15 Months to Certification: Using SharePoint as the Platform for an ISO 9001 QMS

6,979 views

Published on

Published in: Business
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
6,979
On SlideShare
0
From Embeds
0
Number of Embeds
35
Actions
Shares
0
Downloads
140
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

15 Months to Certification: Using SharePoint as the Platform for an ISO 9001 QMS

  1. 1. 15 Months to Certification: Using SharePoint as the Platform for an ISO 9001 QMS Barry Peters Vice President, Corporate Quality and Compliance Telerx Marketing NextDocs Confidential
  2. 2. Agenda <ul><li>Who is Telerx? </li></ul><ul><li>Importance of ISO </li></ul><ul><li>Vendor Selection </li></ul><ul><li>ISO Business Processes </li></ul><ul><li>Lessons Learned </li></ul>NextDocs Confidential
  3. 3. Who is Telerx? <ul><li>Headquartered in Horsham, PA (Philadelphia suburb) </li></ul><ul><li>15 th largest US-based multi-channel contact center and BPO </li></ul><ul><li>A wholly-owned independent subsidiary of Merck & Co., Inc. </li></ul><ul><li>Established in 1980 </li></ul><ul><li>Over 1,700 employees </li></ul><ul><li>Global Locations </li></ul><ul><ul><li>North America </li></ul></ul><ul><ul><li>Latin America </li></ul></ul><ul><ul><li>Philippines </li></ul></ul><ul><ul><li>China </li></ul></ul><ul><ul><li>Europe </li></ul></ul><ul><ul><li>[email_address] </li></ul></ul><ul><ul><li>Client Sites </li></ul></ul>
  4. 4. Who is Telerx (cont’d.) <ul><li>Specialists in customer care, customer relationship management, and business process outsourcing </li></ul><ul><li>Focused on Quality & Operational Optimization </li></ul><ul><li>Support complex customer interactions for Fortune 500 companies across multiple verticals </li></ul><ul><ul><li>Healthcare/Pharmaceutical </li></ul></ul><ul><ul><li>Consumer Products </li></ul></ul><ul><ul><li>Retail </li></ul></ul><ul><ul><li>High-Tech </li></ul></ul><ul><ul><li>Luxury </li></ul></ul><ul><li>Awards </li></ul>
  5. 5. Importance of ISO9001 <ul><li>We provide lower cost customer care solutions </li></ul><ul><li>Our clients want assurance that quality is built into the cost structure </li></ul><ul><li>ISO9001:2008 provides independent certification of a working Quality System </li></ul><ul><li>Supports continuous improvement </li></ul>NextDocs Confidential
  6. 6. Vendor Selection <ul><li>Utilize existing SharePoint infrastructure </li></ul><ul><li>Understand 21 CFR 11 </li></ul><ul><li>Low reliance on vendor for configuration changes post launch </li></ul><ul><li>Reference-able in the verticals we serve (pharma, biotech, consumer packaged goods) </li></ul>NextDocs Confidential
  7. 7. Product Purchase/Scope <ul><li>NextDocs Document Management v3.1 </li></ul><ul><li>No HR module </li></ul><ul><li>Recently upgraded to v3.6 </li></ul><ul><li>Validation performed in-house </li></ul>NextDocs Confidential <ul><li>1800 employees over 6 sites and 2 countries </li></ul><ul><li>250 actively involved in document lifecycles </li></ul>
  8. 8. Toolkit Purchased NextDocs Confidential Document lifecycles, overlays, numbering Digital Signature Engine (Arx)
  9. 9. ISO Business Processes <ul><li>Document Control </li></ul><ul><li>Record Control </li></ul><ul><li>Change Control </li></ul><ul><li>Design and Development of Product </li></ul><ul><li>Internal Audit </li></ul><ul><li>Non-Conformances </li></ul><ul><li>Corrective/Preventive Action (CAPA) </li></ul>NextDocs Confidential
  10. 10. Document Control (ISO clause 4.2.3) NextDocs Confidential
  11. 11. Overview <ul><li>X-Docs supports Telerx controlled document process </li></ul><ul><li>X-Docs is used for controlled documents </li></ul><ul><ul><li>Policies </li></ul></ul><ul><ul><li>Standard Operating Procedures (SOPs) </li></ul></ul><ul><ul><li>Work Instructions </li></ul></ul><ul><li>Provides an audit trail and proper control to view only the current, approved version </li></ul><ul><li>System controlled actions are maintained by document “lifecycles” </li></ul><ul><li>System controlled periodic review </li></ul>NextDocs Confidential A statement of position to achieve a desired outcome Supports policies by specifying the plan intended to produce a stated outcome. Ensures the stated outcome either via step by step detail of the responsibilities for the employees doing the job or providing other means of instruction in order to perform a job.
