Issue 55 – Clause 8.2: Requirements for products and services
Clause 8.2: Requirements for products and services
What’s the intent of Clause 8.2?… In our last Newsletter (ISO 9001:2015 Newsletter Issue 54) we discussed the topic of “plans and controls”, and now here in Clause 8.2 we address the area of “product requirements and service requirements”. The intent of this Clause is to build on the “planning” that was done in the Clause 8.1 and now put those plans into action by establishing all of the specifications needed for those products and services you are offering, and then begin taking Customer Orders!
Note A: This Clause DOES include requirements for “documented information”.
Note B: The content for these Newsletters comes from working in the field with my Clients, and with their ISO Certification Bodies. I gain a lot of hands-on experience from conducting training workshops, gap audits and internal audits, where the requirements of the Standard have to be interpreted and applied to each unique situation. A popular training request is our on-site Internal Process Auditor Training for ISO 9001:2015 since you will need to do a complete round of internal audits to the new Standard prior to your external upgrade audit. On that note, some organizations are opting to use an outside resource to assist with their internal audits in order to meet deadlines (…more details on this service, as well as the training sessions we offer, can be found below).
The new numbering format…
Element 4 – Context of the organization
Element 5 – Leadership
Element 6 – Planning
Element 7 – Support
Element 8 – Operation
Element 9 – Performance evaluation
Element 10 – Improvement
Clause 8.2 Requirements for products and services consists of four (4) Sub-Clauses as listed below:
8.2.1 Customer communication
8.2.2 Determining the requirements for products and services
8.2.3 Review of the requirements for products and services
8.2.4 Changes to requirements for products and services
Sub-Clause 8.2.1 Customer Communication – The requirements within this sub-clause are essentially asking the organization to put processes in place on how the organization intends on communicating with its Customers on a variety of topics. Before I go any further, let me try and clear up any confusion between this sub-clause and Clause 7.4 (Communication), which mentions “…external communications relevant to the QMS…”. Although there appears to be overlap here, I suggest you keep them separate. In other words, for any communication with the Customer use this sub-clause (8.2.1), and for any external communication OTHER than with the Customer, use Clause 7.4 (Communication), since all of those “shall” requirements within Clause 7.4 can easily be addressed when you respond to the requirements in this sub-clause (8.2.1).
Within sub-clause 8.2.1 the main new requirements are found with the use of the words “and services”. Organizations are expected to provide information about the Customer services they provide as well as obtain Customer feedback on those services (recall that we are referring to those outbound services listed in your Scope statement). Sub-Clauses 8.2.1a) to c) are asking that you have processes in place to handle the normal day to day interactions with Customers. Sub-Clause 8.2.1 d) covers how you will manage any property that they provide to you (both tangible and intangible). This may not apply to many companies but in case it does, you need to have a process in place to communicate with Customers on this topic when they call. Also in Sub-Clause 8.2.1 e) you’ll find another new item regarding “contingency actions” and establishing specific Customer requirements associated with these events, when relevant.
Sub-Clause 8.2.2 Determining the Requirements for Products and Services – Similar to the previous sub-clause, here again in 8.2.2 the main new requirements are found with the use of the words “and services”. Just as organizations need to determine requirements for “products” they also need to determine the requirements for “services”, and this means all of the “shalls” in sub-clause 8.2.2 need to be applied to each of those “services” that you listed in your Scope (see Clause 4.3). The Standard makes a very explicit statement within this sub-clause when it states: “…the organization can meet the claims for the products and services it offers.” All too often companies like to close the deal first and then worry about the “details” later. The intent here is to handle these “details” up front so as to avoid surprises down the line.
Sub-Clause 8.2.3 Review of Requirements for Products and Services – This sub-clause contains two (2) sub-sub-clauses and similar to sub-clause 8.2.2 (and the one before that!), here again in 8.2.3 the main new requirements are found with the use of the words “and services”. Just as organizations need to review requirements for “products” they also need to review the requirements for “services”, and this means all of the “shalls” in sub-clause 8.2.3 need to be applied to each of those “services”. Let’s not forget that the primary intent of sub-clause 8.2.3 is to “review all of the requirements” BEFORE we say YES to the Customer’s order. Also in 220.127.116.11 b) you’ll find another new item regarding “documented information… on any new requirements”, which means that organizations need to keep track of any new requirements (not changes to existing ones) that are being added to the products and services offered by the organization.
Sub-Clause 8.2.4 Changes to Requirements for Products and Services – Once again the main new requirements are found with the use of the words “and services”. Just as organizations need to manage “changes” to product requirements they also need to manage “changes” to service requirements, and this also means that all of the “shalls” in sub-clause 8.2.4 need to be applied to the “service” part of the Customer Order.
