KEY CONSIDERATIONS IN IMPLEMENTING ISO 9001 IN SMEs
There are many issues that must be addressed in moving the QMS from the initial state to the desired state. For example, all organizations implementing ISO 9001 will need to consider the unique culture within the organization, its size, and the resources available. Beyond those widely discussed points, three issues that merit particular attention are (1) consideration of the QMS as a parallel function, (2) training, and (3) auditing. Key points associated with these issues are discussed below.
Consideration of QMS as Parallel Function
In the case of all of the transitions depicted, real benefits from the QMS are more likely to be experienced if the QMS is implemented directly into the core structure of the organization. SMEs must be cautious against establishing a QMS that is run separately in parallel to its other systems. In SMEs, the parallel subsystem most commonly exhibits itself as a separate Quality Assurance, or in some cases, ISO 9001 department. Possible reasons for this may include the existence of rigid departmental boundaries in some SMEs or overemphasis on core activities. As Yauch and Steudel [10] note, SMEs tend to focus their attention on “…necessary routine activities (such as sales, production, shipping, etc.) rather than activities aimed at improving processes or systems.” If a SME insists on establishing a separate quality department, its level of effectiveness can be increased by embedding the QMS in widely-used organizational systems where practical. The integration is largely a function of how well the QMS manages to share information with other subsystems and its ability to align with the policies, norms, goals, and values in place throughout the organization.
Training
In SMEs, training and staff development is more likely to be ad hoc and small scale because of modest human and financial resources and the absence of a specific training budget. To prevent the problems arising from lack of education and training, two things must be done:
1. Education of Top Management: The centralization of decision-making processes within many SMEs means that the management can either be the main stumbling block to change or the main catalyst for change. Therefore, any approach to ISO 9001 implementation must involve considerable education for the top management of the organization to create awareness and understanding of the implementation process as a change initiative. Implementing a fully functional and documented QMS requires motivation by top management to appreciate, achieve, and implement the necessary measures to meet the standards’ criteria.
2. Education and Training of Employees: SMEs are often under pressure to quickly gain ISO 9001 registration. Meeting the requirements of the standard in a short period of time can prove a formidable obstacle for a small company. Since most SMEs do not possess the needed expertise internally, they may be inclined to hire external experts to provide the necessary technical expertise and manpower. However, having a functioning and documented QMS requires more than that. It requires ensuring that all employees in the organization clearly know what is expected of them and how they can contribute to the attainment of their organizations’ goals. This will likely require the preparation and implementation of a training plan tailored specifically to the unique characteristics and maturity level of the SME.
Auditing
As emphasized throughout the paper, a QMS is not going to produce the expected results unless it is fully functional. While auditing must therefore verify the existence of the necessary documentation, it must also focus on the functionality of the QMS. The measurement of the functionality and the qualitative and financial impacts of a QMS have been the subject of several studies, including Kaynak [11]. Among the categories used to measure functionality and performance improvement, two are particularly noteworthy for our purposes: management commitment and employee involvement. A QMS cannot be functional in the absence of those two characteristics. Therefore, as a minimum, internal and external auditors should continually verify top management’s commitment to increased company-wide quality awareness and improvement in addition to employee involvement in the design, implementation, operation, and improvement of quality related processes and procedures.
Tuesday, September 29, 2009
IMPLEMENTATION GUIDANCE FOR ISO 9001:2008
IMPLEMENTATION GUIDANCE FOR ISO 9001:2008
This Implementation Guidance has been developed to assist users in understanding the issues that need to be considered during the co-existence period between ISO 9001:2000 and ISO 9001:2008.
While the changes between ISO 9001:2000 and ISO 9001:2008 are expected to have a limited impact on users, some arrangements regarding implementation are needed.
Note: To reflect the limited scope of the changes the term “implementation” is now being used to make a clear distinction with the former “transition” from ISO 9001:1994 to ISO 9001:2000, when there were significant changes throughout the standard.
A wide diffusion of this implementation guidance is recommended, in particular the comparison table between ISO 9001:2008 and ISO 9001:2000, given in Annex B to ISO 9001:2008.
ISO 9001:2008 has been developed in order to introduce clarifications to the existing requirements of ISO 9001:2000 and to improve compatibility with ISO 14001:2004. ISO 9001:2008 does not introduce additional requirements nor does it change the intent of the ISO 9001:2000 standard.
Certification to ISO 9001:2008 is not an “upgrade”, and organizations that are certified to ISO 9001:2000 should be afforded the same status as those who have already received a new certificate to ISO 9001:2008 No new requirements were introduced in this edition but, in order to benefit from the clarifications of ISO 9001:2008, users of the former version will need to take into consideration whether the clarifications introduced have an impact on their current interpretation of ISO 9001:2000, as changes may be necessary to their QMS In order to assist organizations to have a full understanding of the new ISO 9001:2008, it may be useful to have an insight on the revision process, how this revision reflects the inputs received from users of the standard, and the consideration given to benefits and impacts during its development.
Prior to the commencement of a revision (or amendment) to a management system standard, ISO/Guide 72:2001 Guidelines for the justification and development of management system standards recommends that a “Justification Study” is prepared to present a case for the proposed project and that it outlines details of the data and inputs used to support its arguments. In relation to the development of ISO 9001:2008 user needs were identified from the following:
- the results of a formal “Systematic Review” on ISO 9001:2000 that was performed by the members of ISO/TC 176/SC2 during 2003-2004
- feedback from the ISO/TC 176/Working Group on “Interpretations”
- the results of an extensive worldwide “User Feedback Survey on ISO 9001 and ISO 9004″ by ISO/TC 176/SC 2/WG 18 and similar national surveys.
The Justification Study identified the need for an amendment, provided that the impact on users would be limited and that changes would only be introduced when there were clear benefits to users.
The key focuses of the ISO 9001:2008 amendment were to enhance the clarity of ISO 9001:2000 and to enhance its compatibility with ISO14001:2004.
A tool for assessing the impacts versus benefits for proposed changes was created to assist the drafters of the amendment in deciding which changes should be included, and to assist in the verification of drafts against the identified user needs. The following decision making principles were applied:
1) No changes with high impact would be incorporated into the standard;
2) Changes with medium impact would only be incorporated when they provided a correspondingly medium or high benefit to users of the standard;
3) Even where a change was low impact, it had to be justified by the benefits it delivered to users, before being incorporated.
The changes incorporated in this ISO 9001:2008 edition were classified in terms of impact into the following categories:
- No changes or minimum changes on user documents, including records
- No changes or minimum changes to existing processes of the organization
- No additional training required or minimal training required
- No effects on current certifications
The benefits identified for the ISO 9001:2008 edition fall into the following categories:
- Provides clarity
- Increases compatibility with ISO 14001.
- Maintains consistency with ISO 9000 family of standards.
- Improves translatability.
This Implementation Guidance has been developed to assist users in understanding the issues that need to be considered during the co-existence period between ISO 9001:2000 and ISO 9001:2008.
While the changes between ISO 9001:2000 and ISO 9001:2008 are expected to have a limited impact on users, some arrangements regarding implementation are needed.
Note: To reflect the limited scope of the changes the term “implementation” is now being used to make a clear distinction with the former “transition” from ISO 9001:1994 to ISO 9001:2000, when there were significant changes throughout the standard.
A wide diffusion of this implementation guidance is recommended, in particular the comparison table between ISO 9001:2008 and ISO 9001:2000, given in Annex B to ISO 9001:2008.
ISO 9001:2008 has been developed in order to introduce clarifications to the existing requirements of ISO 9001:2000 and to improve compatibility with ISO 14001:2004. ISO 9001:2008 does not introduce additional requirements nor does it change the intent of the ISO 9001:2000 standard.
