会議When it comes to authorising and approving procedures do you just type them and bang them out or do you print them and see to it that they get physically signed off?

It really surprises me how many systems I see like the first. There is no evidence of you having taken responsibility for either of these requirements. No names, departments, nothing.  When I query this I tend to get told well “I’m the only one who writes them”; “I show them the relevant manager first” or “We can’t wait that long to get them issued”. However, without some accountabilty how do you address the requirement to authorise and approve documentation on issue or amendment?

Now, sometimes I see the authors name typed in and perhaps with a date in the footer of the document which is better than nothing.  Strictly speaking though you would have to evidence that the ‘author’ is the only person with access to the system to create and amend documents which is a bit of a faff. However, you still can’t evidence that the process owner has had any input into what is strictly his or her domain.

Far better to include two signatories with the process owner (often the Head of Department)  authorising it and the QA person approving it.  That way the process owner takes responsibility for releasing information as to what happens on his or her patch. Without that, and I have seen this, you get the response “Well I wasn’t asked about it or shown it before it was issued”. The QA person should approve it so as to run the rule over it for adequate contact and auditability.

Now in this day and age you can obviously have, provided again that suitable control exists, electronic signatures to save the physical  printing. Would be interested to know what you do so please share your experiences. More helpful support at the 9001 Support Centre.

 

 

 

 

ShredderIf you already have a system in place you are doubtless pondering as you look towards the 2015 version whether to bang not only the manual but the mandatory six through the jaws of your shredder as well. (Yes, I know Preventive Action goes anyway but let’s run with it yeah)

The likelihood as I see it, having talked to my sites, is that they will be retained and the temptation to run amok resisted. It’s a bit like some of us now being allowed to get our hands our pension pot to do with as with please isn’t it. You so want to but you hold back.

The manual if written properly (i.e. in say 8 – 10 pages max) is a good marketing tool and the procedures are useful support for those getting there heads round the requirements in QA. However, what to do if you are installing your system?

I think that really depends on the skills and knowledge of the team (yeah, no management representative either doing all the work) who will look after these processes. In my opinion, if they know them inside out then there would appear to be no need to burden them with procedures provided adequate records are being retained to evidence control of each process. However, if they are lacking experience, there is no doubt that there is a good case for writing them. As with all parts of the standard – if not having a procedure risks the process falling over, then you need one.

I have to get my head round how to upgrade the 9001 Training Guides to accommodate the extra requirements and the general move-around of existing procedures so by all means let me know what you would like to see and in what format.  The current version for 2008 are here if you’ve never seen them and would like help with that version.

 

 

 

You Need A Management REVIEW Not A Meeting!

A lot of companies take the easy route here I guess and assemble the good and the mighty around a table to perform the Management Review – yet nowhere in the standard does it state you need a meeting.

Now I agree that it would take a strong lead to suggest that you do it in any other way, but provided you have a clear set of data in a suitable form plus the output as a set of clear notes, actions and dates then you can if you wish. Just chill out over a coffee or grab the opportunity when the required people are free.

This could allow you to effectively chunk down the elements of the QMS to smaller pieces say every month rather than the long drawn out session each year. Bearing in mind the typical attention span of some of your team I wonder which would be more effective? Go on give it some thought and break the mould. Please do share if you already do something unconventional as regards your MR.

Now if you want to see some outlandish ideas as to a location then check this out – http://ow.ly/T5IhZ

Just What Makes A Good Audit Sample?

Now if you are responsible for internal audits at your place of work there is a fair change you are limited for time. You therefore accept that you are only going to check a sample in relation to the process being audited – but just how many records does that mean?

Now, I am not getting into a discussion here as regards statistically valid numbers, more of deploying some common sense based on what I have seen over the years. You, like me, start off with good intentions so perhaps half a dozen orders may get sampled at the start, then that reduces to three or four but as time goes on you fall into one of two traps.

You start picking just one order out and worse still you keep using that one to satisfy several questions on your checklist/ flow chart as both time and energy start to ebb away.

Ok, well that ‘s understandable on the basis that it tails off at the end, but the real issue is if you only ever start with one order right st the beginning. So, what then is the rule of thumb?

