ISO 9001 Quality Management System: 2009

Thursday, October 1, 2009

Preparing ISO 9001 Quality Manual

Preparing ISO 9001 Quality Manual
The standard requires a quality manual to be established and maintained that includes the scope of the quality management system, the documented procedures or reference to them and a description of the sequence and interaction of processes included in the quality management system.
ISO 9001 defines a quality manual as a document specifying the quality management system of an organization. It is therefore not intended that the quality manual be a response to the requirements of ISO 9001. As the top-level document describing the management system it is a system description describing how the organization is managed.
Countless quality manuals produced to satisfy ISO 9001:2008, were no more than 20 sections that paraphrased the requirements of the standard. Such documentation adds no value. They are of no use to managers, staff or auditors. Often thought to be useful to customers, organizations would gain no more confidence from customers than would be obtained from their registration certificate.
A description of the management system is necessary as a means of showing how all the processes are interconnected and how they collectively deliver the business outputs. It has several uses as :
1. a means to communicate the vision, values, mission, policies and objectives of the organization
2. a means of showing how the system has been designed
3. a means of showing linkages between processes
4. a means of showing who does what an aid to training new people
5. a tool in the analysis of potential improvements
6. a means of demonstrating compliance with external standards and regulations
When formulating the policies, objectives and identifying the processes to achieve them, the manual provides a convenient vehicle for containing such information. If left as separate pieces of information, it may be more difficult to see the linkages.
The requirement provides the framework for the quality manual. Its content may therefore include the following:
1 Introduction
(a) Purpose (of the manual)
(b) Scope (of the manual)
(c) Applicability (of the manual)
(d) Definitions (of terms used in the manual)
2 Business overview
(a) Nature of the business/organization – its scope of activity, its products and services
(b) The organization’s interested parties (customers, employees, regulators, shareholders, suppliers, owners etc.)
(c) The context diagram showing the organization relative to its external environment
(d) Vision, values
(e) Mission
3 Organization
(a) Function descriptions
(b) Organization chart
(c) Locations with scope of activity
4 Business processes
(a) The system model showing the key business processes and how they are interconnected
(b) System performance indicators and method of measurement
(c) Business planning process description
(d) Resource management process description
(e) Marketing process description
(f) Product/service generation processes description
(g) Sales process description
(h) Order fulfilment process description
5 Function matrix (Relationship of functions to processes)
6 Location matrix (Relationship of locations to processes)
7 Requirement deployment matrices
(a) ISO 9001 compliance matrix
(b) ISO 14001 compliance matrix
(c) Regulation compliance matrices (FDA, Environment, Health, Safety, CAA etc.)
8 Approvals (List of current product, process and system approvals)
The process descriptions can be contained in separate documents and should cover the topics identified previously (see Documents that ensure effective planning, operation and control of processes ).
As the quality manual contains a description of the management system a more apt title would be a Management System Manual (MSM) or maybe a title reflecting its purpose might be Management System Description (MSD).
In addition a much smaller document could be produced that does respond to the requirements of ISO 9001, ISO 14001, and the regulations of regulatory authorities. Each document would be an exposition produced purely to map your management system onto these external requirements to demonstrate how your system meets these requirements. When a new requirement comes along, you can produce a new exposition rather than attempt to change your system to suit all parties. A model of such relationships is illustrated in Figure 4.10. The process descriptions that emerge from the Management System Manual describe the core business processes and are addressed in Chapter 4 under the heading of Documents that ensure effective operation and control of processes.

Scope Of The Quality Management System

Scope Of The Quality Management System
The ISO 9001 standard requires the quality manual to include the scope of the quality management system including details of justification for any exclusion. The standard addresses activities that may not be relevant or applicable to an organization. The permissible exclusions are explained in section 1.2 of ISO 9001. Here it states that the organization may only exclude requirements that neither affect the organization’s ability, nor its responsibility to provide product that meets customer and applicable regulatory requirements. The requirements for which exclusion is permitted are limited to those in section 7 of the standard.
Under ISO 9001:2008, it was possible for organizations to exclude functions and processes of their organization that may have been difficult to control or were not part of the order fulfilment cycle. Organizations that designed their own products but not for specific customers could escape bringing these operations into the management system. Marketing was omitted because it operated before placement of order. Accounting, Administration, Maintenance, Publicity, Public Relations and After Sales Support functions were often omitted because there were no requirements in the standard that specifically dealt with such activities. As there is no function in an organization that does not directly or indirectly serve the satisfaction of interested parties, it is unlikely that any function or process will now be excluded from the quality management system.
It is sensible to describe the scope of the quality management system so as to ensure effective communication. The scope of the quality management system is one area that generates a lot of misunderstanding particularly when dealing with auditors, consultants and customers. When you claim you have a management system that meets ISO 9001 it could imply that you design, develop, install and service the products you supply, when in fact you may only be a distributor. Why you need to justify specific exclusions is uncertain because it is more practical to justify inclusions.
The scope of the quality management system is the scope of the organization. There is no longer any reason to exclude locations, activities, functions or processes for which there is no requirement in the standard. The reason is because the ISO 9000 family now serves customer satisfaction and is not limited to quality assurance as were the 1994 versions of ISO 9001, ISO 9002 and ISO 9003.
It is not appropriate to address exclusions by inserting pages in the manual corresponding to the sections of the standard and adding justification if not within the scope of the management system – such as ‘We don’t do this!’.
It is much more appropriate to use an appendix as indicated previously in the manual contents list. By describing the nature of the business, you are establishing boundary conditions. If in doing so you do not mention that you design products, it will be interpreted that design is not applicable.
For exclusions relative to detail requirements, the Compliance Matrix may suffice but for an unambiguous solution, it is preferable to produce an exposition that addresses each requirement of the standard.

ISO 9001 Quality Policy

ISO 9001 Quality Policy
The standard requires the quality policy to be appropriate to the purpose of the organization.
The purpose of an organization is quite simply the reason for its existence and as Peter Drucker so eloquently put it there is only one valid definition of business purpose: to create a customer”(Drucker, Peter F., 1977)2 . In ensuring that the quality policy is appropriate to the purpose of the organization, it must be appropriate to the customers the organization desires to create. It is therefore necessary to establish who the customers are, where the customers are, what they buy or wish to receive and what these customers regard as value. As stated above, the quality policy is the corporate policy and such policies exist to channel actions and decisions along a path that will fulfil the organization’s purpose and mission. A goal of the organization may be the attainment of ISO 9001 certification and thus a quality policy of meeting the requirements of ISO 9001 would be consistent with such a goal, but goals are not the same as purpose as indicated in the box to the right. Clearly no organization would have ISO 9001 certification as its purpose because certification is not a reason for existence – an objective maybe but not a purpose.
Policies expressed as short catchy phrases such as “to be the best” really do not channel actions and decisions. They become the focus of ridicule when the organization’s fortunes change. There has to be a clear link from mission to quality policy.
Policies are not expressed as vague statements or emphatic statements using the words may, should or shall, but clear intentions by use of the words ‘we will’
– thus expressing a commitment or by the words ‘we are, we do, we don’t, we have’ expressing shared beliefs. Very short statements tend to become slogans which people chant but rarely understand the impact on what they do. Their virtue is that they rarely become outdated. Long statements confuse people because they contain too much for them to remember. Their virtue is that they not only define what the company stands for but how it will keep its promises.
In the ISO 9001 definition of quality policy it is suggested that the eight quality management principles be used as a basis for establishing the quality policy.
One of these principles is the Customer Focus principle. By including in the quality policy the intention to identify and satisfy the needs and expectations of customers and other interested parties and the associated strategy by which this will be achieved, this requirement would be fulfilled. The inclusion of the strategy is important because the policy should guide action and decision. Omitting the strategy may not ensure uniformity of approach and direction.
The standard requires that the quality policy include a commitment to comply with requirements and continually improve the effectiveness of the quality management system.
A commitment to comply with requirements means that the organization should undertake to meet the requirements of all interested parties. This means meeting the requirements of customer, suppliers, employees, investors, owners and society. Customer requirements are those either specified or implied by customers or determined by the organization and these are dealt with in more detail under clauses 5.2 and 7.2.1. The requirements of employees are those covered by legislation such as access, space, environmental conditions, equal opportunities and maternity leave but also the legislation appropriate to minority groups such as the disabled and any agreements made with unions or other representative bodies. Investors have rights also and these will be addressed in the investment agreements. The requirements of society are those obligations resulting from laws, statutes, regulations etc.
An organization accepts such obligations when it is incorporated as a legal entity, when it accepts orders from customers, when it recruits employees, when it chooses to trade in regulated markets and when it chooses to use or process materials that impact the environment.
The effectiveness of the management system is judged by the extent to which it fulfils its purpose. Therefore improving effectiveness means improving the capability of the management system. Changes to the management system that improve its capability i.e its ability to deliver outputs that satisfy all the interested parties, are a certain types of change and not all management system changes will accomplish this. This requirement therefore requires top management to pursue changes that bring about an improvement in performance.

