Review of possible impact of ISO 9001:2015

The CD version is released and in a routine pace, this will pass through the usual process of DIS, FDIS before release. The standard as such is not  only having some minor corrections , but has new concepts.

Risk, Process approach, Context & Development process are some major aspects in the standard. This will bring in major change in the understanding, documenting and implementing the standard. All such changes will bring in the quality management approach risk prevention, sustainability. The standard is in line with ISO 9004 guidelines published some time back.

From the business perspective let us analyze the changes:

This is now a management standard : With more focus on risk, prevention, strategy and accountability of top management, the standard clarifies the tasks for top management. In the earlier versions, the linkage between vision- strategy, policy, objective was not mentioned , though expected. Here it is direct linkage and there by onus will be more on management. This means management can not handover to MR and remain aloof.

Focus on sustainability: The context of organization identifies business related external & internal aspects , risks. The impact and counter actions are part of review. Hence this document will be guiding document and this will help organization to improve.

Focus on Prevention rather than QA/QC: The current  standard was clear on product monitoring and  has clear requirements related to process monitoring, product monitoring. The new standard uses risk approach, strategy, Knowledge management, process approach &  context of organization. This will bring in more focus on how to se all these to prevent product failures . The standard has no change as far as current requirements of product monitoring.

Better quality documentation: The process approach , the risk, knowledge management will ensure that the documentation will be pertaining to the organization’s size and purpose.

There are few areas which are different and made more generic in order to accommodate service sector. These can have some impact especially , clause on calibration , Management representative role are  more simplified.

Let us see the  not so positive impact :

a.       This standard will further add some documentation. Though useful , but may lead  a debate that earlier standard was more flexible, while this calls for more, structured documentation.

b.      The small organizations will find it difficult to prepare for unless some guidelines are released. At the same time, big organizations will find it very useful, only confidentiality can be an issue.

c.       The management clauses , context, and strategy  have some elements where there can be debate as to what extent organization would want to document the details. Adequacy, findings  may not be acceptable to the management.

d.      The same clauses when evaluated differently , may lead to consultancy.

e.      The time required for the audit is likely to go up – as documentation review, top management, planning function need to be audited to the requirements.

Positive  Impacts:

a.       Increased involvement of top management.

b.      More of management audit, hence success rate , sustainability of the organization will be better.

c.       Flexibility in the areas of monitoring, calibration.

d.      Better understanding of preventive actions, risk, strategy, improvements

 

Review of ISO 9001:2015 draft version

Impact of new standard ISO 9001:2015

We know that the most popular certification standard is ISO 9001. The applicability, adaptability and benefits to the organization are known to the industry. The standard is undergoing change and the first draft is out. It is too early to say what will be the final standard, but now the structure is defined, major changes in the requirements are known.

The changes as described in the standard are:

1. more generic and more easily applicable by service industries.

Product replaced by goods and service.

Clauses redefined related to monitoring devices, and development.



2. Context of the organization

Identify issues, requirements , & needs, expectations of the stakeholders.



3. Process Approach

Determine- the processes & their interaction, , and define for each process- inputs, stages, outputs, responsibilities, measurement, objectives, risks, resources. Determine, how these will be analyzed, changed, improved.



4. Risk and Preventive action

Identify risks, analyze and consider opportunity for improvement



5. Documented information

Document, record requirements are combined to as documented information.



6. Control of external provisions of goods and service

Combining of procurement function with outsourced processes. The new point is risk base approach.



Hence the common theme in this standard are:

a. Introduction of Risk based approach

b. Incorporating the Process approach

c. Simplification on document, record control

d. Improvements and innovations



Let us analyze the impact:

a. Understanding of the requirement by management:

This is no more just a standard oriented towards customer. This is a management standard aimed at sustainable improvement in performance.

This will increase adaptability , and will not be left for MR and team lower down to manage the standard to meet auditor requirements.



The emphasis on risk, strategy documents, reviews will ensure management will have to focus on standard.



b. Documentation:

This will also have a major change, based on process approach adaption. The processes/ SOP/ work instruction/ flow chart will have to address all the process approach requirements specified. This will make the system robust, and will support approach towards improvements.



c. Development process :

The new considerations, risk based approach, development process documentation will strengthen the process. The development process, development controls ( clause requirements in current standards) , an development transfer are essesntial stages in any new design.



d. New terminologies :

Knowledge management, strategy, Innovation, Accountability, risk based approach are the new concepts which are introduced.



Impact on organization ongoing for ISO 9001 revised std.:

1. Difficult for small companies.

The management concepts like strategy, knowledge management, risks etc. are not easily adopted for small companies. The extent of documentation, the relevance to the sector are the aspects to be reviewed.



2. Will be effectively used as tool for management.

The system was mainly driven by MR. The new standard has many elements related to top management involvement. This will ensure active participation by management.

3. No major changes at operating level.

There is no change in the contents of the clauses. The standard is aimed at management improvement.



4. Documentation will be elaborate, detailed and useful.

The documents will result in actionable plan for improvements. The risk, knowledge management, strategy and interrelation of objectives, tracking are the examples.



