Authors Posts by admin

admin

74 POSTS 0 COMMENTS

0 2409

All ISO standards are developed and published following a systematic process were ISO members and sector specific experts are involved.  When the need for a standard has been identified, a panel of experts, within an ISO technical committee (TC), meet to discuss and negotiate the first draft of the standard. As soon as a draft has been developed it is shared with ISO’s members who are asked to comment and vote on it. If a consensus is reached, the draft becomes an ISO standard, if not it goes back to the technical committee for further edits.

Below is a more detailed explanation of each step a standard undergoes before it is released to the public.

  1. A new Standard is proposed to relevant TC.
    Contrary to what many believe, ISO does not decide when a new standard should be developed. ISO responds to a sector specific need when industry or other stakeholders make a formal request of a standard. Typically, an industry sector or group communicates the need for a standard to its national member who then contacts ISO. Practically every country (163 to be exact) has one ISO member that can be reached for this purpose.The TC reviews the proposal and if it’s accepted, the process will continue to step 2.


  2. Working groups of experts start discussion to prepare a working draft.
    These experts negotiate all aspects of the standard, including its scope, key definitions and content. These group of experts are from all over the world and they are part of larger groups that form a TC.
  3. First working draft shared with TC and with ISO CS.
    TCs are made up of representatives of industry, NGOs, governments and other stakeholders, who are put forward by ISO’s members. Each TC deals with a different subject; ISO has over 250 TC.The relevant TC reviews the first draft and if consensus is reached within the TC, the process moves on to step 4.
  4. Draft is shared with all ISO national members.
    As mentioned above, there is a member in almost every country. The draft is shared with these member (over 150) and each is asked to review and comment. All these comments are taken into account by the TC and if a consensus is reached, the process continues to step 5.
  5. Final Draft is sent to all ISO members.
    The final draft is sent to all members for approval. If it is approved by member vote, the process continues to its final step.
  6. ISO International Standard.
    The ISO International Standard is published and available for the public to purchase. This can be purchased from the ISO store or from the ISO national members. A full list of the ISO member of each country is available in the ISO website.



1 4882
ISO 9001

A Standard Operating Procedure (SOP) is a document that consists of a set of instructions or steps on how to execute a task. A Standard Operating Procedure serves as a tool to ensure that activities are performed properly all the time and following operational, quality, environmental and safety requirements.

Here are some recommendations on how to write Standard Operating Procedures that have a  positive impact in operations:

1. Choose the correct format
Depending on the activity, the correct format should be chosen:

  • A simple steps format. This is used for routine procedures that are short and simple. These are usually a set of simple sentences highlighting step-by-step what needs to be done.
  • A hierarchical steps format. This is for long procedures (more than 10 steps) where decisions need to be made and clarifications and terminology is essential for the activity to be performed correctly. These consists of a list of main steps with substeps.
  • A flowchart format. This is used for complex procedures that could have many possible outcomes.



2. Consider who the Standard Operating Procedure is for

Standard Operating Procedures are written for a variety of activities performed by a variety of people. The factors that should be considered to guarantee that the Standard Operating Procedure is understood by the person reading it are age, education, knowledge, skills, language abilities, etc. This information will determine if it’s necessary to include basic terminology, pictures, diagrams, etc.

3. Keep the purpose of the Standard Operating Procedure in mind

Keeping the purpose in mind will help to include all relevant information. Some of the main reasons for creating Standard Operating Procedures are:

  • Provide all the safety, health, environmental and operational information required to perform a job properly.
  • Protect the health and safety of employees, the environment and/or the community.
  • Ensure consistency in operations and quality control of processes and products.
  • Ensure activities are completed on time.
  • Prevent failures in manufacturing and related processes.
  • Ensure compliance with company and regulatory requirements.

4. Consider different views/perspectives

Ideally, Standard Operating Procedures should be written by a team that includes personnel from different areas. However, in the real world, they are written by just one person. If this is the case, the person in charge of creating them should:

  • Interview someone that performs the job, a supervisor and the people in charge of ensuring that quality, health, safety and environmental requirements are met.
  • Have people from different areas review and comment before releasing the final Standard Operating Procedure.

