The scope of this blog is to go into great detail about ISO 9001 clause 8. Now given that ISO 9001 clause 8 talks about the key processes of your organization, this blog will cover the sales, purchasing, operations and design processes of your organization.
In this blog, an overview will be given about each one of these key processes, so take it as an introduction to this vast subject.
ISO 9001 Clause 8 is called Operations and it contains a lot, and I mean a lot of sub-clauses. Here’s a breakdown of all these clauses.
- ISO 9001 Clause 8.1 | Operational Planning and Control
- ISO 9001 Clause 8.2 | Requirements for Products and Services
- ISO 9001 Clause 8.3 | Design and Development of Products and Services
- ISO 9001 Clause 8.4 |Control of Externally Provided Processes, Products and Services
- ISO 9001 Clause 8.5 | Production and Service Provision
- ISO 9001 Clause 8.6 | Release of Products and Services
- ISO 9001 Clause 8.7 | Control of Non-Conforming Outputs
ISO 9001 Clause 8.1 | Operational Planning and Control
The opening clause, ISO 9001 clause 8.1 states that the organization shall plan, implement and control processes. We’ve already seen this in clause 4 .4. the organization is required to meet the requirements for the provision of products and services and to implement the actions determined in clause 6. May I remind you that in clause 6 we talked about the risks and opportunities, the quality objectives and the planning of changes.
So for these processes the standard is asking us to determine the requirements for the products and services, establishing the criteria for processes and acceptance of products and services, determining the resources that are needed, implementing control of processes, determining and maintaining and reading documented information as necessary.
The standard goes on to say that the output of this planning shall be suitable for the organization’s operations. The organization shall control planned changes and review the consequences of unintended changes taking action to mitigate any adverse effects as necessary. This has already been mentioned in clause 6 .3. The organization shall ensure that outsourcing processes are controlled. This is covered further in ISO 9001 clause 8 .4.
This clause is regarded as generic and as such, provides little to no information. So effectively there is nothing that we need to do to meet the requirements of clause 8 .1 because it’s effectively a summary of what has been mentioned in different clauses within the standard.
ISO 9001 Clause 8.2 | Requirements for Products and Services
ISO 9001 clause 8 .2 talks about the requirements for products and services. When talking about requirements for products and services we are talking about customer requirements for products and services. So here what you have to keep in mind is that you need to use this information when you are mapping out the processes for the sales activities within your organization.
So the standard in ISO 9001 clause 8 .2 indirectly talks about communication with the customers, okay? And it really starts to get interesting when we see that providing information relating to products and services, how are we communicating information relating to our products and services?
Do we have a price list? Do we have a website? Do we have information? Or do customers contact us and we provide them with the information? Handling inquiries, contracts or orders, including changes. How do we affect the sale? These are all questions that an organization must have answers to. This clause tackles such issues.
And how do we handle changes? If the person adding items to a cart needs to buy three products, not two. And if the person in the software company needs to change, for example, the requirements of the software, how will that process happen?
Clause 8.2 talks about determining the requirements for products and services. So when determining the requirements for products and services to be referred to customers, the organization shall ensure that the requirements for the product and services are defined including any applicable statutory and regulatory requirements and those needs that are considered necessary by the organization.
So, What this means is that if for example as a company we are creating aluminium for windows, there are certain regulations that we have to follow when it comes to creating the material. For example, we need to communicate with the client to check if they want a single or double-glazed glazed or maybe even triple-glazed window. And what color and thickness?
Here the standard is giving us hints of what type of questions to ask having said that I’m sure that you are capable of Asking the right questions when it comes to understanding what the customer needs to know before you actually give them a quote. Here the standard is mentioning the review of the requirements for products and services So before we accept an order from a client we have to make sure that we are able to meet the requirements of the clients.
Again, in some cases this is very simple, in the case of the supermarket, if the carton of milk is on the shelf then it’s available. If we are a software company and we are engaged in the development of complex systems then we have to make sure that whatever language or technology for example the client is asking us for we are able to do we have the required competence.
If the client is asking for a tight deadline then we have to make sure that we have the right resources and availability of employees before accepting. So it is this consideration that we have to do before accepting a job.
And changes to requirements for products and services is a very critical element and the standard says that the organization shall ensure that relevant documented information is amended and that relevant persons are made aware of the changes requirements when the requirements for products and services are changed.
So let’s say that we are developing a lift, for example, a passenger lift within a building, and all of a sudden for example the property at the topmost level of the block of apartments wants the lift to open within that apartment and so they want to make a change in the sense that they want the lift to open with a key or with a passcode.
