1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

What is reasonable to expect from consultants?

Discussion in 'ISO 9001:2015 - Quality Management Systems' started by --Jessica--, Nov 17, 2016.

  1. --Jessica--

    --Jessica-- Member

    Joined:
    Nov 17, 2016
    Messages:
    10
    Likes Received:
    9
    Trophy Points:
    2
    Hello Quality Forum - long time reader first time poster. The frustration that has pushed me to post my own thread:

    We paid what I consider a large sum of money to some supposed consultants to aid us in upgrading from 2008 to 2015 standard of ISO 9001. Based on what we have received, I feel like we were scammed. Can anyone give a reality check on what can reasonably be expected from a consultant?

    The package was supposed to include:
    - Training for (5) individuals for: Process Approach, Management Review, Risk Assessment, Auditor
    - Gap Assessment
    - Consulting for Upgrade
    - Documentation Update Support on the basis of the GAP assessment
    - Registration audit support

    So far, what we have received:
    (After sending our QMS documents via e-mail)
    - 6 new "procedures" - each procedure consists of a copy-paste of the clause with words like "must" changed to "does". (pasting a sample below)
    - Access to online "training" courses that are very similarly written.
    - A partial copy of our QMS documents sent back with new numbers/revisions updated.

    Is this typical? Or did we in fact get scammed?

    Thank you in advance for any feedback!


    ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

    Example of a procedure they sent for 4.0 Context of the Organization:
    ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

    4.1 Understanding [Our Company] and its context

    [Our Company] does determine external and internal issues that are relevant to its purpose and its strategic direction and that affect its ability to achieve the intended result(s) of its quality management system.

    [Our Company] does monitor and review information about external and internal issues.
    • Issues can include positive and negative factors or conditions for consideration.
    • Understanding the external context can be facilitated by considering issues arising from legal, technological, competitive, market, cultural, social and economic environments, whether international, national, regional or local.
    • Understanding the internal context can be facilitated by considering issues related to values, culture, knowledge and performance of [Our Company].

    4.2. Understanding the needs and expectations of interested parties: Due to their effect or potential effect on [Our Company's] ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements, [Our Company] does determine:

    1.1.1. the interested parties that are relevant to the quality management system;

    1.1.2. the requirements of these interested parties that are relevant to the quality management system.

    [Our Company] does monitor and review information about these interested parties and their relevant requirements
     
    alipasa likes this.
  2. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    816
    Likes Received:
    402
    Trophy Points:
    62
    What is a large sum? But I guess it depends on your expectations. Was this all supposed to be "online" or where they supposed to be present? It's not uncommon to use templates, but they should be modified to fit your company specifics. At the end of the day, the company has to be willing to put the time into the details of its system. It's not something you can really farm out.
     
  3. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Sadly, this is what some consultants think is a) all that's required and b) will be enough to be acceptable (to an unknowing client or a CB auditor). Of course, it is partly dependent upon your organization to understand quite what they're getting, but clearly (to you) this isn't what implementing (or documenting) a QMS is about. I'd be looking for a refund...
     
    Last edited: Nov 17, 2016
    Niko90 likes this.
  4. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    If the consultants recommended your organization to document a procedure for "understanding your organization's context and needs/expectation of interested parties", then, I'm certain that they don't understand the requirements for Clause 4. What value will you get from having a documented procedure as pasted in your post? You don't need to re-write the statements in the standard and replace the word "organization" to "Our Company". My grade school son can do that for a box of doughnuts.
     
    Niko90 likes this.
  5. --Jessica--

    --Jessica-- Member

    Joined:
    Nov 17, 2016
    Messages:
    10
    Likes Received:
    9
    Trophy Points:
    2
    Thank you everyone for your feedback and validation! We are a small company without a huge infrastructure of resources, but we do our best to follow the standard in earnest and use it to our benefit. When reaching out to consultants, our intention was not to farm it out, but rather to be guided in developing practices that would satisfy the new requirements as well as learning how to apply them in a meaningful way that would benefit our organization. We don't want to just scribble some words down on formatted word documents and forget about them for a year until it's time to satisfy an auditor. I feel the latter is what the consultants gave us. It's disappointing.


