AS9100 D and ISO 9001: 2015

Airplane, aerospace, AS9100

Question

Is there a document that compares the requirements of AS9100 D against the requirements of ISO 9001:2015?

I am looking to update our system to AS9100 D, and have the standard, however it would be helpful to have a document to help identify the gap between the two.

Answer

ISO 9001:2015 is embedded in AS9100D as the baseline.  If you look at AS9100D text…the regular text is ISO 9001:2015 text and the bold-italics text are the additional Aviation, Space & Defense text.  So what you are looking for regarding the additional requirements is the bold-italics text.

I hope this is helpful.

Buddy Cressionnie
9100 Americas Leader

Escalation Process and ISO 9001: 2015

Chart, graph, sampling, plan, calculation, z1.4

Question

I have created a project and problem escalation pyramid to help associates understand when and who is involved when a project or process issue needs escalation. I would like to know what clause in ISO:9001-2015 this would fall into?

Answer

Thank you for your question.

It sounds like you have created an escalation process for when outcomes don’t meet requirements.  In this case it sounds like ISO 9001 Clause 8.7 “Control of Nonconforming Outputs” would apply.   If the escalation process is specific to something like an engineering design process, then Clause 8.3.2 “Design and Development Planning” and/or Clause 8.3.4 “Design and Development Controls” could apply.

Also, in a general sense, if a process issue needs escalation, it’s part of the plan-do-check-act cycle described under Clause 4.4 “Quality Management System and its Processes”.

I hope you were able to find these references useful.

Denis Devos

A Fellow of the American Society for Quality
Devos Associates Inc.
(519) 476-8951
www.DevosAssociates.com

ISO 9001: 2015 and “Effectiveness”

Control chart, data, analysis

Question

ISO 9001:2015 references measurement of “effectiveness” throughout the standard. My question is what methods/techniques are typically used to measure “effectiveness”? Is it purely a quantitative analysis of metrics, or does it also involve subjective evaluation that may not be driven by statistics or metrics? Also, is it expected that effectiveness be measured for each process/procedure?

Answer

Thank you for your question.

Let’s begin with the definition of effectiveness from ISO 9000:2015.

Effectiveness is “the extent to which planned activities are realized and planned results are achieved.”  This definition requires that you know what the expected outcome (or objective/target) you want for a given task, project or process.  The first step is to know what you want to achieve, and then ask yourself what would be the best means to determine the extent to which that objective was met?

Yes, it is expected that effectiveness be (suitably) measured for each process. This is at the heart of the Plan-Do-Check-Act cycle.  Also, please read ISO 9001 Clause 4.1 and Clause 0.3.

As far as quantitative vs. qualitative metrics are concerned, you will have to decide what best measures the outcome of the process.  Also consider the cost of data collection.  Often, easy-to-collect qualitative data can suffice.   And don’t be deterred if quantitative data cannot be obtained.  As Dr. Deming so wisely stated: “Sometimes we have to settle for inexact measures of exactly the right things”.

Denis Devos

A Fellow of the American Society for Quality
Devos Associates Inc.
(519) 476-8951
www.DevosAssociates.com

ISO 9001: 2015 and Vendor Certification

Suppliers, supplier management

Question

We are ISO 9001:2015 certified and have a sole source vendor who is considering dropping their ISO certification. What is the best course of action to retain this vendor if they drop their ISO?

Answer

Thank you for your question.

Unless you are in an industry where you are required to have your suppliers registered to ISO 9001, (for example, the automotive industry under IATF 16949), or you have specific customer contracts which require this,  the choice is entirely yours whether or not your suppliers are registered to ISO 9001.

If your company wants to press the issue and require ISO 9001 as a condition for this supplier to continue to do business with you, be prepared for them to give you up as a customer.   If however, this is a valued supplier with a history of strong performance, you don’t want to dismiss a valued supplier partner.   If you decide to keep them, simply change your purchasing procedure to allow yourself the latitude for management to approve and use suppliers without ISO 9001 certification.

Denis Devos

A Fellow of the American Society for Quality
Devos Associates Inc.
(519) 476-8951
www.DevosAssociates.com

 

Process Review Requirement in 9001?

About ASQ's Ask the Standards Expert program and blog

Question

Is there a requirement in the new 9001:2015 standards for annual monitoring/reviews of processes? What are any such requirements for process reviews?

Answer

First, there is no requirement to do anything annually.  Rather it is an expectation to do certain things such as calibration at least annually. The subject requirement is in section 9.3 Management review. Specifically section 9.3.2 Management review inputs includes at part (3) “process performance and conformity of product and services”.

What is commonly done is to create key performance indicators  (KPI’S) for each quality system process and these KPI’s are periodically reviewed (at least annually) during a management review.  Any process not meeting its KPI is looked into for improvement.

There are many articles and books written on this subject and available on the web.

James Werner

Click here for more information about KPIs and here for information about management reviews.

Internal Auditing Roles?

Manufacturing, inspection, exclusions

Question

I’m quality manager for R&D department and have several persons as Software Quality Assurance for our software development process. My question is can I act as Internal Auditor to audit the compliance of ISO 9001: 2015 requirements and the software development process execution?

Answer

Let’s look at this differently.  Say you are the quality manager and have several persons doing final product testing in a test lab. Clearly you are not impartial – you have a responsibility of the persons doing the testing.  Since you cannot be impartial, you cannot act as the internal auditor or even be on the auditing team.

James Werner

Click here for more resources about internal audits.

