Some departments don't have Quality Objectives - Non Conformity?

[Paul Simpson]

Andy, for my edification, can you let me know the section in ISO 19011 mentioning that? I am a little confused with this concept because, as we know well, there are many processes that are not supported by documented command media. So, I would like to read exactly the guidance coming from ISO 19011 on that.

Thanks

I should leave it for Andy, but hey I'm awake and he probably isn't!

I don't know if it is in the current edition but in the DIS for the next edition there is a section under document review (6.4.1) that may support Andy's argument:

If adequate documentation cannot be provided within the time frame given in the audit plan, the audit team leader should inform the person responsible for managing the audit programme, and the auditee. Depending on the audit scope and objectives a decision should be made as to whether the audit should be continued or suspended until documentation concerns are resolved.

Hope this helps.

 

[AndyN]

Not all quality manuals are a regurgitation of the standard. Fact is there is a lot of discussion in the Cove about how the QM should not be a regurgitation of the standard. Quality Manuals should be understandable and usable by those actually using them. After all, not many people refer to manufacturing as “Product Realization”. I suppose the ISO-babble should be understood by some in a company, but it certainly does not need to be understood by all.

This being said, process owners and managers may change process definitions, requirements for documentation and/or records. When this happens they may be making changes that meet the requirements of their quality manual but may not be including enough of what is required by the standard. It is easy to imagine…someone is making changes to processes or procedures…they see a requirement for something they have always thought was a waste of time…they say to themselves, “Why do we need to do that?” and then proceed to eliminate something that was originally written in to a procedure to meet the standard even though it is not a delineated requirement of the company’s quality manual (this is almost a good reason for having a regurgitation-style quality manual, oh no! :mg.

Yes, I suppose the review of changes prior to approval and implementation of process changes ought to catch glitches such as the one I describe above. Regardless of the fact that auditing to the requirements of the standard is a requirement of ISO 9001, having another set of eyes look at your work is usually a good idea. The internal audit is a good way of doing that.

Wouldn't this situation be part of the agenda for Management Review? I seem to remember that there's a requirement to consider changes affecting the management system...I'd have thought that the review - if done by someone who knows the ISO requirements (like the MR) would have avoided the need for auditors to 'catch' the change later...(maybe too late!)

 

[Sidney Vianna]

Wouldn't this situation be part of the agenda for Management Review? I seem to remember that there's a requirement to consider changes affecting the management system...I'd have thought that the review - if done by someone who knows the ISO requirements (like the MR) would have avoided the need for auditors to 'catch' the change later...(maybe too late!)

In the REAL world, process changes happen way too often. Organizations are under heightened pressure to become leaner and more efficient all the time.

Management reviews are NOT the appropriate mechanism to ensure that such changes are not detracting from the conformance piece. While it would be very beneficial to have an ISO 9001-knowledgeable person involved with all proposed process changes in the organization, many times that is not done. The real world is full of different scenarios. Some of them even have an MR who is totally ignorant about the requirements of the ISO 9001 standard. In some organizations that I know of, the internal auditors are the most knowledgeable people in the aspects of ISO 9001.

 

[Ka Pilo]

In some organizations that I know of, the internal auditors are the most knowledgeable people in the aspects of ISO 9001.

Not the MR? :mg:

 

[AndyN]

In the REAL world, process changes happen way too often. Organizations are under heightened pressure to become leaner and more efficient all the time.

Management reviews are NOT the appropriate mechanism to ensure that such changes are not detracting from the conformance piece. While it would be very beneficial to have an ISO 9001-knowledgeable person involved with all proposed process changes in the organization, many times that is not done. The real world is full of different scenarios. Some of them even have an MR who is totally ignorant about the requirements of the ISO 9i001 standard. In some organizations that I know of, the internal auditors are the most knowledgeable people in the aspects of ISO 9001.

So, Sidney, why's it in there, if it isn't to review changes? What is practiced and what should be, we know, are two different things, but the promotion of poor implementation isn't good - just like the MR not knowing about the standard...

BTW, I'm not advocating that the review go through the turgid process, but that someone needs to ensure changes are reviewed for impacts!

 

[Sidney Vianna]

So, Sidney, why's it in there, if it isn't to review changes? What is practiced and what should be, we know, are two different things, but the promotion of poor implementation isn't good - just like the MR not knowing about the standard...

BTW, I'm not advocating that the review go through the turgid process, but that someone needs to ensure changes are reviewed for impacts!

The purpose of the management review is to review the system, not individual processes, sub processes, etc...ISO 9001 has requirements for reviews at many levels: document, design, PO's, etc....
To use the management review mechanism to ensure that frequent process changes are not compromising the continual conformity of the processes would be a gross misapplication of the standard, in my opinion.

 

[Hodgepodge]

Wouldn't this situation be part of the agenda for Management Review? I seem to remember that there's a requirement to consider changes affecting the management system...I'd have thought that the review - if done by someone who knows the ISO requirements (like the MR) would have avoided the need for auditors to 'catch' the change later...(maybe too late!)

Too late. Yes, late, but that is going to happen. Perfect planning is what we are striving for. We even achieve it sometimes, but certainly not always. Someone needs to be checking it, though. Management review isn't going to review the nitty-gritty, day-to-day changes that are made. Management review isn't going to review work instruction changes, especially in larger companies.

That type of review isn't going to happen even in smaller companies. Let's take machining process changes for instance. Management review wouldn't review those. Management review may review the training needs for those that are authorized to make those changes based on some sort of KPI perhaps. "Wow, look at all this re-work we've had since the new machine was purchased. Let's get to the bottom of this. Why hasn't the manager in that cell solved this yet?" Then elevation occurs.

The internal quality audit won't necessarily go deep into this type of investigation either, unless they are auditing a failing corrective action. However, they ought to be reviewing changes made to work instructions and the like. This is where there is added benefit. IQA should be looking at what changes are made and conformance to the standard. Although it isn't a delineated requirement, IQA should also be taking a look at customer specific requirements as well. All customer-specific requirements aren't likely to be found in the company's quality manual either. (Now I'm really getting off topic.)

Sometimes the, "What if this happened?" type questions and arguments go too far. But if these types of questions are what could be normally expected, then I think they are reasonable. These types of things can be planned for and double checked, or "Monitored and Measured". Those that wrote the standard have already thought of this too.

 

[AndyN]

Hodge:
Agreed! Your posts are pretty much what I was thinking - the Management Review certainly wouldn't get into the depth of details, but - from a business process change p.o.v - it should. Certainly, I also agree here, that the changes at the lower(est) level of documentation would also be part of an audit scope - that way compliance with the standard is easier to determine.

My fear is that auditors go around 'armed' with a copy of ISO or a checklist based on the standard, asking questions which miss the point. It's far more effective to determine compliance to the standard in the way you've described than the method, above...

 

[Big Jim]

The purpose of the management review is to review the system, not individual processes, sub processes, etc...ISO 9001 has requirements for reviews at many levels: document, design, PO's, etc....
To use the management review mechanism to ensure that frequent process changes are not compromising the continual conformity of the processes would be a gross misapplication of the standard, in my opinion.

Sydney,

I can only agree if you add "In my opinion, the purpose of management review . . . "

In my opinion, that is also the best way to approach management review. Unfortunately, there is not shall to hang on that to call it a requirement. Some companies spend an inordinate amount of time going over the minutia of the quality management system, rather than reviewing it. The standard doesn't keep them from doing so.