Establishing Quality Objectives In ISO 9000 Standards

Establishing Quality Objectives In ISO 9000 Standards

The ISO 9000 Standard requires that top management ensure that quality objectives are established.

ISO 9001 defines quality objectives as results sought or aimed for related to quality. It also suggests that these

objectives be based on the quality policy and be specified at different levels in the organization, being

quantified at the operational level. As with quality policy the details will be addressed later and here we

will focus on what it means to establish qualityobjectives and how they relate to other objectives.

As the quality policy equates to the corporate policy, it follows that quality objectives equate to corporate objectives. All of the organization’s objectives should in some way serve to fulfil requirements of customers and other interested parties. It is also interesting to note that in ISO 9001, the term requirement is defined as a need or expectation that is stated, customarily implied or obligatory. While an investor may not specify a requirement for growth in share value, it would certainly be an expectation. While an employee does not express requirements for salary increases when profits rise, it would certainly be an expectation and while society has no way other than to protest or invoke the law to impose its desires upon an organization, it certainly has the power to make organization’s comply and even change the law in extreme cases. So quality objectives do equate to corporate objectives.

Management needs to ensure that the objectives are established as a basis for action. All work serves an objective and it is the objective that stimulates action.

The reason for top management setting the objectives is to ensure that everyone channels their energies in a positive direction that serves the organizations purpose and mission.

For an objective to be established it has to be communicated, translated into action and become the focus of all achievement. Objectives are not wish lists. The starting point is the purpose and mission statement and the factors

identified as affecting the ability of the organization to accomplish its mission. It is in these areas the organization needs to excel and therefore they become the focus for action and consequently the setting of objectives. Although ISO 9001 suggests that the quality objectives should be based on the quality policy, it is more likely to be current performance, competition and opportunities arising from new technology that drive the objectives.

An objective is a result that is aimed for and is expressed as a result that is to be achieved. Objec-

tives are therefore not policies. The requirement should also not be interpreted as applicable only to

organizational functions and levels. Objectives are required at levels within the organization not levels

within the organization structure. This is clarified by the requirement for objectives to include those

needed to meet requirements for product. There are therefore five levels at which control and improve-

ment objectives need to be established:

Corporate level where the objectives are for the whole enterprise to enable it to fulfil its vision

Process level where the objectives are for specific processes to enable them to fulfil corporate goals

Product or service level where the objectives are for specific products/services or ranges of products/services to enable them to fulfil or create customer needs and expectations

Departmental or function level where the objectives are for an organizational component to enable it to fulfil corporate goals Personal level where the objectives are for the development of individual competency

A management system is not a static system but a dynamic one and if properly designed and implemented can drive the organization forward towards world class quality. All managerial activity is concerned either with maintaining performance or with making change. Change can retard or advance performance. That which advances performance is beneficial. In this regard, there are two classes of quality objectives, those serving the control of quality

(maintaining performance) and those serving the improvement of quality (making beneficial change).

maintain or to prevent from deteriorating. To maintain your performance and your position in the market you will have to continually seek improvement.

Remaining static at whatever level is not an option if your organization is to survive. Although you will be striving for improvement it is important to avoid slipping backwards with every step forwards. The effort needed to prevent

regression may indeed require innovative solutions. While to the people working on such problems, it may appear that the purpose is to change the status quo, the result of their effort will be to maintain their present position not raise it to higher levels of performance. Control and improvement can therefore be perceived as one and the same thing depending on the standards being aimed for and the difficulties in meeting them.

The statements of objectives may be embodied within business plans, product development plans, improvement plans, process descriptions and even procedures.

Achievable objectives do not necessarily arise from a single thought even when the policies provide a framework. There is a process for establishing objectives.

At the strategic level, the subjects that are the focus for setting objectives are the factors that affect the organization’s ability to accomplish its mission – the critical success factors such as marketing, innovation, human resources,

physical and financial resources, productivity and profit. There may be other factors such as the support of the community, of unions, of the media as certain businesses depend on continued support from society. Customer needs, regulations, competition and other external influences shape these objectives and cause them to change frequently. The measures arise from an analysis of current performance, the competition and there will emerge the need for either improvement or control. The steps in the objective setting process are as follows:

Identifying the need

Drafting preliminary objectives

Proving the need to the appropriate level of management in terms of:

whether the climate for change is favourable

the urgency of the improvement or controls

the size of the losses or potential losses

the priorities

Identifying or setting up the forum where the question of change or control is discussed Conducting a feasibility study to establish whether the objective can be achieved with the resources that can be applied Defining achievable objectives for control and improvement

Communicating the objectives

The standard does not require that objectives be achieved but it does require that their achievement be planned and resourced. It is therefore prudent to avoid publishing objectives for meeting an unproven need and which has not

been rigorously reviewed and assessed for their feasibility. It is wasteful to plan for meeting objectives that are unachievable and it diverts resources away from more legitimate uses.

