ISO 9001 Standard - ISO 9001:2008 Standards

Management Review IN ISO 9001 Standard

One of the most important factors in determining the success of an ISO 9001 implementation is management commitment and management understanding of what makes a good quality systems. Our turnkey Quality Management System (QMS) gives you everything you need to educate your entire company from top to bottom.

Management review is one of the key elements to building a sustainable quality system. To do this, management must be committed. This means that the management must do more than just say they are committed, they must allocate the resources to make sure that the company can continuously improve quality. Most quality systems fail from the top down! That is why external auditor almost always review the management review documentation every audit. External ISO 9001 auditors look for this commitment by evaluating the management review records. Management reviews should focus on both the quality of the products and the quality of the QMS. In general, it is very simple to maintain compliance of the management review portion of the standard. It can be done with a simple notebook that is maintained as a quality record. The Management review procedure includes a list of documentation that should be included in management review meeting. Management reviews should be done a least once per year and auditors like to see them quarterly.

Under ISO 9001, executive management has defined responsibilities. Although most of the work required to implement and maintain ISO certification is done below the executive level, ISO requires involve of personnel at the top of the organization.

It is the leader of an organization that set the goals and objectives for the quality of the company. It is also the leader that assigns resources (responsibility and authority) throughout the organization. Because of this, the leaders must be kept aware of the status of the quality system and product/service quality so they make good decision.
Much of how the company accomplishes these tasks is covered in the quality manual. Here are the 8 areas that should be address in the quality system to assure compliance to the ISO standard.

Top Management must:

Show A Commitment To The Customer

This requirement includes maintain records showing their commitment to the a customer focus, the quality system and the continuous improvement system. The use of a customer survey program is an excellent way to meet the ISO requirements for a customer focus. It is also an excellent way to keep in touch with your customers.

Make Quality Important

This includes communicating to the organization the importance of meeting the customer regulatory, legal needs as well as their produce or service needs (customer focus). Training and posting quality information around the building can do this.

Establish A Quality Policy

This should include a concise quality statement in conjunction with quality goals and a quality manual. The policy verbiage should include a commitment to continuous improvement. This information must be communicated to and understood by the entire organization.

Establish, Monitor And Update Quality objectives

These objectives should be measurable and should be relevant to all levels of the company. I recommend that they be publicly posted where everyone can see them and their status may also be posted.

Assign Resources

Ensure that resources are available to achieve the quality goals. This is the area where many companies do not meet the requirements but it is very hard to audit this general statement. Resources should be identified and planned. Planning includes manuals, procedure, work instructions and quality plans.

Assign Responsibility And Authority

Ensure that responsibilities and authorities are assigned and communicated to individuals. Responsibilities can be assigned as part of the personnel records ( see training summary sheet). Having authority means that the individual must be empowered to make changes.

Designate A Management Representative

This person will report the QMS status at periodic management reviews and promote awareness of the importance of meeting the customers needs. This is usually the quality, engineering or production manager.

Conduct Periodic Management Reviews

Management review meetings should include inputs from audits, customer feedback, process performance analysis, preventive and corrective actions system, follow-up from previous management meetings and areas for improvement. The output from the management reviews should include resource assignments, action targeting improvement of the products, processes and QMS.

The records for the management review are frequently audited so I recommend keeping a organized notebook with tabs for each management review. The creation of a check sheet (listing all the reports to be shown to top management) will make this periodic task simple to maintain. The check sheet can also be used to keep track of attendance and log feedback that is generated during the meeting.

