Posts Tagged ‘Certification Body’

A short piece from me on this one but one that I see as deserving of comment. This is because more and more companies tell me that they are ‘accredited’ to ISO 9001 when they should be saying ‘certified’.

Here in the UK it the certification bodies who are accredited by UKAS so that they can deliver their services to you. Once you are successful they then certify you to the relevant standard.

Not sure what brings this on, perhaps it sounds grander. Whatever, you need to ensure your website, social media and any printed material is telling the right story.

Back to more inspirational¬†comment next time ūüôā

I must confess to being quite surprised and disappointed at the number of times that I still hear the story about the 9001 auditor who dutifully conducts the surveillance audit but never goes out of the office.  Gallons of tea or coffee seem to be consumed together with a significant number of your custard creams, bourbons or garibaldis.

The kicker here is that whilst the company inevitably gets through the audit with little or no admonishments, the owner or CEO is left to pick up the tab but often feels disillusioned (or some have said cheated). ¬†This is because, being interested in more than just the ‘badge’ – which is commendable, they know the shortcomings in their system and are looking for the opportunity to discuss possible ways of dealing with them – but it needs the auditor to pick them up first. ¬†Certainly, if they never even go for a look round then the chances are slim.

Here’s how it impacts on the Management Representative

Such omissions make the life of the management representative even harder as the rug is pulled from under his or her feet when their protestations about what the auditor will see when he comes in all goes up in smoke. ¬†“What was that all about?” comes the reply from colleagues. ¬†See, we can just wing it.

Now, I appreciate that auditors must not cross the line and move into consultancy mode. ¬†However, I always looked forward to those guys who would engage in the business and suggest alternative ways of working or even leave you in no uncertain terms that certain aspects must be addressed even though you didn’t want to hear it. ¬†You ended up moving the system forward together.

So, how come we still end up in this day and age with this situation? ¬†Well, dare I say ‘anything for an easy life’ comes to mind and I must stress that can apply to both parties. ¬†Perhaps the prospect of loosing a site if they takes umbrage to their auditor raising numerous NCRs could be another issue.

But what can you do?

Well, that’s the tricky one isn’t it because retaining the certification is clearly of paramount importance. ¬†However, you could have a quiet word at the opening meeting or failing that with your certification body and perhaps ask for a new auditor next time. ¬†There doesn’t seem to be any formal feedback system on this one – although I’ll stand correcting. ¬†I always find that strange seeing as the standard places a great deal of emphasis on customer satisfaction.

Time to practice what gets preached perhaps because, after all, such a situation does devalue all the hard work you’ve put in, even the standard itself and will not¬†prevent second party audits from being heaped on you as the customer sees less and less value in that certificate hanging on the wall.

Be interested to hear your experiences, but excuse me for now as I’ve got a brew on – and whose just cleared us out of all the Rich Tea then? ¬†I swear I’m going to put a lock on that biscuit tin!

Understandably a lot of focus is put on getting the quality system ready for that final audit but the need to do likewise around the site shouldn’t be overlooked. Whilst some may view these as very basic, those undertaking this audit for the first time might benefit from the prompt.

Housekeeping is an obvious one for starters. Go round the shop floor and have a tidy up – assuming it isn’t already engrained in the company culture that is. First impressions are important as they say. Get old machinery and parts out of the way and redundant stock and work in progress sorted. The same applies for office space as well so don’t forget to check that it all looks reasonable and make sure nobody has ferreted away old procedures if you have had to issue hard copies.

Walk round and convince yourself that, by what ever means you have adopted, orders are clearly identified. Rectify any areas where you are left scratching your head before the auditor does likewise. Also check that documentation relevant to these orders is in place and legible and hasn’t ‘wandered’.

The system itself should be sorted but no harm in getting someone to do a final sense check. Go through the master manual of documents to make sure nothing is missing or you’ve not generated some spurious revisions by some erroneous cross references. Don’t forget the intranet if you base your system on that as well. Check all the links work before you end up enduring that embarrassed silence when the auditor can’t make any progress through your system. Might be worth checking the backup regime whilst you’re at it to ensure the save has been validated i.e. would it work if called upon.

