Category: ISO 9001 – Quality Management Systems

ISO Certification and Suppliers

Mr. Pareto Head and Supply Chain comic strip

Question

I work for a small family company that purchases items and potentially processes or packages them into heat protection materials. One of my existing customers is asking for ISO certification for some materials that I will sell to them. The material I’m trying to sell him comes from my supplier who is ISO 9001 certified, but my company is not. How can I show my customer that my supplier is ISO certified without the customer knowing who my supplier is?

Answers

The company is doing a value added process, and not a distributor.  As a result, if the customer is demanding ISO 9001 certification from the company, they need to make the decision, do they want to do business with the company? If so they need to pursue certification. If they do not want to pursue certification, they should tell the customer they do not want to pursue certification.  The customer can make the decision whether they will purchase product from the company.  I have had an experience where I did not want to do an audit with a company.  We told the customer, we will not do it.  The customer responded and came back with a reasonable proposal.  They wanted the business.

John G. Surak, PhD
Surak and Associates
Clemson, SC
A member of Stratecon International Consultants
www.stratecon-intl.com/jsurak.html

First, ISO certification is for a company’s quality management system, not for particular materials.  I would let the customer know, on company letter head, that:  “We certify that the materials we purchased are from ISO 9001 certified suppliers only.  The name of these suppliers is company confidential.”

James D. Werner
Principal Consultant
MDQC
Medical Device Quality Compliance, LLC

For more on this topic, please visit ASQ’s website.

ISO 9001 Certification and Moving

Certification, ISO 9001

Question 

My small company is considering ISO certification because some of our customers are asking for it. My concern is that if we continue growing at our current rate, we may be moving in 12-18 months. Is ISO certification site specific – i.e. if we obtain certification and then move, do we need to undergo a whole new certification?

Answer

After the certification audit your company will get a certificate for three years, and you will be adhered to a surveillance audit each year during the mentioned duration. There is no problem in moving if your moving did not lead to changes in your processes, activities, services or products which were included in your Quality Management System’s scope during the first certification audit, but it was just moving to another address. 

Ibrahim Moussa
Founder and Managing Director, at VOICE OF QUALITY for Training and Consulting Services
ibrahim@voiceofquality-eg.com

For more on this topic, please visit ASQ’s website.

Creating a Culture of Quality

ASQ Global State of Quality 2016

Question

I was introduced to Quality Management (& ISO 9001:2015) recently. The culture of the organization that I am concerned with has not embraced Quality Management, and it is often the subject of outright and unprofessional antagonism. I seek direction in order to arm myself with greater knowledge or qualifications as well as change attitudes toward Quality Management at all levels within the organization. I thought that ASQ would be a good resource. Since there are so many channels, a plethora of literature, and various certifications and conferences, I am a bit overwhelmed. I need to focus my efforts, and I hope to be able to do so with some direction from a professional who can relate to such growing pains. Thank you.

Answer 1

Thank you for your question.  I can certainly to relate to you and your plight – I was in a similar circumstance early in my career.   If you were introduced to ISO 9001 this year, I have to assume that your company is not yet registered.   Most manufacturing companies are required by their customers to have registration, but if you are not in that situation, you have to sell Quality Management on its own merit.  The bad news is, that if your senior management doesn’t want a Quality Management System, there is nothing you can do about that.  Now, that being said, you can begin by examining some of the “pain points” in your organization and showing how quality tools can help to solve them.  Management will never embrace quality until they see what is in it for them.   You can start with an analysis of the Cost of Poor Quality.  When your leadership sees the cost of nonconformance, they will be keen to bring those costs down.  COPQ typically includes the cost of external customer complaints, replacing products, late deliveries, and internal costs such as scrap, rework, re-makes etc.  If there has ever been a problem that traces back to not properly understanding a customer’s needs, that is a text-book example of how Quality Management can help.  Start with that.   Look at the costs of poor quality, and sell the idea of using quality tools to bring those costs down.  You will have no chance of selling your management on quality until they can see what’s in it for them.  Good Luck!

