i was conducting training and was discussing how the Quality Policy needs to be established in a manner which provides a framework for setting Quality Objectives, one of the participants wa however confused, especially with the 9001's use of the word "Policy" in the "Quality Policy" as the vehicle for communicating the Quality directive, when "Policies" are commonly used in other management courses as a method of control following the identification of the overall company objectives ......

attempting to explain that 9001's "Quality Policy" requirements are basically to clarify the directives towards Quality and clarify and enforce Top Management Commitment, and doesn't have t o be labelled as a "Policy" but such requirements can also be met through meeting the requirements in the context of the vision and mission statement , was too confusing for the participant, and he was hardly convinced with establishing a policy first then objectives.

what are your thoughts on this, do you think there's any conflict between 9001's policy and the common policies such as those to govern purchasing, customer care and others.

I want to hear from you if you faced such a case, and how you make sense of it all.

i was conducting training and was discussing how the Quality Policy needs to be established in a manner which provides a framework for setting Quality Objectives, one of the participants wa however confused, especially with the 9001's use of the word "Policy" in the "Quality Policy" as the vehicle for communicating the Quality directive, when "Policies" are commonly used in other management courses as a method of control following the identification of the overall company objectives ......

attempting to explain that 9001's "Quality Policy" requirements are basically to clarify the directives towards Quality and clarify and enforce Top Management Commitment, and doesn't have t o be labelled as a "Policy" but such requirements can also be met through meeting the requirements in the context of the vision and mission statement , was too confusing for the participant, and he was hardly convinced with establishing a policy first then objectives.

what are your thoughts on this, do you think there's any conflict between 9001's policy and the common policies such as those to govern purchasing, customer care and others.

I want to hear from you if you faced such a case, and how you make sense of it all.

I find the term "Quality Policy" (or "Environmental Policy" for that matter), to be tossed around a lot, but mostly misunderstood. I think the point is simple, but powerful. Top Management has to set a policy, a statement of commitment, and insist that everyone marches to it.

For example, in the 1990's, Ford's "Quality Policy" was "Quality is Job 1." All the employees knew the policy, but the policy was hollow since they had all those problems with tires on the Explorer. Top Mgt. apparently did not really adhere to the "Quality is Job 1," and I expect the employees knew it. I would propose, it set Ford back 10 years against Toyota.

That is why Deming was against policies, if they were just slogans without commitment.

The difference is...Quality Policy has a definition

ISO 9000:2005 - 3.2.4 quality policy

overall intentions and direction of an organization (3.3.1) related to quality (3.1.1) as formally expressed by top management (3.2.7)

NOTE 1 Generally the quality policy is consistent with the overall policy of the organization and provides a framework for the setting of quality objectives (3.2.5).

NOTE 2 Quality management principles presented in this International Standard can form a basis for the establishment of a quality policy. (See 0.2.)

Randy said it all. I like his approach - go back to the official sources, ie, the Standard and in this case its related definition in ISO 9000.

Any kind of policy establishes (or should) the intentions & direction of an organisation on a particular topic. The quality one relates to quality. (And yes 9000 has a def. for that too).

But - and here's the catch - if a business has something that it calls a Vision statement (or a Mission statement or whatever) AND it covers what is required, then that's fine. You don't have to have something with the official title of 'Quality Policy'. And any competent auditor will accept that Bloggs' Vision statement = their Quality Policy (provided of course, as always, that it covers the requirements).

Originally Posted by JaneB http://elsmar.com/Forums/images/buttons/viewpost.gif (http://elsmar.com/Forums/showthread.php?p=303564#post303564)

You don't have to have something with the official title of 'Quality Policy'. And any competent auditor will accept that Bloggs' Vision statement = their Quality Policy (provided of course, as always, that it covers the requirements).


Pardon my difference in opinion here, Jane. Sincerely speaking, I would NOT accept any document covering the requirements of a Quality Policy, coming straight from the ISO standards clause 5.3 with 5 sub-clauses and misnamed 'Vision Statement'.

