There is a list of "Expected Process Maps" listed below. Is it a requirement to somehow document how these processes work- be it with a flow chart or describe with words or other? If they aren't required, is it beneficial to make process maps for each of the processes listed below? I think I may kind of be missing the point of the exercise as some of it sort of seems like busy work.

Expected Process Maps

Planning (5.4, 7.1, 8.1, 8.5.1)
Management Review (5.6)
Resource Management (6)
Training (6.2.2)
Customer Processes (7.2)
Customer Communication (7.2.3)
Design and Development (7.3)
Purchasing (7.4)
Operations Control (7.5.1)
Product ID / Traceability ( 7.5.2)
Customer Property (7.5.4)
Preservation of Product (7.5.5)
Validation of Processes (7.5.2)
Process Measurement / Monitoring (8.2.3)
Product Measurement / Monitoring (8.2.4)
Analysis / Improvement (8.4, 8.5)

The key is to look at where 'Documented' procedures are required. There are 6 in ISO 9001.

I have used the description of Expected Process Maps because usually for those beyond the 6 required, in all but the smallest companies a documented procedure will probably be a practical neccessity. I apologise if I have confused anyone using the phrase Expected Process Maps.

NOTE: I say Process Map which I equate with the term Documented Procedure.

I don't at all mean this in the wrong way but, where did you get that list from? Is that something generated over time through experience?

Just curious where that list came from. Thanks.

It may have been a little misleading for me but I do certainly understand and appreciate its intent. The reason I asked if it was a requirement is I fear leaving out a large amount of documentation. However, I do now understand the only real requirements are the Quality Manual, 6 Documented Procedures, and Records.


Ryan

I don't at all mean this in the wrong way but, where did you get that list from? Is that something generated over time through experience?

Just curious where that list came from. Thanks.
It's in a lot of threads here from many people who don't search well and can't / don't find one of the threads, and then starting a new thread and asking "What are the required procedures?" It started before ISO 9001:2000 was released as drafts circulated. People read the standard, compared it to the 1994 revision and in summary came up with lists of 'requirements'. The list has also been in many magazine articles, in one form or another, since 2000-2001.

The list is also in Implementing a Quality Management System (http://Elsmar.com/Imp/).

It may have been a little misleading for me but I do certainly understand and appreciate its intent.
Well, I wanted to jump in quick so that the 'Expected' verbiage is understood. Only VERY small companies will 'get away with' only 6 documented procedures.

One other thing, the processes listed are ones requiring records, if I remember correctly.

Well, I wanted to jump in quick so that the 'Expected' verbiage is understood. Only VERY small companies will 'get away with' only 6 documented procedures.


How small is small? Will about 55 employees fall into that catagory. It almost seems that documenting some of the other processes would just be busy work. I truly am trying to be optimistic but having a hard time seeing the benefit of an indepth procedure. Perhaps a brief description of some of the main processes work could be helpful to me and others? That could be it.

The key is to look at where 'Documented' procedures are required. There are 6 in ISO 9001. I have used the description of Expected Process Maps because usually for those beyond the 6 required, in all but the smallest companies a documented procedure will probably be a practical neccessity. I apologise if I have confused anyone using the phrase Expected Process Maps.

Marc

Have we all missed the point?

Aren't we supposed to get a team together and map (aka document) our key business processes? And while we are at it use the opportunity to simplify things?

Then simply do a gap analysis using the ISO requirements.

So who cares if ISO requires 6 documented procedures?

The business may need 5, 10 , 1,000 documented procedures or perhaps even none.

We should avoid the dark side of ISO implementation, with the ISO coordinator in a room, cutting and pasting shall clauses...that way leads to the dreaded plak on the wall and no value obtained from ISO....just added costs....

I did one training session where I asked people to imagine they were starting a company from scratch, what would they need to set up?

I broke them into teams, then collected everything onto flip charts. No one team had a complete business model, but all the charts together came close to being comprehensive.

Then I asked them how much they would pay for a simple guideline to company design that would prevent 99.99% of common business problems.....we concluded that ISO was way under priced.

The key is to look at where 'Documented' procedures are required. There are 6 in ISO 9001. I have used the description of Expected Process Maps because usually for those beyond the 6 required, in all but the smallest companies a documented procedure will probably be a practical neccessity. I apologise if I have confused anyone using the phrase Expected Process Maps.Marc

Have we all missed the point?

