ISO 9001:2015 Clause 8.3, which covers the “Design and development of products and services,” is often perceived as the most challenging auditable clause in the standard. However, it doesn’t have to be intimidating. This guide aims to demystify Clause 8.3, explaining its requirements and how to effectively audit it.

Understanding Design and Development in ISO 9001:2015

Design: In ISO 9001:2015, design refers to the process of creating plans, drawings, or specifications that define the characteristics of a product or service before it is produced or delivered. It encompasses activities such as conceptualization, development, and detailing of the product or service, including its features, functions, performance criteria, and any associated processes or systems. 

Design in ISO 9001:2015 emphasises the need for systematic approaches to ensure that products or services meet customer requirements, comply with applicable regulations and standards, and are suitable for their intended use. If your organization creates anything, whether a tangible product or an intangible service, there is likely a design element involved. Clause 8.3 applies in such cases. 

Even if the design process is outsourced, your organization still retains the responsibility to apply necessary controls (refer to Clause 8.4.1-a). The critical question is: Who is paying for the design?

Development: Development refers to the process of enhancing existing products or services or creating new ones to meet specific requirements or objectives. It involves activities such as research, design, testing, prototyping, and refinement to ensure that the resulting product or service meets customer needs, regulatory requirements, and quality standards. 

Development may include modifications to existing products or services to improve performance, functionality, or compatibility with new technologies, as well as the creation of entirely new offerings. The goal of development within ISO 9001:2015 is to continuously improve products or services to enhance customer satisfaction and maintain competitiveness in the marketplace.

Justifying Non-applicability

If your organisation engages in any design or development activities, you cannot justify excluding Clause 8.3. A valid exclusion might occur if you provide a well-established product or service that requires no further design or development. However, modifying an existing product to fit customer requirements, such as changing specifications without altering the core product, constitutes development.

Steps for Auditing ISO 9001:2015 Clause 8.3

To effectively audit Clause 8.3, follow these five steps:

Planning

Effective planning for  compliance involves establishing clear project timescales and deliverables, defining roles and responsibilities, and identifying sign-off authorities. It requires scheduling regular design reviews at key project stages, ensuring resource availability, and maintaining robust communication with subsequent process owners.

Implementing necessary controls such as risk management, quality control, and change management is essential, as is clearly defining the intended use of the final product or service to meet customer and regulatory requirements. 

This comprehensive approach ensures the design and development process aligns with ISO standards and organisational goals.

Inputs

Key inputs include detailed customer requirements, regulatory and statutory compliance standards, material specifications, previous design records, and technological tools. By integrating customer feedback, adhering to safety regulations, considering sustainability factors, and leveraging lessons from past projects, organisations can ensure that their designs are well-informed and compliant. 

These inputs help define the parameters and constraints within which the design and development must occur, ensuring that all relevant factors are considered from the outset.

Controls

Design controls for ISO 9001:2015 Clause 8.3 ensure the design and development process yields products or services that meet all specified requirements. Key elements include defining project deliverables such as conceptual designs, technical drawings, prototypes, and final specifications. Establishing acceptance criteria involves setting performance metrics, quality standards, and ensuring regulatory compliance. 

Conducting design reviews at various stages, including initial, mid-project, post-verification, and final reviews, helps maintain alignment with project goals. Verification and validation steps confirm that the design meets input requirements and performs as intended through testing, simulations, inspections, and real-world trials. 

Effective change management controls any modifications to the design, involving formal change requests, impact analysis, approval processes, and thorough documentation of changes. Overall, meticulous documentation of design plans, review records, test results, and change logs is crucial for demonstrating compliance with ISO standards, enhancing product quality, and ensuring regulatory adherence.

Outputs

The outputs of the design and development process include comprehensive design documentation, such as conceptual designs, technical drawings, and detailed specifications. Outputs also encompass physical and virtual prototypes, verification and validation reports, and manufacturing and production information like bills of materials and quality assurance plans. 

Additionally, effective change management records, final product specifications, and post-delivery support plans are crucial to ensure the final product meets all requirements and standards. By managing these outputs diligently, organisations can ensure their products or services are of high quality, meet customer needs, and comply with all necessary regulations, facilitating a smooth and compliant design and development process..

Changes

Effectively managing design changes within ISO 9001:2015 Clause 8.3 involves a structured approach to ensure modifications enhance rather than compromise the design and development process. This begins with formal change requests, detailing proposed alterations, justifications, and preliminary impact analyses. Impact analysis evaluates the change’s effects on costs, timelines, quality, and regulatory compliance. 

Once approved by relevant stakeholders, changes are systematically implemented, with clear planning, execution, and monitoring. Accurate documentation, including change logs and version control, ensures traceability and communication among team members. 

After implementation, changes undergo review and validation to confirm they meet required standards and performance criteria. By adhering to these systematic procedures, organisations can effectively manage design changes, maintain compliance with ISO standards, and deliver high-quality products and services..

Documenting Information

In ISO 9001:2015 Clause 8.3, several requirements exist for documented information to effectively manage the design and development process. These requirements encompass various aspects, including the need for a documented design and development plan outlining responsibilities, timelines, and resources. 

Documentation of inputs to design and development, such as customer requirements, regulatory standards, and previous design information, is necessary to ensure that design outputs meet specified requirements. 

Changes to the design and development process must be documented, including change requests, impact analyses, and approvals, to maintain control and traceability. Additionally, records of design reviews, verification and validation results, and control of design changes are essential for monitoring progress and ensuring compliance. Overall, maintaining comprehensive documented information facilitates effective control, traceability, and compliance with ISO 9001:2015 Clause 8.3 throughout the design and development lifecycle.

Conclusion

Mastering ISO 9001:2015 Clause 8.3 doesn’t require expertise in conceptual or engineering design. By following a structured process and applying a competent yet flexible interpretation of the standard, you can simplify this clause. Implementing these steps will help you effectively manage and audit the design and development of products and services, ensuring compliance with ISO 9001:2015.

If you need further understanding, get in touch with one of our Auva Registered Consultants or speak to one of our Expert Auditors.