Saturday, November 14, 2009
Friday, September 25, 2009
ISO 9001 Standards In General
ISO 9001 Standards In General
The adoption of a quality management system should be a strategic decision of an organization. The design and implementation of an organization’s quality management system is influenced by— its business environment, changes in that environment, or risks associated with that environment,— its varying needs,— its particular objectives,— the products it provides,— the processes it employs,— its size and organizational structure.It is not the intent of this International Standard to imply uniformity in the structure of quality management systems or uniformity of documentation.The quality management system requirements specified in this International Standard are complementary to requirements for products. Information marked “NOTE” is for guidance in understanding or clarifying theassociated requirement.This International Standard can be used by internal and external parties, including certification bodies, to assess the organization’s ability to meet customer, statutory and regulatory requirements applicable to theproduct, and the organization’s own requirements.The quality management principles stated in ISO 9000 and ISO 9004 have been taken into consideration during the development of this International Standard.
The adoption of a quality management system should be a strategic decision of an organization. The design and implementation of an organization’s quality management system is influenced by— its business environment, changes in that environment, or risks associated with that environment,— its varying needs,— its particular objectives,— the products it provides,— the processes it employs,— its size and organizational structure.It is not the intent of this International Standard to imply uniformity in the structure of quality management systems or uniformity of documentation.The quality management system requirements specified in this International Standard are complementary to requirements for products. Information marked “NOTE” is for guidance in understanding or clarifying theassociated requirement.This International Standard can be used by internal and external parties, including certification bodies, to assess the organization’s ability to meet customer, statutory and regulatory requirements applicable to theproduct, and the organization’s own requirements.The quality management principles stated in ISO 9000 and ISO 9004 have been taken into consideration during the development of this International Standard.
ISO 9001 – Compatibility with other management systems
ISO 9001 – Compatibility with other management systems
ISO 9001 and ISO 9004 are quality management system standards which have been designed to complement each other, but can also be used independently.ISO 9001 specifies requirements for a quality management system that can be used for internal application by organizations, for certification, or for contractual purposes. It focuses on the effectiveness of the qualitymanagement system in meeting customer requirements.ISO 9004 gives guidance on a wider range of objectives of a quality management system than does ISO 9001, particularly for the continual improvement of an organizations overall performance and efficiency, as well as its effectiveness. ISO 9004 is recommended as a guide for organizations whose top management wishes to move beyond the requirements of ISO 9001, in pursuit of continual improvement of performance. However, it is not intended for certification or for contractual purposes.
During the development of this International Standard, due consideration was given to the provisions of ISO 14001:2004 to enhance the compatibility of the two standards for the benefit of the user community.This International Standard does not include requirements specific to other management systems, such as those particular to environmental management, occupational health and safety management, financialmanagement or risk management. However, this International Standard enables an organization to align or integrate its own quality management system with related management system requirements. It is possible foran organization to adapt its existing management system(s) in order to establish a quality management system that complies with the requirements of this International Standard.
ISO 9001 and ISO 9004 are quality management system standards which have been designed to complement each other, but can also be used independently.ISO 9001 specifies requirements for a quality management system that can be used for internal application by organizations, for certification, or for contractual purposes. It focuses on the effectiveness of the qualitymanagement system in meeting customer requirements.ISO 9004 gives guidance on a wider range of objectives of a quality management system than does ISO 9001, particularly for the continual improvement of an organizations overall performance and efficiency, as well as its effectiveness. ISO 9004 is recommended as a guide for organizations whose top management wishes to move beyond the requirements of ISO 9001, in pursuit of continual improvement of performance. However, it is not intended for certification or for contractual purposes.
During the development of this International Standard, due consideration was given to the provisions of ISO 14001:2004 to enhance the compatibility of the two standards for the benefit of the user community.This International Standard does not include requirements specific to other management systems, such as those particular to environmental management, occupational health and safety management, financialmanagement or risk management. However, this International Standard enables an organization to align or integrate its own quality management system with related management system requirements. It is possible foran organization to adapt its existing management system(s) in order to establish a quality management system that complies with the requirements of this International Standard.
Certification In ISO 9001 Standards
Certification In ISO 9001 Standards
Certification involves an independent assessment of your quality system to confirm that it meets the
requirements of ISO 9001. You will need to design, document and implement your own quality system. The system will need to cover all the requirements of the ISO 9001 standard. Many certification bodies will not conduct a formal assessment until the system has been operating for at least three months. Your quality system cannot be audited until you have generated documentary evidence to show that you are meeting the standard. To find a certification body with relevant experience in your sector and accreditation from the United Kingdom Accreditation Service (UKAS). Certification by a non-UKAS accredited body is likely to lead to credibility problems with your customers. Arrange a visit from the certification body’s auditors. UKAS prohibits auditors from acting as consultants. They will not tell you how to meet the standard but can offer advice. They will seek objective evidence that you are complying with each of the clauses of the ISO 9001 standard. The auditors will tell you of any shortcomings in your system. If you satisfy the standard, the auditors put your name forward for certification. You will be required to correct these problems within a specified timeframe. You can also be certificated if the auditors only identify a small number of ‘minor’ problems. Once you are certificated, you can display the certification body’s logo, and if the body is UKAS-accredited, the UKAS ‘tick and crown’ symbol (consult UKAS about exceptions to this rule). If the auditors identify more serious ‘major’ problems, you will be required to correct these before certification. These surveillance visits normally take place twice a year at agreed dates. All certification bodies are required to revisit registered companies to ensure they still meet the requirements of the standard. You will be given time to deal with any minor or major problems which are identified before any action is taken to withdraw your certificate.
Certification involves an independent assessment of your quality system to confirm that it meets the
requirements of ISO 9001. You will need to design, document and implement your own quality system. The system will need to cover all the requirements of the ISO 9001 standard. Many certification bodies will not conduct a formal assessment until the system has been operating for at least three months. Your quality system cannot be audited until you have generated documentary evidence to show that you are meeting the standard. To find a certification body with relevant experience in your sector and accreditation from the United Kingdom Accreditation Service (UKAS). Certification by a non-UKAS accredited body is likely to lead to credibility problems with your customers. Arrange a visit from the certification body’s auditors. UKAS prohibits auditors from acting as consultants. They will not tell you how to meet the standard but can offer advice. They will seek objective evidence that you are complying with each of the clauses of the ISO 9001 standard. The auditors will tell you of any shortcomings in your system. If you satisfy the standard, the auditors put your name forward for certification. You will be required to correct these problems within a specified timeframe. You can also be certificated if the auditors only identify a small number of ‘minor’ problems. Once you are certificated, you can display the certification body’s logo, and if the body is UKAS-accredited, the UKAS ‘tick and crown’ symbol (consult UKAS about exceptions to this rule). If the auditors identify more serious ‘major’ problems, you will be required to correct these before certification. These surveillance visits normally take place twice a year at agreed dates. All certification bodies are required to revisit registered companies to ensure they still meet the requirements of the standard. You will be given time to deal with any minor or major problems which are identified before any action is taken to withdraw your certificate.
Costs and resources Of ISO 9001 Standards
Costs and resources Of ISO 9001 Standards
The largest cost of ISO 9001 is the involvement of company
employees. The ‘ownership’ created by involving employees in designing the quality system maximises the chances of them accepting it. Reducing this cost by minimising employee involvement is a false economy. The next largest cost will be for designing and developing the system. This needs to be led by someone with experience in this particular field. You may have someone within your own organisation who has carried out this role, perhaps with a former employer. Your Business Link may offer free or subsidised advice and training, and will be able to provide names of approved consultants. Grants for work in this area tend to be directed through Business Links. Different areas have different grants, which depend on local conditions. A typical grant may cover up to 50 per cent of the cost of an approved consultant. Certification fees are around £800 for the smallest companies. Overall costs depend upon company size and the number of locations involved. Ask certification bodies for quotes for initial audits and surveillance visits. Many will give an all-inclusive price, including surveillance visits for three years. Typically, special rates will depend on how long the assessment is likely to take and what the company’s turnover is. Ask your certification body if it offers special rates for small companies. The standard requires that companies have trained internal auditors to conduct audits on the system. An internal audit can provide an effective means of monitoring the system and identifying areas for improvement. For further details, contact the International Register of Certificated Auditors.
The largest cost of ISO 9001 is the involvement of company
employees. The ‘ownership’ created by involving employees in designing the quality system maximises the chances of them accepting it. Reducing this cost by minimising employee involvement is a false economy. The next largest cost will be for designing and developing the system. This needs to be led by someone with experience in this particular field. You may have someone within your own organisation who has carried out this role, perhaps with a former employer. Your Business Link may offer free or subsidised advice and training, and will be able to provide names of approved consultants. Grants for work in this area tend to be directed through Business Links. Different areas have different grants, which depend on local conditions. A typical grant may cover up to 50 per cent of the cost of an approved consultant. Certification fees are around £800 for the smallest companies. Overall costs depend upon company size and the number of locations involved. Ask certification bodies for quotes for initial audits and surveillance visits. Many will give an all-inclusive price, including surveillance visits for three years. Typically, special rates will depend on how long the assessment is likely to take and what the company’s turnover is. Ask your certification body if it offers special rates for small companies. The standard requires that companies have trained internal auditors to conduct audits on the system. An internal audit can provide an effective means of monitoring the system and identifying areas for improvement. For further details, contact the International Register of Certificated Auditors.
