Posts Tagged ‘Business Process Management’
ISO 9001/AS9100 Who Owns Your System?
ISO 9001:2008 requires top management to actively participate in their organization’s quality management system by developing and implementing quality objectives and periodically evaluating the health of the system. This concept may seam foreign to some top managers, as some organizations still subscribe to the notion that the management of their quality system belong to the quality manager. As a lead quality management systems auditor I have seen this time and time again, often with bad news for those at the top. Without the ongoing participation and commitment from top management, it is virtually impossible to maintain a quality system that consistently meets the ISO 9001 standard or any other standard for that matter.
Top management must be involved at all stages of the quality system, from planning to implementation and ongoing maintenance. Some key areas where management should be involved are as follows:
- Setting Quality policies, planning, and objectives
- Appointing a Management representative and giving them the authority to fulfill their job responsibilities.
- Conducting Management Reviews that involve all of the required inputs and outputs of the QMS and making decisions that will promote continuous improvement.
- Enlisting and Utilizing customer feedback to meet customer satisfaction requirements
- Being visibly involved so that employees know that this is a business management system that is being driven from the top down.
What is most important is that “everyone” is involved with your quality management system, and realizing that no one person in the organization owns it, “everyone” owns it. Everyone must do their part, or as sure as I’m sitting here, the quality system will never deliver the results that is expected. When I hear someone say that ISO 9001 is just another expense, (No Benefit), to be endured for the sake of the customer, I know that these companies do not understand the overall commitment, (Involvement), required to receive any benefit. What type of company do you work for?
ISO 9001 Customer Satisfaction How Do I Measure This?
ISO 9001:2008 requires that customer satisfaction is monitored but does not specify methods. You must decide how to satisfy this requirement in a way that makes since to your organization. What can you measure that will improve your customer satisfaction ratings and add value to your organization at the same time. Some measures you may consider are as follows:
1. Do you deliver on time?
2. Do you deliver in full?
3. What feedback do you get from sales or service engineers?
4. Are the key accounts growing?
5. Customer audits or report cards? If favourable, use them as evidence of customer satisfaction.
6. Direct feedback from the customer both positive and negative, track them. If enough customers are saying the same things about your company, you may want to put some measurement in place to resolve these issues. If they are saying something wonderful about you, make this a priority to provide this service to all your customers.
Remember, you are in business to grow and the best way to do this is to satisfy your customers. Focus on measurements that will result in setting you apart from your competition. Don’t give lip service to customer satisfaction because you will suffer a finding during your surveillance audit because you cannot produce evidence that you even know what your customers think of your performance. If you have a hard time determining what you should be measuring and analyzing, ask your customers what is important to them.
ISO 9001 Internal Auditing What, When, How?
Most companies understand the idea of auditing but not the concept of “Process Auditing” as expected to be compliant within both ISO 9001 and their own quality management system. Even companies that are currently registered to the standard may not have a thorough means for evaluating its processes through their internal audit program. Which processes are expected to be audited under ISO 9001?
The ISO 9001:2008 standard is quite vague as to what should to be audited or even how often these processes should be reviewed. The standard indicates that audits be carried out at planned intervals to determine whether the quality management system conforms to the planned arrangements, to the requirements of the standard and the organizations own quality management system requirements. So what is an appropriate interval for your company? Ask yourself,” What is the worst that can happen and where could it happen”? Where are we having the most problems now? Look at your interrelationship of processes and pinpoint the likely areas that have the most chance of resulting in non-conformance. Conduct a risk assessment to determine where the highest risks are, and which risks may produce the most significant impact on your product performance (Status and importance of the processes). Now audit these processes, interview staff, observe activities and view relevant records then determine if there are weaknesses and assign corrective actions. Go back to these areas after the corrective actions are put in place and determine if the actions have accomplished the desired effect. If the actions are effective, close out the audit and move on to the next process.
Don’t audit a process for the sake of having an audit record to show an auditor. If a process is functioning properly it does not need to be audited once a year. Nowhere in the ISO 9001 standard does it say you have to audit all of your processes once a year. You are in the driver seat, and you will determine what, when, and how you will audit your system.