5. Keep the writing simple

Standard Operating Procedures should be clear and concise. Sentences must be as short as possible. People usually don’t want to read Standard Operating Procedures, they have to, so making them clear and easy to read is essential.

These are some recommendations for writing effective Standard Operating Procedures. What is most important to remember is that these documents need to be comprehensive and easy to read. If they are never read or understood by the intended audience, they are not likely to serve as an effective tool in any process.



0 3733
ISO Implementation Process

Preparing for an ISO implementation process of any ISO standard can be overwhelming and frightening for many. How an organization prepares for implementation will depend on factors such as size and complexity of its processes, the current knowledge and culture related to the standard (quality, environmental, safety, etc), the maturity of any other existing systems related to the standard wishing to implement, and many others. Despite the differences there may be between organizations, there are a few tips that will facilitate the implementation process of any management system, these are:

Know the standard.

It is essential that some personnel knows the management system’s requirements. Everyone does not need to be an expert on the requirements of the specific standard that will be implemented, but key workers need to fully know and understand all of the requirements of the standard.



Inform everyone what is going on.

The implementation process is not a task of just a few chosen ones. Everyone needs to be involved in this process. Every worker needs to know what is being implemented, why is it being implemented, which are the benefits for the organization and for themselves, and how they will be involved in the process. When people are informed, they will be more open and willing to collaborate in the implementation.

Analyze the organization’s current situation.

Before starting to implement any ISO management system, an organization needs to know its level of compliance with the standard. This will allow the organization to understand beforehand its strengths and weaknesses regarding the ISO management system wishing to implement and estimate the time needed for implementation.

Map your processes.

Establish and record current processes in order to know the relationships between departments and how the processes flow within the organization. This will allow organizations to plan their implementation by processes and not just by areas and departments.

Review existing procedures and work instructions.

Many processes need written and documented information that will guarantee that activities are carried out in the correct manner. Organizations need to review which processes are documented and how many work instructions there are. It is not the same to develop a few documents and just review work instructions than to develop them from scratch. Organizations need to have an idea of how much time they will have to invest in developing and reviewing documents.

Review current training programs.

Evaluate existing training and awareness programs. Training and awareness are an important part in the implementation process and if an organization has not considered training its workers, it would be best to redefine these programs to make sure that a large percentage of workers are trained and informed about policies, procedures, regulations, etc that will be a part of their daily activities.

These are some recommendations that will help organizations prepare for the implementation process of any ISO management system. The most important aspect to keep in mind is to make sure that the whole organization is working for the same objectives and pulling in the same direction.



0 2069
Accreditation bodies allow organizations seeking accreditation can demonstrate to their customers that they have been successful at meeting the requirements of international accreditation standards.

An accredited registrar, also called an accredited certification body (CB), is an organization accredited by a recognized accrediting body for its competence to audit and issue certification confirming that an organization meets the requirements of a standard (e.g. ISO 9001 or ISO 14001). There are many benefits of using an accredited registrar when looking to obtain certification for your organization.

Accreditation means an independent, objective body recognizes that an organization is qualified to provide specific services. An accreditation body should assess a registrar’s facilities, procedures and staff against a set of criteria that define acceptable competence levels and capabilities.



There are many registrar companies that offer their services to audit and determine if an organization meets the requirements of a specific standard; however, not all registrars are accredited. An organization may decide to seek certification from any of these registrars, accredited and non-accredited. Nonetheless, choosing an accredited registrar can bring the following benefits to an organization:

