home Success stories ISO international quality management system. ISO International Standards System (ISO) and its requirements

ISO international quality management system. ISO International Standards System (ISO) and its requirements

You will learn:

What is the ISO 9001 standard and what are its features?
How much does it cost and how long does it take to prepare a certificate for a quality management system?

ISO 9001 is the most popular set of international standards in the world, created by the International Organization for Standardization. Despite the fact that all ISO standards are only advisory in nature, in approximately 100 countries around the world they are used as the main ones. Part of the ISO package has been approved in Russia, within the framework of official state standards(GOST). The State Committee of the Russian Federation for Standardization, Metrology and Certification (Gosstandart) is a national member of ISO and participates in the work of this organization.

ISO 9001 specifies the minimum set of requirements for quality systems and is used for the purposes certification. One of the main features of this standard is its versatility - it can be applied to any type of activity.

What is the ISO 9001 standard?

ISO 9001, the first version of which appeared in 1987, is the largest world standard dedicated to the creation of a quality management system (QMS). It is based on attention to the needs of the client. Requirements and standards have been repeatedly revised and updated, but the main provisions remain unchanged today.

The main task of the QMS is not control the quality of each individual operation or unit of production, but to develop conditions to minimize errors in work. This approach appeared in the 2008 version of the standard and was developed in the ISO 9001:2015 version.

Formally, the implementation of the ISO 9001 standard is considered voluntary. There are areas of industry, such as the military-industrial complex or aircraft manufacturing, where the implementation of individual elements reflected in industry standards is mandatory.

The standard is based on many concepts and techniques developed by leading experts in quality management. In particular, the sequence of actions that must be performed in the process of implementing and operating a QMS, or the RDCA cycle, was created by the famous American scientist Walter Shewhart.

Based on the provisions of ISO 9001, the enterprise creates a QMS documentation system that regulates all actions that have something to do with the provision of services and the production of tangible goods. The detail of the documentation depends on the needs of a particular enterprise; the only condition is that it must comply with the requirements of the standard. The developed documentation must be rotated with strict adherence to all described procedures. The management of the enterprise must exercise leadership in all major issues. Everything important for successful functioning QMS information must be carefully studied and analyzed.

Product certification: mandatory and voluntary, schemes

Features of ISO 9001

The international standard ISO 9001 is based on several fundamental principles:

Strict customer focus. the main objective implementation of QMS - maximum satisfaction of consumer needs and work for the future. The organization must continually conduct research into the needs and expectations of consumers. The information obtained is subsequently used in the production of products.
Staff Engagement. To achieve all the set goals, it is necessary that each employee knows his place in the production of the product.
Process approach. The QMS includes many interrelated processes. Understanding how this system functions, with all its processes, resources and tools, allows the enterprise to optimize its activities as much as possible and obtain effective results.
Improvement. Every organization at some stage strives to improve its activities. This is an inevitable consequence of reacting to the emergence of new opportunities and changes in external and internal circumstances.
Certification. If the manufactured product meets all requirements, an independent body can provide a certificate of conformity, which will increase the recognition and prestige of the product in the market.

Differences between ISO 9001:2015 and earlier versions

Standard 9001 has been revised several times. After the first version, released in 1987, there were updates in 1994, 2000 and 2008. On this moment The current version is 9001:2015. It differs from the previous ones in a number of ways:

Development of a QMS and setting goals taking into account external and internal factors, determined for each organization separately.
The requirements put forward to the QMS by all interested parties are taken into account.
A risk-based approach has been introduced into the QMS. The use of formal risk management in identifying opportunities and risks is not required. The method is chosen by the organization itself, in accordance with its own needs.
Emphasis on measurement management in the QMS as a whole, including in products and processes of the organization.

Why is standardization needed?

For successful development business needs produce competitive products. Competitiveness is based on continuous development. Competitive fight is becoming even more aggravated with the advent of globalization: with the expansion of the market, the consumer can purchase products from most of the world's manufacturers. As a result, the manufacturer that can offer a quality product at the lowest price survives in the market.

For more effective activities companies, strengthening competitive advantages, searching for new markets and improving the situation in old ones, all areas of activity should be streamlined into unified system management. One of them is the quality control system.