Objectives are not established until they are understood and therefore communication of objectives must be part of this process. Communication is incomplete unless the receiver understands the message but a simple yes or no is not an adequate means of measuring understanding. Measuring employee understanding of appropriate quality objectives is a subjective process. Through the data analysis carried out to meet the requirements of clause 8.4 you will have produced metrics that indicate whether your quality objectives are being achieved. If they are being achieved you could either assume your employees understand the quality objectives or you could conclude that it doesn’t matter. Results alone are insufficient evidence. The results may have been achieved by pure chance and in six months time your performance may have declined significantly. The only way to test understanding is to check the decisions people make. This can be done with a questionnaire but is more effective if one checks decisions made in the work

place. Is their judgement in line with your objectives or do you have to repeatedly adjust their behaviour?

For each objective you should have a plan that defines the processes involved in its achievement. Assess these processes and determine where critical decisions are made and who is assigned to make them. Audit the

decisions and ascertain whether they were contrary to the objectives. A simple example is where you have an objective of decreasing dependence upon inspection. By examining corrective actions taken to prevent recurrence of

nonconformities you can detect whether a person decided to increase the level of inspection in order to catch the nonconformities or considered alternatives.

Any person found increasing the amount of inspection has clearly not understood the objective.

Managing Processes In ISO 9000 Standards

Managing Processes In ISO 9000 Standards

The ISO 9000 Standard requires the organization to manage the identified processes in accordance with the requirements of ISO 9001.

The first stage in managing a process is to establish what it is you are trying to achieve, what requirements you need to satisfy, what goals you are aiming at; then establish how you will measure your achievements. The next stage is to define the process you will employ to deliver the results. Managing the process then involves managing all the inherent characteristics of the process in such a manner that the requirements of customers and interested parties are fulfilled by the process outcomes. This means:

Managing the process inputs

Managing the work

Managing the physical resources

Managing the financial resources

Managing the human resources

Managing the constraints

Managing the outputs

Process management is therefore much more than managing activities and therefore when describing processes, one needs more than a flow chart of activities. The chart is a diagrammatical representation of a process but only one aspect. One can also add numerical data to the charts to indicate resources, cycle times, delays, costs etc. but the intangible factors of the human environment cannot be reduced to numerical data to add to the charts.

The notes to clause 4.1 of ISO 9001 need some explanation. It is stated that the processes needed for the management system include management activities, provision of resources, product realization and measurement. This note could cause confusion because it suggests that these are the processes that are needed for the management system. It would be unwise to use this as the model and far better to identify the processes from observing how the business operates. The term provision of resources should be Resource Management, which is the collection of processes covering financial, human and physical resources.

Product realization is also a collection of processes such as design, production, service delivery, etc. Measurement is not a single process but a sub-process within each process. Grouping all the measurement processes together serves no useful purpose except it matches the standard – a purpose of little value in managing the organization.

The second note refers to outsourcing processes although it is difficult to imagine that management activities, product realization or measurement would be outsourced in its entirety. It is likely that market research; design, product verification, equipment calibration and other specialized services may be outsourced. While outsourcing comes under purchasing, it is correct to point out that the organization should control any outsourced processes. The supplier of the process is usually referred to as a subcontractor because they provide services to the organization’s requirements not their own. Control of subcontractors is covered by clause 7.4 but in meeting clause 7.4.3, you need to treat suppliers and subcontractors differently.

ISO 9000 Standards – Conducting Management Reviews

ISO 9000 Standards – Conducting Management Reviews

The ISO 9000 standards requires that top management conduct

management reviews.

The term review is defined in ISO 9001 as an activity

undertaken to ensure the suitability, adequacy, effective-

ness and efficiency of the subject matter to achieve

established objectives. The addition of the term manage-

ment means that the management review can be

perceived as a review of management rather than a

review by management, although both meanings are conveyed in the standard.

The rationale for this is that the examples given in ISO 9000 such as design

review and nonconformity review clearly indicate it is design and non-

conformity that is being reviewed. If the system was to be reviewed then the

action should be called a system review. It is no doubt unintentional in the

standard but, if the management system is perceived as the way in which the

organization’s objectives are achieved, a review of management is in fact a

review of the way achievement of objectives is being managed because the

organization exists to achieve objectives and so both meanings are correct.

