Friday, January 1, 2010

Records required by ISO 9001:2008


Records required by ISO 9001:2008

Clause Record required
5.6.1 Management reviews
6.2.2 e) Education, training, skills and experience
7.1 d) Evidence that the realization processes and resulting product fulfil requirements
7.2.2 Results of the review of requirements related to the product and actions arising from the review
7.3.2 Design and development inputs relating to product requirements
7.3.4 Results of design and development reviews and any necessary actions
7.3.5 Results of design and development verification and any necessary actions
7.3.6 Results of design and development validation and any necessary actions
7.3.7 Results of the review of design and development changes and any necessary actions
7.4.1 Results of supplier evaluations and any necessary actions arising from the evaluations
7.5.2 d) As required by the organization to demonstrate the validation of processes where the resulting output cannot be verified by subsequent monitoring or measurement
7.5.3 The unique identification of the product, where traceability is a requirement
7.5.4 Customer property that is lost, damaged or otherwise found to be unsuitable for use
7.6 a) Basis used for calibration or verification of measuring equipment where no international or national measurement standards exist
7.6 Validity of the previous measuring results when the measuring equipment is found not to conform to requirements
7.6 Results of calibration and verification of measuring equipment
8.2.2 Internal audit results and follow-up actions
8.2.4 Indication of the person(s) authorizing release of product.
8.3 Nature of the product nonconformities and any subsequent actions taken, including concessions obtained
8.5.2 e) Results of corrective action
8.5.3 d) Results of preventive action


Posted by at No comments:
Labels:

Organizations preparing to implement a QMS For ISO 9001


Organizations preparing to implement a QMS For ISO 9001

For organizations that are in the process of implementing a QMS, and wish to meet the requirements of ISO 9001:2008, the following comments may be useful.
For organizations that are in the process of implementing or have yet to implement a QMS, ISO 9001:2008 emphasizes a process approach. This includes:
- Identifying the processes necessary for the effective implementation of the quality management system
- understanding the interactions between these processes.
- documenting the processes to the extent necessary to assure their effective operation and control. (It may be
appropriate to document the processes using process maps. It is emphasized, however, that documented process maps are not a requirement of ISO 9001:2008.)
These processes include the management, resource, product realization and measurement processes that are relevant
to the effective operation of the QMS.
Analysis of the processes should be the driving force for defining the amount of documentation needed for the quality management system, taking into account the requirements of ISO 9001:2008. It should not be the documentation that drives the processes.


Posted by at No comments:
Labels:

ESTABLISHING THE INITIAL STATE OF THE QMS For SME

Establishing The Initial State of The ISO 9001 QMS For SME
The implementation of an ISO 9001 conformant system must recognize that it is but a step in a long-term development of a continually improving QMS. Unfortunately, it is often the case that ISO 9001 is taken as a means to an end, where the implementation of a QMS is not the primary objective, rather certification is. As a result, SMEs may end up with stacks of documentation waiting to be processed that adds no value, but cost.

According to the requirements of ISO 9001, an organization must develop only six documented procedures: (1) control of documents, (2) control of quality records, (3) internal audits, (4) control of non-conformities, (5) corrective action, and (6) preventative action. A quality manual and several records are also required. The development of other procedures, work instructions, and

other documents is largely at the discretion of the organization. From the very beginning of the process, it is therefore essential that SMEs establish a balanced view between a short-term focus (marketing/sales) and a long-term focus (achieving company-wide quality awareness through TQM). ISO documentation should be considered as an enabler along that way and SMEs must guard against the creation of unnecessary documentation.

However, even when such a view is adopted, many SMEs struggle to move from their initial state to a fully functional ISO 9001 QMS. Over the last several years, we have been involved in ISO 9001 implementation projects in seven different SMEs. The SMEs have ranged in size from approximately 20 employees to 500 employees. The SMEs have been drawn from a variety of sectors in Virginia, including manufacturing, distribution, and services. Based on our experience, we developed a schematic of initial states of an organization in terms of the existence and functionality of the ISO 9001 QMS . Throughout this paper, existence is equated with the documentation required by the standard while functionality is equated with an effectively operated QMS that leads to increased customer satisfaction and continuous improvement of business results.

A successful QMS must be fully functional and appropriately documented. With that in mind, there are four main states in which SMEs can be located in the beginning of the implementation process:

1. Complete Death: No documentation, no functioning.

This is the state in which there is no indication of the existence and functionality of the QMS. No documentation exists and no processes are in place to help ensure the quality of the product.

Relatively few companies will find themselves in this situation.

