What is ANSI/ISO/ASQ Q9001:2008?

ISO documentation practices, requirements

Q: Is there any difference between ANSI/ISO/ASQ Q9001:2008 and ISO 9001:2008? Is it just semantic, or is it ASQ’s take on ISO 9001:2008 Quality management systems–Requirements?

A: They are exactly the same and can be referred to interchangeably. Because of our involvement in developing the standard, we are able to sell it to our ASQ members at a discounted price —

ASQ: $97 members, $121 list

ANSI: $142

ISO: $134 [(or 122 Swiss Franc) e-version]

*prices as of 3/29/2012

ASQ is the only place to get this discounted, identical American national adoption of the international standard.

The ANSI designation shows it has been adopted as an American National Standard (ANS), and that U.S. experts believe the standard is a good one and should be followed by the U.S. Since ASQ is the administrator of the group (known as a Technical Advisory Group/TAG in the standards development world) that develops ISO 9001, we are the only organization allowed to put its name in the designation. ASQ is a member of ANSI and is accredited by them to be a standards-developing organization.

ASQ Standards Development Team

Those interested in purchasing the current standard revision may do so here.

Value and Benefits of ISO 9001

Q: My company is struggling with the decision to spend any more money on the ISO 9001:2008 Quality management systems–Requirements registration.  How many of our peers believe that the continuation of this certification is worth the cost? I have been trying to find statistics on the number of revised certifications that have been accomplished since the release of the 2008 version and am finding that there is little to no information available.  This leads me to think that the whole agenda has been identified as not a worthwhile cost effective exercise and companies are dropping out of the program.

Does ASQ have any relevant information regarding the “added value” of certification?  I have proposed to my management that the money spent on certification and all the wasted effort to make some auditor happy is not in the best interest of the company and would like your feedback on this position.  I watch as we struggle for 1.5 months before the dreaded audit to make it look like we are compliant, watch the auditor fumble around looking for some minor discrepancies that will make it look like he was worth having in for tea and crumpets and then watch the organization sigh a big relief when we get away with the lack of compliance or caring about compliance for the next two years, as the real task is making money and not wasting time meeting perceived compliance to perceived “requirements”.

The Toyota debacle makes it hard for me to even stand in front of my peers and preach this as useful.  It is clear that the bottom line is dollars and the need to support compliance to some document is merely wasteful effort that has been passed over like all the other historical (hysterical) quality programs—zero defects, statistical process control, total quality management. What do you say?

A: I would like to answer your questions in three part harmony. First of all, I’ll mention a brief history of ISO. Much of this you will be familiar with but it helps to reaffirm the legitimacy of ISO as an international organization rather than just an abbreviation for a place to throw your money. Second, I will express a few of the many benefits of ISO certification. Finally, I will share my own perceptions. Things I have personally witnessed resulting from ISO certification.

History-benefits-perceptions are a three-part harmony which can improve organizations and strengthen communities.

I would like to share a bit about ISO – What it is, as well as what it is not.

So what is ISO?

First of all, let’s consider the letters “ISO.” Because the “International Organization for Standardization” would have different abbreviations in different languages (Like IOS in English, or OIN in French for Organisation International de Normalization), it was decided at the beginning to use a word derived from the Greek isos, meaning “equal.” Therefore, whatever the country, whatever the language, the short form of the organization’s name is always ISO.

ISO is a network of the international standards institutes of 162 nations with a Central Secretariat in Geneva, Switzerland that coordinates the system. The ISO organization officially began in February 1947. ISO is not a governmental organization. It is not like the United Nations System with delegations of national governments. So, although many of ISO’s members are part of the government structure of their countries the members have their roots in industry and the private sector.

Also, ISO is not a quality standard. That is, ISO isn’t a tolerance level we must make parts to. It is not a high quality standard we must meet just to stay in business.

ISO 9001 refers to a type of ISO standard. ISO 9001 is concerned with “quality management.” This means what the organization does to enhance customer satisfaction by meeting customer and any regulatory requirements and to continually improve its performance in this regard.

