Issue 27 – Clause 8.2: Requirements for Products and Services
Clause 8.2: Requirements for Products and Services
What’s new in Clause 8.2?… In our last Newsletter (ISO 9001:2015 Newsletter Issue 26) we discussed the topic of “planning and control”, and now here in Clause 8.2 we address the area dealing with “product requirements and service requirements”. In other words, since the previous Clause required you to have your “plans and controls” in place, now with this Clause you can start taking Customer Orders!
Note A: This Clause DOES include requirements for “documented information”.
Note B: I prefer practical application vs theory, so for those of you who may not be aware, the content for these Newsletters comes from working in the field with my Clients, and with their ISO Certification Bodies. I gain a lot of hands-on experience from conducting gap audits (as well as training seminars), where the requirements of the Standard have to be interpreted and applied to each unique situation. Combining an on-site Gap Audit with ISO 9001 Essentials Training, has become our most popular request for proposal from our Newsletter readers (…more details on this, as well as other training that we offer, can be found below).
The new numbering format…
Element 4 – Context of the organization
Element 5 – Leadership
Element 6 – Planning
Element 7 – Support
Element 8 – Operation
Element 9 – Performance evaluation
Element 10 – Improvement
Clause 8.2 Requirements for Products and Services consists of four (4) Sub-Clauses as listed below:
8.2.1 Customer Communication
8.2.2 Determining the Requirements for Products and Services
8.2.3 Review of Requirements for Products and Services
8.2.4 Changes to Requirements for Products and Services
Sub-Clause 8.2.1 Customer Communication – The requirements within this sub-clause are very similar to the requirements in the old 2008 version, essentially asking the organization to put processes in place on how the organization intends on communicating with its Customers on a variety of topics. Before I go any further, let me try and clear up any confusion between this sub-clause and Clause 7.4 (Communication), which mentions “…external communications relevant to the QMS…”. Although there appears to be overlap here, I suggest you keep them separate. In other words, for any communication with the Customer use this sub-clause (8.2.1), and for any external communication OTHER than with the Customer, use Clause 7.4 (Communication), since all of those “shall” requirements within Clause 7.4 can easily be addressed when you respond to this sub-clause (8.2.1).
Within sub-clause 8.2.1 the main new requirements are found with the use of the words “and services”. Organizations are expected to provide information about the Customer services they provide as well as obtain Customer feedback on those services (recall that we are referring to those outbound services listed in your Scope statement). Also in 8.2.1 e) you’ll find another new item regarding “contingency actions” and establishing specific Customer requirements associated with these events, when relevant.
Sub-Clause 8.2.2 Determining the Requirements for Products and Services – Similar to the previous sub-clause, here again in 8.2.2 the main new requirements are found with the use of the words “and services”. Just as organizations need to determine requirements for “products” they also need to determine the requirements for “services”, and this means all of the “shalls” in sub-clause 8.2.2 need to be applied to each of those “services”.
Sub-Clause 8.2.3 Review of Requirements for Products and Services – This sub-clause contains two (2) sub-sub-clauses and similar to sub-clause 8.2.2 (and the one before that!), here again in 8.2.3 the main new requirements are found with the use of the words “and services”. Just as organizations need to review requirements for “products” they also need to review the requirements for “services”, and this means all of the “shalls” in sub-clause 8.2.3 need to be applied to each of those “services”. Let’s not forget that the primary intent of sub-clause 8.2.3 is to “review all of the requirements” BEFORE we say YES to the Customer’s order. Also in 22.214.171.124 b) you’ll find another new item regarding “documented information… on any new requirements”, which means that organizations need to keep track of any new requirements (not changes to existing ones) that are being added to the products and services offered by the organization.
Sub-Clause 8.2.4 Changes to Requirements for Products and Services – Once again the main new requirements are found with the use of the words “and services”. Just as organizations need to manage “changes” to product requirements they also need to manage “changes” to service requirements, and this also means that all of the “shalls” in sub-clause 8.2.4 need to be applied.
Be sure to watch for our next Newsletter issue where we will cover another section of ISO 9001:2015…
PS: Don’t forget to look at the Q&A section below for some final thoughts…
To view all of our past Newsletters or to sign up to receive them… click here
For cost effectiveness, the Internal Audit function can be outsourced to an external experienced auditor on a periodic basis. This will provide an independent and objective assessment to management, along with identifying opportunities for improvement. It will also provide the evidence needed to satisfy Internal Audit requirements in the ISO Standards.
The two (2) day Internal Process Auditing for ISO 9001:2015 Training Session is focused on a process approach to auditing with the objective being not only to assess conformance of the quality management system, but also to uncover process improvements during an audit. This goes hand in hand with the process auditing requirements found within ISO 19011 and the process approach covered in ISO 9001:2015, which promotes continual process improvement throughout this Standard. An enhanced checklist is developed, and there will be workshops throughout, to reinforce learning, as well as a live, practice audit. If you are looking to meet the ISO 9001:2015 internal audit requirements and to “raise the bar” for your internal audit program then this is the course you should consider.
This combines the ISO 9001:2015 Essentials Session with a Gap Audit – This approach is used to assist organizations in launching their transition efforts for this new ISO Standard. This event accomplishes two things: a) it provides education on the new ISO 9001:2015 Standard for your key personnel (i.e. internal auditors; etc.), by highlighting the differences from the 2008 version; and b) assesses the gap from where you are today to where you need to be to achieve compliance to this new ISO Standard. Training certificates covering education on the new ISO 9001:2015 Standard, as well as issuing of a Gap Audit Report for distribution to your Top Management, are the two deliverables from this event. On a final note, a closing meeting can be arranged with key individuals so they can hear first hand the results of the Gap Audit that was performed. PS: We’ve also done this session with just the QMS Management Rep attending, which allowed them to quickly get up to speed on this new Standard, as well as to see how much of an effort the transition will be… and of course they receive their own Training Certificate as part of this event. This also allowed them to avoid traveling offsite to get the training they needed anyways, as evidence for their Certification Bodies.
Q: How do you perform a gap audit for Clause 8.2 of ISO 9001:2015?
A: For Clause 8.2, a Gap Audit checklist should cover these areas:
– How does the organization communicate with their Customers regarding providing information related to those services listed in the QMS Scope?
– How does the organization communicate with their Customers regarding getting their feedback related to those services listed in the QMS Scope?
– How does the organization establish specific requirements for contingency actions with Customers when relevant?
– How does the organization determine the requirements for those services listed in the QMS Scope?
– How does the organization review the requirements for those services listed in the QMS Scope?
– How does the organization retain documented information on any new requirements that arise for those products and services listed in the QMS Scope?
– How does the organization handle any changes made to the existing product and service requirements? If this occurs, is relevant documented information amended? Are relevant persons made aware of the changed requirements?
(Make sure to interview more than one person and obtain examples for the items listed above)
Until next time…
Helping Business Professionals Reduce Risk and Remove Waste!