Records required by ISO 9001:2008

Records required by ISO 9001:2008

Clause Record required
5.6.1 Management reviews
6.2.2 e) Education, training, skills and experience
7.1 d) Evidence that the realization processes and resulting product fulfil requirements
7.2.2 Results of the review of requirements related to the product and actions arising from the review
7.3.2 Design and development inputs relating to product requirements
7.3.4 Results of design and development reviews and any necessary actions
7.3.5 Results of design and development verification and any necessary actions
7.3.6 Results of design and development validation and any necessary actions
7.3.7 Results of the review of design and development changes and any necessary actions
7.4.1 Results of supplier evaluations and any necessary actions arising from the evaluations
7.5.2 d) As required by the organization to demonstrate the validation of processes where the resulting output cannot be verified by subsequent monitoring or measurement
7.5.3 The unique identification of the product, where traceability is a requirement
7.5.4 Customer property that is lost, damaged or otherwise found to be unsuitable for use
7.6 a) Basis used for calibration or verification of measuring equipment where no international or national measurement standards exist
7.6 Validity of the previous measuring results when the measuring equipment is found not to conform to requirements
7.6 Results of calibration and verification of measuring equipment
8.2.2 Internal audit results and follow-up actions
8.2.4 Indication of the person(s) authorizing release of product.
8.3 Nature of the product nonconformities and any subsequent actions taken, including concessions obtained
8.5.2 e) Results of corrective action
8.5.3 d) Results of preventive action

Demonstrating conformity with ISO 9001:2008

Demonstrating conformity with ISO 9001:2008

For organizations wishing to demonstrate conformity with the requirements of ISO 9001:2008, for the purposes of certification/registration, contractual, or other reasons, it is important to remember the need to provide evidence of the effective implementation of the QMS.
Organizations may be able to demonstrate conformity without the need for extensive documentation.
To claim conformity with ISO 9001:2008, the organization has to be able to provide objective evidence of the effectiveness of its processes and its quality management system. Clause 3.8.1 of ISO 9000:2005 defines “objective evidence” as “data supporting the existence or variety of something” and notes that “objective evidence may be obtained through observation, measurement, test, or other means.”
Objective evidence does not necessarily depend on the existence of documented procedures, records or other documents, except where specifically mentioned in ISO 9001:2008. In some cases, (for example, in clause 7.1(d)
Planning of product realization, and clause 8.2.4

Monitoring and measurement of product), it is up to the organization to determine what records are necessary in order to provide this objective evidence.
Where the organization has no specific internal procedure for a particular activity, and this is not required by the standard, (for example, clause 5.6 Management Review), it is acceptable for this activity to be conducted using as a basis the relevant clause of ISO 9001:2008. In these situations, both internal and external audits may use the text of ISO 9001:2008 for conformity assessment purposes.

Outsourced Processes In ISO 9001 Standards

Outsourced Processes In ISO 9001 Standards

One of the changes in ISO 9001:2008 is clarification of the role of outsourced processes in a quality management system. Guidance on ‘Outsourced processes’ helps clarify the intent and shows the linkage between Clause 4.2, where outsourced processes appear, and the purchasing controls in clause 7.4.
An outsourced process is a process that the organization needs for its quality management system and is performed by an external party. This party could be another company, a corporate service, another division, etc.
The organization needs to ensure the outsourced process is conducted in accordance with ISO 9001:2008 and other requirements of the quality management system. This brings in the purchasing controls of 7.4. The service may not be purchased in the traditional sense of a monetary transaction. The guidance document explains that the controls in clause 4.2 and 7.4 apply. For example, a “no charge” service from a corporate head office requires documentation of supplier selection and, most importantly, control.
The guidance document addresses two important cases and gives guidance on the appropriate level of control. The cases are:
• The organization has the competence and ability to carry out a process, but chooses to outsource it (for commercial or other reasons).
• The organization does not have the competence to carry out the process itself, and chooses to outsource it.

Organizations preparing to implement a QMS For ISO 9001

For organizations that are in the process of implementing a QMS, and wish to meet the requirements of ISO 9001:2008,
the following comments may be useful.
For organizations that are in the process of implementing or have yet to implement a QMS, ISO 9001:2008 emphasizes a
process approach. This includes:
- Identifying the processes necessary for the effective implementation of the quality management system
- understanding the interactions between these processes.
- documenting the processes to the extent necessary to assure their effective operation and control. (It may be
appropriate to document the processes using process maps. It is emphasized, however, that documented process maps
are not a requirement of ISO 9001:2008.)
These processes include the management, resource, product realization and measurement processes that are relevant
to the effective operation of the QMS.
Analysis of the processes should be the driving force for defining the amount of documentation needed for the quality
management system, taking into account the requirements of ISO 9001:2008. It should not be the documentation that
drives the processes.

