ISO 9001:2015

Draft
BY
QI organization
June 2014

Introduction
Purpose of the session
New standard main elements
The high structure context
Review main body of the draft
The different between the ISO 9001:2008 and CD ISO
9001:2105

Purpose of the session

To review the new draft for ISO 9001:2015 and discuss the
implementation of the new standard
To have open discussion and exchange idea about the
implementation requirements in the Egyptian market
To discuss the required qualification of the auditors and the
consultants
How to improve the current QMS to comply with the new
requirements

New standard new elements

1.
2.
3.
4.

Scope
Normative references
Terms and definitions
Context of the
organization
Understanding the
organization and its
context
Needs and
requirements
Scope
Management System
5. Leadership
General
Management
commitment
Policy
Roles, responsibility
and authority
6. Planning

7. Support
Resources
Competence
Awareness
Communication
Documented
information
8. Operation
Operational planning
and control
9. Performance evaluation
Monitoring,
measurement, analysis
& evaluation
Internal audit
Management review
10. Improvement
Non conformity and
corrective action
Continual Improvement

0.1 General
Brief about the committee draft , the CD version

is not the final ISO 9001:2015 standard , the final

draft may include or may not include the given
modification

0.2 Annex SL
Annex SL appendix 2 set out the high level structure
, identical core text and common terms and core
definitions that are to form , when possible , the
nucleus of future and revised management system
standard such as ISO 9001.
All MSS shall , in principle use consistent structure ,
common text and terminology so that they are easy
to use and compliable with each other

0.3 significant changes

Redrafting to make the standard more generic and
more easily applicable by service industries. (product
goods & services)
Context (framework & environment) of organization

NE
W

4.1 understanding the organization and its context

4.2 understanding the needs and expectations of interested
parties
4.4.2 Process approach
4.1 Risk and 6.1 preventive action (there is no requirement
for formal risk management)
Documented information .(document and records
documented information)
8.6 Control of external provision of goods and services

1 scope
Used by organization to demonstrate its ability to

provide goods and services that meets customer

and legal and other requirements and to improve
the customer satisfaction as well as the
conformity with legal and other requirements

2 Normative references
ISO 9000:2015

3 terms and definitions

Give definitions that apply to the standard about
22 terms , such as organization ,requirements ,
policy, objective , documented information etc.

4 context of the organization

4.1 understanding the organization and its context
Organization Shall
determined External & internal issues affect to achieve
W
E
N
the outcome and consider :
Change and trend impacts on objectives
Relationships with, and perceptions and values of
relevant interested parties
Governance issues , strategic priorities , internal
policies and commitment
resource availability and technological change
Update such determination when needed

4.2 understanding the needs

and
expectations
of
interested
W
E
N
parties
The organization shall determined
The relevant interested parties such as (direct customer ,

end-user, supply chain , regulator and any others)

The requirements of these interested parties

Update these needs

N
EW

4.3 determining the scope of

the quality management system
The organization shall determined
Boundary
Applicability of the QMS

Requirement of 4.1 and 4.2

Scope shall be documented information
Exclusion from the standard only apply to clauses
7.1.4 and 8
Exclusion shall be documented and justified

4.4 Quality management system

ISO 9001:2008 C4.1

4.4.1 general
The organization shall establish , implement and maintain
and improve its QMS

4.4.2 Process approach

Organization shall determined:
Processes needed, Input , output , resources , control for
identified processes
Processes interactions
Risks to conformity (goods, services and in-effective interaction)
Key performance indicator
Responsibility and authority
Improvement

ISO 9001:2008 C5.1

5 Leadership
5.1 Leadership and commitment
5.1.1 Leadership and commitment with respect to the
quality management system
Top management shall demonstrate its commitment by

Quality policy and objectives are established

Quality policy is understood within organization
Integrity of the QMS
Awareness of process approach
Resources are available
Communicating the importance of conforming to QMS and requirements
of goods and services
Supporting persons to contribute to the effectiveness of the QMS
Supporting other management roles
Improvement and innovation
Supporting other management roles