Certification to ISO 9001:2008 is not an “upgrade”, and organizations that are certified to ISO 9001:2000 should be afforded the same status as those who have already received a new certificate to ISO 9001:2008 No new requirements were introduced in this edition but, in order to benefit from the clarifications of ISO 9001:2008, users of the former version will need to take into consideration whether the clarifications introduced have an impact on their current interpretation of ISO 9001:2000, as changes may be necessary to their QMS In order to assist organizations to have a full understanding of the new ISO 9001:2008, it may be useful to have an insight on the revision process, how this revision reflects the inputs received from users of the standard, and the consideration given to benefits and impacts during its development.
Prior to the commencement of a revision (or amendment) to a management system standard, ISO/Guide 72:2001 Guidelines for the justification and development of management system standards recommends that a “Justification Study” is prepared to present a case for the proposed project and that it outlines details of the data and inputs used to support its arguments. In relation to the development of ISO 9001:2008 user needs were identified from the following:
- the results of a formal “Systematic Review” on ISO 9001:2000 that was performed by the members of ISO/TC 176/SC2 during 2003-2004
- feedback from the ISO/TC 176/Working Group on “Interpretations”
- the results of an extensive worldwide “User Feedback Survey on ISO 9001 and ISO 9004″ by ISO/TC 176/SC 2/WG 18 and similar national surveys.
The Justification Study identified the need for an amendment, provided that the impact on users would be limited and that changes would only be introduced when there were clear benefits to users.
The key focuses of the ISO 9001:2008 amendment were to enhance the clarity of ISO 9001:2000 and to enhance its compatibility with ISO14001:2004.
A tool for assessing the impacts versus benefits for proposed changes was created to assist the drafters of the amendment in deciding which changes should be included, and to assist in the verification of drafts against the identified user needs. The following decision making principles were applied:
1) No changes with high impact would be incorporated into the standard;
2) Changes with medium impact would only be incorporated when they provided a correspondingly medium or high benefit to users of the standard;
3) Even where a change was low impact, it had to be justified by the benefits it delivered to users, before being incorporated.
The changes incorporated in this ISO 9001:2008 edition were classified in terms of impact into the following categories:
- No changes or minimum changes on user documents, including records
- No changes or minimum changes to existing processes of the organization
- No additional training required or minimal training required
- No effects on current certifications
The benefits identified for the ISO 9001:2008 edition fall into the following categories:
- Provides clarity
- Increases compatibility with ISO 14001.
- Maintains consistency with ISO 9000 family of standards.
- Improves translatability.
Monday, September 21, 2009
Managing processes In ISO 9001 Standard
The standard requires the organization to manage the identified processes in accordance with the requirements of ISO 9001. The first stage in managing a process is to establish what it is you are trying to achieve, what requirements you need to satisfy, what goals you are aiming at; then establish how you will measure your achievements. The next stage is to define the process you will employ to deliver the results. Managing the process then involves managing all the inherentcharacteristics of the process in such a manner that the requirements of customers and interested parties are fulfilled by the process outcomes. This means:Managing the process inputsManaging the workManaging the physical resourcesManaging the financial resourcesManaging the human resourcesManaging the constraintsManaging the outputs
Process management is therefore much more than managing activities and therefore when describing processes, one needs more than a flow chart of activities. The chart is a diagrammatical representation of a process but only one aspect. One can also add numerical data to the charts to indicate resources, cycle times, delays, costs etc. but the intangible factors of the human environment cannot be reduced to numerical data to add to the charts.
The notes to clause 4.1 of ISO 9001 need some explanation. It is stated that the processes needed for the management system include management activities, provision of resources, product realization and measurement. This note could cause confusion because it suggests that these are the processes that are needed for the management system. It would be unwise to use this as the model and far better to identify the processes from observing how the business operates. The term provision of resources should be Resource Management, which is thecollection of processes covering financial, human and physical resources.
Product realization is also a collection of processes such as design, production, service delivery, etc. Measurement is not a single process but a sub-process within each process. Grouping all the measurement processes together serves no useful purpose except it matches the standard – a purpose of little value in managing the organization.
The second note refers to outsourcing processes although it is difficult to imagine that management activities, product realization or measurement would be outsourced in its entirety. It is likely that market research; design, product verification, equipment calibration and other specialized services may be outsourced. While outsourcing comes under purchasing, it is correct to point out that the organization should control any outsourced processes. The supplier of the process is usually referred to as a subcontractor because they provide services to the organization’s requirements not their own. Control of subcontractors is covered by clause 7.4 but in meeting clause 7.4.3, you need to treat suppliers and subcontractors differently.
Process management is therefore much more than managing activities and therefore when describing processes, one needs more than a flow chart of activities. The chart is a diagrammatical representation of a process but only one aspect. One can also add numerical data to the charts to indicate resources, cycle times, delays, costs etc. but the intangible factors of the human environment cannot be reduced to numerical data to add to the charts.
The notes to clause 4.1 of ISO 9001 need some explanation. It is stated that the processes needed for the management system include management activities, provision of resources, product realization and measurement. This note could cause confusion because it suggests that these are the processes that are needed for the management system. It would be unwise to use this as the model and far better to identify the processes from observing how the business operates. The term provision of resources should be Resource Management, which is thecollection of processes covering financial, human and physical resources.
Product realization is also a collection of processes such as design, production, service delivery, etc. Measurement is not a single process but a sub-process within each process. Grouping all the measurement processes together serves no useful purpose except it matches the standard – a purpose of little value in managing the organization.
The second note refers to outsourcing processes although it is difficult to imagine that management activities, product realization or measurement would be outsourced in its entirety. It is likely that market research; design, product verification, equipment calibration and other specialized services may be outsourced. While outsourcing comes under purchasing, it is correct to point out that the organization should control any outsourced processes. The supplier of the process is usually referred to as a subcontractor because they provide services to the organization’s requirements not their own. Control of subcontractors is covered by clause 7.4 but in meeting clause 7.4.3, you need to treat suppliers and subcontractors differently.
ISO 9001 Quality Policy
On customers
We will listen to our customers, understand and balance their needs andexpectations with those of our suppliers, employees, investors and society andendeavour to give full satisfaction to all parties.
On leadership
We will establish and communicate our vision for the organization and throughour leadership exemplify core values to guide the behaviour of all to achieve ourvision.
On people
We will involve our people in the organization’s development, utilize theirknowledge and experience, recognize their contribution and provide an environ-ment in which they are motivated to realize their full potential.
On processes and systems
We will take a process approach towards the management of work and manage ourprocesses as a single system of interconnected processes that delivers all theorganization’s objectives.
On continual improvement
We will provide an environment in which every person is motivated tocontinually improve the efficiency and effectiveness of our products, processes andour management system.
On decisions
We will base our decisions on the logical and intuitive analysis of data collectedwhere possible from accurate measurements of product, process and systemcharacteristics.
On supplier relationships
We will develop alliances with our suppliers and work with them to jointlyimprove performance.
http://www.iso-consults.com
http://www.iso9001store.com
http://www.iso14000store.com
We will listen to our customers, understand and balance their needs andexpectations with those of our suppliers, employees, investors and society andendeavour to give full satisfaction to all parties.
On leadership
We will establish and communicate our vision for the organization and throughour leadership exemplify core values to guide the behaviour of all to achieve ourvision.
On people
We will involve our people in the organization’s development, utilize theirknowledge and experience, recognize their contribution and provide an environ-ment in which they are motivated to realize their full potential.
On processes and systems
We will take a process approach towards the management of work and manage ourprocesses as a single system of interconnected processes that delivers all theorganization’s objectives.
On continual improvement
We will provide an environment in which every person is motivated tocontinually improve the efficiency and effectiveness of our products, processes andour management system.
On decisions
We will base our decisions on the logical and intuitive analysis of data collectedwhere possible from accurate measurements of product, process and systemcharacteristics.
On supplier relationships
We will develop alliances with our suppliers and work with them to jointlyimprove performance.
http://www.iso-consults.com
http://www.iso9001store.com
http://www.iso14000store.com
ISO 9001:2008 Quality Management System Standard
ISO 9001:2008 is the world most successful standard addressing best practice in the application of quality management systems.
