I was reading in a news group - misc.industry.quality - and found the following message dated 6 January 2000:

- --> Subject: Free ISO 9000 Gap Analysis Audits for Florida
--> businesses:...
--> We are offering free one or two-day ISO 9000 Gap Analysis audits for
--> Florida businesses interested in pursuing ISO 9000 registration.
--> There are no strings attached, no hidden charges and no contracts
--> required. Full audit report is sent free as well. Not all industries
--> and locations are eligible. References from other free audit
--> recipients available for your review!
--> for more details, and to see our travel limits.

I went to the web site and found this on their Rapid ISO 9000 Implementation page:

--> OQR's "Rapid ISO 9000 Implementation Program"
-->
--> And, for your company's first registration audit --- always the most
--> difficult! --- OQR will represent the Quality System to the
--> registrar of your choice, acting as temporary "Management Rep" for
--> the audit.

My comment was I have not run into a registrar which would let me serve as Management Rep during the audit. However, back when I started doing this in 1993 that was not allowed and I have not since even considered trying to use what I consider a questionable approach. Has anyone else seen this approach used?

I must admit I also find their "40 day" implementation claim as quite optimistic for 99% of the companies out there. I would think this not possible on the basis of the requirement for some historical evidence of systems performance (including a round of internal audits) unless the company was essentially compliant to begin with (in which case a month and a week. From their web site:

--> If your company is on the "fast track" to ISO 9000, check to see if
--> you may be a candidate for OQR's proprietary --- and proven! ---
--> "Rapid Implementation Program," which may be able to get your system
--> ready for registration in as little as 40 days.

OK folks, what say you?

[This message has been edited by Marc Smith (edited 07 January 2000).]

If the consultant has a contract, and that contract has him employed as perhaps...say...the quality manager, even though a contract employee...that consultant may indeed act as the management rep. Not just for the audit.....but for the implementation period.....plus a bit...or even indefinitely...

been there...done that.....from both sides... registrars don't seem bothered as long as there is a contract clearly giving the contract MR the responsibility and authority that goes with the job

[This message has been edited by barb butrym (edited 07 January 2000).]

Although I know consultants who are management reps., I'm glad I don't have to audit them cause I think I'd have an issue with it. I think (I don't have my ISO book in front of me) somewhere in ISO 4.1.2.3 it says something about the management rep being appointed by the supplier's management and be a member of the supplier's own management.

Of course I think there are exceptions (2 person company, clearly defined contract, etc..), but for the majority of companies I would have to say there was an issue.

I would have a bigger issue with the stated approach that they will handle the MR job "temporarily"...for the initial assessment. I just envision a group of consultants being the only folks the registrar talks too....the info quoted from the website doesn't give me the "warm-fuzzy" that the company will be left with the ability to sustain their status. Maybe there is a registrar out there that has audited one of their companies that can respond?

On the consultant/contract management rep...I think that's exactly how smaller companies need to handle things. Many don't have the need for a full time quality person.

I know this approach keeps me busy.

From: misc.industry.quality

The key here is that this is intensive, on-site, full-time consulting up to and including the registration audit. Note that this approach is harder to pull off for consultants who only show up a day a week, or less, or who simply give the occasional seminar to management. Nothing in the ISO standard nor RAB requirements prohibits a company from utilizing a temporary employee as a member of its management (or in any other capacity) so long as the employee is authorized [4.1]my company acts as a temporary Management Rep for its clients (if need be--- this is more common for small companies.) This approach has been accepted by a number of major registrars, including SGS, NSF, and U/L, and used since 1988. Registrars DO however like to see that a permanent member of the staff is "in training" for future surveillance audits, but again one could challenge them on it. This we document at the opening meeting attendance sheet, where the future "permanent" ISO rep signs in as such.

The language of the standard is indeed specific about a "member of the supplier's management" acting as rep, but it does not say anything about the hourly requirements or employee status of ANY individual within an organization. For example, if a supplier's Quality Manual references a "QA Manager," in no way does ISO care if that QA Manager works 40 hours a week or merely 12, so long as the person is empowered by top executive management, that the empowerment is documented, and that the person is trained. The ISO standard neither intrudes on the client-consultant relationship, and speaks plenty on "subcontractors." OQR --- in effect a subcontracted, temporary Manager --- therefore requires in its contracts that the OQR agent be empowered as either ISO 9000 Administrator or Co-Administrator (if another employee is available to fill the role already). The contract may then be provided to a registrar if required (although none of the aforementioned --> registrars have ever asked to see one.) OQR also requires it be included on the client's Approved Vendor List (or equivalent.)

