WIXLIB

Sponsored by:ISO 9001:2015is HereAre you ready?SS: ISO:9001

ISO 9001:2015 is here. Are you ready?About ISO 9001The ISO 9001 standard related to quality management systems helps businesses better serve theircustomers and consistently provide products and services that meet both customer and regulatoryrequirements.More than a million businesses and suppliers in quality-intensive and highly-regulated industries have been ISO9001 certified, and there are many reasons why businesses continue to join the worldwide ISO 9001 community.The standard has gained acceptance to the degree that many major global corporations and organisations requireISO 9001 certification from their partners and solution providers. The roadmap it provides for quality managementhas been proven over more than five decades to help lower risks, especially in quality-intensive and highly regulatedindustries.Despite the original guidelines being drafted 55 years ago and many updates made over the years, the core advantageremains the same; being certified gives partners and customers reassurance that a business maintains strict processesfor ensuring its quality policies are followed throughout the organisation.What does ISO 9001:2015 mean for you?Companies have a grace period in which to transition to the new standard before losing theircertification. In this period they must ensure they meet the amended requirements in order toremain certified.The new version follows a new, higher-level structure to make it easier to use in conjunction with other managementsystem standards, with an increased focus on risk mitigation.“The new version is very strongly based on three basic core concepts,” said Nigel Croft, Chair of the ISO subcommitteethat revised the standard. He states that one is the successful process approach from the 2008 version. The secondis the plan-do-check methodology based upon the system of processes. “The third core concept that is new in the2015 version is risk-based thinking, aiming at preventing undesirable outcomes,” Nigel concluded.Risk is the factor likely to have the biggest impact on businesses looking to become ISO 9001:2015 certified. The newversion calls for increased risk awareness, where organisations recognise and evaluate potential risks within theirenvironment and quality management system. After identifying, assessing and prioritising each risk, the companydecides whether to accept or avoid the risk, or develop a plan to minimise its impact. This must be clearly outlinedwithin their quality management system.Why you should be preparedWhile ISO 9001 is a cross-industry standard, companies that operate in highly-regulated industriessuch as manufacturing, life sciences, food processing and energy production are likely to be mostsignificantly impacted.1

ISO 9001:2015 is here. Are you ready?The content and process management demands that compliance and quality requirements place on organisationsin highly-regulated sectors are high. For example, there are more than 14,000 laws, standards and regulations in theU.S. alone that dictate how long to keep paper and electronic records (Source: Cadence Group).Given the high priority that organisations in highly regulated industries must place on quality and compliancemanagement, and the amount of documentation they must produce to support and fulfil compliance initiatives, itis no longer practical to manage content separately from quality and compliance. As a result, managementsystems for both documents and information, as well as processes, procedures and templates, must play a centralintegrated role in effective quality and compliance management. In short, document management and qualitymanagement should no longer be viewed as two separate entities.So how can you prepare?There are three key considerations that can make the transition to ISO 9001:2015 as smooth aspossible.1. Arm yourself with all the information you need on what the requirements are, the changes in thelatest version, and a step-by-step guide to achieving and maintaining compliance.2. Are your current systems and processes able to cope with the increased expectations placed upon them? If not,or there’s a question about whether they are, consider the next-generation of solutions for quality managementand compliance support.3. Store and manage certification related information in an easy-to-access, compliant way.1. Arm yourself with all the information you needYou need to ensure that you understand the differences between ISO 9001:2015 and ISO 9001:2008,and are able to identify any gaps in your current QMS and related processes that will need to beaddressed to ensure your continued compliance. It is therefore worth speaking to the experts nowand planning to invest in resources that will ease your ISO 9001:2015 implementation, and save you time and money.IT Governance is a leading global provider of IT governance, risk management and compliance solutions – includingdocumentation toolkits containing management system document templates that have been created by consultantswith extensive experience implementing management system standards.Organisations that are beginning to plan their ISO 9001 transition projects can utilise IT Governance’s free ISO9001:2008 to ISO 9001:2015 Conversion Tool, which summarises the key changes to the standard, maps the standard’sclauses from version to version, and provides a breakdown of the requirements for documented information, therebyhelping organisations to easily identify the changes they need to make to their QMS.You can download your free ISO 9001:2008 to ISO 9001:2015 Conversion Tool hereAlternatively, you can use the standard alongside the ISO 9001:2008 to ISO 9001:2015 Gap Analysis Tool to monitorwhat needs to be done and develop an implementation plan to ensure a smooth and structured transition. Allemployees involved in quality management processes will need to be made aware of the revision, and the changesand impacts that will arise from it. Most importantly, they will need to be clear on their roles and responsibilities inensuring the requirements of the new standard are met.Taking advantage of the expertise of an organisation such as IT Governance can streamline the transition processconsiderably by reducing the project’s time and costs, and ensuring that your transition to ISO 9001:2015 is asseamless as possible and does not impede your everyday business activities. Organisations that use IT Governance’s2

