Scribd
Upload
54 views29 pages

2021 SharePoint QMS Guidebook

SharePoint Guide

Uploaded by

Spam For You
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
54 views29 pages

2021 SharePoint QMS Guidebook

SharePoint Guide

Uploaded by

Spam For You
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 29

SHAREPOINT QMS

GUIDEBOOK
All-In-One Quality/Risk Management Solution

SharePoint QMS implemented by Synesis has


everything needed to impress auditors, streamline
siloed processes and enhance product quality. This
guidebook details how our SharePoint QMS software
(BPA Quality™) helps your quality team successfully
tackle compliance challenges.

WWW.SYNESISINTL.COM | [email protected] | 864-288-1550


Synesis International is a Systems Integrations firm based in South Carolina and we are
proud to introduce you to BPA's latest launched Quality Management System (QMS) for
Microsoft SharePoint. As a BPA Partner, we implement customized solutions to help
businesses meet and exceed Quality & Risk Management System requirements.

Yours Sincerely,
Ricardo Studart, President Synesis International, Inc.

GUIDEBOOK
The need to comply with customer demands and other regulations by enterprises is
challenging for managers all over the world and in all industries and public sectors. It
afflicts the entire enterprise chain and managers have to ensure that compliance can be
achieved within the entire corporate structure, including all affiliates. Complex risk and
quality management obligations must be observed on a daily basis and down to the
affiliate level or sensitive setbacks or fines caused by noncompliance can hurt the
bottom line and damage corporate market positions.

With the following guidebook edition, we at BPA Solutions aim to help you with the
implementation of your Quality & Risk Management System into your organization to
become compliant with the international recognized ISO Standard ISO 9001:2015 and
to successfully “tackle” all compliance challenges by using our BPA Quality & Risk
software solution as a centralized and coherent Risk, Quality & Compliance
Management System, your valuable partner solution on your continuous journey to
Quality excellence.

Yours Sincerely,
Dr. Boris Lutz, CEO BPA Solutions

Page 2 / 29
Contents
1. Introduction ..................................................................................................................................................5
2. BPA Quality & Your Organization ................................................................................................................6
3. The Context of ISO 9001:2015 Quality Management Systems ...................................................................7
3.1 Determining your Strategic Quality Direction ...........................................................................8
3.2 Scope of Your QMS ..................................................................................................................9
4. Your Quality Policy ......................................................................................................................................9
5. Management System Structure & Controls ............................................................................................... 10
5.1 Process Approach ................................................................................................................. 10
5.1.1 Process Identification..................................................................................................... 10
5.1.2 Process Controls & Objectives ...................................................................................... 11
5.1.3 Outsourced Processes .................................................................................................. 11
5.2 Compliance Documents & Records....................................................................................... 12
5.2.1 General .......................................................................................................................... 12
5.2.2 Control of Documents .................................................................................................... 13
5.2.3 Control of Records ......................................................................................................... 14
5.3 Change Management ............................................................................................................ 14
5.4 Risks and Opportunities ........................................................................................................ 14
6. Management & Leadership ....................................................................................................................... 15
6.1 Management Leadership and Commitment .......................................................................... 15
6.2 Customer Focus .................................................................................................................... 16
6.3 Quality Policy ......................................................................................................................... 16
6.4 Organizational Roles Responsibilities & Authorities .............................................................. 17
6.5 Internal Communication ......................................................................................................... 17
6.6 Management Review ............................................................................................................. 18
7. Resources ................................................................................................................................................. 19
7.1 Provision of Resources .......................................................................................................... 19
7.2 Competency & Training Resources ....................................................................................... 19
7.3 Infrastructure.......................................................................................................................... 19
7.4 Work Environment ................................................................................................................. 20
7.5 Organizational Knowledge ..................................................................................................... 20
8. Operations ................................................................................................................................................. 21
8.1 Operational Planning and Control ......................................................................................... 21
8.2 Customer-Related Activities .................................................................................................. 21
8.2.1 Capture of Customer Requirements .............................................................................. 21
8.2.2 Review of Customer Requirements ............................................................................... 22
8.2.3 Customer Communication ............................................................................................. 22
8.3 Custom Product Design ......................................................................................................... 22
8.4 Purchasing ............................................................................................................................. 23
8.5 Provision of Products and Services ....................................................................................... 23
8.5.1 Control of Provision of Products or Services ................................................................. 23
8.5.2 Identification and Traceability ........................................................................................ 24
8.5.3 Property Belonging to Third Parties............................................................................... 24
8.5.4 Preservation of Materials ............................................................................................... 24
8.5.5 Post-Delivery Activities .................................................................................................. 25
8.5.6 Process Change Control ............................................................................................... 25
8.5.7 Measurement and Release of Materials ........................................................................ 25
8.5.8 Control of Nonconforming Outputs ................................................................................ 25
9. Performance Evaluation & Improvement ................................................................................................... 26
9.1 General .................................................................................................................................. 26
9.2 Customer Satisfaction ........................................................................................................... 27
9.3 Internal Audit.......................................................................................................................... 27
9.4 Corrective and Risk/Preventive Action .................................................................................. 28
10. BPA Contact Information ........................................................................................................................... 29

Page 3 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


Explanation of symbols

How BPA meets ISO 9001:2015 Requirements

ISO 9001:2015 Requirements

BPA Tips

Page 4 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


1. Introduction
Management of compliance scope, objectives and responsibilities within an enterprise wide
Compliance & Quality Management System can be a challenging task, if not conducted in centralized
compliance management system.

