ISO 9001 Awareness

By

Suhas Agawane

Chief Consulting Officer

Simple Solutions Consultant

Agenda

• General introduction on ISO • Diff between process determination Vs process

identification• What is process approach• Process Indicators – Effectiveness Vs Efficiency• Macro view of ISO 9001 framework • Amendment vs revisions of documents • Importance of document control • Records are means to captured data and further to

generate information through it • Understanding fundamental terms • Clarity of understanding among terms correction ,

corrective action , preventive action

•Continued

Agenda

• MRM meeting requirements • What Quality policy & objectives means for various

department • P-D-C-A / Demings Cycle• Outsourced process control ( Why & how) • Supplier Capability Assessment• Quick read through ISO 9001 Standard Requirements

General Info – ISO Standards

• ISO standards are published by International Organization for Standardization

• ISO has it’s head quarters at Geneva and more than 180 countries are members of this institution

• ISO publishes various standards on technical specs , testing methods as well as management systems

• In management system domain , following standards (which are relevant to constructions sector) are available from ISO

• ISO certificates are issued by certification bodies (CBs) & these CBs are authorized to do so by accreditation boards

• ISO certificates are valid for 3 yrs. There are surveillance audit conducted by CB every yr & re-registration audit every 3 years

• Latest standard edition for ISO 9001 is 2008. Superseded editions includes 2000 , 1994 , 1987

ISO 9001 (QMS) ISO 14001 (EMS) ISO / OHSAS 18001 (Safety) ISO 27001 (ISMS)

ISO 9000 (Vocabulary)ISO 9004 (Performance Improvement Guideline)ISO 10007 (Project Mgt Guidelines)ISO 19011 (Audit Guidelines)

What is Process

•Continued

Process Mapping

•Continued

Performance Measurements

• Delivery status – On-time, On spec, NCP etc

• Supplier evaluation

Performance Measurements

• Delivery status – On-time, On spec, NCP etc

• Supplier evaluation

Outputs• Receipt of Materials

on right conditions• Right Quality, Right

Quantity• Right Time.

Outputs• Receipt of Materials

on right conditions• Right Quality, Right

Quantity• Right Time.

Purchasing Process StepsPurchasing

Process Steps

Interactions to• Storage• Inspection and Testing• Manufacturing• Finance

Interactions to• Storage• Inspection and Testing• Manufacturing• Finance

Inputs• Required item /

quantity / date• Applicable specs• Supplier source• Suppliers capability

to meet our requirements

Inputs• Required item /

quantity / date• Applicable specs• Supplier source• Suppliers capability

to meet our requirements

Suppliers

• Finance

Suppliers

• Finance

Customers

• Production

• Stores

Customers

• Production

• Stores

Process identification Vs determination

• Process Identification – picking up what is appearing in business operation

• Process Determination – exploring what is required for business operation

• So for determination business context is important

Marco View of ISO 9001 Framework

•Continued

Marco View of ISO 9001 Framework

Provision of Resources

Human Resources

Infrastructure

Work Environment

6 Resource Management

General Requirements

Documentation Requirements

Planning

Customer Related Processes

Design & Development

Purchasing

Production & Service Provision

Management Commitment

Customer Focus

Quality Policy

Planning

Responsibility, Authority & Communication

Management Reviews

5 Management Responsibility

8 Measurement Analysis & Improvements

4 Quality Management System Requirements

7 Product Realization

General

Monitoring & Measurements

Control of NCP’s

Analysis of Data

Improvements

Calibration

Documentation Structure

• Quality Manual - Summarized information how Org‘s systems addresses ISO requirements

• Process Manual – Detailed information how organization’s management processes are executed , controlled and managed

• Procedure Manual – Documented procedural steps to be followed w.r.t. specific ISO / Org‘s requirements

• Forms – Structured document to be used as generating for different types of records

• Record Content (RC) – List out essential information component / details that particular record should contain. It is free form to be used generating specific type of records

Document Control

• Document – The source of information where information is dynamic

• Use of Document – – Action criteria – Reference information for monitoring / execution – Basis for decision making

• These can be in any form• Why need control

– Dependability– Authenticity – Likelihood of changes– Information is collated in context of business

• What controls – Check for correctness – Management/ Authority Endorsement – Know latest changes – Change counter reference – Periodically reflect business context / changes into document

Record Control

• Record – These are special type of documents .

It is post event / action outcome

Once prepared can’t be changed• Interesting examples regarding records–

– Death Will – Degree / Birth Certificate– Purchase Order (Before Vs After Receipt) – Blank form Vs Filled up form – Project Plan Vs Project Review record

• There are no revisions for record , but it might get amendment • They can be in any form – hard / soft copy , database files• Use of Record

– Evidence what happened – Framework for gathering relevant data for various information – Statutory & regulatory requirements – To establish traceability •Continued

Record Control

• Attribute for record use , influencing type of control – Records are kept for substantial period even 10 – 20 years – Records are likely to be recalled any time during it’s retention period – Records may be recalled a another person/s who has not kept it

initially – Records might contain crucial information

• Principal of Record – Record in the File and File is at the location

• Records controls include– To list out – Retention period – Filing approach to facilitate easy retrieve - ability over complete

retention period as well as by another person– Access & disposition – Prevent deteroriation / damage of record during retention period

Understanding fundamental terms

RequirementNeed or expectation that is stated, generally implied or

obligatory

CharacteristicDistinguish feature

QualityDegree to which a set of inherent characteristics

fulfils requirements

ConformityFulfilment of requirement

NonconformityNon Fulfilment of

requirement

GradeCategory or rank given to

different quality requirements for products ,, processes or systems having the same functional use

•Continued

Understanding fundamental terms

CONFORMITY

NON CONFORMITY (NC)Non-fulfilment of a

requirement

DEFECTNon-fulfilment of a

requirement related to an intended or specified use.

