Quality System Basics

Section 1
 ISO Survey
(As of December 2007)
• At least 9,51,486 ISO 9001:2000
certificates had been issued in 175
countries and economies
• Out of the top ten countries China ranks
first with 2,10,773 certificates
• Italy, Japan and Spain follow
• India ranks fifth with 46,091 certificates
• Followed by Germany, U.S.A., U.K., France
and Netherlands with 18,922 certificates
The DEMING PDCA Cycle
 Schematic Representation of Process Approach

Top Management Process

outputs
Customers
inputs
A B C Customers
REALISATION PROCESSES

Support Processes

•Top management processes - planning, allocation of resources, management

review, etc.
•Realization processes - customer related processes, design and development,
product realization, etc.
•Support processes - training, maintenance, etc.
Model of Process based Quality Management System
Continual Improvement of the quality
management system

R 4 S
E A
Q Management
C C T
U Responsibility
U U I
I S
S 5 S
R Measurement, F
T Resource T
E 6 8 Analysis & A
O Management O
M Improvement C
M M
E 7 T
E E
N I
R Product R
T O
S Realization Product
N
 Application of PDCA Cycle
• The ultimate aim of any management system is
continual improvement of its performance
• To achieve
PLAN this, Deming’s PDCA cycle of
improvement is interwoven in the structure
ISO-9001:2008 as illustrated in the next slide
D0
• Plan – Do – Check - Act

CHECK
PDCA Cycle applied to ISO 9001:2008 clause 4.1

ACT PLAN
Identification of
Implementation of
sequence, interaction
improvement
criteria & methods
( Clause 4.1f )
( Clause 4.1 a,b,c )

CHECK DO
Monitoring,
Implementation of
Measurement
the planning
& Analysis
( Clause 4.1.d)
( Clause 4.1e)
Deploying Quality Improvement Process

Continual improvement process of Quality

Management System can be deployed
throughout the organization by
undertaking PDCA activities at various
levels
 Department/Section Heads

PLAN
• Establish procedures and instruction for
departmental activities
• Define responsibilities
• Establish objectives
• Plan resources including training of personnel
• Establish communication channel for
instructions and feed-back
 Department / Section Heads
DO

• Allocate clear responsibilities

• Provide resources and support
• Coordinate and harmonize activities
• Resolve problems
 Department/Section Heads

CHECK

• How is my department doing?

• Are processes under control?
• What are my employees telling me?
• Are we meeting customer requirements?
• Am I meeting my objectives?
• What are the key problems in my area?
• How can we improve?
 Department / Section Heads
ACT

• Systematic problem-solving (based on importance,

risks involved etc)
• Develop action plans
• Concentrate on improvement (incremental or
“breakthrough” improvements)
• Review existing procedures, and need for new
procedures
Quality Systems and Standards
Development

Section 2
 Quality Misconceptions
• Quality means expense
• Quality Systems are expensive nice to haves
• Good Quality is high specification
• Quality Control about testing and checking
• Quality is the responsibility of the Quality
Department
• Quality comes from Inspection
 Prevention vs. Detection
• Inspection was once considered the normal means
of attaining quality
• Inspection has been proved to be expensive as it is
always performed after the problem has occurred
• Inspection does not always find all the faults and
there is a risk that faulty items can be received by
the customer
• As there is always a delay between the problem
happening and the inspection it means that many
more faulty items can be produced at cost
Prevention vs. Detection …contd.
• Quality planning is carried out to plan exactly
how consistent quality can be achieved
• Quality planning is less expensive as it involves
a few peoples’ time and does not tie up the
production line equipment and staff or waste
materials
• Controlling suppliers and getting them to
ensure the quality of the supplies is cheaper and
more reliable than inspection
• Training of staff in understanding the processes
they operate and control is more efficient than
employing inspectors
 Control of Processes
We control processes by controlling the
inputs into the processes rather than
inspecting the outputs
• People – By training or qualification
• Materials – Control of suppliers and
specification
• Methods – By procedures & standards
• Machines – By maintenance systems
• Environment – By organisation and care
 Process Approach
• Process – Set of interrelated or interacting
activities which transforms inputs to outputs
• Product ( Service ) – Result of a process
• Outputs of one process may be inputs into
another process
• Control the inputs to ensure outputs meet
requirements
• Analyse and review for continual Improvement
 8 Principles of Quality
1. Customer Focus
2. Leadership
3. Involvement of People
4. Process Approach
5. System Approach to Management
6. Continual Improvement
7. Factual Approach to Decision Making
8. Mutually Beneficial Supplier Relations
 1. Customer Focus
• Understand current and future customer
needs and expectations
• Plan to meet customer requirements and
exceed expectations
• Clause 5.2 requires that Top Management
shall ensure that requirements are
determined and are met to enhance
customer satisfaction
 2. Leadership
• Leaders establish unity of purpose and
direction of the organisation
• Leaders shall create and maintain the
internal environment in which people can
become fully involved in achieving the
organisation’s objectives
 3. Involvement of People

