[This series of articles tries to emphasize the benefits of ISO 9001, and how to yield results from each major clause of the standard.]
Clause 8.5.3 is called “Property Belonging to Customers or External Providers,” and expands on prior versions of ISO 9001 which only addressed “customer supplied property.” Now, under ISO 9001:2015, the scope expands in two directions: first, it includes property related to your suppliers (vendors), and second, it applies to intellectual property, not just physical items.
The change related to IP makes sense; in an increasingly digital world, at times the data and information circulated between parties is as valuable as physical product or materials. The expansion to include supplier property is unusual, though, and many companies will find it’s hard to comply with. The companies most affected by this would be those who allow a “consignment shop” to have a physical presence in their facility, where the items remain the property of the supplier until such time as the company buys them. This does not apply to received items, sitting in a warehouse, and purchased by the company already; in that case, the property is your own (you bought it) and no longer the property of an “external provider.”
Essentially, the controls expected are the same whether the third-party property belongs to the customer or a supplier. The Golden Rule applies here: “treat the property as if it were your own.” This means ensuring it’s not damaged, lost, corrupted, stolen, etc. However, because the property is owned by a third party, any failures can have more dire consequences than if the property were yours. You could face a lawsuit, insurance claims, contract violations, etc. So you may want to treat third-party property with even more care.
The standard requires such property to be identified, verified, protected & safeguarded, and then reported when lost or damaged. It should be distinguished in some way from your own property, so you don’t use it by accident.
Remember, this applies to intellectual property as well, but this is typically easy to accomplish. By providing firewalls, anti-malware, and good data hygeine protocols, you can prevent the IP from being lost, corrupted or — worst of all — stolen.
When implemented properly, Clause 8.5.3 should result in the following tangible benefits for your company:
- For physical property:
- You will have this clearly distinguished from the property you own, so you won’t accidentally commingle it.
- If such property is lost or damaged, you will quickly know who the owner is, so you know who to contact to report and resolve the issue.
- Clearly identified third-party property allows you to apply additional controls for preservation and safekeeping, to reduce the likelihood of damaging or losing it.
- This all reduces legal liabilities and exposure to other costs that might be incurred should you lose or damage the property.
- Finally, this helps ensure high levels of customer satisfaction.
- For intellectual property:
- Leaks of IP to third parties or bad actors can result in serious legal liabilities, and related costs; good controls prevent this.
- Proper identification of the IP ensures everyone knows what the data is intended for, so it’s not misused.
- Again, this helps maintain customer satisfaction.
Click here for the full series of articles on The Benefits of ISO 9001:2015.