This month, I'm publishing a few more questions that we're asked on a regular basis. We hear these questions so much, that I've included them in my ever-growing my list of "Frequently Asked Questions":
Q: Is ISO 9001:2008 the right Quality Management System for my business?
A: The answer to this question may, in part, be found in the requirements of your customer(s), if such requirements have been established by contract or order. Depending on your industry, suppliers are often required to maintain a Quality Management System (QMS) compliant with ISO 9001:2008, aerospace suppliers to AS9100 rev. B, nuclear suppliers to 10 CFR 50 Appendix B, oil and gas to ISO/TS 29001:2004 (API Q1) and the list goes on and on from there...
Q: I've seen ads on the Internet for pre-written Quality Manuals and other program documentation. Is this a good approach?
A: For your system to be truly effective, it should reflect your business accurately. Instead of revising your existing processes to meet a program that you purchased on-line, my personal belief is that it's always better to develop the required documentation to reflect what you're already doing. Some adjustments to existing processes may be necessary to comply with the requirements of the applicable standard, but this way, you won't need to "start-over". While the initial time and cost of this approach may be somewhat higher, you'll save over having a program that isn't used, that you aren't happy with, or that needs to be re-written in the near future.
Q: My company isn't very large; do we need to hire a full-time Quality Manager?
A: ISO 9001:2008 requires the appointment of a Management Representative by executive management; it doesn't mention anywhere the need for a full-time Quality Manager. There's no reason that the responsibilities for your program can't be delegated between functions within your organization.
Q: If we're writing documentation to ISO 9001, how many procedures will we need to develop?
A: This is a question that will be specific to your organization. While ISO 9001 requires that an organization develops a Quality Manual and a minimum of six procedures, the exact number of procedures required should be based on the organization and the scope of the activities it performs. While procedures for document control, records, internal audits, control of nonconformances, corrective action and preventative action all are required by the ISO 9001 standard, this is only a minimum requirement. The organization should consider the other activities it performs, and determine what, if any, additional controls are needed. Such additional controls could include, but should not be limited to, procedures for training, control of measurement and test equipment, purchasing, contract review and other areas.
Q: We're looking to get ISO 9001:2008 certified; how long will this take?
A: This is one of the questions we're asked most frequently, and will really depend on the level of commitment and involvement by the client, not to mention the size and complexity of their operations. As with any other major project, the organization's executive management should establish a working group or team to lead this project, a project plan and budget, and make sure that adequate resources are available to ensure the success of this effort.
Q: We need consulting assistance to get ISO 9001 certified, but we also need to control costs. What options are available?
A: Consulting assistance can vary, ranging from the consultant acting in an advisory capacity, to providing consultative help, to collaboration. The degree of involvement will be a primary factor in determining what this consulting assistance will cost. Needless to say, the more time on-site and the more "hands-on" involvement a consultant has, the higher this cost will be. Bear in mind also, that if a consultant is left to do everything, you really haven't taken ownership of your program. The best programs are those that are "owned" by the organization, and reflect the organizations unique business needs and conditions, not simply the consultant's idea of what a good program is.
Q: If we achieve ISO certification, we will then be audited by our Registrar on a regular basis. Will this meet the requirements of ISO 9001:2008 for periodic internal audits?
A: No. The audits performed by your Registrar will be for the purposes of either initial certification, surveillance (including follow-up audits) or recertification. Registrar audits are a third-party assessment focusing on the certification status of your program. Internal audits, in contrast, are an internal assessment performed by management, for the purpose of verifying conformance with applicable requirements and for identifying improvement opportunities. While these two activities may seem vary similar at times, an internal audit is still required.
http://www.masquality.com
Friday, April 30, 2010
Monday, February 8, 2010
ISO 9001 - Design and Development - Design Input
Many organizations struggle with understanding design inputs as specified by the ISO 9001:2008 standard in clause 7.3.2. As part of these requirements, the organization is required to ensure that “inputs related to product requirements are identified and records maintained”.
In order to clarify what design inputs are, we must understand that design and development is a process, which therefore requires us to first define what a process is. While there are a variety of different definitions related to this subject, one of the most illustrative definitions of a process is provided by Hammer & Champy (1993)[1]:
”a collection of activities that takes one or more kinds of input and creates an output that is of value to the customer.”
Personally, I like this definition of a process, as it’s simple, relatively straightforward and it usually minimizes the amount of further explanation required. While this definition is applicable to the ISO 9001:2008 standard in its entirety, when applied specifically to design and development, we can state that our design and development process (clause 7.3) is the manner in which we transform design inputs (clause 7.3.2) into design outputs (clause 7.3.3).
