Hi all,

First, I would like to thank the Cove and all members. I would like to say that, for a while, I have been reading in all subjects related to ISO 9001, Process mapping, auditing etc. and have benefited from the wealth of information available.

This is my first time posting a thread here and I am seeking your advice for my case. I have been authorized to be the Project Manager to make it to the ISO 9001:2008 Certificate the soonest possible and with the minimal cost.

I work for a big organization 20,000 employees (Telecommunication Service Provider) and the area which we are going to cover for the certification is the operational sector (5000 employees).

We have so many subcontractors and consultation companies. Most processes are documented but in a different format. So there is a consultation company work for the Design Unit and they use their process and so on for some of the other units.

I feel that most of the things that are required by the ISO are available somewhere but it is either not in the same format or not very organize.

So my role now is to define the starting point and then define the gap and complete it then we will go for certification some time this year.

Therefore, my questions would be:
1- Where should I start?
2- How soon can I get the certificate? or at least be ready for it?
3- Would it be possible that I can use different format of work instruction and subprocess to close the gap in the QMS? or should i re-write them in one format?

Put in mind, that we have completed the L2 processes according to the eTOM framwork but I do not prefer to go any lower than that for now. So the high level processes across the sector are identified, however, the subprocesses/work instruction are in different format due to the dependency on some of the consultation companies/subcontractors.

I have thought to start with writing down the Quality Manaual as a strating point? is this the right way? I want the fastest and the easiest way towards being ready for certification then we can have another project for improvement?

Thanks in advance for any advice you can make. It is much appreciated!

Hi QualityKey,

Firstly, a warm welcome to the Cove :bigwave:

Regarding the ISO 9001 certification, pl refer to one of my earlier post for more information - Recertification for ISO 9001:2000 - framework (http://elsmar.com/Forums/showpost.php?p=300404&postcount=8)

Wish you good luck !

Therefore, my questions would be:
1- Where should I start?
2- How soon can I get the certificate? or at least be ready for it?
3- Would it be possible that I can use different format of work instruction and subprocess to close the gap in the QMS? or should i re-write them in one format?


Hello and welcome. :bigwave:

1. Have a gap analysis audit performed and documented by a qualified, competent, and impartial auditor.
2. It depends solely on the results of the gap analysis and how effective your corrective action system is in dealing with the discrepancies.
3. IMO, there is no issue with the different WI formats as long as they work for your organization and as long as your document control procedure details the process you use to create, review, approve, control, and revise the different types of documents.

Hi QualityKey ! Welcome !

You already took the first step..... you found the Cove !!

20000 employees !!! wow !! sounds like fun !!!

Please do check the bottom of this page, you will see similar threads in regards to your situation. Check those thoroughly and I´m sure it will help with your initial doubts...

but answering one of your questions... leave the quality manual for last... it should be looked at as a summary of your QMS.

Please keep us posted on your progress as I´m sure we will also learn from your specific situation.

I've done implementations bigger than that. First off - Get a team togther if you haven't already, and make sure you have a well organized 'War Room'.

See:

Implementing a Quality System (http://Elsmar.com/Imp/) for starters.

Some existing discussion threads: Implementing ISO 9001 (http://Elsmar.com/Forums/search.php?do=process&titleonly=1&query=implementation+9001)

QualityKey

Everyone so far has given you good advice on the start but before you get too far along you should also have the following:

ISO 9000:2005, Quality management systems – Fundamentals and vocabulary.
ISO 9004:2000, Quality management systems – Guidelines for performance improvements

These two documents will help you with your ISO 9001:2008 journey. ISO 9000 is normative document meaning that the terms and definitions within this standard form part of the requirements of ISO 9001. ISO 9004, as it states in the title, is a guide which I have found useful in understanding concepts of ISO 9001.

Lastly don’t start your process by jumping to the Scope section of the standard. Read and understand the Forward section of the standard as it will give you a good grounding in process approach used within ISO 9001:2008.

First, I would like to thank everybody for giving me a valuable advice, I really appreciate all you have given me.

Also, I would like to invite those who can add more of their experince, I do really need every piace of advice.

I will come back with more details!!

Hi QualityKey,

Firstly, a warm welcome to the Cove :bigwave:

Regarding the ISO 9001 certification, pl refer to one of my earlier post for more information -

Wish you good luck !


Ajit Basrur,

Thank you for your advice. I looked up your implementation road map and I did download it, I would appreciate if you can help me with the Gap Analysis part. I want to meet the minimum of the ISO9001 requirements the soonest because I feel we do have most of them in place but it is difficult to judge how to match what is already implemented to what is required and vice versa.
Again, many thanks.

Hello and welcome. :bigwave:

1. Have a gap analysis audit performed and documented by a qualified, competent, and impartial auditor.
2. It depends solely on the results of the gap analysis and how effective your corrective action system is in dealing with the discrepancies.
3. IMO, there is no issue with the different WI formats as long as they work for your organization and as long as your document control procedure details the process you use to create, review, approve, control, and revise the different types of documents.


BadgerMan

Thank you for your reply. My issue is how to analyze the gap. If we go for an external auditor to assess the gap then I am not sure how much it would cost rather I would appreciate if you have a check list that I can use to meet the minimum requirements. Also, would it be right if I ask to be assessed by CBs, would they offer such service or do they only go for a contract to do the assessment?

Also, it is great that we do not need to have the same format for the WI!!

Thanks.

Hi QualityKey ! Welcome !

You already took the first step..... you found the Cove !!

20000 employees !!! wow !! sounds like fun !!!

Please do check the bottom of this page, you will see similar threads in regards to your situation. Check those thoroughly and I´m sure it will help with your initial doubts...

but answering one of your questions... leave the quality manual for last... it should be looked at as a summary of your QMS.

Please keep us posted on your progress as I´m sure we will also learn from your specific situation.

tedschimtt,

Thanks for your reply. I wanted to start with the QM because I think that most of the requirement are already in place and the system is running so I wanted to compile it and make it organized and also the QM would be the first document that an external auditor will look for? is this right?

I appreciate your help here and I will let you know the progress... Thanks

I've done implementations bigger than that. First off - Get a team togther if you haven't already, and make sure you have a well organized 'War Room'.

See:

for starters.

Some existing discussion threads:



Marc

Thank you. We have already made a team of 7 key people and about 20 quality represintitive across all functions to complete the requirements. However, I just felt that the way to the ISO certificate can BE achived in an easier manner or a shroter raod map.

Let me clarify again, the system has been working for a while but the reason I thought about the QM is just my feel that by getting things togather in one place it would give us a clear picture of how much is done and how much is the gap? is this a good start?

I have read many threads in here and I am so happy to find people who have been just like me and found their way out in the Cove. But I also believe that my case may need a unique advice?

Thanks again.

QualityKey



Lastly don’t start your process by jumping to the Scope section of the standard. Read and understand the Forward section of the standard as it will give you a good grounding in process approach used within ISO 9001:2008.


Jeff Frost

Thanks. Oh yah!! talking about the process approach???? after a long time designing the processes, we have just finished the the top level processes flowchart. It showes how the processes flow without given much regards to the functions. Most top manager are used to see their function and their role in a direct way which is not the case in adopting the process approach concent, am I right??