ISO 9000 family of standards and SMEs
ISO 9000 family of standards and SMEs
The ISO 9000 quality management system is generic in nature and applicable to all companies, regardless of the type and size of the business, including small and medium enterprises (SMEs), and they are applicable to all categories of products, whether hardware, software, processed materials or services. ISO 9001:2008 specifies what is required to be done by an organization but does not indicate how it should be done, thus giving the enterprise a lot of flexibility to run its business.
It is simple to use, clear in language and easily understandable. The new standard is also appropriate for small companies, as it does not demand the type of paper bureaucracy needed for the implementation of the 1994 version. Only six documented procedures are now required and need for other procedures/documents can be decided by the company. Companies will, however, be required to provide objective evidence that the QMS has been effectively implemented. A small company may find it appropriate to include the description of its entire QMS within a single Quality Manual, including all the documented procedures required by the standard.
The process-based approach given in the new standard will tend to ensure that systems are documented and implemented in a manner that suits a SME’s own way of doing business. This approach makes it easier for SMEs to implement, instead of just taking over an artificial structure of QMS imposed from outside. It will also be easier for SMEs managed by their owners to demonstrate “top management commitment” towards QMS. Furthermore, in a SME, it is easier to ensure effective internal communication, better utilization of resources, people clearly understanding their roles and responsibilities, etc.
The new standard has included a provision for deciding on the applicability of
certain product realization processes included in section 7 of the standard. For example, if the SME has no responsibility for the design and development of the product it provides, the SME may say so, giving the reasoning behind it, in the Quality Manual; the certification body, being satisfied that this corresponds, would then award it certification to ISO 9001:2008. Similarly, other product realization processes such as purchasing, product identification and traceability, control of measuring devices may also be excluded if these are not applicable for the type of products or services being provided by the company.
It is also possible that SMEs may not have adequate in-house expertise or there may be other constraints to perform all processes on their own. In such cases, the new standard also permits the outsourcing of any of the QMS processes, providing the company has control over such processes. The nature of this control will depend on the nature of the outsourced or subcontracted processes and the risk involved. For example, the design and development process may be subcontracted to an expert or a specialized agency, inspection/verification of goods purchased may be subcontracted to an inspection agency, internal audit of QMS can be outsourced, etc. However, overall responsibility for ensuring control on all outsourced processes as per requirements of the standard would remain with the company’s management.
The ISO 9000 quality management system is generic in nature and applicable to all companies, regardless of the type and size of the business, including small and medium enterprises (SMEs), and they are applicable to all categories of products, whether hardware, software, processed materials or services. ISO 9001:2008 specifies what is required to be done by an organization but does not indicate how it should be done, thus giving the enterprise a lot of flexibility to run its business.
It is simple to use, clear in language and easily understandable. The new standard is also appropriate for small companies, as it does not demand the type of paper bureaucracy needed for the implementation of the 1994 version. Only six documented procedures are now required and need for other procedures/documents can be decided by the company. Companies will, however, be required to provide objective evidence that the QMS has been effectively implemented. A small company may find it appropriate to include the description of its entire QMS within a single Quality Manual, including all the documented procedures required by the standard.
The process-based approach given in the new standard will tend to ensure that systems are documented and implemented in a manner that suits a SME’s own way of doing business. This approach makes it easier for SMEs to implement, instead of just taking over an artificial structure of QMS imposed from outside. It will also be easier for SMEs managed by their owners to demonstrate “top management commitment” towards QMS. Furthermore, in a SME, it is easier to ensure effective internal communication, better utilization of resources, people clearly understanding their roles and responsibilities, etc.
The new standard has included a provision for deciding on the applicability of
certain product realization processes included in section 7 of the standard. For example, if the SME has no responsibility for the design and development of the product it provides, the SME may say so, giving the reasoning behind it, in the Quality Manual; the certification body, being satisfied that this corresponds, would then award it certification to ISO 9001:2008. Similarly, other product realization processes such as purchasing, product identification and traceability, control of measuring devices may also be excluded if these are not applicable for the type of products or services being provided by the company.
It is also possible that SMEs may not have adequate in-house expertise or there may be other constraints to perform all processes on their own. In such cases, the new standard also permits the outsourcing of any of the QMS processes, providing the company has control over such processes. The nature of this control will depend on the nature of the outsourced or subcontracted processes and the risk involved. For example, the design and development process may be subcontracted to an expert or a specialized agency, inspection/verification of goods purchased may be subcontracted to an inspection agency, internal audit of QMS can be outsourced, etc. However, overall responsibility for ensuring control on all outsourced processes as per requirements of the standard would remain with the company’s management.
Management Principles Of ISO 9001 Standards
Management Principles Of ISO 9001 Standards
ISO 9000 is based on eight management principles:
• Customer focus, resulting in meeting customer requirements and striving to exceed them;
• Leadership, aiming to create an internal environment in which people are fully involved;
• Involvement of people who are the essence of an organization;
• Process approach, resulting in improved efficiency to obtain desired results;
• System approach to management, leading to improved effectiveness and efficiency through identification, understanding and management of interrelated processes;
• Continual improvement, which becomes a permanent objective of the organization;
• Factual approach to decision-making, based on the analysis of data and information; and
• Mutually beneficial supplier relationships, based on an understanding of their interdependence.
ISO 9000 encourages the adoption of the process approach to manage an organization. There are five main areas considered for the revised process model in ISO 9000:
• Quality management system
• Management responsibility
• Resource management
• Product realization
• Measurement, analysis and improvement.
ISO 9000 is based on eight management principles:
• Customer focus, resulting in meeting customer requirements and striving to exceed them;
• Leadership, aiming to create an internal environment in which people are fully involved;
• Involvement of people who are the essence of an organization;
• Process approach, resulting in improved efficiency to obtain desired results;
• System approach to management, leading to improved effectiveness and efficiency through identification, understanding and management of interrelated processes;
• Continual improvement, which becomes a permanent objective of the organization;
• Factual approach to decision-making, based on the analysis of data and information; and
• Mutually beneficial supplier relationships, based on an understanding of their interdependence.
ISO 9000 encourages the adoption of the process approach to manage an organization. There are five main areas considered for the revised process model in ISO 9000:
• Quality management system
• Management responsibility
• Resource management
• Product realization
• Measurement, analysis and improvement.
Benefits Of Obtaining ISO 9000 Certification
Benefits Of Obtaining ISO 9000 Certification
Implementing a quality management system brings internal benefits to most organizations, as well as opening up opportunities vis-à-vis the outside world.
Internal benefits to the company include:
• improved customer focus and process orientation within the company;
• improved management commitment and decision-making;
• better working conditions for employees;
• increased motivation of employees;
• reduced cost of internal failures (lower rates of rework, rejection, etc.) and external failures (fewer customer returns, replacements, etc.); and last but not least,
• continual improvement of the quality management system.
The following external benefits are generated:
• customers are more confident that they will receive products conforming to their requirements, which in turn results in higher customer satisfaction;
• an improved image of the company;
• more aggressive publicity, as customers can be informed of the benefits of their doing business with a company that manages the quality of its outputs;
• more confidence that the company’s products meet relevant regulatory
requirements;
• better objective evidence to defend product liability charges if such are brought by customers.
Refer http://www.iso9001-standard.us/ for more information.
Implementing a quality management system brings internal benefits to most organizations, as well as opening up opportunities vis-à-vis the outside world.
Internal benefits to the company include:
• improved customer focus and process orientation within the company;
• improved management commitment and decision-making;
• better working conditions for employees;
• increased motivation of employees;
• reduced cost of internal failures (lower rates of rework, rejection, etc.) and external failures (fewer customer returns, replacements, etc.); and last but not least,
• continual improvement of the quality management system.
The following external benefits are generated:
• customers are more confident that they will receive products conforming to their requirements, which in turn results in higher customer satisfaction;
• an improved image of the company;
• more aggressive publicity, as customers can be informed of the benefits of their doing business with a company that manages the quality of its outputs;
• more confidence that the company’s products meet relevant regulatory
requirements;
• better objective evidence to defend product liability charges if such are brought by customers.
Refer http://www.iso9001-standard.us/ for more information.
Implementing A Quality Management System
Implementing A Quality Management System
An ISO 9000:2008 quality management system can be implemented by following the steps detailed as follows:
1. Evaluate the organization’s need/goals for implementing a QMS Need may arise from repeated customer complaints; frequent warranty returns; delayed deliveries; high inventories; frequent production hold-ups; and high level of rework or rejection of products or services.
