Wednesday, July 15, 2009

ISO 9001:2008 Changes and How to Implement

Interpretations: M Rama Krishna

Introduction
Much awaited ISO 9001: 2008, is finally out for implementation. Organizations already certified to ISO 9001: 2000 are supposed to migrate to ISO 9001: 2008 latest by 15-11-2010. However, any new registrations after 15-11-2009 will be only against ISO 9001: 2008. The existing edition of quality management system ISO 9001: 2000 cease to be valid from 14-Nov-2010, and will be withdrawn. The changes in the new edition are trivial, and need no major efforts from already certified organizations. The technical committee for developing this standard used the word ‘implementation’ as against the word ‘transition’ which was used when ISO-9001: 2000 was released with a number of significant changes.

The latest version has no new requirements; there are a few explanations, clarifications to the existing standard. Further, this new standard has been made more compatible with ISO 14001; 2004. This helps organizations to have an integrated management system for QMS, and EMS.

To benefit from the new standard, the organizations need to re-look into their existing QMS for any changes, with the help of clarifications provided critically review the implementation aspects. Re-examine the requirements, hitherto ambiguous, for better implementation.

Why there are only minor changes
The mandate of ISO is to provide up-to-date standards to the world; hence the standards are periodically reviewed for their suitability. Before publishing the new standard ISO 9001: 2008, a web-based global survey was conducted by ISO/TC/176/SC 2 to get user feedback. More than 1500 users from 63 countries responded, and 85% of the users are satisfied with ISO-9001: 2000 requirements. Further, the ‘impact vs benefit’ analysis was also carried out for each suggested change. Wherever the benefit is ‘medium or high’, and impact is ‘low or medium’ the corresponding changes were incorporated. Hence, there were only minor changes, except for clarifications, and explanations. There were no new requirements. ISO/TC 176 explain the objectives of releasing new standard are – providing clarity, increasing compatibility with ISO 14001: 2004, maintaining consistency with ISO 9000 family of standards, and improving translatability.

How to implement them
The following are not exhaustive list of changes, but a few important changes that could affect the existing QMS, hence need explanation.

Clause 0.1 General
The intention of the standard is not bringing uniformity in structure of the quality management system across different organizations. The structure of the quality management system is based on organizational environment, changes, risks associated in the environment. The quality management system can be unique to a particular organization. This intention was rephrased and emphasized with additional bullet point---
The organizational quality management system is influenced by
a. its organizational environment, changes in that environment, and the risks associated with that environment.

Clause 1.1 General
A Note-2 has been added to clarify the definition of ‘product’. ISO 9001: 2000 defined the product as ‘any intended for or required by a customer’. This included ‘services’ also. The Note-2 explains that product also includes any intended output from product realization process. This means, internal customer concept has been strengthened. Many organizations already follow this concept. The by-products, intermediate products need to be brought into quality management system. Waste was predominantly treated in ISO-14001, now finds a place here. Probably, ISO aims to have an integrated management system standard, in future.

Clause 4.1 General Requirements
Clarity on outsourced processes brought in, two additional Notes have been included. The outsourced activity is a process that the organization chooses to have performed by an external party for various reasons, and needs in its quality management system. The reasons for outsourcing may be –

Organization does not have competence to perform that particular activity. In this case, the controls can be mutually agreed upon.
Organization has competence, but chooses to outsource for commercial/economic reasons. In this situation, the controls are known to the organization, hence same will apply.

The additional Note-3 in clause-4.1 clarifies that outsourced activity should be treated as any purchasing activity, and to be dealt in conjunction with clause-7.4. This means the specifications (in other words controls) to be documented, monitored, and measured. Outsourced party to be evaluated, and rated for its performance same as other suppliers.

For example, an organization chooses to outsource ‘heat treatment’ activity. As per ISO-9001; 2000, as it is outsourced, identification, incoming quality checks were sufficient. The organization simply excluded the clause-7.5.2 validation of ‘heat treatment’ process. Now, the organization must ask validation reports from the outsourced party, evaluate the capability of the supplier, and have sufficient controls on supplier to perform the task qualitatively.