Demonstrating conformity with ISO 9001:2008

Demonstrating conformity with ISO 9001:2008

For organizations wishing to demonstrate conformity with the requirements of ISO 9001:2008, for the purposes of certification/registration, contractual, or other reasons, it is important to remember the need to provide evidence of the effective implementation of the QMS.
Organizations may be able to demonstrate conformity without the need for extensive documentation.
To claim conformity with ISO 9001:2008, the organization has to be able to provide objective evidence of the effectiveness of its processes and its quality management system. Clause 3.8.1 of ISO 9000:2005 defines “objective evidence” as “data supporting the existence or variety of something” and notes that “objective evidence may be obtained through observation, measurement, test, or other means.”
Objective evidence does not necessarily depend on the existence of documented procedures, records or other documents, except where specifically mentioned in ISO 9001:2008. In some cases, (for example, in clause 7.1(d)
Planning of product realization, and clause 8.2.4 Monitoring and measurement of product), it is up to the organization to determine what records are necessary in order to provide this objective evidence.
Where the organization has no specific internal procedure for a particular activity, and this is not required by the standard, (for example, clause 5.6 Management Review), it is acceptable for this activity to be conducted using as a basis the relevant clause of ISO 9001:2008. In these situations, both internal and external audits may use the text of ISO 9001:2008 for conformity assessment purposes.

How ISO 14001 works

ISO 14001 is the only standard intended for registration by a third party (along the lines of ISO 9001 or QS 9000). All the others are for guidance.
Whether seeking formal certification or not, the start point is often difficult: What is required? Where can I get ISO 14001 Policies? Where do I learn about ISO 14000? What about procedures?. The list of questions is long.
Fortunately, there are resources available to help. The one recommended by this portal is The ISO 14000Toolkit. This offers outstanding value, and includes a number of substantial and quality components: an ISO 14001 policy manual, a set of procedures, a comprehensive ISO 14000 training presentation, an audit checklist, a significant number of data collection forms, etc

COMPLYING WITH THE ISO 14001 STANDARDS

ISO 14001 is the only standard intended for registration by a third party (along the lines of ISO 9001 or QS 9000). All the others are for guidance.
Whether seeking formal certification or not, the start point is often difficult: What is required? Where can I get ISO 14001 Policies? Where do I learn about ISO 14000? What about procedures?. The list of questions is long.
Fortunately, there are resources available to help. The one recommended by this portal is The ISO 14000Toolkit. This offers outstanding value, and includes a number of substantial and quality components: an ISO 14001 policy manual, a set of procedures, a comprehensive ISO 14000 training presentation, an audit checklist, a significant number of data collection forms, etc

ISO 14001 ENVIRONMENTAL MANAGEMENT

ISO 14001 was first published in 1996 and specifies the actual requirements for an environmental management system. It applies to those environmental aspects which the organization has control and over which it can be expected to have an influence.
ISO 14001 is often seen as the corner stone standard of the ISO 14000 series. However, it is not only the most well known, but is the only ISO 14000 standard against which it is currently possible to be certified by an external certification authority. Having stated this, it does not itself state specific environmental performance criteria.
This standard is applicable to any organization that wishes to:
- implement, maintain and improve an environmental management system- assure itself of its conformance with its own stated environmental policy (those policy commitments of course must be made)- demonstrate conformance- ensure compliance with environmental laws and regulations- seek certification of its environmental management system by an external third party organization- make a self-determination of conformance

ISO 14001 – Certification/Registration

ISO 14001 – Certification/Registration

Similar to the organized approach to problem solving contained in ISO 9000

and ISO 14000, an organized approach is necessary to achieve certification. Although the written requirements contained in ISO 14001 are straightforward and brief, the level of effort required to conform with the requirements should not be underestimated.

If an environmental review of the facility‘s operations has not been conducted, it is important to retain a qualified consultant to conduct the review. which should focus on the requirements of ISO 14000 versus programs currently in use. This activity is known as a Gap Analysis.?E After the Gap Analysis is completed, the environmental status of the operation should be known and the level of effort necessary to develop the ISO 14000 program understood.

It can easily take six months to a year to develop a program that meets EMS requirements. Staff should develop the EMS program as they will ultimately be required to manage it. If staff is inadequate to develop the program, a consultant can be retained to provide guidance to staff as the program is being developed.

But, retaining a consultant will not resolve the problem of long term program maintenance. The ultimate goal of developing the EMS is to obtain certification/registration. Aside from the internal benefits offered by the ISO 14000 series of standards, external benefits may be derived through the certification/registration process. The certification/registration process only applies to ISO 14001, and this is the only standard to which the audit process applies. For the purposes of certification/registration, all other ISO 14000 standards are considered guidance. Certification can either be by a self declaration?Eor by an independent registrar.