So I have a question here! to meet the ISO requirements how much do we need to go down in detail in the subprocess? I would love to avoid this at least until we make it to the ISO certificate? Please advice???

Many thanks Jeff..

I would start with the gap analysis. I would separate the results into categories like human performance, processes design and infrastructure.

I would then present the results to management and analyze their relative degrees, and types, of commitment to understand what the leadership supports and constraints would be to make the changes needed to establish compliance.

Jeff Frost

Thanks. Oh yah!! talking about the process approach???? after a long time designing the processes, we have just finished the the top level processes flowchart. It showes how the processes flow without given much regards to the functions. Most top manager are used to see their function and their role in a direct way which is not the case in adopting the process approach concent, am I right??

So I have a question here! to meet the ISO requirements how much do we need to go down in detail in the subprocess? I would love to avoid this at least until we make it to the ISO certificate? Please advice???

Many thanks Jeff..Process flowcharts are used to show what goes on in a structural manner. There are different kinds of flow charts:

Swim lane flow charts show how different departments can interact in getting the process done. They are good for showing internal customer relationships but give little operational instruction.

Simple flow charts just show what is done - they can also show things like what documents are used, but in themselves give little operational instruction. The documents referenced can be work instructions or process specifications that give appropriate detail.

Scripted flow charts can give details that are needed to perform the tasks. They can serve as combination flow charts and work instructions. They can be of good use when the process is not complex; processes with many steps would take many pages of scripted flow charts to show their detail.

ISO gives no requirement to use flow charts, though I have heard that some organizations use flow charts almost exclusively.

Nor does ISO specify the level of detail your instructions. Instructions for operating a washing machine would be drastically different in nature than instructions for performing a repair on an automobile. ISO expects your organization to define its own needs and build the process to suit.

Marc

Thank you. We have already made a team of 7 key people and about 20 quality represintitive across all functions to complete the requirements. However, I just felt that the way to the ISO certificate can BE achived in an easier manner or a shroter raod map.

I guess you are in right track and you have already taken steps required to consolidate.

I will recommend having a pre-assessment audit. However, before pre-assessment audit you can prepare ground work so that pre-assessment will be used effectively for improvement and not in building QMS.

You must be aware that ISO 9001:2008 expect only 6 mandatory procedures. Now the choice is left on the organization and their business, how much you need to go down on detail.

As you said all required Work Instructions (or Procedures) are available but in different format. I don’t think there is any need to reformat all WI. However, to begin with your Quality Representatives can perform gap analysis on their relevant procedures to verify if all basic requirements are documented in their procedures.

Basic requirements could be Document Control No., Revision status, Inputs, Outputs, Responsibilities (Owner), Process controls / parameters, Customers, applicable Records and what is documented is still relevant.

WI update or no update will be based on the results of this gap analysis.

As mentioned by tedschmitt, leave Quality Manual for last. I agree.


Let me clarify again, the system has been working for a while but the reason



I’m slightly confused with your clarification to Marc and others that “… system is working for a while…”. Do you mean your organization is complying with all requirements of ISO 9001 and Quality Management System is in place?

Just curious :)

I would start with the gap analysis. I would separate the results into categories like human performance, processes design and infrastructure.

I would then present the results to management and analyze their relative degrees, and types, of commitment to understand what the leadership supports and constraints would be to make the changes needed to establish compliance.


Thank you Jennifer.

Is there a simplified check list available on the web to assess the gap? specialy for a telecommunication services providers? I find it difficult to identify what is really needed to meet the requirements?

First Step:

Select a Professional Certification Body

Second Step:

Get that Professional Certification Body to perform a full fledged GAP Analysis
the cost compared to what they will spare you with the arguing and the whole team assembly and the mess will be phenomenal, i would say they would charge around 3000-5000 SAR / day (haggle about it, you have leverage because they want to get the certification contract later, especially with you being such a fat cat -20,000 Employees-)

Third Step

Take the GAP Analysis report which is -totally independent- not your opinion but from external bodies, and use it to extort TOP Management so as to get the most support with human resources and such .... don't push it though or else they might call the whole project off

Fourth Step

Fill in the GAPS and Certify, and that part has been covered zillions of times in the forum so just search for it , and that might help...it's a long story


Good Luck
3asak tekoun men 3awada

Process flowcharts are used to show what goes on in a structural manner. There are different kinds of flow charts:

Swim lane flow charts show how different departments can interact in getting the process done. They are good for showing internal customer relationships but give little operational instruction.

Simple flow charts just show what is done - they can also show things like what documents are used, but in themselves give little operational instruction. The documents referenced can be work instructions or process specifications that give appropriate detail.

Scripted flow charts can give details that are needed to perform the tasks. They can serve as combination flow charts and work instructions. They can be of good use when the process is not complex; processes with many steps would take many pages of scripted flow charts to show their detail.

Jennifer

Not sure that I would agree with your analysis - it is quite possible to define the required level of "operational instruction" (I like the term, by the way!) in a swimlane (/ deployment / matrix) flowchart. The problem lies more in the "words in boxes" style", where you are restricted by the size of the box - or of the page.

I think that I understand(?) what you mean by "Scripted flow charts" - do you have an example?

[quote=Jennifer Kirley;301635]

ISO gives no requirement to use flow charts, though I have heard that some organizations use flow charts almost exclusively.

I am confused here, so do you mean all type flowcharts including Process Maps:confused: I am not sure if they are different or the same? and if they are different, are they both not required?

Thanks

There has been a mistake here, sorry!!!

You must be aware that ISO 9001:2008 expect only 6 mandatory procedures. Now the choice is left on the organization and their business, how much you need to go down on detail.


As mentioned by tedschmitt, leave Quality Manual for last. I agree.




I’m slightly confused with your clarification to Marc and others that “… system is working for a while…”. Do you mean your organization is complying with all requirements of ISO 9001 and Quality Management System is in place?

Just curious :)

I come to know this here in the Cove but not sure to what extent!!


Because I think most of the requirements are available so I just wanted to prepare the top level document (QM) which is required by the ISO9001 and also I thought it is a good way to compile the documents and make references! Am I right here?


Well!! we have been for a year and so building the system to meet the ISO9001 requirements and we did put some procedures in place and there were already some operational processes in use so that's what I meant. However, we are moving so slowly and I have just been assigned as (ISO Implementation Project Manager) to expedite the process to make it to certification in the easiest, shortest and effective way. My idea is, once we have the ISO certificate, it would help us as an internal marketing tool so we get the attention and then the full support and participation from employees and top management. Management say they are committed but they are not so convinced!! It is time consuming to re-engineer some of the non-required process and continue on what we are doing. I want to make it fast to the ISO and the next step (after certification) is to go for process improvement projects. Do you agree with my approach?? Please comment??



Thank you Makrap for giving me detail as I do need them.

