(6 Planning for the QMS) 6.1 Actions to address risks and opportunities

Relying on luck isn’t much of a strategy when creating a robust quality management system.  This is why the standard has been revised to include a specific requirement that the organization make an effort to consider and identify their potential risks and take appropriate action to mitigate them.

It would seem that every organization would do this as a natural path to planning – of course risks would be considered.  Thinking about the “what if’s” is part and parcel to any type of planning.  But, the standard makes some strong statements in terms of “shalls” and specifically the term “risk” and this is what has the quality management industry up in arms.  Some say the new requirements introduce risk management, which is much more in depth than a simple consideration of “what if’s” and has broad implications in terms of how it could impact ISO compliant quality management systems.  Some say this particular section overreaches and actually connects ISO9001 to the requirements of ISO31000 which significantly increases the requirements of the quality management system.

And many are concerned about the auditability of these requirements.  The standard isn’t terribly clear on exactly what type of objective evidence would support each of the requirements.  And the language in the standard does leave open to interpretation whether the science of risk management is the actual requirement.  If so, an auditor’s expectation may be much broader than a general demonstration of consideration of risk.  They may interpret the requirements to be extensive studies in Failure Mode & Effects Analysis (FMEA), risk management plans and matrices, calculation of Composite Risk Index, and formal action plans to mitigate the identified risks (avoidance/reduction/sharing/retention) and whatever other tools and techniques used in the true science of risk management that the auditor may suggest.  This could jeopardize compliance for some organizations and there is a lot of concern and discussion out there about how these changes will actually impact the industry.  One may wonder whether the authors and panels of experts considered the risk of misinterpreting the standard as one they should have mitigated when writing this revision, but now I’m just being cheeky (and I’m not even British – I live in Florida).

So while we cannot predict how this bees nest will turn out, we can address the requirements as they currently stand.

The first “shall” says we “shall consider” the stuff we identified in 4.1 and 4.2 which was our context and interested parties.  I would argue that they should have also included 4.4, our processes as well.  Our processes determine our outcome, so the risks to the processes should definitely be considered and mitigated if our system is to be successful.  In any case, the requirement of this clause 6.1.1 is that the organization must identify the risks and opportunities in order to:

a) give assurance that the QMS can achieve its intended results

b) prevent or reduce undesired effects and

c) achieve continual improvement

In addition to our interested parties, if we also consider risks to each of our identified key processes, we should have a good start to meeting this requirement.  Does your organization do some sort of annual business planning?  Is some form of SWOT (Strengths/Weaknesses/Opportunities/Threats) analysis used?  This would support compliance for “consideration of risk”.  There are many ways to demonstrate compliance to this requirement.

Next, let’s move on to 6.1.2 requiring the organization to “plan”:

a) actions to address these risks and opportunities and

b) how to integrate actions into its QMS processes (there they are!) and evaluate the effectiveness of those actions

So, if we did a good job of identifying our processes, we can now analyze those processes for risk and make a plan to deal with those risks.  There is no requirement for documentation at this point, but there is an expectation that an organization should be able to demonstrate that these considerations have been made in a planning activity of some sort.  And finally, the standard gives some unclear “clarification” of how extensive these activities should be by saying that it “shall be proportionate to the potential impact on the conformity of products and services”.

This clause does give us a lot to think about and plenty to debate about.  But also, it inspires me and provides an opportunity to integrate some of my favorite tools together.  How about this?

1.  Identify the key processes of your QMS – use process flow diagrams

2.  Use the process flow diagrams and construct FMEAs from them – no, FMEAs are not the only tool to use, but they are darn useful!  The use of an FMEA provides the identification, analysis and action plan for each risk identified and will help you continue to improve the effectiveness and efficiency of your processes, which leads us to

3.  Use the process flow diagrams and the improvements gained from using FMEAs to create value stream maps – these tools working together can create a powerful system and feedback loops to ensure you’re always improving – while incorporating some lean and Six Sigma tools while you’re at it!

THIS WEEK’S HOMEWORK

Work through 6.1.1 and 6.1.2 using some of the suggestions above.  Does your planning process do enough to address these requirements?  If not, take action and make a plan.

