Making Management Review Meaningful

Training, completed training, competance

Question

I’m looking for assistance with Management Review requirement of ISO 9001:2015. We’ve been following an agenda that covers 9.3.2 a-f, but Senior Management believes that they cover much of this information in other meetings.

I found a few articles through the ASQ website, but wanted to see if there are suggestions for other resources to help make the Reviews relevant and useful rather than just checking off a box.

Answer

Management Review does not have to happen in one session but can be addressed over several meetings.  It is required that all the inputs and outputs (not addressed in your question) are recorded and accessible.

It is important that the inputs/outputs are not “checking off a box.” Management Review should be seen as “due diligence.”  For example, it is not designed to say, “internal audits were performed on xx/xx/2019.” Here is the opportunity for top management to review the audit results for improvement opportunities and determine how risks uncovered can be mitigated.

Note that the standard does not say “a meeting.” You may wish to gather the materials into one document and send it back to top management for review and approval.  This would also allow you to determine if there are any gaps to be addressed.

Try to ensure that top management notes changes in the QMS or needed. For example, does the QMS still support the strategic directions of the organization, have the requirements of interested parties changed, has corrective action found the root cause of problems, have complaints been adequately addressed and, have there been any changes in statutory requirements?

Following the review of the information, it would be my advise to publish the results to communicate these to the entire organization.

George Hummel

 

AS9100 D and ISO 9001: 2015

Airplane, aerospace, AS9100

Question

Is there a document that compares the requirements of AS9100 D against the requirements of ISO 9001:2015?

I am looking to update our system to AS9100 D, and have the standard, however it would be helpful to have a document to help identify the gap between the two.

Answer

ISO 9001:2015 is embedded in AS9100D as the baseline.  If you look at AS9100D text…the regular text is ISO 9001:2015 text and the bold-italics text are the additional Aviation, Space & Defense text.  So what you are looking for regarding the additional requirements is the bold-italics text.

I hope this is helpful.

Buddy Cressionnie
9100 Americas Leader

Escalation Process and ISO 9001: 2015

Chart, graph, sampling, plan, calculation, z1.4

Question

I have created a project and problem escalation pyramid to help associates understand when and who is involved when a project or process issue needs escalation. I would like to know what clause in ISO:9001-2015 this would fall into?

Answer

Thank you for your question.

It sounds like you have created an escalation process for when outcomes don’t meet requirements.  In this case it sounds like ISO 9001 Clause 8.7 “Control of Nonconforming Outputs” would apply.   If the escalation process is specific to something like an engineering design process, then Clause 8.3.2 “Design and Development Planning” and/or Clause 8.3.4 “Design and Development Controls” could apply.

Also, in a general sense, if a process issue needs escalation, it’s part of the plan-do-check-act cycle described under Clause 4.4 “Quality Management System and its Processes”.

I hope you were able to find these references useful.

Denis Devos

A Fellow of the American Society for Quality
Devos Associates Inc.
(519) 476-8951
www.DevosAssociates.com

ISO 9001: 2015 and “Effectiveness”

Control chart, data, analysis

Question

ISO 9001:2015 references measurement of “effectiveness” throughout the standard. My question is what methods/techniques are typically used to measure “effectiveness”? Is it purely a quantitative analysis of metrics, or does it also involve subjective evaluation that may not be driven by statistics or metrics? Also, is it expected that effectiveness be measured for each process/procedure?

Answer

Thank you for your question.

Let’s begin with the definition of effectiveness from ISO 9000:2015.

Effectiveness is “the extent to which planned activities are realized and planned results are achieved.”  This definition requires that you know what the expected outcome (or objective/target) you want for a given task, project or process.  The first step is to know what you want to achieve, and then ask yourself what would be the best means to determine the extent to which that objective was met?

Yes, it is expected that effectiveness be (suitably) measured for each process. This is at the heart of the Plan-Do-Check-Act cycle.  Also, please read ISO 9001 Clause 4.1 and Clause 0.3.

As far as quantitative vs. qualitative metrics are concerned, you will have to decide what best measures the outcome of the process.  Also consider the cost of data collection.  Often, easy-to-collect qualitative data can suffice.   And don’t be deterred if quantitative data cannot be obtained.  As Dr. Deming so wisely stated: “Sometimes we have to settle for inexact measures of exactly the right things”.

Denis Devos

A Fellow of the American Society for Quality
Devos Associates Inc.
(519) 476-8951
www.DevosAssociates.com

ISO 9001: 2015 and Vendor Certification

Suppliers, supplier management

Question

We are ISO 9001:2015 certified and have a sole source vendor who is considering dropping their ISO certification. What is the best course of action to retain this vendor if they drop their ISO?

Answer

Thank you for your question.

Unless you are in an industry where you are required to have your suppliers registered to ISO 9001, (for example, the automotive industry under IATF 16949), or you have specific customer contracts which require this,  the choice is entirely yours whether or not your suppliers are registered to ISO 9001.

If your company wants to press the issue and require ISO 9001 as a condition for this supplier to continue to do business with you, be prepared for them to give you up as a customer.   If however, this is a valued supplier with a history of strong performance, you don’t want to dismiss a valued supplier partner.   If you decide to keep them, simply change your purchasing procedure to allow yourself the latitude for management to approve and use suppliers without ISO 9001 certification.

