No.

Section
4 Context of the Organization

4.1 Understanding the organization and its context

4.1q1 4.1

4.1q2 4.1

4.2 Understanding the needs and expectations of interested parties

4.2q1

4.2q2
4.3 Determining the scope of the quality management system

4.3q1

4.3q2

4.3q3

4.3q4

4.3q5
 4.4 Quality management system and its processes

4.4q1

4.4q2

4.4q3
5 Leadership
5.1 Leadership and commitment
5.1.1 Leadership and comittment for the quality management system

5.1.1q1

5.1.2 Customer Focus

5.1.2q1
5.2 Quality policy
5.2.1 Establishing the quality policy

5.2.1q1
5.3 Organizational roles, responsibility and authorities

5.3q1

5.3q2
6 Planning for the quality management system
6.1 Actions to address risk and opportunities
6.1.1

6.1.1q1
6.1.2

6.1.2q1

6.1.2q2
 6.2 Quality objectives and planning to achieve them
6.2.1

6.2.1q1
6.2.1

6.2.2q1
6.3 Planning of changes

6.3q1
7 Support
7.1 Resources
7.1.1 General

7.1.1q1
7.1.2 People

7.1.2q1

7.1.3 Infrastructure

7.1.3q1

7.1.4 Environment for the operation of processes

7.1.4q1
 7.1.5 Monitoring and measuring resources

7.1.5q1

7.1.5q2

7.1.5q3
7.1.5.2 Measurement traceability

7.1.5q4

7.1.5q5
7.1.6 Organizational knowledge

7.1.6q1

7.1.6q2

7.1.6q3

7.2 Competence
7.2q1

7.3 Awareness

7.3q1
7.4 Communication

7.4q1
7.5 Documented information
7.5.1 General

7.5.1q1

7.5.2 Creating and updating

7.5.2q1
7.5.3 Control of documented information
7.5.3.1

7.5.3.1q1
7.5.3.1
7.5.3.2q1

7.5.3.2q2

8 Operation
8.1 Operational planning and control

8.1.q1

8.1.q2

8.1.q3

8.1.q4
8.2 Requirements for products and services
8.2.1 Customer communication

8.2.1q1
8.2.2 Determining the requirements for products and services

8.2.2q1

8.2.2q2
8.2.3 Review of requirements for products and services
8.2.3q1

8.2.3q2

8.2.3q3

8.2.3q4
8.2.4 Changes to requirements for products and services

8.2.3q5
8.3 Design and development of products and services
8.3.1 General

8.3.1q1

8.3.2 Design and development planning

8.3.2q1
8.3.3 Design and development inputs
8.3.3q1

8.3.3q2
8.3.4 Design and development controls

8.3.4q1

8.3.5 Design and development outputs

8.3.5q1

8.3.5q2
8.3.5 Design and development changes

8.3.6q1

8.3.6q2
8.4 Control of externally provided products and services
8.4.1 General

8.4.1q1
8.4.1q2

8.4.1q3

8.4.1q4
8.4.2 Type and extent of control

8.4.2q1

8.4.2q2

8.4.2q3
8.4.3 Information for external providers

8.4.3q1

8.4.3q2
8.5 Production and service provisions
8.5.1 Control of production and service provision

8.5.1q1
8.5.1q2
8.5.2 Identification and traceability

8.5.2q1

8.5.2q2

8.5.2q3

8.5.3 Property belonging to customers or external providers

8.5.3q1

8.5.3q2

8.5.4 Preservation

8.5.4q1

8.5.5 Post-delivery activities

8.5.5q1
8.5.5q2

8.5.5 Control of changes

8.5.6q1

8.5.6q2
8.6 Release of products and services

8.6q1

8.6q2
8.7 Control of nonconforming outputs

8.7.1q1

8.7.1q2

8.7.1q3

8.7.1q4

8.7.1q5
9 Performance evaluation
 9.1 Monitoring, measurement, anlaysis and evaluation
9.1.1 General

9.1.1q1

9.1.1q2

9.1.1q3
9.1.2 Customer satisfaction

9.1.2q1

9.1.2q2
9.1.2q3

9.1.3 Analysis and evalution

9.1.3q1

9.1.3q2

9.1.3q3
9.2 Internal Audit
9.2.1

9.2.1q1
9.2.2
9.2.2q1

9.3 Management Review

9.3.1

9.3.1q1
9.3.2 Management review inputs

9.3.2q1
9.3.3 Management review outputs

9.3.3q1

9.3.3q1
10 Improvement
10.1 General

10.1q1

10.1q2

10.2 Nonconformity and corrective action

10.2.1
10.2.1q1

10.2.1q2

10.2.2

10.2.2q1
10.3 Continual improvement

10.3q1

10.3q2

10.3q3
 Requirement
anization

e organization and its context

The organization shall determine external and internal issues that are relevant to its
purpose and its strategic direction and that affect its ability to achieve the intended
result(s) of its quality management system
The organization shall monitor and review the information about these external and
internal issues.

Note 1: Issues can include positive and negative factors or conditions for consideration
Note 2: Understanding the external context can be facilitated by considering issues
arising from legal, technological, competitive, market, cultural, social and economic
environments, whether international, national, regional or local
Note 3: Understanding the internal context can be facilitated by considering issues
related to values, culture, knowledge and performance of the organization
e needs and expectations of interested parties

Due to their impact or potential impact on the organization's ability to conistently

provide products and services that meet customer and applicable statuatory and
regulatory requirements, the organization shall determine:
a) the interested parties that are relevant to the quality management system;
b) the requirements of these interested parties that are relevant to the quality
management system
The organization shall monitor and review the information about these interested parties
and their relevent requirements.
cope of the quality management system
The organization shall determine the boundaries and applicability of the quality
management system to estatlish its scope

When determing this scope, the organization shall consider:

a) the external and internal issues referred to in 4.1;
b) the requirements of relevant interested parties referred to in 4.2;
c) the products and services of the organization.
Where a requirement of this International Standard within the determined scope can be
applied, then it shall be applied by the organization.
If any requirement(s) of this International Standard cannot be applied, this shall not
affect the organization's ability or responsibility to ensure conformity of products and
services.

The scope shall be available and be maitained as documented information stating the:
-products and servcies covered by the quality management system;
-justification for any instance where a requirement of this International Standard cannot
be applied
ent system and its processes
The organization shall establish, implement, maintain and continually improve a quality
management system, including the processes needed and their interactions, in
accordance with the requirements of this International Standard.

