What is ISO 9001:2015?
ISO 9001:2015 is the internationally recognized standard for Quality Management Systems (QMS). It is the most widely used QMS standard in the world, with over 1.1 million certificates issued to organizations in 178 countries.
ISO 9001:2015 provides a framework and set of principles that ensure a common-sense approach to the management of your organization to consistently satisfy customers and other stakeholders. In simple terms, ISO 9001 certification provides the basis for effective processes and effective people to deliver an effective product or service time after time.
The key to any successful business is strong quality control. If you want your operation to thrive, your potential consumer base must be confident that the goods or services you offer meet or exceed expected standards. ISO 9001 is a quick and easy way for potential consumers to see if your company has put the time and effort into making sure your product or service is the best it can possibly be.
Sections of ISO 9001:2015
Section 1: Scope of ISO 9001:2015
A Quality Management System is primarily intended to enhance customer satisfaction. It does this through the application of the processes determined by you as necessary for your operations, as well as the processes determined by the standard as necessary for continuous improvement. A QMS aims to assure conformity to customer requirements and applicable legal requirements.
The intention is for all requirements (clauses) of the standard to be applicable irrespective of the size and nature of the organization implementing the QMS. Whether you provide a product or a service, or a combination of both.
There are times when certain clauses may become not- applicable. For example, where you do not carry out any design and development activities or where measurement traceability, or any subsequent calibration of equipment, is not part of your product or service. These have previously been referred to as ‘exclusions’ however the expectation here is that a justification will be made as to why the clause is deemed to be not-applicable rather than simply being excluded from the QMS.
Section 2: Normative References of ISO 9001:2015
‘Normative references’ simply means any other documents which are referenced within the management system standard. In the case of ISO 9001:2015, there are many references made to ISO 9000:2015 – Quality management systems – Fundamentals and vocabulary.
This document explains the key concepts and defines the core terminology used in ISO 9001:2015. Whilst it is not mandatory to purchase ISO 9000:2015 alongside ISO 9001:2015, it can be valuable in fully understanding the purpose of a QMS and in creation and implementation of your unique system.
There is an assumption throughout the standard that each term used is understood according to its definition described in ISO 9000:2015.
Section 3: Terms and Definitions of ISO 9001:2015
The terms and definitions used in ISO 9001:2015 are taken directly from ISO 9000:2015 – Quality management systems – Fundamentals and vocabulary.
The key terms used throughout the standard are:
‘Product’ – this is the result of a process and may include services or advice. This is essentially what you provide to a customer.
‘Process’ – is a set of interrelated or interacting activities which uses inputs to deliver outputs. Processes are how you operate on a daily basis.
‘Interested party’ – is a person or organization that can affect, be affected by or perceive themselves to be affected by your decisions or activities.
‘Risk’ – is the effect of uncertainty. This can apply to any area of operations not just financial risks.
‘Risk-based thinking’ – is about planning your objectives and actions taking into account the known risks and their potential effects. The ideal situation is to minimise the likelihood or impact of unwanted outcomes.
‘Objective’ – is the result to be achieved. Objectives must be SMART – Specific, Measurable, Achievable, Realistic and Timely.
‘External provider’ – is any provider of external processes, products or services. This includes not only your direct suppliers of materials but also anyone to whom you outsource processes or parts
of processes. For example, an outsourced customer contact service.
‘Documented information’ – is any document, record or other information which is necessary for the operation of processes or is required by the quality management system. It can include photographs, diagrams, videos, process maps, standard operating procedures and can be on any medium i.e. paper or electronic.
‘Audit’ – is a systematic evaluation of whether or not processes are adhered to and whether or not those processes meet the requirements of the standard.
‘Preventive action’ – is action taken to prevent a potential non-conformity or other undesired effect. This is usually a big part of the planning process and is helped along by activities such as process mapping, SWOT analysis and risk assessment.
‘Corrective action’ – is action taken to correct a mistake, or non-conformity, and to deal with any consequences. It should also prevent recurrence of the issue or any other potential issues.
When you write your quality management system documentation, you don’t have to use these exact terms. However, it does help to clarify the meaning and intention if you can define the terms you have used. Providing a glossary within your system documentation may be useful.
Section 4: Context of the Organizations for ISO 9001:2015
Quality management principles have always intended to have a holistic approach to customer focus. Quality control generally only checks what has been done. Quality assurance aims to ensure what has been done is right first time.
