Managing Processes In ISO 9000 Standards

Managing Processes In ISO 9000 Standards

The ISO 9000 Standard requires the organization to manage the identified processes in accordance with the requirements of ISO 9001.

The first stage in managing a process is to establish what it is you are trying to achieve, what requirements you need to satisfy, what goals you are aiming at; then establish how you will measure your achievements. The next stage is to define the process you will employ to deliver the results. Managing the process then involves managing all the inherent characteristics of the process in such a manner that the requirements of customers and interested parties are fulfilled by the process outcomes. This means:

Managing the process inputs

Managing the work

Managing the physical resources

Managing the financial resources

Managing the human resources

Managing the constraints

Managing the outputs

Process management is therefore much more than managing activities and therefore when describing processes, one needs more than a flow chart of activities. The chart is a diagrammatical representation of a process but only one aspect. One can also add numerical data to the charts to indicate resources, cycle times, delays, costs etc. but the intangible factors of the human environment cannot be reduced to numerical data to add to the charts.

The notes to clause 4.1 of ISO 9001 need some explanation. It is stated that the processes needed for the management system include management activities, provision of resources, product realization and measurement. This note could cause confusion because it suggests that these are the processes that are needed for the management system. It would be unwise to use this as the model and far better to identify the processes from observing how the business operates. The term provision of resources should be Resource Management, which is the collection of processes covering financial, human and physical resources.

Product realization is also a collection of processes such as design, production, service delivery, etc. Measurement is not a single process but a sub-process within each process. Grouping all the measurement processes together serves no useful purpose except it matches the standard – a purpose of little value in managing the organization.

The second note refers to outsourcing processes although it is difficult to imagine that management activities, product realization or measurement would be outsourced in its entirety. It is likely that market research; design, product verification, equipment calibration and other specialized services may be outsourced. While outsourcing comes under purchasing, it is correct to point out that the organization should control any outsourced processes. The supplier of the process is usually referred to as a subcontractor because they provide services to the organization’s requirements not their own. Control of subcontractors is covered by clause 7.4 but in meeting clause 7.4.3, you need to treat suppliers and subcontractors differently.

ISO 9000 Standards – Conducting Management Reviews

ISO 9000 Standards – Conducting Management Reviews

The ISO 9000 standards requires that top management conduct

management reviews.

The term review is defined in ISO 9001 as an activity

undertaken to ensure the suitability, adequacy, effective-

ness and efficiency of the subject matter to achieve

established objectives. The addition of the term manage-

ment means that the management review can be

perceived as a review of management rather than a

review by management, although both meanings are conveyed in the standard.

The rationale for this is that the examples given in ISO 9000 such as design

review and nonconformity review clearly indicate it is design and non-

conformity that is being reviewed. If the system was to be reviewed then the

action should be called a system review. It is no doubt unintentional in the

standard but, if the management system is perceived as the way in which the

organization’s objectives are achieved, a review of management is in fact a

review of the way achievement of objectives is being managed because the

organization exists to achieve objectives and so both meanings are correct.

Top management will not regard the management review as important unless

they believe it is essential to running the business. The way to do this is to treat

it as a business performance review. This is simpler than it may appear. If the

quality policy is now accepted as corporate policy and the quality objectives

are accepted as corporate objectives, any review of the management system

becomes a performance review and no different to any other executive

meeting. The problem with the former management reviews was that they

allowed discussion on the means for achieving objectives to take place in other

management meetings leaving the management review to a review of errors,

mistakes and documentation that no one was interested in anyway. The

management system is the means for achieving objectives therefore it makes

sense to review the means when reviewing the ends so that actions are linked to

results and commitment secured for all related changes in one transaction.

The requirement emphasizes that top management conduct the review – not

the quality manager, not the operational manager – but top management – those

who direct and control the organization at the highest level. In many ISO 9000

registered organizations, the management review is a chore, an event held once

each year, on a Friday afternoon before a national holiday – perhaps a cynical

view but nonetheless often true. The reason the event has such a low priority

is that management have not understood what the review is all about. Tell

them it’s about reviewing nonconformities, customer complaints and internal

audit records and you will be lucky if anyone turns up. The quality manager

produces all the statistics so the others managers are free of any burden. By

careful tactics, these managers may come away with no actions, having

delegated any in their quarter to the quality manager.

In order to provide evidence of its commitment to conducting management

reviews, management would need to demonstrate that it planned for the

reviews, prepared input material in the form of performance results, metrics

and explanations, decided what to do about the results and accepted action to

bring about improvement.

The ISO 9000 standards requires that top management conduct management reviews.

The term review is defined in ISO 9000 Standards as an activity undertaken to ensure the suitability, adequacy, effectiveness and efficiency of the subject matter to achieve established objectives. The addition of the term management means that the management review can be perceived as a review of management rather than a review by management, although both meanings are conveyed in the standard.

