Human Resources, Finance and Administration in ISO 9001 - Procedures and formats

V

venkat

Human resources, Finance and administration department in ISO 9000

i would like to know what types of procedures to be developed if a company wants to include Human resources, Finance and Administration departments in the ISO 9000 certification process.

I have prepared a Human Resources manual for HR department, which gives a broader policy on recruitment, training, leaves, deputation, transport termination etc. and also formats are there.

Similarly for Finance department I have prepared a procedure for purchases, purchases involving capital expenditure, auditing etc.

Are there any more procedures to cover in this area

Can others enlighten me please
 
E

energy

I won't

Venkat,
Our intent is to omit the Marketing and Financial Departments from ISO. I don't see anything in the standard where there may be a requirement to include these. These are areas where you decide how to improve your customer base and profitability. Our consultant has indicated that they are not necessary for ISO registration. Not doubting him, I have looked for a connection between the standard and those departments. Be careful of overkill. You have enough to do! JMHO. Others?:bigwave:
 
V

venkat

There is no requirement in the standard. However I dont see anything wrong to include these. This is because we are talking of business processes. This need not necessarily include technical areas only. Other areas can also be included. For example, HR is not involved in day to day production. But recruitment and training they are involved. ISO talks about training.

Similarly finance is involved because we have approved lsit of vendors based on quality of the materials, timely delivery and cost factor. The cost factor is decided by finance.

I dont see any reason why we should grant immunity to administration, HR and finance departments from ISO. By doing so we are giving room to them to do as they wish and work in an adhoc manner.

When one section of an organisation complies to a standard procedures and quality system, why not others?

They also should learn what is quality. This willpave the way for total quality maangement in gthe organisation
 
J

Jim Biz

Processes?

:bigwave: energy??

With the new "process approach" can you justify omitting all Marketing & Finance actions as "core inputs" or customer satisfaction outputs - to the business process?? :confused:

Seems to me both would have impact on continual improvement and customer satisfaction. - And because of these inputs - in the Marketing or Financial managers would be most suitable to be selected as Management rep ?

Regards
Jim
 
E

energy

Go for it!

Venkat,

I made no mention of excluding HR or Administration from the processes. They have certain responsibilties that are alluded to in the standard. Your decision to include all departments in the scope, is just that. Your decision. Your post solicited ideas about some areas that you may have missed. While your intentions are honorable, I have always followed the KISS principle. If it's not a requirement, don't make it one. You provide Auditors with additional information that becomes auditable. JMHO.
 
V

venkat

The decision to make it auditable or not can be decided at a later date. Have the process set and implemented for all departments

That is the goal
 
E

energy

A stretch!

Jim,

If you look hard enough and deep enough, you can “justify” including just about anything. I don’t condemn those that want to go above and beyond. It really comes down to personal choice. I say if you have the time and resources, do it. Imagination and interpretations abound. It just seems like a stretch, to me, to include Marketing and Finance Departments in the scope of our ISO. This is my own personal take:
Marketing traditionally focus on broadening the Customer base by developing strategies to compete in the marketplace. Hence the word “Marketing”. Their aim is to find New Customers. Hardly, Customer Satisfaction as I know it. (More later)
The Finance Department is like a bank. Hence the word “Finance”. They take in and manage the cash/assets. They also provide the resources for Managers who have determined they need this or that because of requirements. Purchasing is tasked with the selecting vendors based on cost, reliability and history, so it’s a stretch to say Finance is involved. Sales/Application/Project are responsible for providing reasonable quotes to Customers, with an eye on the profit margin. So, again, it’s a stretch to say Finance is involved.
Customer Satisfaction. My understanding, by looking at other resources, is that this pertains to all after sale Complaints/Feedback, which in our case involves anybody with a phone in a position to receive feedback or complaints. Other Customer Satisfaction initiatives such as Surveys and other measuring methods (repeat orders, increased orders, etc.) are the responsibility of our Sales team. Our procedure will address the various people responsible and the method of reporting this information for management Review. Neither the Marketing or Finance will have a role in measuring Customer Satisfaction.
Their possible participation in Continuous Improvements initiatives simply eludes me. But, I guess, if you Continuously Improve everything, that’s a good thing. Hey, I can use it.
Finally, the Marketing and the Finance Managers do not have a clue what ISO is and there's not enough time left in my career to train them to fill the MR function.
 

E Wall

Just Me!
Trusted Information Resource
Different Take...

From my undersanding of Venkat's posts the effort is related to 'Standardizing the Processes related to the HR, Marketing and Financial Departments' and is intent on adding them to the ISO Certification Scope as a means to hold the related management accountable.

