Thursday, 8 September 2016

ISO 9001:2015 | In Plain English

As a layman would understand it, here is another attempt to know the importance of ISO 9001:2015 standard in the day to day working of an organization.

As we know, an  organization comes into being to achieve certain purposes - purposes of its own & the purposes of people/entities that get associated with it.

Additionally, an organization is nothing but a "portfolio of activities".

Hence, an organization has to manage the portfolio of activities to fulfill these purposes in order to maintain its existence.

---------------------------------------------------------------------------------------------------------

When one studies the standard, we frequently come across the words like "identify", "determine", "establish" etc.

These words connote the meaning "to know". This means that an organization has to be conscious/awake to the fact as to what it is doing & how it is doing it.

The word "control" is also frequently mentioned in the standard. Its because you have got to have the control on any particular thing in order that you can take it in the desired direction or to the desired destination.

However, many of the companies continue to work in a haphazard manner  - not knowing where they want to go & how they want to go there. Indulging in patch works. Instead of consistently marching forward towards its purpose, the organization keeps going left & right.

Can you control an unbridled horse or a rudderless boat? Or can you manage a stampede?

ISO 9001:2015 requires you to lay down the track (the system) & make your train (the company) run on it. And it continues to do so thorough need based or periodic course corrections.

Now, what is this track or the system & how one establishes it?

The track here consists of the activities that an organization does, specifically the signification ones. Interesting thing about these activities is that they do not happen on their own. These activities happen only when men & machines act.

Hence, you have got to rein in or harness these men & machines so that each of these prove to be a step forward in the direction of your destination/goal. 

The top management at the firm, the boss, is the driver of this train & he/she has the responsibility to drive the train to its destination. And this is what ISO 9001:2015 recommends to achieve this through PDCA cycle- Plan, Do, Check & Act -

Plan: Plan the activities that you want to do. What is to be done(action), how it is to be done(concept), when it is to be done (time/sequence), by whom it is to be done (man/machine), how & when the activity/man & machine will be monitored, etc.

Do: Execute the plan by putting it into action. Get you men, material & machine rolling.

Check: Verify if your men, material & machines are operating as per the plan or not. Validate if your plan is effective, whether it is achieving the intended result or not. Do periodic reviews to know whether you are on right track or not.

Act: The feedback obtained through the "check" mechanism, be acted upon by incorporating it into your system. These are course correction activities.

Yes, though PDCA cycle, you go round & round to move forward.

Documentation Requirements:

The standard requires you to document/write down what an organization does.

This way, you make the applied concepts & actions VISIBLE which further helps in better understanding, control & management.

Monday, 7 March 2016

ISO 9001 -Quality Management System

What is at the core?

ISO 9001 - quality management system is fundamentally based on PDCA.

The aim of this methodology is to bring consistency in the management system.

"To ensure that the best mechanism that has been identified, is done repeatedly at all times by all concerned."

PDCA stands for - 

P  =  Plan
D = Do
C = Check
A = Act

Plan: 

As is obvious, to achieve the desired results, an organization is required to plan its activities. 

Planning involves identifying & aligning activities/resources in a manner that the desired result is achieved.

Yes, to plan is to get it on paper before it is to be put into practice.

This addresses the key questions like - What is to be done? Why it is to be done? How it is to be done? When it is to be done? By whom it is to be done? Where it is to be done?

To get a feel of how important planning is, think of the contrary words like haphazardly, arbitrarily, randomly, etc.

Do:

Once you have done the planning, next is the implementation/execution of that plan. Put to use the processes you have identified, the resources (man-material-machine) you have aligned.

Check:

Review what you planned & what you did. Address the gaps if you find any. May be the plan can be improved upon; may be the plan was okay but there was derailment in implementation, take note of the insights that your planning & doing must have brought up.

Act:

Now, you are required to incorporate the results back into your planning, that you must have got while checking/reviewing process.

Then act again on the revised plan & follow it up with check & act processes.





Thursday, 24 December 2015


ISO 9001:2015 || The New Version of QMS





The new version of ISO 9001 was released on 14 September 2015.

It has a transition period of 3 years.

ISO 9001 received its newer version after 7 years as the previous version was released in 2008 [ISO 9001:2008].

The current version, ISO 9001:2015, is expected to have a life till 2030.

