Thursday, December 31, 2009

ISO 9000 Standard

ISO 9001:2008 Quality Management System
Posted by at No comments:
Labels:

Sunday, December 27, 2009

ISO 9001:2008 Requirements – Management Responsibility


ISO 9001:2008 Requirements - Management Responsibility

All requirements in clause 5 are the responsibility of top management.
5.1 Management Commitment
Provide evidence of management commitment to develop and implement the quality management system, as well as, continually improve its effectiveness by:
? Expressing the importance of meeting requirements
? Establishing the quality policy and quality objectives
? Conducting management reviews
? Ensuring the availability of necessary resources

5.2 Customer Focus
Ensure customer requirements are determined and met in order to improve customer satisfaction.
5.3 Quality Policy
Ensure the quality policy is:
? Appropriate to the purpose of the organization
? Focused on meeting requirements and continual improvement
? Used as a framework for quality objectives
? Communicated and understood at appropriate levels
? Reviewed for continuing suitability
5.4 Planning
5.4.1 Quality Objectives
Ensure quality objectives, including those needed to meet product requirements, are established at the relevant functions and levels within the organization. Ensure quality objectives are measurable and consistent with the quality policy.
5.4.2 Quality Management System Planning
Ensure that planning for the quality management system:
? Meets the general requirements (4.1), as well as, quality objectives (5.4.1)
? Maintains the system integrity when changes are planned and implemented
5.5 Responsibility, Authority, and Communication
5.5.1 Responsibility and Authority
Ensure responsibilities and authorities are defined and communicated within the organization.

5.5.2 Management Representative
Appoint a member of your management who, irrespective of other duties, has the responsibility and authority to:
? Ensure the needed processes are established, implemented, and maintained
? Report to top management on quality management system performance
? Report to top management on any need for improvement
? Ensuring the promotion of awareness of customer requirements
NOTE: The responsibility of a management representative can include being the liaison with external parties on matters relating to the quality management system.
5.5.3 Internal Communication
Ensure the appropriate communication processes are established and carried out within the organization regarding the effectiveness of the system.
5.6 Management Review
5.6.1 General
Review the quality management system at planned intervals to:
? Ensure a suitable, adequate, and effective system
? Assess possible opportunities for improvement
? Evaluate the need for any changes to the system
? Consider the need for changes to the quality policy and objectives
Maintain records of the management reviews.
5.6.2 Review Input
Inputs for management review must include information on:
? Results of audits
? Customer feedback
? Process performance and product conformity
? Status of preventive and corrective actions
? Follow-up actions from earlier reviews
? Changes that could affect the quality system
? Recommendations for improvement

5.6.3 Review Output
Outputs from the management review must include any decisions and actions related to:
? Improvement of the effectiveness of the quality management system and its processes
? Improvement of product related to customer requirements
? Resource needs


Posted by at No comments:
Labels:

Update on ISO 9001:2008

Update on ISO 9001:2008

Following a recent meeting of ISO’s Technical Committee TC176 in Helsinki, Finland, from June

11 – 15t, 2007, publication of the new version of ISO 9001 has been brought forward from 2009

and is now scheduled to be published in October 2008. Experts representing over 70 ISO member

bodies, met to discuss the comments received during circulation of the Committee Draft (”CD”) of

the new standard, and concluded that in view of the very limited changes being proposed, the draft

is now sufficiently mature to progress directly to the DIS (Draft International Standard).

The main changes being introduced into the new standard are as follows:

Clause 0.2 (Process approach)

Text added to emphasize the importance of processes being capable of achieving desired outputs

Clause 1.1 (Scope)

Clarification that “product” also includes intermediate product

Explanation regarding statutory, regulatory and legal requirements

Clause 4.1 (General requirements)

Notes added to explain more about outsourcing

Types of control that may be applied to outsourced processes

Relationship to clause 7.4 (Purchasing)

Clarification that outsourced processes are still responsibility of the organization and must be

included in the quality management system

Clause 4.2.1 (Documentation)

Clarification that QMS documentation also includes records

Documents required by the standard may be combined

ISO 9001 requirements may be covered by more than one documented procedure

Clause 4.2.3 (Document control)

Clarification that only external documents relevant to the QMS need to be controlled

Clause 4.2.4 (Records control)

Editorial changes only (better alignment with ISO 14001)

Clause 5.5.2 (Management rep)

Clarifies that this must be a member of the organization’s own management

Clause 6.2.1 (Human resources)

Clarification that competence requirements are relevant for any personnel who are involved in the

operation of the quality management system

Clause 6.3 (Infrastructure)

Includes information systems as example

Clause 6.4 (Work environment)

Clarifies that this includes conditions under which work is performed and includes, for example

physical, environmental and other factors such as noise, temperature, humidity, lighting, or weather

Clause 7.2.1 (Customer related processes)

Clarifies that post-delivery activities may include:

- Actions under warranty provisions

- Contractual obligations such as maintenance services

- Supplementary services such as recycling or final disposal

Clause 7.3.1 (Design & development planning)

Clarifies that design and development review, verification and validation have distinct purposes

These may be conducted and recorded separately or in any combination as suitable for the product

and the organization

Clause 7.3.3(Design & development outputs)

Clarifies that information needed for production and service provision includes preservation of the product

Clause 7.5.4 (Customer property)

Explains that both intellectual property and personal data should be considered as customer property

Clause 7.6 (Now retitled Control of Monitoring and Measuring equipment)

Explanatory notes added regarding the use of computer software: “Confirmation of the ability of computer software to satisfy the intended application would typically include its verification and configuration management to maintain its suitability for use.”