ISO 14001 ENVIRONMENTAL POLICY

ISO 14001 ENVIRONMENTAL POLICY
The intent of an environmental policy is to state the organization’s commitment to continuous improvement in environmental performance. A strong, clear environmental policy can serve as both a starting point for developing the EMS and a reference point for maintaining continuous improvement.The policy should be evaluated regularly and modified, as necessary, to reflect changing environmental priorities.The policy should function in two ways: (1) within the company, the policy should focus attention on environmental issues associated with company activities, products, and services; and (2) outside the company, the policy is a public commitment to addressing environmental issues and continuously improving environmental performance.The environmental policy must address:• Commitment to compliance with relevant environmental legislation andregulations• Pollution prevention• Continuous improvement
Tips for Developing an Environmental Policy:1. Develop a policy that reflects perspectives of various employees within the company (for example, line worker, owner, wastewater treatment operator, quality inspector, compliance/legal manager, production manager).2. Display the policy statement in view of all employees; the policy should be available to the public and customers if requested and be printed in languages other than English, as appropriate.3. Include top management signatures on the policy to demonstrate understanding and commitment.Purpose This procedure is used to develop and write the company’s environmental policy.
Step 1 The environmental manager will form a policy development team responsible for developing and writing the environmental policy. The policy will address, at a minimum, compliance, pollution prevention, and continuous improvement.
Step 2 The policy development team will review other relevant documents to ensure consistency with other company policies and guide the content and phrasing of the policy. Example documents include the company mission statement and the example environmental policies included in this EMS element.
Step 3 The policy will be displayed in view of all employees and introduced to new employees; the policy will be available in languages other than English, as appropriate, and to the public (on request) and customers (as appropriate).Step 4 The environmental manager will review the environmental policy at least annually, and update it if needed.
Responsible Person: _____________________________________Signature and Date: ______________________________________
Environmental Policy Example 1
It is the policy of COMPANY NAME to conduct its operations in a manner that is environmentally responsible and befitting a good corporate neighbor and citizen.In accordance with this policy, COMPANY NAME complies with all environmental laws and manages all phases of its business in a manner that minimizes the impact of its operations on the environment.To further this policy, COMPANY NAME shall:1. Include environmental requirements in planning and design activities2. Comply with applicable environmental laws and regulations3. Eliminate, or reduce to the maximum practical extent, the release of contaminants into the environment, first through pollution prevention (material substitution and source reduction), then recycling, and finally through treatment and control technologies4. Effectively communicate with company employees, suppliers, regulators, and customers, as well as the surrounding community, regarding the environmental impact of company operations5. Periodically review and demonstrate continuous improvement in the company’s environmental management system
SIGNATURE___________________
Responsible Person______________________
Environmental Policy Sample 2
Effective Date
ENVIRONMENTAL POLICY
_________________________ IS COMMITTED TO IMPROVE THE HEALTH, SAFETY AND ENVIRONMENT FOR OUR EMPLOYEES, NEIGHBORS, AND FAMILIES.
WE WILL MEET AND OR EXCEED LAWFUL COMPLIANCE THROUGH POLLUTION PREVENTION PRACTICES AND CONTINUOUS IMPROVEMENT.
TO IMPLEMENT THIS POLICY WE WILL CREATE AN ENVIRONMENTAL MANAGEMENT SYSTEM TO IDENTIFY GOALS, SYSTEMS, MEASUREMENTS AND SAMPLING METHODS.TO SUPPLEMENT THIS POLICY WE WILL INCORPORATE SOURCE REDUCTION THROUGH REUSE, RECYCLING, MATERIAL SUBSTITUTION, NEW AND IMPROVED TECHNOLOGIES, CREATIVE MANAGEMENT AND OPERATIONAL PRACTICES.
TO MAINTAIN THIS POLICY WE WILL PERFORM MANAGEMENT REVIEW, REVENTATIVE MAINTENANCE, EMPLOYEE TRAINING, AND A COMMITMENT AND INVOLVEMENT FROM OUR EMPLOYEES AND MANAGEMENT TO SUPPORT THIS POLICY.

ISO 14001 ENVIRONMENTAL ASPECTS AND IMPACTS

ISO 14001 Environmental Aspects And Impacts
The fundamental purpose of the EMS is to control and reduce the environmental impacts of your facility’s processes and products. For this reason, a critical element of the EMS involves identifying and prioritizing the environmental aspects and impacts associated with your facility. An environmental aspect is an element of an organizations activities, products, or services that can interact with the environment. For example, chrome plating is a metal finishing activity and an associated aspect is chrome air emissions.This aspect may have an impact on the environment in several ways, for example, ambient air quality degradation.The environmental aspects and impacts of your metal finishing operations can be identified, prioritized, and documented in several ways. This Template includes two approaches, either of which can be used during EMS implementation. Use the approach that works best for your circumstances. This process is important because high-priority environmental aspects and impacts will be considered when environmental objectives and targets are established.
Aspects and Impacts Form A — The first approach uses the experience and judgment ofemployees familiar with facility processes to identify the top five environmental issuescurrently facing the facility. These issues and their specific aspects and impacts shouldbe summarized using Aspects and Impacts Form A.
Aspects and Impacts Form B — The second approach uses detailed, structured matricesto list and prioritize environmental aspects and impacts according to the followingcategories:• Environmental Aspects and Impacts: Wastewater• Environmental Aspects and Impacts: Air Emissions• Environmental Aspects and Impacts: Hazardous and Solid Waste• Environmental Aspects and Impacts: Raw Materials• Environmental Aspects and Impacts: Water and Energy
The matrices that comprise Form B will help facility staff identify and document environmental aspects and impacts. The matrices also provide criteria for prioritizing environmental aspects and impacts; this process is important because high-priority environmental aspects and impacts will be considered when environmental objectives and targets are established. One possible way to prioritize environmental aspects and impacts using Form B is described as follows:Step 1:For each aspect and impact, score each prioritization criterion on a scale from 1 to 5, where 1 indicates the criterion is very important or relevant to that aspect (for example, the aspect is strictly regulated, is the subject of compliance violations, or is a waste generated in large uantities), and 5 indicates the criterion is relatively unimportant or irrelevant to that aspect (for example, the aspect is an unregulated waste, is generated infrequently, and is inexpensive to manage).Step 2:Add the scores of all criteria for each aspect and write the total in the right-most column of the form.This number indicates the relative priority of the aspect compared to other aspects and impacts in the same category. The lower the total score, the higher the priority.Purpose Of This procedure is used to identify, document, and update the environmental aspects and impacts of facility processes and operations.
Step 1 The environmental manager and other facility personnel selected by the environmental manager are responsible for identifying and prioritizing the environmental aspects and impacts of facility operations during EMS planning and development.Environmental aspects are characteristics of facility processes and products that interact with the environment. Only environmental aspects the company can control or influence will be considered. Environmental impacts are the effects of an organization’s activitie , products or services on the environment.
Step 2 Environmental aspects and impacts will be documented and prioritized.Environmental aspects and impacts will be associated with the following categories:• Wastewater• Air emissions• Hazardous and solid waste• Raw materials• Water and energyHigh-priority environmental aspects and impacts will be considered when environmentalobjectives and targets are set.
Step 3 The environmental manager and other facility personnel will review and updatethe environmental aspects and impacts documentation annually.
Step 4 Environmental aspects and impacts documentation will be retained at the facilityfor at least 2 years.
Responsible Person: _____________________________________Signature and Date: ______________________________________

