
256 interactions so as to achieve the intended results in
accordance with the quality policy and strategic
257 direction of the organization. Management of the processes and
the system as a whole can be
258 achieved using a “Plan-Do-Check-Act” (PDCA) methodology (see
0.4) with an overall focus on “Risk259
based thinking" aimed at preventing undesirable outcomes (see
0.5).
260 When used within a quality management system, the process
approach ensures:
261 a) understanding and consistently meeting requirements;
262 b) consideration of processes in terms of added value;
263 c) the achievement of effective process performance;
264 d) improvement of processes based on evaluation of data and
information.
265 Figure 1 illustrates the process linkages between clauses 4 to
10 of this International Standard. This
266 shows that customers play a significant role in defining the
input requirements that the organization
267 needs to meet at all stages of its quality management system.
In addition, the needs and expectations
268 of other relevant interested parties can also play a role in
defining those requirements. Monitoring of
269 customer satisfaction requires the evaluation of information
relating to customer perceptions as to
270 whether the organization has met these requirements.
271 The schematic model shown in Figure 1 covers all the
requirements of this International Standard, but
272 does not show the individual processes at a detailed level.
Each of these processes, and the system
273 as a whole, can be managed using the PDCA methodology
described in clause 0.4 of this
274 International Standard.
275
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 8 ISO/TC 176/SC2/WG24/N111
277 Figure 1 - Model of a
process-based quality management system, showing the links to the
278 clauses of this International
Standard
279
281 The methodology known as “Plan-Do-Check-Act”
(PDCA) can be applied to all processes and to the
282 quality management system as a whole.
The clauses of this International Standard broadly follow the
283 PDCA cycle which can be briefly
described as follows:
284
285 ¾ Plan: establish the objectives of the
system and its component processes, and the resources
286 needed to deliver results in accordance with customers’
requirements and the organization’s
287 policies.
288 ¾ Do: implement what was planned.
289 ¾ Check: monitor and (where applicable)
measure processes and the resulting products and
290 services against policies, objectives and requirements, and
report the results.
291 ¾ Act: take actions to improve process
performance, as necessary.
292 Figure 2 shows schematically how a single process within the
quality management system can be
293 managed using the PDCA cycle.
294
295
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 9 ISO/TC 176/SC2/WG24/N111
296
297 Figure 2 - Schematic
representation of a single process within the system
298
299 0.5 “Risk-based thinking”
300 Risk is the effect of uncertainty on an expected result and
the concept of risk-based thinking has
301 always been implicit in ISO 9001. This International Standard
makes risk-based thinking more explicit
302 and incorporates it in requirements for the establishment,
implementation, maintenance and continual
303 improvement of the quality management system. Organizations
can choose to develop a more
304 extensive risk-based approach than is required by this
International Standard, and ISO 31000
305 provides guidelines on formal risk management which can be
appropriate in certain organizational
306 contexts.
307
308 Not all the processes of the quality management system
represent the same level of risk in terms of
309 the organization’s ability to meet its objectives, and the
consequences of process, product, service or
310 system nonconformities are not the same for all organizations.
For some organizations, the
311 consequences of delivering nonconforming products and services
can result in minor inconvenience to
312 the customer; for others, the consequences can be far-reaching
and fatal. “Risk-based thinking”
313 therefore means considering risk qualitatively (and, depending
on the organization’s context,
314 quantitatively) when defining the rigour and degree of
formality needed to plan and control the quality
315 management system, as well as its component processes and
activities.
316
317 0.6 Compatibility with other management system
standards
318 This International Standard has adopted the “high-level
structure” (i.e. clause sequence, common text
319 and common terminology) developed by ISO to improve alignment
among its International Standards
320 for management systems. An explanation of some of the key
elements of the “high level structure” and
321 some of the key changes introduced in this International
Standard is provided in Annex A.
322
323 This International Standard defines the requirements in an
order that is consistent with organizational
324 planning and process management, i.e.:
325
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 10 ISO/TC 176/SC2/WG24/N111
¾ Understanding the context of the organization, its
quality management system 326 and processes
327 (Clause 4)
328 ¾ Leadership,
policy and responsibilities (Clause 5)
329 ¾ Processes
for planning and consideration of risks and opportunities (Clause 6)
330 ¾ Processes
for support, including resources, people and information (Clause 7)
331 ¾ Operational
processes related to customers and products and services (Clause 8)
332 ¾ Processes
for performance evaluation (Clause 9)
333 ¾ Processes
for improvement (Clause 10).
334 It is important to emphasize, however, that organizations are
not required to follow an identical clause335
by-clause sequence when defining their quality management system,
and they are encouraged to use
336 the Process Approach as described in clauses 0.3 to 0.5 of
this International Standard.
337
338 This International Standard does not include requirements
specific to other management systems,
339 such as those for environmental management, occupational
health and safety management, or
340 financial management. However, this International Standard
enables an organization to use the
341 process approach, coupled with the PDCA methodology and
risk-based thinking to align or integrate
342 its quality management system with the requirements of other
management system standards as it
343 sees fit. It is possible for an organization to adapt its
existing management system in order to address
344 the requirements of this International Standard.
345 A matrix showing the correlation between the clauses of this
International Standard and ISO
346 9001:2008 can be found on the ISO/TC 176/SC2 open access web
site at:
347 www.iso.org/tc176/sc02/public.
348 [Note to this DIS: The matrix
will only be available after the June meeting of ISO/TC 176/SC2/WG23]
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 11 ISO/TC 176/SC2/WG24/N111
ISO (the International Organization for Standardization) is a
worldwide federation of 349 national standards
350 bodies (ISO member bodies). The work
of preparing International Standards is normally carried out
351 through ISO technical committees.
Each member body interested in a subject for which a technical
352 committee has been established has
the right to be represented on that committee. International
353 organizations, governmental and
non-governmental, in liaison with ISO, also take part in the work. ISO
354 collaborates closely with the
International Electrotechnical Commission (IEC) on all matters of
355 electrotechnical standardization.
356 International Standards are drafted
in accordance with the rules given in the ISO/IEC Directives,
357 Part 2.
358 The main task of technical
committees is to prepare International Standards. Draft International
359 Standards adopted by the technical
committees are circulated to the member bodies for voting.
360 Publication as an International
Standard requires approval by at least 75 % of the member bodies
361 casting a vote.
362 Attention is drawn to the possibility
that some of the elements of this document may be the subject of
363 patent rights. ISO shall not be held
responsible for identifying any or all such patent rights.
364 ISO 9001 was prepared by Technical
Committee ISO/TC 176, Quality
management and Quality
365 Assurance, Subcommittee SC 2, Quality Systems.
366 This second/third/... edition cancels
and replaces the first/second/... edition (), [clause(s) / subclause(s)
367 / table(s) / figure(s) / annex(es)]
of which [has / have] been technically revised.
368 Copyright notice
369 This ISO document is a Draft
International Standard and is copyright-protected by ISO. Except as
370 permitted under the applicable laws
of the user's country, neither this ISO draft nor any extract from
371 it may be reproduced, stored in a
retrieval system or transmitted in any form or by any means,
372 electronic, photocopying, recording
or otherwise, without prior written permission being secured.
373 Requests for permission to reproduce
should be addressed to either ISO at the address below or
374 ISO's member body in the country of
the requester.
375 ISO copyright office
376 Case postale 56 CH-1211 Geneva 20
377 Tel. + 41 22 749 01 11
378 Fax + 41 22 749 09 47
379 E-mail copyright@iso.org
380 Web www.iso.org
381 Reproduction may be subject to
royalty payments or a licensing agreement.
382 Violators may be prosecuted.
383 Quality management systems —
Requirements
384 1 Scope
385 This International Standard specifies requirements for a
quality management system where an
386 organization:
387 a) needs to demonstrate its ability to consistently provide
product or service that meets customer and
388 applicable statutory and regulatory requirements, and
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 12 ISO/TC 176/SC2/WG24/N111
b) aims to enhance customer satisfaction through the effective
application of the 389 system, including
390 processes for continual improvement of the system and the
assurance of conformity to customer and
391 applicable statutory and regulatory requirements.
392 All requirements of this International Standard are generic
and are intended to be applicable
393 to all organizations, regardless of type, size and product
provided.
394 NOTE 1 In this International
Standard, the terms “product” or “service” only apply to products and services
395 intended for, or required by, a
customer.
396 NOTE 2 Statutory and regulatory
requirements can be expressed as legal requirements.
397 2 Normative references
398 There are no normative
references. This clause is included to maintain clause numbering alignment
399 with other ISO management
system standards,
400 3 Terms and definitions
401 For the purposes of this document,
the following terms and definitions apply.
402 3.01
403 Organization
404 person or group of people that has
its own functions (3.25) with
responsibilities, authorities and
405 relationships to achieve its objectives (3.08)
406 Note 1 to entry: The concept of
organization includes, but is not limited to sole-trader, company, corporation,
firm,
407 enterprise, authority, partnership, association, charity
or institution, or part or combination thereof, whether
408 incorporated or not, public or
private.
409 [SOURCE: ISO DIS 9000:2014, 3.2.1]
410 3.02
411 Interested party
412 person or organization (3.01) that can affect, be affected by, or
perceive themselves to be affected by
413 a decision or activity
414 EXAMPLE Customers (3.26),
owners, people in an organization (3.01), suppliers (3.27),
bankers, unions,
415 partners or society that may
include competitors or opposing pressure groups.