IMHO, discuss this with your top management, leaving the decision to them whether or not to include in the ISO Scope. I also see problems relating with dissassociated departments if you have accountability issues and no internal audit scheme for them, but have to agree with Energy that these processes not included in the ISO requirements would be better off if held separate.

Best Regards, Eileen
 

Marc

Fully vaccinated are you?
Leader
> Marketing traditionally focus on broadening the Customer
> base by developing strategies to compete in the
> marketplace. Hence the word "Marketing".

Well, yes and no. It depends on their total role in the process, especially their role with respect to sales (if sales is a different department - depends upon the company). Often times marketing is presenting product specifications, in one form or another, to potential customers. Usually marketing gets this info from Sales which gets it from product engineers and /or the design folks in the company.

During an implementation, I address accounting and sales / marketing and include them in the top level 'process' flow. Of lesser concern is their internal procedures. But even here - they should be complying with, for example, document control requirements as defined by the company.

I say this only to point out that you have to look closely at what each department does. Inputs and outputs. If the company puts out sales 'literature', where's the inputs? Granted - for some products this may not be a 'significant' issue. But with others product information on sales literature is very important.

> So, again, it's a stretch to say Finance is involved.

Not so fast, here. Again, there are inputs and outputs. The auditors may not ask to 'see the books' (which they have no reason to ask for anyway), but ISO 9001:2000 has opened the doors in many ways. For example, take the discussion in the following post re: OSHA and ISO 9001...
 

Marc

Fully vaccinated are you?
Leader
ISO 9001 and OSHA

From: The ISO Listserve
Date: Mon, 30 Jul 2001 09:34:32 -0500
Subject: Re: Design Legality & OSHA (2)/Naish

From: PNaish

Previously I posted 2 questions regarding legal ramifications of design and OSHA requirements.

First to answer the industry: my friend works for a computer manufacturing company that sells world wide but the computer are used in various products from low end low tech to use in cars to who knows what.

I asked her to call the auditor and have him give her references for what he is saying they will be auditing for under the new 9001 standard. His response was as follows:

For the OSHA type requirements he told her to look at 6.3 (which is infrastructure) and 6.4 (Which is work environment). He indicated that the registrar he works for said that these two sections mean the auditors are to look for unsafe working conditions and indicated things that OSHA would be looking for such as oily floors and electrical cords exposed and trip hazards and falling hazards, etc.

I think the auditor is going a little too far as this is outside the scope of his audit and I do not see how he interprets the work environment to include OSHA and the remaining safety areas he is talking about. The company does comply with OSHA and have been audited by them and comply. I do not think there is anything they need to do unless someone else has any ideas about what this auditor is looking for. As far as I can tell the registrar does not do safety audits so I do not think this has anything to do with it.

For the legal ramifications of design he said to look at 7.2.1.b ...requirements stated or not .. and for intended use along with c statutory and regulatory for product.. Further he told her to look at 7.3.2b and 7.3.3d regarding safe and proper use. He said they would be looking for records that the company had checked with the customer what the intended use was and if there were are legal ramifications of the customer's use that they needed to be aware of. He also said that they would need to have records showing they knew that what they were making met the regulatory requirements of the end customer.

For review of the sections he references I can see how some of the legal portion applies as far as regulatory but the company can not know whether the customer is going to sell to Timbuktu or where the customer is going to sell it so the only place they sell to that I think is appropriate for them is where the customer is. The customer then becomes responsible for the application of where they sell it. Is this not correct?

I think the auditor is a little too eager and suggested she wait and see what happens in the next audit. This audit was to the old standard so I would continue with what they are doing in this area. Anyone see anything differently?

If anyone has anything that differs with my opinion please let me know so I can pass the information on to her. Also if anyone else has heard the same thing from their auditor would you send me an email off line so I can see if it is just this one person or if it is a registrar's interpretation.

Thanks,

Phyllis

****************************

I stand by my previous posts on compliance auditing vs. conformance auditing and agree that this auditor is being overzealous in his/her pursuit (I'm being nice in my characterization). ISO auditors are systems and process auditors; we are not OSHA experts, environmental regulators, or lawyers, or nuclear regulators, or FDA inspectors, on and on. Seems to me as if this auditor is one of those that give others of us a bad name.

Cheers...and have a great day!

John

***************************

From: Nancy J
Date: Tue, 31 Jul 2001 10:02:46 -0500
Subject: Re: Design Legality & OSHA (2)/Naish/Vianna

From: Sidney

No (mentally) sane auditor would expect an organization to be legally responsible for what their customer do with the products delivered by the supplier. For example, if I produce lead, and this lead finds itself being used in the production of residential paint (illegal in the US) without my knowledge, I obviously can not be held responsible, nor liable for that fact.

