Telecommunications Industry Association (TIA)

Business Performance Community (BPC)

TL 9000
Quality Management System

Requirements Handbook

Point Release R6.2

The ICT Quality Management System

Performance Excellence through Global ICT Quality
 Copyright

Copyright © 2019 Telecommunications Industry Association

For information about TIA’S BPC

visit https://www.tiaonline.org/what-we-do/business-performance/

For TL 9000 specific information,

visit the TL 9000 website at https://tl9000.org

TL 9000 is a registered trademark

of the
Telecommunications Industry Association

Sections of this document contain copyrighted material from a variety of sources; these sources are
identified in the Bibliography of this handbook.

This text is copyrighted by the International Organization for Standardization. Not for resale. No part of
this standard may be copied or reproduced in any form, including an electronic retrieval system, without
the prior written permission of the American National Standards Institute, Inc., 25 West 43rd Street, 4th
floor, New York, NY 10036, which holds reproduction rights in the United States.

Throughout this document the term ‘TL 9000’ refers to TL 9000Quality Management System
Requirements Handbook Point Release R6.2), namely this volume, unless specifically stated otherwise.
Also, the term ‘ISO 9001’ refers to ISO 9001:2015 [2], unless specifically stated otherwise.

Requirements Handbook Point Release R6.1 included changes to Sections 8.3 and 8.6 intended to clarify
how these requirements apply regardless of the design and development methodology used by the
organization.

Requirements Handbook Point Release R6.2 modifies two requirements (8.3.2.C.1 Project Planning and
8.3.3.C.2 Design and Development Requirements), rewords three others, and updates the terminology in
one. It also rewords three notes, adds one new note, and renumbers a note.

All TL 9000 Certified organizations are required to transition to meet Requirements Handbook Point
Release R6.2 even if not impacted by the changes in this release.

Approved and Adopted

by
TIA’s BPC
Effective

April 1, 2020

TL 9000 Quality Management System Requirements Handbook R6.2

ii
 Section 4 – Context of the organization

Context of the organization

Understanding the organization and its context

There are no additional requirements for this section of ISO 9001

Understanding the needs and expectations of interested parties

There are no additional requirements for this section of ISO 9001

Determining the scope of the quality management system

Additional requirements for TL 9000 are shown below

4.3.C.1 Declaration of Requirement and Measurement Applicability – The organization shall declare
in its registration profile any requirements determined as not applicable, as well as any measurement
exemptions claimed.

4.3.C.1-NOTE 1 It is not necessary for an organization to declare a TL 9000 requirement as not applicable if the
requirement is outside the scope of the TL 9000 registration specialty option(s) the organization has selected. Also, it
is not necessary for an organization to declare as not applicable any TL 9000 requirement where the requirement
itself or an associated note states the requirement is not applicable to the organization’s product or service category
type.

4.3.C.1-NOTE 2 See Measurements Handbook[5] for definition of measurement exemptions.

4.3.C.2 TL 9000 Profile and Scope – An organization seeking certification shall determine, in
coordination with its Certification Body (CB), the
− TL 9000 scope statement,
− ISO 9001 scope statement,
− requirements determined as not applicable,
− measurement exemptions,
− registration specialty options,
− NACE codes,
− product categories,
− locations or sites,
− ISO 9001 version,
− TL 9000 Requirements and Measurements release levels, and
− use of Advanced Surveillance and Reassessment Procedure (ASRP).

All the registration information shall be recorded and maintained on TL 9000’s Registration Management
System (RMS) in a registration profile. The TL 9000 Administrator shall provide relevant information to the
IAF database of accredited certifications. The certificate issued by the CB shall reference the registration
profile on the RMS by the TL ID number assigned to the registration by the TL 9000 Administrator when
the profile is created.

TL 9000 Quality Management System Requirements R6.2

Without ISO 9001 Text
1
Section 4 – Context of the organization

The scope statement shall include

a) an identification of the organization being registered, which may encompass the entire
organization, an organizational unit, or a combination of units, and
b) products/product lines covered by the registration. If not all products/product lines are included in
the registration, then either the included or excluded products/product lines shall be listed.