Quality management uses the principles detailed above in the introduction to provide a ‘bigger picture’ view of business operations in order to ensure quality is built in from the start and in all areas, not just production or service delivery. Understanding the purpose and strategic direction of your organization is key to being able to establish the customer requirements and resource requirements to achieve your business objectives.
WHAT IS ‘CONTEXT’?
The introduction of a formal analysis of business context has been a challenge for many organizations when implementing ISO 9001:2015. Firstly, understanding what the standard means by ‘context’ and secondly working out how to evidence this for an auditor.
So, to approach the first issue… what is context? In respect of ISO 9001:2015, context refers to a range of factors including:
In short, context describes who you are, what you do, who you do it for, why you do it and where you do it. Whatever ‘it’ is. It could be making a product or providing a service, or a combination of both.
FACTORS AFFECTING THE CONTEXT OF THE ORGANIZATION CAN BE INTERNAL OR EXTERNAL
EVIDENCING CONTEXT ANALYSIS TO AN AUDITOR
ISO 9001:2105 does not specify that your consideration of context must be documented. Your auditor will expect to find some evidence of consideration, much of which will be through documentation such as meeting minutes or business plans. However, there is no requirement for you to provide a specific document in respect of clause 4. The rest of the auditor’s assessment will be established through conversation and observation.
If you do wish to document your consideration of this clause, a SWOT analysis is often a great way of establishing internal and external context. When you pay focused attention to your Strengths, Weaknesses, Opportunities and Threats, you have a clear understanding of where positive action can be taken.
You may have heard of a PESTLE analysis:
- Political
- Economic
- Social
- Technological
- Legal
- Environmental
Carrying out a PESTLE analysis for your organization (as described above) could be an effective way to evidence your consideration of external context. It may also bring up issues you hadn’t previously considered. External issues can often fall outside of your control as an organization.
Understanding these issues and their potential impact on your operations contributes to a thorough assessment of risks and opportunities. Do you know what you would do if your landlord suddenly served you notice to leave your premises? How would a change in legal requirements affect your overheads? What are your competitors doing and should you also be doing the same (or better)?
INTERESTED PARTIES
An interested party is pretty much anyone who is affected, can be affected or can perceive themselves to be affected by an action or omission of your organization. If you’ve carried out a thorough analysis of internal and external context, your interested parties are likely to be already quite obvious. They will include shareholders, landlord, regulators, customers, employees and competitors and may extend to the general public and the environment depending on the nature of your business.
You don’t have to try to understand or satisfy their every whim. That wouldn’t be very practical! You simply have to determine which of their needs and expectations are relevant to your quality management system. What are their key expectations of you and your products/services? How can you incorporate these into your processes and monitoring to ensure optimum performance?
SCOPE OF THE MANAGEMENT SYSTEM
The scope of your management system refers to the physical and / or geographical site within which your operations take place, the products/services included in the QMS, the relevant parties and any areas which you have determined to be not applicable. Your scope statement must be maintained as documented information.
Your scope statement may look something like this:
“Joe Bloggs and Co provide <products / services> for <customers> in <industry>. The quality management system is designed to incorporate all operations at our site in <town/city> with all clauses of ISO 9001:2015 determined as applicable.”
Section 5: Leadership for ISO 9001:2015
Previous editions of ISO 9001 referred to Management. ISO 9001:2015 talks about Leadership. Leadership in this context means active involvement with the QMS, aligning its objectives with overall business strategy and promoting the adoption of risk-based thinking, the process approach and evidence-based decision-making.
These are not actions which can be delegated. An external auditor will expect to discuss leadership with those who manage the organization at the highest level (i.e. your ‘top management’).
DEMONSTRATING LEADERSHIP
Leadership is a term open to interpretation. Leadership in terms of your quality management system refers to promoting the system, the process approach and risk-based thinking.
Ensuring quality objectives are compatible with the strategic direction of the organization. Providing the right resources to achieve these objectives. Communicating the importance of the QMS and engaging and supporting people within the organization to contribute effectively to the QMS. ISO 9001:2015 also refers to leadership at all levels within an organization. This means allowing experts within your organization to develop and demonstrate their own leadership abilities.
The primary focus of ISO 9001 is customer satisfaction. As such, top management are also expected to demonstrate leadership and commitment to customer focus. Carrying out the assessment of context described above helps to ensure all relevant customer and legal requirements are considered and maintained.