5.2 Quality policy

ISO 9001:2008 C5.3

Top management shall establish quality policy that

Appropriate to the purpose of organization

Provide frame work for setting the objectives
Include commitment to satisfy applicable requirements
Includes commitment to improvement

Policy shall be documented information

Communicated within organization
Available to interested parties as appropriate
Reviewed

ISO 9001:2008 C 5.5.1 & C5.5.2

5.3 Organization roles ,

responsibility and authorities
Top management shall ensure responsibility and
authorities are assigned and communicated
Top management shall assign responsibility and
authority for
QMS conforms to the requirements
Processes are interact and provide the
Reporting on the QMS performance
Awareness for customer requirements

No Clear definition for the

MR , however still exist
without any exact
intend output
requirements

6 Planning
6.1 Actions to address risks and opportunities

QM
T
EW
N
I

Q
Organization shall consider 4.1 and 4.2 when planning
EW

SW

Determined risks and opportunities that need to be addressed:

Assure QMS can achieve its intend outcome

Assure conformity of goods and services and customer satisfaction
Prevent and reduce undesired effect
Achieve improvement

Organization shall plan actions to address these risks and

opportunities
Organization shall implement such actions to the QMS
The organization shall evaluate the effectiveness of these
actions
Actions taken shall be appropriate for the effect

ISO 9001:2008 C5.4.1

6.2 Quality Objectives and

planning to achieve them
The organization shall establish quality objectives
Consistent with policy
Relevant to conformity of goods and services and customer
satisfaction
Measurable, take into account applicable legal requirements
Monitored , communicated
Updated as appropriate
Documented information
Determined how shall the organization achieve such objectives

6.3 Planning of change

W
E
N

Organization shall determined the needs and

opportunity to maintain and improve the QMS
Organization shall undertake changes

Planned systematic manner

Identify risks
Opportunity
Simply , evaluate before
Reviewing the potential consequence ofimplementation
change

ISO 9001:2008 C6.1 & 6.2& C6.3

7 Support
7.1 Resources
7.1.1 General

The organization shall provide resources needed to QMS

7.1.2 infrastructure

Organization shall provide and maintain infrastructure needed for

operation

7.1.3 process environment

Organization shall provide the working environment for each process

Review from previous ISO

7.1.4 monitoring and measuring devices

9001:2000
Organization shall determined the monitoring and
measurement
devices

7.1.5 knowledge

Knowledge of conformity shall be available

7.2 Competence
ISO 9001:2008 C 6.2

Organization shall
Determined the necessary competence of persons
Ensure persons are competent based on appropriate
education, training or experience
Where applicable take action to acquire the necessary
competence and evaluate the effectiveness of actions
taken

ISO 9001:2008 C 6.1 & C6.2

7.3 Awareness
Persons doing work under control of organization
shall be aware of
Quality policy
Relevant quality objective
Contribution to the effective to management system
Implication of not conforming with QMS

ISO 9001:2008 C 5.5.3

7.4 Communication
Organization shall determined the need s for
internal and external communication

ISO 9001:2008 C4.2.3 & C4.2.4

7.5 Documented information

7.5.1 General

Organization QMS shall include:

Documented information required by the standard
Documented information required by organization

7.5.2 Creating and updating

Organization shall ensure when creating or updating documented

information :
Identification , description, format, review for approval.

7.5.3 control of documented information

Organization ensure DI are available and suitable when needed and

protected
DI shall be controlled for distribution , access , retrieval , use ,
preservation , changes and retention and disposition
External origin DI shall be identified and controlled

ISO 9001:2008 C 7.1

8 Operation
8.1 Operational planning and control
Organization shall plan and implement and control
processes by determined actions in 6.1
Establish criteria for the process
Implement control of the processes IAW criteria
DI to give confidence that process carried out as planned
Organization controlled planed change
Any process by external providers is controlled

ISO 9001:2008 C7.2.1

8.2 Determination of market

needs and interactions with
8.2.1
General
customers
Organization shall implement process to determined customer
requirements

