Understanding ISO9001 2015; Section 7.1.6 Organisational Knowledge

This Section requires companies to specify/describe what knowledge is needed for each of the processes/operations carried out by the company to assure conformity of products/services that the customer has asked for.

This knowledge is generally specific to the company and has been gained from experience in the role under supervision and/or on the job training.

This knowledge may also be gained from external sources such as technical papers, conferences or other standards specific to the customer’s products/services.


Understanding ISO9001 2015; Section 7.1.5 monitoring and measuring resources.

This section concerns the requirement to provide suitable equipment to monitor and measure the key production and process parameters to provide a product / service which meets the customer specifications/requirements. The equipment provided should be suitable for the application and must be maintained so that it continues to be fit for purpose. Records of the maintenance checks must be held as retrievable data. Where calibration of equipment is a requirement this must be done using facilities that are traceable to national standards for that equipment. Calibration records need to retained. Frequency of calibration should be decided by the company based on the critical nature of the parameter being measured. Measurement equipment needs to be clearly and uniquely identified.

The company is also required to list any measuring equipment that is used for checking other aspects of a product /service which are not critical to the performance of the product.or service provided but need to be checked as part of the customer requirements.

understanding ISO9001 2015 Section 7.1 Resources

This section is not only focused on the provision of resources to grow the business, such as people, infrastructure and suitable environment for the employees to work in.

it is equally important that the company provides sufficient resources for the Quality Management Systems that enable the company to comply with the Standard. This is about managing the systems with sufficient suitably qualified people and adequate resources are made available to support the Quality Management Personnel.

understanding ISO9001 2015 Section 6.2 Quality Objectives and planning to achieve them

this section requires companies to set themselves at least two Quality Objectives (KPIs) for the Business which they review regularly and report on at the annual management review. Typical Objectives can be such as; delivery on time performance, scrap/ process reject levels, number and cost of customer complaints.*

The most important point here is that the company senior management put in place an action plan as to how they are going to work towards achieving these targets. Having agreed the plans then these should be communicated to the employees. Also it is a requirement that the company collects, analyses and publishes data for the employees to see how the company is actually performing against these targets.

  • a target to grow the business by a stated % is not a Quality Objective in itself it needs to be linked to a Quality Improvement target.

understanding ISO9001 2015. Section 6.1; Actions to address risks and opportunities

This section requires company senior management to identify the various potential threats to the business and to assess the impact on the business and the likelyhood of it happening. having identified the areas of highest risk the company needs to demonstrate that there is in place a plan to reduce the impact of the highest risks and there is a timescale for implementing the plan. This plan needs to be reviewed on a regular agreed frequency.

Most companies create a risk register which includes records of the level of risk, the likely impact and details of the action plan to reduce the identified high risks and date of next review.

Opportunities can include new markets for existing products, new product development, process improvements, factory layout improvements and investments in more efficient process equipment. as well as training staff in new skills. Details of these opportunities are best listed in the management review minutes and should be revisited regularly at the very least at each management review meeting.

Business and Innovation Magazine

I have placed an advert in this month’s edition of this magazine for my business and thanks to Rosemary Henderson, the Regional account and events manager, the position of the advert on Page 30 is definately relevant to my business. The magazine is distributed to a large number of businesses in local counties including Worcestershire, where my businessis is located. I have already received several complimentary comments on the advert.
The magazine focuses on businesses where innovation is part of the company culture.

transition to the ISO9001 and 14001 2015 Standards

In mid September this year companies, who have not considered transitioning to the 2015 Standards from ISO9001 2008 and ISO14001 2004 standards, will lose their ISO certification and will then be required to go through the Stage 1 and Stage 2 assessment processes before their certification can be reinstated. There are only 3 months before the cut offf date so companies in this position need to act fast if they are going to avoid the additional cost of a complete reassessment.I can help companies through the transition process but they need to start the process in the near future as the certification companies are already very busy assessing companies that have updated their systems to meet the requirements of the 2015 Standards.

requirement for additional auditing support

Due to business expansion my business is looking for an auditor for both ISO9001 and ISO14001 to provide auditing support to the business. My clients are based in Herefordshire, Shropshire, Worcestershire and Gloucestershire and I am particularly interested in talking to nyone who could cover Gloucestershire, South Herefordshire and South Worcestershire.

Changes in Data Protection Regulations and ISO Standards which will happen in 2018

The data protection regulations (GDPR) will come into effect in late May this year to be followed by the requirement for companies with ISO9001 and/or ISO14001 Certifiction to transition to the 2015 versions of these 2 Standards by mid September this year.
Do companies appreciate the full implications of GDPR and do they realize the full extent of the data they will need to protect? I suspect that in many small companies the senior management are struggling to fully protect data held by the company such as customer information and employee records.
As regards the ISO9001 and ISO14001 2015 Standards the requirements for senior management to have full ownership of the Quality and Environmental Management Systems will in some cases be a wake up call for the Senior Management. No longer will this be delegated to a management representative and furthermore they must be able to convince external auditors that they are fully committed to the Management Systems.
The new clauses in the Standards regarding, Context of the organisation; assessment of risks and opportunities and Leadership have to be fully addressed by company senior management.