For more information on integrating these tools, check out my book,
TRIBAL KNOWLEDGE – The Practical Use of ISO, Lean & Six-Sigma Together

Or let me work with you one-on-one.  My 8 Week Boot Camp is a powerful workshop to do a full review of each of your processes and build a robust quality management system in as little as 8 weeks!

Stay involved and engaged – SUBSCRIBE!

Follow @marniekschmidt

5.2 Quality Policy

This clause is pretty straightforward.  Or is it?  I find the word “policy” to be awkward.  “Policy” sounds so regulatory and “police-y”.  Perhaps this is why this seemingly straightforward requirement gives so many organizations difficulty.

It’s not very difficult to write a policy.  And the standard gives very specific guidance to management as it establishes one.

The quality policy shall:

• Be appropriate to the purpose and context of the organization
• Provide a framework for setting and reviewing quality objectives
• Include a commitment to satisfy applicable requirements
• Include a commitment to continual improvement of the QMS

Looking more closely at each of these:

• Be appropriate to the “purpose and context” means it should align with the most basic needs of the organization.  Why does the organization exist?  What/who are we committed to?  What/who matters?
• Provide a “framework for objectives” means it should communicate a commitment to meet some sort of goal which would support the policy.  This doesn’t mean that the objectives and targets themselves must appear in the policy.  Just that one could infer (quality, cost, delivery) as key commitments (objectives) by the organization.
• Include a commitment to satisfy applicable requirements applies to the requirements of all interested parties.  Some organizations like to include language like “meet or exceed expectations” in their policies.  That’s at the discretion of the organization.
• Include a commitment to continual improvement might mean the desire to “exceed expectations” or to challenge the quality objectives periodically.

An example of a Quality Policy might be something like:

“We are committed to providing widgets to the automotive industry which meet our customers’ expectations for quality, cost and delivery with a commitment to continually improve the output of our processes in those areas, while satisfying all applicable requirements (customer, internal and other). ”

Or it might be something as simple as a slogan “Quality – Cost – Delivery For Every Customer – Every Time”.

But, the writing of the policy is the easy part.  The next subclause is a little trickier.

The guidelines state also that the quality policy shall:

• Be available as documented information
• Be communicated, understood and applied within the organization
• Be available to relevant interested parties

A clever slogan or quality policy carefully crafted by a wordsmith can’t meet this requirement on its own.  It’s not difficult to document or communicate a quality policy.  But it IS sometimes difficult to gain a corporate wide understanding.  And then even if you are successful with that challenge, getting the organization to be able to demonstrate that understanding (particularly under scrutiny, as with a third party audit) can be another challenge altogether.

Now, back to that word “policy” or “police-y”.  Just about every company I’ve ever worked with has had an issue on audit days with employees freezing up when asked, “Does the company have a quality policy?”  Every method is tried – posting the policy, hanging a banner, handing out pocket cards, quizzing every employee, preparatory internal audits, etc.  And yet, when the chips are down and the auditor asks, employees may still panic and may not have an answer.  One approach I’ve seen be successful is to learn the quality policy as a “quality statement” or a “quality commitment”.  It’s not enough to present the quality policy to employees, but to talk about the organizations quality commitment, and each individual’s role in maintaining the commitment (policy).

It’s important to have a thoughtful, well written quality policy/commitment/statement.  How it is communicated, executed and applied is even more important.

THIS WEEK’S HOMEWORK

Review your quality policy against the requirements in subclauses 5.2.1 and 5.2.2.  The ISO9001:2015 revision includes a consideration of “context”, so be sure to give your organization’s “context” and “interested parties” some thought.  Does your policy require any revision?

Now take a moment to consider how well understood your policy is with each and every individual in your organization.  Think of the graphic above with all hands in the center of a circle representing a commitment and understanding that everyone knows why they’re here, and that they understand the plan.  Does everyone in your organization have their hands in your circle?  Be sure this is considered and visited often within your organization.

Stay involved and engaged – SUBSCRIBE!

