Identifying and Recording Design Changes In ISO 9000 Standards

Identifying and Recording Design Changes In ISO 9000 Standards

The documentation for design changes in ISO 9000 Standards should comprise the change proposal, the results of the evaluation, the instructions for change and traceability in the changed documents to the source and nature of the change. You will therefore need:
- A Change Request form which contains the reason for change and the
results of the evaluation – this is used to initiate the change and obtain
approval before being implemented.
- A Change Notice that provides instructions defining what has to be changed this is issued following approval of the change as instructions to the owners of the various documents that are affected by the change.
- A Change Record that describes what has been changed – this usually forms part of the document that has been changed and can be either in the form of a box at the side of the sheet (as with drawings) or in the form of a table on a separate sheet (as with specifications).
Where the evaluation of the change requires further design work and possibly experimentation and testing, the results for such activities should be documented to form part of the change documentation.
At each design review a design baseline should be established which identifies the design documentation that has been approved. The baseline
should be recorded and change control procedures employed to deal with any changes. These change procedures should provide a means for formally
requesting or proposing changes to the design. For complex designs you may prefer to separate proposals from instructions and have one form for proposing design changes and another form for promulgating design changes after approval. You will need a central registry to collect all proposed changes and provide a means for screening those that are not suitable to go before the review board, (either because they duplicate proposals already made or because they may not satisfy certain acceptance criteria which you have prescribed). On receipt, the change proposals should be identified with a unique number that can be used on all related documentation that is subsequently produced. The change proposal needs to:
- Identify the product of which the design is to be changed
- State the nature of the proposed change identify the principal requirements, specifications, drawings or other design documents which are affected by the change
- State the reasons for the change either directly or by reference to failure
reports, nonconformity reports, customer requests or other sources
- Provide for the results of the evaluation, review and decision to be
recorded

How Quality Management System is implemented?

How Quality Management System is implemented?

The terms ‘establish’, ‘document’, ‘implement’, ‘maintain’ and ‘improve’ are used in the ISO 9000 Standard as though this is a sequence of activities when in reality, in order to establish a system it has to be put in place and putting a system in place requires two separate actions:
- Design the Quality Management System using a process that transforms the system requirements into specific characteristics that results in a clear definition of all the processes that meet the system requirements.
- Construct the system using a process that documents, installs, commissions and integrates the processes to deliver the required business outputs.
The way in which these phases of quality system development are related is
illustrated in the management system process model shown in Figure 4.1. This diagram has some important features. Note that the design input to the system comprises internal and external requirements. On the right side there are four improvement routes:
- Improvements in conformity during operation of the system arise through
enforcing policy and practices – doing what you say you do
- Improvements in conformity during system construction arise through
enforcing policy and design rules on the system – reworking the system to
comply with the established policies and objectives
- Improvements in efficiency during system construction arise through
finding better ways of implementing the system design – shorter, less
wasteful routines, less complexity, lower skill levels, fewer resources
- Improvements in effectiveness arise as a result of identifying different
policies and objectives – higher targets, new objectives, new requirements,
regulations, and new technologies.
As indicated above, establishing a system means designing and constructing it, which can be referred to as system development. System design is dealt with under Identifying processes. Constructing the system covers documentation, resourcing, installation, commissioning, qualification and integration.