ISO implementation in any organization introduces the many values of team work as well. I realize those bits of history can seem a bit lengthy but it is of extreme importance to recognize the time and combined efforts put in by so many individuals from so many nations. It is that dedication which helps to make the ISO Standards as useful and beneficial as they have become.

With regard to benefits, the positive reports are almost endless. I will share just a few of which come from reliable sources such as Dun and Bradstreet, Dallas Business Journal, manufacturingnews.com and others.

Simply noted, ISO certified companies reap:

The effect of ISO 9000 certification on financial perfomance

-Improved consistency of service and product performance
-Higher customer satisfaction levels
-Improved customer perception
-Improved productivity and efficiency
-Cost reductions
-Improved communications, morale and job satisfaction
-Competitive advantage and increased marketing and sales

D&B notes:

-85% of registered firms report external benefits
-Higher perceived quality
-Greater customer demand
-95% report internal benefits
-Greater employee awareness
-Increased operational efficiency
-Reduced scrap expense

Other reports note:

-30% reduction in customer claims
-95% improvement in delivery time
-Reduced defects from 3% to 0.5%
-40% reduction in product cycle time
-International acceptance and recognition
-Estimated return on Investment for companies with consistent compliance have been reported +30% to +600%

I could go on with statistics but I am sure you can research and find many more such positive reports. Therefore I will turn now to third member of the harmony I mentioned. That is perception.

The various feedbacks noted above show all of the remarkable “exterior” perceptions. Increased business, customer satisfaction, less downtime, etc. So I will take a moment to mention some things about “internal” perceptions.

It is said that changing a culture can take from several years. Introducing ISO into an organization is indeed introducing a new culture. Individuals are encouraged to do some things they did not and to change some of the habits they have formed.

It has been my experience, with several companies, that the culture change associated with ISO implementation is multilayered. The first and most obvious benefit is quality awareness. The most experienced machinists, fabricators, administrators, all employees suddenly take acquire an appreciation for quality which they did not have, no matter how good they may have been. This quality awareness does not fade away easily. Even those who offer strong resistance to change learn to respect and very much appreciate all the practical value in a good quality management system.

ISO certification does not ensure success. It does not ensure profit. Nonetheless, I have seen companies with little to no quality system grow to be world class quality organizations with the guidance of a strong ISO based QMS.

If failure is experienced, it can be due to lack of understanding on the part of management. They may have failed to act or provide preventive actions when needed. People are often interested in quick and simple solutions and are not willing to practice even simple self-dicipline. Most often, the greater portion of their interests are in getting a certificate to hang on the wall of their office and an addition to their letter head.

I firmly believe, and have witnessed with my own eyes, that following the ISO Standards in implementing a quality management system results in satisfied customers, repeat business, increased profits, satisfied employees and continual improvement. That three part harmony, history-benefits-perceptions, when joined with top management commitment can lead to another benefit not yet mentioned. That is pride.

Bud Salsbury
ASQ Senior Member, CQT,CQI

Related Content: 

No Joking Matter, Quality Progress
Research analyzes management systems standards and the implications for managers and auditing bodies.  Read more.

Ask A Librarian

 

Customer satisfaction and loyalty

Q: Can you give me more information about how organizations gain, measure, and retain customer satisfaction and loyalty?

A: The Quality Improvement Glossary, by Donald L. Siebels, defines customer loyalty/retention as “the result of an organization’s plans, processes, practice, and efforts designed to deliver their services or products in ways which create customer satisfaction so customers are retained and committed to remain loyal”.

ASQ has over 200 books, articles, and case studies that focus on the topic of Customer Satisfaction and Value. The following recommended books from ASQ may help to provide additional insight:

The Customer Advocate and The Customer Saboteur    
Quality Press, 2012

Measuring Customer Satisfaction and Loyalty, 3rd Ed.    
Quality Press, 2008

Strategic Customer Service: Managing the Customer Experience to Increase Positive Word of Mouth, Build Loyalty, and Maximize Profits
 
AMACOM, 2009

Managing the Customer Experience: A Measurement-Based Approach 

Quality Press, 2007

Beyond the Ultimate Question: A Systematic Approach to Improve Customer Loyalty
Quality Press, 2010

You also may want to take a look at the following articles and case studies:

“Your Customers Are Talking, But Are You Listening?” 

