Information ISO 9001:2015 is here. Manufacturers, are you ready?

About ISO 9001

The ISO 9001 standard related to quality management systems helps businesses better serve their customers and consistently provide products and services that meet both customer and regulatory
requirements. More than a million businesses and suppliers have been certified as ISO 9001 compliant, and there are many reasons why businesses continue to join the worldwide ISO 9001 community. The standard has gained acceptance to the degree that many major global corporations and organisations require ISO 9001 certification from their partners and solution providers.

The roadmap it provides for quality management has been proven over more than five decades to help lower risks, especially in quality-intensive and highly regulated industries such as manufacturing. Despite the original guidelines being drafted 55 years ago and many updates made over the years, the core advantage remains the same; being certified gives your partners and customers reassurance that your business has and maintains strict processes for ensuring its quality policies are followed throughout the organisation. Therefore, in short, they know that yours is a business they can trust.

What will ISO 9001:2015 mean for you?

Companies have a grace period in which to transition to the new standard before losing their certification. In this period, they must ensure they meet the amended requirements in order to remain compliant. However, by being prepared for the forthcoming release businesses are able to minimise the time and resources required to transition, as well as the impact on the business.

The new version will follow a new, higher-level structure to make it easier to use in conjunction with other management system standards, with increased importance given to risk. “The new version is very strongly based on three basic core concepts”, said Nigel Croft, Chair of the ISO subcommittee revising the standard. He states that one is the successful process approach from the 2008 version. The second is the plan-do-check methodology based upon the system of processes. “The third core concept which is new in the 2015 version is risk-based thinking, aiming at preventing undesirable outcomes,” Nigel concluded.

Risk is the factor likely to have the biggest impact on businesses looking to maintain or achieve ISO 9001 compliance as the new 2015 version is deployed. The new version calls for increased risk awareness, where organisations recognise and evaluate potential risks within their environment and quality management system. After identifying, assessing and prioritising each risk, the company decides whether to accept or avoid the risk, or develop a plan to minimise its impact. This must be clearly outlined within their quality management system.

Why manufacturers should be prepared

ISO 9001 is a cross-industry standard, and as such, is suitable for the certification of quality management systems in any company. However, with the focus of the new 2015 version centring on risk, it is highly regulated industries such as manufacturing which are likely to be most heavily affected. The content and process management demands that compliance and quality mandates place on organisations in regulated sectors are high. For example, there are more than 14,000 laws, standards and regulations that dictate how long to keep paper and electronic records (Source: Cadence Group, 2011). Customers and suppliers will also frequently require a manufacturing business to hold ISO 9001 among many other certifications.

Given the high priority that manufacturing organisations must place on quality and compliance management, and the amount of documentation they must produce to support and fulfil compliance initiatives, it is no longer practical to manage content separately from quality and compliance. As a result, management systems for both documents and information, as well as processes, procedures and templates, must play a central integrated role in effective quality and compliance management. In short, document management and quality management should no longer be viewed as two separate entities.

So how can you prepare?

1. Arm yourself with all the information you need

You need to ensure that you understand the differences between ISO 9001:2015 and ISO 9001:2008,
and are able to identify any gaps in your current QMS and related processes that will need to be
addressed to ensure your continued compliance. It is therefore worth speaking to the experts now
and planning to invest in resources that will ease your ISO 9001: 2015 implementation, and save you time and money.

IT Governance is a leading global provider of IT governance, risk management and compliance solutions – including documentation toolkits containing management system document templates that have been created by consultants with extensive experience implementing management system standards. Organisations that are beginning to plan their ISO 9001 transition projects can utilise IT Governance’s free ISO 9001:2008 to ISO 9001:2015 Conversion Tool, which summarises the key changes to the Standard, maps the standard’s clauses from version to version, and provides a breakdown of the requirements for documented information, thereby helping organisations to easily identify the changes they need to make to their QMS.

Alternatively, you can use the Standard alongside the ISO 9001: 2008 to ISO 9001: 2015 Gap Analysis Tool to monitor what needs to be done and develop an implementation plan to ensure a smooth and structured transition. All employees involved in quality management processes will need to be made aware of the revision, and the changes and impacts that will arise from it. Most importantly, they will need to be clear on their roles and responsibilities in ensuring the requirements of the new standard are met. Taking advantage of the expertise of an organisation such as IT Governance can streamline the transition process considerably by reducing the project’s time and costs, and ensuring that your transition to ISO 9001:2015 is as seamless as possible and does not impede your everyday business activities. Organisations that use IT Governance’s toolkits can effectively use consultancy expertise without going to the expense of actually engaging consultants.

IT Governance’s ISO 9001: 2015 QMS Documentation Toolkit contains the fundamental tools and materials you need to easily start your QMS project and continuously support its implementation. Using the toolkits’ one click customisation feature, you can create documents that are tailored to your company’s needs and satisfy the requirements of multiple management systems.

2. Next-generation quality management

With the ISO quality management standard being refreshed, whether or not you are using a purpose built QMS solution, or still rely on paper documentation and quality manuals along with processes and procedures developed in-house over time, this could be an ideal opportunity to bring your quality related systems and processes up to date with next-generation technology.

The traditional QMS typically focuses on policy-related documents and the workflows to control these documents. This structure leads to data silos and locating policy information and ensuring it is kept up to date can be manual and laborious. For instance, it is not uncommon for manufacturing firms to use multiple different systems for managing the various elements associated with quality management. There is likely a separate system for document management, or even just network drives, where documentation, such as CAPA templates and risk assessment forms, will reside. Risk management could be managed independently of the rest of the quality system as well.

