1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Opportunities in context of ISO 9001:2015

Discussion in 'ISO 9001:2015 - Quality Management Systems' started by Leonid, Jan 4, 2016.

  1. Leonid

    Leonid Well-Known Member

    Joined:
    Jan 4, 2016
    Messages:
    164
    Likes Received:
    31
    Trophy Points:
    27
    Location:
    Moscow
    Opportunities in context of ISO 9001:2015

    1. ISO 9001:2015 requires for the organization to
    - determine the opportunities (6.1) based on the knowledge of the organization’s context (4.1, 4.2),
    - plan and take actions to address these opportunities (6.1.2),
    - assess the effectiveness of the actions taken ( 9.1.3 e, 9.3.2.e).
    ISO 9001:2015 NOTE 2 to 6.1: Opportunities can lead to the adoption of new practices, launching new products, opening new markets, addressing new clients, building partnerships, using new technology and other desirable and viable possibilities to address the organization’s or its customers’ needs.

    2. ISO 9001:2015 requires for the organization to include opportunities for improvement in the management review (9.3.2) and include decisions and actions related to opportunities in management review outputs (9.3.3 a).
    Leonid’s Note: the requirement to assess opportunities for improvement is included in the old versions ISO 9001:2000 и ISO 9001:2008 (clause 5.6.1).

    3. ISO 9001:2015 requires for the organization to determine and select opportunities for improvement and implement any necessary actions to meet customer requirements and enhance customer satisfaction (10.1).
    These shall include:
    a) improving products and services to meet requirements as well as to address future needs and expectations;
    b) correcting, preventing or reducing undesired effects;
    c) improving the performance and effectiveness of the quality management system.

    Leonid’s question for discussion:
    Can we state that opportunities addressed in item 1 are the same as those addressed in items 2 and 3 or they are wider and include opportunities for business development (this is not the QMS scope) in addition to opportunities for improvement of QMS with regard to existing customers, products and services?

    Leonid Yaskin
    04.01.2016
     

    Attached File(s): 1. Scan for viruses before using. 2. Report any 'bad' files by reporting this post. 3. Use at your own Risk.:

    Mohamed Haja likes this.
  2. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Leonid: Good topic! But why do you say "business development" isn't in the scope of the QMS?
     
  3. Leonid

    Leonid Well-Known Member

    Joined:
    Jan 4, 2016
    Messages:
    164
    Likes Received:
    31
    Trophy Points:
    27
    Location:
    Moscow
    Andy:
    An organization establishes, develops, maintains and continually improves a QMS with a defined scope of supply. “For the defined certification scope, an organization with a certified quality management system consistently provides products that meet customer and applicable statutory and regulatory requirements, and aims to enhance customer satisfaction” (refer to IAF Communiqué "Expected Outcomes for Accredited Certification to ISO 9001" http://www.iso.org/iso/definitive_expected_outcomes_iso9001.pdf).
    Under 6.1.1, when planning for the quality management system, the organization shall … determine the risks and opportunities that need to be addressed to:
    a) give assurance that the quality management system can achieve its intended result(s);
    b) enhance desirable effects;
    c) prevent, or reduce, undesired effects;
    d) achieve improvement.
    When planning for the quality management system, the organization has evidently already defined the QMS scope of supply (refer to 4.3) and items a) - d) relate to this scope.
    If the organization determines opportunities which address new practices, new clients, new products, new technologies, these certainly promote business development. However, they do not fit into the existing QMS and hardly meet items a) – d) since the scope of supply and intended results changed. The organization will have to make changes to the existing QMS to meet the changed scope of supply (refer to 6.3).
    If the development of new products is a part of the original QMS scope, this is already not the opportunity to be defined by 6.1.
     
    Mohamed Haja likes this.
  4. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    I still don't understand why business development is not part of the QMS. I know what ISO says, so it's not necessary to quote that, but rather to give some point of view that business development isn't part of a QMS scope. A QMS isn't and shouldn't be stagnant - so how can the "new" not be planned for and implemented within the QMS?
     
