Quality for value adding or certification?

[wileycomet]

I'm having a crisis of faith in the way the quality management system is certified and implemented in some instances.

The company I work for have 6 sites across the country and all are now certified to 9001. However, they often receive non-conformance in surveillance audits and from all accounts and purposes don't seem to action them.

Specifically, the company has never conducted internal audits. They always plan to, but they never happen. I'm currently in the process of rejuvenating the QMS, but because there is a lack of understanding on what the quality management system is and how it should be integrated into the business, it's seen as a separate entity and something that we do to comply with an audit, rather than as a tool to improve business.

I'm trying to get across to senior management that have 1 trained auditor in a national company (me) is not enough to fully conduct value adding audits of key business processes, and as I am responsible for building the QMS/EMS/SMS, it isn't practical to have me audit my own work. However senior management claim that they have always been compliant to the standard in the past without the need for an audit team or process auditing, so why start now.

I'd like to grab some expert opinions on whether this is a common issue, and whether ISO9001 certification really means anything if it can be granted and maintained when the business really has not integrated a quality management system into their business and does not utilize it for continuous improvement.

 

[AndyN]

If there's NEVER been an internal audit, what has your CB auditor been looking at?

 

[wileycomet]

Unsure - last CB audit I can find from 2013 had major non-conformance for internal audit and management review, however I also can't find any results from a follow up audit or any action plan to rectify the non-conformances. Nobody seems to know anything about any of it...

 

[Big Jim]

It is time to dust off your resume. You belong somewhere that you will be appreciated and not simply treated as window dressing. Seriously, if no one has got through to your upper management yet, why do you think you can change it?

 

[wileycomet]

I've not been with this company long and I'm not ready to admit defeat yet. I think I need to prove how a strong QMS can improve a business rather than be an administrative chore to tick a compliance box.

Hopefully I can get the CB on side for our upcoming surveillance audits and they can add a bit of clout to my arguments.

 

[Alpine]

I question how any CB can ignore major system non-conformances such as no internal audit regime and management review. If the external auditor is going to be the same, I would seriously consider requesting another. The other thing is to come up with a plan on how you intend to get things back on track. However no plan will be worth anything if there is no senior management commitment. Just for the record, certification does mean something and has much to offer organisations, especially large ones, which without systems, procedures and discipline are likely to become a free for all. Good luck

 

[somashekar]

~~~ Good Luck wileycomet ~~~
Small steps
Major's first
Is there a process in place ? Yes / No (Fix it)
Is the process not being followed ? Yes / No (Fix it)
Is the process followed not being effective ? Yes / No (Improve it)

 

[John Broomfield]

wileycomet,

How thoroughly are the processes monitored by the people doing the work and their supervisors?

Does this monitoring result in timely preventive action, correction (or slightly later corrective action) during the design, planning and operation of the processes?

After all, our management systems are meant to work well without internal audit. Missing internal audit may mean the processes are monitored well.

You could start by quickly determining if any other processes are completely missing (system audit) and then auditing the effectiveness of process monitoring.

Be careful not to disrupt whatever is making these management systems effective.

But you may also need to replace your registrar so your certification actually is valued both internally and externally.

John

 

[dsanabria]

I'm having a crisis of faith in the way the quality management system is certified and implemented in some instances.

The company I work for have 6 sites across the country and all are now certified to 9001. However, they often receive non-conformance in surveillance audits and from all accounts and purposes don't seem to action them.

Specifically, the company has never conducted internal audits. They always plan to, but they never happen. I'm currently in the process of rejuvenating the QMS, but because there is a lack of understanding on what the quality management system is and how it should be integrated into the business, it's seen as a separate entity and something that we do to comply with an audit, rather than as a tool to improve business.

I'm trying to get across to senior management that have 1 trained auditor in a national company (me) is not enough to fully conduct value adding audits of key business processes, and as I am responsible for building the QMS/EMS/SMS, it isn't practical to have me audit my own work. However senior management claim that they have always been compliant to the standard in the past without the need for an audit team or process auditing, so why start now.

I'd like to grab some expert opinions on whether this is a common issue, and whether ISO9001 certification really means anything if it can be granted and maintained when the business really has not integrated a quality management system into their business and does not utilize it for continuous improvement.

First - Purchase a copy (or borrow) of ISO 9001:2015 and begin to implement the process audit concepts, Quality Objectives (use Analysis of data as a beginning point)) and goals.

Note: it appears by your statement that management does not understand "Process Audit" - just do them (they will never know).

Second - Write as many non conformance that you could find - don't be shy.

Note: If management ignores it - then go to the next step.

Third - Develop a professional and discreet relationship with your third party auditor. If you can't then request for another auditor - preferably one with aerospace experiences.

Note: You will share with your third party auditor your biases and lack of management support. in fact, request from the auditor to spend valuable time in your internal audits - you will see results.

If that does not work - find another registrar.

Finally - if you are still finding resistance from management - dust off your RESUME and move on - you are not going to change the culture.

 

[AndyN]

Unsure - last CB audit I can find from 2013 had major non-conformance for internal audit and management review, however I also can't find any results from a follow up audit or any action plan to rectify the non-conformances. Nobody seems to know anything about any of it...

By rights, you should have been suspended and your certificate removed, so don't count on your CB being an ally here. Find another one! Get the past audit reports from your current CB and review what they've been reporting.

I'm with Jim in the bigger picture. Unless you're experienced in creating different cultures, then you're wasting time. Of course, if you inherited a mess from an incompetent predecessor, then you MIGHT have a chance. If you demonstrate where things are working well - as John B is really suggesting.

However, unless you have at least one advocate who "gets it", enlisting the help of a lowly CB auditor (who seems to have been ignored in the past) is a futile action, IMHO.