Quality Progress, February 2006
The listen, collect, analyze, learn, improve (LCALI) process can help an organization capture important customer data for analysis and action.

“3M Entitlement Quality: Flawless Execution at the Speed of the Customer” 

Case Study, April 2009
3M’s approach to enterprise-wide quality improvement for business results and customer satisfaction is a fusion of ISO 9000, Six Sigma, lean, business process management, commercialization, and supplier management, along with a homegrown model, process and product understanding (PPU).

“Challenges With Churn”

Six Sigma Forum Magazine, November 2011
For noncontractual businesses, identifying profitable customers before they take their business elsewhere is important but difficult. These businesses usually have limited information about when these customers churn. Taking a control chart approach similar to statistical process control (SPC) can help develop churn predictive models and identify early churn.

“Supporting Customers and Driving Excellence Through Quality”

Case Study, May 2011
When a key client entered a new line of business, Firstsource Solutions earned the contract to provide inbound customer service and technological support. Metrics showed that 15 percent of calls for the client’s new business were repeat calls, leading to higher costs and lower customer satisfaction scores. A cross-functional Six Sigma team implemented process improvements that lowered the repeat call rate to 9.6 percent.

“An Alternative Approach in Service Quality: An e-Banking Case Study”

Quality Management Journal, January 2008
To remain competitive in today’s business climate, organizations must offer services that not only satisfy their customers, but delight them. SERVQUAL and other measures have been used in the past to measure and improve service quality in the US and Europe, but Japanese quality systems such as Kansei Engineering (KE) and quality function deployment (QFD) offer an alternative way to include the voice of the customer in the development and improvement of service quality systems.

Other helpful web pages include:

ASQ Learn About Quality: Customer Satisfaction

ACSI: The American Customer Satisfaction Index

I hope that this information is helpful.  If you are interested in conducting your own search, you may want to visit the ASQ Knowledge Center.

Best regards,

ASQ Research Librarian
Milwaukee, WI

Lean Six Sigma

Reporting, best practices, non-compliance reporting

Q: Can you explain what Lean Six Sigma is to me?  I’ve heard of both lean and Six Sigma as individual concepts, but I’m not quite sure I understand the term Lean Six Sigma.

A: The following concise definition is taken from the book The Certified Six Sigma Black Belt Handbook, 2nd ed. by T.M. Kubiak and Donald W. Benbow (ASQ Quality Press, 2009): “Lean-Six Sigma is a fact-based, data-driven philosophy of improvement that values defect prevention over defect detection. It drives customer satisfaction and bottom-line results by reducing variation, waste, and cycle time, while promoting the use of work standardization and flow, thereby creating a competitive advantage. It applies anywhere variation and waste exist, and every employee should be involved.”

The ASQ Knowledge Center has over 700 resources regarding Lean Six Sigma.  For a more in-depth look at Lean Six Sigma, you may want to consult these resources:

Books:

The Certified Six Sigma Master Black Belt Handbook
ASQ Quality Press, 2012

The Certified Six Sigma Black Belt Handbook, 2nd ed.
ASQ Quality Press, 2009

The Executive Guide to Understanding and Implementing Lean Six Sigma
ASQ Quality Press, 2007

Lean Six Sigma Project Execution Guide
Citius Publishing, Inc., 2011

Lean Six Sigma Demystified, 2nd Ed.
McGraw-Hill, 2011

Articles & Case Studies:

“Lean Six Sigma’s Evolution: Integrated method uses different deployment models”
Quality Progress, January 2008

A history of Lean and Six Sigma deployment, from Motorola’s first Six Sigma adoption in 1987 to the development of four major deployment models, with guidance on which might be right for your organization.

“Stock Options”
Six Sigma Forum Magazine, August 2010

Until recently, lean and Six Sigma philosophies were considered distinct and separate improvement methods, but today many organizations are integrating the two and adding other improvement systems as well. A lean Six Sigma (LSS) approach to inventory control and planning can provide a competitive edge by working with customers to develop solutions to problems. The successful application of the LSS approach to inventory management by a Taiwanese supplier of gardening and building materials illustrates the advantages of the method.