416 [SOURCE: ISO DIS 9000:2014, 3.2.4]
417 3.03
418 Requirement
419 need or expectation that is stated,
generally implied or obligatory
420 Note 1 to entry: “Generally implied”
means that it is custom or common practice for the organization (3.01) and
421 interested parties (3.02) that the
need or expectation under consideration is implied.
422 Note 2 to entry: A specified
requirement is one that is stated, for example in documented information (3.11).
423 Note 3 to entry: A qualifier can be
used to denote a specific type of requirement e.g. product (3.47) requirement,
424 quality management (3.30) requirement, customer (3.26) requirement, quality
requirement.
425 Note 4 to entry: Requirements can
be generated by different interested
parties (3.02).
426 Note 5 to entry: It can be
necessary for achieving high customer
satisfaction (3.57) to fulfil an expectation of
a
427 customer (3.26) even if it is neither stated nor generally
implied or obligatory.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 13 ISO/TC 176/SC2/WG24/N111
[SOURCE: ISO DIS 428 9000:2014, 3.5.4]
429 3.04
430 Management system
431 set of interrelated or interacting
elements of an organization (3.01) to
establish policies (3.07) and
432 objectives (3.08) and processes (3.12)
to achieve those objectives
433 Note 1 to entry: A management system
can address a single discipline or several disciplines e.g. quality
434 management (3.30), financial management (3.29) or
environmental management.
435 Note 2 to entry: The management system
elements establish the organization’s
(3.01) structure, roles and
436 responsibilities, planning,
operation, policies (3.07), practices, rules, beliefs, objectives (3.08) and
processes
437 (3.12) to achieve those objectives.
438 Note 3 to entry: The scope of a
management system may include the whole of the organization (3.01), specific
439 and identified functions (3.25) of the organization, specific and identified sections of the organization, or one or
440 more functions across a group of organizations.
441 [SOURCE: ISO DIS 9000:2014, 3.4.2.1]
442 3.05
443 Top Management
444 person or group of people who
directs and controls an organization
(3.01) at the highest level
445 Note 1 to entry: Top management has
the power to delegate authority and provide resources within the
446 organization (3.01).
447 Note 2 to entry: If the scope of the
management system (3.04) covers only
part of an organization (3.01), then top
448 management refers to those who direct and control that part of the organization.
449 [SOURCE: ISO DIS 9000:2014, 3.1.1]
450 3.06
451 Effectiveness
452 extent to which planned activities
are realized and planned results achieved
453 [SOURCE: ISO DIS 9000:2014, 3.7.7]
454 3.07
455 policy
456 intentions and direction of an organization (3.01), as formally expressed by its top management (3.05)
457 [SOURCE: ISO DIS 9000:2014, 3.4.5]
458 3.08
459 Objective
460 result to be achieved
461 Note 1 to entry: An objective can be
strategic, tactical, or operational.
462 Note 2 to entry: Objectives can
relate to different disciplines (such as financial, health and safety, and
463 environmental goals) and can apply
at different levels (such as strategic, organization-wide, project, product
464 (3.47), service (3.48), and process (3.12)).
465 Note 3 to entry: An objective can be
expressed in other ways, e.g. as an intended outcome, a purpose, an
466 operational criterion, as a quality (3.37) objective, or by the use of other words with similar
meaning (e.g. aim,
467 goal, or target).
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 14 ISO/TC 176/SC2/WG24/N111
Note 4 to entry: In the context of quality management systems (3.33), quality objectives 468
are set by the
469 organization (3.01),
consistent with the quality policy (3.34), to
achieve specific results.
470 [SOURCE: ISO DIS 9000:2014, 3.7.1]
471 3.09
472 Risk
473 effect of uncertainty on an expected result
474 Note 1 to entry: An effect is a
deviation from the expected — positive or negative
475 Note 2 to entry: Uncertainty is the
state, even partial, of deficiency of information (3.50) related
to, understanding
476 or knowledge (3.53) of, an event, its consequence, or likelihood.
477 Note 3 to entry: Risk is often
characterized by reference to potential “events” (as defined in ISO Guide
73:209,
478 3.5.1.3) and “consequences” (as
defined in ISO Guide 73:2009, 3.6.1.3), or a combination of these.
479 Note 4 to entry: Risk is often
expressed in terms of a combination of the consequences of an event (including
480 changes in circumstances) and the
associated “likelihood” (as defined in ISO Guide 73:2009, 3.6.1.1) of
481 occurrence.
482 Note 5 to entry: The term “risk” is
sometimes used when there is only the possibility of negative consequences
483 [SOURCE: ISO DIS 9000:2014, 3.7.4]
484 3.10
485 Competence
486 ability to apply knowledge (3.53)
and skills to achieve intended
results
487 Note 1 to entry: Demonstrated
competence is sometimes referred to as qualification.
488 [SOURCE: ISO DIS 9000:2014, 3.6.6]
489 3.11
490 Documented information
491 information (3.50) required to
be controlled and maintained by an organization (3.01) and the medium
492 on which it is contained
493 Note 1 to entry: Documented
information can be in any format and media and from any source.
494 Note 2 to entry: Documented
information can refer to:
495 - the quality management system (3.33), including related processes (3.12);
496 - information (3.50) created in order for the organization (3.01) to operate (documentation);
497 - evidence of results achieved (records).
498 [SOURCE: ISO DIS 9000:2014, 3.8.1.1.1]
499 3.12
500 Process
501 set of interrelated or interacting
activities which transforms inputs into outputs (3.46)
502 Note 1 to entry: Inputs to a
process are generally outputs (3.46) of other processes.
503 Note 2 to entry: In some processes,
some inputs become outputs (3.46) without any transformation e.g. a
504 blueprint used in a manufacturing
process or a catalyst in a chemical process.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 15 ISO/TC 176/SC2/WG24/N111
Note 3 to entry: Processes in an organization (3.01) are
generally planned and carried out 505
under controlled
506 conditions to add value.
507 Note 4 to entry: A process where
the conformity (3.18) of the resulting output (3.46) cannot be readily or
508 economically validated is
frequently referred to as a “special process”.
509 [SOURCE: ISO DIS 9000:2014, 3.6.1]
510 3.13
511 Performance
512 measurable result
513 Note 1 to entry: Performance can
relate either to quantitative or qualitative findings.
514 Note 2 to entry: Performance can
relate to the management (3.29) of activities, processes (3.12), products (3.47),
515 services (3.48), systems (3.31) or organizations
(3.01).
516 [SOURCE: ISO DIS 9000:2014, 3.7.5]
517 3.14
518 Outsource (verb)
519 make an arrangement where an
external organization (3.01) performs
part of an organization’s
520 function (3.25) or process (3.12)
521 Note 1 to entry: An external organization (3.01) is outside the scope of the management system (3.04), although
522 the outsourced function (3.25), or process (3.12), is within
the scope.
523 [SOURCE: ISO DIS 9000:2014, 3.6.3]
524 3.15
525 Monitoring
526 determining (3.67) the status
of a system (3.31), a process (3.12)
or an activity
527 Note 1 to entry: To determine the
status, there may be a need to check, supervise or critically observe.
528 Note 2 to entry: Monitoring is
generally a determination (3.67) of the object (3.36) being monitored, carried out
at
529 different stages or at different
times.
530 [SOURCE: ISO DIS 9000:2014, 3.13.1.2]
531 3.16
532 Measurement
533 process (3.12) to determine (3.67)
a value
534 Note 1 to entry: According to ISO
3534-2:2006 the value determined is generally the value of a quantity.
535 [SOURCE: ISO DIS 9000:2014, 3.13.3]
536 3.17
537 Audit
538 systematic and independent
process (3.12) for obtaining objective evidence (3.61)
and evaluating it
539 objectively to determine the extent
to which the audit criteria (3.60) are
fulfilled
540 Note 1 to entry: An audit can be an
internal audit (first party), or an external audit (second party or third
party),
541 and it can be a combined audit or a
joint audit.
542 Note 2 to entry: Internal audits,
sometimes called first-party audits are conducted by, or on behalf of, the
543 organization (3.01) itself for management (3.29) review (3.68) and other internal purposes,
and may form the
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 16 ISO/TC 176/SC2/WG24/N111
basis for an organization’s declaration of conformity (3.18). In
many cases, particularly in smaller 544
organizations,
545 independence can be demonstrated by
the freedom from responsibility for the activity being audited.
546 Note 3 to entry: External audits
include those generally called second and third-party audits. Second party
audits
547 are conducted by parties having an
interest in the organization (3.01), such as customers (3.26), or
by other
548 persons on their behalf.
Third-party audits are conducted by external, independent auditing
organizations such as
549 those providing
certification/registration of conformity (3.18) to
ISO 9001 or ISO 14001.
550 [SOURCE: ISO DIS 9000:2014, 3.10.1, modified – the definition
has been modified and the original
551 Note 1 to entry has been deleted]
552 3.18
553 Conformity
554 fulfilment of a requirement (3.03)
555 Note 1 to term: In English the word
'conformance' is synonymous but deprecated. In French the word 'compliance'
556 is synonymous but deprecated.
557 [SOURCE: ISO DIS 9000:2014, 3.5.6]
558 3.19
559 Nonconformity
560 Non-fulfilment of a requirement (3.03)
561 [SOURCE: ISO DIS 9000:2014, 3.5.5]
562 3.20
563 Corrective action
564 action to eliminate the cause of a nonconformity (3.19) and to prevent recurrence
565 Note 1 to definition: There can be
more than one cause for a nonconformity
(3.19).
