ISO 9001:2015 for Small Businesses [6 ed.] 2015046787, 9781138025820, 9781138025837, 9781315774855

Small businesses face many challenges today, including the increasing demand by larger companies for ISO 9001compliance,

213 92 9MB

English Pages 649 [679] Year 2016

Report DMCA / Copyright

DOWNLOAD PDF FILE

Table of contents :
Cover
Half Title
Title Page
Copyright Page
Dedication
Table of Contents
Foreword
Preface
About the author
1 What is the importance of quality to small businesses?
1.1 Why manage quality?
1.2 The importance of quality
1.3 Quality – the fundamentals
1.4 Quality Control
1.5 Quality Assurance
1.6 Specifications
1.6.1 The significance of specifications
1.6.2 Types of specification
1.6.3 Supplier’s responsibilities
1.6.4 Purchaser’s responsibilities
1.7 Quality Assurance during a product’s life cycle
1.7.1 Design stage
1.7.2 Production stage
1.7.3 Acceptance stage
1.7.4 In-service stage
1.8 Benefits and costs of Quality Assurance
1.9 Costs of quality failure
1.9.1 The supplier
1.9.2 The purchaser
1.10 What are the costs involved in an organisation obtaining registration to this standard?
2 What is the background to ISO 9000?
2.1 What is ISO 9000?
2.2 What national and international standards are available (and what is their interoperability)?
2.3 What about the growth of quality-specific standards?
2.4 But who are ISO?
2.5 What is the background to ISO 9000 and its current status?
2.5.1 ISO 9000:1987
2.5.2 ISO 9000:1994
2.5.3 ISO 9001:2000
2.5.4 ISO 9001:2008
2.5.5 ISO 9001:2015
2.6 So what has changed?
2.7 What is Annex SL?
2.8 What will ISO’s core cases be in the future?
2.9 What is the new structure of Annex SL?
2.10 What is the current status of Annex SL revisions?
2.11 What are the current ISO 9000 standards?
2.11.1 ISO 9000:2015 Quality Management Systems – fundamentals and vocabulary
2.11.2 ISO 9004:2009 Managing for the sustained success of an organisation: a Quality Management approach
2.11.3 ISO 9001:2015 Quality Management Systems – requirements
2.12 Quality Management Principles
2.13 Impact of the changes
2.14 ISO 9001:2015’s compatibility with other management systems
2.14.1 The OHSAS 18000 Series
2.14.2 The ISO 14000 Series
2.14.3 What is the difference between ISO 9000 and ISO 14000?
2.15 What other standards are based on ISO 9001:2015?
2.15.1 Aerospace
2.15.2 Auditing management systems
2.15.3 Automotive industry
2.15.4 Computer software
2.15.5 Crop production
2.15.6 Data
2.15.7 Education
2.15.8 Electoral organisations
2.15.9 Energy management systems
2.15.10 Explosive atmospheres
2.15.11 Food safety
2.15.12 Good manufacturing practice
2.15.13 Health care
2.15.14 Human resources
2.15.15 Information security
2.15.16 Information technology
2.15.17 Local government
2.15.18 Measurement manufacturing systems
2.15.19 Medical devices
2.15.20 Multilayer piping systems
2.15.21 Packaging – transport packages for dangerous products
2.15.22 Petroleum, petrochemical and natural gas industries
2.15.23 Quality Management System consultants
2.15.24 Quality Management Systems projects
2.15.25 Quality plans
2.15.26 Ships and marine technology
2.15.27 Software engineering
2.15.28 Space systems
2.15.29 Supply chain management
2.15.30 Systems engineering
2.15.31 Telecommunications industry
2.15.32 Testing and calibration laboratories
2.15.33 Welding consumables
2.16 What is ISO 9001:2015’s basic process?
2.17 What is the new structure of ISO 9001:2015?
2.18 What about auditing ISO 9001:2015?
2.18.1 Purpose of an audit
2.18.2 Types of audit
2.18.3 Audit categories
2.18.4 ISO 19011:2011
2.19 Certification
2.19.1 Who can certify an organisation?
2.19.2 What is required for certification?
2.19.3 What is the difference between being certified and being registered?
2.19.4 What is the difference between being certified and being compliant?
2.19.5 What is the difference between being certified and being accredited?
2.20 Who will be responsible for quality within an organisation?
2.21 What is the future evolution of ISO 9000?
Annex A Comparison between the ISO 9001:2015 and ISO 14001:2015 standards
3 The process approach
3.1 Background
3.1.1 Example of a simple process flow chart
3.2 But what is the process approach?
3.3 Planning an organisation’s business processes
3.3.1 Core business process
3.4 What kind of core processes would a business require?
3.4.1 Supporting processes
3.4.2 Primary supporting processes
3.4.3 Secondary supporting processes
3.5 Inter-relationship of process documentation
3.6 The hierarchy of processes
4 What is a Quality Management System?
4.1 Quality Management System – requirements
4.1.1 Basic requirements of a Quality Management System
4.2 Quality Management System – principles
4.3 Quality Management System – approach
4.4 Quality Management System – structure
4.4.1 QMS documentation
4.5 Quality policy
4.5.1 Corporate policy statement
4.6 Processes
4.7 Quality procedures
4.7.1 What documented procedures are required by ISO 9001:2015?
4.8 Work instructions
4.8.1 What is the difference between a work instruction and a record?
4.9 Quality plan
4.9.1 Management responsibility
4.9.2 Contract review
4.9.3 Design control
4.9.4 Document and data control
4.9.5 Purchasing
4.9.6 Customer supplied products and services
4.9.7 Identification and traceability
4.9.8 Process control
4.9.9 Inspection and testing
4.9.10 Inspection, measuring and test equipment
4.9.11 Nonconforming products and services
4.9.12 Other considerations
4.10 Documented information
5 The structure of ISO 9001:2015
1 Scope
2 Normative references
3 Terms and definitions
4 Context of the organisation
4.1 Understanding the organisation and its context
4.2 Understanding the needs and expectations of interested parties
4.3 Determining the scope of the Quality Management System
4.4 Quality Management System and its processes
5 Leadership
5.1 Leadership and commitment
5.2 Policy
5.3 Organisational roles, responsibilities and authorities
6 Planning
6.1 Actions to address risks and opportunities
6.2 Quality objectives and planning to achieve them
6.3 Planning
7 Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
7.5 Documented information
8 Operation
8.1 Operational planning and control
8.2 Requirements for products and services
8.3 Design and development of products and services
8.4 Control of externally provided processes, products and services
8.5 Production and service provision
8.6 Release of products and services
8.7 Control of nonconforming outputs
9 Performance evaluation
9.1 Monitoring, measurement, analysis and evaluation
9.2 Internal audit
9.3 Management review
10 Improvement
10.1 General
10.2 Nonconformity and corrective action
10.3 Continual improvement
6 Example Quality Management System
7 Self-assessment
7.1 How ISO 9000 can be used to check small businesses’ Quality Management Systems
7.2 Internal audit
7.2.1 Audit plan
7.2.2 Internal audit programme
7.3 External audit
7.3.1 Supplier evaluation
7.4 The surveillance or quality audit visit
7.4.1 Multiple evaluations and audits
7.4.2 Secondary audit
7.4.3 Third-party evaluation
7.4.4 Conformity assessment
7.5 Self-assessment checklists
7.5.1 Documentation required by an organisation to meet ISO 9001:2015 requirements
7.5.2 ISO 9001:2015 requirements of management
7.5.3 Example checklists of typical auditors’ questions for ISO 9001:2015 compliance
7.5.4 Example internal stage audit checklists
7.6 Documentation requirements
7.6.1 The requirements
7.6.2 Control of documents
7.6.3 Software programs for document control
8 What are the costs involved in an organisation obtaining registration to this standard?
8.1 Can I just work ‘in compliance’ with ISO 9001?
8.2 So why should I bother about getting ISO 9001 certification?
8.3 But what is the difference to being a certified, accredited and/or a registered ISO 9001:2015 organisation?
8.4 But is it worth the cost and trouble to become ISO 9001:2015 certified?
8.5 What are the benefits of ISO international standards?
8.6 How do I become an ISO 9001 registered organisation?
8.7 How long will it take to become certified?
8.8 How is the certification completed?
8.9 What happens during the actual ISO 9001 audit?!
8.10 What other national certification bodies are there?
8.11 What happens after certification and beyond?
8.12 How can I maintain my certification?
8.13 What are the advantages of maintaining my ISO 9001:2015 certification?
Abbreviations and acronyms
Reference standards for Quality Management Systems
Glossary of terms used In Quality Management standards
Books by the author
Index
Recommend Papers

ISO 9001:2015 for Small Businesses [6 ed.]
 2015046787, 9781138025820, 9781138025837, 9781315774855

  • 0 0 0
  • Like this paper and download? You can publish your own PDF file online for free in a few minutes! Sign Up
File loading please wait...
Citation preview

ISO 9001:2015 for Small Businesses Sixth Edition

Small businesses face many challenges today, including the increasing demand by larger companies for ISO 9001 compliance, a challenging task for any organisation and in particular for a small business without quality assurance experts on its payroll. Ray Tricker has already guided hundreds of businesses through to ISO accreditation, and this sixth edition of his life-saving ISO guide provides all you need to meet the new 2015 standards. ISO 9001:2015 for Small Businesses helps you understand what the new standard is all about and how to achieve compliance in a cost effective way. Covering all the major changes to the standards, this book provides direct, accessible and straightforward guidance. This edition includes: • • • • • •



down-to-earth explanations to help you determine what you need to enable you to work in compliance with and/or achieve certification to ISO 9001:2015; a contextual explanation of ISO 9001 within the structure of ISO 9000 family of standards; a detailed description of the structure of ISO 9001:2015 and its compliance with Annex SL; coverage of the new requirements for Risk Management and Risk Analysis; a guide to the costs involved in implementing ISO 9001:2015 and advice on how to control costs; an example of a complete, generic Quality Management System consisting of a Quality Manual plus a whole host of Quality Processes, Quality Procedures and Word Instructions; and access to a free, software copy of these generic QMS files to give you a starting point from which to develop your own documentation.

This book is also supported with a complete bibliography containing abbreviations and acronyms as well as a glossary of terms. This comprehensive text will provide you and your small business with a complete guide on your way to ISO compliance. Ray Tricker (MSc, IEng, CQP-FCQI, FIET, FCMI, FIRSE) is currently working as the Senior Management Consultant for Herne European Consultancy Ltd – a company specialising in offering organisations access to a range of highly skilled specialist consultants to help these companies enhance their business performance.

‘Ray’s practical and easy to use book is full of helpful illustrations, hints, advice and a fully customisable example Quality Management System. This guide saves the small business owner valuable time and money. Excellent!’ D.M. Belair, CAO, Kawartha Controls ‘There are many ISO 9001:2015 books out there but this book by Ray is the one for quick, simple and to the point explanations that a non-ISO specialist can understand and implement. Even better is the fact that this book is generic and there are forms and templates that you can download to enable you to create the entire ISO 9001:2015 Quality Management System yourself, no matter what business you’re in. This book is invaluable in helping you understand and create all aspects of the ISO 9001 QMS. I have absolutely no hesitation in recommending this book for any business or person wanting to take up the challenge to understand and create their own ISO 9001:2015 QMS.’ Szilvia Parkinson, Plantastic Rail UK Ltd

ISO 9001:2015 for Small Businesses Sixth edition

Ray Tricker

ROUTLEDGE

Routledge Taylor & Francis Group

LONDON AND NEW YORK

Please visit the companion website for this title at: www.routledge.com/cw/tricker First published 1997 by Butterworth-Heinemann Reprinted 1997, 1998, 1999, 2001 Second edition 2001 Reprinted 2001, 2002, 2003 Third edition 2005 Fourth edition 2010 by Routledge Fifth edition 2014 by Routledge Sixth edition 2017 by Routledge 2 Park Square, Milton Park, Abingdon, Oxon OX14 4RN and by Routledge 711 Third Avenue, New York, NY 10017 Routledge is an imprint of the Taylor & Francis Group, an informa business © 1997, 2001, 2005, 2010, 2014, 2017 Ray Tricker The right of Ray Tricker to be identified as author of this work has been asserted by him in accordance with sections 77 and 78 of the Copyright, Designs and Patents Act 1988. All rights reserved. No part of this book may be reprinted or reproduced or utilised in any form or by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying and recording, or in any information storage or retrieval system, without permission in writing from the publishers. Every effort has been made to contact copyright holders for their permission to reprint material in this book. The publishers would be grateful to hear from any copyright holder who is not here acknowledged and will undertake to rectify any errors or omissions in future editions of this book. Trademark notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe. British Library Cataloguing in Publication Data A catalogue record for this book is available from the British Library Library of Congress Cataloging in Publication Data Names: Tricker, Ray, author. Title: ISO 9001:2015 for small businesses / Ray Tricker. Description: Sixth edition. | New York : Routledge, 2016. | Includes bibliographical references and index. Identifiers: LCCN 2015046787| ISBN 9781138025820 (hardback) | ISBN 9781138025837 (pbk.) | ISBN 9781315774855 (ebook) Subjects: LCSH: ISO 9000 Series Standards. | Small business—Quality control. Classification: LCC TS156.17.I86 .T748 2016 | DDC 658.02/2—dc23 LC record available at http://lccn.loc.gov/2015046787 ISBN: 978-1-138-02582-0 (hbk) ISBN: 978-1-138-02583-7 (pbk) ISBN: 978-1-315-77485-5 (ebk) Typeset in Minion and Optima by Florence Production Ltd, Stoodleigh, Devon, UK

To Lalita with love – as always

This page has been left blank intentionally

Contents

Foreword Preface About the author 1

2

xiii xv xxvii

What is the importance of quality to small businesses?

1

1.1 1.2 1.3 1.4 1.5 1.6

1 2 3 5 6 7

Why manage quality? The importance of quality Quality – the fundamentals Quality Control Quality Assurance Specifications 1.6.1 The significance of specifications 8 1.6.2 Types of specification 8 1.6.3 Supplier’s responsibilities 10 1.6.4 Purchaser’s responsibilities 11 1.7 Quality Assurance during a product’s life cycle 1.7.1 Design stage 14 1.7.2 Production stage 16 1.7.3 Acceptance stage 16 1.7.4 In-service stage 17 1.8 Benefits and costs of Quality Assurance 1.9 Costs of quality failure 1.9.1 The supplier 21 1.9.2 The purchaser 22 1.10 What are the costs involved in an organisation obtaining registration to this standard?

13

What is the background to ISO 9000?

25

2.1 2.2

25

2.3 2.4

What is ISO 9000? What national and international standards are available (and what is their interoperability)? What about the growth of quality-specific standards? But who are ISO?

19 21

22

27 32 34

Contents

viii 2.5

2.6 2.7 2.8 2.9 2.10 2.11

2.12 2.13 2.14

2.15

What is the background to ISO 9000 and its current status? 2.5.1 ISO 9000:1987 36 2.5.2 ISO 9000:1994 36 2.5.3 ISO 9001:2000 38 2.5.4 ISO 9001:2008 41 2.5.5 ISO 9001:2015 41 So what has changed? What is Annex SL? What will ISO’s core cases be in the future? What is the new structure of Annex SL? What is the current status of Annex SL revisions? What are the current ISO 9000 standards? 2.11.1 ISO 9000:2015 Quality Management Systems – fundamentals and vocabulary 53 2.11.2 ISO 9004:2009 Managing for the sustained success of an organisation: a Quality Management approach 53 2.11.3 ISO 9001:2015 Quality Management Systems – requirements 54 Quality Management Principles Impact of the changes ISO 9001:2015’s compatibility with other management systems 2.14.1 The OHSAS 18000 Series 61 2.14.2 The ISO 14000 Series 62 2.14.3 What is the difference between ISO 9000 and ISO 14000? 63 What other standards are based on ISO 9001:2015? 2.15.1 Aerospace 66 2.15.2 Auditing management systems 66 2.15.3 Automotive industry 66 2.15.4 Computer software 66 2.15.5 Crop production 66 2.15.6 Data 67 2.15.7 Education 67 2.15.8 Electoral organisations 67 2.15.9 Energy management systems 67 2.15.10 Explosive atmospheres 67 2.15.11 Food safety 67 2.15.12 Good manufacturing practice 68 2.15.13 Health care 68 2.15.14 Human resources 68 2.15.15 Information security 68 2.15.16 Information technology 68 2.15.17 Local government 68 2.15.18 Measurement manufacturing systems 69

35

43 45 47 47 51 52

55 59 60

63

Contents

ix

2.15.19 Medical devices 69 2.15.20 Multilayer piping systems 69 2.15.21 Packaging – transport packages for dangerous products 69 2.15.22 Petroleum, petrochemical and natural gas industries 69 2.15.23 Quality Management System consultants 70 2.15.24 Quality Management Systems projects 70 2.15.25 Quality plans 70 2.15.26 Ships and marine technology 70 2.15.27 Software engineering 70 2.15.28 Space systems 70 2.15.29 Supply chain management 71 2.15.30 Systems engineering 71 2.15.31 Telecommunications industry 71 2.15.32 Testing and calibration laboratories 71 2.15.33 Welding consumables 71 2.16 What is ISO 9001:2015’s basic process? 2.17 What is the new structure of ISO 9001:2015? 2.18 What about auditing ISO 9001:2015? 2.18.1 Purpose of an audit 84 2.18.2 Types of audit 85 2.18.3 Audit categories 85 2.18.4 ISO 19011:2011 86 2.19 Certification 2.19.1 Who can certify an organisation? 87 2.19.2 What is required for certification? 88 2.19.3 What is the difference between being certified and being registered? 88 2.19.4 What is the difference between being certified and being compliant? 88 2.19.5 What is the difference between being certified and being accredited? 89 2.20 Who will be responsible for quality within an organisation? 2.21 What is the future evolution of ISO 9000? ANNEX A Comparison between the ISO 9001:2015 and ISO 14001:2015 standards

3

71 74 84

87

89 90 91

The process approach

95

3.1

95

3.2 3.3 3.4

Background 3.1.1 Example of a simple process flow chart 98 But what is the process approach? Planning an organisation’s business processes 3.3.1 Core business process 105 What kind of core processes would a business require?

