Authors Posts by ISO Update

ISO Update

15 POSTS 0 COMMENTS

0 43

Knowledge is one of the most important asset an organization has. Knowledge is irreplaceable, and how this knowledge is generated, shared and used by its people strongly determines the productivity and success of an organization.

Until recently, organizations had little or no processes for managing their knowledge, which increased chances of losing valuable knowledge and did little for encouraging efforts for generating and sharing new knowledge.

Because of the importance for managing knowledge within organizations, ISO 9001:2015 introduced a series of requirements regarding this matter.



On its clause 7.1.6, the standard states that:

  • The organization shall determine the knowledge necessary for the operation of its processes and to achieve conformity of products and services.
  • This knowledge shall be maintained and be made available to the extent necessary.
  • When addressing changing needs and trends, the organization shall consider its current knowledge and determine how to acquire or access any necessary additional knowledge and required updates.

According to ISO 9001:2015 Organizational Knowledge is the necessary information that is used and shared to achieve organizational goals and to make the organization more effective.

Because this is a new subject introduced in ISO 9001:2015, it is important to understand the different types of knowledge there are, these can be:

ExplicitThis is the knowledge that is referred to as the Know-what. This knowledge is usually documented or it can be easily documented and shared. It can be found in documents, memos, databases, etc.

TacitThis is referred as the Know-how and it is knowledge that is personal in nature. It is based on experienced and it depends on context. This type of knowledge is harder to document and articulate because it is found in the minds of the different stakeholders. There are ways to retrieve and share this knowledge (at least some of it), however, the size of the organization and complexity of the structures within the organization will determine the difficulty of this task.

EmbeddedThis is the knowledge that is found in processes, culture, routine, etc. This is usually the most difficult knowledge to understand and change.

It is important for organizations to implement processes to manage this knowledge and use it to benefit and achieve organizational success. Implementing Knowledge Management processes can assist organization in:

  • Benefiting from lessons learned. Accidents and near misses can hold numerous lessons learned. This knowledge should be retrieved, documented (if possible), but especially, it should be shared to avoid future accidents, nonconformities, etc.
  • Identifying the experts on any particular area/subject. These experts can be anywhere in the organization, for example, over the years, a machinist can acquire knowledge of equipment that will not be found on manuals
  • Implementing programs to conduct on the job training sessions and tutorials
  • Retrieving and documenting knowledge for the efficiency and effectiveness of processes
  • Developing competency matrixes to improve selection processes, training and competency programs
  • Planning succession activities in a way that personal and tacit knowledge can be retained



0 51

The new ISO 45001 standard will be published in first quarter of 2018. It will supersede OHSAS 18001. It will be a truly international standard as scores of countries will agree to it. Companies already certified to OHSAS 18001 will get three years’ time to get certified to the new standard.

The new standard applies the ISO High Level Structure and is compatible with ISO 9001:2015 and ISO 14001:2015 thus being able to be easily integrated with these management systems and will give more value to the organizations.



Here is an overview of some of the significant difference between the new ISO/FDIS 45001 and the old OHSAS 18001:

  • Companies will have to define the Context of their Organizations, meaning the External and Internal Issues in the environment in which they operate. The Context will have to be systematically determined and monitored. The organization shall have to look the conditions affecting the operations such as regulations, stakeholders and governance. They have to understand the drivers of their organizational culture.
  • The Needs and Expectations of Workers and other Interested Parties such as Shareholders, Customers and Board Members have to be defined. From this step the requirements and deliverables of the Management System will be further developed.
  • Organizations will be required to determine the Risks and Opportunities that may impact its ability to deliver planned results which shall include enhancement of health and safety of employees during the job. Legal and other requirements have also got to be identified and considered.
  • There is increased emphasis on the Leadership of the company to become engaged in and be responsible for the management system to be more effective.
  • There is an increased focus on the Objectives determined by the organization as improvement drivers and their achievement shall be evaluated during Performance Review. The Objectives should support the Policy and shall be considered within the available resources. The responsibility for achieving Objectives, the time frame and measures to establish progress has to be decided and should evaluate whether Objectives have been achieved. Documented information has to be retained about objectives and plans to achieve them.
  • Communications requirements have been enhanced in terms of defining the objective of communication and if it was effective in addition to Who, What and When it should take place.