SETTING POLICY
A key action in terms of leadership is to set a quality policy which supports the achievement of your objectives. This might include how you select suppliers or partners, how you recruit and train your staff, how you monitor and measure process performance and how you ensure all applicable requirements are satisfied. Your quality policy will also include a commitment to the continual improvement of your quality management system.
ROLES AND RESPONSIBILITIES
ISO 9001:2015 doesn’t specify a requirement for a nominated quality representative. The expectation is that quality activities will form part of the day-to-day activities for most people within the organization. It may help to review your existing job descriptions to ensure these activities are included along with details of where the role has responsibility and / or authority relating to the QMS.
Of course, it makes sense to nominate someone, or a small team of people, to be the main point of contact for the QMS. It certainly makes life easier for an external auditor to have a clear point of contact. However, this is by no means an opportunity for the commitment to be diluted. The point of contact must have suitable authority to manage the system and make continual improvements as determined by the top management.
Section 6: Planning ISO 9001:2015
Clause 6 is all about planning. If you’re not a natural planner, this can seem quite daunting! Effectively, this is the ‘preventive action’ that you may have heard referred to in previous versions of ISO 9001. The difference in this most recent update is its promotion to much nearer the beginning of the standard (it used to be tacked on to the end, like an afterthought).
If you’ve been thorough in your assessment of context and the needs and expectations of interested parties, then the potential risks and opportunities will likely have made themselves quite apparent. You’re looking to answer the following questions:
- What are we trying to achieve?
- What could stop us from achieving our objectives?
- How will we address these issues?
- How can risks be turned into opportunities?
- How can opportunities help us to improve?
- Who will be responsible for actions?
- When will we need to take action by?
- How will we know whether our actions were effective?
ACTION STATIONS!
Addressing risks and opportunities and achieving your quality objectives require an action plan.
Objectives need to be:
- Measurable
- Aligned with your quality policy
- Relevant to the conformity of your products / services
Quality objectives also need to take account of the requirements which you identified in your analysis of interested parties (i.e. they need to meet customer requirements as well as legal / regulatory requirements).
Quality objectives must be communicated and they must be updated as necessary. This is an area where you are expected to maintain documented information.
An effective way to communicate quality objectives is to include them in induction training, display them around your site or electronically via an intranet or similar, incorporate them into supplier contracts (if it’s appropriate to share them outside of your organization).
Your action plan should include:
- What will be done
- What resources will be required (to the best of your understanding at the time)
- Who will be responsible for the actions
- When actions will be completed
- How results will be evaluated
Putting these into a simple matrix can help to clarify the objectives, however if you already record this type of information somewhere else, there is no need for you to duplicate.
MANAGING CHANGE
When you’ve put so much time and effort into all this planning, it would be a shame for an inadvertent change to mess it all up!
In light of this, clause 6.3 expects that any changes that you determine are necessary to the quality management system are carried out in a planned manner. This should take into account the extent of the changes deemed necessary, the potential impact on the existing system, how you will resource the changes and any effect this may have on current roles, responsibilities and authorities.
Section 7: Support
Clause 7 concerns itself with resources. This applies to people, infrastructure and environment as much as physical resources, materials, tools etc. There is also a renewed focus on knowledge as a significant resource within your organization. When planning your quality objectives, a major consideration will be the current capacity and capability of your resources as well as those you may need to source from external suppliers / partners.
PEOPLE
Simply, do you have the right people with the necessary skills / attributes in appropriate roles? If you’re currently missing some specific skills, how do you plan to address this? Will you recruit or will you outsource? If you’re outsourcing, how will you communicate your requirements to your supplier / partner? (more on this later in this section).
INFRASTRUCTURE
This includes determining, providing and maintaining the premises, hardware, software, transportation, storage, technology etc that are needed to carry out your business operations. Ensuring you can cope with customer demands can be helped by the work you did to address clause 4 and clause 6.
ENVIRONMENT
This isn’t referring to the great outdoors. This means providing an environment that is suitable for what you are trying to achieve. Whether that is a factory, office, studio or any other type of working space, make sure you have the right atmosphere to enable you and your employees to operate effectively. Adequate heat, light, airflow, hygiene, noise levels etc all contribute to an effective working environment.
This can also include addressing some of the softer elements such as employee wellbeing, stress-reduction, clear lines of reporting, employee appraisals, rewards systems etc).
