ISO 9000 Management Review in a Small Company - Everyone knows what's happening

C

Christian Lupo

Yes I agree with what you are saying I wanted to illustrate the difference between getting around the ISO requirements and keeping it simple. The manager in my example thought they were the same thing. And yes it does depend on the business practices of management, no matter what size the company. I think ISO detractors would agree with the manger in the example.
 
R

Roger Eastin

To me, the beauty of simplicity is that it makes something like ISO9000 easier to follow. To take a simple approach means you document your system (and check for compliance), to be sure, but you document it simply so that it reflects your current system as closely as possible while allowing consistent execution of your system. I think that ISO gets its "bad" name from those who forget that simple things like "easy documentation" and communication between groups is essential. This has been preached by Deming et al. for a long time. Separation of a sound quality/business philosophy (like Deming or Juran) and application of ISO9000 will mean hours/days of frustration. (After this, the preacher descends from his pulpit...)
 

barb butrym

Quite Involved in Discussions
common sense.....there ought to be a course..simple takes the mystery away.....but to simplify it is a talent..an expertise if you will....not everyone gets it right !!! Once shown the way its 'easy street'.....but when you are led down a yellow brick road to OZ its quite another story.
 

barb butrym

Quite Involved in Discussions
And the next one to step up to the pulpit is......????????? I agree roger..so true..document it ...then use the system to improve itself.
 
D

Don Winton

Barb, I will take the next pulpit.

Simple, ahhhhh, yes, simple. Simplicity is the better method for many companies. I have seen those that believe that the ISO 900x is the MASTER. I believe (IMHO) that it is the SLAVE. It tells us what we must do. We decide HOW we will do it. Marc, I prefer simple, but NOT at the cost of the business’s best interest. Do not implement a system that would be “in compliance” but would cost the business (money, customers, etc.) in the long run. For example, do not implement a system that would cost a small company a fortune in paperwork. Can you explain: the key word is appropriate, but be able to justify when it is not appropriate. Be able to explain if a section (or portion of a section) is not appropriate and WHY!

Christian, there are those who would prefer to comply with the “letter of the standard” rather than the “intent of the standard.” Does that mean that those who do comply are not doing what is best for their business? Maybe, maybe not. Do we, as assessors, judge them for their business practice? No! Objective evidence is our concern. Each depends upon the operation and the philosophy of their management. The example you gave above is a classic. The manager is, what I consider, a “trophy hunter.” He wants the registration without going through the pains of making his operation more profitable and efficient. But, the “pains” of registration can be reduced without sacrificing effectiveness of a ISO 900x Quality Management System.

Roger, I prefer simple but not at the expense of my company’s effectiveness. There are many portions of the standard where I have gone beyond the “letter of the standard” and others that I have “complied with” the standard. Each is, in my (humble) opinion appropriate for our operation. Again, KEEP IT SIMPLE but, in Marc’s words, also APPROPRIATE.

Barb, your insights (as well as all others) are very helpful and provide (me, at least) ammunition to use in my discussions with my management team (they can be stubborn sometimes). I also agree that simple is much easier to spell than appropriate. Perhaps Marc will revert to his original slogan. Perhaps not.

“Short Term Results Must Never Be Confused With Long Term Goals.”

With that said, I surrender the pulpit to the next speaker.

Best Regards,


[This message has been edited by Don Winton (edited 09-14-98).]
 

Marc

Fully vaccinated are you?
Leader
Here's a quickie from Jennejohn's discussion listserve:

-------snippo------

Date: Fri, 11 Sep 1998 11:24:59 -0600
From: Paul Murgatroyd
Subject: RE:Q: Management Reviews/Broodryk/Murgatroyd

Yes, It is useful to consider the management review as a process that will add value to the overall success of the business. Furthermore, it is in my opinion the most vital component of the quality management system (many systems I have observed have failed due to deficiencies in the management review process. Furthermore this widespread and chronic state of decifiency is perpetuated by registration organizations typically accepting what I believe to be insuffcient objective evidence of compliance with the spirit of the related requirement clause. Hopefully, from what I have seen in the working drafts this will be addressed by the next edition of the International Standard ). More specifically, a properly designed and implemented review process will ensure that the system continues to develop towards an optimizing state in terms of a capability maturity model (capable in terms of delivering against the desired objectives). Ideally, the approach is proactive. with a focus on continuous improvement involving the PDCA cycle. As well, it is advisable to integrate the review into the overall strategic business planning process. The Actors in this process should include the most senior level of management that would normally be involved in strategic business planning. Again, the management review process will be the engine of improvement if properly implemented.