  • Preventive Action has been removed from Corrective and Preventive Actions. The Preventive Actions are now undertaken in the Risk Management Processes while determining the risks and opportunities and ways to reduce or eliminate risks and undertake opportunities.
  • It also allows the participation and consultation of workers to a higher degree in the Health and Safety Management System.
  • The new standard has requirements for taking care of and monitoring the health and safety of workers in the Contractor’s organizations and in Outsourced Processes and during Procurement Processes.
  • For the reduction of OH&S risks and eliminating Hazards the new standard specifies hierarchy of controls in an order of preference with reference to risk management. Hazards and risk controls are required to be planned in the operational controls. The standard introduces requirements for management of planned changes in operations such as working conditions, work force, equipment as well as changes in risks and known hazards.

Implementation of the new ISO/FDIS 45001 standard will result on overall better Health and Safety of Workers and reduced accidents.



0 128

Want to take your business to a level of Worldwide Recognised Quality by becoming ISO9001:2015 certified? Depending on the size and complexity of your business, getting accreditation can take anything from 6-12 months and depends on the time and commitment available to implement the Quality Management System into your business. Top Management are ultimately responsible for the system but everyone will be involved across each department. It’s a team effort and the rewards are fruitful if everyone is on board. Here are the basic steps necessary to achieve accreditation of the standard ISO9001:2015:

1. Training & knowledge Preparation

All management and employees must be made aware of the benefits of the standard ISO9001:2015 in order for its implementation to be a success. A senior member of staff must be appointed to take on the role of managing implementation of the Quality Management System into the company in compliance with ISO9001:2015. A copy of the standard should be available on-site and training made available to educate and guide all management and staff involved, in order to meet the standard criteria.



2. Documentation

Company Documentation will need to be created to document items such as procedures, work instructions, quality objectives, process flow diagrams etc. Although not necessary by requirement to the standard ISO9001:2015 – a quality manual is an excellent tool for combining all of the Quality Management System information and an easy way to present this information to an external auditor. Standard forms must also be created and a document register to control all of the company’s documents.

3. Implementation

The next step is to implement the Quality Management System into the company. Employees may now have to incorporate new work processes or quality checks into their routine and must be made aware of the benefits of these new processes. Be open to accepting ideas from employees to improve implementation of the procedures/processes as it is important the new Quality Management System be as practical and suitable to your business in order to improve efficiently.

4. Internal & Gap Audit

In-line with the ISO9001:2015 standard the company should have an internal member of staff trained to perform internal audits. By performing audits across the company, on all sections this will highlight any areas for concern or non-compliances. Alternatively, if the company has opted for hiring a 3rd party internal auditor this is a good time to perform a gap audit to highlight any areas that are not compliant with the new standards requirements.

5. Certification

Select your ISO9001:2015 Registrar (you can find on here) and apply for your certification. You will be notified about the audit date and format of audit to be undertaken, depending on your type and size of company. Certification should be obtained if the auditor can verify that your company has created a Quality Management System, compliant with ISO9001:2015 that it follows using its own documented procedures and processes. In the event of non-compliance, the auditor will with-hold certification until these items have been closed out. Certification is valid for 3 years.



0 89

The International Automotive Task Force (IATF) has recently published the new global industry standard IATF 16949:2016. This standard supersedes and replaces ISO/TS 16949:2009 as the new standard for quality management in the automotive industry.

IATF 16949:2016 has evolved from its predecessor (ISO/TS 16949:2009) and it has been developed with the participation and feedback of numerous organizations in the industry (OEMs, auditors, certification bodies, etc) including those in the Automotive Industry Action Group (AIAG).  



Because the automotive industry has changed in the last few years and there has been many technological advances and an increase for safety concerns, the changes of this new standard include solutions to recent problems and concerns in the industry. Some of the main changes include:

Risk management and safety

The new IATF 16949:2016 includes specific requirements to address risk management. They aim at identifying and mitigation risk to reduce failures in the development of new programs and to enhance the execution of planned activities.

Also, the new standard requires organizations to have processes that will ensure product safety through the entire lifecycle of products.

These best practices are aimed to support a safer and more stable industry.

Customer specific requirements

This standard clearly differentiates customer requirements from Customer-specific requirements (CSR) to avoid misunderstanding and specifies the procedures for addressing them.

Product traceability

IATF 16949:2016 includes improvement of the traceability requirements of products to support regulatory changes that apply to the industry.

Specific requirements for products with embedded software

With technology advances, electronics and software are now incorporated into vehicles, which is something that did not happen before; thus the standard now explicitly addresses these electronics and software systems that are being embedded into vehicles.

Warranty management

The standard introduces requirements related to the warranty management process that includes procedures to address No Trouble Found (NTF).

Clear requirements for managing second level suppliers

The standard requires that organizations ensure conformance of products, processes and services throughout their supply chain. Hence, organizations must manage conformity issues across their supply chain.