At this stage, identify the goals which you would like to achieve through a QMS, such as customer satisfaction, increased market share, improved communications and morale in the organization, greater efficiency and profitability, etc. Another objective in implementing a QMS may be a demonstration of compliance through third party certification, which may be requested by an important client or required for enlisting as a supplier to large companies, e.g., original equipment manufacturers (OEMs).
2. Obtain information about the ISO 9000 family
The persons identified for initiating the development of an ISO 9000 QMS need tounderstand the requirements of ISO 9001:2008 as read with ISO 9000:2000 and ISO 9001:2008.
Supporting information such as quality management principles, frequently asked questions (FAQs), guidance on clause 1.2 (application) of ISO 9001:2008, guidance on documentation requirements of ISO 9001:2008 and other brochures are available free of charge on the ISO web site;
3. Appoint a consultant, if necessary
If, within the organization, you do not have adequate competence to develop a QMS, you may appoint a consultant. Before doing so, it is good to check his/her background; knowledge about the product realization processes of your organization; and experience in helping other organizations to achieve their stated goals, including certification.
Carry out a cost-benefit analysis of hiring a consultant and agree the scope of his/her work in writing. It is also possible to appoint a consultant only for the training of key staff; the latter can then carry out further training and development of the system.
4. Awareness and training
Raise awareness about QMS requirements amongst all personnel performing activities that affect quality. Plan for and provide specific training on how to develop Quality Manuals; on procedures; on QMS planning; on how to identify and implement improvement processes; and on how to audit compliance with the QMS, etc.
The Institute of Quality Assurance (IQA), the American Society for Quality (ASQ)and the International Auditor and Training Certification Association (IATCA) can provide lists of training organizations.
5. Gap analysis
Evaluate gaps between your existing quality management system and the QMS requirements of ISO 9001. Prepare how to bridge these gaps, including by planning for any additional resources required. Gap analysis may be carried out through selfassessment or by the external consultant.
6. Product realization processes
Review clause 7 of ISO 9001:2008 relating to “Product realization” to determine how the requirements apply or do not apply to your company’s QMS.
The processes covered by this clause include:
• Customer-related processes
• Design and development
• Purchasing
• Production and service provision
• Control of measuring and monitoring devices
Note that if your company is not responsible for preparing the design of your product, you can exclude the requirement for “design and development” from your QMS and explain the reasons for doing so in your Quality Manual.
7. Staffing
Decide on the responsibilities of the persons who will be involved in developing and documenting the QMS, including the appointment of a management representative who will oversee the implementation of the QMS. Establishing a project Steering Committee may also prove useful to oversee progress and provide resources wherever required.
8. Planning a time frame
Prepare a complete plan to close the gaps identified in Step 5 to develop the QMS processes. In the plan, include activities to be performed, resources required, responsibilities and an estimated completion time for each activity. Clauses 4.1 and
7.1 of ISO 9001:2008 provide information that should be used when developing the plan. The total time required for each phase (planning, documentation, implementation and evaluation) depends on the extent of the gaps in your existing QMS.
9. Draft a Quality Manual
In your Quality Manual;
• Include how the QMS applies to the products, processes, locations and departments of the organization;
• Exclude any requirement with justification for doing so as decided in step 6
above;
• Refer to or include documented procedures for QMS;
• Describe the interaction between the processes of the QMS, e.g., the interaction between product realization processes and other management, measurement and improvement processes; and
• Draft the quality policy and quality objectives for the organization.
The staff concerned in the organization should review the Quality Manual and the documented procedures so that their comments and suggestions can be taken into account before the Quality Manual and procedures are approved for issue and use.
The effective date of implementation should also be decided.
10. Carry out internal audits
During the phase of implementation of some three to six months after the documentation has been written, the trained auditors should carry out one or two internal audits covering all activities for the QMS, and concerned management should take corrective action on the audit findings without delay. Wherever required, revise the manuals, procedures and objectives. After each internal audit, the top management should review the effectiveness of the system and provide necessary resources for corrective actions and improvements.
11. Apply for certification
On satisfactory completion of Step 10, and if your company decides to obtain third party certification, you can make an application for certification to an accredited certification body. The certification audit process is explained section VII.
12. Conduct periodic evaluations
After certification, the organization should periodically conduct internal audits to review the effectiveness of the QMS and see how it can be “continually improved”. The organization should evaluate periodically if the purpose and goals (see Step 1) for which the QMS was developed are being achieved, including its continual improvement.
An ISO 9000:2008 quality management system can be implemented by following the steps detailed as follows:
1. Evaluate the organization’s need/goals for implementing a QMS Need may arise from repeated customer complaints; frequent warranty returns; delayed deliveries; high inventories; frequent production hold-ups; and high level of rework or rejection of products or services.
At this stage, identify the goals which you would like to achieve through a QMS, such as customer satisfaction, increased market share, improved communications and morale in the organization, greater efficiency and profitability, etc. Another objective in implementing a QMS may be a demonstration of compliance through third party certification, which may be requested by an important client or required for enlisting as a supplier to large companies, e.g., original equipment manufacturers (OEMs).
2. Obtain information about the ISO 9000 family
The persons identified for initiating the development of an ISO 9000 QMS need tounderstand the requirements of ISO 9001:2008 as read with ISO 9000:2000 and ISO 9001:2008.
Supporting information such as quality management principles, frequently asked questions (FAQs), guidance on clause 1.2 (application) of ISO 9001:2008, guidance on documentation requirements of ISO 9001:2008 and other brochures are available free of charge on the ISO web site;
3. Appoint a consultant, if necessary
If, within the organization, you do not have adequate competence to develop a QMS, you may appoint a consultant. Before doing so, it is good to check his/her background; knowledge about the product realization processes of your organization; and experience in helping other organizations to achieve their stated goals, including certification.
Carry out a cost-benefit analysis of hiring a consultant and agree the scope of his/her work in writing. It is also possible to appoint a consultant only for the training of key staff; the latter can then carry out further training and development of the system.
4. Awareness and training
Raise awareness about QMS requirements amongst all personnel performing activities that affect quality. Plan for and provide specific training on how to develop Quality Manuals; on procedures; on QMS planning; on how to identify and implement improvement processes; and on how to audit compliance with the QMS, etc.
The Institute of Quality Assurance (IQA), the American Society for Quality (ASQ)and the International Auditor and Training Certification Association (IATCA) can provide lists of training organizations.
5. Gap analysis
Evaluate gaps between your existing quality management system and the QMS requirements of ISO 9001. Prepare how to bridge these gaps, including by planning for any additional resources required. Gap analysis may be carried out through selfassessment or by the external consultant.
6. Product realization processes
Review clause 7 of ISO 9001:2008 relating to “Product realization” to determine how the requirements apply or do not apply to your company’s QMS.
The processes covered by this clause include:
• Customer-related processes
• Design and development
• Purchasing
• Production and service provision
• Control of measuring and monitoring devices
Note that if your company is not responsible for preparing the design of your product, you can exclude the requirement for “design and development” from your QMS and explain the reasons for doing so in your Quality Manual.
7. Staffing
Decide on the responsibilities of the persons who will be involved in developing and documenting the QMS, including the appointment of a management representative who will oversee the implementation of the QMS. Establishing a project Steering Committee may also prove useful to oversee progress and provide resources wherever required.
8. Planning a time frame
Prepare a complete plan to close the gaps identified in Step 5 to develop the QMS processes. In the plan, include activities to be performed, resources required, responsibilities and an estimated completion time for each activity. Clauses 4.1 and
7.1 of ISO 9001:2008 provide information that should be used when developing the plan. The total time required for each phase (planning, documentation, implementation and evaluation) depends on the extent of the gaps in your existing QMS.
9. Draft a Quality Manual
In your Quality Manual;
• Include how the QMS applies to the products, processes, locations and departments of the organization;
• Exclude any requirement with justification for doing so as decided in step 6
above;
• Refer to or include documented procedures for QMS;
• Describe the interaction between the processes of the QMS, e.g., the interaction between product realization processes and other management, measurement and improvement processes; and
• Draft the quality policy and quality objectives for the organization.
The staff concerned in the organization should review the Quality Manual and the documented procedures so that their comments and suggestions can be taken into account before the Quality Manual and procedures are approved for issue and use.
The effective date of implementation should also be decided.
10. Carry out internal audits
During the phase of implementation of some three to six months after the documentation has been written, the trained auditors should carry out one or two internal audits covering all activities for the QMS, and concerned management should take corrective action on the audit findings without delay. Wherever required, revise the manuals, procedures and objectives. After each internal audit, the top management should review the effectiveness of the system and provide necessary resources for corrective actions and improvements.
11. Apply for certification
On satisfactory completion of Step 10, and if your company decides to obtain third party certification, you can make an application for certification to an accredited certification body. The certification audit process is explained section VII.
