Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

ISO 9001:2015 Exclusions

Discussion in 'ISO 9001:2015 - Quality Management Systems' started by Ana Rodrigues, Oct 27, 2017.

  1. Ana Rodrigues

    Ana Rodrigues New Member

    Joined:
    Oct 27, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Dear all,
    I am new here but I think is great to have found this fórum to share ideas and practices and to post questions.
    I have one question about exclusions, that is: can I exclude a site (a location) from the ISO 9001:2015 certification?
    In detail: my organization sells equipments and provides technical assistance services. We have the headquarters in the location A (about 150 employees) and an office in the location B to support about 20 vendors and service technicians. All the processes are managed in the headquarters. Is it possible to ask the certification only for the headquarters, i.e., location A?
    Thank you very much in advance!
    Ana
     
  2. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,716
    Likes Received:
    1,884
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Yes you could do that. Some things you might want to consider are:

    What would your customer(s) perceive if you don't include location B?
    What message are you sending to employees if the site isn't included in the certification?

    Are you thinking to reduce the total cost of certification by excluding location B? Have you talked to a Certification Body to see what the differences in certification costs would be? I think you might find it's not that much more...
     
  3. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    867
    Likes Received:
    608
    Trophy Points:
    92
    Location:
    USA
    Welcome to Quality Forum Online!

    Your question should be presented to your registrar. Very often a certificate will be issued with both corporate and production sites on it, each listing the context of what happens at that site. Registrars often insist that production sites, or those that support services, be included in the certificate and audit schedule.
     
  4. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,716
    Likes Received:
    1,884
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Hopefully, only if it's within the scope of the QMS. Even then, they shouldn't be dictating such things to clients...
     
  5. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,172
    Likes Received:
    867
    Trophy Points:
    112
    Location:
    Laguna Philippines
    Clause 4.3 requires us to "state the types of products and services covered" in the scope of the QMS. So if you want your certificate to cover "selling of equipment AND provision of technical assistance services", you need to ask yourself - can we deliver both products and services to our customers by location A alone? Can we satisfy their needs and expectations by location A alone? If so, then you can exclude location B.
     
  6. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    867
    Likes Received:
    608
    Trophy Points:
    92
    Location:
    USA
    Accrediting bodies have been pressing for this, not just registrars or their individual auditors. It helps avoid a scope that excludes critical production areas and leaves only the easy parts, just for the purposes of obtaining the certificate.
     
  7. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,716
    Likes Received:
    1,884
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    It's the client's choice. If they choose a limited scope, it becomes a case of "caveat emptor" which ALL supplier relationships are based on...
     
  8. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    867
    Likes Received:
    608
    Trophy Points:
    92
    Location:
    USA
    Choice can limit scope to an extent, but a client that wants a certificate that says "The manufacturing and distribution of..." would logically need to include the sites that do those activities.

    Please refer to the guidance document that explains the IAF expectations: ISO 9001 Auditing Practices Group Guidance on: Scope of ISO 9001, Scope of Quality Management System (QMS) and Scope of Certification
     
    tony s likes this.
  9. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,716
    Likes Received:
    1,884
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
  10. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,172
    Likes Received:
    867
    Trophy Points:
    112
    Location:
    Laguna Philippines
    Since this is true, CBs should be cautious in allowing their certificates to be used by companies with limited certifications. We have so many of such companies here in my country. Mostly, are government owned or controlled corporations. This happened because the previous head of the government incentivized certification to ISO 9001:2000. By then, government corporations who get the certificate, get the bonus - regardless of the scope. This is being practiced until the present administration. Because of this, we have:
    a light rail company that only covered its "train crew management" (the operations, maintenance, and other processes are excluded);
    a social security agency that only covered its "members registration process" (provision of the social security products and services are excluded);
    a land transportation office that only covered its "drivers license issuance" (vehicle inspection, registration, and its other functions are excluded);
    an aviation authority that only covered its "aeronautical information services" (air traffic, air navigation, inspectorate and other services are excluded);
    and a lot of agencies that only covered their "front-line services" (their main functions are excluded).