By the way, in one particularly difficult situation we had to deal with, the QA Manager (and ISO Rep) quit two days before the registration audit. We had no time to reschedule, and had to take our lumps. However, the registrar (International Management Systems) was flexible with us on this obviously troublesome arrangement, and allowed us to sign in an ISO-knowledgeable Engineering Manager as "Acting ISO 9000 Administrator." Of course, at the six-month surveillance audit he expected to see a permanent staff member fill the role (and he did.)

Likewise, I have spoken to a new registrar and discovered that they in fact hired a consultant to help setup the registration company to meet all the RAB requirements, and the RAB had no problem with it, and accredited the registrar. I suspect if ISO had a problem with this arrangement, it would have showed up at that level!

> By the way, I would hope that a company's 'first registration audit' is
> their LAST registration audit.

Not completely true. Most registrars operate with one of two contracts: an open contract with an initial registration audit followed by ongoing bi-annual surveillance audits, in perpetuity; or a closed-end contract (usually three to five years) where following the initial registration audit there are annual surveillance audits until the contract ends. At that point, their ISO certification ends as well, unless a new contract is signed, and the client must undergo a full "initial registration audit" once again. In both cases, a client may (of course) at any time cancel or expire a contract and sign a new one with a different registrar. Clients weigh the pros and cons of both methods, although I prefer the former one as the costs for the client are generally lower.

Originally posted by Christian Lupo:
Although I know consultants who are management reps., I'm glad I don't have to audit them cause I think I'd have an issue with it.

It goes with out saying, some consultants can be idiots...and should not attempt this. It takes one who can be humble.....and professional. I have had the compliment paid at a closing meeting, that the auditor, at first was uneasy with the arrangement, and was reluctant, however once we started he saw a side of consultants that was rare...and he went on to say he found the audit a pleasant experience.....hmmm muct have been my charm...LOL

---Edited to correct html.



[This message has been edited by Marc Smith (edited 28 August 2000).]

I guess that what makes this job so interesting, ya have to take each companies situation on an individual basis.

From: Jim Stewart
Organization: Northern Illinois University
Newsgroups: misc.industry.quality
Date: Wednesday, January 12, 2000 3:20 PM
Subject: Re: Free ISO 9000 Gap Analysis Audits for Florida businesses

In following this thread--which I was not going to respond to because my answer will sound like a "me too" - I can verify that a small company can start from scratch in a relatively (surprising) short time. In 1994, I authored with Peter Mauch and Frank Straka "The 90 day ISO mauual" St Lucie Press ISBN 1-884015-11-5. It includes a short manual and the a proceedire/forms system of compliance. Since each of my coathors has long experience on TAG176, we have never had a major problem with the system meeting compliance. We picked 90 because nobody would believe forty then. A lot of the successful case studies came through Peter's dealings with TMI here in Illinois.

The major difficulty in documentation is that we START with having the documented management quality meetings from the first gap analysis and begin the documented internal audit process before trying to get any procedures. I also think that we expect the company to assume more responsibility than you do, Mr Paris. As to your claim of 40 days, I have absolutely no doubt that it can be met.

Jim Stewart, PhD
Northern Illinois University

[This message has been edited by Marc Smith (edited 12 January 2000).]

A few more thoughts:

------------snippo-------------

From: ISO Standards Discussion
Date: Tue, 11 Jan 2000 10:21:59 -0600
Subject: Re: Consultant as Management Rep /Smith/Naish

From: PNaish

Marc,

I would agree for the most part in what you have said. The registrars I have seen do not want to see a consultant as the "temporary" management representative. However, there are some things that I believe are important to look at.

First, there is one consultant in our area who acts as the management representative and quality manager for several small companies. She does so because the companies are so small and do not have a full time need for one. In her case the registrars allow her to be the representative because it is an on going arrangement - not just limited to initial implementation and she does other quality roles.

I have 2 smaller clients that are on contract and while I do a portion of the work normally done by the management rep such as internal audits, document updates, setting up the review meetings, ensuring their data for reviews makes sense and the like. They still have both a designated management rep and a back up for that person within their company that I work with. I sit in on quarterly and annual quality meetings and ensure all the appropriate information is reviewed. I do not make the final decision on what they do but rather coach them into what to look at and ideas for how they might approach actions relating to them. I also attend their surveillance audits. If I went away they could still manage but would have to pick up the extra work I now do for them.

I agree that a company should be able to stand on their own two feet by the time they get to the audit. The problem however is not always them nor the consultant. The problem can be the auditor. Don't get me wrong. I am not saying the auditors are intending to be the problem, they just come at the audit from a different perspective - that can be an issue.