This guidebook will help you understand how BPA Quality will help you describe, monitor and improve
all quality processes in compliance with the ISO 9001:2015 Standard.
The latest edition of the ISO 9001 standard, ISO's flagship quality management systems standard, has
just been published in September 2015. Three years of revision work by experts from nearly 95
participating and observing countries have aligned the Standard with modern needs. Over 1 million
certificates worldwide demonstrate to customers that these certified organizations can offer products
and services of consistent good quality and acts as a tool to streamline processes and make them
more effective.

BPA has incorporated proactive and reactive tools to identify, evaluate, treat and monitor quality
processes and risks. BPA is an innovative quality relationship management system where stakeholders
are at the center. Daily stakeholder interactions and satisfaction will be tracked in the system. BPA’s
main focus is to drive continuous improvement for each process (Plan-Do-Check and Act).

Achieve Excellence with BPA Quality

BPA is the location to manage compliance documents with respect to any quality standard. The
integrated risk management module ensures compliance with the ISO 9001:2015 revision. Key features
of BPA Quality at a glance:

 Risks
 Audits
 Knowledge
 Stakeholders
 Objectives/KPIs
 Corrective actions
 Employee training
 Non-conformances

Page 5 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


 Compliance documents
 Competitive intelligence
 Prebuilt workflows (CAPA, compliance document approval)

BPA Quality is adapted for single organizations and group of companies in any industry sector. BPA is
a multi-entity software that will drive compliance for each affiliate or subsidiary. BPA is adapted to
consulting companies to monitor compliance of their clients.

2. BPA Quality & Your Organization


End-user experience is our main focus at BPA. Using the system is straightforward with the navigation
bar. Along the navigation links you will be able to prepare, implement and monitor all related ISO
clause based requirements of ISO 9001:2015.

Manage relations with stakeholders (customers, suppliers, etc.),


measure customer satisfaction and supplier evaluation, manage all
activities (tasks, emails, meetings, events) with stakeholders. Access
key manager responsibilities from the organization chart.

Access your core process map and all quality processes (50+
described processes), describe stakeholders’ needs and
expectations, analyze competition, make a SWOT analysis and track
business opportunities. List statutory requirements and regulations.
Define your quality policy, objectives and KPIs.

Track all improvement processes to Plan-Do-Check-Act, like


improvement objectives, non-conformances, CAPA actions,
management reviews, audits, training and knowledge. The audit
question library contains 100+ questions to match ISO 9001:2015
clauses and supplier evaluation. Prebuilt workflows (8D/CAPA,
document approval) will drastically shorten any process lifecycle.

The embedded risk management module is transverse to all quality


processes. Assess considered risks periodically using our scorecard
component. Manage mitigation strategies, actions and controls. The
system includes 60+ identified high level risks.

Manage compliance documents with their approval process.

The user-friendly navigation groups all important topics to meet ISO 9001:2015 requirements.

Page 6 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


3. The Context of ISO 9001:2015 Quality Management Systems
When planning for your quality management system, your organization has to consider the
expectations of relevant interested parties and the external/internal factors that affect the
ability to achieve the intended results of your quality management system. These subjects are
part of the ISO 9001:2015 clause to understand the organization and its context.

Keeping its quality context in view, your organization can determine all risks and opportunities that
need to be addressed to:

 give assurance that the quality management system can achieve its intended results
 prevent or reduce undesired effects and achieve improvement
 enhance desirable effects

Your organization may already have established its quality objectives at relevant functions, levels and
processes needed for the quality management system. These objectives can change over time.

Your top management shall ensure that the quality objectives:

 are consistent with the quality policy


 are measurable and take into account applicable requirements
 are relevant to conformity of services and to enhancement of customer satisfaction
 are monitored and communicated, and
 are updated as appropriate.

Your quality objectives shall be maintained as documented information. When planning how to
achieve its quality objectives, the organization determines:

 what will be done and what resources will be required


 who will be responsible
 when it will be completed, and how the results will be evaluated.

We at BPA recommend that as best practice, your department supervisors prepare a “Quality Objective
Realization Plan” for their functional area and submits a copy to the Managing Director for approval
and monitoring.

Manage the scope of your QMS by considering quality processes that are relevant for your
organization. 50+ quality processes have been described with their purpose, input/output
information, activities, possible indicators and suggested compliance documents to be
prepared. The generic core process map is a possible entry door for your QMS. Tools will help
you defining the context of your QMS, like competitive intelligence, business opportunities
and SWOT analysis. Quality objectives are tracked periodically using our scorecard
component.

Page 7 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


3.1 Determining your Strategic Quality Direction

According to the ISO 9001:2015 Standard, your organization shall review and analyze key
internal considerations and external stakeholders’ expectations to determine its strategic
direction.

