Authors Posts by admin



0 1540

The Process of Managing Outsourced Suppliers in accordance with ISO 14001:2105  

Following the release of the ISO 14001:2015 standard, organizations had to incorporate multiple changes and activities into their EMS (Environmental Management System) and enable to meet the terms of the ISO 14001:2015 standard. One of the changes that might not seem so obvious is the process by which one’s organization manages outsourced services and suppliers, ensuring that they are aligned with the standard’s terms. By mentioning “outsourced suppliers,” the standard denotes third parties who are contracted to perform critical parts of one’s process and service normally, but not always outside one’s own facility. What does one need to understand and what actions does one need to take in order to ensure that one’s EMS remains compliant? 

Important Changes in ISO 14001:2015 

The ISO 14001:2015 standard states that the organization shall “determine its environmental requirement(s) for the operational planning and control regarding products and services as appropriate.” While this statement does not seem drastically different compared to the 14001:2004 standard, Annex A provides more information. One is told how an organization should decide on the amount of control needed over its external suppliers based on factors such as the ability to meet compliance, technical aptitude, the significance and the consequences of the product or service for the organization, and the average capability of the organization’s purchasing process of delivery.  

Additionally, Annex A explains that the amount of control exerted by the organization over the delivery of a service or product is variable. However, one thing is certain: one’s organization must assume all final responsibilities for the environmental performances of any outsourced suppliers in the delivery of one’s product or service.  

How would one achieve this? 

Laying down the foundations 

Regarding the ISO 14001:2015 standard, there are several criteria that should be checked: 

  • How likely are one’s suppliers to deliver one’s key environmental performance indicators? 
  • If one’s supplier is not ISO 14001:2015 certified, do they have an environmental policy? If not, do they follow the terms of one’s organization’s environmental policy? 
  • Does one’s supplier have an internal audit policy and results readily available? 
  • Does one’s supplier completely comprehend legislation that pertains to one’s product and its delivery? 
  • Does one’s supplier have evidence of factoring in risks and identifying environmental aspects to mitigate environmental impacts? 

Now, how can an organization guarantee that its supplier has the capability to manage environmental performance in accordance with the ISO 14001:2015 guidelines? Consider: 

  • Insisting on routinely creating key performance indicators for the outsourced supplier. 
  • Ensuring one’s supplier places great emphasis on environmental criteria whenever they make purchases. 
  • Seeing evidence of actions such as assessing risks and identifying environmental impacts that will produce improvement.  
  • Asking for a record of the supplier’s legislation and proof that they comply with environmental laws that pertain to their work 
  • Seeking proof that any environmental accidents or hazards as a result of the supplier will be documented and reported to the organization according to an emergency preparedness procedure and confirm the existence of a procedure whenever authorities, containment, and corrections are involved. It is advised that the supplier is guided as to how this process should operate, given that the organization itself is responsible any outcomes. 
  • Ensuring that one’s organization agrees to a program for the supplier’s regular inspections, where the environmental performance of the supplier is judged. If necessary, the supplier may take action. 

An Organization’s Key Responsibilities 

When managing one’s outsourced suppliers, it is important to remember that one’s organization has the ultimate responsibility for environmental performance and all internal and external environmental impacts caused by the manufacturing of one’s product or service. As a result of the more descriptive Annex A, the more control one’s organization asserts over its supplier, the better one’s general environmental performance. Taking the steps mentioned above will help one ensure that the suppliers’ environmental performance is managed effectively and the terms of ISO 14001:2015 are consistently surpassed. 


0 3562

ISO 9001:2015 has brought a variety of new concepts to the field of standards and certification. One of these being the process of aligning the Quality Management System with the organization’s own strategic direction – and, understanding this relationship to maximize a company’s efficiency and potential.

Understanding the company’s context while ensuring quality in policies and objectives stated by the board is paramount. However, the difficulty lies in both factors being in line with the body’s general strategic direction.

Knowing your Strategic Direction

Knowing the strategic direction for an organization may seem like simple task to undertake, but there is more to it than meets the eye.

Strategic direction refers to the path of actions you are utilizing to achieve the goals you and your company has set out to do in the basics of organizational strategy.

The creation of achievements and goals are a common step that a company takes during the building process. Consider a companies Mission and Vision Statement, something that I am sure you have noticed written on the organization’s walls for all to see. These statements articulate their companies agenda on where they see the company headed, as well as dictate a plan to make sure they heading in the right direction. This will guide the company’s course of action through the years of growth and progress.