The rationale for this is that the examples given in ISO 9000 Standards such as design review and nonconformity review clearly indicate it is design and non-conformity that is being reviewed. If the system was to be reviewed then the action should be called a system review. It is no doubt unintentional in the standard but, if the management system is perceived as the way in which the organization’s objectives are achieved, a review of management is in fact a review of the way achievement of objectives is being managed because the organization exists to achieve objectives and so both meanings are correct.

Top management will not regard the management review as important unless they believe it is essential to running the business. The way to do this is to treat it as a business performance review. This is simpler than it may appear. If the quality policy is now accepted as corporate policy and the quality objectives are accepted as corporate objectives, any review of the management system becomes a performance review and no different to any other executive meeting. The problem with the former management reviews was that they allowed discussion on the means for achieving objectives to take place in other management meetings leaving the management review to a review of errors, mistakes and documentation that no one was interested in anyway. The management system is the means for achieving objectives therefore it makes sense to review the means when reviewing the ends so that actions are linked to results and commitment secured for all related changes in one transaction.

The requirement emphasizes that top management conduct the review – not the quality manager, not the operational manager – but top management – those who direct and control the organization at the highest level. In many ISO 9000 registered organizations, the management review is a chore, an event held once each year, on a Friday afternoon before a national holiday – perhaps a cynical view but nonetheless often true. The reason the event has such a low priority is that management have not understood what the review is all about. Tell them it’s about reviewing nonconformities, customer complaints and internal audit records and you will be lucky if anyone turns up. The quality manager produces all the statistics so the others managers are free of any burden. By careful tactics, these managers may come away with no actions, having delegated any in their quarter to the quality manager.

In order to provide evidence of its commitment to conducting management reviews, management would need to demonstrate that it planned for the reviews, prepared input material in the form of performance results, metrics and explanations, decided what to do about the results and accepted action to bring about improvement.

ISO 9000 Standards – Quality Management Principles

ISO 9000 Standards – Quality Management Principles

A quality management principle is defined by ISO/TC 176 as a comprehensive and fundamental rule or belief, for leading and operating an organization, aimed at continually improving performance over the long term by focusing on customers while addressing the needs of all other interested parties. Eight principles have emerged as fundamental to the management of quality.

All the requirements of ISO 9001:2008 are related to one or more of these principles. These principles provide the reasons for the requirements and are thus very important. The quality management principles can be listed as below:

1. Customer focus
Organizations depend on their customers and therefore should understand current and future customer needs, meet customer requirements and strive to exceed customer expectations.
The customer focus principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Communication with the customer
b. Care for customer property
c. The determination of customer needs and expectations
d. Appointment of a management representative
e. Management commitment

2. Leadership
Leaders establish unity of purpose and direction for the organization. They should create and maintain the internal environment in which people can become fully involved in achieving the organization’s objectives.
The leadership principle is reflected in ISO 9000 Standards through the requirements addressing:
a. The setting of objectives and policies
b. Planning
c. Internal communication
d. Creating an effective work environment

3. Involvement of people
People at all levels are the essence of an organization and their full involvement enables their abilities to be used for the organization’s benefit.
The involvement of people principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Participation in design reviews
b. Defining objectives, responsibilities and authority
c. Creating an environment in which people are motivated
d. Internal communication
e. Identifying competence needs

4. Process approach
A desired result is achieved more efficiently when related resources and activities are managed as a process.
The process approach principle is reflected in ISO 9000 Standards through the requirements addressing:
a. The identity of processes
b. Defining process inputs and outputs
c. Providing the infrastructure, information and resources for processes to
function

5. System approach to management
This principle is expressed as follows:
Identifying, understanding and managing interrelated processes as a system contributes to the organization’s effectiveness and efficiency in achieving its objectives.
The system approach principle is reflected in ISO 9001 through the requirements addressing:
a. Establishing, implementing and maintaining the management system
b. Interconnection, interrelation and sequence of processes
c. The links between processes
d. Establishing measurement processes

6. Continual improvement
This principle is expressed as follows:
Continual improvement of the organization’s overall performance should be a permanent objective of the organization.
The continual improvement principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Improvement processes
b. Identifying improvements
c. Reviewing documents and processes for opportunities for improvement

7. Factual approach to decision making
This principle is expressed as follows:
Effective decisions are based on the analysis of data and information.
The factual approach principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Reviews, measurements and monitoring to obtain facts
b. Control of measuring devices
c. Analysis to obtain facts from information
d. Records for documenting the facts
e. Approvals based on facts

8. Mutually beneficial supplier relationships
This principle is expressed as follows:
An organization and its suppliers are interdependent and a mutually beneficial relationship enhances the ability of both to create value.
The mutually beneficial supplier relationships principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Control of suppliers
b. Evaluation of suppliers
c. Analysis and review of supplier data

ISO 9001 Standards Video

ISO 9000 Standards - ISO 9000 Standard Software
The term ISO9000 Standards refers to a set of quality management standards. ISO9000 currently includes three quality standards: ISO 9000:2005, ISO 9001:2000, and ISO 9004:2000. ISO 9001:2000 presents requirements, while ISO 9000:2005 and ISO 9004:2000 present guidelines. All of these are process standards (not product standards).