This involves:

 Understanding your core products and/or services and scope of the management system
 Identifying “interested parties” (stakeholders) who receive your Products and Services, or who
may be impacted by them, or those parties who may otherwise have a significant interest in
your organization
 Understanding internal and external challenges that will impact your organization and
interested parties; these challenges may be identified through an analysis of risks facing either
your organization or the interested parties. These challenges should be monitored and
updated as appropriate, and discussed as part of your regular management reviews.

The SWOT tool will highlight business opportunities and threats.

This information can then be used by your top management to determine your organization’s strategic
direction. These subjects can be periodically reviewed in your management reviews.

Your quality strategies can be described using our prebuilt tools for competitive intelligence
and stakeholders expectations. Opportunities for business improvement and potential risks
will be tracked in the system. Management reviews will be stored with their relation decisions
and actions.

Preparation of a strategic plan for the next years, is the best way to comply with these ISO
requirements. If you make sure that your strategic planning objectives are well connected and
broken down into your Quality Management objectives, you are on your way to an effective
QMS, inclusive Third Party Audits.

Page 8 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


3.2 Scope of Your QMS
The scope of our quality management system covers all organizational activities of our organization.
Based on analysis of the above issues of concern, interests of stakeholders, and in consideration of
your organizations’ products and/or services, your organization should determine the scope of the
quality management system, inclusive all relevant planning factors for the next years.

See an example for a QMS SCOPE Statement below:

“Production and sale of ……………………….products, accessories and associated services to meet our
customer requirements”

Your quality management system applies to all processes, activities and employees within the
organization and should include considerations for any permissible exclusions from the scope.
Whether your organization can claim any exclusions from the ISO 9001 standard scope has to
be determined very carefully. Third Party Registrars for ISO 9001 look very carefully, whether
an organization can justify its exclusions from their QMS.

4. Your Quality Policy


In your quality policy statement you outline the quality focus of your organization. See an example of
Quality Policy Statement below. You can change the artifacts with your own Quality Policy. Not less
than three, but also not too many Quality objectives should be stated in numeric terms. To minimize
the document changes later on, you may make department-wise yearly targets.

The CEO or Top Manager usually signs the Quality Policy.


OUR QUALITY POLICY (example)

We strive to achieve total customer satisfaction by virtue of providing quality education through...

Delivery of standardized courses using state-of-the-art (Your industry) methodologies

Ensuring adequate industrial exposure

Compliance with statutory and regulatory requirements

Regular review of effectiveness of Quality Management System and

Continual improvement of our Quality Management System processes.


QUALITY OBJECTIVES (example)

To increase sales by … % per annum.

To review the effectiveness of quality management system at an interval of six months and update the
system to suit the company's overall business goals.

To measure customer satisfaction and continuously improve the services to improve customer satisfaction
by …% per annum.

Date : 01-Oct-2015 ----------------------------------------------

Place: …………………….. (Managing Director)

Page 9 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


Your quality policy can be added as a compliance document in the system. Quality objectives
and KPIs are tracked in the system. Responsible persons for each quality process are named
for 50+ identified quality processes.

Quantifiable and measurable targets are normally used to achieve quality objectives. The top
management normally decides on yearly targets at the beginning of each year, which is
communicated to the concerned persons. Achievements are periodically reviewed against the
targets.

5. Management System Structure & Controls

5.1 Process Approach

ISO 9001:2015 promotes the adoption of a process approach when developing implementing
and improving the effectiveness of a quality management system to meet customer
requirements and improve customer satisfaction.

Understanding and managing interrelated processes as a system contributes to your organization’s


effectiveness and efficiency in achieving its intended results, all in accordance with your quality policy
and strategic direction of your organization.

5.1.1 Process Identification

BPA has adopted the best practice process approach for your quality management system.
We have identified and described 50+ top-level processes to facilitate your work. The core
process map is the ideal entry door to your QMS. End-users can click a process to view the
related quality process and further drill down to view the process summary and related risks
and KPIs. We established a generic core process map based on ISO 9001:2015 requirements
but you can easily customize it to your needs.

Page 10 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


The core process map is the ideal entry door in your QMS

The core process map and their related quality processes will ensure effective implementation and
monitoring of all compliance documents, KPIs and risks related to each process.

With BPA you can easily determine and describe all your QMS processes with following details:

 process owner(s)
 link between processes
 applicable inputs and outputs
 applicable responsibilities and authorities
 proposed compliance documents and indicators
 applicable risks and KPIs
 critical and supporting resources

5.1.2 Process Controls & Objectives


Make sure that relevant KPIs are measured and gathered on a monthly basis for each quality process.
Your Executive Management team should review, analyze and make decisions based on these KPIs
during periodical management reviews. Adjustments or new objectives/KPIs will be set in order to
ensure continuous quality improvement.

For each quality process, define at least one measurable key performance indicator (KPI) with
a related objective. For each objective you need to define a responsible person and
timeframe. KPIs are visible in the process detail page to determine the process’ ability to meet
quality objectives. KPIs are periodically measured using scorecards.

When a process does not meet a KPI goal, a corrective action or preventive risk should be
implemented to research for root causes and resolve the issue.