The scope statement shall not include

a) product category codes,
b) locations or sites,
c) ISO 9001, Requirements Handbook and Measurements Handbook release levels,
d) registration specialty option, and
e) other parameters identified as individual fields in the registration profile.

Quality management system and its processes

There are no additional requirements for this section of ISO 9001

There are no additional requirements for this section of ISO 9001

TL 9000 Quality Management System Requirements Handbook 6.2

Without ISO 9001 Text
2
Section 6 - Planning

6.2 Quality objectives and planning to achieve them

6.2.1

Additional requirements for TL 9000 are shown below

6.2.1.C.1 TL 9000 Measurements Targets – Quality objectives shall include targets for the TL 9000
measurements defined in the Measurements Handbook [5].

6.2.2

Additional requirements for TL 9000 are shown below

6.2.2.C.1 Customer Input – The organization shall implement methods for collaboration with customers
on quality planning activities. The organization should establish joint quality improvement programs with
selected customers.

6.2.2.C.2 External Provider Input – The organization shall implement methods for collaboration with
external providers on quality planning activities.

6.2.2.C.3 Long- and Short-Term Quality Planning – The organization’s quality planning activities shall
include plans to achieve long- and short-term quality objectives. Performance to these quality objectives
shall be monitored and reported to top management. Top management shall demonstrate their active
involvement in long- and short-term quality planning.

6.2.2.C.3-NOTE Factors that may be considered for planning are

a) cycle time,
b) customer service,
c) training,
d) cost,
e) delivery commitments,
f) product reliability,
g) security and privacy, and
h) sustainability.

TL 9000 Quality Management System Requirements Handbook R6.2

6-2
 Section 8 - Operation

7. Support

7.1 Resources

7.1.1 General

Additional requirements for TL 9000 are shown below

7.1.1.C.1 Business Continuity Planning – The organization shall establish and maintain documented
plans for continuity of operations, disaster recovery, infrastructure, and security restoration to ensure the
organization’s ability to continue to support its products and services. Business continuity plans shall
include, at a minimum, crisis management, disaster recovery, and information technology. Business
continuity plans shall be periodically evaluated for effectiveness and reviewed with appropriate levels of
management.

7.1.1.C.1-NOTE 1 Types of recovery capabilities should include a series of statements related to infrastructure,
personnel, and data. Examples include who is notified, under what circumstances are they notified, who has the
authority to act, and who will coordinate the steps outlined in the plan.

7.1.1.C.1-NOTE 2 Business continuity planning may consider recovery from security incidents such as cybersecurity,
malware, and ransomware attacks.

7.1.2 People

There are no additional requirements for this section of ISO 9001

7.1.3 Infrastructure

Additional requirements for TL 9000 are shown below

7.1.3.C.1 Infrastructure Security – The organization shall determine, provide, and maintain security for
the infrastructure.

TL 9000 Quality Management System Requirements Handbook R6.2

7-1
Section 7 - Support

7.2.C.4 Electrostatic Discharge (ESD) Training – All personnel with functions that involve handling,
storage, packaging, preservation, or delivery of ESD-sensitive products shall receive training in ESD
protection prior to performing their jobs. The type and frequency of ESD refresher training shall be
defined by the organization.

7.2.C.5 Advanced Quality Training – The organization shall offer appropriate levels of advanced quality
training.

7.2.C.5-NOTE Examples of advanced quality training include statistical techniques, process capability, statistical
sampling, data collection and analysis, problem identification, problem analysis, root cause analysis and enabling
tools.

7.2.C.6 Hazardous Conditions Training Content – Where the potential for hazardous conditions exists,
training content shall include
a) methods for task execution,
b) personal safety requirements and appropriate protective equipment,
c) awareness of hazardous environment, and
d) protection of the equipment.

7.2.HV.1 Operator Qualification and Requalification - The organization shall identify activities for which
operator qualification and requalification are necessary. Qualification and requalification requirements
shall be established for identified activities. At a minimum, these requirements shall address education,
experience, training, and demonstrated skills. The organization shall communicate this information to all
those affected.

