Newsletter subscribe

Featured, ISO 9001:2015

Change is in the air – ISO 9001 and Requirements for Managing Change!

Posted: October 31, 2015 at 8:55 pm   /   by   /   comments (0)

The current version of ISO 9001 has some important requirements for managing change. This is no surprise, and we are wise to remember that change introduces risk into our organizations. So when you’re planning a change (and we hope you are planning it!) remember to assess the level of risk associated with ‘something new’.

1. System Changes

Clause 6.3 in the Planning section wants us to make sure we plan the change. This helps reduce, or at least mitigate the risks associated with the changes. This clause highlights the importance of determining the reason for the change and any impacts. Remembering that we are operating a system, any change will have a ripple effect in our organizations.

Along with (perhaps) a process change, allocation of resources will be a sensible aspect to consider, and of course the resulting change in responsibilities, if that’s the case.

We could use Pareto’s Law to show that 80% of our problems come from the 20% of our customer requirements that get changed.

2. Documentation Changes

When we look at 7.5.3.2 c), there’s nothing really new here, and it’s a natural flow from the process change to the related documentation change. One new wrinkle is the requirement to keep records (retained documented information) free from unintended tampering.

From a risk perspective communicating documentation changes will be the wild card that needs to be tamed.

3. Changes to Requirements

changeinair2aLots to cover here – customer requirements, legal and regulatory requirements and any other areas where we have requirements.

Changes to customer requirements – 8.2.1 b), 8.2.3.2 b) and 8.2.4

Probably one of the most critical changes to manage. If this ball is dropped, the rest follows! I imagine that we could use Pareto’s Law to show that 80% of our problems come from the 20% of our customer requirements that get changed.

These are all high risk areas and need to be managed with care.

Design and Development changes – 8.3.6

Nothing new here, but once again, these changes will raise the risk temperature significantly. I think it’s safe to say that we need to always be vigilant when managing change and include a risk review with each one.

By following the flow of the work through our organizations, we can more easily anticipate where this change might cause problems or disturbances.

4. Process Changes – 8.5.6

Here’s where process maps can be really helpful. By following the flow of the work through our organizations, we can more easily anticipate where this change might cause problems or disturbances. This is so important, that OHSAS 18001 requires ‘consultation’ with people who’s safety might be impacted by a change to a process.

It’s important to make sure that an ‘improvement’ in one process doesn’t create sub optimization in another area. This can only be avoided by using careful planning, doing, checking and acting.

Make it pay

We all know the requirements for making changes to improve our systems. The key is to make the change pay dividends. By planning the change, assessing the related risks and reviewing the results, we have a better chance of making real improvements that give us a decent return on our investment.

This article first appeared on October 31, 2015.

Introducing
Jim Moran
Jim.Moran.5.2015Jim Moran, MA Ed., President of SimpifyISO.com, has worked with all 5 versions of ISO 9001 – 1987, 1994, 2000, 2008 and now 2105. He has been implementing, auditing and training in the ISO world since 1992. Jim has been doing ISO 9001:2015 presentations since November of 2013 and has done a number of webinars, ½ day presentations and full day trainings on ISO 9001:2015 for the British Standards Institute, BSI. He currently sits on ISO PC 280, an ISO committee formed to participate in the development of a new ISO Standard for Management Consulting.
e-mail: jim@simplifyISO.com
website: http://simplifyiso.com/