A macro-process structure approach to auditing for ISO 9001:2000(8)

A

Alexander Keith

#1
Bonjours everyone,

there is debate here about the best structured process approach to auditing ISO 9001:2000. People have come up with different macro-process structures in which the various elements or sections of ISO can be plugged in. Here's my version. Let me know what you think please:

Quality System Processes ---> 4.1, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 5.4.2, 7.6 and 8.2.2

Management Processes ---> 5.1, 5.3, 5.4.1, 5.6, 8.4, 8.5.1, 8.5.2 and 8.5.3

Administrative Processes ---> 5.5.1, 5.5.2, 5.5.3 and 6.2.2

Customer Related Processes ---> 5.2, 7.2.1, 7.2.2, 7.2.3, 7.5.4 and 8.2.1

Product Related Processes ---> 6.3, 6.4, 7.1, 7.3, 7.4, 7.5.1, 7.5.2, 7.5.3,
7.5.5, 8.2.3, 8.2.4 and 8.3

I thank you in advance. Critique this all you want and to the max please. I'm looking for something that makes sense and is sellable to and useable by a team of auditors.

Alexander Keith
over & out
 
Elsmar Forum Sponsor

Randy

Super Moderator
#2
Re: Best macro-process structure for ISO 9001:2000(8)

1st Welcome:bigwave:

Here's the deal........your list will only be good for basically the 1st question in each clause, after that it's "Katie-bar-the-door". Also, don't waste time looking at 4.1 because the only time it's met is when everything else is done.

For instance to verify 6.2.2 you're going to need 4.2.4, 5.5.3, 4.2.2, 7.5.1 and maybe one or two more.

In a process approach to auditing what you worked so hard doing is just the starting point.
 

Stijloor

Staff member
Super Moderator
#3
Re: Best macro-process structure for ISO 9001:2000(8)

Bonjours everyone,

there is debate here about the best structured process approach to auditing ISO 9001:2000. People have come up with different macro-process structures in which the various elements or sections of ISO can be plugged in. Here's my version. Let me know what you think please:

Quality System Processes ---> 4.1, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 5.4.2, 7.6 and 8.2.2

Management Processes ---> 5.1, 5.3, 5.4.1, 5.6, 8.4, 8.5.1, 8.5.2 and 8.5.3

Administrative Processes ---> 5.5.1, 5.5.2, 5.5.3 and 6.2.2

Customer Related Processes ---> 5.2, 7.2.1, 7.2.2, 7.2.3, 7.5.4 and 8.2.1

Product Related Processes ---> 6.3, 6.4, 7.1, 7.3, 7.4, 7.5.1, 7.5.2, 7.5.3,
7.5.5, 8.2.3, 8.2.4 and 8.3

I thank you in advance. Critique this all you want and to the max please. I'm looking for something that makes sense and is sellable to and useable by a team of auditors.

Alexander Keith
over & out
Alexander,

First of all, there is no requirement for "classifying" processes. It can be helpful, but not required. Part of this activity is to identify/determine your processes first. You can plug in the ISO 9001 requirements later on. Keep in mind that certain ISO 9001 requirements apply to various processes simultaneously. There's "overlap" so to speak and that is perfectly OK. Look for other threads here at The Cove Forums. You will notice that there are very diverse opinions about this process business. My advise? Keep it very simple and user-friendly. :agree1:

Good luck with this.

Stijloor.
 
A

Alexander Keith

#4
Re: A macro-process structure for ISO 9001:2000(8)

Thank you, Thank you,

We are auditing application of the ISO 9001:2000 standard. The standard is loosely organized into macro-processes (section 4, 5, 6, 7 & 8). I have simply re-arranged this as per above. Within each of these macro-processes are individual requirements for which an organization will develop individual processes in order to achieve the end result.

I have a team of external auditors and each one is assigned a macro-process.

We use the PDCAA approach (say what you do, do what you say, prove it, act on the difference, show me the evidence). The PDCA part is the organization's responsibility to achieve the end result. The A part is the external auditor's responsibility to verify at each PDCA stage. Show me the money, show me the evidence of your plan, your execution, your verification and any CA or improvement that you did on that individual process.

As Randy has mentioned there will be overlap into other processes when verifying any one process. The team meets regularly to review these overlaps and probe further if necessary.

