Management system guidance

7.1 Resources

ISO Navigator Pro™ is a free tool that provides practical, expert guidance for businesses wishing to interpret and better implement the requirements of ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018.

Our range of templates cover the requirements of ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018, and offer an easy way to implement your next management system.

7.1.6 Organizational knowledge

|

‘Organizational Knowledge’ is a new requirement and is closely linked with ‘documented information’. You should seek and record evidence that your organization has taken steps to identify the internal and external knowledge necessary to ensure the continued product conformity.

Check that organizational knowledge is communicated as necessary and that it is maintained and retained in accordance with Clause 7.5 – Documented Information. Check that organizational knowledge is reviewed before changes to the management system are made when responding to change.

You should seek to evidence to confirm how your organization has determined and made available the knowledge needed to keep up to date with changing situations and knowledge related to new products and services. You determine whether your organization has considered internal and external sources, such as:

  1. Lessons learnt from non-conformities and corrective actions, near miss situations and successes;
  2. Gathering knowledge from customers, suppliers and partners;
  3. Capturing knowledge that exists within the organization, through mentoring or succession planning;
  4. Benchmarking against competitors;
  5. Sharing organizational knowledge with interested parties to ensure sustainability of the organization;
  6. Updating the necessary organizational knowledge based on the results of improvement;
  7. Knowledge from conferences, attending trade fairs, networking seminars, or other external events.

Sources of internal knowledge

There is a strong link between organizational knowledge and the competence of employees, the latter being peoples’ ability to apply knowledge to their work.

Organizational knowledge can be defined as information combined with experience, context, interpretation, and insights that are useful when making decisions and taking action specific to your management system. Examples of organizational knowledge include:

  1. Documented information regarding a process, product or service;
  2. Previous specifications and work instructions;
  3. The experience of skilled people operating their processes;
  4. Mentoring and coaching by more experienced employees;
  5. Knowledge of technologies and infrastructure relevant to our organization, etc.

Sources of internal knowledge also include your business’s intellectual property; knowledge gained from experience and coaching; lessons learnt from failures and successes; capturing and sharing undocumented knowledge and experience; the results of improvements in processes, products and services.

Organizational knowledge should be maintained and available to the extent necessary. When addressing changing needs and trends, your organization should consider its current knowledge and determine how to acquire or access any necessary additional knowledge and required updates.

The knowledge necessary for the operation of processes and to achieve products and service conformity are evident through the following types of document:

  1. Contract review requirements (Clause 8.2.3);
  2. Demonstrate the operation of processes (maintain & retain documented information) (Clause 4.4.2);
  3. Records of monitoring and measuring resources (Clause 7.1.5);
  4. Competence records of personnel, training records, cross training, training feedback (Clause 7.2);
  5. Operational planning and control process documents and records (Clause 8.1);
  6. Supplier evaluation records (Clause 8.4.1);
  7. Change control records (Clause 8.5.6);
  8. Product non-conformity records (Clause 8.7);
  9. Corrective action records (Clause 10.2);
  10. Quality policy (Clause 5.2);
  11. Quality Objectives (Clause 6.2.1);
  12. Identification and traceability records (Clause 8.5.2);
  13. Records of the release of products/services (Clause 8.6);
  14. QMS performance and effectiveness (Clause 9.1.1);
  15. Internal audit programmes and reports (Clause 9.2.2);
  16. Management review minutes (Clause 9.3.3).

Sources of external knowledge

Sources of external knowledge often include other ISO/International standards; research papers; webinars from conferences; or knowledge gathered from, or about; our customers, stakeholders or other external parties. Your organization should assimilate and deploy internal and external sources of knowledge, such as:

  1. Lessons learnt from non-conformities, corrective actions, and the results of improvement;
  2. Gathering knowledge from customers, suppliers and partners, benchmarking against competitors;
  3. Capturing knowledge existing within the organization, e.g. through mentoring/succession planning;
  4. Sharing knowledge with relevant interested parties to ensure sustainability of the organization;
  5. Knowledge from conferences, attending trade fairs, networking seminars, or other external events.

A Certification Auditor would expect look for the following evidence for meeting the requirements of clause 7.1.6 organizational knowledge:

