Documented information - ISO FDIS 9001:2015
By: M. Raghu
Ref.: ISO FDIS 9001:2015
The FDIS has been released on 9th July 2015; there are significant changes to the ISO 9001 Quality Management system requirements, as a implementer of the Quality Management system;
The following table explains the documentation requirements explicitly specified in the FDIS and comparison with the ISO 9001:2008:
Clause reference ISO FDIS 9001:2015
Retain documented information
Maintain documented information
Equivalent clauses in ISO 9001:2008
The scope of the Organization’s Quality Management System shall be available and be maintained as documented information. The scope shall state the types of products and services covered, and provide justification for any requirement of this international standard that the organization determines is not applicable to the scope of its QMS.
Clause 4.2.2 of the ISO 9001:2008 Quality Manual requires documenting scope and justification for exclusions.
To the extent necessary, the organization shall: Maintain documented information to support the operation of its processes.
Clause 4.1, 4.2.2 & 7.1 partially covers this requirement.
Retain documented information to have confidence that the processes are being carried out as planned.
Clause 4.1, 4.2.2 & 7.1 partially covers this requirement.
The Quality Policy Shall: be available and be maintained as documented information.
4.2.1 (a) and 5.3
The organization shall maintain documented information on the Quality Objectives.
4.2.1 (a) and 5.4.1
The organization shall retain appropriate documented information as evidence of fitness for purpose of the monitoring and measurement resources
Clause 7.6 partially covers this requirement. (Fitness for purpose is not explicitly mentioned).
Retain appropriate documented information as evidence of competence. (Clause 7.2 (b) specifies competence on the basis of appropriate education, training or experience.
Determining and keeping documented information to the extent necessary;
1) To have confidence that the processes have been carried out as planned.
2) To demonstrate the conformity of products and services to their requirement
Note: Keeping implies both the maintaining and the retaining of documented information.
7.1 (b) & (d)
The organization shall retain documented information, as applicable:
a) On the results of the review;
b) On any new requirements for the products and services.
The organization shall retain documented information on design and development inputs.
Design and development controls
Documented information of these activities is retained.
7.3.4, 7.3.5, 7.3.6
The organization shall retain documented information on design and development outputs.
7.3.3 does not specifically require records requirement on D&D outputs.
The organization shall retain documented information on:
a) D&D changes;
b) The results of reviews
c) The authorization of the changes
d) The actions taken to prevent adverse impacts.
The organization shall retain documented information of these activities and any necessary actions arising from the evaluations (of external providers)
The availability of documented information that defines:
1) The characteristics of the products to be produced, the services to be provided, or the activities to be performed;
2) The results to be achieved.
7.5.1 (a) & (b)
The organization shall control the unique identification of the outputs when traceability is a requirement, and shall retain the documented information necessary to enable traceability.
When the property of a customer or external provider is lost, damaged or otherwise found to be unsuitable for use, the organization shall report this to the customer or external provider and retain documented information on what has occurred.
7.5.4 (only for customer property, does not mention about property of external provider).
The organization shall retain documented information describing the results of the review of changes, the person(s) authorizing the change, and any necessary actions arising from the review.
Change control is not mentioned in ISO 9001:2008
The organization shall retain documented information on the release of products and services. The documented information shall include:
a) Evidence of conformity with the acceptance criteria;
b) Traceability to the person(s) authorizing the release.
The organization shall retain documented information that;
a) Describes the nonconformity;
b) Describes the actions taken;
c) Describes any concessions obtained;
d) Identifies the authority deciding the action in respect of the nonconformity.
8.3 requires record of nature of NC, action taken, concessions obtained. (bust silent on the authority deciding the action).
The organization shall retain appropriate documented information as evidence of the results. (of monitoring and measurement).
Except 8.2.4 – M&M of product – no record requirement specified.
The organization shall:
Retain documented information as evidence of the implementation of the audit programme and the audit results.
The organization shall retain documented information as evidence of the results of management reviews.
The organization shall retain documented information as evidence of:
a) The nature of the nonconformities and any subsequent actions taken;
b) The results of any corrective action.
The above are specifically mentioned in the standard, but there are some are some more information required to be maintained – not specified in the FDIS but implied to be maintained; let us look at the following clauses, where we shall have some form of the information to show the evidence of implementation, they are:
Clause 4.1 requires the organization shall monitor and review information about these external and internal issues.
Clause 4.2 – the organization shall monitor and review information about these interested parties and their relevant requirements.
Clause 4.4.1: the organization shall determine the processes needed for the quality management system and their application throughout the organization and shall:
To (h) requires mapping the processes and their sequence & Interaction requires some form of information to be maintained in some media. (either soft copy or hard copy)
Clause 5.3 – Top management shall ensure that the responsibilities and authorities for relevant roles are assigned, communicated and understood within the organization.
Clause 6.1.2 – the organization shall plan:
Actions to address these risks and opportunities;
Integrate and implement the actions into its QMS processes
Evaluate the effectiveness of these actions.
Clause 7.1.3 – the organization shall determine, provide and maintain the infrastructure necessary for the operation of its processes and to achieve conformity of products and services.
Clause 7.1.6 – the organization shall determine the knowledge necessary for the operation of its processes and to achieve conformity of products and services. This knowledge shall be maintained and be made available to the extent necessary.
Clause 7.5.2 – when creating and updating documented information, the organization shall ensure appropriate;
Identification and description (e.g. a title, date, author or reference number);
Format (e.g. language, software version, graphics) and media (e.g. paper, electronic);
Review and approval for suitability and adequacy.
Therefore; there are 6 documents(to maintain documented information) and 19 records (to Retain documented information) are required mandatorily by the International standard and another 5 clauses require to provide information or some sort of evidence to demonstrate the maintenance of ISO 9001:2015.