Is risk understood and when appropriate, communicated throughout your Organization?
The requirements of ISO 9001:2015 states that
“the organization shall determine the internal and external communications relevant to the quality management system.”
What communications will you have for the QMS within your Organization?
Here below are some examples of such communication (internal and external).
Internal communication of the QMS issues is conducted:
- Via information system;
- Through meetings on QMS issues;
- Via control of documented information.
Quality manager together with IT manager develops draft of the QMS relevant issues communication structure. QMS relevant issues communication structure is discussed and approved during management review. IT manager ensures placement and transfer of information on QMS relevant issues, according to the structure.
QMS issues meetings include:
- Management review meetings - regulated by the director of the organization.
- Internal audit meetings – held per the internal audit program and are regulated by Quality manager.
- Subdivision QMS issues meetings – are regulated by the subdivision leader and can be conducted in the form of a video conference.
External QMS issues communication is conducted with the customers, external providers, certification bodies, and consultants.
Interaction with customers, including QMS issues, is defined by processes relevant to customers.
Interaction with external providers, including QMS issues, is defined by control of externally provided processes, products, and services.
Quality manager per the responsibility and authority defines terms and content of the interaction relevant to the QMS with the certification bodies and consultants.
Do you have to communicate all product and service nonconformities?
Will you report to the media, shareholders, or other stakeholders on some topics but not others?
Control of nonconformities should be carried out in accordance with the
corresponding QMS documented procedure. This
Procedure usually provides guidance as to documenting the nonconformities. Communication relates to the parties involved in control of nonconformities:
- an auditor, or any employee of the Organization, or a customer who identified the nonconformity;
- quality representative or another staff member who coordinates the nonconformity processing;
- process owner, relevant to the nonconformity or an authorized person, who analyzes the causes and possibilities of similar nonconformities and words the corrective actions
- senior leadership, who conducts review of the nonconformity.
Stakeholders communication is conducted by the decision of the senior leadership of the Organization.
For the
Environmental management systems and
OH&S management system this is the requirement of the ISO 14001:2015 and ISO 45001:2018 respectively.