Thanks for your support…

ISO 9001:2015 Clause 7 – Support

Let’s take a look at another one of the requirements that will help us carry out our processes – Clause 7: Support.

Since we all need ‘resources’ to make any process produce results, this requirement is no surprise whatsoever. We’ve been audited for ‘adequate resources’ since 1987, and the importance of ‘support’ has not been diminished in the least.

We see ‘external providers’ mentioned here (7.1.1 b). Makes sense to me – why not consider outsourcing when evaluating capabilities? After all, outsourced goods and services have become more and more prevalent. Another interesting tweak here is the use of the phrase, ‘…capabilities of, and constraints on, internal resources…’ (7.1.1) I am glad to see the use of the term ‘capabilities’ to remind us to assess our process capabilities while reviewing customer needs and expectations. It’s always tempting to say, “Let’s get the business first, and then try to figure out how to deliver it”. None of OUR readers have ever thought this way, but many of us know some organizations who do this!

Now here’s an interesting new emphasis on what we’ve seen previously as the ‘Process Approach’, one of the 8 Management Principles. The new Standard pushes a bit harder on this concept. We have to ‘…determine, provide and maintain the infrastructure necessary for the operation of its processes and to achieve conformity of products and services…’ (7.1.3). And work environment (7.1.4) notes make reference to social and psychological factors – long overdue, in my opinion.

I really like the way they have emphasized processes leading to customer satisfaction. That’s got to be a good move – the more emphasis on ‘process’ the better. Auditors will be looking for process results rather than employees blindly following steps that may or may not lead to the results that the organization or its customers want.

Calibration is included in here, too (7.1.5) – nothing really new and you’ll be familiar with all the requirements to ‘…retain documented information…’

Clause 7.1.6, Organizational Knowledge is a new term, separate from Competence, clause 7.2, so we’ll need to review our use of these words to make sure we haven’t missed any inferred requirements. Organizational Knowledge refers to specific knowledge about our processes, how they should work and what kinds of results we can expect. This shared knowledge can include experience, IP, lessons learned, improvements and a host of other sources. Competence, on the other hand, is people’s ability to demonstrate knowledge and skills (ISO 9000).

We see the use of that term ‘…retain appropriate documented information as evidence of competence…’ (7.2 d). Furthermore, we now have to ensure that ‘…persons doing work under the organization’s control…’ (read: employees and subcontractors) can demonstrate Awareness (7.3) of the Quality Policy and Objectives as well as each person’s impact on quality. The fact that a previous sentence has been elevated to an entire clause is significant. We can hear the phrases from ISO 14001 and OHSAS 18001 (and others) echoing through this clause.

Clause 7.4, Communication rounds out this section of requirements, and we can use whatever was relevant from the 2008 version around 5.5.3, Internal Communication. But now we have to consider external communications and determine ‘who ‘what’, ‘when’, ‘with whom’ and ‘how’ to communicate. This should help, and make us take more notice of the interested parties mentioned in clause 4.2.

The clause ends with a description of the requirements around ‘Documented Information‘. It’s exactly what we would expect and are already doing for our current Document Control and Control of Records. No new requirements here, but finally, the requirement to ‘identify changes’ has been removed! This will save a ton of anguish and wasted effort on the part of QMRs trying to meet this antiquated idea. Current software has features to compare versions that can meet even the 2008 requirement. One last note on ‘Documented information’. There are a number of requirements to have documented information, but ‘Procedures’ is not one of them. There are no requirements in this Standard to document any procedures, just like ISO 14001 and OHSAS 18001. We see the same wording here for ‘…documented information determined by the organization as being necessary for the effectiveness of the quality management system..’ (7.5.1 b)

I suspect this won’t reduce ‘management by the pound’ (the more procedures the better – NOT!) but I hope it will make organizations start to think about the power of training and how it can reduce the need for documented procedures. I’m also encouraging my clients to take advantage of today’s more visual approach to documenting processes – flowcharts, diagrams (think IKEA, LEGO) symbols (WHMIS), videos and demonstrations to replace wordy documents that the current crop of graduates will not read.

A binder never saved a life – people save lives, training saves lives but not binders. We would never see a fire fighting crew hop off of a pumper and yell, “Where’s the binder that shows us how to hook this hose up to the pump?!?”. Train, train, train and train some more – Deming.

Know Quality, Know Profit…No Quality, No Profit

If you’d like to see if our cloud-based platform can help you move in this direction by making your ISO life simpler, just fill out the form below to schedule a demo. We’d be happy to spend 10 or 15 minutes with you to see if it’s a fit…

Schedule a Demo

Schedule a Demo
Name
Name
First
Last

Next time – Clause 8