ISO 9001:2015 Section 8.5.1.f

I am transitioning from an ISO 13485 company to a 9001 company and was curious how the 9001 group interprets section 8.5.1.f of ISO 9001:2015. I know in ISO 13485, the expectation is that if you are not performing 100% verification, you must validate. Is that the same in 9001, or is it more aligned with the verbiage to only require validation on what cannot be subsequently measured. 

Any advice available is appreciated. 

4 Replies
Great question and a critical one I think.  I am currently in a Med Device company in Supplier Quality Management and deal with suppliers all over the map in terms of ISO certification, adherence/compliance, or avoidance.  My recommendation to companies certified/compliant to ISO 9001:2015 is that Validation should be evaluated in the big picture of Lean.  Validation can be used as a more effective (both quality and cost) method of quality control by promoting solid process design rather than a reliance on inspection and MRB processes to UAI, Rework, Repair, Scrap or RTV. 

Put another way, just because you can adequately measure/verify the results does not mean that's the most effective method for business success or customer satisfaction.  I suggest strongly that solid process design and validation is the better way to go.
These requirements are same for both standards.
Based on standards "The organization shall validate any processes for production and service provision where the resulting output cannot be or is not verified by subsequent monitoring or measurement and, as a consequence, deficiencies become apparent only after the product is in use or the service has been delivered."
Additionally if we think verification as "inspection", you aren't required to implement 100% inspection however you are required to ensure sufficient confidence such as statistically valid confidence level. (e.g using statistical sampling plans for inspection). Also if we think validation as "test" to determine meeting specific intended use, you are not required to conduct 100% test (same methods may be applied in verification). I am a contractual auditor of DNV-GL, they have guidance which addressed: "This requirement applies to products that cannot be truly verified until they are in use (e.g. a match – as the only effective way to test whether a match will work is to strike it!). A business must have confidence in the ability of its process to consistently deliver and meet customer expectations. Processes may also need re-validation from time to time because conditions, people and materials can change. Retained documented information relevant to process validation is required and may consist of records of operator qualifications, materials used, equipment used, methods used, the work environment etc. 
Emily Labs
27 Posts
On another note: If you are transitioning to 9001, i would recommend ensuring that you have a 19011:2018 (Guidelines for auditing the QMS) trained person on staff. Does your auditing body have a transition checklist for you use? We use DNV and they provided us with a checklist to make sure that we hit all of the boxes. If not, i would recommend taking the ISO table of contents and use it as a checklist for a "Gap Assessment".
What type of company are you at now, OEM or supplier?

I would agree that the expectation is the last one you listed, validate product characteristics that can not be verified by other means downstream.  Beyond that I reiterate my prior comments that process development and validation can be a powerful lean or business improvement tool even where verification of product is possible to detect quality.