  • Organizations can be assured of the registrar’s ability, since the accreditation represents an independent assessment of the registrar’s credibility to perform management system registration.
  • It provides assurance that the certification is based on conformance with internationally accepted practices and procedures, thus offering credibility to the certificate.
  • Many clients and customers require suppliers’ management system is certified by an accredited registrar.
  • Accredited registrars are prohibited to offer both consulting and registration services to one organization, in order to ensure that the value of the certificate will not be compromise due to conflict of interest; on the other hand, some non-accredited registrar do offer both services as one package in order to offer more competitive prices whilst jeopardizing the credibility of the certification.
  • Accreditation assures organizations that a registrar meets specific requirements on an ongoing basis.
  • Accredited registrars can assure that the auditors selected are properly qualified for the industry specialty, and that certification audits will be effective and objective.
  • Accreditation provides an added safeguard against improper and fraudulent activities.
  • In order to maintain accreditation, registrars are pressured to enforce internationally sanctioned registration standards and practices within its organization and among its auditors.
  • Accreditation registrar are often stipulated and supported by local governments.

Organizations that choose an accredited registrar and develop an active relationship with it will ensure the value of its registration certificate, and they can guarantee their customers and clients that their management system has been certified by an unbiased, objective and professional audit.



0 2849
  1. Commit to improvement.

For any QMS to improve, it is essential that everyone is committed to seeking problems, evaluating efficiency and effectiveness of processes and implementing better and improved ideas. Management should be the first to make this commitment and if management “walks the talk” then everyone will follow.



  1. Analyse and assess current QMS.

Organizations need to take a closer look at their current practices in order to identify any gaps between what is being done and what should be done. This can be achieved by interviewing workers in critical control points, reviewing procedures and records and observing how processes are occurring. Any steps that are not adding value to the process, the system or the organization must be identified, removed or improved.

  1. Include everyone in training programs.

A QMS is not the responsibility of one person or one department. Everyone must be involved in improving the quality of products, services and processes.

Organizations should establish a training program for new employees and existing ones.  These programs should promote knowledge, produce skills and capacities and reduce resistance when implementing new ideas for improvement.

  1. Define clear goals and objectives and make sure everyone knows them.

QMS should aim at achieving specific goals. If a clear path is not drawn, there’s a risk that people will be working real hard but in different directions. Time should be spent in assuring everyone knows these goals, how they’ll be achieved, how they’re measured and periodically they should be informed of where the organization is standing in relation to these goals.

  1. Make sure the right key performance indicators (KPI) are being used.

Organizations need to carefully select and review their KPI. These should let an organization know how efficient and effective processes are and indicate where possible problems could be. If they are not giving a real overall picture of where the organization is at regarding quality, then another look should be taken to change or improve what and how performance is being measured.

  1. Listen to the suggestions of employees and customers.

Create a system that will promote workers and customers to share improvement ideas. Many great improvement ideas come directly from the people processing a product or the people that actually use it.

  1. Give people credit.

To encourage participation throughout the organization, motivate workers by recognizing their work and their ideas. Compensation or recognition should not necessarily be monetary, a simple public recognition in working meetings to can have great effects in lifting workers morale.

  1. Make the system simple.

A QMS that is extremely complex and overloaded with documents is not necessarily the best one. If documents and procedures are long and complicated, it is very likely that people will never use them. Evaluate the system and make sure that it makes sense and that it’s as simple as possible.

  1. Create quality groups.

In many organizations workers from different departments or areas are reluctant with sharing information. By bringing together people from different areas to evaluate processes and recommend improvements, an open and more effective communication can be achieved between areas that operationally seem to be apart.

  1. Have a quality attitude.

In order to reach the goals that have been set, organizations need to identify and detect problems and weaknesses but they must focus on improvements. If managers are constantly focusing on failures and defects and not on how to remove or improve them, the right attitude and mindset for quality will never be achieved.



0 594

The Process of Managing Outsourced Suppliers in accordance with ISO 14001:2105  

Following the release of the ISO 14001:2015 standard, organizations had to incorporate multiple changes and activities into their EMS (Environmental Management System) and enable to meet the terms of the ISO 14001:2015 standard. One of the changes that might not seem so obvious is the process by which one’s organization manages outsourced services and suppliers, ensuring that they are aligned with the standard’s terms. By mentioning “outsourced suppliers,” the standard denotes third parties who are contracted to perform critical parts of one’s process and service normally, but not always outside one’s own facility. What does one need to understand and what actions does one need to take in order to ensure that one’s EMS remains compliant? 