The standard is based around the principles of customer satisfaction, continual improvement and the development of a process based quality management system. Although not referenced in the standard itself the ISO 9001:2008 document is underpinned by eight key quality management principles;
a customer focused organisation
leadership
the involvement of people
ensuring a process approach
a systematic approach to management
a factual approach to decision making
mutually beneficial supplier relations
continuous improvement
ISO 9001:2008 has been written to ensure that its guiding principles are equally relevant to all sectors of industry and to all types of organisation. Although containing requirements to control the key processes within an organisation, it only requires six documented procedures. The standard emphasises the need for an organisation to continually monitor their own processes and systems, with many clauses making reference to self monitoring or measurement or both. This emphasis aims for an integrated approach to business processes. Instead of operating to a business plan on one hand and a quality management system on the other, the standard aims to integrate both of these functions into one system.
What is a quality management system?ISO 9001:2008 is a standard that specifies criteria for a quality management system (QMS). A QMS incorporates those elements of an organisations management system that direct and control it with regard to quality. Such a system will need to be supported by top management who will need to be able to demonstrate management commitment.
How do you demonstrate management commitment?Management commitment is one of the cornerstones of ISO 9001:2008, requiring top management to develop and improve the QMS throughout the organisation. This commitment can be demonstrated by a number of methods including creating a quality policy, conducting management reviews and establishing quality objectives.
What is a quality policy?ISO 9001:2008 specifies that an organisation must have a quality policy that documents the organisations overall intentions and direction related to quality as formally expressed by top management. Such a policy will include a commitment to comply with ISO 9001:2008, to continuously improve the QMS and to set and monitor measurable quality objectives.
What are quality objectives?The quality objectives are those targets sought or aimed for by the organisation that are related to quality. These quality objectives must be SMART (suitable, measurable, achievable, reviewed and timely). Examples of quality objectives might be; to reduce machine down time by 20% or to reduce rework costs by ?00 p/m. Whatever quality objectives are chosen they must be meaningful and adequately resourced by the organisation.
What is a management review?A management review is a key element of how the top management of an organisation can assess its performance in terms of the objectives it sets itself, the requirements set by the standard and how its systems are operating. Normally, a management review is a regular meeting of the top management team and uses the information that the organisation? systems have derived. It is a useful forum to review and revise quality objectives.
What are internal audits and why do I need to carry them out?Internal audit is one of the key monitoring processes required by the standard and functions as a check on the organisation? systems. It is the opportunity for an organisation to determine compliance to the systems it has established and maintained to meet the needs of its customers and identify opportunities for improvement. Internal audit can be seen as a ealth check?for an organisation.
The ore?of ISO 9001:2008, Product realisationClause 7 of ISO 9001:2008 contains the core processes that most organisations carry out. Any clause or sub-clause in section 7 can be excluded from an organisations quality management system if it can be justifiably excluded. Examples of common exclusions are clause 7.3 design and development, clause 7.5.3 traceability and clause 7.6 the control of monitoring and measuring devices. Clauses can only be excluded if their exclusion does not affect the company? ability to provide a product or service that meets customer requirements.
These core processes should be managed and controlled via the quality management system, and are evaluated for effectiveness and suitability by the internal audits with feed back into the management review.
This is a clear demonstration of one of the key principles of ISO 9001:2008, continuous improvement by critical self-evaluation. The output from the self-evaluation is fed into a planning stage to determine actions needed to improve the system. Following the planning and consultation comes the action phase where the proposed changes are implemented. Then the cycle starts again by checking that the changes are effective and meaningful by self-evaluation.
Other requirements of section 7 are;Product planning to ascertain and then implement the necessary controls and resources to ensure product realisation.
Purchasing control to verify purchased product against comprehensive purchasing information and the selection and evaluation of suppliers.
Production and service provision to ensure that this activity is carried out in controlled conditions and that any processes that cannot be verified during production are validated to ensure capability. Where appropriate the product must be identified, and if required, traceable at all stages of production. Any customer property must be identified and protected from harm and all products must be stored and handled in such a way to preserve product conformity.
Any monitoring and measuring devices needed to provide evidence of product conformity must be identified and if necessary calibrated.
But what about the customer? All of the clauses in ISO 9001:2008 are in some way focused towards meeting and exceeding the customer? expectations. For example the requirement of management to determine and communicate the importance of customer requirements throughout the organisation, and the review of customer orders to ensure that they can be met. Companies are required to implement methods for effective communication with the client at all stages of the business including ascertaining customer satisfaction after the product or service has been delivered as well as resolving customer complaints.
Finally?ISO 9001:2008 is widely acclaimed as being the pre-eminent specification for quality management systems, it requires a company to look at itself and ask the question, ‘how can we improve?’ An ISO 9001:2008 management system should be an essential part of any business process, requiring continual improvement by self-evaluation with a goal of ensuring that current and future customer expectation can be met and exceeded.
If you have any queries concerning ISO 9001:2008 please visit http://www.iso-consults.com/
The standard is based around the principles of customer satisfaction, continual improvement and the development of a process based quality management system. Although not referenced in the standard itself the ISO 9001:2008 document is underpinned by eight key quality management principles;
a customer focused organisation
leadership
the involvement of people
ensuring a process approach
a systematic approach to management
a factual approach to decision making
mutually beneficial supplier relations
continuous improvement
ISO 9001:2008 has been written to ensure that its guiding principles are equally relevant to all sectors of industry and to all types of organisation. Although containing requirements to control the key processes within an organisation, it only requires six documented procedures. The standard emphasises the need for an organisation to continually monitor their own processes and systems, with many clauses making reference to self monitoring or measurement or both. This emphasis aims for an integrated approach to business processes. Instead of operating to a business plan on one hand and a quality management system on the other, the standard aims to integrate both of these functions into one system.
What is a quality management system?ISO 9001:2008 is a standard that specifies criteria for a quality management system (QMS). A QMS incorporates those elements of an organisations management system that direct and control it with regard to quality. Such a system will need to be supported by top management who will need to be able to demonstrate management commitment.
How do you demonstrate management commitment?Management commitment is one of the cornerstones of ISO 9001:2008, requiring top management to develop and improve the QMS throughout the organisation. This commitment can be demonstrated by a number of methods including creating a quality policy, conducting management reviews and establishing quality objectives.
What is a quality policy?ISO 9001:2008 specifies that an organisation must have a quality policy that documents the organisations overall intentions and direction related to quality as formally expressed by top management. Such a policy will include a commitment to comply with ISO 9001:2008, to continuously improve the QMS and to set and monitor measurable quality objectives.
What are quality objectives?The quality objectives are those targets sought or aimed for by the organisation that are related to quality. These quality objectives must be SMART (suitable, measurable, achievable, reviewed and timely). Examples of quality objectives might be; to reduce machine down time by 20% or to reduce rework costs by ?00 p/m. Whatever quality objectives are chosen they must be meaningful and adequately resourced by the organisation.
What is a management review?A management review is a key element of how the top management of an organisation can assess its performance in terms of the objectives it sets itself, the requirements set by the standard and how its systems are operating. Normally, a management review is a regular meeting of the top management team and uses the information that the organisation? systems have derived. It is a useful forum to review and revise quality objectives.
What are internal audits and why do I need to carry them out?Internal audit is one of the key monitoring processes required by the standard and functions as a check on the organisation? systems. It is the opportunity for an organisation to determine compliance to the systems it has established and maintained to meet the needs of its customers and identify opportunities for improvement. Internal audit can be seen as a ealth check?for an organisation.
