Whittington & Associates Newsletter

Newsletter sign-upSign up for our monthly email newsletter to get the latest guidance on ISO 9001, AS9100, AS9110, AS9120, ISO 13485, IATF 16949, ISO 14001, ISO 27001, ISO 45001, ISO 20000, and related ISO standards.

If you have any questions about the articles appearing in this issue, or you want to suggest topics for future issues, please let us know.

ISO 9001 Classes in Orlando

Dec 1, 2018 in Newsletter | Comments Off on ISO 9001 Classes in Orlando

Larry Whittington will be the instructor for these ISO 9001:2015 classes in Orlando, Florida:

ISO 9001:2015 Requirements

December 17-18, 2018 (confirmed)
January 28-29, 2019
June 24-25, 2019

ISO 9001:2015 Internal Auditor

December 17-19, 2018 (confirmed)
January 28-30, 2019
June 24-26, 2019

ISO 9001:2015 Lead Auditor

December 17-20, 2018 (confirmed)
January 28-31, 2019
June 24-27, 2019

Click on a course title to view the course description and enroll in a class. If you have questions about the training or registration process, please call 770-862-1766.

Education Management System

Dec 1, 2018 in Newsletter | Comments Off on Education Management System

The new ISO 21001:2018, Educational organizations – Management systems for educational organizations – Requirements with guidance for use, is available.

Requirements

ISO 21001 specifies requirements for a management system for educational organizations when such an organization:

1. needs to demonstrate its ability to support the acquisition and development of competence through teaching, learning, or research;

2. aims to enhance satisfaction of learners, other beneficiaries, and staff through the effective application of its management system, including processes for improvement of the system and assurance of conformity to the requirements of learners and other beneficiaries.

All requirements of ISO 21001 are generic and intended to be applicable to any organization that uses a curriculum to support the development of competence through teaching, learning, or research, regardless of the type, size, or method of delivery.

ISO 21001 can be applied to educational organizations within larger organizations whose core business is not education, such as professional training departments.

Benefits

The potential benefits to an organization of implementing a management system for educational organizations based on ISO 21001 are:

a) better alignment of objectives and activities with policy (including mission and vision);

b) enhanced social responsibility by providing inclusive and equitable quality education for all;

c) more personalized learning and effective response to all learners and particularly to learners with special education needs, distance learners, and lifelong learning opportunities;

d) consistent processes and evaluation tools to demonstrate and increase effectiveness and efficiency;

e) increased credibility of the organization;

f) a means that enables educational organizations to demonstrate their commitment to effective educational management practices;

g) a culture for organizational improvement;

h) harmonization of regional, national, open, proprietary, and other standards within an international framework;

i) widened participation of interested parties;

j) stimulation of excellence and innovation.

Note: The standard does not apply to organizations that only produce or manufacture educational products.

Order

ISO 21001:2018, the world’s first management system standard for the education sector is available at this ISO web page for about $180.

Management of Change – ISO 9001

Dec 1, 2018 in Newsletter | Comments Off on Management of Change – ISO 9001

Management of change is a systematic way to handle changes within an organization to effectively deal with the change and to capitalize on possible opportunities. It involves adapting to the change, controlling the change, and effecting new change.

ISO 9001:2015

Management of change is addressed in multiple requirements of ISO 9001, including:

  • maintaining the quality management system (see 4.4.1),
  • organizational roles, responsibilities and authorities (see 5.3.e),
  • planning of changes (see 6.3),
  • operational control (see 8.1),
  • control of changes (see 8.5.6),
  • internal audit program (see 9.2.2),
  • management review (see 9.3), and
  • corrective actions (see 10.2.1.f).

These clauses on changes to the QMS are described below:

4.4 Quality management system and its processes

4.4.1 

The organization must establish, implement, maintain, and continually improve a quality management system. Management of change is necessary to adequately maintain the QMS.

The organization must determine the processes needed for the quality management system and their application throughout the organization, and:

g) evaluate these processes and implement any changes needed to ensure that these processes achieve their intended results.

5.3 Organizational roles, responsibilities and authorities

Top management must assign the responsibility and authority for:

e) ensuring that the integrity of the quality management system is maintained when changes to the quality management system are planned and implemented.

6.3 Planning of changes

When the organization determines the need for changes to the quality management system, the changes must be carried out in a planned manner (see 4.4).

The organization must consider:
a) the purpose of the changes and their potential consequences;
b) the integrity of the quality management system;
c) the availability of resources;
d) the allocation or reallocation of responsibilities and authorities.

8.1 Operational planning and control

The organization must control planned changes and review the consequences of unintended changes, taking action to mitigate any adverse effects, as necessary.

8.5.6 Control of changes

The organization must review and control changes for production or service provision, to the extent necessary to ensure continuing conformity with requirements.

The organization must retain documented information describing the results of the review of changes, the person(s) authorizing the change, and any necessary actions arising from the review.

9.2 Internal audit

9.2.2 

The organization must:

a) plan, establish, implement, and maintain an audit program including the frequency, methods, responsibilities, planning requirements, and reporting, which shall take into consideration the importance of the processes concerned, changes affecting the organization, and the results of previous audits.

9.3 Management review
9.3.2 Management review inputs

The management review must be planned and carried out taking into consideration:

b) changes in external and internal issues that are relevant to the quality management system.

9.3.3 Management review outputs

The outputs of the management review must include decisions and actions related to:

b) any need for changes to the quality management system.

10.2 Nonconformity and corrective action

10.2.1

When a nonconformity occurs, including any arising from complaints, the organization must:

f) make changes to the quality management system, if necessary.

Management of Change – ISO 14001

Dec 1, 2018 in Newsletter | Comments Off on Management of Change – ISO 14001

Management of change is a systematic way to handle changes within an organization to effectively deal with the change and to capitalize on possible opportunities. It involves adapting to the change, controlling the change, and effecting new change.