    Why all of these happened? Because CBs allowed them to choose only those that they can easily apply the requirements of ISO 9001:(
     
  11. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,716
    Likes Received:
    1,884
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    True, Tony, however, it's often the motivation of management/customers who demand "ISO Certification" as a blanket statement without qualification of what it should apply to. CBs will always do what they can get payment for. If anyone should be pushing for change - and NOT on the CBs - are the Accreditation Bodies!
     
  12. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    867
    Likes Received:
    608
    Trophy Points:
    92
    Location:
    USA
    Nonetheless, it lists insights on how the requirement is expected to be applied. Though the document is called a guidance document, I can assure you its principles are enforced through registrars' accreditation. The guidance document is available to help explain what 3rd party auditors are asked to look for.

    No, we don't usually spend much time implementing things. Our roles are different: we verify conformance to the standards as per ISO management system, ISO/IEC 17021, IAF documents, and CB procedures.

    Another discussion on the subject is available here.
     
    John C. Abnet likes this.
  13. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    867
    Likes Received:
    608
    Trophy Points:
    92
    Location:
    USA
    I really must take exception to this judgement. It may be true with unaccredited registrars and there are some underperforming accredited registrars, but on the largest part we operate within the requirements of the standards, ISO/IEC 17021, IAF documents, and CB procedures.

    Service and manufacturing sites are included so as to verify things like (clause groups 7 and 8):
    • Correct documentation is being used, even when the updates are managed in Corporate.
    • Materials being incorporated into the end product, including those used by technicians, are purchased from approved suppliers.
    • Suitable and calibrated equipment, as needed, is maintained and calibrations are current.
    • The work environment is suitable to achieve the desired results.
    • Personnel awareness aligns with corporate expectations and actions.
    These are the types of things that are typically verified in person, therefore the site that technicians work out of is included in the system scope.

    Having centralized management system processes is very common in larger organizations. The technicians' scope on the certificate would be limited to those specific activities performed there, and the audit time would be distributed accordingly.
     
    John C. Abnet likes this.
  14. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,716
    Likes Received:
    1,884
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    That is your right. I've been in (and around) the Certification business since 1990 (I worked for the first NACCB/UKAS accredited CB) and I stand by my statement. I've been in clients who are certified FOR design and they never DID design, for example, but the CB still takes the money for the extra time for auditing design. I stand by my statement that scopes are what the CB gets paid for until I see zero examples where the certified scope is different from the core processes of the business.
     
  15. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,716
    Likes Received:
    1,884
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    For auditors, yes. Why put guidance in a backwater which the vast majority of implementation clients never get to discover? If it's got the support of TC 176, why not put it in something like 9004?
     
  16. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    867
    Likes Received:
    608
    Trophy Points:
    92
    Location:
    USA
    Not only is it obscure for clients, it is obscure for some CB auditors. It is unfortunate, and I wonder if that is the cause of some of the variation we see in how the clauses are applied?
     
  17. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    867
    Likes Received:
    608
    Trophy Points:
    92
    Location:
    USA
    It is regrettable to learn these are the circles you have traveled in. My experience is different.

    Have you been a CB auditor or accreditation auditor since 1990? Are you doing that now?
     
  18. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,716
    Likes Received:
    1,884
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    I was a CB LA/supervisor for 4 years. Weekly, I encounter the "aftermath" my clients live with following their CB auditors' visits. The findings are trivial, often pure off-the-wall interpretations and also plain wrong. Just last week, a client told me a CB auditor (from a top 5 CB) was arguing over the word "and". Others have yet to audit some basics like competency - preferring to stick with the age-old "training records". This is the state we're in after 30 years? Frankly, it's pathetic. Even specialized programmes like IATF and AS91XX haven't shown any improvements in auditing. Just a quick look at the IATF CB's top 10 majors shows they are waaaay off base with non-conformities. The wheels have come off the certification process from what I've seen...
     
  19. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    715
    Likes Received:
    352
    Trophy Points:
    62
    Yes they have. Instead of major and minor they should categorize findings as substantive and non-substantive. The vast majority of our findings have been non-substantive, i.e.; maybe we misinterpreted how to complete part of a control plan 10 years ago, but it's been working great nonetheless. Now, as you indicate they are required to audit things which are basically opinion - competency, context of the organization, interested parties, etc. It's only going to get worse.
     
  20. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,716
    Likes Received:
    1,884
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    I've yet to see them competently audit this stuff...(by which I mean they avoid it)
     

Share This Page