The organization shall determine the processes needed for the quality management
system and their application througout the organization and shall determine:
a) the inputs required and the outputs expected from these processes;
b) the sequence and interaction of these processes;
c) the criteria, methods, including measurements and related performance indicators
needed to ensure the effective operation, and control of these processes;
d) the resources needed and ensure their availability;
e) the assignment of the responsibilities and authorities for these processes;
f) the risks and opportunities in accordance with the requirements of 6.1, and plan and
implement the appropriate actions to address them;
g) the methods for monitoring, measuring, as appropriate, and evaluation of processes
and, if needed, the changes to processes to ensure that they achieve intended results;
h) opportunities for improvement of the processes and the quality management system.

The organization shall maintain documented information to the extent necessary to

support the operation of processes and retain documented information to the extent
necessary to have confidence that the processes are being carried out as planned.

mmitment
mittment for the quality management system

Top management shall demonstrate leadership and commitment with respect to the
quality management system by: a) taking accountability of the effectiveness of the
quality management system; b) ensuring that the quality policy and quality objectives are
established for the quality management system and are compatible with the strategic
direction and the context of the organization; c) ensuring that the quality policy is
communicated, understood and applied within the organization; d) ensuring the
integration of the quality management system requirements into the organization’s
business processes; e) promoting awareness of the process approach; f) ensuring that the
resources needed for the quality management system are available; g) communicating
the importance of effective quality management and of conforming to the quality
management system requirements; h) ensuring that the quality management system
achieves its intended results; i) engaging, directing and supporting persons to contribute
to the effectiveness of the quality management system; j) promoting continual
improvement; k) supporting other relevant management roles to demonstrate their
leadership as it applies to their areas of responsibility
NOTE Reference to “business” in this International Standard can be interpreted broadly
to mean those activities that are core to the purposes of the organization’s existence;
whether the organization is public, private, for profit or not for profit.
 Top management shall demonstrate leadership and commitment with respect to
customer focus by ensuring that: a) customer requirements and applicable statutory and
regulatory requirements are determined and met; b) the risks and opportunities that can
affect conformity of products and services and the ability to enhance customer
satisfaction are determined and addressed; c) the focus on consistently providing
products and services that meet customer and applicable statutory and regulatory
requirements is maintained; d) the focus on enhancing customer satisfaction is
maintained

uality policy

Top management shall establish, review and

maintain a quality policy that:
a) is appropriate to the purpose and context of the
organization;
b) provides a framework for setting and reviewing
quality objectives;
c) includes a commitment to satisfy applicable
requirements;
d) includes a commitment to continual improvement
of the quality management system.
es, responsibility and authorities
Top management shall ensure that the responsibilities and authorities for relevant roles
are assigned, communicated and understood within the organization.

Top management shall assign the responsibility and authority for: a) ensuring that the
quality management system conforms to the requirements of this International
Standard; b) ensuring that the processes are delivering their intended outputs; c)
reporting on the performance of the quality management system, on opportunities for
improvement and on the need for change or innovation, and especially for reporting to
top management; d) ensuring the promotion of customer focus throughout the
organization; e) ensuring that the integrity of the quality management system is
maintained when changes to the quality management system are planned and
implemented.
uality management system
risk and opportunities

When planning for the quality management system, the organization shall consider the
issues referred to in 4.1 and the requirements referred to in 4.2 and determine the risks
and opportunities that need to be addressed to: a) give assurance that the quality
management system can achieve its intended result(s); b) prevent, or reduce, undesired
effects; c) achieve continual improvement.

The organization shall plan: a) actions to address these risks and opportunities; b) how to:
1) integrate and implement the actions into its quality management system processes
(see 4.4); 2) evaluate the effectiveness of these actions.
Actions taken to address risks and opportunities shall be proportionate to the potential
impact on the conformity of products and services.
and planning to achieve them

The organization shall establish quality objectives at relevant functions, levels and
processes. The quality objectives shall: a) be consistent with the quality policy, b) be
measurable; c) take into account applicable requirements; d) be relevant to conformity of
products and services and the enhancement of customer satisfaction; e) be monitored; f)
be communicated; g) be updated as appropriate. The organization shall retain
documented information on the quality objectives.

When planning how to achieve its quality objectives, the organization shall determine: a)
what will be done; b) what resources will be required; c) who will be responsible; d) when
it will be completed; e) how the results will be evaluated.
es

Where the organization determines the need for change to the quality management
system (see 4.4) the change shall be carried out in a planned and systematic manner. The
organization shall consider: a) the purpose of the change and any of its potential
consequences; b) the integrity of the quality management system; c) the availability of
resources; d) the allocation or reallocation of responsibilities and authorities.

The organization shall determine and provide the resources needed for the
establishment, implementation, maintenance and continual improvement of the quality
management system. The organization shall consider: a) the capabilities of, and
constraints on, existing internal resources; b) what needs to be obtained from external
providers.

To ensure that the organization can consistently meet customer and applicable statutory
and regulatory requirements, the organization shall provide the persons necessary for
the effective operation of the quality management system, including the processes
needed.

The organization shall determine, provide and maintain the infrastructure for the
operation of its processes to achieve conformity of products and services.
NOTE 1: Any product realization change affecting customer requirements requires
notification to, and agreement from, the customer.
he operation of processes
The organization shall determine, provide and maintain the environment necessary for
the operation of its processes and to achieve conformity of products and services.
 NOTE: Environment for the operation of processes can include physical, social,
psychological, environmental and other factors (such as temperature, humidity,
ergonomics and cleanliness)
easuring resources
Where monitoring or measuring is used for evidence of conformity of products and
services to specified requirements the organization shall determine the resources needed
to ensure valid and reliable monitoring and measuring results.
The organization shall ensure that the resources provided: a) are suitable for the specific
type of monitoring and measurement activities being undertaken; b) are maintained to
ensure their continued fitness for their purpose.

The organization shall retain appropriate documented information as evidence of fitness

for purpose of monitoring and measurement resources.
ceability

Where measurement traceability is: a statutory or regulatory requirement; a customer or

relevant interested party expectation; or considered by the organization to be an
essential part of providing confidence in the validity of measurement results; measuring
instruments shall be: -verified or calibrated at specified intervals or prior to use against
measurement standards traceable to international or national measurement standards.
Where no such standards exist, the basis used for calibration or verification shall be
retained as documented information; -identified in order to determine their calibration
status; -safeguarded from adjustments, damage or deterioration that would invalidate
the calibration status and subsequent measurement results.

