PECB Webinar: ISO 29001:2010 – Supplemental Requirements & Impact of ISO 9001:2015
•
7 likes•1,119 views
If you have wondered what are the similarities and differences of ISO 29001 and ISO 9001, this is your chance to learn it. You will also see the requirements and what impact does Quality Management System has in Oil and Gas industry, especially the requirements of ISO 29001. You will learn all this in two sessions, which will be presented by PECB trainer David Smart, Managing Director of Smart ISO Systems / Smart Mentoring. David’s personal experience spans more than 40 years as a Manager, Auditor and Consultant, specializing in multiple fields related to ISO standards. He is a Lead auditor for ISO 27001, ISO 13485, ISO 9001, ISO 14001, ISO 29001, ISO 17025 and OHSAS 18001, and an active member of various institutes.
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Similar to PECB Webinar: ISO 29001:2010 – Supplemental Requirements & Impact of ISO 9001:2015
Similar to PECB Webinar: ISO 29001:2010 – Supplemental Requirements & Impact of ISO 9001:2015 (20)
More from PECB
More from PECB (20)
Recently uploaded
Recently uploaded (20)
PECB Webinar: ISO 29001:2010 – Supplemental Requirements & Impact of ISO 9001:2015
- 1. ISO29001:2010 SUPPLEMENTAL REQUIREMENTS & IMPACT OF ISO9001:2015 Presenter: David S Smart v Transport | Telecommunication | Energy ISO TS 29001:2010 www.smartmentoring.co Transport | Telecommunication | Energy
- 2. NOTES 1. Annex A of ISO9001:2008 is not considered part of this technical specification. If the comparison of ISO9001:2008 is required the reader is encouraged to review Annex A of the referenced ISO9001:2008 documents 2. The requirements of ISO9001 are contained within the boxes of the Standard whereas the supplemental requirements (API) are documented below the relevant clause box
- 3. GLOSSARY OF TERMS Customer – The receiver of the service Purchaser – The provider of the service Control feature – Organisation’s documented method for performing an activity under controlled conditions to achieve conformity to specified requirements Product realisation - The work that the organization goes through to develop, manufacture, and deliver the finished goods or services. An effective Quality Management System (QMS) includes a comprehensive approach to getting from the product concept to the finished product
- 4. CLAUSE 1.2.1 APPLICATION “Where exclusions are made, claims of conformity to this Technical Specification are not acceptable unless these exclusions are limited to requirements within the sub clauses listed below, in this sub clause and such exclusions do not effect the organisation’s ability, or responsibility to provide product that meets customer and applicable regulatory requirements” 7.3 Design & development 7.5.1 Control of production and service provision 7.5.2 Validation of processes for production and service provision 7 .5.4 Customer property
- 5. CLAUSE 4.1.1 OUTSOURCED PROCESSES AND/OR SERVICES “The organisation shall maintain responsibility for product conformance to specified requirements when processes are outsourced”
- 6. CLAUSE 4.2.2.1 QUALITY MANUAL “The Quality Manual shall identify the manner in which the organisation addresses each specific requirement of this technical specification, including both the requirements of ISO9001:2008 and the supplemental requirements”
- 7. CLAUSE 4.2.3.1 – CONTROL OF DOCUMENTS “A master list or equivalent control feature shall be used to identify the documents required by the quality management system and their current revision status”
- 8. CLAUSE 4.2.3.2 – CONTROL OF DOCUMENT CHANGES “Changes to documents shall be reviewed and approved by the same functions that performed the original review and approval”
- 9. CLAUSE 4.2.4.1 – CONTROL OF RECORDS “The documented procedure shall identify the functions responsible for the collection and maintenance of records” Note: collection is the process of obtaining , assembling and/or organising applicable documentation with the intent of meeting the requirements of 4.2.4 Records required by applicable industry product standards shall be retained for not less than the period of time specified by the industry standard or five years, which ever is the longer. Records required to provide evidence of conformity to requirements and of the effective operation of the quality management system shall be retained for a minimum of five years
- 10. CLAUSE 5.3.1 – QUALITY POLICY “Top management shall document the approval of the quality policy”