Well, the point is not only of simply 'whats in a name', it is also the fact that doing so is actually diluting the standards requirement. I would not call a vision statement a quality policy, however, a quality policy may include the vision statement.

I may well have agreed with you, if the company was not adhering to the quality standards, and they have a 'Vision Statement' with the standards quality policy incorporated in it!

Ciao. :cool:

______________________________
Sincerely, SAM

"To achive the impossible, it is precisely the unthinkable that must be thought!"

Thanks everybody for your reply.... however, i was meaning to hear from you on any possible conflicts / confusion which had occurred in the usage of 9001 of the term "policy" to describe direction when in strategic management it is actually part of the controls and laws which are established as a second step following the establishment of the general direction.

I mean the participant had a valid point .... one company not implementing 9001 would normally establish vision, mission, then objective then controls including policies and procedures to achieve its vision and mission, but in ISO9001, you establish the Quality Policy and then the Objectives, though the order of establishing either is not indicated int he standard but it is inferred when stating that the Quality Policy should provide a framework for setting objectives, has TC176 used the word "Policy" in 9001 inappropriately?

"A policy is typically described as a deliberate plan of action to guide decisions and achieve rational outcome(s). However, the term may also be used to denote what is actually done, even though it is unplanned."

I can't see how this definition of "policy" together with the definition of "Quality Policy" in the standard, as highlighted by Randy, can be misunderstood. I have never experienced this kind of confusion amongst persons I've trained in management systems and the associated policies.

Jo

Jo,

Thanks so much for your reply,
i think the confusion stems from "which comes first", maybe this sounds alot like the chicken and the egg thing but please bare with me....

Based on 9001's requirements of the "Quality Policy" and its definition, it is a general directive which also provides a framework for setting objectives which may translate to:

The Quality Policy = "Our Customers are the key factor in all our decisions"
following which Objectives may follow such as:
" Completing an opinion survey for product x in y region for customer classes A, B and C by the end of June 2009 to identify the general acceptance of our customers"
but then "policies" may follow regarding the surveying steps such as
"Equal Representation, Customer Care, .....etc."

in another scenario the general directive is described as follows:

You have a vision and mission, then objectives "which don't necessarily have to be measurable" then you have targets then policies regarding such targets

so you see the confusion i'm talking about with the usage of the word "policy" especially when it can mean directive or bylaws and may be for planned or unplanned events.

It's like saying .... an elephant is a mammal and will give birth but may lay eggs too, you know?

I'm confused about the confusion.:confused: A policy is simply a statement, written or otherwise, that spells out some sort of belief system. I have an unwritten policy in my life to buy groceries for those persons standing outside the grocery store begging for money if they choose the groceries over nothing. My company has a no weapons policy. We also have a quality policy. All of these policies spell out what I, or my company, holds for expectations from ourselves, or others.

Pardon my difference in opinion here, Jane. Sincerely speaking, I would NOT accept any document covering the requirements of a Quality Policy, coming straight from the ISO standards clause 5.3 with 5 sub-clauses and misnamed 'Vision Statement'.

"To achive the impossible, it is precisely the unthinkable that must be thought!"


You can call anything, anything you want as long as it's understood what you're talking about and the dynamic of the document is not diminished...

Get out of the box..........

Originally Posted by Randy http://elsmar.com/Forums/images/buttons/viewpost.gif (http://elsmar.com/Forums/showthread.php?p=303663#post303663)

You can call anything, anything you want as long as it's understood what you're talking about and the dynamic of the document is not diminished...

Get out of the box..........


I apologize that what I am about to point may not be of any direct help to the poster of the topic of discussion. Furthermore, I would like to stress that I have the deepest respect for all of you people, especially involved with quality.:truce: The below post is only for the purpose of clarifying my thinking.