In all fairness to auditors, they have only a limited period of time to read through documents and try to understand the quality system as well as all the names for things. But since they do so many audits and look at so many documents they think in terms of the words and concepts of the standards. A company does not always think in those terms as they think in terms of what they do and what they call it. As a simple example, I have a client who uses the term work order (which is also on the form they generate) for all sales orders from the customer. The auditor asks the Sales Person about contract review and the contracts and Sales thinks only of the documents generated as standard contracts with the customer. Their ISO Rep is trying to make the connection but the auditor is not understanding what the company is trying to say and the company does not understand the question since the auditor is, in their minds, so specific using the term contract. All I do is indicate the terms used so both are on the same page. We consider that like acting as an interpreter for both sides.

The second reason I believe consultants should be on site during the first audit is the auditor who believes their ways is the only way. And I have to say I have found few auditors who did not have a personal hang up with one section or another of the standard where they believed their way was the only way. As a consultant we live and breathe the standard and usually know it as well as the auditor and know how it applies even better because we have had so much more time with the clients to understand their system and how it works. It is when an auditor is crossing the line and trying to impose their own beliefs of how a company should be run that we step in and support the client.

We can teach them the standard and what it requires but for small companies, where the rep has 20 million other things to focus on besides the standard, they will never have the time to understand all the little nuances and implications of the standard that a good consultant with years of experience in ISO and the quality field have learned. For larger companies with a full time quality professional who has a major focus on the standard they will get there but again it takes time. As a consultant who spends most of their time on quality systems we become the best tool they can use during an audit to help them grow their knowledge.

I for one also think that consultants too frequently think that once a company has their documents they are through. It isn't just getting the documents it is the support in understanding the standard and improving the system. When we are with the company during their first audit, we also note anything that the auditor does not tell them that may need a little more improvement or that the auditor missed and is not what is in their procedure or is different in the procedure from what they are doing.

But like you Marc, I do not like the companies that want to hand you your documents and answer the questions and walk out after the first audit. It too frequently leaves a company unable to perform once the consultant is gone. I picked up a client because this happened and the company got a major non conformance in their surveillance audit because they didn't understand their own documents. The consultant had answered all the questions for all the people (only 12 in the company) and no one knew what to do. The company can now run totally on their own. They have passed 2 audits since then with only one minor on the first and none on the second. They can now do what they should have been able to do after the first consultant left.

Phyllis

------------snippo-------------

From: ISO Standards Discussion
Date: Tue, 11 Jan 2000 10:27:41 -0600
Subject: Re: Consultant as Management Rep /Smith/Speiser

From: Kelly

I have used this technique ONLY under emergency situations where the client Quality Manager was not available. This has happened twice where the client Quality Manager quit and another died. A replacement was not found before the audit nor would have the replacement had any notion of the system anyway. I also played a supporting role to a management representative in that situation where they are new and needed a crutch during the audit. At all times, the registrar knew in advance of my presence and allowed me a little more leeway than normal to answer questions.

Have a Great Day,

Kelly Speiser

------------snippo-------------

From: ISO Standards Discussion
Date: Tue, 11 Jan 2000 10:42:53 -0600
Subject: Re: Consultant as Management Rep /../Taormina

From: Virtuiso

People!

The management rep is not a full time job in most companies. It requires only that someone with a passion for process improvement be the conduit for all of the QMS activities. In fact, the less "hands on" the rep is, the more effective the QMS. The ideal rep should chair the Continuous Improvement Committee, lead management reviews and coordinate CAR and PAR activities.

We have to break the paradigm of ISO 9000 being only a conformance tool and look at it as a profit center. If we use a consultant as the management rep, we will not derive the benefits of ownership of the continuous improvement process and ISO 9000 will be another overhead expense. I refuse to work with companies that do not use ISO 9000 as the foundation for their strategic quality improvement initiatives and I insist that it be directly tied to increased profitability. That requires ownership not compliance.

Tom Taormina

------------snippo-------------

From: ISO Standards Discussion
Date: Tue, 11 Jan 2000 09:41:58 -0600
Subject: Re: Q: Consultant as Management Rep /Smith/Pfrang

From: Doug Pfrang

Section 4.1.2.3 of the Standard states: "The supplier's management with executive responsibility shall appoint A MEMBER OF THE SUPPLIER'S OWN MANAGEMENT who, irrespective of other responsibilities, shall..." (emphasis added).

The Standard clearly requires that the Management Rep must be a member of the supplier's own management. Not a consultant. Not a "temporary" Management Rep.

Given all the other, far more challenging, requirements of the Standard, I am amazed that any company would ever try to float a "temporary" Management Rep past their registrar. It's only an APPOINTMENT. PICK SOMEONE AND BE DONE WITH IT. If that person doesn't work out, then appoint someone else. This has got to be the easiest requirement of the Standard to meet -- it takes all of 2 minutes to satisfy.

If you're going to try to skate something past your registrar, then for gosh sakes pick one that matters.