7.2.HV.1-NOTE Examples of activities that require qualification and requalification include wire wrapping, fiber-optic
fusion splicing, soldering, welding, forklift operation, and tower climbing.

7.3 Awareness

There are no additional requirements for this section of ISO 9001

7.4 Communication

Additional requirements for TL 9000 are shown below

7.4.C.1 Organization Performance Feedback – The organization shall inform personnel of its quality
performance and the level of customer satisfaction, including the results of management reviews (see
Section 10).

7.4.C.1-NOTE Sensitive organizational information may be excluded from this requirement.

TL 9000 Quality Management System Requirements Handbook R6.2

7-4
 Section 8 - Operation

8.3.2 Design and development planning

Additional requirements for TL 9000 are shown below

8.3.2.C.1 Project Planning - The organization's project planning activities shall be based on the defined
product and service life cycle model (see 8.1.C.1). Throughout the project life cycle, the planning activities
should include
a) project organizational structure,
b) roles, responsibilities, and accountabilities of the project team,
c) roles, responsibilities, and accountabilities of related teams or individuals, within and outside the
organization, and interfaces between them and the project team,
d) methods for scheduling, issue resolution, and management reporting,
e) estimation of project factors,
f) assumptions in the plan,
g) budgets, staffing, and schedules associated with project activities,
h) the various method(s), standards, documented information, and tools to be used,
i) other related project dependencies (e.g., risk management, development, testing, configuration
management, and quality),
j) project-specific development or service delivery environment and physical resource considerations
(e.g., resources to address development, user documentation, testing, operation, required
development tools, secure computing environment, lab space, workstations, etc.),
k) customer, user, and external provider involvement during the product and service life cycle (e.g., joint
reviews, informal meetings, and approvals),
l) management of project quality, including appropriate quality measures,
m) design for X (DFx) as appropriate to the product and service life cycle,
n) lessons learned from previous post-project analyses and retrospectives, including root cause analysis
and corrective actions to be taken to preclude repetition in future projects,
o) project-specific training requirements,
p) required certifications (e.g., product and/or service certifications or employee technical certifications),
and
q) proprietary, usage, ownership, warranty, and licensing rights.

8.3.2.C.1-NOTE 1 Work instructions defining tasks and responsibilities common to all development projects need not
be replicated per individual project.

8.3.2.C.1-NOTE 2 Estimation may consider project factors such as size, complexity, requirements changes, effort,
staffing, schedules, cost, quality, reliability, velocity, and productivity. Data from the estimation process should be
analyzed to compare original estimates to actuals.

8.3.2.C.1-NOTE 3 DFx examples include Manufacturability, Reliability, Regulatory, Serviceability, Safety,

Sustainability, Security, Privacy, and Testability. See 'Design for X (DFx) Guidance Document' at
tl9000.org/handbooks/rh_guidance.html for a list of examples and other information on DFx.

8.3.2.HS.1 Configuration Management Planning - The organization shall establish and maintain a
method(s) to perform configuration management, which should include
a) identification and scope of the configuration management activities,
b) schedule for performing these activities,
c) configuration management tools,
d) configuration management methods and documented information,
e) organizations and responsibilities assigned to them,
f) level of required control for each configuration item, and
g) point at which items are brought under configuration management.

TL 9000 Quality Management System Requirements Handbook R6.2

8-12
Section 8 - Operation

8.3.3 Design and development Inputs

Additional requirements for TL 9000 are shown below

8.3.3.C.1 Customer and External Supplier Input – The organization shall establish and maintain
methods for collaboration with customers and external providers during the development of new or
revised product/service requirements.

8.3.3.C.2 Design and Development Requirements – Design and development requirements shall be
defined and documented, and should include
h) quality and reliability requirements,
i) functions and capabilities of the products and services,
j) business, organizational, and user requirements,
k) safety, environmental, sustainability, security, and privacy requirements,
l) manufacturability, installability, usability, interoperability, and maintainability requirements,
m) design constraints,
n) testing requirements,
o) product computing resources,
p) lessons learned from previous projects and retrospectives, and
q) hardware packaging requirements.