“My ‘home’s’ ‘potato’ says that the ‘house’ shall devise ‘future’ for all core ‘parts’ of the ‘home’.”

If I ask you to simply read the above statement and understand it (even in terms of quality!!), I am 200% sure that you won’t be making head or tail of it! I know your answer here is ‘yes’! And the reason is because I used quality words for ‘anything’!

Now, the understanding part,
Home = company
Potato=quality policy
House=organization
Future=quality objectives
Parts=processes

To deduce the outcome of the above statement, through re-wording 'anything' to the correct standardized words of quality.....

“My company’s quality policy says that the organization shall devise quality objectives for all core processes of the company.”

Now, you clearly understand the statement? I am 200% sure, your answer is ‘yes’!
Reason:
I used the internationally standardized words for making you understand what I am talking about. People have been using these words for a long time to have them standardized.

I think that’s part of the purpose of the ISO standards – STANDARDIZATION.
If all things in the world, both seen and unseen, did not have a standardized word for it, then everything in the world would definitely be ‘anything’ called ‘anything’, and purpose 'anything', and I am 200% sure that NO ONE in the world would understand what everyone is talking about!

If you have a hole in your shirt, one fine day that hole is bound to become larger with regular use. So, you eliminate the root cause of the hole in the shirt. A similar thing is what the ISO standards are trying to do, and that’s what I am trying to do. :)

Nomeclature may be a trivial matter, but does have the power to 'confuse'! Big Time! Especially coming from highly recognized sources!

Ciao.:cool:


___________________________
Sincerely, SAM

"To achieve the impossible, it is precisely the unthinkable that must be thought!"

Looking back over this thread is interesting and somewhat confusing. I'd like to throw in my :2cents: with a simple description........

We have a 'quality' policy in my house - shoes off at the front door (if you came in the house that way)

Is it documented? (no, but I know that to comply and if we had more folks in the house I would post it clearly to better communicate it).

Do my sons and their friends 'know' it? Oh, yeah. I treat my sons as 'supervisors' of their visitors, as guests you understand. It's their 'job' to communicate the policy to the guests.

Do I make provision for resources to implement the policy? - you betcha. There's a boot tray (2 for more friends shoes) to catch the dirt and water from the snow etc that comes in on the shoes.

Is it deployed? Oh, indeed, I do periodic audits when I walk past the door. When I detect a non-compliance (my son Stuart's girlfriend doesn't 'get' the use of the tray, so there's a dirty patch on the floor now) I bring it to the attention of the 'supervisor' in a non-threatening manner; "Hey, Stu. Please make sure Brittany understands why her shoes need to be in the tray, will you? Otherwise you'll be cleaning the floor....."

Result? We have clean floors because the policy is effectively implemented (with 1 minor non-conformity this year). Is it suitable?

I'll leave you to decide!

It sounds as if the manager of the OP is confused because of the word "policy". While part of me wants to tell this manager to stop looking at the literal meaning of the word and instead focus on understanding the meaning and intent of the "quality policy', I know we can't do that. Managers are such a overly sensitive group of people. ;)

My own organization also has policies, protocols and procedures...plus a quality policy at the sites which are registered to ISO 9001. I do not find that we experience confusion because we focus more on the purpose of each document instead of the name of the document.

What I find helps to explain the difference/purpose is a pyramid. There are levels within the pyramid. We put the different types of documents at certain levels and explain their purpose, the information flow, etc. I have found that a visual explanation of the documents is more easily understood than simply showing a definition of each document type up on a powerpoint presentation.

I audit folks all the time that use the word "policy" instead of "procedure" and have used "vision statement" instead of "quality policy" and you know how much I cared? -ZERO-....Just as long as they knew what they were talking about and could tell me....I don't care and it don't matter:nope:

Sam4Quality...I'm a 3rd party CB auditor so I see and here more stuff than what others do that never leave home or go beyond the walls of their company. One of the "personal attibutes" an auditor has to display is that of being ... open-minded, i.e. willing to consider alternative ideas or points of view....as defined in ISO 19011:2002....that's why I say that it doesn't matter what the word is.

