Risk Based Thinking in ISO FDIS 9001:2015

Question

In 0.3.3 Clause of the standard – it is said that “A positive deviation of the risk can provide an opportunity, but not all positive effects of risk result in opportunities.”  Can you please clarify this statement?

Answer

Thanks for contacting ASQ’s Ask the Experts program.  Good question! As mentioned, ISO FDIS 9001:2015, Clause 0.3.3, which states, “A positive deviation of the risk can provide an opportunity, but not all positive effects of risk result in opportunities”.

In my opinion, this highlights an important point.  That is, not every positive deviation or change of a risk will include opportunity.  Consider the recent changes that have occurred in the Oil and Gas industry.  When the demand for crude oil was high, the availability of various materials and services providers was low, and prices were high.  This situation (availability of materials, services providers and costs) may have been identified as a supply chain risk.

However, the oversupply of crude oil drove prices down.  Crude oil production has dropped to stabilize pricing at the pumps.  This positive deviation of risk has provided an opportunity to crude oil producers, which includes the improved availability of materials, greater selection of services providers as well as more competitive pricing.  So dependent upon where you sit, this deviation of risk may be considered a negative that has decreased product demand and lowered pricing or a positive that has lowered consumer pricing and increased availability.

Consider companies that are providers of upstream services to crude oil producers.  Their risk based thinking may have identified the supply of qualified personnel to perform upstream servicing as a risk.  The decrease in demand for upstream services has increased the pool of qualified personnel.  However, this positive deviation of risk does not represent an opportunity.  The scenarios mentioned above are basic and intended to highlight the point of ISO FDIS 9001:2015, Clause 0.3.3.  There are far more dynamics that should be considered when assessing the deviation of risk versus opportunity.

I hope this helps.

Best regards,

Bill

Bill Aston, Managing Director
Aston Technical Consulting Services, LLC
Kingwood, TX 77339
Office: (281) 359-ATCS (2827) or Toll Free: (888) 968-9891
Website: www.astontechconsult.com

Posted in ISO 9001 - Quality Management Systems | Tagged | Leave a comment

Internal Audits

Question

Can the Management Representative be part of the internal auditor team?

Answer

Thank you for contacting ASQ’s Ask the Experts program.  Concerning your question, ISO 9001:2008, clause 8.2.2, only prohibits persons from auditing their own work.  So provided that the Management representative is assigned to audit processes that are outside his/her work responsibilities, there is no other restriction in with regard.   ISO 19011:2011,clause 4.0, “Principals of auditing” as well as clause 6.3.3, “Assigning work to the audit team”, should be reviewed for additional insight and understanding.

I hope this helps.

Best regards,

Bill

Bill Aston, Managing Director
Aston Technical Consulting Services, LLC
Kingwood, TX 77339
Office: (281) 359-ATCS (2827) or Toll Free: (888) 968-9891
Website: www.astontechconsult.com

Posted in Auditing, ISO 19011 - Auditing | Tagged | 1 Comment

Approved Supplier List

Question

I would like to know how supplier status in the Approved Supplier List (ASL) should be managed so that there is complete traceabilty.  For instance, a vendor status is changed from approved to not approved in the ASL for reasons other than substandard performance which is documented in an audit report, how should QA document such change to ensure that these changes are tracked. Could QA make changes in the ASL without notifying the Purchasing Department and without any documentation?

Answer

Thanks for contacting ASQ’s Ask the Experts program.  Concerning your questions, about supplier status traceability, and ASL management, the following response is provided.

Dependent on the number of suppliers involved and the availability resources, an organization may choose to utilize a single or combination of methods to monitor supplier performance and supplier status.  These methods may range from using an MS Word or Excel spreadsheet, Access database to a multi-user database.

As you are aware, ISO 9001:2008, Clause 7.4.1, requires the organization to establish criteria for selection, evaluation and re-evaluation of suppliers.  This clause also requires records of results of evaluations to be maintained.  This includes any necessary actions taken as a consequence of the evaluations conducted, such as the removal of a supplier from the ASL or changed approval status.

ISO 9001:2008 does not limit a company’s ability to remove a supplier from the ASL.  This is an internal decision based on the company’s established criteria.  So there could be various reasons for removing a supplier from the ASL.  Likewise, with changing a supplier’s status from pending, approved to not approved.  As mentioned, ISO 9001:2008, Clause 7.4.1, requires records of supplier evaluations to be maintained, and any actions taken as a result of the evaluation to be retained.

The a primary purpose of the ASL is to ensure the placement of purchase orders or contracts are limited to those suppliers that meet the company’s established criteria for supplier selection, evaluation, and re-evaluation.  For this reason, Purchasing must be included in any changes made that may affect their use of the ASL.

Generally speaking, Purchasing is responsible for maintaining and updating the ASL, which includes ensuring the current status of suppliers of products and services are identified.   The company’s internal audit process is typically used to assess Purchasing’s conformance with established criteria for supply chain management.

In summary, I would not recommend that changes be made to any QMS process without the involvement of the QMS process owner and management as applicable.  ISO 9001:2008, Clause 5.4.2, sub b., requires top management to ensure that the integrity of the QMS is maintained when changes are planned and implemented.  If changes are made to the ASL, Purchasing should certainly be involved.

I hope this helps.

Best regards,

Bill

Bill Aston, Managing Director
Aston Technical Consulting Services, LLC
Kingwood, TX 77339
Office: (281) 359-ATCS (2827) or Toll Free: (888) 968-9891
Website: www.astontechconsult.com

Posted in Other | Tagged | Leave a comment

Auditor’s Responsibilities

Question

Is it an auditor’s responsibility to seek the “root cause” while conducting an audit?