Documenting A Quality Management System

Documenting A Quality Management System

The ISO 9000 Standards requires the organization to document a quality management system in accordance with the requirements of ISO 9001. A document (according to ISO 9000 clause 2.7.1) is information and its supporting medium. A page of printed information, a CD ROM or a computer file is a document, implying that recorded information is a document and verbal information is not a document.
Clause 4.2 requires the management system documentation to include certain types of documents and therefore does not limit the management system documentation to the types of documents listed.
As a management system is the means to achieve the organization’s objectives, and a system is a set of interrelated processes, it follows that what has to be documented are all the processes that constitute the system.
While there is a reduction in emphasis on documentation in ISO 9001:2008 compared with the 1994 version, it does not imply that organizations will need less documentation to define their management system. What it does mean is that the organization is left to decide the documentation necessary for effective operation and control of its processes. If the absence of specific documentation does not adversely affect operation and control of processes, such documentation is unnecessary.
Before ISO 9000 came along, organizations prospered without masses of
documentation and many still do. Those that have chosen not to pursue the
ISO 9000 path often only generate and maintain documents that have a useful purpose and will not produce documents just for auditors unless there is a legal requirement. Most of the documentation that is required in ISO 9000 came about from hindsight – the traditional unscientific way organizations learn and how management systems evolve.
ISO 9000 contains a list of valid reasons for why documents are necessary as below:
- To communicate requirements, intentions, instructions, methods and results effectively
- To convert solved problems into recorded knowledge so as to avoid having
to solve them repeatedly
- To provide freedom for management and staff to maximize their contribution to the business
- To free the business from reliance on particular individuals for its effectiveness
- To provide legitimacy and authority for the actions and decisions needed
- To make responsibility clear and to create the conditions for self-control
- To provide co-ordination for inter-departmental action
- To provide consistency and predictability in carrying out repetitive tasks
- To provide training and reference material for new and existing staff
- To provide evidence to those concerned of your intentions and your actions
- To provide a basis for studying existing work practices and identifying
opportunities for improvement
- To demonstrate after an incident the precautions which were taken or which should have been taken to prevent it or minimize its occurrence
If only one of these reasons make sense in a particular situation, the
information should be documented. In some organizations, they take the
view that it is important to nurture freedom, creativity and initiative and
therefore feel that documenting procedures is counterproductive. Their view is that documented procedures hold back improvement, forcing staff to follow routines without thinking and prevent innovation. While it is true that blindly enforcing procedures that reflect out-of-date practices coupled with bureaucratic change mechanisms is counter productive, it is equally shortsighted to ignore past experience, ignore decisions based on valid evidence and encourage staff to reinvent what were perfectly acceptable methods.
Question by all means, encourage staff to challenge decisions of the past, but
encourage them to put forward a case for change. That way it will cause
them to study the old methods, select the good bits and modify the parts that are no longer appropriate. It is often said that there is nothing new under the sun – just new ways of packaging the same message.

What Should Be Documented In Quality Management System?

What Should Be Documented In Quality Management System?

Clause 4.2.1 in ISO 9000 Standards requires quality management system documentation to include 5 types
of document:
(a) Quality policy and objectives
(b) Quality manual
(c) Documented procedures
(d) Documents needed to ensure the effective planning, operation and control of processes
(e) Records
Other than the requirements in clause 4 for documentation, there are 14 other references requiring documentation. These are as follows:
(a) The output of the planning
(b) The quality manual
(c) A documented procedure for document control
(d) A documented procedure for the identification, storage, retrieval, protection, retention time and disposition of records.
(e) Planning of the realization processes
(f) Inputs relating to product requirements
(g) The outputs of the design and development process
(h) Design and development changes
(i) The results of the review of changes and subsequent follow up actions
(j) A documented procedure for conducting audits that includes the responsibilities and requirements
(k) Evidence of conformity with the acceptance criteria characteristics of the product
(l) A documented procedure for nonconformity control activities
(m)A documented procedure for corrective action
(n) A documented procedure for preventive action
This list is somewhat inadequate for documentation purposes because it does not tell us what types of things we should document or provide criteria to enable us to decide what we need to document. ISO 9000 clause 2.7.2 includes a more useful list of document types that are classified as follows:
(a) Quality manuals
(b) Quality plans
(c) Specifications
(d) Guidelines
(e) Procedures, work instructions and drawings
(f) Records
This list is similar to that in clause 4.2.1 with some notable differences. The
policy and objective could form part of the quality manual and the quality plans, work instructions, guidelines, drawings and specifications could be the documents needed to ensure the effective planning, operation and control of processes.
Obviously the size, type and complexity of the organization and the competency of personnel will have an effect on the depth and breadth of the
documentation but the subject matter other than that which is product, process or customer specific is not dependent on size, type and complexity of the organization etc. There is no single method that will reveal all the things that should be documented but there are several approaches that can be used to reveal the documentation necessary.

Documents That Ensure Effective Planning, Operation And Control

Documents That Ensure Effective Planning, Operation And Control

The ISO 9000 standard requires management system documentation to include documents required by the organization to ensure the effective planning, operation and control of its processes.
The documents required for effective planning, operation and control of the processes would include several different types of documents. Some will be
product and process specific and others will be common to all processes. Rather than stipulate the documents that are needed, ISO 9000 Standards now provides for the organization to decide what it needs for the effective operation and control of its processes. This phrase is the key to determining the documents that are needed.
There are three types of controlled documents, namely:
- Policies and practices (these include process descriptions, control procedures, guides, operating procedures and internal standards)
- Documents derived from these policies and practices, such as drawings,
specifications, plans, work instructions, technical procedures and reports
- External documents referenced in either of the above
There will always be exceptions to this model but in general the majority of
documents used in a management system can be classified in this way.
Derived documents are those that are derived by executing processes;
for example, audit reports result from using the audit process, drawings result from using the design process, procurement specifications result from using the procurement process. There are, however, two types of derived document:
prescriptive and descriptive documents. Prescriptive documents are those that prescribe requirements, instructions, guidance etc. and may be subject to change. They have issue status and approval status, and are implemented in doing work. Descriptive documents result from doing work and are not
implemented. They may have issue and approval status. Specifications, plans, purchase orders, drawings are all prescriptive whereas audit reports, test reports, inspection records are all descriptive. This distinction is only necessary because the controls required will be different for each class of documents.

