ISO 9001:2015 External Issues

What is the new requirement?

Clause 4.1 of ISO 9001:2015 requires the organisation to;

“determine external and internal issues that are relevant to its purpose and its strategic direction and that affect its ability to achieve the intended result(s) of its quality management system”

and that the organisation shall;

“monitor and review information about these external and internal issues”

In this post I will explore what that actually means and offer some suggestions and examples of how an organisation might demonstrate conformance to this requirement, focussing in this post specifically on external issues. For more background information on the wider requirement and on internal issues, you might find some useful guidance in this earlier post.

Determining and Reviewing External Issues Systematically

Let’s face it, most organisations will have a fairly intuitive grasp of the most pertinent external factors that affect the success and operation of its processes. You learn that by trial, error and often bitter experience. The challenge that management system conformance and certification throws at you is to be able to demonstrate that this important dynamic is processed somehow systematically and in an auditable way. It’s all very well simply “knowing” what they are and “naturally taking them into account on an ongoing basis” but that’s not really systematic or auditable, and therefore, for certification purposes, not much of a response. So what are the alternatives?

PEST Analysis

Some organisations I work with use a periodic PEST analysis to apply a framework to this exact process. Like a SWOT analysis (Strengths-Weaknesses-Opportunities-Threats) its an acronym, and works in exactly the same way – to add structure to the review process, forcing management to revisit specific areas. So what is PEST?

I’ll have a “P” please, Bob

P is for POLITICAL. The P in PEST encourages the organisation to consider the political issues that can have a positive or negative affect on how the organisation works, so what could that include? Well, the recent decision of the UK to exit the EU is a massive and (at the time of writing) a major political event that could have significant effects on how an organisation operates. It will probably affect trade relationships (for better or worse we don’t yet know!), it may well also affect the organisations ability to recruit and employ non-UK citizens. Additionally, if the organisation receives a lot of its income via projects funded by, say, the European Social Fund (ESF), then the Brexit implications could well be severe. Other examples could include trade sanctions status. If the organisation has significant trade interests with, say, Iran or Russia, it would certainly need to keep in view the current nature of sanctions relevant to their operations which, at various points in time, may even become illegal. There are also ongoing domestic political issues that affect organisations. Public Sector bodies are always affected by current Government Policy, which sets both Public Sector policy and provides (or doesn’t) funding.

Gimme an “E”

E is for ECONOMIC. Economic factors affect virtually every organisation, but they aren’t the same for everyone and the scale is different for everyone, so what are the common examples? Well, the price of commodities is often a big issue. Oil prices on the world market have been depressed for some time. For some companies (for example those directly involved in the extraction of oil from the ground, and providing support for companies that do), the effects lately have been adverse and significant. Rates of pay have been cut, operations have been scaled back and people have lost their jobs. All these trends may of course be reversed as and when the oil price returns to a certain value, but clearly the oil companies need to monitor this very carefully, as the entire viability of their operation is reliant on that issue. However the fall in oil prices have not been bad for everyone. Organisations that produce chemicals that are derived from oil have seen the fall in price work in their favour – their costs have reduced. Transportation costs have also reduced as a consequence of falling fuel prices. However it’s not all about the price of commodities. Other economic factors that can affect the viability of the operation are trading conditions (often as a result of political issues), the availability of alternative options for customers and the price of alternatives (cheap imports, for example), or simply the liquidity of an organisation at a point in time and how much cash on hand it has.

“S” is for …

SOCIAL. Some organisations are affected significantly by social factors. Some products are massively affected by social trends. What may be the pinnacle of fashion one week, may be the least desirable thing to possess one month later (selfie sticks, shell suits, Gary Glitter CDs …). In understanding social trends, it is clearly important that the organisation understands the things that influence trends. For example, the ingredients used by TV chefs in their recipes significantly affect demand for that ingredient almost overnight, while a food scare (processed meat, saturated fat in fast foods) might affect consumer behaviour, for a time, in a very negative way. Obviously many large fast food, beverage and cosmetics companies actively seek to affect, manipulate or even dictate trends, and invest very heavily in doing it, so important a factor that it is. The demand for other products and services can be very seasonable or weather dependent (ice cream, lawn mowers, outdoor equipment …). This will obviously have an impact on production levels and also recruitment, which itself may be very seasonal. Bear in mind that what may be out of fashion in one market, may be the height of fashion in another (apparently in some countries they still LOVE Old Spice!). Companies that provide products and support of a medical nature will be affected also by world events such as outbreaks of diseases such as SARS or Ebola, so naturally they would need contingency plans to be able to move quickly whenever the World Health Organisation puts up a red flag.