Denis J. Devos, P.Eng
A Fellow of the American Society for Quality
Devos Associates Inc.
(519) 476-8951
www.DevosAssociates.com

Answer 2

It sounds like this company needs a culture change. This change can happen only at the direction of the company’s leadership.
Here’s some suggestions:

  1. Each department head has to establish three (3) measurable goals on how his/her department is improving on the quality of their department’s output/work.  These are to be reported at each executive monthly meeting.  Department manager’s must be held accountable for lack of quality improvements.
  1. Every individual’s performance review must include “quality performance.”  This also needs to be measurable (less than last year, improved customer satisfaction from surveys, reduced ‘cost-of-quality’, reduced audit nonconformance observations, etc.)
  1. If the company has a bonus program, individuals/departments bonus is tied into quality performance.  ISO observation means 10% or more cut in bonus.
  1. Have top executives hold meetings on the need for quality and it’s everyone’s responsibility – not just the QA department.  If employees don’t like it they are welcomed to find employment elsewhere.

Jim

Jim Werner
Voting member to the U.S. TAG to ISO TC 176 Quality Management and Quality Assurance
Medical Device Quality Compliance (MDQC), LLC.
ASQ Senior Member
ASQ CQE, CQA, RABQSA Lead QMS Assessor

Fore more on this topic, please visit ASQ’s website.

Transitioning to ISO 9001: 2015

Analysis, Statistics, Control Charts, Statistical Methods, Audit, Auditing

Question

ISO 9001: 2015 has a 3 year implementation period. I recertified in 2014 and need to recertify in 2017. At this point I have a little under one year to transition instead of the 3 years identified. What alternatives are there that I might take advantage of so I have a longer transition period? My 3rd party registrar has been no help.

Answer

I would suggest that this individual approach their registrar/auditor and reason with them. I have heard of 3rd party auditors who are willing to help organizations with their transitions in numerous ways, including finding a comfortable way to transition without losing investment made in the current standard.

Second, the requirement to transition over to the new standard is not demanding that people wait until their current certificate runs out.  This company can begin a gradual transition right away. Stretching it over a couple years gives a company plenty of time to ‘learn’ and transition. Therefore, 2017 would be a possible time for a smooth change over to the new standard.

Registrars are our helpers; not some strangers lurking in the dark. They should be approachable and willing to help.

Also ASQ, as well as other sources, offer various forms of transition training and information.  The new standard can seem a bit intimidating at first glance but once thoroughly examined, it is actually more simple in several areas.

Atychiphobia – a persistent fear of failure can lead us to see stumbling blocks ahead of us. You can turn those stumbling blocks into stepping stones with some support from your registrar and a positive attitude.

Bud Salsbury, CQT, CQI

For more on this topic, please visit ASQ’s website.

ISO 9001:2015 Documented Information Requirements

ISO documentation practices, requirements

Question

I am trying to ascertain if I need to write a Quality Manual to comply with ISO 9001:2015. I see some clauses require ‘documented information’. Do I just address those or the entire document?

Answer

Thank you for the question.

To begin with, the new ISO 9001:2015 standard does not present a requirement for a Quality Manual. Those requirements are now part of Clause 4.3 and 4.4 of the new standard. That information “shall” be maintained as documented information.

You would be wise to 1] Acquire a copy of the 9001:2015 standard if you haven’t already done so. 2] Check in ASQ.org for information explaining the new terminology related to the standard. 3] Consider pursuing the services of a quality consultant for thorough guidance.

Respectfully,

Bud Salsbury
ASQ Senior Member, CQT, CQI

For more on this topic, please visit ASQ’s website.

ISO 9001: 2015 Deliverables and Processes

About ASQ's Ask the Standards Expert program and blog

Question

Under the revised ISO 9001: 2015 standard, what do you see as the key deliverables and processes owned by the Quality manager or QA department?