“Better Together”
Six Sigma Forum Magazine, May 2009

Continuous improvement professionals often debate the virtues of a lean or a Six Sigma approach, but the benefits of bringing the two together are significant. Six Sigma can improve the effectiveness of a system by optimizing it and reducing process variability, whereas lean can improve the efficiency of that system by stabilizing work in process, reducing inventory, and eliminating waste. A simple group demonstration allows participants to gain an understanding of the advantages offered by lean and Six Sigma when they work together.

“Weapon Against Waste”
Six Sigma Forum Magazine, February 2012

Lean Six Sigma (LSS) is U.S. Army’s weapon of choice for fighting off process inefficiencies that result in wasted time, money and material. Since 2009, the army’s LSS projects have resulted in a combined savings of $96.6 million.

“Improving Productivity Through Lean Six Sigma Warehouse Design”
Case Study, February 2009

As a key customer’s order volume rapidly increased, New Breed Logistics struggled to keep pace. An improvement team worked collaboratively with internal and external stakeholders to find solutions to meet the challenges of both current and future customers. The team applied Lean Six Sigma methodology by employing quality tools such as value stream mapping, PICK charts, and the 5 Whys to increase product flow and meet customers’ packaging requirements.

“Streamlined Enrollment Nets Big Results from Healthcare Leader”
Case Study, January 2009

Demonstrating that big results are possible in just a short time, Kaiser Permanente Colorado’s Medicaid Enrollment Project Team used Lean Six Sigma methodology to evaluate and improve the organization’s Medicaid enrollment processes.

Webcast:

A Webcast Overview of the Seven Lean Six Sigma Tools
August 2010

This webcast provides an overview of the seven common Lean Six Sigma tools: 5S System, Seven Wastes, Value Stream Mapping, Kaizen, Flow, Visual Work Place, and Voice of the Customer.

You can further search ASQ’s resources on Lean Six Sigma by visiting the ASQ Knowledge Center.

Best regards,

ASQ Research Librarian
Milwaukee, WI

ISO Documentation Practices; Difference Between Record and Document

 

ISO documentation practices, requirements

Q: Is there a published ISO standard for good documentation practices (e.g., crossing out an error with a single line and initialing and dating; striking through a blank space)?

Thank you.

A: Your question has two parts:

1) Is there a standard?

2) Does it cover the specific practice you cited?

The answers are “yes” and “no.”   🙂

About a decade ago, the ISO Technical Committee (TC) 176 on Quality Management and Quality Assurance started work on a documentation standard. There was (and still is) much confusion in the world about what kind of documents were expected and what should go into them. Of course, most didn’t want to take the time and energy to understand the purpose of documents, much less describe their practices in a site-specific manual. How sad. The output of the ISO/TC 176 work was a Technical Report: ISO/TR 10013:2001 – Guidelines for quality management system documentation. Frankly, however, I do not think it will address your question.

First of all, documents and records are often confused. Even though the ISO terms and definitions standard (ANSI/ISO/ASQ 9000:2005 Quality management systems — Fundamentals and vocabulary) parks them both under the word document, it is good practice to always think document=before, and record=after.

In other words, a document tells us what to do. A record tells us what was done. Many people, not understanding this principle, have actually tried to place records under configuration control!

The record-keeping practices you cited — crossing out an error and marking in a blank space — have their origin in the early military practices of the 1950s! Back then, there were no computers, internet or even ISO standards. There was also much more falsification of information back then, as we treated the workers with little or no respect.

The practices you cite were attempts to make sure that the data entered on a record wasn’t changed. Those practices just kind of hung on for half a century. In my 40 years in the quality profession, I have never seen these “rules” written down in an external document, like a regulation or standard or policy. Sure, individual organizations have required these practices through their local Standard Operating Procedures, but I am pretty sure they are not published in higher-level documents.

With automation and networking, records are becoming much more virtual. Paper records are becoming a thing of the past. Security and protection of those electronic records is a much bigger problem than when they were all on dead trees.