    I am being vague about sums/details in effort to be sensitive to my employer's wishes for confidentiality. It was thousands, but not tens of thousands. For the size of our company, it is a significant amount.

    Ha, I have been considering that as well, but am not optimistic. In an ideal world!


    You hit the nail on the head... that was almost my exact reaction.

    ~ ~

    Thank you again for the responses.

    It's too late for this upgrade (I don't believe my employer is wanting to shell out for a second consultant, so we'll have to DIY using online resources such as the information I find in this helpful group), but lesson learned for next time.
     
  6. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    I'd be careful of this approach too. The DIY resources (this group excepted) aren't much better in many cases and you may well fall for exactly the same snake oil, because it seems cheaper. As with all experiences, they come at a cost. Instead of looking for cheaper, to save cost, look at what you are getting, maybe hire a remotely based consultant who can provide guidance etc and it'll actually be more cost effective.
     
  7. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    816
    Likes Received:
    402
    Trophy Points:
    62
    As a small company, my suggestion to you is to find a peer group to work on this together. When we started, we had 5 or 6 companies who met with a consultant on a regular basis (like every month, or 2 weeks). It was run thru our local trade association. He gave us a template, as an example. We would go over a section of the standard and then go back to our offices and modify the template to our company. We would then review at the next meeting. It worked really well. It allows you to get your hands dirty and work the standard to your company, with advice and guidance form a knowledgeable expert and similarly situation companies. But it takes time. Good luck.
     
    Atul Khandekar likes this.
  8. MCW8888

    MCW8888 Well-Known Member

    Joined:
    Aug 17, 2015
    Messages:
    642
    Likes Received:
    198
    Trophy Points:
    42
    You can do this exercise yourself by seeking guidance for the Moderators of this forum via their private emails. The moderators serve as consultants "par excellent" with only one goal - to help you implement your system.
     
  9. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    Since your organization is already certified to the 2008 version, IMHO you don't need to document additional procedures. The 2015 version only gives emphasis on the following:
    • context of the organization - to clearly define your QMS scope;
    • compatibility of your quality policy and objectives with your organization's context and strategic directions;
    • use of RBT mindset in planning your QMS (i.e. strategic planning and/or operational planning);
    • for RBT at strategic planning, usually will result to defining the organization's strategic directions - you can make use of planning tools like SWOT analysis. This approach can satisfy clauses 6.1.1, 5.1.1d;
    • once you established your strategic directions, support them by establishing your organization's quality policy and objectives. This will satisfy clauses 5.1.1b, 5.2.1a, 6.2;
    • for RBT at operational planning, usually will result to determining the controls needed to address risks/opportunities - you can make use of tools like FMEA or just a simple matrix identifying each step of the process/procedure, the associated risks/opportunities and the actions needed to control them. This will satisfy clauses 6.1.1, 6.1.2a;
    • once you identified the controls to address risks/opportunities using your tool, integrate them to your organization's procedures (whether documented or not), This will satisfy clauses 6.1.2b1, 4.4.1f;
    • let your internal auditors evaluate the controls/actions already incorporated to your procedures to address risks/opportunities. This will satisfy clauses 6.1.2b2, 9.1.3e;
    • if they find NCs, update your FMEA or matrix of risks/opportunities. This will satisfy clause 10.2.1e;
    • the result of the evaluation of your auditors on the effectiveness of controls/actions to address risks/opportunities should be reported to your top management. This will satisfy clause 9.3.2e.
    If you've sufficient evidence on the above items, I believe you have already covered the new requirements. The rest are the same with 2008 requirements.
     
  10. --Jessica--

    --Jessica-- Member

    Joined:
    Nov 17, 2016
    Messages:
    10
    Likes Received:
    9
    Trophy Points:
    2
    Wow, very good information, Tony! Thank you very much! I've saved that to dig through and reference when I get stuck in these sections.

