Home Resources Blog August 2016

Changing of the Guard - the TL 9000 Delta

30 August 2016
The winds of change have been blowing with gale force throughout the management system standards world in the past year; and the eye of the storm has been clearly centered around ISO 9001:2015.

Inherit the wind

Author: Rick Hill, TL 9000 Program Manager

The winds of change have been blowing with gale force throughout the management system standards world in the past year; and the eye of the storm has been clearly centered around ISO 9001:2015, with its adoption of the Annex SL structure, language and new topics (including context of the organization and interested parties), its elimination of the requirements for a quality manual and a management representative, and the incorporation of risk-based thinking into its DNA.

These wholesale changes have made themselves felt in the specific industry sectors whose own MS standards are, so to speak, downwind of ISO 9001, including, of course, aerospace and automotive. The ICT (Information and Communication Technology) sector is no exception. TL 9000:2016 (R6), which was published in July and becomes effective September 15, 2016 (see my July blog post for details), has incorporated ISO 9001:2015’s requirements in their entirety. Consequently, the big changes in TL 9000:2016 have nothing to do with TL 9000 at all, but are all inherited from ISO 9001:2015.

So organizations which are already certified to TL 9000, or are considering it, should look mainly to ISO 9001:2015-focused resources to get their arms around those big changes. And there’s no better place to find those resources than right here on NQA’s website. TL 9000’s additional requirements (affectionately known as “adders”) all have new clause numbers in R6 in order to align properly with the inherited Annex SL structure.

Out with the old…

So what has actually changed within the TL adders themselves? The number of them, for starters. There are four new adders (see the next section), but twelve have been deleted, reducing the total number of adders from 92 to 84. So what adders were deleted, and why?

The following eight adders have been deleted, in most cases because their intent is now adequately met by the enhanced ISO 9001 text. (The exception is the Replication adder, which had simply become outdated.)

  • 5.2.C.1 Customer Relationship Development
  • 6.4.C.1 Work Areas
  • 7.1.V.1 Service Delivery Plan
  • 7.2.2.C.1 Closure Tracking
  • 7.3.2.S.1 Identification of Software Requirements
  • 7.5.1.C.1 Customer Service Resources
  • 7.5.1.S.3 Replication
  • 8.5.1.C.1 Continual Improvement Program(s)

It’s important to note that the intent of the deleted adders still exists in TL 9000.

The following eight adders have been combined, for a net reduction of four:

  • 7.3.1.HS.2 Design and Development Process Quality Measurement Planning and Implementation

+ 7.2.3.HS.2 Design and Development Process Quality Measurements Data Reporting
= 8.3.2.HS.3 Development Process Quality Measurement

  • 7.3.2.C.2 Design and Development Requirements

+ 7.3.2.H.1 Content of Requirements
= 8.3.3.C.2 Design and Development Requirements

  • 7.5.1.S.1 Patching Procedure

+ 7. 5.1.S.2 Patch Documentation
= 8.5.5.S.1 Software Patching Information

  • 8.4.HS.1 Field Performance Data

+ 8.4.V.1 Service Performance Data
= 9.1.3.C.2 Performance Data

…and in with the new

I discussed the two brand new adders, as well as two not-so-new ones, in my July blog post. But, to recap, here are the actual new adders:

  • 9.2.2.C.1 Internal Audit Program Planning specifies that the organization’s internal audit program must cover all applicable Requirements and Measurements Handbook requirements. (There’ve been companies which have neglected to audit their Measurements process – I’ve visited a couple!)
  • 9.1.3.C.3 Sustainability Assessment invites the organization to “assess the status of its sustainability efforts as appropriate to its organization, products, and services”. The QuEST Forum is all over sustainability these days, and this new adder encourages a company to start taking a look into it if it hasn’t already done so.

And here are the ones which have simply migrated into the auditable part of the standard:

  • 4.3.C.1 Declaration of Requirement and Measurement Applicability (formerly clause 3.1 in RHB R5.5) about declaring non-applicable requirements and measurements exemptions in the TL 9000 profile.
  • 4.3.C.2 TL 9000 Profile and Scope (formerly clause 3.2) about what should and should not go into the organization’s profile and scope statement.

Four in, twelve out – what about the rest?

Of the remaining requirements:

  • 20 were simply renumbered: not a word has changed.
  • 24 had their terminology tweaked to align with the language of ISO 9001:2015 (e.g., to speak of documented information rather than records).
  • 19 were reworded for clarity only.
  • But 13 were actually modified to the extent that the requirement has effectively changed; and they are:
    • 6.2.2.C.1 Customer Input now expects joint quality improvement programs only with selected customers.
    • 6.2.2.C.3 Long- and Short-Term Quality Planning now emphasizes planning to achieve long- and short-term objectives but is less prescriptive about what the plans should address.
    • 7.1.1.C.1 Business Continuity Planning now makes it much clearer that disaster recovery is only one element of business continuity (and not the other way around).
    • 7.2.HV.1 Operator Qualification and Requalification is clearer about the adder’s scope, and adds a requirement for communication of information to all those affected.
    • Control of Customer-Supplied Documents and Data no longer requires a documented procedure.
    • 8.2.1.C.3 Problem Report Feedback no longer requires its provision “in a timely and systematic manner”.
    • 8.3.2.C.3 Requirements Traceability now requires documented information instead of just a method.
    • 8.3.5.V.1 Services Design and Development Output now aligns with Product Design and Development Output in terms of saying what the output should include (as opposed to shall), and also expects documented information vs. procedures.
    • 8.3.6.C.2 Informing Customers of Design Changes no longer requires a documented procedure.
    • 8.4.1.C.2 External Provider Performance Management has lost its first three bullet points – the ones that had always just reiterated what was in the ISO 9001 requirement.
    • 8.6.HV.1 Inspection and Test Documentation clarifies its application only to the production and later phases of the life cycle (i.e., not to testing during development), and also replaces data with documented information.
    • 9.1.1.C.1 Process Measurement eliminates the reference to design process measurements (which are addressed by 8.3.2.HS.3) and now specifically calls for action if planned results are not achieved (a requirement which was lost in translation when 2008’s 8.2.3 became 2015’s 9.1.1).
    • 9.1.2.C.1 Customer Satisfaction Data has been significantly shortened by removing both the requirement for a method and the specifics about what sort of data should be collected.

Were you taking notes?

Oh, yes, TL 9000’s notes… well, there are new notes, reworded notes, deleted notes, a single modified note (guess which one!)… but, since they’re not auditable, let’s not worry about them today!

If you want a little more detail about the TL 9000:2016 (R6) delta, take a look at QuEST Forum’s Changes from Requirements Release 5.5 to 6.0 document, or take the actual delta training available in the E-Shop.