Utilizing Quality Objectives towards the Strategic Direction

Quality objectives are the target statements that will be looked upon when considering growth and progress in an organization. These objectives provide bullet points for consistent and continued improvement all around the organization, and each objective has a specific layout or plan to ensure that the motives are in line with the scope of the vision of the company.

Consider an organization’s formulated mission statement involves the improvement in quality of their product while still maintaining a competitive edge on quantity and creation – the quality objective would involve a specific targeted percentage of growth in an predetermined time frame. This would give an outline and guide on the mission’s landmark sand benchmarks for success.

Quality objective must be realistic – enough to foresee some roadblocks and adjust accordingly. Ensure to use a grounded approach to goals. This is especially important when trying to meet the standards set in the time estimated.

The Harms with a Lack of Strategic Direction

In earlier stages of progress, a company may; due to many extenuating circumstances; delay the creation of the mission and vision statements. This is inadvisable, as it often leads to a vague strategic direction for the entire process.

If you are applying ISO 9001:2015 or undertaking the transitional process from using an ISO 9001:2008 to 2015, an overall mission and vision is paramount to a company’s initial growth. These goals create a critical role and aspect in the successful implementation of the requirements provided by the QMS.

A lack of an overall vision could lead to: decreased focus in specific standards; an inferior demonstration of the company’s quality policies, objectives, and management review.

The best way of getting a head start in this process is the creation of a unified and specific vision, ensuring that all the elements involved have a general direction and focus. This ultimately leads to an easier time creating and maintaining standards set by the QMS.

These factors will create a steady form of development and improvement for the company, and may even provide ways to improve relations with customers, build rapport, all while growing your business.


Learn more about ISO 9001:2015 & Organizational Knowledge

2 6157

All management systems require organizations to conduct internal audits in order to obtain information that will evidence the degree to which requirements are being met. In other words, internal audits check practice against policies, processes and procedures and thoroughly document any differences.

Although internal audits are an important tool for organizations to evaluate their management systems and to uncover areas that are in need of attention, for many, this process induces an enormous amount of stress. For audits to serve as a means to identify gaps and effective solutions, it is essential that these are formal, planned and organized. Other key characteristics internal audits should have are:

They are scheduled
Surprise audits are not welcomed by anyone. A schedule should be set and communicated to everyone, preferably at the beginning of the year. There’s no need to audit all processes at once; different processes can be audited at different times throughout the year, organizations just need to make sure that at the end of the year all processes have been audited.

Auditors are competent
Auditors need to demonstrate in-depth knowledge of the standard which they are auditing against and they should have an understanding of the processes being audited. They should be objective and impartial; this means that they can’t audit a process which they manage or control. Large organizations usually have a team of trained auditors, but that is not necessary; an alternative is to hire the services of an external consultant to perform the internal audits.

They are planned
The audit needs to be confirmed with the process owner. At this stage the auditor should review procedures and previous findings or issues related to the audited process. A checklist with a pre-determined list of questions can be sought to be used during the audit; this checklist should be provided to the auditee so they have time to organize any information.

It’s conducted in an objective and friendly manner
An audit should start with an opening meeting with the auditor and the auditee(s). It’s recommended that the auditor works systematically through the checklist or procedure, while reviewing records, observing the process, analyzing process data and talking to employees. During the audit, the auditor must discuss the findings with the auditee before recording it.

Audit findings are recorded
A closing meeting with the auditee is fundamental so information is not delayed. Here the auditor should point out possible weaknesses and areas for improvement. Findings and their details (these include non-conformities, positive areas and improvement areas) need to be recorded and communicated to the auditee(s) and management.

Findings are monitored
The auditor is responsible for ensuring that corrective actions have been taken to fix any problems found during the audit.

If everyone takes advantage of the positive results internal audits can bring, and if these aid organizations to improve their processes and management system- whether is a quality, environmental or any other system- an internal audit can be considered a success.

1 5247

ISO 9001:2015 represents a major change to the 9001:2008 version. One of these changes regards the Quality Management Systems (QMS) documentation.

The 2008 version of the standard, uses two separate terms “documents” and “records” to identify its documentation, whereas, in the recently published Draft International Standard of the new revision, both these terms are combined as “documented information”.

For those familiar with the 2008 version, it can be said that where it refers to “documented procedures” in the new revision it is expressed as a requirement to maintain documented information. Also, where the 2008 version refers to as “records” it is now expressed as a requirement to retain documented information. Below, there’s a list of the documented information that the new standard requires to be maintained and retained.