The management review process can be defined using the standard process model comprised of input, process activities, and output . A model I have found to be useful in this case is as follows:

Inputs:

Customer feedback data (eg: complaints, survey results, etc.)
Internal feedback data (eg: inspection results, internal audit results, etc)
Regulatory requirements
Benchmarking data
Present strategic objectives for quality management
Other relevant information

Process Activities:

Presentation of the input data that facilitates identification of levels and trends in outcomes
Comparative analysis of outcomes achieved against the desired strategic objectives Conclusion regarding effectiveness and of the present system in delivering the desired objectives
Planning the correction of known deficiencies and prevention of potential deficiencies

Outputs:

Corrective or preventive action plans
Revised strategic objectives for quality management

Although this is a fairly cursory address of your question, I hope it will be of assistance. If you can get your hands on a working draft of the next edition of ISO 9001 and ISO 9004, it will also provide some useful guidance. I invite you to contact me directly via e-mail if you would like to engage in more detailed dialogue on this topic.

Regards Paul J. Murgatroyd
Uniserve.com
 

Marc

Fully vaccinated are you?
Leader
A Management Review Story!

Subject: Re: Management Responsibility /Syed/Bradley
Date: Tue, 13 Apr 1999 12:56:02 -0600
From: ISO Standards Discussion

From: Mark Bradley
Subject: RE: Management Responsibility /Syed/Bradley

> Hi,
>
> I am working as Quality Assurance Coordinator/Quality Management Rep. in
> a group in Doha, Qatar (Gulf/Middle East Region). I have started this
> since Oct '98. The group itself is chaired by Chairman, who is the only
> and final authority for providing resources. And only limited
> authorities have been given to company managers. There are 15 companies
> in Our Group.
>
> The problem is Our Chairman has a very busy schedule and I did initiate
> Group Management Review Council as reqd. in 4.1.3 of ISO 9002:94, but
> despite agenda were distributed, he had to leave for some business trip.
> As defined in the procedure, his brother, i.e. Vice-Chairman was
> supposed to chair the meeting, but he refused to attend the meeting
> stating that it was not his duty to attend the meeting.
>
> As all members of this review council, i.e. Executive Council for
> Quality, were very disappointed and started to leave. This caused a
> company-wide demotivation and as MR, I am trying to find some new
> strategies.
>
> These are:
>
> 1. To implement ISO 9002:94, from Company Manager Level without
> involving Chairman and Vice-Chairman even they are only and final
> authorities to provide resources (i.e. mentioning them as NOT in
> Scope).
> 2. If this is not possible, can we send them meeting minutes to take
> action without reviewing and discussing with Council members?
>
> I hope that you can understand the situation. Please give any suggestion.
>
> Syed Muhammad Ali, QA Coordinator/QMR.

I would suggest the following:

Create an ISO Implementation Team that has as it's members an individual from each of the departments. This team is your Action group. Meet frequently and use this team to coordinate your implementation of ISO. Meet with upper management quarterly to fill them in on the actions of the Implementation team. This worked well at a company I worked for in getting QS-9000, and I am using it presently at my present company to pursue ISO9002.

You still meet the requirements this way, but don't have to depend on upper management to be at all the meetings necessary to implement ISO.

----------snippo----------

Subject: Re: Q: Management Responsibility /Syed/Paris
Date: Tue, 13 Apr 1999 12:43:12 -0600
From: ISO Standards Discussion
Subject: Re: Q: Management Responsibility /Syed/Paris

Interesting post, Mr. Ali. I've had similar experiences, and one former client appears to be about to lose registration because the CEO felt that when the certificate was on the wall and the consultant (me) left, his involvement was over.... despite all the training I gave him to the contrary. He's since cancelled three review meetings, and the surveillance audit is pending. It's not reassuring.

The standard says "The supplier's management with executive responsibility shall review the quality system at defined intervals." It does not require management review MEETINGS... although obviously auditors like to see them, and such meetings are the most effective way for management to do the review. I've spoken with a few registrars about this particular issue and they say that an acceptable method IS to have reports sent to executive management for their review, but that in order to meet ISO 9000 the managers must do more than just RECEIVE the reports. There must be proof that they are reviewing the information and actually feeding the results of that review back into the system for improvement. For example, simply initialing the reports as "received" is not sufficient. This is difficult to do from a distance --- but not impossible.