Top management will not regard the management review as important unless

they believe it is essential to running the business. The way to do this is to treat

it as a business performance review. This is simpler than it may appear. If the

quality policy is now accepted as corporate policy and the quality objectives

are accepted as corporate objectives, any review of the management system

becomes a performance review and no different to any other executive

meeting. The problem with the former management reviews was that they

allowed discussion on the means for achieving objectives to take place in other

management meetings leaving the management review to a review of errors,

mistakes and documentation that no one was interested in anyway. The

management system is the means for achieving objectives therefore it makes

sense to review the means when reviewing the ends so that actions are linked to

results and commitment secured for all related changes in one transaction.

The requirement emphasizes that top management conduct the review – not

the quality manager, not the operational manager – but top management – those

who direct and control the organization at the highest level. In many ISO 9000

registered organizations, the management review is a chore, an event held once

each year, on a Friday afternoon before a national holiday – perhaps a cynical

view but nonetheless often true. The reason the event has such a low priority

is that management have not understood what the review is all about. Tell

them it’s about reviewing nonconformities, customer complaints and internal

audit records and you will be lucky if anyone turns up. The quality manager

produces all the statistics so the others managers are free of any burden. By

careful tactics, these managers may come away with no actions, having

delegated any in their quarter to the quality manager.

In order to provide evidence of its commitment to conducting management

reviews, management would need to demonstrate that it planned for the

reviews, prepared input material in the form of performance results, metrics

and explanations, decided what to do about the results and accepted action to

bring about improvement.

The ISO 9000 standards requires that top management conduct management reviews.

The term review is defined in ISO 9000 Standards as an activity undertaken to ensure the suitability, adequacy, effectiveness and efficiency of the subject matter to achieve established objectives. The addition of the term management means that the management review can be perceived as a review of management rather than a review by management, although both meanings are conveyed in the standard.

The rationale for this is that the examples given in ISO 9000 Standards such as design review and nonconformity review clearly indicate it is design and non-conformity that is being reviewed. If the system was to be reviewed then the action should be called a system review. It is no doubt unintentional in the standard but, if the management system is perceived as the way in which the organization’s objectives are achieved, a review of management is in fact a review of the way achievement of objectives is being managed because the organization exists to achieve objectives and so both meanings are correct.

Top management will not regard the management review as important unless they believe it is essential to running the business. The way to do this is to treat it as a business performance review. This is simpler than it may appear. If the quality policy is now accepted as corporate policy and the quality objectives are accepted as corporate objectives, any review of the management system becomes a performance review and no different to any other executive meeting. The problem with the former management reviews was that they allowed discussion on the means for achieving objectives to take place in other management meetings leaving the management review to a review of errors, mistakes and documentation that no one was interested in anyway. The management system is the means for achieving objectives therefore it makes sense to review the means when reviewing the ends so that actions are linked to results and commitment secured for all related changes in one transaction.

The requirement emphasizes that top management conduct the review – not the quality manager, not the operational manager – but top management – those who direct and control the organization at the highest level. In many ISO 9000 registered organizations, the management review is a chore, an event held once each year, on a Friday afternoon before a national holiday – perhaps a cynical view but nonetheless often true. The reason the event has such a low priority is that management have not understood what the review is all about. Tell them it’s about reviewing nonconformities, customer complaints and internal audit records and you will be lucky if anyone turns up. The quality manager produces all the statistics so the others managers are free of any burden. By careful tactics, these managers may come away with no actions, having delegated any in their quarter to the quality manager.

In order to provide evidence of its commitment to conducting management reviews, management would need to demonstrate that it planned for the reviews, prepared input material in the form of performance results, metrics and explanations, decided what to do about the results and accepted action to bring about improvement.

ISO 9000 Standards – Quality Management Principles

ISO 9000 Standards – Quality Management Principles

A quality management principle is defined by ISO/TC 176 as a comprehensive and fundamental rule or belief, for leading and operating an organization, aimed at continually improving performance over the long term by focusing on customers while addressing the needs of all other interested parties. Eight principles have emerged as fundamental to the management of quality.

