ISO 9001:2015 requires for any changes made during, or subsequent to, the design and development of products and services, organisations to identify, review and control the changes to the extent necessary to ensure that there is no adverse impact on conformity to requirements. Documented information is also required to be retained on the following:
Comment:
Note that the requirements are applicable to changes carried out both during the execution of design and development and after the process has been completed and product has been delivered to the customer.
Audit Check:
In addition to sampling examples of changes to confirm they have been successfully executed, auditors will expect to see documented evidence of a design and development change process which considers the risk and complexity of intended changes and its mitigation. EG:
• It has appropriate change control process stages including design and development reviews by relevant personnel / departments / functions,
• The process identifies and successfully executes appropriate verification and validation activities required for changes including the requirement for resource identification and provision. IE Internal design human resource, computer modelling, external test labs etc,
• Documented information (records) is required for appropriate authorisation of any changes, either by person or the completion of a change control process validation activity for example,
• The impact of the changes on product already produced / already supplied is considered. (EG: Customer communication on backward compatibility, impact on servicing, maintenance and spares provision,)
This article is the property of David Barker Consulting © and is free for you to use. If you wish to reproduce elsewhere, please be so kind as to ask permission first and credit me as your source. If you need any further assistance, feel free to use my contacts page to get in touch and let me know how I can help!
David Barker CQP MCQI