2. Informally Alive: No documentation, some level of functioning.

Many SMEs exhibit an organic structure characterized by an absence of standardization and the prevalence of loose and informal working relationships. SMEs operating in this state are more likely to rely on people rather than a system. In such situations, key personnel may resist documentation for two key reasons “(1) documentation is considered a waste of time and (2) documentation of processes and procedures makes the individual less dependable” [2]. SMEs in this state perform some or all of the processes required by ISO 9001 and the QMS may function fairly well. However, they are not willing and ready to document those processes unless there is a cultural change lead by top management.

3. Formally Death: Some level of documentation, no functioning.

SMEs categorized in this state have documented processes and procedures at some degree, however, the documents are generally not followed and do not necessarily reflect the actual manner in which the organization undertakes its operations and management. This situation highlights the fact that the mere existence of documentation does not necessarily lead to a functional QMS. Moreover, such a situation may help perpetuate the view that ISO 9001 is a way for SMEs to market their products and services but that implementation of the standard requires stacks of documents that offer no value.

4. Formally Alive: Some level of documentation, some level of functioning.

Each SME considered in this state, achieves a unique combination of the existence and functionality of processes and procedures that may or may not be required by ISO 9001. This situation is closest to the desired state of full functionality (100%) of the ISO 9001 QMS and full documentation (100%) of this functionality.
Posted by at No comments:
Labels:

ISO 9001 Standards – Design and Development


ISO 9001 Standards - Design and Development

Plan and control the product design and development. This planning must determine the:Identify problems and propose any necessary actions

- Stages of design and development

- Appropriate review, verification, and validation activities for each stage

- Responsibility and authority for design and development

The interfaces between the different involved groups must be managed to ensure effective communication and the clear assignment of responsibility. Update, as appropriate, the planning output during design and development.

NOTE: Design and development review, verification, and validation have distinct purposes. They can be conducted and recorded separately or in any combination, as deemed suitable for the product and the organization.

Determine product requirement inputs and maintain records. The inputs must include:

- Functional and performance requirements

- Applicable statutory and regulatory requirements

- Applicable information derived from similar designs

- Requirements essential for design and development

Review these inputs for adequacy. Resolve any incomplete, ambiguous, or conflicting requirements.

Document the outputs of the design and development process in a form suitable for verification against the inputs to the process. The outputs must:

- Meet design and development input requirements

- Provide information for purchasing, production, and service

- Contain or reference product acceptance criteria

- Define essential characteristics for safe and proper use

- Be approved before their release

Perform systematic reviews of design and development at suitable stages in accordance with planned arrangements to:

- Evaluate the ability of the results to meet requirements

- The reviews must include representatives of the functions concerned with the stage being reviewed. Maintain the results of reviews and subsequent follow-up actions.


Posted by at No comments:
Labels:

Certification In ISO 9001 Standards

Certification In ISO 9001 Standards

Certification involves an independent assessment of your quality system to confirm that it meets the requirements of ISO 9001. You will need to design, document and implement your own quality system.The system will need to cover all the requirements of the ISO 9001 standard. Many certification bodies will not conduct a formal assessment until the system has been operating for at least three months. Your quality system cannot be audited until you have generated documentary evidence to show that you are meeting the standard. To find a certification body with relevant experience in your sector and accreditation from the United Kingdom Accreditation Service (UKAS). Certification by a non-UKAS accredited body is likely to lead to credibility problems with your customers. Arrange a visit from the certification body’s auditors. UKAS prohibits auditors from acting as consultants. They will not tell you how to meet the standard but can offer advice. They will seek objective evidence that you are complying with each of the clauses of the ISO 9001 standard. The auditors will tell you of any shortcomings in your system. If you satisfy the standard, the auditors put your name forward for certification. You will be required to correct these problems within a specified timeframe. You can also be certificated if the auditors only identify a small number of ‘minor’ problems. Once you are certificated, you can display the certification body’s logo, and if the body is UKAS-accredited, the UKAS ‘tick and crown’ symbol (consult UKAS about exceptions to this rule). If the auditors identify more serious ‘major’ problems, you will be required to correct these before certification. These surveillance visits normally take place twice a year at agreed dates. All certification bodies are required torevisit registered companies to ensure they still meet the requirements of the standard. You will be given time to deal with any minor or major problems which are identified before any action is taken to withdraw your certificate.