- 11. CLAUSE 5.6.1.1 – MANAGEMENT REVIEW (GENERAL) “The management review shall be conducted at least annually” Note: This includes monitoring of quality objectives as part of the management review
- 12. CLAUSE 5.6.2 – MANAGEMENT REVIEW INPUT C) Process performance and product conformity Notes: 1.In conjunction with 8.4 included trends of product nonconformity 2. Includes reports and analysis of field nonconformities f) Changes that could effect the QMS and recommendations for improvement Note: includes applicable changes to petroleum, petrochemical and natural gas industry standards
- 13. CLAUSE 6.2.2.1 TRAINING “The organisation shall establish control features for identifying training needs and providing training of personnel who perform activities addressed in the QMS. The raining requirements shall provide for quality management training and for job raining of personnel. The frequency of training shall be defined by the organisation.” Note 1; 6.2.2.1 provides on-the job training for personnel in any new or modified ob affecting product quality, including contract or agency personnel. Note 2: 6.2.2.1 includes having a process to measure the extent to which its personnel are aware of the relevance and importance of their activities and how hey contribute to the achievement of the quality objectives (see 6.2.2d) It is advisable that personnel whose work affect quality be informed about the consequences brought to bear on the customer of nonconformity to quality equirements
- 14. CLAUSE 7.1.1 PLANNING OF PRODUCT REALISATION “When product requirements are provided from external sources the organisation shall define the methods and shall establish control features (3.1.1) used to translate These requirements into the product realisation process”
- 15. CLAUSE 7.2.2.1 REVIEW OF REQUIREMENTS RELATED TO THE PRODUCT “The organisati0n shall establish control features (3.1.1) to review requirements related to the product”
- 16. CLAUSE 7.3.1.1 DESIGN & DEVELOPMENT PLANNING “The organisation shall establish control features for the design of the product”
- 17. CLAUSE 7.3.1.2 DESIGN DOCUMENTATION “Design documentation shall include methods, assumptions , formulae and calculations”
- 18. CLAUSE 7.3.2.1 DESIGN & DEVELOPMENT INPUTS “The organisation shall identify, document and review product design input requirements. Design and development inputs shall include customer specified requirements”
- 19. CLAUSE 7.3.3.1 DESIGN & DEVELOPMENT OUTPUTS “Design & development outputs shall be documented”
- 20. CLAUSE 7.3.4.1 DESIGN & DEVELOPMENT REVIEW “A final design review shall be conducted and documented individual(s) other than the person or persons who developed the design shall approve the final design”
- 21. CLAUSE 7.3.5 DESIGN & DEVELOPMENT VERIFICATION Note: design verification activities includes one or more of the following: Confirming the accuracy of design results through the performance of alternative calculations Review of design output documents independent of activities of 7.3.4 Comparing new designs to similar proven designs
- 22. CLAUSE 7.3.6 DESIGN & DEVELOPMENT VALIDATION Note: design validation includes one or more of the following Prototype tests Functional and/or operational tests of production products Field performance tests and reviews
- 23. CLAUSE 7.3.7.1 CONTROL OF DESIGN CHANGES “Design and development changes including changes to design documents shall require the same controls as the original design and development , as well as design documentation”
- 24. CLAUSE 7.4.1.1 PURCHASING PROCESS “The organisation shall establish control features for the purchasing process and supplier selection”
- 25. CLAUSE 7.4.1.2 CRITERIA FOR SUPPLIER SELECTION, EVALUATION AND RE-EVALUATION “Criteria for the selection, evaluation and re-evaluation of suppliers shall include one or more of the following” Inspection of suppliers product by the organisation at suppliers facility Inspection of suppliers final product by the organisation on delivery Surveillance of suppliers conformance to the organisation’s purchasing requirements Verification by the organisation that the suppliers QMS conforms to an internationally recognised QMS standard/technical specification Note: where there are mergers, acquisitions or affiliations associated with suppliers consideration includes the organisation verifying the continuity of the suppliers QMS and its effectiveness
- 26. CLAUSE 7.4.1.3 SUPPLIER PROVIDED PROCESSES THAT REQUIRE VALIDATION “Where an organisation chooses to outsource any process that requires validation , the organisation shall require that the supplier comply with the requirements of 7.5.2 as applicable (see 4.1)”