This approach is cumbersome and results in silos of information and the lack of transparency across all quality-related processes. Modern QMS offerings break down these silos by providing a single, centralised system for managing quality processes and associated documentation and other information. Further, leading solutions can manage and track core business objects and related processes in addition to only documents, such as Word files or Excel spreadsheets.

For example, internal production processes often include a variety of other common, important business-related information objects that are often even managed in other systems, such as an ERP or CRM. In manufacturing operations these can be common objects or items, like parts and assemblies, or other entities critical to the business-like customers, vendors and contractors. They can also represent important information that is tied to the production process, such as work orders or lots. There are also various stages such as parts specification and manufacturing, assembly, testing and release.

The ability to easily view and access important information from any stage in the process or vantage point is a crucial aspect of providing quick, easy access to the “right” content in “context.” More importantly, when these disparate forms of information are integrated and then leveraged to index and organise the documents and files we typically think of as unstructured content, such as purchase orders, invoices, contracts, proposals, shipping bills, etc., the foundation for a powerful and efficient quality management system is formed. Even more powerful is the ability then to establish linkages between related information to provide a “360-degree view,” such that one can find whatever they are looking for from any starting point or stage of the process.

This can include identifying stakeholders, such as process owners or project team members, or any other related information or content, such as workflows, risk assessments, deviations and audit trails, along with other information about relevant standard operating procedures and regulations.

A key benefit of industry-leading QMS solutions is that regulatory compliance is greatly simplified, becoming a day-to-day way of working, versus a system for collecting static documents filed away in a quality manual. All compliance related documentation is stored and managed in a centralised system and instantly accessible by users at any stage of a given process. Important processes and standard operating procedures are automated with simple notifications and alerts to required parties, and then supported with electronic and digital signatures and clear audit trails. This improves transparency and ensures that required compliance-related tasks are completed on time by the right people, and that related information is up-to-date and always available.

Further benefits of a next-generation QMS solution include:

  • Streamlining process management: Internal processes and workflows can be automated, with the Quality Manager having complete visibility of process status. Electronic signing capabilities can further automate workflows whilst increasing security and reducing risk.
  • Protection of sensitive and valuable content: Access and permission management features ensure the security of confidential or mission-critical information.
  • Easy templates to ensure consistency and convenience: Create templates for CAPAs and SOPs, audit procedures and more; this not only minimises the time required to create such critical documents but ensures that they are created to an appropriate standard.
  • Document control and learning: QMS should be an essential training tool, to ensure that necessary information has been learned. It’s simple to see who has and has not completed their required training, and easy to send reminders to ensure that they do. This can also be critical for other compliance initiatives, such as health and safety legislation.

3. Store and manage information

For manufacturing companies, information management is a critical component of compliance, and
not only for ISO 9001 requirements. In addition to extensive laws, regulations and ‘good practice’
standards, such as GMP (Good Manufacturing Practices) or cGMP (Current Good Manufacturing
Practices), manufacturers are striving to improve operational excellence, organisation, clarity, transparency and accountability. Enterprise Information Management (EIM) solutions can enable organisations to effectively manage both their ISO 9001 related content as well as other core information assets, making it simpler to adhere to the ISO 9001:2015
standard. Here’s how:

  • Spend less time looking for ISO 9001 documents: All ISO 9001-related content can be tagged with metadata attributes that identify them as ISO 9001-related as they are created or saved. These metadata attributes allow documents to be retrieved based on context and relevance instead of the folder in which they are stored. The added layer of intelligence makes it quick and easy to locate relevant ISO 9001 information, or to retrieve related documents for any other purpose or project. Put simply, searching for ISO-related documents becomes completely painless.
  • Improve visibility of ISO assets: Digital content can be managed as part of a single virtual repository, eliminating silos of information that are time consuming to search and tend to proliferate duplicate information when users recreate materials they can’t locate.
  • Automate version control and archiving: Employees can access the most current information, or retrieve historical documents, while employers have a full audit trail of document access and changes made.

ISO 9001:2015 Summary

By taking the three steps described above to prepare for ISO 9001:2015, manufacturing firms, as well as other organisations in highly regulated industries, can transition to the latest certification standard faster and more efficiently. Using toolkits, training and consultancy, as well as a QMS solution that streamlines process management and the management of associated documentation, manufacturers can establish and enforce document and data control procedures and ensure that processes are followed according to regulations and standards. Regulated businesses can lose the complexity, but not the control, of achieving and maintaining ISO certification.

Furthermore, the next-generation quality management systems provide the seamless link between document and quality management. As the emphasis on risk increases in ISO 9001:2015, a management solution needs to help minimise risk by automating quality processes, for example Corrective and Preventive Actions (CAPA). These systems can come with not only the tools needed, but ready-made processes inbuilt, to further simplify compliance-related efforts and initiatives.

With 2015 seeing the latest major revision to ISO 9001, M-Files and IT Governance will work together seamlessly to provide all the necessary information you need to know about not only existing ISO standards but also the latest ISO 9001:2015 version, as well as the solutions and tools that makes becoming and remaining certified as simple and pain free as possible.

For more information on how we can help your organisation please email: peter@documentmanagementsoftware.com.au or visit www.documentmanagementsoftware.com.au


Peter Ellyard

Having spent over 20 years immersed in the document management software industry I have found that by offering a simple to use, highly effective electronic document management solution (knowledge management software) we increase productivity dramatically. Typically by an hour per person, per day! This is not rocket science, just a simple way to streamline your day to day information needs.