Unlike ISO 9001:2008, ISO 9001:2015 is less perspective in nature.

----------------------------------------------------------------------------------

What makes this new version different from the old version?

On the bedrock of PDCA & Process Approach, three major changes have been introduced. 

These are the change in the structure (flow) of the standard & the introduction of two new concepts - context of the organization & risk-based thinking.

The structure has been changed to make ISO 9001:2015 coherent with all other ISO standards. Its an attempt to standardize all ISO standards. This way, all ISO standards will have the same number of clauses, 1 to 10. Or we can say that the standards will have the same hierarchy.This will make it easier for client organizations to integrate multiple management standards.

The context of the organization pertains to the unique environment in which an organizations/business operates. 

This environment consists of such factors as competition, social, political, geographical, management, legal, technological, etc. These factors may have both positive as well as negative effects on a business. 

By adopting this funneled approach,  an organization will be able to identify the boundaries of its QMS & thus, it will be able to plan better for its precious & cherished QMS.

So, when a business is establishing its quality management system, it is required to understand its context & take measures to manage this environment, as far as possible, so as to consistently deliver quality products & services. 

The organization must have measures in place that will allow it to exploit the opportunities, as & when they are thrown up by the environment. Simultaneously, there must be measures in place to offset any negative impact as may be thrown up by the environment from time to time. 

Of course, this environment will be required to be reviewed periodically in the light of the measures taken  for relevance & effectiveness.

Next is risk-based thinking. A business is required to manage the risk in its operations. The requirement of preventive action of the older version, has now been replaced by risk-based thinking requirement in the new version.

Hmmm....now you need to have a "questioning mind". Maybe a skeptical mind.....

For an organization, the risk may be associated with the environment in which it is operating or its operations or its resources or its targeted market segment or its stakeholders or its manpower or the machinery & equipment used by it, etc.

Hence, the organization is required to identify all such risks, evaluate them & take measures to mitigate them.

All in all, the new version of ISO 9001 makes QMS more comprehensive in nature by making you consider a broader array of aspects that may have positive as well as negative impact on your quality management system.


Friday, 9 October 2015



DOCUMENT CONTROL IN  ISO 9001 | ISO 14001 | ISO 22000 | OHSAS 18001 & OTHER STANDARDS

Document Control is yet another very important requirement of ISO 9001, ISO 14001, ISO 22000, OHSAS 18001 & other ISO certification standards.

Its like a soul for any management standard.

To have the documentations [the paper work, as some of us fondly like to call it] in an entity/company, small, medium or large, is very important.

This is so because it makes principles, policies, intentions, ideologies & all other things that we contemplate in our heads, visible to one & all. And when things are visible, it is easier & effective to understand, control & analyze them. It eliminates confusions, ambiguity, duplicacy, etc. They set the "reference frame" against which all activities are to be evaluated.

Further, this way, we do not loose the sight of the goal posts, the lighthouses that are supposed to guide us, keep us on track.

In brief, anything & everything, that we intend to do, is more effective when we write it down.

So much for the importance of documentation !!!

In the context of ISO 9001 | ISO 14001 | ISO 22000 | OHSAS 18001, the following types of documents are required by any organization. Either all or some of these are definitely applicable. 

> Quality Manual = Describes the quality management system in accordance with the stated policies & objectives [the intentions & the landmarks that one wants to achieve]. This answers the question 'What you want to do".

> Quality Management System Procedures = Describes the interrelated activities & processes required to implement the management system. This answer the questions "How you will do it".

> Work instructions & other documents for quality management system = These are the subsets of what point 2 intends to achieve. It says how a specific activity needs to be specifically done. An activity done appropriately will ensure that the entire process is completed appropriately. Yes, a process is nothing but a set of interrelated activities performed in a specified / pre-deteremined sequence.

The primary aim of an organization is to achieve efficiency & effectiveness. In line with these objectives, all activities are designed & delivered.

Document control means that that there will be a written mechanism to control the documents. Control in terms of which authority, a person or committee, will prepare/make/revise the documents. Which authority will approve these. The history & tractability of documents. Legibility. Up-to-date documents in usage & obsolete ones in their rightful place.




Friday, 7 August 2015

Purpose of Internal Audit in ISO 9001 & other Standards


ISO 9001& other standards require the organizations to carry out the internal audits. 

