Archive for October, 2009
What Is The QMS Scope For ISO 9001?
The scope of the QMS should be based on the nature of the organization’s products and their realization processes, the result of risk assessment, commercial considerations, and contractual, statutory and regulatory requirements.
While ISO 9001 is generic and is applicable to all organizations (regardless of their type, size or product category), under certain circumstances, an organization may exclude complying with some specific ISO 9001 requirements (from clause 7), while being permitted to claim conformity to the standard. This is because it has been recognized that not all the requirements in this clause of the standard are relevant to all organizations.
To enable identification of what has been registered/certified, the scope of registration/certification should clearly define:
*the scope of the quality management system (including details of the product lines and related sites, departments, divisions etc. that are covered by it)
*the organization’s main processes for its product realisation or service delivery activities (such as design, manufacture and delivery), for the product lines that are covered
*any ISO 9001 requirement that has been excluded
ISO 9001: Verification of Effectiveness?
What exactly is verification of effectiveness? Many organizations struggle with this quality management requirement. When you are verifying the effectiveness of a corrective action you are seeking evidence that the causes of the problem have been removed or reduced. In a perfect world, each problem cause would be removed. This however is not always possible. Sometimes the best you can hope for is a reduction of the causes. The cause is still there, but it manifests itself less frequently or less severely. So the best option is to remove the cause, but the next best option is to at least reduce the cause.
The key to verification of effectiveness is evidence. You are seeking objective, factual evidence that your problem causes have been reduced or removed. This evidence usually takes the form of data or records. Another powerful form of evidence is your own first-hand observations. That’s not to say that you can’t accept verbal evidence, but records, data, and first-hand observations are certainly better and more easily audited. To improve your current corrective action process make sure that each time you act to correct a non-conformance, you go back and verify that what you did actually accomplished what you set out to do, “ remove or reduce the problem”. Some software applications available today can greatly aid an organization that is struggling with this requirement by prompting the responsible individual to review the corrective action taken so that a decision can be made as to the effectiveness of that action. Let’s face it, today small business owners are concerned about where each dollar is being spent and what the pay back will be. Software is one of the best ways to add value when organizations are continuing to down size.
Product Quality Risk And The Supply Chain
Product Quality Risk in a supply chain focuses on the quality problems in the supply chain context, rather in the manufacturing quality context.
Inherent quality problems such as. raw materials, ingredients, production, logistics, and packaging, in any of the supply chain members trigger a domino effect that spread through a multi-tier supply network. For this reason, it is hard for a network member to keep track of who did what, and when, to the final quality of the products. The product that a company sells to the consumer comprises components made by the company and its suppliers. When the product breaks down due to defects in either the company’s component or the supplier’s component, the company will have to bear the consequences.
Thus, Product Quality Risk is part of the supply chain risks. In other words, Product Quality Risk tend to comprise some or all the risk elements, such as operational risk, disruption risk, reputational risk.
For many small business owners this process can be painful and hard to implement. There are many quality management consulting firms available to help ease the pain by providing sound programs that will accomplish your risk management objectives.
Auditing Your Suppliers And Assessing Risk
Supplier audits need to focus on the suppliers and quality management systems that are truly critical to the supply chain, and better utilize available expertise to ensure that performance requirements will be met. Why do we perform supplier audits/? Once we understood that the purpose is to ensure overall success of the supply chain, then an expansion of related audit issues is also required. Supplier quality system audits have contributed to spreading the word about the importance of quality, and the need for a management system that helps keep quality on every business’ agenda. It’s now time to expand the boundaries of our thinking to include other issues, such as risk, that allow a business to grow and prosper or fail.
Companies that do not utilize a strategy for managing supply chain risk may be exposed to potentially negative influences, including impact on procurement, manufacturing and time to market processes in supply chain.
It’s for these reasons that supply chain risk management is now an essential part of a company’s supply chain strategy. It is the only way companies can ensure risks are identified in the entire value chain and mitigated to deliver financial goals.
Are Your Suppliers Meeting The Requirements Of ISO 9001:2008?