  5. Leonid

    Leonid Well-Known Member

    Joined:
    Jan 4, 2016
    Messages:
    164
    Likes Received:
    31
    Trophy Points:
    27
    Location:
    Moscow
    To be practical I will talk about a certified QMS which meets ISO 9001:2015 requirements. As an auditor, I check the conformity of the existing QMS, with a defined scope of supply, to its own and ISO 9001:2015 requirements. In response to my question about determined and addressed opportunities, the QMS manager tells about some innovative activities. They are either in the incipient stage or already in progress but all these activities are beyond the documented QMS scope of supply, which is a part of the certification contract. How should I audit these activities within my mandate? What value will this audit bring? I think the QMS cannot be stangant if it meets the common requirements about the continual inrovement and opportunities for improvement.
     
    Mohamed Haja likes this.
  6. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    That's an entirely different question. As an auditor you are required to stay within the scope of your audit assignment. You don't mention if you are a 1st, 2nd or 3rd party auditor, which also has some bearing on what you do "next". Your questions cannot be answered without this context.
     
  7. Leonid

    Leonid Well-Known Member

    Joined:
    Jan 4, 2016
    Messages:
    164
    Likes Received:
    31
    Trophy Points:
    27
    Location:
    Moscow
    I am still of the opinion that regardless audits the QMS to ISO 9001:2015 should not include foreign activities beyond the QMS scope of supply.
     
  8. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    An internal auditor will do whatever audit they are told to do by management, surely?
     
  9. Leonid

    Leonid Well-Known Member

    Joined:
    Jan 4, 2016
    Messages:
    164
    Likes Received:
    31
    Trophy Points:
    27
    Location:
    Moscow
    Agree, Andy. Nonetheless, the QMS performance and its conformity to ISO do not depend on any auditor or audit.
    By the way, my initial question - if the opportunities under 6.1 and 10.1 and their implications are the same or different - left unanswered.
     
  10. Leonid

    Leonid Well-Known Member

    Joined:
    Jan 4, 2016
    Messages:
    164
    Likes Received:
    31
    Trophy Points:
    27
    Location:
    Moscow
    To belong to the QMS, the possibilities per 6.1 shall be in the scope of the QMS. Then their implementation shall comply with standard requirements. These opportunities (ref Note 2 to 6.1) seem to be compatible with the opportunities for improvement in 10.1, i.e. "to address future needs and expectations", "preventing undesired effects," “innovation". If so, then the requirements 9.1.3 f) and 9.3.2 e) to evaluate and review “the effectiveness of actions taken to address … opportunities” are applicable to opportunities both in 6.1 and 10.1.
     
    Mohamed Haja likes this.
  11. Leonid

    Leonid Well-Known Member

    Joined:
    Jan 4, 2016
    Messages:
    164
    Likes Received:
    31
    Trophy Points:
    27
    Location:
    Moscow
    ISO 9001:2015 requires in 6.1 to identify and address risks and opportunities as a basis for ensuring the QMS effectiveness, enhancing results and avoiding negative effects.
    The concepts of risk and opportunity, with all its apparent simplicity, are in need of further consideration, the basis for which could be the theses as follows:
    1. Both risk and opportunity represent some event that might and might not happen in the future. Management can influence the likelihood of occurrence of an event and its consequences.
    2. The term "risk" is defined as "an effect of uncertainty» (ISO 9000:2015 cl.3.7.9), or a deviation from the expected - positive or negative. There is no other connotation of risk in ISO 9001:2015.
    3. The term opportunity is not defined in ISO.
    4. Opportunity, like risk, is an effect of uncertainty; it is the combination of the likelihood of opportunity realization and the effect of its implementation.
    5. The term "risks and opportunities" is defined by ISO 14001:2015 cl.3.2.11 as "potential adverse effects (threats) and potential beneficial effects (opportunities)".
    6. From the above definition, it follows that opportunities are positive effects, but there remains an uncertainty about the risk: is it threat only or opportunity as well?
    7. It is recalled that ISO/DIS 14001:2014 was based on the concept of "risks associated with threats and opportunities." This interpretation (threats and opportunities are the two sides of the risk) is present in many guides for risk management.
    8. ISO 31000:2009 specifies in Introduction that "risk management enables an organization to improve the identification of opportunities and threats", i.e. there are two connotations of risk as a function of uncertainty. On the other hand, it reads "it is important to identify the risks associated with not pursuing an opportunity" (cl. 5.4.2). This implies the separation of risks (threats) from opportunities in their identification.
    9. Risk management per ISO 31000:2009 is applicable to the opportunity management.
    10. Events which are perceived as threats may turn out to be opportunities. And vice versa. Example - reorganization.
    11. A positive deviation arising from a risk can provide an opportunity, but not all positive effects of risk result in opportunities (ISO 9001:2015, cl. 0.3.3).
     