-- Doug Pfrang

From: ISO Standards Discussion
Date: Tue, 11 Jan 2000 09:55:48 -0600
Subject: Re: Consultant as Management Rep /Smith/Antonov

Yes, Marc! There is a people who say that design and implement a QS is an ordinary work and it can be done for five times less time and for a half money per it. Their usual solution is "20 element in the standard = 20 procedures in your QS"... and don't worry about The Registrar!".

I would prefer instead of "Rapid Implementation Program" to use their abbreviation "RIP".

Boncho

--> Marc Smith wrote in message news:B4A061C1.2471
-->
--> This has been my experience in EVERY registration audit - history
--> of functioning systems. However, I will make the same statement.
--> The requirement will be, however, that 40 day implementation is
--> contingent upon the company having existing, functioning systems
--> prior to the start of the implementation project by at least
--> several months. Which means there's not much to do anyway. On the
--> other hand it may be that the registrar he is working with somehow
--> 'goes on trust' that eventually there will be evidence.

Certainly this is not the case for our clients. Our 40 day implementation takes the client from NOTHING (no policies, no work instructions, etc.) through to registration (by the auditor of their choice) using only one consultant at a time. The registrar's availability obviously affects things, too. We have relationships with certain registrars, for sure, as a function of repeat exposure, but the only "trust" they go on is that if we says they'll be ready in 40 days, they will be. They do not alter their registration audit process in any way, and don't push off anything to the surveillance audit "just for us." If they did, we would advise clients agains using them as a registrar.

I think the approach we bring to implementations in many ways points out the question (at least to the clients we've successfully helped register) "why does it take other companies/consultants SO LONG to implement ISO 9000?" I usually just shrug.

Note, though, that we are not "miracle workers." 40 days only applies to companies with a limited number of employees and sites (see our webpage.) Certainly a large 1000-employee, three-site Harley-Davidson manufacturing plant would not be eligible!

--> I guess my reaction to 40 days and 'temporary management rep' was/is 'Too
--> Good To Be True'.

Can I quote you??

Christopher

-----------

My response: This may work for very small, simple companies, but beyond that I still say 'Too good to be true'.

I couldn't resist just a couple more.....

------------snippo------------

From: ISO Standards Discussion
Date: Wed, 12 Jan 2000 10:25:01 -0600
Subject: Re: Consultant as Management Rep /../Spiliers

With ref to what Doug and Phyllis said, i can support both; but as already mentioned in SME (Small, Medium Enterprises) it is all not so evident.

Knowing that there are companies with only 6-12 employees, it is not so obvious that the Director (in a lot of cases also Owner) appoints someone as Mgmt Rep. So, is it allowed that the role is taken on by the Director??? (since the Standard says: top mgmt shall appoint member of mgmt....) ((i think the Director can take this role)) But, since the Director has already a number of issues to take care of, i would not disagree to appoint a consultant to take on this role, and than in the sense as Phyllis is describing; it can be beneficial to the company in question; and certainly in the beginning years; if that company is really serious, and does it on their journey for continuous improvement in quality, maybe after a couple of years, they will be able to do it on their own without the consultant; and with a better understanding and knowledge which they do not have in the beginning.

So, depending on the situation, there should be some Flexibility,,, and not always look to hard rules, and almost make people hate standards. Once they see and experience benefits, it will become much more evident and logical, and be an incorporated way of acting. Yes, quality takes time, it is education (or RE-Education); it is a way of acting and living. It is an ongoing journey, Quality does not stop by only obtaining and ISO xxx certificate.

kind regards,

Harry

--------snippo------------

From: ISO Standards Discussion
Date: Wed, 12 Jan 2000 10:26:33 -0600
Subject: Re: Consultant as Management Rep /../Taormina/Leben

Tom & list- I recognize our company as fitting the description of ISO900X as a conformance only tool. The thought of ISO900X as a profit center is certainly intriguing and could pump new life, i.e., attention, into our quality system. What shifts need to begin in order to advance beyond simple compliance to ownership (and increased profitability)?

Regards,

R. Leben

FDA Says NO!

---------snippo----------

From: ISO Standards Discussion
Date: Thu, 13 Jan 2000 08:40:09 -0600
Subject: Re: Consultant as Management Rep /../Spiliers/Kutcher

From: Jkutcher

I consult on (FDA matters) for a small N.E. school which uses a medical device, hence the need for compliance to the FDA's Quality System Regulation. Section 820.20, part (b), item (3) addresses Management Representative. The language is taken from ISO 9000.

As an "outside" consultant, I am not allowed to act as the facility's Management Representative. the FDA is very clear on this. They require that this person, in fact, be a member (of the firm's) management.

