Late 2016 saw the publication of ISO/TS 9002:2016 Quality management systems -- Guidelines for the application of ISO 9001:2015. Originally to have been published simultaneously with the revised ISO 9001 Standard in 2015, the delay resulted in it getting little publicity and so it has been largely ignored.
It is full of valuable guidance for the application of ISO 9001:2015 to all types of organization.
Lead Auditors with Certification Bodies, ISO 9001 Consultants and others working on ISO 9001 implementation and maintenance will find the guidelines invaluable. So also will those maintaining management systems and those providing consultancy support. The ISO Technical Committee 176 (ISO/TC 176) on Quality Management, the committee responsible for the ISO 9000 family of QMS standards, is the body responsible for publishing this guide – ‘straight from the horse’s mouth’ you might say.
ISO 9002:2016 helps give insight into what the developers of ISO 9001:2015 had in mind when preparing the revised Standard. And the lack of specificity, for which ISO 9001:2015 has so often been criticized, is no longer such a problem.
In a certification body audit situation, they provide a rational basis for Lead Auditors to explain the basis upon which the ISO 9001 Audit Team has made their findings. That is the comparison between what has been offered as evidence by an Auditee and what the guide suggests as typical audit evidence. The deficiencies should then become apparent to all parties and the cause of the argument reduced or removed.
Clause 4.1: Understanding the Organization and its context
It has been reported that many organizations are confused or have an inadequate understanding of the requirements for the Context of the Organization (COTO).
If, during a certification body audit, the Auditee offered evidence of how it addressed this requirement based solely on an in-house review among top management, an Audit Team should record a Minor Noncompliance against Clause 4.1.
But how does one avoid a disagreement on interpretation? The Auditee can argue that the Standard doesn’t include specific requirements and that this is the organization’s interpretation which they feel entitled to make. How does the Audit Team respond?
A neat solution is provided by reference to ISO 9002. In the section on Clause 4.1 it states…
"The intent of this subclause is to understand the external and internal issues that are relevant to the organization’s purpose and strategic direction and that can affect, either positively or negatively, the organization’s ability to achieve the intended results of its quality management system. The organization should be aware that external and internal issues can change, and therefore, should be monitored and reviewed."
It goes on:
Information about external and internal issues can be found from many sources, such as:
There then follows a suggested list of 6 external and 5 internal sources of information that might be consulted.
The Audit Team can then justify their finding on the basis that many typical external sources of information on the context of the organization have been ignored. Therefore, there is inadequate evidence to demonstrate that the context of the organization has been fully understood and addressed.
ISO/TS 9002:2016 runs to 57 pages of guidance such as this. We like this ISO 9001 Certification aid very much. While its content cannot be considered to constitute requirements, and it is just one of a number of guidance documents, it gives example after example of what constitutes adequate objective evidence of compliance, clause-by-clause. It is an invaluable companion to ISO 9001:2016.
Don’t fail to get a copy of, and study this important document.
In
We have chosen ISO 21001 certification because, unlike IRCA and Exemplar badges (which in our opinion are commercially compromised), it is based on independent third-party assessment. It is a ‘university grade’ standard in use globally by schools, colleges, and universities to demonstrate their competence.