Poll: Should auditors promote the process approach?

[Jim Wynne]

Can you say that the Bible is not clear in its intent? If the Bible is clear then how come there are quite a few Christian-based religions? Isn't this partially (if not mostly) a result of interpretation and implementation? And if it can happen with the Bible then why couldn't happen to a measly standard?

Let's not drag religion into this, please, but I think the Bible is anything but clear in its intent, which is the reason for all of those different interpretations. That which is clear should be impervious to disparate, contradictory interpretations. If the standard were to say, for example, that the organization shall implement the process approach, and gives a rigorous, normative definition of what "process approach" means, auditors and auditees would know what to do.

 

[outoftown]

:truce: <clipped for brevity>
The question is simple: "If an organization has not adopted the process approach, is it appropriate and proper for a third-party (registrar) auditor to formally identify "adopting the process approach" as an opportunity for improvement?"
<clipped for brevity>

IMHO, I think the question leads to too many "if" factors. I believe the answer will be "it depends", based on whether the client is struggling or happy with their system, whether the client is one of the satellite facilities of a larger organization and is just following the approach corporate has implemented, whether the auditor is being witnessed by the accreditation body or by their own management at the time of the audit, whether the auditor is working solo or with an audit team, whether the client used a consultant and if the consultant is present, etc. I would even consider how long the current system has been in place and how many auditors that preceeded me have accepted it.

Read the following article by Mike Micklewright which was published in Quality Digest 1/2007 issue. He delivers a scathing review of auditors that promote a process approach via use of a turtle diagram. http://www.qualitydigest.com/inside/quality-insider-article/auditors-turtle-diagrams-and-waste

Strict rules within TS prevent auditors from documenting OFIs without a lot of justification as to why they didn't write the OFI as a nonconformity. Promoting (even educating) may be considered crossing the line into consulting, which can get a auditor reprimanded or fired, even if it is for promoting what the auditor may think is a process approach. Consultants, whether ISO or TS, don't want auditors stealing their thunder or calling their baby ugly. I would love to have all auditors promote a process approach, but consultants, accreditation bodies, CBs and customers must be the promoters, not the auditors. Due to the dumbing down of audit staffs that is currently happening and with the uneven understanding of the process approach among current auditors, this would cause a lot of turmoil.

outoftown

 

[Marc]

:truce: <clipped for brevity>
The question is simple: "If an organization has not adopted the process approach, is it appropriate and proper for a third-party (registrar) auditor to formally identify "adopting the process approach" as an opportunity for improvement?" <clipped for brevity>

IMHO, I think the question leads to too many "if" factors. I believe the answer will be "it depends", based on whether the client is struggling or happy with their system, whether the client is one of the satellite facilities of a larger organization and is just following the approach corporate has implemented <snip>

Companies are already are made up of processes/systems, whether it's a one man/woman show or a large multi-national organization. Since that is the case, how do you define what they have to do to "...adopt a process approach..."?

The best one can say is one either approves of a company's processes/systems or that they think one or more of company's processes/systems need improvement. This being the case, if "...auditors promote the process approach..." is this not diving into consulting? Is the auditor there to audit the existing systems/processes to a standard, or is the auditor there to tell a company how to run their business? One may not like the way a specific company's systems/processes are structured, but is it an auditor's job to tell the company how the company's systems/processes "should be" structured even though the company meets the requirements of the standard being audited against?

I would like to see an example of a company which is not comprised of processes/systems.

 

[DrM2u]

I would like to see an example of a company which is not comprised of processes/systems.

Uh ... thinking ... thinking ... ... can't think of any ...

 

[Jim Wynne]

<snip>
Read the following article by Mike Micklewright which was published in Quality Digest 1/2007 issue. He delivers a scathing review of auditors that promote a process approach via use of a turtle diagram. http://www.qualitydigest.com/inside/quality-insider-article/auditors-turtle-diagrams-and-waste

I think what Micklewright is complaining about is not so much promoting the process approach, or even turtle diagrams themselves, but the idea that auditors are advising auditees to use turtle diagrams--the fact that those auditors have crossed the line into consulting.

Nonetheless, I think that the idea of turtle diagrams being the common method of attempts to explicate the interactions of processes (I've never seen one that actually does) and the fact that auditors like to see them is instructive. I think that CBs in general are guilty of having abdicated the responsibility to verify the control of process interactions by the simple expedient of saying (at least tacitly), that identifying process interactions is enough. In turtle diagrams all we see is arrows pointing in different directions at different representations of processes, and nothing about what happens in the intersections.

Consultants, whether ISO or TS, don't want auditors stealing their thunder or calling their baby ugly.

How true it is, and it's a very good point, I think.