566 Note 2 to entry: Corrective action
is taken to prevent recurrence whereas preventive action is taken to prevent
567 occurrence.
568 [SOURCE: ISO DIS 9000:2014, 3.11.2]
569 3.21
570 Continual improvement
571 recurring activity to enhance performance (3.13)
572 Note 1 to entry: The process (3.12) of establishing objectives (3.08) and
finding opportunities for improvement
573 (3.28) is a continual process through the use of audit findings (3.62) and
audit conclusions, analysis of data
574 (3.49), management (3.29) reviews (3.68) or other means and generally
leads to corrective action (3.21) or
575 preventive action.
576 3.22
577 Correction
578 action to eliminate a detected nonconformity (3.19)
579 Note 1 to entry: A correction can
be made in conjunction with a corrective action (3.21).
580 Note 2 to entry: A correction can
be, for example, rework or regrade.
581 [SOURCE: ISO DIS 9000:2014, 3.11.3]
582 3.23
583 Involvement
584 engagement in, and contribution to, shared objectives (3.08)
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 17 ISO/TC 176/SC2/WG24/N111
[SOURCE: ISO 585 10018:2012, 3.5]
586 3.24
587 Context of the organization
588 business environment
589 combination of internal and external factors and conditions
that can have an effect on an
590 organization's (3.01) approach to its products (3.47), services (3.48)
and investments and interested
591 parties (3.02)
592 Note 1 to entry: The concept of
context of the organization is equally applicable to not-for-profit or public service
593 (3.48) organizations (3.01) as
it is to those seeking profits.
594 Note 2 to entry: In English this
concept is often referred to by other phrases such as business environment,
595 organizational environment or
ecosystem of an organization (3.01).
596 [SOURCE: ISO DIS 9000:2014, 3.2.3]
597 3.25
598 Function
599 role to be carried out by a designated unit of the organization (3.01)
600 [SOURCE: ISO DIS 9000:2014, 3.2.5]
601 3.26
602 Customer
603 person or organization
(3.01) that could or does not
receive a product (3.47) or a service (3.48) is
604 intended for or required by this person or organization
605 EXAMPLES Consumer, client,
end-user, retailer, input to internal process (3.12), beneficiary and purchaser.
606 Note to entry: A customer can be
internal or external to the organization
(3.01). Customers outside of the
607 organization are external customers. The output (3.46) of each internal process (3.12) is the input of the next
608 process. The next process is the internal customer of the
preceding process.
609 [SOURCE: ISO DIS 9000:2014, 3.2.6]
610 3.27
611 Supplier
612 Provider
613 person or organization
(3.01) that provides a product (3.47)
or a service (3.48)
614 EXAMPLE Producer, distributor,
retailer or vendor of a product (3.47) or a service (3.48) or information (350).
615 Note 1 to entry: A provider can be
internal or external to the organization
(3.01).
616 Note 2 to entry: In a contractual
situation, a supplier is sometimes called a “contractor”.
617 [SOURCE: ISO DIS 9000:2014, 3.2.7]
618 3.28
619 Improvement
620 activity to enhance performance (3.13)
621 Note to entry: Improvement can be
achieved by a recurring or by a singular activity.
622 [SOURCE: ISO DIS 9000:2014, 3.3.1]
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 18 ISO/TC 176/SC2/WG24/N111
623 3.29
624 Management
625 coordinated activities to direct and control an organization (3.01)
626 Note 1 to entry: Management can
include establishing policies (3.07) and objectives (3.08) and
processes (3.12)
627 to achieve these objectives.
628 Note 2 to entry: The term “management”
sometimes refers to people, i.e. a person or group of people with
629 authority and responsibility for
the conduct and control of an organization (3.01).
When “management” is used in
630 this sense, it should always be
used with some form of qualifier to avoid confusion with the concept of
631 “management” as a set of activities
defined above. For example, “management shall…” is deprecated whereas
632 “top management (3.05)
shall…” is acceptable. Otherwise different words should be adopted to convey
the
633 concept when related to people e.g.
managerial or managers.
634 [SOURCE: ISO DIS 9000:2014, 3.3.2]
635 3.30
636 Quality management
637 management (3.29) with regard to quality (3.37)
638 Note to entry: Quality management generally
includes establishment of the quality policy (3.34) and
quality
639 objectives (3.45), quality planning, quality control, quality
assurance and quality improvement.
640 [SOURCE: ISO DIS 9000:2014, 3.3.2.1]
641 3.31
642 System
643 set of interrelated or interacting elements
644 [SOURCE: ISO DIS 9000:2014, 3.4.1]
645 3.32
646 Infrastructure
647 system (3.31) of facilities, equipment and services (3.48)
needed for the operation of an organization
648 (3.01)
649 3.33
650 Quality management system
651 management system (3.04) with regard to quality (3.5.2)
652 [SOURCE: ISO DIS 9000:2014, 3.4.1.2.1]
653 3.34
654 Quality policy
655 policy (3.07) related to quality (3.37)
656 Note 1 to entry: Generally the
quality policy is consistent with the overall policy (3.07) of the organization (3.01),
657 can be aligned with the organization’s vision and
mission and provides a framework for the setting of quality
658 objectives (3.45).
659 Note 2 to entry: Quality management (3.30)
principles presented in this International Standard can form a basis
660 for the establishment of a quality policy (3.34)
661 [SOURCE: ISO DIS 9000:2014, 3.4.5.1]
662 3.35
663 Strategy
664 planned activities to achieve an objective (3.08).
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 19 ISO/TC 176/SC2/WG24/N111
[SOURCE: ISO DIS 665 9000:2014, 3.4.8]
666 3.36
667 Object
668 entity
669 anything perceivable or conceivable
670 [ISO 1087-1:2000]
671 EXAMPLES Product (3.47), service (3.48), process (3.12), person, organization (3.01), system (3.31),
672 resource.
673 Note 1 to entry: Objects may be
material (e.g. an engine, a sheet of paper, a diamond), immaterial (e.g.
674 conversion ratio, a project plan)
or imagined (e.g. a unicorn).
675 [SOURCE: ISO DIS 9000:2014, 3.5.1]
676 3.37
677 Quality
678 degree to which a set of inherent characteristics (3.65) of an object (3.36) fulfils requirements (3.03)
679 Note 1 to entry: The term “quality”
can be used with adjectives such as poor, good or excellent.
680 Note 2 to entry: “Inherent”, as
opposed to “assigned”, means existing in the object (3.36).
681 [SOURCE: ISO DIS 9000:2014, 3.5.2]
682 3.38
683 Etatutory requirement
684 obligatory requirement
(3.03) specified by a legislative
body
685 [SOURCE: ISO DIS 9000:2014, 3.5.4.2]
686 3.39
687 Regulatory requirement
688 obligatory requirement
(3.03) specified by an authority
mandated by a legislative body
689 [SOURCE: ISO DIS 9000:2014, 3.5.4.3]
690 3.40
691 Defect
692 Nonconformity (3.19) related to an intended or specified use
693 Note 1 to entry: The distinction
between the concepts defect and nonconformity (3.19) is
important as it has legal
694 connotations, particularly those
associated with product (3.47) and service (3.48)
liability issues.
695 Note 2 to entry: The intended use
as intended by the customer (3.26) can be affected by the nature of the
696 information (3.50), such as operating or maintenance instructions,
provided by the supplier (3.27).
697 [SOURCE: ISO DIS 9000:2014, 3.5.5.1]
698 3.41
699 Traceability
700 ability to trace the history, application or location of an object (3.36)
701 Note 1 to entry: When considering a product (3.47) or a service (3.48), traceability can relate to:
702 - the origin of materials and parts;
703 - the processing history; and
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 20 ISO/TC 176/SC2/WG24/N111
- the distribution and location of the product (3.47) or service (3.48) 704 after
delivery.
705 Note 2 to entry: In the field of
metrology the definition in ISO/IEC GUIDE 99: 2007, is the accepted definition.
706 [SOURCE: ISO DIS 9000:2014, 3.5.8]
707 3.42
708 Innovation
709 process (3.12) resulting in a new or substantially changed object (3.36)
710
711 Note 1 to entry: The object (3.36) for the purpose of
innovation can be e.g. a management
system (3.04), a
712 process (3.12),a product (3.47), a service (3.48) or
technology.
713 [SOURCE: ISO DIS 9000:2014, 3.6.1.2]
714 3.43
715 Contract
716 binding agreement
717 [SOURCE: ISO DIS 9000:2014, 3.6.4]
718 3.44
719 Design and development
720 set of processes (3.12) that transforms requirements (3.03) for
an object (3.36) into more detailed
721 requirements
722 Note 1 to entry: The requirements (3.03)
forming input to design and development can be expressed in a broader,
723 more general sense than the
requirements forming the output (3.46) of design and development. In a
724 project there can be several design
and development stages.
725 Note 2 to entry: In English the
words “design” and “development” and the term “design and development” are
726 sometimes used synonymously and
sometimes used to define different stages of the overall design and
727 development. In French the words “conception”
and “development” and the term “conception et development” are
728 sometimes used synonymously and
sometimes used to define different stages of the overall design and
729 development.
730 Note 3 to entry: A qualifier can be
applied to indicate the nature of what is being designed and developed,
731 e.g. product (3.47) design and development, or process (3.12) design and development.
732 [SOURCE: ISO DIS 9000:2014, 3.6.5]
733 3.45
734 Quality objective
735 objective (3.08) related to quality (3.37)
736 Note 1 to entry: Quality objectives
are generally based on the organization's (3.01) quality policy (3.34).