Operational Control In ISO 14001 Standards

Operational Control In ISO 14001 Standards

Operational Controls over Significant Environmental Aspect Activities, ?4.4.6.a&b – ISO 14001 requires the organization to identify and plan the operations associated with its identified significant environmental aspects in order to establish documented operational control procedures that preclude deviation from the Environmental Policy or not achieving objectives and targets.

Opportunities to apply operational controls can be found by reviewing operations. As shown in the accompanying text box, once the operations that can produce significant impacts are identified, it is a relatively simple step to establish operational control procedures that are consistent with the aims of the Environmental Policy and the objectives and targets and that stipulate operating criteria.

Significant Environmental Aspects of Goods and Services, §4.4.6.c – This requirement of ISO 14001requires careful reading. Here is a parsed interpretation of the Operational Control requirement as it relates to goods and services furnished by others:

“The organization shall identify those operations that are associated with [its] identified significant environmental aspects… The organization shall plan these operations in order to ensure that they are carried out under specified conditions by… [1] establishing and maintaining procedures related to the identifiable significant environmental aspects of goods and services used by the organization and [2] communicating relevant procedures and requirements to suppliers and contractors.”

An easy way to conform to this requirement is to:

1. Identify the operations associated with the significant environmental aspects;

2. Identify the environmental aspects of goods and services furnished by others;

3. Determine how these aspects contribute to the organization’s significant aspect operations;

4. Establish appropriate/relevant requirements for the providers of these services; and

5. Communicate the requirements to suppliers and contractors.

Confusion in conforming to this requirement can arise because it is easy to read sub-clause c) independently of the first sentence of §4.4.6.

This first sentence gives context to the rest of the section in that it requires that we first “identify those operations… associated with the identified significant environmental aspects.” Once we have identified these operations, we look to the significant aspects of goods and services supplied by others and assess their contribution to the potential environmental impact. The accompanying example is offered to help clarify the intent of the requirement.

Monitoring and Measurement In ISO 14001 Standards

Monitoring and Measurement In ISO 14001 Standards

The Monitoring and Measurement section contains two requirements:

1) Measurement and monitoring of environmental performance associated with operations that can have a significant impact on the environment; and

2) Calibration and maintenance of equipment used for environmental monitoring and measurement.

Monitoring and Measuring of Performance — This section calls for a“procedure to monitor and measure… key characteristics of… operations that can have a significant impact on the environment.”

Note that the section does not specifically require the organization to monitor and measure the significant environmental impacts of its products or services. As a practical matter, however, organizations should establish measurements over all environmental aspects that they determine are significant irrespective of whether the impacts relate to an activity, product, or service.

This section also requires the documentation“of information to monitor performance, applicable operational controls, and… environmental objectives and targets.” §4.6,

Management Review, requires that environmental performance and achievement of objectives and targets become inputs into the Management Review (sub-sections c & d).

Calibration and Maintenance — The requirement of having a calibration system is to ensure that measurements are reliable and accurate. A calibration system may be developed following these steps:

· Identification of measurements to be made;

· Identification of equipment, instruments, hardware and software to be used;

· Identification of the testing methods to be used;

· Determination of the accuracy and precision required or desired;

· Definition of calibration procedures;

· Use of the system;

· Establishment of records;

· If equipment is found to be out of calibration, corrective action; and

· Improvement of the system as necessary.

Quality Assurance In ISO 9001 Standards

Quality assurance, according to the ISO 9001 Standard, is a way of managing that prevents non-conformance and thus “assures quality”. This is what makes ISO 9001 Standards different from other standards: it is a management standard, not a product standard. It goes beyond product standardisation: it is standardising not what is made but how it is made.

To use the ISO 9001 standards to dictate and control how organisations work was to extend the role of standards to new territory. To take such a step we might have firstly established that any such requirements worked — that they resulted in ways of working which improved performance. Yet the plausibility of this Standard, and the fact that those who had an interest in maintaining it were (and still are) leading opinion, prevented such enquiries. In simple terms the Standard asks managers to say what they do, do what they say and prove it to a third party. ISO 9000 (2008) paragraph 1: “The requirements specified are aimed primarily at achieving customer satisfaction by preventing non-conformity at all stages from design through servicing.” To put it another way, the Standard asserts that preventing non-conformance achieves customer satisfaction. But does it? Of course it matters to customers that a product works. But there is no guarantee that the Standard will ensure even that.