Ensure the Quality Policy is displayed around the place and that staff have a basic understanding of it. A good place to display it is on the log-on screen of¬†your IT system if that is possible. Ensuring you have done all your internal audit programme and at least one Management Review meeting should be a given. However, don’t be afraid to do another MR meeting as the system gets up and running during that pre-audit period if it helps control the workload.

Finally, don’t forget your colleagues as you are going to need their help on the day. Make sure you have communicated the programme for the day to them so they know when and where the auditor will visit. Explain that you as the Management Representative (or your delegated colleague) will be with the auditor at all times but only as a guide and observer since the auditor will want to talk to them. Obviously tell them to keep to the area under discussion and politely respond to the questions and clearly ‘avoid going off on one’ if you know what I mean!

That way everybody is ready for the visit and the site looks its best – but then it always does, doesn’t it?

I often get asked this as sites get close to bringing in the auditor so I put together this summary of what I would expect to see in relation to the five main paragraphs so it is possible for anyone to gauge if they are ready.

How much of the system?
The QMS should have been operational for at least 4 ‚Äď 6 months with quality records created in every section of the system. ¬†A full¬†set of controlled procedures, work instructions and forms should be in use backed by an effective record retention system. ¬†Evidence of controlled issue of such documents either electronically or as hard copy needs to be visible.

Clearly at least one Management Review meeting needs to have been undertaken with minutes on file and adequate resources in place Рespecially the Management Representative! An effective Quality Policy and objectives should in place and understood by staff.  The scope needs to be adequately declared with a note of exceptions from Section 7 and the company should be able to demonstrate an effective means of communication to the staff, perhaps a newsletter, notice board items or briefing sessions.

A full set of training records need to be on file for employees plus a means to determine training needs and requirements e.g. a skills matrix. The relevant aspects of infrastructure and environment would be addressed as appropriate and a current Organisational chart visible for all to see how they fit into the structure.

Where it really counts
Operational procedures should be complied with in Sales, Purchasing, Design, Calibration and Production and control of identification and status evident throughout the company. You need to be adhering to your Approved Suppliers and Subcontractors List with adequate inspection from Goods Inwards, In process through to Despatch.  Customer property needs effective control if relevant along with preservation of product in stock, in process and on despatch.

All internal audits have to be completed in accordance with your schedule by a qualified auditor and corrective action reports documented and action in a timely manner. Evidence of Quality Objectives and their measurement is required so as to demonstrate continuous improvement and you must have effective control and analysis of non-conforming product.  Finally, clear evidence of customer satisfaction data collection and evaluation should be present.

Help is at hand
After all that if the Management Representative wants some moral support then he can subscribe to the free 9001 Training Guides. You can find a full set of samples on Utube on the QualityAuthority channel or click on this link to go to the web site to take up the free subscription for the full series of ISO 9001 Training Guides.

Over the years there have been many instances when I see sites pin their ‘flying¬†colours’ to the mast after their audit and it makes me wonder because I know for a fact that the site in question has major¬†issues, ¬†For¬†example, the system hasn’t been managed for months; internal audits haven’t been done and customers have raised¬†serious¬†concerns. ¬†So how come a third party can give it such a glowing report?

In fact I can remember one such site where I was called in to do a resurrection job because a major customer had serious doubts over the certification body whose certificate hung so proudly on the wall. ¬†After a little bit of digging I came to the conclusion that the customer was right. ¬†I couldn’t put up any¬†defence, the system was in a mess – so who was helping who?

This is a timely comment in view of the latest, and some say controversial, version of ISO17021 coming out last month. ¬†The standard now sets out requirements for auditor¬†competence¬†as well as the actual auditing of a system. Its purpose is to set the standard for certification bodies so as to increase the level of trust associated with the role in¬†certification. ¬†They have two years to bring it to fruition so it will be interesting to see if we see a reduction in the number of ‘flying colours’ in that period.

My¬†belief¬†has always been that an auditor should be offering a balanced assessment of a QMS, but if there are any deficiencies, particularly glaring ones, then they shouldn’t shy away from their responsibilities and¬†should¬†report the issues¬†accordingly¬†and look for suitable corrective action. ¬†It does nobody any favours just to keep that certificate on the wall when all around it is falling down. Can you share any similar horror stories?

Tips on auditing are part of my ISO 9001 Training Guide videos currently available on free subscription.