There are various ways in which your supplier can claim that its quality management system meets the requirements of ISO 9001:2008. These include:
- Supplier’s declaration of conformity: Your supplier makes a declaration affirming that its QMS meets ISO 9001:2008 requirements, usually supported by legally-binding signatures. This declaration can be based on your supplier’s internal audit system, or on second party or third party audits;
- Second party assessment: your supplier is audited directly by its customer (e.g., by you, or by another customer, whose reputation you respect) to check if its QMS meets ISO 9001:2008 requirements and your own requirements – sometimes used in contractual “business-to-business” transactions;
- Third party certification: your supplier uses an accredited Certification Body (Registrar) to audit and verify it’s conformity to ISO 9001:2008 requirements. This third party then issues a certificate to your supplier describing the scope of its QMS, and confirming that it conforms to ISO 9001:2008.
AS9100 CLAUSE 6.3 INFRASTRUCTURE
Essence of the clause:
Your company must determine and your business management system must provide for and maintain the infrastructure needed to produce a quality product or service.
Who’s most involved: Management (of almost every department)
Buildings, workspace, equipment, hardware, software, and supporting services must be provided to the extent necessary to produce a quality product or service. These facilities must also be maintained, usually through a preventive maintenance program. (See Clause 7.5.1)
AS 9100: How Often Will We Be Audited?
Each type of audit will have its own schedule. Often companies will have more frequent internal audits than third-party audits, especially during the early stages of your as9100 certification and implementation. These early audits help employees become more comfortable with the audit process, eliminate any problems in the quality management system, and thus help ensure the company will “pass” the registration audit.
WHAT IF WE DON’T PASS THE ISO 9001 REGISTRATION AUDIT?
There are basically three things that can happen in a registration audit:
- Your company may “pass ”the iso audit, (in official language, your company will be “recommended for registration”), in which case the company will receive its official registration in about a month.
- Your company may be told that a follow-up visit must be scheduled and that if corrective action on all nonconformities found during the audit is successfully completed by that visit, registration will be issued.
- Your registrar may find that your company has quite a bit of work to do before it will be ready for registration, and another registration audit will have to be scheduled.
In all cases, the registration auditor will report all findings to your management before he or she leaves, so that your company knows where it stands.
ISO 9001 Calibration Considerations
Quality management system standards uniformly have requirements for controlling the devices used to measure, verify, test, and accept product and monitor the processes used to achieve specified results. Everyone seems to miss something. It’s almost inevitable. Perhaps it’s because this process is generally referred to as “calibration” and the mental image it conjures up is associated primarily with things like micrometers, depth gages, and comparators. The process is often much more elaborate, addressing appropriate consideration for gages, thermostats, software, jigs, timers, known-good-samples – a multiple of devices for measuring product or process. Controlling monitoring and measuring devices must, therefore, include multiple factors.
When used in the monitoring and measurement of specified requirements, the ability of computer software to satisfy the intended application shall be confirmed. This shall be undertaken prior to initial use and reconfirmed as necessary. If results from monitoring and measuring devices are fed into a computer and the program mathematically processes the results to provide an end result (for example using Microsoft Excel), the program should be “validated”. Typically, validation is done by comparing the results of the program with the results calculated manually. If the results do not match then it implies a fault in the software program (assuming the manual calculation is correct). Software validation should be carried out before the system is put into use. If the calculation algorithm of the program is modified then the validation exercise should be repeated.
ISO 9001 The Process Approach
How often have you heard that ISO 9001 promotes the process approach to managing an organization, and requires the QMS to consider the organization as a series of interlinked processes? What does this really mean in laymen’s terms?
Processes can be characterized as consisting of one or more linked activities that require resources and must be managed to achieve predetermined output. The output of one process may directly form the input to the next process and the final product is often the result of a network or system of processes. Every organization is made up of a series of interacting processes.
The process approach considers the interaction between these processes, and the inputs and outputs that tie these processes together. The output of one process becomes the input of another.
The ISO 9001 Standard is designed to manage and improve those processes.
1. First, you identify your key processes.
2. Second, you define quality standards for those processes.
3. Third, you decide how process quality will be measured.
4. Fourth, you document your approach to achieving the desired quality, as determined by your measurements.
5. Fifth, you evaluate your quality and continuously improve.
Once these are identified, an organization can ensure its processes are effective (they produce the desired output), and efficient (they promote continual improvement and lower cost by effective use of resources). The organizations ability to master the techniques of business process improvement, can help the organization gain a distinct advantage over the competition.