The ore?of ISO 9001:2008, Product realisationClause 7 of ISO 9001:2008 contains the core processes that most organisations carry out. Any clause or sub-clause in section 7 can be excluded from an organisations quality management system if it can be justifiably excluded. Examples of common exclusions are clause 7.3 design and development, clause 7.5.3 traceability and clause 7.6 the control of monitoring and measuring devices. Clauses can only be excluded if their exclusion does not affect the company? ability to provide a product or service that meets customer requirements.
These core processes should be managed and controlled via the quality management system, and are evaluated for effectiveness and suitability by the internal audits with feed back into the management review.
This is a clear demonstration of one of the key principles of ISO 9001:2008, continuous improvement by critical self-evaluation. The output from the self-evaluation is fed into a planning stage to determine actions needed to improve the system. Following the planning and consultation comes the action phase where the proposed changes are implemented. Then the cycle starts again by checking that the changes are effective and meaningful by self-evaluation.
Other requirements of section 7 are;Product planning to ascertain and then implement the necessary controls and resources to ensure product realisation.
Purchasing control to verify purchased product against comprehensive purchasing information and the selection and evaluation of suppliers.
Production and service provision to ensure that this activity is carried out in controlled conditions and that any processes that cannot be verified during production are validated to ensure capability. Where appropriate the product must be identified, and if required, traceable at all stages of production. Any customer property must be identified and protected from harm and all products must be stored and handled in such a way to preserve product conformity.
Any monitoring and measuring devices needed to provide evidence of product conformity must be identified and if necessary calibrated.
But what about the customer? All of the clauses in ISO 9001:2008 are in some way focused towards meeting and exceeding the customer? expectations. For example the requirement of management to determine and communicate the importance of customer requirements throughout the organisation, and the review of customer orders to ensure that they can be met. Companies are required to implement methods for effective communication with the client at all stages of the business including ascertaining customer satisfaction after the product or service has been delivered as well as resolving customer complaints.
Finally?ISO 9001:2008 is widely acclaimed as being the pre-eminent specification for quality management systems, it requires a company to look at itself and ask the question, ‘how can we improve?’ An ISO 9001:2008 management system should be an essential part of any business process, requiring continual improvement by self-evaluation with a goal of ensuring that current and future customer expectation can be met and exceeded.
If you have any queries concerning ISO 9001:2008 please visit http://www.iso-consults.com/
Monday, September 14, 2009
Useful Aids to Implement ISO 9001 Standards
Useful Aids To Implement ISO 9001 Standards
Many companies implement ISO 9001 without using all the available tools. As a result, some companies may not fully optimize their implementation. This issue could be manifested as confusion over terms, misunderstanding about requirements, and perplexity concerning intention.ISO, the International Organization for Standardization, based in Geneva Switzerland issues thousands of standards, but we limit our scope to ISO 9001:2008 and its immediate “family”.This includes ISO 9000:2005 and ISO 9004:20002. ISO 9001 is a general industry standard for quality management, but ISO also issues industry specific standards. Many of these standards, such as ISO 13485 for medical devices, are based on ISO 9001 and can also utilize these available tools.
In addition to the information discussed below, ISO also issues standards related to specific activities that may arises in a quality management system. The following lists these supporting documents.
Automotive ISO/TS 16949:2002Education IWA 2:2007Energy PC 242, ISO 50001Food safety ISO 22000:2005Information security ISO/IEC 27001:2005Health care IWA 1:2005Local government IWA 4:2005Medical devices ISO 13485:2003Petroleum and gas ISO 29001:2003Ship recycling ISO/PAS 30000:2008Supply chain security ISO 28000:2007
Many companies implement ISO 9001 without using all the available tools. As a result, some companies may not fully optimize their implementation. This issue could be manifested as confusion over terms, misunderstanding about requirements, and perplexity concerning intention.ISO, the International Organization for Standardization, based in Geneva Switzerland issues thousands of standards, but we limit our scope to ISO 9001:2008 and its immediate “family”.This includes ISO 9000:2005 and ISO 9004:20002. ISO 9001 is a general industry standard for quality management, but ISO also issues industry specific standards. Many of these standards, such as ISO 13485 for medical devices, are based on ISO 9001 and can also utilize these available tools.
In addition to the information discussed below, ISO also issues standards related to specific activities that may arises in a quality management system. The following lists these supporting documents.
Automotive ISO/TS 16949:2002Education IWA 2:2007Energy PC 242, ISO 50001Food safety ISO 22000:2005Information security ISO/IEC 27001:2005Health care IWA 1:2005Local government IWA 4:2005Medical devices ISO 13485:2003Petroleum and gas ISO 29001:2003Ship recycling ISO/PAS 30000:2008Supply chain security ISO 28000:2007
Process Approach In ISO 9001 Standards
Process Approach In ISO 9001 Standards
The process approach was introduced into ISO 9001 with the year 2000 version of the standards.Prior versions used an element approach. The document Guidance on the concept and use of the process approach for management systems describes to process approach and offers an implementation paradigm.1. Identification of processes of the organization1.1. Define the purpose of the organization1.2. Define the policies and objectives of the organization1.3. Determine the processes in the organization1.4. Determine the sequence of the processes1.5. Define process ownership1.6. Define process documentation2. Planning of a process2.1. Define the activities within the process2.2. Define the monitoring and measurement requirements2.3. Define the resources needed
2.4. Verify the process and its activities against its planned objectives3. Implementation and measurement of the process4. Analysis of the process5. Corrective action and improvement of the process ImplementationThis document explains the process used to evaluate changes to the 2008 version. In particular, it explains the revision process and illustrates the impact vs. benefit analysis used to evaluate potential changes.In addition to the guidance documents, ISO maintains a web site with “official interpretations” of ISO 9001. Currently, these interpretations only include ISO 9001:2000, but, because the changes to the 2008 version were limited, they are valuable.Consider a common question. An organization needs a documented procedure for preventive action (8.5.3), and must keep records of the results of preventive action (8.5.3.d). One of the interpretation requests asks, “Does sub-clause 8.5.3 a) require organizations to demonstrate, with objective evidence in the form of records, that they have undertaken actions to determine the existence of ‘potential nonconformities and their causes’?” The answer is “No”.Auditing PracticesThe ISO 9001 Auditing Practices Group maintains a website9 with guidance and information on auditing ISO 9001 quality management systems. It is an informal group of quality management system (QMS) experts, auditors, and practitioners drawn from the ISO Technical Committee 176 Quality Management and Quality Assurance (ISO/TC 176) and the International Accreditation Forum (IAF).The website, primarily aimed at QMS auditors, consultants, and quality practitioners, is an online source of papers and presentations on auditing a QMS and reflect the process based approach.The website contains almost forty guidance documents with practical advice ranging from “How to audit top management processes” to “The role and value of the audit checklist”.
The process approach was introduced into ISO 9001 with the year 2000 version of the standards.Prior versions used an element approach. The document Guidance on the concept and use of the process approach for management systems describes to process approach and offers an implementation paradigm.1. Identification of processes of the organization1.1. Define the purpose of the organization1.2. Define the policies and objectives of the organization1.3. Determine the processes in the organization1.4. Determine the sequence of the processes1.5. Define process ownership1.6. Define process documentation2. Planning of a process2.1. Define the activities within the process2.2. Define the monitoring and measurement requirements2.3. Define the resources needed
2.4. Verify the process and its activities against its planned objectives3. Implementation and measurement of the process4. Analysis of the process5. Corrective action and improvement of the process ImplementationThis document explains the process used to evaluate changes to the 2008 version. In particular, it explains the revision process and illustrates the impact vs. benefit analysis used to evaluate potential changes.In addition to the guidance documents, ISO maintains a web site with “official interpretations” of ISO 9001. Currently, these interpretations only include ISO 9001:2000, but, because the changes to the 2008 version were limited, they are valuable.Consider a common question. An organization needs a documented procedure for preventive action (8.5.3), and must keep records of the results of preventive action (8.5.3.d). One of the interpretation requests asks, “Does sub-clause 8.5.3 a) require organizations to demonstrate, with objective evidence in the form of records, that they have undertaken actions to determine the existence of ‘potential nonconformities and their causes’?” The answer is “No”.Auditing PracticesThe ISO 9001 Auditing Practices Group maintains a website9 with guidance and information on auditing ISO 9001 quality management systems. It is an informal group of quality management system (QMS) experts, auditors, and practitioners drawn from the ISO Technical Committee 176 Quality Management and Quality Assurance (ISO/TC 176) and the International Accreditation Forum (IAF).The website, primarily aimed at QMS auditors, consultants, and quality practitioners, is an online source of papers and presentations on auditing a QMS and reflect the process based approach.The website contains almost forty guidance documents with practical advice ranging from “How to audit top management processes” to “The role and value of the audit checklist”.
