This is a 52 week discussion of the proposed 2015 revision of ISO9001. We challenge you to follow us each week, and review your QMS from top to bottom with us. By year end 2015, you can have your QMS upgraded and ready for the 2015 revision!
Oh Boy! This week, we’re talking about 4.4 Quality management system and its processes! We’re really starting to get into it now.
LAST WEEK’S HOMEWORK was “Describe the scope of your quality management system with specific definition of your organization’s products and services, relevant interested parties (both internal and external) and the REQUIREMENTS of those interested parties.”
Well, how did that go? Did you find your boundaries??? Were you able to make a clear statement of what your organization does, what it’s context is and what requirements its QMS is designed to ensure it can meet? CONGRATULATIONS! You’ve successfully defined the “WHAT” of your QMS. Now, let’s talk about the “HOW”.
How does your organization fulfill its requirements? It fills it through the use of processes. This subclause (4.4) provides very clear guidance on the clear and concise construction of an effective QMS by providing a list of “shalls” that should be addressed when defining the infrastructure or “HOW” of your QMS. (NOTE: there IS also a requirement at the end of the section identifying it as required “documented information”, so I would write it down. That may or may not be a quality manual or other document – it might be a video, series of graphics or other media – that’s your choice, but a clear definition should be kept on hand. I really like the language in this section because it now does a better job explaining why these will help me (the organization) and not just to make things simple for a third party auditor.
In a very logical order, the “shalls” include first – a list of the processes used, then the inputs and outputs (so that they link to each other), then their sequence (to show how they interact), then the requirement of metrics to ensure whatever we determine to be a KEY process also include a KEY indicator to tell us if it’s working! Once we say what our processes are and how we’ll keep our eye on them, we must be sure the processes are properly resourced and are assigned to someone who can champion them. Further, we should know our processes intimately and understand their vulnerabilities (risk) and take steps to preemptively avoid those risks wherever we can. Through responsible design (considering and mitigating as many risk factors as possible), we will operate and monitor the processes. Then, should we fall short of our acceptable operating condition (our goals/indicators), we will have a clear plan of what to do about it. And finally, when all else is moving along smoothly, we will challenge ourselves to continually improve.
Good grief, how will we ever make this “documented information”? Any way you like. You can make a business plan. You can make a diagram. I like to use a hybrid process flow diagram using some value-stream-map-like annotations to indicate my acceptable metrics/assignment of responsibility/CAPA or CI plan, etc. Post it as a visual reminder and roadmap to the business and use it often in group meetings, problem solving sessions and kaizen events. It is a “living” map of how things are done and it helps keep what’s important out front!
THIS WEEK’S HOMEWORK
Identify which processes are used in your organization to fulfill your internal and external customers’ requirements. HINT: Use the main clauses of ISO9001:2015 to guide you, but be sure to personalize each area to show how your organization operates. This is the ultimate frame for your entire system, so do your best work on this! Feel free to post your questions, or contact me directly for support. GOOD LUCK!