Hello all again. We have been through our phase 1 assessment audit of ISO9001:2000 in July 2003. Our phase 2 cert. audit is Aug. 11, 2003.

During the closing meeting the auditor mentioned that my original go at the process map with interactions was excellent. But he had a few comments (funny how they always start off with a compliment :rolleyes: ). He gave me a chart of what processes this registrar expects to see mapped out under MOP's (management oriented processes), SOP's (support...) and COP's (customer...). Under the SOP's he has listed "Training"! :eek:

I am not sure what inputs or the outputs for said process are. :frust:

Does anyone have any idea that may help me.

I also had to re-do the entire process map (the one that started out as excellent) because I had too much detail originally.

Signed,

frustrated in Michigan

I am not sure what inputs or the outputs for said process are. :frust:

Does anyone have any idea that may help me.
Dear Frustrated (Wow sounds just like Ann Landers)

No, really, this may be some more overzealousness of the registrar. I would ask where in the standard it mentions MOPs, CPOPs, SOPs, or even process maps. They aren't there. Given said that, mapping the is most common way to meet the process understanding requirements. The inputs to the process could be such things as training needs, personnel competencies, process requirements. Outputs could be training plans, competent personnel. The process is to identify the training (or rather compency) needs; determine the available compentencies; align the two and then determine how you will fill any gaps. An additional output would of course be records.

Why do you have to re-do anything? Was it because the auditor thought it was too complex, or perhaps there is no way you could live with it?

You have to meet the requirements of the standard. Never allow an auditor's interpretation of the standard to overrule yours. It is YOUR system, not the auditors.

Dave,

Thanks for responding. You are right the standard does not spell out the technique for process mapping, but 4.1(a) states to identify and (b) requires that these be sequenced and their interaction known. BUt you probably know that.

The ISO website (www.iso.org/) has guidance on process mapping, so I guess even though the standard doesn't explicitely state to do it, it is implied through (get this) "interpretation" (oh, its a beautiful thing). But because the standard doesn't give clear guidance (imagine that), the registrars may set the bar for you.

You are very wise in the possible inputs and outputs that you listed, thank you.

My experience is that auditors have specific ideas of how the standard should be implemented. If you show them that you have your own ideas and they work (you "set the bar"), they will probably be okay with that. If it appears that you haven't "set the bar", then they will default to their ideas and set if for you. The key is for you to set the bar, afterall it is your bar.

He gave me a chart of what processes this registrar expects to see mapped out under MOP's (management oriented processes), SOP's (support...) and COP's (customer...). Under the SOP's he has listed "Training"!
What was on the 'chart' you were given?

During the closing meeting the auditor mentioned that my original go at the process map with interactions was excellent. But he had a few comments (funny how they always start off with a compliment :rolleyes: ). He gave me a chart of what processes this registrar expects to see mapped out under MOP's (management oriented processes), SOP's (support...) and COP's (customer...).

Oh wow, this sounds almost word-for-word from our Registrar!!! Don't suppose you're in the steel industry?!?! ;)

We were provided with a template for MOPs and SOPs and COPs, to be filled by us to help our External Auditors understand how our processes related to the Standard...apprently process maps just aren't enough. :)

That being said we have developed inputs/outputs for Recruitment, Retention and Development...just a fancy way to say Human Resources. But it combines training, safety and payroll...HR's three main areas of focus at our facility.

Inputs

Raw Materials

Identified need for human resources


Utilities - N/A

Key Paperwork

Requirement of current legislation (which we then go on to list)
Company culture and management objectives
Collective bargaining agreement
(HR/H&S) Audit and survey findings


Outputs

Finished Product

Positive morale
Low turnover
Skilled workforce


Process Data

Refer to Department Key Indicators
Human Resources, Health and Safety, and Payroll databases


[U]Key Records[U]

Appropriate Business Management System records including, but not limited to: Department Key Indicators, Training Records, Performance development records, Legistlated documents/reocrds, etc.


We also list work environment and resources and provide links to other HR/H&S document for recruitment process specifics, training programs, the Employee Training Records database and so on.

RCB,

Whew, I was beginning to wonder if we were the only ones with required COPs, SOPs and MOPs. You have given me some good thoughts concerning HR and training. I am not sure why our registrar is so insistent about Training being a process, but I decided to make it an output of HR with similiar inputs.

Marc, the requirements above were listed on a sheet that the auditor was suppose to use to help us map these out, not sure other than that. I just do what I am told...just a foot soldier in someone elses army. :biglaugh:

I have attached the process map of what I currently believe will pass, as it has already gotten somewhat of a thumbs up during the phase 1 assessment. This has the process interactions and sequenced in relation to product/production realization.