The organization shall determine if the validity of previous measurement results has been
adversely affected when an instrument is found to be defective during its planned
verification or calibration, or during its use, and take appropriate corrective action as
necessary.
owledge
The organization shall determine the knowledge necessary for the operation of its
processes and to achieve conformity of products and services.

This knowledge shall be maintained, and made available to the extent necessary.

When addressing changing needs and trends, the organization shall consider its current
knowledge and determine how to acquire or access the necessary additional knowledge.

NOTE 1 Organizational knowledge can include information such as intellectual property

and lessons learned. NOTE 2 To obtain the knowledge required, the organization can
consider: a) internal sources (e.g. learning from failures and successful projects, capturing
undocumented knowledge and experience of topical experts within the organization); b)
external sources (e.g. standards, academia, conferences, gathering knowledge with
customers or providers).
 The organization shall: a) determine the necessary competence of person(s) doing work
under its control that affects its quality performance; b) ensure that these persons are
competent on the basis of appropriate education, training, or experience; c) where
applicable, take actions to acquire the necessary competence, and evaluate the
effectiveness of the actions taken; d) retain appropriate documented information as
evidence of competence.
NOTE: Applicable actions can include, for example, the provision of training to, the
mentoring of, or the reassignement of currently employed persons; or hiring or
contracting of competent persons.

Persons doing work under the organization’s control shall be aware of: a) the quality
policy; b) relevant quality objectives; c) their contribution to the effectiveness of the
quality management system, including the benefits of improved quality performance; d)
the implications of not conforming with the quality management system requirements.

The organization shall determine the internal and external communications relevant to
the quality management system including: a) on what it will communicate; b) when to
communicate; c) with whom to communicate; d) how to communicate.
mation

The organization’s quality management system shall include: a) documented information

required by this International Standard; b) documented information determined by the
organization as being necessary for the effectiveness of the quality management system.

NOTE: The extend of documented information for a quality management system can
differe from one organization to another due to:
-the size of organization and its type of activities, processes, products and services;
-the complexity of processes and their interactions;
-the competence of persons.
ting

When creating and updating documented information the organization shall ensure
appropriate: a) identification and description (e.g. a title, date, author, or reference
number); b) format (e.g. language, software version, graphics) and media (e.g. paper,
electronic); c) review and approval for suitability and adequacy.
ented information

Documented information required by the quality management system and by this

International Standard shall be controlled to ensure: a) it is available and suitable for use,
where and when it is needed; b) it is adequately protected (e.g. from loss of
confidentiality, improper use, or loss of integrity).
 For the control of documented information, the organization shall address the following
activities, as applicable: a) distribution, access, retrieval and use; b) storage and
preservation, including preservation of legibility; c) control of changes (e.g. version
control); d) retention and disposition.
Documented information of external origin determined by the organization to be
necessary for the planning and operation of the quality management system shall be
identified as appropriate, and controlled.
NOTE Access can imply a decision regarding the permission to view the documented
information only, or the permission and authority to view and change the documented
information.

ing and control

The organization shall plan, implement and control the processes, as outlined in 4.4,
needed to meet requirements for the provision of products and services and to
implement the actions determined in 6.1, by: a) determining requirements for the
product and services; b) establishing criteria for the processes and for the acceptance of
products and services; c) determining the resources needed to achieve conformity to
product and service requirements; d) implementing control of the processes in
accordance with the criteria; e) retaining documented information to the extent
necessary to have confidence that the processes have been carried out as planned and to
demonstrate conformity of products and services to requirements.

The output of this planning shall be suitable for the organization's operations.
The organization shall control planned changes and review the consequences of
unintended changes, taking action to mitigate any adverse effects, as necessary.
The organization shall ensure that outsourced processes are controlled in accordance
with 8.4.
products and services
nication

The organization shall establish the processes for communicating with customers in
relation to: a) information relating to products and services; b) enquiries, contracts or
order handling, including changes; c) obtaining customer views and perceptions,
including customer complaints; d) the handling or treatment of customer property, if
applicable; e) specific requirements for contingency actions, when relevant.
equirements for products and services

The organization shall establish, implement and maintain a process to determine the
requirements for the products and services to be offered to potential customers.

The organization shall ensure that: a) product and service requirements (including those
considered necessary by the organization), and applicable statutory and regulatory
requirements, are defined; b) it has the ability to meet the defined requirements and
substantiate the claims for the products and services it offers.
ments for products and services
 The organization shall review, as applicable: a) requirements specified by the customer,
including the requirements for delivery and post_x0002_delivery activities; b)
requirements not stated by the customer, but necessary for the customers' specified or
intended use, when known; c) additional statutory and regulatory requirements
applicable to the products and services; d) contract or order requirements differing from
those previously expressed.
NOTE: Requirements can also include those arising from relevant interested parties.
This review shall be conducted prior to the organization’s commitment to supply
products and services to the customer and shall ensure contract or order requirements
differing from those previously defined are resolved.
Where the customer does not provide a documented statement of their requirements,
the customer requirements shall be confirmed by the organization before acceptance.

Documented information describing the results of the review, including any new or
changed requirements for the products and services, shall be retained.
ements for products and services

Where requirements for products and services are changed, the organization shall ensure
that relevant documented information is amended and that relevant personnel are made
aware of the changed requirements.
pment of products and services

Where the detailed requirements of the organization’s products and services are not
already established or not defined by the customer or by other interested parties, such
that they are adequate for subsequent production or service provision, the organization
shall establish, implement and maintain a design and development process.

NOTE 1 The organization can also apply the requirements given in 8.5 to the
development of processes for production and services provision. NOTE 2 For services,
design and development planning can address the whole service delivery process. The
organization can therefore choose to consider the requirements of clauses 8.3 and 8.5
together.
pment planning

In determining the stages and controls for design and development, the organization
shall consider: a) the nature, duration and complexity of the design and development
activities; b) requirements that specify particular process stages, including applicable
design and development reviews; c) the required design and development verification
and validation; d) the responsibilities and authorities involved in the design and
development process; e) the need to control interfaces between individuals and parties
involved in the design and development process; f) the need for involvement of customer
and user groups in the design and development process; g) the necessary documented
information to confirm that design and development requirements have been met.
pment inputs
 The organization shall determine: a) requirements essential for the specific type of
products and services being designed and developed, including, as applicable, functional
and performance requirements; b) applicable statutory and regulatory requirements; c)
standards or codes of practice that the organization has committed to implement; d)
internal and external resource needs for the design and development of products and
services; e) the potential consequences of failure due to the nature of the products and
services; f) the level of control expected of the design and development process by
customers and other relevant interested parties.
Inputs shall be adequate for design and development purposes, complete, and
unambiguous. Conflicts among inputs shall be resolved.
pment controls

