Authors Posts by ISOUpdate.com

ISOUpdate.com

65 POSTS 2 COMMENTS
ISO Update is an independent website that aims to provide information, resources, and updates around the Standards and Certification industry. We believe that organizational standards can help businesses of all shapes and sizes become more efficient and successful on a local, federal, or global scale.

0 3176

Improving your Quality Management System is simpler than you think. By learning about ways to improve, you are already well on your way to achieving success with your organization or auditor training. Follow these 10 simple suggestions and you will see changes.

10 Simple Ways to Improve your Quality Management System

1. Commit to improvement

For any QMS to improve, it is essential that everyone is committed to seeking problems, evaluating efficiency and effectiveness of processes and implementing better and improved ideas. Management should be the first to make this commitment and if management “walks the talk” then everyone will follow.

2. Analyse and assess current QMS

Organizations need to take a closer look at their current practices in order to identify any gaps between what is being done and what should be done. This can be achieved by interviewing workers in critical control points, reviewing procedures and records and observing how processes are occurring. Any steps that are not adding value to the process, the system or the organization must be identified, removed or improved.

3. Include everyone in training programs

A QMS is not the responsibility of one person or one department. Everyone must be involved in improving the quality of products, services and processes.

Organizations should establish a training program for new employees and existing ones.  These programs should promote knowledge, produce skills and capacities and reduce resistance when implementing new ideas for improvement.

4. Define clear goals and objectives

QMS should aim at achieving specific goals. If a clear path is not drawn, there’s a risk that people will be working real hard but in different directions. Time should be spent in assuring everyone knows these goals, how they’ll be achieved, how they’re measured and periodically they should be informed of where the organization is standing in relation to these goals.

5. Use the correct key performance indicators

Organizations need to carefully select and review their KPI’s (Key Performance Indicators). KPI’s let an organization know how efficient and effective processes are, and indicate where possible problems could be. If they are not giving a real overall picture of where the organization is at regarding quality, then another look should be taken to change or improve what and how performance is being measured.

6. Listen to the suggestion

Create a system that will promote workers and customers to share improvement ideas. Many great improvement ideas come directly from the people processing a product or the people that actually use it.

7. Give credit

Giving credit to those who deserve it encourage participation throughout the organization and motivates workers by recognizing their work and their ideas. Compensation or recognition should not necessarily be monetary, a simple public recognition in working meetings to can have great effects in lifting workers morale.

8. Make the system simple

A QMS that is extremely complex and overloaded with documents is not necessarily the best one. If documents and procedures are long and complicated, it is very likely that people will never use them.

Evaluate the system and make sure that it makes sense and that it’s as simple as possible.

9. Create quality groups

Some organizations face difficulty with workers from different departments or areas that are reluctant with sharing information. By bringing together people from different areas to evaluate processes and recommend improvements, an open and more effective communication can be achieved between areas that operationally seem to be apart.

10. Have a quality attitude

In order to reach the goals that have been set, organizations need to identify and detect problems and weaknesses but they must focus on improvements. If managers are constantly focusing on failures and defects and not on how to remove or improve them, the right attitude and mindset for quality will never be achieved.

Learn how to prepare your company for the ISO Implementation Process.

0 1910
What are the differences between ISO 14001:2015 and ISO 14001:2004 - ISOUpdate.com

The latest version of ISO 14001, ISO 14001:2015 has brought changes to the most widely used standard on Environmental Management Systems (EMS). One of the major changes is its structure. ISO 14001:2015 now has the high level structure that is now common to all ISO management system standards referred to as Annex SL. This new common structure brings a more strategic focus to the standard and facilitates the integration with other ISO management system standards. In addition to this new structure, there are many differences between ISO 14001:2015 and ISO 14001:2004.  Here we will briefly explain the most relevant ones.



Organizational Context

Organizations are now required to systematically take into account the organizational context.  Organizational context can be looked at as the environment in which your business operates.  Now you will need to consider which internal and external factors can influence the environmental goals of your organization.