99 103 107

Contents

x

3.5 3.6

4

3.4.1 Supporting processes 108 3.4.2 Primary supporting processes 110 3.4.3 Secondary supporting processes 111 Inter-relationship of process documentation The hierarchy of processes

111 114

What is a Quality Management System?

115

4.1

115

Quality Management System – requirements 4.1.1 Basic requirements of a Quality Management System 115 4.2 Quality Management System – principles 4.3 Quality Management System – approach 4.4 Quality Management System – structure 4.4.1 QMS documentation 122 4.5 Quality policy 4.5.1 Corporate policy statement 125 4.6 Processes 4.7 Quality procedures 4.7.1 What documented procedures are required by ISO 9001:2015? 127 4.8 Work instructions 4.8.1 What is the difference between a work instruction and a record? 128 4.9 Quality plan 4.9.1 Management responsibility 131 4.9.2 Contract review 131 4.9.3 Design control 131 4.9.4 Document and data control 132 4.9.5 Purchasing 133 4.9.6 Customer supplied products and services 133 4.9.7 Identification and traceability 133 4.9.8 Process control 133 4.9.9 Inspection and testing 134 4.9.10 Inspection, measuring and test equipment 134 4.9.11 Nonconforming products and services 134 4.9.12 Other considerations 134 4.10 Documented information

5

117 121 122 124 125 126

127

128

135

The structure of ISO 9001:2015

139

1 2 3 4

141 142 142 143

Scope Normative references Terms and definitions Context of the organisation 4.1 Understanding the organisation and its context

143

Contents

xi

4.2

5

6

7

8

9

10

Understanding the needs and expectations of interested parties 144 4.3 Determining the scope of the Quality Management System 145 4.4 Quality Management System and its processes 147 Leadership 5.1 Leadership and commitment 149 5.2 Policy 152 5.3 Organisational roles, responsibilities and authorities 155 Planning 6.1 Actions to address risks and opportunities 157 6.2 Quality objectives and planning to achieve them 160 6.3 Planning 162 Support 7.1 Resources 163 7.2 Competence 171 7.3 Awareness 172 7.4 Communication 173 7.5 Documented information 173 Operation 8.1 Operational planning and control 179 8.2 Requirements for products and services 181 8.3 Design and development of products and services 185 8.4 Control of externally provided processes, products and services 198 8.5 Production and service provision 205 8.6 Release of products and services 212 8.7 Control of nonconforming outputs 214 Performance evaluation 9.1 Monitoring, measurement, analysis and evaluation 218 9.2 Internal audit 223 9.3 Management review 226 Improvement 10.1 General 230 10.2 Nonconformity and corrective action 231 10.3 Continual improvement 236

148

156

163

179

217

230

6

Example Quality Management System

239

7

Self-assessment

579

7.1 7.2

How ISO 9000 can be used to check small businesses’ Quality Management Systems Internal audit 7.2.1 Audit plan 582

580 580

Contents

xii

7.3 7.4

7.5

7.6

8

7.2.2 Internal audit programme 584 External audit 7.3.1 Supplier evaluation 591 The surveillance or quality audit visit 7.4.1 Multiple evaluations and audits 596 7.4.2 Secondary audit 596 7.4.3 Third-party evaluation 596 7.4.4 Conformity assessment 596 Self-assessment checklists 7.5.1 Documentation required by an organisation to meet ISO 9001:2015 requirements 597 7.5.2 I SO 9001:2015 requirements of management 597 7.5.3 Example checklists of typical auditors’ questions for ISO 9001:2015 compliance 598 7.5.4 Example internal stage audit checklists 598 Documentation requirements 7.6.1 The requirements 599 7.6.2 Control of documents 602 7.6.3 Software programs for document control 604

What are the costs involved in an organisation obtaining registration to this standard? 8.1 8.2 8.3 8.4 8.5 8.6 8.7 8.8 8.9 8.10 8.11 8.12 8.13

Can I just work ‘in compliance’ with ISO 9001? So why should I bother about getting ISO 9001 certification? But what is the difference to being a certified, accredited and/or a registered ISO 9001:2015 organisation? But is it worth the cost and trouble to become ISO 9001:2015 certified? What are the benefits of ISO international standards? How do I become an ISO 9001 registered organisation? How long will it take to become certified? How is the certification completed? What happens during the actual ISO 9001 audit?! What other national certification bodies are there? What happens after certification and beyond? How can I maintain my certification? What are the advantages of maintaining my ISO 9001:2015 certification?

Abbreviations and acronyms Reference standards for Quality Management Systems Glossary of terms used In Quality Management standards Books by the author Index

591 595

597

599

605 606 606 607 607 608 609 611 612 612 613 615 615 615

621 625 627 633 639

Foreword

A lot of books have been written on the subject of quality management, and whilst their insight into how best to use the requirements and recommendations of the ISO 9001 standard is highly commendable, many of them are quite difficult to comprehend, let alone be of real assistance in setting up a compliant business quality management system. This is where Ray Tricker’s ISO 9001:2015 for Small Businesses comes into its own with its user friendly wording and straightforward explanations – but best of all, its free generic Quality Management System can be downloaded and quickly adapted to suit any type of business. As the Managing Director of a professional IT company and the owner of a garage specialising in the maintenance and servicing of Porsche cars, quality management has become an essential part of my business and I have come to rely on ISO’s Quality Management System standard (i.e. ISO 9001) for its guidance on how to efficiently run my businesses. This international standard is used worldwide (not only by large conglomerates but also small and medium-sized businesses) and has been adopted throughout the world as the very cornerstone for good business management. Similar to all other ISO standards, ISO 9001 is reviewed every five years in order to keep it current and relevant for the marketplace. As a consequence, the previous 2008 version of this standard experienced a six-stage revision process which resulted in the current 2015 version being rewritten around a common high-level structure that is applicable to all management system standards. Ray Tricker’s latest version of this book has been totally rewritten in accordance with this new format and includes descriptions, advice and assistance regarding the key changes made by the ISO during their revision process, which now focusses on risk-based management, fewer prescriptive requirements and an increased emphasis on achieving value for the organisation and its customers. Ray Tricker’s ISO 9001:2015 for Small Businesses is an excellent resource for any small business owner looking to work towards ISO certification – without having the expense of a having to employ a consultant to do the work for us! The book is well-structured and guided me through what is required in a clear and logical way. It is written in a very easy to understand manner which is of great assistance when trying to grasp what can, at times, seem to be a very complex process.

xiv

Foreword

Over the years, Ray Tricker has not only become one of the most respected authors of quality management books, but also for his publications on other important topics such as the Wiring Regulations, Water Regulations, Building Regulations and Environmental Regulations, and I consider myself exceedingly privileged in being asked by the publisher to write a foreword for ISO 9001:2015 for Small Businesses. I unreservedly recommend its purchase – you stand to save thousands in consultancy fees if you do! Well done, Mr Tricker, and thank you for yet again producing a very useful and understandable book that will be invaluable in assisting me to update my current ISO 9001:2008 Quality Management System so that it meets the new (less restrictive) requirements of the new ISO 9001:2015 standard. Alex Wynne-Davis Microsoft Certified Professional, Apple Certified Desktop Technician, Cisco Certified Security Professional, IMI Diagnostic Technician, Porsche Technology Program UTI, Atlanta, GA

Preface

Many books are being written on the topic of quality management and ISO 9000, but most of these appear to automatically assume that the reader belongs to a large company which already has an established management system in place and fulltime quality experts on hand to keep an eye on things. Small to medium-sized businesses, however, cannot afford these sorts of ‘luxuries’ but nevertheless still need to set up similar systems (but on a far smaller scale) and show that they too can work in compliance with ISO 9001:2015 and produce consistent quality deliverables. This sixth edition of ISO 9001:2015 for Small Businesses, with its series of examples and self-audit procedures, shows how a smaller company can benefit by meeting the requirements of ISO 9001:2015 and, in so doing, gain entry into more lucrative markets. Indeed, the main aim of my writing this book in the first place was to help readers, at very little expense, to set up a fully compliant ISO 9000 Quality Management System for themselves. But this latest edition of my book (updated to take into account the latest 2015 edition of ISO 9001 and ISO’s new high-level structure with identical core text, as well as common terms and definitions, as defined in Annex SL) is not meant to be just another reference book! ISO 9001:2015 for Small Businesses also includes a fully worked, generic Quality Management System (QMS) that can be quickly customised to suit any company – without having to rely on a specialist or a consultant to complete the task. And, best of all, a free, fully customisable copy of this Quality Management System is available to all purchasers of this book! To be of any real use, however, the customisation of the generic QMS must be completed on a page-by-page basis to suit your own purposes. Chapter 6 is not meant as a one-stop, quick-fix product!

As you will probably recall, prior to the reissue of the ISO 9000 series in 2000, the majority of organisations simply wrote their Quality Manuals to indicate how they met the 20 requirements of the 1994 standard – clause-by-clause. Although this made it easier for the authors of the manual to show the auditors that all of the requirements of the standard had been met, quite often (especially for very small

xvi

Preface

businesses), the manual was of little use to the organisation itself in actually running their business. Similar to the previous ISO 9001:2008 standard, ISO 9001:2015 continues the requirement for an organisation to hold some form of handbook, but (and this is probably the most contentious change made by ISO 9001:2015 and viewed by many as a step in the wrong direction!) ISO, after much discussion, have decided that the requirement for an organisation to have a fully documented Quality Manual, documented with (sometimes mandatory) procedures and records should be removed and replaced with the need to maintain ‘documented information’, which is ‘information that the organisation will be required to keep, control and maintain’. They no longer recommend the need for an organisation to employ a single person as a Quality Manager to oversee the smooth running of their Quality Management System as this responsibility for the qualitative running of an organisation is the responsibility of everyone and is now considered to be part and parcel of Top Management’s responsibility for ‘leadership’. How an organisation decides how, what and where to maintain their ‘documented information’ is left open, but in doing so, ISO believe that this will provide organisations with a far more flexible way of running their business. But whilst ISO may say that these documents and individuals are neither specifically required, nor mandated in ISO 9001:2015, there is nothing to stop an organisation maintaining a ISO 9001:2015-style Quality Management System with a Quality Manual nor a Quality Manager if they so please! (I will expand on this later on in this book.)

So, the prime aim of my book, therefore, is to help small businesses (who probably will have insufficient time to thoroughly read, understand, extract and implement all of the requirements of the ISO 9001:2015 standard and its supporting guidance documents) by providing them (in Chapter 6) with a fully worked example of an auditable compliant Quality Management System. For simplicity my generic Quality Management System is based on one particular type of company (i.e. LUR – a ‘paper producing’ consultancy), and you should use Chapter 6 as a template to describe the way that your organisation does business by leaving out those bits that are not particularly relevant to your type of business and then (if necessary) writing additional policies, processes and procedures based on the examples in Chapter Six to cover your organisation-specific areas that I have not covered in my book.

WHAT IS THE BACKGROUND TO ISO 9001:2015? With the increased demand for quality in everything that we do or make nowadays, there has come the need to have some formalised set of rules to work to. Fifty years ago, however, there were no formalised standards for recognising a manufacturer’s (or supplier’s) quality. Quality Procedures and guarantees were therefore required, and the military – as so often happens in these cases – seized the nettle.

Preface

xvii

NASA (in their capacity as controlling body for the US Space Program and with their requirement for the highest level of equipment reliability) was the first to produce a set of procedures, specifications and requirements. These became military specifications (mil specs), and manufacturers and suppliers, regardless of their size, were required to conform to these requirements if they wanted to provide equipment for the lucrative military market. The North Atlantic Treaty Organisation (NATO), under the American influence, then produced a series of quality assurance procedures which were known as the NATO Allied Quality Assurance Publications (AQAPs). These were republished by the British Ministry of Defence (MOD-UK) as the Defence Standard (DEF STAN) 05 series of procedures. Civilian firms and contractors quickly realised the necessity of ensuring that manufacturers and suppliers should abide by an agreed set of quality standards, and the British Standards Institution (BSI) formally adapted the DEF STAN 05 series into a virtually identical set of documents known as the BS 5750 series. This standard was then copied by other nations and a common series of recommendations known as the ISO 9000:1994 series of ‘Standards for Quality Assurance’ were produced. Under existing international agreement, all international standards have to be re-inspected five years after publication. In accordance with this agreement, the 1994 versions of ISO 9000 series were revised with more emphasis being placed on the need for customer satisfaction and the use of a more modular process approach to Quality Management. The main change caused by this new review process, however, was the amalgamation of the previous (similar) requirements contained in the ISO 9001:1994, ISO 9002:1994 and ISO 9003:1994 standards into a single ISO 9001:2000 standard – which was then updated in 2008 and, by international agreement, was again updated following five years of user experience and finally became the current ISO 9001:2015 standard.

Author’s Hint Although not officially referred to as a ‘requirements standard’, ISO 9001:2015 does, nevertheless, still contain 138 ‘shalls’ and 2 ‘shoulds’ (where ‘shall’ indicates a requirement and ‘should’ indicates a recommendation)!

ISO 9001:2015 specifies the national, regional and international accepted procedures and criteria that are required to ensure that products and services meet customers’ requirements. It identifies the basic disciplines of a Quality Management System and can be used by designers, manufacturers, suppliers, service industries and end users – large or small – with equal effect. These processes, procedures, disciplines and criteria can be applied to any firm, no matter its size – whether they employ just a few people or many thousands. It can also be used by companies to set up their own Quality Management System and can form the basis for assessing an organisation’s Quality

Preface

xviii

Management System (i.e. to ensure that a supplier or service industry has the ability to provide satisfactory goods and/or services). It therefore shouldn’t come as too big a surprise to learn that since the publication of the new mandatory process-orientated ISO 9001:2015, there has been a growing demand for an assurance of quality before a contract is let. This is not an entirely new concept, of course, because quality has always played an important role in securing new markets and retaining those markets that already exist, but without doubt, in these days of competitive world markets, quality assurance has become far more relevant. To meet this requirement, all organisations have had to recognise the importance of quality and the fact that it can only be achieved through efficient company organisation and a determination by Top Management to meet the increased quality requirements of their potential customers. This concept is not just related to large manufacturing companies and suppliers; it also has a huge impact on smaller organisations – even those employing just one or two people – because no matter how large or small the company, there has to be an increasing reliance on quality and the requirements and recommendations of ISO 9001 in order to meet customers’ specifications. In fact, for anyone wanting to sell their products and services in today’s multi-national European or American market, the ISO 9000 standards are essential publications. Together they provide a comprehensive set of rules and regulations, specifications and recommendations that enable an organisation – be they supplier or end user, large or small – to set up a workable Quality Management System with in-built processes and procedures that enable them to operate within their constraints.

BUT WHAT IS A ‘SMALL BUSINESS’?! A small business is a business that is independently owned and operated, with (obviously!) a small number of employees and relatively low volume of sales. Small businesses can be involved in all aspects of design and the manufacture, supply, installation and maintenance of products, services and information technology. They are normally privately owned corporations, partnerships or sole proprietorships. The legal definition of ‘small’ varies between countries, but within the European Union, the official definition of a Micro, Small and Medium-sized Enterprise (SME) – as provided by Directive 2003/361/EC – is: Enterprise Category

Headcount

Turnover

Medium-sized

< 250

≤ €50 m.

Small

< 50

≤ €10 m.

Micro

Product/Service Improvement. RN –> Resource Need.)

Attended by: 1. 2.

Meeting No: ………… Venue: ………………………………….. Meeting Date: …………. Next Meeting Due On: ……………

Example Quality Management System

575

Document Ref: NL-34–044RLR16 Date: 1 May 2016 QMS Part 4 – Work Instructions Version 04.00

ISO 9001:2015 for Small Businesses

576

Document Ref: NL-34–044RLR16 Date: 1 May 2016 QMS Part 4 – Work Instructions Version 04.00

WI/8 – Training history sheet – Template

1 SCOPE In accordance with Section 15.8 of QP/15 – Customer Awareness and Training, the appropriate Section Manager shall retain records of all training. This shall include details of attendance, achievements, course content, scope, personnel who provided the training and those who received it.

2 DOCUMENTATION See page 571.

Work Instructions page 26 of 27

Work Instructions page 27 of 27

Training Imparted

Date of Training

Trained By

Score Obtained

*Participant’s Feedback

**Superior’s Feedback

Superior’s Signature

* Participant’s feedback shall be copied from training attendance sheet (in case of in-house training) / taken by interview. ** Superior’s feedback and signature shall be taken by the Company Secretary within two months of training.

1 2 3 4 5 6 7 8 9

No

Designation: ………………………………………………. As on ………………..

Date of joining: ………………

Name: …………………………………………………….

Personnel No: ………………….