Clause 8.2.1 (Customer satisfaction)

Note added to explain that monitoring of customer perception may include input from sources such as customer satisfaction surveys, customer data on delivered product quality, user opinion surveys, lost business analysis, compliments, and dealer reports

Clause 8.2.3 (Monitoring / Measurement of process)

Note added to clarify that when deciding on appropriate methods, the organization should consider impact on the conformity to product requirements and on the effectiveness of the quality management system.
Posted by at No comments:
Labels:

Useful Aids to Implement ISO 9001 Standards

Useful Aids To Implement ISO 9001 Standards

Many companies implement ISO 9001 without using all the available tools. As a result, some companies may not fully optimize their implementation. This issue could be manifested as confusion over terms, misunderstanding about requirements, and perplexity concerning intention.
ISO, the International Organization for Standardization, based in Geneva Switzerland issues thousands of standards, but we limit our scope to ISO 9001:2008 and its immediate “family”.
This includes ISO 9000:2005 and ISO 9004:20002. ISO 9001 is a general industry standard forquality management, but ISO also issues industry specific standards. Many of these standards, such as ISO 13485 for medical devices, are based on ISO 9001 and can also utilize these available tools.

In addition to the information discussed below, ISO also issues standards related to specific activities that may arises in a quality management system. The following lists these supporting documents.

Automotive ISO/TS 16949:2002
Education IWA 2:2007
Energy PC 242, ISO 50001
Food safety ISO 22000:2005
Information security ISO/IEC 27001:2005
Health care IWA 1:2005
Local government IWA 4:2005
Medical devices ISO 13485:2003
Petroleum and gas ISO 29001:2003
Ship recycling ISO/PAS 30000:2008
Supply chain security ISO 28000:2007
Posted by at No comments:
Labels:

Integrating Management Systems Within The ISO Standards

Today’s free market economies increasingly encourage diverse sources of supply and provide opportunities for expanding markets. Fair competition needs to be based on identifiable, clearly defined common references that are recognised from one country to the next. A standard, internationally recognised, developed by consensus among trading partners, serves as the language of trade. The International Organisation for Standardisation (ISO) has developed around 8′700, mostly technical related standards on this basis. Standards Series such as ISO 9000, ISO 14000 and what is to be known as ISO 18000 and ISO 26000 are Management related. These standards contain generic guidelines for Management Systems in the area of Quality, Environment, Occupational Health & Safety and Human Resources.

ISO is a word derived from the Greek isos, meaning “equal”. ISO Standards are developed and updated by the International Organisation for Standardisation which has around 150 member bodies. A member body of ISO is the national body “most representative of standardisation in its country”.(eg. Germany – DIN, USA – ANSI, Australia – SAA).
More than 50 countries, as well as the European Community have adopted ISO 9000 which is recognised internationally as a benchmark for measuring quality in a trade context. Since its first issue in 1987, approximately 430′000 companies have been using ISO 9000. Being a standard coming from an organisation that is usually involved in the development of technical standards, ISO 9000 is often regarded as a document that belongs in the hands of a technician exposed to production line quality control. At a closer look, however, ISO 9000 Standard Series provide guidance in the development and application of Management Systems as well as Quality Control in Manufacturing and Administration.

ISO has been developing a number of Management System Guidelines for various aspects of business. The most recent are the ISO 14000 Environmental Management System Guidelines. This is an international standard that will affect business in the near future. ISO 14000 has been designed to integrate with ISO 9000. However, apart from international standards there are local standards a company has to comply with. To remain compliant with local standards, further manuals and/or procedures are required (eg. lifting procedure in a warehouse to satisfy Work Safety requirements). A company may have several Manuals describing its Management Systems (eg. Human Resources, Quality, Security, Health/Safety, Finances). An overall link between the systems is often missing which makes the monitoring and the assessment of effectiveness difficult. Double handling of information, contradicting instructions, high maintenance costs, administrative excess and lack of overall transparency are common results.
ISO 9000 Standard Series for Quality (of) Management Systems provide generic guidance for the development of an overall Management System, ISO 14000 provides guidance for Environmental Management, etc. Transparency and monitoring of all business activities can be achieved by integrating all systems into one.
Complaints that ISO 9000 is paralysing operations and, that it does not reflect reality are usually a result of not clearly understanding how the standard can be properly structured to address the needs of a company. ISO 9000 can be structured by focusing on “best practice” process rather than the standard, by fitting the standard to the process and not the process to the standard. Having recognised this, ISO has been working on a new structure for ISO 9000, called “Vision 2000″, taking a process orientated approach to ensure that “best practice” as well as several standards can be addressed within one system. Focusing on process allows the development of a practical “working document”, providing an effective management tool. Having learned from the past, the trend to Process Orientated Management Systems started about three years ago in Europe and is finding increasing approval from certification bodies.Every company has its own culture and key individuals.
The business environment influences processes in certain ways (eg. employee market, laws, infrastructure, client, etc.)
To ensure competitiveness a company needs to ensure adequate flexibility in their system to effectively respond to changes in the business environment.
An effective system is a lean system that incorporates all necessary functions, controls of activities and “best practice” without being caught up in detail.
An effective system must also be flexible enough to enable the proper controls on outsourcing and sub-contracting of activities (eg. production, administration, service, etc.)
Posted by at No comments:
Labels:

