SBS - The best value in QMS software

Do We Have to Comply with Our Own Procedures?

Q

Quality_Steve

#21
#21
IMO...If you are not following the process/procedure as written then you should ask yourself, is the process/procedure necessary? If it's not a necessary process, as in it has no influence on the finished product and not required by ISO, get rid of it! If it is necessary, is the process written to align with best practices? If the actual process achieves the same or better results than the written process, it time to re-write the process.

The problem I run into is we write great processes and people will choose not to follow the process through carelessness or impatience. :frust:

If it takes a little longer to do it right the first time, it is still quicker than doing it twice.:mad:

But I digress, I was handed a QMS three months before certification. I had little knowledge of ISO or quality in general. I had to quickly polish up what was already written, find the holes, and make it work. Now that we are certified, I have had the time to really look at things and see if they make sense. I have found that we have over-documented everything. We have process flows for filling out forms.:(

The Cove has been a very helpful resource!:D
 
Standard Work Instruction Software by Dozuki
Elsmar Forum Sponsor
John Broomfield

John Broomfield

Staff member
Super Moderator
#22
#22
Re: We no longer have to comply with our own procedures - OFFICIAL !!

Sidney Vianna said:
A 10 year old thread resurrected....:mg:

4.1 of ISO 9001 talks about determining methods (procedures, work instructions, command media, etc.) related to the QMS processes. Further, it requires organizations to implement actions to ensure processes are deployed.

If we agree that we develop documentation to define how processes should operate, a requirement for implementing actions reads, IMO, as: follow the procedures. You can not truly implement processes if one deviates from the documentation that describes how the process is supposed to be carried out.
Click to expand...
Sidney,

I resurrected this discussion because it had not been concluded with what ISO 9001 actually specifies when comparing the 1994 and 2000 versions.

And yet we still see auditors reporting employees for failing to conform to procedures as a nonconformity to ISO 9001:2008. Now they no longer have the old 4.9c clause they even have to imagine the requirement to do so!

Implement means use the organizational management system to put it into effect including its many provisions for managing change. Implement does not mean conform to procedures that may not work.

Sure, management may require conformity. But ISO 9001 no longer specifies that employees shall conform to the plans, procedures or instructions.

May I suggest the acid test is the 7.5.2 for validated processes? The specific methods have to be used but the requirement to conform to the specific methods is left to management.

John
 
John Broomfield

John Broomfield

Staff member
Super Moderator
#23
#23
Quality_Steve said:
IMO...If you are not following the process/procedure as written then you should ask yourself, is the process/procedure necessary? If it's not a necessary process, as in it has no influence on the finished product and not required by ISO, get rid of it! If it is necessary, is the process written to align with best practices? If the actual process achieves the same or better results than the written process, it time to re-write the process.

The problem I run into is we write great processes and people will choose not to follow the process through carelessness or impatience. :frust:

If it takes a little longer to do it right the first time, it is still quicker than doing it twice.:mad:

But I digress, I was handed a QMS three months before certification. I had little knowledge of ISO or quality in general. I had to quickly polish up what was already written, find the holes, and make it work. Now that we are certified, I have had the time to really look at things and see if they make sense. I have found that we have over-documented everything. We have process flows for filling out forms.:(

The Cove has been a very helpful resource!:D
Click to expand...
Quality Steve,

Three questions:

  1. Who requires employee conformity to procedures?
  2. How do they make this clear to the employees?
  3. Do they cite an ISO requirement to conform or is it their own?
Managers may also say "use it or improve it".

By the way, well done!

John
 
Q

Quality_Steve

#24
#24
John Broomfield said:
Quality Steve,

Three questions:

  1. Who requires employee conformity to procedures?
  2. How do they make this clear to the employees?
  3. Do they cite an ISO requirement to conform or is it their own?
Managers may also say "use it or improve it".

By the way, well done!

John
Click to expand...
Very good questions! I believe these views have been pasted down from different parts of the organization that have been ISO certified since 1994. I would have to say it more management requiring conformity than anything. Many of the requirements we impose upon the production floor are stated in their quality log instructions.

I've always heard the old saying, "Say what you do and do what you say."

Now you make me question the very foundation in which I stand on:confused:
 
Sidney Vianna

Sidney Vianna

Post Responsibly
Staff member
Admin
#25
#25
Re: We no longer have to comply with our own procedures - OFFICIAL !!

John Broomfield said:
Implement means use the organizational management system to put it into effect including its many provisions for managing change. Implement does not mean conform to procedures that may not work.

Sure, management may require conformity. But ISO 9001 no longer specifies that employees shall conform to the plans, procedures or instructions.
Click to expand...
John, we have had this discussion in many threads, post 2001. For example, in the Not following the Procedures is a Nonconformance? Sales department thread. I stick to my comment that I wrote:
4.1. Failure to follow established procedures signify failure to implement PROCESSES, as devised. ISO 9001 is about process control & improvement. Documented procedures exist to describe how the process is supposed to work. Thus, and obviously, if you are not following a documented procedure, chances are, you are deviating from the intended way the process is supposed to be executed. Unless it is one of those instances where the documented procedure has not been revised to catch up with the intended process.
Click to expand...
 