5.1.3 Outsourced Processes


Any process performed by a third party is considered an “outsourced process” and must be controlled,
as well. The type and extent of control applied to your outsourced process should take into
consideration:

Page 11 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


 the potential impact of the outsourced process on our Company’s capability to provide
product and services, that conforms to our quality requirements,
 the degree to which the control for our purchasing processes are shared,
 the capability of achieving the necessary control through the purchasing contract
requirements.

To “tackle” your organization’s outsourced processes with their related control methods, it makes
sense as best practice example to define these processes within a documented procedure for control
of externally provided processes, products and/or services, which applies best to your organization.

BPA proposes different tools to qualify and evaluate suppliers. Audit questions are proposed
to qualify and evaluate suppliers. The supplier evaluation scorecard allows tracking periodical
scores for your critical suppliers or subcontractors. In addition, all interactions with
stakeholders are tracked in the system, like important calls, emails, meetings and documents.
The procedure for control of externally provided processes and related instructions will be
added in the compliance document library, linked with the related quality process.

5.2 Compliance Documents & Records

5.2.1 General

ISO 9001:2015 does not make it mandatory anymore to develop a Quality Manual, but
requires you to establish and maintain so called “documented information”. Your quality
management system documentation can include both documents and records in hardcopy
and electronic format.

Documents can be developed based on the following considerations:

 The size of our Organization/Company


 Complexity and interaction of our organizational/business processes
 Competence of your personnel
 Risks and opportunities

With BPA you can mass import existing compliance documents from a file server into our
document library. Documents can be categorized in many virtual folders, using metadata.
Thanks to the SharePoint technology, we offer the best integration with Microsoft Office.
Document versions are automatically tracked and permissions can bet set. A prebuilt
document approval workflow makes sure only approved documents will be visible to end-
users. The electronic signature module can be added for CFR 21/11 compliance. Obsolete
documents will be archived. The system lets you know when a documents needs to be
revised.

Use metadata to organize your documents, like Quality System Procedures Manual (QSP),
Department Procedures (QMS-SOP) and Work Instructions (QMS-WI), Forms (QMS-FM),
Quality Specifications and Quality Records (QMS-REC) and relations between them.

Page 12 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


Example of a quality document hierarchy

5.2.2 Control of Documents


Documented information required for managing your quality management system must be controlled.
Therefore it makes sense to write up a Procedure for Management of Documented Information. The
purpose of document control should be to ensure that staff has access to the latest, approved Quality
information, and to restrict the use of obsolete information.

All documents like procedures, policies, etc. should be established, documented, implemented and
maintained, either in hardcopy or electronic format and follow the following document management
cycle as outlined in the example below:

Control of documents
Create Get Register Distribute
document approval document document

Review Amend Get re- Update


document document approval register

Identify Register
Check for Update
external external
updates register
documents documents

Dispose obsolete Stamp obsolete


document document if retained

Example of a document approval process

BPA lets you manage both document and form templates. Form templates are mostly used in
paper systems. Because BPA is a powerful collaborative solution including a database system,
we will rather configure strategic forms in an electronic format. This brings huge benefits, like
automating business processes and providing real-time statistics.

Page 13 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


5.2.3 Control of Records

The ISO 9001:2015 standard requires your organization to define the controls needed for the
identification, storage, retrieval, protection, retention time, and disposition of related QMS
Quality records.

We recommend preparing a Procedure for Management of Documented Information to define


methods for controlling records that are created by and/or retained by suppliers.

These controls are also applicable to those records which provide evidence of conformance to
requirements; this may be evidence of product or service requirements, contractual requirements,
procedural requirements, or statutory/regulatory compliance. In addition, quality records should
include any records which provide evidence of the effective operation of your QMS management
system.

Charts will let you know about real-time statistics for your records. Measured values for any
process will periodically be entered as KPIs in our scorecard component. Trends will be
automatically calculated and actions/risks can be declared in the system.

5.3 Change Management


When your organization or Company determines the need for changes to your quality management
system or its processes, these changes should be planned, implemented, and then verified for
effectiveness.

To be on the safe side for ISO 9001:2015 requirements, plan all QMS changes according to a
Procedure for Management of Operational Changes and your Procedure for Management of
documented Information.

5.4 Risks and Opportunities

To comply with ISO 9001:2015 requirements, your organization must consider risks and
opportunities when taking actions within your quality management system, as well as when
implementing or improving the quality management system; likewise, these considerations
should be considered relative to products and services on a regular or quarterly basis within
management reviews.

BPA has identified 60+ high level risks ready to be prioritized and periodically assessed using
our scorecard component, based on your dedicated impact by probability matrix. Define your
own risk acceptance levels and cost impact formulas. Define mitigation strategies and treat
risks with corrective actions. Monitor risks with heat maps and set periodical controls.

Page 14 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


60+ risks have been identified ready to be assessed periodically.

