My apologies for not responding to this thread sooner. I have a client that is preparing for a State inspection and the last couple of days have been hectic. Christian, “approved” does not mean a signature is required, nor does the standard require “signatures” unless you are a “regulated” industry. The company’s procedures shall state when review and approval is accomplished. No more, no less. Of course, objective evidence is required, but this evidence should be the company’s, not the assessors. As far as continuous improvement is concerned, that is a different story. When a company decides to adopt a quality standard as their business core principle, the company decides which practices are best for them, with the primary goal being “to stay in business.” Customer satisfaction, making money, etc. Barb, preconceptions are not to be allowed or to be tolerated. I agree. The assessors job is to obtain objective evidence of “compliance or noncompliance.” No more, no less. I have stated earlier that when an assessor “suggests” things required for compliance, this is a no-no. I also agree that some (not all, by no means) consultants may try to mold a company’s policies and procedures to their (the consultant's) mold, not the standards. Things adopted by the company may not add value, but an assessors job is not to determine this. Again, “compliance or noncompliance” is the issue for them. Barb, a company with 5 or 10 employees do not need reams of paperwork or unnecessary documents to comply (see misconceptions above). As a matter of fact, other than the costs, small companies are the easiest to register. That is the magic and magical purpose of ISO 900x. It IS that flexible. There is much benefit to using ISO 900x to improve a business operations. This is determined by the company, and company only. The purpose of the list was to highlight what those who do not know try to know. By the way Marc, DCAS was my most driving force to be in this business (doing things right, not by the so-called rules). I have a good story I will forward at a later time.

Common Misconceptions:

1) The standard requires that you document what you do and do what you document
2) You have to appoint a Quality Manager
3) Job descriptions are required
4) Everyone should be able to recite the quality policy
5) All out of date documents have to be removed
6) All purchases have to be from approved suppliers
7) Purchase orders must be signed
8) doucments have to carry an approval signature
9) There has to be only one index of documention
10) Work instuctions are required for all operations that affect quality
11) All measurements have to made with calibrated instruments
12) All verification activities have to be performed by staff independant of those responsible for the activities being verified
13) The location of items in stock has to identified
14) Records of corrective actions have to be retained for a defined period
15) All auditors have to undergo formal training
16) All incoming supplies are subject to receipt inspection
17) Storage areas have to be locked at all times
18) The quality record requirements apply to all records.
------snippo-----
Any comments folks?

You certainy know how to get attention; I was told that at least 3/4 of your list are absolutes! Especially the first..."it's just like OSHA, if it's not written down it didn't happen". Help; we are just at the desk audit stage and I don't want to expend energy where it isn't needed. Could you clarify please?

Thanks

Well, definetely a list of COMMON misconceptions. I hear them all the time. lets start with just one shall we.

"Job descriptions are required. "
Well, responsibilities and authority must be clearly defined for all activities effecting quality. People use the job description as one means of assigning responsibility, and delegating authority. Its also a means of identifying training needs and resourses. By no means the only way of providing this information.....the confusion is a result of non creative-people deciding they need to see a job description in order to have evidence of the requirements. Consultants also add to this misconception by leading their clients down that road.

NEXT???????

Hi,
I'll take the next one.

2. You have to appoint a quality manager.

the standard tells us we have to appoint a "management rep.", in fact it is better if the rep. isn't the Quality Manager he is busy doing other things. http://www.qs9000.com/ubb/smile.gif

I will take #5. Refer to 4.5.2(b). The KEY point in the statement is "or otherwise assured against unintended use." Just identify obsolete documents as such and state that you do so in your procedures.

