ISO 9001:2008 is the widely-used standard for quality certification, and as many know, it has a new revision: ISO 9001:2015. UEA is one of the first companies in our manufacturing area to be approved for ISO 9001:2015 certification successfully without any major or minor findings.
The ISO 9001:2015 standard ensures that all aspects of the organization are run under parameters of the ISO – an organization-defined standard with continuous improvement and constant management in various processes and departments of the organization. This includes all critical processes to run the organization: management responsibilities, individual responsibilities, department responsibilities, employee responsibilities, documentation, various employee training, internal audits, customer scorecards, supplier performance, internal processes, controls and proper documentation.
The easiest way to get the ISO 9001:2015 certificate upgraded from the ISO 9001:2008 is to schedule a transaction audit before the current ISO 9001:2008 certificate is set to expire. Depending on the size of the organization, the ISO auditor will schedule 5-6 days for the transaction audit. From UEA's experience, it is recommended to schedule two transaction audits at least 4 months apart – shortening the transaction audit to 2.5-3 days on each visit (instead of 5-6 days). Doing this also allows time to fix any major or minor findings before the second audit is set to take place.
Below are a few tips to ensure a successful ISO 9001:2015 audit:
1. Employee Training
This is an opportunity to train or re-train employees on the department/organization work instructions, procedures, the location of stored documents, the method of storage (soft copy or hard copy), and the location of the storage method.
Key areas of employee training checked by ISO Auditor:
- On-boarding training record
- Department training matrix
- Training record of department work instruction and procedures
- Training records on special process (if your organization have any other than work instructions)
Also, this is a good opportunity for any system-related changes. For example, I have worked most of my life for an ISO-certified company and most of the company was facing a common issue related to a complex computer access system. Due to lack of computer skills, most of the production employees struggled to find the ISO-related documents in the system, so I came up with a solution and created a document accessible organization flow chart (please attached image for more information).
With the document accessible organization flow chart, employees have access to all of the forms, instructions, procedures, training matrix and other necessary documents for their departments (including well-arranged subfolders), making it easy to train employees.
2. Risk-Based Thinking
In ISO 9001:2015, risk-based thinking is a major part of the changes from ISO 9001:2008. As required by ISO 9001:2015, organizations should evaluate and keep a record of the risk-related opportunities to the different departmental process or key process. This is a really good tool if used correctly and regularly maintained, as many employees in the organization are already indirectly doing the risk analysis in the process of PFMEA, DFMEA so it is not a completely new concept for most of the organization.
At UEA, we first created the separate log of the risk analysis for each of the departmental processes and identified the area or processes with higher risk value and we took some actions to reduce the higher risk value processes. (this can be another long conversation in detail so for information please wait for my next blog).
Example of the Risk log and procedure:
3. GAP Analysis and Internal Audit
Gap Analysis is a really nice tool to prepare your organization for the ISO 9001:2015 audit. In our organization, we arranged two transaction audits – each audit lasted 2.5 days. Before the audit, we did the GAP analysis. A very simple gap analysis tool can be created by using your ISO manual or purchased online. Gap analysis will help to identify any gaps in your preparation for the ISO 9001:2015 audit and add protection against any unnecessary major or minor findings.
4. Quality Manual
In ISO 9001:2015, the standard quality manual is no longer required but is recommended if your organization is medium to large scale or has more than 10 different manufacturing processes. Update your current ISO 9001:2008 organization quality manual to ISO 9001:2015 format, and list the process and changes on it. The quality manual will help manage documentation in different areas of the organization and is very useful during the internal audit and external ISO certification audit.
5. Review Documentation:
Ensuring that all company documentation, from forms to procedures, is thorough and accurate is essential to completing an audit successfully. Common items to monitor include missing signatures, incomplete fields, and outdated revision levels. Also, check for handwritten notes on drawings and work instructions (if any).
6. Involve Everyone and Communicate the changes
All organization employee should encourage to patriciate in QMS changes and always ask for their inputs on improvements. This can cause the powerful motivation in the employee and enhance a culture of employee participation.
During the audit, it is very necessary that employee answer the questions openly and honestly, if they do not know the answer to a question then they can always refer to the auditor, the department manager or reference the documents where the answer can be found and it is very acceptable according to the standard. Please train your employee not to provide false information because it can make things more difficult for everyone involved in the audit.