Answer

An auditor should not seek the root cause for an audit finding. An auditor’s responsibility is to verify compliance with a requirement (e.g. ISO 9001 standard) and determine if there is compliance with the requirement or not. In doing so, there is objectivity in making that assessment.

If an auditor determines the root cause, it introduces subjectivity and potential conflict of interest to the audit process and in correcting an issue. In addition, the auditor may not have the full information about the issue thus the “root cause determined by the auditor” may not correct the non-compliance to the requirement.

Best Regards,

Dilip

Dilip A. Shah ASQ Fellow, ASQ-CQE, CQA, CCT,
President, E = mc3 Solutions,
Technical Director, Sapphire Proficiency Testing Services
Past Chair, ASQ Measurement Quality Division (2012-2013)
Past Member of the A2LA Board of Directors (2006-2014)
Tel: 330-328-4400
Fax: 1-888-226-9533
E-mail: emc3solu@aol.com

Posted in Auditing | Tagged | Leave a comment

TS16949, ISO9001

Question

Our company designs and manufactures commercial and automotive semiconductor products. We used to maintain dual certification (ISO9001 and TS16949) for all of our manufacturing and assembly locations, but recently dropped the ISO9001 certification.  My questions are as follows:

1) If we manufacture automotive and non automotive products in the same location “site”, without dedicated separation, does the TS certification eligibility apply to the entire site?

2) Can we include the non automotive design RSLs in the TS16949 certificate scope, or would we need a separate ISO9001 certificate to cover those activities?

Answer

Thank you for your question.   Yes, TS 16949 requirements would apply to all of your “automotive” processes whether they produce/support only automotive products or not.   This is actually the way you’d want to do it:  it would be more complicated to try to have two systems for automotive and non-automotive products.    If you have only one certification, the scope of your audits would have to be your whole product line, and not just your automotive products.

The answer to your second question is again related to the scope of your registration.   If you are not design-responsible for the automotive side of your business there is a risk that your TS 16949 audits (internal and external) do not include your design function.    If you want your design activity in scope, work with your registrar to roll it into your scope of registration.  Understand that if you do it that way, your non-automotive design would be subject to all of the additional 7.3 controls listed in TS 16949.  Although you should be able to cover it under one registration, It will be up to them if they want you to split it out into a separate ISO 9001 registration.  The impact of that difference should be minimal.

Please let us know if you have any follow-up questions related to this answer.

Denis

Denis J. Devos, P.Eng
A Fellow of the American Society for Quality
Devos Associates Inc.
(519) 476-8951
www.DevosAssociates.com

Posted in ISO 9001 - Quality Management Systems, TS16949 - Automobiles | Leave a comment

TS16949 Layouts

Question

On layout inspection, if the customer doesn’t specify, what will be the minimum required for TS16949? What is the frequency of this layout inspection for TS16949?

Answer

Thank you for your question.  ISO/TS 16949:2009 does not require an annual layout, but Clause 8.2.4.1 states that annual layouts will be performed in accordance with the Control Plan.    If the Customer requires an annual layout, you will flow that requirement down into your Control Plan and conduct the layouts.  If none of your customers require an annual layout, you are not required to do them (but you can if you choose to do so).

I hope you found this answer helpful.

Denis

Denis J. Devos, P.Eng
A Fellow of the American Society for Quality
Devos Associates Inc.
(519) 476-8951
www.DevosAssociates.com

Posted in TS16949 - Automobiles | 1 Comment

Question

In ISO 9001 internal audit process, can we include the TQM function? If so, then which clause of ISO 9001 refers to it?

Answer

With regard to the ISO 9001:2008 internal audit process and its relationship to total quality management (TQM), it should be noted that TQM was a concept used by many companies worldwide prior to the existence of ISO 9000 quality management systems.

A few of the commonalities that are shared between TQM and ISO 9001:2008 include their focus on:

  • Reducing costs
  • Increasing profits
  • Leadership’s involvement
  • Ensuring customer satisfaction
  • Ensuring employee competency and involvement
  • Resource management
  • Quality system planning
  • Development of mutually beneficial supplier relationships
  • Accomplishment of objectives that support the organization’s mission (i.e., quality policy)

The primary difference that sets ISO 9001:2008 apart from TQM is that ISO 9001 has defined requirements for the establishment of documented procedures and records to provide evidence of conformance.  The concepts of TQM permeate quality systems that are based upon ISO 9001:2008 requirements.  In my opinion, if your internal audit criteria is ISO 9001, you’re also verifying that TQM concepts are being utilized within the quality system.  More information regarding TQM is provided in Juran’s Quality Handbook, 5th Edition.  Also consider reviewing the eight (8) quality management principles provided in ISO 9000:2005, Introduction, subclause 0.2.  These principles are applicable to all ISO 9000 family of quality management system standards.

Bill Aston, Managing Director
Aston Technical Consulting Services, LLC
800 Rockmead, Suite 170, Kingwood, TX 77339
Office: (281) 359-ATCS (2827)
Website: www.astontechconsult.com

For more information about TQM, please visit the Knowledge Center’s TQM page: http://asq.org/learn-about-quality/total-quality-management/overview/overview.html

Find out more information about ISO 9000 here: http://asq.org/learn-about-quality/iso-9000/overview/overview.html

Link | Posted on by