ISO 9001 Standard 's purpose is to facilitate international trade by providing a single set of standards that people everywhere would recognize and respect.

The ISO 9001 Standards apply to all kinds of organizations in all kinds of areas. Some of these areas include manufacturing, processing, servicing, printing, forestry, electronics, steel, computing, legal services, financial services, accounting, trucking, banking, retailing, drilling, recycling, aerospace, construction, exploration, textiles, pharmaceuticals, oil and gas, pulp and paper, petrochemicals, publishing, shipping, energy, telecommunications, plastics, metals, research, health care, hospitality, utilities, pest control, aviation, machine tools, food processing, agriculture, government, education, recreation, fabrication, sanitation, software development, consumer products, transportation, design, instrumentation, tourism, communications, biotechnology, chemicals, engineering, farming, entertainment, horticulture, consulting, insurance, and so on.

KEY CONSIDERATIONS IN IMPLEMENTING ISO 9001 IN SMEs

There are many issues that must be addressed in moving the QMS from the initial state to the desired state. For example, all organizations implementing ISO 9001 will need to consider the unique culture within the organization, its size, and the resources available. Beyond those widely discussed points, three issues that merit particular attention are (1) consideration of the QMS as a parallel function, (2) training, and (3) auditing. Key points associated with these issues are discussed below.

In the case of all of the transitions depicted, real benefits from the QMS are more

likely to be experienced if the QMS is implemented directly into the core structure of the organization. SMEs must be cautious against establishing a QMS that is run separately in parallel to its other systems. In SMEs, the parallel subsystem most commonly exhibits itself as a separate Quality Assurance, or in some cases, ISO 9001 department. Possible reasons for this may include the existence of rigid departmental boundaries in some SMEs or overemphasis on core activities. As Yauch and Steudel [10] note, SMEs tend to focus their attention on “…necessary routine activities (such as sales, production, shipping, etc.) rather than activities aimed at improving processes or systems.” If a SME insists on establishing a separate quality department, its level of effectiveness can be increased by embedding the QMS in widely-used organizational systems where practical. The integration is largely a function of how well the QMS manages to share information with other subsystems and its ability to align with the policies, norms, goals, and values in place throughout the organization.

In SMEs, training and staff development is more likely to be ad hoc and small scale because of modest human and financial resources and the absence of a specific training budget. To prevent the problems arising from lack of education and training, two things must be done:

1. Education of Top Management: The centralization of decision-making processes within many SMEs means that the management can either be the main stumbling block to change or the main catalyst for change. Therefore, any approach to ISO 9001implementation must involve considerable education for the top management of the organization to create awareness and understanding of the implementation process as a change initiative. Implementing a fully functional and documented QMS requires motivation by top management to appreciate, achieve, and implement the necessary measures to meet the standards’ criteria.

2. Education and Training of Employees: SMEs are often under pressure to quickly gain ISO 9001 registration. Meeting the requirements of the standard in a short period of time can prove a formidable obstacle for a small company. Since most SMEs do not possess the needed expertise internally, they may be inclined to hire external experts to provide the necessary technical expertise and manpower. However, having a functioning and documented QMS requires more than that. It requires ensuring that all employees in the organization clearly know what is expected of them and how they can contribute to the attainment of their organizations’ goals. This will likely require the preparation and implementation of a training plan tailored specifically to the unique characteristics and maturity level of the SME.

As emphasized throughout the paper, a QMS is not going to produce the expected results unless it is fully functional. While auditing must therefore verify the existence of the necessary documentation, it must also focus on the functionality of the QMS. The measurement of the functionality and the qualitative and financial impacts of a QMS have been the subject of several studies, including Kaynak. Among the categories used to measure functionality and performance improvement, two are particularly noteworthy for our purposes: management commitment and employee involvement. A QMS cannot be functional in the absence of those two characteristics. Therefore, as a minimum, internal and external auditors should continually verify top management’s commitment to increased company-wide quality awareness and improvement in addition to employee involvement in the design, implementation, operation, and improvement of quality related processes and procedures.

What Is New In ISO 9001:2008 Standards

The new edition of ISO 9001 is an amendment and not a revision; in other words, the changes are very small. They are broadly as follows:

- the user-feedback survey on ISO 9001:2000 revealed that there were some ambiguities and some points needing clarification. These have been tidied up, along with clarification inareas that were previously too open to interpretation.