MONITORING AND MEASUREMENT RESOURCES AND TRACEABILITY
If measurement traceability is an important factor in your product / service delivery then you must ensure that all monitoring and measuring equipment is fit for the activities undertaken and is suitably calibrated and maintained. You must maintain documented evidence of such equipment being fit for purpose.
ORGANIZATIONAL KNOWLEDGE
There are many lessons learned along the way in business. Many of these lessons can only be learned through experience and having been present at the time. This type of knowledge becomes invaluable to the organization so it makes sense to capture and share this learning.
Keeping records of project plans, product developments, customer feedback, testing records, prototypes, etc all contribute to capturing and sharing internal organizational knowledge.
If you maintain a CRM (Customer Relationship Management tool) then you can also use this as a medium for capturing and sharing knowledge. Circulating meeting minutes, project de- briefs and process documentation also provide opportunity to share essential organizational knowledge.
FORMAL LEARNING AND DEVELOPMENT
Sometimes it may be necessary to acquire additional knowledge to enhance understanding. This could be acquired through formal external learning and development. In which case, ensure you keep training records and note any expiry dates and plan refreshers if applicable.
RECRUITMENT
Another way to acquire additional knowledge can be through specific recruitment. If you choose this route, it can really help to have a clear job description and person specification. This helps to avoid being distracted away from the core skills / knowledge that you wish to attract and can ensure the new recruit can see how they contribute to the QMS from outset.
COMPETENCE AND AWARENESS
We all know that training doesn’t always equal competence. If you implement training, or your recruit people with specific qualifications, have in mind how you intend to assure competence in the role. This could be through observations, appraisals, samples of work produced, a buddy / mentor system or more formal testing.
Ensure you keep records of competence assessments along with evidence of training / qualifications.
Awareness can be addressed through ensuring your QMS is explained during recruitment and induction, at regular appraisal or review meetings with line management, through regular meetings and / or communications relating to quality objectives and progress towards them. The chances are you already do this, don’t feel the need to implement anything over and above.
COMMUNICATION
Utilise your existing communication channels, methods and frequencies. Tailor your communication to your audience to ensure everyone knows what they need to know. Consider who will be responsible for general communication, such as website content, general marketing. Consider who will be responsible for specific communication such as customer / client liaison, product specific literature and the relevant needs of the intended audience.
It’s also worth considering incoming communication. Who is responsible for receiving legislative updates within your organization and making sure they are disseminated to relevant people? Who handles customer enquiries
or complaints?
DOCUMENTED INFORMATION
The standard refers to areas where you must “maintain” documented information and others where you must “retain” documented information. Put simply, maintain means that you must keep it up to date, for example your quality policy and quality objectives. Retain means you must keep records as evidence that you have satisfied that particular requirement.
Version control is an important part of managing documentation. You don’t need to create a fancy system or spend a fortune on clever software. You simply have to ensure that all documents relating to your QMS are easily identifiable, are in a suitable format, are protected from unintended alteration or destruction, and are available to the right people in the right version at the point at which they are needed.
Section 8: Operation
So, after all the planning and risk assessment, we’re ready to move on to the “do” stage. Clause 8 is all about having appropriate control over the creation and delivery your product or service.
ESTABLISHING REQUIREMENTS
The first step is to ensure you have fully understood all the requirements for your product or service. This will involve liaising with customers as well as implementing measures to ensure all applicable legal requirements are met. It is essential that you determine and review your organization’s ability to meet the necessary requirements before you commit to anything.
If you carry out any kind of quoting process, complete tender documentation or submit project plans before you and your customer commit to the work, then this is all suitable evidence of a thorough review of capability to meet requirements. There’s no need to do anything additional.
MANAGING CHANGE
If there are any subsequent changes to requirements or to the product or service agreed, you will need to ensure these are properly recorded and authorised. You also need to ensure the changes are adequately communicated to any relevant parties such as suppliers or partners.
DESIGN AND DEVELOPMENT
Design and development used to be considered only applicable in manufacturing situations. Arguably, services as much as products, are designed and developed to achieve a set of objectives or outcomes for the customer. When designing your product or service, you need to consider the process stages, reviews, authorisations and sign-off, how you will validate and verify the effectiveness of the product or service, the intended life-cycle of the product or service and any post-delivery support you may provide.
You may also need to consider how you will interact with your customer during the design and development process. How involved do they need to be?
