Management Review

Steve Fitzpatrick — Thu, 22 Oct 2020 07:05:30 +0000

Management Review is the closing of the Plan-Do-Check-Act cycle and is essential for the continuous improvement of the company’s management system. The standard details that top management shall review the organisations management system to ensure its continuing suitability, adequacy, and effectiveness and alignment with the strategic direction of the organisation – i.e. is it delivering what the business wants?
Common questions that arise include – how often, what is discussed, who attends and records? ISO does not differentiate between small business and corporations and as such does not specify specific frequencies of meetings. ISO does prescribe specific inputs and outputs for the management review. The outputs must be documented.
The first step is to review the specific management review inputs that are detailed within the standard
– Are there inputs that you already discuss at other management meetings e.g. strategic planning, business planning, operations meetings?
– Which ones are of particular interest to the organisation’s strategic direction?
Note, the standard does not state that all inputs must be reviewed every time – the business can determine specific input review frequency such as monthly, quarterly or annual. Consider mapping out management review frequencies in a matrix for the purpose of planning. Little and often works well.
So, what records would be maintained? The standard states that the business will retain documented information as evidence of the results from the management review. This will often be in the format of meeting minutes including
– Attendance
– Status of actions from the previous meeting
– Information of the specific inputs chosen for discussion, this may be in the format of a report or detailed in the minutes.
– Outputs including opportunities for improvement, any need for change to the management system and resources needed.
Consider utilising the business corrective action process to manage actions raised.

If you have any questions please feel free to get in touch with the Astute Business Certification team here.

The post Management Review appeared first on Astute Business Certification.

Context of the Organisation

Steve Fitzpatrick — Thu, 22 Oct 2020 06:32:29 +0000

Context of the organisation

As the new ISO standards emerged since 2015, Context of the organisation is a new requirement that the business needs to consider in establishing the direction of the management system. The standard leads to 2 aspects that need to be considered and these aspects are mapped throughout the other clauses

– Understanding the organisation and its context

– Understanding the needs and expectations of interested parties

Understanding the organisation and its context

This requires the company to determine external and internal issues that are relevant to its purpose and its strategic direction and that affect its ability to achieve the intended results of the management system.

To determine external context, you should consider issues arising from its social, technological, environmental, ethical, political, legal, and economic environment. Examples of external context may include

– Change in legislation
– Economic shifts in the market
– Competition
– Corporate image
– Technology

Internal context is the environment in which the company aims to achieve its objectives and may include

– Governance
– Organisational structures, roles and responsibilities
– Contractual relationships with customers and external parties.
– Objectives, policies and strategies
– Resource capabilities and knowledge

The context can include positive and negative factors or conditions to consider and may be detailed through varied methods such as SWOT (strengths, weaknesses, opportunities and threats) and PEST (political, economic, social and technological) analysis tools. This process needs to be completed with management and may form part of a business / strategic plan.

Understanding the needs and expectations of interested parties

Next the company needs to identify relevant interested parties, internal and external stakeholders who impact or could potentially impact the company. Ask the question, “if it goes wrong, who will be asking questions?” Once interested parties are identified, the company needs to determine each stakeholders needs and expectations – what do they want? Examples could include

– Customers looking for quality, value or on time
– Shareholders looking for financial performance
– Government agencies require legislative compliance
– Employees looking for stability and value

Once the above are determined . the information identified helps with

– Determining the scope of the management system
– Determining the management system and its processes
– Links to Risk and Opportunity

The post Context of the Organisation appeared first on Astute Business Certification.

ISO 9001 Archives - Astute Business Certification

Management Review

Context of the Organisation