ISO 9001 Internal Auditing Success
The third party auditor will audit your system once or twice a year, so why do you have to conduct internal audits? The first and most obvious reason is, if you wait for the third party auditor to tell you your system is in trouble, you are missing the point of continuous improvement all together. The second reason is that the third party registrar does not consider the surveillance audit as an internal audit. The standard requires that “you” perform planned internal audits of your system based on status and importance of the processes and areas to be audited. If you do not know whether or not your quality management system conforms to your planned arrangements, or the standard, then how can you determine if you are improving? The ISO 9001 standard is based on the Plan, Do, Check, Act principle of continuous improvement. Internal Auditing is the “Check”, and without it you may never know when to act.
The internal audit process need not be a time consuming; there are many ways an internal audit can be accomplished. Every day we conduct countless audits without even knowing it. A manager who walks the plant floor may notice a process which is not working as intended, a worker may notice that the forms he, or she is using are outdated , receiving may find that the same supplier never send the correct paperwork with the products they provide; these are audits that never get documented. These audits are not planned, but they are audits none the less. The planned audits do not have to include all of the processes in your facility once a year, remember “Status and importance”. Go after the low hanging fruit first, (areas where you are having issues), then review the other areas as needed. Whatever you do, DO SOMETHING, or your entire quality system will fail to accomplish the goals and objectives you have set for your organization. My philosophy is simple, if you are going to invest the time and money to become certified, get the full value of certification or you will be wasting your resources for nothing.
ISO 9001 Lesson Learned
ISO 9001:2008 is the foundation of many of the quality management standards now available to organizations worldwide to help organize and maintain product and service integrity. The standard in and of itself, does not tell you “HOW “ to do anything but rather it tells you what quality programs and processes you need to establish to meet the requirements of the standard. For example: The standard has numerous passages which state the organization “SHALL” develop and implement something to comply with the standard. The organization “SHALL”:
- determine the processes needed for the quality management system and their application throughout the organization.
- determine the sequence and interaction of these processes.
- determine criteria and methods needed to ensure that both the operation and control of these processes are effective.
The quality management system documentation “SHALL” include:
- documented statements of a quality policy and quality objectives
- a quality manual
- documented procedures and records required by this International Standard
- documents, including records, determined by the organization to be necessary to ensure the effective planning, operation and control of its processes.
As you can see, nowhere in these requirements does the standard tell you exactly how to carry this out. Where many companies fall short when trying to interpret the actual intent of these requirements, is the planning process. How much documentation is enough and how will we satisfy these requirements so that what we say we do is actually what we do. A lot of the confusion comes from not understanding the standard, and then ultimately doing too much or too little. Most of the non-conformances that the third party auditor will eventually find, (90%), are written against the self imposed requirements of an organization, not against the standard itself. For example: Some companies buy document templates and insert their name here and there, but never modify the documents to meet their individual process needs. Every company is different, so you cannot buy a caned quality system without modifying it to your particular needs.
Get educated to the standard and or hire a business management consultant that can guide you through the process. ISO 9001 as well as most of the other standards out there does not have to complicated or overly time consuming. Get the most out of your system, and avoid the pit falls generated by lack of understanding.
ISO 9001 Helping Select and Manage Your Suppliers?
When you purchase products or services from a supplier, you have two primary considerations:
1. Will the supplier you eventually select provide the best overall value or service which is consistent with your requirements?
2. Does the supplier have the ability to consistently provide the quality desired?
For consideration one – as the customer, you must specify criteria and quality objectives for the product. Through the use of your own quality management systems, you then confirm that delivered product meets your specifications.
For the second consideration – you may want the supplier to have a quality management system of their own to insure consistent controls are in place. How much control? To answer this, you need to consider the following questions:
· What (goods or services) will you be purchasing?
· What significant impact could these products have on the products you make and sell to your customers?
· What are the risks to your business if you experience a major upset as a result of a product non-conformance caused by these products?
· What do you know about the character and past performance of your supplier?
ISO 9001:2008 provides requirements for the purchasing process that your organization can implement, to develop and improve relationships with suppliers. These requirements include:
· Establishment of criteria and quality objectives for products or services you expect to purchase
· And quality management system controls that you require your suppliers to develop to meet your organizational requirements.
Supplier surveillance audits are very advantages when working with a supplier who’s product could have an major impact on your continued success. By periodically auditing these suppliers to your requirements, you will be ensuring that their quality management system continues to meet the needs of your organization. Even with the best of relationships, changes can occur that may cause unforeseen catastrophic results. Keeping your supplier close and monitoring their quality system will strengthen the relationship and reduce the chances of a major upset.