Elements of the Six Sigma Framework

Elements Of The Six Sigma Framework
Management strategies, such as TQC, TQM, and Six Sigma, are distinguished from each other by their underlying rationale and framework. As far as the corporate framework of Six Sigma is concerned, it embodies the five elements of top-level management commitment, training schemes, project team activities, measurement system and stakeholder involvement.
Stakeholders include employees, owners, suppliers and customers. At the core of the framework is a formalized improvement strategy with the following five steps: define, measure, analyse, improve and control (DMAIC) which will be explained in detail in Section 2.3. The improvement strategy is based on training schemes, project team activities and measurement system. Top-level management commitment and stakeholder involvement are all inclusive in the framework.
Without these two, the improvement strategy functions poorly. All five elements support the improvement strategy and improvement project teams. Most big companies operate in three parts: R&D, manufacturing, and non-manufacturing service. Six Sigma can be introduced into each of these three parts separately. In fact, the color of Six Sigma could be different for each part. Six Sigma in the R&D part is often called “Design for Six Sigma (DFSS),” “Manufacturing Six Sigma” in manufacturing, and “Transactional Six Sigma (TSS)” in the non-manufacturing service sector. All five elements are necessary for each of the three different Six Sigma functions. However, the improvement methodology, DMAIC, could be modified in DFSS and TSS. These points will be explained in detail in Sections 2.6 and 2.7.2.2 Top-level Management Commitment and Stakeholder Involvement
(1) Top-level management commitment
Launching Six Sigma in a company is a strategic management decision that needs to be initiated by top-level management. All the elements of the framework, as well as the formalized improvement strategy, need top-level management commitment for successful execution. Especially, without a strong commitment on the part of top-level management, the training program and project team activities are seldom successful. Although not directly active in the day-to-day improvement projects, the role of top-level management as leaders, project sponsors and advocates is crucial. Pragmatic management is required, not just lip service, as the top-level management commits itself and the company to drive the initiative for several years and into every corner of the company.
There are numerous pragmatic ways for the CEO (chief executive officer) to manifest his commitment. First, in setting the vision and long-term or short-term goal for Six Sigma, the CEO should play a direct role. Second, the CEO should allocate appropriate resources in order to implement such Six Sigma programs as training schemes, project team activities and measurement system. Third, the CEO should regularly check the progress of the Six Sigma program to determine whether there are any problems which might hinder its success. He should listen to Six Sigma reports and make comments on the progress of Six Sigma. Fourth, he should hold a Six Sigma presentation seminar regularly, say twice a year, in which the results of the project team are presented and good results rewarded financially. Finally, he should hold a Champion Day regularly, say once in every other month, in which Champions (upper managers) are educated by specially invited speakers and he should discuss the progress of Six Sigma with the Champions.
It is also the responsibility of top-level management to set “stretch goals” for the Six Sigma initiative. Stretch goals are tough and demanding, but are usually achievable. Some companies set the stretch goal for process performance at 6 sigma or 3.4 DPMO for all critical-to-customer characteristics.
However, the goals can also be set incrementally, by stating instead the annual improvement rate in process performance.
The industry standard is to reduce DPMO by 50% annually.
(2) Stakeholder involvement
Stakeholder involvement means that the hearts and minds of employees, suppliers, customers, owners and even society should be involved in the improvement methodology of Six Sigma for a company. In order to meet the goal set for improvements in process performance and to complete the improvement projects of a Six Sigma initiative, top-level management commitment is simply not enough. The company needs active support and direct involvement from stakeholders.
Employees in a company constitute the most important group of stakeholders. They carry out the majority of improvement projects and must be actively involved. The Six Sigma management is built to ensure this involvement through various practices, such as training courses, project team activities and evaluation of process performance. Suppliers also need to be involved in a Six Sigma initiative.
A Six Sigma company usually encourages its key suppliers to have their own Six Sigma programs. To support suppliers, it is common for Six Sigma companies to have suppliers sharing their performance data for the products purchased and to offer them participation at in-house training courses in Six Sigma. It is also common for Six Sigma companies to help small suppliers financially in pursuing Six Sigma programs by inviting them to share their experiences together in report sessions of project team activities. The reason for this type of involvement is to have the variation in the suppliers’ products transferred to the company’s processes so that most of the process improvement projects carried out on suppliers’ processes would result in improvement of the performance.
Customers play key roles in a Six Sigma initiative. Customer satisfaction is one of the major objectives for a Six Sigma company. Customers should be involved in specific activities such as identifying the critical-to-customer (CTC) characteristics of the products and processes. CTC is a subset of CTQ from the viewpoint of the customers. Having identified the CTC requirements, the customers are also asked to specify the desired value of the characteristic, i.e., the target value and the definition of a defect for the characteristic, or the specification limits. This vital information is utilized in Six Sigma as a basis for measuring the performance of processes. In particular, the R&D part of a company should know the CTC requirements and should listen to the voice of customers (VOC) in order to reflect the VOC in developing new products.

Elements of the Six Sigma Framework

Environment Policy In ISO 14001:2004

Environment Policy In ISO 14001:2004
To develop a successful and effective EMS, five key tasks that must be undertaken by management:a. Select an EMS CoordinatorThe selection of an EMS Coordinator is crucial to the success of your EMS. This person will be responsible for developing and implementing the environmental policy and the EMS. Great care must be taken to ensure that the person chosen is well qualified to handle the responsibilities associated with the EMS.b. Perform a gap analysisA gap analysis determines the differences, or gaps, between one system and another. Not only will this analysis identify the gaps, but it also should etermine the size of the gaps. These findings will lead to recommendations, project plans, and the identification of necessary resources for filling the gaps.
c. Prepare a budget, and obtain the appropriate resourcesAfter conducting a gap analysis, the EMS Coordinator will develop a budget that covers the necessary resources to complete an EMS that conforms with ISO 14001. For some organizations, this may mean establishing a budget for the entire process; other organizations may only need to update certain portions of their existing management system.
ISO 14001 Section 4.4.1 requires top management to provide the essential resources to implement, control, and manage the EMS.
d. Select an EMS TeamTop management and the EMS Coordinator may consider creating an EMS Team to assist in developing and implementing the system. This decision should be based on the size of the organization or facility that will be implementing the EMS.
This team should consist of key individuals from various divisions, departments, and operating work areas within the organization who are familiar with the facility, the various processes, and its environmental requirements. Diversity among team members will bring together a pool of expertise and ideas from which to develop and implement the EMS.
e. Develop an environmental policyThe environmental policy is an essential part of an organization’s EMS. The environmental policy must establish the overall direction of the organization in terms of its commitment to environmental responsibility. A policy should also set the foundation and framework for meeting the environmental objectives and targets for the organization.
The ISO 14001 standard establishes certain requirements that an organization’s environmental policy must meet. If your organization already has an environmental policy, review this section to ensure it meets the ISO 14001 requirements.
The first requirement is that top management must establish and define the environmental policy. Note that ISO 14001 does not specifically state that top management must write the policy, only that it be committed to the policy and ensure its implementation.
These actions are essential in constructing a firm foundation for an effective EMS.