Any other thoughts are greatly appreciated.

RCB and cleverfox - can I ask who your registrar is?

Oh wow, this sounds almost word-for-word from our Registrar!!! Don't suppose you're in the steel industry?!?!

So who is your registrar? Ours didn't say anything about our "process maps". I certainly did not flow chart training...we do have a procedure that spells out the process.

Howdy,

This whole 'process sequence and interaction' thing has caused more confusion than just about anything else in ISO 9001:2000. It's confusing because the requirement is somewhat vague, and different folks interpret it in vastly different ways. When the standard says 'processes,' is it talking about the key processes that you have for doing what you do (welding, grinding, polishing, etc.) or is it talking about generic QMS processes (training, corrective action, mgt review, etc.)? I think it's talking about both.

When I give advice on this topic, I tell people to simply draw a flow diagram of what you do as a business, starting with customer requirements and ending with customer satisfaction. The flow diagram is not required, of course, but it's an easy way to achieve 'sequence and interaction.' I also say to keep the diagram to one page or less. Then I tell them to try to incorporate QMS processes. The trick is that many of these processes are not really sequential. That's okay, just put them in a cloud floating around the whole diagram or try to imply that these processes might be applied at any stage. Then I ask them to make sure they've indicated the major verification stages and informational inputs. Voila, you've just done system planning.

The 'MOPs, COPs, SOPs' advocated by this particular registrar might be a helpful construct to assist in building this diagram, but it's still up to the organization. As long as you've defined your processes (realization processes and QMS processes), along with their sequence and interact, nobody should have anything to say about it. Don't let someone highjack your system or it will gradually become unrecognizable to you.