Section Managers Signature

Example Quality Management System

577

Document Ref: NL-34–044RLR16 Date: 1 May 2016 QMS Part 4 – Work Instructions Version 04.00

This page has been left blank intentionally

Chapter 7

Self-assessment

Author’s Start Note Assuming that you now have your own organisation-specific Quality Management System up and running, how do you monitor its effectiveness? How can you be sure that you will be capable of continuing to meet ISO 9001:2015 requirements? And, more importantly, if you intend going on to seek ISO 9001:2015 Certification, how can you be sure that you will be able to meet the exacting requirements of your appointed Accredited Certification Body?! Chapter 7 covers the often overlooked topic of self-assessment and the methods for completing management reviews, internal, external and third-party audits and evaluations. Also included are the availability of Annexes explaining: • • • •

the QMS documentation that an organisation will require; the ISO 9001:2015 requirements of management; typical auditors’ questions to assess ISO 9001:2015 compliance; example internal stage audit checks.

Note: Once more this chapter assumes that your organisation is of a similar size to the LUR example used in Chapter 6 (i.e. an organisation of about 45–50 people, which has a full-time Quality Manager and can call upon management representatives to assist as and when required). If you are a Micro Business (i.e. less than 10 employees) then you probably will not have a full-time Quality Manager and in that case it would normally be the Owner or Managing Director who performs the audits and checks.

ISO 9001:2015 for Small Businesses

580

7.1 HOW ISO 9000 CAN BE USED TO CHECK SMALL BUSINESSES’ QUALITY MANAGEMENT SYSTEMS Having set up your own Quality Management System, it may now be necessary for you to prove to a potential customer that your QMS fully meets the recommendations, requirements and specifications of ISO 9001:2015. Or, you could be considering seeking ISO 9001:2015 Certification from an Accredited Certification Body. On the other hand, you might want to check whether a subcontractor’s or a supplier’s QMS is up to your required standard. The question is, how can you tell whether your QMS will meet these requirements? And the answer is, to complete an audit! If your organisation has complied with the requirements for having a compliant QMS as described so far, then you will be well on your way to running a quality organisation. The requirements of QMS do not rest there, however. Your organisation must continually review its QMS to confirm its continued suitability and success, reveal defects, danger spots or irregularities, suggest possible improvements, eliminate wastage or loss, check the effectiveness of management at all levels and to be sure that managerial objectives and methods are not only effective, but are also capable of achieving the desired result. Above all your organisation must be prepared to face up to an audit of its quality procedures from potential customers!

7.2 INTERNAL AUDIT The purpose of an internal quality audit is to identify potential danger spots, eliminate wastage and verify that corrective action has been successfully achieved. The procedures with which to carry out these audits should always be documented and available. An audit plan determines whether the QMS is effectively achieving its stated quality objectives and should be established as soon as possible. Indeed, it is a requirement of ISO 9001:2015 (i.e. Clause 9.2.1) that an internal assessment shall be regularly completed by the organisation to see that their QMS is effectively implemented and maintained.

ISO 9001:2015 ‘Clause 9.2.1 Internal audit’

‘The organization shall conduct internal audits at planned intervals to provide information on whether the quality management system conforms to: • the organization’s own requirements for its quality management system; • the requirements of this international standard.’

Self-assessment

581

Requirements

Quality Procedures

System reliability

Design stage

Drawings

In-Service stage

Components

Equipment reliability

Design capability

Records Quality Assurance Methods

Product performance Degree of quality

Production stage

Acceptance stage

Quality level

Reliability of the product Reliability

FIGURE 7.1

Quality Assurance measurements

The type and content of an internal audit, obviously, varies with the size of the organisation. In some circumstances it can, however, mean going as far as having to resort to statistical control analysis to indicate and/or predict the need to carry out corrective action. Another very important reason for carrying out an internal audit is that it clearly provides a comparison between what the QMS or Quality Plan stipulates should be done – and what is actually being done. The main aim, however, of an internal audit is to confirm that everything is OK.

This verification activity will, depending on the size and activities of the organisation, include testing and monitoring the design, production, delivery, installation and possibly after sales processes, design reviews and the method of auditing the QMS. The audit should be capable of identifying such things as non-compliance (i.e. with previously issued instructions) and deficiencies within the QMS. In addition the audit should recommend any corrective actions that can be achieved to improve the system.

ISO 9001:2015 for Small Businesses

582

Identify potential danger spots

Eliminate wastage

Audit plan

Quality Deficiencies

Applicability of procedures

INTERNAL AUDIT

Gap analysis

Quality assessment

Availability of Instructions

FIGURE 7.2

Organisational changes

Verification of corrective action

Internal audit

It is essential that management ensure that timely corrective action is taken on all deficiencies found during the audit. Follow-up actions should include the verification and implementation of corrective action, and reporting of results.

7.2.1 Audit plan To be effective, an ‘internal audit’ must be completed, where possible, by members of the staff who have been trained in Quality Control – provided, that is, that they are not responsible for the quality of that particular product.

Self-assessment

583

This does not, of course, stop the management from using an outside agency (i.e. third-party) if they wish to, and in so doing gain a completely unbiased view of the general success of their organisation’s QMS. The selection of the department or section to be audited should always be conducted on a random basis and normally these internal audits will be completed every three months or so. In an ideal world the audit should be pre-planned so that it covers all aspects of Quality Control within one calendar year.

Start

1 Audit schedule

2 Audit preparation and organisation

3 Audit execution

8 Follow up

4 Summarise audit results

5 Prepare audit report

7 Take remedial action

FIGURE 7.3

Internal audit programme

6 Corrective action

ISO 9001:2015 for Small Businesses

584

The audit plan should: • • • •

cover the reasons why an internal audit is being completed (e.g. organisational changes, reported deficiencies, survey or routine check); cover all the specific areas and activities that are to be audited; stipulate the minimum qualifications of the personnel who are to carry out the audit; describe how the audit report should be finalised and submitted.

7.2.2 Internal audit programme As shown in Figure 7.3, an internal audit programme normally consists of eight separate (but inter-related) steps:

Step 1 – Audit schedule Internal quality audits are usually planned and initiated by the Quality Manager or the Manager of a particular area or department depending on the status and importance of the various activities of a section and/or deliverable. For large organisations, it would be quite normal for all departments and sections to be subject to at least three complete quality audits every year as shown in Example 7.1 below:

FUNCTION/ DEPARTMENT

JAN FEB MAR APR MAY JUN JULY AUG SEPT OCT NOV DEC

Administration and finance

x

Drawing office

x

x

Workshops

EXAMPLE 7.1

x x

Stores

x

x x

x

x x

x

Annual quality audit schedule

Author’s Hint For smaller organisations (e.g. those employing just a handful of people) an audit every four months or so of selected areas would probably be sufficient. In larger departments the frequency would probably have to be increased – but Top Management will have to decide on that aspect.

Self-assessment

585

Step 2 – Audit preparation and organisation Depending on the complexity and the size of the audit (or when sections are too large, or activities from other sections are involved) the Quality Manager may perform the audit himself or he could assign a Lead Auditor and a team of auditors to complete the task. The Lead Auditor is then responsible for organising an agenda which (see Example 7.2) will include the: • • • • •

scope and objectives of the audit; persons having direct responsibilities for the procedure(s) to be audited; reference documents; name of Lead Auditor and name(s) of assigned auditor(s); date when audit is to be concluded.

Audit Reference No: ......................

File No: .................................................

Purpose of audit: ................................................................... Scope of audit: ....................................................................... Lead Auditor assigned: .......................................................... Location(s) of audit: ............................................................... Unit or area to be audited: ..................................................... Reference documents: ........................................................... Team members: ...................................................................... Date of audit: .......................

Anticipated duration of audit: ................

Time of opening meeting: ............

Anticipated time of closing meeting: .....

Facilities requested: .................................................... EXAMPLE 7.2

Internal audit plan

Following a review of earlier audit reports on the same section or the same subject, the Lead Auditor and the assigned auditor(s) will prepare an audit check list containing all of the topics/items to be covered together with an audit programme (see Examples 7.3 and 7.4).

ISO 9001:2015 for Small Businesses

586

AUDIT CHECKLIST

ITEM NO

EXAMPLE 7.3

FUNCTION/PROCESS AUDITED: ..................

AUDIT NO:.......

DOCUMENT REFERENCES: ..........................

AUDIT DATE:.......

AUDIT QUESTIONS

REFERENCE

PREPARED BY: ..............................

PAGE … OF …

RESULT

NOTES/ OBSERVATIONS

DATE PREPARED: ..................................

Audit checklist

TIMETABLE

TEAM A

0900–0930

Opening meeting

0930–1030

Managing Director Quality Policy Management Review

Laboratory 1

Technical Director

1030–1100

Review of: Document Control Non-conformity

Laboratory 2

Department Heads

1100–1200

Purchasing

Laboratory 2

Department Heads

1200

Lunch

1330–1500

Purchasing

Laboratory 2 (cont)

Department Heads

1500–1600

Personnel Training

Electrical Test House

Department Heads

1600–1700

Commercial/ Sales

Calibration Service

Department Heads

EXAMPLE 7.4

Audit programme

TEAM B

AUDITEE PARTICIPATION Senior Management & Department Heads

Self-assessment

587

Step 3 – Audit execution Assuming that the organisation is large enough to warrant having an audit team then an initial meeting between the auditor(s), the auditee(s) and the Quality Manager is held during which: • • •

a brief summary of the methods and procedures that will be used to conduct the audit is given; the method of communication between auditor(s) and auditee(s) is agreed; and the audit programme is confirmed.

Most organisations will have available a documented procedure for completing internal audits that distinguishes between two kinds of internal quality audits, namely a ‘standards audit ’ (which evaluates how well the ISO standard is being applied and a ‘procedures audit ’, evaluates how effective the organisation’s Quality Procedures, policies, plans and instructions are.

Using the standards audit the auditor will begin collecting evidence of compliance by interviewing auditee personnel, reading related documented information, reviewing manuals, checking records, examining data, observing activities and studying working conditions. As the evidence is collected the auditor will answer each audit question and record his observations as either: Yes

means that this activity is in compliance with the standard;

No

means that this activity is not in compliance;

Not applicable means that this question is not applicable in this activity’s situation. Once the auditor has completed the audit questionnaire, he makes a list of all the nonconformities (i.e. the ‘Nos’) and summarises his evidence. Similarly, using the procedures audit each applicable Quality Procedure, Policy, Plan and Work Instruction will be looked at from the point of view of ‘Is it documented?’ ‘Is it being followed?’ ‘Is it effective?’ On the basis of evidence collected, the auditors will record their observation as: Yes

means that this activity is in compliance;

No

means that this activity is not in compliance.

Auditors will record all their observations on the audit observation sheet (see Example 7.5) and all non-compliances will then be listed on a ‘non-compliance worksheet’ which will eventually form part of the final audit report.

ISO 9001:2015 for Small Businesses

588

Step 4 – Summarise audit results Auditors will then meet to discuss all of their observations (particularly any noncompliance that they may have found) with the Lead Auditor. Note: All observations of nonconformity must be formally acknowledged by the manager responsible for the activity being audited.

A closing meeting of auditor(s), auditee(s) and the Quality Manager will then be held during which: • • •

audit observations will be clarified; the critical significance of observations will be presented; conclusions drawn about compliance will be presented; Section or project to be audited: Reason for audit: Audit No:

Date:

Auditor:

Sheet ... of ...

Serial No

Observation/supporting evidence Action required

Yes/No

Circulation: Attached Sheets:

Signed: EXAMPLE 7.5

Name: Audit observation sheet

Date:

Self-assessment

• • •

589

system effectiveness in achieving the quality objectives will be presented; corrective actions will be agreed; the date for completion of the audit report will be agreed. Note: Minutes of all relevant meetings, decisions and agreements must be attached to the audit report.

Step 5 – Prepare audit report The Lead Auditor now needs to prepare an audit report using an audit report form similar to the one shown in Example 7.6. The report must be signed by all members of the audit team, plus the Quality Manager, and copies sent to auditee(s) and Top Management as required. The audit report will list all nonconformities discovered, observations made and discuss any conclusions drawn. It will also detail (in the summary) Section or project audited: Reason for audit: Audit No:

Date:

Auditor:

Sheet ... of ...

Audit area(s): Reference document(s): Summary:

Audit observation sheet number

Observation number

Comments

Corrective action requirement

Prepared:

Name:

Date:

Agreed:

Name:

Date:

Circulation:

EXAMPLE 7.6

Audit report form

Attached sheets:

ISO 9001:2015 for Small Businesses

590

Section or project audited: Reason for audit: Audit No:

Audit Date:

Auditor(s):

Auditee(s):

Audit area(s): Reference document(s):

Non-conformance details:

Signed: (Auditor)

Name:

Date:

Name:

Date:

Name:

Date:

Agreed corrective action:

Signed: (Auditee)

Agreed time limit: Signed: (Actionee)

Progress:

EXAMPLE 7.7

Corrective action request

Signed:

Date:

Self-assessment

591

recommendations that should be implemented in order to correct or prevent nonconformities occurring and to make improvements.

Step 6 – Corrective action After the closing meeting, the Lead Auditor will prepare a Corrective Action Request (see Example 7.7) for each agreed corrective action. Note: Corrective action requests should always state who is responsible for carrying out the corrective action and the timescale for its completion. One sheet should be used for each agreed corrective action.

Step 7 – Take remedial action The section/department that has been audited is then responsible for ensuring that the agreed corrective actions are implemented and that any observations, comments and recommendations made by the audit team have been taken into account.

Step 8 – Follow up Finally, the Lead Auditor is responsible for ensuring that corrective action has been carried out and for notifying the Quality Manager of the status and/or completion of corrective actions.

7.3 EXTERNAL AUDIT Although the supplier may have been able to convince the purchaser that their QMS is effective, it is in the interests of the purchaser to conduct its own evaluation (i.e. audit) of the supplier. This is usually done on an irregular basis. The supplier must, of course, agree to the principle of purchaser evaluations being carried out and it is usual to find this as a separate clause in the contract. Normally these audits are pretty simple, but – particularly when the material, product or service being purchased is complex – the purchaser, however, will need to have a reasonably objective method of evaluating and measuring the efficiency of Quality Control at the supplier’s promises and be certain that the quality system (i.e. Quality Control) established by the supplier, complies with laid down standards and is, above all, effective. This method is known as the ‘supplier evaluation’.

7.3.1 Supplier evaluation Part of the initial contract will stipulate that the supplier provides access to the purchaser’s inspectors to enable the purchaser’s representatives to conduct their activities and evaluations. These facilities depend upon the level of surveillance, but could possibly require the supplier to provide:

ISO 9001:2015 for Small Businesses

592

Supplier evaluation

Audit plan

Evaluation team

EXTERNAL AUDIT

Study of the QMS Overview

FIGURE 7.4

• • • • •

Quality assessment & evaluation

Preevaluation meeting

External audit

suitable office and administrative facilities; adequate work space for product verification; access to those areas where work is in progress or to those which affect the work; help in documenting, inspecting and releasing material and services; the use of inspection and test devices and availability of personnel to operate them are necessary.

Pre-evaluation meeting Before the evaluation team visits the supplier’s premises they must first be given the chance to: • • • •

meet the supplier’s staff to discuss the procedures being used; identify the supplier’s sections/areas that will be tested; decide which representatives of the organisation will be required to accompany the evaluation team during their inspection; agree dates and outline timetables, etc.

Self-assessment

593

Study of the Quality Manual The purchaser must then be given a copy of the supplier’s Quality Manual which will be inspected not only for its accuracy and clarity but also its position compared to national and international standards and to see that it conforms to the relevant sections of ISO 9001:2015. Having thoroughly examined the manual, the purchaser is then in a position to be able to send a team of inspectors to the supplier’s premises to fully scrutinise every aspect of the supplier’s design office, purchasing, storekeeping, manufacturing activities, assembly, test and storage facilities to see that the work carried out complies with the procedures (promises!) made in its Quality Manual.

The evaluation Having completed the pre-evaluation, the purchaser is now able to visit the supplier’s premises for a complete inspection. During the actual evaluation, the supplier’s department heads will first be required to describe to the team exactly how their Quality Control system works. They will have to provide examples of their Quality Control documentation and possibly even be required to prove that certain sections have the correct documentation and that it is up to date. The department heads will then have to show how stock is received, accounted for and withdrawn from stores, how the appropriate drawings are issued, updated and eventually disposed of.

Author’s Hint Quite often the evaluation team will want to see the route cards and/or ‘travellers’ that accompany partially completed work and possibly carry out an evaluation of the sampling procedures used by the supplier. t is also possible for the purchaser’s team to ask for a previously inspected batch to be rechecked so that they can see if a similar or comparable result is obtained.

Other aspects of the supplier's facilities that the inspectors might well want to look at (particularly if the supplier is an organisation actually manufacturing and/or designing a product) could include: • •

evidence that its test equipment and other instruments have been regularly maintained and calibrated against a known source; that rejected or unacceptable components and assemblies are clearly marked and segregated to avoid any chance of their accidental inclusion with other items that have already been accepted.

At the end of this evaluation, a meeting will be arranged between the evaluation team and the factory organisations to discuss their findings and to be sure that there are not any misunderstandings, etc. The eventual evaluation report will then be formally presented at a meeting with the management. The result of this meeting could be one of the following.