- 27. CLAUSE 7.4.2.1 PURCHASING INFORMATION “Purchasing information provided to the supplier shall be documented and shall describe the product to be purchased including where appropriate the items in 7.4.2 as well as type, class grade or other precise identification, the title or other positive identification and applicable issues of specification drawings, process requirements, inspection instructions or other relevant technical data”
- 28. CLAUSE 7.4.3.1 VERIFICATION OF PURCHASED PRODUCT “The organisation shall establish control features for the verification of purchased product. The organisation shall maintain records of verification activities (see 4.2.4)”
- 29. CLAUSE 7.5.1.1 CONTROL OF PRODUCTION & SERVICE PROVISION “The organisation shall establish control features that describe the control of production and service activities performed”
- 30. CLAUSE 7.5.1.2 PROCESS CONTROLS “Process controls shall be documented in routings, travellers, checklists, process sheets or other types of control features and shall include requirements for verifying compliance with quality plans, control features and reference standards/codes. The process control documents shall include or reference instructions, workmanship and acceptance criteria for processes, tests inspections and customer inspection hold or witness points”
- 31. CLAUSE 7.5.2.1 VALIDATION OF PROCESSES FOR PRODUCTION & SERVICE PROVISION “The organisation shall validate those processes identified by the applicable product specification as requiring validation. If these processes are not identified or there is no product specification involved the processes requiring validation shall include as a minimum non-destructive examination welding and heat treating , if applicable to the product”
- 32. CLAUSE 7.5.3.1 IDENTIFICATION & TRACEABILITY “The organisation shall establish control features for identification and traceability of the product by suitable means from receipt and during all stages of production , delivery and installation, as required by the organisation, the customer and the applicable product specifications”
- 33. CLAUSE 7.5.3.2 IDENTIFICATION & TRACEABILITY MAINTENANCE AND REPLACEMENT “Control feature shall include requirements for maintenance or replacement of identification and traceability marks and records”
- 34. CLAUSE 7.5.3.3 PRODUCT STATUS “The organisation shall establish control features for the identification of product status”
- 35. CLAUSE 7.5.4.1 CUSTOMER PROPERTY “The organisation shall establish control features for the verification, storage maintenance and control of customer property”
- 36. CLAUSE 7.5.5.1 PRESERVATION OF PRODUCT “The organisation shall establish control features describing the methods used to preserve the conformity of product for the activities of 7.5.5”
- 37. CLAUSE 7.5.5.2 PERIODIC ASSESSMENT OF STOCK “In order to detect deterioration, the condition of product or constituent parts in stock shall be assessed at specified intervals” Note: 7.5.2.2 includes the possible use of inventory management to optimise inventory turnover time and ensure stock rotation such as FIFO
- 38. CLAUSE 7.6.1 CONTROL OF MONITORING & MEASURING EQUIPMENT “The organisation shall establish control features to control calibrate and maintain monitoring and measuring equipment. Control features shall include equipment type, unique identification, location, frequency of checks, check method and acceptance criteria”
- 39. CLAUSE 7.6.2 ENVIRONMENTAL CONDITIONS “The organisation shall ensure that the environmental conditions are suitable for the calibrations, inspections, measurements and tests being carried out” Note; records of the calibration /verification activity for all gauges, measuring and test equipment needed to provide evidence of product conformity to determine requirements, including employee and customer owned equipment should include Equipment identification, including the measurement standard against which the equipment is calibrated Revision following engineering changes Any out-of-spec readings as received for calibration/verification An assessment of the impact of out-of-spec condition and Notification to the customer if suspect product or material has been shipped
- 40. CLAUSE 8.2.2.1 INTERNAL AUDIT “Internal audits shall be scheduled and conducted at least annually by personnel independent of those who performed or directly supervised the activity being audited”
- 41. CLAUSE 8.2.2.2 RESPONSE TIMES “The organisation shall identify response times for addressing detected non-conformities”
