Principles of Quality Management Interpreting the ISO 9001: 2000 requirements Audit programs Auditors requirements and roles Audit cycle : how to plan, conduct, and prepare audit report How to identify and write nonconformities
the four phases of audit how to make audits value added how to interpret the standard how to perform process audits how to gather objective evidence how to conduct successful audit interviews
Introduction
International Organization for Standardization is a worldwide federation of national standard bodies, with representatives from each of approximately 140 countries. The objective of ISO is to promote the development of standardization and related activities in the world with a view to
Purpose of ISO
ISO's purpose is to facilitate international trade by providing a single set of standards that people everywhere would recognize and respect
Benefits of ISO
Improved customer satisfaction Increased profits Enhanced marketplace recognition Break down of internal organization boundaries Increased productivity as the correct data, equipment, tools and documentation are integrated into the total process Decreased operating cost due to fewer problems Improved employee understanding of how ISO efforts, QMS and business strategy are aligned for improvement
Misconceptions on ISO
1. Some think ISO is purely documentation 2. The ISO 9000 standards tell a company how to setup and run its business 3. If you buy products/services from an ISO certified company, this means you are getting a product or service of highest quality 4. Once certified, no further activity is necessary
ISO Requirements
Section 1.0 Scope of QMS Section 2.0 Normative reference Section 3.0 Terms and definitions Section 4.0 Documentation requirements Section 5.0 Management responsibility Section 6.0 Resource management Section 7.0 Product realization Section 8.0 Measurement, analysis and improvement
Requirement of the standards
Clause 4.0 QMS Requirements - implement, document and maintain a QMS - identify the processes needed for QMS and its interaction - determine the criteria and methods to control these processes - ensure availability of resources and information - measure, monitor, and analyze the processes - achieve planned results and continual improvements
Documentation Requirements - documented statements of quality policy and quality objectives - quality manual - documented procedures required by the international standard - documents needed by the organization to ensure effective planning, operation, control of its processes - records required by the international standard
Document Control
approved for adequacy prior to use to review, update and re-approve documents identify current revision status to ensure that relevant version are available legible, readily identifiable and retrievable external documents are identified and distribution of these are controlled prevent unintended use of obsolete documents and apply identification if retained
Documented Procedures Required by ISO 9001:200 Control of documents Clause 4.2.3 Control of records Clause 4.2.4 Internal audit Clause 8.2.2 Control of nonconforming product Clause 8.3 Corrective action Clause 8.5.2 Preventive action Clause 8.5.3
Documents Needed by the Organization Specifically referenced in ISO 9001:2000 Quality policy Clause 4.2.1a Quality objectives Clause 4.2.1a Quality Manual Clause 4.2.1b
Additional Documentation There are several requirements of ISO 9001:2000 where an organization could add value to its Quality Management System and demonstrate conformity by the preparation of other documents
Production procedures and Work instruction guidelines HR, IT and Purchasing procedures Customer complaint Measurement analysis Customer satisfaction Change request Quality assurance Process maps, organization chart
Records
All records have to be controlled in accordance with the requirements of Clause 4.2.4 Records are to be controlled as evidence to conformance to requirements and of effective operation of QMS Records need to be legible, properly stored and protected, readily identifiable and retrievable Organization are free to develop records that may be needed to demonstrate conformity of their processes, products, and QMS
Required Records Clause Records Required 5.6.1 Management reviews 6.2.2e Education, training, skills and experience 7.1d Evidence that the realization processes and resulting product fulfill requirements 7.2.2 Results of product requirements review and actions arising from the review 7.4.1 Results of supplier evaluation and actions arising from evaluation 7.5.2d To demonstrate process validity where output can not be measured 7.5.3 Unique identification of a product
. . . records
7.5.4 Customer property 7.6a Basis for calibration of measuring equipment 7.6 Validity of previous results when measuring is found not to conform to its requirements 7.6 Results of calibration of measuring equipment 8.2.2 Internal audits 8.2.4 Evidence of product conformity based from acceptance criteria 8.3 Nature of product nonconformity 8.5.2 Results of corrective action 8.5.3 Results of preventive action
Documents are the future they tell you what to do or how something is done Records are the history of what you have done. Records are the proof you need to show that you follow your quality management system.