Due to the fact that obtaining an ISO-9001 certificate of conformity occurs on a voluntary basis, the vast majority of companies resort to this in order to solve certain business problems. Among other things, having a certificate of conformity allows a company to put the appropriate certification mark on its product, which affects consumer confidence. Also, having a certificate may become one of the conditions for winning a tender or concluding a contract with foreign companies.

Blue ocean strategy: how to enter the market with a new product and occupy your niche

Implementation of the ISO 9001 quality management system at the enterprise

The ISO TC 176 team, which developed the ISO 9000 standards, proposed the following procedure for implementing a quality management system according to the ISO 9001 standard:

How is certification for compliance with the ISO 9001 standard carried out?

The final stage of QMS implementation is obtaining an official certificate of compliance with ISO 9001. Certification takes place with the participation of bodies accredited under a unified national system, voluntary systems or an international system. The list of national bodies can be viewed on the website of the Russian Accreditation Agency. The list of voluntary certification systems is on the Rosstandart website. If it is planned to be carried out in one of the voluntary systems, the parent body itself determines one of the accredited certification organizations for the applicant.

The legislation does not prohibit the involvement of third parties consulting companies, helping with the creation of new control mechanisms, development of documents and certification. Thanks to professionalism and deferred mechanisms, consulting firms significantly speed up and simplify the process.

Certification can be called an external audit. An independent party evaluates how successfully the product control system operates in production. This inspection takes place in two stages - documentary and on-site assessment independent expert certifying body and a specialist from Rosakcreditation or another certification system.

If the submitted documents and the activities of the applicant company fully comply with all existing requirements, a certificate is issued stating that the enterprise has created and implemented a QMS.

Time frames and cost of obtaining a certificate for a quality management system

The time required for the full implementation of the 9001 quality management system at an enterprise is calculated individually. In most cases, this can take from several months to several years. After implementation, the compliance of the QMS with existing standards is assessed, following which a certificate is issued. This stage takes up to two weeks, the exact period depends on the size of the enterprise and the number of employees.

The ISO 9001 certificate is issued either according to international rules or national ones. In the first case, it is issued by an international certification body - for example, TÜV Thuringen or Afnor. In the second - accredited certification bodies or voluntary systems. If the company works exclusively for domestic market, it is enough to issue a national document. If your plans include cooperation with foreign partners or attracting investments from abroad, the international certificate ISO 9001 is more preferable. Depending on the number of employees of the enterprise, the preparation of the document may require from 15 to 250 thousand rubles.

5 rules for creating a successful business that others don’t know about

Documentation according to ISO 9001 standard

One of the main aspects of meeting international ISO standards 9001 is considered documentation. The organization's responsibilities include:

The form and storage medium of documents does not matter. The degree of documentation of each stage directly depends on the size of the enterprise, the competence of personnel, and the complexity of production processes.

In conditions of fairly fierce competition, the introduction of certain quality guarantees is fundamental and decisive when a buyer or consumer chooses the services and products of a particular company. In this case, the best and main guarantee is the certification of quality management systems and the receipt of the ISO 9001 series standard.

ISO standards in Russia, including the most famous standard ISO 9001, combine many years of experience in most countries of the world in the field of quality system management and are the latest versions of assessing criteria for managing all work and production processes in enterprises.

ISO 9001 Certificate is an official document confirming full compliance of the current quality management system with the requirements specified in the international standard ISO 9001.

Today, having gone through a whole range of various additions and modifications, the international standard ISO 9001 has become fully adapted and harmonized in accordance with current European standards and is aimed at maximizing the quality of products (services provided).

The ISO 9001 standard has a clear structure consisting of 8 sections:

The first three sections of the standard are official and do not contain requirements or standards.

The main purpose of the ISO 9001 standard is to actively encourage proper organization various production processes and the work of the company as a whole to meet specific legal requirements and the most complete satisfaction of the desires and requests of consumers and partners.

