Professional Documents
Culture Documents
ISO is the International Organization for Standardization. It has a membership of 158 national standards institutes from countries large and small, industrialized and developing, in all regions of the world, ISO develops voluntary technical standards which add value to al l types of business operations. They contribute to the dissemination of technology and good business
practice. They support the development, manufacturing and supply of more efficient, safer and
cleaner products and services. They make trade between countries easier and fairer. ISO standards also safeguard users and consumers, and make many aspects of their lives simpler. ISO develops only those standards that are required by the mark et. This work i s carried out by experts coming from the industrial, technical and business sectors which have asked for the standard, and which subsequently put them to use. These experts may be joined by others with relevant knowledge, such as representatives of government agencies, consumer organizations, academia and testing laboratories. Published under the designation of International Standards, ISO standards r ep resent an international consensus on the state of the art in the technology or good practice concerned. ISOs portfolio of more than 17 800 standard s and related documents addresses all three dimensions of sustainable development : economic,environmental and social.
The organisation should establish a quality policy and properly document it. The goals set to achieve quality performance must be in line with the overall organisational objectives. The quality policy should be communicated to all the departments of the organisation.
4.1.2. Organisation:
An organisation should have a clear structure, in which individuals join together and play clearly defined roles, acting in co-ordination to further the aims of the organisation.
An authorised official who is competent to examine and control the procedures that have an influence on the quality system should be selected. This person should be given the liberty to take necessary steps to ensure that the organisation controls quality related processes in an effective manner.
4.1.2.2. Resources:
The organisation should identify resources required for achieving the specifications of the quality policy. These resources should include trained employees.
The organisation should appoint a management representative (on behalf of the organisations management). This representative is responsible for the proper deployment of the quality system. He should convey the status of the quality system to the top management.
The management should regularly assess the quality system in order to ascertain its consistency and efficiency.
Organisations should have a quality manual consisting of the functional aspects of this standard. The quality manual should comprise of the information pertaining to the work to be done in the quality system. It should also explain how it should be done, who should do it, and under what circumstances.
The quality system procedures should be in line with the standard and quality policy. These procedures should be efficiently applied. The information pertaining to the procedures should be within the scope of the organisational activities.
The organisation must take steps to ensure that it identifies with the customer requirements.
4.3.2. Review: The organisations must conduct a thorough assessment of the customer orders before taking them up.Therefore, the management should ensure that:
The customers' order is well interpreted (if it is orally conveyed) before taking up the order. The organisation has sufficient resources to fulfil the requirements of the customer.
4.3.3. Amendment to contract: Sometimes, the consumer might go for a replacement of the order or the organisation itself could fall short of the specifications. The standard states that:
Organisations must possess a documented system that specifies the modification procedure and the techniques being implemented so that the relevant information is conveyed to the concerned people.
4.3.4. Records: Upon the assessment of the customer order, the organisation should document the information pertaining to the order and the subsequent assessment incorporated in it. This is to be preserved for a specific duration. 4.4. Design Control: 4.4.1. General: The organisation needs to lay down procedures to ensure that the design of the product suits the customer requirements. 4.4.2. Design and development planning: The design plan must describe how the design process will be executed. It covers the employees in various hierarchies, their interactions and design procedures. Experts must regularly evaluate the design processes. 4.4.3. Organisational and technical interfaces: All interfaces between the design of a product and other organisations that design it have to be identified, communicated, and assessed periodically. The information required for carrying out a design process within the organisation must be gathered and incorporated within the documents. 4.4.4. Design input: The organisation must put in place procedures to ensure that the design team obtains the crucial information pertaining to the design parameters. The design team must promptly explain, convey and solve discrepancies in the product specifications. 4.4.5. Design review: The organisation must carry out design reviews at various phases of product evolution in order to control the
As the designs develop, the design must be evaluated to ensure that the inputs are conformed to. Designs are verified by means of tests, displays, and contrasting with previous designs.
