(ISO) Quality Manual Chat

A system to generate and handle Corrective and Preventive Action Requests (CAR’s and PAR’s) is a requirement of an ISO9001:2000 quality management system, and a good idea for any quality system.

In case its not obvious, a corrective action request is generated to correct some deficiency or nonconformance that has occurred. And, perhaps just as obvious, a preventive action request is generated to PREVENT a potential nonconformance from occurring.

CAR’s generally outnumber PAR’s by a huge margin. Most people in business are too busy to spend time generating preventive action requests. Heck, most people don’t even want to generate corrective action requests. However, the need for CAR’s is usually much more obvious than PAR’s.

What some people don’t realize, though, is that a good CAR response will also include preventive action. It’s all fine and good to remedy a problem that has already happened. However it’s much, much more effective in the long run to take it one step further and also take preventive action. Your Corrective Action Request form should include a section for corrective action taken, and also for preventive action taken to prevent recurrence of the nonconformance. It’s another good idea to include a provision to check status of the corrective action some time down the road, like, say a month later.

It is extremely important to control the documents used in your quality management system. In fact, it is a requirement of ISO9001:2000 that you do so.

How you control your documents is up to you, as long as your method is effective and passes the scrutiny of your auditor.

A very small number of people, preferably one or two, should be responsible for controlling documents. This is a case where too many cooks could easily spoil the stew. It’s a good idea to solicit input from many in your organization before writing your quality documents (such as quality manual and procedures). However, when it comes to managing the documents, making changes, additions, deletions, etc, it’s probably best to have just one or two people in charge. Less chance for confusion and unauthorized changes.

The old fashioned way to control documents is to have a limited number of paper copies available to people who need them, and to have all copies accounted for. This is fine for small organizations, and before we had computers it was pretty much the only way to go. However computers have made this little task easier.

Having to keep track of multiple copies and ensure that they’re all updated simultaneouly can be time consuming. I believe its a better idea to have one document in a folder on your company’s computer server, and protect the files with a password known only to one or two responsible people. You’ll also have to make sure that anyone who needs the documentation has access to the files, but on a “read only” basis. This way everyone who needs to see the documents can see them on their computer. And any time you make changes to a document, everyone sees the same thing at the same time.

More on document control later.

In the ISO community there is a fair amount of discussion about what the future of the ISO9000 family of quality standards will be. Of course there will be a new version of the standard coming out in the not-too-distant future. Possibly 2008. ISO isn’t going away any time soon. However things are constantly changing in the world of business, and the ideas of what a quality system should be are also changing.

Some industries have created their own quality management systems that deal more specifically with issues for their particular industry. Things like AS9100, or ASA-100, are quality systems intended for the aerospace industry. There are dozens of competing quality standards that are much more specific in focus than ISO9001:2000 is. This will probably cause a splintering of support for ISO.

There is also much discussion on self-certification. While anyone can say they are self-certified to a quality standard, I don’t put much faith in self-certification. Without audits and other proof that a company is adhering to a certain standard, I have little faith that most companies will actually follow a rigorous quality standard.

Some people in the ISO community are not too fond of customer satisfaction surveys. And obviously surveys are not for everyone in every situation. But I do believe that customer satisfaction surveys can be very helpful for some organizations. I wouldn’t say customer satisfaction surveys never get returned. It all depends on your product, your market, and your type of customers, of course. There is no one correct solution for every situation. In my experience you’re lucky to get back 10 percent of surveys sent out. But for a company with thousands of customers, 10 percent gives you a pretty fair picture.

Of course, you can always try to increase your survey response rate by offering some kind of incentive. Free stickers, the chance to win something, whatever.

If you feel a survey won’t work for your situation, there are other things that can be considered measurements of customer satisfaction. Again, it all depends on your situation. Maybe you could measure the quantity or percentage of repeat customers. You could measure the quantity of phone calls your customer service people get after the sale, and you could keep track of the various reasons for those customer service calls. Percentage of items returned versus sold can be a measurement of customer satisfaction. Number of complaints received, or percentage of complaints to sales, is another possible customer satisfaction measurement.

You should choose quality objective measurements that are right for your organization, that are meaningful indicators of how you’re doing, and that will pass the scrutiny of your ISO third party auditor. If you’re in doubt that your choice of measurements, you might want to hire an ISO auditor, even for just a few hours, to give you some pointers. Talk to your registrar too, they might be able to help you out at no extra charge.
__________________

Internal audits are a requirement of ISO9001:2000. ISO mandates that you do them a minimum of once per year. You might find internal audits to be so valuable that you’ll want to conduct them two or more times per year.

You’re free to conduct your internal audits any time you like. However it is a very good idea to conduct an internal audit about 1 to 2 months prior to your third party audit, whether it be a registration audit or surveillance audit.

The reason for this is simple. You want to have a month or two before your third-party audit audit to give you enough time to correct nonconformances detected during your internal audit. You don’t want your third-party auditor to find any major nonconformances.

