Management system guidance

8.3 Design and development of products and services

ISO Navigator Pro™ is a free tool that provides practical, expert guidance for businesses wishing to interpret and better implement the requirements of ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018.

Our range of templates cover the requirements of ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018, and offer an easy way to implement your next management system.

8.3.2 Design and development planning

|

This requirement expands upon ISO 9001:2008 Clause 7.3.1 – Design and Development Planning. It is likely that if your organization already complies with this clause, you will already be undertaking the activities required by ISO 9001:2015 Clause 8.3.1.

You should seek and record evidence that your organization has considered the explicitly referenced considerations relating to the design and development process set out above. If you need a procedure and forms to help control your business's design and development process, click here.

You should also ensure that your organization has retained documented information to confirm the identified design and development requirements were met and that design reviews were undertaken. You should have an overall plan for how you undertake your designs.

Design management plans

Design planning must specify the design and development stages, activities and tasks; responsibilities; timeline and resources; specific tests, validations and reviews; and outcomes. There are many tools available for planning ranging from a simple checklist to complex software. Control product design and development planning activities including:

  1. Scope of the design e.g. customer requirements (see 8.2.2) design rationale, design assumptions, objectives, complexity, size, detail, timescales, criticality, constraints, risks, producibility, accessibility, maintainability;
  2. Stages of the design process, distinct activities and review e.g. work breakdown structure, work packages (tasks, resources, responsibilities, content, inputs/outputs), concept design, preliminary design, detail design, design review gates preliminary design review, detail design review, critical design review);
  3. Verification and validation activities comprising checks, trials, tests, simulations, demonstrations required to ensure requirements are met;
  4. Assignment of responsibilities and authorities e.g. job profiles, CVs, accountability statements, delegation of authority, levels of approval, register of authority and approvals, authorized signatories;
  5. Internal and external resources such as knowledge acquisition, people, competency, investment, funding, facilities, equipment, innovation, technology, interested parties (customers, external providers, research establishments), information (principles, standards, rules, codes of practice);
  6. Organizational interfaces such as personnel and functions e.g. sales, project management, production, procurement, quality, finance, customers, end users;
  7. Levels of control required or implied by interested parties (customers, regulators, end users etc.) e.g. customer acceptance, safety checks, risk management, verification/validation activity, product certification;
  8. Required documented information e.g. design plan, design reviews, design outputs (specifications, schemes, drawings, models, data, reports), control plans, certificates.

The design management plan typically includes specific quality practices, assessment methodology, record-keeping, documentation requirements, resources, etc., and usually reference the sequence of activities relevant to a particular design or design category. The design management plan references applicable codes, standards, regulations and specifications. and describe the interfaces with different groups or activities that provide, or result in, an input to the design and development process.

Each design activity is planned, divided into phases, and tasks assigned to competent and skilled design personnel equipped with adequate tools and resources. Design management plans are documented and updated as the design evolves.
As required, at the commencement of a design package, the Design Manager is required to complete a Design Management Plan (DMP) which will include at a minimum:

  1. Confirmation of the standards baseline used for the work being undertaken and an explanation of how compliance to this baseline will be demonstrated;
  2. An organisation chart with defined responsibilities for all staff with direct involvement in design or with a potential impact on safety;
  3. Skills matrix to define the competence of individuals with ‘prepare’, ‘check’ and ‘approval’ duties;
  4. Scope definition and interface identification including key issues and operational requirements;
  5. Projected output, timelines, milestones, and defined deliverables;
  6. Stated processes and procedures to ensure acceptable quality assurance will be demonstrated and records maintained (specifically the formal Assurance Gates);
  7. Processes and procedures to be used to ensure compliance with the engineering safety management;
  8. The design review process, both single (SDR) and multi-design consultant (IDR) reviews and stakeholder intervention, prior to the Assurance Gate Reviews at 20%, 60% & 100% design completion stages;
  9. Explanation of how compliance with input requirements will be demonstrated.

Although the standard does not require a documented procedure, the design process needs to demonstrate how the process is controlled and planned. The organization, however, will need to provide some type of objective evidence as to what the planning activities include. This can be accomplished with the use of time-lines, Gantt charts or any other planning method such as Microsoft project manager.

In addition, auditors would likely want to see objective evidence of how the interfaces between other processes are managed, either through statements, or in associated procedures, process mapping, and matrix approach or in the time line planning.

