‫ندوة نظم االدارة بالمنشات‬

‫‪ISO9001:2015‬‬
‫‪ISO14001:2015‬‬
‫‪ISO45001:2018‬‬

‫تقديم‪ :‬م‪ .‬مجدى الزلبانى‬

‫اغسطس‪18 2018‬‬
Seminar Contents
• Delegates Attendance Registration. 9:00
• Management System Benefits. 9:15
1. Historical View for Management System.
2. ISO Organization & Management Systems Standards ,

• Break. 10:45
• Common Approaches for Management System. 11:00
1. Organization Context, Policy, Objectives, Risks and Opportunities, ..
2. Consultation for Establishing, Documenting, Implementing MS.
3. Certification for Organization according to ISO Standards

• Break. 13:00
• MS Staff Competence (QA & QC and OH&E) 13:30
• Delegates Teams competition & Valuable Presents for MS. 14:00
• Delegates Pictures and Seminar End. 15:00
Quality management system
Benefits:
• Improved business planning
• Greater quality awareness throughout organisation
• Improved communications ( internal & external )
• Higher customer satisfaction
• Reduced costs of non-quality
• Confidence to customers & interested parties
• Greater control of processes and activities throughout organisation
Evolution of QMS Standards

• MIL - Q - 9858 USA ~ 1958

• BS 5750 Part I , II ,III UK ~ 1979
• ISO 9001 , 9002 & 9003 1987
• ISO 9001 , 9002 & 9003 1994
• ISO 9001 : 2000 2000
• ISO 9001:2008 2008
• ISO9001:2015 2015
ISO 9000 family
• ISO 9000 -- Quality management systems -
Fundamentals and vocabulary

• ISO 9001 - Quality management systems -

Requirements

• ISO 9004 - Managing for the sustained

success of an organisation – a quality
management approach
Relationship between ISO 9001 &
9004

• Consistent pair for use together or independently

• ISO 9001 sets out requirements

• ISO 9004
• Provides guidance for the sustained success of an
organisation and its QMS
• Not for implementation of ISO 9001 or
certification/contractual use
Consistent with other standards

• ISO 14001 Environmental management systems

– Requirements with guidance for use

• OHSAS 18001 Occupational health and safety

management systems - Requirements

• ISO/IEC 27001 Information technology – Security

techniques – Information security management
systems - Requirements

• ISO 22301 Societal security- Business continuity

management systems – Requirements
ISO 19011

• Guidelines for auditing management systems

• Contains information on:

• Terms and definitions
• Principles of auditing

• Managing an audit programme

• Performing an audit

• Competence and evaluation of auditors

ISO/IEC 17021
• Conformity assessment – requirements for bodies providing audit
and certifications on management systems

• Contains requirements for CBs on:

• Principles by which CBs should conduct their activities

• Legal and contractual matters

• Structural requirements

• Resource requirements (and auditor competence)

• Information requirements

• Process requirements

• Management system requirements

Session 2

• Process-based QMS

• The application of PDCA cycle

• Plan, Do, Check, Act

• Role of the Auditor

PLAN-DO-CHECK-ACT CYCLE
& CONTINUAL
IMPROVEMENT

Process

 Any activity that takes “inputs”

 And converts them to “outputs”

PROCESS APPROACH

 The systematic identification and

management of these activities and
the interactions between activities
“Risk-based thinking”

• Risk is the effect of uncertainty on an

expected result
• ISO 9001:2015 incorporates risk into
requirements for the QMS
•  The extent of risk is determined by the
organisation
• “Risk-based thinking” is considering risk
qualitatively (and quantitatively) depending
on the organisation’s context
Quality management principles

• Customer focus
• Leadership
• Engagement of people
• Process approach
• Improvement
• Evidence-based decision making
• Relationship management
 Model of a process-based QMS
Organization Quality Management System (4)
and its context
(4) Support &
Operation
(7, 8)
Customer
PLAN DO satisfaction

Results of
Customer Planning Leadership Performance the QMS
requirements (6) (5) Evaluation
(9)
Products
ACT CHECK
and Services

Needs and
Expectations of Improvement

-
Interested (10)
Parties (4)
 Schematic representation of a single
process within the system

Starting point End point

Sources of Inputs Receivers of

Inputs Activities Outputs Outputs

PREDECESSOR MATTER, MATTER, SUBSEQUENT

PROCESSES ENERGY, ENERGY, PROCESSES
E.g. at: INFORMA-TION INFORMA-TION E.g. at:

· Providers (internal or E.g. in the form of E.g. in the form of · Customers (internal
external) materials, product, service, or external)
resources, decision
· Customers requirements · Other relevant
interested parties
· Other relevant
interested parties