The macro-process structure is there for me and the team to help organize and visualize things better. Maybe I shouldn't have used the word best on the title... in fact, I just took it off now. It's one idea for a structure among many.

Thank you!
 

Stijloor

Staff member
Super Moderator
#5
Re: A macro-process structure for ISO 9001:2000(8)

Thank you, Thank you,

We are auditing application of the ISO 9001:2000 standard. The standard is loosely organized into macro-processes (section 4, 5, 6, 7 & 8). I have simply re-arranged this as per above. Within each of these macro-processes are individual requirements for which an organization will develop individual processes in order to achieve the end result.

I have a team of external auditors and each one is assigned a macro-process.

We use the PDCAA approach (say what you do, do what you say, prove it, act on the difference, show me the evidence). The PDCA part is the organization's responsibility to achieve the end result. The A part is the external auditor's responsibility to verify at each PDCA stage. Show me the money, show me the evidence of your plan, your execution, your verification and any CA or improvement that you did on that individual process.

As Randy has mentioned there will be overlap into other processes when verifying any one process. The team meets regularly to review these overlaps and probe further if necessary.

The macro-process structure is there for me and the team to help organize and visualize things better. Maybe I shouldn't have used the word best on the title... in fact, I just took it off now. It's one idea for a structure among many.

Thank you!
Alexander,

Is your plan to audit against the requirements of the Standard or audit processes using the (srtrongly) recommended process approach?

There's a lot of information available here about auditing using the "Process Approach."

Stijloor.
 

Patricia Ravanello

Quite Involved in Discussions
#6
Bonjours everyone,

there is debate here about the best structured process approach to auditing ISO 9001:2000. People have come up with different macro-process structures in which the various elements or sections of ISO can be plugged in. Here's my version. Let me know what you think please:

Quality System Processes ---> 4.1, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 5.4.2, 7.6 and 8.2.2

...etc

I thank you in advance. Critique this all you want and to the max please. I'm looking for something that makes sense and is sellable to and useable by a team of auditors.

Alexander Keith
over & out

Hello Alexander,

Your system looks like an adaptation of what we saw with ISO 1994 where every company suddenly had some 20 or so Procedures...all aligned with the Standard. It looks like you're doing the same thing, but using just 5 Procedures...again, aligned with the standard - Sections 4, 5, 6, 7 & 8.

It also appears that you're focusing on the elements as opposed to your processes which doesn't jive with the "process approach", as mentioned already.

While grouping the sub-elements together like this, may serve some purpose for your organization, I doubt that it's very representative of how your company actually works.

Even if you are only using this proposed configuration for auditing, it goes against the grain of what the process approach requires. You need to follow your processes, step-by-step...not a select set of sub-elements of the standard...unless of course, that sequence happens to conform with your actual processes.

Your approach begs the question...what do your processes look like? Flow charts? Narratives? If you're satisfied that your documentation complies with the standard...I would put the standard away and focus on your documented processes.

Seems like you're creating more work than necessary and deviating from the whole point of the process approach.

Patricia Ravanello
 
A

Alexander Keith

#7
I guess I didn't explain myself clearly and maybe I even assumed that we are all auditing the same thing here.

Here's what I am auditing, and here's what I see, as a customer's rep, the majority of the time from our suppliers:

----- supplier has a documented quality system originally structured to ISO 9001 (94) but subsequently re-structured to meet ISO 9001:2000. They are basically the same procedures before and after the re-structurization -----

Isn't that what you guys see too? Don't most companies serious about their personnel implementing ISO 9001:2000 on a consistent basis have documented procedures?

Also; if I'm doing an audit of a welding process for example, now here's a set of inputs that involve people, methods, materials, environment, etc.

if I'm doing an audit of the management macro-process however, the inputs become 5.1, 5.3, 5.4.1, 5.6, etc. I review the procedures beforehand and develop my checklist of questions based on those procedures. In those rare instances that there is no procedure I have a set of prepared open-ended questions to ask. I don't like to wing it or let the company describe in words anything they can think of next just to answer my questions.

At the end of the day the audit, whatever approach you take, is suppose to give you enough evidence to determine whether requirement are fulfilled or not. I like my evidence in writing please. PDCAA ---> the company does the PDCA and shows me the A (evidence) when I come in to audit.

Am I a dinosaur or are there still others like me out there?