I'm still listening. You've already identified one and that was the job description. I was told by my "auditor" that I had to have them.
thank you.....I do love learning the right way

Pat,
I will probably take some flack for this one. Try #10. This misconception stems mainly from section 4.9(a) which states "documented procedures defining the manner of production, installation, and servicing, where the absence of such procedures could adversely affect quality;" The key phrase here is "where the absence of such procedures could adversely affect quality" Justify the lack of the procedures (read work instructions) by the best method suited for your operation and back up with objective evidence and work instructions are not required. Period. For example, give a master machinist a drawing and the proper machine(s) and say "make 300 of these." He will supply you with the 300 pieces, to print, without further instructions. Remember, ISO 900x and registrars work for you, not you for THEM. By the way, any auditor (assessor?) that tells you what you must do is NOT an ISO assessor, just some "consultant."
By the way Marc, I would appreciate your input to my interpretation. Thanks, Don

First, I apologise to everyone for posting this list and not paying attention. My central AC went out and it's a 30 year old unit so it's replacement time. And, as some of you know, I'm doing a couple of months of Yard Duty and the recoil starter on my chipper broke. And I wanted to try to stabilize this new forum software. Etc, etc, etc... So - I'll try to address the issues.

Don - You are 100% correct and said it in a lot fewer words than I would have used.

As barb said:

--> ...the confusion is a result of non creative-people

--> deciding they need to see a job description in order to have evidence of the requirements.

Something I try to tell my clients is:

What is the intent and how do you comply! Please explain to me how you meet the intent. And this is evident through out. Look at the current MSA 'controversy'. For the last year MSA has become a registrar Hot Button. It's damn simple if you understand that MSA is simply a high level system that *someone* in a company has to understand. And, if you're a big company your design engineers and process engineers *should* also understand. It's a niche specialty which should be part of an engineering education - and it doesn't appear to be (my degree is in biology if that telly you any thing). I learned MSA in college in the context of chemistry, physics and biology. Measurement is very important in those focuses. So it makes sense to me. Understanding the dynamics and variables is important.

And - don't forget. Just like Debate in college - Folks - This is a War of Words.

The registrars are looking for someone to explain how a company meets the intent of every section and each element within each if only to say "We don't do that and this is why..." with a valid explaination - like the machinist in your example. Which requires thought and understanding. I tell my clients up front - I'm a consultant but I am like a piano teacher. I can teach you how to play it faster than you can learn yourself and I can help you avoid the common pitfalls. But when it comes time for the concert I can only give (thanks, Dad) Moral Support.

Pat - If you take a look at each of the items in the list there is a good thought with each. What I mean is challenge yourself with each number. Cay you think of a contradiction for each? You have to look at every word in the line item and think about it and contrast it to the words of the requirement. Can you describe the intent of the element or section?

Take this one: http://www.qs9000.com/ubb/smile.gif
--> ...14) Records of corrective actions have to be retained for a defined period...

Can you think of a place where the standard specifically requires this? Can you think of an instance where one might be kept longer than whatever your defined minimum is? Or do you have a minimum defined period?

Look at 4.16 and see what it says. Don't confuse with QS9000 requirements. The closest it comes is to say "Retention times of quality records shall be established and recorded." Is your CA report specifically defined within your system as a quality record?

The point of all this is there are times when you meet the intent but it might not be in the paradigm of the auditor in which case you have to 'educate' the auditor.

An example of this is 4.20 Statistical Techniques. It says you have to "...identify the need for..." - which is the key to the sentence. It doesn't say you have to use any. Period. I went through this with an auditor who had a very hard time with us explaining that we investigated where statistical techniques would help and found none.

Scenario: Small 14 soul company. No turnover of any employees in almost 10 years. Mix bulk chemicals for cleaning metal parts. Noting precise at all. Empry bags or barrels into hopper. Mix. Package in drums. Both powder and liquid product 4 mixers each for 8 total mixers. No customer complaints in years but then the guy who owned the companies visited every customer regularly. Only QA test was specific gravity (big deal). Tolerances wide. Limits established. long established, stable process. No desire to expand customer base. No desire to get into automotive business. It was like a happy little family

So - where would a statistical technique help? The guy doing the QA checks had been there for years. He didn't need a graph to tell him what the process is doing. Again, their product was so basic with such wide tolerances that we're FAR from rocket science. I will admit I did not find the place particularly aggressive. They're just nice people who are in some ways a throwback to the 60's. In a way I'm jealous, as a matter of fact. The old 'simplier time' thing. At work at 7, leave at 4. Every day. Rarely any overtime or anything. As I said - I was/am impressed. anyway, I digress...