8.2.2 determination of requirements related to the goods

and services
stated by the customer
Not stated by the customer
Legal and other requirements applicable to the goods and services
any additional requirements

ISO 9001:2008 C7.2.2

8.2.3 Review of requirements

related to the goods and
services
Organization
shall review the requirements related to
goods and services before supply
Results of review shall be DI
Organization shall ensure requirements where
customer doesn't provide documented statement
If requirements are changed the organization shall
ensure the implementation is done and relevant
person become aware of that

 8.2.4 Customer
communication
ISO 9001:2008 C7.2.3

Organization shall determined and implement

planned to communicate with customer in relation to:

Goods and services
Enquiries , contract or order
Customer feed back
Handling of customer property
The specific requirements for contingency actions , where
relevant

 8.3 Operational planning

process
ISO 9001:2008 C 7.1

Organization determined the following as appropriate:

Requirements for goods and services take into account quality
objectives
Actions to identify and address risks related to goods and
services conformity
Required recourses
Acceptance criteria
Required verification , validation, monitoring, measurement ,
inspection and test
Performance data embellishing and communicated
Requirements for tractability , preservations , delivery and post
delivery
Output in form suitable to the organization

ISO 9001:2008 C7.4.1

8.4 Control of external

provision of goods and
8.4.1
services
General

Organization shall ensure that externally provided goods are

conforms with requirements

8.4.2 type and extent of control of external provision

Types and extent control applied depend up on

Risks identified and potential impact

Degree of shared control between organization and providers
The capability of potential control

organization shall have criteria for selection , evaluation and

reevaluation
DI for monitoring result
DI shall provided to provider as appropriate include data
about the goods and services , requirements , provider
monitoring , any required verification

 8.4.3 Documented information

W for external providers
E
N

Documented information shall be provided to the external provider

describing, where appropriate:

goods and services to be provided or the process to be performed,

requirements for approval or release
requirements for competence
quality management system requirements,
control and monitoring of the external providers performance
any verification activities that the organization, or its customer, intends to
perform at the external providers premises
requirements for handling of external providers property provided to the
organization.
Documented information describing on the results of monitoring shall be
maintained.

ISO 9001:2008 C7.3 C7.3.6

8.5 Development of goods and

services
8.5.1
Development processes
The organization shall plan and implement processes for the development of
goods and services consistent with the process approach.
In determining the stages and controls for the development processes, the
organization shall take account of:

nature, duration and complexity

customer, statutory and regulatory requirements
requirements specified by the organization
determined risks and opportunities associated with the development (nature , level of
control and impacts)
internal and external resource,
need for clarity with respect to the responsibilities and authorities
need for the management of the interfaces between individuals and parties
need for involvement of customer groups, the necessary documented information
activities needed to transfer from development to production

 8.5.2 Development controls

The controls applied to the development process shall ensure that
ISO 9001:2008 C7.3-7.3.7

the result to be achieved by the development activities is clearly defined,

inputs are defined
outputs are in a form suitable for subsequent use for production
problems and issues arising during the development process are resolved
the planned development processes have been followed,
goods produced or services provided are fit for purpose,
appropriate change control is maintained throughout the development

ISO 9001:2008 C7.3.3

8.5.3 Development transfer

The organization shall ensure that transfer from
development to production or service takes place
when customer requirements, statutory or
regulatory requirements are met

 8.6 Production of goods and

provision
of
services
8.6.1 Control of production of goods and provision of services
ISO 9001:2008 C7.5.1 & C7.5.2

The organization shall implement production of goods and provision

of services under controlled conditions. Controlled conditions shall
include, as applicable:
the availability of documented information, the implementation of controls;
use of suitable equipment; use of monitoring and measuring devices;
competence of personnel
validation and approval, and periodic revalidation, of any process for production
implementation of goods and services release, delivery and post-delivery
activities; nonconformity due to human error,

 8.6.2 Identification and

traceability
ISO 9001:2008 C7.5.3

Where appropriate, the organization shall identify

process outputs by suitable means.

