The Elsmar Cove Business Standards Discussion Forums More Free Files Forum Discussion Thread Post Attachments Listing Elsmar Cove Discussion Forums Main Page
Welcome to what was The Original Cayman Cove Forums!
This thread is carried over and continued in the Current Elsmar Cove Forums

Search the Elsmar Cove!

Wooden Line
This is a "Frozen" Legacy Forum.
Most links on this page do NOT work.
Discussions since 2001 are HERE

Owl Line
The New Elsmar Cove Forums   The New Elsmar Cove Forums
  Auditing
  Auditing ISO9001:2000

Post New Topic  Post A Reply
profile | register | preferences | faq | search

UBBFriend: Email This Page to Someone! next newest topic | next oldest topic
Author Topic:   Auditing ISO9001:2000
Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 22 November 2000 07:08 PM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
Just some thoughts:
*********************

From: ISO 9000 Standards Discussion
Date: Fri, 17 Nov 2000 15:52:30 -0600
Subject: Re: Auditing and the new standard /Oliveira/Hankwitz

From: "Hankwitz, John"

> In the new standard we will have, as a minimum, 6 procedures.
> How do we audit without a procedure? It will depend more on
> auditors habilities?
>
> Marcos Oliveira

Marcos,

Excellent question. I think we will see the answers to this question evolve over the next year or so. For now, we are looking at the basic changes in perspective presented in the new version of the standard, then tailoring our audits to look at the new perspective.

1. "Conformance" has shifted to "Performance"
2. ISO 9k2k is Based on a Modern "Business Model"
3. Focus on Efficiently and Effectively Providing Customer
Satisfaction instead of Preventing Nonconformity in Process
& Product.
4. Goals, Objectives and Resources are now driven by analysis
and fact.
5. Do It, Prove It, Improve It!

My vision of ISO 9k2k fits well into Deming's SIPOC Model. (Supplier-Input-Process-Output-Customer) The flow illustrated in the 9k2k standard is somewhat similar (using creative visualization) of how I envision the quality system to operate.

I see the "Process" as Product Realization (those process that provide added value to the ultimate customer - GEMBA?), then position Resource Management (those processes providing support to Product Realization) under, and feeding into Product Realization.

Feedback is provided from Product Realization, Resource Management, and the Customer into Measurement, Analysis and Improvement. Output from MAI feeds into Management Responsibility, stationed under, and feeding into Product Realization and Resource Management. Management then provides goals, objectives and resources to Product Realization and Resource management to enable effective and efficient provision of Customer Satisfaction. So, something like the following very crude flow would represent the Quality Management System:


|----------| |-------------| |----------|
| Supplier | Input | Product | Output | Customer |
|(Customer)|--------->| Realization |---------->| |
|----------| |-------------| |----------|
^ ^ . |
| | . |
| | . V
| |------------| . |-------------|
| | Resource | | Measurement |
| | Management |---->| Analysis |
| |------------| | Improvement |
| ^ |-------------|
| | |
| | |
|----------------| |
| Management | |
| Responsibility |<----------------
|----------------|

I see our auditors checking how effectively and efficiently all these processes are meeting their intended goals. Exactly how we will do that is still somewhat fuzzy. We have only two to three years to figure it all out.

John Hankwitz

[This message has been edited by Marc Smith (edited 22 November 2000).]

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 22 November 2000 07:19 PM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
From: ISO 9000 Standards Discussion
Date: Fri, 17 Nov 2000 15:57:56 -0600
Subject: Re: Auditing and the new standard /Oliveira/Green

From: Joseph & Susan Green

"Marcos Oliveira" stated and asked:
>
> I would like to propose a question:
> In the old version of ISO 9001/2, auditors compare procedures
> with records of actions. At that time, we had, as a minimum,
> 17 procedures.
>
> In the new standard we will have, as a minimum, 6 procedures.
> How do we audit without a procedure? It will depend more on
> auditors habilities?
>
> Marcos Oliveira

Joe Green's response:

1.
If an organization generates a product, the methods used to produce that product are to be defined by the organization. (call them processes, or whatever you like) ISO happens to use the term processes.
(To comply with 9K2K "realization processes" must be adequate to the task)

2.
Methods used to generate a product start somewhere advance in a sequence, interact with other methods and the logical result is finished product. (To comply with 9K2K "sequence and interactions must be identified")

3.
Methods used to generate a product must be capable, measurable, and analyzed to ensure product conformity and process effectiveness. (Hopefully those methods may be also subjected to scrutiny for improvement opportunities).

