Did you know that this year is the 70th anniversary of ISO standards? Over the years, standards have helped us become more productive, safer, and more efficient. Take a look below at some of the milestones in the growth of ISO.
ISO 9001 is the world’s most used management system standard, existing for almost 30 years, it tends to fall into the gap where many people have heard about it, but not many fully understand what the standard involves. As a result, there are common myths about ISO 9001 that simpleQuE can help to clarify.
Is it complicated and difficult to implement?
In most cases, no. SimpleQuE was one of the first consulting companies in the world to become ISO 9001:2015 certified, so we know what it takes to transition to the new standard. It is possible to simplify ISO implementation, transition, training and maintenance, by integrating simple solutions that fit into your company’s culture. This can be done with a gap audit checklist to identify where you’re already in compliance and more effectively target only those areas that need work.
Isn’t ISO 9001 an outdated model?
While it is true that ISO 9001 has been around since 1987, it has evolved through several revisions to match the changing needs of business. Today there is instant access to information, higher expectations from customers, more complex supply chains and a globally competitive economy. ISO 9001:2015 takes all of these factors into account.
Isn’t ISO 9001 a standard that only benefits big corporations?
This is not the case. ISO 9001 is intended to be a set of requirements that can be used by any company, of any size, in any industry. The requirements are written as a set of best practices needed to control all the processes of a business system – no matter what the company does. The standard is designed to be flexible; the focus is on improving quality and customer satisfaction, which every organization can benefit from including:
- More efficient use of resources and improved financial performance,
- Improved risk management and protection of people and the environment, and
- Increased capability to deliver consistent and improved services and products, thereby increasing value to customers and all other stakeholders.
Will everything have to be monitored and measured?
Processes do have to be monitored and measured to ensure that they are performing as designed, however, the standard allows a company to consider the impact that a process has on product/service conformity and the effectiveness of the Quality Management System (QMS) when determining what to monitor or measure and the method to be adopted. A good QMS will help with monitoring performance and driving improvement.
Is ISO 9001 is the sole responsibility of the quality manager or department?
This couldn’t be farther from the truth, since the requirements cover every aspect of the business – from planning through delivery and post-delivery of your product or service.
Doesn’t ISO 9001 cost a lot to implement?
The question of cost will depend on the size and complexity of the organization and the competency of the personnel. Basic implementation pricing should be competitive and reasonable, depending if the work is done internally or through an external consulting service. The overall outcome of these activities should be to reduce costs through improvements and increase revenues through satisfied customers. Your return on investment should be well above the costs. Note that ISO certification is a separate additional cost.
SimpleQue can customize consulting for your organization and provide simple solutions while clearing up any misconceptions about ISO 9001 and how it can benefit your organization. Contact us today to find out more information and how simpleQue can help!
Would you like to know what 3rd party auditors are looking for when auditing how your company complies with quality system standards like ISO 9001:2015?
What are 3rd party auditors looking for? This is the second of a three part series by Jim Lee, President of simpleQuE
Clause 5 of ISO 9001:2015 – Leadership
Leadership is the focus of this clause, which means top management now has greater accountability, responsibility and involvement in the organization’s management system. The standard wants to see that leadership demonstrates leadership and support for the quality management system (QMS). They need to integrate the QMS into the organization’s business strategic direction, to ensure the management system achieves its intended outcomes and allocate the necessary resources. Top management is also responsible for communicating the importance of the QMS and enhancing employee awareness and involvement.
With this clause there is a requirement that top management will be present and leading the implementation and monitoring of the QMS. Processes within the QMS must have process owners. In addition, leadership shall demonstrate leadership and commitment with respect to customer focus and the continual improvement aspect of the business. 3rd party auditors will be scheduling time with the management and leadership team asking questions and looking for the items below as objective evidence.
- Established and communicated quality policy, objectives, strategic direction, and performance
- Organizational chart, job descriptions and other evidence that responsibilities and authorities are defined and communicated
- Metrics evaluated in the Management Review and the overall effectiveness of the key business processes
- Actions being taken when goals are not met, and when trends for performance are going the wrong way. They want to see management is looking at the data and taking actions when necessary.