On the other hand, as part of my business risk management, I need to ensure that the products that I develop and market are legal within the marketplaces I am (trying) to sell it. There is nothing new. For example, if I am an Italian manufacturer of cars and I want to export my vehicles for sale to the US, not only I need to certify and homologate the vehicle for US Standards, but very likely will have to do something more, in terms of emission, IF I want to sell it in California, where there are more stringent requirements for anti-pollution devices.

Concerning occupational health and safety requirements, I am amazed how (supposedly) professional auditors fail to carefully read the REQUIREMENTS of the Standard.

Both paragraphs 6.3 and 6.4 address "...NEEDED TO ACHIEVE CONFORMITY TO PRODUCT REQUIREMENTS...."

This means that we are concerned with the product quality characteristics. So, for example, we are manufacturing semiconductor wafers, very likely we will be doing it in CLEAN ROOMS, with different levels of cleanliness, depending on the criticality of the product. Sterile rooms if we are dealing with medical devices, drugs, etc. . .. If I am producing photographic film, I will be probably be doing it in a totally dark room. These are examples of work environment considerations.

For an example as an "infrastructure" case, if I have a manufacturing process that requires compressed air at 125 psi, and my air compressor is capable only of delivering 100 psi, I have a problem.

Auditors that fail to realize the scope of a Quality Management System Audit and start tackling safety and environmental issues are doing more damage than good. Integrated management systems and audits are definitely the way of the future, but until an audit is officially and formally deemed as an INTEGRATED AUDIT, auditors HAVE to refrain from deviating from the scope of the audit.

Sidney V

****************

From: Nancy
Date: Thu, 26 Jul 2001 17:05:56 -0500
Subject: Re: Meeting OSHA Requirements /Naish/Pfrang

From: dep

> Same friend was also told the auditors will now be auditing for compliance to
> OSHA during their audits. Anyone know anything about this? Does this mean all
> auditors will now have to get trained in all the OSHA requirements?

Recognizing that what I say here might have nothing whatsoever in common with what ISO auditors actually do in the field, I see the situation as follows:

1. Auditing to OSHA regs is an enormous undertaking -- the reg book is as thick as a phone book -- so ISO auditors would be biting off far more than they could possibly chew if they were to attempt to audit against specific OSHA requirements.

2. ISO auditors are not hired to audit to OSHA regs, so they have no authorization in their work plan to perform such audit.

3. I don't have the exact wording in front of me, but the ISO Standard does require companies to include regulatory requirements as an input to their quality system. Accordingly, ISO auditors would not be overstepping the work plan to ask how the company incorporates OSHA requirements as an input. If the company has no mechanism for incorporating OSHA requirements, this might be treated as a nonconformity -- not because of any specific OSHA violation, but because of the quality system deficiency in not having a mechanism for incorporating the requirements.

4. If the ISO auditor sees what appears to be a specific OSHA violation during the ISO audit, the ISO auditor would not be overstepping the work plan to point out the violation as a remark.

5. ISO auditors are hired to perform specific tasks. If they stray beyond those tasks, the company has a valid basis for asserting that (1) the auditor is doing things the company has not hired him or her to do, and (2) the auditor is not spending enough time doing the things the company has hired him or her to do.

My $0.02.

Doug P

*********************

From: Nancy
Date: Thu, 26 Jul 2001 17:20:29 -0500
Subject: Re: Meeting OSHA Requirements /Naish/Holtz/Kiely

From: GKiely

> From: "John H
> >
> > From: PNaish
> >
> > "Same friend was also told the auditors will now be auditing for compliance
> > to OSHA during their audits. Anyone know anything about this? Does this
> > mean all auditors will now have to get trained in all the OSHA requirements?"

> Woooo...Phyllis, I have a real problem with this post, which also makes me
> ask if I'm missing something pretty basic in my general understanding of
> standards and regs. OSHA auditing is penalty-driven compliance auditing,
> & ISO auditing is improvement-driven conformance auditing, and the twain
> neither mix nor meet (reference my post on the definitions of these two).
> I'll keep my mouth shut and watch for other responses to this....

John,

I am in total agreement with your post... It is totally insane to even consider that an ISO auditor would have any type of federal regulatory authority. Our facility currently maintains 'STAR' status in OSHA's voluntary protection program (VPP). The STAR award is the highest award given as part of this program. Participation in this program requires many voluntary audits from trained OSHA auditors to retain this status. The only conceivable way I could see an ISO auditor getting involved in a company's safety program(s) would be if the safety procedures were part of the company's document control system and he found some sort of break down in that system. Lets not forget, in this country (US) ISO is applied as a matter of good business... OSHA is applied as a matter of law....

GKiely
 
Top Bottom