The auditor finally bought it (no ST needed - intent met with proof 'opportunities' for ST were investigated and the need is re-evaluated yearly in their management review meeting). And the company is happily(?) registered...

Has this confused the issue or has it made sense? I can take criticism! I just can't spell worth a damn.

This is a decent 'Words are Important' example:

--> Subject: Re: Q:Quality policy/Darracott/Naish/Andrews
-->
--> Phyllis wrote (in part),
--> <While I agree an auditor either internal or external should not dictate
--> how that measure is to be accomplished, there seems to be a clear
--> requirement that the measure be taken and evaluated.>
-->
--> Determination of the effectiveness of the quality SYSTEM and measurement
--> of progress toward the objectives stated in the quality policy. Not
--> measurement of the effectiveness of the quality POLICY (not a requirement).
--> It may seem like splitting hairs to some; however, accurate and proper
--> interpretation of the requirements of the ISO 900x Series of Standards is
--> essential (especially to those that garner a living from helping others to
--> interpret it).
--> Ethan

Marc, How about this:

17) Storage areas have to be locked at all times.

Where in ISO900x does the word "lock" appear. Nowhere. None. Zero. Refer to 4.15.3 Storage

"The supplier shall use designated storage areas or stock rooms to prevent damage or deterioration of product, pending use or delivery. Appropriate methods for authorizing receipt to and dispatch from such areas shall be stipulated." Where does it say "lock." You must only define "Appropriate methods for authorizing receipt to and dispatch from such areasŠ" Define these methods. In our company, dispatch is authorized by a form indicating "who" and "identification." Even this is more detailed than it has to be because of the FDA (my company is also FDA regulated).

Don e-mailed me the 'orignial' - as follows. Note that the comments at the end are Don's which I (for the most part) echo.

Here we go!

Common Misconceptions Pertaining to ISO 900x:

1) The standard requires that you document what you do and do what you document.
The standard requires procedures in only certain sections. While most companies develop procedures for each of the twenty clauses, they are not required except in the clauses that state “the supplier shall establish and maintain documented procedures…” The content and format of the procedures is entirely up to the company. The standard states in 4.2.2 that “the range and detail of the procedures that form part of the quality system depend on the complexity of the work, the methods used, and the skills and training needed by personnel involved in carrying out the activity.”

2) You have to appoint a Quality Manager.
The standard states that you must appoint a management representative. This representative is responsible for ensuring the quality system is established and maintained and for reporting on the performance of the quality system. Ideally, this person should not be the quality manager, as that he is responsible for day-to-day quality of the company’s product or service.

3) Job descriptions are required.
The standard states in 4.1.2.1 that “The responsibility, authority, and the interrelation of personnel who manage, perform, and verify work affecting quality shall be defined and documented.” The means of documentation is entirely up the company’s discretion backed up with objective evidence.

4) Everyone should be able to recite the quality policy.
The standard states in 4.1.1 that “The supplier shall ensure that this policy is understood, implemented and maintained at all levels of the organization.” Most assessors will probably ask a couple of employees if they understand the company’s quality policy, not that they recite it verbatim. Many assessors will not ask at all, just verify a policy exists.

5) All out of date documents have to be removed.
The standard states in 4.5.2(b) that “invalid and/or obsolete documents are promptly removed from all points of issue or use, or otherwise assured against unintended use.” The key phrase is “or otherwise assured against unintended use.” State how this is done in the procedure required in 4.5.1. How this is done should be best suited to the company’s operation.

6) All purchases have to be from approved suppliers.
The standard states in 4.6.2(b) that the company shall “define the type and extent of control exercised by the supplier over subcontractors. This shall be dependent upon the type of product, the impact of subcontracted product on the quality of final product, and, where applicable, on the quality audit reports and/or quality records of the previously demonstrated capability and performance of subcontractors.” The key phrase is “This shall be dependent upon the type of product, the impact of subcontracted product on the quality of final product.” If commercial off the shelf (COTS) is adequate for your product and is defined as such, then that purchase can be made from any supplier you choose.

7) Purchase orders must be signed.
Purchase orders shall be reviewed and approved. Neither ISO 900x nor ISO 8402 state that approval means signature.