Document Review In ISO 9000 Standards


Document Review In ISO 9000 Standards
The ISO 9000 Standard requires that documents be reviewed.
Previously the implication was that the review was a
check by potential users that the document was fit
for purpose before it was offered for approval. It
could be construed that for a document to receive
approval it must be checked and therefore ‘review
and approval’ in this context are one and the same
and the requirement is in this instance enhanced
rather than relaxed.
A review is another look at something. Therefore
document review is a task that is carried out at any
time following the issue of a document.
This requirement responds to the Continual Improvement principle.
Reviews may be necessary when:
- Taking remedial action (i.e. Correcting an error)
- Taking corrective action (i.e. Preventing an error recurring)
- Taking preventive action (i.e. Preventing the occurrence of an error)
- Taking maintenance action (i.e. Keeping information current)
- Validating a document for use (i.e. When selecting documents for use in
connection with a project, product, contract or other application)
- Taking improvement action (i.e. Making beneficial change to the
information)
Reviews may be random or periodic. Random reviews are reactive and arise
from an error or a change that is either planned or unplanned. Periodic reviews
are proactive and could be scheduled once each year to review the policies,
processes, products, procedures, specification etc. for continued suitability. In
this way obsolete documents are culled from the system. However, if the
system is being properly maintained there should be no outdated information
available in the user domain. Whenever a new process or a modified process
in installed the redundant elements including documentation and equipment
should be disposed of.
The ISO 9000 Standard requires that documents be reviewed.
Previously the implication was that the review was a
check by potential users that the document was fit
for purpose before it was offered for approval. It
could be construed that for a document to receive
approval it must be checked and therefore ‘review
and approval’ in this context are one and the same
and the requirement is in this instance enhanced
rather than relaxed.
A review is another look at something. Therefore
document review is a task that is carried out at any
time following the issue of a document.
This requirement responds to the Continual Improvement principle.
Reviews may be necessary when:
- Taking remedial action (i.e. Correcting an error)
- Taking corrective action (i.e. Preventing an error recurring)
- Taking preventive action (i.e. Preventing the occurrence of an error)
- Taking maintenance action (i.e. Keeping information current)
- Validating a document for use (i.e. When selecting documents for use in
connection with a project, product, contract or other application)
- Taking improvement action (i.e. Making beneficial change to the
information)
Reviews may be random or periodic. Random reviews are reactive and arise
from an error or a change that is either planned or unplanned. Periodic reviews
are proactive and could be scheduled once each year to review the policies,
processes, products, procedures, specification etc. for continued suitability. In
this way obsolete documents are culled from the system. However, if the
system is being properly maintained there should be no outdated information
available in the user domain. Whenever a new process or a modified process
in installed the redundant elements including documentation and equipment
should be disposed of.

Posted by at No comments:
Labels:

Friday, December 25, 2009

ISO 9000 Standards – Document ApprovalISO 9000 Standards – Quality Management Principles


ISO 9000 Standards – Quality Management Principles
A quality management principle is defined by ISO/TC 176 as a comprehensive and fundamental rule or belief, for leading and operating an organization, aimed at continually improving performance over the long term by focusing on customers while addressing the needs of all other interested parties. Eight principles have emerged as fundamental to the management of quality.

All the requirements of ISO 9001:2008 are related to one or more of these principles. These principles provide the reasons for the requirements and are thus very important. The quality management principles can be listed as below:

1. Customer focus
Organizations depend on their customers and therefore should understand current and future customer needs, meet customer requirements and strive to exceed customer expectations.
The customer focus principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Communication with the customer
b. Care for customer property
c. The determination of customer needs and expectations
d. Appointment of a management representative
e. Management commitment

2. Leadership
Leaders establish unity of purpose and direction for the organization. They should create and maintain the internal environment in which people can become fully involved in achieving the organization’s objectives.
The leadership principle is reflected in ISO 9000 Standards through the requirements addressing:
a. The setting of objectives and policies
b. Planning
c. Internal communication
d. Creating an effective work environment

3. Involvement of people
People at all levels are the essence of an organization and their full involvement enables their abilities to be used for the organization’s benefit.
The involvement of people principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Participation in design reviews
b. Defining objectives, responsibilities and authority
c. Creating an environment in which people are motivated
d. Internal communication
e. Identifying competence needs

4. Process approach
A desired result is achieved more efficiently when related resources and activities are managed as a process.
The process approach principle is reflected in ISO 9000 Standards through the requirements addressing:
a. The identity of processes
b. Defining process inputs and outputs
c. Providing the infrastructure, information and resources for processes to
function

5. System approach to management
This principle is expressed as follows:
Identifying, understanding and managing interrelated processes as a system contributes to the organization’s effectiveness and efficiency in achieving its objectives.
The system approach principle is reflected in ISO 9001 through the requirements addressing:
a. Establishing, implementing and maintaining the management system
b. Interconnection, interrelation and sequence of processes
c. The links between processes
d. Establishing measurement processes

6. Continual improvement
This principle is expressed as follows:
Continual improvement of the organization’s overall performance should be a permanent objective of the organization.
The continual improvement principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Improvement processes
b. Identifying improvements
c. Reviewing documents and processes for opportunities for improvement

7. Factual approach to decision making
This principle is expressed as follows:
Effective decisions are based on the analysis of data and information.
The factual approach principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Reviews, measurements and monitoring to obtain facts
b. Control of measuring devices
c. Analysis to obtain facts from information
d. Records for documenting the facts
e. Approvals based on facts

8. Mutually beneficial supplier relationships
This principle is expressed as follows:
An organization and its suppliers are interdependent and a mutually beneficial relationship enhances the ability of both to create value.
The mutually beneficial supplier relationships principle is reflected in ISO 9000 Standardsthrough the requirements addressing:
a. Control of suppliers
b. Evaluation of suppliers
c. Analysis and review of supplier data


Posted by at No comments:
Labels:

ISO 9000 Standards – Document Approval


ISO 9000 Standards – Document Approval
The ISO 9000 Standards requires that documents be approved for adequacy prior to issue.