The implementation of a QMS based on the receipt of ISO 9001 standards confirms that:

the company’s personnel are well aware of their duties, rights, powers and responsibilities, and also have the necessary competence to perform their work in a higher quality, efficient and correct manner;
the company has predetermined processes that affect the quality of products;
all production processes are regulated and provided with all necessary resources;
conditions have been created for the competent implementation of the production infrastructure and environment, as well as the high-quality work of the enterprise’s employees;
system for preliminary collection and further analysis of information about production processes, customer and product satisfaction, is optimally adjusted and provides objective information for timely making the necessary decisions to improve the work of personnel and the enterprise itself;
a motivated system focused on quality has been created;
work processes were organized with subsequent focus on the expectations of the end user, including implementation latest technologies that improve consumer properties, parameters and characteristics of manufactured products;
are being implemented internal audits capable of ensuring continuous improvement of processes and activities;
The company has established records management and document flow;
the organization pays special attention to competent work with suppliers and partners;
the top management of the organization is familiar with the level of quality and bears full responsibility for it;
the enterprise sets and develops quality goals and regularly plans to achieve them;
the company has a well-functioning system of responding to claims and complaints made by customers and clients (developing effective measures to eliminate shortcomings and failures);
There is a continuous improvement process in place to ensure sustainable development of the company.

For each organization, the project for developing quality systems in accordance with the ISO 9001 standard is unique and is determined based on its size, types of activities, presence of a branch network, features organizational structure, the level of development of the existing and current management system, etc.

Stages of standardization in accordance with ISO 9001

The process of standardization according to ISO 9001 itself is not a complete guarantee of the quality of a service or product, but provides only a set of norms and rules for the implementation of civilized activities of an organization in compliance with standard and universal step-by-step steps.

The stages of the project for the implementation and development of ISO 9001 series standards consist of the following main activities:

preparatory stage – creation of technical specifications, calendar plans, administrative registration of work, project management plan;
assessment of the current quality management system (QMS) of the organization;
conducting training and special training for employees and responsible officials in company;
regulation of processes and determination of the QMS process model;
development of QMS documentation and organizational management structure;
creating a process for improving the QMS;
performing a cycle of internal audits;
implementation of ISO 9001 certification.

A competently and correctly developed and implemented quality management system, as well as its subsequent certification in the ISO system, provides a number of economic and strategic advantages for business owners.

Key benefits of being ISO 9001 certified

The high level of competitiveness of an enterprise and its products or services on the market is directly influenced by regular and continuous improvement of the company’s activities as a whole. This ensures a uniform improvement in the quality of products and services offered. The basic norms and rules in this area are determined by the well-known international standard ISO 9001, which is evidence of the company’s production of goods High Quality and compliance of its technologies and activities with international standards.

A company that owns this certificate has a number of undeniable advantages over other enterprises that do not have a similar standard, namely:

achieving a high level of quality allows you to reduce total cost products, as well as reduce costs for defective products;
significant improvement and optimization of current business processes;
increasing the level of cooperation;
actively improving the quality of staff work;
opportunity to streamline activities structural divisions enterprises;
the possibility of obtaining government orders and the company’s entry into the international external consumer market;
increasing trust on the part of financial and insurance organizations, which influences the investment of large investments in the development of the enterprise.

Based on this, an organization or company that adheres to the conditions and requirements of this certificate receives many useful opportunities, ranging from effective competition with other manufacturers to a significant increase in the quality of the manufactured product or service provided. Even these two basic parameters can maximize and increase the company's profits. The ISO 9001 standard in this regard is a worthy guarantee of the success, longevity and prosperity of the manufacturer.

Standardization according to ISO 9001 does not replace the need to issue separate certificates for certain types of goods, products and services included in the list of categories requiring mandatory certification.

ISO 9001 standard

ISO 9001 standards are international standards that describe the requirements for the quality management system of organizations and enterprises. ISO 9000 standards include ISO 9001 standards, the demand for which is increasing every day. This is the current version of ISO9001:2008 “Quality management systems. Requirements." This is the only standard to which certification can be achieved. This procedure is not mandatory certification and is carried out at the request of the applicant.