The controls applied to the design and development process shall ensure that: a) the
results to be achieved by the design and development activities are clearly defined; b)
design and development reviews are conducted as planned; c) verification is conducted
to ensure that the design and development outputs have met the design and
development input requirements; d) validation is conducted to ensure that the resulting
products and services are capable of meeting the requirements for the specified
application or intended use (when known).
NOTE: Design and development reviews, verification and validation have distinct
purposes. They can be conducted seperately or in any combination, as is suitable for the
products and services of the organization.
pment outputs

The organization shall ensure that design and development outputs: a) meet the input
requirements for design and development; b) are adequate for the subsequent processes
for the provision of products and services; c) include or reference monitoring and
measuring requirements, and acceptance criteria, as applicable; d) ensure products to be
produced, or services to be provided, are fit for intended purpose and their safe and
proper use.

The organization shall retain the documented information resulting from the design and
development process.
pment changes

The organization shall review, control and identify changes made to design inputs and
design outputs during the design and development of products and services or
subsequently, to the extent that there is no adverse impact on conformity to
requirements.

Documented information on design and development changes shall be retained.

lly provided products and services

The organization shall ensure that externally provided processes, products, and services
conform to specified requirements.
 The organization shall apply the specified requirements for the control of externally
provided products and services when: a) products and services are provided by external
providers for incorporation into the organization’s own products and services; b)
products and services are provided directly to the customer(s) by external providers on
behalf of the organization; c) a process or part of a process is provided by an external
provider as a result of a decision by the organization to outsource a process or function.

The organization shall establish and apply criteria for the evaluation, selection,
monitoring of performance and re-evaluation of external providers based on their ability
to provide processes or products and services in accordance with specified requirements.
The organization shall retain appropriate documented information of the results of the
evaluations, monitoring of the performance and re_x0002_evaluations of the external
providers.
f control

In determining the type and extent of controls to be applied to the external provision of
processes, products and services, the organization shall take into consideration: a) the
potential impact of the externally provided processes, products and services on the
organization’s ability to consistently meet customer and applicable statutory and
regulatory requirements; b) the perceived effectiveness of the controls applied by the
external provider

The organization shall establish and implement verification or other activities necessary
to ensure the externally provided processes, products and services do not adversely
affect the organization's ability to consistently deliver conforming products and services
to its customers.

Processes or functions of the organization which have been outsourced to an external

provider remain within the scope of the organization’s quality management system;
accordingly, the organization shall consider a) and b) above and define both the controls
it intends to apply to the external provider and those it intends to apply to the resulting
process output.
ternal providers

The organization shall communicate to external providers applicable requirements for

the following: a) the products and services to be provided or the processes to be
performed on behalf of the organization; b) approval or release of products and services,
methods, processes or equipment; c) competence of personnel, including necessary
qualification; d) their interactions with the organization's quality management system; e)
the control and monitoring of the external provider’s performance to be applied by the
organization; f) verification activities that the organization, or its customer, intends to
perform at the external provider’s premises
The organization shall ensure the adequacy of specified requirements prior to their
communication to the external provider.
rvice provisions
tion and service provision
The organization shall implement controlled conditions for production and service
provision, including delivery and post-delivery activities.
 Controlled conditions shall include, as applicable: a) the availability of documented
information that defines the characteristics of the products and services; b) the
availability of documented information that defines the activities to be performed and
the results to be achieved; c) monitoring and measurement activities at appropriate
stages to verify that criteria for control of processes and process outputs, and acceptance
criteria for products and services, have been met. d) the use, and control of suitable
infrastructure and process environment; e) the availability and use of suitable monitoring
and measuring resources; f) the competence and, where applicable, required
qualification of persons; g) the validation, and periodic revalidation, of the ability to
achieve planned results of any process for production and service provision where the
resulting output cannot be verified by subsequent monitoring or measurement; h) the
implementation of products and services release, delivery and post-delivery activities.
traceability
Where necessary to ensure conformity of products and services, the organization shall
use suitable means to identify process outputs.

The organization shall identify the status of process outputs with respect to monitoring
and measurement requirements throughout production and service provision.
Where traceability is a requirement, the organization shall control the unique
identification of the process outputs, and retain any documented information necessary
to maintain traceability.

NOTE: Process outputs are the results of any activities which are ready for delivery to the
organization's customer or to an internal customer (e.g. receiver of the inputs to the next
process); they can include products, services, immedicate parts, components, etc.)
g to customers or external providers

The organization shall exercise care with property belonging to the customer or external
providers while it is under the organization's control or being used by the organization.
The organization shall identify, verify, protect and safeguard the customer’s or external
provider’s property provided for use or incorporation into the products and services.
When property of the customer or external provider is incorrectly used, lost, damaged or
otherwise found to be unsuitable for use, the organization shall report this to the
customer or external provider.
NOTE Customer property can include material, components, tools and equipment,
customer premises, intellectual property and personal data.

The organization shall ensure preservation of process outputs during production and
service provision, to the extent necessary to maintain conformity to requirements.
NOTE Preservation can include identification, handling, packaging, storage, transmission
or transportation, and protection.
ities
As applicable, the organization shall meet requirements for post-delivery activities
associated with the products and services.
 n determining the extent of post-delivery activities that are required, the organization
shall consider: a) the risks associated with the products and services; b) the nature, use
and intended lifetime of the products and services; c) customer feedback; d) statutory
and regulatory requirements.
NOTE Post-delivery activities can include actions under warranty provisions, contractual
obligations such as maintenance services, and supplementary services such as recycling
or final disposal.
s
The organization shall review and control unplanned changes essential for production or
service provision to the extent necessary to ensure continuing conformity with specified
requirements.

The organization shall retain documented information describing the results of the
review of changes, the personnel authorizing the change, and any necessary actions.
ts and services
The organization shall implement the planned arrangements at appropriate stages to
verify that product and service requirements have been met. Evidence of conformity
with the acceptance criteria shall be retained.

The release of products and services to the customer shall not proceed until the planned
arrangements for verification of conformity have been satisfactorily completed, unless
otherwise approved by a relevant authority and, as applicable, by the customer.
Documented information shall provide traceability to the person(s) authorizing release of
products and services for delivery to the customer.
forming outputs
The organization shall ensure process outputs, products and services that do not conform
to requirements are identified and controlled to prevent their unintended use or
delivery.