    Thank you all for your other suggestions on obtaining assistance!
    Very much appreciated.
     
    tony s and Atul Khandekar like this.
  11. Nick1

    Nick1 Member

    Joined:
    Jan 27, 2016
    Messages:
    49
    Likes Received:
    20
    Trophy Points:
    7
    Hi Jessica,

    Was this exercise all done over the internet? I have been a consultant for a couple of years and to me it seems pretty hard to do all these things without ever visiting the company or just once for that matter. As a consultant I always needed a feeling with the team and the company itself. I cannot even imagine that someone would offer a service like this cause he/she is missing a lot of background information about the company.

    Even now when I recommend a consultant to a company I always tell the company that they should have a good feeling with the consultant. You become a team with the consultant even if it is temporarily.
     
  12. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    The sad fact is that this is no different to those who sell "ISO-in-a-Box" solutions.
     
    Nick1 likes this.
  13. Eric Twiname

    Eric Twiname Well-Known Member

    Joined:
    Jul 31, 2015
    Messages:
    329
    Likes Received:
    232
    Trophy Points:
    42
    Location:
    Northeast USA
    Out of curiosity...what did the Gap Assessment identify? Words, or actual Gaps?
     
  14. MCW8888

    MCW8888 Well-Known Member

    Joined:
    Aug 17, 2015
    Messages:
    642
    Likes Received:
    198
    Trophy Points:
    42
    The best consultant is in this forum. I am surprise at the procedures this consultant left you to do.
     
  15. PSRiordan

    PSRiordan Member

    Joined:
    Dec 14, 2016
    Messages:
    13
    Likes Received:
    9
    Trophy Points:
    2
    Hi, I'm new to this forum. Recognizing that this thread is from last month, I'd like to add something.

    Creating a procedure around 4.0 is a) not required and b) not useful as a regurgitation of the standard.

    A useful exercise would have been for the consultant to facilitate a session with the management team where context of the organization is discussed and documented by the management team - likewise for interested parties - and risks/opportunities associated with both. The idea then is to determine whether actions need to be taken to a) reduce or eliminate the current risk, or b) capitalize on an identified opportunity. Risks and opportunities are to be considered at the process level as well, so the consultant could have facilitated similar sessions at the process level with the process owners. Now THAT would have been of value.

    Just my thoughts.
     
  16. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Jessica: In rereading your initial post it occurs to me that anyone who is still thinking that implementing "ISO" is about "Say What You Do, Do What You Say" (a mantra regarding ISO 9001 from the early 90s) hasn't grasped the fact that the requirement for documentation now rests with the organization to determine - in alignment with their context. Indeed, one of the aims of the drafting committee, TC 176, was to REDUCE the prescriptive requirements for manuals, procedures etc. so, clearly the consultant didn't get that particular "memo"...
     
    --Jessica-- likes this.
  17. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    Just to add with Andy's above post. Annex A.4 of ISO 9001:2015 standard states:

    The risk-based thinking applied in this International Standard has enabled some reduction in prescriptive
    requirements
    and their replacement by performance-based requirements. There is greater flexibility
    than in ISO 9001:2008 in the requirements for processes, documented information
    and organizational
    responsibilities.
     
    --Jessica-- likes this.
  18. --Jessica--

    --Jessica-- Member

    Joined:
    Nov 17, 2016
    Messages:
    10
    Likes Received:
    9
    Trophy Points:
    2
    Hi all! Got lost in our implementation and never got back to this...
    Yes this "consultant" was done all over the internet. I realize now that it was not a true consultant but more of an ISO in a box companies that was mentioned above (I imagine that they were originally chosen because of a low price tag, but as long as I'm here we won't be using them again.)

    We had to do most of it ourselves in the end... Some of the new procedures do in fact feel prescriptive, but they basically just ended up being flow charts that that tie our procedure numbers into the process/requirements. (If that makes sense.)

    We passed our 2015 audit with only recommendations, no NCs... so I feel like we are on the right track at least.

    Thank you all for the reality check on what I should be expecting from a true consultant... the conclusion is that we didn't actually get any consulting, but someone offering a very crappy "in a box" solution - and to not fall for that again.