It is worth noting that the ISO 9001:2008 standard is successfully used by organizations of any size; it has been successfully implemented by more than 1 million companies in 170 countries. The use of the ISO 9001:2008 standard ensures that the buyer receives high quality products and services, which leads to increased sales growth and business success. In addition, the implementation of the ISO 9001:2008 standard can help check the performance of the entire system as a whole, improve its effectiveness, motivate, involve senior management and reduce losses.

An important feature of the ISO 9001:2008 standard

An important feature of the ISO 9001:2008 standard is that it does not imply uniform quality management systems and accompanying documentation describing them. Therefore, by implementing a quality management system based on the ISO 9001:2008 standard, you can be sure of exceptional individuality and see for yourself how flexible this system is. After all, the development and implementation of an organization’s quality management system is influenced by: the size of the organization, the products manufactured, the structure of the organization, applicable processes, changing needs, specific goals, external environment, changes or risks associated with this environment.

The ISO 9001:2008 standard is safely used by organizations of all sizes and has been successfully implemented by more than 1 million companies in 170 countries.

The ISO 9001:2008 standard aims to apply a process approach in the development, implementation, and subsequently improvement of the effectiveness of a quality management system in order to increase end-customer satisfaction by predicting and meeting its requirements. The benefits of a process approach are countless. First of all, this is the continuity of control, which is achieved through combinations and interactions at the junction of individual processes.

This approach helps to better understand and fulfill requirements, achieve planned results, ensure their effectiveness, and improve the process by objectively assessing and measuring it. Also, in addition to the process approach, the implementation of a quality management system based on the ISO 9001:2008 standard to all processes in the organization can allow the application of the “Plan – Do – Check – Act” cycle. This cycle can be briefly described as:

planning (plan) - development of goals and processes necessary to achieve results in accordance with customer requirements and organizational policies;
implementation (do) – implementation of processes;
check - continuous monitoring and measurement of processes and products in comparison with policies, goals and product requirements and reporting of results;
action (act) – taking action to continuously improve process performance.

The timing and cost of implementing the ISO 9001:2008 standard depend on individual characteristics Your type of organization and degree of functioning of the system's actions. In most cases it does not take more than 2 weeks. If you are still in doubt, you can order a free consultation with our specialists ( There should be some kind of “click” button here). With their help, you can choose the certification system that best suits your organization.

And don’t let the lack of standard prices scare you, this only means that we approach each case separately, weigh the uniqueness of the situation and take all possible measures to optimize the implementation of the ISO 9001:2008 standard. By contacting us, you are guaranteed to receive a unique offer that will allow you to improve existing processes and establish careful control, and most importantly, increase the position of your organization/company in the market.

Upon completion of the work you receive from us:

ISO 9001:2008 certificate in Russian and English;
permission to use the quality mark;
quality manual for your organization;
organizational standards for your organization.

Remember that working with us will help you reach new heights!

GOST R ISO 10007-2007

Group T59

NATIONAL STANDARD OF THE RUSSIAN FEDERATION

Organisation management

CONFIGURATION MANAGEMENT GUIDELINES

Organization management.
Guidelines for configuration management

Date of introduction 2008-06-01

Preface

Goals and principles of standardization in Russian Federation established by Federal Law of December 27, 2002 N 184-FZ "On Technical Regulation", and the rules for the application of national standards of the Russian Federation - GOST R 1.0-2004 "Standardization in the Russian Federation. Basic provisions"

Standard information

1 PREPARED Open joint stock company"Research Center for Control and Diagnostics technical systems" (JSC "National Research Center KD") and the Technical Committee for Standardization TC 10 "Advanced production technologies, management and risk assessment" based on its own authentic translation of the standard specified in paragraph 4

2 INTRODUCED by the Development Department, information support and accreditation of the Federal Agency for Technical Regulation and Metrology

3 APPROVED AND ENTERED INTO EFFECT by Order of the Federal Agency for Technical Regulation and Metrology dated November 14, 2007 N 302-st

4 This standard is identical to the international standard ISO 10007:2003 "Quality management systems - Guidelines for configuration management".

The name of this standard has been changed relative to the name of the specified international standard to bring it into compliance with GOST R 1.5-2004 (subsection 3.5).