ISO 9001:2015 for Small Businesses

594

Acceptable system control This means that the evaluation has shown that the supplier has a satisfactory QMS, there are no deficiencies and the supplier has been able to give an assurance of quality. When this happens, there should be no reason why the purchaser should feel it necessary to demand any radical changes to the supplier’s system. Note: But even though the supplier may have proved that it is up to a satisfactory standard, the purchaser will still have the right to (and often does) insist on making further inspections throughout the duration of the contract.

THE EVALUATION

Weak system control

Unacceptable system control

Acceptable system control

FIGURE 7.5

The evaluation

Weak system control This covers the situation where the evaluation team find several significant weaknesses in the supplier’s system. If this happens, the supplier will have to take steps to overcome these failures and improve its QMS. Having done this, the supplier can then ask for another evaluation to be carried out to confirm that its quality now meets the required standards.

Unacceptable system control This is the result of the purchaser’s evaluation team finding that the number of deficiencies – or the lack of quality discipline at the supplier’s premises – mean

Self-assessment

595

that the supplier will have to make radical changes to improve its overall QMS before it is anything like acceptable to the potential purchaser. When the supplier has completed the necessary changes, it will then have to undergo a second evaluation to see that its improvements are satisfactory. Unfortunately this could be as much as a year later, by which time the purchaser may well have found an alternative source or decided that the initial organisation’s quality is definitely not up to standard – and virtually ‘blacklisted’ that particular supplier! Having been inspected, it is important that the records of this inspection are safely filed away as documented information in case they may be required to reinforce some point at a later stage or provide statistical data for the analysis of a supplier’s performance. This is sometimes referred to as ‘vendor rating’.

7.4 THE SURVEILLANCE OR QUALITY AUDIT VISIT

SURVEILLANCE AND QUALITY SYSTEM AUDIT

Multiple evaluations and audits

Secondary audit

Third-party audit

FIGURE 7.6

The surveillance

Although an organisation might have successfully passed an initial evaluation of its facilities and the purchaser may well be satisfied that the supplier is capable of providing an assurance of quality, it cannot be assumed that the supplier will be able to, or even capable of, retaining this status forever. Many things can happen to change this situation such as staff moving through promotion or natural wastage, changes in the design of the product or service that may or have been necessary, or perhaps even a new man-management philosophy.

596

ISO 9001:2015 for Small Businesses

The purchaser needs, therefore, to be informed of any changes in the organisation and personnel that might affect the overall quality of the product. It is quite possible that the purchaser might also want to make irregular surveillance visits of the supplier’s premises to examine a particular aspect of its QMS. These surveillance or audit visits by the purchaser will be run on exactly the same lines as the supplier evaluation and are aimed at providing the purchaser with a confidence in the supplier and an assurance that it is capable of in fact still providing the purchaser with the quality of goods that it requires. The aim of these audit visits should be that all the important aspects of the Quality Control system are checked, in rotation.

7.4.1 Multiple evaluations and audits It is likely that a supplier might well be providing the same product or service to several different customers and it could just happen that all of these customers ask to have an audit – at the same time! This obviously cannot be allowed to happen as the supplier and/or the manufacturer would forever have people visiting its premises and disturbing, not only the labour force, but also the production line! Thankfully there are quite a number of ways around this problem, such as a secondary audit or third-party evaluation.

7.4.2 Secondary audit If a purchaser indicates that it wants to carry out an audit, the supplier can offer to provide the details of another customer’s audit that has recently been carried out at its premises. If this does not quite cover the problem area sufficiently, then the supplier could offer to check in more detail the appropriate points raised by the purchaser.

7.4.3 Third-party evaluation As an alternative to the secondary audit, a third-party evaluation team (i.e. one that is not directly involved in either the supply or purchase of the deliverable) could be employed to carry out an audit. There are several firms that have been specifically set up to do this and these are capable of determining whether a supplier’s products and services, premises and management are capable of meeting (and still meet) the laid down standards.

7.4.4 Conformity assessment In these days of international markets and cross-border trading, many national regulations require that a product or deliverable is first tested for compliance with an internationally agreed Management System Standard for safety, environmental and/or quality conformance before it can be released to the market.

Self-assessment

597

This sort of testing is referred to as ‘conformity assessment’ and in its simplest form means that a product, material, service, system [or in some cases, person(s)] has been measured against the specifications of a relevant standard – which, in most cases, will be an internationally agreed standard. Although some conformity assessment can be completed using internal facilities, when a product has health and/or environmental implications, national legislation will probably stipulate that testing is carried out by an independent Registrar, Notified Body or specialist organisation; in other words, by a third party. There exist many testing laboratories and certification bodies which offer independent conformity assessment services performed either as a commercial venture, or under mandate to their national government.

7.5 SELF-ASSESSMENT CHECKLISTS Self-assessment can be a very useful tool to identify possible areas for improving an organisation’s capability and ISO 9004:2009 (‘Managing for the sustained success of an organization. A quality management approach’) helps organisations by providing an annex containing ‘guidelines for self-assessment’.

Author’s Hint As this is an important consideration, in the third book in this ISO 9001:2015 series (i.e. ‘ISO 9001:2015 Audit Procedures’) I have included a number of appendices that are specifically aimed at helping small businesses complete a self-assessment of their QMS and cost-effectively work in conformance with the requirements of ISO 9001:2015. These consist of the following:

7.5.1 Documentation required by an organisation to meet ISO 9001:2015 requirements A brief explanation of the specific requirements (i.e. the ‘shalls’) of each element of ISO 9001:2015 together with a description of the likely documentation that an organisation would need to have in place to meet the requirements, as well as an outline of this content (Annex A to ‘ISO 9001:2015 Audit Procedures’ ).

7.5.2 ISO 9001:2015 requirements of management Another list of the sections and sub sections that make up ISO 9001:2015, but this time identifying the areas that management need to address when they document their Quality Management System (Annex B to ‘ISO 9001:2015 Audit Procedures’).

ISO 9001:2015 for Small Businesses

598

Note: Most independent Registrars and Notified Bodies will use a similar ‘check sheet’ to determine whether an organisation’s QMS complies with the requirements of ISO 9001:2015.

7.5.3 Example checklists of typical auditors’ questions for ISO 9001:2015 compliance Annex C (to ‘ISO 9001:2015 Audit Procedures’) contains a list of the most important questions an external Quality Auditor (e.g. BSI, , ANSI, TÜV, AFNOR, etc.) would be likely to ask when completing an external or conformity audit. If an organisation can honestly answer ‘yes’ to all these questions, then it would be quite entitled to say that it ‘fully complies with the requirements of ISO 9001:2015’. Note: Parts of these checklists could, of course, also be used when conducting internal quality audits.

7.5.4 Example internal stage audit checklists Lists of the most important questions that an external Quality Auditor (e.g. purchaser) is likely to ask when evaluating an organisation for all of (or some of) the following stages: • • • •

design stage; manufacturing stage; acceptance stage; in-service stage.

(Full details of these questions are available in Annex D of ‘ISO 9001:2015 Audit Procedures’).

Author’s Note These types of checklist, although relevant to most organisations, would probably be of more use to manufacturing companies. Having said that, they can also be used for internal audits – e.g. for a computer company producing software.

Self-assessment

599

7.6 DOCUMENTATION REQUIREMENTS In addition to providing a simplified set of standards that are equally applicable to small as well as medium and/or large organisations, the main objectives behind the 2015 revision of the ISO 9000 series of standards are so that: • • •



organisations will be allowed more flexibility in the way they choose to document their management systems; the amount of detailed documentation that is required by the standard is limited; the amount of documentation wanted by individual organisations is significantly reduced (provided, of course, that it is still capable of demonstrating the effective planning, operation and control of their processes as well as the implementation (and continual improvement) of their QMS!); the type and extent of the documentation will depend on the nature of the organisation’s products and processes. It has to be stressed that whilst ISO 9001 requires a ‘documented information’ it does not require a ‘system of documents’!

To achieve these aims, organisations will need to document – either electronically or on paper – their quality policy, objectives, procedures, planning and operations. They will need to describe how they control quality in these areas and will also need to retain documented information to prove that these procedures have been followed (i.e. inventory control listings, travellers, work orders, signed contracts, etc.). There are no specific requirements on the actual type or form of documentation. It can differ from one organisation to another depending on size, type of activities, or complexity of processes.

7.6.1 The requirements ISO 9001:2015 clause 4.4 specifies the requirement as follows:

ISO 9001:2015 Clause 4.4 ‘Quality management system and its processes’

‘The organization shall: • establish, implement, maintain and continually improve a quality management system, including the processes needed and their interactions’ • maintain and retain documented information to support the operation of its processes

ISO 9001:2015 for Small Businesses

600

The standard then goes on to explain that the QMS documentation shall include: • • •

• • • • •

the inputs required and the outputs expected from these processes; the sequence and interaction of these processes; the criteria and methods (including monitoring, measurements and related performance indicators) needed to ensure the effective operation and control of these processes; the resources needed for these processes and ensure their availability; the responsibilities and authorities for these processes; a method for determining risks and opportunities; the evaluation of these processes and the implementation of any changes needed to ensure that these processes achieve their intended results; and that these documents may be in any form or type of medium such as: o o o o o

paper; magnetic; electronic or optical computer disk; photograph; master sample. For additional advice on documentation see ISO/TR 10013 Guidelines for quality management systems documentation.

Documented statements regarding quality policy and quality objectives These will normally be included in a manual of some description (e.g. in Chapter 6 I have called this the ‘Quality Manual’).

Quality Manual The format and structure of the Quality Manual will vary between organisations depending on the organisation’s size, culture and complexity. For example, a small organisation may find it appropriate to include the description of its entire QMS within a single manual, including all the documented Quality Processes and Quality Procedures, etc. that they need. On the other hand, large, multi-national organisations may need several manuals at the global, national and/or regional level together with a more complex hierarchy of documentation. Alternatively, some organisations may choose to use the Quality Manual for other purposes besides simply documenting the QMS.

Self-assessment

601

Documented procedures required by ISO 9001:2008 Previously (i.e. in the 2008 edition of ISO 9001) there was a mandatory requirement for an organisation to have six specific documented procedures that had been fully established, documented, implemented and maintained. Namely: • • • • • •

control of documents; control of quality records; internal audits; control of nonconforming products; corrective actions; preventative actions.

and by implication: • •

customer communications; and purchasing process.

In the new ISO 9001:2015, it is no longer a compulsory ISO requirement to have these procedures in place and an organisation is now only required to maintain sufficient ‘documented information’ – which by implication has to include details of Top Management’s policies, processes and procedures, etc. As a Chartered Quality Professional (with more years’ experience than I care to think of!) I believe that it makes sense, however, for an organisation – no matter how large or small – to maintain most of the previous six ISO 9001:2008 procedures, in particular, one for Document Control for the management of documents throughout the document life cycle, e.g. version control, review cycle, visibility, availability and (most importantly) for providing a controlled reliable audit trail. A procedure that will enable an organisation (particularly now that we have the widespread use of computers in the workplace) access to a centralised, quality controlled, electronic store for documents based on various criteria (including organisation hierarchy and document types) which will enable people to have: • a readily available library of all of the organisation’s documented information; • web-based access and control of their (and the organisation’s) documents and processes; • an easy document search and retrieval facility; • the ability to convert paper-based documents to an electronic version for easy access; • document version control for all types of documents; • an assurance that it is the very latest approved live version that they are accessing; • a complete audit trail for easy tracking of the document’s life cycle; • the ability to analyze documents through reporting tools; • improved co-operation within the teams and organisation.

602

ISO 9001:2015 for Small Businesses

Quality Procedures can take any suitable form. They can be a narrative, a flow chart, a process map, or indeed any other appropriate structure. As long as the procedure is effective, it really doesn’t matter what it looks like. Some organisations (particularly larger organisations, or those making use of more complex processes) may also require additional documented procedures (especially those relating to product realisation processes) in order to implement an effective QMS. This will clearly vary depending on the size of the organisation, the kind of activities in which it is involved and their complexity.

Documents required by the organisation to ensure the effective planning, operation and control of its processes The two main objectives of an organisation’s documentation should be to provide communication of information (as a means of disseminating information about the aims, objectives and requirements for quality management) and evidence of conformity (i.e. the availability of evidence that all planned activities are being achieved in an efficient and effective manner). Although ISO 9001:2015 doesn’t make it mandatory for an organisation to have any specific Quality Procedures in place, it nevertheless by implication (i.e. the 138 ‘shall’ requirements spread throughout the standard!) means that an organisation must hold some form of documented information for quality management, quality policy, quality objectives and the actual content of the QMS itself. There are also several requirements in the standard where an organisation can demonstrate conformity by preparing additional documentation such as: • • • • • • • • •

process maps, process flow charts and/or process descriptions; organisation charts; specifications; work and/or test instructions; documents containing internal communications; production schedules; approved supplier lists; test and inspection plans; quality plans.

7.6.2 Control of documents ‘Proper control of documents’ is required by the standard, which means that you need to ensure that all your QMS documents have been correctly identified, reviewed, authorised, issued and distributed. You need to take care that old (i.e. obsolete) documents are not being used and that they are stored in a secure location if they are required for future reference. You also need to make sure that any external documents that you use in your QMS are identified within your system and that the access to these documents is controlled.

FIGURE 7.7

The hierarchy of processes

Generally one document per process

Adds detail and explanation to the Process Maps

Quality Procedures

i/p

o/p

Out

In

In

LEGEND

This symbol represents the start or end of a program flow.

Terminator

This symbol represents a decision or switching type function.

Decision

This symbol represents a linked document (e.g.form)

Document

Process or Activity

Input / output to / from another process

Detailed flow diagrams showing the activities needed to complete a process May comprise a number of sub-levels to attain the level of detail needed Will be sequential Will show inputs from other process(es) and outputs to next process(es)

LEVEL 4 - Process Maps

Will be sequential and contain inputs and outputs

An expansion of each named process from Level 2

LEVEL 3 - Detailed Process Linkages

Simply expands the Core & Supporting Processes into a series of high level activities

LEVEL 2 - High Level Process Linkages

Identifies and places the Critical Processes into two groups : 1 . Sequential Core Process 2 . Stand alone Supporting Processes which can be applied anywhere within the Business (or in more than one part of the business).

LEVEL 1 - Overview

Self-assessment

603

ISO 9001:2015 for Small Businesses

604

7.6.3 Software programs for document control With the acceptance of ISO 9001:2015 as the principal standard for integrated management has come the requirement to see the business in process terms. One method of achieving this is to use the process mapping software tool (shown in Section 3.6 which, for convenience, I have reproduced on the previous page) which not only describes the organisation’s business processes (through a series of multi-layer maps) but also provides direct access to existing documentation sitting below the process maps. This enables staff to have immediate access (i.e. through an intranet connected desktop PC or laptop) to the relevant documents, rather than having to cope with searching through a forest of printed documents. It also ensures that only the latest issues of these documents are available to staff. More organisations are now turning to an IT solution, as the benefits of using software to manage documentation and processes are numerous, including: • • • • • •

ease of use; error reductions; cost savings on print, paper and distributing; improved functionality; space and environmental savings; and time no longer wasted on searching for hard copies.

As mentioned in the Preface to this book, there are two other titles in this ISO 9001:2015 set. One providing an easy to read overview of quality management and the 9000 series (i.e. ISO 9001:2015 In Brief); this current book giving you with a complete précis of the standard and a generic QMS to customise; and the third one (ISO 9001:2015 Audit Procedures) which presents a more comprehensive explanation about the concepts of auditing. This last publication follows on from where ISO 9001:2015 for Small Businesses leaves off and includes background notes for auditors and typical auditors’ questions that can be used to assess ISO 9001:2015 compliance.

Author’s End Note Having reviewed the basic requirements for self-assessment, in this chapter of the book we shall now have a look at the question that will be probably asked by all of the Top Management (particularly the Managing Director?), and that is – ‘What are the costs involved in an organisation obtaining Registration to ISO 9001:2015?’ Chapter 8 is provides an indication of how to go about obtaining registration in the easiest and most cost effective manner. How to choose a Notified Body, what they will need from you and the potential costs.

Chapter 8

What are the costs involved in an organisation obtaining registration to this standard?

Author’s Start Note Having customised the generic QMS example shown in Chapter 6 as a template for producing your own QMS together with your associated Processes, Procedures and Work Instructions, and (following the guidelines contained in Chapter 7) having conducted a full internal audit of not only your own internal management system but also that of your suppliers and sub consultants – you are now in a position to seek registration for becoming an ISO 9001:2015 Certified Organisation. Chapter 8 is intended to give you an indication of how to go about this in the easiest and most cost effective manner. It will tell you how to choose an Accreditation or Notified Body and how they will complete their audit in terms of what they will need from you; potential costs; and, most importantly, how you can help the process go smoothly so as to reach a successful completion If, you have any problems getting yourself ready for this next important step, please feel free to contact me via [email protected] and I will help you as much as I can.

Many of today’s contracts (particularly those for the military or government – but also for many large businesses) insist that applicants hold a current up-to-date ISO 9001:2015 certificate before they will even be considered for the job – be it a deliverable, product or service. Indeed, in many tender documents this is the first question that has to be answered, and to a small business (that has probably never envisaged going outside its own particular market) it can cause a lot of anguish. If, as briefly mentioned in Chapter 1, the organisation has a well-documented, properly audited, management-led Quality Management System in place that is subject to continuous improvement and always seeking customer satisfaction, then the road to gaining ISO 9001:2015 certification need not be too onerous.