Denis Devos

A Fellow of the American Society for Quality
Devos Associates Inc.
(519) 476-8951
www.DevosAssociates.com

 

Process Review Requirement in 9001?

About ASQ's Ask the Standards Expert program and blog

Question

Is there a requirement in the new 9001:2015 standards for annual monitoring/reviews of processes? What are any such requirements for process reviews?

Answer

First, there is no requirement to do anything annually.  Rather it is an expectation to do certain things such as calibration at least annually. The subject requirement is in section 9.3 Management review. Specifically section 9.3.2 Management review inputs includes at part (3) “process performance and conformity of product and services”.

What is commonly done is to create key performance indicators  (KPI’S) for each quality system process and these KPI’s are periodically reviewed (at least annually) during a management review.  Any process not meeting its KPI is looked into for improvement.

There are many articles and books written on this subject and available on the web.

James Werner

Click here for more information about KPIs and here for information about management reviews.

Internal Auditing Roles?

Manufacturing, inspection, exclusions

Question

I’m quality manager for R&D department and have several persons as Software Quality Assurance for our software development process. My question is can I act as Internal Auditor to audit the compliance of ISO 9001: 2015 requirements and the software development process execution?

Answer

Let’s look at this differently.  Say you are the quality manager and have several persons doing final product testing in a test lab. Clearly you are not impartial – you have a responsibility of the persons doing the testing.  Since you cannot be impartial, you cannot act as the internal auditor or even be on the auditing team.

James Werner

Click here for more resources about internal audits.

ISO 9001 and M & A

Reporting, best practices, non-compliance reporting

Question

I would like to know how ISO 9001 management system could facilitate a merger & acquisition. By speaking a common language and using the same exigencies, do you think ISO 9001 could facilitate this type of operation?

Answer

I’ve done this in the past but not with ISO 9001, instead using FDA Part 820 Quality System Regulation.  I created a checklist from the regulation and then audited the facility being merged / acquired.  This was done to determine the state of the quality management system and what needed to be done (including costs) to ensure the facility was in compliance.

James Werner

ISO 9001: 2015 Clause 8.3.4 and Product Design

 

PLCs, programmable logic controllers

Question

My company is implementing ISO 9001:2015 and my question is regarding Clause 8.3.4 d. Our company designs product for only 20% of our customer base. We do not have a validation process. We do send a prototype to the customer to test the part for a period of time to approve the design. In determining the scope of our organization, can we exclude the validation process and still become ISO 9001:2015 certified?

Answers

From John Surak:

This organization is involved in product design.  Therefore, the product design cannot be excluded.  However, the organization needs to review the validation clause.  8.3.4d states the following:   “validation activities are conducted to ensure that the resulting products and services meet the requirements for the specified application or intended use.”  It should be noted that neither 8.4.3d not the validation refences in ISO 9001 do not prescribe a method on how to conduct validation.  It would appear that the company has some sort of process they use to develop the prototypes.  This process should be codified or documented so that it is done in a consistent manner and in a way to ensure that the customer needs are met.

John G. Surak, PhD

From George Hummel:

Basically, you are outsourcing validation.  Therefore, you need to control that process per 8.4. I would not accept the exclusion. In the future, you may have a customer that requires you to do the validation. However, the final answer would be provided by your certification body.

Click here for more resources about ISO 9001: 2015.

 

 

 

Calibration Questions

Automotive inspection, TS 16949, IATF 16949

Question

I work at a hydraulic cylinder manufacturer. The company has homemade thread and ring gages in house that we are using for production that are not sent out for calibration but have a homemade master that is used to check them with once a year which does not get sent out either. I have been here 6 months and am thinking these gages and masters are a violation of ISO. Am I correct?

Answer

The short answer is yes. The intent of ISO 9001:2015’s subclause 7.1.5 is to ensure that your company determines and provides suitable resources to ensure valid and reliable monitoring and measuring results, when evaluating the conformity of your products; and 7.1.5.2’s that is to ensure that your company provides measurement traceability when it is a requirement or when your company determines it to be necessary to have confidence in the validity of the measurement results. It seems that your practice for controlling the homemade thread and ring gages cannot fully fulfill those purposes. This is how I would address the situation:

  1. Assign a unique identifier to each homemade thread and ring gage. Maybe you can do that through your Document Control process.
  2. Ensure that those gages are protected from deterioration or damage when they are not in use.
  3. Have the homemade master measured by a service able to provide you with reliable certified measurements. That will make that gauge traceable to national or international standards. It will also allow you to demonstrate that the piece is fit for its intended purpose.  That means, you will be able to use this piece as the standard during the in-house calibration of the rest of the gages.
  4. Conduct an “in-house calibration” of each gage you use in production. You will need to issue an in-house calibration certificate for each one of those pieces, indicating on those documents how you achieve traceability to NIST or equivalent. If possible, identify the error for each one of those individual measurements you perform during calibration. Do not forget to include a statement indicating that the gauge was found suitable/unsuitable for use. That will demonstrate that each gage is fit for its intended purpose.
  5. Include ALL the gages in your calibration program. Make them subject to all the applicable provisions of your Quality System.

This approach will allow you to demonstrate that your thread and ring gages are properly controlled and maintained. If controlling those gages has not been an issue in the past, there is no guarantee that the situation will remain the same in the future. That is managing risk 😉

Aura Stewart

For more information about calibration, please see the resources here.