Why Deploy Six Sigma?
Why Deploy Six Sigma in your organization?
Here are some reasons why we should be using Six Sigma to make process improvements:
a) It is a structured approach – if we follow the process, people will not forget any important steps along the way before they implement the solution.
b) It helps quantify the benefits and thus make it easier to sell the improvements to senior managers in the company.
c) It uses facts & data and the rigor of statistical testing to arrive at the right root cause instead of fixing symptoms or putting band-aids.
d) There is a greater likelihood of the solution being sustainable if we follow the Six Sigma process.
e) Six Sigma focuses of solving the right problems using the project selection matrix.
f) It has proven itself in a large number of deployments. Frankly, there is no better tool out there to make process improvements – especially when the root cause or the solution is not known.
Here are some reasons why we should be using Six Sigma to make process improvements:
a) It is a structured approach – if we follow the process, people will not forget any important steps along the way before they implement the solution.
b) It helps quantify the benefits and thus make it easier to sell the improvements to senior managers in the company.
c) It uses facts & data and the rigor of statistical testing to arrive at the right root cause instead of fixing symptoms or putting band-aids.
d) There is a greater likelihood of the solution being sustainable if we follow the Six Sigma process.
e) Six Sigma focuses of solving the right problems using the project selection matrix.
f) It has proven itself in a large number of deployments. Frankly, there is no better tool out there to make process improvements – especially when the root cause or the solution is not known.
Wednesday, September 9, 2009
Concept of quality – historical background
Concept Of Quality – Historical Background
The concept of quality as we think of it now first emerged out of the Industrial Revolution. Previously goods had been made from start to finish by the same person or team of people, with handcrafting and tweaking the product to meet ‘quality criteria’. Mass production brought huge teams of people together to work on specific stages of production where one person would not necessarily complete a product from start to finish. In the late 1800s pioneers such as Frederick Winslow Taylor and Henry Ford recognized the limitations of the methods being used in mass production at the time and the subsequent varying quality of output. Taylor established Quality Departments to oversee the quality of production and rectifying of errors, and Ford emphasized standardization of design and component standards to ensure a standard product was produced. Management of quality was the responsibility of the Quality department and was implemented by Inspection of product output to ‘catch’ defects. Application of statistical control came later as a result of World War production methods. Quality management systems are the outgrowth of work done by W. Edwards Deming, a statistician, after whom the Deming Prize for quality is named.
Quality, as a profession and the managerial process associated with the quality function, was introduced during the second-half of the 20th century, and has evolved since then. Over this period, few other disciplines have seen as many changes as the quality profession.
The quality profession grew from simple control, to engineering, to systems engineering. Quality control activities were predominant in the 1940s, 950s, and 1960s. The 1970s were an era of quality engineering and the 1990s saw quality systems as an emerging field. Like medicine, accounting, and engineering, quality has achieved status as a recognized profession.
The concept of quality as we think of it now first emerged out of the Industrial Revolution. Previously goods had been made from start to finish by the same person or team of people, with handcrafting and tweaking the product to meet ‘quality criteria’. Mass production brought huge teams of people together to work on specific stages of production where one person would not necessarily complete a product from start to finish. In the late 1800s pioneers such as Frederick Winslow Taylor and Henry Ford recognized the limitations of the methods being used in mass production at the time and the subsequent varying quality of output. Taylor established Quality Departments to oversee the quality of production and rectifying of errors, and Ford emphasized standardization of design and component standards to ensure a standard product was produced. Management of quality was the responsibility of the Quality department and was implemented by Inspection of product output to ‘catch’ defects. Application of statistical control came later as a result of World War production methods. Quality management systems are the outgrowth of work done by W. Edwards Deming, a statistician, after whom the Deming Prize for quality is named.
Quality, as a profession and the managerial process associated with the quality function, was introduced during the second-half of the 20th century, and has evolved since then. Over this period, few other disciplines have seen as many changes as the quality profession.
The quality profession grew from simple control, to engineering, to systems engineering. Quality control activities were predominant in the 1940s, 950s, and 1960s. The 1970s were an era of quality engineering and the 1990s saw quality systems as an emerging field. Like medicine, accounting, and engineering, quality has achieved status as a recognized profession.
Five Steps to Implementing ISO 14001:2004
ISO 14001 provides a logical, common-sense approach for
businesses to adopt. To start it is recommended to carry out an
environmental review of the business and the Annex to the Standard
provides guidance on the approach required. The Standard then
requires a management system to be developed that addresses the
key environmental issues that were identified by the review as being
relevant to the business, through a rational programme of control and
continual improvement.
There are five key steps to ISO 14001 EMS implementation, and
subsequent operation which are clearly laid out in just three pages of
text.
The five key steps are:
1. Environmental Policy
2. Planning
3. Implementation and Operation
4. Checking and Corrective Action
5. Management Review
Step 1. Environmental Policy
The company or organisation must write an environmental policy
statement which is relevant to the business activities and approved by
top management. Their full commitment is essential if environmental
management is to work. The ISO 14001 Standard clearly sets out
what to cover in the policy. Often a one page document is sufficient.
Produce a first issue and expect to amend it several times before
assessment and registration as knowledge grows in the company.
Step 2. Planning
Plan what the EMS is to address.
Environmental aspects
First make lists of the environmental aspects (issues) that are relevant
to the business. The environmental review mentioned earlier should
provide most of this information and the Annex to ISO 14001 provides
guidance on the format for doing this.
Consider the inputs, outputs and processes/activities of the business in
relation to;
a) emissions to air
b) releases to water
c) waste management
d) contamination of land
e) use of raw materials and natural resources
f) other local environmental and community issues
Consider both site (direct) and offsite (ie. indirect) aspects that you
control or have influence over (such as suppliers) and in relation to
normal operations, shut-down and start-up conditions and reasonably
foreseeable and emergencies situations.
A simple written procedure is then required to determine which of the
aspects identified are really or probably significant (important) and
training needs, outline the key stages of the project and dates that will
lead to the target achievement).
Gradually apply environmental management programme thinking to
such things as the introduction of new products, new or improved
processes and other key activities of the business. In particular,
ensure existing projects become environmental management projects
where there is a significant environmental impact involved, so that the
EMS becomes company wide. This is a frequent oversight found
during ISO 14001 assessments. The EMS must cover the whole
business – like a net thrown over the whole business and for example
including such things as engineering and maintenance
Step 3. Implementation and Operation
Structure and responsibility
Appoint one or more people, depending on the size of the business, to
have authority and responsibility for implementing and maintaining the
EMS and provide sufficient resources. (It’s worth monitoring costs
carefully and benchmarking these against key consumption figures so
that improvements delivered by the EMS become apparent).
Training, awareness and competence
Implement a procedure to provide environmental training appropriate
to identified needs for management, the general workforce, project
teams and key plant operators. This can have far reaching benefits
on employee motivation. The workforce is usually very supportive of
moves to achieve genuine environmental improvement. Every
company has its share of cynics but even some of these can be won
over with time. Training will vary from a general briefing for the
workforce to detailed environmental auditor training.