John Broomfield

John Broomfield

Staff member
Super Moderator
#26
#26
Quality_Steve said:
Very good questions! I believe these views have been pasted down from different parts of the organization that have been ISO certified since 1994. I would have to say it more management requiring conformity than anything. Many of the requirements we impose upon the production floor are stated in their quality log instructions.

I've always heard the old saying, "Say what you do and do what you say."

Now you make me question the very foundation in which I stand on:confused:
Click to expand...
Quality Steve,

No worries as long as the requirement for employees to conform to policy, plans, procedures and instructions comes from your management as and when required.

John
 
John Broomfield

John Broomfield

Staff member
Super Moderator
#27
#27
Re: We no longer have to comply with our own procedures - OFFICIAL !!

Sidney Vianna said:
John, we have had this discussion in many threads, post 2001. For example, in the Not following the Procedures is a Nonconformance? Sales department thread. I stick to my comment that I wrote:
Click to expand...
Sidney,

You stated:

"4.1. Failure to follow established procedures signify failure to implement PROCESSES, as devised. ISO 9001 is about process control & improvement. Documented procedures exist to describe how the process is supposed to work. Thus, and obviously, if you are not following a documented procedure, chances are, you are deviating from the intended way the process is supposed to be executed. Unless it is one of those instances where the documented procedure has not been revised to catch up with the intended process."

In 4.1 is see no requirement specified to "implement processes as devised".

I agree that the process and procedure are meant to match, except when:

  1. The documented procedure has been countermanded by someone in authority.
  2. The documented procedures does not work.
  3. The documented procedures is not be up to date.
  4. The documented procedure is undergoing active corrective action (to demonstrate effectiveness before updating the document)
The 1994 requirement to comply in all cases was corrected in 2000.

It is now up to management to say when conformity to procedures is required.

Auditors increasingly investigate the effectiveness of process monitoring per 8.2.3 instead of reporting employees for not following procedures.

John
 
Sidney Vianna

Sidney Vianna

Post Responsibly
Staff member
Admin
#28
#28
Re: We no longer have to comply with our own procedures - OFFICIAL !!

John Broomfield said:
In 4.1 is see no requirement specified to "implement processes as devised".
Click to expand...
I don't see how
determine criteria and methods needed to ensure that both the operation and control of these processes are effective,
Click to expand...
could be interpreted in a different manner.
 
John Broomfield

John Broomfield

Staff member
Super Moderator
#29
#29
Re: We no longer have to comply with our own procedures - OFFICIAL !!

Sidney Vianna said:
I don't see how could be interpreted in a different manner.
Click to expand...
Sidney,

I agree. This requires effectiveness not conformity:

"Determine criteria and methods needed to ensure that both the operation and control of these processes are effective".

But conformity and effectiveness only coincide when the procedure is exactly right.

How often is the procedure exactly right? Most procedures are in need of improvement and auditors want to see auditees doing this for themselves.

I am sure we agree that auditors clamping down on ineffective procedures does no one any good. It leads to no changes unless the auditor says so.

Such dependency undermines the independence of audit.

Hence the need to audit process monitoring per 8.2.3 rather than employee conformity per no clause at all.

John
 
Paul Simpson

Paul Simpson

Trusted Information Resource
#30
#30
Firstly I agree with Sidney that raking over the coals is non value adding when there is so much else of more worth to talk about.

But there is a general point worth making. When ISO went away from the 20 clause structure for the 2000 edition this meant a change of approach for both standard writers and users. So if you want to write in a requirement to manage a process and to ensure that employees follow any documented procedures intended to control the process then it is likely that this single requirement is incorporated in a couple (or more) requirements in the text.