First Step:

Select a Professional Certification Body

Second Step:

Get that Professional Certification Body to perform a full fledged GAP Analysis
the cost compared to what they will spare you with the arguing and the whole team assembly and the mess will be phenomenal, i would say they would charge around 3000-5000 SAR / day (haggle about it, you have leverage because they want to get the certification contract later, especially with you being such a fat cat -20,000 Employees-)

Third Step

Take the GAP Analysis report which is -totally independent- not your opinion but from external bodies, and use it to extort TOP Management so as to get the most support with human resources and such .... don't push it though or else they might call the whole project off

Fourth Step

Fill in the GAPS and Certify, and that part has been covered zillions of times in the forum so just search for it , and that might help...it's a long story


Good Luck
3asak tekoun men 3awada

mirrorcrax

Thank you for your plan. I strongly agree that the cost of 3000/5000 SAR (around US $1000) is by far would save a lot of working hours. I appreciate your advice and I even discussed it with my manager along with the other comments here.


Stay around, I still need more advice.
3sak beseha wa salamah ya habebi!! mashkoor!!

I am not going to even pretend to be an expert in flow charts. I have seen a lot of different treatments, ranging from very simple to very complex.

And it's true that both regular and swim lanes flow charts can be designed to include enough detail to perform the work. It depends on the process.

I put examples of all three types in this thread's (http://elsmar.com/Forums/showthread.php?p=293651#post293651) problem solving presentation. (It's an attachment in post #7)

I'm not wild about process maps, I think the inter-department flow chart (has swim lanes) is better. But other people seem to think process maps are worthwhile, so okay. I didn't include any examples in that presentation, sorry.

Jennifer

I see from your profile that you are a "Deming-ite", so deployment flowcharts (a la Myron Tribus) would be an obvious option, I suspect. I agree that some flowcharts can be very complex (and that doesn't mean that they are very clear for other people to read, although the author may learn a lot about a process when he or she draws it) and I often find that the "simple" ones don't tell the reader very much.

I agree Peter, which is why I advocate people use the method that suits them and their organizations best. No single approach works for all organizations, or even groups/processes within an organization. I have seen a combination of flow charts and process documents working well together. The flow chart summarizes how the process works, and the process document describes it in funcitonal detail, shows responsibilities, lists absolute requirements and controlled tools like calibrated equipment to be used, and so on.

Process flowcharts are used to show what goes on in a structural manner. There are different kinds of flow charts:

Swim lane flow charts show how different departments can interact in getting the process done. They are good for showing internal customer relationships but give little operational instruction.

Simple flow charts just show what is done - they can also show things like what documents are used, but in themselves give little operational instruction. The documents referenced can be work instructions or process specifications that give appropriate detail.

Scripted flow charts can give details that are needed to perform the tasks. They can serve as combination flow charts and work instructions. They can be of good use when the process is not complex; processes with many steps would take many pages of scripted flow charts to show their detail.

ISO gives no requirement to use flow charts, though I have heard that some organizations use flow charts almost exclusively.

Nor does ISO specify the level of detail your instructions. Instructions for operating a washing machine would be drastically different in nature than instructions for performing a repair on an automobile. ISO expects your organization to define its own needs and build the process to suit.

Jennifer

Sorry about not getting back to you on your question earlier. Flow charts within the organization have their place and should be of sufficient detail to allow you to see the inputs and outputs of the process and who are the customers (internal and external) and process owners.

My reference is more inline with the actual process requirements within the standard. Take for instance the requirements for Management Review Clause 5.6. Most users of the standard understand that 5.6.1, 5.6.2 and 5.6.3 are part of the requirements of Clause 5.6 and then overlook these other process links

8.1 Measurement Analysis and Improvement,
8.2.2 Internal Audit
8.5.1 Continual Improvement
8.5.2 Corrective Actions
8.5.3 Preventive Action

Hope this add some clarity to the subject for you.

Jeff

I wouldn't dream of arguing with you in context Jeff, but I wouldn't use a flow chart for Management Review - except a scripted flow chart maybe.

Can you show an example of how a flow chart would incorporate those peripheral standard clauses in a manufacturing or service process?

Jennifer,

You could flow chart this management review process if you care to but I am talking about the interrelated process of the standard it’s self. The very requirements of the management review are a verbal description of the required process. It has input, actions, and output.

Your original question that started the tread was “where to start” and to this end it should be with a well grounded understanding of the requirements of ISO 9001 and how the requirements are linked as I explained in the Management Review Example.

Once you have a clear understanding of the requirements of the standard, your customers’ requirements and regulatory requirements you can move forward creating process flow diagrams, flow charts, performing gap analysis etc.

Please remember you posed a direct question to me and I an only answering it even though the thread has progressed.

Jennifer,

You could flow chart this management review process if you care to but I am talking about the interrelated process of the standard it’s self. The very requirements of the management review are a verbal description of the required process. It has input, actions, and output.

Your original question that started the tread was “where to start” and to this end it should be with a well grounded understanding of the requirements of ISO 9001 and how the requirements are linked as I explained in the Management Review Example.

Once you have a clear understanding of the requirements of the standard, your customers’ requirements and regulatory requirements you can move forward creating process flow diagrams, flow charts, performing gap analysis etc.

Please remember you posed a direct question to me and I an only answering it even though the thread has progressed.Okay, sorry if I seemed snide. I did not intend to be.

The examples I put in my presentation didn't include input or output to other processes, which I think would have been helpful.

Honestly, the big reason I make flow charts as an auditor is to help understand and assess a process that is described in an encyclopaedic manner in thick process documents. It's not about gap analysis as much as effectiveness analysis - that is further down the road from the original question.

I hope I am not confusing QualityKey.

Well!! we have been for a year and so building the system to meet the ISO9001 requirements and we did put some procedures in place and there were already some operational processes in use so that's what I meant. However, we are moving so slowly and I have just been assigned as (ISO Implementation Project Manager) to expedite the process to make it to certification in the easiest, shortest and effective way.

My advice is:

Acquire knowledge - either go to an ISO 9001 training course or read a good book. But get educated asap!!
Have someone experienced do a formal gap analysis (I would use a good consultant, not a certifier, as I've not found their reports very helpful, but mayhap you have a good one there)
THEN plan the work required to fill the gaps, when you actually know what they are and what you're aiming to do.

JaneB

Thank you for your advice. I read your posts in different threads and find them very useful to me and I want to thank you for that too.

I got the training a few years ago but when it comes to real live implementation it is hard to get right to what the standard say. Some time we do more than what the ISO 9001 requires just because we lack the experince.

After these posts here, I think I should start with defining the real gap by an external auditor.

Guess what!! jsut during the last few days, there has been a proposal to go even for the TL9000, you may have seen my other thread in this forum and in the TL 9000 forum. I am not sure if this is a good decision as of now!!

I hope I am not confusing QualityKey.


Not at all, I am interested to know more about flowcharting!!

It seems complecated to me espcially when I put the process appraoch concept in mind. But this will come later as I go along with the project.

Thank you for your advice. I read your posts in different threads and find them very useful to me and I want to thank you for that too.

Thanks for the feedback and kind words.

I got the training a few years ago but when it comes to real live implementation it is hard to get right to what the standard say. Some time we do more than what the ISO 9001 requires just because we lack the experince.
Ah yes, the gap between theory and practice :)

My principles:

Keep it simple.
Make it your system - never, never one 'for the auditor'.
Understand that the process of getting there is almost as important as the being there - so don't worry if you 'do more' in places; you may well, but 9001 is just a minimum, not the ultimate benchmark


After these posts here, I think I should start with defining the real gap by an external auditor.
Good idea. But take care in selecting the someone. You want useful and accurate information, not just a 'does not comply' 'does not meet requirements' report.

