posted 08 July 1998 09:01 PM               

"Job descriptions are required. "
Well, responsibilities and authority must be clearly defined for all activities effecting quality. People use the job description as one means of assigning responsibility, and delegating authority. Its also a means of identifying training needs and resourses. By no means the only way of providing this information.....the confusion is a result of non creative-people deciding they need to see a job description in order to have evidence of the requirements. Consultants also add to this misconception by leading their clients down that road.

posted 08 July 1998 09:21 PM               

2. You have to appoint a quality manager.

posted 13 July 1998 10:16 PM               

Don - You are 100% correct and said it in a lot fewer words than I would have used.

As barb said:

--> ...the confusion is a result of non creative-people

--> deciding they need to see a job description in order to have evidence of the requirements.

Something I try to tell my clients is:

What is the intent and how do you comply! Please explain to me how you meet the intent. And this is evident through out. Look at the current MSA 'controversy'. For the last year MSA has become a registrar Hot Button. It's damn simple if you understand that MSA is simply a high level system that *someone* in a company has to understand. And, if you're a big company your design engineers and process engineers *should* also understand. It's a niche specialty which should be part of an engineering education - and it doesn't appear to be (my degree is in biology if that telly you any thing). I learned MSA in college in the context of chemistry, physics and biology. Measurement is very important in those focuses. So it makes sense to me. Understanding the dynamics and variables is important.

And - don't forget. Just like Debate in college - Folks - This is a War of Words.

The registrars are looking for someone to explain how a company meets the intent of every section and each element within each if only to say "We don't do that and this is why..." with a valid explaination - like the machinist in your example. Which requires thought and understanding. I tell my clients up front - I'm a consultant but I am like a piano teacher. I can teach you how to play it faster than you can learn yourself and I can help you avoid the common pitfalls. But when it comes time for the concert I can only give (thanks, Dad) Moral Support.

Pat - If you take a look at each of the items in the list there is a good thought with each. What I mean is challenge yourself with each number. Cay you think of a contradiction for each? You have to look at every word in the line item and think about it and contrast it to the words of the requirement. Can you describe the intent of the element or section?

Take this one:
--> ...14) Records of corrective actions have to be retained for a defined period...

Can you think of a place where the standard specifically requires this? Can you think of an instance where one might be kept longer than whatever your defined minimum is? Or do you have a minimum defined period?

Look at 4.16 and see what it says. Don't confuse with QS9000 requirements. The closest it comes is to say "Retention times of quality records shall be established and recorded." Is your CA report specifically defined within your system as a quality record?

The point of all this is there are times when you meet the intent but it might not be in the paradigm of the auditor in which case you have to 'educate' the auditor.

An example of this is 4.20 Statistical Techniques. It says you have to "...identify the need for..." - which is the key to the sentence. It doesn't say you have to use any. Period. I went through this with an auditor who had a very hard time with us explaining that we investigated where statistical techniques would help and found none.

Scenario: Small 14 soul company. No turnover of any employees in almost 10 years. Mix bulk chemicals for cleaning metal parts. Noting precise at all. Empry bags or barrels into hopper. Mix. Package in drums. Both powder and liquid product 4 mixers each for 8 total mixers. No customer complaints in years but then the guy who owned the companies visited every customer regularly. Only QA test was specific gravity (big deal). Tolerances wide. Limits established. long established, stable process. No desire to expand customer base. No desire to get into automotive business. It was like a happy little family

So - where would a statistical technique help? The guy doing the QA checks had been there for years. He didn't need a graph to tell him what the process is doing. Again, their product was so basic with such wide tolerances that we're FAR from rocket science. I will admit I did not find the place particularly aggressive. They're just nice people who are in some ways a throwback to the 60's. In a way I'm jealous, as a matter of fact. The old 'simplier time' thing. At work at 7, leave at 4. Every day. Rarely any overtime or anything. As I said - I was/am impressed. anyway, I digress...

The auditor finally bought it (no ST needed - intent met with proof 'opportunities' for ST were investigated and the need is re-evaluated yearly in their management review meeting). And the company is happily(?) registered...

posted 17 July 1998 12:01 AM               

Here we go!

Common Misconceptions Pertaining to ISO 9000:

1) The standard requires that you document what you do and do what you document.
The standard requires procedures in only certain sections. While most companies develop procedures for each of the twenty clauses, they are not required except in the clauses that state ãthe supplier shall establish and maintain documented procedures·ä The content and format of the procedures is entirely up to the company. The standard states in 4.2.2 that ãthe range and detail of the procedures that form part of the quality system depend on the complexity of the work, the methods used, and the skills and training needed by personnel involved in carrying out the activity.ä

2) You have to appoint a Quality Manager.
The standard states that you must appoint a management representative. This representative is responsible for ensuring the quality system is established and maintained and for reporting on the performance of the quality system. Ideally, this person should not be the quality manager, as that he is responsible for day-to-day quality of the companyâs product or service.