ISO 9001 and M & A

Reporting, best practices, non-compliance reporting

Question

I would like to know how ISO 9001 management system could facilitate a merger & acquisition. By speaking a common language and using the same exigencies, do you think ISO 9001 could facilitate this type of operation?

Answer

I’ve done this in the past but not with ISO 9001, instead using FDA Part 820 Quality System Regulation.  I created a checklist from the regulation and then audited the facility being merged / acquired.  This was done to determine the state of the quality management system and what needed to be done (including costs) to ensure the facility was in compliance.

James Werner

ISO 9001: 2015 Clause 8.3.4 and Product Design

 

PLCs, programmable logic controllers

Question

My company is implementing ISO 9001:2015 and my question is regarding Clause 8.3.4 d. Our company designs product for only 20% of our customer base. We do not have a validation process. We do send a prototype to the customer to test the part for a period of time to approve the design. In determining the scope of our organization, can we exclude the validation process and still become ISO 9001:2015 certified?

Answers

From John Surak:

This organization is involved in product design.  Therefore, the product design cannot be excluded.  However, the organization needs to review the validation clause.  8.3.4d states the following:   “validation activities are conducted to ensure that the resulting products and services meet the requirements for the specified application or intended use.”  It should be noted that neither 8.4.3d not the validation refences in ISO 9001 do not prescribe a method on how to conduct validation.  It would appear that the company has some sort of process they use to develop the prototypes.  This process should be codified or documented so that it is done in a consistent manner and in a way to ensure that the customer needs are met.

John G. Surak, PhD

From George Hummel:

Basically, you are outsourcing validation.  Therefore, you need to control that process per 8.4. I would not accept the exclusion. In the future, you may have a customer that requires you to do the validation. However, the final answer would be provided by your certification body.

Click here for more resources about ISO 9001: 2015.

 

 

 

Calibration Questions

Automotive inspection, TS 16949, IATF 16949

Question

I work at a hydraulic cylinder manufacturer. The company has homemade thread and ring gages in house that we are using for production that are not sent out for calibration but have a homemade master that is used to check them with once a year which does not get sent out either. I have been here 6 months and am thinking these gages and masters are a violation of ISO. Am I correct?

Answer

The short answer is yes. The intent of ISO 9001:2015’s subclause 7.1.5 is to ensure that your company determines and provides suitable resources to ensure valid and reliable monitoring and measuring results, when evaluating the conformity of your products; and 7.1.5.2’s that is to ensure that your company provides measurement traceability when it is a requirement or when your company determines it to be necessary to have confidence in the validity of the measurement results. It seems that your practice for controlling the homemade thread and ring gages cannot fully fulfill those purposes. This is how I would address the situation:

  1. Assign a unique identifier to each homemade thread and ring gage. Maybe you can do that through your Document Control process.
  2. Ensure that those gages are protected from deterioration or damage when they are not in use.
  3. Have the homemade master measured by a service able to provide you with reliable certified measurements. That will make that gauge traceable to national or international standards. It will also allow you to demonstrate that the piece is fit for its intended purpose.  That means, you will be able to use this piece as the standard during the in-house calibration of the rest of the gages.
  4. Conduct an “in-house calibration” of each gage you use in production. You will need to issue an in-house calibration certificate for each one of those pieces, indicating on those documents how you achieve traceability to NIST or equivalent. If possible, identify the error for each one of those individual measurements you perform during calibration. Do not forget to include a statement indicating that the gauge was found suitable/unsuitable for use. That will demonstrate that each gage is fit for its intended purpose.
  5. Include ALL the gages in your calibration program. Make them subject to all the applicable provisions of your Quality System.

This approach will allow you to demonstrate that your thread and ring gages are properly controlled and maintained. If controlling those gages has not been an issue in the past, there is no guarantee that the situation will remain the same in the future. That is managing risk 😉

Aura Stewart

For more information about calibration, please see the resources here.

ISO Requirements or Good Documentation Practices?

 

Calibration

Question

Are these standard for ISO or just good documentation practices?

1. All entries, except IPQA, should be made with blue ball pen in clear and legible handwriting.
2. IPQA entries shall be done in black ball pen.
Answer

I can sense what it is happening at the place where this question originated. In the past, I saw a company where the person in charge of the Quality System was saying “this is a ISO requirement” to enforce what in this person’s opinion was a best practice. Nobody questioned those statements because “it is an ISO requirement”. So, the answer to the question is, those are best practices, not ISO requirements. Please see below the ISO 9001:2015’s clause pertaining to this question.

7.5.3 Control of documented information

7.5.3.1 Documented information required by the quality management system and by this International Standard shall be controlled to ensure:

  1. a)       it is available and suitable for use, where and when it is needed;
  2. b)       it is adequately protected (e.g. from loss of confidentiality, improper use, or loss of integrity).

7.5.3.2 For the control of documented information, the organization shall address the following activities, as applicable:

  1. a)       distribution, access, retrieval and use;
  2. b)       storage and preservation, including preservation of legibility;
  3. c)       control of changes (e.g. version control);
  4. d)       retention and disposition.

Documented information of external origin determined by the organization to be necessary for the planning and operation of the quality management system shall be identified as appropriate, and be controlled.

Documented information retained as evidence of conformity shall be protected from unintended alterations.

NOTE  Access can imply a decision regarding the permission to view the documented information only, or the permission and authority to view and change the documented information.

As you can see, no reference to any ink color whatsoever. Legal documentation tends to be completed by using blue ink to differentiate originals from Xerox copies. However, today’s technology allows us to have color copies.

Regards,

Aura Stewart