(5) 5.1 Leadership and commitment

This is a 52 week discussion of the proposed 2015 revision of ISO9001. We challenge you to follow us each week, and review your QMS from top to bottom with us. By year end 2015, you can have your QMS upgraded and ready for the 2015 revision!

(Discussions appear here, but also in several groups on LinkedIn.  Here on my website is a great home base to follow this challenge, because all 52 weeks appear together, but hey, whatever gets you thinking and talking is fine with me.)

In the past couple weeks, there has been some spirited discussion about how many “interested parties” there may be and how to know when enough is enough when considering things that “may impact” us.  Where does it end?  Everything from Murphy’s Law to asteroids has the potential to impact us, but must all of these be considered in our context?  Considering interested parties and potential impacts gets us close to talking about “risk” and “risk based thinking”.  But since “risk based thinking” or “RBT” is a powder keg discussion topic, I’m in no rush to tackle it.  Not yet anyway.  We’ll get there in a couple more weeks, but for now let’s move forward.

Now that we’ve done our best to define our context (who we are, what (and who) matters to us, what we do and what processes we use to operate), it’s time to switch gears and start looking at who’s steering the ship.

As I’ve said before, there are some dynamite improvements in this revision.  “Leadership and commitment” is one of them.

“Management Responsibility” is now “Leadership and commitment”.  It’s not so much the terminology changes that matter, but a subtle nuance in the intent of the standard.  The requirement changes from “management shall provide evidence of its commitment to the QMS” to “Top management shall demonstrate their commitment…” and an expanded list of requirements explaining what is expected of management to really ensure the effectiveness of the QMS.  It’s a simple change, but I think it’s going to cause as much of a stir as “Risk Based Thinking” in practice.  Here’s why.

Previous versions required that management appoint a “Management Rep” to oversee the QMS.  (More about that in two weeks, where we will discover this requirement has been removed from the standard entirely).  The Management Rep was also required be a “member of top management”, so the typical organization would put a Management Rep on their organization chart as part of management.  But in practice, many organizations would create an environment where “the real business” is run by one group, and the QMS is simply running parallel and is not integrated with what is really driving the organization.  Of course, not ALL organizations have chosen this misguided path, but there are many a “management rep” out there who will be happy to see this new language.  No doubt about it, the responsibility for the QMS now lies squarely on the shoulders of the real management of the business.  And this is where I think things are about to get interesting.

To be compliant to this revision, an organization will have to be able clearly demonstrate that their MANAGEMENT:

• Takes accountability for the effectiveness of the QMS
• Establishes the quality policy and objectives and communicates them to the organization
• Squares the QMS with the businesses processes (that’s my favorite part)
• Provides the necessary resources including assignment of responsibilities and an ongoing commitment to the effectiveness of the QMS and
• Promotes continual improvement

For each of these above, we must ask, “Which leader is responsible for that?” “How can s/he demonstrate that it is being done?”  The old days of an auditor interviewing a top executive, while the Management Rep telegraphs the “right answers” are over.  With this language, the real leaders of the organization must engage and really steer the ship.  Bravo to this change!

This section also includes (5.1.2) Customer focus.  Here lies the first trip wire for “risk based thinking”.  (Let’s call it RBT from here).  “Risks and opportunities that can affect the conformity of products and services” must be assessed and managed as part of this clause.  And so it begins.  But, let’s don’t spend all our time on this yet.  Management will, of course, be customer-centric and sensitive to risks to their customers.  To demonstrate this, a simple SWOT (Strengths, Weaknesses, Opportunities, Threats) analysis will suffice, and most businesses have already done one.  Perhaps it can be reviewed as part of the business plan?  Perhaps it becomes an input to management review?  Keep this in mind as you develop this section of your QMS.  Who is responsible?  What must be considered?  Who represents the needs of the customer?  How?
THIS WEEK’S HOMEWORK

Review 5.1.1 Leadership and commitment for the quality management system.  Then identify who in your organization is specifically responsible for EACH of the bullets (a thru g).  Does management KNOW they are responsible?  How can they demonstrate that they do, in fact, do each of these things?  After that, move onto 5.1.2 Customer focus and identify who is responsible for each of these commitments (a thru d) and how each of them are met.  You may want to use a SWOT analysis, or maybe you don’t.  Remember, this is YOUR organization’s QMS.  Build it to suit YOUR needs.