ENVIRONMENTAL and HEALTH & SAFETY COMPLIANCE CHECKLIST

Self-Audit Procedures
The following checklist should be used as an aid in reviewing your facility’s compliance with industry environmental and health & safety regulations and requirements.
Additional Information: This checklist is based on the current laws and regulations as of the date of publication. Regulations frequently change.
Therefore, you should review current laws and regulations for any recent changes in the requirements. Some of the items you should check include:
Additional Requirements: In addition to recent changes in the requirements, you should also consider additional Cal/OSHA standards that might apply to your facility.
These might include any of the following:
Employer postings; ergonomics; process safety management; use of asbestos, formaldehyde, or lead containing substances; blood borne
pathogens; welding operations; use of compressed air and gases; boiler operations; use of power tools, hoists and grinding equipment; spray coating; elevated platforms; aisle way, ramp, door and exit requirements; fire sprinkler requirements; and seismic requirements.
Legal Authority : The compliance requirements provided on the following pages are taken from the respective laws and regulations, as indicated in the references column. In addition to the statutory and regulatory requirements, some compliance items that reflect improved and accepted management practices have been included. These management practices have been included because of their overall industry acceptance and their potential to reduce environmental risk and improve compliance.

ISO 14001 – Specifications With Guidance for Use

ISO 14001 – Specifications with Guidance For Use
Given the number of international participants involved in the process of developing the ISO 14001 Specifications, it is amazingly brief, consisting of five pages. This includes a Scope, Definitions, and EMS requirements.
The heart of the specification is in the EMS Requirements, the principles of which are summarized below:
Principle #1 – Commitment and Policy Top management must make a commitment to the program.
Principle #2 – Planning To be successful, the program must be organized. This includes an organizational structure, open communications, both internal and external, and a mechanism for identifying issues.
Principle #3 Implementation Program must be undertaken, including training, writing process descriptions, and establishing prevention programs.
Principle #4 Measurement and Evaluation Create a mechanism for assessing performance and progress toward goals.Principle #5 Review and Improvement? ISO 14004, Section 4, Environmental Management System (EMS)
Reference: ISO 14004, Section 4, Environmental Management System (EMS) Principles and Elements.

ISO 14001 – Certification/Registration

ISO 14001 – Certification/Registration
Similar to the organized approach to problem solving contained in ISO 9000
and ISO 14000, an organized approach is necessary to achieve certification. Although the written requirements contained in ISO 14001 are straightforward and brief, the level of effort required to conform with the requirements should not be underestimated.
If an environmental review of the facility‘s operations has not been conducted, it is important to retain a qualified consultant to conduct the review. which should focus on the requirements of ISO 14000 versus programs currently in use. This activity is known as a Gap Analysis.?E After the Gap Analysis is completed, the environmental status of the operation should be known and the level of effort necessary to develop the ISO 14000 program understood.
It can easily take six months to a year to develop a program that meets EMS requirements. Staff should develop the EMS program as they will ultimately be required to manage it. If staff is inadequate to develop the program, a consultant can be retained to provide guidance to staff as the program is being developed.
But, retaining a consultant will not resolve the problem of long term program maintenance. The ultimate goal of developing the EMS is to obtain certification/registration. Aside from the internal benefits offered by the ISO 14000 series of standards, external benefits may be derived through the certification/registration process. The certification/registration process only applies to ISO 14001, and this is the only standard to which the audit process applies. For the purposes of certification/registration, all other ISO 14000 standards are considered guidance. Certification can either be by a self declaration?Eor by an independent registrar.
Obviously the use of an independent registrar would give more credibility to those looking at an organization from outside.
Registrars have individual preferences about how the requirements should be administered. A registrar should be selected early in the process to help ensure that the program being developed is consistent with the registrars preferences. When the program is fully prepared and implemented, the registrar will be notified and a formal program audit undertaken. This audit will not result in a denial of ISO 14000 certification, but it may result in either approval or a list of deficiencies that must be corrected before certification.

ESTABLISHING THE INITIAL STATE OF THE QMS For SME

Establishing The Initial State of The ISO 9001 QMS For SME
The implementation of an ISO 9001 conformant system must recognize that it is but a step in a long-term development of a continually improving QMS. Unfortunately, it is often the case that ISO 9001 is taken as a means to an end, where the implementation of a QMS is not the primary objective, rather certification is. As a result, SMEs may end up with stacks of documentation waiting to be processed that adds no value, but cost.
According to the requirements of ISO 9001, an organization must develop only six documented procedures: (1) control of documents, (2) control of quality records, (3) internal audits, (4) control of non-conformities, (5) corrective action, and (6) preventative action. A quality manual and several records are also required. The development of other procedures, work instructions, and
other documents is largely at the discretion of the organization. From the very beginning of the process, it is therefore essential that SMEs establish a balanced view between a short-term focus (marketing/sales) and a long-term focus (achieving company-wide quality awareness through TQM). ISO documentation should be considered as an enabler along that way and SMEs must guard against the creation of unnecessary documentation.
However, even when such a view is adopted, many SMEs struggle to move from their initial state to a fully functional ISO 9001 QMS. Over the last several years, we have been involved in ISO 9001 implementation projects in seven different SMEs. The SMEs have ranged in size from approximately 20 employees to 500 employees. The SMEs have been drawn from a variety of sectors in Virginia, including manufacturing, distribution, and services. Based on our experience, we developed a schematic of initial states of an organization in terms of the existence and functionality of the ISO 9001 QMS . Throughout this paper, existence is equated with the documentation required by the standard while functionality is equated with an effectively operated QMS that leads to increased customer satisfaction and continuous improvement of business results.
A successful QMS must be fully functional and appropriately documented. With that in mind, there are four main states in which SMEs can be located in the beginning of the implementation process:
1. Complete Death: No documentation, no functioning.
This is the state in which there is no indication of the existence and functionality of the QMS. No documentation exists and no processes are in place to help ensure the quality of the product.
Relatively few companies will find themselves in this situation.
2. Informally Alive: No documentation, some level of functioning.
Many SMEs exhibit an organic structure characterized by an absence of standardization and the prevalence of loose and informal working relationships. SMEs operating in this state are more likely to rely on people rather than a system. In such situations, key personnel may resist documentation for two key reasons “(1) documentation is considered a waste of time and (2) documentation of processes and procedures makes the individual less dependable” [2]. SMEs in this state perform some or all of the processes required by ISO 9001 and the QMS may function fairly well. However, they are not willing and ready to document those processes unless there is a cultural change lead by top management.
3. Formally Death: Some level of documentation, no functioning.
SMEs categorized in this state have documented processes and procedures at some degree, however, the documents are generally not followed and do not necessarily reflect the actual manner in which the organization undertakes its operations and management. This situation highlights the fact that the mere existence of documentation does not necessarily lead to a functional QMS. Moreover, such a situation may help perpetuate the view that ISO 9001 is a way for SMEs to market their products and services but that implementation of the standard requires stacks of documents that offer no value.
4. Formally Alive: Some level of documentation, some level of functioning.
Each SME considered in this state, achieves a unique combination of the existence and functionality of processes and procedures that may or may not be required by ISO 9001. This situation is closest to the desired state of full functionality (100%) of the ISO 9001 QMS and full documentation (100%) of this functionality.