4.4.8. Design validation: The organisation must make sure that the final product conforms to the design parameters, which in turn suit the customers needs. To attain design validation, the product must be tested in the environment it is going to be used. This is done to ensure that the product conforms to customer's requirements. 4.4.9. Design changes: The course of action for making modifications in design should be documented. 4.5. Document and Data Control: 4.5.1. General: All documents relevant to the ISO 9000 standard should be managed by a system with relevant procedures laid down for document assessment, improvement, approval and disposition. This also includes verifying documents used in design and testing. The documents must be easily accessible. 4.5.2. Documentation approval and issue: To meet the terms of this clause:
The concerned officials should assess, endorse review and approve all the documents that are utilised. The organisation must maintain a record of all the documents in use. The organisation must ensure that employees can easily access documents pertaining to them. Obsolete or incorrect documents must be removed from locations where there are chances of their inadvertent usage.
Documented modifications must be assessed and authorised by those who conduct the initial assessment, or by an official who has the freedom to use the relevant and crucial information to enable a good evaluation.
New modifications from the previous documents should be charted, when required.
The organisation should have well laid down procedures to perform its purchasing activities. Only then can the materials being supplied to the organisation suit the specific needs of the product. The organisation must evolve an effective purchasing system with complete documentation and records that make sure that the purchased goods conform to the requirements.
4.6.2. Evaluation of subcontractors: Assessment of a supplier must include an official documented assessment procedure. Review of subcontractors stipulates that:
The organisation must choose a contractor on the basis of his capacity to conform to quality requirements. An assessment of the quality system set up in the suppliers organisation must be performed. The organisation must maintain accessible records of those vendors who conform to the standards.
4.6.3. Purchasing data: Goods being purchased should be clearly specified. This consists of pinpointing critical components and high lighting process capabilities, guidelines for inspection and other relevant data. The purchase record must contain details of conformity to a relevant standard. 4.6.4. Verification of purchased product: It is the purchaser's choice to carry out a check of the product at the suppliers place or within the purchasers organisation. Product verification proves that the information pertaining to the inspection of the product is incorporated in the purchase record. 4.7. Control of Customer Supplied Product: The organisation should lay down procedures to assess, stock up, utilise and maintain the goods made available by the customer to be integrated into the final product. Materials that are not viable should be identified, separated and intimated to the concerned customer. 4.8. Product Identification and Traceability: To maintain product identification and traceability:
The organisation should lay down procedures so that the materials are individually traced from the time they are supplied to the organisation till the customer accepts them. Depending on the customer needs, organisations may even require to provide component identification. The organisation should have official documents and records in place to cater to the customers requirements.
4.9. Process Control: Process control can be defined as the means by which the process is designed to be in line with the standards or specifications.
The equipment utilised by the employees must have proper operational guidelines. The instructions should be evaluated regularly to see that they are in line with the other procedures.
There should be a detailed inspection and testing system to check whether customer needs are conformed to. This should be promptly incorporated in the documents and records that are accessible to the employees.
Attribute acceptance sampling plans should have zero defects as the benchmark. Certified laboratories should be utilised on consumer request.
The organisation should lay down procedures that ascertain use of material in the processes till they suit the predetermined quality aspects. During emergencies where the material is utilised before inspection, it should be positively pinpointed and documented in order to facilitate instant recall and replacement (if the set standards are not met).
The organisations should inspect and test the product as required by the documented procedures. Utilisation of positive recall method in cases of emergency. Emphasis should be laid on defect minimisation techniques such as SPC, visual management, mistake proofing.
The organisation should perform final inspection and testing in accordance with the documented procedures. This will help to establish the conformance of the finished product to the specified requirements.
The Quality Plan for final inspection and testing stipulates that all specified inspection and tests have been accomplished. The results should satisfy the specifications. No product should be shipped until all the procedures specified in the documented procedures have been accomplished and the related information is approved officially.
10
4.11. Control of Inspection, Measuring, and Test Equipment : This clause defines the system established to ensure that the products meet the quality requirements through effective inspection and testing. 4.11.1. General:
The organisation should have a system in place to ensure that the devices used for inspection and testing are appropriately calibrated and managed. When using software to check the products conformance to the requirements, they should be periodically re-examined for consistency. Records of calibration, authentication, and precision need to be easily accessible to the customers.
