Skip to main content
Jun 23, 2017 Craig Thornton

Clause 8.3 of ISO 9001: Design and Development

By now you’ve no doubt realised that I’m a huge Deming fan.  The man was incredibly smart, creative and clear-sighted.  He was the King of Processes (“if you can’t describe what you’re doing as a process, you don’t know what you’re doing”), as well as a staunch advocate of the notion that “innovation comes from the producer – not the customer”. 

Clause 8.3 is a neat intersection of these two observations by Deming.  His work may be many decades old by now, but it has lost absolutely none of its power and relevancy.  Keep his wisdom in mind as you work through this vital clause. 

 

Clause 8.3.1 - Review with your staff what processes you have to design and develop your products and services

Look at the stages you use as well as the controls you have during and after those stages.  Write them down on a whiteboard.  Then check to see what controls you have in place to manage those processes – things like decision points, approvals, sign-offs, monitoring, meetings, customer review points etc.  Put those on the whiteboard too.

Clause 8.3.2 - Determination of Control Points

The best way to determine this is to consider a list of 10 items, namely:

  1. Complexity of the design.
  2. The process stages including the review stages.
  3. The testing you will do to check the design.
  4. Who will be responsible and what authority will they have?
  5. What resources are needed?
  6. The interfaces between teams in the process.
  7. How will customers get involved?
  8. Who will use the design next?
  9. What control do customers and other parties have over the design?
  10. Determine what records you will keep to prove what you have done.

For example, here at Mango we use a range of processes with multiple stages that include activities like SCRUM and Agile development (these are two fantastic quality tools used by the software industry – if you’re in software and you’re not using them, get with the programme ASAP!).  We also have continuous release processes where we update the product monthly. 

It took us a few days to break down and describe the development process, but it was time well spent because it made things so much clearer for our whole team.  Remember, as Deming pointed out, “it is not enough to do your best; you must know what to do, and then you do your best”.

 

8.3.3 - Establish the Requirements for Design 

Once again, the standard gives you a simple list of what you need to consider:

  1. The functional and performance requirements for the design.
  2. Any information from previous designs.
  3. What are the statutory, regulatory, standards or codes of practise requirements?
  4. List any potential consequences of failure.
  5. Make sure the requirements are clearly defined and any conflicts are resolved.
  6. Again, determine what records you will keep to prove what you have done.

 

Clause 8.3.4 - Ensure you have processes to control design and development

These include: 

  • reviews
  • verification
  • validation
  • problem solving 
  • capturing records

Once you have created your design (it could be drawings, specifications, coding, plans, models etc.), the standard (8.3.5) then requires you to ensure that:

  1. The design meets the requirements.
  2. The design can be manufactured or the service offered.
  3. The design can be inspected and tested.
  4. That characteristics of the design are specified.

At this point in working through the clause many people feel that the hard yards have been done, and spend little time or energy on the elements of review.  Big mistake.  Unintended consequences are always a possibility – not just for software, but for every single industry in existence – so to miss this step or to do a rushed job can be very expensive in terms of missed opportunities, and devastating with regard to costly errors. 

Deming was very aware that everyone has blind spots – as he said, “the big problems are where people don’t realise they have one in the first place”.  So take time to thoroughly review, authorise and check all changes to the design.  You need to be sure that they don’t cause other issues (8.3.6).  You want to ensure that you don’t have any blind spots.

 

Design and Development at Mango 

Here at Mango, during each monthly release, we have a number of formal reviews to check on progress.  In addition each requirement is designed, developed and verified by the Software Developer prior to delivery to a User Tester.  The User Tester then validates that the requirement is working both prior, and after, release.  Any problems are reported into the software developer for fixing.  All changes are recorded, listed and monitored to ensure they are well managed.

 

Takeaways

  1. Clearly define what processes you use for designing and developing your products and services.
  2. During planning consider the list of 10 items from ISO 9001 when you are determine your processes.
  3. Work out the requirements for what you are designing.
  4. Make sure you have processes to control the design and development.
  5. Make sure any changes to the design and development are controlled.
  6. Make sure you put in some effective reviews to ensure nothing slips through the cracks.

Integrated_Management_System_manuel.jpg

 

View previous blogs in this series "How to Implement a QMS and Achieve ISO 9001 Certification":

How to Implement a QMS and Achieve ISO 9001 Certification - Part 1: Introduction

How to Implement a QMS and Achieve ISO 9001 Certification - Part 2: Customer Focus

How to Implement a QMS and Achieve ISO 9001 Certification - Part 3: Leadership

How to Implement a QMS and Achieve ISO 9001 Certification - Part 4: Engagement of People

How to Implement a QMS and Achieve ISO 9001 Certification - Part 5: Process Approach

How to Implement a QMS and Achieve ISO 9001 Certification - Part 6: Improvement

How to Implement a QMS and Achieve ISO 9001 Certification - Part 7: Evidence Based Decision Making 

How to Implement a QMS and Achieve ISO 9001 Certification - Part 8: Relationship Management

How to Implement a QMS and Achieve ISO 9001 Certification - Part 9: Clauses 0.1, 0.2, 0.3, 1, 2 and 3 of ISO 9001:2015

How to Implement a QMS and Achieve ISO 9001 Certification - Part 10: Clauses 4.1, 4.2, 4.3 and 4.4 – Context, Interested Parties, Scope, QMS

How to Implement a QMS and Achieve ISO 9001 Certification - Part 11: Clauses 5.1 Leadership and Commitment

How to Implement a QMS and Achieve ISO 9001 Certification - Part 12: Clause 5.2 Policy

How to Implement a QMS and Achieve ISO 9001 Certification - Part 13: Clause 5.3 Roles, Responsibilities and Authorities

How to Implement a QMS and Achieve ISO 9001 Certification - Part 14: Clause 6.1 Actions to Address Risks and opportunities

How to Implement a QMS and Achieve ISO 9001 Certification - Part 15: Clause 6.2 Objectives

How to Implement a QMS and Achieve ISO 9001 Certification - Part 16: Clause 7.1 Resources

How to Implement a QMS and Achieve ISO 9001 Certification - Part 17: Clause 7.2 and 7.3 - Competence and Awareness 

How to Implement a QMS and Achieve ISO 9001 Certification - Part 18: Clauses 7.5 - Documented Information

How to Implement a QMS and Achieve ISO 9001 Certification - Part 19: Clauses 8.1 - Clause 8.1 - Operational Planning and Control

How to Implement a QMS and Achieve ISO 9001 Certification - Part 20: Clauses 8.2 - Requirements for Products and Services

Published by Craig Thornton June 23, 2017