ISO 9001:2015 is here. Are you ready?toolkits can effectively use consultancy expertise without going to the expense of actually engaging consultants.IT Governance’s ISO 9001:2015 QMS Documentation Toolkit contains the fundamental tools and materials you needto easily start your QMS project and continuously support implementation. Using the toolkit’s one-click customisationfeature, you can create documents that are tailored to your company’s needs and satisfy the requirements of multiplemanagement systems.You can order the ISO 9001:2015 QMS Documentation Toolkit from IT Governance here2. Next-generation quality managementTraditional QMS systems and approaches typically focus on policy-related documents and the workflowsto control these documents. This structure leads to data silos, and locating policy information andensuring it is kept up to date can be manual and laborious.For instance, it is not uncommon for organisations to use multiple different systems for managing the variouselements associated with quality management. There is likely a separate system for document management (oreven just network drives) where documentation, such as CAPA templates and risk assessment forms, will reside.Risk management could be managed independently from the rest of the quality system as well. This approach iscumbersome and results in silos of information and the lack of transparency across all quality-related processes.Modern QMS offerings break down these silos by providing a single, centralised system for managing qualityprocesses and associated documentation and other information. Further, leading solutions can manage and trackcore business objects and related processes in addition to only documents, such as Word or Excel files.For example, internal production processes often include a variety of other common, important business-relatedinformation objects that are often even managed in other systems, such as an ERP or CRM. In manufacturingoperations for example, these can be common objects or items, like parts and assemblies, or other entities criticalto the business like customers, vendors and contractors. They can also represent important information that is tiedto the production process, such as work orders or lots. There are also various stages such as parts specificationand manufacturing, assembly, testing and release. The ability to easily view and access important information fromany stage in the process or vantage point is a crucial aspect of providing quick, easy access to the “right” content incontext.More importantly, when these disparate forms of information are integrated and then leveraged to index andorganise the documents and files we typically think of as unstructured content (such as purchase orders, invoices,contracts, proposals, shipping bills, etc.) the foundation for a powerful and efficient quality management system isformed. Even more powerful is the ability then to establish linkages between related information to provide a 360degree view, such that one can find whatever they are looking for from any starting point or stage of the process.This can include identifying stakeholders, such as process owners or project team members, or any other relatedinformation or content, such as workflows, risk assessments, deviations and audit trails, along with other informationabout relevant standard operating procedures and regulations.A key benefit of industry-leading QMS solutions is that regulatory compliance is greatly simplified, becoming a dayto-day way of working, versus a system for collecting static documents filed away in a quality manual. All compliancerelated documentation is stored and managed in a centralised system and instantly accessible by users at any stageof a given process. Important processes and standard operating procedures are automated with simple notificationsand alerts to required parties, and then supported with electronic and digital signatures and clear audit trails. Thisimproves transparency and ensures that required compliance-related tasks are completed on time by the rightpeople, and that related information is up-to-date and always available.3