Guess what!! jsut during the last few days, there has been a proposal to go even for the TL9000, you may have seen my other thread in this forum and in the TL 9000 forum. I am not sure if this is a good decision as of now!!
Guess what? If you've been a year trying (and still going) to make it to 9001 - this might be biting off rather a lot to try and chew at once. Why not do one first (with an eye to adding the other) and then add in?

the big reason I make flow charts as an auditor is to help understand and assess a process that is described in an encyclopaedic manner in thick process documents. It's not about gap analysis as much as effectiveness analysis

Yes - me too, whether as a consultant or an auditor. Flowcharting /diagramming something that is described in very thick/long document really helps get it clear. And helps see where the detailed documents (if they are needed) fit.

Great prezzo by the way, I missed that one before.

As a conclusion to this thread, I would to thank everybody for giving me the advice I need.

I have printed the whole thread and highlighted all main points and use it as a guide and a work plan.

Thanks to the Cove and thanks to everybody!

Hi all,

First, I would like to thank the Cove and all members. I would like to say that, for a while, I have been reading in all subjects related to ISO 9001, Process mapping, auditing etc. and have benefited from the wealth of information available.

This is my first time posting a thread here and I am seeking your advice for my case. I have been authorized to be the Project Manager to make it to the ISO 9001:2008 Certificate the soonest possible and with the minimal cost.

I work for a big organization 20,000 employees (Telecommunication Service Provider) and the area which we are going to cover for the certification is the operational sector (5000 employees).

We have so many subcontractors and consultation companies. Most processes are documented but in a different format. So there is a consultation company work for the Design Unit and they use their process and so on for some of the other units.

I feel that most of the things that are required by the ISO are available somewhere but it is either not in the same format or not very organize.

So my role now is to define the starting point and then define the gap and complete it then we will go for certification some time this year.

Therefore, my questions would be:
1- Where should I start?
2- How soon can I get the certificate? or at least be ready for it?
3- Would it be possible that I can use different format of work instruction and subprocess to close the gap in the QMS? or should i re-write them in one format?

Put in mind, that we have completed the L2 processes according to the eTOM framwork but I do not prefer to go any lower than that for now. So the high level processes across the sector are identified, however, the subprocesses/work instruction are in different format due to the dependency on some of the consultation companies/subcontractors.

I have thought to start with writing down the Quality Manaual as a strating point? is this the right way? I want the fastest and the easiest way towards being ready for certification then we can have another project for improvement?

Thanks in advance for any advice you can make. It is much appreciated!

QualityKey,

No need for a traditional gap analysis. You should already have a quality policy and a few quality objectives to show top management's direction and commitment (these documents may need revision later in the system development project).

You are trying to ensure that the system that runs your organization conforms to ISO 9001; you are not really "implementing ISO 9001". Many make this mistake and end up writing a work of fiction around the standard.

Start by analyzing how your organization converts customer needs into cash. Document the results of this analysis preferably using a deployment or swimlane flowchart at the level of your organization, its customers and suppliers.

This determines the key processes in your organization's core process, list these in a spreadsheet and assign the name of an expert to each process.

Then list the key processes that support the core process. These come from ISO 9001 and "common" sense. Be careful not to miss recruiting to go with training (essential for competence) and use active verbs (so corrective action is renamed stopping recurrence of nonconformity).

You should now have a list of key processes each of which is assigned to an owner. Categorize these processes according to the following status: as-is, partly new and new. Partly new is a process you already have but in needs some new controls to conform to ISO 9001. New is a process currently missing from your system (training will be required to put it in place).

Then start understanding and developing the system that runs your business by working with each of the process experts to analyze and document their process to the extent necessary for effective planning, operation and control (you may need lead auditor training to do this well). Ask the process owners to bring with them all existing forms, instructions and other documentation for their process to eliminate duplication and redundancy. Tie only the forms and instructions actually used into the procedures you are creating.

This should take from 3 to six months. When you have completed this work, come back here for more guidance.

BTW, you write the quality manual at the end to describe the system you have discovered. Again if you write the manual to specify the system at the beginning you will end up with a work of fiction.

John

Thanks for your reply, we are at the end of the day here and I need to look to your post with a clear mind tomorrow morning.

Have a good day!:bigwave:

No need for a gap analysis.
You offer some good advice, but the rest of your post describes how to perform a type of gap analysis.:D

You offer some good advice, but the rest of your post describes how to perform a type of gap analysis.:D

Yes, I agree.

Good advice. But some confusing statements. eg, Trying to ensure that one's system meets ISO 9001 is not 'implementing ISO 9001' ? :nope: And why would you advise renaming 'corrective action' to the even longer phrase of 'stopping recurrence of nonconformity'?? If you want to advise on using active verbs (again, good advice), why not just 'doing/taking/managing corrective action'? One might as well learn - and use - the shorter & correct term IMO.

As a conclusion to this thread, I would to thank everybody for giving me the advice I need.

I have printed the whole thread and highlighted all main points and use it as a guide and a work plan.

Thanks to the Cove and thanks to everybody!

You're welcome. I really like it when someone actually takes the time to say thank you (instead of simply vanishing into silence, leaving one with no idea about whether what was said was helpful or not). It leaves me feeling more inclined to respond next time (instead of the opposite).

You also made the effort to explain what was going on, to give more info when needed, and thus you get better advice & people willling to offer help. And I'm betting will do again in future because of that.

As opposed to the 'hey I know zilch, I've read nothing & done no searches, but tell me everything I need to know without me explaining anything - ineffective in my view & I've got other things to do if I want to guess. Like Sudoku and cryptic crosswords :frust:

Yes, I agree.

Good advice. But some confusing statements. eg, Trying to ensure that one's system meets ISO 9001 is not 'implementing ISO 9001' ? :nope: And why would you advise renaming 'corrective action' to the even longer phrase of 'stopping recurrence of nonconformity'?? If you want to advise on using active verbs (again, good advice), why not just 'doing/taking/managing corrective action'? One might as well learn - and use - the shorter & correct term IMO.

Thanks, Jane, for your opinions. Better for users of the system to be no doubt about what corrective action is meant to achieve. Most users think in terms of correction and "managing corrective action" sheds no more light for their true understanding. :confused:

The shorthand for ensuring your system conforms to ISO 9001 as "implementing ISO 9001" has confused the many poor souls who end up with an "ISO System". Some of these works of fiction are even kept on the "I-drive"!

We also read other confusing expressions from experts such as "get ISO 9001" as short-hand, not for buying a copy of the standard, but for obtaining certification that the system meets the requirements of ISO 9001. Thankfully, the expression "ISO certification" is dying if not yet dead!:confused:

John,

:lmao:
You have certain views about what's 'better' for users, and mine are different in some areas. I share your dislike for works of fiction on the I-drive, but then none of my clients get that kind of system :D But I also don't want to decide for my clients what's 'better' for them - I work with them as a partner so that together we work out what's best for them.

Few of my clients have any trouble with the proper term (corrective action)- they have much, much more trouble with the 'conformity' word. And my specialist consulting expertise is with service-based systems - perhaps yours is mainly with manufacturing, where it's understandably more common? Or just maybe your clients like long obtuse phrases instead of short clear ones. I don't.