12. Conduct periodic evaluations
After certification, the organization should periodically conduct internal audits to review the effectiveness of the QMS and see how it can be “continually improved”. The organization should evaluate periodically if the purpose and goals (see Step 1) for which the QMS was developed are being achieved, including its continual improvement.
ISO 9001 Standards – Management Review
ISO 9001 Standards – Management Review
Review the quality management system at planned intervals to:- Assess possible opportunities for improvementEnsure a suitable, adequate, and effective system
- Evaluate the need for any changes to the system
- Consider the need for changes to the quality policy and objectives
Maintain records of the management reviews.
Inputs for management review must include information on:
- Results of audits
- Customer feedback
- Process performance and product conformity
- Status of preventive and corrective actions
- Follow-up actions from earlier reviews
- Changes that could affect the quality system
- Recommendations for improvement
Outputs from the management review must include any decisions and actions related to:
- Improvement of the effectiveness of the quality management system and its processes
- Improvement of product related to customer requirements
- Resource needs
Review the quality management system at planned intervals to:- Assess possible opportunities for improvementEnsure a suitable, adequate, and effective system
- Evaluate the need for any changes to the system
- Consider the need for changes to the quality policy and objectives
Maintain records of the management reviews.
Inputs for management review must include information on:
- Results of audits
- Customer feedback
- Process performance and product conformity
- Status of preventive and corrective actions
- Follow-up actions from earlier reviews
- Changes that could affect the quality system
- Recommendations for improvement
Outputs from the management review must include any decisions and actions related to:
- Improvement of the effectiveness of the quality management system and its processes
- Improvement of product related to customer requirements
- Resource needs
Preparing ISO 9001 Quality Manual
Preparing ISO 9001 Quality Manual
The standard requires a quality manual to be established and maintained that includes the scope of the quality management system, the documented procedures or reference to them and a description of the sequence and interaction of processes included in the quality management system.
ISO 9001 defines a quality manual as a document specifying the quality management system of an
organization. It is therefore not intended that the quality manual be a response to the requirements of ISO 9001. As the top-level document describing the management system it is a system description describing how the organization is managed.
Countless quality manuals produced to satisfy ISO 9001:2008, were no more than 20 sections that paraphrased the requirements of the standard. Such documentation adds no value. They are of no use to managers, staff or auditors. Often thought to be useful to customers, organizations would gain no more confidence from customers than would be obtained from their registration certificate.
A description of the management system is necessary as a means of showing how all the processes are interconnected and how they collectively deliver the business outputs. It has several uses as :
1. a means to communicate the vision, values, mission, policies and objectives of the organization
2. a means of showing how the system has been designed
3. a means of showing linkages between processes
4. a means of showing who does what an aid to training new people
5. a tool in the analysis of potential improvements
6. a means of demonstrating compliance with external standards and regulations
When formulating the policies, objectives and identifying the processes to achieve them, the manual provides a convenient vehicle for containing such information. If left as separate pieces of information, it may be more difficult to see the linkages.
The requirement provides the framework for the quality manual. Its content may therefore include the following:
1 Introduction
(a) Purpose (of the manual)
(b) Scope (of the manual)
(c) Applicability (of the manual)
(d) Definitions (of terms used in the manual)
2 Business overview
(a) Nature of the business/organization – its scope of activity, its products and services
(b) The organization’s interested parties (customers, employees, regulators, shareholders, suppliers, owners etc.)
(c) The context diagram showing the organization relative to its external environment
(d) Vision, values
(e) Mission
3 Organization
(a) Function descriptions
(b) Organization chart
(c) Locations with scope of activity
4 Business processes
(a) The system model showing the key business processes and how they are interconnected
(b) System performance indicators and method of measurement
(c) Business planning process description
(d) Resource management process description
(e) Marketing process description
(f) Product/service generation processes description
(g) Sales process description
(h) Order fulfilment process description
5 Function matrix (Relationship of functions to processes)
6 Location matrix (Relationship of locations to processes)
7 Requirement deployment matrices
(a) ISO 9001 compliance matrix
(b) ISO 14001 compliance matrix
(c) Regulation compliance matrices (FDA, Environment, Health, Safety, CAA etc.)
8 Approvals (List of current product, process and system approvals)
The process descriptions can be contained in separate documents and should cover the topics identified previously (see Documents that ensure effective planning, operation and control of processes ).
As the quality manual contains a description of the management system a more apt title would be a Management System Manual (MSM) or maybe a title reflecting its purpose might be Management System Description (MSD).
In addition a much smaller document could be produced that does respond to the requirements of ISO 9001, ISO 14001, and the regulations of regulatory authorities. Each document would be an exposition produced purely to map your management system onto these external requirements to demonstrate how your system meets these requirements. When a new requirement comes along, you can produce a new exposition rather than attempt to change your system to suit all parties. A model of such relationships is illustrated in Figure 4.10. The process descriptions that emerge from the Management System Manual describe the core business processes and are addressed in Chapter 4 under the heading of Documents that ensure effective operation and control of processes.
The standard requires a quality manual to be established and maintained that includes the scope of the quality management system, the documented procedures or reference to them and a description of the sequence and interaction of processes included in the quality management system.
ISO 9001 defines a quality manual as a document specifying the quality management system of an
organization. It is therefore not intended that the quality manual be a response to the requirements of ISO 9001. As the top-level document describing the management system it is a system description describing how the organization is managed.
Countless quality manuals produced to satisfy ISO 9001:2008, were no more than 20 sections that paraphrased the requirements of the standard. Such documentation adds no value. They are of no use to managers, staff or auditors. Often thought to be useful to customers, organizations would gain no more confidence from customers than would be obtained from their registration certificate.
A description of the management system is necessary as a means of showing how all the processes are interconnected and how they collectively deliver the business outputs. It has several uses as :
1. a means to communicate the vision, values, mission, policies and objectives of the organization
2. a means of showing how the system has been designed
3. a means of showing linkages between processes
4. a means of showing who does what an aid to training new people
5. a tool in the analysis of potential improvements
6. a means of demonstrating compliance with external standards and regulations
When formulating the policies, objectives and identifying the processes to achieve them, the manual provides a convenient vehicle for containing such information. If left as separate pieces of information, it may be more difficult to see the linkages.
The requirement provides the framework for the quality manual. Its content may therefore include the following:
1 Introduction
(a) Purpose (of the manual)
(b) Scope (of the manual)
(c) Applicability (of the manual)
(d) Definitions (of terms used in the manual)
2 Business overview
(a) Nature of the business/organization – its scope of activity, its products and services
(b) The organization’s interested parties (customers, employees, regulators, shareholders, suppliers, owners etc.)
(c) The context diagram showing the organization relative to its external environment
(d) Vision, values
(e) Mission
3 Organization
(a) Function descriptions
(b) Organization chart
(c) Locations with scope of activity
4 Business processes
(a) The system model showing the key business processes and how they are interconnected
(b) System performance indicators and method of measurement
(c) Business planning process description
(d) Resource management process description
(e) Marketing process description
(f) Product/service generation processes description
(g) Sales process description
(h) Order fulfilment process description
5 Function matrix (Relationship of functions to processes)
6 Location matrix (Relationship of locations to processes)
7 Requirement deployment matrices
(a) ISO 9001 compliance matrix
(b) ISO 14001 compliance matrix
(c) Regulation compliance matrices (FDA, Environment, Health, Safety, CAA etc.)
8 Approvals (List of current product, process and system approvals)
The process descriptions can be contained in separate documents and should cover the topics identified previously (see Documents that ensure effective planning, operation and control of processes ).
As the quality manual contains a description of the management system a more apt title would be a Management System Manual (MSM) or maybe a title reflecting its purpose might be Management System Description (MSD).
In addition a much smaller document could be produced that does respond to the requirements of ISO 9001, ISO 14001, and the regulations of regulatory authorities. Each document would be an exposition produced purely to map your management system onto these external requirements to demonstrate how your system meets these requirements. When a new requirement comes along, you can produce a new exposition rather than attempt to change your system to suit all parties. A model of such relationships is illustrated in Figure 4.10. The process descriptions that emerge from the Management System Manual describe the core business processes and are addressed in Chapter 4 under the heading of Documents that ensure effective operation and control of processes.
Scope Of The Quality Management System
Scope Of The Quality Management System
The ISO 9001 standard requires the quality manual to include the scope of the quality management system including details of justification for any exclusion. The standard addresses activities that may not be relevant or applicable to an organization. The permissible exclusions are explained in section 1.2 of ISO 9001. Here it states that the organization may only exclude requirements that neither affect the organization’s ability, nor its responsibility to provide product that meets customer and applicable regulatory requirements. The requirements for which exclusion is permitted are limited to those in section 7 of the standard.