Documented information that is required to be maintained with ISO 9001:2015

  • The scope of the QMS, including the products and services it covers and the justification of those requirements that the QMS will not be able to apply.
  • Information that supports the operations of processes.
  • The quality policy.
  • Information that defines characteristics of products and services, activities to be performed, and the results to be achieved.

Documented information that is required to be retained with ISO 9001:2015

  • Information necessary to have confidence that processes are being performed as planned and conform to requirements.
  • Information on the quality objectives.
  • Information as evidence of fitness for purpose of monitoring and measurement resources.
  • Information as evidence of competence.
  • Information describing the results of the review of requirements related to products and services.
  • Information resulting from the design and development process.
  • Information on review of design and development changes.
  • Information of the results of the evaluation, monitoring of performance and re-evaluation of the external providers.
  • Information necessary to maintain traceability when required.
  • Information describing the results of the review of changes, personnel authorizing the change, and any necessary actions
  • Information providing traceability to the person(s) authorizing release of products and services for delivery to the customer.
  • Information on actions taken on nonconforming process outputs, products and services.
  • Results of monitoring and measurement activities.
  • Information as evidence of the implementation of the audit programme and the audit results
  • Information as evidence of the results of management reviews.
  • Information as evidence of the nature of the nonconformities, actions taken, and the results of any corrective action.

As it can be seen from the above list, in the new version of the standard, it will not be required to create and maintain a Quality Manual, which has been around since the creation of ISO 9001 in 1987.

0 7093
Food Safety Standards

An increasing number of organizations in the food supply chain industry are seeking certification with the various GFSI approved certification schemes available.

The 3 most used certification schemes are The BRC (British Retail Consortium), the Food Safety System Certification FSSC 22000 and the Safe Quality Food (SQF) code. These schemes are bench marked against the same criteria and they all need to meet minimum requirements established by the GFSI.

However, because they are owned by different organizations and they vary in terms of the scope, structure, certification process, validity and the reporting and management conducted.

Differences in GFSI Approved Certifications Schemes

System requirements

  • The BRC standard has a focus on quality, food safety and legality.
  • The FSSC 22000 targets its focus on food safety and legal compliance.
  • The SQF code has two levels of requirements: Level 2 focuses on food safety and Level 3 on food safety and quality.

System establishment and implementation

  • The BRC standard has descriptive requirements for process and hygienic control which provide clear guidelines as to how food safety should be addressed.
  • FSSC 22000 provides a good framework against which an organization can develop its food safety management system, as it is not too descriptive and has the flexibility to allow the organization to choose the best way to control its own system.
  • The SQF code requires a combination of SQF system elements and food safety fundamentals based on product category.

Certification process

Closing Non-conformities (NC)

  • For the BRC standard all NC’s root cause analysis and objective evidence must be submitted within 28 days.
  • FSSC 22000 requires that critical or major NC detected in stage 1 audit have to be closed during stage 2 audit, and for minor NC the action plan should be submitted.
  • For the SQF code major NC from stage 1 audit must be closed out before stage 2 audit and the root cause and objective evidence need to be submitted in 14 days for majors NC and in 30 days minor NC.

Certificate validity

  • The BRC and SQF certificate valid for 1 year.
  • The FSSC 22000 certificate is valid for 3 years.

Certification mark

  • Only organizations that attain SQF level 3 certification can use the SQF quality mark on their products

Whichever standard an organization decides to use, being certified by a GFSI approved certification scheme will help them ensure the delivery of safe food to their consumers, increase their processes’ efficiency and provide a platform for continuous improvement of their food safety management systems.


0 3936
Top 10 Mistakes Made in Managing an ISO 9001 System -

Here are some of the most common mistakes made by organizations when managing an ISO 9001 system:

Mistake 1. Top management is not committed to the ISO 9001 system.  If top management is not involved in quality, if they don’t provide the resources and mechanism to plan, control and improve their products, services and processes, ISO 9001 can not be sustained over time. It’s essential for top management to take decisions that demonstrate that quality, improvement and customer satisfaction are an important issue.

Mistake 2. Not training key personnel in ISO 9001. Not knowing what ISO 9001 is all about can be a big mistake. It is important for organizations to train key personnel (someone who has a decision-making role) in ISO 9001, in order to understand what ISO 9001 really is and what it requires. Not knowing nor understanding ISO 9001 can take organizations through a path of disappointment and despair.

Mistake 3. Not training all personnel. Everyone must receive training on the important quality aspects of the activities and processes they work in. Everyone must understand the importance of quality and how they can achieve it. The training must be consonant with their responsibilities and the activities they perform.