I audit folks all the time that use the word "policy" instead of "procedure" and have used "vision statement" instead of "quality policy" and you know how much I cared? -ZERO-....Just as long as they knew what they were talking about and could tell me....I don't care and it don't matter:nope:

Sam4Quality...I'm a 3rd party CB auditor so I see and here more stuff than what others do that never leave home or go beyond the walls of their company. One of the "personal attibutes" an auditor has to display is that of being ... open-minded, i.e. willing to consider alternative ideas or points of view....as defined in ISO 19011:2002....that's why I say that it doesn't matter what the word is.

Sadly, Randy, while I take the same approach as you, not all auditors are so...open-minded. In fact, "inflexible" is often an attribute I would use to describe them. I had one auditor write us up because folks didn't know the quality policy...they knew their role when it came to making good product that met specs but because the employees couldn't recite the policy, a "finding" was issued. By the end of the audit, we had it down to a (non-value-added) OFI.

Sadly, Randy, while I take the same approach as you, not all auditors are so...open-minded. In fact, "inflexible" is often an attribute I would use to describe them. I had one auditor write us up because folks didn't know the quality policy...they knew their role when it came to making good product that met specs but because the employees couldn't recite the policy, a "finding" was issued. By the end of the audit, we had it down to a (non-value-added) OFI.

It occurs to me, when thinking about incompetent auditors, that the people we have here who have a great deal of experience at it--Randy, Helmut, et al) (A) understand what's actually important and don't get hung up on inconsequential stuff, and (B) spend a lot of time here trying to help people. In other words, there seems to be a significant correlation between competence and willingness to help others see the light.

It occurs to me, when thinking about incompetent auditors, that the people we have here who have a great deal of experience at it--Randy, Helmut, et al) (A) understand what's actually important and don't get hung up on inconsequential stuff, and (B) spend a lot of time here trying to help people. In other words, there seems to be a significant correlation between competence and willingness to help others see the light.

Well said, Jim. I'd agree.

I've seen a lot of external auditors on the job. The competent ones, as you say, do focus on what's important and don't waste time on the inconsequential or the quite trivial. And every one I've seen has also loved to help others, and been very willing to assist them in that.

The opposite is also true.

With respect, Sam, I think your argument here is invalid and distinctly far-fetched. To me, it's just silly to insist that the quality policy must always be clearly labelled as Quality Policy. I could also add, rigid, overly dogmatic and not supportable in 9001 or 9000.

I've not encounted this particular point of view from any external auditor yet (and I thought I'd come across some with fairly myopic views at times). To date, if someone has chosen in what is their system (not the auditors!) to call their quality policy something else, or even to meet the requirements in some unique ways, no auditor has insisted it must be labelled as you say.

But I suppose there's always a first time. If it did happen, I'd register a complaint, first with their technical manager and if unresolved to their CB and if necessary, ask for a ruling. If the CB agreed with this point of view, I'd advise my client to switch to a better CB and who didn't have such a rigid and dogmatic view.

Yes, standardisation is important. But documents like company visions and missions are in fairly wide use in the business world - we're not talking about such farfetched things as 'potatoes' and 'houses'. :nope:

I care much more that people understand what's needed and are Doing Good Stuff that meets it, than I do about them using the exact words and terms according to my or ISO 9000 definitions! And all the competent auditors I know have a similar outlook.

Insisting that a QP must be called and labelled a QP? Nope. :nope:

:truce::truce::truce:Egad, what have I put myself into? :o. I did not expect this to go this far; I guess I caused a bit of a furor!