Incorporation of corporate responsibility requirements

Organizations are required to implement corporate responsibility policies and initiatives that address bribery and other ethical issues.

Alignment with ISO 9001:2015

This standard is fully aligned with ISO 9001:2015 and it needs to be implemented to complement it.  IATF 16949:2016 is not an independent quality management standard, thus those organizations seeking to be certified with this standard, also need to comply with all ISO 9001:2015 requirements. However, unlike ISO/TS 16949, IATF 16949:2016 does not contain the ISO 9001:2015 text, it only contains the additional requirements specific to the automotive industry.

These are the main changes included in IATF 16949:2016. Those organizations required to transition to it, such as suppliers that manufacture parts for the industry, must examine it carefully and fully understand all its requirements.  The transition process must be completed by September 14 2018.

To find a Registrar who can assist with your transition to IATF 16949:2016 visit the ISO Update Registrar Directory



0 98

Implementing a Quality Management System board could transform your business into a lean, competitive & trend setting company, saving you thousands of dollars as a result. If you are sceptical about the potential of implementing a Quality Management System, or if you in fact see it as extra unnecessary expense, here are just a few reasons why Quality Management is important within your organisation:

1. Communication

When focusing on Quality within your business, you begin to communicate with your customers to ensure that you meet their requirements, through either the products or services you provide. Meaning, you listen to what they need. You may realise that you have been making items that were not fit for purpose or, items which were not adaptable to changing customer requirements. Taking on this new information, you can now create what your customer specifically requires, improving their satisfaction with your products & services.




2. Organization

While implementing a Quality System into your business will take plenty of work, once procedures and processes are in place, things will begin to feel ‘organized’ within your business. Levels of communication automatically rise as procedures are followed and teams work together across various departments to establish and maintain quality. Organisation greatly improves employee morale and eliminates divisions across management tiers, as everyone must work together and take responsibility for their own actions.

3. Measurability

Implementing a Quality Management System means taking quantitative measurements of activities within your business, for example percentages of on-time deliveries and non-conforming parts. These measurements provide tangible benchmarks by which improvement can be determined. Measurements can be taken daily, weekly or monthly etc. Having this vital information leaves power with management to recognise when action is necessary to address unsatisfactory results and to implement changes.

4. Structure

Implementing a Quality Management System within your business creates a self-assessing system which creates improvements within your business. You are more in control of your systems and processes because you have defined them, documented them and monitored/measured and reviewed them. With this structure in place you can become compliant with many quality standards which are relevant to your type of business such as CE marking, ISO9001:2015 and ISO 14001. Because your system is now able to comply with such standards your business will have opportunities for growth and expansion into new markets.



0 252

Valid certificates covered by eleven international standards increased by 8% from the preceding year according to the annual survey of ISO Certifications conducted by the International Organization for Standardization. They were a total of 1,644,357 valid certificates were reported for the eleven standards used in the survey.

The eleven standards include: ISO 9001, ISO 14001, ISO 50001, ISO 27001, ISO 22000, IS/TS 16949, ISO 13485, ISO 22301, ISO 20000-1, ISO 28000 and ISO 39001.



ISO 9001, the most widely used standard of the eleven had 1,106,356 valid certificates in place. This was an increase of 7% compared to the year before. According to the survey, 7.3% of the certificates were issued top the new 2015 version.

A total of 346,189 valid certificates were reported in the survey for ISO 14001 of which 6.7% were issued to the new 2015 standard.

The greatest increase was with ISO 50001, Energy Management, which saw an increase of 69% over the past year. A total of 20,216 valid certificates were issued throughout the world. The top five countries were: Germany, France, UK, Italy and China. Germany had 6874 valid certificates while the United States 180, Mexico 11 and Canada 12.

Another large increase was ISO 20000-1 for Service Management in information technology that increase by 63% over the past year (2016 over 2015). A total of 4,537 valid certificates were issued throughout the world. The top five countries were: China, India, Japan, UK and Spain. China had 1666 valid certificates while the United States 175, Mexico 98 and Canada 4.

ISO/IEC 27001 experienced annual growth of twenty percent compared to the same period the prior year. A total of 33,310 valid certificates were reported worldwide. Top countries were: Japan (8945), UK, India, China and Germany. United states had 1115 valid certificates while Canada had 133 and Mexico 260.



0 192

The 2015 revision of ISO 9001 has removed the requirement of a Quality Manual, something that has been needed historically if your organization has wanted to achieve and maintain certification. This requirement appears no more! Woohoo! Shred those Quality Manuals and never look back!

Right? If the standard doesn’t say we need it, then we don’t need it. One less document to maintain. Finally, life as an ISO 9001 certified company is getting easier!