Stay involved and engaged – SUBSCRIBE!

FOR HELP WITH YOUR HOMEWORK – Check out my Management Team Workshop.  This is a great opportunity to pull your team together to review your business plan, identify your objectives, upgrade your QMS to incorporate the upcoming requirements and identify your quality objectives and metrics.

This is a 52 week discussion of the proposed 2015 revision of ISO9001. We challenge you to follow us each week, and review your QMS from top to bottom with us. By year end 2015, you can have your QMS upgraded and ready for the 2015 revision!

Oh Boy!  This week, we’re talking about 4.4 Quality management system and its processes!  We’re really starting to get into it now.

LAST WEEK’S HOMEWORK was “Describe the scope of your quality management system with specific definition of your organization’s products and services, relevant interested parties (both internal and external) and the REQUIREMENTS of those interested parties.”

Well, how did that go?  Did you find your boundaries???  Were you able to make a clear statement of what your organization does, what it’s context is and what requirements its QMS is designed to ensure it can meet?  CONGRATULATIONS!  You’ve successfully defined the “WHAT” of your QMS.  Now, let’s talk about the “HOW”.

How does your organization fulfill its requirements?  It fills it through the use of processes.  This subclause (4.4) provides very clear guidance on the clear and concise construction of an effective QMS by providing a list of “shalls” that should be addressed when defining the infrastructure or “HOW” of your QMS.  (NOTE:  there IS also a requirement at the end of the section identifying it as required “documented information”, so I would write it down.  That may or may not be a quality manual or other document – it might be a video, series of graphics or other media – that’s your choice, but a clear definition should be kept on hand.  I really like the language in this section because it now does a better job explaining why these will help me (the organization) and not just to make things simple for a third party auditor.

In a very logical order, the “shalls” include first – a list of the processes used, then the inputs and outputs (so that they link to each other), then their sequence (to show how they interact), then the requirement of metrics to ensure whatever we determine to be a KEY process also include a KEY indicator to tell us if it’s working!  Once we say what our processes are and how we’ll keep our eye on them, we must be sure the processes are properly resourced and are assigned to someone who can champion them.  Further, we should know our processes intimately and understand their vulnerabilities (risk) and take steps to preemptively avoid those risks wherever we can.  Through responsible design (considering and mitigating as many risk factors as possible), we will operate and monitor the processes.  Then, should we fall short of our acceptable operating condition (our goals/indicators), we will have a clear plan of what to do about it.  And finally, when all else is moving along smoothly, we will challenge ourselves to continually improve.

Good grief, how will we ever make this “documented information”?  Any way you like.  You can make a business plan.  You can make a diagram.  I like to use a hybrid process flow diagram using some value-stream-map-like annotations to indicate my acceptable metrics/assignment of responsibility/CAPA or CI plan, etc.  Post it as a visual reminder and roadmap to the business and use it often in group meetings, problem solving sessions and kaizen events.  It is a “living” map of how things are done and it helps keep what’s important out front!

THIS WEEK’S HOMEWORK

Identify which processes are used in your organization to fulfill your internal and external customers’ requirements.  HINT:  Use the main clauses of ISO9001:2015 to guide you, but be sure to personalize each area to show how your organization operates.  This is the ultimate frame for your entire system, so do your best work on this!  Feel free to post your questions, or contact me directly for support.  GOOD LUCK!

Stay involved and engaged – SUBSCRIBE!

This is a 52 week discussion of the proposed 2015 revision of ISO9001. We challenge you to follow us each week, and review your QMS from top to bottom with us. By year end 2015, you can have your QMS upgraded and ready for the 2015 revision!

Do you know your boundaries?  This week, we put together our previous discussions about why our organization exists (its mission and strategy) and what our context is (where and how we fit into our industry and community).