Impact on auditing:

a. Expect the management audit will be 10% more than earlier audits.

b. The auditor will have to understand process approach and audit processes.

Relation of strategy- objective- process measure must be understood.

The process improvements, innovations must be part of the audit as appropriate.

c. Management audit will require more competence in terms of management requirements, awareness of TQM tools.

d. Stage 1 audit will be in much more depth.



e. The auditor will have to do tight rope walking considering the findings on the management audit. The comments must not appear as consultancy and the inadequacies findings can be difficult.



To conclude,

The standard has a lot of new points for the organizations, as well as auditors. The concepts are aimed towards management related improvements.

 

How to Integrate QMS & TQM

I remember when we were implementing ISO 9001, we had consultants for implementation of ISO 9001, and as well management has another consultant for TQM. Both these consultants never see each other. Both had same agenda to improve the performance, but were working parallel and at times countering each other. During those days, there were separate teams working under both and resulted in creating parallel systems.

Generally now days this trend continues in large scale companies. For medium and small sectors if there is a consultant he either looks in QMS or TQM.

When there is integration of various management system is possible, why not have an integration of TQM and QMS.

The basic differences are as follows and normally the arguments are as below:

TOM	QMS
A focused way of improving	First documenting all the processes and then demonstrating the effectiveness
More of data review, less document oriented.	Data review , effectiveness is in the later phase of implementation of system
Results are immediately evident on completion / progress of projects	Results are related to objective setting, CAPA,IQA analysis,  Rejections, process monitoring,  relatively later part of implementation
Identify and improve continually	Write what you do & Do what you write

 

Generally QMS becomes stagnant once the certification is complete, and reviewed only once in year before audit. At the same time TQM brings in fresh air with defined approach, focused review, expert guidance and time bound actions with results.

However, in spite of this, both the system has more commonalities:

1.       The objective of the organization – to improve the performance

2.       Principles are same- Team work, PDCA, customer satisfaction, leadership

3.       Move towards sustained success.

4.       Calls for close review of processes.

The management system is now a need of modern business, and improvement is way of life. Hence it is better to integrate both and get maximum benefits.

How to achieve the integration:

1.       Discuss with top management and formalize the plan.

2.       Ensure that the team talks to each other.

3.       QMS helps in documenting the processes / current practices. Hence this is the first step.

4.       During implementation of QMS, the TQM activity can be initiated.

5.       The integration can be initiated with management first.

6.       The objective setting, process review, CAPA, complaints, customer feedback is the areas to be considered first for integration.

7.       The specific TQM activity such as 5S, Kaizen, Process review, six sigma can then be attached to the documented system.

8.       Reviews can be together for assessing the implementation.

9.       The changes in processes, infrastructure, and product must then be documented as part of change of system in QMS.

10.   It is important to be flexible because there can be too many small changes.

 

Simple example can be:

If the material is stored in identified bins, with particular system for retrieval. If the same is changed by taking project on 5S, inventory management to improve the storage condition, fast retrieval; the changes must be documented in work instruction, inventory records related software system, and changes in infrastructure are recoded as handling instruction & process of training must be available.

The result of such changes must be part of objectives, process monitoring of stores.

 

The soft side of integration:

The management generally tends to give more attention to the TQM projects since the results are visible. However if these results are to be sustained and tracked, the basis is provided by QMS or related management system.

To summarize:

The TQM, QMS are not isolated ways though apparently it is felt that way. It is the management involvement, team work and clarity in concept which can bring together the best of both.

FUTURE OF QUALITY SYSTEM

self Assessment of an Effective Audit

 

why are some audits, and auditors remebered

When we meet customer after the audit , we often get remarks like:

·         Audit by XYZ was very good.

·         Audit quality is now gone down.

These are some of the indicators organization need to look into. What exactly can make an audit as ideal is a debatable point, and can vary with customer expectations.

A value added audit, timeliness, fair evaluation, friendly atmosphere are common criteria. While NC and failures are not easily accepted and the trend also shows that auditors avoid NC, this generally is short term reaction.

Value added audit:

·         Pointing out weaknesses pertinent, important for success.

·         Identifying strengths which can help management to consolidate.

·         sharing valuable information like industry benchmarks, general practices ,

·         Sharing knowledge/ experiences across industry.

In contrast if the audit findings are:

·         Minimal

·         Overstressing on documents rather than practices

·         Not pertinent to core processes

·         In contrast with performance of the organization

 

The audit is not remembered. Though the auditee gives due respect to auditor, the memory of the audit is short lived.

 

Timeliness:

Common misconception is extended audit is in depth audit. Hence some auditors by habit extend beyond working hours, delay the schedule. This actually happens because if the auditor is not prepared or not aware of the working and has considered in adequate time.

Hence the auditor must obey his own time table. In some companies even the auditor is not entertained if he is reached before or after the schedule.

The timeliness also means that auditor is prepared, aware of process, and has clear idea of requirements to be covered.

 

Fair Evaluation:

The process of evaluation is always subjective. The auditor who specifies these criteria before, and repeats when the key point is observed, the evaluation is simple.