Corrective and Preventive Actions In ISO 9001 Standard

Corrective and Preventive actions are used to adjust the manufacturing processes, quality system and product documentation to continuously improve product and service quality. This process never ends. Corrective and preventive actions are usually based on an engineering change request and engineering change order system. In general it is recommended that all feedback from internal and external sources be entered into the engineering change request system. This can include customer survey results, customer complaints, nonconforming material data, field failure data, work-in-process testing results, internal audit results, external audit results and suggestions from personnel. The inputs are then entered into the Engineering Change Request System. This system is used to queue workload for the engineering and quality problem solvers. The engineering manager or quality manager then reviews this bulk of requests for prioritization. The highest priority issues are assigned to personnel who create an engineering change order to correct the problem. Some engineering change requests will be denied and the denial will be justified in the ECR system before the item is closed. Other requests will generate an Engineering Change Order that includes an assignment to a project manager. The engineering change order will include complete details on how to correct the problem and when the change will take effect. This system is a closed loop system that will continuously improve quality. The status of the ECR and ECO systems should be used as input for the management review meetings.

The process of managing this data usually requires a database since priorities change on a daily basis and the amount of input can be very large, even at small companies. A database is also advised since the system can be used to generate automated reports that are used in the management reviews. Without constant supervision, engineering requests and change orders can pile up and start dragging down the company.

Corrective and preventive actions are listed separately in the standard to drive home the point that you can not have successful company that only corrects problems, you must prevent problems.

Corrective and preventive actions also go hand-in-hand with the requirement for continuous improvement. If the company is analyzing their mistakes, anticipating future mistakes and continuously improving, The quality of the product and services at the company will eventually be GREAT. The corrective and preventive actions system is the most critical element for an efficient quality system. Corrective and preventive actions are made using Engineering Change Requests (ECR) and Engineering Change Orders (ECO).

Any quality problem or suggestion should generate an ECR. This is the queue for engineering. If the engineering/quality manager decides that an action is required, then an ECO is created and assigned to someone with the resources to correct and prevent future problems.

ECOs should be generated by negative customer feedback, negative trend in product performance, observed areas for improvement, upgrades to documentation, or any other continuous improvement activities. Engineering change orders are the lifeblood of the organization and they must always be flowing to keep the organization strong and growing.

With this in mind, it is critical that the engineering change order system quick, simple and effective. I highly recommend the use of a database for managing ECRs and ECOs. This will give you a searchable history of changes to your products and is the best tool for continuous improvement.

ISO 9001 Standards Certification

When an organization chooses not to pursue ISO 9001 certification or not to
retain the ISO 9001 certificate, it should make no difference to the way the
organization is managed. Its similar to the man who chooses not to take the
course examination. He still has the knowledge he has acquired whether or not he takes the exam and gets a certificate. What he cannot do is demonstrate to others that he has reached a certain level of education without having to prove it every time. People who know him dont care that he didnt take the exam. It is only those who dont know him that he will have difficulty convincing.

Many organizations were driven to seek ISO 9001 certification by pressure
from customers rather than as an incentive to improve business performance
and therefore sought the quickest route to certification. The critics called this
coercion and like most command and control strategies, believed it resulted in
managers cheating just to get the badge. What was out of character was that
suppliers that were well known to customers were made to jump through this
hoop in order to get a tick in a box in a list of approved suppliers. It became a
necessary evil to do business. Certainly when perceived as a means to get a
badge, the standard was no more than a marketing tool. It could have been
used as a framework for improvement but the way it was imposed on
organizations generated fear brought about by ignorant customers who
mistakenly believed that imposing ISO 9001 would improve quality. To achieve
anything in our society we inevitably have to impose rules and regulations
what the critics regard as command and control but unfortunately, any progress we make masks the disadvantages of this strategy and because we only do what we are required to do, few people learn. When people make errors more rules are imposed until we are put in a straightjacket and productivity plummets. There is a need for regulations to keep sharks out of the bathing area, but if the regulations prevent bathing we defeat the objective, as did many of the customers that imposed ISO 9001.

How To Prepare ISO 9001 Standards Audit Check List

How To Prepare ISO 9001 Standards Audit Check List

There are a few steps to prepare ISO 9001 Standards Check List, namely:

1. Apply the concept of Plan Do Check Act (PDCA). This PDCA concept is applied at the Quality Management System and the process levels.