Communication
Implement procedures to establish a system of internal and external
communication to receive environmental information and respond to it
and to circulate new information to people that need to know. This will
include: new legislation, information from suppliers, customers and
neighbours and communications both with employees and for
employees about progress with the EMS. This process can often
generate worthwhile ideas from employees themselves for future
environmental improvements.
Environmental management system documentation
The EMS itself needs to be documented with a manual, procedures
and work instructions but keep it brief and simple. The Standard
clearly states where procedures are required. Eleven system
procedures are required to maintain the EMS, plus operating work
instructions but if you already have ISO 9000, this will cover most of six
of the procedures required and a quality system can certainly be
expanded to cover ISO 14001 as well. Cross reference the EMS
manual to other environmental and quality documents to link the EMS
and to integrate it with existing business practices.
Operational control
Implement additional operating procedures (work instructions) to
control the identified significant (important) aspects of production
processes and other activities. Some of these will already exist but
may need a ‘bit of polish’. Don’t forget significant aspects that relate to
goods and services from suppliers and contractors.
Emergency preparedness and response
Implement procedures to address reasonably foreseeable
emergencies and to minimise their impact should they occur. (eg. Fire,
major spillages of hazardous materials, explosion risks etc.)
Step 4. Checking and Corrective Action
Monitoring and measurement
Implement procedures to monitor and measure the progress of
projects against the targets which have been set, the performance of
processes against the written criteria using calibrated equipment (verify
monitoring records) and regularly check (audit) the company’s
compliance with legislation that has been identified as relevant to your
business. The most effective way of doing this is through regular
progress meetings.
Nonconformance and corrective and preventive action
Implement procedures to enable appropriate corrective and
subsequent preventive action to be taken where breaches of the EMS
occur (eg. process control problems, delays in project process, noncompliance
with legislation, incidents etc.).
Records
Implement procedures to keep records generated by the
environmental management system. The Annex to the Standard
suggests those that are likely to be required.
Environmental management system audit
Implement a procedure to carry out audits of each part of the EMS and
company activities and operations to verify both compliance with the
EMS and with ISO 14001. Audit results must be reported to top
management . A typical audit cycle is one year but more critical
activities will require auditing more frequently.
Step 5. Management Review
At regular intervals (typically annual), top management must conduct
through meetings and record minutes of a review of the EMS, to
determine that it is still appropriate and effective or to make changes
where necessary. Top management will need to consider audit
results, project progress, changing circumstances and the requirement
of ISO 14001 for continual improvement, through setting and achieving
further environmental targets.
businesses to adopt. To start it is recommended to carry out an
environmental review of the business and the Annex to the Standard
provides guidance on the approach required. The Standard then
requires a management system to be developed that addresses the
key environmental issues that were identified by the review as being
relevant to the business, through a rational programme of control and
continual improvement.
There are five key steps to ISO 14001 EMS implementation, and
subsequent operation which are clearly laid out in just three pages of
text.
The five key steps are:
1. Environmental Policy
2. Planning
3. Implementation and Operation
4. Checking and Corrective Action
5. Management Review
Step 1. Environmental Policy
The company or organisation must write an environmental policy
statement which is relevant to the business activities and approved by
top management. Their full commitment is essential if environmental
management is to work. The ISO 14001 Standard clearly sets out
what to cover in the policy. Often a one page document is sufficient.
Produce a first issue and expect to amend it several times before
assessment and registration as knowledge grows in the company.
Step 2. Planning
Plan what the EMS is to address.
Environmental aspects
First make lists of the environmental aspects (issues) that are relevant
to the business. The environmental review mentioned earlier should
provide most of this information and the Annex to ISO 14001 provides
guidance on the format for doing this.
Consider the inputs, outputs and processes/activities of the business in
relation to;
a) emissions to air
b) releases to water
c) waste management
d) contamination of land
e) use of raw materials and natural resources
f) other local environmental and community issues
Consider both site (direct) and offsite (ie. indirect) aspects that you
control or have influence over (such as suppliers) and in relation to
normal operations, shut-down and start-up conditions and reasonably
foreseeable and emergencies situations.
A simple written procedure is then required to determine which of the
aspects identified are really or probably significant (important) and
training needs, outline the key stages of the project and dates that will
lead to the target achievement).
Gradually apply environmental management programme thinking to
such things as the introduction of new products, new or improved
processes and other key activities of the business. In particular,
ensure existing projects become environmental management projects
where there is a significant environmental impact involved, so that the
EMS becomes company wide. This is a frequent oversight found
during ISO 14001 assessments. The EMS must cover the whole
business – like a net thrown over the whole business and for example
including such things as engineering and maintenance
Step 3. Implementation and Operation
Structure and responsibility
Appoint one or more people, depending on the size of the business, to
have authority and responsibility for implementing and maintaining the
EMS and provide sufficient resources. (It’s worth monitoring costs
carefully and benchmarking these against key consumption figures so
that improvements delivered by the EMS become apparent).
Training, awareness and competence
Implement a procedure to provide environmental training appropriate
to identified needs for management, the general workforce, project
teams and key plant operators. This can have far reaching benefits
on employee motivation. The workforce is usually very supportive of
moves to achieve genuine environmental improvement. Every
company has its share of cynics but even some of these can be won
over with time. Training will vary from a general briefing for the
workforce to detailed environmental auditor training.
Communication
Implement procedures to establish a system of internal and external
communication to receive environmental information and respond to it
and to circulate new information to people that need to know. This will
include: new legislation, information from suppliers, customers and
neighbours and communications both with employees and for
employees about progress with the EMS. This process can often
generate worthwhile ideas from employees themselves for future
environmental improvements.
Environmental management system documentation
The EMS itself needs to be documented with a manual, procedures
and work instructions but keep it brief and simple. The Standard
clearly states where procedures are required. Eleven system
procedures are required to maintain the EMS, plus operating work
instructions but if you already have ISO 9000, this will cover most of six
of the procedures required and a quality system can certainly be
expanded to cover ISO 14001 as well. Cross reference the EMS
manual to other environmental and quality documents to link the EMS
and to integrate it with existing business practices.
Operational control
Implement additional operating procedures (work instructions) to
control the identified significant (important) aspects of production
processes and other activities. Some of these will already exist but
may need a ‘bit of polish’. Don’t forget significant aspects that relate to
goods and services from suppliers and contractors.
Emergency preparedness and response
Implement procedures to address reasonably foreseeable
emergencies and to minimise their impact should they occur. (eg. Fire,
major spillages of hazardous materials, explosion risks etc.)
Step 4. Checking and Corrective Action
Monitoring and measurement
Implement procedures to monitor and measure the progress of
projects against the targets which have been set, the performance of
processes against the written criteria using calibrated equipment (verify
monitoring records) and regularly check (audit) the company’s
compliance with legislation that has been identified as relevant to your
business. The most effective way of doing this is through regular
progress meetings.
Nonconformance and corrective and preventive action
Implement procedures to enable appropriate corrective and
subsequent preventive action to be taken where breaches of the EMS
occur (eg. process control problems, delays in project process, noncompliance
with legislation, incidents etc.).
Records
Implement procedures to keep records generated by the
environmental management system. The Annex to the Standard
suggests those that are likely to be required.
Environmental management system audit
Implement a procedure to carry out audits of each part of the EMS and
company activities and operations to verify both compliance with the
EMS and with ISO 14001. Audit results must be reported to top
management . A typical audit cycle is one year but more critical
activities will require auditing more frequently.
Step 5. Management Review
At regular intervals (typically annual), top management must conduct
through meetings and record minutes of a review of the EMS, to
determine that it is still appropriate and effective or to make changes
where necessary. Top management will need to consider audit
results, project progress, changing circumstances and the requirement
of ISO 14001 for continual improvement, through setting and achieving
further environmental targets.