- Promotion of risk based thinking and evidence of risk management processes with action items when risks are too high. This might include contingency plans, safety stocks, inventory levels, supplier selection and qualification process, etc. as a very few of the many possible ways to demonstrate this.
- Involvement in audit activity and reviewing the outcomes and assessing the risks and actions that might be necessary for the QMS
- Customer satisfaction and perception
- Identification of contract terms and conditions and customer requirements, including any laws that must be met. How are these evaluated, understood, communicated and implemented in the departments that need to know and comply?
- Evidence of continued improvement , which denotes that performance is monitored and tracked with trends
- The company’s context changes over time, and the needs of stakeholders too. Management needs to be aware of the changing context and issues affecting the business to adjust the strategic direction.
Not that all of the elements listed above will be needed, but organizations may risk failure if they do not:
- Identify process owners
- Use metrics to monitor performance of the QMS
- Include performance metrics in the Management Review
- Develop action plans when performance goals are not met
- Develop customer communication processes
- Respond to customer complaints
- Consider results of customer feedback/surveys and take appropriate actions
- Identify internal customer requirements
- Make improvement part of the quality policy
- Align roles and responsibilities with processes
- Contingency and emergency roles and responsibilities not defined
- Have appropriate training and awareness of the ISO 9001:2015 requirements
Coming soon – Part 3 and what auditors are looking for in regard to Risk. Also, read more about Context of the Organization in Part 1.
Source: NQA’s Teaming Conference – August 2017
What are 3rd party auditors looking for? This is the first of a three part series by Jim Lee, President of simpleQuE
Clause 4 of Annex SL – Context of the Organization
This is the cornerstone of a management system and the business’ strategic direction. An organization needs to identify internal and external issues that can impact its intended outcomes, as well as all interested parties and their requirements. It needs to document its scope and set the boundaries of the management system to line up with business objectives.
The context doesn’t have to be documented, so 3rd party auditors (as well as internal auditors) will be asking questions of various management members, and looking for these as objective evidence that an organization understands its context and considers all the factors and stakeholders affecting the business. The items listed below don’t have to exist, but if they do, you want to take credit for them in understanding the context. Some items may not by themselves demonstrate an understanding of the context, but combined with multiple examples, can provide the evidence an auditor is looking for.
- Business plan
- Strategic plan
- SWOT analysis (Strengths Weaknesses Opportunities Threats)
- Vision and mission statement
- Process mapping
- External parties identified
- Lesson learned
- Internal meeting minutes to determine company goal setting
- Metrics to measure effectiveness of QMS
- Process turtle diagrams
- Process flow plans
- Quality manual
Not that all of the elements listed above will be needed, but organizations may risk failure if they do not:
- Identify or understand their primary competitors
- Mention civic responsibility
- Consider future business trends
- Identify all customer requirements
- Identify local/state/national requirements
- Identify required outputs needed for internal customers
- Identify uncertainties like negative risks or positive opportunities
- Determine the processes used to flow the business from quote to delivery
- Identify outsources processes
- Establish process goals
Coming in future articles – what auditors are looking for in regard to Leadership and Risk.
Not only is Accutech Mold and Machine (AMM) ISO 9001:2008 certified, but they also achieved their ISO/TS 16949:2008 certification from Eagle Registrations. In January 2016, simpleQuE consultants, Larry Vance and Don Milinkovich began working with AMM to assess their existing processes and formulate an action plan that would address the gaps and fit their very tight timeline. That was followed up by an internal audit and training to prepare for the expansion to the automotive standard.
Why was this so important to AMM’s founders, Kelly and Darrin Geiger? As AMM’s website states, “International Standards are the backbone of our society, ensuring the safety and quality of products and services, facilitating international trade and improving the environment in which we live in. Conformity to International Standards helps reassure our customers that Accutech Mold and Machine’s products, systems and organizations are safe, reliable and good for the environment.”