Furthermore, customers take a total view of an organisation — how easy it is to do business with — in respect of all things of importance to each and every customer. ISO 9000 requires managers to “establish and maintain a documented quality system as a means of ensuring that product conforms to specified requirements”. Loosely translated this is “say what you do”. Management is supposed to “define and document its policy for quality . . . including its commitment to quality”. What management would not declare its commitment to quality? But would they know what it means? Would they argue (as they should) that quality management is a different and better way to do business, or would they believe that ISO 9001 Standards will take care of quality?

The ISO 9000 Standards encourages managers to think of “quality” and “business as usual” as separate and distinct. It helps managers avoid the revelation that quality means a wholly different view of management. Instead, the organisation “shall appoint a management representative who, irrespective of other responsibilities, shall have defined authority and responsibility” [for ISO 9000]. At a practical level this means only one executive might decide he or she had better learn a thing or two about quality.

However, would being responsible for ISO 9001 standards lead to learning about quality or simply enforcing the ISO 9000 regime in an organisation? Key to the regime is auditing. The Standard requires organisations to conduct internal quality audits to “verify whether quality activities comply with planned arrangements”. This can be loosely translated as “do you do as you say?” and the purpose of the audit is to see that you do. It was not until the 1994 review that the words were changed to “quality activities and related results”. It was a Standard which was rooted in the philosophy of inspection: fifteen years after its initial promulgation the promoters sought to extend the focus to results. But results or improvements assessed by what means? Inspection. By the time the Standard was adopted world-wide, quality thinking had moved a long way from the philosophy of inspection. It is now understood, at least by a few, that quality is achieved through managing the organisation as a system and using measures which enable managers to improve flow and reduce variation (which we explore in chapters 5 and 7).

The defenders argue that there is nothing stopping a company having ISO 9000 and implementing methods for managing flow and reducing variation, but where are such companies? Few of the companies we researched, formally and informally, knew anything about this thinking. The Standard does not talk about it; moreover, the Standard effectively discourages managers from learning about it by representing quality in a different way. According to ISO 8402 (quality vocabulary), quality is: “The totality of features and characteristics of a product or service that bear on its ability to satisfy stated or implied needs.” Everything we have learned about ISO 9000 suggests that the people who created this definition were thinking about the things which need to be controlled, those things which “bear on its ability . . .”. The builders of the Standard assumed that customer needs would be listed in contractual agreements between the supplier and customer. ISO 9000 has a “make” logic — procedures for “how you do what you do” — and a “control” logic — check to see that it is done. It is a relic of the era when contractual agreements were perceived to be an important device for regulating the behaviour of suppliers.

In these ways, ISO 9000 standards encouraged “planning for quality”. Planning for quality sounds plausible, but it assumes many things: that the plan is the right plan, that it is feasible, that people will “do it”, that performance will improve. It is an approach which, paradoxically, leads to poor decisions. Planners of quality systems, guided by ISO 9000 standards , start with a view of how the world should be as framed by the Standard. Understanding how an organisation is working, rather than how someone thinks it should, is a far better place from which to start change of any kind.

ISO 9001 Standard For Quality

The International Organization for Standardization, ISO, is a non-governmental agency that publishes and develops standards for the public and private sectors. From mechanical engineering and technology to agriculture, the ISO 9000 Standards establishes benchmarks and guidelines for quality products and services. ISO 9001 quality standards are a highly regarded and internationally recognized set of standards that are used in businesses, nonprofit groups and government organizations.

Since 1947, the ISO has published more than 17,500 standards. Many of these standards are specific for a product or process. In 1979, the ISO established the quality management and quality assurance committee. This committee established international quality management guidelines. The first guidelines published in 1986 were referred to as ISO 8402. These standards were updated and replaced with the ISO 9000 family of quality management systems standards. The latest round of quality standards fall under the ISO 9001:2008 title.

ISO quality standards include technical requirements, customer service levels, continual improvement requirements and documentation of key systems and processes. Quality is assured through strict process monitoring, checking for defects and routine internal and external reviews. Conformance with the rules and regulations of the ISO standards results in a company being publicly labeled as ISO 9001 certified or ISO 9001 registered.

Companies and organizations that adopt ISO quality standards increase their visibility as a quality-focused company. The public recognition as an ISO 9001 certified company could lead to increased access to contracts, especially for the government and to higher prestige in an industry. For some businesses, ISO 9001 certification is seen as a competitive advantage, while in other industries compliance is a requirement for continued operation.