Approval prior to issue means that designated authorities have agreed the document before being made available for use. Whilst the term ade-
quacy is a little vague it should be taken as meaning that the document is judged as fit for the intended purpose. In a paper based system, this means approval before the document is distributed. With an electronic system, it means that the documents should be approved before they are published or made available to the user community.

The ISO 9000 Standards document control process needs to define the process by which documents are approved. In some cases it may not be necessary for anyone other than the approval authority to examine the documents. In others it may be necessary to set up a panel of reviewers to solicit their comments before approval is given.
It all depends on whether the approval authority has all the information
needed to make the decision and is therefore ‘competent’. One might think that the CEO could approve any document in the organization but just because a person is the most senior executive does not mean he or she is competent to perform any role in the organization.

Users should be the prime participants in the approval process so that the
resultant documents reflect their needs and are fit for the intended purpose. If the objective is stated in the document, does it fulfil that objective? If it is stated that the document applies to certain equipment, area or activity, does it cover that equipment, area or activity to the depth expected of such a document? One of the difficulties in soliciting comments to documents is that you will gather comment on what you have written but not on what you have omitted. A useful method is to ensure that the procedures requiring the document specify the acceptance criteria so that the reviewers and approvers can check the document against an agreed standard.

To demonstrate documents have been deemed as adequate prior to issue,
you will need to show that the document has been processed through the
prescribed document approval process. Where there is a review panel, a simple method is to employ a standard comment sheet on which reviewers can indicate their comments or signify that they have no comment. During the drafting process you may undertake several revisions. You may feel it
necessary to retain these in case of dispute later, but you are not required to do so. You also need to show that the current issue has been reviewed so your comment sheets need to indicate document issue status.


Posted by at No comments:
Labels:

Preparing The ISO 9000 Standards Quality Manual

Preparing The ISO 9000 Standards Quality Manual

The standard requires a quality manual to be established and maintained that includes the

scope of the quality management system, the documented procedures or reference to them

and a description of the sequence and interaction of processes included in the quality

management system.

ISO 9000 defines a quality manual as a document specifying the quality management

system of an organization.

It is therefore not intended that the manual be a response to the requirements of ISO 9001.

As the top-level document describing the management system it is a system description

describing how the organization is managed.

Countless quality manuals produced to satisfy ISO 9000 :2008, were no more than 20

sections that paraphrased the requirements of the standard.

Such documentation adds no value. They are of no use to managers, staff or auditors.

Often thought to be useful to customers, organizations would gain no more confidence

from customers than would be obtained from their registration certificate.

This requirement responds to the System Approach Principle.

A description of the management system is necessary as a means of showing how all

the processes are interconnected and how they collectively deliver the business outputs.

It has several uses as :

a means to communicate the vision, values, mission, policies and objectives of the

organization

a means of showing how the system has been designed

a means of showing linkages between processes

a means of showing who does what

an aid to training new people

a tool in the analysis of potential improvements

a means of demonstrating compliance with external standards and regulations

When formulating the policies, objectives and identifying the processes to achieve

them, the manual provides a convenient vehicle for containing such information.

If left as separate pieces of information, it may be more difficult to see the linkages.

The requirement provides the framework for the manual. Its content may

therefore include the following:

1 Introduction

(a) Purpose (of the manual)

(b) Scope (of the manual)

(c) Applicability (of the manual)

(d) Definitions (of terms used in the manual)

2 Business overview

(a) Nature of the business/organization – its scope of activity, its products

and services

(b) The organization’s interested parties (customers, employees, regulators,

shareholders, suppliers, owners etc.)

(c) The context diagram showing the organization relative to its external

environment

(d) Vision, values

(e) Mission

3 Organization

(a) Function descriptions

(b) Organization chart

(c) Locations with scope of activity

4 Business processes

(a) The system model showing the key business processes and how they are interconnected

(b) System performance indicators and method of measurement

(c) Business planning process description

(d) Resource management process description

(e) Marketing process description

(f) Product/service generation processes description

(g) Sales process description

(h) Order fulfilment process description

5 Function matrix (Relationship of functions to processes)

6 Location matrix (Relationship of locations to processes)

7 Requirement deployment matrices

(a) ISO 9001 compliance matrix

(b) ISO 14001 compliance matrix

(c) Regulation compliance matrices (FDA, Environment, Health, Safety, CAA etc.)

8 Approvals (List of current product, process and system approvals)
Posted by at No comments:
Labels:

Develop Quality Management System Documentation In ISO 9000 Standards

Develop Quality Management System Documentation In ISO 9000 Standards

Documentation is the most common area of non-conformance among organizations

wishing to implement ISO 9000 quality management systems. As one company

pointed out: “When we started our implementation, we found that documentation

was inadequate. Even absent, in some areas. Take calibration. Obviously it’s

necessary, and obviously we do it, but it wasn’t being documented. Another area

was inspection and testing. We inspect and test practically every item that leaves

here, but our documentation was inadequate”.

Documentation of the quality management system should include:

1. Documented statements of a quality policy and quality objectives,

2. A quality manual,

3. Documented procedures and records required by the standard ISO 9001:2008, and

4. Documents needed by the organization to ensure the effective planning, operation and control of its processes.

Quality documentation is generally prepared in the three levels indicated below that follows. Use ISO 10013:1995 for guidance in quality documentation.