Mistake 4. Making the system complex. If the organization is working to keep the system alive, it is a sign that it is too complex and all the work of filling out forms and documenting procedures is not adding value to the organization. The system must be kept simple and practical, and it should focus on results and improvements, and not on documents.

Mistake 5. Not using the corrective action process properly. Organizations need to take the time to investigate their problems and involve the right people in the investigation process. Most problems are recurrent, so using the corrective action process correctly will reduce or eliminate their recurrence.

Mistake 6. Not knowing what customers want. One of the objectives of ISO 9001 is to improve or increase customer satisfaction, and if organizations do not take the time to listen to their customers, they will not be able to reach this goal. A long and complicated survey is not necessary nor recommended, just by asking a few key questions will give organizations enough information to determine and plan for changes that will aim to fulfill this goal.

Mistake 7. Rushing into the implementation process. To build a solid ISO 9001 management system takes work and time.Trying to implement the system in a short time will be counterproductive. Organizations need to take the necessary time to plan, do, check and act in order to implement a system that will improve their products, services and processes.

Mistake 8. Not having a trained and experienced internal auditor. In many cases, internal auditors lack the necessary training and experience to distinguish small details from big issues in the QMS. Auditors need to focus on the issues that will help organizations improve their processes and the system itself.

Mistake 9. Believing that what works for one organization will work for their own. Every organization is different and what may work for one, may not work for another. Organizations need to focus on their specific context in order to build and develop their management system around it.

Mistake 10. Leaving the responsibility of the QMS to one person. ISO 9001 needs to be the work of an entire organization. If people do not take ownership of the QMS, it will not work out. People need to incorporate quality in their work and activities and an outsider will not achieve that. Guidance and training is needed, but if quality is not done on a daily basis in every process then the system will never add value to the organization.

0 1792

When going about creating a new business and you’re in the stages of being a startup, some startups might gloss over ISO 9001. The price may be a turnoff to people who see themselves only digging a bigger hole if they invest and go along with ISO 9001 implementation and certification. With any part of business, companies have to weigh the benefits and the cons of investing into something – ISO 9001 is no different. We’re here to tell you about the strongest benefits of investing in ISO 9001. You’re investing in yourself first off, and that’s a big help to startups looking to get their foot in the door.

ISO 9001 – The Benefits
The first thing about ISO 9001 is thinking about the cost. Most startup companies may have to consider a lot of things in their starting stages, and the return that can yield from that investment. When looking towards ISO 9001, you’re investing in practicalities and the foundation for a business. With the foundation set for success, all it takes is time and work for you to be on the road to success. Here are a few things that ISO 9001 can bring you.

ISO 9001 offers the process towards getting your product and sending it out towards the people who are interested in it. The process for building any startup up is complex and lot of work is needed. What are all of the things that are needed from the start of the end of this? What is needed at the start to make the product, finalize the product, send the product and make sure that it fits the requirements of what the customer needs from you? When looking at these processes, you cannot just think about it as a whole – each little thing is its own entity. These all come together and make one large thing in the end – the process. All steps in the process must flow smoothly or you may risk an error that can alter everything later on.

Using ISO 9001, you’re also finding a way to plan, act and find a way to interact to people properly. This goes from customers, analyzing your sales and communicating with them through customer service, monitor and reviewing the effect of these practices, and your employees. By setting a proper environment for your employees who will monitor and act properly to ensure the business flows and thrives. By properly managing customers and employees, the environment will feel great and this can help maximize profits and risks early in time.

ISO 9001:2015 also offers a great view into the goals, objectives, and elements for any startup business. With these, businesses will be able to take action against errors and fix them to move onto bigger and better things.

Why does ISO 9001 matter?

Implementation of ISO 9001 and getting a certification with it can help a startup. With ISO 9001, businesses are given a head start into the world and given a glimpse into what they can be. By pointing out errors, giving tips into what can be and how to go along with doing it, owners are able to maximize their profits, satisfy their customers and please their employees. Although the road to certification can take some time and can certainly be from six months to a year, ISO 9001 offers benefits instantly that can help any business. These habits and guidelines set up a business for success, and give startups access to exclusive markets. ISO 9001 is quickly becoming the normal for those who which to have local and federal contracts with the government – what are you waiting for?


0 5559
Procedures for ISO 9001:2015

ISO 9001:2015 does not identify any required documented procedures, at least not as it was required in the 2008 version of the standard. The new standard refers to requirements of “documented information” and in the clause 7.5 it states that:

The organization’s quality management system must include:

  1. Documented information required by this International Standard;
  2. Documented information determined by the organization as being necessary for the effectiveness of the quality management system.