    Mohamed Haja likes this.
  12. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    QUESTION:

    If 6.1.1 of ISO 9001:2015 requires an organization to determine risks and opportunities, can FMEAs or Risks Registries satisfy the requirement? Bear in mind that both tools only identify the "negative" effects of uncertainty. There is no section or column in both tools that identifies opportunities. There's a column for "action", but is intended to address the identified "negative" effect of uncertainty (i.e. risk).
     
    MCW8888 likes this.
  13. MCW8888

    MCW8888 Well-Known Member

    Joined:
    Aug 17, 2015
    Messages:
    642
    Likes Received:
    198
    Trophy Points:
    42
    We will be implementing an FMEA to address 6.1.1 of ISO9001:2015 and IATF16949. It makes no sense to me to have 2 different forms of risk-based thinking although the ISO part does not require documentation. If I confuse all our manufacturing facility by introducing different kinds of risk-based thinking, there will be confusion. Besides ISO does not have Preventive Action but IATF has. The FMEA will satisfy both standards and the auditor as well. If the section on RPN is low we can still introduce OFI and prioritize them and review during Management Review. The risk of going this route will be minimum especially during an external audit.

    The last time when we had our first transition, the auditor wanted to see an FMEA instead of our RBT process. We did not get a nonconformance but we had an opportunity for improvement.
     
    Andrej likes this.
  14. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    Did you use FMEA for non-manufacturing processes? Like hiring, training, maintenance, document control, internal audit, etc?
     
  15. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    What was there to improve? This sounds like the auditor's expectations over-riding sense more than anything. Until the auditor shows you what needed improvement why do anything?
     
  16. MCW8888

    MCW8888 Well-Known Member

    Joined:
    Aug 17, 2015
    Messages:
    642
    Likes Received:
    198
    Trophy Points:
    42
    The auditor would like us to use the PFMEA.
     
  17. MCW8888

    MCW8888 Well-Known Member

    Joined:
    Aug 17, 2015
    Messages:
    642
    Likes Received:
    198
    Trophy Points:
    42
    As I mentioned before we did not use the formal FMEA for manufacturing and non-manufacturing processes (e.g planning, training, doc control) but our spreadsheet has a Risk for QMS and Management Processes.
     
  18. MCW8888

    MCW8888 Well-Known Member

    Joined:
    Aug 17, 2015
    Messages:
    642
    Likes Received:
    198
    Trophy Points:
    42
    Some of our facilities are ISO9001 certified and others will be moving to IATF 16949. From my standpoint it would be easier to use a process FMEA for the RBT. Value Stream maps, FMEA and Control Plans are also tools for Lean and 6 sigma so in my opinion why not use it for QMS? The risk is that I could get a nonconformance from an external auditor.
     
  19. PSRiordan

    PSRiordan Member

    Joined:
    Dec 14, 2016
    Messages:
    13
    Likes Received:
    9
    Trophy Points:
    2
    Just some quick feedback. I've had 13 clients complete certification to 2015. Not a single CB auditor has ever required or even requested an FMEA. I think FFMEAs are great but may be overkill for a small business. As long as risks and opportunities have been identified and, where appropriate, action is being taken, that's all that's been required.
     
  20. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Yes, of course. So, I'd ask them where's the IMPROVEMENT? Where in your current practices is there something which isn't being done effectively, that you'd need to use this SPECIFIC tool?

    We really must push back on these auditors going around making consulting like suggestions such as this...(I'm wondering if their organization offer training in FMEA...)
     
    Last edited: Dec 16, 2016