ISO 9001:2015 Core Concepts

One of the most commonly applied teaching methodologies is that of breaking complex subjects down into multiple simplex units.

This time-saving mechanism allows not just for greater ease of understanding but is also known to successfully result in a higher rate of engagement. Short, sharp bursts rather than endless drones or brain-draining pages of text.

For this new series of blogs, we are taking ISO 9001:2015 and breaking it down into bite size chunks, starting here with the three Core Concepts that underpin the standard.

Risk Based Thinking

Successful businesses are those that take every necessary precaution to mitigate against risk.

One of the key changes in the 2015 revision of ISO 9001 is the establishment of a systematic approach to risk. Rather than treating it as a stand-alone component of a QMS, the updated 'sum of the parts' approach sees it no longer separated from the whole.

While risk is often thought of as detrimental, risk-based thinking can help businesses to identify opportunities, thereby putting a positive spin on what is traditionally viewed as a business negative.

Organisations need to identify risks in their processes and to their business, both internally and externally. While it is not always possible to circumvent external risks such as banking crises, Brexit or extreme currency fluctuations, it is incumbent upon leadership to pro-actively take whatever measures are within their remit and power to minimise their impact.

Identify internal and external risks, both positive and negative, and decide how they should be addressed when developing processes to improve outputs and mitigate against undesirable outcomes.

The Process Approach and PDCA

Process - "A set of interrelated or interacting activities that use both tangible (materials, equipment) and intangible (data, knowledge) inputs to deliver an intended result"

All organisations use processes to achieve their objectives.

The process approach includes establishing these processes to operate as an integrated and unified system and can be applied to any organisation and any management system regardless of type, size or complexity.

Process approach fundamentals:

• The management system integrates processes, which it both monitors and measures to achieve objectives
• Processes define interrelated activities and checks, to deliver intended outputs
• Detailed planning and controls are defined and documented as and when required within the context of the organisation

In accordance with the requirements of ISO 9001:2015 the following sequence of actions provides examples of how an organisation may choose to build and control the processes of its QMS.

An organisation should follow all steps in the process approach. Performance can be then managed and improved by applying the PDCA cycle.

ISO 9001:2015 Execution

Having defined the above, the following should be closed out before moving onto the Do-ing phase ...

• Define the need for documented information
• Define the interfaces, risks and activities within the process
• Define the monitoring and measuring requirements

As the song goes, "it ain't what you do, it's the way that you do it" and PDCA - which stands for Plan, Do, Check, Act - is an effective tool that can and should be used by organisations to manage their processes and systems.

Plan: Identify client needs, determine drivers, set key objectives of the system and processes to deliver required results

Do: Identify process owners, implement and control what was planned

Check: Monitor & measure processes and results against policies, objectives & requirements, develop, review, report results, create improvement plan

Act: Take corrective actions to improve the performance of processes & monitor progress going forward

ISO 9001:2015 is written to mirror PDCA, which operates as a cycle of continual improvement, with risk‐based thinking at each stage.

Plan well, Do what you need to do to meet client needs, Check results and Act on deficiencies should be etched onto every office noticeboard.

Summary of ISO 9001:2015

The above three concepts together form an integral part of the ISO 9001:2015 standard. Risks that may impact both positive and negatively on objectives must be addressed by the management system.

Risk‐based thinking itself is used throughout the process approach and application of the PDCA tool to:

• Arrive at how risk is to be addressed in establishing the required processes
• Define the extent of process planning and controls
• Improve effectiveness of the QMS
• Manage, monitor and maintain the system

Benefits of ISO 9001:2015

Just some of the potential benefits of ISO 9001:2015 and the process approach ...

Enhanced customer satisfaction by meeting client needs and requirements
Consistency in achieving policies and objectives, intended results and overall performance
The process approach can facilitate the implementation of any management system

For more information on the three core concepts and other aspects of ISO 9001:2015 speak to one of our ISO professionals. Email hello@cgbc.ie or call +353 (0)1 620 4121.