All operational Risks and opportunities should be managed in accordance with a documented
Procedure for Operational Planning and Risk Control based on results from periodical risk assessments
within your BPA tool. Your general Risk Management Process Flow should be similar to this one:

Repeat Quarterly

Identify Risks Analyze Risks Plan Risk Mitigation

Management
Change
Monitor & Manage Reviews/Risk
Management
Risks Committee
Process for Risk
meetings

Example of a risk treatment process flow

6. Management & Leadership

6.1 Management Leadership and Commitment

To comply with ISO 9001:2015 requirements, your organization or Company’s Executive


Management must provide evidence of its effective leadership and commitment to the
development, and implementation of your quality management system and continually
improving its effectiveness by:

 taking accountability of the effectiveness of the QMS;


 ensuring that the Quality Policy and Quality Objectives are established for the management
system and are compatible with the strategic direction and the context of your organization;
 ensuring that your quality policy is communicated, understood and applied within your
organization;

Page 15 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


 ensuring the integration of the QMS requirements into your organization’s other business
processes, as deemed appropriate;
 promoting awareness of the process approach;
 ensuring that the resources needed for the QMS are available;
 communicating the importance of effective quality management and of conforming to the
QMS requirements;
 ensuring that the QMS achieves its intended results;
 engaging, directing and supporting persons to contribute to the effectiveness of the QMS;
 promoting continual improvement;
 supporting other relevant management roles to demonstrate their leadership as it applies to
their areas of responsibility.

Business processes such as e.g. accounting/taxation, employee benefits management and HR


legal activities are normally out of scope of the QMS.

6.2 Customer Focus

To comply with ISO 9001:2015 requirements, your Executive Management must adopt a
customer-first approach to ensure that customer needs and expectations are determined,
converted into requirements and are met with the aim of enhancing customer satisfaction.

This is normally accomplished by assuring:

 customer and applicable statutory and regulatory requirements are determined, understood
and consistently met;
 the risks and opportunities that can affect conformity of products and/or services and the
ability to enhance customer satisfaction are determined and addressed;
 the focus on enhancing customer satisfaction is maintained.

The BPA tool provides many tools to track customer satisfaction. Each important customer
interaction is tracked in the system, like emails, calls, requests, meetings. For each interaction
you can track customer’s satisfaction. Customers’ audits or surveys can be prepared and
executed with BPA.

6.3 Quality Policy

To comply with ISO 9001:2015 requirements, your organization represented by your Top
Management should develop a Quality Policy, as outlined in section 4 above, that governs
day-to-day operations to ensure quality.

The Quality Policy should be released as a standalone document, defined in more detail,
communicated and implemented throughout the organization.

Page 16 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


6.4 Organizational Roles Responsibilities & Authorities

To comply with ISO 9001:2015 requirements, your Top Management has to assign
responsibilities and authorities for all relevant roles in your organization or Company. These
are usually communicated through the combination of the Organization Chart and Job
descriptions.

Executive Management should accept responsibility and authority for:

 ensuring that the QMS conforms to applicable standards;


 ensuring that the processes are delivering their intended outputs;
 reporting on the performance of the QMS;
 providing opportunities for improvement for the QMS;
 ensuring the promotion of customer focus throughout your organization and ensuring that
the integrity of the QMS is maintained when changes are planned and implemented.

BPA has documented 50+ key quality processes with their related responsible managers. The
organizational chart lets you view the related quality processes and needed skills/experience
for each manager. BPA Quality will help you managing Job Descriptions and your Job
Description Matrix (to be added in the compliance document library). For each collaborator,
you can view if additional skills and experience is needed to comply with job descriptions, and
you can plan training courses.

The organizational chart lets you view key processes and skills needed for each manager.

6.5 Internal Communication

Executive Management of your organization has also to ensure that internal communication
takes place regarding the effectiveness of our QMS.

Page 17 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


Internal communication methods can include:

 use of corrective and preventive action processes to report nonconformities or suggestions for
improvement
 meetings (periodic, scheduled and/or unscheduled) to discuss aspects of the QMS
 use of the internal audit process results
 regular company meetings with all employees
 use of the results of data analysis
 memos to employees
 internal emails
 Executive Management “open door” policy which allows any employee access to Executive
Management for discussions on improving the quality system

BPA and the SharePoint technology provide many tools to improve internal communication,
like alert, email, task and workflow management. Prebuilt workflows will automatically push
the right information to the right people and alert them. BPA is seamlessly interfaced with
Microsoft Office and synchronization options are available with Outlook calendar and tasks,
which will facilitate meeting and task management. BPA Quality has a powerful emailing
system included. Emails are tracked in the system. Reporting tools will give instant
information about the effectiveness of each process.

Prepare a Procedure for Assigning Responsibilities and Authorities which regulates all details
for internal communication policies. This way your organization or Company is on the safe
side with all ISO 9001:2015 requirements.

6.6 Management Review

According to ISO 9001:2015 requirements, Executive Management must also review the QMS
at planned intervals, to ensure its continuing suitability, adequacy and effectiveness. The
review should include assessing opportunities for improvement, and the need for changes to
the QMS, including the Quality Policy and Quality Objectives.

Schedule your QMS Management review frequency, and define regular agenda (inputs),
outputs, required members, actions taken and other review requirements within documented
Procedure for QMS Planning and Management Review, which regulates all that. Keep regular
records from management reviews to have evidence about all QMS review artifacts and
action plans decided within the meetings. BPA Quality lets you review all KPIs, objectives, risks
and pending CAPA actions during your management reviews. Decisions will be tracked in the
system.

