To perform a GAP analysis and verify compliance with Clause 8.1 (sections d and e) on Operational Planning and Control, you should examine how your organization controls its processes and maintains necessary documentation. Here’s a breakdown of what to assess to determine compliance with each requirement:

1. Implementing Control of Processes According to Criteria (8.1d)

Review Process Control Mechanisms

To verify compliance, evaluate how the organization controls each process according to established criteria. This involves reviewing process controls, such as checklists, standard operating procedures (SOPs), quality checks, and in-process monitoring systems that ensure processes are performed as intended.

Assess Consistency of Controls

Check for evidence that these controls are consistently applied. Look at a sample of process records, such as production logs or quality inspection reports, to ensure the organization routinely uses these control measures to maintain quality and adherence to process criteria. Consistency in applying controls demonstrates that the organization effectively manages its processes.

2. Documenting Processes to Provide Confidence and Demonstrate Conformity (8.1e)

Verify Maintenance of Documented Information

Confirm that the organization maintains and retains documented information that shows processes have been carried out as planned and that products or services meet requirements. Look for documents such as process logs, inspection records, test results, or quality control reports.

Assess Completeness of Records

Check that these records are complete and accurate, providing sufficient detail to instill confidence that the processes consistently produce conforming products or services. The extent of documentation should be adequate to demonstrate both process consistency and product or service conformity.

3. Review of Planned and Unintended Changes

Evaluate Change Control Procedures

Verify that the organization has established a process to manage planned changes to operations, such as alterations in process steps, resources, or materials. Review any change control documentation, such as change request forms, approval records, or risk assessments, that shows how planned changes are controlled.

Examine Handling of Unintended Changes

Confirm that there’s a procedure for addressing unintended changes when they occur. Look for evidence in records, such as nonconformance reports or corrective action logs, demonstrating how the organization identifies, reviews, and mitigates unintended changes and their potential adverse effects.

4. Control of Outsourced Processes (8.4)

Review Control Measures for Outsourced Processes

If the organization outsources any part of its operations, verify that appropriate controls are in place for these outsourced processes. This might include reviewing supplier agreements, contracts, or performance monitoring records to ensure that outsourced work aligns with the organization’s quality requirements.

Check Monitoring of Outsourced Providers

Confirm that the organization monitors the performance of outsourced providers to ensure their work consistently meets the organization’s requirements. Evidence could include supplier evaluations, quality audits, or periodic performance reviews.

By examining these aspects, you can assess if the organization complies with Clause 8.1 sections d and e. Compliance evidence
should include clear, documented process controls, well-maintained records, and procedures to manage changes and outsourced work, all of which ensure that operations meet planned criteria and produce conforming products or services.