Aren't we supposed to get a team together and map (aka document) our key business processes? And while we are at it use the opportunity to simplify things?

Then simply do a gap analysis using the ISO requirements.

So who cares if ISO requires 6 documented procedures?

The business may need 5, 10 , 1,000 documented procedures or perhaps even none.

We should avoid the dark side of ISO implementation, with the ISO coordinator in a room, cutting and pasting shall clauses...that way leads to the dreaded plak on the wall and no value obtained from ISO....just added costs....

I did one training session where I asked people to imagine they were starting a company from scratch, what would they need to set up?

I broke them into teams, then collected everything onto flip charts. No one team had a complete business model, but all the charts together came close to being comprehensive.

Then I asked them how much they would pay for a simple guideline to company design that would prevent 99.99% of common business problems.....we concluded that ISO was way under priced.


Amen to the whole post! :applause:

Caster:"We should avoid the dark side of ISO implementation, with the ISO coordinator in a room, cutting and pasting shall clauses..."


"The force Luke, just use the force" :cool:

How small is small? Will about 55 employees fall into that catagory.

I'd doubt it. Mine is about 40 employees and there is no way we could get by with only "Da' Magic 6".

When I was taking a class on implementing quality management systems, there was a company that existed of only 3 people there. And yes, out of need, they implemented more than the required six. (I bet internal auditing was fun there!)

I'd doubt it. Mine is about 40 employees and there is no way we could get by with only "Da' Magic 6".

When I was taking a class on implementing quality management systems, there was a company that existed of only 3 people there. And yes, out of need, they implemented more than the required six. (I bet internal auditing was fun there!)


...allow my to climb back on my soapbox for a minute, and shout..."there is no "required six" procedures. Cl 4.2.1.c and 4.2.1.d must be read together. The 6 (or 7) are just a starting minimum PLUS any others that an organization needs. I don't see anywhere that implies that's all they thought an organization needed. For pete's sake, they aren't even the most significant ones.

...thanks, I feel better now...

Deep breaths hjilling.

That's why I call them "Da' Magic 6". I have read "informative" articles and have been told by consultants and auditors that "the minimum number of procedures required is six". You could also run a company out of a cardboard box but is that practical?

Of course once one sits down and truly examines the standard they will find a lot more applies to their organization than just the six procedures. A better angle of attack might be to assume the whole standard applies to ones organization and then work on exclusions from there. This is opposed to going in with the "what's the minimum I have to do" attitude.

Deep breaths hjilling.

That's why I call them "Da' Magic 6". I have read "informative" articles and have been told by consultants and auditors that "the minimum number of procedures required is six". You could also run a company out of a cardboard box but is that practical?

Of course once one sits down and truly examines the standard they will find a lot more applies to their organization than just the six procedures. A better angle of attack might be to assume the whole standard applies to ones organization and then work on exclusions from there. This is opposed to going in with the "what's the minimum I have to do" attitude.


Yes. The interesting thing is, the new standard is not even about procedures. The focus is on the processes of one's organization. The documents are just tools we create to help run the processes. If we start with the development of the processes, it will naturally lead to whatever instructional documents we end up needing. I think that was the intent in the first place.

Couldn't agree more with Caster and Hjilling...

Magic 6? In fact, you don't even need 6. ISO does require a documented procedure in 6 specific areas - but it does not specify 6 individual procedures. For example, you could combine, say, document control & records management into a single procedure, or combine nonconformance, corrective & preventive action into a single one also.

Would it work for a small service-based company? Yes. Have I done it successfully and more than once? Again, yes. But (before you yell at me), would that suit a quality management system for a large, complex manufacturing organisation? Probably no.

It always depends.

1. I don't equate a process to a documented procedure. Preferably I focus on end-to-end processes overall. Sometimes you need one or more procedures for a process (& even some detailed instructions). Sometimes you don't. What's the point of business processes? To map the flow, to see the inputs & outputs, to see if there are extra steps, redundancies, to identify risk points and where control is needed... and so forth.

2. I can't see much point in having separate procedures for corrective action & preventive. I've yet to find anyone other than the person who wrote it that understood, let alone found useful, a procedure solely focussed on preventive action!