- 42. CLAUSE 8.2.4.1 MONITORING & MEASUREMENT OF PRODUCT “The organisation shall establish control features to monitor and measure the characteristics of the product”
- 43. CLAUSE 8.3.1 RELEASE OR ACCEPTANCE OF NONCONFORMING PRODUCT The process of evaluation, release and acceptance of nonconforming product shall include one or more of the following: - Accepting products that do not satisfy manufacturing acceptance criteria provided that: - Products satisfy the design acceptance criteria The violated manufacturing acceptance criteria are categorized as unnecessary to satisfy the design criteria or Products are repaired or reworked to satisy the design acceptance criteria Accepting products that do not satisfy the original design criteria provided that the original acceptance criteria are changed in accordance with 7.3.7 and the materials or products satisfy the new design criteria
- 44. CLAUSE 8.3.2 FIELD CONFORMITY ANALYSIS “The documented procedure for nonconforming product shall include requirements for identifying, documenting and reporting incidents of field nonconformities (3.1.90 or product failures. The documented procedure shall ensure the analysis of field nonconformities, provided the product or documented evidence supporting the nonconformity is available to facilitate the determination of the cause”
- 45. CLAUSE 8.3.3 CUSTOMER NOTIFICATION “The organisation shall notify customers if product that does not conform to design acceptance criteria(3.1.6) has been delivered . The organisation shall maintain records of such notifications”
- 46. CLAUSE 8.4.1 ANALYSIS OF DATA “The organisation shall establish control features (3.1.4) for the identification and use of techniques for data analysis”
- 47. CLAUSE 8.5.2.1 CORRECTIVE ACTION “The organisation shall ensure that any corrective action is effective”
- 48. CLAUSE 8.5.2.2 RESPONSE TIMES “The organisation shall identify response times for addressing corrective action”
- 49. CLAUSE 8.5.3.1 PREVENTIVE ACTION “The organisation shall ensure that the preventive action is effective”
- 50. CORRELATION MATRIX ISO9001:2008 AGAINST ISO9001:2015
- 51. A.1 – STRUCTURE AND TERMINOLOGY The clause structure and some of the terminology of this international Standard in comparison with ISO9001:2008, have been changed to improve alignment with other management system standards The consequent changes in the structure and terminology do not need to be reflected in the documentation of an organisation’s QMS The structure of clauses is intended to provide a coherent presentation of requirements rather than a model for documenting an organisation’s policies, objectives and processes. There is no requirement for the structure of an organisation’s QMS documentation to mirror that of this international Standard
Editor's Notes
- The notes are self explanatory, just making the difference between the TS (technical specification) put together by the American Petroleum Industry (API) and the parts related to ISO9001
- Sometimes the terminology quality professionals use is confusing for the lay person. I have put together these four definitions of terms used in the Standard to assist in the understanding of the terms
- In ISO9001:2008 you can have exclusion clauses in any part of clause 7, in the 29001 standard the exclusions are more limited e.g. 7.3 identification & traceability,, 7.6 Control of monitoring & measuring devices The current "exclusions" clause 1.2 in ISO 9001 was originally introduced following the decision to withdraw the ISO 9002 and ISO 9003 standards in 2000. A means had to be found to enable organizations with quality management systems that did not include all of the requirements of ISO 9001:2000 for technical reasons, but which had previously been able to meet the requirements of ISO 9002 or ISO 9003, to be able to claim conformity to the standard. The resulting solution was clause 1.2. The new Standard has taken a different approach to the way in which its requirements are stated, when compared to the earlier editions of ISO 9001; consequently, there should no longer be any technical reasons for an organization's QMS not to be able to meet all the requirements of the new Standard.
- The onus is on you to ensure the outsourced sub-process e.g. spray-painting or plating meets your customers requirements. There are a number of ways you can achieve it the principle being that your subcontractor gives you the confidence the sub-process they carry out meets your customers requirements.