Page 18 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


7. Resources

7.1 Provision of Resources


To comply with ISO 9001:2015 requirements, your organization must determine and provide the
resources needed:

 to implement and maintain the QMS and continually improve its effectiveness
 to enhance customer satisfaction by meeting customer requirements

Resource allocation should be done with consideration of the capability and constraints on existing
internal resources, as well as needs related to any supplier expectations. Resources and resource
allocation should be assessed during management reviews.

7.2 Competency & Training Resources

To comply with ISO 9001:2015 requirements, your organization, especially Senior


Management should ensure to provide sufficient qualified staffing for the effective operation
of the QMS and identified processes.

Staff members performing work affecting product or service quality must be competent on the basis of
appropriate education, training, skills and experience. Any kind of HR procedures which outlines these
factors is suitable to use here.

BPA Quality lets you manage skills, education, experience and training accomplished for each
collaborator. Responsibilities for each manager are described in the system. The system will
let you know when staff needs training.

Create a documented Procedure for Quality Competence Evaluation and Training which
defines these activities in detail. Training and subsequent communication procedures should
ensure that staff is aware of:
 your quality policy;
 relevant quality objectives;
 their contribution to the effectiveness of the QMS, including the benefits of improved
performance;
 the implications of not conforming with the management system requirements.
Note: the QMS does not include other aspects of Human Resources management, such as
payroll, benefits, insurance, labor relations or disciplinary actions.

7.3 Infrastructure

To comply with ISO 9001:2015 requirements, your organization must determine, and maintain
the infrastructure needed to achieve conformity to material and service quality requirements.

Page 19 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


Infrastructure can include:

 your buildings, workspace and associated facilities;


 process equipment, hardware and software;
 supporting services such as transportation;
 information and communication technology.

Using BPA Quality, power users can rapidly configure a tailored system for equipment maintenance
and calibration. No development is needed.

Determine and manage validation of all of your physical resources, IT and as well your
calibration equipment per a Procedure for Control of Monitoring & Measuring Resources,
which covers ALL resources. Where equipment is used for critical operational activities, such
as transportation, inspection and testing of materials and service components, make it subject
to control and either calibration or verification within this procedure.
Note: Calibration and measurement traceability is not employed for all measurement devices.
Instead, determine which devices and IT Materials will be subject to calibration based on your
processes, products and services, or in order to comply with specifications or requirements.
Base these decisions also on the importance of a measurement, and considerations of risk.

7.4 Work Environment


Your organization should provide a clean, safe and well maintained working environment. Executive
Management normally manages the work environment needed to achieve conformity to product and
service quality requirements. Specific safety and environmental requirements for your operations are
determined normally during quality planning and are documented in procedures, work instructions, or
job documentation. Where special work environments needs to be implemented, these shall also be
maintained per Paragraph 7.3 above. Human safety factors should be considered to the extent that
they directly impact on the quality of our Products or Services.

Note: Social, psychological and safety aspects of the work environment are sometimes
managed through activities outside of the scope of a QMS. Only work environment aspects
which can directly affect process efficiency or product and service quality should be managed
through the QMS management system.

7.5 Organizational Knowledge

To comply with ISO 9001:2015 requirements, your organization must determine the
knowledge necessary for the operation of its processes and to achieve conformity of products
and/or services.

This may include knowledge and information obtained from:

 internal sources, such as lessons learned, feedback from subject matter experts, and/or
intellectual property, as well as capturing of knowledge of our experienced senior staff;
 external sources such as standards, academia, conferences, and/or information gathered from
customers or suppliers.

Page 20 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


This knowledge shall be maintained, and made available to the extent necessary. When addressing
changing needs and trends, your organization should consider its current knowledge and determine
how to retain and develop knowledge in the company.

BPA Quality provides a wiki system to be used as a knowledge base. Knowledge articles can
be linked to each quality process. Contributors can continuously improve content.

Establish an official Procedure for Management of Organizational Knowledge based on the


detailed information outlined in the BPA DEMINGS 14 Quality Points descriptions.

8. Operations

8.1 Operational Planning and Control

To comply with ISO 9001:2015 requirements, your organization must plan and develop the
processes needed for product and/or service realization. Planning of product and/or service
realization within the BPA tool must be consistent with the requirements of your other
processes of any other used electronic based ERP/MRP management system.

Such planning must consider the information related to your Context of the Organization (see section
3 above), current resources and capabilities, as well as all product and service requirements. Changes
to operational processes should be planned as described in accordance with your Procedure for
Management of Operational Changes.

8.2 Customer-Related Activities

8.2.1 Capture of Customer Requirements


During the intake of new operations, your organization must capture:

 requirements specified by your customer, including the requirements for delivery and post-
delivery activities;
 requirements not stated by the customer but necessary for specified or intended use, where
known
 statutory and regulatory requirements related to the product;
 any additional requirements determined by your organization or Company.

These activities are normally defined in greater detail in QMS SOP Procedures for e.g.:
 Procedure for Marketing/Sales and Order Review
 Procedure for Customized Product Development Management
 Procedure for Control of Externally Provided Processes, Products, and Services
 Procedure for Supplier Management & Purchasing
 Procedure for Control of Product & Service Provision

Page 21 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


 Procedure for Logistics Management, etc…

8.2.2 Review of Customer Requirements

Once requirements are captured, your organization must review the requirements prior to
your commitment to supply of your Product and Services.