Jerry Kutcher

From: ISO Standards Discussion
Date: Fri, 14 Jan 2000 08:29:24 -0600
Subject: Re: Consultant as Management Rep /../Spiliers/Pfrang

>With ref to what Doug and Phyllis said, i can support both;
>but as already mentioned in SME (Small, Medium Enterprises) it is all not so
>evident.
>
>Knowing that there are companies with only 6-12 employees, it is not so
>obvious that the Director (in a lot of cases also Owner) appoints someone as
>Mgmt Rep. So, is it allowed that the role is taken on by the Director???
>(since the Standard says: top mgmt shall appoint member of mgmt....)
>((i think the Director can take this role))
--------------snip------------------
>So, depending on the situation, there should be some Flexibility,,, and not
>always look to hard rules, and almost make people hate standards.
--------------snip------------------
>kind regards,
>
>Harry

---------------- Reply--------------

Harry,

You've raised some good questions. For answers, I always go to the Standard, because that is where the requirements -- or the lack thereof -- come from. It amazes me how many people (including my clients and even contributors to this list) try to answer ISO questions without ever referring to the Standard.

As regards appointing the Management Rep, Section 4.1.2.3 requires that "the supplier's management with executive responsibility shall appoint a member of the supplier's own management who...shall have defined authority for: (a) ensuring the quality system meets the Standard, and (b) reporting quality system performance to the supplier's management" (paraphrasing mine). Note 5 adds that the Management Rep may also work with external parties on matters relating to the quality system.

First, as you can see, nothing in Section 4.1.2.3 bars the Director, the Owner, the CEO, the President, or anyone else in management from being appointed the Management Rep. What matters is that SOMEONE in management is appointed. As I said before, this takes 2 minutes.

Second, nothing in Section 4.1.2.3 requires the Management Rep to be an ISO expert. The only two responsibilities of the Management Rep are to ensure that: (a) the company's quality system follows the Standard, and (b) the company's quality system performance is reported to management for improvement. These are both management, not ISO expert, functions; i.e., the Management Rep's role is one of corporate sponsorship, not one of studying the Standard, writing procedures, or discussing interpretations with the registrar. The Management Rep can delegate all of those details to others -- including to outside consultants (see Note 5). What the Management Rep cannot delegate is the role of being the corporate sponsor -- i.e., of ensuring that (a) the company meets the Standard and (b) the company's conformance to the Standard is reported to management for improvement -- because that is what the Standard specifically requires the Management Rep to do. Performing these tasks does NOT require the Management Rep to have any extraordinary ISO expertise, and it does NOT require the Management Rep to do anything beyond (a) and (b). Thus, ANYONE in management can be the Management Rep.

Finally, as regards your comment about wanting the ISO Standard to be more flexible, I have two observations. First, the whole point of having a standard is to create requirements that everyone has to follow. If some companies can get by with not meeting some of the requirements, then you don't have a standard anymore; all you have is good intentions -- and we all know where that leads. Second, in virtually every case where I have heard people complain that the Standard is "too rigid," their complaint rests either on a flawed interpretation of what the Standard says or inexperience in looking for creative ways to comply. These are easily remedied through self-education or hiring a consultant. Thus, there is plenty of flexibility in the ISO Standard -- all we have to do is look for it.

-- Doug

"Using consultants as a management rep" Very bad idea for the company; Who will represent the company during daily business operations when the consultant is gone?
Companies that offer deals such as this make a mockery out of the intent of registration.

Also, you might look at para 11 of apendix B of the QSR, and ask yourself the question "when is a consultant not a consultant". The IRS rules and regs. might also be helpful.

And besides, What company would recognize a consultant as a member of there "own" management team?

Consultants to business is like salt to food; use sparingly and only for the intended purpose.

As Deming said, I can't tell you how to run your business.

From: ISO Standards Discussion
Date: Tue, 18 Jan 2000 08:35:47 -0600
Subject: Re: Consultant as Management Rep /../Naish

Doug,

I agree with the quote you pulled from the standard. The standard says "the supplier's management with executive responsibility shall appoint a member of the supplier's own management". What constitutes supplier's own management? If I work on a part time basis but am included on the organization chart as part of the company's management do I not fulfill this part of the standard? It does not say how many hours they work. It does not say what position they are in. It does not define their own management. I am given the opportunity then to define the term "own management". Therefore if I am part of the management on a part time basis I fulfill this requirement.

It is interesting that you indicate that the management rep only needs to do some of the management aspects. I have yet to find an auditor that does not expect and even audit the management representative for their knowledge of the standard. So if you are saying anyone can hold the title but not know the standard inside and out I would like to know why the auditors from several well recognized registrars disagree with you. I do note they can get help but that is not being interpreted as they don't need to know and understand the standard.

I am curious as to how many companies have tried that approach where the management rep doesn't have to know and understand the standard and it has been acceptable to their registrar. If that is the case I would like to hear from them on how they approached it and how they registrar felt about it.