Answer

A project or process is made up of primary components aimed toward successful completion of the project/process objectives.  Those individual components are the deliverables.

In other words; you have Inputs and Outputs. An Output is a deliverable resulting from the process (Input).

The old aphorism “Everyone is responsible for quality” is strongly encouraged throughout ISO 9001:2015. Therefore, with the adage of Risk Based Thinking to the new standard, the Quality manager and the QA department would be responsible for the deliverables of their department and its processes. They would also be responsible for discerning any risks to the company’s goals and objectives.

Bud Salsbury
ASQ Senior Member, CQT, CQI

For more on this topic, please visit ASQ’S website

ISO 9001: 2015 Design and Development Clause

Prepare for ISO 9001: 2015

Question

We are service providers in NDT and inspection field. I want to know how to implement the design and development clause from ISO 9001: 2015.

Answer

There are two ways to approach this:

One is to use the process developed in ISO 9001:2008, 7.1 where you probably have a “quality plan” for the execution of the service delivery (ISO 9001:2015, 8.1).

The second approach is to design the process itself (ISO 9001:2015, 8.3).  That involves these activities:

INPUT
• Development of a design plan
Who will do what when with what?
Necessary control points
• Identification of customer requirements as inputs, along with inputs from similar previous service offerings
• Identify any special service characteristics, such as safety issues, regulatory compliance
Consequences of failure
• Identify products/services to be purchased/outsourced
THROUGHPUT
• Documentation of these inputs
• Preparation of an output in a format appropriate to the organization
OUTPUT
• A comparison of the outputs with the input requirements and an approval, if required
Outputs should include process monitoring and measuring requirements
• Outputs can include verification, design review and validation*
• A mechanism to handle process design changes

George Hummel
Voting member of the U.S. TAG to ISO/TC 176 – Quality Management and Quality Assurance
Managing Partner
Global Certification-USA
http://www.globalcert-usa.com/
Dayton, OH

For more information on this topic, please visit ASQ’s website.

ISO 9001: 2015 Tools for Auditors and Risk Based Thinking

Mr. Pareto Head and ISO 9001 audit

Question

In addressing clause 4 of ISO 9001:2015 regarding organization context and interested parties, what type of tool (spreadsheet, diagram, flowchart, etc), would you recommend to use to simplify the practice and to give a proper  understanding for auditors ?  I understand that risk evaluation (ISO 9001:2015) should be accomplished not only at a high level of establishing and planning objectives, but also at the processes level. If this is right, could organization use some criteria to select processes to be evaluated?

Answer

Thanks for contacting ASQ’s Ask the Experts program.  Regarding your inquiry, your selection of tools such as spreadsheets, diagrams, flowcharts and etc., should be driven by whatever best fits your organization’s context, QMS scope and requirements of interested parties.  However, before proceeding with tool selection to “simplify” practices as mentioned in your inquiry, it is essential that the changes and new requirements of ISO 9001:2015 are fully understood and communicated throughout the organization.  As you know, transitioning from ISO 9001:2008 to ISO 9001:2015 will require much more than providing understanding to Auditors.  The transition process should begin with top management and then flow down to the process owners and others throughout the organization.  If a gap analysis hasn’t already been completed, consider doing so to identify those processes that must be improved to meet ISO 9001:2015 certification requirements.

As you know, risk based thinking (RBT) must be a part of an every organization’s process approach, to ensure risks and opportunities are identified and addressed.  Although RBT is not new, it is a changed approach.  ISO 9001:2015 supports the scalability of quality management systems which allows them to be specific to an organization’s  processes, products, and services.  The landscape of today’s quality management systems has changed.  It’s not a “one size fits all” situation.  For this reason, it’s essential for top management, process owners as well as the QMS Auditors to develop a thorough understanding of ISO 9001:2015 and its requirements.  Also of equal importance is the familiarization of top management, process owners, and Auditors with the principals of risk assessment, management and related terminologies (i.e., ISO 31000:2009).