I am a great believer in the rule of three so do my best to use that at the start. Hopefully you find all three are good so move on, but if not do remember to resample before writing out that CAR. If the second sample re-enforces your view that there is something untoward then fair enough, but at least you have given it a fair chance.

One final point. If what you find is simply of an admin nature – signature missed, reference number missing or paperwork misfiled – can I suggest you get it sorted during the audit rather than being dogmatic and raising that CAR. That helps all concerned :)

However, I am not suggesting for one moment that my numbers are set in stone so do share how you deal with this part of the audit process.

Companies certified to ISO 9001 could have a surprise in store when the standard eventually gets revised from the 2008 version to that of 2015. Ok, so there is now an alleged delay I hear in that we won’t see this published until the autumn now but don’t rest on your laurels.  You need to get ahead of the game on this one and hear’s why.

Some say it is the most significant change they have seen to the standard

However, companies will doubtless leave it to the last-minute thus putting themselves under pressure having less time to talk it through with staff  and then introduce all the changes required of them. Certainly the Owner,CEO or MD is being asked to be more hands on in the running of the system so that’ll come as a shock to most.  No longer can it be bolted onto the business or simply viewed as a delegated task for one unsuspecting member of staff.  Also, have they seen the significant changes in relation to that person’s role anyway or the documents that are removed and the processes that are added? Will they understand how to introduce risk management for example.

What action can I take?

Well, I am already chatting to certified companies to paint a picture as to what is coming their way with the new standard. I have attended sessions with no less than three certification bodies and am about to undertake my auditor transition course. I trust you are making similar arrangements whichever side of the fence you see yourself.

A good place to start

Here is a trailer of my recent webinar “9001:2015 – What’s All the Fuss About” to set the scene for you.

If you see the need to chat further then email me at pete@iso9001supportcentre.com and remember that you can also see it on my App in the Masterclass section. Just search on Apple or Android for :9001 Support”.

This is not a new subject as such on this blog but one that needs constant attention. So many companies I work with don’t get how important it is to allow sufficient time on corrective action when they come to fill in the form.

The correction and containment is the immediate and short term action that needs taking to resolve whatever problem has been flagged up. You then move onto using the 5 whys to determine the root cause as to why you had it.  It is absolutely critical to get this right and investigate what is the real cause so that the subsequent correction action doesn’t chase the wrong reason.

Then comes the corrective action to stop it happening again.  In addition to an action, which might be feasible in a matters of ‘days’, you need to allow time so that the people involved ( not the auditor ) can convince themselves the action has been effective.  Then you call back the auditor. Now this might take ‘weeks’ or even ‘months’, particularly if linked to a subsequent report or meeting.

For example, you appoint someone to cover some duties that have fallen over. Fine, that might be done very quickly – but how do you know the person is going to be effective?  You give them a month or two to demonstrate that backed with some report or presentation into management. A process falls over so you agree to add an extra control to prevent it happening again.  That is introduced immediately – say via a computer procedure – but you need time to demonstrate the problem has been effectively sorted.

The two actions on a CAR form are not both quick fixes so that you can get them off your back.  Whilst the standard requires you to deal with them in a timely matter, it is not the green light to shortcut the process. Corrective Action needs time.

It is stating the obvious that more and more communications are taking place on mobile devices such as phones to tablets – so why should we Quality Management Specialists miss out?

I am in the throws of designing an App with a colleague here in the UK that I feel will add value to those running a QMS – but I would love to know what you think should be included.

Given all that a QMS has to cover, what are the major elements you think would look good in the palm of your hand. Whilst this will work really well for CPD purposes for yourself, also think of practical issues where having that information or form on a mobile device would really add value.

You can make use of simple text, pictures, audio, video, surveys, email and more so don’t feel there are any limitations – make the suggestion and leave it for us to decide if it is doable.

The plan is to launch it in September and I’ll make sure you have the opportunity to be first in queue when it is ready to download. Looking ahead, there are already some exciting ideas getting short-listed so please give me some feedback here so we can consider yours. It will get credited if it is included.