Phyllis

I sent into the IASG for an interpretation (see below). It should be interesting what the results are.
QS-9000 is specific in Appendix B, #11 that the quality system consultant's role is that of observer during the assessment.
----Does this requirement apply also to pre-audits and documentation reviews?
----Can a consultant be a management representative if put on contract as a temporary employee?
----How is consultant defined?

------------------
Pete Maizitis
TUV Lead Auditor

Sam... you are out of line. Way out of line. The last decade and into the next century have brought about changes in the way businesses are structured. Just because a person...what ever the title....doesn't devote 24/7 to a single company certainly does not make a mockery out of a quality system registration nor does it mean that the company is in trouble.

And the further comments:

"And besides, What company would recognize a consultant as a member of there "own" management team?

Consultants to business is like salt to food; use sparingly and only for the intended purpose."

Are even more ignorant, and show a lack of understanding of the business world today. Certainly the large corporation won't benefit from this.....but not all companies are fortunate enough to have such a juicy budget to maintain a full time policeman....to keep watch while the the rest of the staff ships product.

And I resent the implcation that consultants do not add value to a company..What pray tell is your idea of the intended purpose? Just as in any profession, there are people who take advantage...shall I tell some dirty stories of Quality Managers not performing to par...As in if the QA manager did his job, there would be no need for consultants? Is that a viable analogy? I certainly do not believe that......as a blanket statement, but I sure can attest to plenty of instances....But have the wherewithal to know it does not apply to the entire profession.

From: ISO Standards Discussion
Date: Mon, 24 Jan 2000 14:47:42 -0600
Subject: Re: Consultant as Management Rep /../Naish/Humphries/Naish

Edwin,

You made the following comment:

> I guess the approach is one of outsourcing: buy in the knowledge, through
> a competent consultant (if that's not a oxymoron - oh hush mah mouth!).
> The company, in my view, needs to be expert in what they do: they don't
> need to be expert in tax law, corporate governance, or many other things,
> because the competence can be bought in as required.
>
> A responsible certifier should be prepared to accept this business
> reality, particularly with small to medium enterprises.

I would agree with you except for one thing. If you are saying the consultant is available on call and is like the part time scenerio I had put forth I would agree. If not the problem I would see is the lack of knowledge could be tied to being able to determine if the company is effectively implementing ISO especially when it comes to changes in the system.

The thread started with the comment about the company (companies) who give you canned manual and procedures and walk you through your first audit as the temporary representative. Unless there is good training when the consultant leaves the company does not know if they are doing it right or wrong or if their changes are in line with ISO.

I would like to use a real life case. I am a consultant who picked up a client for this very reason. The company hired a consultant from Europe to come in and help them develop all their procedures and forms and their manual and all. He acted as the rep since at the time he was considered full time even though they were only hiring him for the period of the implementation. (Note he was an employee so he met the criteria regardless of all else). He did well on the first audit and answered many of the questions so they appeared to know ISO and since it was their first year the auditor was trying to be reasonable about how much they understood.

The consultant loosely trained the existing quality manager in the rudiments of ISO. However, no one else in the company really knew or understood the ISO requirements. And they really did not know their procedures or what they meant. The quality manager managed for a couple of years to answer all the questions and thus no one else had to know anything or be involved. However the last year he was there was the change in the standard from 1987 to 1994.

One month before the audit date, he left the company and they hired a new quality manager but in their industry there are few companies who have ISO registration. Unfortunately no one knew anything about ISO and what was required. The company management had not been properly trained and did not know what was required either and did not know where to get help since their consultant was now long gone to places unknown.

The new quality manager tried for a couple of weeks to figure out the system and the standard and left in frustration. However, in the mean time she had managed to get their audit postponed.

They got a new QA manager but the same problem with experience and their system occurred. The did go through an audit and got a couple of major non conformances. This person did some checking and found us through a referral. When I went in and found they knew nothing of their procedures and no one even told them they needed to I realized the first step was training for all the key managers on the requirements.

The point to this is that the consultant had set up a system but had not trained the employees including the person who was to be rep. He acted as a temp as was the proposal the company made with their manual and procedures and temp rep. The company had people but since there was inadequate training they didn't even know what they didn't know.

Interestingly enough, their majors were not against 4.1 management responsibility for ensuring the quality system is effectively implemented. The majors were for not doing internal audits for several months and for not doing corrective and preventive action. There were a number of procedures for other sections they had stopped doing because they did not understand the requirements.

I still think a part time person what ever you want to call them can be a part of the system and can even be a part of the management if they are effectively involved and have authority to get actions or corrective and preventive actions effectively implemented. I do not think a person who is in and leaves right after the audit should be the management rep and whoever is the management rep needs to have a sufficient understanding of the standard to know if the company complies or not. They should have received at least a minimum of training on all sections of the standard and be able to know if they comply or not.