The effectiveness of future QMS audits will depend upon Auditors that can apply their collective knowledge of ISO 9001:2015, risk assessment, and management requirements, as well as their in-depth knowledge of the industries, processes, products, and systems, audited.  Exemplar Global and other accredited ISO 17024 personnel certification bodies have developed online training courses for the purpose of explaining the requirements of ISO 9001:2015.  Other information about transitioning to ISO 9001:2015 is available on the International Accreditation Form’s (IAF) website at www.iaf.nu.  Click this link to read about the recent publication of ISO 9001:2015 http://www.iaf.nu/articles/Publication_of_ISO_90012015/443

About the second part of your inquiry (item b.), it’s important to be aware that RBT applies to every process that comprises your organization’s quality management system.  RBT should be integrated into your organization’s QMS and product planning processes to ensure risks and opportunities are identified and addressed.

A few key questions to consider include, how will your Registrar verify your organization’s conformance with ISO 9001:2015 requirements?  What is your Registrar’s timeline for transitioning existing clients to ISO 9001:2015 requirements?  What type of support will be provided to assist clients through the transition process?

I hope this helps.

Best regards,

Bill

Bill Aston, Managing Director
Aston Technical Consulting Services, LLC
Kingwood, TX 77339
Office: (281) 359-ATCS (2827)

For more information about this topic, please visit ASQ’s website.

Writing ISO 9001:2015 Procedures

architecture building city concrete

Question

I am in the process of implementing ISO 9001:2015 at a heavy civil construction company. I do not have any prior experience implementing but did work in an ISO environment for 13 years. I am looking for assistance on how to go about writing procedures to ensure that they incorporate the ISO requirements.

Answer

Thanks for contacting ASQ’s Ask the Experts program.  Concerning writing procedures, there are a few things to consider.  In general, a procedure should be structured to define its purpose or scope.  If the procedure is intended to address an identified risk or opportunity, it should be stated.  Likewise, consider including specific references to customer, industry standards, and internal requirements that are being addressed in the procedure.

Other key points to consider include structuring the procedure to be consistent with the flow of the process or activities controlled by the procedure.  Also, if appropriate, include reference to acceptance criteria, identify who, when, and how these activities will be conducted.  References to any required records to be maintained to provide evidence of conformance should also be a part of the procedure.  The importance of ensuring the participation of the process owner as well as others responsible for performing the activities identified in the procedure can’t be overstated.  If possible, the process owner and other interested parties should be involved in the development, review and approval of the procedure.

I hope this helps.

Best regards,

Bill

Bill Aston, Managing Director
Aston Technical Consulting Services, LLC
Kingwood, TX 77339
Office: (281) 359-2827

For more on this topic, please visit ASQ’s website.

Dual Certifications

Drill, oil, petroleum

Question

Our company currently holds dual certifications to API Q1 and ISO 9001:2008 that are not set to expire until November 2017. When making the transition to ISO 9001:2015 and re-certifying in November 2017, will we be able to do dual certifications or will we have to do API Q1 separate from ISO 9001:2015?

Answer

Hello,

Thank you for contacting ASQ’s Ask the Experts program.  In response to your inquiry, the timing for transitioning your existing QMS from ISO 9001:2008 to ISO 9001:2015 is dependent upon your Registrar’s timeline to begin issuing ISO 9001:2015 certifications.  I highly recommend that you discuss this subject with your Registrar to determine how and when this transition will take place.  In my professional opinion, this transition process may be similar to the recent move from API Q1, 8th edition to API Q1, 9th edition.

Since your current certification expires November 2017, transitioning sooner rather than later is recommended.  Especially since unlike API Q1, the ISO 9001 certification expiration date cannot be extended.

I hope this helps.

Best regards,

Bill

Bill Aston, Managing Director
Aston Technical Consulting Services, LLC
800 Rockmead, Suite 170, Kingwood, TX 77339
Office: (281) 359-2827
Website: www.astontechconsult.com

For more on this topic, please visit ASQ’s website.