737 Note 2 to entry: Quality objectives
are generally specified for relevant functions (3.25) and
levels in the
738 organization (3.01).
739 [SOURCE: ISO DIS 9000:2014, 3.7.1.1]
740 3.46
741 Output
742 result of a process (312)
743 Note 1 to entry “output”: There are
four generic output categories, as follows:
744 — services (e.g. transport);
745 — software (e.g. computer program,
dictionary);
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 21 ISO/TC 176/SC2/WG24/N111
— hardware (e.g. engine 746
mechanical part);
747 — processed materials (e.g. lubricant).
748
749 Many outputs comprise elements
belonging to different generic output categories. Whether the output is then
called
750 service, product, software,
hardware or processed material depends on the dominant element. For example, a
car consists
751 of hardware (e.g. tires), processed
materials (e.g. fuel, cooling liquid), software (e.g. engine control software,
driver's
752 manual), and service (e.g.
operating explanations given by the salesman).
753
754 Note 2 to entry “output”: The
ownership of a product can usually be transferred. This is not necessarily the
case for a
755 service.
756
757 [SOURCE: ISO DIS 9000:2014, 3.7.3]
758
759 3.47
760 Product
761 output (3.46) that is a result of activities where none of them
necessarily is performed at the interface
762 between the provider (3.27) and
the customer (3.26)
763 Note 1 to entry “product”: Hardware
is generally tangible and its amount is a countable characteristic. Processed
materials are
764 generally tangible and their amount
is a continuous characteristic. Hardware and processed materials often are
referred to as
765 goods. Software consists of
information and is generally intangible and can be in the form of approaches,
transactions or
766 documented information (3.11).
767
768 [SOURCE: ISO DIS 9000:2014, 3.7.3.1, modified – Note 1 to
entry has been modified]
769
770 3.48
771 Service
772 intangible output (3.46) that is the result of at least one activity
necessarily performed at the interface
773 between the provider and the customer
774 Note 1 to entry “service”:
Provision of a service can involve, for example, the following:
775 — an activity performed on a
customer-supplied tangible product (e.g. a car to be repaired);
776 — an activity performed on a
customer-supplied intangible product (e.g. the income statement needed to
prepare a tax
777 return);
778 — the delivery of an intangible
product (e.g. the delivery of information in the context of knowledge
transmission);
779 — the creation of ambience for the
customer (e.g. in hotels and restaurants);
780 A service is usually experienced by
the customer.
781 [SOURCE: ISO DIS 9000:2014, 3.7.3.2]
782
783 3.49
784 Data
785 facts about an object (3.36)
786
787 [SOURCE: ISO DIS 9000:2014, 3.8.1]
788
789 3.50
790 Information
791 meaningful data (3.49)
792 [SOURCE: ISO DIS 9000:2014, 3.8.1.1]
793 3.51
794 Objective evidence
795 data (3.49) supporting the existence or verity of something
796 Note 1 to entry: Objective evidence
may be obtained through observation, measurement (3.16),
test, or other
797 means.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 22 ISO/TC 176/SC2/WG24/N111
Note 2 to entry: Objective evidence for the purpose of audit (3.17) generally consists of
records, 798 statements of
799 fact or other information (3.50)
which are relevant to the audit
criteria (3.60) and verifiable
800 [SOURCE: ISO DIS 9000:2014, 3.8.1.2]
801 3.52
802 Information system
803 <QMS> network of communication channels used within an organization (3.01)
804 [SOURCE: ISO DIS 9000:2014, 3.8.2]
805 3.53
806 Knowledge
807 available collection of information (3.50)
being a justified belief and having a high certainty to be true
808 [SOURCE: ISO DIS 9000:2014, 3.8.3]
809 3.54
810 Verification
811 confirmation, through the provision of objective evidence (3.51), that specified requirements (3.03)
812 have been fulfilled
813 Note 1 to entry: The objective
evidence needed for a verification can be the result of an inspection or of
other
814 forms of determination (3.67)
such as performing alternative calculations or reviewing documented information
815 (3.11).
816 Note 2 to entry: The activities
carried out for verification are sometimes called a qualification process (3.12)
817 Note 3 to entry: The word “verified”
is used to designate the corresponding status.
818 [SOURCE: ISO DIS 9000:2014, 3.8.5, modified – Note 1 to entry
has been modified]
819 3.55
820 Validation
821 confirmation, through the provision of objective evidence,
that the requirements (3.03) for a specific
822 intended use or application have been fulfilled
823 Note 1 to entry: The objective evidence (3.51)
needed for a validation is the result of a test or other form of
824 determination (3.67) such as performing alternative calculations or
reviewing documented information (3.11).
825 Note 2 to entry: The word “validated”
is used to designate the corresponding status.
826 Note 3 to entry: The use conditions
for validation can be real or simulated.
827 [SOURCE: ISO DIS 9000:2014, 3.8.6, modified – Note 1 to entry
has been modified]
828 3.56
829 Feedback
830 opinions, comments and expressions of interest in a product, a
service or a complaints-handling
831 process
832 [SOURCE: ISO DIS 9000:2014, 3.9.2]
833 3.57
834 Customer Satisfaction
835 customer’s (3.26) perception of the degree to which the customer’s
expectations have been fulfilled
836 Note 1 to entry: It can be that the
customer’s (3.26) expectation is not known to the organization (3.01), or
even to
837 himself/herself until the product (3.47) or service (3.48) is delivered. It can be
necessary for achieving high
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 23 ISO/TC 176/SC2/WG24/N111
customer satisfaction to fulfil an expectation of a customer even if it is neither stated nor
generally 838 implied or
839 obligatory.
840 Note 2 to entry: Complaints (3.58) are
a common indicator of low customer satisfaction but their absence does not
841 necessarily imply high customer
satisfaction.
842 Note 3 to entry: Even when customer (3.26) requirements (3.03)
have been agreed with the customer and
843 fulfilled, this does not
necessarily ensure high customer satisfaction.
844 Note 4 to entry: See ISO 10004, Quality Management — Customer satisfaction — Guidelines for
monitoring and
845 measuring.
846 [SOURCE: ISO DIS 9000:2014, 3.9.3]
847 3.58
848 Complaint
849 <customer satisfaction> expression of dissatisfaction
made to an organization (3.01), related to its
850 product (3.47) or service (3.48), or the complaints-handling process (3.12)
itself, where a response or
851 resolution is explicitly or implicitly expected
852 [SOURCE: ISO DIS 9000:2014, 3.9.4]
853 3.59
854 Audit Programme
855 set of one or more audits (3.17) planned for a specific time
frame and directed towards a specific
856 purpose
857 [SOURCE: ISO DIS 9000:2014, 3.10.9]
858 3.60
859 Audit criteria
860 set of policies (3.07), documented information (3.11)
or requirements (3.03) used as a reference
861 against which audit evidence (3.61)
is compared
862 [SOURCE: ISO DIS 9000:2014, 3.10.12, modified]
863 3.61
864 Objective / audit evidence
865 records, statements of fact or other information (3.50), which are relevant to the audit criteria (3.60)
866 and verifiable
867 [SOURCE: ISO DIS 9000:2014, 3.10.13]
868 3.62
869 Audit findings
870 results of the evaluation of the collected audit evidence (3.61) against audit criteria (3.60)
871 Note 1 to entry: Audit findings
indicate conformity (3.18) or nonconformity (3.19).
872 Note 2 to entry: Audit findings can
lead to the identification of opportunities for improvement (3.28) or
recording
873 good practices.
874 Note 3 to entry: In English, if the
audit criteria (3.60) are selected from statutory requirements (3.38)
or regulatory
875 requirements (3.39), the audit finding can be called compliance or
non-compliance.
876 [SOURCE: ISO DIS 9000:2014, 3.10.14]
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 24 ISO/TC 176/SC2/WG24/N111
877 3.63
878 Concession
879 permission to use or release (3.64) a product (3.47)
or service (3.48) that does not conform to
880 specified requirements
(3.03)
881 Note to entry: A concession is
generally limited to the delivery of products (3.47) and services (3.48) that have
882 nonconforming (3.19) characteristics (3.65)
within specified limits and is generally given for a limited quantity of
883 products and services, for a period
of time, and for a specific use.
884 [SOURCE: ISO DIS 9000:2014, 3.11.5]
885 3.64
886 Release
887 permission to proceed to the next stage of a process (3.12)
888 Note to entry: In English, in the
context of software and documented
information (3.11), the word “release” is
889 frequently used to refer to a
version of the software or the documented information itself.
890 [SOURCE: ISO DIS 9000:2014, 3.11.7, modified – The Note to
entry has been modified]
891 3.65
892 Characteristic
893 distinguishing feature
894 Note 1 to entry: A characteristic
can be inherent or assigned.
895 Note 2 to entry: A characteristic
can be qualitative or quantitative.
896 Note 3 to entry: There are various
classes of characteristic, such as the following:
897 a) physical (e.g. mechanical,
electrical, chemical or biological characteristics);
898 b) sensory (e.g. related to smell,
touch, taste, sight, hearing);
899 c) behavioural (e.g. courtesy,
honesty, veracity);
900 d) temporal (e.g. punctuality,
reliability, availability).
901 e) ergonomic (e.g. physiological
characteristic, or related to human safety);
902 f) functional (e.g. maximum speed
of an aircraft).