The Benefits To Integrate ISO 14001:2004 and ISO 9001:2008

The Benefits To Integrate ISO 14001:2004 and ISO 9001:2008
Reduce the time and cost of implementing the new specification by acquiring a concise, yet thorough understanding the scope of ISO 14001:2004 and key terms.
Avoid spinning your wheels by learning precisely which modifications and additions to ISO 14001:2004 require your attention for compliance with ISO 9001:2008.
Get a quick handle, through hands-on activities, on the environmental aspects of ISO 14001:2004, including how to:- Develop an environmental policy statement appropriate for your company- Integrate processes for identifying environmental aspects and impacts- Identify environmental objectives, set related targets, and establish programs for achieving results- Integrate environmental responsibilities and authorities into a management system- Outline an environmental awareness and training program- Establish environmental metrics and indicators for monitoring performance- Integrate requirements on non-conformance and corrective and preventive actions into your existing system- Understand the purpose and scope of the environmental management review- Integrate document control requirements of ISO 14001:2004 into your current system- Identify those operations that need to be controlled under EMS and identify emergency operations and contingencies that must be considered as part of EMS
Get off to a running start by learning to use a versatile prioritization matrix to identify and prioritize significant environmental aspects and impacts.
Optimize understanding and retention with the Plexus Learning Model- Multiple learning channels through lecture, coaching, group activities, innovative learning exercises and case studies.- Hands-on insights. Lecturing is minimized so learning is maximized.- Learn by doing. Connect the lessons learned to your real world by using your current circumstances as examples for activities.

Demonstrating conformity with ISO 9001:2008

Demonstrating conformity with ISO 9001:2008
For organizations wishing to demonstrate conformity with the requirements of ISO 9001:2008, for the purposes of certification/registration, contractual, or other reasons, it is important to remember the need to provide evidence of the effective implementation of the QMS.
Organizations may be able to demonstrate conformity without the need for extensive documentation.
To claim conformity with ISO 9001:2008, the organization has to be able to provide objective evidence of the effectiveness of its processes and its quality management system. Clause 3.8.1 of ISO 9000:2005 defines “objective
evidence” as “data supporting the existence or variety of something” and notes that “objective evidence may be obtained through observation, measurement, test, or other means.”
Objective evidence does not necessarily depend on the existence of documented procedures, records or other documents, except where specifically mentioned in ISO 9001:2008. In some cases, (for example, in clause 7.1(d)
Planning of product realization, and clause 8.2.4 Monitoring and measurement of product), it is up to the organization to determine what records are necessary in order to provide this objective evidence.
Where the organization has no specific internal procedure for a particular activity, and this is not required by the standard, (for example, clause 5.6 Management Review), it is acceptable for this activity to be conducted using as a basis the relevant clause of ISO 9001:2008. In these situations, both internal and external audits may use the text of ISO 9001:2008 for conformity assessment purposes.

Guidance on Clause 4.2 of ISO 9001:2008

Guidance on Clause 4.2 of ISO 9001:2008
The following comments are intended to assist users of ISO 9001:2008 in understanding the intent of the general documentation requirements of the International Standard.
a) Documented statements of a quality policy and objectives:
Requirements for the quality policy are defined in clause 5.3 of ISO 9001:2008. The documented quality policy has to be controlled according to the requirements of clause 4.2.3.
Note: Organizations that are revising their quality policy for the first time, or in order to meet the amended requirements in ISO 9001:2008, should pay particular attention to clause 4.2.3 (c), (d) and (g).
Requirements for quality objectives are defined in clause 5.4.1 of ISO 9001:2008. These documented quality objectives are also subject to the document control requirements of clause 4.2.3.
b) Quality Manual:
Clause 4.2.2 of ISO 9001:2008 specifies the minimum content for a quality manual. The format and structure of the manual is a decision for each organization, and will depend on the organization’s size, culture and complexity. Some organizations may choose to use the quality manual for other purposes besides that of simply documenting the QMS
A small organization may find it appropriate to include the description of its entire QMS within a single manual, including all the documented procedures required by the standard.
Large, multi-national organizations may need several manuals at the global, national or regional level, and a more complex hierarchy of documentation.
The quality manual is a document that has to be controlled in accordance with the requirements of clause 4.2.3.
c) Documented procedures:
ISO 9001:2008 specifically requires the organization to have “documented procedures” for the following six activities:
4.2.3 Control of documents
4.2.4 Control of records
8.2.2 Internal audit
8.3 Control of nonconforming product
8.5.2 Corrective action
8.5.3 Preventive action
These documented procedures have to be controlled in accordance with the requirements of clause 4.2.3 Some organizations may find it convenient to combine the procedure for several activities into a single documented procedure (for example, corrective action and preventive action). Others may choose to document a given activity by using more than one documented procedure (for example, internal audits). Both are acceptable.
Some organizations (particularly larger organizations, or those with more complex processes) may require additional documented procedures (particularly those relating to product realization processes) to implement an effective QMS.
Other organizations may require additional procedures, but the size and/or culture of the organization could enable these to be effectively implemented without necessarily being documented. However, in order to demonstrate compliance with ISO 9001:2008, the organization has to be able to provide objective evidence (not necessarily documented) that its QMS has been effectively implemented.
d) Documents needed by the organization to ensure the effective planning, operation and control of its processes:
In order for an organization to demonstrate the effective implementation of its QMS, it may be necessary to develop documents other than documented procedures. However, the only documents specifically mentioned in ISO 9001:2008 are:
- Quality policy (clause 4.2.1.a)
- Quality objectives (clause 4.2.1.a)
- Quality manual (clause 4.2.1.b)
There are several requirements of ISO 9001:2008 where an organization could add value to its QMS and demonstrate conformity by the preparation of other documents, even though the standard does not specifically require them. Examples
may include:
- Process maps, process flow charts and/or process descriptions
- Organization charts
- Specifications
- Work and/or test instructions
- Documents containing internal communications
- Production schedules
- Approved supplier lists
- Test and inspection plans
- Quality plans
All such documents have to be controlled in accordance with the requirements of clause 4.2.3 and/or 4.2.4, as applicable
e) Records:
Examples of records specifically required by ISO 9001:2008 are presented in Annex B.
Organizations are free to develop other records that may be needed to demonstrate conformity of their processes, products and quality management system.
Requirements for the control of records are different from those for other documents, and all records have to be controlled according to those of clause 4.2.4 of ISO 9001:2008.

ISO 9001:2008 Documentation Requirements

ISO 9001:2008 Documentation Requirements
ISO 9001:2008 clause 4.1 General requirements requires an organization to “establish, document, implement, and maintain a quality management system and continually improve its effectiveness in accordance with the requirements of this International Standard”
Clause 4.2.1 General explains that the quality management system documentation shall include:
documented statements of a quality policy and quality objectives;
a quality manual documented procedures required by this International Standard documents needed by the organization to ensure the effective planning, operation and control of its processes, and records required by this International Standard;
The notes after Clause 4.2 make it clear that where the standard specifically requires a “documented procedure”, the procedure has to be established, documented, implemented and maintained. It also emphasizes that the extent of the QMS documentation may differ from one organization to another due to:
the size of organization and type of activities;
the complexity of processes and their interactions, and
the competence of personnel.
All the documents that form part of the QMS have to be controlled in accordance with clause 4.2.3 of ISO 9001:2008, or, for the particular case of records, according to clause 4.2.4.

