Clause 8.6 Release of Products and Services (explained)

Table of Contents

So, you have completed production and your products are ready to be packed and shipped to the customer, but what should you do before they are dispatched (released)? You should perform the final checks to ensure conformity to the design and customer requirements. For service delivery, you finalise and check the design requirements of the service with the customer before the service is performed for the first time. The process of ‘release’ refers to checking, verification and validation to affirm conformity of the product or service.

Planned Arrangements

ISO 9001:2015 refers to the process of releasing products and services as Planned arrangements. Does this mean that you should have a ‘plan’ before the release of products and services? Absolutely! This requires a planned process that has been resourced, communicated, trained out, monitored for effectiveness, audited and reviewed in the same fashion that any other process of your management system. Although ISO 9001:2015 does not specifically require documentation to be maintained for this process, it would be very wise to do so. We have already talked about verification and validation in previous chapters and the process for the release of products and services will contain similar functions such as:

  • Acceptance criteria; what design and/or customer requirements do the products need to meet? Are there any statutory or regulatory criteria that must be met? Is there an allowed percentage variation? Are the criteria relevant and up-to-date?

  • Calibrated instruments; does the product or service verification require the use of calibrated devices? If so, have the devices been checked for conformity against a recognised standard such as those held by UKAS (see chapter 7.1.5).

  • Verification timeframe; when does monitoring and measuring for verification happen? Does it happen at various stages of the production or service delivery process or only at the point of release? Who checks the checker? In other words, for critical products or services, there might be the need for multiple final checks before conformity can be officially verified.

  • Customer approval; has a test sample of a product or service been sent for approval to the customer? If so, have you a formal process of acceptance that is documented other than ‘word of mouth’?

  • Verification authorisation; who has the responsibility and authority for the final release of products or services? Is this a single-stage process or does final verification and release have to go through a second stage that is completed by a person of higher authority?

  • Release records; records of verification and final checks should be retained that would display all of the information from the points discussed above.

  • Legal requirements; certain products or services have to conform to statutory and/or regulatory requirements before they can be released. Who has the authority and competence to complete this process? Have you budgeted for the necessary timeframe required to complete this process?

Check, Check and Check Again!

I’m sure that you have heard the phrase: ‘check, check and then check again’. This is exactly the idea behind the requirements of this clause. Firstly, perform all of your internal verification checks. Depending upon the complexity of your products or services, there may be multiple checks at various stages of production or service delivery. After your internal verification checks, send a product sample to the customer for inspection and approval. Lastly, perform your final checks to ensure that there has been no deviation from the design specification before final release and shipment to the customer.

The concept of a risk-based approach is relevant again here. For example, if you are in the business of producing in-vitro medical devices, your verification processes are going to be extremely complex and will require multiple verification checks. Final approval before product release will only occur after many years of testing and verification. The authority for the release of these types of products can often only be granted by a regulatory body. Other examples of high-risk products of this nature include drugs and medication, parts manufactured for the aviation and automotive industries and certain baby foods etc.

A Customer Concession

In certain circumstances where a product does not fully meet the design criteria, the customer might issue a ‘concession’. In an example I gave earlier, I mentioned that a printed package did not have the correct Pantone ink colour when tested with a colourimeter. In this instance, the shade of the colour might be only a fraction outside the design criteria. However, upon inspection, the customer has deemed this to be acceptable. The customer has issued you with a concession and has approved the product ready for the final release. When concessions are made, be sure that it is recorded and retain the records that have been signed by the customer. Failure to do this may result in the customer changing their mind after the final release which would cause you all kinds of problems.

Documentation Requirements

ISO 9001:2015 requires that you shall retain documented information on the release of products and services to include:

  • Acceptance criteria; this is where you are recording evidence of conformity to the design criteria. Two types of evidence are normally recorded here: evidence of conformity to design that is recorded during your organisation’s internal testing and verification processes. You must also retain records of verification and acceptance of conformity for products or services that are made by the customer. Depending upon the context of your organisation, you might also have to maintain records of acceptance and conformity from a statutory or regulatory body.

    Your records will indicate:
  1. When the test was performed.
  2. Who performed the test.
  3. Observed and/or measurable data such as size, weight or light refraction etc.
  4. Who authorised the test results.
  • Traceability to authorisation; in other words, who authorised the final release of products or services? This might not be as straightforward as it sounds. There may be issues of language that could cause confusion or problems. If the final authorisation was issued by a person on a form written in a foreign language, you might struggle to interpret this in a critical situation where time is of the essence. There could also be problems caused by software and electronic forms where a handwritten – ink signature is required but a PDF form has been issued that is only designed for electronic signatures. Certain legal requirements maintain that only ‘original’ documents can be retained and photocopied or electronic versions are not acceptable. Traceability is required in case of problems after the final release. Should a product or service fail because it does not conform to the design specification criteria then someone will want to ‘point a finger’ at the person who authorised the final release. Of course, this should never happen because should be regarded as a process failure rather than human error.

You can duplicate your records of verification and inspections and provide them along with the shipping note to the customer or use whatever method suits your internal requirements. You can retain records of verification and inspection as physical paper copies or scan them as electronic documents for storage on a computer. For service delivery, you can simply have the customer sign a record of acceptance after the service has been completed. As with any documentation, ensure that it conforms to the requirements of clause 7.5 and is controlled by a document controller.

For auditors:

  • Check for a process that plans for the release of products and services.
  • Check for records that confirm conformance with acceptance criteria.
  • Check roles, responsibilities and authorities for the final release of products and services.
  • Check for any non-conformances and corrective actions against the release of products and services and how they were closed off to result in continual improvements.

Other questions that I will answer in future articles:

  • How to deal with non-conforming outputs.
  • How to delegate authority.
  • How to control the release of products and services.
  • What are the acceptance criteria?
  • What are design criteria specifications?

References: 

  • www.iso.org
  • ISO 9000:2015
  • ISO 9002:2015
  • ISO 14001:2015
  • ISO 45001:2018

Please be kind, share and create a link back to this article.

(c) All content is copyrighted to ISO Training UK – All rights reserved 2022.

Author Bio

Paul Ingram has over 15 years of experience working in quality, health and safety and environmental management. Specialising as a trainer, he has provided training to thousands of delegates for small and multi-national businesses across the globe. A specialist in management system training and able to design and deliver courses for ISO 9001, 45001 & 14001. This includes implementation, Introduction, Internal Auditor, Lead Auditor, Remote Auditing, Management Brief and many more. For more information about booking a course visit: ISO Training & Consultancy

You cannot copy content of this page