4.
An organization with no "visible" methods would be easy to identify.

5.
9K2K Standard Users are required to include "visible" (audit able) methods in their QMS.

6.
Auditor's are required to determine "visibility" and "effectiveness"
(Not Efficiency; though efficiency should be included sought by a sane organization.)

7.
The following minimum methods (processes) (procedures) must also be "visible". They are necessary to any organization who thoughtfully chooses to voluntarily comply with ISO 9001;2000 Document control
Records
Control of nonconforming product
Audits
Corrective/preventive action
Preventive action

I purposely numbered the above comments so that others may comment on the accuracy or lack of accuracy contained in each premise.

Joe Green

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 22 November 2000 07:26 PM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
From: ISO 9000 Standards Discussion
Date: Mon, 20 Nov 2000 13:14:08 -0600
Subject: Re: Q: Beyond Compliance /Arter/Scalies

From: "Charley Scalies"

> From: Dennis Arter
> Beyond Compliance
> As many of you know, I teach and perform "management" audits,
> which are more than the usual compliance audits. (See my
> article in the June 2000 issue of the ASQ magazine Quality
> Progress for more details.) These audits examine compliance
> to rules, just like ISO 9001 registration audits. They also
> evaluate the effectiveness and suitability of those rules.
> Resulting findings are written as cause (problem) and effect
> (business pain), with supporting examples (observations). This
> is significantly more than the typical nonconformity issued
> from the registration audit.
>
> My colleagues are asking me, "Dennis, please tell us of
> companies that are successfully performing management audits,
> so that we may benchmark their methods." Unfortunately, I do
> not have any really great examples. (Hmmm. Is this just
> theory? I sometimes wonder.)

My training curriculum of internal auditors fall somewhere in the middle. (How boring!)

Certainly we do compliance audits but, more importantly, determinations of suitability and effectiveness are what internal audits should be all about. After all, internal auditing is a management activity. The greatest procedures in the world are of questionable value if they don't lead to the desired result. A cow chip wrapped in gold foil is not a nugget. While I instruct auditors to point out the pain, I leave the root cause up to the process owner. Of course, in the overwhelming majority of cases I deal with, the root cause hits you square in the face. There is little investigating needed. But because "my auditors" do not carry the organizational legitimacy/power of management auditors I try to keep them out of trouble.

While I am on the subject, I'll share a little exercise that I start every audit workshop with (poor grammar but I think you understand). "You have 30 minutes in which to conduct an internal audit to verify - with objective evidence - whether or not the quality system is effective. Can you do it? How would you do it?" By the end of the course they can. I suspect most list members could also.

Charley Scalies
Quality Pragmatitioner (cute, huh?)