Negative evaluation is easy to identify, but difficult to communicate, and is always debatable.

Hence the method of explanation is important.

The correctness, completeness of report is what is a consistent to audit.

Friendliness:

This is point which is always a last priority. The stiff face auditors, those who use word system frequently and threaten auditee with system failure, are not liked.

In fact sometimes friendly auditors tend to be harsher, but apparently are liked more.

It is better to smile, crack a joke and give findings.

 

To sum up, if auditee gets the experience of all these, points, & considers the audit is a really worth spending, and believes that auditor is professional.   This is a role play Which needs to be played to perfection.

 

Overview of ISO 29990

The standard is aimed for Educational Institutions. The standard has number of peculiarities as listed below:

1.       Instead of use of word customer- it is divided as Sponsor, Learner.

2.       Tutor is Facilitator, or Associate based on the role.

3.       The PDCA approach is drafted suiting to the processes- Needs analysis/ Design/ execution/ Evaluation and monitoring.

4.       Design aspect is made clear with terms related to design- curriculum, evaluation, and schedule.

5.        Scope of organization is clarified on facilities, guideline notes, additional notes

6.       Evaluation process, concept is clarified further.

7.       Preventive actions are prior to Corrective actions again a peculiar requirement.

8.       The requirement of documentation, Procedures, records are explicitly specified.

9.       Monitoring from competent person, nature of feedback expected ( from sponsor, learner) are different.

10.   The standard gives the purpose or expectations of certain clause requirements like document control.

11.   The requirement of quality manual is not specified, giving flexibility to the organization.

12.   The management requirements are business oriented and more in line with current business practices- Finance, risk management, business planning, strategy etc.

 

Benefits envisaged are:

1.       Very focussed findings can emerge which are relevant to educational organization.

2.       The standard has elaborate requirements on learning needs, design of training. This will bring in some basic findings related to education.

3.       The clarity in what type of feedback expected from each interested party is different.

Implementation:

1.       The organization must have PDCA approach. This means

P – Need analysis, Competence, Infrastructure, and Environment

D- Design, Delivery of training

C-Monitoring, evaluation, feedback, Audits

A-PACA, Reviews, Business planning

2.       The documented system must address these requirements.

3.       The manual/ overall process chart/ matrix must address all the clauses.

4.       The mandatory procedures are documented in each clause accordingly- namely

3.3, 3.5.1c, 3.5.3.c, 4.1, 4.3, 4.4, 4.6.e, 4.7, 4.9.

The documents required for each clause requirement- 3.2.2, 3.2.3, 4.1, 4.2, 4.5, 4.6, Annexures.

5.       Hence for example documented need analysis, curriculum & exam pattern design shall be documented for each training.

Like this all such areas need to be established in the system.

6.       The expectation on type of feedback from sponsor and that from learner is different. The monitoring from competent authority is again different. This can be ideally compared to a 360deg feedback method used by world class organizations.

 

Internal audit, PACA, Reviews:

During implementation the system needs to be assessed. Considering the nature of sector, the amendment is evident asking to audit each area at least once in 3 years.

The auditor suitably qualified for any standard, and having knowledge of this standard can be used.

The PA is considered prior, probably because this is not a conventional manufacturing and rejections, defect are not clearly defined. For example a delayed completion / stretched topic, getting different need later during training can be more of PA than call for CA.

The purpose, output of review is clearly defined giving little elaborate agenda.

Completely new focus or a business focus is an interesting feature. A clear explanation about contents of business plan. This   gives a great benefit and a well-directed move towards sustained success.

For Auditors:

The entire audit is on core areas; hence any finding will be definitely adding value. The deviations will clearly show the risks / threats and will direct organization to think about future, and add to its image.

Indicators of Dormant System & Action Plan to Revive

The system once established and also gets endorsed by certification, the organization is relaxed. Slowly inertia in the system creeps in and organization goes back.

 Let us see the indicators:

1.      Management Review is cooked.

2.      Internal Reviews are  just formality and very few NC/ no NC.

3.      System manual/ Procedures do not get revised for years.

4.       There are no CAPA.

5.      Customer satisfaction is also a formality the data is collected a few days before audit .

6.      Vendor assessment shows all vendors are passing.

7.      All objectives are achieved.

8.      The work instructions are not on the pertinent points.

9.      HIRA/ Aspect impact is never revised.

10.  No incidents recorded.

11.  Only the completed improvements projects are recorded.

12.  Only the completed design projects are tabulated in design system clause wise.

 

The reasons are:

1.      It is believed that certification is aim.

2.      The implementation is only to achieve & maintain certification.

3.      The certification is only maintaining of certain papers.

4.      It is responsibility of MR since he has got the credit.

5.      Rest all have to work and MR has no other work.

6.      System is burden and s just set of rules.

 

The revival plan should be:

1.      Revisit the system  documentation with fresh look.

2.      Identify the gaps in current practice and documents.

3.      Involve team.

4.      Show the improvements possible thru PDCA, process approach.

5.      Link business goal with objectives.

6.      Reorganize, Energize  team for audits, trainings, Improvement projects

7.      Link improvements to system.