When applying this standard, it is recommended to use, instead of reference international standards, the corresponding national standards, information about which is given in Additional Appendix B

5 INTRODUCED FOR THE FIRST TIME

Information about changes to this standard is published in the annually published information index "National Standards", and the text of changes and amendments is published in the monthly published information index "National Standards". In case of revision (replacement) or cancellation of this standard, the corresponding notice will be published in the monthly published information index "National Standards". Relevant information, notices and texts are also posted in information system for general use - on the official website of the Federal Agency for Technical Regulation and Metrology on the Internet

Introduction

The purpose of this standard is to improve understanding of the configuration management process.

Configuration management is an activity aimed at applying technical and administrative management process life cycle products, product configuration elements, and product configuration-related data.

Product configuration must be documented to provide identification and traceability of the status of fulfillment of physical and functional product requirements and access to accurate data at all stages of the life cycle.

Configuration management depends on the size of the organization and the nature and complexity of the product.

Configuration management can be used to meet the product identification and traceability requirements specified in ISO 9001:2000, Quality management systems — Requirements.

1 area of use

This standard provides guidance on the application of configuration management. The standard is intended for use at all stages of the product life cycle from concept to disposal.

Responsibilities and authorities must be assigned before describing the configuration management processes, which include configuration management planning, configuration identification, change management, configuration status accounting, and configuration auditing.

The standard is not intended for certification or contracting purposes.

2 Normative references

This standard uses normative reference to the following standard:

ISO 9000:2005 Quality management systems. Fundamentals and Vocabulary

3 Terms and definitions

This standard applies the terms and definitions of ISO 9000, as well as the following terms with their corresponding definitions:

3.1 change management change control: Product control activities following formal approval of product configuration data (see 3.9).

3.2 permission to deviate(concession): Permission to use or release a product that does not comply established requirements.

Notes

1 Authorization to deviate generally applies to the supply of products with non-conforming characteristics and subject to agreed time or quantity limits for the product.

[cm. ISO 9000:2005 definition 3.6.11].

2 Authorization to deviate does not affect the basic configuration (see 3.4) and includes permission to manufacture products that do not conform to specified requirements.

3 Some organizations use the terms “waiver” or “deviation” instead of “permission to deviate”.

3.3 configuration configuration The interrelated functional and physical characteristics of a product, as specified in the product configuration data (see 3.9).

3.4 basic configuration baseline configuration: Validated product configuration data (3.9) that establishes the interrelated functional and physical characteristics of a product at a specified point in time and is used as a reference at all stages of the product life cycle.

3.5 configuration item(configuration item): A configuration object (see 3.3) that performs a complete function.

3.6 configuration management(configuration management): Coordinated actions aimed at creating and controlling configuration.

Note - Configuration management typically includes technical and administrative activities related to product management and configuration requirements at all stages of the product life cycle.

3.7 configuration status reporting configuration status accounting: Records and reports in a specified form of product configuration data (see 3.9), the status of proposed changes, and the progress of approved changes.

3.8 responsible executive dispositioning authority: A person or group of persons with the necessary authority and entrusted with the responsibility for making configuration decisions (see 3.3).

Notes

1 The responsible executives are also called the “configuration management committee”.

2 Relevant stakeholders inside and outside the organization should be represented as accountable stakeholders.

3.9 product configuration data*(product configuration information): Requirements for the design, production, verification, operation and maintenance of products.
________________
* Data is provided in the product configuration documentation.

4 Configuration management responsibilities

4.1 Responsibility and authority

The organization shall identify and describe the responsibilities and authorities associated with the implementation and verification of the configuration management process. The following must be taken into account:

- complexity and nature of the product;

- requirements for products at various stages of the life cycle;

- boundaries between various types activities directly involved in the configuration management process;

- other interested parties inside and outside the organization;

- identification of those responsible for verifying actions to implement the configuration management process;

- identification of responsible executors.

4.2 Responsible executor

Before approving changes, the responsible executive, within the scope of his authority, must verify the following:

- the need for the proposed change and the acceptability of its consequences;

— properly documenting and classifying the change;

- sufficiency of planned actions to introduce changes to documents, hardware and/or software.

5 Configuration management process

5.1 General provisions

To increase process efficiency, it is important that configuration management activities are coordinated.