Clause 5.0 Management Responsibility - the quality policy shall be defined, documented, understood, implemented and maintained - develop, implement and improve QMS - formulate measurable quality objectives establish at relevant levels in the organization - responsibilities and authorities are defined and communicated within the organization - identify and meet customer requirements and enhance customer satisfaction - evidence that management is committed to QMS, customer/legal requirements, and continual improvement
Clause 6.0 Resource Management - identify and provide resource requirements - people must be competent to do the work based on education, training, skills and experience - identify and provide infrastructure needs and maintain this infrastructure - identify and manage needed work environment
Clause 7.0 Product Realization - plan and develop the realization processes - identify and review customer's requirements - develop and implement a process to control customer communication process - ensure that purchased products meet quality needs and requirements - control production and service provision - identify and track the products - protect property supplied by customers - preserve your products and components - identify, monitor, calibrate and protect measuring devices
plan, implement monitoring, measurement, analysis and improvement processes define the method for monitoring customer perception as to whether customer requirements have been met identify and control nonconforming products determine, collect and analyze data conduct internal audits at planned intervals continually improve effectiveness
Internal Quality Audit is a powerful tool for any business to measure the effectiveness of the Quality Management System. It is also a good management tool that can be used to review the processes and identify any weaknesses, risks and areas of improvement
Principles of auditing
1) Ethical conduct 2) Fair presentation 3) Due professional care 4) Independence 5) Evidence-based approach
Internal First Party audit External Supplier Audit Second Party audit Independent Organization - Third Party (Registrar)
IQA Requirements:
Plan the audit program considering status and importance of processes and areas and previous audit results Determine audit criteria and scope Define audit frequency and methods per Quality Manual yearly or as needed Select impartial and objective auditors Conduct audit at planned intervals Assess for conformity and effectiveness Maintain documents related to internal audit Ensure timely and effective corrective action Verification of Corrective Action
Audit Objectives
1) To determine to what extent our QMS: Achieves its objectives Conforms to company requirements Complies with regulatory standards Meets customer's requirements 1) To improve the efficiency and effectiveness of our QMS 3) To verify if our QMS continues to meet requirements
When to do an Audit
An auditee may carry out audits on a regular basis to improve quality system performance or to achieve business objectives
understand the auditee's expectations / corporate culture communicate concerns on previous audit result appropriate audit team selection to achieve audit objectives adequate time allocation
QM Responsibilities
to ensure that audit procedure is carried out and control the frequency and implementation of quality audits
Auditor's Role
Evaluate the QMS Carry out assigned audit tasks Comply with audit requirements Respect all confidentiality requirements Collect evidence about the QMS Document audit observations and conclusions Safeguard audit documents, records, and reports Find out if the quality policy is being applied See whether quality procedures are being followed Detect evidence that might invalidate audit results
Inquisitor Fault finder Rock Thrower Avenging angels (biased for or against) Dishonest Overactive
Professional Conduct
Auditors must behave in a professional manner. Auditors must:
have integrity and be independent and objective have the authority they need to do a proper job be willing to listen to others be able to communicate effectively with personnel at all levels avoid compromising the audit by discussing audit details with auditee during the audit
Personal Attributes
An auditor should be:
1) ethical fair, sincere, honest and discreet 2) open-minded willing to consider alternative ideas or points of view 3) diplomatic tactful in dealing with people 4) observant actively aware of physical surroundings and activities 5) perceptive instinctively aware of and able to understand situations 6) versatile adjust easily to different situations 7) tenacious persistent, focused on achieving objectives
Process Diagram
What (resources) equipment, tools, software Input what is received, when, from whom Method procedures, forms, instructions
What
Who
Input
Process
Output What
Output what is delivered, when, to whom Measures quality objectives, performance results
Method
Measures
Audit Planning