Firstly, I would like to thank all you senior gentlemen and gentlewomen, senior in age, knowledge and experience, for showing me the mirror. I have been thinking of this topic for a while (I couldn't sleep yesterday night!:confused:)and now I do realize I went a little more than off my track in trying to defend something which probably hold no grounds for auditors who have experienced this scenario and many more of a similar kind. I have too, a similar one 3 years back, under the guidance of a 3rd party CB auditor!! I think his explanation to the auditee on insistence of correct usage of terms made a direct impact on me, and thereafter the 'inflexible' auditing part of my ongoing career.

Inflexible? Yes, I have been, but not with companies I have audited, but with fellow and senior auditors who have shown excessive rigidity and bossy attitudes. I was once even barred from continuing an audit for arguing with an auditor to be more flexible with the auditees than he was.

Incompetent? I dont think so. I don't think I can compare myself to all you senior quality-neers here, in terms of auditing or quality knowledge or experience, but I do share the same approach of open-minded, flexible and out-of-the-box auditing.

Without sounding like a receding snail moving into its shell, I am fully aware that the purpose, relevance of any document holds the most importance over all other trivial matters during auditing, and I always will be a proponent of this. What I also almost never ignored was what the document was called, especially if it had something to do with what the standards said.

Despite all of the above, its easy to fall into the category of incompetent, inflexible, rigid (adjectives, adjectives...) auditors, especially being in their midst and having high regard and respect for them. All this does not take away anything from that CB auditor who effected me; however, I definitely will try to change my mindset on these particular issues. Well, I ain't an all that out-of-the-box auditor, after all; maybe my not-so-varied auditing experience got the better of me. :o

I also think there's a huge professional culture difference between the east and the west. Register a complaint against one of the CB auditors? That's a bit to far-fetched out here I think! :)

Jane, Randy, Jim, RC - I have come here primarily for learning more about quality, and ofcourse imparting some of my diminutive wisdom on it. I will always appreciate your contributions here in this cove and :applause:you for helping me further understand something very basic as an auditor. :agree:

I really look forward to many more quality discussions within this cove (not similar ones, I hope not:mg:!), that may help me come out a better quality professional than I am.

Ciao. :cool:


__________________________
Sincerely, SAM

"To achieve the impossible, it is precisely the unthinkable that must be thought!"

Inflexible? Yes, I have been, but not with companies I have audited, but with fellow and senior auditors who have shown excessive rigidity and bossy attitudes. I was once even barred from continuing an audit for arguing with an auditor to be more flexible with the auditees than he was.
It's generally not a good idea to engage in vigorous debate with auditors while the audit is in progress. It's enough to calmly voice disagreement and then wait for the closing meeting to get the hammer out. I think you may know this now, though. :D

Incompetent? I dont think so. I don't think I can compare myself to all you senior quality-neers here, in terms of auditing or quality knowledge or experience, but I do share the same approach of open-minded, flexible and out-of-the-box auditing.
I see now where my comments regarding competent auditors might be interpreted as suggesting that you aren't one, but that wasn't my intent. You seem to be a bright and capable person, and my comment was of a general nature and certainly not directed at you personally.

Without sounding like a receding snail moving into its shell, I am fully aware that the purpose, relevance of any document holds the most importance over all other trivial matters during auditing, and I always will be a proponent of this. What I also almost never ignored was what the document was called, especially if it had something to do with what the standards said.
I must assume, then, that if you were stranded in the desert without food or water for three days and came upon a big container labeled "horse manure" that you wouldn't look inside to see what was actually in it (food and water) and die of hunger and thirst as a result. This akin to the Fallacy of composition, wherein one projects the properties of part of an entity onto the entity as whole. In this case, you assume that a "vision statement" or something called "What the Boss Expects"" can't be a Quality Policy because its title doesn't include the phrase "Quality Policy." But the title has no bearing on the contents, so long as the contents are understood to mean what ISO expects a quality policy to mean.
I also think there's a huge professional culture difference between the east and the west. Register a complaint against one of the CB auditors? That's a bit to far-fetched out here I think! :)
There has been some conversation here in the past on this subject: the idea that cultural differences have a bearing on QMS development and auditing. It's true, and many people in this part of the world don't realize it, or how it affects the global nature of QMS development. See International Differences in Third Party Auditing and Auditors (http://elsmar.com/Forums/showthread.php?t=23177)

