Issue 32 – Clause 8.7: Control of Nonconforming Outputs
Clause 8.7: Control of nonconforming outputs
What’s new in Clause 8.7?… In our last Newsletter (ISO 9001:2015 Newsletter Issue 31) we discussed the topic of “releasing products and services”, and now here in Clause 8.7 we address the area dealing with “controlling surprises”. This is the last Clause within Element 8.0 (Operation), which is by far the largest of all the ISO Elements.
Note A: This Clause DOES include requirements for “documented information”.
Note B: As some of you already know, the content for these Newsletters comes from working in the field with my Clients, and with their ISO Certification Bodies. I gain a lot of hands-on experience from conducting training workshops and gap audits, where the requirements of the Standard have to be interpreted and applied to each unique situation. Combining an on-site Gap Audit with ISO 9001:2015 Essentials Training, has become our most popular request for proposal from our Newsletter readers. The second most popular request is our on-site Document Development Training Workshop (…more details on these training sessions, as well as other training that we offer, can be found below).
The new numbering format…
Element 4 – Context of the organization
Element 5 – Leadership
Element 6 – Planning
Element 7 – Support
Element 8 – Operation
Element 9 – Performance evaluation
Element 10 – Improvement
Clause 8.7 Control of nonconforming outputs consists of two (2) Sub-Clauses as listed below:
8.7.1 The organization shall ensure that outputs that do not conform…
8.7.2 The organization shall retain documented information that…
Sub-Clause 8.7.1 The organization shall ensure that outputs that do not conform… – I used the first 10 words of this sub-clause since it has no “title” to identify it. Speaking of “titles”, note the use of the word “output” in the title of Clause 8.7. They could have said “Control of nonconforming products and services” but they chose to say “outputs” instead. Although this word is not new to the ISO Standard (it can found a few times back in the 2008 version) it has certainly been used much more often this time around. The first occurrence can be found back in sub-clause 4.4.1a) …determine the inputs and outputs expected from these processes… Element 8.0 (Operation) uses the word “output” throughout the text. One specific example of its use is found back in 8.5.1c) …the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met… One reason why they might have chosen to use the word “output” is because a number of organizations only applied “control of nonconforming product” (in the old 2008 version) to the FINAL product destined for the Customer, and not to IN-PROCESS product/service, nor to INCOMING products/services from Vendors. Going upstream in a process to identify any problems earlier, is a much better approach (and cheaper in the long run).
So with that in mind, what I see new here in Sub-Clause 8.7.1 is first of all, controlling ALL nonconformities, not just final product/service issues but incoming and in-process as well. Secondly, you will need to address the “and services” part of this sub-clause, which means that late delivery will need to be addressed as a “nonconforming output” in many companies, and so it should since most Customers view on-time delivery as a critical quality requirement of the delivery service process. Finally, they’ve also made it clear, that just like products, the requirements within this sub-clause also apply to services while you are providing them, and even after they have been provided to the Customer (the words used are …during or after the provision of services…).
Sub-Clause 8.7.2 The organization shall retain documented information that… – Once again, I used the first words (in this case 7) of this sub-clause since it has no “title” to identify it. What is new here is the requirement in 8.7.1d) which says …identifies the authority deciding the action in respect of the nonconformity…, which now must be documented. This means actually identifying the “authority” who decided what action will be taken to “control” EACH nonconformity that has been identified.
Be sure to watch for our next Newsletter issue where we will cover another section of ISO 9001:2015…
PS: Don’t forget to look at the Q&A section below for some final thoughts…
To view all of our past Newsletters or to sign up to receive them… click here
For cost effectiveness, the Internal Audit function can be outsourced to an external experienced auditor on a periodic basis. This will provide an independent and objective assessment to management, along with identifying opportunities for improvement. It will also provide the evidence needed to satisfy Internal Audit requirements in the ISO Standards.
This Documentation Development Training Workshop for ISO 9001:2015 Session is intended to be a very interactive, hands-on session (hence the name Workshop) where your QMS documentation will be created/revised, with guidance from an experienced facilitator. This type of session can help launch your transition efforts by getting a lot accomplished within a compressed time-frame. If your organization has already begun the re-write then this session can be used to validate what you’ve accomplished so far, or if you haven’t yet begun, it can be the catalyst to get things started (…which is usually the hardest part). Deciding how to move from your current QMS structure into a new one can be a daunting task and this session can help you navigate through it. A copy of a sample Quality Manual (re-iterating the “shall” requirements found within the ISO 9001:2015 Standard) will be provided to each participant. As always, our focus will be on how to develop a simplified and streamlined quality management system, that helps to drive improvement in your business.
The two (2) day Internal Process Auditing for ISO 9001:2015 Training Session is focused on a process approach to auditing with the objective being not only to assess conformance of the quality management system, but also to uncover process improvements during an audit. This goes hand in hand with the process auditing requirements found within ISO 19011 and the process approach covered in ISO 9001:2015, which promotes continual process improvement throughout this Standard. An enhanced checklist is developed, and there will be workshops throughout, to reinforce learning, as well as a live, practice audit. If you are looking to meet the ISO 9001:2015 internal audit requirements and to “raise the bar” for your internal audit program then this is the course you should consider.
This combines the ISO 9001:2015 Essentials Session with a Gap Audit – This approach is used to assist organizations in launching their transition efforts for this new ISO Standard. This event accomplishes two things: a) it provides education on the new ISO 9001:2015 Standard for your key personnel (i.e. internal auditors; etc.), by highlighting the differences from the 2008 version; and b) assesses the gap from where you are today to where you need to be to achieve compliance to this new ISO Standard. Training certificates covering education on the new ISO 9001:2015 Standard, as well as issuing of a Gap Audit Report for distribution to your Top Management, are the two deliverables from this event. On a final note, a closing meeting can be arranged with key individuals so they can hear first hand the results of the Gap Audit that was performed. PS: We’ve also done this session with just the QMS Management Rep attending, which allowed them to quickly get up to speed on this new Standard, as well as to see how much of an effort the transition will be… and of course they receive their own Training Certificate as part of this event. This also allowed them to avoid traveling offsite to get the training they needed anyways, as evidence for their Certification Bodies.
Q: How do you perform a gap audit for Clause 8.7 of ISO 9001:2015?
A: For Clause 8.7, a Gap Audit checklist should cover these areas:
– Has the organization defined what is considered to be an “output” that is nonconforming?
– Has the organization dealt with nonconforming outputs from Vendors? From in-process activities?
– Has the organization identified problems when providing services to Customers, as nonconformities? Has “acceptance under concession” for a service ever occurred? Was the Customer involved?
– Has a nonconforming service ever been identified after its provision to the Customer? How was it handled?
– Has the organization ever suspended the activities of a service provider as a result of a nonconformity?
– Does the organization retain documented information identifying the authority who decided what action would be taken for EACH nonconforming output that occurred? Can the identity of the person (or persons) be traced?
(Make sure to interview more than one person and obtain examples for the items listed above)
Until next time…
Helping Business Professionals Reduce Risk and Remove Waste!