Departmental KPI not met - should the Auditor raise a NC for it

Ed Panek

QA RA Small Med Dev Company
Leader
Super Moderator
Last year for regulatory risk and MDR we had "quarterly NB meetings to keep our CE Mark going" In Spring this year they moved the deadline to 2028. I removed the quarterly meeting with our NB as an activity as the ground had shifted. Objectives can change as more information is revealed or company objectives change.
 

rogerpenna

Quite Involved in Discussions
Do you think so?
No, I don´t, sorry.

At ISO 9001:2008 I did think so. Basically 4.1 established the PDCA method and asked the C part (Check - Monitor, Measure and Analyze) should be applied to ALL identified processes that were relevant to the QMS.
While it never explicitly told you should monitor processes WITH KPIs, it's also hard to show you are complying with this requirement without KPIs.
As we follow a norm called PBQP-h SiAC, which is based on ISO, and ALSO have ISO 9001, we must comply with both and thus always the most strict requirements of both.
And PQBP-h SiAC was updated to follow ISO 9001:2015 only in 2018, so we had to follow the 4.1 requirement of ISO 9001:2015 which imho implicitly required the company to have KPIs for every process, for 3 more years after ISO 9001:2018 went the route of choosing to monitor processes based on risk and opportunities, etc
So after 10 years with those requirements, they basically stuck in my head. Ok, that was my interpretation of 2008, others might completely disagree with it.
 
Last edited:

Golfman25

Trusted Information Resource
IMO, If you have to use the word “implicitly” you’re bordering on opinion, not a requirement.
 

rogerpenna

Quite Involved in Discussions
IMO, If you have to use the word “implicitly” you’re bordering on opinion, not a requirement.

It's not bordering an opinion, it is indeed an opinion, which is why I used the acronym IMHO just before the word implicitly. You are right about it.


I used it in the sense that there aren´t many alternative paths.

Explicitly, ISO 9001 only has requirements for processes that are important to the QMS. Implicitly, that's basically all processes in the organization.
Explicitly, ISO 9001:2008 only requires you to monitor and measure all processes relevant to the QMS. As it's hard to justify any process as not relevant to the QMS, and also IMHO (again my opinion) difficult to monitor and measure a process without a KPI, then, IMHO, implicitly...
 

Bev D

Heretical Statistician
Leader
Super Moderator
So ISO9000:2008 has been obsolete for a long time. Please focus on current standards.
 

Bev D

Heretical Statistician
Leader
Super Moderator
In the interest of elevating this thread above a p!$$!ng contest regardign what the standards do or do not clearly state, require, and might imply or what people infer let’s get a bit more specific about what we mean by:
KPI - what the heck is a KPI? How is it different from a metric, quality objective, or other measure of performance? Give concrete examples.
Goal: there is a difference between a goal and a KPI (or any other measure). Is a goal an objective? Is it a target? How do we know if we have met the goal (objective, target) or not?
Analysis: what do we mean by analysis? Is it as simple meeting the goal? Statistical control? Capability? Is there a ‘cause’ analysis?
NC - what actions would you be looking for if a KPI were not met? And you ‘want to issue an NC”
Corrective actions - what actions are you looking for if a KPI goal isn’t met? Is an analysis as to why the goal wasn’t met sufficient if the result is something outside the control of the organization? Is it action to meet the goal?

Give concrete examples not vague “because the standard says so” statements.
 

AlanC

Involved In Discussions
mmm, so lets say its a delivery metric, from not hitting the target, the thought process is, is it a trend, does it impact the customer, was containment action put in place ( moving into problem solving methodology), have actions been put in place. If it was a stock counting is it as serious as the delivery metric, well it depends on risk. But then, not to be a robot auditor one has to be consistent in that assessment, which one can be. So if there is a risk to the customer ( but is this auditor assessment or actual reality) and there is a trend ( does this mean 2 points in a row) then I would be looking for containment actions and investigation into the cause and supporting actions. If nothing then I would consider this as NC. But from your points above it requires consideration. There are many clauses to link the metric to, risk, planning, metrics , con improvement.
 

Golfman25

Trusted Information Resource
In the interest of elevating this thread above a p!$$!ng contest regardign what the standards do or do not clearly state, require, and might imply or what people infer let’s get a bit more specific about what we mean by:
KPI - what the heck is a KPI? How is it different from a metric, quality objective, or other measure of performance? Give concrete examples.
Goal: there is a difference between a goal and a KPI (or any other measure). Is a goal an objective? Is it a target? How do we know if we have met the goal (objective, target) or not?
Analysis: what do we mean by analysis? Is it as simple meeting the goal? Statistical control? Capability? Is there a ‘cause’ analysis?
NC - what actions would you be looking for if a KPI were not met? And you ‘want to issue an NC”
Corrective actions - what actions are you looking for if a KPI goal isn’t met? Is an analysis as to why the goal wasn’t met sufficient if the result is something outside the control of the organization? Is it action to meet the goal?

