There should be no uncertainty about what resources are required to be determined and provided in implementing the requirements of ISO 9001. Unfortunately, there is considerable uncertainty on the subject as I reveal as I examine the clauses of ISO DIS 9001 .
The first mention of resources in the standard is in clause 0.4 where in explaining the P in PDCA, it is suggested we “establish the resources needed to deliver results in accordance with customers’ requirements and the organization’s policies”. Nothing wrong here except this is not a requirement as the clause simply explains a methodology. Continue reading
The new edition of ISO 9001 under development will include the concept of risk in the form of definition, guidance and requirements. Previous editions included a clause on preventive action which aimed to prevent the occurrence of nonconformities and to some extent this was risk mitigation by another name.
Risk has therefore always been addressed in ISO 9001. In addition if we look at ISO 9001 through a ‘risk tinted’ lens we would see all requirements in ISO 9001 as risk treatments, therefore risk and ISO 9001 is not a new combination. However, the way in which the term risk is defined, used and explained in the current draft creates some uncertainty as to what the term means and this has implications for users. In Part I, I look at the differences in meaning between the word ‘risk’ as commonly understood and the word ‘risk’ as defined in ISO 9001. Continue reading