ISO TS 22163-2017 Railway applications - Quality management system - Business management system requirements for rail organizations ISO 9001 2015 and particular.pdf

1、 ISO 2017 Railway applications Quality management system Business management system requirements for rail organizations: ISO 9001:2015 and particular requirements for application in the rail sector Applications ferroviaires Systme de management de la qualit Exigences lies au systme de management de

2、lactivit destination des organismes ferroviaires: ISO 9001:2015 et exigences particulires concernant les applications dans le secteur ferroviaire TECHNICAL SPECIFICATION ISO/TS 22163 Reference number ISO/TS 22163:2017(E) First edition 2017-05 ISO/TS 22163:2017(E)ii ISO 2017 All rights reserved COPYR

3、IGHT PROTECTED DOCUMENT ISO 2017, Published in Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, wi

4、thout prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Ch. de Blandonnet 8 CP 401 CH-1214 Vernier, Geneva, Switzerland Tel. +41 22 749 01 11 Fax +41 22 749 09 47 copyrightiso.org www.i

5、so.org ISO/TS 22163:2017(E)Foreword vi 0 Introduction .vii 1 Scope . 1 1.1 Scope Supplemental 1 2 Normative references 2 3 T erms and definitions . 2 3.1 Terms and definitions for the rail sector 2 3.2 Abbreviations . 7 4 Context of the organization . 8 4.1 Understanding the organization and its con

6、text . 8 4.2 Understanding the needs and expectations of interested parties 8 4.3 Determining the scope of the quality management system . 9 4.4 Quality management system and its processes .10 4.4.3 Quality management system and its processes Supplemental 10 5 Leadership .11 5.1 Leadership and commi

7、tment 11 5.1.1 General.11 5.1.2 Customer focus .11 5.2 Policy 12 5.2.1 Establishing the quality policy 12 5.2.2 Communicating the quality policy .12 5.2.3 Quality policy Supplemental .12 5.2.4 Safety policy 12 5.3 Organizational roles, responsibilities and authorities.13 5.3.1 Organizational roles,

8、responsibilities and authorities Supplemental .13 5.3.2 Responsibilities and authorities of process owners 13 6 Planning 14 6.1 Actions to address risks and opportunities 14 6.1.3 Actions to address risks and opportunities Supplemental .14 6.1.4 Contingency planning .15 6.2 Quality objectives and pl

9、anning to achieve them .15 6.3 Planning of changes .16 6.4 Business planning .16 7 Support 17 7.1 Resources 17 7.1.1 General.17 7.1.2 People .17 7.1.3 Infrastructure 18 7.1.4 Environment for the operation of processes 18 7.1.5 Monitoring and measuring resources 18 7.1.6 Organizational knowledge 20 7

10、.2 Competence 21 7.2.1 Competence Supplemental .21 7.3 Awareness 22 7.3.1 Awareness Supplemental .22 7.4 Communication .22 7.5 Documented information 23 7.5.1 General.23 7.5.2 Creating and updating 23 7.5.3 Control of documented information 24 8 Operation 25 ISO 2017 All rights reserved iii Contents

11、 Page ISO/TS 22163:2017(E)8.1 Operational planning and control .25 8.1.1 Planning for the outsourcing or transfer of processes .25 8.1.2 Tender management 26 8.1.3 Project management 26 8.1.4 Configuration management .30 8.1.5 Change management .31 8.2 Requirements for products and services 33 8.2.1

12、 Customer communication .33 8.2.2 Determining the requirements related to products and services 33 8.2.3 Review of requirements related to products and services .34 8.2.4 Changes to requirements for products and services .34 8.2.5 Requirements for products and services Supplemental .34 8.3 Design an

13、d development of products and services 35 8.3.1 General.35 8.3.2 Design and development planning 36 8.3.3 Design and development inputs 37 8.3.4 Design and development controls .38 8.3.5 Design and development outputs 40 8.3.6 Design and development changes 41 8.4 Control of externally provided proc