Level A: Quality manual

States the scope of the quality management system, including exclusions and

details of their justification; and describes the processes of the quality

management system and their interaction. Generally gives an organization

profile; presents the organizational relationships and responsibilities of persons

whose work affects quality and outlines the main procedures. It may also

describe organization’s quality policy and quality objectives.

Level B: Quality management system procedures

Describes the activities of individual departments, how quality is controlled in

each department and the checks that are carried out.

Level C: Quality documents (forms, reports, work instructions, etc.)

1. Work instructions describe in detail how specific tasks are performed; include

drawing standards, methods of tests, customer’s specifications, etc.

2. Presents forms to be used for recording observations, etc.
Posted by at No comments:
Labels:

ISO 9001 Standards Check List


ISO 9001:2008 include these checklists as follows:

1. ISO 9001 General Requirements

Has the organization established, documented, implemented and maintained a quality management system in accordance with the requirements of ISO 9001?

2. General Documentation Requirements
Does the quality management system documentation include documented procedures and records required ensuring effective operation and control of its processes?

3. Quality Manual
Has a quality manual been established and maintained that includes:

4. Control of Documents
Are documents required for the quality management system controlled?

5. Control of Records
Have records been established and maintained to provide evidence of conformity to requirements and of the effective operation of the quality management system?

6. Management Commitment
How has top management demonstrated commitment to the development and improvement of the quality management system?

7. Quality Policy
Organization has top management ensured that the quality policy:

8. System Planning
1. Quality Objectives
a. What are the quality objectives that have been established at relevant functions and levels within the organization?

9. Responsibility, authority and Communication
Responsibility, authority and Communication Audit Checklist
1. Responsibility and authority

10. Resource Management
Resource Management Audit Checklist

1. Provision of resources

11. Planning of Product/Service Realization
Planning of Product/Service Realization Audit Checklist
Is planning of the realization processes consistent with the other requirements of the organization’s quality management system?

12. Management Review
Management Review Audit Checklist
1. General checklist
a) Does the top management review the quality management system, at planned intervals, to ensure its continuing suitability, adequacy and effectiveness?

13. Product review
Determination of Requirements Related to the Product (7.2.1)

14. Design and Development Planning and Design and Development Inputs
What is the design and development planning methodology described in the design procedure?

15. Design and Development Outputs Audit
Are the outputs of the design and/or development process documented in a manner that enables verification against the design and/or development inputs?

16. Design and Development Review Audit
Are systematic reviews of design and/or development conducted at suitable stages?

17. Design and/or Development Verification
Is design and/or development verification performed to ensure the output meets the design and/or development inputs?

18. Design and/or Development Validation
Is design and/or development validation performed to confirm that resulting product is capable of meeting the requirements for the intended use?

19. Control of Design and Development Changes
Are design and/or development changes identified, documented, and controlled?

20. Purchasing Process
Does the organization control its purchasing processes to ensure purchased product conforms to requirements?

21. Purchasing Information
Do purchasing documents contain information describing the product to be purchased?

22. Verification of Purchased Product
Have the inspection or other activities necessary for ensuring that purchased product meets specified purchase requirements been established and implemented?

23. Control of Production and Service
Are the production and service provision planned and carried out under controlled conditions including:

24. Validation of Processes for Production and Service Provision
Have processes where deficiencies may become apparent only after the product is in use or the service has been delivered been validated?

25. Identification and Traceability
Is the product identified by suitable means throughout product realization?

26. Customer Property
How does the organization exercise care with customer property while it is under the
organization’s control or being used by the organization?

27. Preservation of Product
Is conformity of product preserved during internal processing and delivery to the intended destination?

28. Audit Checklist of Control of Measuring and Monitoring Devices
Has the organization determined the monitoring and measurement to be undertaken and the monitoring and measurement devices needed to provide evidence of conformity of product to determined requirements?

29. Customer Satisfaction
Are measurement and monitoring activities needed to assure conformity and achieve improvement been identified and included in the product quality plan?

30. Internal Audit Checklist
Are periodic internal quality audits conducted to determine whether the quality management system has been effectively implemented and maintained?

31. Monitoring and Measurement of Processes
Are suitable methods applied for monitoring and where applicable, measurement of the quality management system processes necessary to meet customer requirements?

32. Monitoring and Measurement of Product
Are product characteristics monitored and measured to verify that product requirements are met?

33. Control of Nonconforming Product Checklist
Is nonconforming product identified and controlled to prevent unintended use or delivery?

34. Analysis of Data
Is appropriate data determined, collected and analyzed to demonstrate the suitability and effectiveness of the quality management system and to evaluate where continual improvement of the effectiveness of the quality management system can
be made?

35. Corrective Action
How is corrective action taken to eliminate the cause of nonconformities in order to prevent recurrence?

36 Continual Improvement
Are processes necessary for the continual Improvement of the quality management system planned and managed?

37. Preventive Action
Has the organization determined actions to eliminate the causes of potential nonconformities in order to prevent occurrence?

These checklists also called ISO 9000 audit checklist.