“T” is for ….

Technological. Some companies are heavily impacted by technology, and will need to work hard to stay up to date with developments. Technology has a habit of (very quickly) creating new markets, drastically changing others and, at the same time, wiping others out in the blink of an eye. On a less dramatic level organisations may simply keep an eye on technological advances to see if better ways of working are being made possible (new machinery or ways of communicating, for instance) or even offering more user friendly options for maintaining a management system! This can include the use to a greater or lesser degree of cloud based storage systems, software and dashboard applications to replace documented procedures, using tablets with integrated templates to write up your audits and so on.

Anyway, I hope this post has given you some food and direction for your thought processes as you face your transitions. Done correctly, it is a review process that can add significant value to the efficiency of the organisation’s strategic processes.

Shaun Sayers

This entry was posted in Auditing, ISO 9000, ISO 9001:2015 and tagged , , , , , , . Bookmark the permalink.

10 Responses to ISO 9001:2015 External Issues

  1. Dimeji Folami says:

    Awesomely presented!
    Unfortunately, they do all these things on their heads but writing and analysing on the pad is the main issues.
    They are principal strategic issues to be considered in all businesses.

  2. Shaun says:

    Thing is, Dimeji, I think they ARE considered in some way by all businesses at a strategic level. Not always systematically, not always in an auditable way, or consistently or even very well, but they are virtually always “done”. The problem as I see it with transition is aligning it with the QMS as some companies keep “strategic” and “QMS” reviews separate.


  3. Ashok Deobhakta says:

    Dear Mr. Shaun,
    Very well researched article!
    It will get more difficult for organisations to think about the complicated issues and implement in their systems. The more they think over these issues, the more complications will get in their implementation. With the level of documentation-getting lesser and lesser- it will be equally difficult for the auditors to do their home work. Let us hope things get lined up fast. In any case, an organisation would require a ISO 9001 specialist to advise them for research and advise. This was not so till recently.
    But enjoyed reading every bit of your post.
    Ashok Deobhakta

  4. Shaun says:

    Thanks for taking the time to read and comment, Ashok. It is a bit of a game changer, but it is important to realise that while the requirement for “documented procedures” has been parred back, there is still a heavy requirement for auditable controls. I think one challenge for some older auditors will be to keep up to date with technology, otherwise they will simply not be competent. Years ago, for example, if you were to audit a design function, you’d have a documented design procedure. These days you are more likely to be taken to view records and controls within a software program – with no “documented procedure”. If you don’t understand the software, you can’t do the audit.


  5. Neil Thomas says:

    Interesting blog Shaun and indeed the concepts; some of which are alien to me but I’m sure will become second nature over the next week…..

  6. Shaun says:

    Hoping things are starting to become clearer now, Neil

  7. John Andrew says:

    I think in the near future we will see another update to ISO and I hope organizations around the world (the ones who currently don’t) understand how much they can benefit from ISO 9001.

  8. Shaun says:

    Thanks for taking the time to read and comment John, however I wouldn’t hold your breath regarding the update in the near future. The transition period for this revision has two more years to run yet, and the very lengthy consultation process for the next revision is also some years off even starting. Let’s see how this one pans out first.

    Shaun Sayers

  9. I learned a lot from this blog post. Thanks for sharing valuable difference between ISO 9001:2015 and ISO 9001:2008. Thanking you ISO 9001 Consultants delhi.

  10. Shaun says:

    Thanks for taking the time to read and comment, Praveen. I’m glad you found it useful

    Shaun Sayers

Leave a Reply

Your email address will not be published. Required fields are marked *