Posted by at No comments:
Labels:

Process Approach In ISO 9001 Standards


Process Approach In ISO 9001 Standards

The process approach was introduced into ISO 9001 with the year 2000 version of the standards.
Prior versions used an element approach. The document Guidance on the concept and use of the process approach for management systems describes to process approach and offers an implementation paradigm.
1. Identification of processes of the organization
1.1. Define the purpose of the organization
1.2. Define the policies and objectives of the organization
1.3. Determine the processes in the organization
1.4. Determine the sequence of the processes
1.5. Define process ownership
1.6. Define process documentation
2. Planning of a process
2.1. Define the activities within the process
2.2. Define the monitoring and measurement requirements
2.3. Define the resources needed

2.4. Verify the process and its activities against its planned objectives
3. Implementation and measurement of the process
4. Analysis of the process
5. Corrective action and improvement of the process Implementation
This document explains the process used to evaluate changes to the 2008 version. In particular, it explains the revision process and illustrates the impact vs. benefit analysis used to evaluate potential changes.
In addition to the guidance documents, ISO maintains a web site with “official interpretations” of ISO 9001. Currently, these interpretations only include ISO 9001:2000, but, because the changes to the 2008 version were limited, they are valuable.
Consider a common question. An organization needs a documented procedure for preventive action (8.5.3), and must keep records of the results of preventive action (8.5.3.d). One of the interpretation requests asks, “Does sub-clause 8.5.3 a) require organizations to demonstrate, with objective evidence in the form of records, that they have undertaken actions to determine the existence of ‘potential nonconformities and their causes’?” The answer is “No”.
Auditing Practices
The ISO 9001 Auditing Practices Group maintains a website9 with guidance and information on auditing ISO 9001 quality management systems. It is an informal group of quality management system (QMS) experts, auditors, and practitioners drawn from the ISO Technical Committee 176 Quality Management and Quality Assurance (ISO/TC 176) and the International Accreditation Forum (IAF).
The website, primarily aimed at QMS auditors, consultants, and quality practitioners, is an online source of papers and presentations on auditing a QMS and reflect the process based approach.
The website contains almost forty guidance documents with practical advice ranging from “How to audit top management processes” to “The role and value of the audit checklist”.


Posted by at No comments:
Labels:

ISO 9000 registration or certification


ISO 9000 registration or certification

Registration is documented and objective evidence that an organization’s
quality system meets the requirements of ISO 9000.

Certification is a term often used interchangeably with registration.

In the context of ISO 9000, they mean the same thing. Registration is
the technically correct term for verification of compliance to standards
of quality systems. Certification usually applies to verification of the
quality of products (as opposed to quality systems).

Registration is carried out by independent companies called registrars.
These companies are:
- Wholly independent.
- Accredited by a recognized international accreditation body.
- Selected, and paid, by you.

Registration can cover:
- The sole location of a single-location organization.
- Multiple locations of a multilocation organization.
- Only certain parts of a multilocation organization (under certain conditions).
- Separate locations under separate certificates. (This is a more costly
approach.)
The registration body audits your quality system against the requirements
of ISO 9000. It reports its findings in writing. These findings may (and usually do) include noncompliances (Question 96). Major noncompliances must be closed out prior to official registration.

When this has been done, the registration body:
- Lists the organization’s name in its book of registered companies—
in effect, registers the organization in its book.
- Issues a certificate to the registered organization. This registration
includes:
— Identity of the organization.
— Location(s) covered by the registration.
— A list of products/services supplied by the registered locations.
— Revision date of the Standard.
— Registration effective dates.
— Name and location of registrar.

Most registrars limit registrations to three years. After that, you
must renew your registration by undergoing another complete systems
audit. Some registrars do not use the renewal approach. They simply
keep checking the system via surveillance audits.

Whichever the scheme, the organization, to keep registration, must
undergo a surveillance assessment every so often. Six months is the typical
interval. Some registrars offer annual surveillance schemes (not
recommended except for firms with exceptionally well-implemented
quality management systems). Surveillance assessments are scheduled
events (there is no such thing as a “surprise” surveillance audit). Only
part of the quality system is checked at each surveillance. Usually, the
registrar does not disclose what part will be assessed until the day of the
assessment, although some registrars will tell you everything up front.
The entire quality system is usually checked via surveillance audits over
the course of three years.

There is no way to “fail” a surveillance assessment, just as there is
no way to “fail” a registration audit—except by refusing
to implement corrective action required by the registrar. Normally,
registrars allow adequate time, but corrective actions must be done in
a timely and agreed upon manner to keep registration.
One final note: As mentioned, each registrar publishes a list of
the firms it has registered to ISO 9000.

Posted by at No comments:
Labels:
Subscribe to: Comments (Atom)