1. Prepare audit plan - define the objectives, scope and audit criteria 2. Determine the audit team 3. Notify the auditee and confirm schedule 4. Perform an initial document review procedures, records of CPAR, previous audit findings 5. Prepare necessary working documents for the audit audit notice, audit checklist
Audit execution
1. Start the audit by having an opening meeting and explain objectives 2. Define the role of guide or observer (if there's any) 3. Interview people at their workplace 4. Put the person at ease 5. Explain your purpose 6. Ask about job and applicable documents 7. Use open-ended questions (5 Ws and H) 8. Verify responses 9. Remember to ask for proof 10. Observe activities and examine record
. . . audit execution 11. Take random, yet representative sample 12. Follow trails to other areas based on scope 13. Check the facts (use other sources) 14. Record the evidence (checklist notes) 15. Make tentative conclusions 16. Give opportunity to discuss other subjects 17. Avoid consulting on cause and solution 18. Thank for time and cooperation 19. Review progress periodically with audit team 20. Compare audit evidence to audit criteria 21. Generate findings and prepare conclusions 22. Conduct closing meeting and report results
Objective evidence
Data supporting the existence or verity of something Clause 3.8.1 of ISO 9000:2000 May be obtained through observation , measurement, test or other means Does not necessarily depend on documented procedures, records or other documents except where specifically required by ISO 9001:2000
If person name and title, dept and manager If document document name, revision number and revision date If record identify record, record date
Audit Reporting
1. Prepare the preliminary audit report (Auditor) 2. Prepare the final audit report (Lead Auditor) 3. The report includes:
the detailed audit plan review of the evidence that was collected list of nonconformities that were identified judgment about how well the QMS complies with all quality system requirements assessment of the QMS's ability to achieve quality objectives and apply the quality policy
. . . reporting 4. Approve audit report 5. Issue audit report and CPAR (if necessary) in agreed time frame
an activity performed on a customer-supplied tangible product (car for repair) an activity performed on a customer-supplied intangible product ( delivery of an intangible product creation of ambiance for the customer
definition of needed documents (internal and external sources) distribution of documents to those that need to know control of documents for current revision level with emphasis on control of customer-driven changes dissemination of changes throughout all affected documents
The organization has an updated and continually improved QMS Processes must be identified Sequences of operations are determined Ensure that processes are working properly Ensure that there is sufficient resources QMS is monitored and improved
management's commitment to the development and improvement of QMS is defined Quality policy and quality objectives are established and relevant Had conducted management review There is sufficient resources to achieve what was planned Management's commitment to determining, meeting and enhancing customer satisfaction is defined
How does the organization ensures that enough resources are being directed to improve the services that they offer? How does IT identifies the need to add the current infrastructure? When in place, how are they maintained? Are work areas properly controlled for lighting and climate conditions? Are work areas organized and provide safe working conditions?
There is a plan on how existing products/services will be produced or supplied Processes are monitored and measured Customer requirements are determined How are suppliers accredited and evaluated
7.4 Purchasing
Audit Questions:
1. What is the primary purpose of this process? 2. Who is the process owner? 3. What is its inputs and who supplies them? 4. How would you know if these inputs are good? 5. What are your responsibilities in this process? 6. What trainings and skills are needed? 7. How is the process monitored and controlled? 8. What are its outputs and who receives them? 9. Do these outputs meet requirements?
. . . questions: 10. What do you do if the outputs do not meet requirements 11. How do you measure the process performance? 12. What are the process quality objectives? 13. Ask for the records 14. How could this process be improved?
Auditee organization being audited Auditor person having the competence to conduct an audit Competence demonstrated personal attributes and demonstrated ability to apply knowledge and skills
Conformity is all about meeting requirements Correction the action taken to eliminate a detected nonconformity Corrective action are steps that are taken to remove the causes of an existing nonconformity or other undesirable situation. It addresses actual problem
Procedure Audit
1. Start by selecting a procedure for audit 2. Define the scope of audit, assign an auditor and prepare a brief audit plan 3. Identify the inputs that are used by this process and the outputs that are generated