1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Planning for the 2015 transition - Gap Analysis guidance anyone?

Discussion in 'ISO 9001:2015 - Quality Management Systems' started by Vincent, Aug 6, 2015.

  1. Vincent

    Vincent New Member

    Joined:
    Aug 6, 2015
    Messages:
    3
    Likes Received:
    4
    Trophy Points:
    2
    Hi All,

    Was new to the cove, and didn't get chance to view 2015 transition data there - pity that its not available now as a legacy - it was a fantastic go-to for us newbies.

    Well done Atul on this initiative - its a welcome resource.

    So, - Gap Analysis. Where do we start.....?

    I am starting a Gap analysis for our existing 4yr old compliant 9001 QMS, and wondered if the experienced guys here could offer advice on an initial starting point or offer a road map on what milestones we should address in sequence, as I fear that my inexperience may lead us along a path forwards and backwards and loose any positive momentum and team spirit if it becomes arduous as we progress.

    Initially, we have a copy of the DIS and are simply taking notes, clause by clause of (a) what's static, (b) what's changed, and (c) what we think we can do to comply (per clause) on a table format. Its changing the more we progress, and keep asking/wondering are we doing this right in the first place.

    Any guidance, comments and advice welcome.

    Vin
     
    Bazinga likes this.
  2. Claes Gefvenberg

    Claes Gefvenberg Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    230
    Likes Received:
    208
    Trophy Points:
    42
    Location:
    Eskilstuna, Sweden
    Hi Vin, and welcome.

    I am still waiting for the FDIS myself, but when I do get it, we will simply go through the document from top to bottom. We will be using a simple matrix carrying the following data:

    Requirement in SS-EN ISO 9001:2015,
    Status / Action needed,
    Responsible,
    Deadline.


    As for comparing the old and new versions... Why bother? Instead, we will use the opportunity to go through the entire system.
     
    MikeM and Tom Waite like this.
  3. Gray Warner

    Gray Warner Member

    Joined:
    Aug 2, 2015
    Messages:
    5
    Likes Received:
    5
    Trophy Points:
    2
    First, I recommend that you use the correlation matrix from ISO for ISO 9001:2008 to the DIS that still works well for the FDIS. Then, I would get on your registrar's website to read the information they are providing.
    The most ambiguous clauses seem to be 4.1 and 4.2. The rest of the FDIS seems to be a logical but more generic update to ISO 9001:2008 with some work to be done to incorporate RBT.
    If Executive Management has not been involved in the QMS before, there is some work to be done, as the standard pushes responsibilities more firmly into the Management Team in clauses 4, 5, and 6.
     
    Tom Waite likes this.
  4. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    1,071
    Likes Received:
    722
    Trophy Points:
    112
    Location:
    USA
    Hi Vin, welcome!

    I don't know how far you've gotten so I will start at the beginning.

    Some of the most striking changes in the upcoming revision involve the organization's self definition: Context of the organization, stakeholders and their various interests (internal and external) and employee engagement.

    Have you seen presentations like Understanding, Knowledge, and Awareness of ISO 9001:2015? Start on page 34 of this one to go through the new requirements for organization's context, etc. which include organizational culture. This understanding is meant to help the organization to establish (if you don't have it already) the means for effectively "engaging, directing and supporting persons to contribute to the effectiveness of the QMS."

    The other, much-discussed big change is risk-based thinking (RBT). In the words of the DIS: "the risks and opportunities that can affect conformity of products and services and the ability to enhance customer satisfaction are determined and addressed" Your organization may have already done that but you may be unclear as to what you can point to when asked about it. If you want a tool to help "demonstrate" RBT you have lots of choices. This process could even start on a very high, basic level with a SWOT analysis for each product or service type, or it could be more elaborate. It occurred to me that we might adapt the SWOT's Strengths-Weaknesses-Opportunities-Threats format to:

    S - Strengths
    W - Weaknesses
    O - Objectives
    T – Tactics

    And just list the processes or documents in each that address each subject.