Now, it is time to put pen to paper (or other media, as it were) and to establish as “documented information” the scope of the quality management system.  Clause 4.3 specifically defines what “shall” be considered.  This includes “internal and external issues” as we discussed in Week 4 for 4.1, “requirements of relevant interested parties” as we discussed in Week 5 for 4.2 and the “products and services of the organization” as we discussed in Week 3 for 4.0.

As we create this scope statement “as documented information”, we must specifically identify the products and services covered by the QMS and justification where anything in the ISO standard may not apply.  This was formerly referred to as “exclusions” and most companies who are currently registered to ISO9001 have had help with their scope and exclusions statements, because this is the first order of business in the registration process.

The subtle changes in language, IMHO (in my humble opinion), are helpful in further defining the intent of this clause.  Further, the language bridges the gap that many quality professionals have had to manage in that a quality management system MUST include participation by management and an intimate inclusion in the business management system overall.  The expansion of definitions in this area also guide the organization to consider their business strategy as a whole when creating their QMS, (rather than just making the scope and exclusions strictly for the use of the certification body).

THIS WEEK’S HOMEWORK

Describe the scope of your quality management system with specific definition of your organization’s products and services, relevant interested parties (both internal and external) and the REQUIREMENTS of those interested parties.  After all, the whole reason for having a QMS is to create a system for ensuring the organization can meet those requirements.

Please feel free to share your scope with the group for discussion.  If you are currently registered to ISO9001:2008, did you make any changes to your scope?  Thank you in advance for sharing your work!

Stay involved and engaged – SUBSCRIBE!

This is a 52 week discussion of the proposed 2015 revision of ISO9001. We challenge you to follow us each week, and review your QMS from top to bottom with us. By year end 2015, you can have your QMS upgraded and ready for the 2015 revision!

4.2 Understanding the needs and expectations of interested parties

Welcome to Week 5 of our discussion.  This “clause 4” stuff is really exciting to me. 

As discussed last week, this particular section is where some of the most valuable content of the standard comes from.  And yet, it really doesn’t get that much attention or consideration.  Sure, the 2008 revision made us stop and clearly identify any “exclusions” we wanted to take, but to what end?  For whose benefit?  Mostly, for the benefit of a third party to provide rules for compliance.  But in many cases, the organization itself could be shortchanged, because there isn’t traditionally a period of self-evaluation to really think long and hard about who we are and why we’re developing a quality (or business) management system in the first place.

I like the new language a lot.  In 4.2, the organization must ask itself who has the potential to impact their ability to “consistently provide products and services that meet customer and applicable statutory and regulatory requirements”.  This is critical to know in order to make an effective strategic plan. 

Does your QMS (quality management system) include this critical area?  Have you identified your interested parties?  Who has the ability to impact your ability to meet your customers’ expectations?  Your suppliers?  Your landlord or property manager?  The local/state/federal government?  How about your neighbors?  For example, if you are a manufacturer located in an industrial park, do you share parking space or traffic patterns?  Could these logistics challenges impact your ability to service your customer?  Are there interested parties you must collaborate with in order to run your business effectively?  Do you know all of these requirements?  How do you monitor them?  As suggested in a comment in our discussion last week, perhaps Management Review (upcoming in Clause 9 Performance Evaluation) will be a good place.  Also, as we approach the new “Risk Based Thinking” language in the 2015 revision, these areas will be critical to know in order to effectively evaluate which may create the most significant opportunities for risk, and what we should do about them.

Understanding who the interested parties are, and what their requirements are, is a paramount consideration when developing a QMS.  Next week, we’ll pair this information with the processes needed to fulfill the product or service requirements of those interested parties, and that will form the “scope” of the QMS. 

LAST WEEK’S HOMEWORK

Did you identify your organization’s purpose and strategic direction?  If so, you’re ready to take the next step in defining who you are- what you do – and how you do it.