DISPOSITIONAction taken to resolve a non-conformity situation

SCRAP

ALTERNATE USE

DEVIATION / CONCESSION

CORRECTIONAction to eliminate a a

detected nonconformity

REWORKAction on NC product to make it conform to the requirements

REPAIRAction on a NC product to make it acceptable for the intended use

RE-GRADE

CORRECTIVE ACTIONAction to eliminate the

cause of a detected NC or other undesirable situation

PREVENTIVE ACTIONAction to eliminate the

cause of a potential NC or other undesirable situation

PERMENANT / LT SOLUTIONS

TEMP

SOLUTIONS

Mastering CA-PA

• Corrective action (CA) – does ensure the similar NCs does not recur again or it’s frequency reduces

• Preventive action (PA) – does ensure that potential NC does not occur or it’s probability reduces

• Steps for CA – PA

Corrective Actions Preventive Actions

1. Analyze different performance data & identify recurring issues Or Major category issue detected

1. Analyze different performance data & identify adverse Or Explore issue risk assessment Or Explore possible application of CA as PA in other area /process /project

2. Determine Potential NC

A. Evaluate need for CA/PA B. Root / Vital cause/s analysisC. Working appropriate action/s to eliminate these root /vital cause /sD. Authorization of action /s plan /sE. Deployment / implement plansF. Monitor outcome G. Verify effectiveness

MRM Meeting Requirements

• MRMs are conducted periodically once in 3/6 months • Objective of MRM is to review organizational process

performance review • Important agenda includes following

– Quality objective and process indicator status review – Internal audit result review– Review of customer complaints , satisfaction and feedback– Resource requirements and training plan – Improvement planned – Analysis reports and CA-PA status– Review of previous MRM decisions / actions – BEM re-visit and QMS changes – Project performance (Cost-Time-Quality)

• Concerned HODs needs to present following during meeting– Process indicator status and data – Departmental analysis report & CA-PA Log – Actions for & status of internal audit NCs – Status & progress on actions from previous MRM

What is mean by Policy & Objective

• Policy gives direction and framework for operational activity focus as well as decision making

• Various elements of policy needs to be interpreted by concerned functional team in terms how it is relevant to them

• Certain elements relevant to all functional team where as some are relevant to few functional team

• Objectives are statement on performance goals with targets • Quality Objectives are at apex level and responsibility is

assigned to main contributing function • Various other functional team then needs to contributed

through supporting these objectives in it’s relevant functional parameter

• These objectives should & can be linked to appropriate process indicators for various functional team

• Objective targets needs to be SMART

Stretchable , Measurable , Achievable , Relevant , Time-bound

PDCA (Demings Cycle)

• It talks about the continual improvements in small steps which are cascaded

• Plan the actions > Execute the actions > check the outcome > take necessary corrective measures wherever results are not as expected

• Plan • Do

• Check• Act

P D

CA

Outsourcing process control (Why & How)• Organization buys products & services • These products & services are of three categories

a. Supplier’s own branded / standard products

b. Products & services supplied as organization requirements and of which quality can checked through inspection

c. Products & services supplied as organization requirements and of which quality can not be checked through inspection

• The category ‘c’ case is called as outsourcing • This outsourcing in some cases goes complete back to back

activity e.g. – Third party licensing manufacturing of pharma products , Complete construction work sub-contracting

• Whether you carry out the process or your supplier , ISO 9001 requirements must be met.

• So in outsourcing process control , first thing required is to identify which are ISO 9001 requirements shall be applicable for particular out sourced

•Continued

Outsourcing process control (Why & How)• Next step is to discuss what kind of controls the specific

supplier can establish for these applicable requirements• For non addressed requirements , then workout suitable

alternate controls that organization should put in place• If supplier is ISO certified , organization may consider this

third party certification for it’s control

Supplier Evaluation

• Supplier’s evaluation is carried out from two perceptive • (I) Supplier’s capability assessment / re-assessment

– In this focus to assess supplier facilities , capability , credibility

– This is required to be done fore selection of supplier – Periodic re-assessment to re-assess changes if any in above

• (II) Supplier’s performance evaluation – In this objective is to review how was the performance of

supplier for purchase transaction done during specified period – Performance factor generally include Quality , Timely delivery ,

Price and Support – Outcome of evaluation – rating , CAs , delisting

• Capability assessment & performance evaluation criteria can vary based on type of products & services