Let’s hold on a second…

A common practice to create and maintain a Quality Manual for the ISO 9001:2008 standard (and earlier versions) was to create an exact copy of the verbiage in the standard, change all of the “shall” words with “will” or similar term that fits, change all references to “the organization” to the name of your company, slap a few logos on it, give it a control number and publish it.

And then…nothing. Let it sit for years until the new standard is published and then repeat this copy-paste process all over again. That practice, although common, doesn’t help anyone.



It’s Time to Re-Think the Manual

Now is the perfect time to rethink the Quality Manual. Take a step back and really consider what a manual should do for your company – provide the framework for your entire management system. Here are a few ideas to get you started.

  1. Start thinking about the manual as something you can hand to a new employee that will help give them an introduction and overview as to how you do business – in plain English with the terms and acronyms that are used in your company – not in “standard speak”. Build this manual within the framework of the standard but in a way where the general employee won’t know it.
  2. Rename the Quality Manual. I don’t know how many times I have heard a Quality Manager complain about their organization’s culture viewing the management system as something separate from how business is done, as in, “the quality stuff is for the auditor”. Start dissolving that problem today – change the name to Business Manual. Because that is what it is – a document that describes how you do business. And we all know, well executed business processes result in top notch quality.
  3. Keep that thing updated! Considering many Quality Manuals were nearly a carbon copy of the actual standard language it was understandable that Quality Manual revisions were uncommon as well. In order to make this Business Manual an ally, it needs to be current.


Keeping your Business Manual Current

Even if your ISO Certified Company has a thorough and accurate Manual for the previous year, it is still very important to keep this document up to date. Here are some things to watch out for that may trigger the need for an update.

  1. Significant changes to business structure or business processes. Keep in tune to changing reporting structures, new processes (manufacturing or service), acquisitions, partnerships, etc.
  2. Rules and Regulations. International rules and regulations are fluid, and it is vital to integrate such changes into business operations. Any change in an Industrial Standard, big or small, could necessitate a change for your employees, external providers, managers, or customers.
  3. Technology. Technology changes very fast and new systems are installed yearly, monthly, weekly, and sometimes even daily. Technology changes can come in various forms: hardware, software, machines, equipment, etc.
  4. Safety. Changes to the physical building structure, layout and environment happen as time goes on and ensuring the manual stays up to date with these changes will assist with the awareness of the safety rules and conditions to ensure a safe work environment.

So, there are some things to think about. Even though the Quality Manual is not mandatory, it is still very much necessary. Use this opportunity to increase the role of the Manual within your business management system.


Christopher Spranger is the owner and CEO of Spranger Business Solutions; a management consulting firm that helps people run more efficient businesses across the United States. They have a team of Quality Management experts that assist companies with internal audits and in achieving Quality Management System Certification.

Interested in having Spranger Business Solution do your internal audits click here.

This article was originally posted on Spranger Business Solutions website and is published here with permission.



0 191

Today’s organizational environment is filled with constant and rapid change; technology changes with the blink of an eye, competition is increasing, and customers are demanding greater quality and lower costs. To adapt to these changes and still meet their goals, organizations need to be efficient. Efficiency requires an overall approach and cannot be reached by focusing on a particular process, or on a specific area within an organization. Being complex systems, organisations require all employees and all every process to function correctly. When employees have a strong sense of belonging with an organization, pride in their work and where participation and team work is promoted high levels of efficiency are reached.

Total Quality Management is a business philosophy which focuses on customer satisfaction and relies on an understanding that a strong focus on employees is necessary to achieve efficiency within an organization. Total Quality Management is oriented to create quality awareness across an organization, and it considers both the organization’s processes and the employees as integral aspect in an organization quality improvement capacity.



Total Quality Management promotes commitment, participation, cooperation and continuous improvement within organizations. Because every employee and every process is important in achieving organizational effectiveness, Total Quality Management can assist in this matter by empowering all employees and making everyone responsible for meeting internal and external costumer’s expectation. Every employee, regardless of its role within the organization can improve quality within their processes.

Total Quality Management can also help organizations achieve effectiveness is by encouraging a dynamic approach to quality improvement. Variations can occur within processes that can negatively alter the desired results. These variations need to be detected, communicated and addressed promptly to prevent deviations from proposed goals. Therefore Total Quality Management, by encouraging team work and empowering employees to make decisions, can facilitate good communication and an effective response within and across different functional units within an organization.

Organizational effectiveness is reached by achieving common goals. Since internal and external customer’s expectations drive organization’s processes, by meeting and exceeding these expectations, organizations can reach their goals and also obtain a competitive advantage.