Posted by at No comments:
Labels:

Revision Of Documents In ISO 9000 Standards


Revision Of Documents In ISO 9000 Standards
The ISO 9000 Standard requires that documents be updated as
necessary and re-approved following their review.
Following a document review, action may or may not be necessary. If the
document is found satisfactory, it will remain in use until the next review. If the
document is found unsatisfactory there are two outcomes.
The document is no longer necessary and should be withdrawn from use –
this is addressed by the requirement dealing with obsolescence.
The document is necessary but requires a change – this is addressed by this
requirement.
The standard implies that updating should follow a review. The term update
also implies that documents are reviewed only to establish whether they are
current when in fact document reviews may be performed for many different
reasons. A more appropriate term to update would be revise. Previously the
standard addressed only the review and approval of changes and did not
explicitly require a revision process. However, a revision process is executed
before a document is subject to re-approval.
This requirement responds to the Continual Improvement principle.
It is inevitable that during use a need will arise for changing documents and
therefore provision needs to be made to control not only the original
generation of documents but also their revisions.
The document change process consists of a number of key stages some of
which are not addressed in ISO 9001.
a. Identification of need (addressed by document review)
b. Request for change (not addressed in the standard)
c. Permission to change (not addressed in the standard)
d. Revision of document (addressed by document updates)
e. Recording the change (addressed by identifying the change)
f. Review of the change (addressed under quality planning)
g. Approval of the change (addressed by document re-approval)
h. Issue of change instructions (not addressed in the standard)
i. Issue of revised document (addressed by document availability)
As stated previously, to control documents it is necessary to control their
development, approval, issue, change, distribution, maintenance, use, storage,
security, obsolescence or disposal and we will now address those aspects not
specifically covered by the standard.
In controlling changes it is necessary to define what constitutes a change to a
document. Should you allow any markings on documents, you should specify
those that have to be supported by change notes and those that do not.
Markings that add comment or correct typographical errors are not changes
but annotations. Alterations that modify instructions are changes and need
prior approval. The approval may be in the form of a change note that details
changes that have been approved.
Anyone can review a document but approved documents should only be
changed/revised/amended under controlled conditions. The document
review will conclude that either a change is necessary or unnecessary. If a
change is necessary, a request for change should be made to the issuing
authorities. Even when the person proposing the change is the same as would
approve the change, other parties may be affected and should therefore be
permitted to comment. The most common method is to employ Document
Change Requests. By using a formal change request it allows anyone to request
a change to the appropriate authorities.
Change requests need to specify:
a. The document title, issue and date
b. The originator of the change request (who is proposing the change, his or her
location or department)
c. The reason for change (why the change is necessary)
d. What needs to be changed (which paragraph, section, etc. is affected and
what text should be deleted)
e. The changes in text required where known (the text which is to be inserted
or deleted)
By maintaining a register of such requests you can keep track of who has
proposed what, when and what progress is being made on its approval. You
may of course use a memo or phone call to request a change but this form of
request becomes more difficult to track and prove you have control. You will
need to inform staff where to send their requests.
On receipt of the request you need to provide for its review by the change
authority. The change request may be explicit in what should be changed or
simply report a problem that a change to the document would resolve.
Someone needs to be nominated to draft the new material and present it for
review but before that, the approval authorities need to determine whether
they wish the document to be changed at all. There is merit in reviewing
requests for change before processing in order to avoid abortive effort. You
may also receive several requests for change that conflict and before processing
you will need to decide which change should proceed. While a proposed
change may be valid, the effort involved may warrant postponement of the
change until several proposals have been received – it rather depends on the
urgency
Ensuring the availability of controlled documents
The standard requires that relevant versions of applica-
ble documents are available at points of use.
The relevant version of a document is the version
that should be used for a task. It may not be the latest
version because you may have reason to use a
different version of a document such as when
building or repairing different versions of the same
product. Applicable documents are those that are
needed to carry out work. Availability at points of use
means the users have access to the documents they
need at the location where the work is to be
performed. It does not mean that users should possess copies of the documents
they need, in fact this is undesirable because the copies may become outdated
and not withdrawn from use.
This requirement exists to ensure that access to documents is afforded when
required. Information essential for the performance of work needs to be
accessible to those performing it otherwise they may resort to other means
of obtaining what they need that may result in errors, inefficiencies and
hazards.
In order to make sure that documents are available you should not keep them
under lock and key (or password protected) except for those where restricted
access is necessary for security purposes. You need to establish who wants
which documents and when they need them. The work instructions should
specify the documents that are required for the task so that those documents
not specified are not essential. It should not be left to the individual to
determine which documents are essential and which are not. If there is a need
for access out of normal working hours, access has to be provided. The more
copies there are the greater the chance of documents not being maintained so
minimize the number of copies. A common practice is to issue documents to
managers only and not the users. This is particularly true of management
system documents. One finds that only the managers hold copies of the
Quality Manual. In some firms all the managers reside in the same building,
even along the same corridor and it is in such circumstances that one invariably
finds that these copies have not been maintained. It is therefore impractical to
have all the copies of the Quality Manual in one place. Distribute the
documents by location, not by named individuals. Distribute to libraries, or
document control centres so that access is provided to everyone and so that
someone has responsibility for keeping them up to date. If using an intranet,
the problems of distribution are less difficult but there will always be some
groups of people who need access to hard copy.
The document availability requirement applies to both internal and external
documents alike. Customer documents such as contracts, drawings, specifica-
tions and standards need to be available to those who need them to execute
their responsibilities. Often these documents are only held in paper form and
therefore distribution lists will be needed to control their location. If documents
in the public domain are required, they only need be available when required