Alexander Keith
over & out
 

Patricia Ravanello

Quite Involved in Discussions
#8
Hi Alexander,
Thanks for the clarifcation...I didn't understand that your were talking about "you, auditing your suppliers", and not your own organization.

Notwithstanding that fact, I don't know why you'd take a different approach than the "Process Approach", even for what you are calling the "Macro" processes...Why aren't they documented? (Actually, I already know why...most Senior Management has gotten away without documented Procedures for those processes...like they just "magically" know how to do Business Planning and Management Review. I don't agree with it, but it's fairly common).

I suppose that's why you go in with your own set of "reference questions" to ask, just to make sure that the requirements have been met (that's not the process approach). I don't know what luck you'd have challenging them if their CB grants them certification.

I'd say you're doing the best you can under less than ideal circumstances. Bottom line is, you have to satisfy yourself that your audit is comprehensive, and that your supplier is, in fact, doing what they say they do...and what is required of them.

You raise an interesting question and discussion. I'm curious to hear other input on the subject.

Patricia
 
J

JaneB

#9
----- supplier has a documented quality system originally structured to ISO 9001 (94) but subsequently re-structured to meet ISO 9001:2000. They are basically the same procedures before and after the re-structurization -----

Isn't that what you guys see too?
No. We have huge debates about the various ways of structuring manuals. I think that many people agree that a reasonably good and useful procedures manual is not just the 'same procedures' as there were for the '94 version, just 'tricked up' for the 2000 one.

It absolutely contradicts the process approach. Totally.

What kind of suppliers are you auditing? Are they all in similar fields?

Notwithstanding that fact, I don't know why you'd take a different approach than the "Process Approach" ...

I'd say you're doing the best you can under less than ideal circumstances. Bottom line is, you have to satisfy yourself that your audit is comprehensive, and that your supplier is, in fact, doing what they say they do...and what is required of them.
It is an interesting question and discussion.

Don't most companies serious about their personnel implementing ISO 9001:2000 on a consistent basis have documented procedures?
Yes to documented procedures. But if they're serious about 9001, I'd hope they'd be equally serious about the process approach, and that their procedures would then reflect this.
Are you second guessing the (external) auditors?
 
Last edited by a moderator:

Helmut Jilling

Auditor / Consultant
#10
I guess I didn't explain myself clearly and maybe I even assumed that we are all auditing the same thing here.

Here's what I am auditing, and here's what I see, as a customer's rep, the majority of the time from our suppliers:

----- supplier has a documented quality system originally structured to ISO 9001 (94) but subsequently re-structured to meet ISO 9001:2000. They are basically the same procedures before and after the re-structurization -----

Isn't that what you guys see too? Don't most companies serious about their personnel implementing ISO 9001:2000 on a consistent basis have documented procedures?

Also; if I'm doing an audit of a welding process for example, now here's a set of inputs that involve people, methods, materials, environment, etc.

if I'm doing an audit of the management macro-process however, the inputs become 5.1, 5.3, 5.4.1, 5.6, etc. I review the procedures beforehand and develop my checklist of questions based on those procedures. In those rare instances that there is no procedure I have a set of prepared open-ended questions to ask. I don't like to wing it or let the company describe in words anything they can think of next just to answer my questions.

At the end of the day the audit, whatever approach you take, is suppose to give you enough evidence to determine whether requirement are fulfilled or not. I like my evidence in writing please. PDCAA ---> the company does the PDCA and shows me the A (evidence) when I come in to audit.

Am I a dinosaur or are there still others like me out there?

Alexander Keith
over & out

We see all kinds of variations. Not all processes must be documented. But the paradox is those companies who most insist on that prerogative, also usually have really weak systems and poor performance (not in every case). The best companies frequently have too much documentation. not sure if that is a cause and effect relationship, but it is pretty telling.
 
