1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Time to get the ball rolling...

Discussion in 'ISO 9001:2015 - Quality Management Systems' started by jamescrockford, Sep 26, 2017.

  1. jamescrockford

    jamescrockford Active Member

    Joined:
    Aug 1, 2017
    Messages:
    69
    Likes Received:
    18
    Trophy Points:
    7
    Hi,

    This is my first post and I am very glad to have stumbled across this forum.

    We are about to embark on our transition journey. We have a "readiness" review in November and this will be followed by planned surveillances in December and June 2018, by when I hope for us to be certified to avoid any additional visits before the September 2018 deadline.

    So far, I have attended some training courses, read the standard over and carried out lots of research as and when time has allowed between dealing with the day to day stuff. I feel like I have a good grasp of what is required.

    Our current system is mature, possibly too mature in that we have been certified for many, many years and it shows in places (too many procedures). I am desperate to use this transition process wisely and make our QMS of value rather than tailored to what people believe is required (which is usually wrong and over the top!).

    No changes have taken place yet and so I have called a meeting this week to explain the key changes and what we need to do to our management team. Weekly meetings will then be held to monitor progress. Management are fully aware of the change but not the detail at this stage, it is only myself that has that knowledge which I need to pass on.

    I have conducted a basic gap analysis and believe the areas that we need to address are;

    4) COTO - Issues and Needs/Expectations of interested parties - New requirement
    6) Risk - New requirement, Objectives - Needs improvement
    7) Support - Organisational knowledge - New requirement, Communication & Awareness - Requires improvement
    9)Performance Evaluation - Customer Satisfaction - Needs Improvement, Management Review - Enhanced requirements

    Any general suggestions/tips for the overall process appreciated as we set off!

    Thanks.
     
    Andy Nichols likes this.
  2. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Welcome James! Looks like you are off to a good start. You might want to adjust the frequency of meetings once the development of your system starts to mature. Experience shows that it becomes less necessary.

    Have you been doing internal audits? It seems you don't consider them to need improvement, however the vast majority of them that I've seen need huge improvement...:eek:
     
    Michael923 likes this.
  3. Qualmx

    Qualmx Well-Known Member

    Joined:
    Oct 7, 2015
    Messages:
    464
    Likes Received:
    59
    Trophy Points:
    27
    Location:
    Mexico
    hi Jamea
    take a special look at methods to address the risk and opportunities, an interesting issue.
    regards
     
  4. jamescrockford

    jamescrockford Active Member

    Joined:
    Aug 1, 2017
    Messages:
    69
    Likes Received:
    18
    Trophy Points:
    7
    Hi Andy and thanks for your reply.

    With regards to the frequency of meetings, the weekly meeting is only for the initial part of the transition i.e. to communicate and plan the changes/implementation. We have our management review system which currently takes place twice per year. The weekly meetings are separate to that and specifically geared towards transition.

    Again as part of our ISO9001 certification we carry out internal audits of our key processes at planned intervals. I don't doubt that they could be improved upon but this is something I am always trying to regardless of the transition. I think the new standard just includes things we should be doing anyway if the audit system is half decent! i.e. looking at planning and effectiveness!
     
  5. jamescrockford

    jamescrockford Active Member

    Joined:
    Aug 1, 2017
    Messages:
    69
    Likes Received:
    18
    Trophy Points:
    7
    Hi Qualmx,

    Thanks for the reply.

    Yes, addressing risk and opportunities is an interesting one. These are areas that I have no doubt top management have in their head and do on an informal basis but it now needs to be ever so slightly more formalised. I will find it interesting to understand these topics.
     
  6. jamescrockford

    jamescrockford Active Member

    Joined:
    Aug 1, 2017
    Messages:
    69
    Likes Received:
    18
    Trophy Points:
    7
    I'm struggling a little as to how to address clauses 4 and 6. I have seen lots of mentions of "COTO" logs and procedures and the like but also that the clauses can be satisfied through the management review system. I reiterate, I am keen to avoid doing anything for the sake of it, only what is required and actually of use rather than procedures/documents that only get looked at once in a blue moon (when the CB auditor comes in).
     
  7. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    No procedures etc are required to address CotO. Simply put, you can do and record something like a SWOT analysis to identify internal and external issues. I suggest doing this in a "management Review" format and record the issues/information discussed. It's unlikely to raise any flags with the CB auditors since they (for the most part) are shy of auditing it...
     
  8. jamescrockford

    jamescrockford Active Member

    Joined:
    Aug 1, 2017
    Messages:
    69
    Likes Received:
    18
    Trophy Points:
    7
    Thanks for this Andy and what would you suggest for clause 6.1?
     
  9. john moreton

    john moreton New Member

    Joined:
    Sep 27, 2017
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    HI. For 6.1 we plan to Risk Assess/Profile the identified external/internal issues 4.1, 4.2 to identify what/which impact they have on our business. then with the support of the existing controls we have in place i.e supplier review, employee forums, customer satisfaction, reg compliance monitoring, Internal Audit etc look at what we can improve to enhance the business relationship with the positive and mitigate the negatives.
     