ISO 9001 Horror Stories
Some of the horror stories about ISO 9001 implementations include companies who have binders of procedures, work instruction, and forms (generally with a layer of dust on top) and have been trying to implement ISO 9001 anywhere from one to five years unsuccessfully. Some have spent fifty-thousand dollars and others more than two hundred-thousand dollars on internal resources and/or consultants. Some have had a prior quality manager that wrote a management system for them and then left the company and no other employee knew how to continue the quality management system requirements. Some have gone through three quality managers each of them defining, adding to the last management system, or changing requirements that result in confusion.
In many instances, we find that companies who have invested considerable time and money in the process of certification that they have a hard time letting go of it even when it has proven not to be effective or useful for them. A company must decide if they want to chase bad money with good money when faced with this problem. If you are one of these companies, consider letting the existing management system go and documenting a new and effective management system from scratch.
How many of you have an ISO 9001 implementation horror story to tell. The fact is there are far too many of you. This is your opportunity to share your story with other organizations that are just starting out. Sharing your story may help someone else avoid the pit falls of your experience and reap the rewards of your eventual success. Lets not act like capital hill, now is the prefect time to show solidarity and help our economy move forward. With each success there is a certain amount of blood sweat and tears that goes along with it. If it is possible for us to help just one organization become stronger by our lessions learned, this is the time and form to share.
ISO 9001:Why Do You Need Procedures and Process Control?
Why do you develop and implement policies and procedures in the first place? By adopting policies and procedures, organizations are generally trying to tackle one or more of the following organizational requirements:
- Decrease training time;
- Increase consistency;
- Fulfill compliance requirements for ISO 9001 or some other standard;
- Risks management assessment;
- Improve Communications, internally and externally;
- Preserve and convey knowledge;
- Document continual improvement and manage change;
- Decrease non-conformance rate;
- Streamline access to information; and/or
- Make duplication and growth easier.
If your organization is struggling with how to get started with documenting and organizing your quality management system, you’re not alone. As a Quality management consultant and lead quality management systems auditor, I see so many companies who just don’t get it. If you do a poor job documenting your quality management system you’re in for a lot of pain and heart ache. A competent auditor can tell in five minutes if an organization understands their own system.
So why not start with a firm understanding of how to develop and maintain your system, sounds like common sense, right? If you need help there are many consultants and training programs that can help get you started. Choose wisely and you will find that not only will you be prepared for certification, but also you just might make the improvements that do save money, time, and pain.
The Templated Quality System: Mistakes Made
Time and time again I walk into an organization to audit their quality management system and I find that the overall processes and controls are well understood and executed, but the documentation just doesn’t match actual practices. Templates are great tools to help an organization meet the documentation requirements of ISO 9001, AS9100, or any standard. The problem is, most companies buy the templates and insert the name but never modify the templates to their particular processes. The results from such miss use of this tool are non-conformances found during a surveillance or registration audit.
Templates can help save time and help an organization cover all of the requirements of the standard, but they can hurt and organization if they are not used properly. Plan your processes and understand the standard that you have chosen to become certified to. Knowing what is required and what is not can help you to modify the templates to reflect your organizations actual practices. Most non-conformances, about 90% to be exact, are written against what the organization has required of itself or documentation that does not match the processes, not the standard. So if you are thinking of buying a template system, know what you are getting into and spend the time to modify them to match your processes.
The Internal Audit and Follow-up for Effectiveness
O.K. now that you have defined your internal auditing process, and have a few audits under your belt, what have you learned that will actually help you improve your organization? Corrective and preventive actions have been assigned, responses have been logged, and actions have taken placed. Did the actions taken, improve the process? This is probably the biggest stumbling block I have seen as a third party auditor, follow-up for effectiveness. Did anyone review the effectiveness of the corrective or preventive action; did it accomplish what you intended? If you do not go back and review the results of the actions taken, you have missed the boat on continual improvement. To merely find areas for improvement without making sure that they have been addressed and actual improvements have been made, is never going to move your company closer to sustained success.
Your business management system can be the best possible way to propel your organization to a new level of profitability and success, use it effectively! Make your quality management processes work for you and you will realize actual benefits that will lower costs, improve cycle times, reduce scrap, and improve customer satisfaction. You can skate by with your paper certificate, but wouldn’t you rather get something for your money?