ISO 9001:2015 for Small Businesses

606

The obvious question that every small business is going to ask, though, is ‘How much is it going to cost to implement and operate?’ and ‘Is it going to be worth having the ISO Certificate hanging on the Managing Director’s Wall?!!’ Obviously, each business is different and the cost of ISO 9001 Registration will vary depending on the size and complexity of your organisation and on whether you already have some elements of a quality management system in place. Consequently, no book could possibly answer this question with any accuracy, however the following tables with examples may, I hope, be beneficial to you. But the first question that has to be answered is do you actually need to become an ISO 9001 registered company or would simply ‘working in compliance with ISO 9001:2015’ be sufficient? – and only your Top Management will know the answer to that one!

8.1 CAN I JUST WORK ‘IN COMPLIANCE’ WITH ISO 9001? If your organisation simply needs to prove that it only has to work in compliance with the requirements of ISO 9001:2015, then all that is required is to fully read and understand Chapter 6 of this book as this chapter contains a generic QMS that can be customised to suit any form of business, no matter whether it produces equipment, widgets, software or simply professional advice, etc.

Author’s Hint To obtain an ‘unlocked’, fully accessible, non-PDF soft copy of all of these files, free of charge, simply go to www.routledge.com/cw/tricker and, from here, you will be able to access and download a full copy. But please remember, this generic example of a complete QMS is not meant as a simple, quick, pretty meaningless cut and paste exercise! You will need to carefully go through the whole of the generic QMS contained in Chapter 6, cutting out the bits that do not apply to your sort of organisation, inserting or modifying others so that they replicate exactly how your organisation operates.

8.2 SO WHY SHOULD I BOTHER ABOUT GETTING ISO 9001 CERTIFICATION? •



ISO 9001 certification by an accredited Certification Body shows commitment to quality an to your customers plus a willingness to work towards improving efficiency. It demonstrates that you possess an effective quality management system that satisfies the rigours of an independent, external audit.

The costs involved to obtain registration

• •

607

ISO 9001 certification enhances company image in the eyes of customers, employees and shareholders alike. It also gives a competitive edge to an organisation’s marketing.

An organisation can also decide to seek certification because it: • • • •

is a contractual or regulatory requirement; is necessary to meet customer preferences; falls within the context of a risk management programme; and helps motivate staff by setting a clear goal for the development of its management system.

8.3 BUT WHAT IS THE DIFFERENCE TO BEING A CERTIFIED, ACCREDITED AND/OR A REGISTERED ISO 9001:2015 ORGANISATION? Certification – is the provision by an independent body of written assurance (a certificate) that the deliverable (product, service or system in question) meets specific requirements. Registration – Certification is very often referred to as registration (particularly in North America) – but it is one and the same thing. Accreditation – this is the formal recognition by an independent Accreditation Body (e.g. in the UK it would be UKAS), that a Certification Body has been formally approved as being capable of carrying out the certification of an organisation’s QMS. Accreditation is not obligatory but it adds another level of confidence, as ‘accredited’ means the Certification Body has been independently checked to make sure it operates according to international standards.

8.4 BUT IS IT WORTH THE COST AND TROUBLE TO BECOME ISO 9001:2015 CERTIFIED? Certification to the standard is used in global supply chains to provide assurance about suppliers’ ability to satisfy quality requirements and to enhance customer satisfaction in supplier-customer relationships. Every year ISO complete a world-wide survey of certifications to their management system and up until the end of December 2014 (the results of the 2015 Survey will be published in September 2016) a total of 1,138,155 ISO 9001:2008 certificates had been issued in 188 countries and economies, which represents an increase of 1 per cent (+11,695) over the previous year. Indeed, just within Europe, there were nearly half a million companies certified to ISO 9001:2008 – 10 per cent of whom were from the UK and Figure 8.1

ISO 9001:2015 for Small Businesses

608

unmistakably shows how Europe and Central and South Asia are the main regions in which companies hold Certificates around the world.

ISO 9001 - Worldwide total

1200,000 1000,000

Middle East Central and South Asia East Asia and Pacific Europe North America

800,000 600,000 400,000 200,000 0 1993

FIGURE 8.1

1995

1997

1999

2001

2003

2005

2007

2009

2011

2013

Worldwide accreditation to ISO 9001:2008 – as at 31 Dec 2014 (Courtesy of ISO)

8.5 WHAT ARE THE BENEFITS OF ISO INTERNATIONAL STANDARDS? The whole aim of companies becoming accredited to the ISO 9001 standard is to ensure that their products and services are safe, reliable and of good quality. For business, the standards are strategic tools that reduce costs by reducing waste and errors whilst at the same time increasing productivity. Accreditation helps companies not only to access new markets, but in doing so to become more professional as an organisation and improve their client relationships. As can be seen form Figure 8.2 (which are the results of a recent ISO study of 1,000 mixed businesses) 44 per cent of organisations surveyed said that they had won more business as a direct result of having achieved ISO 9001 certification.

Won more Business

44%

Became more Professional

23%

Improved Client Confidence

19%

Qualified for Tenders

14%

FIGURE 8.2

Benefits from achieving ISO 9001 Accreditation

The costs involved to obtain registration

609

8.6 HOW DO I BECOME AN ISO 9001 REGISTERED ORGANISATION? Assuming that you definitely need to be ISO 9001 certified then you will need to: • • • •

• •

(normally) purchase a copy of ISO 9001:2015 (but in your case, this book contains everything that you need!); identify which requirements of the ISO 9001:2015 standard are applicable to your type of organisation; agree your organisational quality objectives, quality policy and Quality Plans; produce a fully documented Quality Management System (consisting of a Quality Manual plus its associated Quality Processes, Procedures and Work Instructions) that is fully compliant with the requirements of ISO 9001:2015. implement these processes and procedures throughout your organisation; complete a series of internal audits to ensure that these procedures are suitable and adhered to.

Once all the requirements of ISO 9001 have been met within your organisation and any non-compliances have been rectified, it is time for an external audit by a third party Certification Body. The Certified Body who is going to be used for this audit is entirely your choice – but preferably (i.e. in order to be officially recognised) it should always be a company which has been fully accredited by an Accreditation Service (such as UKAS in the UK). As an example, see http://www.ukas.com/about-accreditation/accreditedbodies for a current list of UKAS accredited certification bodies.

The following is a list of questions you could ask an ISO 9001 Certification Body when deciding on which Certification Body you are going to use: 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13.

Are you accredited for auditing ISO 9001 and if so, by whom? Do you have auditors with experience in other management standards? Do you offer integrated audits for more than one standard? What is your reputation as a Certification Body? Are you recognised globally, or only locally? How many auditors do you have with experience in ISO 9001:2015? What level of work experience do you require from your certification auditors? How many customers do you have? What kinds of customers have you served in the past? Can you provide a reference list? How close are you to our location? What are you requirements concerning the maturity of our QMS? What is your policy with respect to issuing Corrective Actions and Opportunities for Improvement?

ISO 9001:2015 for Small Businesses

610

Start

Agree your organisational quality objectives & quality policy, etc.

Produce a fully documented QMS

Containing Quality Manual Quality Processes Quality Procedures Work Instructions

Conduct Internal Audits

1st Stage Third-Party Audit

2nd Stage Third-Party Audit

Become an ISO 9001:2015 Certified Organisation

FIGURE 8.3

The route to becoming an ISO 9001 Certified Organisation

The costs involved to obtain registration

611

14. What other services do you offer in the price? 15. What options do you offer for surveillance visits? 16. What is the price for the overall three-year program of certification audit and surveillance (maintenance) audits? 17. How many audit days will be required per audit? 18. How do you decide on the audit days and price? 19. What are the most common problems do you see when conducting initial certification Having chosen your Certification Body the initial stage of the certification audit will be for them to thoroughly review your Quality Manual and procedures, etc. to see that your organisation’s management programme is measurable and achievable.

Author’s Hint For a small business, this could either consist of a desktop study or a one-day visit to your organisation’s premises. For a large organisation, a site visit would probably be required – dependent on your product or service. The Certification Body may also send you a few simple questionnaires to complete

Assuming that this Stage 1 audit is successful, this will be followed at a later date by a full, on-site audit to ensure that working practices observe all of your policies, procedures and stated objectives and that appropriate records are maintained. If this Stage 2 audit is successful, then the Certification Body will issue you with a certificate of registration to ISO 9001 and this will then be followed by annual (or in some cases, depending on the size and complexity of your organisation, bi-annual) surveillance visits to ensure that the system continues to work.

8.9 HOW LONG WILL IT TAKE TO BECOME CERTIFIED? With the right preparation and a good understanding of what is required for ISO 9001 certification, most small to medium-sized organisations can expect to achieve certification within six to twelve months depending on their size and complexity. If you are a large organisation with a complex system, or are starting from a very low base line, you may require longer – but I cannot over-emphasise the importance of having the complete backing of Top Management and it is absolutely vital that you have someone (either internal or perhaps in the case of a micro business, an external consultant) who has experience of implementing Quality Management Systems and who knows what will be required in order to gain ISO 9001:2015 accreditation.

612

ISO 9001:2015 for Small Businesses

8.10 HOW IS THE CERTIFICATION COMPLETED? Once the groundwork has been done and the ISO 9001 Quality Manual and its associated Processes and Quality Procedures, etc. are completed, you will be ready for your first assessment. The assessor (i.e. your chosen Certification Body) will check that your written Quality Management System completely matches what you are actually doing and make any recommendations for change that may be needed. In most cases this initial assessment will be a desk top study.

Once any changes have been carried out, you will then be ready for the actual audit which will be carried out against the requirements of ISO 9001:2015 by your chosen Certification Body. Provided that you have addressed every single requirement and recommendation made in the current edition of ISO 9001 (for example by having a fully customised version of the generic QMS contained in Chapter 6 of this book) and everyone in your organisation is not only working in accordance with the procedures of your QMS but has taken responsibility for maintaining the quality of the organisation, then the audit should be plain sailing. BUT, you need to make sure that everything has been fully checked before the assessor arrives!

8.11 WHAT HAPPENS DURING THE ACTUAL ISO 9001 AUDIT?! From my experience, provided that you are well prepared and everybody (in particular, Top Management) is doing what they are supposed to be doing and completing their work in accordance with your documented management system, then there should be nothing really to worry about. Most Certification Bodies (see examples in Table 8.1) will use a ‘check sheet’ (one that is very similar to the lists contained in Annex 7C of ‘ISO 9001:2015 Audit Procedures’) to determine whether an organisation’s QMS complies with the requirements of ISO 9001:2015. And so, if you can honestly answer ‘yes’ to all of their questions, then the Assessors should be able to say that you ‘fully comply with the requirements of ISO 9001:2015’ – and then it is time to think about which wall to hang the certificate on!

The costs involved to obtain registration

613

8.12 WHAT OTHER NATIONAL CERTIFICATION BODIES ARE THERE? Whilst the UKAS Registration is recognised worldwide under ISO agreements, many countries have their own Certification Bodies and as my ‘ISO 9001:2015 for Small Businesses’ book can be of assistance no matter where you live in the world – I have had people writing to me for clarification on some quality management matters from the USA, Australia, China, UAE, the EU Sweden to name just a few (oh yes, and even one from Russia) it obviously has world-wide appeal and so, for your assistance I have listed some of these other National Certification Bodies (NCB) that might apply to you in Table 8.1.

Author’s Hint Please let me know if there is any alternative Accreditation Service concerning your own particular country (or indeed if I have missed any!) – and I will make sure that these are included in the next edition of this book. Just e-mail me at [email protected] with the details that you think should be included.

Displaying your certificate Remember, when labelling a product or system as certified to an ISO standard: 1. 2.

DON’T say: ‘ISO certified’ or ‘ISO certification’. DO say: ‘ISO 9001:2015 certified’ or ‘ISO 9001:2015 certification’ (for example).

Can I use the ISO logo? The ISO logo is a registered trademark and cannot be used by anyone outside of ISO, unless authorised – which means that basically only ISO, ISO members, and ISO Technical Committees (TCs) are allowed to use the ISO logo and ISO short name in accordance with ISO Policies.

Author’s Hint If you wish to use a logo to demonstrate certification, then either contact the certification body that issued the certificate or contact ISO themselves via their website – http://www.iso.org.

What will be the budgetary costs for doing all this? The cost for an organisation seeking Registration in the UK would (at the time of publication) be in the region of the figures shown in Table 8.2.

ISO 9001:2015 for Small Businesses

614

TABLE 8.1

Some of the worldwide accreditation bodies

Country

Body

Contact Details

Australia and New Zealand

Joint Accreditation Systems of Australia & New Zealand (JAS-ANZ)

http://www.jas-anz.com.au

Canada

The Standards Council of Canada (SCC)

http://www.scc.ca/en/accreditation/ management-systems

France

Comité Français d’Accréditation (COFRAC)

http://www.cofrac.fr/en/activites/ certification.php

Germany

Deutsche Akkreditierungsstelle GmbH (DAkkS)

http://www.dakks.de/en

India

National Accreditation Board for Certifications (NABCB)

http://qcin.org/nabcb

Ireland

Irish National Accreditation http://www.inab.ie Board (INAB)

People’s Republic of China

China National Accreditation Service (CNAS)

http://eng.cnas.org.cn

Singapore

Singapore Accreditation Service Council (SAC)

http://www.sacaccreditation.gov.sg

United Kingdom

United Kingdom Accreditation Service (UKAS)

http://www.ukas.com

USA

ANSI-ASQ National Accreditation Board (ANAB)

http://www.anab.org

The costs involved to obtain registration

TABLE 8.2

615

Budgetary costs for obtaining ISO 9001:2008 Certification

Enterprise Category

Headcount

1st Stage 2nd Stage Yearly Third-Party Third-Party Assessments Audit Audit

Medium-sized

< 250

£600

£2400

£1200

Small

< 50

£600

£1200

£600–1200

Micro

< 10

£300

£600

£600

8.13 WHAT HAPPENS AFTER CERTIFICATION AND BEYOND? When you have passed the formal assessment you will receive an ISO 9001 certificate, which is valid for three years. Your assessor will stay in touch during this time, paying you regular visits to make sure your system doesn’t just remain compliant, but that it continually improves.

Author’s Hint If you are already certified to ISO 9001:2008 then you have three years before you need to completely the changeover to ISO 9001:2015. If, however, you are being certified now that the ISO 9001:2015 standard has been published, then your QMS will have to cover the requirements of this new standard.

8.14 HOW CAN I MAINTAIN MY CERTIFICATION? Once you’ve achieved a standard you need to maintain it. How? Through Top Management commitment, training, internal audits, self-assessment tools, newsletters and, most important of all, by ensuring that everyone is dedicated to the improvement of quality throughout the organisation.

8.15 WHAT ARE THE ADVANTAGES OF MAINTAINING MY ISO 9001:2015 CERTIFICATION? As previously mentioned, many of the governmental and national body contracts (particularly if you are tendering for a job in a foreign country), as well as a lot of everyday businesses, are now demanding (yes ‘demanding’!) that you are a ISO 9001:2015 certified company before they will even consider you. Once you have achieved this standard you will, therefore, become one of the ever-growing, worldwide, respected body of fully ISO 9001:2015 certified organisations shown in Table 8.3. Although this particular table concentrates on the European sector and clearly shows that Europe have obviously accepted that ISO 9001 as ‘the future’ of good

ISO 9001:2015 for Small Businesses

616

TABLE 8.3

ISO 9001 Certified Organisation – Europe

Year Country

2008

2009

2010

2011

2012

2013

2014

455303 500286 528483 457922 467373 482620 483710

Albania

43

155

52

164

149

167

171

Andorra

33

27

27

28

30

25

29

Armenia

68

78

61

35

26

17

16

4272

4277

5161

4138

4562

4637

4213

153

148

103

122

183

256

244

Belarus

1749

2014

151

171

170

130

2963

Belgium

4875

3950

3715

3207

3915

3812

3666

811

909

944

1119

1239

794

846

Bulgaria

5323

5322

6248

5001

6037

5378

5730

Croatia

2302

2567

2102

2117

2584

2636

2807

Cyprus

555

677

645

742

296

427

276

10089

14031

16242

12697

10679

12679

13229

1574

1683

1856

1505

2780

1527

1692

Austria Azerbaijan

Bosnia and Herzegovina

Czech Republic Denmark Estonia

691

746

773

835

880

936

1028

Finland

1975

2243

2147

2265

2403

2838

2649

France

23837

23065

29713

29215

29198

29598

29122

107

114

72

77

79

95

118

48324

47156

50583

49540

51701

56303

55363

30

32

28

28

26

29

32

6747

5034

4322

4168

4796

7293

5446

Georgia Germany Gibraltar (UK) Greece Hungary

10187

7122

8083

6825

7232

7186

6928

Iceland

20

22

27

35

55

64

68

Ireland

2237

2136

2359

1875

2331

2388

2067

Italy

118309 130066 138892 143121 136991 159745 168960

Latvia

500

708

809

787

791

923

1001

Liechtenstein

170

73

78

64

71

79

90

Lithuania

815

1111

1207

1168

1165

1110

1218

Luxembourg

246

247

107

156

163

259

150

461

466

Macedonia Malta

0 355

420

476

437

442

The costs involved to obtain registration

TABLE 8.3

617

ISO 9001 Certified Organisation – Europe – continued

Year

2008

2009

2010

2011

2012

2013

2014

Moldova

96

167

82

86

131

120

123

Monaco

36

39

25

33

33

35

47

Montenegro

160

157

85

146

102

118

130

Netherlands

13597

12260

11213

11072

11417

11415

10433

Norway

1666

1871

1882

1756

1589

2080

2377

Poland

10965

12707

12195

10984

10105

10527

9608

Portugal

5128

5051

5588

4638

6650

7041

8006

Romania

10737

15865

16200

14345

18014

18450

18987

Russian Federation*

16051

53152

62265

13308

12488

11764

11301

36

40

30

37

39

46

55

2091

2733

1790

3228

2750

2366

2637

Slovakia

3476

3475

3895

3787

4281

3891

4604

Slovenia

1945

1688

1701

1658

1595

1993

1672

68730

59576

59854

53057

59418

42644

36005

5377

5346

5687

4901

4846

4613

4998

11724

11581

12110

10358

11542

12030

11210

271

295

333

290

396

399

446

13217

13705

10680

9446

7608

7178

8972

2453

3252

2592

1207

1091

1275

1311

41150

41193

43293

41943

42304

42843

40200

San Marino Republic of Serbia Serbia and Montenegro

Spain Sweden Switzerland The former Yugoslav Republic of Macedonia Turkey Yugoslav Republic Ukraine United Kingdom Source: Courtesy of ISO