Many organizations can utilize Total Quality Management to increase their efficiency. Total Quality Management has been implemented in manufacturing, education, government administration and services. Any type of organization can benefit from Total Quality Management and use it to adapt to constant changes, improve their effectiveness and thus increase competitiveness.



0 180

1. Research the Standards
Implementing an ISO management system is not something that is decided overnight. Organizations need to know what they are implementing, thus, there needs to be an understanding of the standard and what it’s expected to be gained with its implementation. Everyone in the organization needs to have basic knowledge of the standard being implemented, the importance of implementing it, and how their actions impacts the system. It is also recommended that a group of employees understand the standard thoroughly. Top management, even though they don’t necessarily need to be experts, they need to understand the importance of allocating resources for the implementation and maintenance of the desired ISO management system. You can learn more about specific standards here: http://isoupdate.com/standards/



2. Create a Timeframe
After understanding the requirements of the standard, organizations need to plan how these will be met. The organization needs to analyse where they are, where they want to be and which are the available resources. With this information a plan must be traced with details of the specific actions, investments and the resources needed. Another important point in the planning process is establishing reasonable timelines; implementing a management system based on any ISO standard.

3. Gain Employee and Management Support
Organizations need to ensure that employees have the right competencies and technical knowledge for implementing the specific ISO management system. Training needs to be carefully planned and executed. Human capital is one of the most important resources an organization has for successfully implementing and certifying an ISO management system. Along with training employees, ensuring participation in the implementation and certification process is essential. Organizations can invest capital in infrastructure and technology, but if people do not participate in the improvement of processes, or worst, if people reject it, all the money and time invested will be lost. People need to be included from day one in the implementation and certification process of any ISO management system.

4. Implement the Standard
The next step it to map and understanding your organizations internal processes. Once the processes are mapped the standard you are utilizing can be implemented into these processes. You may wish to engage a consultant to assist in this process, or if you have the recourses available it can be done internally.

5. Choose a Registration Company
After an organization has advanced in the implementation process, it needs to choose the right Registration Company. The chosen Registrar will accompany the organization through the entire certification process. It is essential that the certification body has knowledge and experience in the ISO standard that has been implemented and in the type of industry/field of the organization seeking certification. Look for a Registration company who is certified themselves. You can find a range of Registration companies here: http://isoupdate.com/registrar-listing/



0 199
ISO Certification

Organizations go through a great deal of work, time and effort to implement management systems such as ISO 9001, ISO 14001, and many others. These management systems are implemented and certified for many reasons, and one of these reasons is recognition. Organizations want their clients, customers, consumers and other interested parties to recognize that their management systems follow specific standards and comply with certain requirements.



When a certification body is accredited, it means that an accreditation body has verified that it follows a series of standards and requirements that guarantee that their service is impartial, consistent, reliable and recognized internationally. These strict and regular checks that certification bodies undergo provide trust and credibility to the certification. Thus, accredited certification can provide confidence to clients, customers, regulators and other interested parties that the organization is complying with the specific standard, code of conduct or requirement.

Additional to having a certification recognized by all the interested parties of an organization, there are other benefits of accredited certification. These are:

Ensures competency
Accreditation can guarantee that the certification body is competent in assessing specific standards. Organizations want to make sure that auditors are knowledgeable, experienced and that can provide an impartial assessment in the management system being certified.

Provides legitimacy

This legitimacy is based on the participation and recognition of public authorities in the structure of the accreditation body, which follow strict international regulations.

Ensures equality of criteria

The regular checks of the certification body can guarantee that over the years the organization’s management system will be assessed by the same criteria. This equality of criteria will assist in the maturity of the management system, by supporting its continuous improvement, innovation and internal prestige. It can also support organizations in focusing on the achievement of proposed goals.

Reduces risks

Organizations rely on the outcome of their certification body’s assessment to make important decisions regarding their management system. Thus, it reduces the probability of making bad decisions regarding the management system and misallocating resources.
In general, with accredited certification it is possible to ensure legal compliance, guarantee objective and impartial assessments, ensure confidence and credibility with interested parties, focus on activities that add value, focus on what is important to the interests of the organization, and improve the assessment of the management system that will consequently support decision making.

These are the main reasons for choosing accredited certification, however, there could be others. There could be the case that a client or a regulatory body requires an organization to have an accredited certification. Thus, before choosing, organizations need to consider the above benefits and any other that could apply to their particular situation and their specific goals.

There are many accredited Registrars’ listed on the ISO Update Registrar Directory. Fine one here: http://isoupdate.com/registrar-listing/