903 [SOURCE: ISO DIS 9000:2014, 3.12.1]
904 3.66
905 Performance indicator
906 performance metric
907 characteristic (3.65) having significant impact on realization of the output (3.46)
and customer
908 satisfaction (3.57)
909
910 EXAMPLES Nonconformities (3.19)
per million opportunities, first time capability, nonconformities per
unit.
911 Note to entry: The characteristic (3.65) can
be quantitative or qualitative
912 [SOURCE: ISO DIS 9000:2014, 3.12.1.2]
913 3.67
914 Determination
915 activity to find out one or more characteristics (3.65) and their characteristic values
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 25 ISO/TC 176/SC2/WG24/N111
[SOURCE: ISO DIS 916 9000:2014, 3.13.1]
917 3.68
918 Review
919 determination (3.67) of the suitability, adequacy or effectiveness (3.06) of an object (3.36) to achieve
920 established objectives (3.08)
921 EXAMPLES Management (3.29)
review, design and development review, review of customer (3.26)
922 requirements (3.03), nonconformity (3.19)
review and peer review.
923 Note to entry: Review can also
include the determination (3.67) of efficiency.
924 [SOURCE: ISO DIS 9000:2014, 3.13.1.1]
925 3.69
926 Measuring equipment
927 measuring instrument, software, measurement standard,
reference material or auxiliary apparatus or
928 combination thereof necessary to realize a measurement (3.16) process (3.12)
929 [SOURCE: ISO DIS 9000:2014, 3.13.5]
930
931 4 Context of the organization
932 4.1 Understanding the organization
and its context
933 The organization shall determine
external and internal issues that are relevant to its purpose and its
934 strategic direction and
that affect its ability to achieve the intended result(s) of its quality management
935 system.
936 The organization shall monitor and review the information
about these external and internal issues.
937 NOTE 1 Understanding the external
context can be facilitated by considering issues arising from legal,
938 technological, competitive, market,
cultural, social, and economic environments, whether international, national,
939 regional or local.
940 NOTE 2 Understanding the internal
context can be facilitated by considering issues related to values, culture
941 knowledge and performance of the
organization.
942 4.2 Understanding the needs and
expectations of interested parties
943 Due to their impact or potential impact on the organisation’s
ability to consistently provide products
944 and services that meet customer and applicable statutory and
regulatory requirements, the
945 organization shall determine:
946 a) the interested parties that are
relevant to the quality management system;
947 b) the requirements of these interested
parties that are relevant to the quality
management system.
948 The organization shall monitor and review the information
about these interested parties and their
949 relevant requirements.
950 4.3 Determining the scope of the
quality management system
951 The organization shall determine the
boundaries and applicability of the quality management system
952 to establish its scope.
953
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 26 ISO/TC 176/SC2/WG24/N111
When determining this scope, the organization 954 shall
consider:
955
956 a) the external and internal issues
referred to in 4.1;
957 b) the requirements of relevant interested parties referred to in 4.2;
958 c) the products and services of the organization.
959 Where a requirement of this International Standard within the
determined scope can be applied, then it
960 shall be applied by the organization.
961
962 If any requirement(s) of this International Standard cannot be
applied, this shall not affect the
963 organization’s ability or responsibility to ensure conformity
of products and services.
964
965 The scope shall be available and be maintained as
documented information stating the:
966
967 ¾ products
and services covered by the quality management system;
968 ¾ justification
for any instance where a requirement of this International Standard cannot be
applied.
969 4.4 Quality Management System and Its Processes
970 The organization shall establish,
implement, maintain and continually improve a quality management
971 system, including the processes
needed and their interactions, in accordance with the requirements of
972 this International Standard.
973 The organization shall determine the processes needed for the
quality management system and their
974 application throughout the organization and shall determine:
975 a) the inputs required and the outputs expected from these
processes;
976 b) the sequence and interaction of these processes;
977 c) the criteria, methods, including measurements and related
performance indicators needed to
978 ensure the effective operation, and control of these
processes;
979 d) the resources needed and ensure their availability;
980 e) the assignment of the responsibilities and authorities for
these processes;
981 f) the risks and opportunities in accordance with the
requirements of 6.1, and plan and implement
982 the appropriate actions to address them;
983 g) the methods for monitoring, measuring, as appropriate, and
evaluation of processes and, if
984 needed, the changes to processes to ensure that they achieve
intended results;
985 h) opportunities for improvement of the processes and the
quality management system.
986 The organization shall maintain documented information to the
extent necessary to support the
987 operation of processes and retain documented information to
the extent necessary to have confidence
989 5 Leadership
990 5.1 Leadership and Commitment
991 5.1.1 Leadership and
commitment for the quality management system
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 27 ISO/TC 176/SC2/WG24/N111
Top management shall demonstrate leadership and commitment with
respect to the quality
992 management system by:
992 management system by:
993
994 a) taking accountability of the effectiveness of the quality
management system;
995 b) ensuring that the quality policy and
quality objectives are established for the quality management
996 system and are compatible with the
strategic direction and the context of the organization;
997 c) ensuring that the quality policy is communicated,
understood and applied within the organization;
998 d) ensuring the integration of the
quality management system requirements into the organization’s
999 business processes;
1000 e) promoting awareness of the process approach;
1001 f) ensuring that the resources needed
for the quality management system are available;
1002 g) communicating the importance of
effective quality management and of conforming to the quality
1003 management system requirements;
1004 h) ensuring that the quality management
system achieves its intended results;
1005 i) engaging, directing
and supporting persons to contribute to the effectiveness of the quality
1006 management system;
1007 j) promoting continual improvement;
1008 k) supporting other relevant management
roles to demonstrate their leadership as it applies to their
1009 areas of responsibility.
1010 NOTE Reference to “business” in this International Standard can be
interpreted broadly to mean those
1011 activities that are core to the
purposes of the organization’s existence; whether
the organization is public, private,
1012 for profit or not for profit.
1013 5.1.2 Customer focus
1014 Top management shall demonstrate leadership and commitment
with respect to customer focus by
1015 ensuring that:
1016 a) customer requirements and applicable statutory and
regulatory requirements are determined and
1017 met;
1018 b) the risks and opportunities that can affect conformity of
products and services and the ability to
1019 enhance customer satisfaction are determined and addressed;
1020 c) the focus on consistently providing products and services
that meet customer and applicable
1021 statutory and regulatory requirements is maintained;
1022 d) the focus on enhancing customer satisfaction is
maintained.
1023 5.2 Quality policy
1024 5.2.1 Top management shall establish, review and maintain a quality policy that:
1025 a) is appropriate to the purpose and context of
the organization;
1026 b) provides a framework for setting and reviewing quality
objectives;
1027 c) includes a commitment to satisfy
applicable requirements;
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 28 ISO/TC 176/SC2/WG24/N111
d) includes a commitment to continual
improvement of the quality 1028 management system.
1029 5.2.2 The quality policy shall:
1030 a) be available as documented
information;
1031 b) be communicated, understood and applied within the organization;
1032 c) be available to relevant interested
parties, as appropriate.
1033 5.3 Organizational roles,
responsibilities and authorities
1034 Top management shall ensure that the
responsibilities and authorities for relevant roles are assigned,
1035 communicated and understood within
the organization.
1036 Top management shall assign the
responsibility and authority for:
1037 a) ensuring that the quality management
system conforms to the requirements of this International
1038 Standard;
1039 b) ensuring that the processes are delivering their intended
outputs;
1040 c) reporting on the performance of the
quality management system, on opportunities for
1041 improvement and on the need for change or innovation, and
especially for reporting to top
1042 management;
1043 d) ensuring the promotion of customer focus throughout the
organization;
1044 e) ensuring that the integrity of the quality management
system is maintained when changes to the
1045 quality management system are planned and implemented.
Do Planning for The Quality Management System
Do Planning for The Quality Management System
1046 6 Planning for The Quality Management System
1047 6.1 Actions to address Risks and Opportunities
1048 6.1.1 When planning for the quality management system, the
organization shall consider the issues
1049 referred to in 4.1 and the
requirements referred to in 4.2 and determine the risks and opportunities that
1050 need to be addressed to:
1051 a) give assurance that the quality
management system can achieve its intended result(s);
1052 b) prevent, or reduce, undesired
effects;
1053 c) achieve continual improvement.
1054 6.1.2 The organization shall plan:
1055 a) actions to address these risks and
opportunities;
1056 b) how to:
1057 1) integrate and implement the
actions into its quality management system processes (see 4.4);
1058 2) evaluate the effectiveness of
these actions.
1059 Actions taken to address risks and opportunities shall be
proportionate to the potential impact on the
1060 conformity of products and services.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 29 ISO/TC 176/SC2/WG24/N111
NOTE Options to address risks and opportunities can include:
avoiding risk, taking risk in 1061 order to pursue an
1062 opportunity, eliminating the risk
source, changing the likelihood or consequences, sharing the risk, or retaining
1063 risk by informed decision.
1064 6.2 Quality objectives and planning
to achieve them
1065 6.2.1 The organization shall establish quality objectives at
relevant functions, levels and
processes.
1066 The quality objectives shall:
1067 a) be consistent with the quality
policy,
1068 b) be measurable;
1069 c) take into account applicable
requirements;
1070 d) be relevant to conformity of products and services and the
enhancement of customer satisfaction;
1071 e) be monitored;
1072 f) be communicated;
1073 g) be updated as appropriate.
1074 The organization shall retain
documented information on the quality objectives.