Important Changes in ISO 14001:2015 

The ISO 14001:2015 standard states that the organization shall “determine its environmental requirement(s) for the operational planning and control regarding products and services as appropriate.” While this statement does not seem drastically different compared to the 14001:2004 standard, Annex A provides more information. One is told how an organization should decide on the amount of control needed over its external suppliers based on factors such as the ability to meet compliance, technical aptitude, the significance and the consequences of the product or service for the organization, and the average capability of the organization’s purchasing process of delivery.  

Additionally, Annex A explains that the amount of control exerted by the organization over the delivery of a service or product is variable. However, one thing is certain: one’s organization must assume all final responsibilities for the environmental performances of any outsourced suppliers in the delivery of one’s product or service.  



How would one achieve this? 

Laying down the foundations 

Regarding the ISO 14001:2015 standard, there are several criteria that should be checked: 

  • How likely are one’s suppliers to deliver one’s key environmental performance indicators? 
  • If one’s supplier is not ISO 14001:2015 certified, do they have an environmental policy? If not, do they follow the terms of one’s organization’s environmental policy? 
  • Does one’s supplier have an internal audit policy and results readily available? 
  • Does one’s supplier completely comprehend legislation that pertains to one’s product and its delivery? 
  • Does one’s supplier have evidence of factoring in risks and identifying environmental aspects to mitigate environmental impacts? 

Now, how can an organization guarantee that its supplier has the capability to manage environmental performance in accordance with the ISO 14001:2015 guidelines? Consider: 

  • Insisting on routinely creating key performance indicators for the outsourced supplier. 
  • Ensuring one’s supplier places great emphasis on environmental criteria whenever they make purchases. 
  • Seeing evidence of actions such as assessing risks and identifying environmental impacts that will produce improvement.  
  • Asking for a record of the supplier’s legislation and proof that they comply with environmental laws that pertain to their work 
  • Seeking proof that any environmental accidents or hazards as a result of the supplier will be documented and reported to the organization according to an emergency preparedness procedure and confirm the existence of a procedure whenever authorities, containment, and corrections are involved. It is advised that the supplier is guided as to how this process should operate, given that the organization itself is responsible any outcomes. 
  • Ensuring that one’s organization agrees to a program for the supplier’s regular inspections, where the environmental performance of the supplier is judged. If necessary, the supplier may take action. 

An Organization’s Key Responsibilities 

When managing one’s outsourced suppliers, it is important to remember that one’s organization has the ultimate responsibility for environmental performance and all internal and external environmental impacts caused by the manufacturing of one’s product or service. As a result of the more descriptive Annex A, the more control one’s organization asserts over its supplier, the better one’s general environmental performance. Taking the steps mentioned above will help one ensure that the suppliers’ environmental performance is managed effectively and the terms of ISO 14001:2015 are consistently surpassed. 

 

0 1072

ISO 9001:2015 has brought a variety of new concepts to the field of standards and certification. One of these concepts involves the process of aligning the Quality Management System with the organization’s own strategic direction. And, understanding this relationship in order to maximize a company’s efficiency and potential.

Understanding the company’s context while ensuring quality in both the policies and objectives stated by the board is paramount, as well as both factors being in line with the body’s general strategic direction. Members of the company must then verify quality checks in policies, compatibility with the strategic direction, and all while making sure that the QMS is in line with all mentioned factors.



Knowing your Strategic Direction

Knowing the strategic direction for an organization may seem like an easy and simple enough task to undertake, but there is more to it than meets the eye. Strategic direction refers to the path of actions you are utilizing to achieve the goals you and your company has set out to do in the basics of organizational strategy. The creation of achievements and goals are a common step that a company takes during the building process. You may know it as the Mission and Vision Statement of the company, something that I am sure you have noticed written on the organization’s walls for all to see. It is a statement where the founding members state their agenda on where they see the company headed, as well as laying out the plans step by step in order to make sure they are going the right direction. This will guide the company’s course of action through the years of growth and progress.