This will allow organizations to have a better understanding of the risks and opportunities it will encounter and to be better prepared to minimize (risks) and maximize (opportunities) in order to favour the organization’s environmental performance.

Needs and Expectations of Interested Parties

Organizations are now required to take a careful look at the needs and expectations of interested parties (stakeholders). They will need to identify relevant stakeholders and understand how these can impact the EMS if their needs and expectations are not met.

Leadership and Commitment

Top management is now required to demonstrate commitment and leadership to the EMS. In the new standard there is no such a thing as a management representative, now everyone is required to commit in a number of specified ways.

In ISO 14001:2004, organizations were required to commit, among other things, to reducing negative environmental impacts. Now, the new standard goes further by requiring organizations to also aim at having a positive impact and improve environmental conditions.

Life Cycle Perspective

The term life cycle has been included many times more in the new standard than in the 2004 revision. While in the last version, organizations were not required to consider the life cycle of products or services for the identification of environmental impacts, the new one does.

Organizations are now required to take a life cycle perspective when identifying and evaluating environmental aspects. For example, procurement, designed, transportation and disposal activities will now need to be considered. The purpose of this life cycle perspective is to contribute to sustainable development and prevent negative environmental impacts from shifting through the life cycle of a product or service.

Environmental Performance

The standard is now more specific regarding the evaluation of environmental performance. Organizations are required to use quantitative data in the evaluation process.

Communications

According to this new version, organizations are required to communicate externally relevant information regarding the EMS. This should be done following a communication process that the organization must establish.

In general, this new standard emphasises environmental performance improvement and drives organization to focus on organizational context and relevant stakeholders. It also promotes risk based thinking and a life cycle perspective.



0 6366
ISO 20000

In order to meet and improve customer satisfaction it’s essential to monitor and measure performance by using different indicators. Performance indicators are tools used for determining how and to what degree an organization is meeting guidelines, policies, objectives, requirements and targets set in their ISO 9001 QMS.

Note: These performance indicators are set by the organization and they vary from one organization to another.

Each organization must decide which performance indicators are more suitable to the nature of their industry sector and their objectives.

What should be considered is that these indicators must be measurable and achievable. They must refer to the system’s critical processes, they must accurately represent the target to be measured, and they should be quantifiable, cost-effective, reliable and allow management to know the information in real time.

Below, the critical areas to be measured and some examples of indicators are mentioned.

Cost Indicators

Cost indicators are performance indicators that evaluate the activities that consume economic resources in different processes. For example, the spend on energy consumption or other overhead costs, the percentage return on investments, and the percentage costs of carrying out correcting errors are all cost indicators. 

Time Indicators

Time performance indicators measure the time consumed in an activity or process, and considers the time from the beginning to the end of the selected process or activity.

For example:

  • Percentage number of products or services delivered on time.
  • Percentage number of products or services delivered late.

Productivity Indicators

Productivity performance indicators measure the efficiency of resources in the operation. For example, the percentage of downtown a particular machine or process experiences.

Quality Indicators

Quality performance indicators calculate the effectiveness in the development of activities or processes, delivering results based on the number of errors, number of perfect and flawless deliveries.

For example:

  • Percentage number of products or services needing rework.
  • Percentage of customers ‘very satisfied’.

Summary

Remember, performance indicators are set by the organization and they vary from one organization to another, and while these indicators may vary, they should serve as a tool for improving the quality of decisions regarding the processes, and the ISO 9001 QMS itself.


Learn about Performance Indicators in ISO 14001

0 1736

ISO Management Systems  consider Interested Parties an essential element in the success of any business. Interested parties, also referred to as Stakeholders must be managed in order to obtain and retain their support. Additionally, many ISO Management Standards including; ISO 9001, ISO 14001, and ISO 45001, require organizations to understand and manage the interests and expectations of their Interested Parties as part of the certification process.



Most organizations have a many Interested Parties. Determining which are the most relevant is critical step towards developing a plan to  prioritize and manage them.

How can an organization begin this process? 

First, it needs to understand the organizational context it works in and its goals regarding the management system being considered. Whoever can affect these goals or who can be affected by them, is considered an Interested Party. The most relevant Interested Parties are the ones who provide risk to the organization’s sustainability if their needs and expectations are not met.