8) Documents have to carry an approval signature.
See seven above.

9) There has to be only one index of documentation.
The standard states in 4.5.2 that “A master list or equivalent document control procedure identifying the current revision status of documents shall be established and be readily available to preclude the use of invalid and/or obsolete documents.” The key phrase is “or equivalent.”

10) Work instructions are required for all operations that affect quality.
The standard states in 4.9(a) that “documented procedures defining the manner of production, installation, and servicing, where the absence of such procedures could adversely affect quality.” The key phrase is “where the absence of such procedures could adversely affect quality.” If you can justify with objective evidence (read training) that work instructions are not required, that is fine.

11) All measurements have to be made with calibrated instruments.
The standard states in 4.11.2(b) that the company shall “identify all inspection, measuring, and test equipment that can affect product quality.” If the company identifies a measurement that does not affect the quality of product, it can make those measurements in any manner it determines is acceptable.

12) All verification activities have to be performed by staff independent of those responsible for the activities being verified.
Some people confuse 4.10 with 4.17. Verification activities can be conducted by anyone the company chooses in accordance with 4.1.2.1.

13) The location of items in stock has to identified.
That standard states in 4.15.3 that “The supplier shall use designated storage areas or stock rooms to prevent damage or deterioration of product, pending use or delivery. Appropriate methods for authorizing receipt to and dispatch from such areas shall be stipulated.” It does not state that the items in stock have to be identified. Section 4.8 states that “the supplier shall establish and maintain documented procedures for identifying the product by suitable means from receipt and during all stages of production, delivery, and installation.” The key word here is “suitable.” Compliance with 4.8 should be what is suitable for the company and defined in the procedures (if appropriate) for section 4.8.

14) Records of corrective actions have to be retained for a defined period.
Section 4.14.2 states that corrective actions have to be recorded. Section 4.16 states that “Retention times of quality records shall be established and recorded.” Section 4.16 does not define the time PERIOD the records must be maintained. For example, the procedure could state “After a corrective action is implemented and the appropriate procedures or work instructions have been modified to implement the change, the corrective action is considered closed and no further activity is required. The changed procedures or work instructions shall constitute an evidence and record of the effectiveness of the corrective action.” or something to that effect.

15) All auditors have to undergo formal training.
Section 4.17 requires internal audits, but it does not state that “formal” training is required. Section 4.18 states “The supplier shall establish and maintain documented procedures for identifying training needs and provide for the training of all personnel performing activities affecting quality. Personnel performing specific assigned tasks shall be qualified on the basis of appropriate education, training and/or experience, as required.” The key word is “appropriate” and section 4.18 does not require formal training. Most assessors try to make this assertion using 4.1.2.2; and even this does not require formal training. Note 21 gives ISO 10011-1, -2 and -3 as guidance only. Companies are not required to be in compliance with notes.

16) All incoming supplies are subject to receipt inspection.
Section 4.10.2 states, in part, “The supplier shall ensure that incoming product is not used or processed until it has been inspected or otherwise verified as conforming to specified requirements.” The key words here are “otherwise verified.” For example COTS products can be stipulated in the procedures as ship to stock.

17) Storage areas have to be locked at all times.
Section 4.15.3 stipulates that storage areas shall be controlled. The type and extent of this control is strictly up to the company and specified in procedures.

18) The quality record requirements apply to all records.
Section 4.16 applies only to those records where the section of the standard states “(see 4.16).” For example 4.1.3, 4.3.4, 4.4.6, etc.

Now my personal observations and diatribe.
The key to successful implementation of ISO 900x can be summed up in one simple sentence:
DO NOT READ IN WHAT IS NOT THERE!
The standard states in 4.2.2 that “the range and detail of the procedures that form part of the quality system depend on the complexity of the work, the methods used, and the skills and training needed by personnel involved in carrying out the activity.” The standard works for the company, not the other way around. This is very important for success.
Now for one of my biggest pet peeves.