The ISO claims that implementation of ISO standards increases a company’s return on investment, increases market share and profits and improves operational results. Societal benefits are improved health and safety, corporate compliance with legal requirements and reduced environmental impact.

The ISO quality standards and audits confirm compliance with the processes and business framework for a company to produce quality goods and services. Audits and reviews do not certify the actual products or services provided by a company, only the business methodology and quality systems that are designed to ensure quality. It is also a misconception that the ISO standards for quality only apply to manufacturing and physical goods. The ISO standards are also applicable to the service industry.

Advantages Of ISO 9001 Standard

Successful firms are good at two things: increasing sales and reducing costs. However, these two things may prove irrelevant if the quality of the product or service is poor. ISO 9001 Standard is concerned with improving the quality of operations which can affect both top and and bottom line growth. Implementation of ISO 9001 Standard affects the entire organization by providing a transition to both a new common language and a new way of thinking about continuous process improvement. Here’s how you can bring the benefits of ISO 9001 Standard to your organization.

1. Obtain management buy-in. The most important step to any quality initiative is to obtain management commitment. This will increase both the visibility and awareness of your efforts.

2. Create an implementation team. This should include a representative from all functional areas of the organization including marketing, finance, planning, production and design. Also be sure to assign a Management Representative. This should be your strongest upper-level advocate for the success of ISO 9001 Standard implementation.

3. Communicate the goals of the program and provide training. This should include employees as well as major suppliers. The communication should be concise, tied to improving the success of current goals and objectives, and in a language in which employees are familiar with.

4. Map out the most critical processes of the current system. Use an organizational flow chart to show how information flows from the placement of an order to delivery. Compare this flowchart with the ISO 9001 system (see Resources for a link to Management Standards) and identify areas for improvement.

5. Create an implementation plan based on opportunities for improvement found in Step 4. The plan should be thorough and specific. Document each change in the process flowchart. If you already have documentation supporting your processes, use it. However, if you identify an area which lacks documentation, this should be viewed as an opportunity. Documentation is the lifeblood of continuous improvement. If you don’t already have one, create a documentation control system which manages the creation, approval, distribution, storage and disposal of documents.

6. Report out on improvements, create metrics to track improvements and repeat the process. ISO 9001 Standard is about continuous process improvements, and the success of the program is a function of both commitment and the achievement of this goal.

BACKGROUND TO THE ISO 9001:2008 REVISION PROCESS

In order to assist organizations to have a full understanding of the new ISO 9001:2008, it may be useful to have an insight on the revision process, how this revision reflects the inputs received from users of the standard, and the consideration given to benefits and impacts during its development.

Prior to the commencement of a revision (or amendment) to a management system standard, ISO/Guide 72:2001 Guidelines for the justification and development of management system standards recommends that a “Justification Study” is prepared to present a case for the proposed project and that it outlines details of the data and inputs used to support its arguments. In relation to the development of ISO 9001:2008 user needs were identified from the following:

-the results of a formal “Systematic Review” on ISO 9001:2000 that was performed by the members of ISO/TC 176/SC2 during 2003-2004

-feedback from the ISO/TC 176/Working Group on “Interpretations”

-the results of an extensive worldwide “User Feedback Survey on ISO 9001 and

The Justification Study identified the need for an amendment, provided that the impact on users would be limited and that changes would only be introduced when there were clear benefits to users.

The key focuses of the ISO 9001:2008 amendment were to enhance the clarity of ISO 9001:2000 and to enhance its compatibility with ISO 14001:2004.

A tool for assessing the impacts versus benefits for proposed changes was created to assist the drafters of the amendment in deciding which changes should be included, and to assist in the verification of drafts against the identified user needs. The following decision making principles were applied:

1) No changes with high impact would be incorporated into the standard;

2) Changes with medium impact would only be incorporated when they provided a correspondingly medium or high benefit to users of the standard;

3) Even where a change was low impact, it had to be justified by the benefits it delivered to users, before being incorporated.

The changes incorporated in this ISO 9001:2008 edition were classified in terms of impact into the following categories:

-No changes or minimum changes on user documents, including records

-No changes or minimum changes to existing processes of the organization

-No additional training required or minimal training required

-No effects on current certifications

The benefits identified for the ISO 9001:2008 edition fall into the following categories:

-Provides clarity

-Increases compatibility with ISO 14001.

-Maintains consistency with ISO 9000 family of standards.

-Improves translatability.

About ISO 14001:2004 Standards

The ISO 14001 aims to reduce the environmental carbon footprints that many businesses leave behind today because of not taking the right steps to be environmental sustainable. This standard promotes the decrease in the waste of necessary business resources and also reduces the pollution that can sometimes be a by product of a business.