In clause 7.3.2, the ISO 9001:2008 standard identifies several types of design inputs that shall be determined by the organization, including:
• Functional and performance requirements
• Applicable statutory and regulatory requirements
• Information derived from previous designs
• Other requirements essential for design and development
In some cases, particularly where design and development activities are performed on a made-to-order basis, the initial design inputs are established as part of an order provided by an external customer, specifying their needs and expectations. This order is reviewed as part of clause 7.2.2 of the ISO 9001:2008 standard (see Customer-related processes), and upon acceptance by the organization, the information provided becomes a primary, albeit not exclusive, source of design inputs for use by the organization.
Alternatively, design and development activities may be performed to create new products or to update existing products. In such cases, these activities are not initiated by an external order, but rather by a management directive or similar order of an internal nature, in order to meet an identified market, commercial or strategic needs identified by the organization. Similar to an order received from an external customer, such internal information also serves as a primary source of design inputs.
It is important to note here, that the list of design inputs specified in 7.3.2 is not all-inclusive; in fact, the fourth type of input identified by the standard is simply indentified as “other requirements essential for design and development”. This is really a broad requirement for the organization to identify all other internal (organizational) and external (customer) inputs to ensure that all applicable needs, expectations and requirements are addressed. This could include, but would not be limited to, requirements specified by applicable codes, standards and specifications, supplier-provided information, competitive analysis, feedback from previous products, process performance data, etc., etc., etc.
Not only is the organization required to identify these inputs, it is also required to keep records relating to these inputs and to ensure that these inputs are formulated in a way that can be verified and validated. Inputs must also be reviewed by the organization prior to use, to ensure that the inputs are adequate and that there is sufficient information to carry out the assignment. Consideration must also be given to ensure that inputs are complete, unambiguous and not in conflict with each other.
*[1] Michael Hammer and James Champy (1993). Reengineering the Corporation: A Manifesto for Business Revolution, Harper Business
http://www.masquality.com
In order to clarify what design inputs are, we must understand that design and development is a process, which therefore requires us to first define what a process is. While there are a variety of different definitions related to this subject, one of the most illustrative definitions of a process is provided by Hammer & Champy (1993)[1]:
”a collection of activities that takes one or more kinds of input and creates an output that is of value to the customer.”
Personally, I like this definition of a process, as it’s simple, relatively straightforward and it usually minimizes the amount of further explanation required. While this definition is applicable to the ISO 9001:2008 standard in its entirety, when applied specifically to design and development, we can state that our design and development process (clause 7.3) is the manner in which we transform design inputs (clause 7.3.2) into design outputs (clause 7.3.3).
In clause 7.3.2, the ISO 9001:2008 standard identifies several types of design inputs that shall be determined by the organization, including:
• Functional and performance requirements
• Applicable statutory and regulatory requirements
• Information derived from previous designs
• Other requirements essential for design and development
In some cases, particularly where design and development activities are performed on a made-to-order basis, the initial design inputs are established as part of an order provided by an external customer, specifying their needs and expectations. This order is reviewed as part of clause 7.2.2 of the ISO 9001:2008 standard (see Customer-related processes), and upon acceptance by the organization, the information provided becomes a primary, albeit not exclusive, source of design inputs for use by the organization.
Alternatively, design and development activities may be performed to create new products or to update existing products. In such cases, these activities are not initiated by an external order, but rather by a management directive or similar order of an internal nature, in order to meet an identified market, commercial or strategic needs identified by the organization. Similar to an order received from an external customer, such internal information also serves as a primary source of design inputs.
It is important to note here, that the list of design inputs specified in 7.3.2 is not all-inclusive; in fact, the fourth type of input identified by the standard is simply indentified as “other requirements essential for design and development”. This is really a broad requirement for the organization to identify all other internal (organizational) and external (customer) inputs to ensure that all applicable needs, expectations and requirements are addressed. This could include, but would not be limited to, requirements specified by applicable codes, standards and specifications, supplier-provided information, competitive analysis, feedback from previous products, process performance data, etc., etc., etc.
Not only is the organization required to identify these inputs, it is also required to keep records relating to these inputs and to ensure that these inputs are formulated in a way that can be verified and validated. Inputs must also be reviewed by the organization prior to use, to ensure that the inputs are adequate and that there is sufficient information to carry out the assignment. Consideration must also be given to ensure that inputs are complete, unambiguous and not in conflict with each other.
*[1] Michael Hammer and James Champy (1993). Reengineering the Corporation: A Manifesto for Business Revolution, Harper Business
http://www.masquality.com
Subscribe to:
Posts (Atom)
Posts