Identify who the Interested Parties are: 

The list may include:

  • Owners / Shareholders
  • Customers
  • Clients
  • Suppliers
  • Partners
  • Employees and their families
  • Regulators / Government organizations
  • Contractors
  • Communities
  • NGO’s
  • Unions
  • Emergency services
  • Media

This list can grow or be reduced depending on the organization’s complexity, its context and goals.

Classify the Role of the Interested Parties 

After listing all the interested parties, it’s useful to categorize them based on how these relate to the organization. For example, do they hold responsibility for the organization, do they influence it, do they depend on it, are they close to the organization’s operations, etc.  Guidance on how to categorize them can be found in ISO 14004.

Prioritize their Relevance 

Not all interested parties will have the same interest and power to influence an organizations decisions and activities. Thus, it is necessary to differentiate the ones that have high interest and high power to influence decisions and activates from those that have low interest and power to influence the organization.

Determine the Needs and Expectations of the Interested Parties 

Depending on the size and complexity of the organization, this can be done by either reviewing formal or informal documents of requests, complaints, or talking directly with them. However, complex and big organizations may require research methods to determine their interested parties’ needs and expectations.

Regardless of the size of the organization, establishing a process to manage Interested Parties is essential. Without a proper plan an organization can easily incorrectly allocate its resources on the less relevant Interested Parties, while failing to meet the needs of a critical Interested Party.



2 3643
What is a Pre-Assessment Audit? - ISOUpdate.com

Defining a Pre-Assessment Audit

A pre-assessment audit is one that is performed before a certification/registration audit takes place. This pre-assessment audit determines the degree of conformance of an organization’s management system(s) with the requirements of a standard (e.g. ISO 9001, ISO 14001, ISO 27001, etc.)

After putting the time and effort to implement a management system and before diving into a certification audit, many organizations choose to contracting the services another organization or person to perform a pre-assessment audit. This is a full audit of a management system against the requirements of a specific standard that allows organizations to identify any nonconformities and implemented corrective actions before the certification audit.



About the Pre-Assessment Audit

A pre-assessment audit is performed with the same independence and objectivity as a certification audit. The auditor(s) will conduct activities such as documentation review, process review, interview of process owners, etc, in order to gather the necessary information that evidence compliance.

Audits are performed on-site and are a complete assessment of the management system against the requirements of the relevant standard. As any other audit, all nonconformities and observations found will be presented in an audit report that will be delivered at the end of the process; this report will serve as a baseline for the organization to improve its processes and implement the necessary corrective actions.

Who Needs a Pre-Assessment Audit?

Any organization that has implemented a management system and wishes to determine its readiness to undergo a certification audit can seek a pre-assessment audit.

What are the Benefits of a Pre-Assessment Audit?

Some of the benefits of performing this audit are:

  • Helps organizations identify any non conformities and implement corrective actions.
  • Contributes in the optimal preparation for the certification audit.
  • An organization can focus its resources on weaknesses that might lead to nonconformities.
  • Depending on the outcome, organizations can decide to postpone a certification audit that has already been scheduled or, on the contrary, face the certification audit with a renewed confidence.
  • Helps organizations avoid unnecessary additional costs.

A Pre-Assessment audit can be conducted by qualified consultants, registrars, or competent individuals with experience and knowledge regarding the relevant industry sector and standard. It is important to remember that, just as an organization carefully chooses  a certification body or any other service, it should also take the time to choose the correct organization or person to perform its pre-assessment audits.




Did you find that article helpful? Continue learning about Audits & how to choose the correct organization or person for your Audit.

4 13697

Management systems such as ISO 9001, ISO 14001 and OHSAS 18001, require internal audits are scheduled at planned intervals; they do not established a specific frequency nor do they establish that all processes need to have a yearly internal audit. Therefore, organizations need to establish a frequency which is right for their business. Audits can be performed monthly, quarterly, twice a year or once a year. There are some criteria which should be considered before defining a frequency.