1075 6.2.2 When planning how to achieve its quality objectives, the
organization shall determine:
1076 a) what will be done;
1077 b) what resources will be required;
1078 c) who will be responsible;
1079 d) when it will be completed;
1080 e) how the results will be evaluated.
1081 6.3 Planning of changes
1082 Where the organization determines the need for change to the
quality management system (see 4.4)
1083 the change shall be carried out in a planned and systematic
manner.
1084 The organization shall consider:
1085 a) the purpose of the change and any of its potential
consequences;
1086 b) the integrity of the quality management system;
1087 c) the availability of resources;
1088 d) the allocation or reallocation of responsibilities and
authorities.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
1089 7 Support
1090 7.1 Resources
1091 7.1.1 General
1092 The organization shall determine and
provide the resources needed for the establishment,
1093 implementation, maintenance and
continual improvement of the quality management system.
1094 The organization shall consider:
1095 a) the capabilities of, and constraints on, existing internal
resources;
1096 b) what needs to be obtained from external providers.
1097 7.1.2 People
1098 To ensure that the organization can consistently meet customer
and applicable statutory and
1099 regulatory requirements, the organization shall provide the
persons necessary for the effective
1100 operation of the quality management system, including the
processes needed.
1101 7.1.3 Infrastructure
1102 The organization shall determine, provide and maintain the
infrastructure for the operation of its
1103 processes to achieve conformity of products and services.
1104 NOTE Infrastructure can include:
1105 a) buildings and associated
utilities;
1106 b) equipment including hardware and
software;
1107 c) transportation;
1108 d) information and communication
technology.
1109 7.1.4 Environment for the
operation of processes
1110 The organization shall determine, provide and maintain the
environment necessary for the operation of
1111 its processes and to achieve conformity of products and
services.
1112 NOTE Environment for the operation
of processes can include physical, social, psychological, environmental
1113 and other factors (such as
temperature, humidity, ergonomics and cleanliness).
1114 7.1.5 Monitoring and measuring
resources
1115 Where monitoring or measuring is used for evidence of
conformity of products and services to
1116 specified requirements the organization shall determine the
resources needed to ensure valid and
1117 reliable monitoring and measuring results.
1118 The organization shall ensure that the resources provided:
1119 a) are suitable for the specific type of monitoring and
measurement activities being undertaken;
1120 b) are maintained to ensure their continued fitness for their
purpose.
1121 The organization shall retain appropriate documented
information as evidence of fitness for purpose of
1122 monitoring and measurement resources.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 31 ISO/TC 176/SC2/WG24/N111
Where measurement traceability is: a statutory or regulatory
requirement; a customer 1123 or relevant
1124 interested party expectation; or considered by the
organization to be an essential part of providing
1125 confidence in the validity of measurement results; measuring
instruments shall be:
1126 ¾ verified
or calibrated at specified intervals or prior to use against measurement
standards
1127 traceable to international or national measurement standards.
Where no such standards exist, the
1128 basis used for calibration or verification shall be retained as
documented information;
1129 ¾ identified
in order to determine their calibration status;
1130 ¾ safeguarded
from adjustments, damage or deterioration that would invalidate the calibration
1131 status and subsequent measurement results.
1132 The organization shall determine if the validity of previous
measurement results has been adversely
1133 affected when an instrument is found to be defective during
its planned verification or calibration, or
1134 during its use, and take appropriate corrective action as
necessary.
1135 7.1.6 Organizational knowledge
1136 The organization shall determine the knowledge necessary for
the operation of its processes and to
1137 achieve conformity of products and services.
1138 This knowledge shall be maintained, and made available to the
extent necessary.
1139 When addressing changing needs and trends, the organization
shall consider its current knowledge
1140 and determine how to acquire or access the necessary
additional knowledge.
1141 NOTE 1 Organizational knowledge can
include information such as intellectual property and lessons learned.
1142 NOTE 2 To obtain the knowledge
required, the organization can consider:
1143 a) internal sources (e.g. learning
from failures and successful projects, capturing undocumented knowledge
1144 and experience of topical experts
within the organization);
1145 b) external sources (e.g.
standards, academia, conferences, gathering knowledge with customers or
1146 providers).
1147 7.2 Competence
1148 The organization shall:
1149 a) determine the necessary competence
of person(s) doing work under its control that affects its
1150 quality performance;
1151 b) ensure that these persons are
competent on the basis of appropriate education, training, or
1152 experience;
1153 c) where applicable, take actions to
acquire the necessary competence, and evaluate the
1154 effectiveness of the actions taken;
1155 d) retain appropriate documented
information as evidence of competence.
1156 NOTE Applicable actions can include,
for example, the provision of training to, the mentoring of, or the re1157
assignment of currently employed persons; or the hiring or
contracting of competent persons.
1158 7.3 Awareness
1159 Persons doing work under the
organization’s control shall be aware of:
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 32 ISO/TC 176/SC2/WG24/N111
a) the 1160 quality policy;
1161 b) relevant quality objectives;
1162 c) their contribution to the
effectiveness of the quality management system, including the benefits of
1163 improved quality performance;
1164 d) the implications of not conforming
with the quality management system requirements.
1165 7.4 Communication
1166 The organization shall determine the
internal and external communications relevant to the quality
1167 management system including:
1168 a) on what it will communicate;
1169 b) when to communicate;
1170 c) with whom to communicate;
1171 d) how to communicate.
1172 7.5 Documented Information
1173 7.5.1 General
1174 The organization’s quality
management system shall include
1175 a) documented information required by
this International Standard;
1176 b) documented information determined by
the organization as being necessary for the effectiveness
1177 of the quality management system.
1178 NOTE The extent of documented
information for a quality management system can differ from one
1179 organization to another due to:
1180 a) the size of organization and its
type of activities, processes, products and services;
1181 b) the complexity of processes and
their interactions;
1182 c) the competence of persons.
1183 7.5.2 Creating and updating
1184 When creating and updating
documented information the organization shall ensure appropriate:
1185 a) identification and description (e.g.
a title, date, author, or reference number);
1186 b) format (e.g. language, software
version, graphics) and media (e.g. paper, electronic);
1187 c) review and approval for suitability
and adequacy.
1188 7.5.3 Control of documented
Information
1189
1190 7.5.3.1 Documented information required by the quality management
system and by this International
1191 Standard shall be controlled to
ensure:
1192 a) it is available and suitable for
use, where and when it is needed;
1193 b) it is adequately protected (e.g.
from loss of confidentiality, improper use, or loss of integrity).
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 33 ISO/TC 176/SC2/WG24/N111
7.5.3.2 For the control of documented
information, the organization shall address 1194
the following
1195 activities, as applicable:
1196 a) distribution, access, retrieval and
use;
1197 b) storage and preservation, including
preservation of legibility;
1198 c) control of changes (e.g. version
control);
1199 d) retention and disposition.
1200 Documented information of external
origin determined by the organization to be necessary for the
1201 planning and operation of the
quality management system shall be identified as appropriate, and
1202 controlled.
1203 NOTE Access can imply a decision
regarding the permission to view the documented information only, or
1205 8 Operation
1206 8.1 Operational planning and
control
1207 The organization shall plan,
implement and control the processes, as
outlined in 4.4, needed to meet
1208 requirements for the provision of products and services and to implement the actions determined in
1209 6.1, by:
1210 a) determining requirements for the product and services;
1211 b) establishing criteria for the
processes and for the acceptance of products
and services;
1212 c) determining the resources needed to achieve conformity to
product and service requirements;
1213 d) implementing control of the
processes in accordance with the criteria;
1214 e) retaining documented
information to the extent necessary to have confidence that the processes
1215 have been carried out as planned and to demonstrate conformity of products and services
to
1216 requirements.
1217 The output of this planning shall be suitable for the
organization's operations.
1218 The organization shall control
planned changes and review the consequences of unintended changes,
1219 taking action to mitigate any adverse
effects, as necessary.
1220 The organization shall ensure that
outsourced processes are controlled in
accordance with 8.4.
1221 8.2 Determination of requirements for products and
services
1222 8.2.1 Customer communication
1223 The organization shall establish the processes for
communicating with customers in relation to:
1224 a) information relating to products and services;
1225 b) enquiries, contracts or order handling, including changes;
1226 c) obtaining customer views and perceptions, including
customer complaints;
1227 d) the handling or treatment of customer property, if
applicable;
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 34 ISO/TC 176/SC2/WG24/N111
e) specific requirements for contingency actions, 1228 when
relevant.
1229 8.2.2 Determination of
requirements related to products and services
1230 The organization shall establish, implement and maintain a
process to determine the requirements for
1231 the products and services to be offered to potential
customers.
1232 The organization shall ensure that:
1233 a) product and service requirements (including those
considered necessary by the organisation),
1234 and applicable statutory and regulatory requirements, are
defined;
1235 b) it has the ability to meet the defined requirements and
substantiate the claims for the products
1236 and services it offers.
1237 8.2.3 Review of requirements
related to products and services
1238 The organization shall review, as applicable:
1239 a) requirements specified by the customer, including the
requirements for delivery and post-delivery
1240 activities;
1241 b) requirements not stated by the customer, but necessary for
the customers' specified or intended
1242 use, when known;
1243 c) additional statutory and regulatory requirements
applicable to the products and services;
1244 d) contract or order requirements differing from those
previously expressed.
1245 NOTE Requirements can also include
those arising from relevant interested parties.
1246 This review shall be conducted prior to the organization’s
commitment to supply products and services
1247 to the customer and shall ensure contract or order
requirements differing from those previously
1248 defined are resolved.