2. Convert the question to requirement raised by QMR or the QMS Committee which derived from the ISO 9001 standards. In this case, several questions can lead to one single requirement.

3. To edit those questions to suit the process that is to be audited. For example, you are going to audit the Purchasing/Procurement Department and you’re sitting down with the Audit Team trying to come up with relevant questions.

The main objective in auditing any process is to extract adequate information and evidence in order to verify that the process is conformant to the ISO 9001 requirements and that, it is effective in achieving its objectives. As an auditor, you need to be able to investigate, assess and verify the conformity and effectiveness of a given process, in terms of its planning, implementation, monitoring & measurement and improvement. As a Lead Auditor, preparing your Audit Team for the actual audit is crucial in ensuring success of the audit excercise. There is no better way to do that than by developing the audit questions with them.

Process Approach In ISO 9001 Standards

The process approach was introduced into ISO 9001 with the year 2000 version of the standards.

Prior versions used an element approach. The document Guidance on the concept and use of the process approach for management systems describes to process approach and offers an implementation paradigm.

2.4. Verify the process and its activities against its planned objectives
3. Implementation and measurement of the process
4. Analysis of the process
5. Corrective action and improvement of the process Implementation
This document explains the process used to evaluate changes to the 2008 version. In particular, it explains the revision process and illustrates the impact vs. benefit analysis used to evaluate potential changes.
In addition to the guidance documents, ISO maintains a web site with “official interpretations” of

approach was introduced into ISO 9001 with the year 2000 version of the standards.
Prior versions used an element approach. The document Guidance on the concept and use of the process approach for managementsystems describes to process approach and offers an implementation paradigm.
1. Identification of processes of the organization
1.1. Define the purpose of the organization
1.2. Define the policies and objectives of the organization
1.3. Determine the processes in the organization
1.4. Determine the sequence of the processes
1.5. Define process ownership
1.6. Define process documentation
2. Planning of a process
2.1. Define the activities within the process
2.2. Define the monitoring and measurement requirements
2.3. Define the resources needed

ISO 9001. Currently, these interpretations only include ISO 9001:2000, but, because the changes to the 2008 version were limited, they are valuable.
Consider a common question. An organization needs a documented procedure for preventive action (8.5.3), and must keep records of the results of preventive action (8.5.3.d). One of the interpretation requests asks, “Does sub-clause 8.5.3 a) require organizations to demonstrate, with objective evidence in the form of records, that they have undertaken actions to determine the existence of ‘potential nonconformities and their causes’?” The answer is “No”.
Auditing Practices
The ISO 9001 Auditing Practices Group maintains a website9 with guidance and information on auditing ISO 9001 quality management systems. It is an informal group of quality management system (QMS) experts, auditors, and practitioners drawn from the ISO Technical Committee 176 Quality Management and Quality Assurance(ISO/TC 176) and the International Accreditation Forum (IAF).
The website, primarily aimed at QMS auditors, consultants, and quality practitioners, is an online source of papers and presentations on auditing a QMS and reflect the process based approach.
The website contains almost forty guidance documents with practical advice ranging from “How to audit top management processes” to “The role and value of the audit checklist”.

Preparing ISO 9001 Quality Manual

Preparing ISO 9001 Quality Manual

ISO 9001 Standards defines a quality manual as a document specifying the quality management system of an organization. It is therefore not intended that the ISO 9001Standards Quality Manual be a response to the requirements of ISO 9001 Standards. As the top-level document describing the management system it is a system description describing how the organization is managed.
Countless quality manuals produced to satisfy ISO 9001:2008, were no more than 20 sections that paraphrased the requirements of the ISO 9001 standards.
Such documentation adds no value. They are of no use to managers, staff or auditors. Often thought to be useful to customers, organizations would gain no more confidence from customers than would be obtained from their registration certificate.