Be sure to watch for our next Newsletter issue where we will cover another section of ISO 9001:2015…
PS: Don’t forget to look at the Q&A section below for some final thoughts…
To view all of our past Newsletters or to sign up to receive them… click here
For cost effectiveness, the Internal Audit function can be outsourced to an external experienced auditor on a periodic basis. This will provide an independent and objective assessment to management, of where process issues may exist, along with identifying opportunities for improvement. It will also provide the evidence needed to satisfy the Internal Audit requirements in the ISO Standards. We have used two different approaches with this service: a) We conduct the entire audit ourselves, or b) We act as the lead auditor, and along with your Team of internal auditors, we complete the entire audit together. This latter approach allows your people to receive guidance and direction from an experienced lead auditor while at the same time maintaining significant involvement in the internal audit process.
This Documentation Development Training Workshop for ISO 9001:2015 Session is intended to be a very interactive, hands-on session (hence the name Workshop) where your QMS documentation will be created/revised, with guidance from an experienced facilitator. This type of session can help launch your transition efforts by getting a lot accomplished within a compressed time-frame. If your organization has already begun the re-write then this session can be used to validate what you’ve accomplished so far, or if you haven’t yet begun, it can be the catalyst to get things started (…which is usually the hardest part). Deciding how to move from your current QMS structure into a new one can be a daunting task and this session can help you navigate through it. A copy of a sample Quality Manual (re-iterating the “shall” requirements found within the ISO 9001:2015 Standard) will be provided to each participant. As always, our focus will be on how to develop a simplified and streamlined quality management system, that helps to drive improvement in your business.
The two (2) day Internal Process Auditing for ISO 9001:2015 Training Session is focused on a process approach to auditing with the objective being not only to assess conformance of the quality management system, but also to uncover process improvements during an audit. This goes hand in hand with the process auditing requirements found within ISO 19011 and the process approach covered in ISO 9001:2015, which promotes continual process improvement throughout this Standard. An enhanced checklist is developed, and there will be workshops throughout, to reinforce learning, as well as a live, practice audit. If you are looking to meet the ISO 9001:2015 internal audit requirements and to “raise the bar” for your internal audit program then this is the course you should consider.
This combines the ISO 9001:2015 Essentials Session with a Gap Audit – This approach is used to assist organizations in launching their transition efforts for this new ISO Standard. This event accomplishes two things: a) it provides education on the new ISO 9001:2015 Standard for your key personnel (i.e. internal auditors; etc.), by highlighting the differences from the 2008 version; and b) assesses the gap from where you are today to where you need to be to achieve compliance to this new ISO Standard. Training certificates covering education on the new ISO 9001:2015 Standard, as well as issuing of a Gap Audit Report for distribution to your Top Management, are the two deliverables from this event. On a final note, a closing meeting can be arranged with key individuals so they can hear first hand the results of the Gap Audit that was performed. PS: We’ve also done this session with just the QMS Management Rep attending, which allowed them to quickly get up to speed on this new Standard, as well as to see how much of an effort the transition will be… and of course they receive their own Training Certificate as part of this event. This also allowed them to avoid traveling offsite to get the training they needed anyways, as evidence for their Certification Bodies.
Q: How do you perform an audit for Clause 8.2 of ISO 9001:2015?
A: For Clause 8.2, an Audit Checklist should cover these areas:
– How does the organization communicate with their Customers regarding providing information related to those products AND services listed in the QMS Scope?
– How does the organization communicate with their Customers regarding handling enquiries, contracts or orders, including any changes that occur?
– How does the organization communicate with their Customers regarding getting their feedback (including complaints) related to those products AND services listed in the QMS Scope?
– How does the organization communicate with their Customers regarding handling or controlling Customer property (both tangible and intangible)?
– How does the organization establish specific requirements for contingency actions with Customers when relevant?
– How does the organization determine the requirements for those products AND services listed in the QMS Scope?
– How does the organization determine any applicable statutory and regulatory requirements for their products AND services?
– How does the organization determine those requirements that are considered necessary by the organization, for their products AND services?
– How does the organization determine any applicable statutory and regulatory requirements for their products AND services?
– How does the organization ensure that the claims for the products and services being offered, can be met?
– How does the organization ensure that it has the ability to meet the requirements for products AND services being offered to Customers?
– Does the organization conduct a review before committing to supply products AND services to a Customer?
– Does this review include requirements specified by the Customer, including the requirements for delivery and post-delivery activities?
– Does this review include requirements not stated by the Customer, but necessary for the specified or intended use, when known?
– Does this review include requirements specified by the organization?
– Does this review include statutory and regulatory requirements applicable to the products AND services?
– Does this review include contract or order requirements differing from those previously expressed?
– How does the organization ensure that contract or order requirements differing from those previously defined, are resolved?
– How are the Customer’s requirements confirmed by the organization before acceptance, when the Customer does not provide a documented statement of their requirements?
– How does the organization retain documented information on the results of the review?
– How does the organization retain documented information on any new requirements that arise for those products AND services listed in the QMS Scope?
– How does the organization handle any changes made to the existing product AND service requirements? If this occurs, is relevant documented information amended? Are relevant persons made aware of the changed requirements?
(Make sure to interview more than one person and obtain examples for the items listed above)
Until next time…
Helping Business Professionals Reduce Risk and Remove Waste!