The configuration management process must be focused on customer product requirements and must take into account specific production conditions. The configuration management process should be detailed in the configuration management plan. The configuration management plan should specify all procedures defined in the project and the extent to which they will be applied at all stages of the product life cycle.

5.2 Planning configuration management

Configuration management planning is the foundation of the configuration management process. Effective planning allows configuration management activities to be coordinated in specific situations throughout the product life cycle. The output of the product configuration management planning process is a configuration management plan.

The product-specific configuration management plan should:

- be documented and approved;

- be manageable;

— identify the configuration management procedures used;

- include references to relevant applicable processes within the organization (as appropriate);

- contain an updated description of responsibilities and authorities responsible persons to maintain the configuration management process at all stages of the product life cycle.

The configuration management plan can be a separate document, or part of another document, or consist of several documents.

In some situations, an organization may need the vendor to provide its configuration management plan. An organization can maintain plans such as individual documents or include them in own plan configuration management.

Appendix A provides examples of the structure and content of a configuration management plan.

5.3 Configuration identification

5.3.1 Product structure and selection of configuration elements

The selected configuration elements and their relationships should describe the structure of the product.

Configuration items must be identified using established criteria. Configuration elements must be selected such that the functional and physical characteristics can be independently controlled to achieve full performance of the element's end function.

When choosing a criterion, you must consider:

- criticality of configuration elements in relation to risk and safety;

- application of new or modified technologies, design or development;

- relationships with other configuration elements;

- conditions for purchasing configuration elements;

- product support and servicing.

The number of configuration items selected should be optimal for product control. The selection of configuration items should begin as early as possible in the product life cycle. Configuration items must be analyzed to improve and upgrade products.

5.3.2 Product configuration data

Product configuration data includes product descriptions and performance characteristics. Typically, product configuration data includes requirements, technical specifications, project documentation, list components, software documentation, models, test requirements, manual maintenance and operation.

Product configuration data must be relevant and traceable. Product configuration data must be assigned a unique identifier (eg a numeric code). Identification must be clear and unambiguous, ensure proper management of configuration items, be based on the organization's existing data management identity, and provide for the revision status of documents and data.

5.3.3 Basic configuration

The baseline configuration consists of approved product configuration data, which provides data for defining product requirements. The base configuration and approved changes to it represent the current approved configuration.

A baseline configuration should be established whenever necessary during the product life cycle to determine recommendations for future activities.

The level of detail in which products are specified in the basic configuration depends on the degree of control required.

5.4 Change management

5.4.1 General

Once product configuration data has been initially established, any changes to product configuration must be managed. The potential impact of changes, customer requirements, and baseline configuration influence the degree of control required to implement a proposed change or apply a variance.

The change management process must be documented and include:

- description of the process, supporting documents and records of changes;

— classification of the change in terms of its complexity, required resources and planning for implementation;

- assessment of the consequences of the change;

- a detailed description of how the change should be prepared;

- a detailed description of how the change must be implemented and verified.

5.4.2 Initiation, identification and documents required for changes

The change may be made by the organization, the customer, or the supplier. Before submitting a change to the Designated Responsible Person for evaluation (see 4.2), all proposals for change shall be identified and documented. Proposed changes should include the following:

— the configuration item(s) and associated information(s) that need to be changed, including a detailed description of their name and current revision status;

- description of the proposed change;

— a detailed description of other configuration items or information that may be affected by the change;

- the interested party who submitted the proposal and the date of its preparation;

- the reason for the change;

- category of change.

The status of the change procedure and related decisions must be documented. A typical method of documenting a change is to use a standard form, which is assigned a unique identification number for ease of identification and traceability.

5.4.3 Assessing change

5.4.3.1 The proposed change must be evaluated and documented. The assessment should be based on product complexity, category of change and should include:

- technical advantages of the proposed change;

- risks associated with change;

- Potential impact on contract, schedule and costs.

5.4.3.2 When determining the impact of a change, the following factors should also be considered:

- established legal and mandatory requirements;

- interchangeability of configuration elements and the need for their re-identification;

- relationship between configuration elements;

- testing, control and manufacturing methods;

- inventory and procurement;

- activities related to supplies;

- requirements for customer service.