Possible controls and check

points to monitor and measure
performance
 NETWORK OF
INTERRELATED OR
INTERACTING PROCESSES
PDCA

Process E
Customers & interested parties

Customers & interested parties

Process A PDCA

PDCA
Process C Process D

PDCA PDCA

Process B

PDCA

Internal Internal
Process F
Customer Customer

PDCA
The organisation and its context
• The organisation must have an understanding of its QMS
requirements: i.e.:
• Identified interested parties, their issues and expectations

• Established links between quality policy and business objectives

• Identified applicable legal and regulatory requirements

• Determined the processes needed, and their sequence and

interaction

• Determined the risks and opportunities, and actions needed to

address these

• Accurately determined the scope of the QMS

The QMS must include
• Documented information required by standard

• Documented information necessary for effective planning, operation

and control
Amount of documentation
 The extent of the documentation will depend on:
· The size and type of organisation
· Complexity and interaction of the processes
· Competence of personnel

(ISO 9001:2015, clause 7.5.1, Note)

Documented information
• Examples:
• The scope of the QMS (4.3)
• Process documentation (4.4)
• QMS policy (5.2.2)
• Information on the objectives (6.2.1)
• The “fitness for purpose” of monitoring and measurement resources (7.1.5)
• Evidence of competence (7.2)
• Confirmation that design and development requirements, and any changes have been
met (8.3.2; 8.3.6)
• Results of evaluation, performance and re-evaluations of providers of external providers
(8.4.1)
• Actions taken on nonconforming process outputs, products and services (8.7)
• Evidence of the results of monitoring and measurement activities (9.1)
•  Internal audit programmes and audit results (9.2)
•  Nonconformities and outcome of corrective actions (10.1)
Other documents
• Work instructions  Job cards
• Training programmes  User manuals
• Appraisal forms  Technical manuals
• Access control swipe  Manufacturer’s
cards recommendations
• Confidentiality or non-  Performance standards,
disclosure agreements etc.

• Service level agreements

• Process flow charts
• Organisation charts
• Production schedules
• Operating instructions
Documented information as evidence
(Records)
• Demonstrate conformity

• Demonstrate effective operation of QMS

• Shall be:
• Controlled

• Legible

• Readily identifiable

• Retrievable

• Access authorised
Electronic data systems

• Provide:

• On-line access to information

• Communication

• Elimination of obsolete documents

Electronic data systems
(continued)

• Considerations:
• Security

• Change control

• Authorisation
• Document approvals
• Signatories
• Virus checking

• Record keeping
• Back-up controls
Continual improvement
• Continual improvement to effectiveness of the QMS through:

• Outputs of analysis and evaluation

• Outputs from management review

• Addressing areas of underperformance or opportunities

• Where applicable:

• Applicable tools and methodologies to be used for investigation of areas of

underperformance and for supporting continual improvement
 Third-party certification

International Accreditation Forum (IAF)

National Accreditation Body

Certification Body Auditor Certification Scheme

Organisations Auditor Auditor

certification training
 Certification process

• Will include:
• Stage 1 audit
• Application
• On-site visit (recommended)
• Documentation review
• Stage 2 audit
• On-site audit
• Regular “surveillance” visits
 To gain accreditation

• Certification bodies must:

• Have a formal documented quality management system

• Be audited by an accreditation body

• Hold records on auditors

• Prove knowledge and experience in applicable industry

sectors

• Have certificated lead auditors

 Auditor certification schemes

• To certify as competent:
• Auditors trained and qualified in the principles and practices of auditing
quality management systems in accordance with:

• ISO 19011, and

• ISO/IEC 17021, as appropriate

 IRCA auditor certification scheme

• Categories:

• Provisional Internal QMS Auditor

• Internal QMS Auditor

• QMS Provisional Auditor

• QMS Auditor

• QMS Lead Auditor

• QMS Principal Auditor

 IRCA auditor certification scheme

• Categories:

• Provisional Internal QMS Auditor

• Internal QMS Auditor

• QMS Provisional Auditor

• QMS Auditor

• QMS Lead Auditor

• QMS Principal Auditor

 IRCA auditor certification scheme

• Categories:

• Provisional Internal QMS Auditor

• Internal QMS Auditor

• QMS Provisional Auditor

• QMS Auditor

• QMS Lead Auditor

• QMS Principal Auditor

 Auditor competence

• Based upon:

• Personal characteristics

• Knowledge
Audit evidence / audit trails
The Auditing Process
Audit evidence / audit trails (continued)

Information relevant to the audit is obtained from:

• People
• Processes
• Equipment / tools / materials
• Documentation