Complexity of the Processes

  • Crucial or high risk processes should be audited on a more frequent basis, perhaps quarterly or twice a year
  • Low risk processes can be audited just once a year or every other year

Maturity of the Processes

  • Well established processes that run efficiently can be audited once a year or every other year
  • New developed processes should be audited quarterly until they are stable

Past Experience

  • Processes that have a history of frequent deficiencies or non-conformities, can be audited quarterly or twice a year
  • Processes with troubles achieving targets and objectives can also be audited quarterly or twice a year


There are other factors that can influence the frequency of auditing, such as:

  • An organization’s budget for the execution of internal audits
  • Regulatory or customers’ requirements

There is no need to audit every process all at once, it is more suitable to spread out the internal audits throughout the year auditing different processes at different times. Auditing many processes all at once can be exhausting and process deficiencies or areas for improvements may be overseen.

 

Although most standards do not require that all process be audited every year, it is a common practice in many organizations. There are even some organizations, with mature and well-establish management systems, which schedule their audits over a three year time plan. Every organization needs to take a close look at each of their processes, their management systems and other applicable requirements in order to establish a rational schedule which fits their needs and is right for them.

0 4203
Difference Between Stage 1 & Stage 2 Audits - ISOUpdate.com

Small and large organizations recognize that the implementation of an ISO 9001 quality management system (QMS) in their processes gives them a competitive value. However, the task of implementing and successfully obtaining the certification requires time and money. Therefore, a popular question when deciding to implement is “What is the Cost to Implement ISO 9001?”

2 Costs of Implementing ISO 9001

There are 2 kinds of costs associated with the implementation of ISO 9001

These are:

  1. The costs for the implementation.
  2. The costs for the certification.



Costs of Implementing ISO 9001

In order to effectively estimate the cost for implementation, an organization will have to go through a gap analysis or assessment.

However, there are 3 main factors that an organization should take into account when estimating cost:

  1. The size and complexity of the organization. Is it a small single location organization? or is it a large company  with processes such as design, manufacture, installation, test, etc.?
  2. The type of quality system that is currently in use. Does it have a structured and disciplined system in place? Is the system documented, and how well?
  3. The time that staff and other members of the organization have to devote to the project. Will the organization create everything with its current members? Will it hire someone to guide them? Or, will it hire an ISO consultant to complete the entire process?

The major cost items that every organization needs to consider when implementing ISO 9001 are:

  • Training managers to get them to understand the requirements of ISO 9001
  • Assessment of current quality control practices and creating additional testing facilities routine if necessary
  • Renew the workspace, equipment, machines, public services, supporting facilities, etc, if necessary
  • Review and revamping arrangements for the handling and storage of raw materials, semi-finished and finished products, as appropriate necessary and safe
  • Review existing procedures / practices and listing of new procedures, checklists and records to be prepared
  • Development of QMS related documents
  • Conduct outreach activities of everyone who has roles and responsibilities for implementing the QMS
  • The various expenses such as word processing, stationery and other supplies necessary for the production of manuals, procedures and the like

Costs of ISO 9001 Certification

Regarding the cost of initial certification and costs associated with maintaining certification the main cost items are:

  • Registration and certification fee payable to the certification for a period of three years
  • Fees for the two-stage audit visit nominated by the certification body
  • Audit Committees regularly monitored by the certification agency nominated
  • Travel, accommodation and meals for auditor(s) of certification

The implementation and consequent maintenance of a QMS based on ISO 9001 is an investment of time and money for any organization. The success of the system will rely mainly in the commitment of all its members, especially on how senior management is committed to making ISO 9001 an effective tool to integrate their processes, continuously improve their QMS, and satisfy their customer’s expectations.



4 21915

Since its first publication in 1999, OHSAS 18001 has been a recognized occupational health and safety management system (OH & SMS) standard against which management systems can be assessed and certified.  19 years later, a new ISO standard has been released to replace OHSAS 18001; this standard is ISO 45001.