THIS WEEK’S HOMEWORK

Take a moment to identify the “interested parties” for your organization.  In other words, who has the ability to impact your ability to meet your customers’ and applicable statutory and regulatory requirements”?  After you’ve identified “who” may impact this, ask yourself “how” they may impact you.  This becomes the infrastructure for next week’s identification of the scope of the entire QMS.  Keep in mind while you’re doing this that you will want to create a way to review and monitor this over time and take measures to mitigate any undesirable risk or impact to your QMS. Get your creative juices flowing and then look for those internal and external “interested parties” and jot them down.  Because next week, we’re going to consider the processes needed to satisfy the needs of these internal and external customers/parties.

Stay involved and engaged – SUBSCRIBE!

This is a 52 week discussion of the proposed 2015 revision of ISO9001. We challenge you to follow us each week, and review your QMS from top to bottom with us. By year end 2015, you can have your QMS upgraded and ready for the 2015 revision!

 
4.1 Understanding the organization and its context

This is the cornerstone upon which the QMS should be built. Previous versions of the standard have required the organization understand and identify the “scope” of their QMS. I personally really appreciate this particular revision for 2015. Here’s why.

Previously, the focus in this area would point to convenience for the auditor. Organizations would typically interpret this area as a way to introduce the auditor to the organization and begin to clarify any exclusions to the standard the auditor should be aware of. It sets a tone that reduces the value-proposition right from the beginning. It sends the message that rather than using the ISO standard to establish a compliant, and more importantly, effective QMS, we are going to structure our QMS to be easily evaluated by a third party.

This new language and the changes made are very subtle, but they do give more guidance to an organization about how to describe their business and which things should be considered. These areas, if well defined, will also provide many of the areas of “risk” that will be targeted later in the standard. But, we’ll wait to open that Pandora’s box about “Risk” until we come to it in Week 12.
What I don’t love about this section are the specific requirements of “shall monitor and review the information about these external and internal issues”. There is no requirement for a record of this review, but a “shall” is a “shall”. And given the guidance in NOTE 1 and NOTE 2, the context characteristics that might be considered would almost certainly not be “monitored and reviewed”. This looks like a great place to get stuck with an auditor in the age old argument – “we (monitor and review) them” + “how do I know that?” + “we promise” + “show me”…….

Nevertheless, notwithstanding the fact that there is some ambiguity here in terms of a compliance audit, I wish that all organizations would take a moment to consider and understand these characteristics about their business and make them the cornerstone of their QMS, or better yet, their business management system.

A WORD ABOUT DOCUMENTATION – Whether to document this particular section depends on how difficult it was to answer to the first few questions. But be advised that there is a requirement further ahead in 4.3 that the scope of the QMS be documented. There is a lot of discussion about documentation – some people want to document everything – some nothing. This is the time to put “risk” in the back of your mind and ask yourself some questions.. I find it the easiest way to decide whether I document something or not. What if I don’t document this? Will my organization-at-large be aware of the requirement and our answer to it? If the answer is YES, and if there is no specific requirement in the standard, I don’t document it. But if you are really into documenting things, ask yourself another question. What if I document this? Will my organization-at-large be aware of the document and how it affects them and the QMS? Be sure the answer is YES.

LAST WEEK’S HOMEWORK
Did you gather your information about last week’s 10 questions? If so you’re ready to go.

THIS WEEK’S HOMEWORK – Use last week’s questions to determine your organization’s purpose and strategic direction. Sometimes this begins with a mission statement, but whatever is appropriate to your organization will suffice. Remember, working through this section of the standard is an area where you should be aware of not adding unnecessary “fat” to your QMS. Decide who and what your organization is, then move forward accordingly with a clear focus. Next week, we’ll begin to use our purpose and strategic direction to identify our external and internal issues which should be considered in the architecture of our QMS. Good luck!

Stay involved and engaged – SUBSCRIBE!

This is a 52 week discussion of the proposed 2015 revision of ISO9001.  We challenge you to follow us each week, and review your QMS from top to bottom with us.  By year end 2015, you can have your QMS upgraded and ready for the 2015 revision! 

4 Quality Management System

What is your definition of a QMS (Quality Management System)?  According to Wikipedia, it is a “collection of business processes to achieve quality policy and quality objectives to meet customer requirements”.