- Under the 2015 version of ISO9001there is no need to have a quality manual. Any material you still think is relevant that traditionally was part of the quality manual e.g organisation chart quality policy etc can be found a home in the front of your procedures manual, assuming of course the ISO29001 Standard is amended to meet the ISO9001:2015 Standard
- There is a requirement in ISO29001 to record the revision status on a master list to know what documents and forms are in the system. From the user point of view this makes it easy as they can cross-reference to know they have the current version of the procedure or form.
- The ISO9001:2008 version had two clauses 4.2.3 Document control & 4.2.3 record control, Now these have been combined as sub-clauses 7.5.2 creating & updating & 7.5.3 control of documented information in the 2015 version Documented information will be controlled and maintained by an organisation vand the medium on which it is contained Note 1 – Documented information can be in any format & media from any source (this attempts to make it clear what a document is e.g. work instructions can be pictures, audio tapes, any form of electronic medium or paper copies. Note 2 – Documented information refers to The QMS including related processes Information created in order for the organisation to operate (documentation) Evidence of results (records)
- We can see from the previous slides that there are changes in the way documents and records are managed and controlled. In the past ISO29001 has followed the changes made to ISO90001 as it is based on this Standard with the additional API requirements. Whether this will happen in this case remains to be seen. As an example ISO13485 has followed the changes to ISO9001 over the years, but now is going in a different direction, but the technical changes have been adopted
- All too often quality policies are cribbed from the internet and do not reflect the values and ethics of the company. The top team should all be involved with putting the quality policy together as that is the core of the QMS. Also they should all approve it, not just get the quality manager to write one and then get the MD to sign and date it. It is a key document and should be regularly reviewed to ensure that it still meets with the values and ethics the company has. It is important also to test the understanding by employees of how the quality policy impacts on their jobs and their contribution to ensuring the policy is adhered to. All to often it is a set of “fancy” words that have no resonance to the rank and file employees never mind the management team When writing the scope of the QMS, the organisation must consider that both the quality policies and objectives must be aligned “with the strategic direction of the organization”
- There is a lot of discussion around how often management reviews should take place. The ISO9001 Standard does not define how often these reviews take place whereas the ISO29001 states it will take place at least annually. This is often interpreted as the whole of the standard over a 3 year period. Myself I take the viewpoint that it should be done every quarter. My thinking is if the financial performance is reported quarterly which is standard practice then the QMS performance should also be reported on every quarter. This is an additional source of data to manage the business around. The broader base and source the data is taken from will result in better quality of decision making to manage the business around. You can compare apples with apples and if the financial vary from the quality data it should be investigated especially as the financial reports are all lagging indicators i.e. “how we performed over the previous 3 months”
- Management reviews will only be effective if data is recorded correctly in the first place. If the culture in the organisation is a “blame” one, then the issues will be covered up and not recorded, so there will be nothing to analyse and report on. The culture in the organisation needs to be that “errors” are an opportunity to improve, not be used to apportion blame.
- Specifically the details are spelt out. There is a need to conduct training need analysis probably writing job descriptions doing periodic reviews of them to ensure they still meet ongoing business needs Under the ISO9001:2015 this has also been broadened to cover everyone in the organisation, not just those associated with “quality”
- The term “product realisation” is being dropped by the latest version of ISO9001 and is now being called “operation”. The “product realisation” term was never really understood by the rank and file users of the procedures, hopefully this will be solved by the use of the new terminology. In the glossary slide in this presentation which I went through earlier I gave a definition of the term “product realisation”
- This is the clause which I find causes the most problems whether it be ISO29001 or ISO9001. Often the clauses in the Contract are accepted without due consideration being given to whether they can be fulfilled or not. The attitude is “We will worry about how we are going to do the job after we get the Contract” This is very short-sighted and often comes back to “bite the butt” of the company when they start the contract with re-work and reputation loss because they have accepted the contract without realising its implications
- Design starts of with a “design brief” a concept what are we trying to do. All too often design engineers “fly by the seat of their pants” saying they have to have flexibility to think on their feet and change things. Planning is exactly what it says if a decision is reached then the rationale and decision should be documented all too often these decisions are verbal and forgotten why the decision was made later on in the process
- The entire design process must be documented. There is a tendency to be fluid in the approach by design engineers. They argue that the design is constantly changing and it will be documented at the end. The point being made here is that each stage of the development of the design must be documented and the reasoning of why it was adopted along with limitations and assumptions It starts off with a concept, then the inputs and outputs defined along with calculations to verify the design and also the validation methods used. Any changes to the design must have design reviews documented throughout the design’s life-cycle. Finally it must be released for manufacture with the necessary signoffs. Often the design and manufacturing phases run concurrently, when it is even more important to have auditable controls in place.