Founded in 1996, AMM specializes in plastic injection mold manufacturing. In 2004 the company expanded with an injection molding press to sample molds that were built. Today, AMM continues to build high quality plastic injection molds and also produces plastic injection molded components with 25 presses running 24 hours a day.
Vice President, Darrin Geiger, had this to say, “It was easy to work with simpleQuE and they provided an action plan which our team utilized, working hard to reach our certification goal in just six months. The advantage to being ISO/TS 16949 certified is that it has opened new doors for us in the automotive industry, and our non TS clients are happy because they also benefit from these additional business processes.”
Digitalization, globalization, competition and the speed of technological advances has changed the nature of business. ISO 9001:2015 has been in effect for a full year and it places a heavy emphasis on using “risk-based thinking” for managing quality-related processes. Risk has always been implicit in ISO 9001. But the latest revision asks organizations to make a cultural shift—rather than focusing on isolated problem solving and resolution, they’ll focus on prevention and performance improvement.
The International Organization for Standardisation (ISO) explains it this way:
“Risk based thinking ensures these risks are identified, considered and controlled throughout the design and use of the quality management system”.
Under the new guidelines, risk management serves as the cornerstone of quality management system design. As organizations determine the processes needed for a quality management system, they’re also asked to determine the associated risks and opportunities and to plan and implement appropriate actions to address them.
In the context of ISO, the concept of “risk” relates to the uncertainty in achieving the main objectives of International Standards—namely, to provide confidence in the organization’s ability to consistently provide customers with conforming goods and services, and to enhance customer satisfaction. Risk is the possibility of events or activities preventing an organization from achieving its strategic and operational goals.
This shift in thinking does not replace the standard’s process-oriented approach, but enhances it. While the process is still a critical part of ISO 9001:2015, processes must now be implemented with an acute awareness of risk.
Organizations are asked to identify, analyze and prioritize all potential risks as they undergo building or adapting their existing quality management implementations for updated certification.
Risks can be defined by two parameters—the severity, or seriousness, of the harm, and the probability that the harm will occur. Risks can be assessed based on the likelihood they will occur, the likelihood they can be detected, and potential impact should they occur. From there, risks are evaluated based on their importance (what is acceptable, what is unacceptable?) and actions are planned to address the risks, whether that’s avoiding or eliminating the risk or mitigating it.
Once plans are implemented, it’s essential for organizations to check the effectiveness of their actions and continually learn from experience.
What’s the best way to document risk-based thinking and demonstrate the approach during audits?. Evaluate how you evaluate risks today with the processes you have. Understand how you decide when risks are acceptable or unacceptable. ISO wants to see that you record identified risks when action is required, and the action steps to be taken.
Putting into place the Plan-Do-Check-Act (PDCA) methodology can be a great way to define, implement and control corrective actions and improvements. Companies should Plan what to do and how to do it, Do what was planned, Check that things happened according to plan, and Act on how to improve the next time around.
Companies have two years to make the transition to ISO 9001:2015, as certifications for the 2008 edition will expire after September 2018.
SimpleQuE was one of the first consulting companies to be ISO 9001:2015 certified and we’re ready to assist organizations with transition or implementation. Please visit our website for more information about our services.
Recognized as an industry leader in mine safety technology innovation, Matrix is focused on research and development for the mining industry. Matrix has designed, manufactured, distributed and installed a variety of products to improve safety and productivity for mining applications. The current Matrix innovative product line includes IntelliZone® Proximity Detection Systems (used on a wide variety of equipment ato detect workers in low or obscured visibility situations), Communications Systems, Personnel and Equipment tracking systems, Atmospheric Monitoring Systems (AMS), and the MineOwl Camera System. Continue reading “Matrix Design Group Celebrates ISO 9001:2015 Certification!”
More than 1 million organizations and companies worldwide understand the benefits of being ISO 9001 certified. Educational institutions are beginning to recognize the importance of established standards and are seeking certification, as well. As we enter the new school year, a these schools have taken the initiative and will start the year as ISO 9001 certified: Oakwood University, Greater Altoona Career and Technology Center, DRS International School, and Wenatchee School District #246. Continue reading “ISO 9001 Certification Changing the Standards for Higher Education”