Utilizing Quality Objectives towards the Strategic Direction

Quality objectives are the target statements that will be looked upon when considering more growth and progress in a company. These objectives provide bullet points for consistent and continued improvement all around the organization, and each objective has a specific layout or plan to ensure that the motives are in line with the scope of the vision of the company. For an example, if the organization’s formulated mission statement involves the improvement in quality of their product while still maintaining a competitive edge on quantity and creation, the quality objective would involve a specific targeted percentage of growth in an X number of time. This would give an outline and guide on the mission’s landmarks to make sure that the company grows and develops as planned and in the same level of the timeframe they provided. Of course, the quality objective must be realistic enough to foresee some roadblocks and adjust accordingly. This would ensure a grounded approach to the goals, and will be of prime importance when trying to meet the standards set in the creation of objectives at the time estimated.

Lack of Strategic Direction

In earlier stages of progress, a company may delay the creation of the mission and vision statements, leading to a vague strategic direction for the entire process. This should not be the case, as if you are applying ISO 9001:2015 or undertaking the transitional process from using an ISO 9001:2008 to 2015, the creation and having an overall mission and vision is paramount to a company’s initial growth. These goals create a critical role and aspect in the successful implementation of the requirements provided by the QMS. A lack of an overall vision would lead to several problems along the way, such as the decreased focus in specific standards; an inferior demonstration of the company’s quality policies, objectives, and management review. The best way of getting a head start in this process is definitely the creation of a unified and specific vision under the company’s umbrella, ensuring that all the elements involved have a general direction where they need to focus, as well as an easier time creating and maintaining standards set by the QME. These factors will create a steady form of development and improvement for the company, and may even provide ways to improve relations with customers, build rapport, all while growing your business. This is what application of ISO 9001 is all about.



2 3695

All management systems require organizations to conduct internal audits in order to obtain information that will evidence the degree to which requirements are being met. In other words, internal audits check practice against policies, processes and procedures and thoroughly document any differences.

Although internal audits are an important tool for organizations to evaluate their management systems and to uncover areas that are in need of attention, for many, this process induces an enormous amount of stress. For audits to serve as a means to identify gaps and effective solutions, it is essential that these are formal, planned and organized. Other key characteristics internal audits should have are:



They are scheduled
Surprise audits are not welcomed by anyone. A schedule should be set and communicated to everyone, preferably at the beginning of the year. There’s no need to audit all processes at once; different processes can be audited at different times throughout the year, organizations just need to make sure that at the end of the year all processes have been audited.

Auditors are competent
Auditors need to demonstrate in-depth knowledge of the standard which they are auditing against and they should have an understanding of the processes being audited. They should be objective and impartial; this means that they can’t audit a process which they manage or control. Large organizations usually have a team of trained auditors, but that is not necessary; an alternative is to hire the services of an external consultant to perform the internal audits.

They are planned
The audit needs to be confirmed with the process owner. At this stage the auditor should review procedures and previous findings or issues related to the audited process. A checklist with a pre-determined list of questions can be sought to be used during the audit; this checklist should be provided to the auditee so they have time to organize any information.

It’s conducted in an objective and friendly manner
An audit should start with an opening meeting with the auditor and the auditee(s). It’s recommended that the auditor works systematically through the checklist or procedure, while reviewing records, observing the process, analyzing process data and talking to employees. During the audit, the auditor must discuss the findings with the auditee before recording it.

Audit findings are recorded
A closing meeting with the auditee is fundamental so information is not delayed. Here the auditor should point out possible weaknesses and areas for improvement. Findings and their details (these include non-conformities, positive areas and improvement areas) need to be recorded and communicated to the auditee(s) and management.

Findings are monitored
The auditor is responsible for ensuring that corrective actions have been taken to fix any problems found during the audit.

If everyone takes advantage of the positive results internal audits can bring, and if these aid organizations to improve their processes and management system- whether is a quality, environmental or any other system- an internal audit can be considered a success.



1 3019

ISO 9001:2015 represents a major change to the 9001:2008 version. One of these changes regards the Quality Management Systems (QMS) documentation.