3) Job descriptions are required.
The standard states in 4.1.2.1 that ãThe responsibility, authority, and the interrelation of personnel who manage, perform, and verify work affecting quality shall be defined and documented.ä The means of documentation is entirely up the companyâs discretion backed up with objective evidence.

4) Everyone should be able to recite the quality policy.
The standard states in 4.1.1 that ãThe supplier shall ensure that this policy is understood, implemented and maintained at all levels of the organization.ä Most assessors will probably ask a couple of employees if they understand the companyâs quality policy, not that they recite it verbatim. Many assessors will not ask at all, just verify a policy exists.

5) All out of date documents have to be removed.
The standard states in 4.5.2(b) that ãinvalid and/or obsolete documents are promptly removed from all points of issue or use, or otherwise assured against unintended use.ä The key phrase is ãor otherwise assured against unintended use.ä State how this is done in the procedure required in 4.5.1. How this is done should be best suited to the companyâs operation.

6) All purchases have to be from approved suppliers.
The standard states in 4.6.2(b) that the company shall ãdefine the type and extent of control exercised by the supplier over subcontractors. This shall be dependent upon the type of product, the impact of subcontracted product on the quality of final product, and, where applicable, on the quality audit reports and/or quality records of the previously demonstrated capability and performance of subcontractors.ä The key phrase is ãThis shall be dependent upon the type of product, the impact of subcontracted product on the quality of final product.ä If commercial off the shelf (COTS) is adequate for your product and is defined as such, then that purchase can be made from any supplier you choose.

7) Purchase orders must be signed.
Purchase orders shall be reviewed and approved. Neither ISO 9000 nor ISO 8402 state that approval means signature.

8) Documents have to carry an approval signature.
See seven above.

9) There has to be only one index of documentation.
The standard states in 4.5.2 that ãA master list or equivalent document control procedure identifying the current revision status of documents shall be established and be readily available to preclude the use of invalid and/or obsolete documents.ä The key phrase is ãor equivalent.ä

10) Work instructions are required for all operations that affect quality.
The standard states in 4.9(a) that ãdocumented procedures defining the manner of production, installation, and servicing, where the absence of such procedures could adversely affect quality.ä The key phrase is ãwhere the absence of such procedures could adversely affect quality.ä If you can justify with objective evidence (read training) that work instructions are not required, that is fine.

11) All measurements have to be made with calibrated instruments.
The standard states in 4.11.2(b) that the company shall ãidentify all inspection, measuring, and test equipment that can affect product quality.ä If the company identifies a measurement that does not affect the quality of product, it can make those measurements in any manner it determines is acceptable.

12) All verification activities have to be performed by staff independent of those responsible for the activities being verified.
Some people confuse 4.10 with 4.17. Verification activities can be conducted by anyone the company chooses in accordance with 4.1.2.1.

13) The location of items in stock has to identified.
That standard states in 4.15.3 that ãThe supplier shall use designated storage areas or stock rooms to prevent damage or deterioration of product, pending use or delivery. Appropriate methods for authorizing receipt to and dispatch from such areas shall be stipulated.ä It does not state that the items in stock have to be identified. Section 4.8 states that ãthe supplier shall establish and maintain documented procedures for identifying the product by suitable means from receipt and during all stages of production, delivery, and installation.ä The key word here is ãsuitable.ä Compliance with 4.8 should be what is suitable for the company and defined in the procedures (if appropriate) for section 4.8.

14) Records of corrective actions have to be retained for a defined period.
Section 4.14.2 states that corrective actions have to be recorded. Section 4.16 states that ãRetention times of quality records shall be established and recorded.ä Section 4.16 does not define the time PERIOD the records must be maintained. For example, the procedure could state ãAfter a corrective action is implemented and the appropriate procedures or work instructions have been modified to implement the change, the corrective action is considered closed and no further activity is required. The changed procedures or work instructions shall constitute an evidence and record of the effectiveness of the corrective action.ä or something to that effect.

15) All auditors have to undergo formal training.
Section 4.17 requires internal audits, but it does not state that ãformalä training is required. Section 4.18 states ãThe supplier shall establish and maintain documented procedures for identifying training needs and provide for the training of all personnel performing activities affecting quality. Personnel performing specific assigned tasks shall be qualified on the basis of appropriate education, training and/or experience, as required.ä The key word is ãappropriateä and section 4.18 does not require formal training. Most assessors try to make this assertion using 4.1.2.2; and even this does not require formal training. Note 21 gives ISO 10011-1, -2 and -3 as guidance only. Companies are not required to be in compliance with notes.

16) All incoming supplies are subject to receipt inspection.
Section 4.10.2 states, in part, ãThe supplier shall ensure that incoming product is not used or processed until it has been inspected or otherwise verified as conforming to specified requirements.ä The key words here are ãotherwise verified.ä For example COTS products can be stipulated in the procedures as ship to stock.

17) Storage areas have to be locked at all times.
Section 4.15.3 stipulates that storage areas shall be controlled. The type and extent of this control is strictly up to the company and specified in procedures.

