These free guidance documents collect some of Oxebridge’s vast, user-focused experience and present them in easy-to understand language for all quality system users.

Want the articles at once, plus a lot more? Download the free Oxebridge Guidance Document Compendium — nearly 100 pages of free guidance, including most of the articles below. (PDF format – 3.8 MB)


business-documentsThe Benefits of ISO 9001:2015 (Article Series)

Oxebridge is a longtime critic of ISO 9001, but we wouldn’t still be selling consulting for the standard if we didn’t understand it has benefits. In this series of articles, we examine each of the clauses of ISO 9001:2015 and provide means of extracting tangible benefits from each.

Part 1: Clause 4 on “Context of the Organization”

Part 2: Clause 5 on “Leadership”

Part 3: Clause 6 on “Planning”

Part 4: Clause 7 on “Support”

Part 5: Clause 8.1 on “Operational Planning & Control”

Part 6: Clause 8.2. on “Requirements for Products & Services”

Part 7: Clause 8.3 on “Design & Development”

Part 8: Clause 8.4 on “Control of Externally Provided Processes, Products and Services”

Part 9: Clause 8.5.1 on “Control of Production and Service Provision”

Part 10: Clause 8.5.2 on “Identification & Traceability”

Part 11: Clause 8.5.3 on “Property Belonging to Customers and External Providers”

Part 12: Clause 8.5.4 on “Preservation”

Part 13: Clause 8.5.5 on “Post-Delivery Activities”

Part 14: Clause 8.5.6 on “Control of Changes”

Part 15: Clause 8.6 on “Release of Products & Services”

Part 16: Clause 8.7 on “Control of Nonconforming Outputs”

Part 17: Clause 9 on “Performance Evaluation

Part 18: Clause 10 on “Improvement”

Traction: Aligning ISO 9001 and the Entrepreneurial Operating System (EOS)

Companies that have already implemented Gino Wickman’s “EOS®” method, based on the book Traction, may find they still need to implement ISO 9001 to comply with a customer requirement. This article walks through the EOS “Six Key Components” and tracks how they align with ISO 9001:2015.

Traction: Aligning ISO 9001 and the Entrepreneurial Operating System (EOS)

Implementing the ISO 9001:2015 “Process Approach”

A system is a set of processes, and a quality system is no different.

This comprehensive article provides a full top-down examination of the requirements of ISO 9001:2015 clause 4.4, and how to implement the “process approach” in a way that ensures the quality management system is structured correctly, and which allows top management a robust means of measuring the effectiveness of each process within the QMS.


Implementing the ISO 9001:2015 “Process Approach”


Practical Implementation of ISO 9001:2015 Risk-Based Thinking

A three part series on how to implement ISO 9001’s new Risk-Based Thinking (RBT) in a practical way, using simple tools and approaches anyone can understand.

Part One: The COTO Exercise

Understanding the context of the organization is critical to framing the risks that affect your company.

Part Two: Defining Risk and Opportunity

ISO’s definitions of risk are ever-changing, and often contradictory. Defining the terms as they pertain to your organization is critical.

Part Three: RBT in Practice

How to determine your risks, and then manage them, without driving yourself crazy.

How To Properly Write an Audit “Opportunity for Improvement” (OFI)

For decades, auditors have engaged in covert consulting by hiding their advice under the guise of “opportunities for improvement.” Such practices are prohibited by accreditation rules, including ISO 17021-1.

This article provides easy-to-understand guidance on how to write an OFI without crossing over into consulting.

How To Properly Write an Audit “Opportunity for Improvement” (OFI)

thinkaboutriskHow to Audit ISO 9001:2015’s Risk-Based Thinking

A lot of confusion has arisen on how to audit the new ISO 9001 revision’s concept called “risk-based thinking.” The actual standard doesn’t require any documents, processes or records, so how does one audit “thinking”? The answer is remarkably simple.

A great resource for both internal and external auditors.

How to Audit Risk Based Thinking

complaintthumbHow To File a Complaint Against Your Registrar or Accreditation Body

Registrars and accreditors are required to respond to complaints from customers and stakeholders, but the exact procedure to follow can be confusing. This guide will help you in filing a complaint with your CB and, if necessary, escalate that to the AB, IAF or beyond.

