Transcription
ISO29001First edition2020-05Petroleum, petrochemical and naturalgas industries — Sector-specificquality management systems —Requirements for product and servicesupply organizationsIndustries du pétrole, de la pétrochimie et du gaz naturel — Systèmesde management de la qualité spécifiques au secteur — Exigences pourles organismes de fourniture de produits et de servicesCopyrighted material licensed to University of Toronto by Clarivate Analytics (US) LLC, subscriptions.techstreet.com, downloaded on 2020-05-24 05:55:24 0000 byNo further reproduction or distribution is permitted.INTERNATIONALSTANDARDUniversity of Toronto User.Reference numberISO 29001:2020(E) ISO 2020
Copyrighted material licensed to University of Toronto by Clarivate Analytics (US) LLC, subscriptions.techstreet.com, downloaded on 2020-05-24 05:55:24 0000 byNo further reproduction or distribution is permitted.ISO 29001:2020(E) University of Toronto User.COPYRIGHT PROTECTED DOCUMENT ISO 2020All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication maybe reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or postingon the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the addressbelow or ISO’s member body in the country of the requester.ISO copyright officeCP 401 Ch. de Blandonnet 8CH-1214 Vernier, GenevaPhone: 41 22 749 01 11Fax: 41 22 749 09 47Email: copyright@iso.orgWebsite: www.iso.orgPublished in Switzerlandii ISO 2020 – All rights reserved
Contents PageForeword.vIntroduction. vi1234567Normative references. 1Terms and definitions. 2Context of the organization. 34.1Understanding the organization and its context. 34.2Understanding the needs and expectations of interested parties. 44.3Determining the scope of the quality management system. 44.4Quality management system and its processes. 5Leadership. 65.1Leadership and commitment. 65.1.1General. 65.1.2Customer focus. 75.2Policy. 75.2.1Establishing the quality policy. 75.2.2Communicating the quality policy. 75.3Organizational roles, responsibilities and authorities. 8Planning. 86.1Actions to address risks and opportunities. 86.2Quality objectives and planning to achieve them. 106.3Planning of changes. 10Support. 117.1Resources. 117.1.1General. 117.1.2People. 117.1.3Infrastructure. 117.1.4Environment for the operation of processes. 127.1.5Monitoring and measuring resources. 137.1.6Organizational knowledge. 147.2Competence. 147.3Awareness. 157.4Communication. 157.5Documented information. 167.5.1General. 167.5.2Creating and updating. 167.5.3Control of documented information. 17Operation. 188.1Operational planning and control. 188.2Requirements for products and services. 198.2.1Customer communication. 198.2.2Determining the requirements for products and services. 198.2.3Review of the requirements for products and services. 208.2.4Changes to requirements for products and services. 208.3Design and development of products and services. 218.3.1General. 218.3.2Design and development planning. 218.3.3Design and development inputs. 228.3.4Design and development controls. 228.3.5Design and development outputs. 238.3.6Design and development changes. 23 ISO 2020 – All rights reserved iiiUniversity of Toronto User.8Scope. 1Copyrighted material licensed to University of Toronto by Clarivate Analytics (US) LLC, subscriptions.techstreet.com, downloaded on 2020-05-24 05:55:24 0000 byNo further reproduction or distribution is permitted.ISO 29001:2020(E)
8.48.59108.68.7Control of externally provided processes, products and services. 248.4.1General. 248.4.2Type and extent of control. 248.4.3Information for external providers. 25Production and service provision. 268.5.1Control of production and service provision. 268.5.2Identification and traceability. 278.5.3Property belonging to customers or external providers. 278.5.4Preservation. 278.5.5Post-delivery activities. 288.5.6Control of changes. 28Release of products and services. 29Control of nonconforming outputs. 29Performance evaluation.309.1Monitoring, measurement, analysis and evaluation. 309.1.1General. 309.1.2Customer satisfaction. 309.1.3Analysis and evaluation. 319.2Internal audit. 329.3Management review. 329.3.1General. 329.3.2Management review inputs. 339.3.3Management review outputs. 33Improvement.3410.1 General. 3410.2 Nonconformity and corrective action. 3410.3 Continual improvement. 35Annex A (informative) Clarification of new structure, terminology and concepts.36Annex B (informative) Other International Standards on quality management and qualitymanagement systems developed by ISO/TC 176.41Bibliography. 51iv ISO 2020 – All rights reservedUniversity of Toronto User.Annex C (informative) Risk and opportunity management and conformity assessmentprocesses.45Copyrighted material licensed to University of Toronto by Clarivate Analytics (US) LLC, subscriptions.techstreet.com, downloaded on 2020-05-24 05:55:24 0000 byNo further reproduction or distribution is permitted.ISO 29001:2020(E)
ForewordISO (the International Organization for Standardization) is a worldwide federation of national standardsbodies (ISO member bodies). The work of preparing International Standards is normally carried outthrough ISO technical committees. Each member body interested in a subject for which a technicalcommittee has been established has the right to be represented on that committee. Internationalorganizations, governmental and non-governmental, in liaison with ISO, also take part in the work.ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters ofelectrotechnical standardization.The procedures used to develop this document and those intended for its further maintenance aredescribed in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for thedifferent types of ISO documents should be noted. This document was drafted in accordance with theeditorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).Attention is drawn to the possibility that some of the elements of this document may be the subject ofpatent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details ofany patent rights identified during the development of the document will be in the Introduction and/oron the ISO list of patent declarations received (see www .iso .org/ patents).Any trade name used in this document is information given for the convenience of users and does notconstitute an endorsement.For an explanation of the voluntary nature of standards, the meaning of ISO specific terms andexpressions related to conformity assessment, as well as information about ISO's adherence to theWorld Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www .iso .org/ iso/ foreword .html.This first edition cancels and replaces ISO/TS 29001:2010, which has been technically revised. Themain changes compared to the previous edition are as follows:— alignment with ISO 9001:2015.The boxed text is reproduced from ISO 9001:2015 unaltered and in its entirety. The petroleum,petrochemical and natural gas industry sector-specific supplemental requirements and guidance areprovided outside the boxed text.Any feedback or questions on this document should be directed to the user’s national standards body. Acomplete listing of these bodies can be found at www .iso .org/ members .html. ISO 2020 – All rights reserved vUniversity of Toronto User.This document was prepared by Technical Committee ISO/TC 67, Materials, equipment and offshorestructures for petroleum, petrochemical and natural gas industries, in collaboration with the EuropeanCommittee for Standardization (CEN) Technical Committee CEN/TC 12, Materials, equipment andoffshore structures for petroleum, petrochemical and natural gas industries, in accordance with theAgreement on technical cooperation between ISO and CEN (Vienna Agreement).Copyrighted material licensed to University of Toronto by Clarivate Analytics (US) LLC, subscriptions.techstreet.com, downloaded on 2020-05-24 05:55:24 0000 byNo further reproduction or distribution is permitted.ISO 29001:2020(E)
Introduction0.1 GeneralISO 9001:2015, Quality management systems — Requirements0.1 GeneralThe adoption of a quality management system is a strategic decision for an organization that canhelp to improve its overall performance and provide a sound basis for sustainable developmentinitiatives.The potential benefits to an organization of implementing a quality management system based onthis International Standard are:a)the ability to consistently provide products and services that meet customer and applicablestatutory and regulatory requirements;c)addressing risks and opportunities associated with its context and objectives;b) facilitating opportunities to enhance customer satisfaction;d) the ability to demonstrate conformity to specified quality management system requirements.This International Standard can be used by internal and external parties.It is not the intent of this International Standard to imply the need for:— uniformity in the structure of different quality management systems;— alignment of documentation to the clause structure of this International Standard;— the use of the specific terminology of this International Standard within the organization.This International Standard employs the process approach, which incorporates the Plan-Do-CheckAct (PDCA) cycle and risk-based thinking.The process approach enables an organization to plan its processes and their interactions.The PDCA cycle enables an organization to ensure that its processes are adequately resourced andmanaged, and that opportunities for improvement are determined and acted on.Risk-based thinking enables an organization to determine the factors that could cause its processesand its quality management system to deviate from the planned results, to put in place preventivecontrols to minimize negative effects and to make maximum use of opportunities as they arise (seeClause A.4).vi ISO 2020 – All rights reservedUniversity of Toronto User.The quality management system requirements specified in this International Standard arecomplementary to requirements for products and services.Copyrighted material licensed to University of Toronto by Clarivate Analytics (US) LLC, subscriptions.techstreet.com, downloaded on 2020-05-24 05:55:24 0000 byNo further reproduction or distribution is permitted.ISO 29001:2020(E)
Consistently meeting requirements and addressing future needs and expectations poses a challengefor organizations in an increasingly dynamic and complex environment. To achieve this objective, theorganization might find it necessary to adopt various forms of improvement in addition to correctionand continual improvement, such as breakthrough change, innovation and re-organization.In this International Standard, the following verbal forms are used:— “shall” indicates a requirement;— “should” indicates a recommendation;— “may” indicates a permission;— “can” indicates a possibility or a capability.Information marked as “NOTE” is for guidance in understanding or clarifying the associatedrequirement.0.2 Quality management principlesISO 9001:2015, Quality management systems — Requirements0.2 Quality management principlesThis International Standard is based on the quality management principles described in ISO 9000.The descriptions include a statement of each principle, a rationale of why the principle is importantfor the organization, some examples of benefits associated with the principle and examples of typicalactions to improve the organization's performance when applying the principle.The quality management principles are:— customer focus;University of Toronto User.— leadership;— engagement of people;— process approach;— improvement;— evidence-based decision making;— relationship management. ISO 2020 – All rights reserved Copyrighted material licensed to University of Toronto by Clarivate Analytics (US) LLC, subscriptions.techstreet.com, downloaded on 2020-05-24 05:55:24 0000 byNo further reproduction or distribution is permitted.ISO 29001:2020(E) vii