CC

~~~~~~~~~~~~~~~~~~~~~~~~~~~
Craig Cochran
Center for International Standards & Quality
Georgia Institute of Technology
craig.cochran@edi.gatech.edu

Cleverfox

FWIW - I think your map looks super. :thedeal:

Bill

The 'MOPs, COPs, SOPs' advocated by this particular registrar might be a helpful construct to assist in building this diagram, but it's still up to the organization. As long as you've defined your processes (realization processes and QMS processes), along with their sequence and interact, nobody should have anything to say about it. Don't let someone highjack your system or it will gradually become unrecognizable to you.

CC

Amen!

cleverfox, I too like the map.

Some Auditors are instructed to stop the audit process if MOP, COP, and SOP's are not included in the system. This happened to us last week. It was very disappointing. We had process maps that included customer requirements and management requirements. We did not have separate COP’s or MOP’s.

I never had the opportunity to “set the bar” the bar was set before we began. If you can believe this, I have passed pre-audits for 17025 and 14001 with much more ease. The quality portion should not be more difficult then the others.

Now I need to re-write my processes (more documentation) and have three types of procedures. This is so much fun...........

Some Auditors are instructed to stop the audit process if MOP, COP, and SOP's are not included in the system. This happened to us last week. It was very disappointing. We had process maps that included customer requirements and management requirements. We did not have separate COP’s or MOP’s.

I never had the opportunity to “set the bar” the bar was set before we began. If you can believe this, I have passed pre-audits for 17025 and 14001 with much more ease. The quality portion should not be more difficult then the others.

Now I need to re-write my processes (more documentation) and have three types of procedures. This is so much fun...........


This does not sound right, I would challenge the finding. "Where is the shall?" Can the auditor quote, in the standard where COP, MOP and SOP are listed? Adding documentation for the sake of your auditor's or registrar's whim is stupid.

Who is the registrar! I'll call them and get to the bottom of the requirement. (with out using your name or company). I'll also let everyone know what their statement is.

Some Auditors are instructed to stop the audit process if MOP, COP, and SOP's are not included in the system. This happened to us last week. It was very disappointing. We had process maps that included customer requirements and management requirements. We did not have separate COP’s or MOP’s.

I never had the opportunity to “set the bar” the bar was set before we began. If you can believe this, I have passed pre-audits for 17025 and 14001 with much more ease. The quality portion should not be more difficult then the others.

Now I need to re-write my processes (more documentation) and have three types of procedures. This is so much fun...........

Registrar's are in this business for one reason - MONEY. We should never forget this. If they attempt to shanghai your system with their interpretation of the way things ought to be, then simply tell them that you'll take your business elsewhere. I believe that you'll find them to be bit more cooperative after a few organizations send them packing.:thedeal:

Hi, y'all

I am starting our first ISO 9001 survailence audit in about 1/2 hour, when the auditor gets here. We passed the transition audit with no trouble.

Now y'all have me worried. We only have the main process map.

Yikes.

Who is the registrar! I'll call them and get to the bottom of the requirement. (with out using your name or company). I'll also let everyone know what their statement is.

Yes, who is the registrar? Where did this COP, MOP, SOP stuff come from? What am I missing? This thread is the first I've heard of this. Does it originate from one of the big three, like Ford QOS or something and your registrar decided they would require it too?

Registrar's are in this business for one reason - MONEY. We should never forget this. If they attempt to shanghai your system with their interpretation of the way things ought to be, then simply tell them that you'll take your business elsewhere. I believe that you'll find them to be bit more cooperative after a few organizations send them packing.:thedeal:

As I read through this thread it's unbelieavable how many people are intimidated by their Registrar. But, there are several reasons, I believe, for this. Most MR's are not considered Senior Management and their bosses are the ones intimidated. If they object, they are told to "Don't make any waves. Just do what they tell you." The other is that there is a signed contract for 3 years. (Ours would have been). To fire the Registrar and replace them doesn't come without considerable costs. It's company money and to admit you bought a pig in a polk reflects on whoever selected them. If it was the Boss who eventually decided, fat chance. You may be replaced quicker then the Registrar. JMHO

We have been working with this auditor for 4 years. I trust him and would not change. I have never been intimidated by our Auditor and I am considered as executive management.

It is the company (registrar) itself that is insisting on some form of MOP, SOP, and COP's. I feel there should be much more information up front on the standard practice. I have done some research on this matter and have discovered that (keep in mind that we are not just going for ISO 9001, but also TS 16949), this form of documentation will be standard as time goes on and pressure is being placed on the registrar's to maintain their ability to audit to this standard. QS brought out some bad auditors, this standard is trying to prevent from the start.

Because I have a good relationship with my auditor, I respect and accept his actions. Actually, he appeared to be bit embarrassed when he said he had to stop the audit.

Interpretation can mean many things.

Cindy

As I read through this thread it's unbelieavable how many people are intimidated by their Registrar. But, there are several reasons, I believe, for this. Most MR's are not considered Senior Management and their bosses are the ones intimidated. If they object, they are told to "Don't make any waves. Just do what they tell you." The other is that there is a signed contract for 3 years. (Ours would have been). To fire the Registrar and replace them doesn't come without considerable costs. It's company money and to admit you bought a pig in a polk reflects on whoever selected them. If it was the Boss who eventually decided, fat chance. You may be replaced quicker then the Registrar. JMHO

There are some important real-world points here. It is easy to say "fire the registrar if they act like that" but there may be extenuating circumstances that make that much easier said than done.

As I read these threads about registrars who make their own tough rules, I begin to understand more and more why a company like PJI -- which some folks say gets no respect but is still the #1 registrar in the US -- gets business. Rumor has it they consult and audit the same company (a no-no) and that they are "easy" -- but hey, would you rather have to put-up with a snooty SOB with a "good reputation" who makes your life miserable for 3 years (with no bottom-line benefit) or an "easy" registrar who doesn't have the greatest reputation but audits only to the standard and otherwise lets you do your thing? A reasonable question, IMO. (BTW -- I have no link whatsoever with PJI -- or any other registrar).

Cindy - So this COP,MOP,SOP stuff is stemming from TS 16949? But your registrar instructs auditors to stop an ISO9000 audit? I still don't get it. :( And I'd still like to know which registrar so I can avoid this.

