Discussion in 'ISO 9001:2015 - Quality Management Systems' started by Andy Nichols, Dec 17, 2017.
What sequence do you review topics in Management Review? Does it make any difference?
We usually start reviewing kpis for the continuous improvement process, then for other key processes and support functions in their natural sequence, then general objectives scorecard, and close with an open discussion. But I don’t think the sequence is very important. It would probably be just as well to do it in reverse or random order, so long as each section is presented logically.
Hi Andy, I signed on here just now to make a post on Management Review, what a coincidence!
9.3 of the new standard (Management Review) requires us to review "monitoring and measurement results" c) 5)
I need some help on deciding the direction to take with this..
There are a few topics in the management review I plan on holding mid January that will be carried out to satisfy some important new requirements (COTO, risk management, quality objectives, ect.)..
Here is my problem: Requirements for how to conduct management reviews have changed for the new standard, adhering to them will also satisfy the new requirements. BUT! Isn't internal audit included in monitoring and measurement results?
I can not do internal audits until AFTER management review. This is because internal audits will cover all of the new requirements, and demand that we show how we are compliant to them. My head is spinning... lol
I was thinking of making a statement that we will review the findings of internal audits at the next bi-annual management review. Would an auditor find this acceptable? Or do I need to have those results looked at and reviewed before our transition audit?
Thanks in advance.
Review what audit results you have to date. If none, do another management review after the audits, limited to review of the audit results.
This is why trying to incorporate management review items into current regular practices works better. Business doesn't work A to B to C. Things happen in real time.
I like the first sentence of that reply. I could organize a meeting for a review of the audits after I get them done.
Trying to understand what you mean in the last 3.. Seems pretty philosophical, but you lost me.
I'm not sure i understand the scheduling of your management reviews or your audits. I'd suggest this sequence:
Management review - discuss the changes
Plan and implement the changes
Audit the changes
Don't have a separate management review. Do it all the time. Most companies have weekly, monthly and or quarterly meetings. Mgmt review issues can be incorporated as part of those. That way your reviewing audit results as they happen instead of potentially waiting many months.
COTO, risk management, quality objectives, ect. will be reviewed and discussed during the next management review mid January 2018. How can I audit that we are compliant to those new requirements before management review? It has to be after, so that I can collect objective evidence that they have been implemented. That is why I was saying I need to do my internal audits after the review.
But if I do that, I wont be able to review the results of any internal audits except the ones that were carried out last year, which were reviewed during the last management review in July 2018.
I guess it comes down to whether these things are ONLY part of management review... Quality objectives shouldn't ONLY be part of management review. Not sure why you consider "risk management" to be a subject since it's NOT required by ISO 9001. CoTO can also be audited outside of a review.
Risk management is not required by ISO 9001? Did I just read that correctly?
Of course it is! 6.1 - Actions to address risks and opportunities... (Risk Management)
I remember having a discussion with you on here about RM and COTO. I took your advice of rolling them into management review because as you said, would be a perfect vehicle to gather information from the management team.
Already had a seperate meeting on COTO.. I was just going to reiterate the findings in the review.
Also, 9.3.2 a) 2) - information on the performance and effectiveness of the quality management system including, "the extent to which quality objectives are met." This need to be discussed in management review per this clause..
So yes, I need to present all of this in our next management review.
I believe you are reading too much into what's required. If you look at ISO 31000, that details true risk management. All kinds of controls which, for the most part, aren't really needed by the QMS - large scale, complex organizations which provide equipment/products into risky environments/applications for example, certainly DO need risk management, but that waaaaay beyond the scope of most businesses, like machine shops etc. It's a sledge hammer to crack a nut approach, compared to what ISO 9001 requires. It's really simple, IMHO, to identify risks and opportunities through a SWOT analysis or similar, then put into place a plan to develop the QMS to address the identified risks. Experience show that there's clearly one or two items which management need to address - for example, attracting skilled people and then retaining them.
Our Management Committee (ManCom) meets at least once a month. It's an integral part of our system where we discuss business/operational issues that we need to address. We used this meeting as the venue for reviewing the QMS as per clause 9.3. We don't need to cover everything as specified by 9.3.2. We tackle topics whichever are relevant for a specific time frame. Since each meeting is minuted, we start by reviewing the "action items" minuted from the previous meetings.
COTO is vital when we plan (6.1 and 6.2) and when we review (9.3). COTO is defined by ISO 9000:2015 as "combination of internal and external issues that can have an effect on an organization's approach to developing and achieving its objectives". Thus, when we plan strategically and/or operationally to set our objectives, we always consider COTO. When we review our objectives, we also need to check whether there are changes in external and internal issues that affected or might affect the achievement of our objectives (9.3.2b and 9.3.2c.2).
Separate names with a comma.