SUMMARY OF CHANGES TO ISO 14001:2004

SUMMARY OF CHANGES TO ISO 14001:2004
ISO 14001:2004 aims to clarify the 1996 edition and align it more closely with the ISO 9001:2000 standard. Some clauses have not been modified for content but have been rewritten to align ISO 14001:2004 with the format, wording, and layout of ISO 9001:2000 and to enhance the compatibility between the two standards.
References in Annex A of the standard are aligned with the numbering in the standard for ease of use. Annex B of the standard identifies similarities and associations between ISO 9001:2000 and ISO 14001:2004.
An important change in wording throughout the revised standard appears in requirements that previously stated that an organisation shall “establish and maintain”; these have now been changed to “establish, implement and maintain”.
Throughout the standard the word “personnel” in the original standard is replaced with “persons working for or on behalf of the organisation” in the revised standard. This is included to ensure that external contractors and applicable suppliers are included under the requirements of certain clauses.
In developing, implementing and maintaining the organisation’s EMS, significant environmental aspects, applicable legal requirements and other requirements to which the organisation subscribes must be considered, and management must ensure the availability of resources.
There are additional paragraphs in the introduction, which generally cover:
• the aim of the ISO 14001:2004 standard is to enhance compatibility with ISO 9001:2000;
• alignment is improved between clause references and supporting Annexes. For example, 4.3.3 and A.3.3 both deal with objectives, targets and programme(s), and 4.5.5 and A.5.5 both deal with internal audit;
• an explanation of the Plan-Do-Check-Act (PDCA) model used in ISO 9001:2000;
• the use of the process approach is promoted in alignment with ISO 9001:2000;
• possible alignment and integration with other management systems is reviewed.

Change In ISO 14001:2004 – Documentation

Change In ISO 14001:2004 – Documentation
This clause has been updated to align it with ISO 19001:2004, but has not changed in intent. The listed EMS documentation now includes:
• the environmental policy,
• objectives and targets,
• a description of the scope of the EMS,
• a description of the main elements of the EMS and their interaction and reference to related documents, documents and records
• required by the standard, • documents and records determined by the organisation as necessary to ensure the effective planning, operation and control of processes that relate to the significant environmental aspects.
Formatting changes help align Clause 4.4.5 of ISO 14001:2004 with ISO 9001:2000. An additional clarification has been made to define records as a special type of document requiring control under Clause 4.5.4. A new addition to the requirements aims to ensure documents of external origin, (i.e. MSDS, permits) that are necessary to the system, are identified and their distribution is controlled.
Formatting changes help align Clause 4.4.5 of ISO 14001:2004 with ISO 9001:2000. An additional clarification has been made to define records as a special type of document requiring control under Clause 4.5.4. A new addition to the requirements aims to ensure documents of external origin, (i.e. MSDS, permits) that are necessary to the system, are identified and their distribution is controlled.
The revised standard requires documents required by the EMS and the standard to be controlled documents.
Note that “document” is included in the definitions, and includes its supporting medium which can be paper, magnetic, electronic or optical computer disc, photograph or master sample, or a combination thereof.

ISO 14001:2004 Evaluation of compliance

ISO 14001:2004 Evaluation of compliance
This clause has been separated from 4.5.1 and includes two sub-clauses, as well as clarification and an addition to the ISO 14001:1996 standard. Included in Clause 4.5.1 of ISO 14001:1996 was a requirement for the organisation to periodically evaluate compliance with relevant (now applicable) environmental legislation and regulations. This requirement has been retained in Clause 4.5.2.1 of the revised standard. In Clause 4.5.2.2, ISO 14001:2004 includes evaluation of compliance with other requirements to which the organisation subscribes, which was not specifically required by ISO 14001:1996. This clarification also includes a requirement for records of periodic evaluations of compliance to be kept.
The UK-based Institute of Environmental Management and Assessment (IEMA) has published an opinion that this means that compliance against each and every piece of legislation / regulation relating to an organisation’s environmental aspects will need to be evaluated before it can be considered to be in conformity with ISO 14001: 2004; it will not be acceptable for organisations to claim that the periodic evaluation will be covered by their internal EMS audit program at some future date.
This has always been one of the most difficult issues in ISO 14001:2004, and organisations will need to review and revise their compliance procedures to ensure that they meet these new requirements.

KEY CONSIDERATIONS IN IMPLEMENTING ISO 9001 IN SMEs

KEY CONSIDERATIONS IN IMPLEMENTING ISO 9001 IN SMEs
There are many issues that must be addressed in moving the QMS from the initial state to the desired state. For example, all organizations implementing ISO 9001 will need to consider the unique culture within the organization, its size, and the resources available. Beyond those widely discussed points, three issues that merit particular attention are (1) consideration of the QMS as a parallel function, (2) training, and (3) auditing. Key points associated with these issues are discussed below.
Consideration of QMS as Parallel Function
In the case of all of the transitions depicted, real benefits from the QMS are more likely to be experienced if the QMS is implemented directly into the core structure of the organization. SMEs must be cautious against establishing a QMS that is run separately in parallel to its other systems. In SMEs, the parallel subsystem most commonly exhibits itself as a separate Quality Assurance, or in some cases, ISO 9001 department. Possible reasons for this may include the existence of rigid departmental boundaries in some SMEs or overemphasis on core activities. As Yauch and Steudel [10] note, SMEs tend to focus their attention on “…necessary routine activities (such as sales, production, shipping, etc.) rather than activities aimed at improving processes or systems.” If a SME insists on establishing a separate quality department, its level of effectiveness can be increased by embedding the QMS in widely-used organizational systems where practical. The integration is largely a function of how well the QMS manages to share information with other subsystems and its ability to align with the policies, norms, goals, and values in place throughout the organization.
Training
In SMEs, training and staff development is more likely to be ad hoc and small scale because of modest human and financial resources and the absence of a specific training budget. To prevent the problems arising from lack of education and training, two things must be done:
1. Education of Top Management: The centralization of decision-making processes within many SMEs means that the management can either be the main stumbling block to change or the main catalyst for change. Therefore, any approach to ISO 9001 implementation must involve considerable education for the top management of the organization to create awareness and understanding of the implementation process as a change initiative. Implementing a fully functional and documented QMS requires motivation by top management to appreciate, achieve, and implement the necessary measures to meet the standards’ criteria.
2. Education and Training of Employees: SMEs are often under pressure to quickly gain ISO 9001 registration. Meeting the requirements of the standard in a short period of time can prove a formidable obstacle for a small company. Since most SMEs do not possess the needed expertise internally, they may be inclined to hire external experts to provide the necessary technical expertise and manpower. However, having a functioning and documented QMS requires more than that. It requires ensuring that all employees in the organization clearly know what is expected of them and how they can contribute to the attainment of their organizations’ goals. This will likely require the preparation and implementation of a training plan tailored specifically to the unique characteristics and maturity level of the SME.
Auditing
As emphasized throughout the paper, a QMS is not going to produce the expected results unless it is fully functional. While auditing must therefore verify the existence of the necessary documentation, it must also focus on the functionality of the QMS. The measurement of the functionality and the qualitative and financial impacts of a QMS have been the subject of several studies, including Kaynak [11]. Among the categories used to measure functionality and performance improvement, two are particularly noteworthy for our purposes: management commitment and employee involvement. A QMS cannot be functional in the absence of those two characteristics. Therefore, as a minimum, internal and external auditors should continually verify top management’s commitment to increased company-wide quality awareness and improvement in addition to employee involvement in the design, implementation, operation, and improvement of quality related processes and procedures.