  1. Has your organization used the PDCA (plan/do/check/act) approach for addressing organizational knowledge?
  2. Has Top management provided the leadership & direction for establishing strategies to use organizational knowledge and policies and objectives to optimize the value derived from organizational knowledge?
  3. Has your organization identified the scope of organizational knowledge relevant to its business and related risks and opportunities associated with each type of organizational knowledge?
  4. Has your organization defined the process needed to manage organizational knowledge - identify, obtain, accumulate, store, communicate, use, maintain, protect and evaluate the performance of organizational knowledge management against objectives?
  5. Has your organization defined roles, authority and responsibilities for organizational knowledge process activities listed above?
  6. Has your organization determined competency requirements and provided appropriate training and awareness for all employees using organizational knowledge?
  7. Has your organization established processes for communication, participation and consultation?
  8. Has your organization determined the nature and extent of documentation required to manage organizational knowledge?
  9. Has your organization identified any applicable regulatory and other requirements?
  10. Has your organization defined an organizational knowledge change management process?
  11. Has your organization implemented the organizational knowledge plan defined above?
  12. Has your organization performed organizational knowledge activities – assign responsibilities, identify, obtain, accumulate, store, maintain, protect, communicate, use and evaluate the performance of organizational knowledge?
  13. Has your organization tracked organizational knowledge performance measures?
  14. Does your organization investigate loss, irretrievability or theft of organizational knowledge?
  15. Has your organization evaluated compliance to applicable regulatory requirements?
  16. Has your organization maintained appropriate records of organizational knowledge management activities?
  17. Has your organization reviewed data from CHECK stage and determined improvement actions?
  18. Has your organization verified achievement of organizational knowledge goals and objectives?

|

More information on PDCA

Planning

Context

ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
4.1 Organizational Context 4.1 Organizational Context 4.1 Organizational Context
4.2 Relevant Interested Parties 4.2 Relevant Interested Parties 4.2 Relevant Interested Parties
4.3 Management System Scope 4.3 Management System Scope 4.3 Management System Scope
4.4 QMS Processes 4.4 EMS Processes 4.4 OH&S Management System

Planning

ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
5.1 Leadership & Commitment 5.1 Leadership & Commitment 5.1 Leadership & Commitment
5.2 Quality Policy 5.2 Environmental Policy 5.2 OH&S Policy
5.3 Roles, Responsibilities & Authorities 5.3 Roles, Responsibilities & Authorities 5.3 Roles, Responsibilities & Authorities
    5.4 Consultation & Participation

Support

ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
6.1 Address Risks & Opportunities 6.1.1 Address Risks & Opportunities 6.1.1 Address Risks & Opportunities
6.2.1 Quality Objectives 6.1.2 Environmental Aspects 6.1.2 Hazard Identifcation
6.2.2 Planning to Achieve Objectives 6.1.3 Compliance Obligations 6.1.3 Legal & Other Requirements
6.3 Planning for Change 6.1.4 Planning Action 6.1.4 Planning Action
  6.2.1 Environmental Objectives 6.2.1 OH&S Objectives
  6.2.2 Planning to Achieve Objectives 6.2.2 Planning to Achieve Objectives
 

Doing

Support

ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
7.1 Resources 7.1 Resources 7.1 Resources
7.2 Competence 7.2 Competence 7.2 Competence
7.3 Awareness 7.3 Awareness 7.3 Awareness
7.4 Communcation 7.4.1 Communcation - General 7.4.1 Communcation - General
7.5 Documented Information 7.4.2 Internal Communcation 7.4.2 Internal Communcation
  7.4.3 External Communcation 7.4.3 External Communcation
  7.5 Documented Information 7.5 Documented Information

Operations

ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
8.1 Operational Planning & Control 8.1 Operational Planning & Control 8.1.1 General
8.2 Customer Requirements 8.2 Emergency Preparedness 8.1.2 Eliminating Hazards
8.3 Design & Development   8.1.3 Management of Change
8.4 Purchasing   8.1.4 Outsourcing
8.5 Product & Service Provision   8.2 Emergency Preparedness
8.6 Release of Products & Services    
8.7 Nonconforming Outputs    
 

Checking

Monitoring, measurement, analysis and evaluation

ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
9.1 Monitoring & Measurement 9.1.1 Performance Evaluation 9.1.1 Performance Evaluation
9.2 Internal Audit 9.1.2 Evaluation of Compliance 9.1.2 Evaluation of Compliance
9.3 Management Review 9.2 Internal Audit 9.2 Internal Audit
  9.3 Management Review 9.3 Management Review
 

Acting

Improvement

ISO 9001:2015
ISO 14001:2015
ISO 45001:2018
10.1 Improvement - General 10.1 Improvement - General 10.1 Improvement - General
10.2 Nonconformity & Corrective Action 10.2 Nonconformity & Corrective Action 10.2 Incident, Nonconformity & Corrective Action
10.3 Continual Improvement 10.3 Continual Improvement 10.3 Continual Improvement
 

Want to know more?

SSL certification

A certificate guarantees the information your internet browser is receiving now originates from the expected domain - https://www.iso9001help.co.uk. It guarantees that when you make a purchase, sensitive data is encrypted and sent to the right place, and not to a malicious third-party.

Free PDCA guidance

ISO Navigator™ is our FREE online training tool that shows you how to apply the principles of PDCA to your operations. We also offer many helpful templates that get you on the road to documenting your management system, please visit the download page.