    So much of the rest is stuff that you probably already do, but is reworded. "Retained information" is the new term for records, but they can be recognized to be in any form - including a database. "Knowledge Management" involves training, but also can be cross training and succession planning in order to address the risk of losing intellectual capital.

    I hope this helps!
     
    Tom Waite and Claes Gefvenberg like this.
  5. Vincent

    Vincent New Member

    Joined:
    Aug 6, 2015
    Messages:
    3
    Likes Received:
    4
    Trophy Points:
    2
    Hi Guys and thanks for the quick replies.

    Claes -
    I like the headings in the gap analysis you show, I will add to existing headings, and review as we proceed. Very definitive as to show what end result can achieve.

    "Why bother compare?" - simply to identify what we have in place that satisfy both versions - and leave for now, but highlight as not requiring urgent attention.

    "Use the Correlation matrix" - yes, this makes sense - we may use this as the initial start point (also for learning the wording, good point).

    "Executive Management involvement"
    - so far this has been minimal with data flowing to them for review, rather than actively involved, so from what I am reading already, we need a shake-up for which a formal introduction to the new requirements is being carefully planned, in Sept, once we know the final draft wording.

    Jennifer -
    Thanks for the presentation link - its fairly detailed; will take a look through this shortly. Interesting at first glance.

    "Organisational Context"
    is something I am exploring at the minute - the key here I think is to keep it specific to our individual relationships with suppliers, customers, current organisation type, business model, markets involved in, and then see how all these score in importance on the scope of the QMS (inc our products/services), a work in progress, but I hope I'm on the right path on this.

    Risk Based Thinking -
    pretty much as Claes put it, it being a sprinkling of "Preventive Action" all the way through the standard, its like a "mindset" (or a way of approach) as we address the end goal of a complaint QMS as we go along. I've noted this on my Gap analysis doc in the foreword. Hope we all take heed!

    I accept that the SWOT type approach may be useful in addressing the issues raised as we dig with RBT, but will take this step by step in manageable chunks (we only have 1 person in QC (me) so its going to be a labour intensive programme to chart out, so steady as she goes!)

    Appreciate the comments, they are very helpful.

    Ciao.
     
  6. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    1,071
    Likes Received:
    722
    Trophy Points:
    112
    Location:
    USA
    It is important to not leave out the internal relationships when considering organizational context. Your findings would help decide how to best communicate with and engage employees, and encourage their support of the QMS.

    The entire point of RBT was intended to make preventive action more realistic that in the current version, which implies it's a separate activity. This is why some people suggest the FMEA approach - its format could be useful for arranging data and keeping it for knowledge management purposes. The outcomes, understandable by measuring performance (a part of the new version that is in the current version) may be pointed to as preventive action. It is something you do seem to know - it will be interesting when going through the place and finding examples of preventive action we haven't given ourselves credit for until now.
     
    Tom Waite and Claes Gefvenberg like this.
  7. Gray Warner

    Gray Warner Member

    Joined:
    Aug 2, 2015
    Messages:
    5
    Likes Received:
    5
    Trophy Points:
    2
    The reason to compare versions is to see where your current system is already meeting the requirements of the revised standard and where there are gaps to be filled and loops to be closed. I expect the new standard to improve our QMS in subtle but powerful ways. I do not expect to recreate my QMS, just revise and improve where needed and where it adds value to the organization.
     
  8. Claes Gefvenberg

    Claes Gefvenberg Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    230
    Likes Received:
    208
    Trophy Points:
    42
    Location:
    Eskilstuna, Sweden
    Nor do I, but I have noted in the past, that changes in standards have triggered changes in already compliant parts of management systems, precisely because those changes did add value to the organisation. Yes, the already compliant parts of the standard can be ticked of in a fairly rapid manner, but having a look at them may still be worthwhile. It is up to each and every one, of course, but we are going to give it some thought for the sake of the overall picture.
     