Thread starter Similar threads Forum Replies Date
B Macro Process Mapping (pre-GAP analysis) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
A Process Mapping - for "Audits" - Detailed process map + macro map + FMEA Process Maps, Process Mapping and Turtle Diagrams 10
V Minitab GRR crossed Xbar and r method macro needed Using Minitab Software 9
Q QI Macro Histogram - Can someone define *sorted data*? Capability, Accuracy and Stability - Processes, Machines, etc. 7
D minitab macro to pull access query with parameters Using Minitab Software 1
J Macro Question: Get Column Name by Column Number / or Use Text constant to link on a Using Minitab Software 1
V Validation of macro - scripts - programs used in statistical software (Minitab-SAS... Qualification and Validation (including 21 CFR Part 11) 5
F Run Minitab Macro from Excel Using Minitab Software 3
M Minitab macro to add reference line to graph Using Minitab Software 1
M Writing a Minitab macro that can manipulate data in all columns Using Minitab Software 3
L Webcam with Macro Capability for Skype between our facility and a satellite location Inspection, Prints (Drawings), Testing, Sampling and Related Topics 2
B Using a File Name as a Variable in an Excel Macro Excel .xls Spreadsheet Templates and Tools 11
J Excel Macros - "Button" on a form that executes a macro Excel .xls Spreadsheet Templates and Tools 8
M Insert Empty Column Using Minitab Macro Using Minitab Software 2
B Wheeler Honest Gauge R&R macro wanted Excel .xls Spreadsheet Templates and Tools 2
B Minitab R14 macro for Power Analysis Using Minitab Software 1
T Minitab - Getting a Minitab Macro to look up a Column Name Using Minitab Software 23
M Minitab Macro-Command 'NUMERIC' to convert a text column to an numeric column Using Minitab Software 8
M Minitab 15 - READ, SET from keyboard or file doesn't work in my macro Using Minitab Software 4
M Macro to fill up columns when shorter then others Using Minitab Software 4
J RANCOVA (rank ANCOVA) macro for minitab Using Minitab Software 2
M Problem creating a Macro in Minitab Using Minitab Software 4
M Macro to connect to Access Database to get to data - Minitab Macro help Using Minitab Software 1
M Minitab macro vs. Layout tool Using Minitab Software 9
A Effectiveness of Training... micro or macro? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 29
M Macro that will perform a normality test and capability analysis - Minitab help Using Minitab Software 1
M Where to find an acceptance sampling excel macro or .xls template? Inspection, Prints (Drawings), Testing, Sampling and Related Topics 6
M SPC Excel macro add-in - File Attached Excel .xls Spreadsheet Templates and Tools 23
S Sterilization validation after changing sterilization process provider Qualification and Validation (including 21 CFR Part 11) 3
Pau Calvo Quality Management process is mandatory in ISO9001? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
Tagin Template or Checklist for Process Change Document Control Systems, Procedures, Forms and Templates 5
LostLouie Manufacturer divorced from Design process, is he justified in design process deficiencies? ISO 13485:2016 - Medical Device Quality Management Systems 3
J 1.11 Preliminary Identification of Special Product and Process Characteristics APQP and PPAP 4
D Question regarding customer feedback process ISO 13485:2016 - Medical Device Quality Management Systems 3
T What does AS9100 mean when it says you must establish a process to do X? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 24
J Process FMEA Template with examples - Cold and Hot Forged components FMEA and Control Plans 4
D Questions regarding process validation ISO 13485:2016 - Medical Device Quality Management Systems 6
D Question regarding ECO process, specifically for Life Science products and defining form fit and function ISO 13485:2016 - Medical Device Quality Management Systems 1
P Managing How PPAP Requirements are Communicated in the Manufacturing Process and to Suppliers APQP and PPAP 5
I Control Plan (Product/Process specification/ Tolerance) acceptance FMEA and Control Plans 27
L Process changes and biocompatibility (ISO 10993-1) Other Medical Device Related Standards 1
A Validation of Forced Aeration Process ISO 13485:2016 - Medical Device Quality Management Systems 3
R Error Proofing Label process Manufacturing and Related Processes 4
B New Release of CQI-12 Coatings Process (Revision 3- Release date- 7/2020) Customer and Company Specific Requirements 2
D Layered Process Audits - FCA 9.2.2 - Exemption Clause? IATF 16949 - Automotive Quality Systems Standard 5
B ISO 11607-2 "Critical Parameter" vs. "Process Parameter" Other Medical Device Related Standards 3
Q Example Process orientation to the process leadership, management, goals (tasks of the top management) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
S Process Inspection -Sub assembly process inspection sheet Lean in Manufacturing and Service Industries 3
T ISO 13485 8.3 - Non-Conforming Materials - on-line rework or part of process? ISO 13485:2016 - Medical Device Quality Management Systems 11
T Outsourced process in ISO 45001 Occupational Health & Safety Management Standards 2

Similar threads

Top Bottom