The ISO 10011 series details guidelines for quality auditing. When someone tells me that “my auditor told me to do” this or “my auditor told me I had to have” that or some other such rubbish, it makes my skin crawl. Section 4.1 of ISO 10011 states “Audits are normally designed…to determine the conformity or nonconformity of the quality system elements with specified requirements.” Section 4.2.1.4 states “Auditors should be free from bias and influences which could affect objectivity.” Section 5.3.2.2 states that “Nonconformities should be identified in terms of specific requirements of the standard requirements of the standard…”

These combined state one thing, although not in these words: Auditors cannot tell what you must and must not do. They can only “determine the conformity or nonconformity of the quality system elements with specified requirements.” During training (assuming the Lead Assessor Courses have not deteriorated to the RAB’s level) assessors have this single point driven home time and time again. Auditors cannot “be free from bias and influences which could affect objectivity” if they are defining what you must do to be in compliance. Assuming Auditor A tells you such and such and during a surveillance audit Auditor B tells such and such that is a contradiction to A’s, this is a conflict of interest for the Registrar. Therefore, IMHO, any auditor that tells you that you must have or do so and so, you should take these steps:

1) Immediately stop the audit;
2) Contact the Lead Assessor, report the condition and request correction or a replacement Auditor;
3) If the Lead Assessor fails to take satisfactory action, contact the Registrar and request a new audit team;
4) Advise the Registrar that you will not be responsible for monies lost while they correct the condition;
5) If the Registrar fails to satisfy your needs, contact the Governing Body or Bodies responsible for the registrar and advise them of the situation. (Hopefully, not the RAB. They have the backbone of a jellyfish, or so I have read on the Web).
6) Continue the audit only when a competent Lead Assessor or Registrar has been contracted.

Of course, the above does not apply to QS auditors. IMHO, they are just a collection of minds or lack thereof that can interpret the standard any way they like and are not governed by anyone but the AIAG, for all the good that does.



[Note: This message was edited by Marc Smith]

my goodness Don, that was a mouthful
I agree ...but a mouthful none the less.
What is left for the rest of us to say...LOL

Its not as tough as it looks to comply, its actually common sense, but then common sense is sometimes hard to come by. they should teach a course in that !!!

Barb,
First I should apologize to you and all for the language used in the diatribe section. I had just finished a most irritating debate with a "QS" consultant working for a company I advise locally. This company is looking to ISO 9002 certification. Why they reatined a QS "consultant" I will never know. Marc's list and my responses were prepared for the company and diatribe was a result of my communication with this consultant for the company to use (hopefully). I agree that if a course in common sense were offered, I can think of many persons who could benefit. I can only wish and hope.
Second, I think my interpretations of Marc's list will stand unless someone can convince us with objective evidence otherwise.
Third, the difference between a consultant and an advisor is the advisor does not charge $250/hour or anywhere near that much.

Hey! Wait a minute! I'm a 'consultant' an I don't charge US$250 and hour! Am I missing something here? Err - maybe I am an advisor. What's the difference again? Just that consultants charge more? Maybe I ought to reconsider my rates.

[This message has been edited by Marc Smith.]

me too Marc...time to go back to the 'careers in ISO/QS' page and learn how to do it right, ya think? <LOL>

I like to think of myself as a trainer...even when I consult I am training them to do it when I leave..... but then I never really leave, 80% of my business is repeat clients finding something else for me to do.

To barb and Marc (and anyone else affected),
Recently, I made a post in the ISO 900x thread that may (or may not) have ruffled some feathers. It is not my custom to let emotional conflicts interfere with my professional judgment. However, in this case, it appears that I did just so. To you all (and any others), that may read this, I did not intend, not ever will intend, to cast dispersions upon another’s career choices. It would appear that, in this case, I let my training loose in preference to emotion. I will do my utmost to not let this happen again. My opinions are my own and should not be dispersed to all for critical review. (Marc, I will post in the mentioned areas. Hope you do not mind, Don)

Colour me stupid - where, pray tell, is this transgression? And whose feather(s) did you ruffle? I can't believe there's any reason to get excited about saying something. I call auditors stupid all the time. Doesn't mean I really mean all auditors are stupid. ;)