Finally, the outsourced process is still a responsibility of the organization, and to be included in the quality management system.

Clause 4.2.1 General
Note-1 has an additional clarification “A single document may address the requirements for one or more procedures. A requirement for a documented procedure may be covered by more than one document”

This change gives the flexibility to the user to club two or more than two requirements into one procedure. For example, user can document one procedure for corrective action (8.5.2) and preventive action (8.5.3), or one procedure for document (4.2.3) and record control (4.2.4), or internal audit (8.2.2) and corrective action (8.5.2), or non-conforming product (8.3) and corrective action (8.5.2). Similarly, the user can now address the requirements of internal audit (8.2.2) in a single or more than one procedure.

Clause 5.5.2 Management Representative
Top management shall appoint a member of the organization’s management who, irrespective of other responsibilities, shall have responsibility and authority that includes;

Though the intent was not to outsource, a few organizations had chosen to outsource the role of management representative to a third party or a consultant. But, this new edition disagrees and discourages similar actions and emphasizes the intention clear and sound. The management representative must be the member of the organization’s management team.

Clause 6.2.2 Competence, training and awareness
The title words are rearranged in line with ISO-14001: 2004. Clause 6.2.2b is modified “where applicable, provide training or take other actions to achieve the necessary competence”.

This change gives flexibility to the organizations to provide training where applicable. But, demands the competency mapping for each employee and updating of the same regularly. Identify necessary competencies for each position and map the competencies of the employees against the identified competencies. If the competency level is adequate, no need for training the employee; otherwise, provide training to achieve the necessary competency level. Subsequently, update the competency matrix of that particular employee.

Clause 6.3 Infrastructure
The standard recognises the increased use of Information Systems in organizational effectiveness, and included Information Systems as a support service.

The maintenance of Information Systems such as back-ups, fail-safe systems, fire-walls, anti-virus protections, disaster management etc are to be defined and maintained.

Clause 7.6 Control of monitoring and measuring equipment
The word ‘devices’ from the earlier version changed to ‘equipment’ in this new version.

This change is brought in to have uniform nomenclature. The equipment family invariably include huge testing equipment, tiny volt meters, sensors, dedicated computers, oscilloscopes, go-nogo gauges, templates etc.

Clause 7.6a has included an additional mandatory record. The calibration or verification has to be carried out against measurement standards which are traceable to national / international standards. When no such standards are available, the organization has to record the basis for calibration or verification and maintain the record as per 4.2.4. In the earlier version, the basis was a requirement but not a mandatory record. The basis can be a formula, template, chemical mixture, bacteriological assay etc.

Clause 7.6c is changed to “have identification in order to determine its calibration status”.

The change in clause 7.6c demands the identified equipment must contain the ‘calibration/verification-status’. It is asking the organization to have a ‘tag’ or a ‘sticker’ to show calibration status of the equipment. ISO 9001: 2000 was silent on the status tag, it required only unique identification to determine the status. Status could be in a record room, office computer, or with the superior; and it was accepted. Now, this new version demands a status tag.

Clause 8.5.2 Corrective Action
The key thread of the entire standard the ‘effectiveness’ is emphasized, in 8.5.2f. Earlier standard required a review, now the corrective actions to be reviewed for their effectiveness (8.5.2f). The repetitive failures, for which corrective actions are not adequate, are to be looked into critically.

To sum up, ISO 9001: 2008 has been developed in order to provide clarifications to the existing requirements, also, to improve compatibility with ISO 14001: 2004. The intent of the standard is not changed, as the users expressed their consensus.