There is no ISO9000 requirement that the managers be sitting in the same room. ISO must be flexible enough to accomodate modern office communications (teleconferencing, internet, etc.) Perhaps you can develop a means to satisfy the standard without having your CEO physically present. He must be PSYCHOLOGICALLY present, though.... and it's unclear from your post if he's really bought into the program or not. You say he's "busy." If he really wants the benefits of ISO (other than the certificate and marketing advantages) he will incorporate the needs of ISO into his schedule, even if it makes him busier. Then there's the question of will he be too busy to be physically present during the AUDIT, which IS required!

>As all members of this review council, i.e. Executive Council for
>Quality, were very disappointed and started to leave. This caused a
>company-wide demotivation and as MR, I am trying to find some new >strategies.

This illustrates the greatest harm uninvolved executive management can have.

>These are:

> >1. To implement ISO 9002:94, from Company Manager Level without involving Chairman and Vice-Chairman even they are only and

> >2. final authorities to provide resources (i.e. mentioning them as NOT in Scope).

This is completely NOT something you want to do, and will likely be a major nonconformance in an audit. Again, the standard calls for "The supplier's management with executive responsibility " to do the review. Excluding them from the scope is like excluding the entire 4.1 element from the scope, and that constitutes a missing element --- a major nonconformance.

Your second option, sending minutes, MAY work as I discussed--- but it will be very tricky, and will still require your CEO's absolute involvement, even if it's from a plane or 2000 miles away.

[This message has been edited by Marc Smith (edited 04-18-99).]
 

Kevin Mader

One of THE Original Covers!
Leader
Admin
Marc,

This post kills me! This is what feeds that stereotype we just discussed about Senior Managements role in an organization. The Top Person in any organization sets the tenor. If senior managament believes Quality is the Quality departments responsibility, the possibility for improvement is virtually lost. Fortunately, Mr. Ali might be able to set up the organization to pass ISO 9002 from a middle position, but sadly it will be a smoke and mirror approach. I would like to be a fly on the wall as the Registrar's auditors sit down with the Chairman and Senior Management (including the Vc who said it wasn't his duty) when they cover Management Responsibility and the Quality System. It really pisses me off when I hear or read a story like this one (excuse my grammar here). Management Review is for ALL of management. In my organization, I recall the first couple of Management Review meetings lacked commitment and cross functional input. Folks looked at me and thought I put a poor agenda together and that I was ill prepared for the meeting. They were reluctant to come to the next meeting. So was I. I had to stop the second meeting to ask the group whose meeting this was, Mine or Theirs? What looks of astonishment. They had no idea that this was Our meeting! Most had not even read the Management Review SOP (I might add it contained the Standard Agenda and explained the need for Management Review with other guidelines)! Then others complained about the semantics chosen for the Agenda (no comments during draft review, plenty came during the meeting). Well, I shrugged it off after a couple of days. The system will yield what the system is capable of. And that was what it did (complainers). Subsequent meetings have improved, folks are more prepared, and fortunately Senior Management is supportive, unlike Mr. Ali's position.

Final comment: It is every managers DUTY to prepare and participate in Management Review. The Vice Chairman (regardless if it is formalized in a procedure or not) is DEAD WRONG!

Good post Marc. Now back to the group...

[This message has been edited by Kevin Mader (edited 04-20-99).]
 
M

Michael Lofting

I have a similar problem.

General Manager of the Company understands his role in the scheme of things.

Managing Director (his father) is a loose cannon who wanders in and out of the business, refuses to use purchase orders, never attends any training sessions and moans about cost of implementation.

I just wrote him out of the system.
 

Kevin Mader

One of THE Original Covers!
Leader
Admin
Sounds like a good idea. Unfortunately, being a key role in the organization, this will undoubtably raise some suspicion with a Registrar once it is discovered. Management Commitment is key, and the lack of it from a Senior Level position would indicate to me that the Registration is a smoke and mirror job. What is worse, folks below, understanding the intent and standing behind it, are overshadowed by the blatent disregard for structure. Too bad.

Back to the group...
 
Top Bottom