• People at all levels are the essence of an

organisation and their full involvement
enables their abilities to be used for the
organisation's benefit
 4. Process Approach
• A desired result is achieved more
efficiently when activities and related
resources are managed as a process
• People, Machines, Methods, Materials
and Environment are the classic inputs
• Consistent inputs produce consistent
outputs
 5. System Approach to
Management
• Identifying, understanding and managing
interrelated processes as a system contributes
to the organisation’s effectiveness and
efficiency in achieving its objectives
• Outputs of one process are often inputs into the
next process
• Materials and information flow through
systems, the smoother the flow, the greater the
efficiency
 6. Continual Improvement
• Continual improvement of the
organisation’s overall performance
should be a permanent objective of the
organization
• This shall be planned and managed
throughout the whole organization
• No one and no system is ever perfect
• There is always room for improvement
7. Factual Approach to Decisions
• Effective decisions are based on the analysis
of data and information
• Methods and measures planned
• Data needs to be gathered factually,
independently and without bias
• Information needs to be communicated in a
usable format to decision makers
 8. Mutually Beneficial
Supplier Relationships
• An organisation and its suppliers are
interdependent and a mutually beneficial
relationship enhances the ability of both to
create value
 The Quality Approach
• Prevention should take place before the
problems arise
• It is cheaper and more effective to run
preventive systems than to run inspection based
systems
• Preventive measures include planning activities
carefully analyzing inputs and outputs,
training, writing and implementing procedures,
and auditing the activities
 History of Quality Standards
• US Military Standards
• AQAP Standards
• Motor Industry Standards
• BS 5750 : 1979
• ISO 10000 series
• ISO 9000 : 1987 Series of Standards
• ISO 9000 : 1994
• ISO 9000 : 2000
• ISO 9000 : 2008
 Standards and Guidelines
• Standards regulate requirements that
shall be met – ISO 9001
• Standards can be used to harmonise
requirements or terms – ISO 9000
• Guidelines Documents – ISO 9004,
ISO19011 Complement the Standards
 Standards Development
• National, European and International Standards
are produced on a consensus basis by committees
and sub committees
• ISO TC 176 is responsible for quality management
and quality assurance standards
• The ISO 9000 series are designed for international
standardization of quality, environmental and
health and safety management system standards
• Standards are reviewed for possible change every 6
years and the ISO 9000 – 2000 standards will
continue to be reviewed and further developed
 ISO 9000 Series Quality
Management Systems Standards
1. ISO 9000:2005 –Fundamentals and
vocabulary
2. ISO 9001:2008 – Requirements
3. ISO 9004:2000 – Guidelines for
performance improvements
4. ISO 19011:2002 – Guidelines for
Quality and /or Environmental
Management systems Auditing
 ISO 9000 : 2005
Fundamentals and Vocabulary
• Explains the Quality Management System
approach
• Eight Quality Management Principles
• Quality Policy and Objectives
• Processes and responsibilities
• Measurement methods and application
• Means to prevent nonconformities
• Applying process for continual improvement
• Definitions
 ISO 9001 : 2008
Quality Management Systems -
Requirements

• Specifies requirements for a QMS where an

organization needs to demonstrate its ability
to provide products/services that fulfill
customer and regulatory requirements
• Requirements are generic and applicable to
all products/services in all sectors of business
 ISO 9004 : 2000
Guidelines for performance
improvements