About ISO 14001

The most updated version of the ISO 14001 was released in the year 2004 by the International Organisation of Standardization (ISO), which was attended by members from all the committees from around the world. In order for a company to be awarded the ISO 14001 standard certificate, an external auditor has to audit the company by an audit body that has been accredited by an accreditation body. The certification auditors are required to be accredited by the International Registrar of Certification Auditor and the certification body has to be accredited by the Registrar Accreditation Board in the USA or by the National Accreditation Board in Ireland.

The structure of ISO 14001 is very much like the ISO 9000, which is management standard, so these two standards can be implemented side by side to achieve the best results. As a part of the ISO 14000 family, which deals with different aspects of environmental issues, ISO 14001:2004 and ISO 14002 deal with environmental management system (EMS). ISO 14001 gives the requirements for the

EMS and ISO 14002 gives the basic guidelines for EMS.

Environmental Management System with ISO 14001:2004

The EMS, as per the requirements of the ISO 14001, enables the company, may it be of any size, location and income to:

• It helps the company improve its environmental strategy and this positively affects their environmental performance.
• It helps in identifying and controlling the environmental impact that the activities, services or products of the company might have.
• And it helps in carrying out a systematic approach to set environmental targets and objectives, to achieve these and also to demonstrate that they have been achieved.

How does it work?

ISO 14001 does not specify or chalk out a definite level that each business has to reach. If the performance was determined, then it would have to be done for every specific business. But that is not how it works and has a very different approach, like:

• The ISO has various standards dealing with environmental issues. ISO 14001 deals with a framework provided for a strategic and holistic approach to the businesses environmental policy, actions and plans.
• It gives the general requirements for the EMS.
• This also states the reference to the communication requirements for the communication of the environmental management issues between the company, stakeholders, the public and the regulators.
• As these standards are not company specific, any and every business can undertake them as long as they are dedicated to the continued and improved environmental performance and they have a commitment to comply with the set norms.

Disposition of ISO 9001 records

Disposition in this context means the disposal of records once their useful life has ended. The requirement should not be confused with that on the retention of records. Retention times are one thing and disposal procedures quite another.

The standard does not specifically require records to be authenticated, certified or validated other than product verification records in clause 8.2.4. A set of results without being endorsed with the signature of the person who captured them or other authentication lacks credibility. Facts that have been obtained by whatever means should be certified for three reasons:

They provide a means of tracing the result to the originator in the event of problems. They indicate that the provider believes them to be correct. They enable you to verify whether the originator was appropriately qualified. They give the results credibility.

If the records are generated by computer and retained in computerized form, a means needs to be provided for the results to be authenticated. This can be accomplished through appropriate process controls by installing provisions for automated data recording or preventing unauthorized access.

Integrating Management Systems Within The ISO 9001 Standards

Today’s free market economies increasingly encourage diverse sources of supply and provide opportunities for expanding markets. Fair competition needs to be based on identifiable, clearly defined common references that are recognised from one country to the next. A standard, internationally recognised, developed by consensus among trading partners, serves as the language of trade. The International Organisation for Standardisation (ISO) has developed around 8?700, mostly technical related standards on this basis. Standards Series such as ISO 9000, ISO 14000 and what is to be known as ISO 18000 and ISO 26000 are Management related. These standards contain generic guidelines for Management Systems in the area of Quality, Environment, Occupational Health & Safety and Human Resources.

ISO is a word derived from the Greek isos, meaning “equal”. ISO 9000 Standards are developed and updated by the International Organisation for Standardisation which has around 150 member bodies. A member body of ISO is the national body “most representative of standardisation in its country”.(eg. Germany – DIN, USA – ANSI, Australia – SAA).
More than 50 countries, as well as the European Community have adopted ISO 9000 which is recognised internationally as a benchmark for measuring quality in a trade context. Since its first issue in 1987, approximately 430?000 companies have been using ISO 9000. Being a standard coming from an organisation that is usually involved in the development of technical standards, ISO 9000 is often regarded as a document that belongs in the hands of a technician exposed to production line quality control. At a closer look, however, ISO 9000 Standard Series provide guidance in the development and application of Management Systems as well as Quality Control in Manufacturing and Administration.