You may call it self-assessment, self review or introspection.

For this, the client organizations are first required to make a plan. The plan gives details on when the audit will be conducted, which departments/processes will be covered & who will be the auditor(s) for the audit.

The organizations are free to set the frequency of the internal audit. It can be any number of times in a year. However, the standard requires that atleast one internal audit is conducted in a year.

Now, we come to the most pertinent question of "Why the Internal Audit"?


The outcomes of the internal audits inform the top management/the boss/the manager whether the well though out system they had implemented is working fine or are their any issues.

With these outcomes, one gets to know about the effectiveness of a process/strategies, allocation of resources & training needs of the staff.

To sum it up, its an opportunity for the top management/the boss/the manager to get to the ground & do the reality check. 


Friday, 26 June 2015


ISO 9001 is one of the most popular standards among all ISO certification standards. This is the standard to which the maximum of number of organizations have been certified the world over. 

The reason for its popularity & acceptability is hidden in its name only, "Quality". All organizations, irrespective of their size, whether a manufacturer or service provider, aim to provide quality products/services to their end customers. Therefore, due to its huge scope, this standard is far way ahead of other ISO standards.

In order to achieve ISO 9001 certification, an organization needs to effectively implement the requirements of this standard. Once the organization is fully convinced that it has an effective management system in place, it can apply for ISO 9001 certification with an accredited registrar/certification body. The certification body, after the succesful audit, will grant the ISO 9001 certifiucation, which is valid for 3 years.

The 5 major requirements of ISO 9001 standard can be summarized as given below -  

4. Overall Requirements for the System


4.1   Set up your quality management system: develop, use and improve it.
4.2   Document your system to say how it should work.
   4.2.1 Write documents including a quality policy, objectives, manual, procedures and records; decide what procedures you need for your system; must include those listed below
   4.2.2 Have a quality manual
   4.2.3 Control your documents to make sure they are accurate and suitable, including a procedure
   4.2.4 Manage your records (which show your system works as you say it does) suitably, including a procedure.

5 Requirements for Management

5.1 Demonstrate your commitment to the quality management system by
      - communicating to personnel how important quality is
      - setting a quality policy and objectives for your system.
      - providing adequate resources (people, plant, equipment, IT etc.).
      - ensuring there is adequate planning
      - reviewing how the system performs.   
5.2 Focus on customers
       Identify their requirements and aim to enhance their satisfaction.
5.3 Write a quality policy. Use it.
      Commit to meeting requirements of the quality system and ISO 9001, including continual improvement.
      Make sure you communicate this policy and that it's understood.
5.4 Plan for quality
  5.4.1 Set objectives (aims/goals) that you can measure.
  5.4.2 Have suitable plans to achieve these objectives
5.5    Define and communicate 'who does what'
  5.5.1 Identify who has what responsibility and authority
  5.5.2 Give a senior manager responsibility for the quality system overall
  5.5.3 Have effective methods of internal communication.
5.6   Review your quality management system (management review) at regular intervals
 5.6.1 Review the system and performance.
 5.6.2 Include consideration of: customer feedback, performance, nonconformity, audits, actions raised, changes and any need to improve
 5.6.3 Keep records of outcomes from your reviews; include decisions and actions.


6 Resource Requirements

6.1 Decide what resources are need for the system, and to enhance customer satisfaction. Provide them.
6.2 Make sure people are competent:
 6.2.1 Include this for anyone whose work affects whether your services/products meet requirements
 6.2.2 Decide what competencies are needed; provide and maintain them
6.3 Infrastructure: Decide what you need (to meet requirements). Provide it and maintain it.
6.4 Work environment: provide what you need so that your services/products meet requirements.


7 Requirements for Products or Services


7.1 Plan
Plan and develop the processes needed for your products/services.
7.2 Have effective 'customer-related' processes:
7.2.1 Know what requirements apply to your products/services
7.2.2 Make sure you can meet them (or don't take the order)
7.2.3 Have effective ways to communicate with your customers.