Choose the pertinent device for testing. Pinpoint those devices that can positively influence product quality. Calibrate such devices at regular intervals. Designate the current state of calibration. Put in place records providing the information for calibration. Make sure that the devices used for testing and inspection are properly maintained and regularly checked for defects. Protect the equipment from modifications that could have a negative effect on calibration.
The organisation should designate the current state of inspection and testing of the products during the various stages of the production process. This can be done using stamps, labels, tags, records, or diskettes.
4.13. Control of Nonconforming Product: This clause defines the system to manage nonconforming product. 4.13.1. General:
Products that do not meet the requirements should be restricted from inadvertent usage or installation.
11
4.13.2 Nonconforming product review and disposition: The defective product should be assessed in compliance with the procedures laid down. This product may be:
Modified to meet the specified requirements. Taken up again. Reassigned as a substitute for other purposes. Discarded. Returned to the supplier.
The products that are fixed and modified are re-examined in compliance with the procedures laid down. 4.14: Corrective and Preventive Action: 4.14.1General: The organisation should implement corrective and preventive actions taking into consideration consumer grievances, service faults, audit results and quality documents. These measures should identify the causes of nonconformity and establish remedial procedures to eliminate potential non-conformities. The organisation should take measures to ascertain that all activities are executed with efficiency. 4.14.2. Corrective Action: The corrective action procedure must involve:
Compilation of customer grievances and defects (in product) in records. An analysis of the failure of a product to meet a specified requirement and its subsequent recording. Establishing the steps to be taken to mend the defect i.e. determining the procedure for corrective action. Establishing methods for monitoring the effective implementation of the corrective action.
Compilation of data relating to the products (that fail to meet a specified requirements) mentioned in the records. Some of the means to source this information are consumer grievances, internal audits, quality documents and service feedbacks. The purpose is to utilise the records to eliminate the causes of product failure.
An analysis of the failure and its recording should be done. Establishing the steps to be taken to mend the defect i.e. efficiently carrying out the corrective action plan. Outlining a corrective action plan to deal with the root cause of product failure. Ensuring that the top management revaluates the preventive and corrective actions.
12
The handling of products should be such that the product is safe and uncontaminated. Training should be given to the employees in issues relating to the safe handling of products.
4.15.3. Storage:
The organisation should define locations for stocking the materials in order to safeguard them from damage, corrosion, accidental usage, or unintentional delivery to a customer. The organisation should set controls for receiving or delivering goods from the warehouse. Thorough assessment should be done to ensure degradable materials (items that deteriorate by exposure to air, sunlight, heat, moisture and similar factors) are despatched before the expiry date.
4.15.4. Packaging:
The packaging guidelines must be properly documented and protection techniques high- lighted. Also the material used for packing should be appropriate. Employees must be provided adequate training in packaging techniques and in the use of packaging devices.
4.15.5. Preservation:
Preservation includes activities taken to repair or treat damaged materials (retrospective) and prevent or delay material becoming damaged (preventive preservation). The preservation procedure should be properly documented. The material must be confined in a restricted area until they have been shipped to the customers.
4.15.6. Delivery:
Delivery of the product is made in conformance to the prior agreement with the customers. Proper measures should be taken to facilitate undamaged shipment to the customer. The delivery procedure must be documented and the personnel should be adequately trained for the job.
Preserve records that establish product conformity to the specifications. Define the warranty period i.e. the duration for the preservation of a record.
13
The quality audits within the organisations should be scheduled appropriately. Trained employees unrelated to an activity should preferably conduct its audit. The outcome of the auditing process should be recorded and judicious corrective action taken.
4.18: Training:
A training programme necessitates the systematic collection of information pertaining to the employee skills and the requirements of the organisation. Organisations must encourage the workforce to accept training in relevant areas.
The organisation must provide ample resources to facilitate training so that the employees can upgrade their skills. Procedures for the training activities should be in place.