The organization shall take appropriate corrective action based on the nature of the
nonconformity and its impact on the conformity of products and services. This applies
also to nonconforming products and services detected after delivery of the products or
during the provision of the service.

As applicable, the organization shall deal with nonconforming process outputs, products
and services in one or more of the following ways: a) correction; b) segregation,
containment, return or suspension of provision of products and services; c) informing the
customer; d) obtaining authorization for: - use “as-is’; - release, continuation or re-
provision of the products and services; - acceptance under concession.
Where nonconforming process outputs, products and services are corrected, conformity
to the requirements shall be verified.

The organization shall retain documented information of actions taken on

nonconforming process outputs, products and services, including on any concessions
obtained and on the person or authority that made the decision regarding dealing with
the nonconformity.
uation
urement, anlaysis and evaluation

The organization shall determine: a) what needs to be monitored and measured; b) the
methods for monitoring, measurement, analysis and evaluation, as applicable, to ensure
valid results; c) when the monitoring and measuring shall be performed; d) when the
results from monitoring and measurement shall be analysed and evaluated.

The organization shall ensure that monitoring and measurement activities are
implemented in accordance with the determined requirements and shall retain
appropriate documented information as evidence of the results.
The organization shall evaluate the quality performance and the effectiveness of the
quality management system.
tion
The organization shall monitor customer perceptions of the degree to which
requirements have been met.
The organization shall obtain information relating to customer views and opinions of the
organization and its products and services.
The methods for obtaining and using this information shall be determined.
NOTE Information related to customer views can include customer satisfaction or opinion
surveys, customer data on delivered products or services quality, market-share analysis,
compliments, warranty claims and dealer reports.
tion
The organization shall analyse and evaluate appropriate data and information arising
from monitoring, measurement and other sources.

The output of analysis and evaluation shall be used to: a) demonstrate conformity of
products and services to requirements; b) assess and enhance customer satisfaction; c)
ensure conformity and effectiveness of the quality management system; d) demonstrate
that planning has been successfully implemented; e) assess the performance of
processes; f) assess the performance of external provider(s); g) determine the need or
opportunities for improvements within the quality management system.
The results of analysis and evaluation shall also be used to provide inputs to management
review.

The organization shall conduct internal audits at planned intervals to provide information
on whether the quality management system;
a) conforms to: 1) the organization’s own requirements for its quality management
system; 2) the requirements of this International Standard;
b) is effectively implemented and maintained.
 The organization shall: a) plan, establish, implement and maintain an audit programme(s)
including the frequency, methods, responsibilities, planning requirements and reporting,
which shall take into consideration the quality objectives, the importance of the
processes concerned, customer feedback, changes impacting on the organization, and
the results of previous audits; b) define the audit criteria and scope for each audit; c)
select auditors and conduct audits to ensure objectivity and the impartiality of the audit
process; d) ensure that the results of the audits are reported to relevant management; e)
take necessary correction and corrective actions without undue delay; f) retain
documented information as evidence of the implementation of the audit programme and
the audit results.
NOTE: See ISO 19011 for guidance
ew

Top management shall review the organization's quality management system, at planned
intervals, to ensure its continuing suitability, adequacy, and effectiveness.
ew inputs

The management review shall be planned and carried out taking into consideration: a)
the status of actions from previous management reviews; b) changes in external and
internal issues that are relevant to the quality management system including its strategic
direction; c) information on the quality performance, including trends and indicators for:
1) nonconformities and corrective actions; 2) monitoring and measurement results; 3)
audit results; 4) customer satisfaction; 5) issues concerning external providers and other
relevant interested parties; 6) adequacy of resources required for maintaining an
effective quality management system; 7) process performance and conformity of
products and services; d) the effectiveness of actions taken to address risks and
opportunities (see clause 6.1); e) new potential opportunities for continual improvement.
ew outputs
The outputs of the management review shall include decisions and actions related to: a)
continual improvement opportunities; b) any need for changes to the quality
management system, including resource needs

The organization shall retain documented information as evidence of the results of

management reviews.

The organization shall determine and select opportunities for improvement and
implement necessary actions to meet customer requirements and enhance customer
satisfaction.
This shall include, as appropriate: a) improving processes to prevent nonconformities; b)
improving products and services to meet known and predicted requirements; c)
improving quality management system results.
NOTE Improvement can be effected reactively (e.g. corrective action), incrementally (e.g.
continual improvement), by step change (e.g. breakthrough), creatively (e.g. innovation)
or by re-organization (e.g. transformation).
d corrective action
 When a nonconformity occurs, including those arising from complaints, the organization
shall: a) react to the nonconformity, and as applicable: 1) take action to control and
correct it; 2) deal with the consequences; b) evaluate the need for action to eliminate the
cause(s) of the nonconformity, in order that it does not recur or occur elsewhere, by: 1)
reviewing the nonconformity; 2) determining the causes of the nonconformity; 3)
determining if similar nonconformities exist, or could potentially occur; c) implement any
action needed; d) review the effectiveness of any corrective action taken; e) make
changes to the quality management system, if necessary.
Corrective actions shall be appropriate to the effects of the nonconformities
encountered.

NOTE 1 In some instances, it can be impossible to eliminate the cause of a

nonconformity.
NOTE 2 Corrective action can reduce the likelihood of recurrence to an acceptable level.

The organization shall retain documented information as evidence of: a) the nature of
the nonconformities and any subsequent actions taken; b) the results of any corrective
action.
ment
The organization shall continually improve the suitability, adequacy, and effectiveness of
the quality management system.

The organization shall consider the outputs of analysis and evaluation, and the outputs
from management review, to confirm if there are areas of underperformance or
opportunities that shall be addressed as part of continual improvement.
Where applicable, the organization shall select and utilise applicable tools and
methodologies for investigation of the causes of underperformance and for supporting
continual improvement.
Audit Question

How has the organization determined external and internal issues relevant to its purpose
and strategic direction?

How do these affact the ability to achieve the intended result in of the QMS?

How do you monitor and review information about these internal and external issues?

How have you determined what interested parties are relevant to the QMS?

How have you determined what requirements those parties have that are relevant to the
QMS?

How has impact or potential impact been determined?

How did you monitor and review the information about interested parties and their
relevant requirements?

How have the boundaries and applicability of the QMS been used to establish the socpe
of the organization?

How have the external and internal issues been considered when determining the socpe
of the organization?

How have the requirements fo relevant interested parties been considered when
determining the scope of the organization?