Obviously, this should be well considered and clearly defined for any business as part of its business plan.  It is also a key area that should be addressed at the very beginning of any quest for ISO9001 compliance or registration.  So, let’s start at the beginning.  This week is all about strategic planning.  Start to put a face to your business by creating a profile which describes what your business does and how it does it.

If you are starting your QMS from scratch, spend the next week jotting down some thoughts about this.  Next week, we will go through 4.1 General Requirements with a fine toothed comb to get you on your way to a successful construction (or review of your current QMS) that will be compliant to the proposed 2015 version of ISO9001.

LAST WEEK’S HOMEWORK – Keep yourself accountable!

Did you do get your copy of ISO9001:2015?  Order from ISO.org

Did you review all the Terms and Definitions in the standard and evaluate whether these should be reviewed with your team?  Did you get it done or put a plan in place?

THIS WEEK’S HOMEWORK – Keep up the good work!

Prepare for next week by getting ready to create a profile of your company and your QMS.  Ask yourself the following.  (We will begin putting this to paper next week).

1.  Why does your business exist?  What does it do?

2.  What are your products or services?

3.  Who are your customers?

4.  What are the criteria, specifications of your products (services)?  And what are your customer expectations?

5.  How do you take your product (service) from start to finish?  What processes are necessary to create your product (service) and deliver it to the customer?

6.  Do you rely on suppliers to create your product?  How will you manage them?

7.  What level of performance do you expect?  What are your objectives for these processes?

8.  How will you measure your performance?

9.  What will you do when you do/do not meet your objectives?

10.  How will you continually challenge yourself to do better?

Work on these 10 questions this week and be ready with your answers.  Next week, we will start reviewing our QMS.  If your QMS is new, you’ll begin writing/framing your QMS.  If you’re doing a review of an existing ISO9001 system, you’ll review your QMS for it’s compliance to section 4.1 of the standard.

This is a 52 week discussion of the proposed 2015 revision of ISO9001.  We challenge you to follow us each week, and review your QMS from top to bottom with us.  Each week, we discuss a specific clause of the proposed ISO9001:2015 standard in detail and look for ways to trim the fat from our quality management systems.  By year end 2015, you can have your QMS upgraded and ready for the 2015 revision!  (It is strongly recommended that you purchase a copy of the ISO9001:2015 Revision for reference).

The proposed revision of ISO9001:2015 begins with the usual explanation of “Scope”, “Normative References” and “Terms and Definitions”.  Let’s break them down one-at-a-time.

1 Scope – the ISO standard takes a moment to introduce itself and explain the potential applicability to a business.  It clearly states what “it IS” and what “it IS NOT”.  It explains that it is generic and intended to be universally applicable to many different types of organizations.  We should keep this in mind as we will be tasked later with identifying the scope of our own quality management system.  We will have to clearly define what it DOES and DOES NOT apply to within the context of our businesses.  We can take a cue from the ISO 1 Scope statement – define the boundaries or draw a line around the QMS.

2 Normative References – this is easy – there ARE no normative references in ISO9001:2015, therefore there are no significant changes.  This was added simply as a number alignment so that all ISO standards will eventually have similar numbering.

3 Terms and Definitions – there are 69 terms and definitions included in the standard!  And it is critical that EVERYONE associated with the design, development, implementation, maintenance, continual improvement and auditing of your QMS clearly understand each of these terms and definitions.  These terms are provided to establish a framework of communication so that all parties have a common understanding of the requirements and criteria.

THIS WEEK’S HOMEWORK – Read carefully through the “Terms and Definitions”.  Review your QMS and ask yourself – are these terms clearly understood by everyone?  Are they specifically taught as part of our training?  Does our internal audit team clearly understand these terms?  Does our team and our external auditing team communicate well and understand these terms together?  What improvements should I make to ensure these terms and definitions are a solid underpinning to our QMS?

Use this week to make whatever changes are necessary to ensure the Terms and Definitions are understood throughout your organization.

‎How can I help?  Reach out if you need support in training or clarifying these terms with your team.  ‎