ISO 45001 is an OH SMS standard developed by an ISO Project Committee which was published on March 12th 2018. A number of differences are evident between ISO 45001 and OHSAS 18001. Some of the main differences between the two standards are explored below. The experts at The Registrar Company took the time to dissect the new standard to determine the most pertinent differences between the two standards that you need to know.



The first difference concerns its structure. ISO 45001 is based on the ISO Guide 83 (“Annex SL”) which defines a common high level structure, text and common terms and definitions for the next generation of management systems (e.g. ISO 9001, ISO 14001, etc.). This structure aims to facilitate the implementation process and the integration of several management systems in a harmonized, structured and efficient manner. Such structure is as follows:

  1. Scope
  2. Normative References
  3. Terms and Definitions
  4. Context of the Organization
  5. Leadership
  6. Planning
  7. Support
  8. Operation
  9. Performance Evaluation
  10. Improvement

In the new standard, there is a stronger focus on the organization’s context. With ISO 45001, organizations will have to look beyond their own internal health and safety issues and consider what their interested parties expect from them regarding health and safety.


Read about more differences between OHSAS 18001 and ISO 45001

Read about who needs ISO 45001


Some organizations that use OHSAS 18001 delegate health and safety responsibilities to a safety manager, rather than integrating the system into the organization’s operations. ISO 45001 requires the incorporation of health and safety aspects into the overall management system of the organization, thus driving top management to have a stronger leadership role with respect to the OH&S management system.

ISO 45001 focuses on identifying and controlling risks rather than hazards, as is currently required in OHSAS 18001.

ISO 45001 requires organizations to consider how suppliers and contractors are managing their risks.

In ISO 45001 some fundamental concepts are changed, like risk, worker and workplace. There are also new definitions of terms such as: monitoring, measurement, effectiveness, OH&S performance and process.

The terms “document” and “record” have both been replaced with the term “documented information” in ISO 45001. The standard also states that documented information must be maintained to the extent necessary to have confidence that the processes have been carried out as planned.

In spite of these changes, the overall aim of ISO 45001 remains the same as OHSAS 18001, which is to reduce unacceptable risks and ensure the safety and wellbeing of everyone involved in an organization’s activities.


At The Registrar Company (TRC), the new ISO 45001 standard and its complexity is our top priority. We are working diligently to offer this standard to our current and future clients, so your organization can remain top of class in health and safety. Learn about we can help your organization achieve ISO 45001 certification in 2019.

 


Read about more differences between OHSAS 18001 and ISO 45001

Read about who needs ISO 45001

0 5062
Become a Third Party Auditor - ISOUpdate.com

Third party auditors are those who perform an external and independent audit of an organization’s management system to evaluate if it meets the requirements of a specific standard; if successful, this third-party audit will provide the organization with certification or registration of conformity with the given standard.

A third party audit is carried out by a Registrar/Certification Body (CB) hired by the organization; therefore, in order for someone to be a third-party auditor, he/she needs to be employed by a CB.


Find a CB that is hiring in your area by visiting our Career Resources


All CB’s need to ensure that the auditor possesses the knowledge and skills necessary to achieve the intended results of the audits they are expected to perform. Standard interviews are typical.

  • Personal attributes that will enable them to act in accordance with the principles of auditing, which include ethical conduct, fair presentation, due professional care, independence, and free use of an evidence-based approach.
  • Knowledge on the contents of ISO 19011: 2011, Guidelines for auditing management systems.
  • Knowledge and skills on audit principles, procedures and methods, which will enable them to conducted audits in a consistent and systematic manner.
  • They should be able to exhibit professional behavior during the performance of audit activities, including being ethical, open-minded, diplomatic, observant, perceptive, versatile, tenacious, decisive, self-reliant, open to improvement, culturally sensitive, and collaborative.
  • Knowledge and skills on management system and reference documents that will enable them to comprehend the audit scope and apply audit criteria.
  • Sector specific knowledge which will enable them to comprehend the organization’s structure, business, management practices and the legal and contractual requirements applicable to the organization being audited.