This review should ensure that:

 your product order requirements are defined,


 contract or order requirements differing from those previously expressed are resolved,
 your organization or Company has the ability to meet your defined requirements, and/or
warranty terms for anticipated products and/or services you offers, and that
 risks have been identified and considered.

These activities are normally defined in greater detail in QMS SOP - Procedures for
Marketing/Sales and Order Review.

8.2.3 Customer Communication

To comply with ISO 9001:2015 requirements, your organization must implement effective
communication with customers.

Effective customer communication includes:

 providing information relating to your products and/or services;


 handling enquiries, contracts or orders, including changes;
 obtaining customer feedback relating to products and services, including customer
complaints;
 handling or controlling customer property;
 establishing specific requirements for contingency actions, when relevant.

8.3 Custom Product Design

For new design sales orders and for significant design changes, and to comply with ISO
9001:2015 requirements, your organization must ensure the translation of your customer
needs and requirements into detailed design outputs. These address performance, reliability,
maintainability, testability, and safety issues, as well as regulatory and statutory requirements.

Your Design & Development procedures should be structured in the following best way to ensure:

 Custom design planning is conducted


 Design inputs (requirements) are captured
 Design outputs are created under controlled conditions
 Design reviews, verification and validation are conducted
 Design changes are made in a controlled manner.

Page 22 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


These activities are usually further defined in documents like a formal Procedure for
Customized Product or Service Development Management. Power users can easily configure
a simple project management solution to track design projects with their related activities
and documents.

8.4 Purchasing

To comply with ISO 9001:2015 requirements, your organization must ensure that purchased
Product and/or Services conform to your specified purchase requirements. The type and
extent of control applied to your supplier and the purchased product is dependent on the
effect on subsequent product realization or the final product.

Your organization should evaluate and selects suppliers based on their ability to supply product and
service in accordance with your requirements. Criteria for selection, evaluation and re-evaluation
should be established. Your purchases should be made via the release of formal purchase orders
and/or contracts which clearly describe what is being purchased. Received Products and Services are
then verified against requirements to ensure satisfaction of requirements. Suppliers who do not
provide conforming Products and Services may be requested to conduct formal corrective action
(SCAR).

BPA Quality has an integrated audit module to qualify and evaluate suppliers. Predefined
supplier audit questions are available. Our scorecard component allows periodically evaluate
suppliers and analyze trends.

These activities are normally further defined in documents like Procedures for Control of
Externally Provided Processes, Products, and Services and Procedures for Supplier
Management & Purchasing.

8.5 Provision of Products and Services

8.5.1 Control of Provision of Products or Services


To control your provision of Products and/or Services, your organization must consider the following:

 the availability of documents or records that define the characteristics of your Products and/or
Services, as well as the results to be achieved;
 the availability and use of suitable monitoring and measuring resources;
 the implementation of monitoring and measurement activities;
 the appointment and use of suitable infrastructure and environment and competent persons;
 the implementation of actions to prevent human error;
 the implementation of release, delivery and post-delivery activities.

Page 23 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


Make one Top Manager of your organization or Company responsible for operational control
of all of your operations within a documented Procedure for Control of Service Provision. This
way you will be safe for ISO 9001:2015 requirements.

8.5.2 Identification and Traceability

To comply with ISO 9001:2015 requirements, your organization must identify its incoming
Products and Services or other critical process outputs by suitable means. Such identification
includes the status of the material delivery with respect to your QMS monitoring and
measurement of operations requirements. Unless otherwise indicated as nonconforming, e.g.
pending inspection or disposition, or some other similar identifier, all Product or Services shall
be considered conforming and suitable for use.

If unique traceability is required by your contract, regulatory, or other established requirements you
must apply controls and records to identify all materials or services.

These control methods should be described in detail within Activity Flow Charts outlined
throughout our QMS Quality Procedures.

8.5.3 Property Belonging to Third Parties

To comply with ISO 9001:2015 requirements, your organization must exercise care with
customer or supplier property while it is under your organization’s control or being used by
your organization. Upon receipt, such property must be identified, verified, protected and
safeguarded. If any such property is lost, damaged or otherwise found to be unsuitable for
use, this is reported to the customer or supplier and records maintained.

For customer intellectual property, including customer furnished data used for design, production
and/or inspection, this is normally identified by customer and maintained and preserved to prevent
accidental loss, damage or inappropriate use.

Make these processes and activities visible in greater detail in your documented Procedures
for Customized Product Development Management.

8.5.4 Preservation of Materials

To comply with ISO 9001:2015 requirements, your organization must preserve materials and
its conformity of product or other process outputs during internal processing and delivery.
This preservation include normally identification, handling, loading, storage, and protection.
Preservation also applies to the constituent parts of a material product delivery.

Page 24 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


Create a documented Procedure for Operations (Preservation, Storage, Protection, Dispatch
and Transportation) which defines these methods for preservation of materials.