Under ISO 9001:2008, it was possible for organizations to exclude functions and processes of their organization that may have been difficult to control or were not part of the order fulfilment cycle. Organizations that designed their own products but not for specific customers could escape bringing these operations into the management system. Marketing was omitted because it operated before placement of order. Accounting, Administration, Maintenance, Publicity, Public Relations and After Sales Support functions were often omitted because there were no requirements in the standard that specifically dealt with such activities. As there is no function in an organization that does not directly or indirectly serve the satisfaction of interested parties, it is unlikely that any function or process will now be excluded from the quality management system.
It is sensible to describe the scope of the quality management system so as to ensure effective communication. The scope of the quality management system is one area that generates a lot of misunderstanding particularly when dealing with auditors, consultants and customers. When you claim you have a management system that meets ISO 9001 it could imply that you design, develop, install and service the products you supply, when in fact you may only be a distributor. Why you need to justify specific exclusions is uncertain because it is more practical to justify inclusions.
The scope of the quality management system is the scope of the organization. There is no longer any reason to exclude locations, activities, functions or processes for which there is no requirement in the standard. The reason is because the ISO 9000 family now serves customer satisfaction and is not limited to quality assurance as were the 1994 versions of ISO 9001, ISO 9002 and ISO 9003.
It is not appropriate to address exclusions by inserting pages in the manual corresponding to the sections of the standard and adding justification if not within the scope of the management system – such as ‘We don’t do this!’.
It is much more appropriate to use an appendix as indicated previously in the manual contents list. By describing the nature of the business, you are establishing boundary conditions. If in doing so you do not mention that you design products, it will be interpreted that design is not applicable.
For exclusions relative to detail requirements, the Compliance Matrix may suffice but for an unambiguous solution, it is preferable to produce an exposition that addresses each requirement of the standard.
The ISO 9001 standard requires the quality manual to include the scope of the quality management system including details of justification for any exclusion. The standard addresses activities that may not be relevant or applicable to an organization. The permissible exclusions are explained in section 1.2 of ISO 9001. Here it states that the organization may only exclude requirements that neither affect the organization’s ability, nor its responsibility to provide product that meets customer and applicable regulatory requirements. The requirements for which exclusion is permitted are limited to those in section 7 of the standard.
Under ISO 9001:2008, it was possible for organizations to exclude functions and processes of their organization that may have been difficult to control or were not part of the order fulfilment cycle. Organizations that designed their own products but not for specific customers could escape bringing these operations into the management system. Marketing was omitted because it operated before placement of order. Accounting, Administration, Maintenance, Publicity, Public Relations and After Sales Support functions were often omitted because there were no requirements in the standard that specifically dealt with such activities. As there is no function in an organization that does not directly or indirectly serve the satisfaction of interested parties, it is unlikely that any function or process will now be excluded from the quality management system.
It is sensible to describe the scope of the quality management system so as to ensure effective communication. The scope of the quality management system is one area that generates a lot of misunderstanding particularly when dealing with auditors, consultants and customers. When you claim you have a management system that meets ISO 9001 it could imply that you design, develop, install and service the products you supply, when in fact you may only be a distributor. Why you need to justify specific exclusions is uncertain because it is more practical to justify inclusions.
The scope of the quality management system is the scope of the organization. There is no longer any reason to exclude locations, activities, functions or processes for which there is no requirement in the standard. The reason is because the ISO 9000 family now serves customer satisfaction and is not limited to quality assurance as were the 1994 versions of ISO 9001, ISO 9002 and ISO 9003.
It is not appropriate to address exclusions by inserting pages in the manual corresponding to the sections of the standard and adding justification if not within the scope of the management system – such as ‘We don’t do this!’.
It is much more appropriate to use an appendix as indicated previously in the manual contents list. By describing the nature of the business, you are establishing boundary conditions. If in doing so you do not mention that you design products, it will be interpreted that design is not applicable.
For exclusions relative to detail requirements, the Compliance Matrix may suffice but for an unambiguous solution, it is preferable to produce an exposition that addresses each requirement of the standard.
ISO 9001 Quality Policy
ISO 9001 Quality Policy
The standard requires the quality policy to be appropriate to the purpose of the organization.
The purpose of an organization is quite simply the reason for its existence and as Peter Drucker so eloquently put it there is only one valid definition of business purpose: to create a customer”(Drucker, Peter F., 1977)2 . In ensuring that the quality policy is appropriate to the purpose of the organization, it must be appropriate to the customers the organization desires to create. It is therefore necessary to establish who the customers are, where the customers are, what they buy or wish to receive and what these customers regard as value. As stated above, the quality policy is the corporate policy and such policies exist to channel actions and decisions along a path that will fulfil the organization’s purpose and mission. A goal of the organization may be the attainment of ISO 9001 certification and thus a quality policy of meeting the requirements of ISO 9001 would be consistent with such a goal, but goals are not the same as purpose as indicated in the box to the right. Clearly no organization would have ISO 9001 certification as its purpose because certification is not a reason for existence – an objective maybe but not a purpose.
Policies expressed as short catchy phrases such as “to be the best” really do not channel actions and decisions. They become the focus of ridicule when the organization’s fortunes change. There has to be a clear link from mission to quality policy.
Policies are not expressed as vague statements or emphatic statements using the words may, should or shall, but clear intentions by use of the words ‘we will’
– thus expressing a commitment or by the words ‘we are, we do, we don’t, we have’ expressing shared beliefs. Very short statements tend to become slogans which people chant but rarely understand the impact on what they do. Their virtue is that they rarely become outdated. Long statements confuse people because they contain too much for them to remember. Their virtue is that they not only define what the company stands for but how it will keep its promises.
In the ISO 9001 definition of quality policy it is suggested that the eight quality management principles be used as a basis for establishing the quality policy.
One of these principles is the Customer Focus principle. By including in the quality policy the intention to identify and satisfy the needs and expectations of customers and other interested parties and the associated strategy by which this will be achieved, this requirement would be fulfilled. The inclusion of the strategy is important because the policy should guide action and decision. Omitting the strategy may not ensure uniformity of approach and direction.
The standard requires that the quality policy include a commitment to comply with requirements and continually improve the effectiveness of the quality management system.
A commitment to comply with requirements means that the organization should undertake to meet the requirements of all interested parties. This means meeting the requirements of customer, suppliers, employees, investors, owners and society. Customer requirements are those either specified or implied by customers or determined by the organization and these are dealt with in more detail under clauses 5.2 and 7.2.1. The requirements of employees are those covered by legislation such as access, space, environmental conditions, equal opportunities and maternity leave but also the legislation appropriate to minority groups such as the disabled and any agreements made with unions or other representative bodies. Investors have rights also and these will be addressed in the investment agreements. The requirements of society are those obligations resulting from laws, statutes, regulations etc.
An organization accepts such obligations when it is incorporated as a legal entity, when it accepts orders from customers, when it recruits employees, when it chooses to trade in regulated markets and when it chooses to use or process materials that impact the environment.
The effectiveness of the management system is judged by the extent to which it fulfils its purpose. Therefore improving effectiveness means improving the capability of the management system. Changes to the management system that improve its capability i.e its ability to deliver outputs that satisfy all the interested parties, are a certain types of change and not all management system changes will accomplish this. This requirement therefore requires top management to pursue changes that bring about an improvement in performance.
The standard requires the quality policy to be appropriate to the purpose of the organization.
The purpose of an organization is quite simply the reason for its existence and as Peter Drucker so eloquently put it there is only one valid definition of business purpose: to create a customer”(Drucker, Peter F., 1977)2 . In ensuring that the quality policy is appropriate to the purpose of the organization, it must be appropriate to the customers the organization desires to create. It is therefore necessary to establish who the customers are, where the customers are, what they buy or wish to receive and what these customers regard as value. As stated above, the quality policy is the corporate policy and such policies exist to channel actions and decisions along a path that will fulfil the organization’s purpose and mission. A goal of the organization may be the attainment of ISO 9001 certification and thus a quality policy of meeting the requirements of ISO 9001 would be consistent with such a goal, but goals are not the same as purpose as indicated in the box to the right. Clearly no organization would have ISO 9001 certification as its purpose because certification is not a reason for existence – an objective maybe but not a purpose.
Policies expressed as short catchy phrases such as “to be the best” really do not channel actions and decisions. They become the focus of ridicule when the organization’s fortunes change. There has to be a clear link from mission to quality policy.
Policies are not expressed as vague statements or emphatic statements using the words may, should or shall, but clear intentions by use of the words ‘we will’
– thus expressing a commitment or by the words ‘we are, we do, we don’t, we have’ expressing shared beliefs. Very short statements tend to become slogans which people chant but rarely understand the impact on what they do. Their virtue is that they rarely become outdated. Long statements confuse people because they contain too much for them to remember. Their virtue is that they not only define what the company stands for but how it will keep its promises.
In the ISO 9001 definition of quality policy it is suggested that the eight quality management principles be used as a basis for establishing the quality policy.