Bbut look, it's an endless argument, this one, & not one that I'm going to pursue as I already made my point.

Perhaps your poor souls like it - I know that any of my clients - past, present and probably future - would shake their heads, blink a couple of times, and then look at me waiting for it to be translated into real English.

I'll agree to disagree.

Thankfully, the expression "ISO certification" is dying if not yet dead!:confused:

Really? What's wrong with it? I don't think it's dying or dead - at least, not in my part of the world. I'd be actually thrilled if people knew the right term rather than the mistaken but oft used 'ISO accreditation'. :lol:

QualityKey,

No need for a traditional gap analysis.

Start by analyzing how your organization converts customer needs into cash. Document the results of this analysis preferably using a deployment or swimlane flowchart at the level of your organization, its customers and suppliers.

This determines the key processes in your organization's core process, list these in a spreadsheet and assign the name of an expert to each process.

Then list the key processes that support the core process. These come from ISO 9001 and "common" sense. Be careful not to miss recruiting to go with training (essential for competence) and use active verbs (so corrective action is renamed stopping recurrence of nonconformity).

You should now have a list of key processes each of which is assigned to an owner. Categorize these processes according to the following status: as-is, partly new and new. Partly new is a process you already have but in needs some new controls to conform to ISO 9001. New is a process currently missing from your system (training will be required to put it in place).

Then start understanding and developing the system that runs your business by working with each of the process experts to analyze and document their process to the extent necessary for effective planning, operation and control (you may need lead auditor training to do this well). Ask the process owners to bring with them all existing forms, instructions and other documentation for their process to eliminate duplication and redundancy. Tie only the forms and instructions actually used into the procedures you are creating.

This should take from 3 to six months. When you have completed this work, come back here for more guidance.

BTW, you write the quality manual at the end to describe the system you have discovered. Again if you write the manual to specify the system at the beginning you will end up with a work of fiction.

You have touched on our biggest problem ever, I believe what you have said is the biggest chunk of the gap and it is what we are struggling with.

Anyways, I have mentioned during the discussions that we have been with some of what you said and have been trying to comply to the ISO for a year or so " not implementing as you said, I like the idea by the way" but the management feel that we are far away from the ISO. Basically, I want to prove the opposite, I want to get the certificate in less than three months!! Is that possible? Would anyone agree?

By doing the Gap Analysis, I want to find it out what exactly missing? what exactly available? what exactly needs only some improvements? and go from there, not to miss around with things that add no value to the ISO compliance project!!


Just yesterday, I have developed an idea and I would like to ask you and all experts if you agree.

One of the big and important departments "within the operation unit" has all that you have said well documented and in place and I think this due to the fact that they have a very good consulting company that runs most of the activities they have. So I thought what if we go for certification on this department level as a pilot and see if we are successful we can then generalize it. Is it ok to go for certification on this level? would CB grant a certificate for it?

Again, the main reason I want to take the certificate is to:
1- Get the buy in.
2- Get the budget/fund and support we need for the certification from this department, because if they are convinced with my idea, they want to be the first to make it to the ISO ahead of other departments.
3- if we are successful with them, everybody else will strive for the same.
4- Once everybody is on board, other projects will follow for improvements.

Please tell me if you agree with this idea or not?and why?

You're welcome. I really like it when someone actually takes the time to say thank you (instead of simply vanishing into silence, leaving one with no idea about whether what was said was helpful or not). It leaves me feeling more inclined to respond next time (instead of the opposite).

You also made the effort to explain what was going on, to give more info when needed, and thus you get better advice & people willling to offer help. And I'm betting will do again in future because of that.

As opposed to the 'hey I know zilch, I've read nothing & done no searches, but tell me everything I need to know without me explaining anything - ineffective in my view & I've got other things to do if I want to guess. Like Sudoku and cryptic crosswords :frust:

Well! this is the least I can say :thanks:, you and all those who gave me advice have helped me to see things that I never thought of and I am more confident now and can see the way ahead of me.

I assume it not always possible to have this number of experts with different experinence and backgound togather debating sometime and agreeing other times on the best advice for my case, and it is for a free.:)

I understand that everyone of you has his/her unique approach and this really adds value to the discussion and to the final result. Also I feel that I should have explained more but I try to make it short for readers rather than long and boring paragraphs:read:.

John,

:lmao:
You have certain views about what's 'better' for users, and mine are different in some areas. I share your dislike for works of fiction on the I-drive, but then none of my clients get that kind of system :D But I also don't want to decide for my clients what's 'better' for them - I work with them as a partner so that together we work out what's best for them.

Few of my clients have any trouble with the proper term (corrective action)- they have much, much more trouble with the 'conformity' word. And my specialist consulting expertise is with service-based systems - perhaps yours is mainly with manufacturing, where it's understandably more common? Or just maybe your clients like long obtuse phrases instead of short clear ones. I don't.

Bbut look, it's an endless argument, this one, & not one that I'm going to pursue as I already made my point.

Perhaps your poor souls like it - I know that any of my clients - past, present and probably future - would shake their heads, blink a couple of times, and then look at me waiting for it to be translated into real English.

I'll agree to disagree.

Jane,

Please be assured that I am not talking about your clients or my clients.

John

You have touched on our biggest problem ever, I believe what you have said is the biggest chunk of the gap and it is what we are struggling with.

Anyways, I have mentioned during the discussions that we have been with some of what you said and have been trying to comply to the ISO for a year or so " not implementing as you said, I like the idea by the way" but the management feel that we are far away from the ISO. Basically, I want to prove the opposite, I want to get the certificate in less than three months!! Is that possible? Would anyone agree?

By doing the Gap Analysis, I want to find it out what exactly missing? what exactly available? what exactly needs only some improvements? and go from there, not to miss around with things that add no value to the ISO compliance project!!


Just yesterday, I have developed an idea and I would like to ask you and all experts if you agree.

One of the big and important departments "within the operation unit" has all that you have said well documented and in place and I think this due to the fact that they have a very good consulting company that runs most of the activities they have. So I thought what if we go for certification on this department level as a pilot and see if we are successful we can then generalize it. Is it ok to go for certification on this level? would CB grant a certificate for it?

Again, the main reason I want to take the certificate is to:
1- Get the buy in.
2- Get the budget/fund and support we need for the certification from this department, because if they are convinced with my idea, they want to be the first to make it to the ISO ahead of other departments.
3- if we are successful with them, everybody else will strive for the same.
4- Once everybody is on board, other projects will follow for improvements.

Please tell me if you agree with this idea or not?and why?

Sure, I agree with the tactic of reinforcing strength for the reasons you have stated. Before certifying your system within a narrower scope, consider this:

A. Audit the system yourself so you know that it conforms to ISO 9001 (especially clause 5.1) before asking the registrar to verify conformity (to retain the confidence of your auditor). :)
B. Recognize that the enduring prize is a management system that enables the organization to fulfill its goals not certification (to remind everyone of the purpose beyond certification).
C. Design your system's architecture and document coding scheme (so all the parts will together as the system's scope expands).

Obviously, you will not use the registrar as an alternative to committed top management. :)

QualityKey,


Start by analyzing how your organization converts customer needs into cash. Document the results of this analysis preferably using a deployment or swimlane flowchart at the level of your organization, its customers and suppliers.
.