- When designing inputs the design engineer must explore what is available to him in the way of materials and component parameters along with any restrictions put on them by the Customer e.g. austenetic steel
- “Fag-packet engineering” is a term often used whereby the design engineer does not fully document his thinking and product development stages. He thinks that documenting the finished product characteristics is enough. Often the same process will be gone through again in subsequent design whereas if the thinking had been documented with the reason the design had be abandoned or failed it would have prevented this process having to be repeated
- Note that the final review must be carried out by others who have not been involved in the design process. This is to show an independent group or person other than the development team. This can be difficult to achieve this independence if it is a small design team
- a) Confusion often exists between verification & validation of a design. Verification is to “check” whereas validation is to “prove”. Examples of calculations would be simulations or computer modelling to artificially test the design envelope. b) The output documentation must also be reviewed not just do the calculations c) Proven designs must be compared to the new design for any differences or similarities
- Prototype validation – this may be sent to an external test-house, be tested in a lab or workshop or out in the field where it is tested against similar conditions it will face when put into service b) Functional testing: Before the finished design is released to the customer it needs to undertake functional and operational tests which may bring out factors not encountered during the prototype validation trials c) Field performance data: complaints while the product is in service and/or retro fit mods carried out when the product is in service are all example of life-cycle testing showing how the design has performed over time
- Change control is very important throughout the entire life-cycle of the design. Design & Development cost a lot of money especially when they result in failure Often a product is launched before the design has been fully proven with a brief put out that the company will support their product with a strong field support team. This rarely happens in practice. We only have to think of recent car recalls which when investigate the root cause was a design failure.
- Another significant change in terms are ‘purchasing’ and ‘outsourcing’ are being replaced with ‘external provision of goods and services’ Again I am just outlining the changes reflected in ISO9001:2015. How these changes will impact on ISO29001 is still in the melting pot. However as it is a derivative of ISO9001 then likelihood is the ISO29001 standard will follow suit
- In ISO9001 the selection and evaluation process is often done by sending a questionnaire to a potential supplier. This is often cribbed from a competitor or from the internet. It is of no value to the organisation it is completed and returned by the supplier only to gather dust in a drawer in the buyer’s office. Criteria should be selected that meets the needs of the organisation e.g. How often were goods delivered on time, to the correct spec, what problems are being experienced on the production lines etc.
- Outsourcing is another area where the buying and quality functions do not work together to define and monitor meaningful criteria to ensure the outsourced process is under control. They rely on the outsourced organisation to provide good product. This is how it should be, but it needs verifying by the parent organisation, not just taken on trust. Also sending sample product for evaluation is fine, but monitoring performance over time is even more important, standards can slip especially if the are problems in the organisation of a change in the management team
- Often purchased orders are vague and are often not reviewed properly. There is a tendency for the buyer to procure on price and ignore other parts of the review process.
- Verification is often done by the goods-in inspection department on incoming raw materials. This is expensive and these days sending material back has knock-on delays which extend the delivery times and destroy reputations. The policy should always be to inspect at source with the function of the parent organisation to be a QA rather than QC role.
- This is all about measurement. Criteria is often done in the shape of a quality plan but usually relies heavily on the knowledge and attitude of whoever if performing the inspection. During QA product audits where the QC functions are carried out along with the criteria should be audited in light of complaints, production and field failures. It is too easy to become complacent and assume your processes are still performing in the same way
- The travellers, route cards etc. are traditional ways of processing products. Bar charting along with other software packages along with other methods e.g. CCTV cameras is another way of monitoring your processes. Capturing who performed the task, who checked and tested it, how it was packaged and distributed are critical to giving assurances and also a way of protecting the company in the event of complaints by being able to demonstrate where the incident occurred through records investigation.