0.3 Process approach0.3.1 GeneralISO 9001:2015, Quality management systems — Requirements0.3.1 GeneralThis International Standard promotes the adoption of a process approach when developing,implementing and improving the effectiveness of a quality management system, to enhance customersatisfaction by meeting customer requirements. Specific requirements considered essential to theadoption of a process approach are included in 4.4.Understanding and managing interrelated processes as a system contributes to the organization'seffectiveness and efficiency in achieving its intended results. This approach enables the organizationto control the interrelationships and interdependencies among the processes of the system, so thatthe overall performance of the organization can be enhanced.The process approach involves the systematic definition and management of processes, and theirinteractions, so as to achieve the intended results in accordance with the quality policy and strategicdirection of the organization. Management of the processes and the system as a whole can beachieved using the PDCA cycle (see 0.3.2) with an overall focus on risk-based thinking (see 0.3.3)aimed at taking advantage of opportunities and preventing undesirable results.The application of the process approach in a quality management system enables:a)understanding and consistency in meeting requirements;c)the achievement of effective process performance;b) the consideration of processes in terms of added value;d) improvement of processes based on evaluation of data and information.Figure 1 — Schematic representation of the elements of a single processviii ISO 2020 – All rights reservedUniversity of Toronto User.Figure 1 gives a schematic representation of any process and shows the interaction of its elements.The monitoring and measuring check points, which are necessary for control, are specific to eachprocess and will vary depending on the related risks.Copyrighted material licensed to University of Toronto by Clarivate Analytics (US) LLC, subscriptions.techstreet.com, downloaded on 2020-05-24 05:55:24 0000 byNo further reproduction or distribution is permitted.ISO 29001:2020(E)
0.3.2 Plan-Do-Check-Act cycleISO 9001:2015, Quality management systems — Requirements0.3.2 Plan-Do-Check-Act cycleThe PDCA cycle can be applied to all processes and to the quality management system as a whole.Figure 2 illustrates how Clauses 4 to 10 can be grouped in relation to the PDCA cycle.University of Toronto User.NOTENumbers in brackets refer to the clauses in this International Standard.Figure 2 — Representation of the structure of this International Standard in the PDCA cycleThe PDCA cycle can be briefly described as follows:— Plan: establish the objectives of the system and its processes, and the resources needed to deliverresults in accordance with customers' requirements and the organization's policies, and identifyand address risks and opportunities;— Do: implement what was planned;— Check: monitor and (where applicable) measure processes and the resulting products andservices against policies, objectives, requirements and planned activities, and report the results;— Act: take actions to improve performance, as necessary. ISO 2020 – All rights reserved Copyrighted material licensed to University of Toronto by Clarivate Analytics (US) LLC, subscriptions.techstreet.com, downloaded on 2020-05-24 05:55:24 0000 byNo further reproduction or distribution is permitted.ISO 29001:2020(E) ix
0.3.3 Risk-based thinkingISO 9001:2015, Quality management systems — Requirements0.3.3 Risk-based thinkingRisk-based thinking (see Clause A.4) is essential for achieving an effective quality managementsystem. The concept of risk-based thinking has been implicit in previous editions of thisInternational Standard including, for example, carrying out preventive action to eliminate potentialnonconformities, analysing any nonconformities that do occur, and taking action to preventrecurrence that is appropriate for the effects of the nonconformity.To conform to the requirements of this International Standard, an organization needs to plan andimplement actions to address risks and opportunities. Addressing both risks and opportunitiesestablishes a basis for increasing the effectiveness of the quality management system, achievingimproved results and preventing negative effects.Opportunities can arise as a result of a situation favourable to achieving an intended result, forexample, a set of circumstances that allow the organization to attract customers, develop newproducts and services, reduce waste or improve productivity. Actions to address opportunitiescan also include consideration of associated risks. Risk is the effect of uncertainty and any suchuncertainty can have positive or negative effects. A positive deviation arising from a risk can providean opportunity, but not all positive effects of risk result in opportunities.0.4 Relationship with other management system standardsISO 9001:2015, Quality management systems — Requirements0.4 Relationship with other management system standardsThis International Standard applies the framework developed by ISO to improve alignment amongits International Standards for management systems (see Clause A.1).This International Standard relates to ISO 9000 and ISO 9004 as follows:— ISO 9000 Quality management systems — Fundamentals and vocabulary provides essentialbackground for the proper understanding and implementation of this International Standard;— ISO 9004 Managing for the sustained success of an organization — A quality management approachprovides guidance for organizations that choose to progress beyond the requirements of thisInternational Standard.Annex B provides details of other International Standards on qualit
Agreement on technical cooperation between ISO and CEN (Vienna Agreement). This first edition cancels and replaces ISO/TS 29001:2010, which has been technically revised. The main changes compared to the previous edition are as follows: — alignment with ISO 9001:2015. The boxed text is rep