How have the products and services of the organization been considered when
determing the scope of the organization?
How has the application of the International Standard within the scope been determined,
and how has it been applied by the organization?

How have any requirements of the International Standard been determined as not
applicable? Show me how conformity of product and services are not affected by this?

Where the the scope available? Where is it maintained as documented information?

Does it state what products and services are covered by the QMS?
Does it justify how instances of requirements of the QMS cannot be applied?
Scope required as documented information.
How has the QMS been established? Show me how this is implemented.
How is it maintained and continually improved? How have the processes been
determined and how do they interact?

How have the processes been determined for the QMS?

What are the inputs and outputs for those processes?
What is the sequence and interaction of the processes?
What are the criteria, methods, measurement and related performance indicators
needed to operate and control those processes?
How are risks and opportunities considered and what plans are made to implement
actions to address them?
What methods are used to monitor, measure and evaluate processes and, if needed,
what changes are made to achieve intended results?
How are opportunities to improve the processes and the QMS determined?

What documented information exists to support the operation of processes? How is this
documented information retained? How is confidence that the processes are being
carried out as planned determined?
Documented information to support the operation of processes.

Show me how top management demonstrates leadership and commitment w.r.t. the
QMS by taking accountability of the effectiveness of the QMS.
How is the quality policy and objectives established for the QMS and how are they
compatible with the strategic direction and the organizational context?
How is the quality policy communicated within the organization?
Show me how this is understood and applied. How are the requirements of the QMS
integrated into the business processes?
How do you promote awareness of the process approach?
How do you ensure that resources needed for the QMS area available?
How do you communicate the importance of effective quality management?
How do you communicate the importance of conforming to the QMS requirements?
How do you ensure that the QMS achieves its intended results?
How do you engage, direct and support people to contribute to the effectiveness of the
QMS?
How do you promote continual improvement?
How do you support other relevant management roles to demonstrate leadership in their
areas of responsibility?
Show me how top management demonstrates leadership and commitment w.r.t.
customer focus ensuring requirements and applicable statutory and regulatory
requirements are determined and met.
How are risks and opportunities that can affect conformity of products and services
determined?
How is the ability to enhance customer satisfaction determined and addressed?
How is the focus on consistently providing products and services that meet customer and
applicable statutory and regulatory requirements maintained?
How is customer satisfaction maintained?

Where is the quality policy available as documented information?

How is it communicated?
Show me how it is understood and applied within the organization.
How have you made it available to relevant interested parties?
Quality Policy as document information

How does top management ensure that responsibilities and authorities for relevant roles
are assigned, communicated and understood within the organization?

How does top management assign the responsibility and authority for: Ensuring that the
QMS conforms to the International standard?
Ensuring processes are delivering their intended outputs?
How is the performance of the QMS, opportunities for improvement and the need for
change or innovation reported to top management?
How is customer focus promoted within the organization?
How is the integrity of the QMS maintained when changes to the QMS are planned and
implemented?

How are the internal and external issues and interested parties considered when
planning for the QMS?
How are risks and opportunities determined and addressed so that the QMS can:: a)
achieve its intended results; b) Prevent or reduce undesired effects; c) Achieve continual
improvement?

How are actions planned to address risks and opportunities?

How are actions integrated and implemented into the QMS processes?
How do you evaluate the effectiveness of the actions?
How are actions taken to address risks and opportunities determined as being
appropriate to the potential impact on the conformity of products and services?
Where are the quality objectives and are these at all relevant functions, levels and
processes?
Are they consistent with the quality policy?
Are they measureable?
Do they consider applicable requirements?
Are they relevant to the conformity of products and services and do they enhance
customer satisfaction? Are they monitored? How? How often? How are they
communicated?
How are they updated?
Where is the documented information on the quality objectives?
Documented information on quality objectives

How does the organization determine what will be done, with what resources, when
completed and how will results be evaluated for quality objectives?

How are changes to the QMS planned systematically?

Demonstrate the purpose and potential consequences of changes; Demonstrate the
integrity of the QMS; Demonstrate how resources are made available?
Demonstrate how responsibility and authority is allocated or reallocated.

Demonstrate how resources are determined for the establishment, implementation,

maintenance and continual improvement of the QMS.
Show me how the capabilities and constraints on internal resources are considered.
Show me how needs from external providers are considered.

How do you provide persons necessary to consistently meet customer, applicable

statutory and regulatory requirements for the QMS including the necessary processes?

How do you determine, provide and maintain the infrastructure for the operation of
processes to achieve products and service conformity?

How do you determine, provide and maintain the environment for the operation of
processes to achieve products and service conformity?
How are the resources determined for ensuring valid and reliable monitoring and
measuring results, where used?

How do you ensure that resources provided are suitable for the specific monitoring and
measurement activities and are maintained to ensure continued fitness for purpose?

Show me the documented information which is evidence of fitness for purpose of

monitoring and measurement resources.
Documented information of fitness for purpose of monitoring & measurement
resources.

Where applicable, show me how measurement instruments are: Verified or calibrated at

specified intervals against national or international measurement standards; If there are
no standards, show me the documented information which is used as the basis used for
calibration or verification. Show me how measurement instruments are identified to
determine their calibration status. Show me how they are safeguarded from
adjustments. Show me how they are safeguarded from damage and deterioration.

Documented information for the basis of calibration or verification where no standards

exist.

How do you determine the validity of previous measurements if you find an instrument
to be defective during verification or calibration? What appropriate actions can you take?

How do you determine necessary knowledge for the operation of processes? How do you
determine necessary knowledge to achieve conformity of products and services?
How do you maintain this knowledge and how do you make it available to the extent
necessary?

How do you consider current knowledge and how do you acquire additional knowledge
when addressing changing needs and trends?
Show me how: You determine the necessary competence of people doing work under
your control that affects quality performance; How do you determine competence on the
basis of appropriate education, training or experience? How do you take actions to
acquire necessary competence where applicable and how do you evaluate the
effectiveness of those actions? Show me documented information where appropriate of
competence.
Documented information as evidence of competence where appropriate.

How are people aware of: The quality policy?

Relevant quality objectives?
Their contribution to the effectiveness of the QMS?
The benefits of improved performance?
The implications of not conforming with the QMS requirements?

How do you determine internal and external communications relevant to the QMS? How
do you determine: What? When? With Whom? How?

What documented information do you have as required by this standard? What

documented information do you have as being necessary for the effectiveness of your
QMS?
Documented information required by this standard; Documented information
necesssary for the effectiveness of the QMS.