IMPLEMENTATION GUIDANCE FOR ISO 9001:2008

IMPLEMENTATION GUIDANCE FOR ISO 9001:2008
This Implementation Guidance has been developed to assist users in understanding the issues that need to be considered during the co-existence period between ISO 9001:2000 and ISO 9001:2008.
While the changes between ISO 9001:2000 and ISO 9001:2008 are expected to have a limited impact on users, some arrangements regarding implementation are needed.
Note: To reflect the limited scope of the changes the term “implementation” is now being used to make a clear distinction with the former “transition” from ISO 9001:1994 to ISO 9001:2000, when there were significant changes throughout the standard.
A wide diffusion of this implementation guidance is recommended, in particular the comparison table between ISO 9001:2008 and ISO 9001:2000, given in Annex B to ISO 9001:2008.
ISO 9001:2008 has been developed in order to introduce clarifications to the existing requirements of ISO 9001:2000 and to improve compatibility with ISO 14001:2004. ISO 9001:2008 does not introduce additional requirements nor does it change the intent of the ISO 9001:2000 standard.
Certification to ISO 9001:2008 is not an “upgrade”, and organizations that are certified to ISO 9001:2000 should be afforded the same status as those who have already received a new certificate to ISO 9001:2008 No new requirements were introduced in this edition but, in order to benefit from the clarifications of ISO 9001:2008, users of the former version will need to take into consideration whether the clarifications introduced have an impact on their current interpretation of ISO 9001:2000, as changes may be necessary to their QMS In order to assist organizations to have a full understanding of the new ISO 9001:2008, it may be useful to have an insight on the revision process, how this revision reflects the inputs received from users of the standard, and the consideration given to benefits and impacts during its development.
Prior to the commencement of a revision (or amendment) to a management system standard, ISO/Guide 72:2001 Guidelines for the justification and development of management system standards recommends that a “Justification Study” is prepared to present a case for the proposed project and that it outlines details of the data and inputs used to support its arguments. In relation to the development of ISO 9001:2008 user needs were identified from the following:
- the results of a formal “Systematic Review” on ISO 9001:2000 that was performed by the members of ISO/TC 176/SC2 during 2003-2004
- feedback from the ISO/TC 176/Working Group on “Interpretations”
- the results of an extensive worldwide “User Feedback Survey on ISO 9001 and ISO 9004″ by ISO/TC 176/SC 2/WG 18 and similar national surveys.
The Justification Study identified the need for an amendment, provided that the impact on users would be limited and that changes would only be introduced when there were clear benefits to users.
The key focuses of the ISO 9001:2008 amendment were to enhance the clarity of ISO 9001:2000 and to enhance its compatibility with ISO14001:2004.
A tool for assessing the impacts versus benefits for proposed changes was created to assist the drafters of the amendment in deciding which changes should be included, and to assist in the verification of drafts against the identified user needs. The following decision making principles were applied:
1) No changes with high impact would be incorporated into the standard;
2) Changes with medium impact would only be incorporated when they provided a correspondingly medium or high benefit to users of the standard;
3) Even where a change was low impact, it had to be justified by the benefits it delivered to users, before being incorporated.
The changes incorporated in this ISO 9001:2008 edition were classified in terms of impact into the following categories:
- No changes or minimum changes on user documents, including records
- No changes or minimum changes to existing processes of the organization
- No additional training required or minimal training required
- No effects on current certifications
The benefits identified for the ISO 9001:2008 edition fall into the following categories:
- Provides clarity
- Increases compatibility with ISO 14001.
- Maintains consistency with ISO 9000 family of standards.
- Improves translatability.

Role of Governments in ISO 14001 Standards

Role of Governments in ISO 14001 Standards
Although ISO 14001 is a set of voluntary standards that individual companies may or may not choose to adopt, governments can clearly have a role in providing information, establishing the necessary framework and infrastructure, and, in some cases, helping companies to develop thebasic capabilities to adopt ISO 14001. There are wo particular areas in which government action would be useful:(a) providing information on he sectors and markets where ISO 14001 certification s a significant issue and assisting sector rganizations to develop appropriate responses, and(b) helping to establish a certification framework, ased on strengthening national standards organizations and encouraging competitive private sector provision of auditing and certificationservices. At present, the World Bank is having discussions with a number of countries about how assistance could be provided with these issues.
Governments should see EMS approaches as part of a broad environmental strategy that includes regulatory systems, appropriate financial incentives, and encouragement of improved industrial performance. Such encouragement can really only be effective where there is cooperation at the government level between the relevant departments, including industry and trade, as well as environment. There is a growing interest in integrating environmental management issues into productivity or competitiveness centers designed to promote SME performance, but little information exists on experience to date.

Wednesday, September 30, 2009

Version Of ISO 9001 Standard

1987 version
ISO 9000:1987 had the same structure as the UK Standard BS 5750, with three ‘models’ for quality management systems, the selection of which was based on the scope of activities of the organization:
ISO 9001:1987 Model for quality assurance in design, development, production, installation, and servicing was for companies and organizations whose activities included the creation of new products.
ISO 9002:1987 Model for quality assurance in production, installation, and servicing had basically the same material as ISO 9001 but without covering the creation of new products.
ISO 9003:1987 Model for quality assurance in final inspection and test covered only the final inspection of finished product, with no concern for how the product was produced.
ISO 9000:1987
1994 version
was also influenced by existing U.S. and other Defense Standards (”MIL SPECS”), and so was well-suited to manufacturing. The emphasis tended to be placed on conformance with procedures rather than the overall process of management—which was likely the actual intent.ISO 9000:19942000 version
emphasized quality assurance via preventive actions, instead of just checking final product, and continued to require evidence of compliance with documented procedures. As with the first edition, the down-side was that companies tended to implement its requirements by creating shelf-loads of procedure manuals, and becoming burdened with an ISO bureaucracy. In some companies, adapting and improving processes could actually be impeded by the quality system.ISO 9001:2000
The ISO 9000 standard is continually being revised by standing technical committees and advisory groups, who receive feedback from those professionals who are implementing the standard.2008 version
ISO 9001:2008 only introduces clarifications to the existing requirements of ISO 9001:2000 and some changes intended to improve consistency with ISO 14001:2004. There are no new requirements. Explanation of changes in ISO 9001:2008. A Practical Guide to ISO 9001:2008 Implementation A quality management system being upgraded just needs to be checked to see if it is following the clarifications introduced in the amended version.
combines the three standards 9001, 9002, and 9003 into one, called 9001. Design and development procedures are required only if a company does in fact engage in the creation of new products. The 2000 version sought to make a radical change in thinking by actually placing the concept of process management front and center (”Process management” was the monitoring and optimizing of a company’s tasks and activities, instead of just inspecting the final product). The 2000 version also demands involvement by upper executives, in order to integrate quality into the business system and avoid delegation of quality functions to junior administrators. Another goal is to improve effectiveness via process performance metrics — numerical measurement of the effectiveness of tasks and activities. Expectations of continual process improvement and tracking customer satisfaction were made explicit.