Phyllis

From: ISO Standards Discussion
Date: Mon, 24 Jan 2000 14:53:59 -0600
Subject: Re: Consultant as Management Rep /../Naish/Pfrang/Naish

Doug,

While I agree with some of what you say I am not sure what your experience level is with a variety of auditors and you could be right that it is isolated to the auditors I have dealt with. In the following I will quote specific non conformances and observations made by registrars at my clients sites. I have withheld the name of both my client and the registar as this would be both unprofessional and could present legal problems with confidentiality. I do however, have copies of each the non conformances and observations listed so they are not hypothetical or hearsay as you have indicated. Each of the registrars listed are internationally recognized registrars and have been since at least 1990 that I personally know of. And when I say internationally recognized I mean they have performed audits in countries around the world not just that they have recognition from one of the registration boards.

Registrar 1: did cite my client A on their first audit because they could not show the "Deputy Management Rep" who was the back up to the management rep was adequately knowledgeable in the standard since he could not find the appropriate section of the standard that applied to calibration in their lab. He was doing the calibration but she did not like the methods he used and when he questioned her about the requirements she asked him to show her where in the standard it was. Since their system did not have major minor or the like just non conformances I can not weight the level of the citation but they did get it. And when confronted the auditor said that 4.1 says the management rep is responsible for ensuring the system is effectively implemented and since the deputy could not demonstarte complete knowledge of calibration, when the rep was gone the system could have problems. The client tried to address it with the registrar but the auditor was upheld. The client stopped using them after a year and a half of similar audit findings.

In another audit client B, who had gone through ISO training both at a previous company and through additional training we provided was audited by registrar 2. This auditor was asking the rep about the standard and the rep answered most of the questions. The auditor then asked for a training records of their ISO training which had been inadvertantly sent to a corporate HR in another state. They only got an observation but again they were asked various questions about their knowledge and training and understanding. This was on the auditors questionnaire under 4.1. I was watching over the shoulder of the auditor at the time and that was the section he was asking questions about.

A client C called me after their rep had left (not the same one as the previous email). They had been through an audit by registrar 3. They had been through a surveillance audit and had gotten a minor non conformance since they could not demonstrate the rep had a working knowlegde or any training on the ISO standard. We were called in to provide training not only to the rep but to all the senior managers. Following that they decided to train all their employees on ISO. But again they got a minor since the rep was not trained. This one was under the training section.

I have seen observations and minor non conformances in other companies where we were requested to provide training since they had gotten a non conformance for the rep not being adequately trained in ISO. I won't continue with examples as the above are adequate to show that at least three different registrars have written up in observation or non conformances this area.

I have also talked to thre auditors we do work with frequently and they have all said the same thing. They also indicated that at one of their previous auditor meetings, the auditors were told that they needed to audit more closely for a broader knowledge of ISO since the registrars have been seeing more companies get both majors and minors for the resulting problem of the system falling apart when only the consultant or one other person had any knowlegde and they leave.

Phyllis

I think all this could be avoided if we call consultants who maintain systems
'contract workers'...its all in how its carried out. Whether I plan to stay on or not, ALL levels are trained in the standard, and how it affects their responsibilities,,including a deputy rep...who resides full time on site, and carrys on when I am not there.(all management is trained in detail) My role is the keeper of the systems typically...the company uses the systems daily...audits, training (except OJT), Document change control, reports, trends (from the system data) to mgt review, followup on CARs, Quality plans,TQM facilitator, DOE stuff, Review of SPC inprocess and stuff like that.....active on line, weekly or bi weekly. On call for customer/government interface if required to support on site staff. Non product acceptance related decisions. Frees the company to do it's business following its ISO system of course.... Since I do the internal audits, it makes sense to be there for the surveillance audit....to answer appropriate questions, etc. I do the training so I know all the employees and what they do. I monitor the CA so I know whats going on. I wrote/maintain the system (based on what is actually happeneing..not as an outsider) so i know how it works.
Who do the auditors interview...depends...just cause I own the system, doesn't mean I do the nitty gritty..or sometimes I do, just as in any company. I have found this works for small companies, especially startups.

Is this such a difficult concept to grasp? I really don't 'get' all the uproar over this.

From: ISO Standards Discussion <jennejohnn@UWSTOUT.EDU>
Date: Wed, 26 Jan 2000 13:41:07 -0600
Subject: Re: Consultant as Management Rep /../Humphries/Naish/Humphries

From: Edwin Humphries <edwin@e-quality.com.au>

Phyllis

I agree with everything you say, and as a consultant, would never recommend to a client that I, or any other consultant, should serve as a management representative.

But my reason for that is not a philosophical problem with consultants, or merely an ethical one: it's the fact that by far, the most effective management representative is the person who has the ultimate responsibility for the overall performance of the operation. This results in quality being more seriously considered as a part of core operations, not a low priority adjunct.