Throughout the new version of the standard, there are a number of references for organizations to maintain and retain documented information. It can be inferred that where the standard states that the organization is required to maintain documented information sufficient to support the operation of processes it is implying the need of documented procedures.

The specific procedures required for the quality management system will depend on the organization itself. The standard also states that:

The extent of documented information for a quality management system can differ from one organization to another due to the:

  1. Size of organization and its type of activities, processes, products, and services;
  2. Complexity of processes and their interactions;
  3. Competence of persons

Each organization will need to identify which procedures are essential for the correct operation of their processes in order determine which ones they’ll need to create. If an organization does not have any documented procedures, it will need to demonstrate how people know what to do and show acceptable evidence to support that their processes are carried out effectively without them.

Organizations that have already implemented ISO 9001 will not need to throw away the procedures that are in place. If these procedures serve as a useful tool within the organization, they should be maintained. However, the new standard presents an opportunity for organizations to take a second look at the procedures that are part of their management system in order to determine which add value to the system and which don’t.

Organizations wishing to be certified with ISO 9001:2015 must meet all of the requirements within a standard, including those regarding documented information, and they must be able to show evidence that they have all the necessary procedures in place.

0 8046
How to Prepare for a Successful ISO 9001:2015 Audit -

No matter how many audits someone has gone through, knowing that someone will be auditing your work always generates some tension and anxiety. Here are some recommendations from The Registrar Company, a North American Certification Body with over 20 years of auditing experience, to help your organization prepare for a successful ISO 9001:2015 audit.

Prepare Employees

  • Quality Policy – Review the quality policy, refresh it if needed, and make sure everyone understands it. There is no need for workers to memorize the policy, but they should have a clear understanding of what the organization has committed to in terms of quality.
  • Quality Objectives – Workers should know what the organization’s quality objectives are and how they themselves contribute to achieving them. Employees should know and be able to explain how their day to day activities can influence these objectives.
  • Training – Ensure that everyone has been properly trained to perform their tasks.
  • Documented Information – Make sure everyone knows where to find current copies of procedures, work instructions, and forms that are relevant to their position.
  • Audit Schedule – Let everyone know the scope of the audit, when they will be audited, and what the auditor may be checking in their areas.
  • Interviews – Workers should have the confidence to answer what they know, and have the same confidence to say ‘’I don’t know” when they are not sure how to respond during an audit.

Review Documented Information

  • Make sure document and record listings are up-to-date.
  • Check that all documents have been reviewed, approved, communicated, and followed by everyone involved in the process or activity.
  • Ensure obsolete documents have been removed from circulation and are no longer in use.
  • Verify that all records are being used correctly.

Ensure all Processes are Being Performed Correctly

  • Make sure that all procedures (whether they are documented or not) are being followed.
  • Ensure that critical processes are being performed in the same way (the correct way) by everyone.

Review Corrective Action Process

  • Review the findings from previous audits and make sure they have been addressed.
  • All non-conformities must be properly recorded, investigated, and actions need to be in place or concluded by the time of the audit.
  • Corrective actions that have been executed and closed should also have been verified for effectiveness.

Organize the Workplace

  • It is difficult for quality control and assurance to take place in an untidy, dirty, or unorganized workplace. Take time to organize the workplace (offices, desks, warehouse, workshop floor, etc.).
  • Make sure records, forms, procedures, and any relevant documents are on-hand or easy to access.

Practice Positivity and Professionalism

  • Make a good first impression – treat auditors professionally and with respect.
  • Do not be predisposed. Auditors are not enemies, they are there to establish conformance and to help your organization uncover any weaknesses so that you can take the necessary actions to improve.

TRC is internationally recognized and trusted. With a large network of auditors, TRC is an international certification body with local benefits. With dedicated Client Services Managers and family-owned and entrepreneurial values, our clients are family. We take the time to understand your business and your unique needs. TRC audits are more than a checklist, we highlight your corporate strengths, and find opportunities for improved processes to ensure you stay competitive and thriving. TRC works with you to ensure minimal disruptions so you receive the highest benefits from the auditing process.

0 975

AS9100 applies to large aerospace suppliers only 

Although only intended to be used by aerospace companies, AS9100 is not meant for only the largest of organizations. Requirements have been determined in a descriptive way, but not by prescriptive means. The standard contains what must be done (requirements), but does not dictate how they must be accomplished by the organization (processes). Therefore, the requirements of AS9100 can be implemented in a way that works best for each individual organization, be they large or small. Using this particular method, the organization is provided with the best possible practices of what the QMS requires to be effective, regardless of the size of the aerospace organization.