    Tom Waite and Gray Warner like this.
  9. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    I agree with Claes and would add that the new requirements also give an opportunity to revisit some of the things an organization does "for ISO" and isn't being done affectively. As we know from many posts at the Cove, some places do one or two audits a year or one management review etc. Others may be calibrating everything once a year or stamping all documents "For Reference Only" and the 2015 changes do offer a time to take another look!
     
  10. Claes Gefvenberg

    Claes Gefvenberg Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    230
    Likes Received:
    208
    Trophy Points:
    42
    Location:
    Eskilstuna, Sweden
    Besides, I forgot to mention that in our case, an integrated system forces us to consider how to make it work smoothly together with the new version of ISO 14001 (which should be less of a problem than before, thanks to the common structure), ISO 50001 and OHSAS 18001.
     
    Jennifer Kirley likes this.
  11. Padym

    Padym Active Member

    Joined:
    Oct 19, 2015
    Messages:
    55
    Likes Received:
    8
    Trophy Points:
    7
    Its been 6 months the ISO 9001:2015 released, would like to seek some help /guidance on Transition checklist, project Plan steps or gap analysis tools to assist me in getting a transition to ISO 9001:2015.
     
  12. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    1,071
    Likes Received:
    722
    Trophy Points:
    112
    Location:
    USA
    RoxaneB, Andy Nichols, Alpine and 2 others like this.
  13. Alpine

    Alpine Member

    Joined:
    Jul 31, 2015
    Messages:
    8
    Likes Received:
    11
    Trophy Points:
    2
    Thanks, these are a great help :)
     
  14. David Gilbert

    David Gilbert New Member

    Joined:
    Jul 13, 2016
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Please if you have time can you help me by taking my 5-10 min survey http://goo.gl/forms/lNp76KKSDUli8k6c2 I hope to share all these lessons learned in my final thesis - please let me know if your interested.

    In an attempt to try and assist with the original question posted, there have been several journal & articles, though not well cited, that have evaluated the changes in the new standard. The findings from these studies are outlined below:
    · Negligible change to the scope however there has been significant restructuring of the standard to bring it in line with the same structure as other ISO standards[9][19][21][25].
    · The latest standard is less prescriptive and more based on performance with the combining of ‘risk-based thinking’ and the ‘plan-do-check cycle’ and more flexibility with documentation records [19][20][21][25][44][45][49].
    · Focusing more on management systems and how they are tailored to meet the needs of individual organisations and take advantage of opportunities [19][25][45].
    · Greater accountability for ‘top management’ in the alignment of business strategy and quality management [19][20][25][44].
    · Greater emphasis on continuous improvement and prevention of non-conformance through ‘risk-based’ thinking [19][21][25][44] [49].
    For further reading the work by Manders et al [44] provides a good overview of the relationship between ISO 9001 and product innovation while explaining in depth the different research that has been done in relation to the ‘key’ messages within ISO 9001.

    References:
    [9] Arter, D., (2015). Brief History Related Standards and Regulations, Quality Progress, 48 (1). pp. 41.
    [19] Anonymous, (2015). Keep Calm and Prepare for ISO 9001:2015 – Eight Experts Outline Key Changes and How to Handle Them, Quality Progress, 48 (9), pp. 18-28.
    [20] Merril, P., (2015). The Business of Innovation, Quality Progress, 48 (1), pp. 44-45.
    [21] Murry, W., (2016). Risk and ISO 9001:2015, Quality, 55 (2), pp. 17-18.
    [25] Somaraju, D. (2016). Prediction of Time, Cost and Effort needed for Software Organisations to Transit From ISO 9001:2008 to ISO 9001:2015, Thesis (MSEng.), Blekinge Institute of Technology.
    [44] Manders, B., deVries, H.J., Blind, K., (2016). ISO 9001 and Product Innovation: A Literature Review and Research Framework.
    [45] Anonymous (2015). Risk and the ISO 9001 Revision, Quality, 54 (10), pp. 25.
    [49] Bolanos, E.R.L. (2016). Quality Management in Peru: A Study of ISO 9001 Standard, its Benefits and he Main Changes in the 2015 Version, Revista Universidad Empresa, 18(30), pp. 33-54.