7.3 Have effective processes for designing & developing products/services
7.3.1 Plan design/development.
7.3.2 Define what inputs are needed to design/create/develop
7.3.3 Do the 'design' /plan in some form that enables you to verify the output (see 7.3.5?)
7.3.4 Review the design/plan at suitable stages
7.3.5 Make sure the result meets the agreed & defined requirements (verification)
7.3.6 Validate design (where practicable).
7.3.7 If changes happen during design, manage them.
7.4 Control what you buy, outsource or subcontract (goods, materials or services) if it affects your services or products
7.4.1 Make sure what you buy meets the requirements you specified; assess and monitor your suppliers/supply chain.
7.4.2 Describe what you plan to purchase.
7.4.3 Make sure it meets requirements.
7.5 Manage your operations
7.5.1 Have effective ways to control what you do (providing products/ services)
7.5.2 Validate production/service provision (if required).
7.5.3 Identify and track services/products (when appropriate)
7.5.4 Take care of any property supplied by your customers, including IP and confidential information
7.5.5 Care for products/components during storage/delivery, etc.to make sure they stay in good condition
7.6 Control measuring and monitoring equipment
When measuring, make sure your results are valid.  Identify what equipment and processes you need for this. Choose suitable equipment or instruments.  Make sure the results are and stay accurate.


8 Requirements for Analysis and Improvement

8.1 Have processes suitable to ensure your services/products meet all relevant requirements (customer, yours, contractual, legal, etc.). Include improvement.
8.2 Monitor and measure processes and services/products (as necessary) to check you got the results you wanted:
8.2.1 Monitor customer perception of satisfaction.
8.2.2 Plan and implement a suitable program of internal system audits, including a procedure
8.2.3 Have suitable methods to monitor / measure your processes.
8.2.4 Monitor and measure products/services at suitable stages.  Release the final only when all requirements are met.
8.3 Control nonconformity (services/products not meeting requirements) in suitable ways, including a written procedure.
8.4 Collect and analyses information
Decide what information is needed to tell you how your system is working and for improvement.
Collect, analyses and use it.

 

8.5 Continually improve.

8.5.1 Improve your system.
8.5.2 Have a systematic approach to fix nonconformity and stop it recurring, including a procedure.
8.5.3 Have a systematic approach to prevent potential nonconformity or failures happening, including a procedure.
 
 

Friday, 19 June 2015


The Principles of ISO 9001:2008 
 Quality Management System

All activities, however small or big, first take shape in our minds & then in the real world. Similarly, before one goes all out with the implementation of ISO 9001:2008, one must be very clear about the principles on which this standard is based.

Principle No 01 : : Customer Focus

The fact that a business exists means it has its customers. No customers - No business.Its not very difficult for any one of us to recall the vanishing of pagers & walkmans from the market.

Therefore, any organization that wants to be in business, it must be customer focused. It needs to understand & consistently deliver what the customers requirements are now & what they will be in future. 

Principle No 02 : : Leadership

Since an organization is also a team, it requires leadership. Leadership is needed to establish the unity of purpose. It is needed so that everyone moves in the intended direction. Its needed to achieve cohesion & consistency.

Leadership ensures the commitment of team members, it needs to be prompt in providing resources needed to achieve the intended objectives.


Principle No 03 : : Involvement of People

Yes, involvement of people. Only an involved employee can deliver more, he is the only one who can come up with solutions to problems that an organization faces from time to time. Involvement of people allows the creative juices to become active in their brains.

Principle No 04 : : Process Approach

A process is nothing but a collection of activities, which are generally interrelated. A chain of activities is a process.
So, one should adopt the best practices of doing an activity & this will result into effective & efficient processes.

Process No 05 : : System Approach to Management

A number of processes put together constitute a system. In any organization, a number of processes exist & these are usually interrelated.
So, one should have a holistic approach when dealing with the activities of an organization. Avoid looking at processes in isolation.

Principle No 06 : : Continual Improvement

Yes, this principle talks of making consistent progress towards betterment of processes.
 No organization should be complacent or laid back in its approach. There must be a deliberate & consistent effort to improve the overall system of the organization. A very important key to beat the competition.

This approach helps in reduced costs & better products/services.

Principle No 07 : : Factual Approach to Decision Making

The decisions in an organization must be based on raw facts. And facts are generated from records. One should be purely unsentimental when making decisions. Data & only data should be the your basis for decision making.

Principle No 08 : : Mutually Beneficial Supplier Relationship 

Just as customers, the suppliers are also equally important to the existence of an organization. One should treat the suppliers as business partners.