8.3.3.C.3 Requirements Allocation - The organization shall document the allocation of product and
service requirements to their architecture.

8.3.3.C.3-NOTE Examples of requirements which should be allocated are response time for software, heat
dissipation for hardware, and service response time for services.

TL 9000 Quality Management System Requirements Handbook R6.2

8-18
 Section 8 - Operation

8.4 Control of externally provided processes, products and services

8.4.1 General

Additional requirements for TL 9000 are shown below

8.4.1.C.1 Procurement Process – The organization shall maintain documented information on the
procurement process to ensure
a) product and service requirements are clearly defined,
b) risks are understood and managed,
c) qualification criteria are established,
d) acceptance criteria are established,
e) contracts are defined,
f) proprietary, usage, ownership, warranty, and licensing rights are satisfied,
g) future support for products and services is planned,
h) ongoing supply-base management and monitoring is in place, and
i) external provider selection criteria are defined.

8.4.1.C.2 External Provider Performance Management – The organization shall plan and perform
external provider performance management and development activities so that
a) external provider quality performance is tracked, and feedback is provided to external providers to
drive continual improvement, and
b) for identified key external providers, alignment toward conformity to TL 9000 requirements and
measurements or other appropriate quality management systems for the external provider’s products
and services occurs, with a preference toward TL 9000.

8.4.1.C.2-NOTE 1 External provider performance management planning and activities should be in

conjunction with the organization improvement processes of Section 10.

4.1.C.2-NOTE 2 It is recognized that it is not possible for an organization to provide the same level of
interaction with all external providers. The level provided may depend on the amount of business with an
external provider, the criticality of products or services, history of problems, organization expectations,
significance of an external provider within the supply chain or other factors.

8.4.1.C.2-NOTE 3 Examples of alignment toward conformity to appropriate quality management systems

may include
a) surveys,
b) external provider questionnaires,
c) external provider education and training regarding conformance to standards,
d) the use of TL 9000 requirements and measurements, in full or in part,
e) second-party audits evaluating TL 9000 conformance or conformance to an appropriate quality
management system, and
f) Certification to TL 9000 or other quality standards accredited by a signatory of the IAF MLA (where
this is available) or by the appropriate sector accreditation body. Examples include ISO 9001[2],
AS9100[6], CMMI[7], IATF 16949[8], etc.

8.4.2 Type and extent of control

There are no additional requirements for this section of ISO 9001

TL 9000 Quality Management System Requirements Handbook R6.2

8-12
Section 8 - Operation

8.4.3 Information for external providers

8.5.4.S.1 Software Malware Protection – The organization shall establish and maintain methods for
software malware prevention, detection, and removal from the deliverable product.

8.5.5 Post-delivery activities

Additional requirements for TL 9000 are shown below

8.5.5.H.1 Testing of Repair and Return Products - Repair and return products shall be subjected to the
appropriate evaluation(s) and/or test(s) to ensure functionality to product specification(s).

8.5.5.HS.1 Emergency Service Provisioning - The organization shall ensure that services and
resources are available to support recovery from emergency failures of product in the field throughout its
expected life. The organization shall identify potential situations that may have an impact on its ability to
provide the emergency service and shall have response plans to address these situations. These plans
shall be based on risk and periodically assessed.

8.5.5.S.1 Software Patching Information - The organization shall maintain documented information for
software patching that
a) guides the decision to solve problems by patching,
b) addresses patch development information, propagation (forward and backward), and resolution,
c) is consistent with customer needs or contractual requirements for maintenance support,
d) ensures that the organization provides the customer with a statement of impact on the customer's
operation for each patch, and
e) ensures that all documentation required to describe, test, install, and apply a patch has been verified
and delivered with the patch.

8.5.6 Control of changes

There are no additional requirements for this section of ISO 9001

TL 9000 Quality Management System Requirements Handbook R6.2

8-18