18) The quality record requirements apply to all records.
Section 4.16 applies only to those records where the section of the standard states ã(see 4.16).ä For example 4.1.3, 4.3.4, 4.4.6, etc.

Now my personal observations and diatribe.
The key to successful implementation of ISO 9000 can be summed up in one simple sentence:
DO NOT READ IN WHAT IS NOT THERE!
The standard states in 4.2.2 that ãthe range and detail of the procedures that form part of the quality system depend on the complexity of the work, the methods used, and the skills and training needed by personnel involved in carrying out the activity.ä The standard works for the company, not the other way around. This is very important for success.
Now for one of my biggest pet peeves.

The ISO 10011 series details guidelines for quality auditing. When someone tells me that ãmy auditor told me to doä this or ãmy auditor told me I had to haveä that or some other such rubbish, it makes my skin crawl. Section 4.1 of ISO 10011 states ãAudits are normally designed·to determine the conformity or nonconformity of the quality system elements with specified requirements.ä Section 4.2.1.4 states ãAuditors should be free from bias and influences which could affect objectivity.ä Section 5.3.2.2 states that ãNonconformities should be identified in terms of specific requirements of the standard requirements of the standard·ä

These combined state one thing, although not in these words: Auditors cannot tell what you must and must not do. They can only ãdetermine the conformity or nonconformity of the quality system elements with specified requirements.ä During training (assuming the Lead Assessor Courses have not deteriorated to the RABâs level) assessors have this single point driven home time and time again. Auditors cannot ãbe free from bias and influences which could affect objectivityä if they are defining what you must do to be in compliance. Assuming Auditor A tells you such and such and during a surveillance audit Auditor B tells such and such that is a contradiction to Aâs, this is a conflict of interest for the Registrar. Therefore, IMHO, any auditor that tells you that you must have or do so and so, you should take these steps:

1) Immediately stop the audit;
2) Contact the Lead Assessor, report the condition and request correction or a replacement Auditor;
3) If the Lead Assessor fails to take satisfactory action, contact the Registrar and request a new audit team;
4) Advise the Registrar that you will not be responsible for monies lost while they correct the condition;
5) If the Registrar fails to satisfy your needs, contact the Governing Body or Bodies responsible for the registrar and advise them of the situation. (Hopefully, not the RAB. They have the backbone of a jellyfish, or so I have read on the Web).
6) Continue the audit only when a competent Lead Assessor or Registrar has been contracted.

Of course, the above does not apply to QS auditors. IMHO, they are just a collection of minds or lack thereof that can interpret the standard any way they like and are not governed by anyone but the AIAG, for all the good that does.

posted 30 July 1998 09:15 AM               

Another one that bugs me is that "purchse orders do not necessarily need to be signed" come on get real. There has to be some objective evidence, wether its a stamp or electronic signature, it is still a signaturte of sorts, and maybe the easiest way to meet the requirement. I know there is some purchsing manager out there thinking "great now I dont need to look at all that stupid paperwork" in fact I could name a few.

posted 30 July 1998 08:51 PM               

You can't say that just because it is good practice, that it is something that works best for every company. Consultants (just some, not all) are trying to fit everyone into the same mold....just because it is easier for them, and Auditors (some, not all) are are playing consultant by trying to see/force the companies fit into that mold.....Is that because so many consultants play that double role and don't know how to change hats? Its a fine line, judging compliance and wanting it "my way" and more auditors need to step back a couple steps.

posted 30 July 1998 10:45 PM               

You hit it on the head with "The misconception is in wether or not it is a requirement, not if it is good business practice."

posted 31 July 1998 08:07 AM               

An example of what I mean can be seen on a recent audit, I performed: I was auditing purchasing, and the procedures said the PO's were reviewed before release, however there was no objective evidence. When I wrote a non-conformance the IRATE Purchasing Manager asked what is objective evidence "a signature?" I replied "yes". More in likely the purchasing manager went back to his people and said "The ISO guy told me I had to have signatures". Which then becomes listed as a misconception on a discussion board with 24 entries as "My auditor told me I had to have signatures on PO's"

posted 31 July 1998 08:19 AM               

In my first ISO audit the auditor wrote the company up because changes to the quality manual (in one instance) "...are not easy to see..." We had a database where all changes were item by item recorded. When I first got involved with the company in helping them in their effort, their quality manual sucked. We radically revised the manual and in the database we simply put the following statement, "The changes to the manual are extreme and thorough. To tell what each change was, please compare the two documents." We did this because it really seemed stupid to write up 1000+ plus changes in a database. I mean, hell - the whole manual changed. Rather than being smart and obsoleting the document and releasing an entirely new 'series', we did what we did. Note that *every* other document change was detailed in the database.

posted 31 July 1998 08:19 PM               

Same goes for contract review of verbal orders....' order entry records the information on the screen as provided by the customer, and requests any additional information as prompted. Then reads back to verify, resolves any descrepancies, then enters the order.

Key to the success of both is the content of the form on the screen.