Obviously the use of an independent registrar would give more credibility to those looking at an organization from outside.

Registrars have individual preferences about how the requirements should be administered. A registrar should be selected early in the process to help ensure that the program being developed is consistent with the registrars preferences. When the program is fully prepared and implemented, the registrar will be notified and a formal program audit undertaken. This audit will not result in a denial of ISO 14000 certification, but it may result in either approval or a list of deficiencies that must be corrected before certification.

ISO 14001:2004 Evaluation of compliance

ISO 14001:2004 Evaluation of compliance

This clause has been separated from 4.5.1 and includes two sub-clauses, as well as clarification and an addition to the ISO 14001:1996 standard. Included in Clause 4.5.1 of ISO 14001:1996 was a requirement for the organisation to periodically evaluate compliance with relevant (now applicable) environmental legislation and regulations. This requirement has been retained in Clause 4.5.2.1 of the revised standard. In Clause 4.5.2.2, ISO 14001:2004 includes evaluation of compliance with other requirements to which the organisation subscribes, which was not specifically required by ISO 14001:1996. This clarification also includes a requirement for records of periodic evaluations of compliance to be kept.

The UK-based Institute of Environmental Management and Assessment (IEMA) has published an opinion that this means that compliance against each and every piece of legislation / regulation relating to an organisation’s environmental aspects will need to be evaluated before it can be considered to be in conformity with ISO 14001: 2004; it will not be acceptable for organisations to claim that the periodic evaluation will be covered by their internal EMS audit program at some future date.

This has always been one of the most difficult issues in ISO 14001:2004, and organisations will need to review and revise their compliance procedures to ensure that they meet these new requirements

Assessing the Corporate Impact of ISO 14000 Certification

The 1990s have indeed been a period of change. This has seen a change from a perspective that
emphasized trade-offs (you can have only one of the following quality) to a paradigm that stresses
simultaneity (you can simultaneously achieve lower costs and higher quality and shorter lead times).
This has also become a period when more and more managers are expected to become increasingly
environmentally conscious. Being environmentally responsible is no longer viewed as something that is
primarily done for publicity sake or to avoid prosecution. Rather it is seen as a matter of good business.
An indication of the increasing importance of the environment is the recent emergence of the ISO
14000 environmental standard. There are several features that make this new standard noteworthy.
First, it builds on the success of ISO 9000, and its variants (e.g., QS 9000).
Second, ISO 14000 is an international standard. It is hoped that it will replace the numerous and often
conflicting standards found in various countries. Third, ISO 14000 shifts attention from the outcome
(reduced pollution) to processes. However, being a new standard, the introduction of ISO 14000 has
raised a number of questions, namely:
1. What is the status of environmental management systems in most American plants and how are they perceived by management?
2. How are the predispositions of management towards ISO 14000 influenced by factors such as pastexperience with ISO 9000, corporate orientation towards environmental responsibility, industrial factors, importance of international trade to corporate performance and the functional positions of the respondents?
3. To what extent do the respondents see a relationship between ISO 14000 registration and success and improved market, or corporate performance?
4. How effective is ISO 14000 relative to the other alternatives available for improving environmental performance?
These and other questions formed the focus of a recently completed two-stage study into the status of ISO 14000 certification in the United States. The first phase consisted of a large-scale survey (consisting of some 16 pages) that were sent out to managers in various functions across the United States. This phase generated a database of 1,510 respondents. In the second phase, the researchers examined detailed case studies of eight plants shorter lead times, lower costs or higher? experience with ISO 14000. These plants were drawn from five categories:
ISO 14000 not being consider/only do it if mandated;
Assessing suitability of ISO 14000;
Planning for ISO 14000/Pursuing ISO 14000 Certification;
Implementing ISO 14000/Pilot Plants in North America; and,
Successfully certified in ISO 14000.

Implications for the Purchasing Professional
To date, the purchasing professions have played a relatively minor role in the ISO 14000-certification process. For the most part, interest in certification has been confined to within the firm. However, this
certification process can and does present the purchasing professional with certain opportunities to improve both environmental and strategic performance not only within the firm but also within the supply
chain. The results point out the need for purchasing professionals to take a more active role within the ISO 14000-certification process. They must start looking for and exploiting previously overlooked opportunities.
ISO 14000-certification represents a growth in opportunities.
In short, this study shows that there is much more action than hype about the ISO 14000 environmental standards. The early results are in and the evidence, while not complete, indicates that ISO 14000-certification does work. It does achieve the twin objectives of reduced pollution and improved corporate performance.