The 2008 version of the standard, uses two separate terms “documents” and “records” to identify its documentation, whereas, in the recently published Draft International Standard of the new revision, both these terms are combined as “documented information”.



For those familiar with the 2008 version, it can be said that where it refers to “documented procedures” in the new revision it is expressed as a requirement to maintain documented information. Also, where the 2008 version refers to as “records” it is now expressed as a requirement to retain documented information. Below, there’s a list of the documented information that the new standard requires to be maintained and retained.

Documented information that is required to be maintained with ISO 9001:2015

  • The scope of the QMS, including the products and services it covers and the justification of those requirements that the QMS will not be able to apply.
  • Information that supports the operations of processes.
  • The quality policy.
  • Information that defines characteristics of products and services, activities to be performed, and the results to be achieved.

Documented information that is required to be retained with ISO 9001:2015

  • Information necessary to have confidence that processes are being performed as planned and conform to requirements.
  • Information on the quality objectives.
  • Information as evidence of fitness for purpose of monitoring and measurement resources.
  • Information as evidence of competence.
  • Information describing the results of the review of requirements related to products and services.
  • Information resulting from the design and development process.
  • Information on review of design and development changes.
  • Information of the results of the evaluation, monitoring of performance and re-evaluation of the external providers.
  • Information necessary to maintain traceability when required.
  • Information describing the results of the review of changes, personnel authorizing the change, and any necessary actions
  • Information providing traceability to the person(s) authorizing release of products and services for delivery to the customer.
  • Information on actions taken on nonconforming process outputs, products and services.
  • Results of monitoring and measurement activities.
  • Information as evidence of the implementation of the audit programme and the audit results
  • Information as evidence of the results of management reviews.
  • Information as evidence of the nature of the nonconformities, actions taken, and the results of any corrective action.

As it can be seen from the above list, in the new version of the standard, it will not be required to create and maintain a Quality Manual, which has been around since the creation of ISO 9001 in 1987.



0 3514

More and more organizations in the food supply chain are seeking certification with one of the various GFSI approved certification schemes available. The three most used certification schemes are The BRC (British Retail Consortium), the Food Safety System Certification FSSC 22000 and the Safe Quality Food (SQF) code. These schemes are benchmarked against the same criteria and they all need to meet minimum requirements established by the GFSI. However, they are owned by different organizations and they vary in terms of the scope, structure, certification process, validity and the reporting and management conducted.
Some of these differences are:



System requirements

  • The BRC standard has a focus on quality, food safety and legality.
  • The FSSC 22000 targets its focus on food safety and legal compliance.
  • The SQF code has two levels of requirements: Level 2 focuses on food safety and Level 3 on food safety and quality.

System establishment and implementation

  • The BRC standard has descriptive requirements for process and hygienic control which provide clear guidelines as to how food safety should be addressed.
  • FSSC 22000 provides a good framework against which an organization can develop its food safety management system, as it is not too descriptive and has the flexibility to allow the organization to choose the best way to control its own system.
  • The SQF code requires a combination of SQF system elements and food safety fundamentals based on product category.

Certification process

Closing Non-conformities (NC)

  • For the BRC standard all NC’s root cause analysis and objective evidence must be submitted within 28 days.
  • FSSC 22000 requires that critical or major NC detected in stage 1 audit have to be closed during stage 2 audit, and for minor NC the action plan should be submitted.
  • For the SQF code major NC from stage 1 audit must be closed out before stage 2 audit and the root cause and objective evidence need to be submitted in 14 days for majors NC and in 30 days minor NC.

Certificate validity

  • The BRC and SQF certificate valid for 1 year.
  • The FSSC 22000 certificate is valid for 3 years.

Certification mark

  • Only organizations that attain SQF level 3 certification can use the SQF quality mark on their products

Whichever standard an organization decides to use, being certified by a GFSI approved certification scheme will help them ensure the delivery of safe food to their consumers, increase their processes’ efficiency and provide a platform for continuous improvement of their food safety management systems.