One of these principles is the Customer Focus principle. By including in the quality policy the intention to identify and satisfy the needs and expectations of customers and other interested parties and the associated strategy by which this will be achieved, this requirement would be fulfilled. The inclusion of the strategy is important because the policy should guide action and decision. Omitting the strategy may not ensure uniformity of approach and direction.
The standard requires that the quality policy include a commitment to comply with requirements and continually improve the effectiveness of the quality management system.
A commitment to comply with requirements means that the organization should undertake to meet the requirements of all interested parties. This means meeting the requirements of customer, suppliers, employees, investors, owners and society. Customer requirements are those either specified or implied by customers or determined by the organization and these are dealt with in more detail under clauses 5.2 and 7.2.1. The requirements of employees are those covered by legislation such as access, space, environmental conditions, equal opportunities and maternity leave but also the legislation appropriate to minority groups such as the disabled and any agreements made with unions or other representative bodies. Investors have rights also and these will be addressed in the investment agreements. The requirements of society are those obligations resulting from laws, statutes, regulations etc.
An organization accepts such obligations when it is incorporated as a legal entity, when it accepts orders from customers, when it recruits employees, when it chooses to trade in regulated markets and when it chooses to use or process materials that impact the environment.
The effectiveness of the management system is judged by the extent to which it fulfils its purpose. Therefore improving effectiveness means improving the capability of the management system. Changes to the management system that improve its capability i.e its ability to deliver outputs that satisfy all the interested parties, are a certain types of change and not all management system changes will accomplish this. This requirement therefore requires top management to pursue changes that bring about an improvement in performance.
ISO 14001 ENVIRONMENTAL POLICY
ISO 14001 ENVIRONMENTAL POLICY
The intent of an environmental policy is to state the organization’s commitment to continuous improvement in environmental performance. A strong, clear environmental policy can serve as both a starting point for developing the EMS and a reference point for maintaining continuous improvement.The policy should be evaluated regularly and modified, as necessary, to reflect changing environmental priorities.The policy should function in two ways: (1) within the company, the policy should focus attention on environmental issues associated with company activities, products, and services; and (2) outside the company, the policy is a public commitment to addressing environmental issues and continuously improving environmental performance.The environmental policy must address:• Commitment to compliance with relevant environmental legislation andregulations• Pollution prevention• Continuous improvement
Tips for Developing an Environmental Policy:1. Develop a policy that reflects perspectives of various employees within the company (for example, line worker, owner, wastewater treatment operator, quality inspector, compliance/legal manager, production manager).2. Display the policy statement in view of all employees; the policy should be available to the public and customers if requested and be printed in languages other than English, as appropriate.3. Include top management signatures on the policy to demonstrate understanding and commitment.Purpose This procedure is used to develop and write the company’s environmental policy.
Step 1 The environmental manager will form a policy development team responsible for developing and writing the environmental policy. The policy will address, at a minimum, compliance, pollution prevention, and continuous improvement.
Step 2 The policy development team will review other relevant documents to ensure consistency with other company policies and guide the content and phrasing of the policy. Example documents include the company mission statement and the example environmental policies included in this EMS element.
Step 3 The policy will be displayed in view of all employees and introduced to new employees; the policy will be available in languages other than English, as appropriate, and to the public (on request) and customers (as appropriate).Step 4 The environmental manager will review the environmental policy at least annually, and update it if needed.
Responsible Person: _____________________________________Signature and Date: ______________________________________
Environmental Policy Example 1
It is the policy of COMPANY NAME to conduct its operations in a manner that is environmentally responsible and befitting a good corporate neighbor and citizen.In accordance with this policy, COMPANY NAME complies with all environmental laws and manages all phases of its business in a manner that minimizes the impact of its operations on the environment.To further this policy, COMPANY NAME shall:1. Include environmental requirements in planning and design activities2. Comply with applicable environmental laws and regulations3. Eliminate, or reduce to the maximum practical extent, the release of contaminants into the environment, first through pollution prevention (material substitution and source reduction), then recycling, and finally through treatment and control technologies4. Effectively communicate with company employees, suppliers, regulators, and customers, as well as the surrounding community, regarding the environmental impact of company operations5. Periodically review and demonstrate continuous improvement in the company’s environmental management system
SIGNATURE___________________
Responsible Person______________________
Environmental Policy Sample 2
Effective Date
ENVIRONMENTAL POLICY
_________________________ IS COMMITTED TO IMPROVE THE HEALTH, SAFETY AND ENVIRONMENT FOR OUR EMPLOYEES, NEIGHBORS, AND FAMILIES.
WE WILL MEET AND OR EXCEED LAWFUL COMPLIANCE THROUGH POLLUTION PREVENTION PRACTICES AND CONTINUOUS IMPROVEMENT.
TO IMPLEMENT THIS POLICY WE WILL CREATE AN ENVIRONMENTAL MANAGEMENT SYSTEM TO IDENTIFY GOALS, SYSTEMS, MEASUREMENTS AND SAMPLING METHODS.TO SUPPLEMENT THIS POLICY WE WILL INCORPORATE SOURCE REDUCTION THROUGH REUSE, RECYCLING, MATERIAL SUBSTITUTION, NEW AND IMPROVED TECHNOLOGIES, CREATIVE MANAGEMENT AND OPERATIONAL PRACTICES.
TO MAINTAIN THIS POLICY WE WILL PERFORM MANAGEMENT REVIEW, REVENTATIVE MAINTENANCE, EMPLOYEE TRAINING, AND A COMMITMENT AND INVOLVEMENT FROM OUR EMPLOYEES AND MANAGEMENT TO SUPPORT THIS POLICY.
The intent of an environmental policy is to state the organization’s commitment to continuous improvement in environmental performance. A strong, clear environmental policy can serve as both a starting point for developing the EMS and a reference point for maintaining continuous improvement.The policy should be evaluated regularly and modified, as necessary, to reflect changing environmental priorities.The policy should function in two ways: (1) within the company, the policy should focus attention on environmental issues associated with company activities, products, and services; and (2) outside the company, the policy is a public commitment to addressing environmental issues and continuously improving environmental performance.The environmental policy must address:• Commitment to compliance with relevant environmental legislation andregulations• Pollution prevention• Continuous improvement
Tips for Developing an Environmental Policy:1. Develop a policy that reflects perspectives of various employees within the company (for example, line worker, owner, wastewater treatment operator, quality inspector, compliance/legal manager, production manager).2. Display the policy statement in view of all employees; the policy should be available to the public and customers if requested and be printed in languages other than English, as appropriate.3. Include top management signatures on the policy to demonstrate understanding and commitment.Purpose This procedure is used to develop and write the company’s environmental policy.
Step 1 The environmental manager will form a policy development team responsible for developing and writing the environmental policy. The policy will address, at a minimum, compliance, pollution prevention, and continuous improvement.
Step 2 The policy development team will review other relevant documents to ensure consistency with other company policies and guide the content and phrasing of the policy. Example documents include the company mission statement and the example environmental policies included in this EMS element.
Step 3 The policy will be displayed in view of all employees and introduced to new employees; the policy will be available in languages other than English, as appropriate, and to the public (on request) and customers (as appropriate).Step 4 The environmental manager will review the environmental policy at least annually, and update it if needed.
Responsible Person: _____________________________________Signature and Date: ______________________________________
Environmental Policy Example 1
It is the policy of COMPANY NAME to conduct its operations in a manner that is environmentally responsible and befitting a good corporate neighbor and citizen.In accordance with this policy, COMPANY NAME complies with all environmental laws and manages all phases of its business in a manner that minimizes the impact of its operations on the environment.To further this policy, COMPANY NAME shall:1. Include environmental requirements in planning and design activities2. Comply with applicable environmental laws and regulations3. Eliminate, or reduce to the maximum practical extent, the release of contaminants into the environment, first through pollution prevention (material substitution and source reduction), then recycling, and finally through treatment and control technologies4. Effectively communicate with company employees, suppliers, regulators, and customers, as well as the surrounding community, regarding the environmental impact of company operations5. Periodically review and demonstrate continuous improvement in the company’s environmental management system
SIGNATURE___________________
Responsible Person______________________
Environmental Policy Sample 2
Effective Date
ENVIRONMENTAL POLICY
_________________________ IS COMMITTED TO IMPROVE THE HEALTH, SAFETY AND ENVIRONMENT FOR OUR EMPLOYEES, NEIGHBORS, AND FAMILIES.
WE WILL MEET AND OR EXCEED LAWFUL COMPLIANCE THROUGH POLLUTION PREVENTION PRACTICES AND CONTINUOUS IMPROVEMENT.
TO IMPLEMENT THIS POLICY WE WILL CREATE AN ENVIRONMENTAL MANAGEMENT SYSTEM TO IDENTIFY GOALS, SYSTEMS, MEASUREMENTS AND SAMPLING METHODS.TO SUPPLEMENT THIS POLICY WE WILL INCORPORATE SOURCE REDUCTION THROUGH REUSE, RECYCLING, MATERIAL SUBSTITUTION, NEW AND IMPROVED TECHNOLOGIES, CREATIVE MANAGEMENT AND OPERATIONAL PRACTICES.