IP: Logged

John C
Forum Contributor

Posts: 134
From:Cork City, Ireland
Registered: Nov 98

posted 03 December 2000 01:27 PM     Click Here to See the Profile for John C   Click Here to Email John C     Edit/Delete Message   Reply w/Quote
John Hankwitz,
You listed the following items and claimed that they are basic changes in perspective between ISO 9001:94 and the 2000 version:
1. "Conformance" has shifted to "Performance"
2. ISO 9k2k is Based on a Modern "Business Model"
3. Focus on Efficiently and Effectively Providing Customer Satisfaction instead of Preventing Nonconformity in Process & Product.
4. Goals, Objectives and Resources are now driven by analysis and fact.
5. Do It, Prove It, Improve It!
I disagree entirely. In the scope of ISO 9001:94, customer satisfaction is identified as the primary aim of the standard and it is to be achieved through managementās implementation of the policy which is defined as being, Īrelevant to organisational goalsā and including Īobjectives for qualityā. The purpose of improved conformance is improved performance and this hasnāt changed in any way with the introduction of 2000. There has been a lot of talk about focus on the customer but all that has been added is that we must identify the customerās requirements and have an adequate means of communication with them. As was pointed out recently (by Marc I think) this is hardly the great innovation of the new millenium - some of us could figure that out for ourselves.
What is surprising about the 2000 version, is not itās change in perspective and updated approach, but itās lack of the same. The old system suffered from being seen as a quality technique rather than a management tool and in this, the new version has regressed rather than improved and we will suffer for it. As regards development of preventive measures - they are notable by their absence and the emphasis of the standard is still the old Īwait til it goes wrong and then collect dataā approach. Modern business recognises that things such as market niche selection, communication, logistics, planning, material control, etc, etc are as important, or more so, than ppm, but thereās nothing about the quality of these things, in fact, there is still nothing about the quality of administration, despite the fact that managers, planners and decision makers can do more harm in a half hour than the production people can do in a year. I think itās fair to say that the standard is still in the Ī60s and thereās no new perspective whatsoever.

Regards how to audit without a procedure;
The fact is that, for all practical purposes, you canāt. The standard requires that internal audit establishes whether the system conforms to planned arrangements. So letās take an example; You go to a process that doesnāt have a procedure and ask the first operator what heās doing.
ĪJust banging these screws in with this hammerā.
ĪIs that in accordance with planned arrangements?ā
ĪSure is. Look, I know what youāre thinking - most people use a screwdriver, but can you imagine how much time and money weāve saved since we started using the hammer? And weāve never had a complaint.ā
What are you going to do? Write him up against your own, personal, non-objective opinion? You canāt. In fact you canāt do any damn thing but trace back through the line of authority, trying to find someone that will tell you that it is wrong. If they all stick to the story, you havenāt a chance. If you find disagreement, then who is right? You have no way of finding out. You can initiate an investigation but, if the outcome still is to use the hammer, then youāre out of the game.

Auditing without a documented process against which to compare, is a contradiction of terms. Itās like clapping with one hand. Similarly, it is not possible to make objective decisions based on subjective material.
So forget it. You canāt do it. Donāt even try.
Personally, if I came across a process without a procedure, Iād write them up for it and, at the closing meeting, Iād refer them to 4.1 in ISO 9001:2000 where it tells them to document the quality system, and then Iād refer them to ISO 9000:2000, 2.7.1 where it defines documentation in terms of what it does, including; achieving conformity to customer requirements and improvement, provision of training, repeatability and traceability, objective evidence, evaluation of the effectiveness and continuing suitability of the quality management system. The implication is that, without documentation, youāre going to underachieve in these areas. To that, Iād add the impossibility of auditing and that thirty years in industry has taught me that, if it isnāt written down, it doesnāt exist.
rgds, John C


IP: Logged

Alberto Carrizo Kacheff
unregistered
posted 10 December 2000 12:01 AM           Edit/Delete Message   Reply w/Quote
Dear colleagues:
May I remind you that the so frequently referred to "process" (against the less frequently cited "procedure") is considered by the new standard as documented for of the set of activities. If that does not mean procedure, I don«t know what it actually means.
So far, this current year, I have performed seven full assessments based on ISO/DIS and ISO/FDIS. The two following situations arose: 1)The new comers into ISO Quality Sistems insisted that just a few documents are needed (the 6 procedures) 2) The already certified against the departing ISO were thinking of elliminating documented procedures.
Both groups changed their minds when I called their attention to the concept of "procedure" as well as "institute" (document, review, implement and mantain information on a set of activities for a given purpose).
No doubt that we, lead assessors (mostly engineers) should review new concepts and definitions with a lawyer«s point of view and a dictionary at hand reach.

IP: Logged

All times are Eastern Standard Time (USA)

next newest topic | next oldest topic

Administrative Options: Close Topic | Archive/Move | Delete Topic
Post New Topic  Post A Reply Hop to:

Contact Us | The Elsmar Cove Home Page

Your Input Into These Forums Is Appreciated! Thanks!


Main Site Search
Y'All Come Back Now, Ya Hear?
Powered by FreeBSD!Made With A Mac!Powered by Apache!