It is imperitive that you issue Corrective Action Requests as soon as possible, and that your people address those CAR’s promptly. Corrective action should be implemented as soon as possible in order to have a good track record when your third party audit comes along.

One of the challenges in conducting internal audits is finding people…the right people…to do it. You’ve got to have people that are properly trained, are motivated, and have a fair amount of diplomacy and communication skills. Your internal auditors should also be unbiased, and should not audit their own area of the company. For this reason, you’ll probably want to split the internal audit duties between two or more people.

Internal auditors must be given sufficient time away from their usual job to do an adequate job of auditing. This isn’t always easy, but it is absolutely necessary. This is one way to test the commitment of senior management to the quality management system. If management is not willing to let a person take time away from their normal duties to conduct the internal audit, there’s a good chance the whole quality system is doomed to failure.

Internal auditors must also be properly trained. Internal auditing isn’t brain surgery, but there is a fair bit of knowledge required to do an adequate job. Unless you have people in your company already familiar with ISO9001:2000 procedures, you’ll probably have to have some training sessions to get them ready. Again, this will require time away from their normal job. It may also require a financial investment if you need to bring in an outside consultant to conduct training.

More on internal auditing later.

Internal audits a good part of any quality management system, and a requirement of the ISO9001:2000 quality standard. An internal audit is an audit of your quality management system, usually taken by your own people, and usually conducted a month or two before a third party audit.

If taken seriously, an internal audit can be a fantastic tool to guage how you’re doing. Internal audits should be able to identify any significant problems in your quality management system, well in advance of a third party auditor finding problems and issueing nonconformances.

Of course, if a third-party auditor finds a major nonconformance, it usually means you have failed the audit. You will need to correct the nonconformance, then have another audit. Not only is this an added expense, but the temporary revocation of your ISO9001:2000 certificate could cause you significant trouble with customers who require you to be certified.

Tho internal audits are a necessity and can be looked at as an opportunity for improvement, they can be a pain in the butt to conduct. For most small to mid-sized companies, you probably don’t have a full time quality department that has the time and knowledge to conduct internal audits on a regular basis. Most smaller companies will have 1 or several employees conducting the audit, but these are employees that probably have a lot of their usual work to take care of.

More on internal auditing tomorrow.

A necessary part of any ISO9001:2000 quality management system is a system of measuring improvement of your quality system. “Continuous Improvement” is a phrase often used by quality managers and ISO consultants. Continuous improvement is a major goal of an ISO9001:2000 quality management system. In order to track your improvement, you must have a way to objectively measure certain criteria.

The ISO9001:2000 quality standard does not specify what your measurements should be. Rather, the standard requires that you come up with measurements that are effective for your organization. The things that you measure are up to you, but remember your measurement criteria must be approved by your third party auditor. You have a fair amount of leeway when choosing your criteria, but whatever you choose it must be effective and pass your auditor’s scrutiny.

One common measurement is customer satisfaction. While customer satisfaction can be considered a subjective evaluation, there are ways you can quantify your customers’ feelings about your product or service. Surveys are a common way of attempting to measure customer satisfaction. A survey should be phrased in such a way so that answers can be given a numerical value. Surveys can be scored, and compared over a period of time. For example, you might send out customer surveys to 1000 customers, once per year. The scores can be added up and averaged. The average score can be compared from year to year to guage improvement.

There are a myriad of things you can measure to track your quality system’s performance. Maybe you can track number of customer returns. Maybe you want to take that a bit further and not only measure number of returns, but also the reason for returns. Was it a salesperson’s error? Was it a production problem? A shipping error? You can make your criteria as simple or as complicated as you like, as long as they are effective for your company, and as long as they pass muster with your third party auditor.

Do you have a quality system? If so, how seriously does your company’s management take your quality system?

Many companies merely pay lip service to having a quality system. Management may not believe that a quality system can have a positive effect. They may believe that the time that a quality procedure takes is too much, that it takes employees away from actual productive work. Maybe senior company management believes that a quality system can’t possibly be effective since they don’t trust their employees to do a good job. If such an adversarial climate exists at your company, you will have a hard time getting a quality system effectively implemented.

To all senior management who are contemplating the implementation of an ISO9001:2000 quality system, or any other quality system, I have some advice. Please trust your people and trust your quality system. If you honestly don’t trust your employees, find some that you can trust and get rid of the bad apples. Give your quality system time to work. Measure customer satisfaction and other quality performance parameters at the beginning of your quality system implementation. Give it a year of honest, good faith effort. Measure those same parameters at the end of a year. If you don’t see a significant improvement in your company’s operations and quality, then I will genuinely be surprised.

A mandatory component of an ISO9001:2000 quality management system, as well as any good quality management system, is a way to issue and deal with corrective and preventive actions.

Corrective actions are generated to correct a descrepancy that has already occurred. Corrective action requests can be issued by anyone who spots a problem that exists. A preventive action request may be generated to address a potential problem, or one that has not yet occurred. In the real world many more corrective actions are generated than preventive actions. To keep your quality managment system a little simpler, you may use the same form for corrective action requests and preventive action requests.