 

[outoftown]

I don't think individual turtle diagrams were meant to show the interaction of processes, unless of course where there is a link when the output from one may become the input of another might occur. The true reason turtles exist (but is poorly explained in most training) is to address the requirements of section 4.1 (a), 4.1(c), 4.1 (d) and 4.1(e). If you draw a circle with the body to represent the turtle body and a head and tail to represent inputs and outputs respectively, draw one leg to cover 4.1 (c) criteria and methods... 4.1(d) states ensure the availability of resources and information for...(the processes), so split resources into equipment resources and people resources and put each as two more legs. Info can be part of the inputs to feed the turtle. Finally 4.1(e) covers monitor, measure and analyze (these processes), the last leg of the turtle. Consider that you are trying to determine whether your turtle can swim effectively. If the equipment resources is such that you don't have the right equipment for your process, it's not calibrated or outdated, your turtle's leg is broken and your turtle is not swimming very well. For the people resources leg, if the staffing is not there, skills not in place or training/competency issues exist, another leg is crippled and your turtle is swimming in circles. If you have poor methods, needed but not available documentation, or the criteria isn't clear; i.e. ambiguous or unclear requirements for the process, a third leg is broken and your turtle is swimming at a crawl. Now if the way you are monitoring your turtle's progress swimming is not actually reflecting the true effectiveness, the turtle may be dead in the water, yet you think it is swimming along fine. This is the true purpose of the turtle. Interactions are required per 4.1(b) and again per 4.2.2(c) to be documented in the quality manual. Many different methods to show this exist, including variations of the PDCA cycle as shown in Figure 1 of the standard, but a simple matrix of process vs process would work also.

Addressing Mark's comment about processes. I think the processes we are discussing are those that help generate revenue for the organization (Sales->Planning/Design->Production->Delivery). Throw in Management as the overall process and the support processes (Maintenance, HR, Quality, etc.)and you are done. If processes are split out too much you will find the same process owner listed again and again. This is a clue maybe these are really subprocesses. My opinion here...I don't like the AIAG sanctioned definition of Customer Oriented Processes (COPS); those processes which your customer is willing to pay for. Would Purchasing be one your customer is willing to pay for? Not sure here...I think my definition makes it easier to understand those key processes that matter. I had a client that had 300 processes because they thought every procedure covered an activity. Each activity to them was a process. Presto, 300 new cover pages for each procedure. Excuse me while I go to the bathroom now to process something.

 

[Marc]

<snip> Addressing Mark's comment about processes. I think the processes we are discussing are those that help generate revenue for the organization (Sales->Planning/Design->Production->Delivery). <snip>

What process(es) can you cite that do not, directly or indirectly, help generate revenue for the organization in one way or another?

<snip> Would Purchasing be one your customer is willing to pay for? Not sure here...I think my definition makes it easier to understand those key processes that matter. <snip>

If a process "...does not matter..." it should be eliminated.

<snip> I had a client that had 300 processes because they thought every procedure covered an activity. Each activity to them was a process. Presto, 300 new cover pages for each procedure. <snip>

I'm not sure what you mean by: "300 new cover pages for each procedure", but it sounds as if their documentation system was inefficient and could use improvement. Over documentation has long been a problem for companies implementing ISO 9001. Many companies have very poor documentation systems. I have helped many companies with their documentation systems over the years. From Accolades (an old page here):

--> Subject: Results?
--> Date: Thu, 24 Jun 1999 16:29:21 -0500
--> From: Anaren
--> To: Marc Smith
-->
--> Well, as you anticipated, we "passed" with relatively few problems.
--> We had only 7 isolated non-conformities across 5 elements. Details
--> are in the attached file. The auditor said that this was a very
--> good result when compared to other registration audits he has
--> performed. All I can say is I am glad it was successful and Marty
--> said that she was happy to finally win! Once again, thanks for the
--> help. You're advice was extremely important. Especially important,
--> at least in my opinion, was your help in determining where we did
--> not need to document every last thing (by using training, etc.). I
--> think that without this input, we would have spent a lot more time
--> writing things that we did not need and wasted a lot of peoples'
--> time. We were able to get the audit done in a year while we are
--> achieving record sales and profits. Who can argue with that?

Note: Marty was Anaren's document control clerk. Nice person who told me when I first met her on my second visit I would have "no luck" in getting the company to clean up and streamline their documentation and document control system. She had been pressing upper management on improving their documentation and document control system for a number of years. I made it happen during the implementation.

Some old Dilbert cartoons for grins:

Note the first cartoon - It cites "...following a consistent process...". Now, that's an OLD cartoon. As I have said many times, ISO 9001 has been about processes since the 1987 (first) version. It just wasn't *advertised* in that way. Audits, even back then, were all about a company's processes, not just compliance to the standard.