Give concrete examples not vague “because the standard says so” statements.
While you might think it’s a contest, it is important to know what the standard actually requires. How many times have we dealt with auditors opinions here? I don‘t want to deal with a NC based on an opinion. Been there, done that and there is nothing worse that affects the credibility of the iso standard.

Your questions are good, but for me boarders on semantics. Spent way too much time on semantics and Iso over the years. Figure out what works and focus on the actual business.
 

rogerpenna

Quite Involved in Discussions
So ISO9000:2008 has been obsolete for a long time. Please focus on current standards.
I said SORRY and only justified why I had erred at post #22.

Golfman than questioned my past interpretation of ISO 9001:2008 (which I only added to show why I had erred) based on the word implicitly. And I explained that he was right, it WAS an opinion, not a requirement. So I explained my opinion. I admited I had erred and I am just trying to explain why of my error, but some of you seem to simply not want to drop the ball. I agree, let's focus on the current standards. For that, just accept my apology instead of continuing to press me forcing me to explain further and further.

In the interest of elevating this thread above a p!$$!ng contest regardign what the standards do or do not clearly state
Absolutely no pissing contest here. I said sorry, I didn´t really think it, and admited I had made a mistake in my previous post and only explained WHY I had the mistake, in no way my posts were trying to claim my interpretation of the previous standard were applicable to the current one.
 
Last edited:

rogerpenna

Quite Involved in Discussions
In the interest of elevating this thread above a p!$$!ng contest regardign what the standards do or do not clearly state, require, and might imply or what people infer let’s get a bit more specific about what we mean by:
KPI - what the heck is a KPI? How is it different from a metric, quality objective, or other measure of performance? Give concrete examples.
Goal: there is a difference between a goal and a KPI (or any other measure). Is a goal an objective? Is it a target? How do we know if we have met the goal (objective, target) or not?
Analysis: what do we mean by analysis? Is it as simple meeting the goal? Statistical control? Capability? Is there a ‘cause’ analysis?
NC - what actions would you be looking for if a KPI were not met? And you ‘want to issue an NC”
Corrective actions - what actions are you looking for if a KPI goal isn’t met? Is an analysis as to why the goal wasn’t met sufficient if the result is something outside the control of the organization? Is it action to meet the goal?

Give concrete examples not vague “because the standard says so” statements.

I am afraid of even trying to answer, as I am 99,9% sure you already know the answers and thus these are just rethorical questions. I must be sincere, there is no other forum that I know on the internet where people disagree so much with others but don´t give answers, just more questions for others to answer and thus prolong the disagreement lol


I will try to answer anyway... ok, I will probably be demolished and debunked. But I will take the bait. It's the internet, everybody gets bashed now and then.

Dont be to hard on me. Just trying to answer your rethorical questions here, not saying "it is how I say"

KPI - what the heck is a KPI?
A quantifiable measure used to evaluate something in meeting the objectives for performance.
How is it different from a metric
All metrics can be considered measures of performance, but not all metrics are KPIs.
Example: A sales department might use 'monthly sales revenue' as a KPI, while 'number of customer calls made' might be a regular metric
quality objective
broader goals related to the quality of processes, products, or services. Example, 'increase customer satisfaction' could be a quality objective.

Goal: there is a difference between a goal and a KPI (or any other measure).
It's a broad primary outcome or objective you aim to achieve. KPIs otoh are specific measures used to track progress towards these goals
Is a goal an objective? Is it a target?
Goals can be both objectives (broader outcomes) and targets (specific milestones)
How do we know if we have met the goal (objective, target) or not?
if the defined criteria, often measured through KPIs and other metrics, are fulfilled.

Analysis: what do we mean by analysis? Is it as simple meeting the goal? Statistical control? Capability? Is there a ‘cause’ analysis?
I think analysis in this context means examining, interpreting and understanding the data, or maybe outcomes, regarding KPIs and goals. Example... If a goal isn't met, analysis may involve looking at market trends, internal process efficiency, and customer feedback to understand the underlying causes.

NC - what actions would you be looking for if a KPI were not met? And you ‘want to issue an NC”
Corrective actions - what actions are you looking for if a KPI goal isn’t met? Is an analysis as to why the goal wasn’t met sufficient if the result is something outside the control of the organization? Is it action to meet the goal?

The analysis is not suficient imho. Even if it's outside the control of the organization. The corrective action does not necessarily mean, in my very humble opinion, that you must change processes to meet the target. The corrective action might be exactly to CHANGE the goals or kpi.
The analysis should identify the reason for not meeting a KPI goal is an external factor. So we have an external factor and we can´t meet that goal. Then lets adjust the KPI, modlfy the goal or develop strategies to mitigate external impacts.
Example: a delivery KPI is not met due to supplier issues, corrective actions might include finding alternative suppliers, adjusting delivery timelines, or revising the KPI to reflect the new reality.
 
Last edited:
Top Bottom