ISO 9000 — a way of managing for conformance

Quality assurance, according to the Standard, is a way of managing that prevents non-conformance and thus “assures quality”. This is what makes ISO 9000 different from other standards: it is a management standard, not a product standard. It goes beyond product standardisation: it is standardising not what is made but how it is made. To use standards to dictate and control how organisations work was to extend the role of standards to new territory. To take such a step we might have firstly established that any such requirements worked — that they resulted in ways of working which improved performance.
Yet the plausibility of this Standard, and the fact that those who had an interest in maintaining it were (and still are) leading opinion, prevented such enquiries. In simple terms the Standard asks managers to say what they do, do what they say and prove it to a third party.
ISO 9000 (1994) paragraph 1: “The requirements specified are aimed primarily at achieving customer satisfaction by preventing non-conformity at all stages from design through servicing.”
To put it another way, the Standard asserts that preventing non-conformance achieves customer satisfaction. But does it? Of course it matters to customers that a product works. But there is no guarantee that the Standard will ensure even that. Furthermore, customers take a total view of an organisation — how easy it is to do business with — in respect of all things of importance to each and every customer.
ISO 9000 requires managers to “establish and maintain a documented quality system as a means of ensuring that product conforms to specified requirements”. Loosely translated this is “say what you do”. Management is supposed to “define and document its policy for quality . . . including its commitment to quality”.
What management would not declare its commitment to quality? But would they know what it means? Would they argue (as they should) that quality management is a different and better way to do business, or would they believe that ISO 9000 will take care of quality? The Standard encourages managers to think of “quality” and “business as usual” as separate and distinct. It helps managers avoid the revelation that quality means a wholly different view of management. Instead, the organisation “shall appoint a management representative who, irrespective of other responsibilities, shall have defined authority and responsibility” [for ISO 9000]. At a practical level this means only one executive might decide he or she had better learn a thing or two about quality. However, would being responsible for ISO 9000 lead to learning about quality or simply enforcing the ISO 9000 regime in an organisation?
Key to the regime is auditing. The Standard requires organisations to conduct internal quality audits to “verify whether quality activities comply with planned arrangements”. This can be loosely translated as “do you do as you say?” and the purpose of the audit is to see that you do. It was not until the 1994 review that the words were changed to “quality activities and related results”. It was a Standard which was rooted in the philosophy of inspection: fifteen years after its initial promulgation the promoters sought to extend the focus to results. But results or improvements assessed by what means? Inspection. By the time the Standard was adopted world-wide, quality thinking had moved a long way from the philosophy of inspection. It is now understood, at least by a few, that quality is achieved through managing the organisation as a system and using measures which enable managers to improve flow and reduce variation (which we explore in chapters 5 and 7). The defenders argue that there is nothing stopping a company having ISO 9000 and implementing methods for managing flow and reducing variation, but where are such companies? Few of the companies we researched, formally and informally, knew anything about this thinking. The Standard does not talk about it; moreover, the Standard effectively discourages managers from learning about it by representing quality in a different way.
According to ISO 8402 (quality vocabulary), quality is:
“The totality of features and characteristics of a product or service that bear on its ability to satisfy stated or implied needs.”
Everything we have learned about ISO 9000 suggests that the people who created this definition were thinking about the things which need to be controlled, those things which “bear on its ability . . .”. The builders of the Standard assumed that customer needs would be listed in contractual agreements between the supplier and customer. ISO 9000 has a “make” logic — procedures for “how you do what you do” — and a “control” logic — check to see that it is done. It is a relic of the era when contractual agreements were perceived to be an important device for regulating the behaviour of suppliers. In these ways, ISO 9000 encouraged “planning for quality”.
Planning for quality sounds plausible, but it assumes many things: that the plan is the right plan, that it is feasible, that people will “do it”, that performance will improve. It is an approach which, paradoxically, leads to poor decisions. Planners of quality systems, guided by ISO 9000, start with a view of how the world should be as framed by the Standard. Understanding how an organisation is working, rather than how someone thinks it should, is a far better place from which to start change of any kind.

ISO 9000 vs Quality

ISO 9000 was conceived to bring about an improvement in product quality. It
was believed that if organizations were able to demonstrate they were
operating a quality system that met international standards, customers would
gain greater confidence in the quality of products they purchased. It was also
believed that by operating in accordance with documented procedures, errors
would be reduced and consistency of output ensured. If you find the best way
of achieving a result, put in place measures to prevent variation, document it
and train others to apply it, it follows that the results produced should be
consistently good.

The requirements of the standard were perceived to be a list of things to do
to achieve quality. The ISO co-ordinator would often draw up a plan based on
the following logic:
1. We have to identify resource requirements so I will write a procedure on
identifying resource requirements
2. We have to produce quality plans so I will write a procedure on producing
quality plans
3. We have to record contract review so I will write a procedure on recording
contract reviews
4. We have to identify design changes so I will write a procedure on identifying
design changes

The requirements in the standard were often not expressed as results to be
achieved. Requirements for a documented procedure to be established resulted
in just that. Invariably the objectives of the procedure were to define something
rather than to achieve something. This led to documentation without any clear
purpose that related to the achievement of quality. Those producing the
documentation were focusing on meeting the standard not on achieving quality.
Those producing the product were focusing on meeting the customer
requirement but the two were often out of sync. As quality assurance became
synonymous with procedures, so people perceived that they could achieve
quality by following procedures. The dominance of procedures to the exclusion
of performance is a misunderstanding of the implementers. The standard
required a documented system that ensured product met specified requirements – a
clear purpose. Once again the implementers lost sight of the objective. Or was it
that they knew the objective but in order to meet it, the culture would have to
change and if they could get the badge without doing so, why should they?

Issuing a procedure was considered to equate to task completed. Unfortu-
nately, for those on the receiving end, the procedures were filed and forgotten.
When the auditor came around, the individual was found to be totally
unaware of the ‘procedure’ and consequently found noncompliant with it.
However, the auditor would discover that the individual was doing the right
things so the corrective action was inevitably to change the procedure. The
process of issuing procedures was not questioned, the individual concerned
was blamed for not knowing the procedure and the whole episode failed to
make any positive contribution to the achievement of quality. But it left the
impression on the individual that quality was all about following procedures.
It also left the impression that quality was about consistency and providing
you did what you said you would do regardless of it being in the interests of
satisfying customers, it was OK. One is left wondering whether anyone
consulted the dictionary in which quality is defined as a degree of excellence?

Another problem was that those who were to implement requirements were
often excluded from the process. Instead of enquiring as to the best way of
meeting a requirement, those in charge of ISO 9000 implementation assumed
that issuing procedures would in fact cause compliance with requirements. It
requires a study of the way work gets done to appreciate how best to meet a
requirement. Procedures were required to be documented and the range and
detail was intended to be appropriate to the complexity of the work, the
methods used and the skills and training needed. The standard also only
required work instructions where their absence would adversely affect quality.
It is as though the people concerned did not read the requirement properly or
had no curiosity to find out for themselves what ISO had to say about
procedures – they were all too ready to be told what to do without questioning
why they should be doing it.

More often than not, the topics covered by the standard were only a sample
of all the things that need to be done to achieve the organization’s objectives.
The way the standard classified the topics was also often not appropriate to the
way work was performed. As a consequence, procedures failed to be
implemented because they mirrored the standard and not the work. ISO 9000
may have required documented procedures but it did not insist that they be
produced in separate documents, with titles or an identification convention
that was traceable to the requirements.

Critics argue (Seddon, John, 2000)3 that ISO 9000 did not enable organiza-
tions to reduce variation as a result of following the procedures. It is true that
ISO 9000 did not explain the theory of variation – it could have done, but
perhaps it was felt that this was better handled by the wealth of literature
available at the time. However, ISO 9000 did require organizations to identify
where the use of statistical techniques was necessary for establishing,
controlling and verifying process capability but this was often misunderstood.
Clause 4.14 of ISO 9001 required corrective action procedures – procedures to
identify variation and eliminate the cause so this should have resulted in a
reduction in variation. The procedures did not always focus on results – they
tended to focus on transactions – sending information or product from A to B.
The concept of corrective action was often misunderstood. It was believed to be
about fixing the problem and preventive action was believed to be about
preventing recurrence. Had users read ISO 8402 they should have been
enlightened. Had they read Deming they would have been enlightened but in
many cases the language of ISO 9000 was a deterrent to learning. Had the
auditors understood variation, they too could have assisted in clarifying these
issues but they too seemed ignorant – willing to regard clause 4.20 as not
applicable in many cases.

Clause 4.6 of the undervalued and forgotten standard ISO 9000 –1 starts with
‘The International Standards in the ISO 9000 family are founded upon the
understanding that all work is accomplished by a process.’ In clause 4.7 it starts
with ‘Every organization exists to accomplish value-adding work. The work is
accomplished through a network of processes’ In clause 4.8 it starts with ‘It is
conventional to speak of quality systems as consisting of a number of elements.
The quality system is carried out by means of processes which exist both within
and across functions’ Alas, few people read ISO 9000–1 and as a result the
baggage that had amassed was difficult to shed especially because there were
few if any certification bodies suggesting that the guidance contained in ISO
9000 –1 should be applied. Unfortunately, this message from ISO 9000 –1 was not
conveyed through the requirements of ISO 9001. ISO 9001 was not intended as
a design tool. It was produced for contractual and assessment purposes but was
used as a design tool instead of ISO 9000 –1 and ISO 9004 –1.

Pages

Thursday, October 1, 2009

Wednesday, September 30, 2009