Follow-up from expert: Doing some further research (for an upcoming class), I discovered that ISO/IEC 17025:2005 General requirements for the competence of testing and calibration laboratories, contains a clause about records correction, 4.13.2.3. In general, the clause says all alterations must be visible (not erased, blacked out, or deleted), and all changes must be signed or initialed by the person making the change. Equivalent measures should be taken in the case of electronic records.

I don’t know why I didn’t think of this standard earlier, however, my earlier remarks about this coming from the 1950s practices B.C. (before computers) still stand.

Dennis Arter
ASQ Fellow
The Audit Guy
Columbia Audit Resources
Kennewick, WA
http://auditguy.net

ISO 9001 Implementation Guidance

The effect of ISO 9000 certification on financial perfomance

Q: I am directing a ground floor implementation effort to become certified to the ISO 9001:2008 Quality management systems–Requirements. I work for a small manufacturing company (less than 20 employees). Is there a quality management system (QMS) or ISO template product that I could use to help guide this process? Something with generic formats and outlines that I could customize and populate with our information. Or do I need to create from scratch all QMS and ISO supporting documents?  In practice, we currently have no documentation. I have ordered some resources from ASQ (see below). Is this a good start or can you recommend some other resources?

A: Please navigate these waters carefully.  There are several “do it yourself” type packages out there. Unfortunately, many of them don’t go far enough to provide a functional system unless the end user already has a thorough working knowledge of quality management systems (QMS). Therefore, as a quality professional, I hesitate to recommend this approach.

In order to establish an ISO 9001:2008 QMS capable of obtaining third-party certification, you will need to prepare a quality manual, a quality policy, define your organizations quality objectives, develop the six required QMS procedures, which as a minimum include:

1.    Control of documents
2.    Control of records
3.    Control of nonconforming product
4.    Internal audits
5.    Corrective actions
6.    Preventive actions

The reference books that you have already ordered from ASQ should contain some examples of the documents mentioned.  Once these QMS documents are established, you will need to orientate the organization to the requirements of the QMS, explain how each employee contributes to achieving the quality objectives, and ensure that the quality policy is communicated throughout the organization and is understood.  An internal audit will also be required to assess the effectiveness of the QMS once it has been implemented.

A management review will be required to ensure that top management is aware of input items mentioned in ISO 9001:2008, clause 5.6.2 and that they take action as needed to ensure the effectiveness and continual improvement of the QMS. These items should be completed prior to scheduling your registrar’s onsite pre-assessment for certification.  We wish you every success with your QMS project.  Please contact us if you would like to discuss this matter in more detail or require any support.

Bill Aston
ASQ Senior Member
Managing Director of Aston Technical Consulting Services
Kingwood, TX
www.astontechconsult.com

ISO 9001:2008 Impact on ISO 13485:2003

ISO 13485, medical devices, medical device manufacturing

Q: Why does Annex B of ISO 13485:2003: Medical devices — Quality management systems — Requirements for regulatory purposes address ISO 9001:2000?

Shouldn’t it be ISO 9001:2008 Quality management systems–Requirements?

A: ISO 9001 is “controlled” by Technical Committee (TC) 176 while ISO 13485 is “controlled” by TC 210. They are two separate, independent technical committees that write and revise standards.

ISO 13485:2003 is founded on ISO 9001:2000, with additional requirements added for the medical device industry. In other words, ISO 13485:2003 is ISO 9001:2000 (but with the requirement for “continual improvement” removed) and additional requirements for the medical device industry

When TC 176 revised ISO 9001 in 2008,  TC 210 decided not to make a change to ISO 13485 because ISO 9001 requirements didn’t change substantially.   It is important to note that many governments such as Health Canada have adopted ISO 13485:2003 as their law or have their medical device law based on 13485:2003. Many medical device companies today get ISO 13485:2003 registered and have dropped ISO 9001:2008 altogether as not being necessary.

By the way, TC 210 issued a technical corrigendum to ISO 13485:2003 in August of 2009 correcting its reference to “ISO 9001” to “ISO 9001:2000” to make this clear.