1249 Where the customer does not provide a documented statement of
their requirements, the customer
1250 requirements shall be confirmed by the organization before
acceptance.
1251 Documented information describing the results of the review,
including any new or changed
1252 requirements for the products and services, shall be
retained.
1253 Where requirements for products and services are changed, the
organization shall ensure that
1254 relevant documented information is amended and that relevant
personnel are made aware of the
1255 changed requirements.
1256
1257 8.3 Design and development of products and services
1258 8.3.1 General
1259 Where the detailed requirements of the organization’s
products and services are not already
1260 established or not defined by the customer or by other
interested parties, such that they are adequate
1261 for subsequent production or service provision, the
organization shall establish, implement and
1262 maintain a design and development process.
1263 NOTE 1 The organization can also
apply the requirements given in 8.5 to the development of processes for
1264 production and services provision
1265 NOTE 2 For services, design and
development planning can address the whole service delivery process. The
1266 organization can therefore choose
to consider the requirements of clauses 8.3 and 8.5 together.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 35 ISO/TC 176/SC2/WG24/N111
1267 8.3.2 Design and development planning
1268 In determining the stages and controls for design and
development, the organization shall consider:
1269 a) the nature, duration and complexity of the design and
development activities;
1270 b) requirements that specify particular process stages,
including applicable design and development
1271 reviews;
1272 c) the required design and development verification and
validation;
1273 d) the responsibilities and authorities involved in the
design and development process;
1274 e) the need to control interfaces between individuals and
parties involved in the design and
1275 development process;
1276 f) the need for involvement of customer and user groups in
the design and development process;
1277 g) the necessary documented information to confirm that
design and development requirements
1278 have been met.
1279 8.3.3 Design and development
Inputs
1280 The organization shall determine:
1281 a) requirements essential for the specific type of products
and services being designed and
1282 developed, including, as applicable, functional and
performance requirements;
1283 b) applicable statutory and regulatory requirements;
1284 c) standards or codes of practice that the organization has
committed to implement;
1285 d) internal and external resource needs for the design and
development of products and services;
1286 e) the potential consequences of failure due to the nature of
the products and services;
1287 f) the level of control expected of the design and
development process by customers and other
1288 relevant interested parties.
1289 Inputs shall be adequate for design and development purposes,
complete, and unambiguous.
1290 Conflicts among inputs shall be resolved.
1291 8.3.4 Design and development
controls
1292 The controls applied to the design and development process
shall ensure that:
1293 a) the results to be achieved by the design and development
activities are clearly defined;
1294 b) design and development reviews are conducted as planned;
1295 c) verification is conducted to ensure that the design and
development outputs have met the design
1296 and development input requirements;
1297 d) validation is conducted to ensure that the resulting
products and services are capable of meeting
1298 the requirements for the specified application or intended
use (when known).
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 36 ISO/TC 176/SC2/WG24/N111
1299 8.3.5 Design and development outputs
1300 The organization shall ensure that design and development
outputs:
1301 a) meet the input requirements for design and development;
1302 b) are adequate for the subsequent processes for the
provision of products and services;
1303 c) include or reference monitoring and measuring
requirements, and acceptance criteria, as
1304 applicable;
1305 d) ensure products to be produced, or services to be
provided, are fit for intended purpose and their
1306 safe and proper use.
1307 The organization shall retain the documented information
resulting from the design and development
1308 process.
1309 8.3.6 Design and development
changes
1310 The organization shall review, control and identify changes
made to design inputs and design outputs
1311 during the design and development of products and services or
subsequently, to the extent that there
1312 is no adverse impact on conformity to requirements.
1313 Documented information on design and development changes
shall be retained.
1314 8.4 Control of externally provided products and
services
1315 8.4.1 General
1316 The organization shall ensure that externally provided
processes, products, and services conform to
1317 specified requirements.
1318 The organization shall apply the specified requirements for
the control of externally provided products
1319 and services when:
1320 a) products and services are provided by external providers
for incorporation into the organization’s
1321 own products and services;
1322 b) products and services are provided directly to the
customer(s) by external providers on behalf of
1323 the organization;
1324 c) a process or part of a process is provided by an external
provider as a result of a decision by the
1325 organization to outsource a process or function.
1326 The organization shall establish and apply criteria for the
evaluation, selection, monitoring of
1327 performance and re-evaluation of external providers based on
their ability to provide processes or
1328 products and services in accordance with specified
requirements.
1329 The organization shall retain appropriate documented
information of the results of the evaluations,
1330 monitoring of the performance and re-evaluations of the
external providers.
1331 8.4.2 Type and extent of
control of external provision
1332 In determining the type and extent of controls to be applied
to the external provision of processes,
1333 products and services, the organisation shall take into
consideration:
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 37 ISO/TC 176/SC2/WG24/N111
a) the potential impact of the externally provided processes,
products and 1334 services on the
1335 organization’s ability to consistently meet customer and
applicable statutory and regulatory
1336 requirements;
1337 b) the perceived effectiveness of the controls applied by the
external provider.
1338 The organization shall establish and implement verification
or other activities necessary to ensure the
1339 externally provided processes, products and services do not
adversely affect the organisation's ability
1340 to consistently deliver conforming products and services to
its customers.
1341 Processes or functions of the organization which have been
outsourced to an external provider remain
1342 within the scope of the organization’s quality management
system; accordingly, the organization shall
1343 consider a) and b) above and define both the controls it
intends to apply to the external provider and
1344 those it intends to apply to the resulting process output.
1345 8.4.3 Information for external
providers
1346 The organization shall communicate to external providers
applicable requirements for the following:
1347 a) the products and services to be provided or the processes
to be performed on behalf of the
1348 organization;
1349 b) approval or release of products and services, methods,
processes or equipment;
1350 c) competence of personnel, including necessary
qualification;
1351 d) their interactions with the organization's quality
management system;
1352 e) the control and monitoring of the external provider’s
performance to be applied by the
1353 organization;
1354 f) verification activities that the organization, or its
customer, intends to perform at the external
1355 provider’s premises.
1356 The organization shall ensure the adequacy of specified
requirements prior to their communication to
1357 the external provider.
1358 8.5 Production and service provision
1359 8.5.1 Control of production
and service provision
1360 The organization shall implement controlled conditions for
production and service provision, including
1361 delivery and post-delivery activities.
1362 Controlled conditions shall include, as applicable:
1363 a) the availability of documented information that defines
the characteristics of the products and
1364 services;
1365 b) the availability of documented information that defines
the activities to be performed and the
1366 results to be achieved;
1367 c) monitoring and measurement activities at appropriate
stages to verify that criteria for control of
1368 processes and process outputs, and acceptance criteria for
products and services, have been
1369 met.
1370 d) the use, and control of suitable infrastructure and
process environment;
1371 e) the availability and use of suitable monitoring and
measuring resources;
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 38 ISO/TC 176/SC2/WG24/N111
f) the competence and, where applicable, required qualification
1372 of persons;
1373 g) the validation, and periodic revalidation, of the ability
to achieve planned results of any process
1374 for production and service provision where the resulting
output cannot be verified by subsequent
1375 monitoring or measurement;
1376 h) the implementation of products and services release,
delivery and post-delivery activities.
1377 8.5.2 Identification and
traceability
1378 Where necessary to ensure conformity of products and
services, the organization shall use suitable
1379 means to identify process outputs.
1380 The organization shall identify the status of process outputs
with respect to monitoring and
1381 measurement requirements throughout production and service
provision.
1382 Where traceability is a requirement, the organization shall
control the unique identification of the
1383 process outputs, and retain any documented information
necessary to maintain traceability.
1384 NOTE Process outputs are the
results of any activities which are ready for delivery to the organization’s
1385 customer or to an internal customer
(e.g. receiver of the inputs to the next process); they can include products,
1386 services, intermediate parts,
components, etc.
1387 8.5.3 Property belonging to
customers or external providers
1388 The organization shall exercise care with property belonging
to the customer or external providers
1389 while it is under the organization's control or being used by
the organization. The organization shall
1390 identify, verify, protect and safeguard the customer’s or
external provider’s property provided for use or
1391 incorporation into the products and services.
1392 When property of the customer or external provider is
incorrectly used, lost, damaged or otherwise
1393 found to be unsuitable for use, the organization shall report
this to the customer or external provider.
1394 NOTE Customer property can include
material, components, tools and equipment, customer premises,
1395 intellectual property and personal
data.
1396 8.5.4 Preservation
1397 The organization shall ensure preservation of process outputs
during production and service provision,
1398 to the extent necessary to maintain conformity to requirements.
1399 NOTE Preservation can include
identification, handling, packaging, storage, transmission or transportation,
1400 and protection.
1401 8.5.5 Post-delivery activities
1402 As applicable, the organization shall meet requirements for
post-delivery activities associated with the
1403 products and services.
1404 In determining the extent of post-delivery activities that
are required, the organisation shall consider:
1405 a) the risks associated with the products and services;
1406 b) the nature, use and intended lifetime of the products and
services;
1407 c) customer feedback;
1408 d) statutory and regulatory requirements.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 39 ISO/TC 176/SC2/WG24/N111
NOTE Post-delivery activities can include actions under warranty
provisions, contractual obligations 1409
such as
1410 maintenance services, and
supplementary services such as recycling or final disposal.
1411 8.5.6 Control of changes
1412 The organization shall review and control unplanned changes
essential for production or service
1413 provision to the extent necessary to ensure continuing
conformity with specified requirements.
