The webinar covers: • Replacing the Quality Manual • Replacing All Other Procedures • Checking Yourself to Ensure You've Met All Requirements Presenter: This webinar was presented by Debra Hay Hampton, PECB Certified Trainer and Lead Auditor of Quality and Environmental Management Systems. Link of the recorded session published on YouTube: https://youtu.be/PnCjPlGGb68

1. Prepared by Debra Hay Hampton,
Certified Lead Auditor, ISO 9001:2015, ISO 14001:2015
Certified Management Consultant
Certified Professional Trainer
Certified Quality Engineer
Prepared on behalf of PECB

2. Debra Hay Hampton
ISO 9001 Lead Auditor
Debra Hampton has over 30 years of improving processes and systems with experience from
hospitals, schools, and many types of manufacturing facilities, a methodical approach is used to
focus on building a system of processes that collect data to make decisions that create
sustainable, continual improvement and consistent product. Companies she works with become
better at “turning effort into dollars”.
+1 229 798 0277
debrahampton54@hotmail.comwww.ce-q.com
linkedin.com/debra-matthews-hay-hampton

3. Course Objectives
 Present methods to have minimal documentation yet meet the requirements of ISO
9001:2015
 Encourage revamping of current management system documentation for those
who still have procedurally based systems
 Encourage creation of a method to verify meeting requirements – simply,
efficiently, and effectively.

4. Outline of Material
1. Replacing the Quality Manual and the Other Requirements for Specific
Documented Procedures
2. Revamp Material vs. Retain Current System and Edit
3. Verification – Presenting Evidence of Meeting the Requirements to a Third Party
Auditor

5. Replacing the Quality Manual and the
Other Requirements for Documented
Procedures

6. Replacing the Quality Manual and the Other
Requirements for Specific Documented
Procedures
 Previously the Quality Manual was the GLUE
 Where you started to explain the rest of the system
 Many organizations (still) have a manual that is a regurgitation of the standard….does
not support the teaching of the ISO 9001:2000 and 2008 standard.

7. ISO 9001:2000 and 2008 Stated
Requirements of the Quality Manual
 Quality Manual required to contain (ISO 9001:2008, 4.2.2)
 Scope and justifications of exclusions
 Documented procedures or reference to them
 Description of an interaction of the processes of the system
 No Requirements for any documented procedures
 Nothing left to hold the organization together!

8. ISO 9001:2000-2008 Quality Manual
 Often One Page
 A Picture of the Interactions of the Processes
 Reference to the Procedures of the System
 The scope and any exclusions
Quality Manual more than one or two pages?
Email me so we can discuss how we can help you begin revamping
your management system to the 2000-2008 standard. Debra@CE-
Q.com

9. ISO 9001:2015
 Does NOT require any manual
 Does NOT require any documented procedures?
 So what will be our glue?
 How can we do this without a manual and documented procedures?

10. What is a Standard?
- Is a standard leading edge thinking?
- Is it progressive?
NO!

11. Where is the Glue? What Holds the
System Together? How Can We Know
What Documents We Need?

12. Risk-Based Thinking
 Not a new concept
 ISO 14001 and other risk based standards have NOT had a requirement for a
manual
 (Although many organizations do waste efforts and have a manual)
 Determine the context of the organization (ISO 9001:2015, 4.1)
 Determine risks as a basis for planning the system and its processes (ISO
9001:2015, 4.4, 6.1)
 This analysis determines the extent of documented information

13. How do we know what documents are
needed?
 Determine the context of the organization
 Determine the risks
 Determine the methods to mitigate the risks.
 Determine the documents needed to ensure the risk is mitigated

14. Understanding the Context of the
Organization
 External and Internal Issues
 Relevant to its purpose and strategic direction
 That affect its ability to achieve the intended results of its quality management system
 Intended results of quality management system
 Demonstrate ability to consistently provide products and services that meet customer
and applicable statutory and regulatory requirement (ISO 9001:2015 1.a)
 Aim to enhance customer satisfaction (ISO 9001:2015 1.b.)

15. Internal Issues that Affect Consistency of Meeting Customer,
Statutory and Regulatory Requirements
 Leadership and their commitment
 Assigning of Organizational Roles, Responsibilities and Authorities
 Lack of Planning
 Meeting Risks
 Meeting Objectives
 Addressing Changes
 Lack of Support for the Plan
 Lack of Competency in their People
 Lack of Awareness and Communication of What is Expected
 Inadequacies in Documented Information
 Lack of Operational Control of Production and Services
 Poor Design and Development Process
 Poor Evaluation of the planned methods to ensure they are being followed
 Poor methods of addressing nonconformity and corrective actions

16. External Issues that Affect Consistency of Meeting Customer,
Statutory and Regulatory Requirements
 Customers
 Must understand their expectations and agree upon the expectations to be met
 Interested Parties
 Shareholders?
 Union?
 Community?
 Statutory and Regulatory Bodies
 External Providers
 Providers of Components, Raw Materials
 Providers of Services

17. What does all this have to do with minimal
documentation?
Manual one or two pages
Standard is the “STANDARD” Proven
Best Practices for an organization
Sources of Risk both Internal and External in Context
 Minimize Risk
 Address All
Potential
Sources of
Risk
 Do Only What
is Necessary