3. I totally agree that if we start with the development of the processes - what the organisation actually does - , then that will lead to whatever documents are needed (or not), and in what format, be that paper, or increasingly, online, and even better, to workflow embedded into well-designed computer/IT systems.

I just got back from visiting an organsation who had a complex, over-documented system. Was there a procedure for each and every ****ed clause? **** yeah - and often one for a sub-clause too. But did it work? Well, OK, it got 'em through the audits for 9001 and 14001. BUT everyone in the organisation (including the MD) hates it, and won't go near it!

Don't blame 'em. A wordier, more obtuse system I've rarely seen. And of course once the QA Manager (who wrote it, jealously guarded it, and attempted to bludgeon everyone in the organisation into it) left... it's useless. And that is not quality in my mind.

To go back to the thread title, you don't necessarily to document specifically 'how' these processes work. Sometimes, with skilled people you don't need to. But you should be able to indicate the broad flow of things via the processes. If not, what's the point?

Marc

Have we all missed the point? .......
Each company has different needs. Yes, it is a great idea to flow chart things out, for example, and evaluate existing processes. That's a good start, but again it is company specific in so far as how far and how detailed one wants to go.

As to combining procedures, sure - if it's feasible. I've seen small companies where the quality manual contained all the procedures, such as they were, in the one document about 50 pages long. They had simple processes.

This is also seen in document identification systems. Some companies need complex numbering systems (e.g.: Motorola) because of the size and diversity (product and locations) of the company. I have had small clients where no number was used - Documents were identified on a Master List by their name.

You won't catch me on the over documentation band wagon. For over 15 years I have worked with companies and almost always we were able to reduce the amount of documentation. I have explained to clients that the requirement for a procedure vs. a 'documented' procedure should be understood, but that ISO 9001 (even the 1994 version) wasn't so much about having every 'procedure' documented anyway.

The important aspect to consider in this discussion is that the amount of documentation required by any specific company is strictly a function of the company size, the complexity of it's processes, standards requirements and related factor.

A related discussion thread: Can multiple procedures count as one? (http://elsmar.com/Forums/showthread.php?t=16390)

See this discussion: Corrective Action (CA) and Preventive Action (PA) - One or Two Procedures? (http://elsmar.com/Forums/showthread.php?t=5985) - A lot of people look at what is almost a black and white issue in shades of gray.

Also good reads: Preventive and corrective procedures - Separate Procedures? Special Procedures? (http://elsmar.com/Forums/showthread.php?t=4836) and an early discussion on this: Corrective vs. Preventive Systems and Procedures - Separate Procedures? (http://elsmar.com/Forums/showthread.php?t=2694)

As always, it's KISS with consideration to the existing realities such as company size, product(s), locations, processes, etc.

Well said, Jane.

Magic 6? In fact, you don't even need 6. ISO does require a documented procedure in 6 specific areas - but it does not specify 6 individual procedures. For example, you could combine, say, document control & records management into a single procedure, or combine nonconformance, corrective & preventive action into a single one also.

In fact, I have several small accounts where they collapsed the procedures into the quality manual. They have one document, maybe 20 or so pages, that define the basic procedures in all areas. Then, they back that up with relevant work instructions and forms. Pretty clean, simple and certainly useful.

Several posts were split to The Value of ISO 9001 Registration and the 'Dark Side' of Implementation (http://elsmar.com/Forums/showthread.php?t=17495)

Marc, when I click this link, it just returns me to this same thread?

Link fixed. Thanks for the Heads Up!

...allow my to climb back on my soapbox for a minute, and shout..."there is no "required six" procedures. Cl 4.2.1.c and 4.2.1.d must be read together. The 6 (or 7) are just a starting minimum PLUS any others that an organization needs. I don't see anywhere that implies that's all they thought an organization needed. For pete's sake, they aren't even the most significant ones.

...thanks, I feel better now...


HJ,

I think maybe being on the "soap box" can be beneficial, however, the terms "minimum and required" could be semantics. ISO9001 "requires" 6 "minimum" documented procedures, and that the organization should determine and document and critical processes that they feel might impact the Business Structure (paraphrased not exact in what ISO9001 requires).

After the "minimum" "required" procedures the Business unit needs to determine the other processes that are critical. Document and determine the controls of those processes. In my opinion.