1414 The organization shall retain documented information
describing the results of the review of changes,
1415 the personnel authorizing the change, and any necessary
actions.
1416 8.6 Release of products and services
1417 The organization shall implement the planned arrangements at
appropriate stages to verify that
1418 product and service requirements have been met. Evidence of
conformity with the acceptance criteria
1419 shall be retained.
1420 The release of products and services to the customer shall
not proceed until the planned
1421 arrangements for verification of conformity have been
satisfactorily completed, unless otherwise
1422 approved by a relevant authority and, as applicable, by the
customer. Documented information shall
1423 provide traceability to the person(s) authorizing release of
products and services for delivery to the
1424 customer.
1425 8.7 Control of nonconforming process outputs,
products and services
1426 The organization shall ensure process outputs, products and
services that do not conform to
1427 requirements are identified and controlled to prevent their
unintended use or delivery.
1428 The organization shall take appropriate corrective action
based on the nature of the nonconformity and
1429 its impact on the conformity of products and services. This
applies also to nonconforming products and
1430 services detected after delivery of the products or during
the provision of the service.
1431 As applicable, the organization shall deal with nonconforming
process outputs, products and services
1432 in one or more of the following ways:
1433 a) correction;
1434 b) segregation, containment, return or suspension of
provision of products and services;
1435 c) informing the customer;
1436 d) obtaining authorization for:
1437 ¾ use
“as-is’;
1438 ¾ release,
continuation or re-provision of the products and services;
1439 ¾ acceptance
under concession.
1440 Where nonconforming process outputs, products and services
are corrected, conformity to the
1441 requirements shall be verified.
1442 The organization shall retain documented information of
actions taken on nonconforming process
1443 outputs, products and services, including on any concessions
obtained and on the person or authority
1444 that made the decision regarding dealing with the nonconformity.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 40 ISO/TC 176/SC2/WG24/N111
1446 9.1 Monitoring, measurement,
analysis and evaluation
1447 9.1.1 General
1448 The organization shall determine:
1449 a) what needs to be monitored and
measured;
1450 b) the methods for monitoring,
measurement, analysis and evaluation, as applicable, to ensure valid
1451 results;
1452 c) when the monitoring and measuring
shall be performed;
1453 d) when the results from monitoring and
measurement shall be analysed and evaluated.
1454 The organization shall ensure that monitoring and measurement activities
are implemented in
1455 accordance with the determined requirements and shall retain appropriate documented information as
1456 evidence of the results.
1457 The organization shall evaluate the
quality performance and the effectiveness of the quality
1458 management system.
1459 9.1.2 Customer satisfaction
1460 The organization shall monitor customer perceptions of the
degree to which requirements have been
1461 met.
1462 The organization shall obtain information relating to
customer views and opinions of the organisation
1463 and its products and services.
1464 The methods for obtaining and using this information shall be
determined.
1465 NOTE Information related to
customer views can include customer satisfaction or opinion surveys, customer
1466 data on delivered products or
services quality, market-share analysis, compliments, warranty claims and
dealer
1467 reports.
1468 9.1.3 Analysis and evaluation
1469 The organization shall analyse and evaluate appropriate data
and information arising from monitoring,
1470 measurement and other sources.
1471 The output of analysis and evaluation shall be used to:
1472 a) demonstrate conformity of products and services to
requirements;
1473 b) assess and enhance customer satisfaction;
1474 c) ensure conformity and effectiveness of the quality
management system;
1475 d) demonstrate that planning has been successfully
implemented;
1476 e) assess the performance of processes;
1477 f) assess the performance of external provider(s);
1478 g) determine the need or opportunities for improvements
within the quality management system.
1479 The results of analysis and evaluation shall also be used to
provide inputs to management review.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 41 ISO/TC 176/SC2/WG24/N111
1480 9.2 Internal audit
1481 9.2.1 The organization shall conduct internal audits at planned
intervals to provide information on
1482 whether the quality management
system;
1483 a) conforms to:
1484 1) the organization’s own requirements
for its quality management system;
1485 2) the requirements of this
International Standard;
1486 b) is effectively implemented and
maintained.
1487 9.2.2 The organization shall:
1488 a) plan, establish, implement and
maintain an audit programme(s) including the frequency, methods,
1489 responsibilities, planning
requirements and reporting, which shall take into consideration the
1490 quality objectives,
the importance of the processes concerned, customer
feedback, changes
1491 impacting on the organisation, and the results of previous audits;
1492 b) define the audit criteria and scope
for each audit;
1493 c) select auditors and conduct audits
to ensure objectivity and the impartiality of the audit process;
1494 d) ensure that the results of the
audits are reported to relevant management;
1495 e) take necessary correction and corrective actions without
undue delay;
1496 f) retain documented information as
evidence of the implementation of the audit programme and the
1497 audit results.
1498 NOTE See ISO 19011 for guidance.
1499 9.3 Management review
1500 9.3.1 Top management shall review the organization's quality
management system, at planned
1501 intervals, to ensure its continuing
suitability, adequacy, and effectiveness.
1502 The management review shall be planned and carried out taking into consideration:
1503 a) the status of actions from previous
management reviews;
1504 b) changes in external and internal
issues that are relevant to the quality management system
1505 including its strategic direction;
1506 c) information on the quality
performance, including trends and
indicators for:
1507 1) nonconformities and corrective actions;
1508 2) monitoring and measurement results;
1509 3) audit results;
1510 4) customer satisfaction;
1511 5) issues concerning external providers and other relevant
interested parties;
1512 6) adequacy of resources required for maintaining an
effective quality management system;
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 42 ISO/TC 176/SC2/WG24/N111
7) process performance and conformity of products 1513 and
services;
1514 d) the effectiveness of actions taken to address risks and
opportunities (see clause 6.1);
1515 e) new potential opportunities
for continual improvement.
1516 9.3.2 The outputs of the management review shall include
decisions and actions related to:
1517 a) continual improvement opportunities;
1518 b) any need for changes to the quality
management system, including resource needs.
1519 The organization shall retain
documented information as evidence of the results of management
1521 10 Improvement
1522 10.1 General
1523 The organization shall determine and select opportunities for
improvement and implement necessary
1524 actions to meet customer requirements and enhance customer
satisfaction.
1525 This shall include, as appropriate:
1526 a) improving processes to prevent nonconformities;
1527 b) improving products and services to meet known and
predicted requirements;
1528 c) improving quality management system results.
1529 NOTE Improvement can be effected
reactively (e.g. corrective action), incrementally (e.g. continual
1530 improvement), by step change (e.g.
breakthrough), creatively (e.g. innovation) or by re-organisation (e.g.
1531 transformation).
1532 10.2 Nonconformity and corrective
action
1533 10.2.1 When a nonconformity occurs, including those arising from complaints, the organization shall:
1534 a) react to the nonconformity, and as
applicable:
1535 1) take action to control and correct
it;
1536 2) deal with the consequences;
1537 b) evaluate the need for action to
eliminate the cause(s) of the nonconformity, in order that it does
1538 not recur or occur elsewhere, by:
1539 1) reviewing the nonconformity;
1540 2) determining the causes of the
nonconformity;
1541 3) determining if similar
nonconformities exist, or could potentially occur;
1542 c) implement any action needed;
1543 d) review the effectiveness of any
corrective action taken;
1544 e) make changes to the quality
management system, if necessary.
SUPPLIED BY BSB UNDER
LICENCE FROM ISO FOR BUREAU VERITAS CERTIFICATION (INDIA) PVT. LTD. - MUMBAI ON
21/05/2014
© ISO 2014 – All rights reserved 43 ISO/TC 176/SC2/WG24/N111
Corrective actions shall be appropriate to the effects of the
nonconformities 1545 encountered.
1546 NOTE 1 In some instances, it can be
impossible to eliminate the cause of a nonconformity.
1547 NOTE 2 Corrective action can reduce
the likelihood of recurrence to an acceptable level.
1548 10.2.2 The organization shall retain documented information as
evidence of:
1549 a) the nature of the nonconformities
and any subsequent actions taken;
1551 10.3 Continual Improvement
1552 The organization shall continually
improve the suitability, adequacy, and effectiveness of the quality
1553 management system.
1554 The organization shall consider the outputs of analysis and
evaluation, and the outputs from
1555 management review, to confirm if there are areas of
underperformance or opportunities that shall be
1556 addressed as part of continual improvement.
1557 Where applicable, the organization shall select and utilise
applicable tools and methodologies for
1558 investigation of the causes of underperformance and for
supporting continual improvement.
ISO 9001:2015 - Preparation &
Implementation :Video Tutorial
ISO 9001:2015 Presentation : Video Tutorial
1 Available from website:http://www.iso.org
The world’s quality management systems standard, ISO 9001, has been revised. Here, Kevin McKinley, Acting ISO Secretary-General, and Nigel Croft, Chair of the subcommittee that revised ISO 9001, tell you everything you need to know about the new edition of this landmark standard that enhances an organization’s ability to satisfy its customers and provides a coherent foundation for growth and sustained success.
ISO 9001:2015 Training Presentation video. The online course Covers all requirements of the latest version of the ISO standard.
** { Courtesy: ISO- Geneva,Switzerland. }
The world’s quality management systems standard, ISO 9001, has been revised. Here, Kevin McKinley, Acting ISO Secretary-General, and Nigel Croft, Chair of the subcommittee that revised ISO 9001, tell you everything you need to know about the new edition of this landmark standard that enhances an organization’s ability to satisfy its customers and provides a coherent foundation for growth and sustained success.