• Provides guidance that consider both the

effectiveness and efficiency of the Quality
Management System
• Aimed at improvement of performance and
satisfaction of customers and interested parties
• Used with ISO 9001 as a consistent pair of
standards
 ISO 19011:2002
Guidelines For Quality and /or
Environmental Management
Systems Auditing
• Principles of Auditing
• Managing an Audit Programme
• Audit Activities
• Competence and Evaluation of Auditors
 ISO 9000 : 2005 Definitions
• Quality – Degree to which a set of inherent
characteristics fulfils requirements
• Quality Management – Coordinated activities to
direct and control an organization with regard to
quality
• Quality Management System – Management system
to control and direct an organization with regard to
quality
• Quality Policy – Overall intentions and direction of
an organization related to quality as formally
expressed by top management
ISO 9000 : 2005 Definitions … contd 2
• Quality Control – part of quality management focused
on fulfilling quality requirements
• Quality Assurance – part of quality management
focused on providing confidence that quality
requirements will be fulfilled
• Quality Improvement – part of quality management
focused on increasing the ability to fulfill quality
requirements
• Supplier – Organization or person that provides a
product
• Customer – Organization or person that receives a
product
ISO 9000 : 2005 Definitions ..cont 3
• Audit - Systematic, independent and documented
process for obtaining audit evidence and
evaluating it objectively to determine the extent to
which audit criteria are fulfilled
• Audit Criteria – Set of policies, procedures or
requirements
• Audit Evidence – Records, statements of fact or
other information which are relevant to the audit
criteria and verifiable
• Audit Findings – Results of the evaluation of the
collected audit evidence against audit criteria
 Permissible Exclusions
• ISO 9001 Clause 1.2 Application
• Permissible reductions of scope limited to
exclusions related to clause 7 - Product
Realization and that such exclusions do not affect
the organization’s ability, or responsibility, to
provide product that meets customer and
applicable regulatory requirements
• Exclusion shall be stated in the quality manual
ISO 9001 Clause 7 Product Realization
1. Planning of product realization
2. Customer related processes/communications
3. Design and Development
4. Purchasing
5. Control of production and service provision,
Validation of Processes, Identification and
traceability, Customer property, Preservation
of product
6. Control of monitoring and measuring
equipment
 Statement of Scope
• Scope of application should relate to the
management of the organization, the site
or sites, the activities covered and the
standard used stating exclusions
• Conformity to the ISO 9001: 2008
standard cannot be claimed if exclusions
are other than those in clause 7
 The Benefits of ISO-9000
1. Organisation focus on "how they do business". Each
procedure and work instruction must be documented and
thus, becomes the springboard for Continuous
Improvement.

2. Documented processes - basis for repetition - help

eliminate variation within the process - efficiency improves -
cost of quality is reduced.

3. With the development of solid Corrective and

Preventative measures, permanent, company-wide
solutions to quality problems are found.
 The Benefits of ISO-9000 ….2

4. Employee morale is increased as they are asked to take

control of their processes and document their work
processes.

5. Customer satisfaction and customer loyalty grows.

Company transforms from a reactive organization to a pro-
active, preventative organization. It becomes a company
people want to do business with.

6. Reduced problems resulting from increased employee

participation, involvement, awareness and systematic
employee training.
 The Benefits of ISO-9000 ….3

7. Better products and services result from Continuous

Improvement processes.

8. Fosters the understanding that quality, in and of itself, is

not limited to a quality department but is everyone's
responsibility.

9. Improved profit levels result as productivity improves

and rework costs are reduced.

10. Improved communications both internally and

externally which improves quality, efficiency, on time delivery
and customer/supplier relations.
Customer Quality Perceptions – Kano Model
Delighted Delight

Performance

Needs Needs
Absent Fully
Implemented
Basic
Customer
Satisfaction

Disgusted
Product Function
Key Elements of Quality
Management Systems

Section 3
 Role of Management
• Demonstrate Commitment
• Policy and Objectives
• Motivation and environment
• Customer focus
• Provision of resources
• Monitoring and review
• Decisions and improvement actions
 Quality Policy
• Appropriate to the Organization’s purpose
• Commitment to meet requirements and to
continual improvement
• Provides framework for setting objectives
• Communicated and understood at
appropriate levels
• Reviewed for continuing suitability
• Shall be controlled
 Quality Policy

ITI is committed to provide Competitive & Reliable

Products, Solutions and Services
ITI will achieve this through:
• Sound Quality Management Systems
• Empowered Human Resources
• Innovation
Continual Improvement, Mutual Respect and
Customer Delight will be our guiding philosophy

Date: 05/05/2007 (PRITAM SINGH)