I try to explain it as drawing threads through the standard to establish a requirement and, as has been mentioned, clause 4.1 describes processes and their control, 4.2 covers documenting processes, 7.1 covers planning, 7.5 control of operations (I still can't bring myself to use 'Product Realization' :D) and (finally my particular answer to the question) 5.5.2 a for responsibility for ensuring these process controls and procedures are implemented.
a) ensuring that processes needed for the quality management system are established, implemented and maintained,
Click to expand...
Hope this helps.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
J WAIVED ON Q1 - We Don't have to comply with FORDS customer specific requirements IATF 16949 - Automotive Quality Systems Standard 2
M FULFILMENT of compliance obligation versus COMPLY with compliance obligations ISO 14001:2015 Specific Discussions 2
L Proof of Concept Studies - Do we need to comply with SAE reporting? Medical Device and FDA Regulations and Standards News 3
M MDR, RED and LVD - Should our device comply with them? EU Medical Device Regulations 3
R MDR standards - which standards to comply with ? EU Medical Device Regulations 3
M Informational Some things the EU MDR 2017/745 does not tell you, but you may need to know to comply with it effectively – Part 1 Medical Device and FDA Regulations and Standards News 0
B How to comply with IATF 16949:2016 9.3.2.1k - Management review IATF 16949 - Automotive Quality Systems Standard 2
S How to make Single Sign On (SSO) Comply e-sig requirements? ISO 13485:2016 - Medical Device Quality Management Systems 4
Z Does a website needs to comply with Part 11? Qualification and Validation (including 21 CFR Part 11) 6
Q How to comply with ISO 9001:2015 Clause 7.4 Communication ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
B Quality Policy does not include a commitment to comply with legal requirements Quality Management System (QMS) Manuals 5
S A CE Marked Product that does not comply with the Standard EU Medical Device Regulations 7
H Job Descriptions to comply with ISO Standards ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
M Medical devices are CE mark but not sold in EU - Need to comply with REACH? RoHS, REACH, ELV, IMDS and Restricted Substances 9
M How do you comply with 7.2.3 Customer Comunication AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 9
M Do I need to comply with both the MDD and the PED for my Medical Device? EU Medical Device Regulations 8
S Selecting materials for implants to comply with ISO 10993 biocompatibility Other Medical Device Related Standards 4
A Type of Materials to comply with IEC 60601 (Dental Laser Case) IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
S Definition Comply - What does 'comply' mean to you? (Definition) Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 3
O Comply with 21 CFR 11, but no other FDA regulations? Qualification and Validation (including 21 CFR Part 11) 4
J ISO 9001 Clause 7.5.2 Validation of Processes - How to comply? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 32
A ISO/TS 16949 - Comply SPC requirements Statistical Analysis Tools, Techniques and SPC 22
K Identifying Required Testing to comply with IEC 60601 EU Medical Device Regulations 4
G What is meant by FAI (First Article Inspection) and how do we comply? AS9102 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 26
C Do all Class 1 Medical Devices (Electrical) have to comply with IEC60601-1? IEC 60601 - Medical Electrical Equipment Safety Standards Series 11
P Outsourced Manufacturing - Making Subcontractors comply with TL9000 TL 9000 Telecommunications Standard and QuEST 2
R Dielectric Strength of Triple Insulated Wire to comply with 2MOPP IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
Fender1 How to comply with ISO 9001 and provide quick/short lead-time orders? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
B Commitment to Comply - ISO 14001 Clause 4.2 - Environmental Policy ISO 14001:2015 Specific Discussions 6
G Are Component Manufacturers required to comply with ISO13485:2003 ISO 13485:2016 - Medical Device Quality Management Systems 4
G How to comply with 4.4.5 Contol of Documents - Documents of External Origion Miscellaneous Environmental Standards and EMS Related Discussions 6
J Which kind of medical equipment must comply with IEC60601-1-8? IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
A Procedure for Translating User Documentation to comply with MEDDEV 2.5/5 Other Medical Device Regulations World-Wide 14
H Proprietary Processes - How to Protect and still comply when performing an FAI? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
D How To Comply with ISO 9001 Clause 6.2.2 d (Personnel Awareness) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 16
P ISO 14971 - Is it a guidance document or should we fully comply with it? ISO 14971 - Medical Device Risk Management 14
J Does my company's Business Plan Contents comply with requirements of TS 16949? IATF 16949 - Automotive Quality Systems Standard 2
AnaMariaVR2 Link between failure to comply w/ Lab PPE standards & ISO9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
harrysons Automotive product transferring process what requirement to comply? IATF 16949 - Automotive Quality Systems Standard 3
A How to comply with ISO/IEC 17025 Laboratory Requirements ISO 17025 related Discussions 7
L Questions: Plastic Food Container to comply with FDA US Food and Drug Administration (FDA) 6
Q Product Realization Procedure - How to comply with ISO 9001 Clause 7.1 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
Q Suppliers Monitoring their Processes - How to comply with Clause 7.4.3.2 IATF 16949 - Automotive Quality Systems Standard 6
L How to comply with AS9100 Clause 7.6 - Monitoring and measuring devices to be used AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 31
I AS9100B Cl 7.5.1.3 - How to comply with validation of production tools requirement? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
K Quality Policy - Potential problem? Adding a Paragraph to Comply ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 27
N Requirements to Comply With FDA 21CFR820 For Invitro Diagnostic Device 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 8
N IVD Manafucturer in India - What Regulatory Requirements to Comply? ISO 13485:2016 - Medical Device Quality Management Systems 7
J How should customer complaints be handled to comply with ISO 9001? Customer Complaints 4
J How to comply with 7.2.1 - Customer Related Process ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6

Similar threads

Top Bottom