Includes a link to a complaint template form in editable .DOCX format.

How To File a Complaint Against Your Registrar or Accreditation Body

onewayHow to Respond to an Invalid Nonconformity From Your ISO 9001 Registrar

Unfortunately, the ISO 9001 certification body auditors sometimes write nonconformities that are invalid — in the US we call them “bogus” — but which nevertheless have to be responded to. This guide provides in-depth, step-by-step method to politely, professionally and effectively contest an invalid finding, and how to escalate it if things don’t go well.

(Note: while this article refers to ISO 9001, the information herein works equally well for AS9100, ISO/TS 16949 and most other management system certifications.)

How to Respond to an Invalid Nonconformity From Your ISO 9001 Registrar

How To Ensure Your Registrar Uses the Right Industry Codes, and Why It’s Important

Your ISO 9001 or ISO 14001 registrar must assign the proper International Accreditation Forum (IAF) Code to your business, so they can properly assign an auditor with the appropriate industry experience. Of course they never do that, resulting in incompetent auditors assessing companies in industries for which they have no clue.

This helpful guide explains how CBs calculate IAF codes using the NACE and SIC code systems, and provides the full list of current IAF codes so you can be sure the right one is assigned to your company.

How To Ensure Your Registrar Uses the Right Industry Codes, and Why It’s Important

Ensure A Fair Registration Audit With These Contractual Obligations For Your ISO 9001 Registrar

Second Edition

This comprehensive document provides you a full array of contractual riders you should flow down to your ISO 9001 registrar, to ensure they remain in compliance with the accreditation rules of ISO 17021. These contractual clauses will protect your organization from numerous rogue CB practices, such as the spreading of your confidential intellectual property, improper filing of audit reports, and poor reporting of nonconformities.

Completely updated for 2015, this Second Edition represents the latest requirements you can invoke from the latest version of ISO 17021. A must for any organization that wants to ensure it retains control over its QMS certification activity, and to ensure the validity in the resulting certificate.

Download free Guidance Document here — PDF (540 kb)

Using Indented Lists to Organize Objective Evidence on Audit Reports

A method on how to use indented or “bulleted” lists to organize audit report evidence in a simple, yet powerful, way that keeps an auditor’s thoughts organized, and allows the auditee to read the data in an orderly fashion later.

Using Indented Lists to Present Audit Evidence

Do It Yourself “Rapid ISO 9001” – Ten Quick Pointers

When someone posted a question on LinkedIn asking for tips on how to implement ISO 9001 quickly, we came up with a list of 10 — okay, 11 — points that summarized how to implement ISO 9001 in a rapid fashion.

Do It Yourself “Rapid ISO 9001” – Ten Quick Pointers

AS9100 Counterfeit Part Control for Small Machine Shops

AS9100 has language requiring user organizations to prevent the purchase or introduction of counterfeit or suspect counterfeit parts into final products. This article provides easy guidance on how to implement this in low-risk machine shops.

Implementing AS9100’s Clause on Counterfeit Part Control for Small Machine Shops

AS9100 Configuration Management for Small Machine Shops

AS9100’s requirements for configuration management (CM) are well understood by the massive aerospace primes, but can present overkill and confusion for small downstream suppliers. Fortunately, for the small machine shop, the configuration management requirements can be easily met.

AS9100 Configuration Management for Small Machine Shops

The Truth About ISO Grants No One Wants You to Know

Learn about US grant funding for ISO 9001 implementation: what’s covered, what isn’t, and how consultants try to rip you off because you don’t know how grants work.

The Truth About ISO Grants No One Wants You to Know

Process Audits Made Blindingly Simple

A process audit shifts the focus from the product to the process, and examines each process’ ability to produce a product that meets the requirements for that process. You are still looking at products, but not solely at them. This article describes how to conduct process audits using six simple steps, and no jargon. Plus, turtle-free!

Process Audits Made Blindingly Simple

Selecting a Registrar

If you choose to have your management system certified by a third party, there are some important realities to consider. Unfortunately, turmoil in the market has led to some confusion, much of it intentionally created by unaccredited “certificate mills” who are trying to steal market share. You’re going to spend a lot of money on your registrar, you need to make the right decision. Here’s a handy guide on selection of your third party Certification Body (CB), or “registrar.”

Selecting a Registrar