Invariably, first, we need to communicate with the client with an updated quote and we have to have documented information, we have to have this copy of an updated quote and then moving on we have to make sure that somehow the people who are working on site, the technicians who are installing the lift, get this updated information that now there has to be a key or a passcode to access the topmost floor.
ISO 9001 Clause 8.3 | Design and Development of Products and Services
Okay, so this standard is kind of spoon feeding us on what type of communication we should consider when we are mapping out the sales process. The design and development processes are very detailed and it is beyond the scope of this specific video for me to read each and every line within this element.
However, what I can tell you is that when it comes to design, okay, if your organization takes vague customer requirements and converts them into more detailed customer requirements, for example, if the client tells you that they want a software that does this, this and that, and then it’s your job to create a fully defined specification document, then you are doing design.
Okay, and if you are doing design first of all you have to consider planning Okay, we have to plan the design and development activities Which I can tell you right away that there is not much that we need to do when it comes to planning But we have to consider the design and development inputs So I have to consider the functional and performance requirements of what we want to achieve We can consider information that we have from previous similar projects and legal requirements the standards or guidelines that are relevant to our specific product that we are creating and the potential Consequences of failure of the product.
Okay, so these inputs are required for us to make sure that we are considering all elements in the design input that will feed the ultimate final product that we are creating for our customers. When it comes to controls, it is ideal to have some type of controls that will help us make sure that we are creating a product that meets the needs of our clients.
Finally, the design outputs. Design outputs relate to what is the output, the final product that we are developing to our clients. Does it meet the requirements stated by our clients? Is there an adequate for the subsequent processes for the provision of products and services?
Okay. Is there any monitoring and measuring equipment that is required? So here we are considering how can we make sure that the outputs that we have created meets the requirements of the input. And just like we talked about the sales process, it’s important to note that if there are any changes, these changes are adequately documented and that the inputs and outputs and controls of the design process have been adequately checked and the authorizations that are needed have been done.
ISO 9001 Clause 8.4 |Control of Externally Provided Processes, Products and Services
Clause 8 .4 talks about the control of suppliers. May I remind you that externally provided products and processes products and services simply relates to suppliers. And first we have a general introduction where the organization shall ensure that externally provided processes products and services conform to requirements.
Okay and we shall determine the controls to be applied to such suppliers. And depending on the nature of the industry that you are in you might want to do audits to your suppliers. You might want to do an evaluation to suppliers.
You might want to ask your suppliers to fill in a questionnaire before you approve them as one of your approved suppliers. So this changes from one organization to the next. And the standard goes on to say that the organization shall determine and apply criteria for the evaluation, selection, monitoring of performance and re -evaluation of external providers based on the ability to provide processes, products and services in accordance with requirements.
And that we shall maintain documented information of these records. So if we’re giving an evaluation to one of our suppliers we have to make sure that we keep a record of that evaluation. If we’re doing an audit to one of our suppliers we need to have a copy of the audit evidence that we are using.
Type of and extent of control relates to the quality checks that we are doing to our suppliers. Okay are we checking the quality? Okay how are we checking the quality of our suppliers? If the standard goes on to mention that the organization shall ensure that externally provided processes, products and services do not adversely affect the organization’s ability to consistently deliver conforming products and services to its customers.
This means that we have to check the quality of our suppliers. Of course, this greatly depends on the type of products and services or processes that you are purchasing from your suppliers. If you are importing a product and you’re going to resell it as it is, then incoming goods inspection is extremely important to make sure that the product that we have meets the requirements of what we’d like to sell to our clients.
If we are buying for example raw material, plastic granules and we are going to inject it through plastic injection molding machines, then for example we have to have the certificate of the plastic granules and we will also want to weigh the products to make sure that we receive the right quantities from our suppliers.
So this greatly depends on the nature of activities that you do as a company. If for example you are a marketing agency and you are subcontracting the videography services to a freelancer then you might want to check the quality of the video editing before it is sent to the customers and you might also want to send one of your account executives with this subcontracted freelance videographer when they are meeting the client to make sure that this freelancer is behaving in the appropriate way.
Naturally after you build a relationship with such a videographer for example you might choose to not send your account executive anymore because you now have acquired the trust in this freelancer. So the overall goal of this particular clause within this standard is that we implement some type of quality measures relating to our suppliers to make sure that they are providing our organization with processes, products and services that meet the needs of our organization which ultimately are designed to meet the needs of our clients and other interested stakeholders.
Another element relates to the information for external providers so when we are purchasing products and services from our suppliers we have an accurate way and just like when in the sales process we have gone into detail to explain what type of requirements does the client have from us we also have to make sure that we are equally clear of what we need from our suppliers and that is what the specific clause is talking about where if we need any particular competence including qualifications of people working, how the supplier would interact with the organization so all of this communication all of this information can be communicated accordingly.