I will take the opposite side of convention pertaining to this topic (devil's advocate). Although, the list at the top does contain some misconceptions and items that are not absolute, most of them can be used as tools to implement an effective quality system. Take the job description misconception: I've audited ISO companies since the implementation of the standard, and I believe this is the best way to meet the requirement for defining education and experience of employees. To me job description are "people specs". Just as you have incoming inspection specs on raw materials, job description help you to perform Inc. Insp. on new hires and transfers. Those who try to get "creative" usually put something in place just for the sake of NOT doing what the auditor says or trying to "get out of it easy". I have personnaly seen the terrible results of ineffective means to define education and experience levels needed. As an example I know of at least one "ISO certified" company where a design engineer, became, quality control manager, then human resources manager all in the same year without training in any of these areas!

Another one that bugs me is that "purchse orders do not necessarily need to be signed" come on get real. There has to be some objective evidence, wether its a stamp or electronic signature, it is still a signaturte of sorts, and maybe the easiest way to meet the requirement. I know there is some purchsing manager out there thinking "great now I dont need to look at all that stupid paperwork" in fact I could name a few.

I think the word "misconception" is a little harsh, it degrades the value of some of these items that can actually help people build an effective quality system. As Marc implied in his 7/13 message, you need to look at the intent of each section and apply it to your company. If you do that some of these misconceptions can be used, and by "bashing" them they may be discounted for the sake of being discounted. I'm sure there are people out there waiting to "pick a fight" with their ISO auditor, even if they are not justified.

What works for the company ...works....how about elecrtonic PO transfer with approved suppliers...what about JIT/kanban orders....on and on..there are as many when a signature or even a hard copy PO is not relevant as when it is. This is more and more the case...Isn't part of supplier control and continuous improvement in that area sending you in that 'paperless' direction?

If you can prove to me it works, then it works.

what about the need for an auditor to be with out pre conceptions?

The misconception is in wether or not it is a requirement, not if it is good business practice.

You can't say that just because it is good practice, that it is something that works best for every company. Consultants (just some, not all) are trying to fit everyone into the same mold....just because it is easier for them, and Auditors (some, not all) are are playing consultant by trying to see/force the companies fit into that mold.....Is that because so many consultants play that double role and don't know how to change hats? Its a fine line, judging compliance and wanting it "my way" and more auditors need to step back a couple steps.

By the way...I can say this, cause I am both and do know the difference.

Yeah - the 'same mold' thing is what (you should know by now) I argue - that each company is different. But now I'm off topic...

You hit it on the head with "The misconception is in wether or not it is a requirement, not if it is good business practice."

My - this has turned out to be FUN!

Marc, Correct me if I am worng. The purpose of the "list" was to illustrate what some persons think are required to be in compliance. The minimum requirement is what is stated in the standard. An assessor's job is to determine "compliance" or "noncompliance." It is the company's responsibility to determine if they want to use ISO 900x and to possibly use ISO 900x as the goalpost to improvement.

[This message has been edited by Don Winton.]

Furthur on that Don, those things may not add value,in all circumstances..... the world out there today is not what we all remember in our 'growing' years..innovation is a key element to success, as is lean and mean. I have several clients with less than 8 employees,(two with less than 5) successful and growing...but may never see more than 10 employees years from now...Do they need job descriptions? A quality manager? Locked storage? Reems of procedures? NO they need to be innovative and cover the requirements in a way that fits the way they operate. Is that lazy, and not wanting improvement? Hell No.

I'm not disputing the fact companies falsely interpret the ISO Standard to create these misconceptions, but there was so much negatve placed on the benefits of some of the items in the list I had to present another side. Especially to those who would take these comments and use them out of context. We have the experience and knowledge to use these comments constructivly -- not everyone who reads this is a quality expert.

An example of what I mean can be seen on a recent audit, I performed: I was auditing purchasing, and the procedures said the PO's were reviewed before release, however there was no objective evidence. When I wrote a non-conformance the IRATE Purchasing Manager asked what is objective evidence "a signature?" I replied "yes". More in likely the purchasing manager went back to his people and said "The ISO guy told me I had to have signatures". Which then becomes listed as a misconception on a discussion board with 24 entries as "My auditor told me I had to have signatures on PO's"

Yes there are bad auditors out there but there are 2 sides to every story..... I feel uniquely qualified to represent all "sides" because I am an RAB certfied QS/ISO/ISO-14000 Lead assessor, and independent consultant (not to companies I audit), a Quality Manager, and I have worked "on the floor".