Sunday, September 6, 2009
ISO 9000 Standards
ISO 9000 Standards
ISO 9000 is a written set of rules (a “Standard”) published by an internationalstandards writing body (International Organization for Standardization. The rules define practices that are universally recognized and accepted for assuring that organizations consistently understand and meet the needs of their customers.ISO 9000 is also highly generic. Its principles can be applied to any organization providing any product or service anywhere in the world.Since meeting customer needs is one of the (many) definitions of quality, ISO 9000 is often called a quality system or a quality management system. But the rules, referred to as requirements, go beyond quality matters as they are traditionally understood. The requirements fall roughly into the following types:
a. Requirements that help assure that the organization’s output (whether product, service, or both) meets customer specifications. (Making, and keeping, them happy.)
b. Requirements that assure that the quality system is consistently implemented and verifiable. (We must actually do what we say we are supposed to do. This must be verifiable via independent, objectiveaudit.)
c. Requirements for practices that measure the effectiveness of variousaspects of the system. (In God we trust; all others bring data.)
d. Requirements that support continuous improvement of the company’sability to meet customer needs. (We cannot sit still. We must strive to get better all the time, because customers change, and competitors gain strength.)
Nothing in ISO 9000 is new. The first edition, published by ISO in 1987, was drawn almost word for word from a British quality system standard. It in turn evolved from a long succession of written quality system specifications that had their ultimate origin in the defense and arms industries. Most of the practices required by ISO 9000 have been in use in industries of various kinds for decades. One intent of ISO 9000 is to simplify things for organizations. ISO 9000 strives to harmonize the sometimes conflicting, sometimes redundant quality programs that have traditionally been imposed by major corporations on their suppliers. (Note, however, that ISO 9000 is not meant to supersede customer, legal, or regulatory requirements.)
Very often, major customers require or strongly “suggest” that their suppliers implement ISO 9000 systems. Equally often, such customers require independent verification that suppliers are meeting the equirements.
So third-party registration bodies audit suppliers, confirm compliance to the ISO 9000 standard, and register the suppliers. It does not stop there. To stay registered, suppliers must undergo periodic (often semi-annual) surveillance audits, also carried out by their registration body.
Implementing an ISO 9000 quality system is neither cheap, nor easy. How costly and difficult it can be depends on:
a. The level of commitment of senior management. (The single most important factor.)
b. Where you are when you start. If you have already implemented a disciplined, documented quality system, you will have a less difficult time migrating to ISO 9000. (But that does not mean you will waltz to registration, either.)
c. Whether your company (or any part of it) is “design responsible” or not.
d. How much time you have. If you are under the customer’s gun and have merely months to get the job done, the process will be highly stressful.
e. The physical size and configuration of your company.
The bottom line is this. ISO 9000 is a comprehensive set of rules—a business system, really—that can cause the way your organization runs to profoundly change, almost always for the better. Yet, because it is often customer-mandated, many suppliers regard ISO 9000 as “just another hoop to jump through to keep our customers happy.”
They see their choice as swallow hard, pony up, and jump through the hoops; or walk away from the customer. What many do not fully appreciate is that implementing ISO 9000—expensive, exhausting, and annoying as it can be—can also have the salutary effect of improving the performance of your organization. Not just at first, but on an ongoing basis.
ISO 9000 is a written set of rules (a “Standard”) published by an internationalstandards writing body (International Organization for Standardization. The rules define practices that are universally recognized and accepted for assuring that organizations consistently understand and meet the needs of their customers.ISO 9000 is also highly generic. Its principles can be applied to any organization providing any product or service anywhere in the world.Since meeting customer needs is one of the (many) definitions of quality, ISO 9000 is often called a quality system or a quality management system. But the rules, referred to as requirements, go beyond quality matters as they are traditionally understood. The requirements fall roughly into the following types:
a. Requirements that help assure that the organization’s output (whether product, service, or both) meets customer specifications. (Making, and keeping, them happy.)
b. Requirements that assure that the quality system is consistently implemented and verifiable. (We must actually do what we say we are supposed to do. This must be verifiable via independent, objectiveaudit.)
c. Requirements for practices that measure the effectiveness of variousaspects of the system. (In God we trust; all others bring data.)
d. Requirements that support continuous improvement of the company’sability to meet customer needs. (We cannot sit still. We must strive to get better all the time, because customers change, and competitors gain strength.)
Nothing in ISO 9000 is new. The first edition, published by ISO in 1987, was drawn almost word for word from a British quality system standard. It in turn evolved from a long succession of written quality system specifications that had their ultimate origin in the defense and arms industries. Most of the practices required by ISO 9000 have been in use in industries of various kinds for decades. One intent of ISO 9000 is to simplify things for organizations. ISO 9000 strives to harmonize the sometimes conflicting, sometimes redundant quality programs that have traditionally been imposed by major corporations on their suppliers. (Note, however, that ISO 9000 is not meant to supersede customer, legal, or regulatory requirements.)
Very often, major customers require or strongly “suggest” that their suppliers implement ISO 9000 systems. Equally often, such customers require independent verification that suppliers are meeting the equirements.
So third-party registration bodies audit suppliers, confirm compliance to the ISO 9000 standard, and register the suppliers. It does not stop there. To stay registered, suppliers must undergo periodic (often semi-annual) surveillance audits, also carried out by their registration body.
Implementing an ISO 9000 quality system is neither cheap, nor easy. How costly and difficult it can be depends on:
a. The level of commitment of senior management. (The single most important factor.)
b. Where you are when you start. If you have already implemented a disciplined, documented quality system, you will have a less difficult time migrating to ISO 9000. (But that does not mean you will waltz to registration, either.)
c. Whether your company (or any part of it) is “design responsible” or not.
d. How much time you have. If you are under the customer’s gun and have merely months to get the job done, the process will be highly stressful.
e. The physical size and configuration of your company.
The bottom line is this. ISO 9000 is a comprehensive set of rules—a business system, really—that can cause the way your organization runs to profoundly change, almost always for the better. Yet, because it is often customer-mandated, many suppliers regard ISO 9000 as “just another hoop to jump through to keep our customers happy.”
They see their choice as swallow hard, pony up, and jump through the hoops; or walk away from the customer. What many do not fully appreciate is that implementing ISO 9000—expensive, exhausting, and annoying as it can be—can also have the salutary effect of improving the performance of your organization. Not just at first, but on an ongoing basis.
What is a quality systems registrar
What is a quality systems registrar
A registrar, or registration body (the preferred term), is sometimes called a certification body. (Accreditation bodies are entirely different—they are the entities that audit/approve registration bodies.)
There are some 573 registration bodies in operation worldwide, including52 in the United States.
The registrar is the organization that checks your quality system and confirms that it meets ISO 9000 requirements for a prescribed and agreed period of time.
To do this, the registrar:a. Audits your organization’s quality system to determine the degree of conformity to ISO 9000 standards. The audit is carried out:— On paper (desktop study).— On site (throughout your facility).b. Registers your quality system, assuming it conforms, to ISO 9000.c. Monitors conformity on an ongoing basis by means of regular reauditsand other methods.All quality system registrars perform these functions, with certainvariations. Registrars differ in two principal ways:a. Accreditation status.b. Scope of accreditation
Reputable ISO 9000 registrars are accredited by international accreditationbodies. These enforce a standard, EN 45012 (European Standard for Bodies Certificating Suppliers’ Quality Systems), that governs the processes that registrars follow. This standard is quite strict:a. Registrars must make their services available to all qualified supplierswithout imposing undue financial or other conditions, andmust administer their regulations in a nondiscriminatory manner.b. The registrar’s organization must not engage in activities that mayaffect its impartiality. For example:— It must not provide consulting services “on matters to whichits certificates are related” (i.e., quality systems). This requirement is superseded by the ISO 9000 restriction noted earlier.— It must not directly engage in commerce with firms that it hasassessed and/or registered.— Individuals involved in the registration process must not haveprovided consulting services to registration clients, or any relatedfirms, within the previous two years.— Its employees and agents must not engage in business activitiesthat would cause others to question the firm’s impartiality.— The registrar may not market consultancy and registrationservices together, and may not recommend consulting servicesto clients.— Auditors may not give advice as part of registration audits.— The registrar must provide the accreditation body with documentationof its employees’ qualifications.— The registrar must have appropriate facilities for carrying outits activities.— The registrar must have a quality manual and documentedprocedures. (Curiously, EN 45012 does not require that registrarsregister to ISO 9000!)— Registrars may not grant or renew certificates of registration until all major noncompliances are eliminated.