John - quick question - IF I was a non for profit or a public sector organisation whos core objectives is not cash and profit, would I need to look at this from a customer satisfaction - e.g. analyze what the core services are of the organisations and what the customers expectations or of these services?

John - quick question - IF I was a non for profit or a public sector organisation whos core objectives is not cash and profit, would I need to look at this from a customer satisfaction - e.g. analyze what the core services are of the organisations and what the customers expectations or of these services?

Thanks for the question.:)

Yes, public sector and nonprofit organizations may analyze their core process from customer needs to satisfied customers but we advise them to continue their analysis to include "ongoing funding". This can be difficult for nonprofits whose vision is to eliminate the need for their services. We advise them still to include processes for accounts receiveable and accounts payable to assure their donors of their fiduciary controls.

Money counts even in public sector and nonprofit organizations but it is not the measure of success that it is for companies.

JOhn - correct money does count, I can probably link funding to core services, but in the situation of departments like HR, Strategy, Accounts and Payrol, and in some cases IT - they are in essence operational support services whose budgets are created to allow those teams to provide operational support (except in the case where internal SLAs are used ).

I was thinking about this today, from an Accounts perspective, the inputs would be expenditure information from departments, the process would be the checking, formation and production of management accounts, the output would be a corporate report. - from this high level objective, I could then define and create streamlined work packages for core functions within this high level process - please stop me if I am way off target.

I have been challenged this year with the defining of the core principles of ISO9001 so they can be used in 14001 (which I also have to do), 27001 and 18001 (which belong to other sections). In order to get the buy-in I first of all have to prove the business case - I think I will do this by mapping the high level departments, with sections, showing inputs (see accounts) and outputs on a simple flow chart - I could then highlight possible areas of development/improvement through the utilisation of ISO9001 (example business continuity).

Sorry - off track a little - my statement - funding can be mapped to deliverable departments who provide core services to the public - funding is awarded or applications made for funding based upon the perceived or future service needs - the measurement of success is normally thought increased satisfaction or use of the services.
I have grouped the core "services" into the following:
Internal supplier - Internal Customer
Internal supplier - front facing customer (job public)
Internal supplier - external stakeholders (including funding)
External supplier (as above 3)
In addition I have identified "corporate health elements" - these are normally related to sickness days etc. elements which are not owned by single sections or individuals but the who organisation may influence or impact on - still have not got my head around mapping this yet.

So.... Am I on track?

JOhn - correct money does count, I can probably link funding to core services, but in the situation of departments like HR, Strategy, Accounts and Payrol, and in some cases IT - they are in essence operational support services whose budgets are created to allow those teams to provide operational support (except in the case where internal SLAs are used ).

I was thinking about this today, from an Accounts perspective, the inputs would be expenditure information from departments, the process would be the checking, formation and production of management accounts, the output would be a corporate report. - from this high level objective, I could then define and create streamlined work packages for core functions within this high level process - please stop me if I am way off target.

I have been challenged this year with the defining of the core principles of ISO9001 so they can be used in 14001 (which I also have to do), 27001 and 18001 (which belong to other sections). In order to get the buy-in I first of all have to prove the business case - I think I will do this by mapping the high level departments, with sections, showing inputs (see accounts) and outputs on a simple flow chart - I could then highlight possible areas of development/improvement through the utilisation of ISO9001 (example business continuity).

Sorry - off track a little - my statement - funding can be mapped to deliverable departments who provide core services to the public - funding is awarded or applications made for funding based upon the perceived or future service needs - the measurement of success is normally thought increased satisfaction or use of the services.
I have grouped the core "services" into the following:
Internal supplier - Internal Customer
Internal supplier - front facing customer (job public)
Internal supplier - external stakeholders (including funding)
External supplier (as above 3)
In addition I have identified "corporate health elements" - these are normally related to sickness days etc. elements which are not owned by single sections or individuals but the who organisation may influence or impact on - still have not got my head around mapping this yet.

So.... Am I on track?


Based on what you have said here, forgive me if I observe, you seem to be thrashing about in response to your thoughts and ideas instead of calmly and methodically analyzing the system that runs your organization.

You should be analyzing the system that runs the organization to determine its key processes (merely identifying them is not determining them).

You can do this from the quality/environmental/health&safety/information security points view at once if you use the SIPOC model and translate every Q/E/H&S/IS nuance into requirements. For this you need to be trained in all the standards and as a lead auditor so you know what you are looking for when you ask your questions of the process owners. Top management owns the core process (that runs from customer needs to satisfied customers if not to cash). BTW, support departments do not have core processes; they are not an end in themselves, they exist solely to serve the core process directly or indirectly.

New key processes (that do not already exist in your organization) come initially from the standards you have listed above - many can be combined such as internal auditing, and problem solving (or removing the root causes of problems). Once you have determined the key processes and named the process owners you can make further progress by analyzing and documenting how each of those processes works.

Meanwhile suspend all thought of functions, departments, elements and work packages. HR for example owns two cross-functional processes that are vital to the system: recruiting and hiring, and training (we often say the expression "departmental procedures" is an oxymoron, HR may call many of their work instructions "procedures or SOPs").

Record the results of your analysis using deployment flowcharts and you will end up with system documents that are clear, concise and easliy updated.

Focus on process. Perhaps start with the SLA as a definition of the product and then analyze the process responsible for that product (it usually involves more than one department).

Everything the support processes do is meant to make the core process better (corporate health is a just a nice sophistication at this stage). Keep it simple and get the depiction of the system that runs your organization issued, used and improved as soon as possible. The sophistications can follow if the system tells you they are needed.

Until you have analyzed the system that runs your organization and shown your organization's system (warts and all) as a simple robust framework (system architecture) so it can be understood you will find it difficult to obtain support for this project. Indeed, I am surprised to read that you have got as far as you have! Perhaps top management is asking you to determine the feasibility of making sure your system conforms to all of these standards, you will also be determining the value. This comes back to the questions you ask during the process analysis sessions - like audits they convey a sense of what is important for the organization's core process(es) to add value and avoid loss.

From this simple architecture you can design your document coding scheme. Please leave a Private Message for me if you want more specific advice.

I have got this attached Gap Analysis check list from an old post in the Cove. I would appreciate if someone can take the time and see if it is an ideal list for the newer version (ISO 9001:2008). Or would someone be able to attach something similar, may be easier, that helps me to address the gap before an auditor comes in?

I understand that writing down the key and supporting processes that runs the organzaition is a big part of the gap, as outlined by John earlier. So my other question is about the process map and the flowchart.

q) Is the main purpose of the process map only to make it easy to identify the key processes and then use the flow chart to identify the steps of each process? Is this is to facilitate the processes or is it a requirement by the standard? Or could it be both?

Thanks.

I have got this attached Gap Analysis check list from an old post in the Cove. I would appreciate if someone can take the time and see if it is an ideal list for the newer version (ISO 9001:2008). Or would someone be able to attach something similar, may be easier, that helps me to address the gap before an auditor comes in?

I understand that writing down the key and supporting processes that runs the organzaition is a big part of the gap, as outlined by John earlier. So my other question is about the process map and the flowchart.

q) Is the main purpose of the process map only to make it easy to identify the key processes and then use the flow chart to identify the steps of each process? Is this is to facilitate the processes or is it a requirement by the standard? Or could it be both?