14、esses, products and services .41 8.4.1 General.41 8.4.2 Type and extent of control 44 8.4.3 Information for external providers .46 8.4.4 Supply chain management .47 8.5 Production and service provision 48 8.5.1 Control of production and service provision 48 8.5.2 Identification and traceability .51

15、8.5.3 Property belonging to customers or external providers 52 8.5.4 Preservation 52 8.5.5 Post-delivery activities 53 8.5.6 Control of changes .54 8.5.7 Production scheduling .54 8.6 Release of products and services .55 8.6.1 Release of products and services Supplemental 55 8.7 Control of nonconfor

16、ming outputs .56 8.7.3 Control of nonconforming outputs Supplemental 56 8.8 RAMS / LCC .57 8.9 First article inspection 58 8.10 Obsolescence management .58 8.11 Innovation management 59 9 Performance evaluation 59 9.1 Monitoring, measurement, analysis and evaluation 59 9.1.1 General.59 9.1.2 Custome

17、r satisfaction .61 9.1.3 Analysis and evaluation 61 9.2 Internal audit .62 9.2.3 Internal audit Supplemental62 9.3 Management review 63 9.3.1 General.63 9.3.2 Management review inputs .64 9.3.3 Management review outputs .65 9.4 Process reviews .65 10 Improvement .66 10.1 General 66 10.2 Nonconformit

18、y and corrective action 67 10.2.3 Nonconformity and corrective action Supplemental .67 10.3 Continual improvement .68 iv ISO 2017 All rights reserved ISO/TS 22163:2017(E)Bibliography .69 ISO 2017 All rights reserved v ISO/TS 22163:2017(E) Foreword ISO (the International Organization for Standardizat

19、ion) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be r

20、epresented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization. The procedures used to

21、develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of ISO documents should be noted. This document was drafted in accordance with the editorial rules of the

22、 ISO/IEC Directives, Part 2 (see www .iso .org/ directives). Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified

23、during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents). Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement. For an explanation on

24、 the voluntary nature of standards, the meaning of ISO specific terms and expressions related to conformity assessment, as well as information about ISOs adherence to the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following URL: w w w . i s o .org/ iso

25、/ foreword .html. This document was prepared by Technical Committee ISO/TC 269, Railway applications. The aim of this document, which has been prepared by UNIFE, the European Rail Industry Association, is the development and continual improvement of a business management system to ensure product qua

26、lity and safety in the global rail sector. The content inside the boxed text of this document is ISO 9001:2015 text. The text outside the boxes has been originated by the UNIFE, IRIS Certification working group. Whenever the ISO 9001:2015 text in this document refers to “quality management system”,

27、this term is understood hereinafter as “business management system”, not limited to quality, so that it encompasses all business processes of the organization. Therefore, in the supplemental rail sector specific requirements, the term “business management system” is used outside the boxed text. When

28、ever the ISO 9001:2015 text refers to “this International Standard”, this applies to this document, including the text outside the boxes. Whenever this document refers to clause numbers, it is to be understood that all the requirements under this clause including sub-clauses are to be considered. Wh

29、enever this document refers to “safety”, the term is to be understood as “product safety”, not to be confused with “occupational safety”. Whenever the ISO 9001:2015 text in this document refers to “quality policy” or “quality objectives” these terms apply to “safety policy” or “safety objectives” ac

30、cordingly. Whenever this document requires documented processes (e.g. calibration and production), these processes can be defined within a single documented process (e.g. both defined within a “production management” process).vi ISO 2017 All rights reserved ISO/TS 22163:2017(E) 0 Introduction 0.1 Ge

31、neral ISO 9001:2015, Quality management systems Requirements 0.1 General The adoption of a quality management system is a strategic decision for an organization that can help to improve its overall performance and provide a sound basis for sustainable development initiatives. The potential benefits

32、to an organization of implementing a quality management system based on this International Standard are: a) the ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements; b) facilitating opportunities to enhance customer satisfactio

