Thesis

SO 9001:2008  ISO 9001:2015

Only six processes were required to be documented—three representing significant controls, and the remainder important sources of information and activities designed to enable improvement.

Such audits begin by examining process inputs and follow the work to its conclusion, or output. Along the way, resources and controls are examined, as are the people who perform work affecting product quality. The result was designed to be a much improved audit program and one that examines both compliance and effectiveness.

There are no requirements to document processes. Yes, there are records requirements, now referred to as “documented information,”

As a result, audits must rely more on interviews, records, and observation instead of simply looking for documentation. Training can be based on mentorship, not work instructions. Process methods and details can be defined verbally and repeated to the extent that individuals become skilled in similar methods.

Performance based.  Risk based thinking.  

• 2,3 and 4 are about are you applying a stakeholder approach.  Clear understanding the voice of the customer.  Clear def of who the customers/stakeholder is
• Process approach clearly defined.  

• Org need to define sipoc.  Inputs processes and outputs
• Show me your inputs and outputs and how that process work

• Risk.  All kinds.  

• Safety, liability, not customer req.  
• Historically built into CTQ
• Understand risk assessment and process use to assess risk

• How org id risk and address risk when occur

• Clear understanding of how to manage risk

• Documented understanding of how to manage risk

• Org that has a lot of paper has a weak quality mgmt system.  Org with a lot of info and not enuf paper has strong quality mgmt system

• Provide info.  Metrics, kpi, reports, in process metrics to show what is driving where we are going.

• Risk mgmt used to be done by safety and finance etc
• No req for quality manual.  Can have something for cust and employee
• Mgmt resp vs mgmt review

• How does quality org help support strategic direction of org.  How does strategic deployment help changing requirement of quality mgmt system.

• Perform pfmea on all processes to ensure there is no inherent risks

Specific requirement for preventive actions will go away and be part of risk base assessment