TO MAINTAIN THIS POLICY WE WILL PERFORM MANAGEMENT REVIEW, REVENTATIVE MAINTENANCE, EMPLOYEE TRAINING, AND A COMMITMENT AND INVOLVEMENT FROM OUR EMPLOYEES AND MANAGEMENT TO SUPPORT THIS POLICY.
ISO 14001 ENVIRONMENTAL ASPECTS AND IMPACTS
ISO 14001 Environmental Aspects And Impacts
The fundamental purpose of the EMS is to control and reduce the environmental impacts of your facility’s processes and products. For this reason, a critical element of the EMS involves identifying and prioritizing the environmental aspects and impacts associated with your facility. An environmental aspect is an element of an organizations activities, products, or services that can interact with the environment. For example, chrome plating is a metal finishing activity and an associated aspect is chrome air emissions.This aspect may have an impact on the environment in several ways, for example, ambient air quality degradation.The environmental aspects and impacts of your metal finishing operations can be identified, prioritized, and documented in several ways. This Template includes two approaches, either of which can be used during EMS implementation. Use the approach that works best for your circumstances. This process is important because high-priority environmental aspects and impacts will be considered when environmental objectives and targets are established.
Aspects and Impacts Form A — The first approach uses the experience and judgment ofemployees familiar with facility processes to identify the top five environmental issuescurrently facing the facility. These issues and their specific aspects and impacts shouldbe summarized using Aspects and Impacts Form A.
Aspects and Impacts Form B — The second approach uses detailed, structured matricesto list and prioritize environmental aspects and impacts according to the followingcategories:• Environmental Aspects and Impacts: Wastewater• Environmental Aspects and Impacts: Air Emissions• Environmental Aspects and Impacts: Hazardous and Solid Waste• Environmental Aspects and Impacts: Raw Materials• Environmental Aspects and Impacts: Water and Energy
The matrices that comprise Form B will help facility staff identify and document environmental aspects and impacts. The matrices also provide criteria for prioritizing environmental aspects and impacts; this process is important because high-priority environmental aspects and impacts will be considered when environmental objectives and targets are established. One possible way to prioritize environmental aspects and impacts using Form B is described as follows:Step 1:For each aspect and impact, score each prioritization criterion on a scale from 1 to 5, where 1 indicates the criterion is very important or relevant to that aspect (for example, the aspect is strictly regulated, is the subject of compliance violations, or is a waste generated in large uantities), and 5 indicates the criterion is relatively unimportant or irrelevant to that aspect (for example, the aspect is an unregulated waste, is generated infrequently, and is inexpensive to manage).Step 2:Add the scores of all criteria for each aspect and write the total in the right-most column of the form.This number indicates the relative priority of the aspect compared to other aspects and impacts in the same category. The lower the total score, the higher the priority.Purpose Of This procedure is used to identify, document, and update the environmental aspects and impacts of facility processes and operations.
Step 1 The environmental manager and other facility personnel selected by the environmental manager are responsible for identifying and prioritizing the environmental aspects and impacts of facility operations during EMS planning and development.Environmental aspects are characteristics of facility processes and products that interact with the environment. Only environmental aspects the company can control or influence will be considered. Environmental impacts are the effects of an organization’s activitie , products or services on the environment.
Step 2 Environmental aspects and impacts will be documented and prioritized.Environmental aspects and impacts will be associated with the following categories:• Wastewater• Air emissions• Hazardous and solid waste• Raw materials• Water and energyHigh-priority environmental aspects and impacts will be considered when environmentalobjectives and targets are set.
Step 3 The environmental manager and other facility personnel will review and updatethe environmental aspects and impacts documentation annually.
Step 4 Environmental aspects and impacts documentation will be retained at the facilityfor at least 2 years.
Responsible Person: _____________________________________
Signature and Date: ______________________________________
The fundamental purpose of the EMS is to control and reduce the environmental impacts of your facility’s processes and products. For this reason, a critical element of the EMS involves identifying and prioritizing the environmental aspects and impacts associated with your facility. An environmental aspect is an element of an organizations activities, products, or services that can interact with the environment. For example, chrome plating is a metal finishing activity and an associated aspect is chrome air emissions.This aspect may have an impact on the environment in several ways, for example, ambient air quality degradation.The environmental aspects and impacts of your metal finishing operations can be identified, prioritized, and documented in several ways. This Template includes two approaches, either of which can be used during EMS implementation. Use the approach that works best for your circumstances. This process is important because high-priority environmental aspects and impacts will be considered when environmental objectives and targets are established.
Aspects and Impacts Form A — The first approach uses the experience and judgment ofemployees familiar with facility processes to identify the top five environmental issuescurrently facing the facility. These issues and their specific aspects and impacts shouldbe summarized using Aspects and Impacts Form A.
Aspects and Impacts Form B — The second approach uses detailed, structured matricesto list and prioritize environmental aspects and impacts according to the followingcategories:• Environmental Aspects and Impacts: Wastewater• Environmental Aspects and Impacts: Air Emissions• Environmental Aspects and Impacts: Hazardous and Solid Waste• Environmental Aspects and Impacts: Raw Materials• Environmental Aspects and Impacts: Water and Energy
The matrices that comprise Form B will help facility staff identify and document environmental aspects and impacts. The matrices also provide criteria for prioritizing environmental aspects and impacts; this process is important because high-priority environmental aspects and impacts will be considered when environmental objectives and targets are established. One possible way to prioritize environmental aspects and impacts using Form B is described as follows:Step 1:For each aspect and impact, score each prioritization criterion on a scale from 1 to 5, where 1 indicates the criterion is very important or relevant to that aspect (for example, the aspect is strictly regulated, is the subject of compliance violations, or is a waste generated in large uantities), and 5 indicates the criterion is relatively unimportant or irrelevant to that aspect (for example, the aspect is an unregulated waste, is generated infrequently, and is inexpensive to manage).Step 2:Add the scores of all criteria for each aspect and write the total in the right-most column of the form.This number indicates the relative priority of the aspect compared to other aspects and impacts in the same category. The lower the total score, the higher the priority.Purpose Of This procedure is used to identify, document, and update the environmental aspects and impacts of facility processes and operations.
Step 1 The environmental manager and other facility personnel selected by the environmental manager are responsible for identifying and prioritizing the environmental aspects and impacts of facility operations during EMS planning and development.Environmental aspects are characteristics of facility processes and products that interact with the environment. Only environmental aspects the company can control or influence will be considered. Environmental impacts are the effects of an organization’s activitie , products or services on the environment.
Step 2 Environmental aspects and impacts will be documented and prioritized.Environmental aspects and impacts will be associated with the following categories:• Wastewater• Air emissions• Hazardous and solid waste• Raw materials• Water and energyHigh-priority environmental aspects and impacts will be considered when environmentalobjectives and targets are set.
Step 3 The environmental manager and other facility personnel will review and updatethe environmental aspects and impacts documentation annually.
Step 4 Environmental aspects and impacts documentation will be retained at the facilityfor at least 2 years.
Responsible Person: _____________________________________
Signature and Date: ______________________________________
Monday, September 21, 2009
Scope Of The Quality Management System
Scope Of The Quality Management System
The ISO 9001 standard requires the quality manual to include the scope of the quality management system including details of justification for any exclusion. The standard addresses activities that may not be relevant or applicable to an organization. The permissible exclusions are explained in section 1.2 of ISO 9001. Here it states that the organization may only exclude requirements that neither affect the organization’s ability, nor its responsibility to provide product that meets customer and applicable regulatory requirements. The requirements for which exclusion is permitted are limited to those in section 7 of the standard.
Under ISO 9001:2008, it was possible for organizations to exclude functions and processes of their organization that may have been difficult to control or were not part of the order fulfilment cycle. Organizations that designed their own products but not for specific customers could escape bringing these operations into the management system. Marketing was omitted because it operated before placement of order. Accounting, Administration, Maintenance, Publicity, Public Relations and After Sales Support functions were often omitted because there were no requirements in the standard that specifically dealt with such activities. As there is no function in an organization that does not directly or indirectly serve the satisfaction of interested parties, it is unlikely that any function or process will now be excluded from the quality management system.
It is sensible to describe the scope of the quality management system so as to ensure effective communication. The scope of the quality management system is one area that generates a lot of misunderstanding particularly when dealing with auditors, consultants and customers. When you claim you have a management system that meets ISO 9001 it could imply that you design, develop, install and service the products you supply, when in fact you may only be a distributor. Why you need to justify specific exclusions is uncertain because it is more practical to justify inclusions.
The scope of the quality management system is the scope of the organization. There is no longer any reason to exclude locations, activities, functions or processes for which there is no requirement in the standard. The reason is because the ISO 9000 family now serves customer satisfaction and is not limited to quality assurance as were the 1994 versions of ISO 9001, ISO 9002 and ISO 9003.