for use and need not be available from the moment they are specified in a
specification or procedure. You should only have to produce such documents
when they are needed for the work being undertaken at the time of the audit.
However, you would need to demonstrate that you could obtain timely access
when needed. If you provide a lending service to users of copyrighted
documents, you would need a register indicating to whom they were loaned so
that you can retrieve them when needed by others.
A document that is not ready for use or is not used often may be archived.
But it needs to be accessible otherwise when it is called for it won’t be there. It
is therefore necessary to ensure that storage areas, or storage mediums provide
secure storage from which documents can be retrieved when needed. Storing
documents off-site under the management of another organization may give
rise to problems if they cannot be contacted when you need the documents.
Archiving documents on magnetic tape can also present problems when the
tape cannot be found or read by the new technology that has been installed!
Electronic storage presents very different problems to conventional storage and
gives rise to the retention of ‘insurance copies’ in paper should the retrieval
mechanism fail.
Ensuring documents are legible and identifiable
The standard requires documents to remain legible and
readily identifiable.
Legibility refers to the ease with which the informa-
tion in a document can be read or viewed. A
document is readily identifiable if it carries some
indication that will quickly distinguish it from
similar documents. Any document that requires a reader to browse through it
looking for clues is clearly not readily identifiable.
The means of transmission and use of documents may cause degradation
such that they fail to convey the information originally intended. Confusion
with document identity could result in a document being misplaced, destroyed
or otherwise being unobtainable. It can also result in incorrect documents
being located and used.
This requirement is so obvious it hardly needs to be specified. As a general
rule, any document that is printed or photocopied should be checked for
legibility before distribution. Legibility is not often a problem with electron-
ically controlled documents. However, there are cases where diagrams cannot
be magnified on screen so it would be prudent to verify the capability of the
technology before releasing documents. Not every user will have perfect
eyesight! Documents transmitted by fax present legibility problems due to the
quality of transmission and the medium on which the information is printed.
Heat sensitive paper is being replaced with plain paper but many organiza-
tions still use the old technology. You simply have to decide your approach.
For any communication required for reference, it would be prudent to use
photocopy or scan the fax electronically and dispose of the original.
Documents used in a workshop environment may require protection from oil
and grease. Signatures are not always legible so it is prudent to have a policy
of printing the name under the signature. Documents subject to frequent
photocopying can degrade and result in illegible areas.
Although a new requirement, it is unusual to find documents in use that carry
no identification at all. Three primary means are used for document
identification – classification, titles and identification numbers. Classification
divides documents into groups based on their purpose – policies, procedures,
records, plans, etc are classes of documents. Titles are acceptable providing
there are no two documents with the same title in the same class. If you have
hundreds of documents it may prove difficult to sustain uniqueness.
Identification can be made unique in one organization but outside it may not
be unique. However, the title as well as the number is usually sufficient.
Electronically controlled documents do not require a visible identity other than
the title in its classification. Classifying documents with codes enables their
sorting by class.
The ISO 9000 Standard requires that documents be updated as
necessary and re-approved following their review.
Following a document review, action may or may not be necessary. If the
document is found satisfactory, it will remain in use until the next review. If the
document is found unsatisfactory there are two outcomes.
The document is no longer necessary and should be withdrawn from use –
this is addressed by the requirement dealing with obsolescence.
The document is necessary but requires a change – this is addressed by this
requirement.
The standard implies that updating should follow a review. The term update
also implies that documents are reviewed only to establish whether they are
current when in fact document reviews may be performed for many different
reasons. A more appropriate term to update would be revise. Previously the
standard addressed only the review and approval of changes and did not
explicitly require a revision process. However, a revision process is executed
before a document is subject to re-approval.
This requirement responds to the Continual Improvement principle.
It is inevitable that during use a need will arise for changing documents and
therefore provision needs to be made to control not only the original
generation of documents but also their revisions.
The document change process consists of a number of key stages some of
which are not addressed in ISO 9000 Standards.
a. Identification of need (addressed by document review)
b. Request for change (not addressed in the standard)
c. Permission to change (not addressed in the standard)
d. Revision of document (addressed by document updates)
e. Recording the change (addressed by identifying the change)
f. Review of the change (addressed under quality planning)
g. Approval of the change (addressed by document re-approval)
h. Issue of change instructions (not addressed in the standard)
i. Issue of revised document (addressed by document availability)
As stated previously, to control documents it is necessary to control their
development, approval, issue, change, distribution, maintenance, use, storage,
security, obsolescence or disposal and we will now address those aspects not
specifically covered by the standard.
In controlling changes it is necessary to define what constitutes a change to a
document. Should you allow any markings on documents, you should specify
those that have to be supported by change notes and those that do not.
Markings that add comment or correct typographical errors are not changes
but annotations. Alterations that modify instructions are changes and need
prior approval. The approval may be in the form of a change note that details
changes that have been approved.
Anyone can review a document but approved documents should only be
changed/revised/amended under controlled conditions. The document
review will conclude that either a change is necessary or unnecessary. If a
change is necessary, a request for change should be made to the issuing
authorities. Even when the person proposing the change is the same as would
approve the change, other parties may be affected and should therefore be
permitted to comment. The most common method is to employ Document
Change Requests. By using a formal change request it allows anyone to request
a change to the appropriate authorities.
Change requests need to specify:
a. The document title, issue and date
b. The originator of the change request (who is proposing the change, his or her
location or department)
c. The reason for change (why the change is necessary)
d. What needs to be changed (which paragraph, section, etc. is affected and
what text should be deleted)
e. The changes in text required where known (the text which is to be inserted
or deleted)
By maintaining a register of such requests you can keep track of who has
proposed what, when and what progress is being made on its approval. You
may of course use a memo or phone call to request a change but this form of
request becomes more difficult to track and prove you have control. You will