ISO 9001:2015 doesn’t dictate that you have to follow any specific process, it’s best to start by documenting what you currently do. Then work from there to see if any improvements are required.
DESIGN AND DEVELOPMENT INPUTS, CONTROLS, OUTPUTS AND CHANGES
When designing or developing your product or service, you will need to consider the legal requirements, any other standards that may apply, the potential consequences of failure and anything you have learned along the development journey.
You will be required to retain documented information on design inputs. Design and development controls refers to any touch points along the design process where validation, verification, testing, authorisation or any form of sign-off or acceptance may be required.
You will be required to retain documented information on design and development control activities.
Once you have determined the design inputs and the necessary controls to assure conformity, you will then need to ensure your outputs meet those requirements. This is the place where you would also keep records of monitoring, measurement, traceability (e.g. of materials or measurements) and acceptance criteria.
This could be in the form of a bill of materials, technical specification or handbook, user guide, process manual, system guide or service level agreement.
Any changes to the design and development of the product or service must be identified, controlled, recorded and communicated to ensure the product or service conforms to the customer and other applicable requirements along with clear authorisation for the changes.
MANAGING EXTERNAL PROVIDERS
Let’s face it, not many of us operate in isolation from other organizations. There are such a wide range of business services available these days that it’s likely you outsource some of your operations or at least rely on a couple of key suppliers to keep things running smoothly. It’s essential that you manage these relationships to mutual benefit.
Your QMS is mainly concerned with external providers and suppliers where their products or services are incorporated with your own. For example, where you outsource a customer helpline, where you buy components for your products
or where you sub-contract the fitting or servicing of your products. It’s not so bothered with the purchase of every-day office consumables, although from a financial perspective it pays to keep a good relationship with these types of suppliers too.
During your considerations of context, interested parties and risks and opportunities, you may find that some suppliers or partners feature quite heavily. These are the ones you need to focus on managing. Do you have an alternative lined up in case of failure of your preferred supplier or partner? Just what will be the impact of a failure on your ability to meet your customer requirements?
Once you understand the potential impact of the actions or failures of these suppliers / partners then you can put appropriate controls in place to mitigate the risks. Perhaps you will visit their premises and carry out a 2nd party audit, or you could build specific controls and review points into contracts and/or service level agreements.
You may find it helpful to categorise your suppliers / partners and highlight the ones which are critical to your operations.
UNDERSTANDING YOUR OPERATIONAL PROCESSES
A simple way to bring together all the necessary steps, resources, risks, monitoring and measurement of your operational processes is through process mapping. By documenting the start and end points, steps, responsibilities and check-points along the way, you can be assured that all customer and applicable requirements are taken into account.
Process maps, or standard operating procedures also make great tools for training your employees and ensuring all roles understand their contribution to the QMS. Understanding how your processes interrelate is also a key part of implementing a coherent quality management system.
CONTROLLING NON-CONFORMANCES
With the right amount of planning and consideration, failures and non-conformances should be minimal. However, they can and do still occur. If at any stage of a process something goes wrong, you need to be able to identify this issue, isolate it and where possible prevent it from reaching the customer.
You might prevent a non-conforming product or service from reaching your customer through immediate correction, quarantine or by obtaining a concession from the customer.
If an issue is identified after the product or service has been released to the customer, then you may need to be able to implement a product recall or at least identify who received the faulty goods or services. Traceability is key here so your records need to be clear and up to date.
You will need to retain documented information on non- conformities including what happened, what remedial actions were taken, any concessions obtained and who authorised actions to resolve the issue.
Section 9: Performance Evaluation
There are three main ways in which performance of a QMS is evaluated. The first being process monitoring and customer feedback, the second being through internal audits and the third being the management review.
PROCESS PERFORMANCE
As an organization you will need to decide what you need to monitor in order to be assured that your processes are operating as intended. You will also need to establish how often you will monitor, what resources will be required and how results will be recorded, analysed and evaluated. This often results in a series of Key Performance Indicators (KPIs) which relate directly to your quality objectives (set in section 6). You will need to retain documented information as evidence of the results of performance monitoring.
CUSTOMER SATISFACTION
As the primary focus of ISO 9001:2015 is customer satisfaction, it makes sense that this is a key source of information on the performance of the quality management system. Obtaining customer feedback on how they perceive their needs and expectations to have been fulfilled can be achieved through both formal and informal measures. For example, you may carry out a formal customer survey periodically, or you may monitor informal feedback such as repeat business, warranty claims, complaints and compliments, conversations with customers.