Jane, Randy, Jim, RC - I have come here primarily for learning more about quality, and ofcourse imparting some of my diminutive wisdom on it. I will always appreciate your contributions here in this cove and :applause:you for helping me further understand something very basic as an auditor. :agree:

I really look forward to many more quality discussions within this cove (not similar ones, I hope not:mg:!), that may help me come out a better quality professional than I am.
There are few of us here who don't learn something new on a regular basis by our participation in the Cove. We're glad you're here, and I know that your perspective can help others--even the more experienced of us. :D

It's generally not a good idea to engage in vigorous debate with auditors while the audit is in progress. It's enough to calmly voice disagreement and then wait for the closing meeting to get the hammer out. I think you may know this now, though. :D

Yeah, it's like telling a cop that pulled you over that if he really knew the law, he'd be a lawyer.:tg:

Yeah, it's like telling a cop that pulled you over that if he really knew the law, he'd be a lawyer.:tg:

:topic: I don't argue...I simply pop in the Disney Princess CD and ensure "Someday My Prince Will Come" is playing as I roll down the window. :cool: :topic:

:topic: I don't argue...I simply pop in the Disney Princess CD and ensure "Someday My Prince Will Come" is playing as I roll down the window. :cool: :topic:

When you're dealing with the engineering department, the song becomes "Someday my prints will come."

:topic: I don't argue...I simply pop in the Disney Princess CD and ensure "Someday My Prince Will Come" is playing as I roll down the window. :cool: :topic:

:topic: As Dr Phil would say: "How is that workin' for ya?":tg:

:topic: As Dr Phil would say: "How is that workin' for ya?":tg:

Didn't get a ticket and he was a Georgia State Troooper.

Okay, we should get this thread back on track, folks.

Yeah, it's like telling a cop that pulled you over that if he really knew the law, he'd be a lawyer.:tg:

Quite honestly most law enforcement officers know the application of the law better than most lawyers...Unlike a lawyer, the cop doesn't have the benefit of having the time to do research, use the law library or have a Paralegal run around checking stuff out. When cases are prosecuted you'll have the attorney for the state asking the cop the particulars and it's quite often the cop that actually writes the information and consequent search or arrest warrants that judges sign...and they all have to pass the constitutional test (I never had one tossed back)

Back on subject now.......................

Thanks for your explanation, Sam. Hope you didn't lose too much sleep :) No furore, just some open & frank debate - what a healthy forum's for. It's a great way to learn (not all one-sided learning either).

Jim's made good points, including that of the cultural difference (which I acknowledge) and re. arguing during the audit...

The attributes of an auditor listed in ISO19011 have already been mentioned. All important, including open-minded - willing to consider alternative ideas or points of view. I wouldn't respect any auditor who did not display that, or who wasn't versatile - adjusting readily to different decisions. See them as equally important as tenacious, decisive and self-reliant (among others).

Someone who would never /"almost never" ignore what the document was called, especially if it had something to do with what the standards said.
wouldn't to me be displaying all of these attributes.

What I outlined is not a theoretical response but one I've applied at times. I take my work as a quality professional seriously - care passionately about 'real' quality, and loathe it when I see anyone - particularly a client! - subjected to something that doesn't match the intent and requirements of the relevant Standard, etc.

And I've had the occasional & fortunately rare encounter with a particularly dogmatic and inflexible auditor who did. At a pre-cert, one refused to accept a particular procedure that covered both corrrective and preventive action, but wasn't called by those terms. Insisted that 1. client must have 2 separate procedures and 2. each procedure must be titled as CA and PA.