Show me that your documented information contains: Identification; Description; In what

media format? Show me how the documented information is reviewed and approved for
suitability and adequacy.
Documented information (in various media) needs identification, descriptoin.
(Review/approval process)?

Show me how you control documented information. Show me how you make it available
and suitable for use. How do you protect your documented information?

Control of documented information. Suitability and availability for use. How is it

protected?
When controlling documented information, how do you address: Distribution; Access;
Retrieval; Use; Storage and preservation; Legibility; Control of changes; Retention and
disposition.
Control of documented information. Change control distribution, access, retrieval, use,
storage, preservation, legibility, retention and disposition.
How do you identify as appropriate and control documented information of external
origin which you have determined as necessary for the QMS
Control of external documented information.

How are processes needed to meet requirements for provision of products and services
planned, implemented and controlled?
How are requirements for products and services determined?
How is criteria for processes and acceptance for products and services determined?
How are resources determined?
How is process control implemented?
Show me the documented information that shows confidence in that the processes have
been carried out as planned and can demonstrate conformity of products and services.
Documented information to show processes have been carried out as planned and can
demonstrate conformity of products and services.
How have you determined that the output from the planning process is suitable for your
operations?
How do you control planned changes? How do you review the consequences of
unintended changes? What action is taken to mitigate any adverse effects?

How do you control outsourced processes?

What are your processes for communicating with customers? How do you communicate
information relating to: Products; Services; Enquiries; Contracts; Order handling;
Customer views, perceptions and complaints; Handling or treatment of customer
property; Specific requirements for contingency actions?

What is your process to determine the requirements for products and services to be
offered to potential customers? How do you establish, implement and maintain this
process?

How do you define product and service requirements including statutory and regulatory
requirements? How do you ensure that you have the ability to meet the defined
requirements and substantiate any claims for your products and services?
How do you review: Customer requirements for delivery and post-delivery?
Requirements necessary for customers’ specified or intended use, where known;
Additional statutory and regulatory requirements applicable to products and services;
Any other contract or order requirements.

Show me that the review is conducted prior to your commitment to supply products and
services to your customers. How do you resolve contract or order requirements which
differ from those previously defined?
How do you confirm customer requirements where the customer does not provide a
documented statement?

Show me where you retain documented information which describes results of the
review including any new or changed requirements.
Documented information of reviews describing new or changed requirements to
products and services.

Show me the documented information containing changes to products and services. How
do you ensure that relevant personnel are made aware of those changes?
Documented information of amended reviews and how relevant personnel are made
aware of those changes.

How do you establish, implement and maintain a design and development process
(where detailed requirements of your products and services are not already established
or defined by the customer or other parties).

When determining the stages and control for design and development, show me how
you consider: The nature, duration and complexity of the activities; Requirements that
specify particular process stages including applicable reviews; Required verification and
validation; Responsibilities and authorities; How interfaces are controlled between
individuals and parties; The need for involvement of customer and user groups. Show me
documented information that confirms design and development requirements have been
met.
Documented information that confirms design & development requirements have been
met.
Can you show me how you determine: Requirements essential for the type of products
and services being designed and developed, including as applicable: Functional &
performance requirements; Statutory and regulatory requirements; Standards or codes
of practice where there is a commitment to implement; Internal and external resources
needed for the design and development of products and services; Potential
consequences of failure; Level of control expected of the design and development
process by customers and other relevant parties.
How do you determine that inputs are adequate, complete and unambiguous for design
and development? How do you resolve conflicts among inputs?

How do controls that are applied to the design and development process ensure: Results
achieved by design and development activities are clearly defined? Design and
development reviews are conducted as planned? Outputs meet the input requirements
by verification/ Validation is conducted to ensure that the resulting products and services
are capable of meeting the requirements for the specified application or intended use
(when known)?

How do you ensure that design and development outputs: Meet the input requirements
for design and development? Are adequate for the subsequent processes for the
provision of products and services? Include or reference monitoring and measuring
requirements, and acceptance criteria, as applicable? Ensure products to be produced, or
services to be provided, are fit for intended purpose and their safe and proper use?
Show me the documented information which results from the design and development
process.
Documented information from the design and development process.

How do you review, control and identify changes made to the design inputs and outputs
during design and development of products and services ensuring no impact on
conformity to requirements?
Show me the documented information for design and development changes.
Documented information for design and development changes.

How do you ensure externally provided processes, products and services conform to
specified requirements?
Show me how you apply specified requirements for the control of externally provided
products and services when: Products and services are provided by external providers for
incorporation into your own products and services; You provide products and services
directly to customers by external providers on your behalf; A process or part-process is
provided by an external provider as a result of a decision to outsource a process or
function.

Show me how you establish and apply criteria for evaluation, selection, monitoring of
performance and re-evaluation of external providers. How do you assess their ability to
provide processes or products and services in accordance with specified requirements?
What documented information do you have of the results of evaluations, monitoring of
performance and re_x0002_evaluations of external providers?
Documented information of external providers' performance.

How do you determine the controls applied to the external provision of processes,
products and services and take into consideration: a) The potential impact of the
externally provided processes, products and services on the ability to consistently meet
customer and applicable statutory and regulatory requirements? b) The perceived
effectiveness of the controls applied by the external provider?

What verification or other activities do you have to ensure externally provided processes,
products and services do not adversely affect your ability to consistently deliver
conforming products and services to your customers?

When processes or functions have been outsourced to external providers, how do you
consider a) and b) in 8.4.1 and how do you define the controls intended to be applied to
the external provider and to the resulting process output?

Show me how you communicate to external providers, applicable requirements for:

Products and services to be provided or the processes to be performed on behalf of the
organization; Approval or release of products and services, methods, processes or
equipment; Competence of personnel, including necessary qualification; Their
interactions with the organization's quality management system; The control and
monitoring of the external provider’s performance to be applied by the organization;
Verification activities that the organization, or its customer, intends to perform at the
external provider’s premises.
Before you communicate with external providers, how do you ensure the adequacy of
specified requirements?

What controlled conditions do you have for production and service provision, including
delivery and post-delivery activities?
Can you show me controlled conditions for: a) the availability of documented information
defining the characteristics of the products and services; b) the availability of
documented information defining the activities to be performed and the results to be
achieved; c) monitoring and measurement activities at appropriate stages to verify that
criteria for control of processes and process outputs, and acceptance criteria for products
and services, have been met. d) the use, and control of suitable infrastructure and
process environment; e) the availability and use of suitable monitoring and measuring
resources; f) the competence and, where applicable, required qualification of persons; g)
the validation, and periodic revalidation, of the ability to achieve planned results of any
process for production and service provision where the resulting output cannot be
verified by subsequent monitoring or measurement; h) the implementation of products
and services release, delivery and post-delivery activities.
Documented information defining characteristics of the products and services.