Organizational and technical interfaces between different functions and departments that contribute to the design and development process are defined and the necessary information documented, transmitted and regularly reviewed.

|

More information on PDCA

Planning

ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
4.1 Organizational Context 4.1 Organizational Context 4.1 Organizational Context
4.2 Relevant Interested Parties 4.2 Relevant Interested Parties 4.2 Relevant Interested Parties
4.3 Management System Scope 4.3 Management System Scope 4.3 Management System Scope
4.4 QMS Processes 4.4 EMS Processes 4.4 OH&S Management System
 
ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
5.1 Leadership & Commitment 5.1 Leadership & Commitment 5.1 Leadership & Commitment
5.2 Quality Policy 5.2 Environmental Policy 5.2 OH&S Policy
5.3 Roles, Responsibilities/Authorities 5.3 Roles, Responsibilities/Authorities 5.3 Roles, Responsibilities/Authorities
    5.4 Consultation & Participation
 
ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
6.1.1 Address Risks & Opportunities 6.1.1 Address Risks & Opportunities 6.1.1 Address Risks & Opportunities
6.2.1 Quality Objectives 6.1.2 Environmental Aspects 6.1.2 Hazard Identifcation
6.2.2 Planning to Achieve Objectives 6.1.3 Compliance Obligations 6.1.3 Legal & Other Requirements
6.3 Planning for Change 6.1.4 Planning Action 6.1.4 Planning Action
  6.2.1 Environmental Objectives 6.2.1 OH&S Objectives
  6.2.2 Planning to Achieve Objectives 6.2.2 Planning to Achieve Objectives
 

Doing

ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
7.1.1 Resources - General
7.1 Resources 7.1 Resources
7.1.2 People 7.2 Competence 7.2 Competence
7.1.3 Infrastructure
7.3 Awareness 7.3 Awareness
7.1.4 Operational Environment 7.4.1 Communcation - General 7.4.1 Communcation - General
7.1.5 Monitoring & Measuring 7.4.2 Internal Communcation 7.4.2 Internal Communcation
7.1.6 Organizational Knowledge 7.4.3 External Communcation 7.4.3 External Communcation
7.2 Competence 7.5 Documented Information 7.5 Documented Information
7.3 Awareness    
7.4 Communcation    
7.5 Documented Information    

 

ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
8.1 Operational Planning & Control
8.1 Operational Planning & Control 8.1.1 General
8.2.1 Customer Communication 8.2 Emergency Preparedness 8.1.2 Eliminating Hazards
8.2.2 Determining Requirements
  8.1.3 Management of Change
8.2.3 Reviewing Requirements   8.1.4 Outsourcing
8.2.4 Changes in Requirements
  8.2 Emergency Preparedness
8.3.1 Design Development - General    
8.3.2 Design Development - Planning
   
8.3.3 Design Development - Inputs    
8.3.4 Design Development - Controls    
8.3.5 Design Development - Outputs    
8.3.6 Design Development - Changes    
8.4.1 External Processes - General    
8.4.2 Purchasing Controls    
8.4.3 Purchasing Information    
8.5.1 Production & Service Provision    
8.5.2 Identification & Traceability    
8.5.3 3rd Party Property    
8.5.4 Preservation    
8.5.5 Post-delivery Activities    
8.5.6 Control of Changes    
8.6 Release of Products & Services    
8.7 Nonconforming Outputs    
 

Checking

ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
9.1.1 Performance Evaluation 9.1.1 Performance Evaluation 9.1.1 Performance Evaluation
9.1.2 Customer Satisfaction 9.1.2 Evaluation of Compliance 9.1.2 Evaluation of Compliance
9.1.3 Analysis & Evaluation 9.2 Internal Audit 9.2 Internal Audit
9.2 Internal Audit 9.3 Management Review 9.3 Management Review
9.3 Management Review    
 

Acting

ISO 9001:2015 ISO 14001:2015 ISO 45001:2018
10.1 Improvement - General 10.1 Improvement - General 10.1 Improvement - General
10.2 Nonconformity & Corrective Action 10.2 Nonconformity & Corrective Action 10.2 Incident, Nonconformity & Corrective Action
10.3 Continual Improvement 10.3 Continual Improvement 10.3 Continual Improvement
 

Want to know more?

SSL certification

A certificate guarantees the information your internet browser is receiving now originates from the expected domain - https://www.iso9001help.co.uk. It guarantees that when you make a purchase, sensitive data is encrypted and sent to the right place, and not to a malicious third-party.

Free PDCA guidance

ISO Navigator™ is our FREE online training tool that shows you how to apply the principles of PDCA to your operations. We also offer many helpful templates that get you on the road to documenting your management system, please visit the download page.