18. ISO 9001:2015 Standard Identifies the Sources
of Risk
Risk Consequence Control/Solution/
Mitigation
Lack of Leadership
and Commitment
(5.1.1)
Leaders not accountable for
effectiveness of QMS (a)
Top Manager must ensure
measurement of
effectiveness of leaders is
tied to effectiveness of QMS
Strategic Direction becomes
incompatible with QMS (b)
Align QMS and Strategic
Direction
QMS not integrated into business
processes (c)
Use QMS to plan business
processes
Process Approach and Risk Based
Thinking not Promoted (d)
Use process approach and
risk based thinking for
managers to know their
responsibilities

19. Sources of Risk – Competence (7.2)
Risk Consequence Control/Solution/
Mitigation
Lack of
Competence (7.2)
People doing work that affects the
performance and effectiveness of the
QMS are not competent (a)
Define the skills and knowledge
needed for each job. Create
Competency Matrix per job.
People do not have the appropriate
education, training, or experience (b)
Compare workforce against these to
determine training needed.
Document in Competency Matrix.
People do not acquire competencies
they are lacking
Create Training Plan and Follow up to
Determine Effectiveness of Training
No evidence people are competent Retain record of competence on
Competency Matrix and in Training

20. Sources of Risk – Externally Provided
Processes, Products, and services (8.4.1)
Risk Consequence Control/Solution/
Mitigation
Failure to ensure
externally provided
processes, products and
services conform to
requirements. (8.4)
Delays in provision of products &
services due to poor quality or late
deliveries from suppliers.
Increases in warranty costs and
losses in customer satisfaction.
Materials Control Manager prepares a
Supplier Performance graph to show
current performance of suppliers and
a Performance Improvement Plan to
improve their performance.
Product or Service intended for
incorporation gets to point of use
and can’t be used.
Quality Manager determines controls
to be followed when items are
received based on the risk and
previous history. Documents controls
on Receiving Inspection Plan.

21. What about Section 4.4, QMS and Its
Processes? How Do We Meet This?
Risk Consequences Control/Mitigation
Not establishing,
implementing, maintaining
or continually improving the
quality management system
Efforts are not planned or
focused to ensure the
processes continually
improve
Top Manager expects each
Department Manager to
plan their methods using
Process Maps which meet
the requirements of

22. The Risk and Control Table
Becomes the Glue!
Me: We don’t need a manual!
You: What will we send to our customers?
Me: Ahh, the manual is for marketing use?
You: Our customer will expect us to have one.
Me: Fair enough… then create a manual that markets you and your
products, an advertising tool, a beautiful work of art that describes your
organization and what it can do for them.

23. Summary of Risk-Based Thinking
 Understand the context of the organization (4.1)
 Determine the risks as a basis for planning (6.1)
 Demonstrate how the application of risk-based thinking affected the
implementation of the qms processes (4.4)
 Use the risk-based thinking to determine the extent of documented
information

24. Reminder of Documented Information
 2015 standard defines requirements to “maintain documented information” and to
“retain documented information”
 Replaces references to documents or records
 Same “documented information” may meet many requirements of the standard
 Where the standard references “information” rather than “documented
information”, No requirement the information be documented

25. Should We Revamp Our Material vs. Retain
Current, Procedural Based System with
Minor Edits?
Will likely require an outside service to work with managers to
prepare them for the 2015 changes and make the changes in
your organization, unless they listen well to you.

26. Verification – Presenting Evidence of
Meeting the Requirements to a Third Party
Auditor

27. Internal Auditing with a Risk-Control Table
Risk Control/ Mitigation Evidence Observed During
the Audit
Planned intervals not
frequent enough
An Internal Audit Schedule is used to
ensure all sections of the standard are
audited and all processes with processs
maps are audited
Don’t verify if planned
arrangements are met
or if Standard met
Audit using the Risk-Control Table as
the criteria
Don’t verify if
effectively
implemented and
maintained
Ensure auditors are trained to look for
duplication of efforts and lack of
improvement

28. Summarizing – Implementing ISO
9001:2015 with Minimal Documentation
1. Create a Risk-Control Table based on the requirements of the standard.
2. If it is a document that is used as a control or mitigation, it has value. If it isn’t in
the list, why do you have the document
3. Let internal auditing be a method of verification that what is listed in the Risk-
Control Table is what is actually in use.
www.CE-Q.com can assist,
even remotely through electronic media;
debra@CE-Q.com or 229-798-0277
What will be difficult? Getting the Top Managers to understand their
role. You’ll most likely need someone from the outside to help with that.

29. Our Team Working with Your Management Team
to Bring About Transformation to the Expectations
of ISO 9001:2015 – Section 5
Top Management “shall”
 take accountability for the effectiveness of the qms
 Ensure policy and objectives are established for the qms and are compable with the
context and strategic direction of the organization
 Ensure the integration of the qms into the organization’s business processes
 Promote the use of the process approach and risk-based thinking
www.CE-Q.com can assist,
even remotely through electronic media;
debra@CE-Q.com or 229-798-0277

30. Thank you to
PECB
Participants
?
QUESTIONS
123 456 789
name.surname@domain.com
www.domain.com
linkedin.com/name.surname
twitter.com/name.surname
fb.com/name.surname
THANK YOU