What means do you use to identify process outputs to ensure conformity of products and
services?

How do you identify the status of process outputs?

How do you control the unique identification of process outputs, where applicable? What
documented information do you retain?
Documented information of traceability, where required.

What care do you provide for customer or external provider’s property while under your
control? How do you identify, verify, protect and safeguard that property which is
provided for use or incorporation into your products or services?

What means do you use to report to the customer or external provider if their property is
incorrectly used, lost, damaged or found to be unsuitable for use?

How do you ensure preservation of process outputs during production and service
provision to maintain conformity to product requirements?

How do you meet requirements for post_x0002_delivery activities associated with

products and services?
How do you determine: Risk; Nature, use and intended lifetime; Customer feedback;
Statutory and Regulatory requirements, when determining the extent of
post_x0002_delivery activities required with products and services?

How do you review and control unplanned changes to ensure continuing conformity with
specified requirements?

What documented information can you show me which describes the results of reviews
of changes, the personnel authorizing change and any necessary actions?
Documented information describing results of review of changes, personnel and
actions.

Show me how planned arrangement have been implemented at appropriate stages to

verify product and service requirements have been met. Show me what evidence you
retain.

Show me how the release of products and services is held until planned arrangements for
verification of conformity have been satisfactorily completed, unless approved by a
relevant authority, or the customer if applicable. Show me documented information
which shows traceability to the person authorizing release of products and services.
Documented information providing traceability, authorizing release of products and
services.

How do you identify and control process outputs, products and services that do not
conform to requirements and prevent their unintended use or delivery?

What appropriate corrective actions are taken based on the nature of the nonconformity
and its impact on the conformity of products and services? How do you apply this to
nonconformity detected after delivery?

How you deal with nonconforming process outputs, products and services in terms of:
Correction; Segregation, containment, return or suspension of provision of products and
services? Informing the customer? Obtaining authorization for use as-is? Release,
continuation or re-provision of the products and service? Acceptance under concession?
How do you verify conformance where process outputs, products and services are
corrected following nonconformance?

What documented information do you keep following actions taken to address

nonconformities, including any concessions obtained and on the person or authority that
made the decision regarding dealing with the nonconformance.
Documented information for actions taken following nonconformances, including
concessions and authority granted.
Show me how you determine: What needs to be monitored and measured? Methods for
monitoring, measurement, analysis and evaluation to ensure valid results? When to
perform monitoring and measuring? When results shall be analysed and evaluated?

What documented information can you show me that monitoring and measurement
activities have been implemented in accordance with determined requirements?
Documented information of monitoring and measurement activities in accordance with
determined requirements.

Show me how you evaluate the quality performance and the effectiveness of the QMS.

How do you monitor customer perception of the degree to which requirements have
been met?
How do you obtain information relating to customer views and opinions of your products
and services?
What methods for obtaining and using this information do you have?

So me how you analyse and evaluate data and information arising from monitoring,
measurement and other sources.

Show me how the output of analysis and evaluation is used to: Demonstrate conformity
of products and services to requirements? Assess and enhance customer satisfaction?
Ensure conformity and effectiveness of the QMS? Demonstrate that planning has been
successfully implemented? Assess process performance? Assess performance of external
providers? Determine the need or opportunities for improvements within the QMS?
Show me where the results of analysis and evaluation are used to provide inputs to
management review.

Are internal audits being conducted at planned intervals? Do they determine whether
the QMS conforms to the requirements of ISO 9001 and to the other requirements
established by Organization? (Review records to demonstrate conformance) Do they
determine whether the QMS is effectively implemented and maintained? (Review
records)
Can you show me audit programme(s) that takes into consideration the quality
objectives, importance of the processes, customer feedback, changes impacting the
organization and the results of previous audits? Where are the audit criteria and scope
for each audit? Can you demonstrate that selection of auditors and the conduct of audits
are objective and impartial and that auditors don’t audit their own work? How are audit
results reported to relevant management? Can you demonstrate that necessary
correction and corrective actions are taken without undue delay? Can you show me
documented information of the audit programme and the audit results?
Documented information of the audit program and results.

What is the frequency that top management reviews the organization's QMS? How is the
QMS deemed suitable, adequate and effective?

What kinds of information are reviewed in management reviews? These must include:
actions status of previous reviews; changes to internal/external issues relevant to the
QMS; issues that affect strategy; KPIs for nonconformities and corrective actions; monitor
and measurement of results; audit results; customer satisfaction; issues concerning
external providers; issues concerning other relevant parties; adequacy of resources and
effectiveness of QMS; process performance; conformity of products and services; actions
taken to address risks and opportunities and their effectiveness; new potential
opportunities for continual improvement.

Show me that management reviews include decisions and actions relating to: Continual
improvement opportunities; The need for changes to the QMS including resource needs.

Show me what documented information you have as evidence of management reviews.

Documented information of management reviews.

How do you determine and select opportunities for improvement? What necessary
actions have you implemented so that you have met customer requirements and
enhanced customer satisfaction?
Show me how you have: Improved processes to prevent nonconformities; Improved
products and services to meet known and predicted requirements; Improved QMS
results.
When nonconformities occur, show me how; You react; Take action to control and
correct it; Deal with the consequences; Evaluate the need for action to eliminate the
cause so that it does not recur or occur elsewhere by: Reviewing the nonconformity;
Determining the cause of the nonconformity; Determining if similar nonconformities exist
or could potentially occur; Actions needed are implemented; Review the effectiveness of
corrective actions taken, if any; Make necessary changes to the QMS.
Show me how correction actions were appropriate to the effects of the nonconformities
encountered.

What documented information can you show me as evidence of: The nature of the
nonconformities and subsequent actions taken; The results of any corrective action.
Documented information of the nature of nonconformities, subsequent actions and
results of corrective action.

Demonstrate that you continually improve the suitability, adequacy and effectiveness of
the QMS.

Demonstrate that outputs of analysis and evaluation and the outputs from management
review are considered to confirm if there are areas of underperformance or
opportunities that shall be addressed as part of continual improvement.

What applicable tools and methodologies for investigation of the causes of

underperformance and to support continual improvement are selected?
Documents
Reviewed People Interviewed
Comments