  10. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    The practice we use is to consider the existing processes of the QMS and decide if that will be suitable as a vehicle to address the risks/opportunities. Say, for example, one of the risks the org faces is the loss of skilled people to retirement, then if the plan to address that is to have an apprenticeship programme, then what process do you have to do that? It's likely that a process, including how you train candidates, who trains them, use of suppliers like the community college for example becomes a plan - as the standard describes in detail...
     
  11. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    816
    Likes Received:
    402
    Trophy Points:
    62
    What you really need to figure out is how are you doing it now and what you can do to "prove" that it is being done. It's being done, even if it isn't formally. Somebody, somewhere in your organization is thinking these things thru at some level. Areas to look at are business planning and management reviews.
     
  12. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    4.1 and 4.2 are intended to be the vital inputs of 4.3, 6.1.1 and 9.3.2. For example, in fulfilling 6.1.1, we are guided by the figure below:
    upload_2017-9-29_14-39-23.png
     
  13. The PPAP Assassin

    The PPAP Assassin Active Member

    Joined:
    Mar 20, 2017
    Messages:
    67
    Likes Received:
    29
    Trophy Points:
    17
    Location:
    Kent, OH
    What is ROA?? And items for strategic direction to evaluate in a SWOT format.. Would those be more customer service related processes? Maybe financial and administration? Thanks!
     
  14. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    ROA - Risks/Opportunities & Actions analysis. We utilize the RBT concept in two levels of planning. For strategic, we use SWOT. For operational, we use ROA. ROA is a simplified version of FMEA, without the prioritization columns (i.e. S*O*D = RPN). The actions or controls we have determined resulting from the analysis are incorporated into the process, including the associated documented procedures. We use the ROA for all types of processes (i.e. support, management and operation).
     
  15. jamescrockford

    jamescrockford Active Member

    Joined:
    Aug 1, 2017
    Messages:
    69
    Likes Received:
    18
    Trophy Points:
    7
    I'm struggling a little with 4.1 to determine which issues are relevant...
    My understanding is that the issues should that can affect customer satisfaction and the delivery of quality product/services that meet applicable statutory/regulatory requirements.
    With this in mind, would "Brexit" be considered an issue, with the risk being exchange rate losses, profit loss, increased cost of importing etc.
    I'm starting to think it wouldn't as doesn't necessarily affect the above?
    Reliance on tribal knowledge on the other hand clearly would be and issue that can affect those areas.
    Let me know your thoughts.
    Thanks.
     
  16. jamescrockford

    jamescrockford Active Member

    Joined:
    Aug 1, 2017
    Messages:
    69
    Likes Received:
    18
    Trophy Points:
    7
    Okay, so I sat down with our MD yesterday and we conducted a SWOT analysis of the company. As many people have told me, the information for COTO was very obviously in his head!

    We now have this down on paper and it will be discussed at the next management review (start of December prior to our next CB assessment).

    Next step is to get down on paper our interested parties and their requirements, which I am currently in the process of building a basic spreadsheet for...again to be discussed at the next management review.

    In terms of 6.1 risk, my current plan is a risk register which will take the key risks/opps from 4.1 and 4.2 and evaluate the risk and the treatment required...again, to be reviewed at the next management review.

    Am I on the right track?
     
  17. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Sounds good. I'm not sure a risk register is of importance, as much as a clear plan to address those issues which he can see need to be worked on first. Rating the risk in terms of affect on customer and likelihood of occurrence will help rank them in order of magnitude for action.
     
  18. jamescrockford

    jamescrockford Active Member

    Joined:
    Aug 1, 2017
    Messages:
    69
    Likes Received:
    18
    Trophy Points:
    7
    Can I ask about clause 4.4? QMS and its processes. What is the best way to go about this? Do we really need to do anything differently? We have our process interaction diagram in the QM and all key processes have procedures. I had thought about turtle diagrams for each key process including sections for metrics and associated risks/opportunities but judging from what I have seen on this forum, they aren't necessarily useful. I had thought that it may get the process owners to get a good feel for the whole process and how it links with others, plus it would be a useful tool for our audit team to audit against.
     
    Andy Nichols likes this.
  19. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    Clause 4.4 comes in two parts, one part (i.e. 4.4.1) provides us the list of important elements for a process such as inputs, outputs, resources, performance indicators, etc. The second part (4.4.2) prescribes us what documents should we maintain/retain to describe how we can make use of the important elements to effectively operate the processes. Various documented information can be employed to support the requirements in clause 4.4 such as:
    • process maps
    • flow diagrams
    • procedures
    • instructions
    • performance targets
    • reports
    • charts
    • audit reports
    • budget plans
    • job descriptions
    • risks identification documents
    • change orders
    • action plans
    • and so on...
     
  20. jamescrockford

    jamescrockford Active Member

    Joined:
    Aug 1, 2017
    Messages:
    69
    Likes Received:
    18
    Trophy Points:
    7
    So, could we theoretically rate the risks highlighted in the SWOT using a simple likelihood/impact system (Low, Medium, High) and then make plans to address in order of risk level? Would a spread sheet with this info as well as a columns spelling out action owner and plans to determine effectiveness be useful?

    I'm desperately keen to keep things as simple as possible.