ISO 9001:2015 for Small Businesses

618

business strategy, what about the rest of the world? Fortunately the ISO website (www.iso.org) also provides details of other continents and countries and as can be seen in Table 8.4 below, the growth of countries accepting and implementing the ideals of ISO 9001 has been nothing less than phenomenal. It is also interesting to see who are ISO 9001’s ‘Top Ten’. TABLE 8.4

Top 10 countries for ISO 9001 growth during 2014 Top 10 countries for ISO 9001 growth – 2014

1

Italy

7425

2

Australia

6608

3

China

5767

4

Belarus

2833

5

Mexico

2538

6

Turkey

1473

7

Canada

1274

8

Colombia

1146

9

Portugal

965

10

Slovakia

730

Source: Table courtesy of ISO TABLE 8.5

Top 10 countries for ISO 9001 certificates for 2014 Top 10 countries for ISO 9001 certificates – 2014

1

China

342800

2

Italy

168960

3

Germany

55363

4

Japan

45785

5

India

41016

6

United Kingdom

40200

7

Spain

36005

8

USA

33008

9

France

29122

Australia

19731

10

Source: Table courtesy of ISO

The costs involved to obtain registration

619

Author’s End Note I sincerely hope that you have found this book useful as an introduction to what ISO 9000 is all about and also that you can put it to good use (and in doing so, save yourself a bit of money) by customising Chapter 6 to show yourself as being compliant with the requirements and recommendation of ISO 9001:2015. All the best for the future, Ray

This page has been left blank intentionally

Abbreviations and acronyms

Abbreviation

Definition

ACSI AFNOR ANSI AQAP

American Customer Satisfaction Index Association Français de Normalisation (French Institute for Standardisation) American National Standards Institute NATO Allied Quality Assurance Publications

BSI

British Standards Institution

CAD CAR CATI CCIR CCITT

Computer Aided Design Corrective Action Request Computer Assisted Telephone Interviewing International Radio Consultative Committee International Telegraph and Telephony Consultative Committee CENELEC Electronic Components Committee Commission European de Normalisation Electrotechnique Comité Européen de Normalisation Électrotechnique; (i.e. the European Committee for Electrotechnical Standardization) Corporation of Open Systems Core Business Process Chartered Quality Institute Canadian Standards Association

CECC CEN CENELEC COS CP CQI CSA DEF STANS DIN DOA DOD DTI

Defence Standards Deutsch Institut fur Normung e.v (German Institute for Standardisation) Dictionary of Abbreviations American Division of Defence Department of Trade and Industry

DVT

Deep-Vein Thrombosis

Abbreviations and acronyms

622

Abbreviation

Definition

EFTA EMS EQFM ETSI EU EX

European Free Trade Association Environmental Management System European Foundation for Quality Management European Telecommunications Standards Institute European Union Explosive

FMEA FR FRS FTA

Failure Mode and Effects Analysis Failure Rate Functional Requirements Specification Fault Tree Analysis

HSE

Health and Safety Executive (UK)

IEC ILU ISO IT ITU

International Electrotechnical Commission Integrated Logistic Unit International Organization for Standardization Information Technology International Telecommunications Union

LAN LUR

Local Area Network Light Usable Regulations

MDD Mil-Stds MOD-UK MSS MTBF

Medical Devices Directive Military Standards United Kingdom Ministry of Defence Management Systems Standards Mean Time Between Failures

NAFAAD NATO NSO

North American Field Advanced Audit Division North Atlantic Treaty Organisation National Standards Organisation

OHS OHSAS OJT OSI

Occupational Health and Safety Occupational Health & Safety Assessment Series On-The-Job Training Open Systems Interconnection

PAS PDCA PF PPE

Publicly Available Specifications Plan-Do-Check-Act Probability Function Personal Protective Equipment

QA

Quality Assurance

Abbreviations and acronyms

623

Abbreviation

Definition

QC QM QMS QP QuEST Forum

Quality Control Quality Manual Quality Management System Quality Procedure Quality Excellence for Suppliers of Telecommunications Leadership

RAMS RMP RSI RTS

Reliability, Availability, Maintainability and Safety Risk Management Programme Repetitive Strain Injury Road-Traffic Safety

SEVEN SME SMME SP

Nickname for HQ USAF Programs Usually Connected With Surveys Small and Medium-sized Enterprises Small, Medium and Micro-Enterprises Supporting Process

TC TENS TQM TS

Technical Committee Transcutaneous Electrical Nerve Stimulation Total Quality Management Technical Specifications

UK UKAS

United Kingdom United Kingdom Accreditation Service

WAMH WAUILF WI

Workplace Applied Medical Health Workplace Applied Uniform Indicated Low Frequency (application) Work Instruction

YFR

Yearly Forecast Rationale

This page has been left blank intentionally

Reference Standards for Quality Management Systems Number ISO 9000 ISO 9001 ISO 9004 ISO 10001 ISO 10002 ISO 10003 ISO 10004 ISO 10005 ISO 10006 ISO 10007 ISO 10008 ISO 10018 ISO 19011

Title Quality Management Systems – Fundamentals and vocabulary Quality Management Systems – Requirements Managing for the sustained success of an organisation – A quality management approach Quality management – Customer satisfaction – Guidelines for codes of conduct for organisations Quality management – Customer satisfaction – Guidelines for complaints handling in organisations Quality management – Customer satisfaction – Guidelines for dispute resolution external to organisations Quality management – Customer satisfaction – Guidelines for monitoring and measuring Quality management - guidelines for Quality Plans Quality Management Systems – Guidelines for quality management in projects Quality Management Systems – Guidelines for configuration management Quality management – Customer satisfaction – Guidelines for business-to-consumer electronic commerce transactions Quality management – Guidelines on people involvement and competence Guidelines for quality and/or environmental management systems auditing

Complete copies of these Standards are available from ISO Member Countries in their own languages. The British version (e.g. BS EN ISO 19011) can be obtained, by post, from Customer Services, BSI Standards, 389 Chiswick High Road, London W4 4AL. Note: Extracts from British Standards reproduced in this book are with kind permission of the British Standards Institute.

This page has been left blank intentionally

Glossary of terms used in quality management standards Acceptable Quality Level – A measure of the number of failures that a production

process is allowed. Usually expressed as a percentage. Accreditation – Certification, by a duly recognised body, of facilities, capability,

objectivity, competence and integrity of an agency, service or operational group or individual to provide the specific service/s or operation/s as needed. Assemblies – Several pieces of equipment assembled by a manufacturer to

constitute an integrated and functional whole. Audit – Systematic, independent and documented process for obtaining evidence

and evaluating it objectively to determine the extent to which audit criteria are fulfilled. Audit Team – One or more auditors conducting an audit, one of whom is

appointed as leader. Certification – The procedure and action by a duly authorised body of determining,

verifying and attesting in writing to the qualifications of personnel, processes, procedures, or items in accordance with applicable requirements. Certification Body – An impartial body, governmental or non-governmental,

possessing the necessary competence and reliability to operate a certification system, and in which the interests of all parties concerned with the functioning of the system are represented. Chief Inspector – An individual who is responsible for the manufacturer’s Quality

Management System. Company – Term used primarily to refer to a business first party, the purpose of

which is to supply a product or service. Compliance – An affirmative indication or judgement that a product or service

has met the requirements of the relevant specifications, contract or regulation. Also the state of meeting the requirements. Conformance – An affirmative indication or judgement that a product or service

has met the requirements of the relevant specifications, contract or regulation. Also the state of meeting the requirements.

628

Glossary of terms

Contract – Agreed requirements between a supplier and customer transmitted by

any means. Customer – Ultimate consumer, user, client, beneficiary or second party. Customer Satisfaction – Customer’s opinion of the degree to which a transaction

has met the customer’s needs and expectations. Defect – Non-fulfilment of a requirement related to an intended or specified use. Design and Development Set of processes that transforms requirements into

specified characteristics and into the specification of the product realisation process. Distributor – An organisation that is contractually authorised by one or more

manufacturers to store, repack and sell completely finished components from these manufacturers. Document – Information and its support medium. Documented Information – Information that the organisation will be required to

keep, control and maintain’ Environment – All of the external physical conditions that may influence the

performance of a product or service. Equipment – Machines, apparatus, fixed or mobile devices, control components

and instrumentation thereof and detection or prevention systems which, separately or jointly, are intended for the generation, transfer, storage, measurement, control and conversion of energy for the processing of material and which are capable of causing an explosion through their own potential sources of ignition. In-Process Inspection – Inspection carried out at various stages during processing. International Organisation for Standardisation (ISO) – Comprises the national

standards bodies of 163 Member countries whose aim is to co-ordinate the international harmonisation of national standards. Item – A part, a component, equipment, sub-system or system or defined quantity

of material or service that can be individually considered and separately examined or tested. Maintenance – The combination of technical and administrative actions that are

taken to retain or restore an item to a state in which it can perform its stated function. Management – Co-ordinated activities to direct and control an organisation. Management System – The establishment of policies and objectives to achieve ISO

9001:2015 objectives.

Glossary of terms

629

Manufacturer – An organisation, which carries out or controls such stages in the

manufacture of components or assemblies. Material – A generic term covering equipment, stores, supplies and spares which

form the subject of a contract. Nonconformity – Non-fulfilment of a requirement. Organisation – A single person or a group of people who achieve their objectives

by using their own functions, responsibilities, authorities and relationships. It can be a company, corporation, enterprise, firm, partnership, charity, association, or institution either privately or publicly owned. It can also be an operating unit that is part of a larger entity. Organisational Structure – Orderly arrangement of responsibilities, authorities

and relationships between people. Procedure – Describes the way to perform an activity or process. Product – Result of a process that does not include activities that are performed

at the interface between the supplier (provider) and the customer. Note: There are four agreed generic product categories: • • • •

hardware (e.g. engine mechanical part); software (e.g. computer program); services (e.g. transport); processed materials (e.g. lubricant).

Hardware and processed materials are generally tangible products, while software or services are generally intangible. Most products comprise elements belonging to different generic product categories. Whether the product is then called hardware, processed material, software or service depends on the dominant element. Project – Unique process, consisting of a set of co-ordinated and controlled

activities with start and finish dates, undertaken to achieve an objective conforming to specific requirements, including the constraints of time, costs and resources. Quality – The totality of features and characteristics of a product or service that

bear upon its ability to satisfy stated or implied needs. Quality Assurance – The assembly of all planned and systematic actions necessary

to provide adequate confidence that a product, process, or service will satisfy given quality requirements. Quality Characteristic – Essential characteristics of a product, process or system

derived from a requirement. Quality Control – The operational techniques and activities that are used to fulfil

requirements for quality.

Glossary of terms

630

Quality Loop – Conceptual model of interacting activities that influence the

quality of a product or service in the various stages ranging from the identification of needs to the assessment of whether these needs have been satisfied. Quality Management – That aspect of the overall management function that

determines and implements the quality policy. Quality Management System – System to establish a quality policy and quality

objectives. Quality Management System Review – A formal evaluation by Top Management

of the status and adequacy of the Quality Management System in relation to quality policy and new objectives resulting from changing circumstances. Quality Manager – A person who is nominated by Top Management to be

responsible for the organisation’s Quality Management System (also sometimes referred to as the Chief Inspector). Quality Manual – Document specifying the quality management system of an

organisation and setting out the quality policies, systems and practices of an organisation. Quality Plan – Document specifying the quality management system elements and

the resources to be applied in a specific case. Quality Policy – The overall quality intentions and direction of an organisation

as regards quality, as formally expressed by top management. Quality Procedure – A description of the method by which quality system activities

are managed. Quality Process – A system which uses resources to transform inputs into outputs. Quality System – The organisational structure, responsibilities, procedures,

processes and resources for implementing quality management. Requirement – Need or expectation that is stated, customarily implied or

obligatory. Review – Activity undertaken to ensure the suitability, adequacy, effectiveness and

efficiency of the subject matter to achieve established objectives. Service – Is the result of a process that includes at least one activity that is carried

out at the interface between the supplier (provider) and the customer. For example, a service: •



an activity performed on a customer-supplied tangible product (e.g. the repair of a car) or intangible product such as the preparation of a tax return, the delivery of a tangible product (e.g. in the transportation industry);

Glossary of terms



631

the delivery of an intangible product (e.g. the delivery of knowledge ) or the creation of ambience for the customer (e.g. in the hospitality industry).

Shall – This auxiliary verb indicates that a certain course of action is mandatory. Should – This auxiliary verb indicates that a certain course of action is preferred

but not necessarily required. Supplier – The organisation that provides a product to the customer.

In a contractual situation, the supplier may be called the contractor. The supplier may be, for example, the producer, distributor, importer, assembler or service organisation. The supplier may be either external or internal to the organisation. Top Management – Person or group of people who direct and control an

organisation at the highest level. Work Instruction – A description of how a specific task is carried out.

This page has been left blank intentionally

Books by the author

ISO 9001:2015 for Small Businesses (sixth edition) – this book The new edition of this top-selling Quality Management book now includes: • •





Relevant examples that put the concepts and requirements of the standard into a real-life context. Down-to-earth explanations to help you determine what you need to work in compliance with and/or achieve certification to ISO 9001:2015. An example of a complete, generic Quality Management System consisting of a Quality Manual plus a whole host of Quality Processes, Quality Procedures and Work Instructions. Access to a free, software copy of this generic QMS file (available from the Publisher) to give you a starting point from which to develop your own documentation.

Routledge ISBN: 978-1-138-02583-7

ISO 9001:2015 Audit Procedures (fourth edition) Fully revised, updated and expanded, this fourth edition provides access to methods for auditing an organisation’s Quality Management System against the requirements of ISO 9001:2015. Although primarily aimed at showing how auditors from small businesses can complete management reviews and internal, external and third party quality audits, this book will prove invaluable to professional auditors. Containing an overview of the changes made to the 2015 edition of ISO 9001 and how these will affect the way in which audits will need to be completed in future, the book also includes access to free copies of checklists, explanations and

634

Books by the author

questionnaires (available from the author) that can be used for internal, external and/or third party audits of an organisation’s Quality Management System. Routledge ISBN: 978-1-138-02589-9

ISO 9001:2015 in Brief (fourth edition) Now in its fourth edition, this book is particularly aimed at students, newcomers to Quality Management Systems and the busy executive, with the overall intention of providing them with a user-friendly, very simplified explanation of the history, the requirements and the benefits of the new standard. Using this book as background material will also enable organisations (large or small) to quickly set up an ISO 9001: 2015-compliant Quality Management System for themselves – at minimal expense. Routledge ISBN: 978-1-138-02586-8

How to Convert from ISO 9001:2008 to ISO 9001:2015 The publication of ISO 9001:2015 in September 2015 signalled the start of a three-year transition period during which those organisations wishing to move to the new version of the standard were required to make changes to their existing Quality Management Systems. ‘How to Convert from ISO 9001:2008 to ISO 9001:2015’ provides step-by-step advice to help you through the transition and realise the benefits of ISO 9001:2015. It maps out a framework which guides you through the options and alternatives, ensuring that you have the knowledge and information you require to seamlessly make the necessary transition. Herne European Consultancy Ltd ISBN: 978-0-992-75850-9

Quality Management System for ISO 9001:2015 (fourth edition) The Quality Management System contained in this e-Book is probably the most complete ISO 9001:2015 compliant example of a generic Quality Management System (QMS)

Books by the author

635

that can, with very little trouble, be suitably customised to suit all types of organisations – no matter whether they are manufacturers, suppliers or end users. Consisting of a Quality Manual (supported by the four main Quality Processes, 31 Quality Procedures and 16 Work Instructions) this QMS covers every element of the standard and is guaranteed to meet (and sometimes exceed) the requirements of ISO 9001:2015. This is an excellent resource for any small or medium-sized business looking to work towards ISO certification, without having the expense of a consultant doing the work for you. Herne European Consultancy Ltd ISBN: 978-0-992-75851-6

Auditing Quality Management Systems (fourth edition) Auditing Quality Management Systems is the result of more than four decades’ experience as auditors of all major international standards used by Integrated Management Systems. It is a comprehensive e-Book containing a series of audit checksheets and forms that are required to conduct either a simple internal audit or an external assessment of an organisation against the formal requirements of ISO 9001:2015. Note: also includes ‘Background notes for auditors’. Herne European Consultancy Ltd ISBN: 978-0-992-75852-3