4.19. Servicing:
On the basis of the conditions set by the organisation and the agreement between customers and the management the organisation should draft its service procedures. All these activities should conform to the ISO 9000 standard. The organisation should document procedures required to confirm compliance of the services to the set standards.
The organisation should evaluate the application of statistical tools and techniques in its QMS. The use of statistical tools enables the organisation to effectively manage its process and product parameters.
4.20.2. Procedures:
Once the organisation starts utilising statistical tools, it should simultaneously lay down procedures to ascertain their proper application.
14
Regardless of the kind of standard adopted, organisations can go about their quality system implementation through the following steps: Step 1: Top management commitment: The first step towards establishing a QMS in accordance with ISO 9000 series of standards is the commitment of the top-management. Any measure taken towards the development of a QMS will be productive only when the top- management is committed towards it. The top-management must be convinced of the benefits of certification. They should realise how certification will help them improve their systems and demonstrate a visible commitment to quality to customers. The top management can demonstrate their commitment to the implementation and enhancement of the QMS by several methods, some of which include:
Developing effective strategies to communicate to their employees the importance of implementing the ISO 9000 QMS. Developing the organisation's quality policy and communicating it to all the employees. Establishing quality targets at all levels and functions of the organisation. Providing necessary resources to implement the QMS. Appointing a management representative drive the implementation of the QMS. Conducting management reviews.
Step 2: Establish an implementation team and allocate responsibilities: The next step is to form an implementation team and appoint a management representative to streamline the organisations planning and manage the implementation program. Care should be taken that the team members are from all the functions in the organisation. A management representative, is a person within the organisation who acts as an interface between organisations management, it's employees and the ISO 9000 registrar. He should be the organisation's "quality management system champion," and should:
15
Step 3: Start ISO 9000 awareness programs: Enhancement of quality performance in an organisation does not occur by itself. The top-management should motivate and support the work force in their efforts to achieve quality improvement. An organisation-wide awareness program should be conducted on ISO 9000 QMS. This will help employees gain adequate knowledge of ISO 9000 quality system. They should be able to understand:
Why the organisation is opting for certification? What is the current status of the organisation when compared to the required standards? What is the desired objective of the management? What are the benefits of implementing quality system based on ISO 9000 standards?
Step 4: Provide training: Once the above activities are performed, necessary training should be provided for different categories of employees - senior managers, middle-level managers, supervisors and workers. The duration may vary depending on the need but training is a must for all. This training needs to be comprehensive enough to include all the basic concepts of the QMS, the standards and their influence on the planned targets of the organisation. The management representative along with the members of the implementation team, who conduct internal audits, would need an internal auditor-training course. Training may also be necessary on writing quality manuals, procedures and work instruction, auditing principles, techniques of laboratory management, calibration, and testing procedures. If expertise is not available to conduct the training, it may be necessary to participate in external training courses that professional training organisations conduct. Alternatively, an external training consultant could be invited to conduct in-house training courses. Step 5: Conduct Gap analysis: Gap analysis is an evaluation of the organisation's current policies and procedures to identify those that fall short of what is required by ISO 9000. Gap analysis enables the organisation to analyse its business plan, policies and strategies and their suitability. Many organisations have the necessary procedures in place for a QMS but the question is whether they are in accordance with the required standards. Gap analysis assists in identifying such procedures. It also helps in identifying the need for new procedures. A gap analysis generally uses a standard template of questions (questionnaire) on the current status of the organisation's processes. The analysis can be conducted internally i.e. by an in-house team, provided the required knowledge is available. Otherwise the services of an external consultant should be availed.
16
The documentation that needs to be developed. Vision and targets of the system. Relevant ISO 9000 section. Person or team responsible. Required resources, approval and training. Clear deadlines.