need to inform staff where to send their requests.
On receipt of the request you need to provide for its review by the change
authority. The change request may be explicit in what should be changed or
simply report a problem that a change to the document would resolve.
Someone needs to be nominated to draft the new material and present it for
review but before that, the approval authorities need to determine whether
they wish the document to be changed at all. There is merit in reviewing
requests for change before processing in order to avoid abortive effort. You
may also receive several requests for change that conflict and before processing
you will need to decide which change should proceed. While a proposed
change may be valid, the effort involved may warrant postponement of the
change until several proposals have been received – it rather depends on the
urgency
Ensuring the availability of controlled documents
The ISO 9000 standards requires that relevant versions of applica-
ble documents are available at points of use.
The relevant version of a document is the version
that should be used for a task. It may not be the latest
version because you may have reason to use a
different version of a document such as when
building or repairing different versions of the same
product. Applicable documents are those that are
needed to carry out work. Availability at points of use
means the users have access to the documents they
need at the location where the work is to be
performed. It does not mean that users should possess copies of the documents
they need, in fact this is undesirable because the copies may become outdated
and not withdrawn from use.
This requirement exists to ensure that access to documents is afforded when
required. Information essential for the performance of work needs to be
accessible to those performing it otherwise they may resort to other means
of obtaining what they need that may result in errors, inefficiencies and
hazards.
In order to make sure that documents are available you should not keep them
under lock and key (or password protected) except for those where restricted
access is necessary for security purposes. You need to establish who wants
which documents and when they need them. The work instructions should
specify the documents that are required for the task so that those documents
not specified are not essential. It should not be left to the individual to
determine which documents are essential and which are not. If there is a need
for access out of normal working hours, access has to be provided. The more
copies there are the greater the chance of documents not being maintained so
minimize the number of copies. A common practice is to issue documents to
managers only and not the users. This is particularly true of management
system documents. One finds that only the managers hold copies of the
Quality Manual. In some firms all the managers reside in the same building,
even along the same corridor and it is in such circumstances that one invariably
finds that these copies have not been maintained. It is therefore impractical to
have all the copies of the Quality Manual in one place. Distribute the
documents by location, not by named individuals. Distribute to libraries, or
document control centres so that access is provided to everyone and so that
someone has responsibility for keeping them up to date. If using an intranet,
the problems of distribution are less difficult but there will always be some
groups of people who need access to hard copy.
The document availability requirement applies to both internal and external
documents alike. Customer documents such as contracts, drawings, specifica-
tions and standards need to be available to those who need them to execute
their responsibilities. Often these documents are only held in paper form and
therefore distribution lists will be needed to control their location. If documents
in the public domain are required, they only need be available when required
for use and need not be available from the moment they are specified in a
specification or procedure. You should only have to produce such documents
when they are needed for the work being undertaken at the time of the audit.
However, you would need to demonstrate that you could obtain timely access
when needed. If you provide a lending service to users of copyrighted
documents, you would need a register indicating to whom they were loaned so
that you can retrieve them when needed by others.
A document that is not ready for use or is not used often may be archived.
But it needs to be accessible otherwise when it is called for it won’t be there. It
is therefore necessary to ensure that storage areas, or storage mediums provide
secure storage from which documents can be retrieved when needed. Storing
documents off-site under the management of another organization may give
rise to problems if they cannot be contacted when you need the documents.
Archiving documents on magnetic tape can also present problems when the
tape cannot be found or read by the new technology that has been installed!
Electronic storage presents very different problems to conventional storage and
gives rise to the retention of ‘insurance copies’ in paper should the retrieval
mechanism fail.
Ensuring documents are legible and identifiable
The standard requires documents to remain legible and
readily identifiable.
Legibility refers to the ease with which the informa-
tion in a document can be read or viewed. A
document is readily identifiable if it carries some
indication that will quickly distinguish it from
similar documents. Any document that requires a reader to browse through it
looking for clues is clearly not readily identifiable.
The means of transmission and use of documents may cause degradation
such that they fail to convey the information originally intended. Confusion
with document identity could result in a document being misplaced, destroyed
or otherwise being unobtainable. It can also result in incorrect documents
being located and used.
This requirement is so obvious it hardly needs to be specified. As a general
rule, any document that is printed or photocopied should be checked for
legibility before distribution. Legibility is not often a problem with electron-
ically controlled documents. However, there are cases where diagrams cannot
be magnified on screen so it would be prudent to verify the capability of the
technology before releasing documents. Not every user will have perfect
eyesight! Documents transmitted by fax present legibility problems due to the
quality of transmission and the medium on which the information is printed.
Heat sensitive paper is being replaced with plain paper but many organiza-
tions still use the old technology. You simply have to decide your approach.
For any communication required for reference, it would be prudent to use
photocopy or scan the fax electronically and dispose of the original.
Documents used in a workshop environment may require protection from oil
and grease. Signatures are not always legible so it is prudent to have a policy
of printing the name under the signature. Documents subject to frequent
photocopying can degrade and result in illegible areas.
Although a new requirement, it is unusual to find documents in use that carry
no identification at all. Three primary means are used for document
identification – classification, titles and identification numbers. Classification
divides documents into groups based on their purpose – policies, procedures,
records, plans, etc are classes of documents. Titles are acceptable providing
there are no two documents with the same title in the same class. If you have
hundreds of documents it may prove difficult to sustain uniqueness.
Identification can be made unique in one organization but outside it may not
be unique. However, the title as well as the number is usually sufficient.
Electronically controlled documents do not require a visible identity other than
the title in its classification. Classifying documents with codes enables their
sorting by class.

Posted by at No comments:
Labels:
Subscribe to: Comments (Atom)