Thanks.

You determine your key processes, and their sequence and interaction, by analyzing your core process(es) with top management. This can result in a high-level deployment flowchart for your system manual.

Then you analyze each of the key processes with their process owners. This can result in flowcharted procedures (usually one page) linked to all of the other documents used in planning, operating and controlling the process.

I am not sure why you want to copy a gap analysis form. As I have said, traditional gap analysis is not necessary; start analyzing the system that runs your organization instead.:)

I am not sure why you want to copy a gap analysis form. As I have said, traditional gap analysis is not necessary; start analyzing the system that runs your organization instead.:)

I am really not sure why either, but I am just curious and willing to know more in detail. Maybe, at least to have some sense about the traditional Gap Analysis. Never mind, I understand what you have explained is a big part of the task and I am already working on it.

My understanding have changed/improved since my fisrt post here and I am lucky to have such advise.

Thank you very much John and I wish you all the best.

QualityKey,

That's an outdated version of a GA in any case.

But there's no magic in the one you posted and I don't think it's particularly useful. But it's nothing more than a regurgitated copy of the wording of each clause & subclause of the Standard into an Excel spreadsheet. Then they've just made it a question instead of a statement, & added a couple of columns next to each to allow for notes. Voila!

Get a copy of the 08 Standard. You could do the same thing with it if you really wanted to.

I have got this attached Gap Analysis check list from an old post in the Cove. I would appreciate if someone can take the time and see if it is an ideal list for the newer version (ISO 9001:2008). Or would someone be able to attach something similar, may be easier, that helps me to address the gap before an auditor comes in?


Dear QualityKey,

I have few observations on your GA.

ISO Exclusions (Page 1):
Along with clause no., ask for justification also. This will help you to analyze and include in Quality Manual.

Some of the clauses you have not included in your GA, e.g. 7.1, 7.2.2, 7.3.1, 7.3.5, 7.4.2, 7.4.3, etc. Have you decided to exclude these clauses??? :confused:

I’ll suggest you to refer ISO 9004:2000, Annex A, Guidelines for self-assessment. Section A.3 includes 27 typical self assessment questions. You can customize them to suit to your organization.

Hope this will help!

QualityKey,

That's an outdated version of a GA in any case.


Get a copy of the 08 Standard. You could do the same thing with it if you really wanted to.


a copy of the 08 Standard is on the way, thanks.

Dear QualityKey,

I have few observations on your GA.

ISO Exclusions (Page 1):
Along with clause no., ask for justification also. This will help you to analyze and include in Quality Manual.

Some of the clauses you have not included in your GA, e.g. 7.1, 7.2.2, 7.3.1, 7.3.5, 7.4.2, 7.4.3, etc. Have you decided to exclude these clauses??? :confused:

I’ll suggest you to refer ISO 9004:2000, Annex A, Guidelines for self-assessment. Section A.3 includes 27 typical self assessment questions. You can customize them to suit to your organization.

Hope this will help!

Thanks Makrap.

I do not have a copy of the ISO 9004:2000 yet, I will try to get it the soonest.

I guess you are in right track and you have already taken steps required to consolidate.

I will recommend having a pre-assessment audit. However, before pre-assessment audit you can prepare ground work so that pre-assessment will be used effectively for improvement and not in building QMS.

You must be aware that ISO 9001:2008 expect only 6 mandatory procedures. Now the choice is left on the organization and their business, how much you need to go down on detail.

As you said all required Work Instructions (or Procedures) are available but in different format. I don’t think there is any need to reformat all WI. However, to begin with your Quality Representatives can perform gap analysis on their relevant procedures to verify if all basic requirements are documented in their procedures.

Basic requirements could be Document Control No., Revision status, Inputs, Outputs, Responsibilities (Owner), Process controls / parameters, Customers, applicable Records and what is documented is still relevant.

WI update or no update will be based on the results of this gap analysis.

As mentioned by tedschmitt, leave Quality Manual for last. I agree.




I’m slightly confused with your clarification to Marc and others that “… system is working for a while…”. Do you mean your organization is complying with all requirements of ISO 9001 and Quality Management System is in place?

Just curious :)

Just curious,

Every organization has a system whether it is documented or not.

This system largely determines the outcomes of its processes.

To develop a system is to capture the system that runs the business so it can be recognized, understood, used and improved. :read:

The natural system tends to disorder (entropy) so we also add and nurture new processes such as controlling documents, auditing, problem solving and investing in improvement to counter this tendency.

The organization then ends up with a system it can use to add value faster and prevent loss sooner. And, by the way, obtain certification if required for marketing purposes.

I have uploaded a deployment or swimlane flowchart to explain this is a different way.

John

I liked what John has written about the general strategy in implementing QMS. I would like to add my little bit to this thread as follows:
My experience shows that the weakest area in an orgn. vis a vis requirements of ISO 9001 is those related to clauses 8.3 and 8.5 whereas maximum benefits through QMS to an orgn. may accrue from implementation of these clauses. So I suggest that while you plan your project, please give equal or priority status to following actions:
1. Advising process owners to identify nonconformities they come across in their processes and record how they correct them (cl 8.3) and how they take corrective action(cl 8.5.2) if they are already doing it. If they are not used to corrective action, you may have to guide them in the corrective action process in their respective areas.
2. You can also devise a nonconformity reporting proforma which could also be used to record correction of nonconformity(disposal of nonconforming product as per cl 8.3);analysis of root cause of nonconformity; and recording of corrective action including verification of effectiveness of corrective action. You can see to it that this proforma is put into use at the first stage of implemenation itself.
3. An action that deserves equal importance is to guide process owners in identifying process performance indicators(cl 8.2.3) in their respective areas and also encourage them to collect data on actual performance in terms of these indicators. This step will faciltate them to analyse data collected, define present level of performance in their respective functional areas and also subsequently arrive at measurable quality objectives(cl 5.4.1) with respect to these areas.

I liked what John has written about the general strategy in implementing QMS. I would like to add my little bit to this thread as follows:
My experience shows that the weakest area in an orgn. vis a vis requirements of ISO 9001 is those related to clauses 8.3 and 8.5 whereas maximum benefits through QMS to an orgn. may accrue from implementation of these clauses. So I suggest that while you plan your project, please give equal or priority status to following actions:
1. Advising process owners to identify nonconformities they come across in their processes and record how they correct them (cl 8.3) and how they take corrective action(cl 8.5.2) if they are already doing it. If they are not used to corrective action, you may have to guide them in the corrective action process in their respective areas.
2. You can also devise a nonconformity reporting proforma which could also be used to record correction of nonconformity(disposal of nonconforming product as per cl 8.3);analysis of root cause of nonconformity; and recording of corrective action including verification of effectiveness of corrective action. You can see to it that this proforma is put into use at the first stage of implemenation itself.
3. An action that deserves equal importance is to guide process owners in identifying process performance indicators(cl 8.2.3) in their respective areas and also encourage them to collect data on actual performance in terms of these indicators. This step will faciltate them to analyse data collected, define present level of performance in their respective functional areas and also subsequently arrive at measurable quality objectives(cl 5.4.1) with respect to these areas.

