How to meet the requirements of the quality management system according to ISO 9001: 2015

On September 15, 2015, the ISO 9001: 2015 standard was officially published. Almost immediately, certification of quality management systems for compliance with this version of the standard became available. ISO 9001: 2008 will be valid until September 2018, which means that for organizations that want to maintain certification of quality management systems according to ISO 9001, but have not yet switched to it, only one year remains to upgrade the existing system. But let's start in order, and as a simple example we will sometimes reflect on the process of transporting water through a pipe so that the topic of the article is understandable even to a reader who is far from management.

What is ISO 9001?

This standard is one of the three fundamental standards developed by the ISO / TS 176 Technical Committee of the International Organization for Standardization.
')

I hope no one will be misled by the name of the standard “Quality Management System”. These are operational management standards , and its goal is to meet the needs of the customer / buyer of goods or services. It is this goal that is synonymous with quality. It is believed that if an organization applies these management standards, it will be able to achieve defect-free production of goods and services. These standards could be called the “Quality Management System”, but it was decided to focus on the results of management.

Process approach

The standard is aimed at applying the “process approach”. Understanding and management of interrelated processes as a system contributes to the effectiveness and efficiency of the organization in achieving the intended results.

Process - a set of interrelated or interacting activities that use inputs to produce planned results (outputs, products or services). Inputs to a process are usually outputs from other processes, and outputs from processes are usually inputs to other processes. Processes in an organization are usually planned and executed under controlled conditions to add value. This establishes one of the general and basic terms in the theory of quality management. Any business will be considered a set of interrelated or interacting processes to achieve goals.

Figure 1 provides a schematic representation of any process and illustrates the interconnection of process elements. Monitoring and measurement checkpoints required for management are specific to each process and will vary depending on the risks involved.



In the example with a pipe: the entrance to the process will be water at point A, which meets certain requirements; the exit from the process will be water at point B. We separate this process from the other, since there is a responsible employee for it. Plumber Ivanov is responsible for the pipe section from point A to B. The source of entrances to the process will be water from the pipe section for which another employee is responsible. The recipient of the outputs will be a resident of the apartment, that is, the final consumer.

The application of the process approach in the quality management system allows you to:

1. understand and constantly comply with the requirements;
2. consider the processes in terms of adding value;
3. achieve effective functioning of the processes;
4. improve processes based on data and information evaluations.

If the process approach is implemented, then the minimum

• processes must be identified (organization has a list of processes)
• relations between processes are defined (who and for what process within the organization is a supplier or a customer)
• performance indicators are established for each process (process indicators)

Not every organization that has implemented the process approach complies with ISO 9001, but in each relevant this approach is implemented. To comply with ISO 9001-2015, an organization must define the processes, as well as:

(the first three points are repeated mentioned above, but in other formulations)

1. determine the required inputs and the expected outputs of these processes;
2. determine the sequence and interaction of these processes;
3. identify and apply criteria and methods (including monitoring, measurement and relevant performance indicators) necessary to ensure the effective functioning and management of these processes;
4. determine the resources needed for these processes and ensure their availability;
5. assign responsibilities, responsibilities and authorities for these processes;
6. consider risks and opportunities;
7. evaluate the processes and make any changes necessary to ensure that the processes achieve their intended results;
8. improve processes and quality management system.

The requirement of taking risks and opportunities into account is formulated for the first time in the 2015 standard. The 2008 standard referred to preventive action .

Risk is the effect of uncertainty, and any such uncertainty can have positive or negative effects. A positive deviation resulting from a risk may create an opportunity, but not all positive deviations lead to opportunities. When we talk about the future, there is always uncertainty. However, the probability of each scenario, which will be a process in a particular case, is different. Due to low probability, some risks are neglected, and this is true, since the ratio of resources spent to avoid risk will significantly exceed the expected value of possible losses.


The example is not with plumbing, but also associated with pipes.

Options for responding to risks that are worth attention may include risk avoidance, risk assumption in order to track opportunities, eliminate source of risk, change probability or effect, share risk, or contain risk by making information-based decisions. Opportunities may lead to the adoption of new practices, the launch of new products, the opening of new markets, the emergence of new consumers, the building of partnerships, the use of new technologies and other desired and real opportunities to take into account the needs of the organization or its consumers.

The new concept of risk-oriented thinking , in the opinion of the author of the article, encourages management to consider the future as a set of development scenarios, each of which may exist in the future, but with different probabilities. Often, people show unreasonable hope that the event they need is realized. This contradicts the theory of probability, according to which the law of large numbers implies that the empirical average (arithmetic average) of a sufficiently large final sample from a fixed distribution is close to the theoretical average (mathematical expectation) of this distribution. If the process in your business is repeated a sufficient number of times, bringing in a ruble, and there is a probability of 2% that the process will lead to a loss of 100 rubles, then this means that after 1000 repetitions, you will receive a loss of (1000 * 1 * 98%) - (1000 * 100 * 2%) = - 1020 rubles. If this is the main process that creates added value, then it is better not to start such a business. Quality risk management will increase the probability of a favorable scenario, and the probability of undesirable scenarios will decrease to insignificant. Correct work of the quality management system leads to the fact that the organization can make a profit, and its clients can satisfy their needs.

For those who are interested in the topic of mathematical statistics in the field of management, this article may also be interesting in Habrahabr .

Why it was impossible to increase the price of goods or services in the example and receive 3 rubles from each repetition of the process? The principle of consumer orientation is transferred from previous versions of the standard to the new one and is fundamental for quality management.