Yeah, Don. I really posted the list originally just to get some thought going and with consideration to my experiences. For a number of years now I have made my 'living' interpreting specifications - which is how I got into ISO and QS to begin with. It never ceases to amaze my how auditors (not to mention companies) interpret specs and documents in general.

In my first ISO audit the auditor wrote the company up because changes to the quality manual (in one instance) "...are not easy to see..." We had a database where all changes were item by item recorded. When I first got involved with the company in helping them in their effort, their quality manual sucked. We radically revised the manual and in the database we simply put the following statement, "The changes to the manual are extreme and thorough. To tell what each change was, please compare the two documents." We did this because it really seemed stupid to write up 1000+ plus changes in a database. I mean, hell - the whole manual changed. Rather than being smart and obsoleting the document and releasing an entirely new 'series', we did what we did. Note that *every* other document change was detailed in the database.

I said "Where does it say it has to be easy?" I was told it was implied and the auditor wrote the company up with a minor (the only finding during the audit). This is where I realized auditors can be completely stupid with consideration to interpretation of the spec. I thought, previously, that only DCAS were bitches.

Christopher....that 'yes' is what gets you in trouble...perhaps a more appropriate answer would have been, "yes....that is one example I've seen" or the like, implying that they need to look at what is appropriate for them as evidence. if someone answered as you did, and I was not "spec friendly" I would understand that a signature was what the auditor wanted to see.

Yet another misconception....the biggest of all .....regards communication: the japanese say that the biggest misconception about communication is that it has been achieved.

Barbara, Barbara, Barbara yes was paraphrased to avoid a long dissertation. My point was that there are two sides to every story, and that there may be more good auditor out there than you care to believe. Kind of like consultants.....

ChrisTIAN

Christian...About your purchasing comments. Where in the standard does it say I have to provide objective evidence of approvals. It just says I have to review and approve them prior to release. I was taught that it was an auditor's job to find the objective evidence. I know that it would be much easier for an auditor if there were signatures on everything but how could this be a nonconformance? Doesn't this support Marc point about interperting the standard and not reading things into it so it fits a particular view of how things should be done?

christian, christian, christian.....despite popular belief I do think there are many many good auditors out there...and consultants as well. BUT this board was getting very quiet and needed some "waking up"...so i hit a soft spot....now lets keep a dialoge going. <LOL>

Michael, evidence can be stated simply in the procedure for instance..."when the purchaser has entered the data as prompted on the screen, he/she reviews the entry for accuracy, then keys to enter the posting." the entered data is the evidence....

Same goes for contract review of verbal orders....' order entry records the information on the screen as provided by the customer, and requests any additional information as prompted. Then reads back to verify, resolves any descrepancies, then enters the order.

Key to the success of both is the content of the form on the screen.

Simple enough, eh?

Michael, I never said that there HAD to be an actual signature on a PO to constitute approval. However this is an acceptable method, that is easy to verify and implement, especially if the company does not use a computer system. A computer system with limited access is acceptable. In the example I provided, the purchasing system WAS NOT computerized.

I must confess that I encourage my own companies personell to use signature and dates whenever possible on hard copies. It is a practice that has served me and other well throughout their career. Those who work in heavily regulated industry (medical device) would agree. Unfortunatly, a handshake and a smile do not constitute approval anymore.

"This Old Thread" - A Blast from the 1997 Past!

Marc,
I found this thread while searching for 'job descriptions'.

I have one quick question regarding Don's very informative dissertation, which you posted (16 July 1998) and started as:
“Note that the comments at the end are Don's which I (for the most part) echo.
Here we go!
Common Misconceptions Pertaining to ISO 900x:…”

<< Followed by the actual misconceptions and comments. >>


Are these comments and interpretations still valid? Has anything changed since then? Do they apply to 9001:2000?

Thanks!

Alex