I agree with this :yes: although it is important for each key process to have an objective (see 4.1c). :whip:

As you analyze the key processes with the process owners you record each nonconformity as you go; another benefit of becoming a competent systems auditor first. I also describe the nonconformity in a blue note attached to the flowcharted procedure. This enables you and the process owner to resist the temptation of pretending the process fulfills all of the applicable requirements. It also quickly informs management of what they or others must change and implement (includes training) to bring the process into conformity. It also helps remove the fear of a probably new word: "nonconformity".

Employees can see managers taking responsibility for the system and the nonconformity it causes.

The certification bonus is that you start building the records early as evidence of having used the new processes, from the beginning of the system development project, for removing the root causes of both future and current nonconformity in process and product.:evidence:

Your next problem will be how to get the operators, supervisors and managers to monitor and correct processes while under their control instead of waiting for an auditor to tell them it is wrong.:mad:

I have uploaded a deployment or swimlane flowchart to explain this is a different way.

John

The flowchart is excellant, it explains what you have said earlier. thanks :agree1:

The flowchart is excellant, it explains what you have said earlier. thanks :agree1:
Mr. Quality key,

Dont make a try for implementing systems just for certification. Have an experienced consultant as a guide and select a good steering team who knows the behaviour of their own processes and tailor a system suits your company not to just satisfy the certification body.

Make your management to sit in the front to drive the systems establishing by you. dont leave them.

Begin from the top management with commitment.

Suresh

Mr. Quality key,

Dont make a try for implementing systems just for certification. Have an experienced consultant as a guide and select a good steering team who knows the behaviour of their own processes and tailor a system suits your company not to just satisfy the certification body.

Make your management to sit in the front to drive the systems establishing by you. dont leave them.

Begin from the top management with commitment.

Suresh

Suresh,

Agreed, you will notice from the flowchart that the system development project starts with the "Chief Executive Officer requiring development of the management system so it can be used and improved".

John

Mr. John,

Ofcourse it is in the paper, I just ask this original poster to make it realize during implementation. Otherwise,he has to end up with having a certificate hanging on the wall as a decorative one.

Tips my end is simple:

"He has to involve every employee to to run the systems with top management as the driver"

Take care Mr. Quality Key...

this is our old QP format, maybe it could help in such a way....:)

you can add additional/improve columns to suit your needs;)

Simply, my advice is to implement the standard in phases... according to the ISO 9001 clauses.

1) Start in clause 4: Define processes, put the doc control and record control systems in place. Write rough drafts of needed procedures and the quality manual (because they will change, but it is nice to have a rough draft before you proceed).

2) Then put the continual improvement process of clause 8 into place.

3) Then address all the "Shall" statements of clause 5 and 6 (along with the few record requirements there)

4) Do clause 7 last, because it has the most record requirements and the toughest compliance issues.

Good luck.

(I strongly agree with the comments about forming a good ISO team.)

Don, welcome:

Taking your (novel) approach could cause some problems if folks haven't had some kind of competencies determined, early on, couldn't it?

How many people really understand what makes effective document and record control, but this wouldn't be found out until much later in the implementation, after the procedures etc have been written.

Imagine the mess - writing 6 'required' procedures' only to find out - later - that the folks who wrote them weren't competent!

I have to disagree with this approach of yours, I'm sorry to say - based on my 20+ years of implementation experience in hundreds of organizations.

Simply, my advice is to implement the standard in phases... according to the ISO 9001 clauses.

1) Start in clause 4: Define processes, put the doc control and record control systems in place. Write rough drafts of needed procedures and the quality manual (because they will change, but it is nice to have a rough draft before you proceed).

2) Then put the continual improvement process of clause 8 into place.

3) Then address all the "Shall" statements of clause 5 and 6 (along with the few record requirements there)

4) Do clause 7 last, because it has the most record requirements and the toughest compliance issues.

Good luck.

(I strongly agree with the comments about forming a good ISO team.)

"Implement ISO", an "ISO team", an "ISO system" on the "I:drive" a recipe for fear and loathing of something done to get a certificate. :mad:

Instead name the management system after its owner, the company, or may be even call it a "Company Name"Teamwork System. :cool:

1. Analyze how the company gets work, does work and gets paid. This is the core process for converting customer needs into cash in the bank.

2. Determine the key processes from the core processes and those necessary to sustain and improve the core process (largely from the system standards and from common sense - such as "Recruiting and hiring". :)

3. Designate each key process as: As-is or New and name the person who is the expert in each key process. Some process owners may need training before owning the Problem-solving or Auditing process, for example.

4. Analyze the as-is processes with the process owner to define the controls and resources actually used to fulfill each processes' objective (obtain as-is or accuracy review comments from the process teams).

5. Design the new processes with the newly trained process owners and involve the process teams in agreeing their feasibility.

6. Nurture the new processes as they improve the system that runs the business.

7. Enable the leaders to demonstrate their commitment to requirements by helping them to understand their system and explain in their own terms to the employees. Do not allow the System Manager to do this alone.

8. Require a State-of-the-System Report from each management review so the employees know what the system does well, where it needs help and what top management is doing about it.

Avoid any reference to the ISO System. :bonk:

Don, welcome:

How many people really understand what makes effective document and record control, but this wouldn't be found out until much later in the implementation, after the procedures etc have been written.

Imagine the mess - writing 6 'required' procedures' only to find out - later - that the folks who wrote them weren't competent!

I have to disagree with this approach of yours, I'm sorry to say - based on my 20+ years of implementation experience in hundreds of organizations.

I actually favour his approach, I am qualified QMS lead auditor and working on the development of an EMS (14001) and also QMS system.

I am applying the same logic, in order to control and affect document and records, and in essence manage the process elements of the standard then the development of the record procedures is paramount.

My approach was to review what the organisations has at present, someone will be using a rudimentary form of record management (ask internal audit or Finance).
I then pulled together several templates (including some form Prince2) and had an open workshop discussing the pro's and cons of the designs.
Next stage, I carried out trials of the agreed templates in key areas and gained feedback.
Final versions were then developed.
Need to also develop associated elements - record tempaltes, naming conventions, file plans, record retention rules (legal, finance, hr, and audit should help with these).
Full record control is massive, I personally applied a modulator approach, as each section was developed, tested, updated and released.
Data Protection, Data Quality, Data Security, Record Control (ISO15489), FOI etc...

Ref: John Broomfield, nice approach - this is how I have historically managed the whole process.

Just remember:
What are our services?
Which services directly impact passenger usage?
How are these measured?
When are these measured?
Are they measured correctly?
How do we compare and manage performance?
How do we target these areas? (Strategies/ad-hoc)
What internal services affect these areas?
How are these measured?
How do we improve?
How do we know we have improved?

When I did a presentation to management about the added value of a standard (did not mention ISO at this stage) I give them this simple example:

A process operated by employees meeting defined competence requirements, specifically trained to do tasks as expected, using process controls that allow adjustment and correction to defined parameters, with product verification.

…and no document procedures

Thanks for the question.:)

Money counts even in public sector and nonprofit organizations but it is not the measure of success that it is for companies.

I agree - customer satisfaction and perception are key, I am working on a model now that interlinks these back to our strategies.

On another note - "nonprofit" - I should have used the term "more than for profit".