It may not always be clear who is responsible for addressing a corrective action request. It is often the quality manager, or senior management, who decides who is responsible for addressing a corrective action request. Give it some thought before you assign responsibility.

While a line worker may make a mistake that results in defective product, it may not necessarily be the fault of the line worker. Take a look at all the factors involved. Was the worker following company procedures? Were the correct tools available and being used? Do all your components used in assembly meet your specifications? There are many factors that may have caused your nonconformance. In order for you to have a successful resolution to your corrective action request, it is very important that you assign responsibility to the correct individual, and for the right reasons.

When creating your quality management system, whether it be ISO9001:2000 or another quality system, you will have to determine your inspection criteria. You’ll probably have a receiving inspection and a pre-shipping inspection to contend with. You might also have one or several in-process inspections, depending on your operation.

The bottom line is that you want to make your customer happy, and you want to be profitable. Your inspection criteria may literally be dictated by your customer, or it could be your own criteria based on experience with your customers. Your inspection criteria may also be government mandated.

In the aircraft parts world where I come from, there are many criteria that need to be met before receiving parts into stock, and before shipping to customers. There may be government regulations that apply, depending on your operation. Certain aircraft parts require documentation such as an FAA Form 8130-3, or the European equivalent JAA-1 form.

Certain life-limited parts, such as turbine engine disks, also require paperwork tracing how many hours and cycles the part has been thru. While there may be no government mandate dictating you have certain documentation, it is highly unlikely you will find a customer for your product if you do not have the correct paperwork.

Some small parts, such as standard hardware, may need only a certification from the manufacturer, or “manufacturer’s cert”. And, actually, there is likely no government regulation covering paperwork requirements for such small parts. But despite no regulations, again, you’ll probably have a hard time selling any aircraft part without documentation as required by your customer.

Specialized industries often require specialized criteria for inspection. It is in your best interest to know what your customers’ requirements are, and any applicable government regulations, when you are determining your company’s various inspection criteria.

First of all, being a quality manager and ISO consultant, you have to know that I am in favor of receiving inspections. Some company owners and managers may not want to have their people spend the time needed to adequately inspect incoming goods. A penny saved, perhaps, but a foolish penny.

Without adequate incoming inspection, how do you know what you’re getting from your vendors? Are you so confident of your vendors that you’re willing to risk your production stopping due to incorrect vendor components? Are you willing to piss off your customers by making them wait, or possibly shipping bad product to them?

Sure, a proper receiving inspection takes a bit of time, and of course you have to pay someone to do it. But that little bit of time and money in the beginning can save you much more down the road.

Shipping inspection is a procedure that some company managers think they can get away without. While it may be tempting to trust your employees to do a good job on their own, and not pay for someone’s time to inspect goods just prior to shipment, you’d better have a LOT of confidence in those employees. If you don’t have a HUGE amount of confidence in ALL of your employees, it’s probably a great idea to have someone do an inspection just prior to shipping your goods.

Depending on your circumstances, it can often save you money to have a dedicated shipping inspector. Without an inspection, you may not know what percentage of your product leaves your door with flaws. Is the packaging damaged? Are all the components in place? Is the customer getting the correct product? Without someone performing a final check, how can you know?

What percentage of your orders are coming back as returns? What quantity per day? If you are experiencing a significant rate of returns, you’ll probably save money, and make more money in the long run, by instituting a shipping inspection.

With a shipping inspection in place, you should experience a dramatic reduction in customer returns. This will probably save you a large amount of money. How much time are your employees spending processing returns? How happy are your customers who are returning goods? Not very happy I would guess. How much in shipping charges are you spending to deal with customer returns? There is really no upside to allowing incorrect shipments to leave your door.

It is very important to have a specified person (or persons) charged with peforming your shipping inspection. Inspectors must be held accountable for getting it right. A stamp can be used, or a distinctive signature may suffice. However you choose to handle it, you must be able to easily identify the inspector who handled a particular shipment. Then, if any problems arrive down the road, you will be able to correct them effectively.

I’ve had the pleasure (!) of working with both male and female quality managers. I realize that the role of Quality Manager is probably not something that most women aspire to….although I don’t know of any boys with such an aspiration either. Astronaut, fireman, or rock star maybe….but Quality Manager? I don’t think so. But I digress.

Of the very few female quality managers I’ve met, most have been horribly unorganized. Why is this? Now I’ll grant you that my sampling is small and unscientific, but I think there’s some merit to this. While there are undoubtedly some unorganized male quality managers, I think they are fairly rare. I’m guessing that anyone who has made a choice to go into the Quality field, especially in the ISO9001:2000 world, is probably pretty organized.

To be fair, most of the female quality managers I’ve met were thrust into their position by chance…..it was not their choice. And I’m betting these ladies were unorganized in whatever job they held before, and since.