All the requirements of ISO 9001:2008 are related to one or more of these principles. These principles provide the reasons for the requirements and are thus very important. The quality management principles can be listed as below:

1. Customer focus
Organizations depend on their customers and therefore should understand current and future customer needs, meet customer requirements and strive to exceed customer expectations.
The customer focus principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Communication with the customer
b. Care for customer property
c. The determination of customer needs and expectations
d. Appointment of a management representative
e. Management commitment

2. Leadership
Leaders establish unity of purpose and direction for the organization. They should create and maintain the internal environment in which people can become fully involved in achieving the organization’s objectives.
The leadership principle is reflected in ISO 9000 Standards through the requirements addressing:
a. The setting of objectives and policies
b. Planning
c. Internal communication
d. Creating an effective work environment

3. Involvement of people
People at all levels are the essence of an organization and their full involvement enables their abilities to be used for the organization’s benefit.
The involvement of people principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Participation in design reviews
b. Defining objectives, responsibilities and authority
c. Creating an environment in which people are motivated
d. Internal communication
e. Identifying competence needs

4. Process approach
A desired result is achieved more efficiently when related resources and activities are managed as a process.
The process approach principle is reflected in ISO 9000 Standards through the requirements addressing:
a. The identity of processes
b. Defining process inputs and outputs
c. Providing the infrastructure, information and resources for processes to
function

5. System approach to management
This principle is expressed as follows:
Identifying, understanding and managing interrelated processes as a system contributes to the organization’s effectiveness and efficiency in achieving its objectives.
The system approach principle is reflected in ISO 9001 through the requirements addressing:
a. Establishing, implementing and maintaining the management system
b. Interconnection, interrelation and sequence of processes
c. The links between processes
d. Establishing measurement processes

6. Continual improvement
This principle is expressed as follows:
Continual improvement of the organization’s overall performance should be a permanent objective of the organization.
The continual improvement principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Improvement processes
b. Identifying improvements
c. Reviewing documents and processes for opportunities for improvement

7. Factual approach to decision making
This principle is expressed as follows:
Effective decisions are based on the analysis of data and information.
The factual approach principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Reviews, measurements and monitoring to obtain facts
b. Control of measuring devices
c. Analysis to obtain facts from information
d. Records for documenting the facts
e. Approvals based on facts

8. Mutually beneficial supplier relationships
This principle is expressed as follows:
An organization and its suppliers are interdependent and a mutually beneficial relationship enhances the ability of both to create value.
The mutually beneficial supplier relationships principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Control of suppliers
b. Evaluation of suppliers
c. Analysis and review of supplier data

ISO 9000 Standards – Retention Of Records

ISO 9000 Standards – Retention Of Records

It is important that records are not destroyed before their useful life is over.
There are several factors to consider when determining the retention time for records.
The duration of the contract – some records are only of value whilst the contract is in force.
The life of the product – access to the records will probably not be needed for some considerable time, possibly long after the contract has closed. On defence contracts the contractor has to keep records for up to 20 years and
for product liability purposes, in the worst-case situation (taking account of
appeals) you could be asked to produce records up to 17 years after you made the product.
The period between management system assessments – assessors may wish to see evidence that corrective actions from the last assessment were taken. If the period of assessment is three years and you dispose of the evidence after 2 years, you will have some difficulty in convincing the assessor that you corrected the deficiency.
You will also need to take account of the subcontractor records and ensure
adequate retention times are invoked in the contract.
Where the retention time is actually specified can present a problem. If you
specify it in a general procedure you are likely to want to prescribe a single
figure, say 5 years for all records. However, this may cause storage problems – it may be more appropriate therefore to specify the retention times in the procedures that describe the records. In this way you can be selective.
You will also need a means of determining when the retention time has
expired so that if necessary you can dispose of the records. The retention time doesn’t mean that you must dispose of them when the time expires – only that you must retain the records for at least that stated period. Not only will the records need to be dated but the files that contain the records need to be dated and if stored in an archive, the shelves or drawers also dated. It is for this reason that all documents should carry a date of origin and this requirement needs to be specified in the procedures that describe the records. If you can rely on the selection process a simple method is to store the records in bins or computer disks that carry the date of disposal.
While the ISO 9000 requirement applies only to records, you may also need to retain tools, jigs, fixtures, test software – in fact anything that is needed to repair or reproduce equipment in order to honour your long-term commitments.
Should the customer specify a retention period greater than what you
prescribe in your procedures, special provisions will need to be made and this is a potential area of risk. Customers may choose not to specify a particular time and require you to seek approval before destruction. Any contract that requires you to do something different creates a problem in conveying the requirements to those who are to implement them. The simple solution is to persuade your customer to accept your policy. You may not want to change your procedures for one contract. If you can’t change the contract, the only alternative is to issue special instructions. You may be better off storing the records in a special contract store away from the normal store or alternatively attach special labels to the files to alert the people looking after the archives.