Jim Werner
Voting member to the U.S. TAG to ISO TC 176
Medical Device Quality Compliance (MDQC), LLC.
ASQ Senior Member
ASQ CQE, CQA, RABQSA Lead QMS Assessor

ISO 9001 Quality Manual

ISO documentation practices, requirements

Q: My small company is forcing me in the direction of using flowcharts to specify ISO standards. With their many branch statements, they are convoluted and confusing. I prefer plain, simple English. But my question is: is it ok to use flowcharts to specify ISO 9001 standards?

A: Actually, as long as you do not intend to become registered (also called certified), you can – and probably should – implement the ISO 9001:2008 Quality management systems–Requirements standard any way you want! I happen to like flowcharts, as long as they are limited to one page and fewer than a dozen boxes.

But if you intend to become registered, the registrar you choose will always require you to explain how you are implementing the concepts contained in ISO 9001.  Most firms choose to call this explanation document a quality manual. You do not repeat the words in the ISO 9001, rather you say how you intend to implement the concepts locally. A manual should be site-specific and about 50-60 pages. Some have written them in 20 pages.

Once you have the framework (manual) in place for the system, then you need to write procedures for the processes. Remember, procedures are job performance aids for an already-trained and qualified person. They should be about five to six pages, since the individual already knows how to perform the tasks.

The powers that be in your company want these procedures to be in the form of flowcharts. That’s OK, as long as you have explained this in your manual. The registration company accepts your manual before they ever send an auditor to your site. If they have accepted your description of flowcharts instead of procedures, then the auditor must accept that approach.

The whole point is to provide information to the person doing the job in a way that is useful. Written standard operating procedures (SOPs), or flowcharts, or pictures. It is the implementation that matters.

Dennis Arter
ASQ Fellow
The Audit Guy
Columbia Audit Resources
Kennewick, WA
http://auditguy.net

Example Quality Manual

Need to write a quality manual that conforms to ISO 9001:2008? Download an example quality manual from the ASQ Knowledge Center and read about how to create one!

ISO 9001 Procedure Vs. Process

Mr. Pareto Head and procedures

Q: I‘m seeking clarity and advice on a recent incident  I was informed about.

An organization I am very familiar with and is fully certified to ISO 9001:2008 Quality management systems–Requirements (with no exemptions) recently had a new external auditor come in to conduct a certification audit.

While continued certification was recommended, a number of small areas of concern were noted.

I understand that most of the recommendations will improve the system, but one recommendation has caused me some concern.

A bit of history of the QMS of this organization:

This company originally gained certification under ISO 9001:2000 and has transitioned to ISO 9001:2008.  They have a very robust quality management system (QMS), have clearly identified their processes, and have mapped their procedures to these various processes.  They have implemented a rigorous internal audit program which has targeted these procedures and their interrelationship with the various processes.

My problem is that the report for this recent certification audit stated that under 8.2.2 of the standard, in order to ‘gain’ full certification to ISO 9001:2008, they have to conduct process audits rather than procedural audits, or their certification could be at risk.  This has caused some angst with senior management, as their previous certification body was happy with their implementation of the standard.

8.2.2 b: Internal audit

“An audit programme shall be planned, taking into consideration the status and importance of the processes and areas to be audited…”

I can see no mandatory requirement in 8.2.2 to support the statement that process audits have precedent over procedural audits as long as the status and importance of the processes are taken into consideration.

My understanding would be that the requirements of 8.2.2 would be met if the organization’s processes are clearly identified and its procedures and their interrelationships are mapped to the processes and it can be clearly identified during the audit that process requirements are being addressed with the procedures.

Obviously if it can be shown that the processes are not adequately covered, then that must be addressed. But I do not believe this is the case here.

Your advice would be greatly appreciated.

A: I hope to answer your questions about process vs. procedure  in ISO 9001:2008. I will offer several different definitions.  This is not to confuse you, but to help you see how different people deliver the same message while using different words.

We will begin by trying to recognize just what a procedure is. You can have any number of procedures within a process.  That means, a process requires one or more procedures. You take actions to get results.  The actions you take are your procedures.

I once read it this way on the internet: procedures / actions / activities / work instructions all describe the lowest level of decomposition, i.e.: the procedure cannot be broken down further.