5.4.4 Distribution of responsibilities

A process for assigning responsibilities for introducing and implementing a change should be established, which includes assigning a responsible person (see 4.2) for each proposed change. The category of the proposed change should be taken into account.

After evaluating the proposed change, the responsible person should review the evaluation and decide on the allocation of responsibilities for presentation and implementation.

The assignment of responsibilities must be recorded. Notice of the assignment of responsibilities should be distributed to interested parties inside and outside the organization.

5.4.5 Execution and verification of change

Completing an approved change usually involves:

- changes in requirements for product configuration, given in the interests of interested parties;

— actions taken by relevant interested parties (inside and outside the organization) associated with the change.

Once the required actions have been completed, their compliance with the approved change must be verified. This verification must be recorded to ensure traceability.

5.5 Accounting configuration status

5.5.1 General

The output of configuration status activities is records and reports regarding product requirements and product configuration data.

The organization shall implement configuration status activities across all stages of the product life cycle to maintain and ensure an effective configuration management process.

5.5.2 Records

5.5.2.1 Records of configuration status shall be maintained during configuration identification and change control activities. These records are necessary to provide visibility, traceability, and efficient management of configuration improvements. Typically they include the following:

- detailed data on the product configuration (identification number, name, effective date, revision status, history of changes and their inclusion in the basic configuration, etc.);

- product configuration (part numbers, product design or design status);

- status of acceptance of new product configuration data;

- procedures for making changes.

5.5.2.2 Specified product configuration data shall be recorded in a manner that is identifiable through cross-referencing and interrelationships necessary to achieve specified reporting (see 5.5.3).

5.5.2.3 To ensure the integrity of product configuration data and the basis for change management, it is recommended that configuration items and associated data be aligned with external influencing factors, including:

- meet the required conditions (hardware, software, data, documents, drawings);

- provide protection against damage or unauthorized changes;

- provided disaster recovery facilities;

- allowed for repairs.

5.5.3 Reports

For configuration management purposes, types of changes should be reported. Such reports can cover both individual configuration elements and entire products.

Typically reports include:

- a list of product configuration data included in the basic configuration;

- list of configuration elements and their basic configuration;

- a detailed description of the current revision status and history of changes;

- status of reports on changes and permissions to deviate;

- a detailed description of the status of the delivered and repaired products (or their elements) with identifiers ensuring traceability and their revision status.

5.6 Configuration audit

A configuration audit shall be performed in accordance with documented procedures to determine product conformity with specified requirements and product configuration data.

There are generally two types of configuration audits:

- functional configuration audit (formal examination to verify that a configuration item has achieved the functional and performance characteristics specified for it in the product configuration data);

- physical configuration audit (formal examination to verify that a configuration item has achieved the physical characteristics specified for it in the product configuration data).

A configuration audit may be required before formal acceptance of a configuration item. A configuration audit does not replace other forms of inspection, analysis, testing or control, but may take into account the results of these activities.

Appendix A (for reference). Structure and content of a configuration management plan

Appendix A
(informative)

A.1 General provisions

The structure of the configuration management plan should include the individual sections discussed in A.2-A.7 of this appendix. A.2-A.7 also provides recommendations on the content of sections.

A.2 Introduction

The configuration management plan should include an "introduction" section containing general information. The introduction usually describes:

— the purpose and scope of the configuration management plan;

- a description of the product configuration and its element(s) to which the plan applies;

- schedule with deadlines for the execution of main configuration management activities;

- description of configuration management tools (eg information technology);

- documents used in conjunction with the plan (eg supplier configuration management plan);

- list of required documents and their relationship.

A.3 Policy

The configuration management plan must contain a detailed description of the configuration management policy, which must be agreed upon with the customer or suppliers. The policy is the basis for the main configuration management activities within the contract, such as:

- development and communication to personnel of a policy on configuration management and management of related activities;

- organization of work, distribution of responsibilities and powers of stakeholders;

- ensuring the necessary qualifications and training of personnel;

- establishing criteria for selecting configuration elements;

- frequency of release, distribution and management of reports within the organization and with the consumer;

- establishment of terminology.