Where traceability is a requirement, the organization

shall control the unique identification of the process

outputs, and maintain it as documented information.

ISO 9001:2008 C7.5.4

8.6.3 Property belonging to

customers or external
providers.
The
organization shall exercise care with

property belonging to the customer or external

providers

 8.6.4 Preservation of Goods

and services
ISO 9001:2008 C7.5.5

Organization shall ensure preservation of goods

and services include any process output during
processing and delivery to the intend destination
in order to meet the requirements

 8.6.5 Post delivery activities

Where applicable , the organization shall determined and

ISO 9001:2008 C7.5.1

meet requirements for post delivery activities associated

with the nature and intended lifetime of the goods and
services
Required shall take into account
Risks associated with goods and services
Customer feedback
Legal and other requirements

 8.6.6 control of changes

ISO 9001:2008 C7.3.7

The organization shall undertake change in a

planned and systematic manner , taking account of
the review of the potential consequences of
changes
Maintain documented information describing the
results of review and the person who authorized
the change.

 8.7 Release of goods and

services
The organization shall implement the planned activities at
ISO 9001:2008 C8.2.4

appropriate stages to verify that goods and services

requirements have been met. Evidence of conformity with
acceptance criteria shall be maintained.
All planned arrangement shall be finished before release or
by other authorities
Documented information shall indicate the person who
release the goods and services

 8.8 nonconformity goods and

services
The organization shall ensure that goods and services

ISO 9001:2008 C8.3

which do not conform to requirements are identified and

controlled to prevent their unintended use or delivery that
will have a negative impact on the customer.
The organization shall take actions to nature of the NCR
Documented information describing the nature of NCR and
any action taken shall be maintained

9 Performance evaluation

9.1 monitoring , measurement , analysis and evaluation

9.1.1 General
N

the organization shall take into consideration the determined risks and
EWopportunities and shall:
Determined what needs to be monitored and measured
Evaluate the performance of external provider
Determined the methods for monitoring , measuring , analysis and evaluation as
applicable , to ensure valid results
Determined when the monitoring and measuring shall be performed
Determined when the results shall be analyzed
Determined the QMS indicators needed

The organization shall maintained appropriate documented

information
The organization shall evaluate the QMS performance and
effectiveness

9.1.2 Customer satisfaction

ISO 9001:2008 C8.2.1

The organization shall monitor data relating to

customer perceptions of the degree to which
requirements have been met

9.1.3 Analysis and evaluation of

data
ISO 9001:2008 C8.4

The organization shall analyzed and evaluate

appropriate data arising from monitoring ,
measurement and other relevant sources. This
shall include determination of applicable methods

ISO 9001:2008 C8.2.2

9.2 Internal audit

The organization shall conduct IA at planned intervals
to provide information on whether the QMS comply
with requirements and effectively implemented
The organization shall plan establish , implement and
maintain audit program determined taking into
account objectives, risks importance and result of
pervious audit
Take appropriate action without undue delay
Retain documented information as evidence of
implementation of audit program and the audit results

ISO 9001:2008 C5.6

9.3 Management review

Top management shall review the organization
quality management system , at planned
intervals , to insure its continuing stability ,
adequacy and effectiveness.
Input to management review
Output to management review
Documented information from management
review shall be maintained

10 improvement
ISO 9001:2008 C8.5.2&C8.5.3

10.1 NCR and corrective action

When NCR occurred , the organization shall
React to the NCR and as applicable and correct it and deal with
the consequence
Evaluate the need for corrective actions or preventive actions
Implemented actions needed
Review the effectiveness of any corrective actions taken
Make changes to QMS if necessary

10.2 improvement

ISO 9001:2008 C8.5.1

The organization shall improve the suitability ,

adequacy and effectiveness of the QMS
The organization shall QMS processes , goods and
services
The organization shall evaluate , priorities and
determined the improvement to be implemented

Appendix
EThe
draft include appendix with full definition of
W
N

the eight quality principle

The eight quality principle are the core of the new
standard , that is evident from one of the clauses
is one of the eight principles(leadership)