As indicated in ISO 19011, someone pursuing to become a third-party auditor can acquired all these knowledge and skills by using a combination of the following:

  • Formal education/training and experience that contribute to the development of knowledge and skills in the management system discipline and sector the auditor intends to audit.
  • Training programs that cover generic auditor knowledge and skills.
  • Experience in a relevant technical, managerial or professional position involving the exercise of judgment, decision making, problem solving and communication with managers, professionals, peers, customers and other interested parties.
  • Audit experience acquired under the supervision of an auditor in the same discipline.

After acquiring all the necessary knowledge and skills and successfully being employed by a CB, third-party auditors must pledged to advocate a particular code of ethical conduct in the performance of an audit and they must abide the internal policies and rules of the CB that hires them. All these requirements must be followed in order to protect everyone involved in the audit process.

Find a CB that is hiring in your area by visiting our Career Resources.



0 1207

The 2015 revision of ISO 9001 has removed the requirement of a Quality Manual, something that has been needed historically if your organization has wanted to achieve and maintain certification. This requirement appears no more! Woohoo! Shred those Quality Manuals and never look back!

Right? If the standard doesn’t say we need it, then we don’t need it. One less document to maintain. Finally, life as an ISO 9001 certified company is getting easier!

Let’s hold on a second…

A common practice to create and maintain a Quality Manual for the ISO 9001:2008 standard (and earlier versions) was to create an exact copy of the verbiage in the standard, change all of the “shall” words with “will” or similar term that fits, change all references to “the organization” to the name of your company, slap a few logos on it, give it a control number and publish it.

And then…nothing. Let it sit for years until the new standard is published and then repeat this copy-paste process all over again. That practice, although common, doesn’t help anyone.



It’s Time to Re-Think the Manual

Now is the perfect time to rethink the Quality Manual. Take a step back and really consider what a manual should do for your company – provide the framework for your entire management system. Here are a few ideas to get you started.

  1. Start thinking about the manual as something you can hand to a new employee that will help give them an introduction and overview as to how you do business – in plain English with the terms and acronyms that are used in your company – not in “standard speak”. Build this manual within the framework of the standard but in a way where the general employee won’t know it.
  2. Rename the Quality Manual. I don’t know how many times I have heard a Quality Manager complain about their organization’s culture viewing the management system as something separate from how business is done, as in, “the quality stuff is for the auditor”. Start dissolving that problem today – change the name to Business Manual. Because that is what it is – a document that describes how you do business. And we all know, well executed business processes result in top notch quality.
  3. Keep that thing updated! Considering many Quality Manuals were nearly a carbon copy of the actual standard language it was understandable that Quality Manual revisions were uncommon as well. In order to make this Business Manual an ally, it needs to be current.


Keeping your Business Manual Current

Even if your ISO Certified Company has a thorough and accurate Manual for the previous year, it is still very important to keep this document up to date. Here are some things to watch out for that may trigger the need for an update.

  1. Significant changes to business structure or business processes. Keep in tune to changing reporting structures, new processes (manufacturing or service), acquisitions, partnerships, etc.
  2. Rules and Regulations. International rules and regulations are fluid, and it is vital to integrate such changes into business operations. Any change in an Industrial Standard, big or small, could necessitate a change for your employees, external providers, managers, or customers.
  3. Technology. Technology changes very fast and new systems are installed yearly, monthly, weekly, and sometimes even daily. Technology changes can come in various forms: hardware, software, machines, equipment, etc.
  4. Safety. Changes to the physical building structure, layout and environment happen as time goes on and ensuring the manual stays up to date with these changes will assist with the awareness of the safety rules and conditions to ensure a safe work environment.

So, there are some things to think about. Even though the Quality Manual is not mandatory, it is still very much necessary. Use this opportunity to increase the role of the Manual within your business management system.


Christopher Spranger is the owner and CEO of Spranger Business Solutions; a management consulting firm that helps people run more efficient businesses across the United States. They have a team of Quality Management experts that assist companies with internal audits and in achieving Quality Management System Certification.

Interested in having Spranger Business Solution do your internal audits click here.

This article was originally posted on Spranger Business Solutions website and is published here with permission.