8.5.5 Post-Delivery Activities


As applicable, and to comply with ISO 9001:2015 requirements, your organization must conduct the
following activities which are considered “post-delivery activities” compliant with our quality
management system. See some examples below…

 Delivery Confirmation Notice


 Customer follow up on delivery (Phone or electronic email)
 Customer Complaint & Warranty activities (If needed)

8.5.6 Process Change Control


To comply with ISO 9001:2015 requirements, your organization must review and control both planned
and unplanned changes to processes to the extent necessary to ensure continuing conformity with all
requirements. Process change management should be defined in your documented Procedure for
Management of Operational Changes.

8.5.7 Measurement and Release of Materials


Acceptance criteria for Products or Services are normally defined in appropriate subordinate
documentation. Reviews, inspections and tests are conducted at appropriate stages to verify that your
product and service requirements have been met. This is done before Products or Services are released
or services are delivered.

If your inventory management utilizes different methods for measuring and releasing
Products or Services, you should create and define these methods within Inventory Process
Definitions Work Instructions (WI).

8.5.8 Control of Nonconforming Outputs

To comply with ISO 9001:2015 requirements, your organization or Company must ensure that
all Products or Services or other process outputs that do not conform to their requirements
are identified and controlled to prevent their unintended use or delivery.

BPA Quality provides powerful tools to track non-conformances with their relation CAPA
actions and risks. The prebuilt workflow lets you push information to responsible persons for
each important step, based on the 8D (9D) methodology. Real-time statistics and reports are
available in the system.

Page 25 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


Example of a workflow-driven 8D (9D) CAPA report generated with BPA

9. Performance Evaluation & Improvement

9.1 General

To comply with ISO 9001:2015 requirements, your organization must use the Quality
management system to improve its processes, products and services. Such improvements aim
to address the needs and expectations of customers as well as other interested parties, to the
extent possible.

Improvement shall be driven by data analysis. The results of analysis shall be used to evaluate:

 conformity of products and services;


 the degree of customer satisfaction;
 the performance and effectiveness of the management system;
 the effectiveness of planning;
 the effectiveness of actions taken to address risks and opportunities;
 the performance of external providers;
 other improvements to the management system.

BPA Quality provides many tools to measure the effectiveness of quality processes. Graphical
charts will give instant insights about your processes. With scorecards you can track important
KPIs or risks periodically and trends will be automatically calculated. Shared reports will tell
you about cross-list information. Workflow statistics will let you know about bottlenecks in
your processes. In tracking daily relations with stakeholders, you will be able to measure
satisfaction rates.

Page 26 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


Start to develop your QMS Performance evaluation based on your quality improvement plan
and develop a Procedure for QMS Performance Evaluation which will ensure to follow up on
all performance matters within improvement activities for your Company.

9.2 Customer Satisfaction

As one of the measurements of the performance of your QMS and to comply with ISO
9001:2015 requirements, your organization must monitor information relating to customer
perception as to whether the organization has met your customer requirements.

The methods for obtaining and using this information should include:

 recording customer complaints


 product rejections or returns (Claims management)
 repeat orders for product
 changing volume of orders for product
 trends in on-time delivery
 obtain customer scorecards from certain customers
 submittal of customer satisfaction surveys

Your BPA CAPA System has an in-build Corrective and Risk/Preventive Action System which
can be used to drive your developed and implemented plans for customer satisfaction
improvement that address deficiencies identified by these evaluations, and assess the
effectiveness of the results. Develop an official Procedure for Monitoring & Review of
Customer and Procedure for Handling of Customer Complaints Management, which apply to
this process best.

9.3 Internal Audit


To comply with ISO 9001:2015 requirements, your organization must conduct internal audits at
planned intervals to determine whether the management system conforms to contractual and
regulatory requirements, to the requirements of ISO 9001, and to management system requirements.
Your Internal Audits should also seek to ensure that the QMS has been effectively implemented and is
maintained.

BPA Quality includes 100+ predefined audit questions to check your ISO 9001:2015
compliance. Additional audit questions have been added for supplier audits. A predefined
workflow ensures audits are tracked in the system with their related corrective actions until
the action plan is effective. Audit campaigns can be planned in the system and assigned to
internal/external auditors.

Plan these activities within a defined document and call it Procedure for Internal Auditing of
our QMS.

Page 27 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


9.4 Corrective and Risk/Preventive Action

To comply with ISO 9001:2015 requirements, your organization must take corrective action to
eliminate the cause of nonconformity in order to prevent recurrence. Likewise to comply with
ISO 9001:2015 requirements, your organization must take preventive risk reducing actions to
eliminate the causes of potential nonconformities in order to prevent their occurrence.

BPA Quality provides tools to plan corrective actions with their activities and documents. A
prebuilt workflow makes sure actions are completed and effective. The preventive risk module
allows identifying, prioritizing, assessing, treating and monitoring risks. The heat map diagram
will let you know about high risks with their related controls, mitigation strategies and actions.

Good luck and all the best with your QMS Implementation!

Page 28 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]


10. Contact Information
Contact a Synesis Quality expert and request additional ISO consulting support or implementation
services to help you registering or renewing your ISO 9001:2015 certificate and guide your
organization to excellence.

30 Creekview Ct., Greenville, SC, 29615


1-864-288-1550
[email protected]

Page 29 / 29

Synesis International, Inc. | 30 Creekview Court, Greenville, SC 29615 | 864-288-1550 | [email protected]

You might also like