The reader can further refer http://www.iso.org/, http://www.iso.org/tc176/sc2

Sunday, July 12, 2009

Changing Face of Quality

Author: M Rama Krishna

Bankruptcy of GM, Chrysler, Visteon, Metaldyne, Delphi, declaration of losses by Ford, and Toyota are impending symptoms of a major turning point in the quality movement, which primarily was transfigured by the automotive sector. The bankruptcy of 100-year old General Motors is biggest in the manufacturing sector. Visteon, won five star rating from Hyundai, filed bankruptcy during Apr’09. Visteon also received supplier of the year award from GM, Best Quality Award from Toyota, and Excellence award from Ford. After winning ‘Shingo Prize’ – considered as noble prize for manufacturing excellence – for 10 plants, Delphi went bankrupt in 2005.

The quality movement which has strong roots in the teachings of Deming, Juran, Crosby, Taguchi, Shewhart, Ishikawa, etc provided us application oriented tools such as TPM, 5S, Lean, 3M, JIT, Six-Sigma, Kanban, Kaizen to name a few. Historically, quality travelled from end-product testing during 1900s, to Statistical Process Control in 1930s, and finally to continual improvement through systems approach. Rise of mass production, and need for the interchangeable parts created a demand for formal quality inspection. During the first half of the 20th century, final product inspection only was the primary means of quality control. For the quality movement, 1931 was considered as watershed year, when Walter Shewhart was credited with developing control charts. For the first time Statistics was used in preventing defects.

During 1950s, ‘made in Japan’ tag was associated with cheap and inferior products in US. To learn quality from Edward Deming, the Union of Japanese Scientists and Engineers (JUSE) invited him in July 1950, to give lectures on Quality Control. He gave continuously eight day lectures, followed by one-day top management appreciation program. The royalties from the transcripts of his lectures was generously donated to JUSE. The then managing director of JUSE, Kenichi Koyanagi proposed to use these royalties to institute Deming Prize, and it was accepted by the board. In 1951, the Union of Japanese Scientists and Engineers (JUSE) instituted the Deming Application Prize to reward companies which meet stringent criteria for quality management systems. Sundaram-Clayton was the first Indian Company to win Deming Application Prize in 1998.

By 1970’s, Japan penetrated into US market vigorously with higher quality products. With a purpose to help American companies to improve quality and productivity, in line with Deming Prize, Malcolm Baldrige National Quality Award (MBNQA) was instituted in 1988. During the same time in 1987, ISO released its first edition of international standard on Quality Management System based on PDCA model.

In 1991, with the efforts of 14 European companies, a Business Excellence Model was developed, as an answer to Deming Prize in Japan, and MBNQA in USA. Utmost importance given to quality during that time in the words of European Community president was “the battle for quality is one of the prerequisites for the success of your companies and for our competitive success.”

Subsequent to liberalization, Confederation of Indian Industries (CII), and Export Import (Exim) Bank together developed CII-Exim Bank Award model to enhance the competitiveness of India Inc. This model is based on EFQM. Indian Merchant Chambers developed IMC-Ramkrishna Bajaj National Quality Award in 1996, based on MBNQA.

With the advent of these Excellence Models, quality has travelled from labs to boardrooms, and graduated from operational level to strategic level. Quality metrics earned a place on CEO’s dashboard. Now, quality is talked at enterprise level. Any failure in product, process, or system is squarely attributed to quality function failure. At present, quality is facing a bitter criticism from all corners of the Industry. This is not the first time that quality is being criticised. Florida Power & Light (FPL) first non-Japanese company to win Deming Application Prize in 1989, almost went bankrupt shortly thereafter, quality was condemned. Wallace Co., Inc filed for Chaper-11 bankruptcy, shortly after winning MBNQA in 1990, quality was viewed as a joke. In India, though there were no cases published, Satyam Computers is one glaring example. The sustainability award won by Satyam was taken back immediately after declaration of accounting irregularities. Satyam was also a winner of IMC Ramkrishna Bajaj National Quality Award in 2001.

Learning from introspection quality has already started inching toward ‘clean & green’ from ‘lean and mean’. The official websites of ISO, ASQ indicate this trend towards sustainability. The Critical To Quality (CTQ) metric is broadening its scope to transform to Critical To Sustainability (CTS) metric. The role of quality function is being refocused to include the stakeholder engagement in place of customer engagement.