  12. 12. Document Lifecycle – Policies and SOPS NextDocs Confidential Draft Feedback Approval Training Effective Retired Where documents are authored Authorized approvers digitally sign the document here Author acts on task when “training is complete” in this stage This is the stage where the current approved version sits Where a document is no longer needed, it is moved to retired SME and others provide revision suggestions on the document here Documents move through by “promotion”
  13. 13. Document Lifecycle – Work Instructions NextDocs Confidential X Draft Feedback Approval Training Effective Retired Where documents are authored Authorized approvers digitally sign the document here Author works with mngmt. on training needs if required and acts on task when “complete” This is the stage where the current approved version sits Where a document is no longer needed, it is moved to retired SME and others provide revision suggestions on the document here Documents move through by “promotion”
  14. 14. Document Libraries- Applied to Lifecycle NextDocs Confidential Draft Feedback Approval Training Effective Retired Lifecycle Stages Working Document Libraries Working Working Training Effective Working
  15. 15. X-Docs: Unique Features <ul><li>Use of folder permissions to assure access and confidentiality </li></ul><ul><li>Review by Compliance Department programmatic by lookup </li></ul><ul><li>Concept of permission steward utilized in workflows </li></ul>NextDocs Confidential
  16. 16. Record Control (ISO clause 4.2.4) NextDocs Confidential
  17. 17. Record Control <ul><li>Utilizing X-Docs (EDMS) for procedures around record control and retention schedules </li></ul><ul><li>Will utilize SharePoint's Information Management Policies to enforce archival and deletion </li></ul><ul><li>Workflow processes invoked based upon record metadata </li></ul>NextDocs Confidential
  18. 18. Change Control (ISO Clause 6.3) NextDocs Confidential
  19. 19. Change Control <ul><li>To support ISO section 6.3 as well as PCI certification (DSS1.1) </li></ul><ul><li>Changes to infrastructure are reviewed for impact prior to their implementation </li></ul><ul><li>Impact analysis and sign-off is documented via electronic signatures and workflow </li></ul><ul><li>Utilize Auto-numbering feature </li></ul>NextDocs Confidential
  20. 20. Design and Development (ISO clause 7.3) NextDocs Confidential
  21. 21. Design and Development <ul><li>Refers to product or service </li></ul><ul><li>In Telerx context, this is from RFP to contract </li></ul><ul><li>SharePoint used to route internal solutions documents </li></ul><ul><li>Uses simple workflow, auto-numbering and automated document status updates </li></ul>NextDocs Confidential
  22. 22. Internal Audit Program (ISO clause 8.2.2) NextDocs Confidential
  23. 23. Internal Audit Program <ul><li>SharePoint and extended features (NextDocs) perform the following functions </li></ul><ul><ul><li>Audit document lifecycles </li></ul></ul><ul><ul><li>PDF rendering </li></ul></ul><ul><ul><li>Auto-numbering </li></ul></ul><ul><li>Scheduling handled in a SharePoint list with cross reference to non-conformance log for audit findings </li></ul>NextDocs Confidential
  24. 24. Internal Audit Program (Reports) <ul><li>Can use for audit report lifecycle and internal review </li></ul><ul><li>Additionally, using watermarking, track changes and PDF rendering for automated document control </li></ul>NextDocs Confidential
  25. 25. Non-Conformances/CAPA (ISO Clauses 8.3-8.5) NextDocs Confidential
  26. 26. Non-Conformances/CAPA <ul><li>Non-conformances are issued whenever there is a non-adherence to an approved policy, standard operating procedure or regulation </li></ul><ul><li>Manner to assure continuous improvement. </li></ul><ul><li>Can arise by self-reporting or in the course of an audit (internal or external) </li></ul><ul><li>Investigation, root cause analysis and CAPA planning are recorded in the list item </li></ul><ul><li>On creation, workflow limits permissions on “need to know” due to client confidentiality. </li></ul>NextDocs Confidential
  27. 27. Non-Conformance, CAPA and Effectiveness Checks NextDocs Confidential
  28. 28. Lessons Learned <ul><li>ISO not just window dressing, does support continuous improvement </li></ul><ul><li>Minimize user training with a large implementation (i.e., use existing toolset) </li></ul><ul><li>Over-emphasize process via systems </li></ul><ul><li>Fast follower vs. early adopter </li></ul><ul><li>Support the user community – internal and external! </li></ul>NextDocs Confidential
  29. 29. Questions NextDocs Confidential

×