- the new edition has improved compatibility with ISO 14001 for those wishing to integrate their ISO 14001 certification with their ISO 9001 certification.

ISO 9001:2008 – What it means to certified organizations

For certified organizations, the transition period runs from 14 November 2008 to 31 December 2009. All organizations need to be compliant with ISO 9001:2008 by the end of 2009 to retain their certification. BSI’s clients will be audited against the new edition of the standard at their next continuing assessment or re-certification visit.

Antony Barrett, product marketing manager responsible for ISO 9001 at BSI Management Systems UK, comments: “We don’t see anyone having any problems in achieving the 2008 edition of the standard.” Client managers will work with clients to manage the process.

ISO 9001 — a way of managing for conformance

Quality assurance, according to the Standard, is a way of managing that prevents non-conformance and thus “assures quality”. This is what makes ISO 9001 different from other standards: it is a management standard, not a product standard. It goes beyond product standardisation: it is standardising not what is made but how it is made. To use standards to dictate and control how organisations work was to extend the role of standards to new territory. To take such a step we might have firstly established that any such requirements worked — that they resulted in ways of working which improved performance.

Yet the plausibility of this Standard, and the fact that those who had an interest in maintaining it were (and still are) leading opinion, prevented such enquiries. In simple terms the Standard asks managers to say what they do, do what they say and prove it to a third party.

ISO 9000 (1994) paragraph 1: “The requirements specified are aimed primarily at achieving customer satisfaction by preventing non-conformity at all stages from design through servicing.”

To put it another way, the Standard asserts that preventing non-conformance achieves customer satisfaction. But does it? Of course it matters to customers that a product works. But there is no guarantee that the Standard will ensure even that. Furthermore, customers take a total view of an organisation — how easy it is to do business with — in respect of all things of importance to each and every customer.

ISO 9001 requires managers to “establish and maintain a documented quality system as a means of ensuring that product conforms to specified requirements”. Loosely translated this is “say what you do”. Management is supposed to “define and document its policy for quality . . . including its commitment to quality”.

What management would not declare its commitment to quality? But would they know what it means? Would they argue (as they should) that quality management is a different and better way to do business, or would they believe that ISO 9000 will take care of quality? The Standard encourages managers to think of “quality” and “business as usual” as separate and distinct. It helps managers avoid the revelation that quality means a wholly different view of management. Instead, the organisation “shall appoint a management representative who, irrespective of other responsibilities, shall have defined authority and responsibility” [for ISO 9000]. At a practical level this means only one executive might decide he or she had better learn a thing or two about quality. However, would being responsible for ISO 9001 lead to learning about quality or simply enforcing the ISO 9000 regime in an organisation?

Key to the regime is auditing. The Standard requires organisations to conduct internal quality audits to “verify whether quality activities comply with planned arrangements”. This can be loosely translated as “do you do as you say?” and the purpose of the audit is to see that you do. It was not until the 1994 review that the words were changed to “quality activities and related results”. It was a Standard which was rooted in the philosophy of inspection: fifteen years after its initial promulgation the promoters sought to extend the focus to results. But results or improvements assessed by what means? Inspection. By the time the Standard was adopted world-wide, quality thinking had moved a long way from the philosophy of inspection. It is now understood, at least by a few, that quality is achieved through managing the organisation as a system and using measures which enable managers to improve flow and reduce variation (which we explore in chapters 5 and 7). The defenders argue that there is nothing stopping a company having ISO 9000 and implementing methods for managing flow and reducing variation, but where are such companies? Few of the companies we researched, formally and informally, knew anything about this thinking. The Standard does not talk about it; moreover, the Standard effectively discourages managers from learning about it by representing quality in a different way.

According to ISO 8402 (quality vocabulary), quality is:

“The totality of features and characteristics of a product or service that bear on its ability to satisfy stated or implied needs.”

Everything we have learned about ISO 9000 suggests that the people who created this definition were thinking about the things which need to be controlled, those things which “bear on its ability . . .”. The builders of the Standard assumed that customer needs would be listed in contractual agreements between the supplier and customer. ISO 9000 has a “make” logic — procedures for “how you do what you do” — and a “control” logic — check to see that it is done. It is a relic of the era when contractual agreements were perceived to be an important device for regulating the behaviour of suppliers. In these ways, ISO 9000 encouraged “planning for quality”.

Planning for quality sounds plausible, but it assumes many things: that the plan is the right plan, that it is feasible, that people will “do it”, that performance will improve. It is an approach which, paradoxically, leads to poor decisions. Planners of quality systems, guided by ISO 9000, start with a view of how the world should be as framed by the Standard. Understanding how an organisation is working, rather than how someone thinks it should, is a far better place from which to start change of any kind