Issue 60 – Clause 8.7: Control of Nonconforming Outputs
ISO 9001:2015…
Clause 8.7: Control of Nonconforming Outputs
What’s the intent of Clause 8.7?… In our last Newsletter (ISO 9001:2015 Newsletter Issue 59) we discussed the topic of “releasing products and services”, and now here in Clause 8.7 we address the area of “controlling surprises”. The intent of this Clause is to control any “surprises” from those products we’ve produced and from those services we supply and “control” them BEFORE they reach the Customer, or if necessary, after they’ve left our organization.
Note A: This Clause DOES include requirements for “documented information”.
Note B: As some of you already know, the content for these Newsletters comes from working in the field with my Clients, and with their ISO Certification Bodies. I gain a lot of hands-on experience from conducting training workshops, gap audits and internal audits, where the requirements of the Standard have to be interpreted and applied to each unique situation. A popular training request is our on-site Internal Process Auditor Training for ISO 9001:2015 since you will need to do a complete round of internal audits to the new Standard prior to your external upgrade audit. On that note, some organizations are opting to use an outside resource to assist with their internal audits in order to meet deadlines (…more details on this service, as well as the training sessions we offer, can be found below).
The new numbering format…
Element 4 – Context of the organization
Element 5 – Leadership
Element 6 – Planning
Element 7 – Support
Element 8 – Operation
Element 9 – Performance evaluation
Element 10 – Improvement
Clause 8.7 Control of Nonconforming Outputs consists of two (2) Sub-Clauses as listed below:
8.7.1 The organization shall ensure that outputs that do not conform…
8.7.2 The organization shall retain documented information that…
Sub-Clause 8.7.1 The organization shall ensure that outputs that do not conform… – I used the first 10 words of this sub-clause since it has no “title” to identify it. Speaking of “titles”, note the use of the word “output” in the title of Clause 8.7. They could have said “Control of nonconforming products and services” but they chose to say “outputs” instead. Although this word is not new to the ISO Standard (it can found a few times back in the 2008 version) it has certainly been used much more often this time around. The first occurrence can be found back in sub-clause 4.4.1a) …determine the inputs and outputs expected from these processes… Element 8.0 (Operation) uses the word “output” throughout the text. One specific example of its use is found back in 8.5.1c) …the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met… One reason why they might have chosen to use the word “output” is because a number of organizations only applied “control of nonconforming product” (in the old 2008 version) to the FINAL product destined for the Customer, and not to IN-PROCESS product/service, nor to INCOMING products/services from Vendors. Going upstream in a process to identify any problems earlier, is a much better approach (and cheaper in the long run).
So with that in mind, what I see new here in Sub-Clause 8.7.1 is first of all, controlling ALL nonconformities, not just final product/service issues but incoming and in-process as well. Secondly, you will need to address the “and services” part of this sub-clause, which means that late delivery will need to be addressed as a “nonconforming output” in many companies, and so it should since most Customers view on-time delivery as a critical quality requirement of the delivery service process. Finally, they’ve also made it clear, that just like products, the requirements within this sub-clause also apply to services while you are providing them, and even after they have been provided to the Customer (the words used are …during or after the provision of services…).
Sub-Clause 8.7.2 The organization shall retain documented information that… – Once again, I used the first words (in this case 7) of this sub-clause since it has no “title” to identify it. What is new here is the requirement in 8.7.1d) which says …identifies the authority deciding the action in respect of the nonconformity…, which now must be documented. This means actually identifying the “authority” who decided what action will be taken to “control” EACH nonconformity that has been identified.
Be sure to watch for our next Newsletter issue where we will cover another section of ISO 9001:2015…
PS: Don’t forget to look at the Q&A section below for some final thoughts…
To view all of our past Newsletters or to sign up to receive them… click here
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Need Help?
ISO 9001:2015 Internal Audit Outsourcing (we can do it for you OR with you!)
For cost effectiveness, the Internal Audit function can be outsourced to an external experienced auditor on a periodic basis. This will provide an independent and objective assessment to management, of where process issues may exist, along with identifying opportunities for improvement. It will also provide the evidence needed to satisfy the Internal Audit requirements in the ISO Standards. We have used two different approaches with this service: a) We conduct the entire audit ourselves, or b) We act as the lead auditor, and along with your Team of internal auditors, we complete the entire audit together. This latter approach allows your people to receive guidance and direction from an experienced lead auditor while at the same time maintaining significant involvement in the internal audit process.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Internal Process Auditor Training for ISO 9001:2015
The two (2) day Internal Process Auditing for ISO 9001:2015 Training Session is focused on a process approach to auditing with the objective being not only to assess conformance of the quality management system, but also to uncover process improvements during an audit. This goes hand in hand with the process auditing requirements found within ISO 19011 and the process approach covered in ISO 9001:2015, which promotes continual process improvement throughout this Standard. An enhanced checklist is developed, and there will be workshops throughout, to reinforce learning, as well as a live, practice audit. If you are looking to meet the ISO 9001:2015 internal audit requirements and to “raise the bar” for your internal audit program then this is the course you should consider.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Q: How do you perform an audit for Clause 8.7 of ISO 9001:2015?
A: For Clause 8.7, an Audit Checklist should cover these areas:
– Has the organization defined what is considered to be an “output” that is nonconforming? How?
– Has the organization dealt with nonconforming outputs from Vendors? From in-process activities? How?
– Has the organization identified problems when providing services to Customers, as nonconformities? Examples?
– Does the organization take appropriate action based on the nature of the nonconformity and its effect on the conformity of products and services? Does this also apply to nonconforming products and services detected after delivery of products, during or after the provision of services? Examples?
– Does the organization deal with nonconforming outputs by correction? Explain.
– Does the organization deal with nonconforming outputs by segregation, containment, return or suspension of provision of products and services? Explain.
– Does the organization deal with nonconforming outputs by informing the Customer? Explain.
– Does the organization deal with nonconforming outputs by obtaining authorization for acceptance under concession? Explain.
– Does the organization verify conformity to the requirements when nonconforming outputs are corrected? How?
– Does the organization verify conformity to the requirements when nonconforming outputs are corrected? How?
– Does the organization retain documented information that describes the nonconformity? Where?
– Does the organization retain documented information that describes the actions taken? Where?
– Does the organization retain documented information that describes describes any concessions obtained? Where?
– Does the organization retain documented information that identifies the authority deciding the action in respect of the nonconformity? Where?
(Make sure to interview more than one person and obtain examples for the items listed above)
Until next time…
Tim Renaud
Helping Business Professionals Reduce Risk and Remove Waste!