MDD Compliance using Quality Management Techniques The Medical Device Directive (MDD) is difficult to understand and interpret, but this book covers the subject superlatively. In summary, the book is a good reference for understanding the MDD’s requirements and would aid companies of all sizes in adding these requirements to an existing QMS. Butterworth Heinemann ISBN: 978-0-750-64441-9

636

Books by the author

Building Regulations in Brief (eighth edition) This eighth edition of the most popular and trusted guide to the building regulations is the most comprehensive revision yet. It reflects all the latest amendments to Building Regulations, Planning Permission and the Approved Documents A,B,C, H, K, P, Regulation 7, incorporating all amendments up to December 2013 (including the changes to Leaflets L1A and L2A regarding the conservation of heat and energy in new buildings which came into effect April 2014). This new edition also contains details of the new national planning guidance system and initiatives to speed up the planning process, such as the new online planning application process. It contains an updated list of fees for planning consents and provides guidance on the changes to permitted development rights in Agricultural, Business and Residential buildings which came into force on 1 October 2013. Giving practical information throughout on how to work with (and within) the regulations, this book enables compliance in the simplest and most cost-effective manner possible. The no-nonsense approach of Building Regulations in Brief cuts through the confusion and explains the meaning of the regulations; consequently it has become a favourite for anyone involved in the building industry, as well as those planning to have work carried out in their home. Routledge ISBN: 978-0-415-72171-4

Wiring Regulations in Brief (third edition) Tired of trawling through the Wiring Regs? Perplexed by Part P? Confused by cables, conductors and circuits? Then look no further! This handy guide provides an onthe-job reference source for electricians, designers, service engineers, inspectors, builders, students and DIY enthusiasts. Topic-based chapters link areas of working practice – such as cables, installations, testing and inspection, special locations – with the specifics of the regulations themselves. This allows quick and easy identification of the official requirements relating to the situation in front of you. The requirements of the regulations, and of related standards, are presented in an informal, easy-to-read style that strips away confusion. Packed with useful hints and tips, and highlighting the most important or mandatory requirements, this book is a concise reference on all aspects of the 17th edition of IEE Wiring Regulations and Part P of the Building Regulations. Spon Press ISBN: 978-0-415-52687-6

Books by the author

637

Water Regulations in Brief Water Regulations in Brief is a unique reference book, providing all the information needed to comply with the regulations in an easy-to-use, full-colour format. Crucially, unlike other titles on this subject, this book doesn’t just cover the Water Regulations, it also clearly shows how they link in with the Building Regulations, Water Bylaws and Wiring Regulations, providing the only available complete reference to the requirements for water fittings and water systems. Structured in the same logical, time-saving way as the author’s other bestselling ‘. . . in Brief’ books, Water Regulations in Brief will be a welcome change to anyone tired of wading (sorry!) through complex, jargon-heavy publications in search of the information they need to get the job done. Butterworth Heinemann ISBN: 978-1-856-17628-6

Scottish Building Standards in Brief Scottish Building Standards in Brief takes the highly successful formula of Ray Tricker’s previous ‘. . . in Brief’ series and applies it to the requirements of the Building (Scotland) Regulations 2004. With the same no-nonsense and simple-to-follow guidance – but written specifically for the Scottish Building Standards – it’s the ideal book for builders, architects, designers and DIY enthusiasts working in Scotland. Routledge ISBN: 978-0-750-68558-0

Quality and Standards in Electronics A manufacturer or supplier of electronic equipment or components needs to know the precise requirements for component certification and quality conformance to meet the demands of the customer. This book ensures that the professional is aware of all the UK, European and international necessities, knows the current status of these regulations and standards, and where to obtain them. Newnes ISBN: 978-0-750-62531-9

638

Books by the author

Environmental Requirements for Electromechanical and Electronic Equipment This is the definitive reference containing all of the background guidance, typical ranges, details of recommended test specifications, case studies and regulations covering the environmental requirements for designers and manufacturers of electrical and electromechanical equipment worldwide. Newnes ISBN: 978-0-750-63902-6

CE Conformity Marking CE Conformity Marking can be regarded as a product’s trade passport for Europe. It is a mandatory European marking for certain product groups to indicate conformity with the essential health and safety requirements set out in the European Directive. This book contains essential information for any manufacturer or distributor wishing to trade in the European Union. Practical and easy to understand. Butterworth Heinemann ISBN: 978-0-750-64813-4

And for those who would like to relax with some cooking recipes – based on cider and apples!

The Cyder Book A unique combination of an historical overview of cider making through the ages, the cider-making process and a collection of recipes using cider and cider apples. Herne European Consultancy, Ltd ISBN: 978-0-954-86476-7

Index

Abbreviations used [in index]: QMS = Quality Management Systems; WI = Work Instruction abbreviations and acronyms [listed] 621–3; worked example 301 absence due to sickness [worked example] 515 acceptance stage: quality during 16–17 accidents [worked example] 506 accreditation 89, 607 accreditation services 89, 607, 609, 611, 614 adherence to standards: worked example 269 aerospace standards 66 Allied Quality Assurance Publications (AQAPs) xvii, 29 American Customer Satisfaction Index (ACSI) 454 American National Standards Institute (ANSI) 27 analysis and evaluation 221–3 Annex SL 45–6; audits 46; context of organization 47–8; core cases 47; improvement 51; leadership 49; normative references 47; operation 50; performance evaluation 50; planning 49; revisions 51–2; scope 47; structure of 47–51; support 49–50; terms and definitions 47; ANSI 90 series of standards 32 approval, worked example 381 approval procedures: WIs 555–7; worked example 426–7 approved documents, worked example 400, 406

approved suppliers and subcontractors list 198 archiving: e-mails 572; quality documented records 410–11 AS/EN/JISQ 9100:2009 66 asset inventory 494 auditing management systems standard 66 audits 46, 84–6; health and safety [worked example] 514; purpose of 84, 460–1; types 84–5, 596; see also external audit; internal quality audit automotive industry standard 66 awareness 43, 172; worked example 541–5 bonded store 236 British Standards Institution (BSI) xii, 10, 27 BS 5750 series of standards xii, 32, 36, 37 BS 76000:2015 68 BS EN 12074:2000 71 BS ISO 18091 68 budget forecast: committed costs compared with 493; worked example 303–4, 491, 492–3 calibration: measuring and monitoring equipment 168–70 CD-ROM distribution example 566–9 certification 87–9; and accreditation 89, 607; advantages and benefits 607, 608; companies that carry out 87; compared with compliance 88; costs involved xix–xx, 22–3, 615; European data

640 616–7, 618–9; meaning of term 88, 607; post-certification actions 615; reasons to obtain 87, 607; and registration 88, 607; requirements for 88, 609; route to 608–10; time to become 612; see also registration certification audits 86 change control: form 471–2; impact assessment 469–70, 472; operations 212; procedure 468–9; worked example 467–72 Chartered Management Institute (CMI) 17 Chartered Quality Institute (CQI) 1–2 civilian standards 31 client’s premises [worked example] 511–12 commitment 149–52 communication 173; customer communications 181–2, 312; internal 134; worked example 304–5 company management system: worked example 262–5 company profile example 258–9 Company Status Report 527–8 competence 43, 79, 171; and awareness 43; worked example 302 compliance 1, 88, 606; compared with certification 88; worked example 381 compliance audits 86 components/parts/materials: and design office 191 Computer Aided Design (CAD) 15, 192 Computer Assisted Telephone Interviewing (CATI) 446 computer software see software concession scheme 235 concessions 235, 537–8 confidentiality 281 configuration management 207 conformity assessment 596–7 consultants: contracts with 494; invoices 494–5; training of 545; worked example 355 consumable items: checking of 202 context of organization 75–6, 143–8; cross-check list 292 continual improvement 3, 96–7, 236–7, 274; definition 532; worked example 350–1

Index

contract documents 178, 183–4; signature 149; worked example 396, 494 contract review 131 control of externally provided processes, products and services 198–200; control 200–204; information for external providers 204–5 controlled document information 241, 308, 391–416 copyright 401 core business process (CP) 105–8, 123, 126; worked example 276, 277, 377, 378–9 corporate policy statement 125 Corporation of Open Systems (COS) 33 corrective action 225, 231–6; bonded store 236; compared with preventive action 194; defect reports 235–6; definition 532; and internal audit 466; for nonconforming items 231–6, 348; permanent changes resulting from 187; QMS review 432; worked example 466, 591 cost considerations example 259 crop production standard 66–7 cross-check lists [worked example] 356–62 customer awareness and training 541–5; requirements 542; see also training customer communications 181–2; documented procedure 601; worked example 312 customer complaints handling 456 customer feedback example 434–8; customer interface 437; flowchart 436; form 438; initial review 435; initiation and assessment 435; local action 435, 437; nonconformity analysis 437; quality records 438 customer focus 3, 56, 151–2; worked example 274, 277–8 customer property 208–9; worked example 332 customer requirements 190 customer satisfaction, monitoring of 219–21, 341, 439–57; areas suitable for analysis 453–4; data analysis 454, 456; qualitative research 440–3; quantitative surveys 440, 444–50; questionnaires

Index

450–2; requirement 439–40; sample profile 453; worked example 278–9, 383, 439–57 customer-supplied product 133, 208, 536 dangerous goods packaging standard 69 data analysis 221–2; customer satisfaction 454–6; records 222; statistical analysis 222 data control 132 data quality management standard 67 decision making 3, 58 deep-vein thrombosis [worked example] 513 defect reports 235–6 Defence Standard (DEF STAN) series xvii, 29 deliverable 531 delivery of product 210–11 Deming, William Edwards 101, 270 depth interviews 443 design and development 185–98; changes 197–8, 323–4; definition 139; inputs 188–92, 318–9; outputs 195–7; planning 186–8, 317; products and services [worked example] 316–24; review 193, 319–20; validation 195, 207, 321–2; verification 194–5, 206, 320–1; worked example 316–24 design control 132; changes 489; input 488–9; output 489; Quality Procedure for 487–9; verification of documents 489 design criteria 188 design office: functions and responsibilities 15, 187, 191, 196–7 design process control 193 design process review 193 design stage: quality during 14–16 development see design and development document: definition [worked example] 393 document changes 178; worked example 395, 416 document control 178; approved documents 400, 406; contracts produced 396; controlled documents 399; copyright 401; document

641 administration number 393, 394; document reference number 393–4; documented procedure for 175, 284, 393, 601; documents received 396–7; draft documents 400; e-mails 396, 397; faxes 396; file numbering system 393–5, 396–7; file storage on server 397–8; filing 398, 405–6; hierarchy of processes 403; letters produced 395–6; minutes produced 396; old and obsolete documents 398; press notices 401; in Quality Plan 132; Quality Procedure for 391–416; self-assessment of 602, 604; software for 401, 402, 604; version numbering 395; worked example 274–5, 391–416 document distribution 178, 400, 401 documentation: contract documents 178; of processes 111, 125–6; purchasing 200, 201; QMS 88, 122–3, 273, 377, 389, 554–5; support documentation 173–8; value of 121; worked example 273, 377, 389, 554–5 documentation requirements 609; selfassessment 597, 599–604 documented information 69, 76, 81, 96, 127, 135–7, 146, 151, 153, 173–8, 175, 176, 191, 210, 223, 227; archiving of 346–7; backup copies 345; collection, indexing and access 343–4; control of 122–3, 238–9, 338–48; controlled 241, 308, 391–416; disposal of 347–8; maintenance of 344–5; master list 342–3; recommended additional procedures 490; retention of 136; storage of 136; use of term 135, 240, 340; worked example 241, 280, 305–9, 539–40 educational organisations standard 67 e-mail surveys 444, 445 e-mails 396, 397; control procedure example 570–2 EN 29000:1987 33, 36, 37 EN 50126-1 302 energy management systems standard 67 environmental management standards 62

642 equipment [worked example] 508 Europe: accreditation bodies in 614; ISO 9001 certified companies in 616–7, 618–9; producers of national standards in 27, 28 European Union (EU) 26, 29 evaluation of QMS 227 expense sheet 560, 561; example 562 explosive atmospheres standard 67 external audit 86, 227, 591–5; selfassessment example, checklists of auditors’ questions 598; supplier evaluation 591–5 external providers 204–5 face-to-face surveys 446–7, 449 faxes 396 filing 397–8, 405–6; file numbering system 393–5, 396–7; file reference code 394–5, 414–5; file storage on server 397–8; of invoices 495 final inspection and testing 195; product 214 financial authority: delegation of 492, 496 financial considerations: of quality management 225 financial management: worked example 492–3 fire safety [worked example] 514 first aid facilities [worked example] 506 first-party audits 86, 225; see also internal quality audit flowchart(s) 420; approval procedure 427; budget and finance 491; customer feedback 436; document quality procedure 424; generic software process 522; QMS review 430; quality document production 419; supporting processes 109, 110, 112; Work Instruction 421 FOCUS committee 33 focus groups 441–3 food safety management systems standard 67–8 free issue products 208 gap analysis [worked example] 546–9 general specification 8–9

Index

good manufacturing practice standard 68 goods inwards 202 graphics software 401 headed paper 399 health and safety: definitions 502; process 502–3; requirements 191; responsibilities 499–502; scope 499; worked example 497–519; workplace procedures 504–15; workstation setup 516–19 health care standards 68 health records: disposal of 412 hierarchy of processes 403 hotel arrangements example 558 house-to-house surveys 446–9 human resources 140–2, 164–5; standard 68 improvement 83, 230–7; Annex SL 51; continual 3, 58, 83, 96–7, 236–7, 350–1; corrective action 83, 231–6, 348, 350; cross-check list 362; nonconformity 83, 231–6, 348, 350; worked example 348–51 income and expenditure: administration of 493 information security management systems standard 68 information technology standard 68 infrastructure 165–6; worked example 298–9 in-inspection 202 in-process inspections 195 in-service stage: quality during 17–18 inspection: equipment 134; final inspection 195, 212; in-process inspection 195; product 195, 212; of purchased products 202–4; status 197 internal auditors 460 internal quality audit 82, 84, 223–5; agenda 463; audit categories 85, 86; audit execution 464–5, 567; audit frequency 463; audit preparation and organisation 464, 585–6; audit report 465, 589, 591; audit schedule 463, 584; audit team 463; corrective action(s) 224–5, 466; documented procedure for 223–4, 343,

Index

601–2; follow-up actions 225, 466; meeting minutes 465; performance evaluation [worked example] 342–4; purpose of 84, 460–1, 580; Quality Procedure for 458–66; sectional quality audits 461; self-assessment 580–91; worked example 458–66 International Electrotechnical Commission (IEC) 30 International Organization for Standardization (ISO) 30, 34–5; membership 34, 35; see also specific ISO standards International Telecommunications Union (ITU) Committees 29 invoices 494–5; filing of 495; subcontractors’ 494–5, 565 ISO 1538:2011 68 ISO 9000 series 25; Annex SL 45–52; background to 35–42; changes 43–4; compared with ISO 14000 series 63; core cases 47; future evolution of 90; history 44; standards that make up 52–5 ISO 9000:1987 33, 36, 37 ISO 9000:1994 xvii, 36, 38 ISO 9000:2005 104 ISO 9001:1994 39 ISO 9001:2000 38–40 ISO 9001:2008 41; ISO 9001:2015 vs. 366–72; mandatory requirements 601 ISO 9001:2015 41–2; advantages and benefits 241, 607, 608; Annex SL 45–52; applicability of clauses 239–40; auditing 84–6; background to xvi–xviii; basic process 71–4; certification/registration 71–3, 606–7, 608–9, 611–12; changes 43; clauses 141; compatibility with other management systems 60–3; competition and awareness 43; context of organization 75–6, 143–8; crosscheck list [worked example] 356–62; customer focus 56; documented procedures 127; engagement of people 57; evidence based decision making 58; future revisions 40; impact of changes 59–60; improvement 58, 83, 230–8; industry standards based on 63–71;

643 introduction 74; ISO 9001:2008 vs. 140, 366–72; leadership 43, 56–7, 76–7, 148–56; managing risk 43; monitoring, measurement, analysis and evaluation 218–23; normative reference(s) 75, 142; operations 80–1, 179–217; performance evaluation 82, 217–29; performance measurement 43; planning 77–8, 156–62; prescriptive requirements 43; process approach 57; quality 42; quality management principles in 55–9; Quality Management Systems 53, 54–5, 145–8; relationship management 58–9; requirements 54–5, 84; scope 75, 141–2; structure 74–83, 139–238; support 78–80; terms and definitions 75, 142 ISO 9001 standard: history 44 ISO 9002:1994 39 ISO 9003:1994 39 ISO 9004:2005 53–4 ISO 9004:2009 40, 53–4, 365 ISO 10001/10002/10003 456 ISO 10005:2005 70 ISO 10006:2003 70 ISO 10012:2003 69 ISO 10019:2005 70 ISO 13485:2012 47, 61, 69 ISO 14000 series of standards 62; compared with ISO 9000 series 63 ISO 14001 41, 51, 62, 63, 73, 302 ISO 14004 62 ISO 15378:2011 68 ISO 16106:2006 69 ISO 16192:2010 70 ISO 17582:2014 67 ISO 18091:2014 67 ISO 19011:2011 66, 86–7, 365 ISO 19796-1:2005 68 ISO 20121 51 ISO 22000:2005 51, 67–8 ISO 22006:2009 66–7 ISO 22301 52 ISO 27001:2013 52, 68 ISO 28000:2007 52, 71 ISO 30000:2009 52, 70 ISO 30301 52 ISO 39001 52 ISO 45001 52