ISO 14001:2015

Management of change is an important part of maintaining the environmental management system to ensure it achieves the intended outcomes on an ongoing basis.

Management of change is addressed in multiple requirements of ISO 14001, including:

  • maintaining the environmental management system (see 4.4),
  • environmental aspects (see 6.1.2.a),
  • internal communication (see 7.4.2.a),
  • operational control (see 8.1),
  • internal audit program (see 9.2.2),
  • management review (see 9.3), and
  • corrective actions (see 10.2.e).

These clauses on changes to the EMS are described below:

4.4 Environmental management system

To achieve the intended outcomes, including enhancing its environmental performance, the organization must establish, implement, maintain, and continually improve an environmental management system. Management of change is necessary to adequately maintain the EMS.

6.1.2 Environmental aspects

When determining environmental aspects, the organization must take into account:

a) change, including planned or new developments, and new or modified activities, products and services.

7.4.2 Internal communication

The organization must:

a) internally communicate information relevant to the EMS among the various levels and functions of the organization, including changes to the EMS, as appropriate;

8.1 Operational planning and control

The organization must control planned changes and review the consequences of unintended changes, taking action to mitigate any adverse effects, as necessary.

9.2.2 Internal audit program

When establishing the internal audit program, the organization must take into consideration the environmental importance of the processes concerned, changes affecting the organization, and the results of previous audits.

9.3 Management review

The management review must include consideration of

b) changes in:

1) external and internal issues that are relevant to the EMS;
2) the needs and expectations of interested parties, including compliance obligations;
3) its significant environmental aspects;
4) risks and opportunities.

The outputs of the management review must include decisions related to any need for changes to the EMS, including resources;

10.2 Nonconformity and corrective action

When a nonconformity occurs, the organization must:

e) make changes to the EMS, if necessary.

Management of Change – ISO 45001

Dec 1, 2018 in Newsletter | Comments Off on Management of Change – ISO 45001

Management of change is a systematic way to handle changes within an organization to effectively deal with the change and to capitalize on possible opportunities. It involves adapting to the change, controlling the change, and effecting new change.

ISO 45001:2018

Management of change is addressed in multiple requirements of ISO 45001, including:

  • maintaining the OH&S management system (see 4.4),
  • actions to address risks and opportunities (see 6.1.1, 6.1.2.1, 6.1.2.3, 6.1.4),
  • internal communication (see 7.4.2.a),
  • management of change (see 8.1.3),
  • internal audit program (see 9.2.2),
  • management review (see 9.3), and
  • corrective actions (see 10.2.e).

These clauses on changes to the OH&S management system are described below:

4.4 OH&S management system

The organization must establish, implement, maintain, and continually improve an OH&S management system. Management of change is necessary to adequately maintain the OH&S management system.

6.1 Actions to address risks and opportunities

6.1.1 General

The organization, in its planning process(es), must determine and assess the risks and opportunities that are relevant to the intended outcomes of the OH&S management system associated with changes in the organization, its processes, or the OH&S management system.

In the case of planned changes, permanent or temporary, this assessment must be undertaken before the change is implemented (see 8.1.3).

6.1.2.1 Hazard identification

The processes must take into account, but not be limited to:

g) actual or proposed changes in organization, operations, processes, activities, and the OH&S management system (see 8.1.3).

6.1.2.3 Assessment of OH&S opportunities and other opportunities for the OH&S management system

The organization must establish, implement, and maintain processes to assess:

a) OH&S opportunities to enhance OH&S performance, while taking into account planned changes to the organization, its policies, its processes, or its activities.

A.6.1.4 Planning action

Actions to address risks and opportunities should also be considered under the management of change (see 8.1.3) to ensure there are no resulting unintended consequences.

7.4.2 Internal communication

The organization must:

a) internally communicate information relevant to the OH&S management system among the various levels and functions of the organization, including changes to the OH&S management system, as appropriate.

8.1.3 Management of change

The organization must establish processes for the implementation and control of planned temporary and permanent changes that impact OH&S performance, including:

a) new products, services, and processes, or changes to existing products, services, and processes, including:

  • workplace locations and surroundings;
  • work organization;
  • working conditions;
  • equipment;
  • work force;

b) changes to legal requirements and other requirements;
c) changes in knowledge or information about hazards and OH&S risks;
d) developments in knowledge and technology.

The organization must review the consequences of unintended changes, taking action to mitigate any adverse effects, as necessary.

NOTE: Changes can result in risks and opportunities.

The objective of a management of change process is to enhance occupational health and safety at work, by minimizing the introduction of new hazards and OH&S risks into the work environment as changes occur.

In addition to the examples in 8.1.3.a, annex A.8.1.3 identifies changes related to:

  • technology
  • equipment
  • facilities
  • work practices
  • procedures
  • design specifications
  • raw materials
  • staffing
  • standards
  • regulations

Depending on the nature of an expected change, the organization can use an appropriate methodology, e.g., design review, for assessing the OH&S risks and opportunities of the change.

The need to manage change can be an outcome of planning (see 6.1.4).

9.3 Management review

The management review must include consideration of:

b) changes in external and internal issues that are relevant to the OH&S management system, including:

1) the needs and expectations of interested parties;
2) legal requirements and other requirements;
3) risks and opportunities;

The outputs of the management review must include decisions related to any need for changes to the OH&S management system.

10.2 Incident, nonconformity, and corrective action

When an incident or a nonconformity occurs, the organization must:

d) determine and implement any action needed, including corrective action, in accordance with the hierarchy of controls (see 8.1.2) and the management of change (see 8.1.3);

g) make changes to the OH&S management system, if necessary.