A.4 Configuration identification

The configuration management plan must contain detailed description details:

- family tree of configuration elements, specifications and other documents;

- numbered symbols, adapted for specifications, drawings, variances and changes;

- method for identifying revision status;

- the basic configuration to be installed, the schedule and type of product configuration requirements;

- method of use and distribution of serial numbers or other methods of identification and traceability;

- implementation of procedures for developing requirements for product configuration.

A.5 Change management

- relations of responsible executives (see 4.2) of the organization with other interested parties;

- change control procedures until the baseline configuration is established in the contract;

— methods used in change procedures (including procedures for customer- or supplier-initiated change) and when dealing with variance authorization.

A.6 Accounting for configuration status

The configuration management plan should contain:

- methods for collecting, recording, processing and maintaining data necessary for maintaining and accounting for configuration status records;

- defining the content and form(s) for complete reporting of configuration status.

A.7 Configuration audit

The configuration management plan should contain:

- list of audits carried out, frequency of their implementation in accordance with the project schedule;

- configuration audit procedures used;

— the powers of relevant interested parties (inside and outside the organization);

- determination of the form of audit reports.

Appendix B (for reference). Information on the compliance of national standards of the Russian Federation with reference international standards

Appendix B
(informative)

Table B.1

Electronic document text
prepared by Kodeks JSC and verified against:
official publication
M.: Standartinform, 2008

The ISO 9000 series of standards, which describe a quality management system model, are designed to help organizations consistently provide customers and other interested parties with products or services that can meet their requirements and expectations. This series of standards was created by a committee of the International Organization for Standardization - ISO; based on these standards national organizations for standardization, national analogues can be developed, in particular, in Russia these are GOST R ISO standards of the 9000 series.

The ISO 9000 standard defines the basic provisions and principles of quality management, which provide the basis for the development and maintenance of a quality management system, specific requirements which are formulated in the ISO 9001 standard.

Organizations that seek recognition of their quality management system can use this standard to independent assessment, they can also be used to demonstrate execution contract requirements.

Organizations can receive an independent external assessment from a third party - a certification body - by undergoing an appropriate audit. More than a million organizations around the world have certified quality management systems, confirming the effectiveness of the ISO 9001 standard as one of the most common tools for building a management system.

The IS0 9000 series includes:

ISO 9000 Standard – Fundamentals and Vocabulary. The standard is intended to establish a common understanding of the terms and concepts used in the ISO 9000 series of standards.

ISO 9001 Standard - Requirements. The standard defines the requirements that organizations' quality management systems must meet. Being general and universal, the ISO 9001 standard can be applied to any business and is suitable for all organizations, regardless of their field of activity, size, form of ownership, geographical location.

ISO 9004 - Guidelines for improving performance. The standard contains recommendations based on eight quality management principles that have been developed for managers to improve the organization's performance and meet the requirements of all stakeholders.

ISO standards are structured to be easily integrated into an organization's existing management system to meet and exceed customer requirements and expectations. Thanks to latest version standard, which came into force in 2015, was developed taking into account the so-called high-level structure that underlies all the most commonly used standards that define the requirements for various management systems of organizations, ISO 9001 has become much more easily compatible with standards such as ISO 14001 (requirements for environmental management systems), ISO 45001 (requirements for occupational health and safety management systems), ISO 39001 (requirements for safety management systems traffic), ISO 27001 (requirements for management systems information security), ISO 20000 (requirements for an IT service management system) and others

Benefits from implementation and certification

increasing customer satisfaction by fulfilling their requirements;
increasing the efficiency of the organization’s internal processes;
continuous improvement of the organization's processes by identifying and eliminating losses in the implementation of activities;
improvement internal communications, planning and distribution mechanism material resources;
increasing staff motivation due to transparency and clarity of work performed functional responsibilities;
enriching staff knowledge in the field of quality;
cost reduction by increasing productivity, improving the quality of manufactured products, services provided and reducing the level of defects;
continuous improvement of the organization's activities through the use of modern instruments quality management;
increasing the competitiveness of the organization in the Russian and global markets