It is not appropriate to address exclusions by inserting pages in the manual corresponding to the sections of the standard and adding justification if not within the scope of the management system – such as ‘We don’t do this!’.
It is much more appropriate to use an appendix as indicated previously in the manual contents list. By describing the nature of the business, you are establishing boundary conditions. If in doing so you do not mention that you design products, it will be interpreted that design is not applicable.
For exclusions relative to detail requirements, the Compliance Matrix may suffice but for an unambiguous solution, it is preferable to produce an exposition that addresses each requirement of the standard.
The ISO 9001 standard requires the quality manual to include the scope of the quality management system including details of justification for any exclusion. The standard addresses activities that may not be relevant or applicable to an organization. The permissible exclusions are explained in section 1.2 of ISO 9001. Here it states that the organization may only exclude requirements that neither affect the organization’s ability, nor its responsibility to provide product that meets customer and applicable regulatory requirements. The requirements for which exclusion is permitted are limited to those in section 7 of the standard.
Under ISO 9001:2008, it was possible for organizations to exclude functions and processes of their organization that may have been difficult to control or were not part of the order fulfilment cycle. Organizations that designed their own products but not for specific customers could escape bringing these operations into the management system. Marketing was omitted because it operated before placement of order. Accounting, Administration, Maintenance, Publicity, Public Relations and After Sales Support functions were often omitted because there were no requirements in the standard that specifically dealt with such activities. As there is no function in an organization that does not directly or indirectly serve the satisfaction of interested parties, it is unlikely that any function or process will now be excluded from the quality management system.
It is sensible to describe the scope of the quality management system so as to ensure effective communication. The scope of the quality management system is one area that generates a lot of misunderstanding particularly when dealing with auditors, consultants and customers. When you claim you have a management system that meets ISO 9001 it could imply that you design, develop, install and service the products you supply, when in fact you may only be a distributor. Why you need to justify specific exclusions is uncertain because it is more practical to justify inclusions.
The scope of the quality management system is the scope of the organization. There is no longer any reason to exclude locations, activities, functions or processes for which there is no requirement in the standard. The reason is because the ISO 9000 family now serves customer satisfaction and is not limited to quality assurance as were the 1994 versions of ISO 9001, ISO 9002 and ISO 9003.
It is not appropriate to address exclusions by inserting pages in the manual corresponding to the sections of the standard and adding justification if not within the scope of the management system – such as ‘We don’t do this!’.
It is much more appropriate to use an appendix as indicated previously in the manual contents list. By describing the nature of the business, you are establishing boundary conditions. If in doing so you do not mention that you design products, it will be interpreted that design is not applicable.
For exclusions relative to detail requirements, the Compliance Matrix may suffice but for an unambiguous solution, it is preferable to produce an exposition that addresses each requirement of the standard.
Friday, September 18, 2009
Establishing a ISO 9001 records procedure
The ISO 9001 standard requires records to remain legible, readily identifiable and retrievable and that a procedure defines the controls needed for the identification, storage, protec- tion, retrieval, retention time and disposition of records.
Records have a life cycle. They are generated during which time they acquire an identity and are then assigned for storage for a prescribed period. During use and storage they need to be protected from inadvertent or malicious destruction and as they may be required to support current activities or investigations, they need to be brought out of storage quickly. When their usefulness has lapsed, a decision is made as to whether to retain them further or to destroy them.
Readily retrievable means that records can be obtained on demand within a reasonable period (hours not days or weeks) Readily identifiable means that the identity can be discerned at a glance.
Although the requirement implies a single procedure, several may be necessary because there are several unconnected tasks to perform. A procedure cannot in fact ensure a result. It may prescribe a course of action which if followed may lead to the correct result, but it is the process that ensures the result not the procedure.
The revised requirement omits several aspects covered in clause 4.16 of the 1994 version.
Collection of records is now addressed by Analysis of data (clause 8.4)
Indexing of records is a specific form of identification and is therefore
already addressed
Access is now addressed by the requirement for record retrieval
Filing is a specific form of storage and is therefore already addressed
You may only need one procedure which covers all the requirements but this
is not always practical. The provisions you make for specific records should be
included in the documentation for controlling the activity being recorded. For
example, provisions for inspection records should be included in the inspection
procedures; provisions for design review records should be included in the
design review procedure. Within such procedures you should provide the
forms (or content requirement for the records), the identification, collection/
submission provisions, the indexing and filing provisions. It may be more
practical to cover the storage, disposal and retention provisions in separate
procedures because they may not be type-dependent. Where each department
retains their own records, these provisions may vary and therefore warrant
separate procedures.
Unlike prescriptive documents, records may contain handwritten elements and
therefore it is important that the handwriting is legible. If this becomes a
problem, you either improve discipline or consider electronic data capture.
Records also become soiled in a workshop environment so may need to be
protected to remain legible. With electronically captured data, legibility is often
not a problem. However, photographs and other scanned images may not
transfer as well as the original and lose detail so care has to be taken in
selecting appropriate equipment for this task.
Whatever the records, they should carry some
identification in order that you can determine what
they are, what kind of information they record and
what they relate to. A simple way of doing this is to
give each record a reference number and a name or
title in a prominent location on the record.
1994 –2000 Differences
Previously the standard covered retrieval in four
ways. It required:
(a) that quality records be made available for evaluation by the customer or his epresentative for an agreed period, where agreed contractually
Records can take various forms – reports containing narrative, computer data, and forms containing data in boxes, graphs, tables, lists and many others.
Where forms are used to collect data, they should carry a form number and name as their identification. When completed they should carry a serial number to give each a separate identity. Records should also be traceable to the product or service they represent and this can be achieved either within the reference number or separately, provided that the chance of mistaken identity is eliminated. The standard does not require records to be identifiable to the product involved but unless you do make such provision you will not be able to access the pertinent records or demonstrate conformance to specified requirements.
For More Information, go to http://www.iso9001-standard.us
Records have a life cycle. They are generated during which time they acquire an identity and are then assigned for storage for a prescribed period. During use and storage they need to be protected from inadvertent or malicious destruction and as they may be required to support current activities or investigations, they need to be brought out of storage quickly. When their usefulness has lapsed, a decision is made as to whether to retain them further or to destroy them.
Readily retrievable means that records can be obtained on demand within a reasonable period (hours not days or weeks) Readily identifiable means that the identity can be discerned at a glance.
Although the requirement implies a single procedure, several may be necessary because there are several unconnected tasks to perform. A procedure cannot in fact ensure a result. It may prescribe a course of action which if followed may lead to the correct result, but it is the process that ensures the result not the procedure.
The revised requirement omits several aspects covered in clause 4.16 of the 1994 version.
Collection of records is now addressed by Analysis of data (clause 8.4)
Indexing of records is a specific form of identification and is therefore
already addressed
Access is now addressed by the requirement for record retrieval
Filing is a specific form of storage and is therefore already addressed
You may only need one procedure which covers all the requirements but this
is not always practical. The provisions you make for specific records should be
included in the documentation for controlling the activity being recorded. For
example, provisions for inspection records should be included in the inspection
procedures; provisions for design review records should be included in the
design review procedure. Within such procedures you should provide the
forms (or content requirement for the records), the identification, collection/
submission provisions, the indexing and filing provisions. It may be more
practical to cover the storage, disposal and retention provisions in separate
procedures because they may not be type-dependent. Where each department
retains their own records, these provisions may vary and therefore warrant
separate procedures.
Unlike prescriptive documents, records may contain handwritten elements and
therefore it is important that the handwriting is legible. If this becomes a
problem, you either improve discipline or consider electronic data capture.
Records also become soiled in a workshop environment so may need to be
protected to remain legible. With electronically captured data, legibility is often
not a problem. However, photographs and other scanned images may not
transfer as well as the original and lose detail so care has to be taken in
selecting appropriate equipment for this task.
Whatever the records, they should carry some
identification in order that you can determine what
they are, what kind of information they record and
what they relate to. A simple way of doing this is to
give each record a reference number and a name or
title in a prominent location on the record.
1994 –2000 Differences
Previously the standard covered retrieval in four
ways. It required:
(a) that quality records be made available for evaluation by the customer or his epresentative for an agreed period, where agreed contractually
Records can take various forms – reports containing narrative, computer data, and forms containing data in boxes, graphs, tables, lists and many others.
Where forms are used to collect data, they should carry a form number and name as their identification. When completed they should carry a serial number to give each a separate identity. Records should also be traceable to the product or service they represent and this can be achieved either within the reference number or separately, provided that the chance of mistaken identity is eliminated. The standard does not require records to be identifiable to the product involved but unless you do make such provision you will not be able to access the pertinent records or demonstrate conformance to specified requirements.
For More Information, go to http://www.iso9001-standard.us
Subscribe to:
Posts (Atom)