These elements need to be arranged in the form of a chart, to enable periodic reviews. This plan should define the roles and responsibilities of employees in different departments and specify the time limits for the completion of the activities. The implementation team should approve the action plan that is developed. While a quick action is essential it should not be the only norm. The management representative should control, review and update the plan as the implementation process proceeds. Step 7: Develop QMS documentation: Once the action plan is ready, the next step is documentation. Documentation is a common area of nonconformance in organisations willing to implement quality systems. In most organisations the documentation is either insufficient or absent in some areas. Areas like inspection and measurement are generally performed in every organisation, but very few document them. Documentation of the QMS should include all the activities that have their profound impact on quality. This generally should include:
Documented statements of quality policy and quality objectives. A quality manual. Documented work instructions and quality records. Documented quality plans and those that are required for operation and control of quality processes.
Step 8: Document control: Once the necessary documentation is developed, a documentation system should be developed to control it. These control systems need to be simple and easy to operate. Document control should include:
17
Step 9: Implementation: After developing the necessary documentation and systems for their control, the management representative (quality co-coordinator) needs to validate them. Then the actual QMS implementation can be initiated. Implementation is putting down the written systems into practice. Care should be taken that the all activities in the organisation are in accordance to the documented standards. It would be a good idea to initially evaluate areas where the chances of a positive evaluation are high. This helps to maintain the confidence of both management and staff in the merits of implementing the QMS. Step 10: Internal quality audit (Phase-1 audit): Internal quality audit can help identify the gaps in the quality system implementation that are not yet compliant to the ISO standards. Internal audit process should be conducted properly and thoroughly. It helps to verify that the QMS is in accordance with the:
This may require modification of a particular system or procedure. Even after the system stabilises and starts functioning, internal audits should be planned and performed as part of an ongoing strategy. Step 11: Pre-assessment audit (Phase-2 audit): When system errors are no longer observed, it is normally time to apply for certification. However, before doing so, arranging a pre-assessment audit though not mandatory is advisable. Phase - 2 audit generally conducted by an external agency could help organisations re-evaluate their QMS. This may help them identify defects that were not visible previously. Thus the organisation gets a certain a degree of confidence before going through the formal process of certification. Generally, an independent and qualified auditor conducts the pre-assessment. In certain cases certifying agencies provide this service. Step 12: Selecting a certifying agency: Some criteria that organizations can consider while evaluating a certifying agency are:
Background of certifying agency. Kind of organisations and industries audited by them previously.
18
Step 13: Certification and registration: The next step is the certification. The certifying agency first conducts a document review to check for the adequacy of available documentation. Once the documentation is found adequate, a conformity audit or a compliance audit is conducted. Such an audit is performed in accordance with the ISO 10011 auditing standard. On satisfying the conformance audit, the certifying agency grants certification. Step 14: Surveillance and re-certification audits: Establishment of a QMS in accordance with the ISO 9000 series of standards is not a one-time effort. ISO 9000 standards need to be adhered to by the QMS once it is implemented in the organisation. Hence, organisations need to ensure that the systems implemented are also established. Regular surveillance audits are necessary for this. They help to ensure that the organisation continuously adheres to the required quality standard. In general, the certifying agency conduct these surveillance audits. The certification issued is valid for a period of 3 years. After which a re-certification audit is conducted. Gap Analysis > The What and the How Of Gap Analysis Gap Analysis: Gap analysis is an evaluation of the organisations Quality Management System. Purpose: Gap analysis assists in identifying the organisations functions that conform to the ISO 9000:1994 standard and the gap between the non-conforming functions to the requirements of the ISO 9000 standards. Gap analysis also provides the organisation with some suggestions to fill the identified gaps. Indeed such proposals guide the implementation process. Every organisation requires effective and efficient systems to remain competitive. Gap analysis helps to identify the range and depth of the conformance of its systems to the standards. Most organisations find documentation falling short of the standards. Similarly, internal audits (conducted by in-house employees), corrective and preventive actions and management reviews are some of the other areas that often fail to meet the standards. Conducting the gap analysis: The organisation can use the services of either trained internal personnel or external consultants to conduct the gap analysis. The gap analysis will evaluate the system in terms of adequacy of documentation and compliance of working system to the ISO 9000 standard requirements.
19
20