33、n; c) addressing risks and opportunities associated with its context and objectives; d) the ability to demonstrate conformity to specified quality management system requirements. This International Standard can be used by internal and external parties. It is not the intent of this International Stan

34、dard to imply the need for: uniformity in the structure of different quality management systems; alignment of documentation to the clause structure of this International Standard; the use of the specific terminology of this International Standard within the organization. The quality management syste

35、m requirements specified in this International Standard are complementary to requirements for products and services. This International Standard employs the process approach, which incorporates the Plan-Do-Check- Act (PDCA) cycle and risk-based thinking. The process approach enables an organization

36、to plan its processes and their interactions. The PDCA cycle enables an organization to ensure that its processes are adequately resourced and managed, and that opportunities for improvement are determined and acted on. Risk-based thinking enables an organization to determine the factors that could

37、cause its processes and its quality management system to deviate from the planned results, to put in place preventive controls to minimize negative effects and to make maximum use of opportunities as they arise (see Clause A.4). ISO 2017 All rights reserved vii ISO/TS 22163:2017(E) Consistently meet

38、ing requirements and addressing future needs and expectations poses a challenge for organizations in an increasingly dynamic and complex environment. To achieve this objective, the organization might find it necessary to adopt various forms of improvement in addition to correction and continual impr

39、ovement, such as breakthrough change, innovation and re-organization. In this International Standard, the following verbal forms are used: “shall” indicates a requirement; “should” indicates a recommendation; “may” indicates a permission; “can” indicates a possibility or a capability. Information ma

40、rked as “NOTE” is for guidance in understanding or clarifying the associated requirement. 0.2 Quality management principles ISO 9001:2015, Quality management systems Requirements 0.2 Quality management principles This International Standard is based on the quality management principles described in

41、ISO 9000. The descriptions include a statement of each principle, a rationale of why the principle is important for the organization, some examples of benefits associated with the principle and examples of typical actions to improve the organizations performance when applying the principle. The qual

42、ity management principles are: customer focus; leadership; engagement of people; process approach; improvement; evidence-based decision making; relationship management.viii ISO 2017 All rights reserved ISO/TS 22163:2017(E) 0.3 Process approach 0.3.1 General ISO 9001:2015, Quality management systems

43、Requirements 0.3 Process approach 0.3.1 General This International Standard promotes the adoption of a process approach when developing, implementing and improving the effectiveness of a quality management system, to enhance customer satisfaction by meeting customer requirements. Specific requiremen

44、ts considered essential to the adoption of a process approach are included in 4.4. Understanding and managing interrelated processes as a system contributes to the organizations effectiveness and efficiency in achieving its intended results. This approach enables the organization to control the inte

45、rrelationships and interdependencies among the processes of the system, so that the overall performance of the organization can be enhanced. The process approach involves the systematic definition and management of processes, and their interactions, so as to achieve the intended results in accordanc

46、e with the quality policy and strategic direction of the organization. Management of the processes and the system as a whole can be achieved using the PDCA cycle (see 0.3.2) with an overall focus on risk-based thinking (see 0.3.3) aimed at taking advantage of opportunities and preventing undesirable

47、 results. The application of the process approach in a quality management system enables: a) understanding and consistency in meeting requirements; b) the consideration of processes in terms of added value; c) the achievement of effective process performance; d) improvement of processes based on eva

48、luation of data and information. Figure 1 gives a schematic representation of any process and shows the interaction of its elements. The monitoring and measuring check points, which are necessary for control, are specific to each process and will vary depending on the related risks. ISO 2017 All rig

49、hts reserved ix ISO/TS 22163:2017(E)Figure 1 Schematic representation of the elements of a single processx ISO 2017 All rights reserved ISO/TS 22163:2017(E) 0.3.2 Plan-Do-Check-Act cycle ISO 9001:2015, Quality management systems Requirements 0.3.2 Plan-Do-Check-Act cycle The PDCA cycle can be applied to all processes and to the quality management system as a whole. Fig - ure 2 illustrates how Clauses 4 to 10 can be grouped in relation to the PDCA cycle. NOTE Numbers in br