 

[ISO 9001 Guy]

Because I brought my CB into this discussion, it seems only fair to provide some insight into that situation. The CB’s president had a discussion with me about my position that it’s proper to identify “adopting the process approach” as an “opportunity for improvement” for organizations that have not adopted it. Although we still keep in contact, she has not offered me auditing work since that day. So, she decided to give me the soft touch, rather than debating the issue with me. (Can you blame her?) Anyway, now that the guidance comes out in support of my position, it does not excuse my unprofessional behavior. I applaud my CB for behaving appropriately.

 

[ISO 9001 Guy]

Although the poll has not quite closed, it looks like the 80/20 rule is in effect. Regardless of how it turns out, the discussion was worth it. Thanks to Marc for hosting this forum, and to all who have participated in this thread. And thanks for playing, everyone. Please consider the following closing remarks.

Bringing this issue to light is an effort to make it more visible so we can address it, put it to bed, and move forward. Confident that quality professionals can rise to this challenge, I hope to have at least raised awareness. We have bigger challenges ahead of us. Getting this one right could offer benefits well beyond quality products and services.

Anyway, if you find anything useful in this discussion thread, remember that this information was given to you free. (Thanks again Marc and everybody.) Wonderful as it is, this electronic medium may not be the best learning forum for everybody, however, simply because everyone learns differently. Please, if you understand something differently or better as the result of reading this thread and you encounter someone who doesn’t, explain it so s/he gets it, too.

Please indulge me in one more philosophical discussion regarding another potential application of ISO 9001 . . .

Consider the following description of the process approach: “The process approach is a way of managing processes toward continual improvement, a way in which management views and manages processes systemically to achieve a desired outcome.”

In the case of quality management, a desired outcome is, roughly, good product/service quality. But the principles being entertained in this thread are applicable to processes, systems, and objectives other than those related to products/services.

Someday, IMO, QA will be the pinnacle profession. Years down the road, perhaps, amidst these conditions of limited resources, it will become clear that we have nothing better to do on this planet than to improve our processes and systems—whatever they are. However, one glaring exception currently exists, as we have one thing better to do first: we need to focus on peace. Seriously. World peace.

How is this lofty goal of world peace relevant to this discussion of ISO 9001? Think about the discussion of processes and systems and objectives. Consider a world peace as an objective. For discussion, let’s call it the world peace objective (WPO).

Achieving the WPO is like implementing sensible quality management. Arguably, it is implementing quality of life management. Though the processes and systems at work here do not involve objectives related to the quality of a product or service, they involve the ultimate objective related to the quality of life in this world.

Could ISO 9001 help us achieve the WPO?



Honestly, friends, we can’t get to world peace without love. Although one might achieve some semblance of peace at a personal level in this world torn by a lack of love, such peace is hollow. For peace to be real, even at a personal level, it needs to be within the context of a broader peace. Otherwise, it is isolated and vulnerable.

As our current systems are not designed for world peace, they are not likely to result in world peace. Thus, to achieve world peace, we either need new systems, we need to use existing systems differently, or we need a combination of the two. As it is, we can’t get there from here. We need to fundamentally change our ways. (IMO.)

World peace is not going to happen by accident. We need to make it an objective if we are to attain it. We need to develop the processes and systems needed to achieve this objective, and we need to apply the proper resources. To achieve world peace, we need to put love into the systems we establish. Love is a resource requirement needed to achieve the objective of world peace.

We all understand love at the personal-interpersonal “activity” level, but we don’t appear to see its value at the “process” or “system” level. IMO, love is not just a warm fuzzy, it’s the natural law of peace. A system of peace without love is destined to fail.

Anyway, if we replace a few words in the previous process approach description, tailoring it for the WPO, we might arrive at: “Love is a way of managing processes toward peace, a way in which we view and manage processes systemically to achieve world peace.”

Consider re-reading the thread with this in mind, bearing also in mind that the analogy might not fit in every instance: substitute the idea of “love” for the idea of the “process approach” in this thread. “We” might be the auditors. Substitute the “element-by-element” idea with common extrinsic forces applied to control human behavior, e.g., complicated laws and monetary necessities.

Achievement of the WPO will occur when our systems of government and trade are based in love—a force intrinsic to each of us. Until then, the WPO will never be attained. (IMO.) We need to change our approach. Love is a way, in the same sense that the process approach is a way. Just something to think about.

Peace.

 

[Marc]

What criterial do you use to identify a company using the "process approach"?

<snip> my position that it’s proper to identify “adopting the process approach” as an “opportunity for improvement” for organizations that have not adopted it. <snip>

I'm still waiting for an example of a company which does not have processes, or one which does have processes (as *all* companies do) but does not have a "process approach".

Since you say you can identify a company which has "adopted the process approach" I assume you can explain exactly what criteria you use.