We have been working with this auditor for 4 years. I trust him and would not change. I have never been intimidated by our Auditor and I am considered as executive management.

energy did say registrar, not auditor.

Not to change the subject but PJI called me 6 times in one day. After then, I called corporate and requested them not to call again.

I thought they lost their registrar ability?

Capri,

Our registrar is a very reputible company and respected.

I can tell you that we have one of the top auditors. If this is where the current trend is going, than this is what is being used.

Cindy

I have never been intimidated by our Auditor and I am considered as executive management.
Cindy

There is a long thread on who is the best person to be MR. I'll search it and post. I'm sure that the MR from most companies is identified as one who independently of other duties has the authority to administer the QMS. As an "Executive Manager", what is your actual Job Title? I was also considered a Senior Manager on the Org Chart. As for actually being recognized as one in my day to day activities, not exactly. Inspection functions, Safety issues, operating Fork Lifts, driving the Company trucks, purchasing materials and any doing any other thing that I was asked to do, was something that other "Senior" or "Executive" Managers were exempt from. As my old Boss said, "What do you want to be called? We're not big on titles here." Being able to put on the "Executive" hat when required to was more important than the "Title". What it may say on your business cards and what you actually do, may be slightly different. :rolleyes: :smokin:

More than ever it appears Energy's comments about people being intimidated by their registrar is true. Aside from the points he made, I think some people are also afraid to mention the registrar's name here out of fear of the registrar finding out and making their life miserable in future audits, or threatening them with a lawsuit, or maybe getting them fired from their company over a lawsuit threat or something similar. It is not just here in this thread that I have seen this but on others as well. It is like pulling teeth to get people to mention a registrar's name -- even if it involves something from news article being mentioned 3rd. hand by someone. I think Marc commented on this elsewhere as well. It is almost like the fear that goes along with narcing on a drug dealer or mob figure! I'm not being judgemental, just making a comment. This is one of the major reasons I strongly support compliance vs. certification if one can get by with it. And I realize that is a big "if". Life's too short. Who needs such bullsh1t hassles -- and to pay for it at that?

Energy,

My "title" is QS Manager. It is my full time job. It includes the accredited testing laboratory, the quality management system, and the environmental health and safety system. I report directly to the President. Any other tasks I may take on are of my choosing during slow periods when I beg for something to do.

That said, I also work with each department and assist in developing and maintaining compliance related issues, initiate management review, audits (including criteria), control all system related documentation, train on the managment system and related items, etc.

When I first accepted this position, I could not see it as a full time job. It has since evolved into one with the addition (at my request), of the test lab and environmental management.

I am not asked to do any more or less than any other manager.

You are right about titles meaning nothing. My "title" does not even compare to or include the extent of my actual duties.

More than ever it appears Energy's comments about people being intimidated by their registrar is true. Aside from the points he made, I think some people are also afraid to mention the registrar's name here out of fear of the registrar finding out and making their life miserable in future audits, or threatening them with a lawsuit, or maybe getting them fired from their company over a lawsuit threat or something similar. It is not just here in this thread that I have seen this but on others as well. It is like pulling teeth to get people to mention a registrar's name -- even if it involves something from news article being mentioned 3rd. hand by someone. I think Marc commented on this elsewhere as well. It is almost like the fear that goes along with narcing on a drug dealer or mob figure! I'm not being judgemental, just making a comment. This is one of the major reasons I strongly support compliance vs. certification if one can get by with it. And I realize that is a big "if". Life's too short. Who needs such bullsh1t hassles -- and to pay for it at that?

In our Poll: Registrar Specific Requirements is a perfect example of the benefit of naming your registrar. A fellow cove dweller read my post and was able to investigate and post to the contrary, he subcontracts for my registrar. My mind is at rest, and I won't be misinforming anybody else as a result!

Originally posted by Clever fox: I also had to re-do the entire process map (the one that started out as excellent) because I had too much detail originally.

Can you mail me a copy of this interaction to me at:
accurate@md2.vsnl.net.in

I get the impression that the push for COPs MOPs and SOPs is coming from automotive. Cindy mentioned being certified to TS16949, not just ISO 9001. I think it's a very important point in this thread to know what standard you're being certified to.

Cleverfox & RCBeyette - I did a quick search and see that neither of you has ever posted in a TS16949 thread, so I think I know the answer to my question, but here it is: Are you being certified to TS 16949 or ISO 9001?

And PLEASE tell us who your registrar is! (You too Cindy :D). There's nothing wrong with posting it! I've posted my thoughts in another recent thread talking about registrar requirements over and above what the standard requires. As long as they are communicated before the fact, they are OK to have. I'd just like to know who is requiring what.

WHen you see the process model in ISO9001:2000 standards, you could find input side was customer requirements and output side was customer satisfaction. as the principle of "customer focus", the company should identify any interfaces with customer, so that they can pay much more attention to satisfy customer.
SOP was to planned to meet the organizational need in supporting COPs.
MOP was determined basing on data from COP & SOP, it's for standard requirement compliance & respect to the role of top management.

These are one of process mapping methods. you could accepted registrar's comments and you also could have your owns and explain your result to registrar, They should accept it if with clear process interaction/consequences.
I thought registrar just want bring you some new things, anyway they are more familiar with standards application.
Sometimes, you may find although registrar do quality system audits, but their internal system is not better than yours.
Switching registrar was not a good means, it may bring you more trouble, new audit logic, more money etc.
It would be better to communicate with registrar, if you think they are reasonable, follow it. if they insist on and this will bring you addional useless work, change CB.

My organization *is* ISO 9001:2000 registered, but our Auditors seem to favour ISO/TS 16949. The MOP's, COP's, etc. was preparation paperwork they asked to have filled in to better understand our processes, I guess. However, until they have a finding that is more ISO/TS 16949 than ISO 9001:2000, there is no point in me making a fuss....yet... ;)

Our Registrar is SRI - sorry for not answering sooner; I wasn't keeping up-to-date on this thread.