In the last post we looked at the context of the organization. OK we know who we are; what we do; our strengths, weaknesses, opportunities and threats, we can explore who we do it all for – our customers both internal and external. New clause, 4.2 requires that we identify our stakeholders (“interested parties”) who either have an interest in our products or an interest in our quality system.
This is a big improvement over earlier versions because up until now only the customer has been focused upon. It all goes back to the MIL-STD that began it all. Mil-Q-9858, published in 1959 by the US government, for the US government. They didn’t care about anybody else, they were the customer. Today life is more complicated and ‘the customer’ may not be the customer. The current Standard, with focus on interested parties combined with the process approach introduces the concept of internal and external customers.
One of my clients is a manufacturer selling product through a network of distributors. Technically, the customer is that distributor and not the person who wanted the product. And customer satisfaction (in the past) was based upon response and delivery time, product quality was rarely a topic of discussion and with a liberal returns policy they always received high marks. With the 2015 revision the end-user becomes part of the mix. Thankfully, my client has a pride in workmanship and a sense of value-added so their marks remain high. They only had to find another way of determining (measuring) the perception of satisfaction from the end-user. You get the idea.
Slightly of topic… I got in a ‘fight’ with the auditor of a medical client who insisted that we remove the word ‘satisfaction’ and replace it with ‘feedback,’ which, in their defense is how the Medical Standard ISO13485 is worded. However, I challenged that there is no requirement to adopt either the structure or the terminology as stated in section 0.1 (general) of the introduction, “It is not the intent of this International Standard to imply uniformity of quality management systems or uniformity of documentation.” I also questioned the intent of the authors by asking,”Do we not want satisfied medical customers?” The auditor was not amused and we changed the verbiage to avoid a finding. The 2016 revision of ISO 13485 neither contains the new High Level Structure, nor the new requirements of context and interested partied found in ISO 9001:2015 so we will have to wait to revisit this at the next revision!
When identifying interested parties, you think of all the groups of people who may be directly or indirectly impacted by your product or service, as well as those that have a direct or indirect impact on your QMS. For each, identify whether they are internal (work for the company) or external (third parties.) Then decide why those groups might have an interest.
Like much of ISO 9001, you get to decide who an interested party is. The only expected party would be your customers, and everything beyond that is entirely up to you.
In most cases, however, your list might include:
Internal Interested Parties
• Employees (and their dependents)
• Owners / Sr. Management / Board of Directors of the company
• Departments usually thought to be outside of the QMS (legal, finance, etc.)
External Interested Parties
• Suppliers / Vendors
• The Public
• Other end users of your product/service
• Certification bodies
Once you have your interested parties identified, you can start to think about why they care about you. ISO 9001:2015 gives you some pointers on where to start. The Notes in clause 4.1 lists the following suggestions:
The last step in this process is to categorize whether the concern / issue is positive or negative. This will be helpful when we discuss Risk-Based Thinking – Coming to a blog near you soon.