A process is “something going on.” It is a continuing natural or biological activity or function.

A process is a series of actions or operations conducing to an end. It is a continuous operation or treatment, especially in manufacturing.

A procedure is a particular way of accomplishing something. This is also defined as a series of steps in a regular definite order; a traditional or established way of doing things.

While the two could sound similar, they are clearly not the same thing.  A process refers to a series of actions, but does not place a particular order on those actions.

Procedures however, are focused on steps, order and instruction. As the author Mark McGregor once wrote, “We can see that while a process may contain order, it does not require order to be a process. If we take away the order from procedure, then we don’t have a procedure, but we may still have a process.”

You are not alone in your questioning of this. It is like the ongoing controversy over continual vs. continuous in the quality arena.  However, the distinction between a process and a procedure should be more clear to you after reading above.

Now, let’s consider why. Why is 8.2.2 worded the way it is?  I think the most simple way to put it is this: in the past, it was not uncommon for internal audit teams to concentrate on element auditing. That is, they audited the verbiage of the documented procedures to see if they complied with that of the standard.

Each individual company has their own processes.  It is through those processes, those actions, that you would comply with the intent of the standard.  The value of controlling and improving on those processes is reflected in your audits.

Input -> Process -> Output

So, it does not matter how you word things. The product audit (or service audit) determines if tangible characteristics and attributes of a thing are being met. A process audit determines whether process requirements are being met. During the process audit, the auditor will examine an activity or sequence of activities to verify that inputs, actions, and outputs are in accordance with an established procedure, plan or method.

By now, you have seen a pattern to all the words above.  My intention was not to muddy the waters further, but to help you recognize why so much light has been shined on process activities. To  “do what you say you do” requires having documented procedures and following what they say.  Doing all of this in an efficient and a profitable manner requires process control.

Finally, if you haven’t already done so, I strongly suggest that you acquire a copy of The Process Auditing & Techniques Guide by J.P. Russell.  This is a good guide you can order through ASQ and it can help with setting aside some of your concerns and answer questions.

I hope this has been helpful.

Bud Salsbury
ASQ Senior Member, CQT,CQI

Ask A Librarian

What’s the Difference Between ISO 9001 and ISO 19011?

Reporting, best practices, non-compliance reporting

Q: What is the difference between the ISO 9001:2008 and ISO 19011:2011 literature on your web site? Please provide a detailed explanation and their use.

A: I can see where the confusion might arise, as the numbers are very similar! But the contents are quite different.

ISO 9001 Quality management systems–Requirements is the mother of all quality management systems. It lays out the minimal requirements for an acceptable way of managing your business for quality. In the beginning, it was developed as a requirements document to lay on your suppliers. Then it became the foundation for registration (other countries might call this certification) of your own management approach to quality. About a decade ago, various business sectors – aerospace, automotive, medical devices, laboratories, etc., all used the ISO 9001 document as the base for their specific approaches. They didn’t take anything away, but added additional requirements. By far, the greatest use today is for registration/certification. This is somewhat sad, in that the standard itself is a beautiful way of managing the resources within the enterprise. Registration can get quite bureaucratic and not worth the expense.

ISO 19011:2011 Guidelines for the auditing management systems is the international auditing standard (my specialty). It was first developed as a means to get all the various registration agencies around the world to do their audits in a consistent manner. It also had support from the multinational companies that had factories – and thus registrations – all around the world and often with different cultures. Norms in Canada are not the same as China! Unfortunately, this registration emphasis in the standard made it somewhat hard for internal auditors and supplier auditors to use it. Plus, there is no requirement to use the standard, other than within the registration industry.

For these reasons, the U.S. wrote a supplement for the 2002 version of this standard, giving guidance on how to use the principles for internal audits and small organizations [note: development is underway to offer similar supplements for the ISO 19011:2011 version  — anticipated end of 2012/early 2013.]. ASQ is the only place to get this version, which  includes the supplement, along with the base document. As this auditing standard was revised, it picked up environmental auditing and safety auditing in the scope.

Dennis Arter
ASQ Fellow
The Audit Guy
Columbia Audit Resources
Kennewick, WA
http://auditguy.net