ISO has been developing a number of Management System Guidelines for various aspects of business. The most recent are the ISO 14000 Environmental Management System Guidelines. This is an international standard that will affect business in the near future. ISO 14000 has been designed to integrate with ISO 9000. However, apart from international standards there are local standards a company has to comply with. To remain compliant with local standards, further manuals and/or procedures are required (eg. lifting procedure in a warehouse to satisfy Work Safety requirements). A company may have several Manuals describing its Management Systems (eg. Human Resources, Quality, Security, Health/Safety, Finances). An overall link between the systems is often missing which makes the monitoring and the assessment of effectiveness difficult. Double handling of information, contradicting instructions, high maintenance costs, administrative excess and lack of overall transparency are common results.
ISO 9000 Standard Series for Quality (of) Management Systems provide generic guidance for the development of an overall Management System, ISO 14000 provides guidance for Environmental Management, etc. Transparency and monitoring of all business activities can be achieved by integrating all systems into one.
Complaints that ISO 9000 is paralysing operations and, that it does not reflect reality are usually a result of not clearly understanding how the standard can be properly structured to address the needs of a company. ISO 9000 can be structured by focusing on “best practice” process rather than the standard, by fitting the standard to the process and not the process to the standard. Having recognised this, ISO has been working on a new structure for ISO 9000, called “Vision 2000?, taking a process orientated approach to ensure that “best practice” as well as several standards can be addressed within one system. Focusing on process allows the development of a practical “working document”, providing an effective management tool. Having learned from the past, the trend to Process Orientated Management Systems started about three years ago in Europe and is finding increasing approval from certification bodies.Every company has its own culture and key individuals.
The business environment influences processes in certain ways (eg. employee market, laws, infrastructure, client, etc.)
To ensure competitiveness a company needs to ensure adequate flexibility in their system to effectively respond to changes in the business environment.
An effective system is a lean system that incorporates all necessary functions, controls of activities and “best practice” without being caught up in detail.
An effective system must also be flexible enough to enable the proper controls on outsourcing and sub-contracting of activities (eg. production, administration, service, etc.)

Why is Six Sigma Fascinating in ISO 9000?

Why is Six Sigma Fascinating in ISO 9001 Standards?

Six Sigma has become very popular throughout the whole world. There are several reasons for this popularity. First, it is regarded as a fresh quality management strategy which can replace TQC, TQM and others.

Many companies, which were not quite successful in implementing previous management strategies such as TQC and TQM, are eager to introduce Six Sigma.

Development process of Six Sigma in quality management

Six Sigma is viewed as a systematic, scientific, statistical and smarter (4S) approach for management innovation which is quite suitable for use in a knowledge-based information society.

Second, Six Sigma provides efficient manpower cultivation and utilization. It employs a “belt system” in which the levels of mastery are classified as green belt, black belt, master black belt and champion. As a person in a company obtains certain

training, he acquires a belt. Usually, a black belt is the leader of a project team and several green belts work together for the project team.

Third, there are many success stories of Six Sigma application in well known world-class companies. As mentioned earlier, Six Sigma was pioneered by Motorola and launched as a strategic initiative in 1987. Since then, and particularly from 1995, an exponentially growing number of prestigious global firms have launched a Six Sigma program. It has been noted that many globally leading companies run Six Sigma programs (see Figure 3), and it has been well known that Motorola, GE, Allied Signal, IBM, DEC, Texas Instruments, Sony, Kodak, Nokia, and Philips Electronics among others have been quite successful in Six Sigma. In Korea, the Samsung, LG, Hyundai groups and Korea Heavy Industries & Construction Company have been quite successful with Six Sigma.

Lastly, Six Sigma provides flexibility in the new millennium of 3Cs, which are:

• Change: Changing society

• Customer: Power is shifted to customer and customer demand is high

• Competition: Competition in quality and productivity

The pace of change during the last decade has been unprecedented, and the speed of change in this new millennium is perhaps faster than ever before. Most notably, the power has shifted from producer to customer. The producer-oriented industrial society is over, and the customer-oriented information society has arrived. The customer has all the rights to order, select and buy goods and services. Especially, in e-business, the customer has all-mighty power.

Six Sigma with its 4S (systematic, scientific, statistical and smarter) approaches provides flexibility in managing a business unit.

ISO 9000 Process Based Auditing

ISO 9000 Process Based Auditing

Any effective quality management system (including the subsystems) works as a control process, which has the ability to detect deviations and nonconforming products and assures that the corrective and preventive action measures are effective. The regulatory auditor should check that all subsystems and processes of the quality management system are structured as self-regulating control processes. For example Deming’s PDCA cycle demonstrates such a process with the following components:

i) Plan – Has the manufacturer established the objectives and processes to enable the quality system to deliver the results in accordance with the regulatory requirements?

ii) Do – Has the manufacturer implemented the quality system and the processes?

iii) Check – Has the manufacturer checked process monitoring and measurement results against the objectives and the regulatory requirements? Does the manufacturer evaluate the effectiveness of the quality system periodically through internal audits and management reviews?

iv) Act – Has the manufacturer implemented effective corrective and preventive actions? Confirm that the company is committed to providing high quality safe and effective medical devices, and that the company is conforming with applicable laws and regulations.