Balderdash. :frust:

And yes, I took it to their tech manager, and yes it was resolved, including a change of auditor. Clients were delighted with the new one. They'd been somewhat fearful of lodging a complaint; could not believe the difference in auditors. New auditor was highly competent, and focussed on issues that really matter. Where the real risks are and things that are important. Yes, he too knows the Standard inside out and backwards, and no he's certainly no little pushover bunny, no sirree. :nope: But he didn't & doesn't waste time on trivia like that!

So, Sam, yes, do please try getting out of the box a little. Because it's my firm opinion that being overly rigid and dogmatic where it is not only unnecesaary but undesirable is one of the things that gets 'quality' a bad name. There's good times and places for firm and unyielding... arguing that document X must always be titled document X isn't one of them IMO.

I really look forward to many more quality discussions within this cove (not similar ones, I hope not:mg:!), that may help me come out a better quality professional than I am.
Me too. But if you state an opinion, you have to expect to support it. And if someone says, hey, where precisely in the Standard are you getting that from? you should be able to explain.

But also, don't worry about finding yourself on the different end of an opinion, either. I'm certainly not going to hold it against anyone if we have a lively exchange of opinions, and I doubt others would. I've had some lively differences of opinion with other senior people in here. At times we've butted heads, argued our points... sometimes agreed to disagree, others conceded or agreed. But we're still debating & talking and still respect each other. That's what professionals do.

At least, I do, can't speak for Andy & Randy, et al ;)

I joined this board yesterday through a search on "process" and this thread caught my interest.
I can't comment on everything (no time) but my perspective may have value.

My agency is moving to comply with the ISO/IEC 20000, ISO 27001, and ISO 9000 standards; and the agency already has a mission statement in its charter. All the standards call for a policy.
Now it is practicable to have a policy for each of the standards as well as having the mission statement, but we would not have an effective policy. The Australian culture treats authority with suspicion and suspects it will find these grand policy statements to be vacuous.
If our people are not going to regard our policy with contempt then it has to be something they can identify with. So I see it as necessary to meld all these high level policy statements into one succint policy that is a statement to our people and our customers and suppliers of what we are about as a company.

I am prepared to argue the case with both the ISO 9001 and the ISO 27001 auditors. I am sure they will come round. After all, they want our business. No, Josephine! They are not true 3rd party audits. We are their customers for audits: and the certification process is not as good as the standard IMHO.

Now it is practicable to have a policy for each of the standards as well as having the mission statement, but we would not have an effective policy.
Possible, yes. Practical, not really as you point out.

So I see it as necessary to meld all these high level policy statements into one succint policy that is a statement to our people and our customers and suppliers of what we are about as a company....

I am prepared to argue the case with both the ISO 9001 and the ISO 27001 auditors.
Provided that you meet the mandatory requirements for policy in each case, there should not be any need to argue. The good certifiers (and their auditors) that I see are very happy to see truly integrated management systems that work well for the organisation involved.

It's absolutely fine to do things differently from the 'separate policy for every separate Standard'. But naturally you must meet the stipulated requirements of each.

I am sure they will come round. After all, they want our business.
Sure they do. But they also must comply with the terms of their certification. All the good certifiers I have had experience with don't have an issue with that. And are very definitely 3rd party auditors.

All the good certifiers I have had experience with don't have an issue with that. I had already come to the same conclusions as the rest of your post. Here, though, we seem to have a bit of a circular definition.

I had already come to the same conclusions as the rest of your post. Here, though, we seem to have a bit of a circular definition.

That's because people keep trying to make the task of boiling water more complicated than it is or has to be....

That's because people keep trying to make the task of boiling water more complicated than it is or has to be....

:topic:

I had to look this up! :lol: How to boil water (http://www.google.com/search?hl=en&q=how+to+boil+water&aq=f&oq=): Results 1 - 10 of about 755,000 for how to boil water.

Stijloor.