- The validation will often be specified by the customer who will want a hold point put on the quality plan so that their representative can become involved at critical parts in the process. NDT, welding and heat treating are all special processes that need accurate records kept to prove the results as a means of assuring customers their product performs as specified
- In the oil and gas industry traceability is considered extremely important. This can be expensive with 10% of contracts being allocated to providing documentation part of which is traceability.
- Again this technical standard is more explicit than ISO9001 whereby replacement parts need to be traceable and also control features defined e.g. 3.1c relating to castings whereby a certification body Lloyds inspectors are responsible for the transfer of marking on fitments from the original castings whereby the original forge marking have been machined out
- In ISO9001 the words inspection and test status are within the traceability clause. This again is more explicit in ISO29001 where it must be obvious at any part of the process what the status is e.g. operation 6 being done, in-process inspection point etc. Often this is done by means of traveller outlining the process and inspection/test operations the product has to go through
- This is often poorly defined under ISO9001 QM Systems where kits of parts are sent in from a customer and not adequately controlled. In ISO29001 customer property must be controlled with the inspection processing and preservation clearly defined. Where deterioration or damage occurs then it must be reported to the customer. I have seen for example customers parts being used on other
- The product must be protected throughout it entire time it is under the control of the organisation. It is no good keeping it under tightly controlled conditions during manufacture only for it to be damaged in transit or storage.
- Shelf life is important on components paint, obsolescent components are just two examples of how raw materials can cost the company large sums of money if not managed correctly. A stock rotation systems needs invoking and controlling e.g. a LIFO system where stock is regularly rotated to prevent its obsolescence.
- My experience of “calibration” within companies in North America was in general it was poorly understood especially with SME’s. A simple example would be that one of my clients thought that is a product was checked with 3 callipers it would be within its spec. I had a great deal of difficulty trying to explain everything has an error in it. It depends how accurately we require to measure the part. Also the principle of having one “primary Standard” in the world and “captive devices” to calibrate against are other areas I have had problems with.
- The notes in my view are pretty much self explanatory giving good guidance on how monitoring and measuring equipment environmental conditions are met. One area I sometimes find delinquent is employee owned equipment where claims are made for it and on investigating don’t hold up
- There is a tendency now for organisation to interpret the ISO9001 standard by using the fact that it does not say the processes will be audited annually. I see a 3 year cycle creeping in similar to what the certification body uses. Auditing is an appraisal tool, prevention is stressed in the new ISO9001 standard. The idea is to assure ourselves that our processes are “healthy”. We are moving to preventive medicine in our thinking with a realisation that we cannot sustain our present patch-up system. Using the medical analogy we need to audit our processes regularly, finding our patient healthy, not terminally ill. If they are found to be terminally ill, then we are saying our QA system is breaking down and need to revisit it and find out why it is producing “terminally ill patients”
- Often during audits NCR’s are ignored by the person they are raised against hoping that in time they will just disappear off the table. If we can get out of the thinking of a blame culture and see the NCR as an opportunity to improve our processes or re-train our staff, then the response times and close-out of the NCR will not be a laborious task
- The QC plan should be done by the production staff. The function of a modern QA department is to audit and provide support and assistance to the product team. The days should be gone whereby the battle lines are drawn with we make it & you inspect it. Two departments fighting over a bone is not good, especially if the end result is there is no bone to fight over as our competitor has stolen it because of silo management thinking
- Non-conforming product control: Ideally a rework instruction should be issued putting the reworked batch through the process to be reworked on the main line. All too often the controls are weak with a cursory re-work of it often due to bonus systems being in place and no bonus paid for the reworking of the product. Also the emphasis has to be on right first time a re-worked product is never as good as one produced first time. Also it costs a lot of money to process reworked units often resulting in delays and lost future orders
- The objective has to be to ensure that the raw data is accurately recorded. A customer returning a product saying it is “faulty” is not helpful. Even if the raw data is well recorded the analysis important is not recognised within the organisation.