ISO 9001:2008 Draft Changes

ISO 9001:2008 Draft Changes

0.1 Changes here are a statement about whom and where the standard is including any statutory requirements and have the same scale as any customer or regulatory requirements. It’s also clarified that these requirements are restricted to those applicable to the product.

0.4 There is a comment that state that the new standard is made due consideration to ISO 14001:2004.

1.1 &1.2 Statutory requirements had been referred in connection with purchased products and product realization. Second note explains that a statutory requirement can be a legal requirement.

After so many years of auditions the long last debate had been settled. Statutory legal requirements and statutory requirements are obliged to the purchasing processes. It was always an open area that no one had the correct answer: is your supplier must follow the law or not? Apparently yes.

2Normative reference – the ISO 9000 is now replaced by ISO 9000:2005.

3The explanations about what is a customer and what is an organization and what is a supplier had been removed.

4.1 Clause a – The word “determine” is replacing the “identify”

A note had been added stating that a purchased processes are regarded as purchasing products and another note that demand that these processes would be controlled as far as products.

4.2.1 Slight change of words but when you examine the change you realize the meaning is the same.

Note 2 was changed – a single document may include requirements for more than one procedure and requirements of one procedure may appear in more than one document.

It’s about time. A lot of headaches are vowed to be save. If your audit was one of the old school and demanded everything by the book – now you may combine two quality procedures to one document: Job description and training for example or you can split one document into two. How ever it is suitable for you as long as you provide the requirements.

4.2.3 A clarification that external documentation is considered while it is part of the quality management system.

5.1 Clause a – the word “statutory” had been added.

5.5.2 An addition for a requirement that the management representative would be a member of the organization’s management.

That addition puts all external consultants at risk – you can no longer be the

management representative. That sets a whole new line of form and documentations for you to develop in order that the external consultants would be considered as a management representative.

6.2.2Clause b –”provide training or take other actions to satisfy these needs” changed to “where applicable training needs to be provided to achieve the necessary competence”

Clause c – you must ensure that the training is with competence rather than if it was an effective training.

It all goes back to defining .You defined what is necessary now you must provide it nothing is new.

On one hand it is an improvement. The training must be reviewed before. But I think it’s not such an improvement. Instead of testing your employees if they got anything of the training you must now check the training itself before.

6.3 Clause c – information systems are included.

6.4 A new note: noise, humidity, temperatures are part of a working environment.

7.1 Clause c – measurement had been added to the activities.

7.2.1

Clause a – change of words – not of the meaning.

Clause c – the word ‘applicable’ replaces ‘related’.

Clause d – change of words – not of meaning.

A note has been added to explain what is the meaning of “post delivery activities”.

7.3.1 A note had been added clarifying that design review, verification and

validation are separated processes but they might be conducted together.

7.3.3

A change of words.

A note had been added clarifying what is included in “preservation of product”.

7.5.3 A requirement added specifying that product traceability must be included throughout the product realization.

That actually means that the product must be identified not only on the shelves after or between, but also throughout the realization process. Is pacticable? Only time will tell…

7.5.4

A change of words in the requirement to inform the customer of any problem

regarding his property.

The note had been amended that also personal data is included as customer’s

property.

7.5.5

A change of words:

from “conformity of” to “in order to maintain conformity to requirements”.

7.6

A change of words: from “devices” to “equipment”.

The reference to paragraph 7.2.1 had been removed.

Clause c – from “be identified to enable the”

to ” identification to enable their”.

Changes in the notes:

Note 1 – the reference to ISO 100012-2 had been removed.

Note 3 – explanation about when configuration of computer must be applied when the computer is used for monitor and measurements processes.

That means that from now on a computers that provides any kind of measurements services is considered a monitoring and measuring device. How can one calibrate a computer? Ask the supplier or your system administrator. They will know better than anyone. But you would have to prove it has been done.

8.2.1

A note had been added to suggest some means of conducting customer satisfaction evaluation.

8.2.2

Requirements for the audit evidence and results had been added and also that the management is responsible for ensuring preventive and corrective action to be taken.

The reference to the ISO 10011 is changed to ISO 19011.

8.2.3

A change of words:

“to ensure conformity of the product” had been removed.

A note had been added to clarify that the organization should determine the type of the monitoring and measuring according to the processes and how will this affect the quality management system.

8.2.4

A change of word:

“maintain evidence of conformity with acceptance criteria” had been removed but it is still a requirement.

8.3

An addition Clause d – specify how to deal with a nonconforming product that was discovered after delivery – but actually there nothing new only that they moved it to a new clause.