Another point of differentiation is scope of accreditation. All registrarsare not accredited, or approved, to register firms in any line of business. Each registrar is accredited to operate within the business or industrial sectors about which it has documented expertise. This is generically referred to as the registrar’s scope.
A registrar, or registration body (the preferred term), is sometimes called a certification body. (Accreditation bodies are entirely different—they are the entities that audit/approve registration bodies.)
There are some 573 registration bodies in operation worldwide, including52 in the United States.
The registrar is the organization that checks your quality system and confirms that it meets ISO 9000 requirements for a prescribed and agreed period of time.
To do this, the registrar:a. Audits your organization’s quality system to determine the degree of conformity to ISO 9000 standards. The audit is carried out:— On paper (desktop study).— On site (throughout your facility).b. Registers your quality system, assuming it conforms, to ISO 9000.c. Monitors conformity on an ongoing basis by means of regular reauditsand other methods.All quality system registrars perform these functions, with certainvariations. Registrars differ in two principal ways:a. Accreditation status.b. Scope of accreditation
Reputable ISO 9000 registrars are accredited by international accreditationbodies. These enforce a standard, EN 45012 (European Standard for Bodies Certificating Suppliers’ Quality Systems), that governs the processes that registrars follow. This standard is quite strict:a. Registrars must make their services available to all qualified supplierswithout imposing undue financial or other conditions, andmust administer their regulations in a nondiscriminatory manner.b. The registrar’s organization must not engage in activities that mayaffect its impartiality. For example:— It must not provide consulting services “on matters to whichits certificates are related” (i.e., quality systems). This requirement is superseded by the ISO 9000 restriction noted earlier.— It must not directly engage in commerce with firms that it hasassessed and/or registered.— Individuals involved in the registration process must not haveprovided consulting services to registration clients, or any relatedfirms, within the previous two years.— Its employees and agents must not engage in business activitiesthat would cause others to question the firm’s impartiality.— The registrar may not market consultancy and registrationservices together, and may not recommend consulting servicesto clients.— Auditors may not give advice as part of registration audits.— The registrar must provide the accreditation body with documentationof its employees’ qualifications.— The registrar must have appropriate facilities for carrying outits activities.— The registrar must have a quality manual and documentedprocedures. (Curiously, EN 45012 does not require that registrarsregister to ISO 9000!)— Registrars may not grant or renew certificates of registration until all major noncompliances are eliminated.
Another point of differentiation is scope of accreditation. All registrarsare not accredited, or approved, to register firms in any line of business. Each registrar is accredited to operate within the business or industrial sectors about which it has documented expertise. This is generically referred to as the registrar’s scope.
What is a quality systems registrar
What is a quality systems registrar
A registrar, or registration body (the preferred term), is sometimes called a certification body. (Accreditation bodies are entirely different—they are the entities that audit/approve registration bodies.)
There are some 573 registration bodies in operation worldwide, including52 in the United States.
The registrar is the organization that checks your quality system and confirms that it meets ISO 9000 requirements for a prescribed and agreed period of time.
To do this, the registrar:a. Audits your organization’s quality system to determine the degree of conformity to ISO 9000 standards. The audit is carried out:— On paper (desktop study).— On site (throughout your facility).b. Registers your quality system, assuming it conforms, to ISO 9000.c. Monitors conformity on an ongoing basis by means of regular reauditsand other methods.All quality system registrars perform these functions, with certainvariations. Registrars differ in two principal ways:a. Accreditation status.b. Scope of accreditation
Reputable ISO 9000 registrars are accredited by international accreditationbodies. These enforce a standard, EN 45012 (European Standard for Bodies Certificating Suppliers’ Quality Systems), that governs the processes that registrars follow. This standard is quite strict:a. Registrars must make their services available to all qualified supplierswithout imposing undue financial or other conditions, andmust administer their regulations in a nondiscriminatory manner.b. The registrar’s organization must not engage in activities that mayaffect its impartiality. For example:— It must not provide consulting services “on matters to whichits certificates are related” (i.e., quality systems). This requirement is superseded by the ISO 9000 restriction noted earlier.— It must not directly engage in commerce with firms that it hasassessed and/or registered.— Individuals involved in the registration process must not haveprovided consulting services to registration clients, or any relatedfirms, within the previous two years.— Its employees and agents must not engage in business activitiesthat would cause others to question the firm’s impartiality.— The registrar may not market consultancy and registrationservices together, and may not recommend consulting servicesto clients.— Auditors may not give advice as part of registration audits.— The registrar must provide the accreditation body with documentationof its employees’ qualifications.— The registrar must have appropriate facilities for carrying outits activities.— The registrar must have a quality manual and documentedprocedures. (Curiously, EN 45012 does not require that registrarsregister to ISO 9000!)— Registrars may not grant or renew certificates of registration until all major noncompliances are eliminated.
Another point of differentiation is scope of accreditation. All registrarsare not accredited, or approved, to register firms in any line of business. Each registrar is accredited to operate within the business or industrial sectors about which it has documented expertise. This is generically referred to as the registrar’s scope.
A registrar, or registration body (the preferred term), is sometimes called a certification body. (Accreditation bodies are entirely different—they are the entities that audit/approve registration bodies.)
There are some 573 registration bodies in operation worldwide, including52 in the United States.
The registrar is the organization that checks your quality system and confirms that it meets ISO 9000 requirements for a prescribed and agreed period of time.
To do this, the registrar:a. Audits your organization’s quality system to determine the degree of conformity to ISO 9000 standards. The audit is carried out:— On paper (desktop study).— On site (throughout your facility).b. Registers your quality system, assuming it conforms, to ISO 9000.c. Monitors conformity on an ongoing basis by means of regular reauditsand other methods.All quality system registrars perform these functions, with certainvariations. Registrars differ in two principal ways:a. Accreditation status.b. Scope of accreditation
Reputable ISO 9000 registrars are accredited by international accreditationbodies. These enforce a standard, EN 45012 (European Standard for Bodies Certificating Suppliers’ Quality Systems), that governs the processes that registrars follow. This standard is quite strict:a. Registrars must make their services available to all qualified supplierswithout imposing undue financial or other conditions, andmust administer their regulations in a nondiscriminatory manner.b. The registrar’s organization must not engage in activities that mayaffect its impartiality. For example:— It must not provide consulting services “on matters to whichits certificates are related” (i.e., quality systems). This requirement is superseded by the ISO 9000 restriction noted earlier.— It must not directly engage in commerce with firms that it hasassessed and/or registered.— Individuals involved in the registration process must not haveprovided consulting services to registration clients, or any relatedfirms, within the previous two years.— Its employees and agents must not engage in business activitiesthat would cause others to question the firm’s impartiality.— The registrar may not market consultancy and registrationservices together, and may not recommend consulting servicesto clients.— Auditors may not give advice as part of registration audits.— The registrar must provide the accreditation body with documentationof its employees’ qualifications.— The registrar must have appropriate facilities for carrying outits activities.— The registrar must have a quality manual and documentedprocedures. (Curiously, EN 45012 does not require that registrarsregister to ISO 9000!)— Registrars may not grant or renew certificates of registration until all major noncompliances are eliminated.
Another point of differentiation is scope of accreditation. All registrarsare not accredited, or approved, to register firms in any line of business. Each registrar is accredited to operate within the business or industrial sectors about which it has documented expertise. This is generically referred to as the registrar’s scope.
Subscribe to:
Posts (Atom)