644 ISO 50001:2011 52, 67 ISO 55001 52 ISO/IEC 17025:2005 71 ISO/IEC 20000-1 51 ISO/IEC 27001:2005 68 ISO/IEC 80079–34:2011 67 ISO/IEC 90003:2014 66, 70 ISO/TR 10013 600 ISO/TR 90005:2008 71 ISO/TS 8000-150:2011 67 ISO/TS 16949:2009 66 ISO/TS 21003–7:2008 69 ISO/TS 29001:2001 69 IWA 1:2005 68 leadership 3, 43, 49, 56–7, 76–7, 131, 148–9, 274; and commitment 286–8; cross-check list [worked example] 356–7, 361–2; customer focus 151–2, 287–8; external auditors’ questions 526–9; management commitment 286–7; organisational roles, responsibilities and authorities 155–6, 289–91; planning 242–4; policy 148, 152–5, 288–9; worked example 286–91 letters: document control 395–6 Local Area Network (LAN) standardisation 33 local government QMS standard 68 logo, ISO 613 mail-in sheet 393, 413 mail-out sheet 393, 413 management audits 84 management commitment 149–51 management representative 89, 290–1; worked example 290–1 management requirements: selfassessment checklist for 597–8 management review 82, 226–7; evaluation and auditing 227; input 228–9; minutes template [worked example] 574–5; output 229; performance evaluation [worked example] 344–7 Management Review Board meetings 526 Managing Director; responsibilities 261, 291, 297, 302, 313, 314, 352, 378, 382, 467, 469, 525, 542; worked example 352 manufacturing stage: quality during 16

Index

marine technology standard 70 market demand 190 market readiness 191 market research 440 marketing implications: of design and development 190 material control and traceability 233 measurement, analysis and evaluation 341–2; control of nonconforming product 214–15, 337–8; customer satisfaction 341; performance evaluation [worked example] 339–42; see also monitoring, measurement, analysis and evaluation measurement management system: standard 69 measuring and testing equipment 134 medical devices QMS standard 61, 69 meetings and reports: agenda 526–7; Company Status Report 527–8; discussion documents 526; guidelines 527; Management Review Board meetings 526; minutes 465, 526, 527; Section Managers’ meetings 526; worked example 524–8 military specifications (mil specs) xvii Military Standards (Mil-Stds) 29, 31 minutes 327, 444; internal audits 355, 356 mission statement example 257 monitoring, measurement, analysis and evaluation 218–19, 221–3, 341–2; of customer satisfaction 219–20, 341; performance evaluation [worked example] 339–42; resources 169–70 monitoring and measuring equipment: calibration of 134, 168–70; control of 66, 168; software 168; storage 168 multilayer piping systems standard 69 mystery shopping 449–50 National Certification Bodies 611, 612, 613 National Standards Organisations 9–10, 27–8 NATO Allied Quality Assurance Publications (AQAPs) xvii, 29 natural gas industry standard 69 non-compliance: purchased products 204

Index

nonconforming outputs 134, 207, 214–17; bonded store 236; concessions and approval 235; control of 214–15, 231–2, 337–8; dealing with 534–9; defects and defect reports 235–6; definition 367, 532, 533; documented information 539–40; documented procedure for control of 185, 531; identification of 535; improvement [worked example] 348, 350; material control and traceability 233; permanent changes 234; post-delivery/use detection 538; Quality Plan 134; Quality Procedure for 530–40; reinspection after correction 538; rework 537; supplier responsibility 233–4; worked example 530–40 nonconforming service 134, 367 normative reference(s) 47, 75, 142 North America: producers of national standards in 27, 28, 29 Occupational Health & Safety Management Systems 61 OHSAS 18000 series 61–2 OHSAS 18001 52, 61–2, 365 OHSAS 18002 62 on-street surveys 446–9 Open Systems Interconnection (OSI) 33 operations 50, 80–1, 179; control of externally provided processes, products and services 198–205, 324–9; control of nonconforming outputs 214–17, 337–8; cross-check list 359–61; design and development of products and services 185–98, 316–24; operational planning and control 179–81, 310–11; production and service provision 205–12, 329–36; release of products and services 212–14, 336–7; requirements for products and services 181–5, 312–16; working example 309–38 organisation, definition xxii organisational chart example 260, 353 organisational culture 5 organisational goals: example 263, 265, 271–2 organisational knowledge 170–1

645 organisational roles, responsibilities and authorities 155–6 overall performance specification 9 overseas visits [worked example] 512–13 part numbers/labels 209 people: engagement of 5, 57, 274 performance evaluation 50, 82, 217; internal audit 223–5, 342–4; management review 226–9, 344–7; monitoring, measurement, analysis and evaluation 218–23, 339–42; worked example 338–47 performance measurement 43 personal health and safety [worked example] 514–15 petrochemicals industry standard 69 petroleum industry standard 69 piping systems standard 69 Plan-Do-Check-Act (PDCA) cycle 101; worked example 270 planning 77, 156–62; Annex SL 49; business processes 103–6; changes 78; cross-check list 357; design and development planning 186–8, 317; process planning 180–1; QMS planning 294–5; quality objectives 78, 294–5; risks and opportunities 77, 292–3; training requirements 544; worked example 292–6 policy statement example 256 postal surveys 444–5 post-delivery activities 211 prescriptive requirements 43 press notices 401 preventive action 43; compared with corrective action 532 prime contractor 199, 201; responsibility for quality inspection 202–3 procedural audits 84 procedure: meaning of term 103 procedures audit 587 procedures manual [design office] 15 process approach [to quality management] 5, 57, 72, 95–103, 274 process audits 84 process control 133 process control and instructions 190 process mapping software 401, 604

646 processes 88, 96–7, 103, 125–6; business processes, planning of 103–6; core business process (CP) 105–6, 123, 126, 276, 277, 377–9; cross-check list [worked example] 356–62; documentation of 111, 125–6; examples in small business 98; flow chart(s) 97, 99; identification of 180; listed [worked example] 378; policy 288–9; primary supporting processes 110, 123, 126; Quality Processes 276; secondary supporting processes 111, 112, 123, 126; supporting processes (SPs) 108–11, 123, 126, 276, 377, 380–3; worked example 276–7, 373–83 product: delivery of 210–11; determinants and measurements of quality 120, 121, 267; identification and traceability 133, 207, 331–2; nonconforming product 134, 231–2; preservation of 209–11; protection of 209–10; release of [worked example] 336–7; storage of 210 product audits 84 product life cycle 13, 14; acceptance stage 16–17; design stage 14–16; in-service stage 17–18; manufacturing stage 16; quality assurance in 13–18 product realisation: external auditors’ questions 530–7 product testing 214 production and service provision 205–12; control of 205–7; control of changes 212; and customer property 208; identification and traceability 133, 207; operation [worked example] 329–36; post-delivery activities 211; preservation 209–11; purchaser supplied product 208; validation of processes 207; worked example 329–36 production control 214 production stage: quality during 16 purchaser: costs of quality failure 21–2; responsibilities 11–13 purchaser-supplied product(s) 208 purchasing 108; delegation of financial and contractual authority 496; documented procedure 128, 491; financial

Index

management 492–3; invoices 494–5; Quality Procedure for 490–5; resource management 494; responsibilities 490; scope 490; worked example 490–5; see also control of externally provided products and services quality: control 203–4; definitions 2–3, 25, 26; determinants and measurements of 120, 121; importance of 2–3; integration of business and quality 100 Quality Assurance (QA) 4, 6–7; benefits and costs 19–20; costs of quality failure 21–2; definition 6; during product life cycle 13–18; worked example 257–62 Quality Control (QC) 4, 5; definition 5 quality document production example 417–25; amendments 423; cancellation 423; document quality procedure 424, 427; drafting 420; flowchart 420; headings 420; initiation of document 418, 420; issue authority 422; Quality Procedures 421; quality records 423; review 421–2; text requirements 420; Work Instructions 421 quality documented information 602; approved documents 406; archiving of 410–11; backup copies 409; collection, indexing and access 408; control of 404–12; disposal of 411–12; health and safety [worked example] 514; maintenance of 409; management of 405–6; master list 407; meaning of term 405; new 406–7; retention of 410; storage of 408; third-party documentation 408; training 545; versus WIs 127–8; worked example 404–12 quality documented information control: documented procedure for 601–2; Quality Procedure for 404–12 quality loop 117–19; worked example 264 quality management principles 3, 5, 55–9; continual improvement 3, 58, 96–7, 274; customer focus 3, 56, 274; evidence based decision making 3, 58, 274; improvement 274; leadership 3, 56–7, 274; people engagement 5, 57,

Index

274; process approach 3, 57, 72–3, 95–103, 274; relationship management 58–9, 274; system approach 5; worked example 273–4 Quality Management System (QMS): additional information, procedures and support 127, 241; approach 121–2; consultants standard 70, 122–3; document withdrawal notice [worked example] 573; documentation 273, 377, 389, 554–5, 557; documentation requirements 122–3, 273; documented information 135–7; and financial considerations 225; fundamentals and vocabulary 53; general requirements 282–3; ISO standards 52–5; management responsibilities 102–3; principles 117–21; processes 76, 95–9, 123, 125–6, 147–8; projects standard 70; purpose [worked example] 265, 269–70; Quality Plan 104–10; Quality Policy 128–35; Quality Procedures 123, 126–7; requirements 54–5, 115–17, 265, 282–3; revision history [worked example] 249, 375, 387, 553; scope 145–6; structure 122–3, 224; Work Instructions 123, 127–8, 551–72; worked example 247–57 Quality Management System review 271; actions 432; agenda 431–2; meetings of Review Board 429, 431–2; minutes 433; Review Board members 431; worked example 428–33 Quality Manager 89; worked example 261, 271, 281, 283, 291, 352, 354, 404, 418, 429, 434, 459, 488, 525, 531, 543 Quality Manual 88, 146, 177; administration 281; component inputs 275; confidentiality 281; context of organisation 281–5; cross-check list [worked example] 356–62; document control of 274–5; documentation requirements 600; as overview of QMS 196, 276; worked example 247–372 quality objectives 160–2 Quality Plan 128–35; contract review 131; customer-supplied product 133; definition 128; design control 131–2;

647 document and data control 132; inspection and testing 134; management responsibility 131; nonconforming service/product 134; process control 133; product identification and traceability 133; project-specific 280; purchasing 133; standard for 70; worked example 232, 255 quality policy 123, 124, 152–5; corporate policy statement 125; as overview of QMS 124; worked example 260, 265–80 Quality Procedures (QPs) 123, 124, 126–7; cross-check list [worked example] 356–62; generation and control of 279, 417–25; listed [worked example] 363, 390; worked example 278–9, 385–549 quality processes: cross-check list [worked example] 356–62; worked example 373–83; see also processes quality system: assessments 86; audits 84–5; responsibility [worked example] 261 quality training 545 quarantine area 532, 536–7 questionnaire writing 450–2; open/closed questions 451; rating scales 452; routing 451–2 registration: and certification 88, 607; costs involved xix–xx, 22–3, 615; meaning of term 607; requirements for 88, 609; route to 608–10, 612; see also certification release of products and services 212–14 reliability data 222 reliability measures 17 resource management 494 resources 163–71 responsibilities: Design Office’s 15, 196–7; Quality Manager’s 261, 271, 281, 291 Review Board [QMS Review Board]: actions 432; agenda 431–2; meetings 429, 431; members 431; records 433 risk 43, 157–60, 193, 292–3 risk management: approach 476–7; definitions and abbreviations 475, 484–6; forms and templates 480–3;

648 plan 483; process, actions and responsibilities 477–80; responsibilities 473–4; scope 473; worked example 473–86, 507–8 safety equipment [worked example] 509–10 secondary audit 596 second-party audits 85–6, 225; see also external audit; vendor audit self-assessment 579–604; checklists 597–8; documentation requirements 597, 599–604; external audit 591–5; internal audit 225, 580–91; management requirements 597–8; surveillance audit 595–7; typical auditors’ questions 598 self-certification 88 service: determinants and measurements of quality 120, 121, 265; release of [worked example] 336–7 service audits 84 service provision: see production and service provision servicing 184 Shewart, Dr Walter 101 ship recycling standard 70 small and medium-sized enterprises (SMEs): definition xviii–xix small businesses: advantages xix; certification/registration of 87–9; definition xviii–xix; management commitment 150; problems faced by xix smoking [worked example] 515 software: document control 401, 402, 604; engineering standard 70; measuring and monitoring equipment 168; quality plan [worked example] 520–3; spreadsheet and graphics 401; standard for 66; word processing 401 space systems standard 70 special processes: control system for 190 specifications 7–13; purchaser’s responsibilities 11–13; significance 8; supplier’s responsibilities 10–11; tolerance specifications 191; types 8–10 spreadsheet software 401

Index

staff: design and development staff 189–90; training of 172, 251–2, 541–4, 545 standard specification 9–10 standards: civilian and military 29, 30; international 27–32; quality-specific, growth of 32–3 standards audit 587 statistical analysis 222 stock rotation 210 storage: of documented information 136, 222–3; of product(s) 168 Stores Section Chief [worked example]: responsibilities 532 subcontractors 165, 201; approved subcontractors list 198; contracts with 494; invoice examples 494–5, 565; responsibilities 234, 355; training of 545; worked example 355, 382 supplier 164, 200–201; costs of quality failure 21–2; mutually beneficial relationships 5, 226; responsibilities 10–11, 233–4; worked example 382, 383 supplier evaluation 591–5; evaluation team 592; pre-evaluation meeting 592; Quality Manual study 593; unacceptable system control 594–5; weak system control 594 supply chain: management standard 71 support 49–50, 78–80; awareness 172, 303–4; communication 173; competence 171; cross-check list 357–8; documented information 173–8, 305–9; resources 163–71, 297–302; training 302–3; worked example 296–309 supporting processes (SPs) 108–9, 123, 126; worked example 276, 377, 380–3 surveillance/quality audit visit 595–7; conformity assessment 595–6; multiple evaluations and audits 596; secondary audit 596; third-party evaluation 596 sustainable development: of ISO 9001 42 system approach to management 5, 47 system audits 84 systems engineering standard 71 telecommunications industry standard 71 telephone surveys 444, 445–6

Index

terminology 47, 53 terms and definitions 75, 142 test status 197 testing 134; final testing 195; in-process testing 195; product 195, 214; of purchased products 202–3 testing and calibration laboratories: standards for 71 testing equipment 134 third-party audits 70, 136, 181 third-party evaluation 596 time and expense report example 561, 563 time sheet example 560, 562 TL 9000 71 tolerance specifications 191 Total Quality Management (TQM) 266 training 172; courses 545; history template 576–7; identification of training needs 543; new personnel 544; plan 172; planning of 544; quality 545; records 545; review 544; subcontractors and consultants 545; worked example 302–3, 541–5 travel arrangements example 558–9 United Kingdom Accreditation Service (UKAS) 89, 607, 609, 613, 614

649 validation: design and development 197, 206–7, 320–2; production and service provision processes 206, 207 vehicles [worked example] 510 vendor audit 86 vendor rating 595 verification: design and development 206–7, 320; design control 489 visitors, arrangements for [worked example] 506 visual display equipment and computers [worked example] 504–5 welding consumables: standard for 71 word processing software 401 work environment 166–7; safety [worked example] 507; worked example 299–300 Work Instructions (WIs) 88, 123, 124; approval procedure for 556–7; flowcharts 420; generation and control of 231, 417–25; travel and hotel arrangements [worked example] 558–9; versus records 127–8; worked example 279–80, 551–72 workshop standard 169, 170 workstation setup [worked example] 516–19

Taylor & Francis eBooks Helping you to choose the right eBooks for your Library Add Routledge titles to your library's digital collection today. Taylor and Francis ebooks contains over 50,000 titles in the Humanities, Social Sciences, Behavioural Sciences, Built Environment and Law. Choose from a range of subject packages or create your own! Benefits for you

Beneflh for your user

» Free MARC records

» Off·site, anytime access via Athens

» COUNTER·compliant usage statistics » Flexible purchase and pricing options » All titles DRM·free.

» Print or copy pages or chapters

Media & Communication Media & Communication

Media & Communication Media & Communication

Free Trials Available We offer free trial' to qualifying

academic, corporate and

or referring URL

» Full content search » Bookmark, highlight and annotate text » Access to thousands of pages of quality resea rch at the click of a button.

govemment customer.;.

eColiections - Choose from over 30 subject eCol lections, including: Archaeology

language learning

Architecture

Law

Asian Studies

literature

Media & Communication Media & Communication

Media & Communication Media & Communication

Construction

Music

Creative & Media Arts

Philosophy

Criminology /;< Criminal lustice

Planning

Economics

Politics Psychology & Menlal Health

Security

Media & Communication

.

Energy

Religion

.

Security

Media & Communication

Media & Communication

English language &. li nguistics

Social Work

Environment /;< Sustalnabiilt

SOCioiog

Geography

Sport

Health Studies

Theatre &. Performance

History

Tourism, Hospitality &. Events

For more information, pricing enqUiries or to order a free trial, please contact your local sales team: www.tandfebooks.com/page/sales

~~ \.. 1 Routledge r"'o,&r,,",,,c,OUP

I The home of Routledqe boo~

df b

1.-

www.taneoo.u .com