The quality of the products and services produced by the organization is the ability to satisfy consumers. It is also determined by the expected or unforeseen influence on other interested parties.

Quality = Value of a product or service / Cost of a product or service

In order to satisfy a person’s needs, a product must have certain properties, and the degree of conformity between the properties of a product and the needs that it satisfies with it determines the quality of the product. Currently, the measure of product quality is the degree of customer satisfaction, determined by the ratio of value and value (use value) of a product or service.

For the consumer, the expected value is the value of a valuable (correctly made from the consumer's point of view), defect-free product. People will use the product of the manufacturer if they are satisfied with its value C (the need for its acquisition and a set of proposed quality parameters) and the value of C. Companies that do not meet the needs of consumers either for C or C will soon find that customers have left them and they lost their market area due to more professional competitors who better understood the needs of customers. The higher the level of customer satisfaction, the higher the opportunities for business development.

Based on this approach, three situations should be considered.

1. C = C. This is a neutral situation. Consumer expectations were confirmed, and the manufacturer recouped its costs and received the planned profit, as he expected, in accordance with the implemented quality parameters. This takes place only when the values ​​of C and C set by the manufacturer coincide with the expected values ​​of the consumer.

2. C> C. Consumer satisfied. At the same time, the manufacturer is interested in obtaining more profit by increasing the cost of sales of its products, and in this case it would be more suitable for the ratio C <C. Competition with other manufacturers equalizes consumer interests C> C and interests of the manufacturer

3. C <C. The consumer is not satisfied, and in most cases the purchase of goods may not be made. The manufacturer begins to lose acquired consumers. That is why a business with such a ratio of C and C has always been considered a bad business.

Top management must demonstrate leadership and commitment in terms of customer orientation by ensuring that:

• consumer requirements, as well as applicable legal and regulatory legal requirements are defined, understood and consistently met;
• The risks and opportunities that may affect the conformity of products and services and the ability to increase customer satisfaction are identified and considered;
• The focus is on increasing customer satisfaction.

Briefly, in our example, in a competitive environment it is impossible to raise the cost to 3 rubles, with the same value for the consumer, since this will reduce the quality of the product or service. The greatest profitability will be shown by the competitor who, at the expense of risk-based thinking, will be able to reduce quality losses in the processes.

The article begins with a review of the example of water transfer through the pipe, now let's conduct a figurative replacement of the system of all the processes of the organization with a water supply system consisting of individual sections of pipes.



The meaning of the quality management system is to deliver "water" without loss through this "water supply system", while the consumer must receive exactly the "water" that he wanted in the right quantity, with the right characteristics, at a competitive price and just in time.

Why do not like QMS?

The organization should in the required amount:

1. develop, update and apply documented information to ensure the functioning of the processes;
2. register and store documented information to ensure that these processes are carried out as planned.

Documented information is the new term of 2015, earlier in the 2008 standard it was referred to as “documentation, quality manual, documented procedure, records”. The documented information required by the quality management system and the ISO standard must be managed to ensure:

1. its availability and suitability, where and when it is needed;
2. its sufficient protection (for example, from non-observance of confidentiality, from inappropriate use or loss of integrity).

What for? Plumber Ivanov, without telling anyone, left in an unknown direction, over his responsibility over time passed the water supply system of considerable length. Only he alone knew the details of the infrastructure and the accident that occurred could be resolved only with an understanding of the characteristics of the water supply system. New professionals need time, consumers suffer without water and require to give control of water supply to competitors.



Once in such a situation, management has a clearer understanding of this standard requirement. Competence requirements are also related to this issue:

The organization must:

1. determine the necessary competence of the persons (a) performing (his) work under its management, which affects the results of operations and the effectiveness of the quality management system;
2. to ensure the competence of these persons on the basis of appropriate education, training and / or experience;
3. where applicable, take actions aimed at obtaining the required competence and evaluate the effectiveness of the actions taken;
4. register and store relevant documented information as evidence of competence.

Note - Applicable actions may include, for example, conducting training, mentoring, or redistributing responsibilities among existing workers; or hire persons with the required level of competence.

Why certification?

The most effective way to meet customer needs is possible without certification.
Get more favorable credit conditions, comply with the conditions of tenders and competitions, increase loyalty to the company from the authorities and partners? Perhaps help.

Choosing you as an external supplier of goods or services, a business makes you a link in the chain of your business processes . It’s not always possible to get acquainted with the situation with the supplier, therefore the presence of a certificate of compliance with the requirements of ISO 9001 will be a positive signal for the client.

Cloud4Y at least once a year is audited and evaluated to confirm the validity of the certificate of quality management system compliance with GOST R ISO 9001-2015. The examples given in the article do not apply to our main activity. As a cloud provider, instead of running water, we have a high-availability optical ring with duplicated communication channels, and instead of water, we process customer data on our IT infrastructure. Stability requirements for exits from processes are particularly relevant for reasons of legal guarantees of the quality of service provision (SLA 99.95%). Many customers may feel “like a fish without water” in the event that a cloud server or remote desktop crashes.

It seems to be worth finishing with analogies and note that this article does not describe absolutely all the requirements of the standard. Each new version of ISO 9001 contains changes, as it seems to us, for the better. So in version 2015, it is said about the need to take into account the external and internal context in which the organization is located. In the future, this may lead to the fact that only the organization that has developed the “documented information” can evaluate the conformity certificate, assess the risks and opportunities in accordance with its specificity / context.