But this means that issues such as ISO expertise, part-time/full-time, etc., are irrelevant. Where the company gets its expertise from; who does the detailed work of the Management representative, etc., are details which are second to the strategic issue of making quality a core activity.

So I guess we're saying the same things in different words.

With respect to your posting giving examples of auditors giving nonconformances or observations for management representative training, it reflects the lack of training of auditors and their bosses, that they could give negative findings for things not required by ISO9001.

Given that 4.1.2.3 specified the management representative's responsibilities as:

"a) ensuring that a quality system is established, implemented, and maintained in accordance with this International Standard, and

b) reporting on the performance of the quality system to the supplier's management for review and as a basis for improvement of the quality system."

it's hard to argue that someone who delegates the operational part of the job to a technical expert, monitors the process responsibly, and takes an active role in the process, but doesn't themselves become an expert in the standard, is not fulfilling the requirements.

Given further that 4.18 requires the company to "identify(ing) training needs and provide for the training of all personnel performing activities affecting quality", it's hard to argue that our management representative above requires detailed ISO training to be able to do the job as structured by the company.

It's another example of a certifier auditing the system it expects to find, rather than the system the company has developed. (I once had a client for whom we developed - in 1992 - a process-based quality system. Their certifier - not Australia's best - at first refused to audit it, as its structure was so different from what they expected. Ultimately they were prevailed upon to carry out the audit, but they found many nonconformances that reflected that the system simply didn't look like the one they were seeking. [end rant])

Best Regards
Edwin Humphries

My last 'snips' follow:

-----------snippo---------

From: ISO Standards Discussion
Date: Fri, 28 Jan 2000 15:31:36 -0600
Subject: Re: Consultant as Management Rep /../Naish/Humphries/Kutcher

> I agree with everything you say, and as a consultant, would never
> recommend to a client that I, or any other consultant, should serve
> as a management representative.

Phyliss/ Edwin, I've already given my "two cents worth". I now feel another "two cents" is required. Section 4.1.2.3 not only call out the responsibility of ensuring that a quality systems is established, implemented and maintained, it also very clearly calls for "a member of its own management" to assume this task.

Too wit, there may be some leeway in the eyes of individual ISO 9000 Registrars with respect to this specific requirement, i.e., "a member of its own management," however, there is no such forgiveness with the FDA's GMP/QSR.

Kimberly Trautman, in her excellent book, "The FDA and Worldwide Quality Systems Requirements" underscores this under section 820.20(b)(3). Why do I feel so strong about this, one might ask? Well, I consult on FDA matters for a facility with a tiny (two person) electronics department and was asked to act as their Management Representative. In checking with several sources, including the FDA's Division of Small Mfg. Assistance (DSMA), I was told specifically that I could not hold that role. You might be able to convince an "understanding" ISO 9000 Registrar, but you had best be an employee of the company if your title is management representative and you are dealing with the FDA.

Jerry Kutcher

-----------------------

From: ISO Standards Discussion
Date: Fri, 28 Jan 2000 15:47:50 -0600
Subject: Re: Consultant as Management Rep /Naish/Humphries/Naish

Edwin,

I guess we are both saying the same thing in different ways. And your comment about the auditors wanting to see it the way they expect to see it is going to be one of the issues in the coming change. I am afraid that as we get one two and three years into the standard and some companies convert their QA manuals to look like the new standard the ones who don't are going to see an increase in problems.

The other problem that we are facing with the 2000 change is the continuing growth in new standard spin offs some of whom will go with the new format and some with the old. And the poor companies who do business in multiple industries are going to find it harder and harder. We have one client who is ISO and now in process of QS which is not a problem yet except they are also in telecomm and we are expecting them to be required to meet that in the next couple of years. They are on the third tier to medical and so far have not been asked to do anything for that thankfully.

As we diverse in the standards we are going away from the original concept of the one standard for all companies and all countries. The problem we have seen with auditors who do QS frequently is they start trying to keep QS separate from ISO requirements and start getting them mixed. What happens when you have old format ISO manuals with QS requirements and telecomm thrown in and the new standard. It takes a lot more time for the auditor or they start crossing the line from standard to standard. My hats go off to the auditors the farther down the line we go trying to keep it all straight.

Too bad that we can't get the industries all together and start with ISO and have group or business segment put their requirements in each section as we go. Then we could all get back to the same standard and work from the same book instead of various others.

Phyllis

Blast from the Past!

Any 'contemporary thoughts? I used to be totally against this, but it's relatively common now as I understand it.

Marc,

This recent thread discussed the same topic and got a little animated.

http://Elsmar.com/Forums/showthread.php?t=8171

Greg B

Thanks for the link, Greg! I also noticed a few good related threads in the Similar Threads list below.