INTERNAL AUDITS
ISO 9001:2015 determines that internal audits must be carried out at planned intervals. It is for you, the organization to decide what those intervals should be. As an indication, you may wish to audit all processes at least once across an annual period, with higher-risk processes being audited more frequently. The purpose of internal audits is two-fold. Firstly to check that the management system conforms to the requirements specified by you, the organization as necessary for your operations; secondly to ensure conformity to the requirements of ISO 9001:2015.
Audit frequency should also be influenced by the results of previous audits and any changes which you are aware may affect the process. So, if you have a problematic process or area, it would make sense to audit it more frequently for a while until a solution is implemented and has been seen to be effective.
Internal audits are a great opportunity to spend some time investigating a specific process or area and evaluating its performance. It is an ideal way to find areas for improvement and to fix potential issues before they occur. Think of internal audits as keeping your finger on the pulse of your organization. Internal audit findings must be reported to relevant management and naturally form part of the management review agenda.
Where necessary, corrective actions must be taken without undue delay. If a long-term fix requires significant planning and maybe funding approval, consider whether a short-term fix is possible and appropriate.
MANAGEMENT REVIEW
Management review is an essential element of a quality management system. It is the formal point at which top management review the effectiveness of the QMS and ensure its alignment to strategic direction. Management review must take place at planned intervals and an agenda of inputs is specified within clause 9.3.2.
It is not essential for one single management review meeting to take place covering the full agenda. If you currently hold a range of meetings that cover the inputs between them, there is no specific need to duplicate.
However, you may find that a big-picture view is made easier by considering the management review inputs in one meeting rather than separating them. It really depends on the size and structure of your organization and who attends each of the meetings.
Management review meetings commonly take place as an annual event, however much like internal audits, their frequency is not specified by ISO 9001:2015. It’s up to you to decide. During implementation and early stages of settling in to your QMS, it may make sense to hold meetings more frequently.
You will need to retain documented information on your management reviews, these would normally be meeting minutes or perhaps call recordings if you carry out conference calls.
Section 10: Improvement
As we know, the primary focus of ISO 9001:2015 is customer satisfaction. Using the knowledge and evidence gathered through effective monitoring and measuring of processes, the next step is to make improvements to enhance customer satisfaction. These could be improvements to your products or services, to the methods and resources used or to the quality management system itself.
Having checked during internal audits and management reviews that you are measuring and monitoring the right things, this is now your opportunity to adjust the system as you see fit. If you’re sure you’re meeting all current customer requirements, are there amendments you need to make to address future requirements? Are there any areas where you could be more efficient? Perhaps these have been highlighted by your internal audits.
Was any corrective action taken effective at preventing the problem from recurring? If you went for a short-term fix, this is now the time to work on your long-term improvements to solve the issues.
RECORDING NON-CONFORMITY
When a non-conformity does occur, including complaints, you will need to make sure you keep a full record, including what happened, what actions where taken at the time and the results of any further corrective actions implemented. You will need to retain documented information in respect of non-conformity as evidence for your external auditor.
If you already have a system for recording these things, there’s no need to create a new one. Provided you are recording all the necessary information as determined by ISO 9001:2015, your existing records should be sufficient.
CONTINUAL IMPROVEMENT
Continual improvement is a requirement of ISO 9001:2015. However, it doesn’t mean that you must make improvements all the time just for the sake of it. Having your quality objectives aligned with your strategic direction provides unity of purpose and ensures that actions throughout the organization are working together towards the same goal.
A thorough analysis of customer feedback will provide you with ample opportunity to find areas for improvement of products and services. Analysis of process performance provides evidence of areas where efficiency improvement may be made. Process-based audits provide you with a spot light on areas where processes and responsibilities cross over. These are often places where things can get missed, don’t get caught out working in silos.
ROOT CAUSE ANALYSIS
An important part of corrective action is to carry out a root cause analysis in relation to the issue that occurred. If you don’t get to the bottom of why or how it happened, then it’s likely whatever fix you implement will not be fully effective. A simple approach such as “5 Whys” is a good root cause analysis tool. You start with the issue, then ask “Why” enough times to reach the root cause. Usually 5 times of asking is enough but for more complex problems you may need to dig deeper.