- This just spells out that any subsequent design criteria found after the product has been put into service is given to the customer and not ignored e.g. recall to fit retro-fit mods
- FMEA, cause and effect diagrams and brainstorming are all tools that can be employed within the organisation to analyse the data. Often lack of internal training or lack of emphasis on the importance of it results in it becoming a tick box exercise rather than it being seen as an improvement tool
- Fixing the symptoms is not corrective actions. Finding the root cause takes time and requires skill-sets. The 80/20 rule applies here simply saying “operator error” is a cop out treating only the symptom. If the operator has been given the wrong information, drawing or lacks the training it is a “management error”
- The points made in a previous slide on response times apply here also i.e. “blame culture” versus “opportunities for improvement”
- Perhaps one of the biggest changes is that the term ‘preventive action’ is due to be removed. This revision now talks far more about risk instead – this identifies that virtually every decision we make in business has an element of risk attached to it, therefore the standard asks you to identify the risk (and opportunities) and plan your actions
- The next part of this presentation covers how the clauses in the ISO9001:2008 match into the new ISO9001:2015 version
- These notes are again self explanatory. There is an emphasis on the new ISO9001:2015 standard to put the emphasis on the auditor to check the process rather than relying on the process being written down. Under the 2008 version only 6 procedures needed documenting, this same principle applies whereas in the ISO29001 standard as it is currently the emphasis is on highly documented procedures
- Annex SL (previously ISO Guide 83) ISO 9001 will now follow a new high level structure, identical core text and common terms and definitions Using a simplified language and style of writing will help people (of all levels) to understand the requirements This common structure means that every new or revised ISO standard released from now on will have approx. 30% identical text. The clauses are expanding to ten from the current standard’s eight with additions for performance management and evaluation which more closely align with different standards through the “Annex SL’ model” which provides a framework for drafting standards which can be applied concurrently (integrated management systems or multiple management systems) such as ISO 9001, ISO 14001, ISO 27001, or ISO 22301. There are other changes such as replacing the term “product” and replacing it with “goods and services” and consolidating the previous ISO 9001:2008 standard into seven principles for ISO 9001:2015. The main change is dropping “Principle 5: System approach to management” because it is already a component of having a quality management system (QMS).
- Systems will now be required to take into account the “context of the organization” which implies a broader measurement, planning and implementation view “considering areas” such as “sustainability” (energy use, materials procurement, environmental impact, etc.), “corporate social responsibility,” “organizational resilience,” and “organizational health.” (This latter element incorporates areas relating to business continuity, from ISO 22301:2012 Societal security -- Business continuity management systems --- Requirements standard. Movement from “documents” (ISO 9001:2008 Clause 4.2.3) and “records” (Clause 4.2.4) to “document information,” (Clause 9.2 of ISO 9001:2015) which seems to be more accepting of electronic documents and document control approaches. However, the new clause language which more generally “requires organizations to: Retain documented information as evidence of the implementation of the audit program and the audit results,” has opened up some discussion about it not mandating procedures as in the past.
- There is no need now to have a dedicated management representative now. We have said for many years now “quality is everybody’s business”. The concept now is to take the concept of involving Top managers in the QMS including company Directors rather than pushing the responsibility down the organisation. This makes senior management responsible for achieving objectives thereby aligning the strategic direction of the organisation with the operational one “all singing out of the same hymnbook. By making the department head responsible for maintaining and updating their own procedures rather than this being the responsibility of the quality department will help in devolving and engaging with the entire management team with the QA function auditing the procedures. Top management now have more involvement – e.g. customer satisfaction has now been added to the management review process
- Instead of referring to ‘products’, the revised standard uses the term ‘goods and services’ – reflecting changes in the environments in which ISO-certified companies operate
- Movement away from classical corrective/preventative action approach to more of a general risk management model, as embodied in ISO’s own standard ISO 31000:2009, Risk management-Principles and Guidelines. There is no need to have a separate process for risk management as in OSHAS18001 and ISO14001 Areas where improvement opportunities can be found by ensuring that Proper work instructions are followed in the manufacturing process Proper fixtures and tools are used during assembly or manufacturing Correct specified measurements and checks are performed All required production information, such as serialization and genealogy, is captured \