Well, this is interesting! If you’re already ISO 9001 certified, you’ve probably got this covered, for the most part. Let’s take a look…
As in the past, we need 3 major categories of resources to support our operations: People (7.1.2), Infrastructure (7.1.3) and a suitable Work Environment (7.1.4). You’re already demonstrating that you have these in place, and there are no new requirements, but the ‘notes’ for Work Environment have a some tweaks. We now need to be aware of stress in the workplace, calmness, confrontations, burnout and be ’emotionally protective’. To be clear, these are ‘notes’, not ‘requirements’ and we can’t be audited against them, but would these considerations make life better? Could be! We can see if we’ve achieved these conditions during our internal audits, and include them in the report. You may want to tweak your report template to include these headings.
Calibration shows up here (7.1.5), and your current process should do the trick.
This is new! Organizational Knowledge (7.1.6) but your current documentation may have this in hand already. This ‘knowledge’ is different from competence (7.2) and can be a repository for extra information about processes – I see this as a way to park information that you think people have in their heads to avoid having it ‘get in the way’ during day-to-day operations. Could be handy for training, too.
Awareness (7.3) and Communication (7.4), two words that were previously just a title are now full-blown requirements. With this in mind, be ready for a bit more scrutiny on how you’re getting the message out. You’ll see the phrase ‘doing work under the organization’s control’ expanding the net we cast for our messages. Also, communication is a two-way street. Sending out an e-mail is a one-way street and doesn’t necessarily mean we’ve communicated. Ask around and find out how people doing work under your control want to be communicated to. Texting? Maybe! A discussion page on your intranet? It just might work. Check out the requirements around communicating, too – a ‘communication plan’ might be just the ticket (to avoid a ‘ticket’!)
The last section is the control of documented information area. Nothing new here except (thank the ISO Gods) the requirement to identify changes to documents is gone. It still might be handy to send a note off to everyone identifying what’s new to save them time reviewing the new missive, but suit yourself. Be sure to keep any legal/regulatory requirements intact, though.
Records (now known as ‘retained documented information’) need to be protected from unintended changes. The number of records has not been reduced, by the way, but you may be able to combine some of the design records you have.
So I hope this has given you some insight into how you can use most of what you have to meet these new requirements.
To find out if your ISO life can be simpler…
Here’s the link to our Youtube channel: https://www.youtube.com/watch?v=V7I1MLs8oH0&t=19s