Bangalore Chairman & Managing Director
 Quality Policy - an example

• It is the policy of the Sheng Corporation to

provide products and services to meet our
customers expectations. We review and react to
customers requests without delay. To do this
everyone should operate the quality system to
ISO 9001 requirements and actively strive for
improvement. We consider and continually
review our systems at all organizational levels
 Quality Policy - Better
• It is the Policy of Sheng Corporation to provide
catering products and services that exceed
customer expectations. We shall react to
customers requests without delay and provide
planned professional services to all our
customers. Everyone shall operate to the ISO
9001 quality system requirements and
contribute to actively improving our
performance. We shall continually review and
improve our systems at all organizational
levels
 Quality Objectives
• Top Management shall ensure objectives
are established at relevant function and
levels
• Shall be MEASURABLE and consistent
with the Quality Policy and the
commitment to continual improvement
• Shall include those needed to meet
requirements for product
 Example of Quality Objectives
• Reduction in product defects to below 1%
• Zero defects leaving the company
• Reduction in material wastage
• Reduction in order processing time
• Reduce delivery times for main product lines
• Next day delivery for orders before 2 pm
• Improve MTBB for production line equipment
 Quality Objectives
• Objectives should be aimed at improving
the QMS
• Shall be measurable and measured
• Shall be communicated and involve
people at all levels and functions
• May also involve the supply chain
• Shall be planned actions recorded and
reviewed by Top Management
 Documentation
• Requirements in ISO 9001 : 2008 allow more
flexibility
• Only 6 procedures required by the standard
• Requires a Quality Manual
• Requires that processes are identified and
described and responsibilities and authorities
assigned
• Quality System should be planned
• Cannot write NCR’s for absence of procedures
for processes
 Procedures
Procedures required by the standard are –

1. Document Control
2. Control of Quality Records
3. Internal Audit
4. Control of Non-conformity
5. Corrective Action
6. Preventive Action
DOCUMENTS and RECORDS
• A document is something that gives you
information or instruction to do
something
• It comes BEFORE THE EVENT
• A record is evidence that the event took
place
• It comes AFTER THE EVENT
 Types of Documents
• Quality Manuals
• Flow Chart and Process maps
• Procedures, Plans and Instructions
• Drawings
• Computer Programmes or Instructions
• Actual Samples
• Forms
• Standards or Specifications, Contracts
• Reference materials, charts, tables etc
 Documentation Value
• Achieving the required quality
• Evaluating the quality system
• Quality Improvement
• Maintaining Improvements
• Demonstrating the quality system to
customers and potential customers
 Possible Problem Areas
• Can a stage 1 review be done off site
• To what extent do processes need to be
documented
• If they have a policy, objectives, flowchart of
processes, organization chart and 6 procedures
required by the standard is it acceptable
• What records are needed to provide evidence
that processes and products met requirements
• What if the objectives have not been meet
 Analysis of Data
• Clause 8.4 requires Analysis of Data
• Customer satisfaction, Communication
• Conformance to customer requirements
• Characteristics of products, processes
and trends. Decisions based on facts
• Supplier performance. Relationships
• Market and interested party needs
 Corrective Action
• Reaction to problem that has occurred
• Customer complaints
• Rejects, internal failures
• Mistakes and misunderstanding
• Internal Wastage
• NCR reports including audits
• Outputs from data analysis
 Preventive Action
• Use of Quality Tools
• Actions before a problem arises
• Identify potential nonconformity causes
• Identify and implement actions
• Record results
• Review for effectiveness
• Again records can be used to demonstrate
continual improvement
 Preventive Actions
Sources of information –
• Customer needs and expectations
• Market Analysis, satisfaction measures
• Process and product measures
• Internal Audit and Management Review
• QMS records
• Service Records, Financial Analysis
 Customer Satisfaction
• Shall monitor customer satisfaction
• Methods for obtaining and using
• Information on customer satisfaction
should input to all processes
• Information from a variety of sources
• Customer surveys, questionnaires,
meetings, visits, complaints, feedback
from dealers and agents, and market
 Internal Quality Audits
• Conducted for improvement not just
compliance
• Auditors and auditees work together to
identify opportunities for improvement
• NCR’s are negative
• Results should be reviewed
 Management Review
• Conducted at planned intervals by Top
Management to ensure continuing suitability
and effectiveness
• Review process performance and capability,
corrective and preventive actions, objectives,
customers’ requirements and satisfaction,
internal audits and performance of QMS
• Look for opportunities for improvement and
needs for change ( policy and objectives )
• Review and act on facts
 Continual Improvement
• To increase the effectiveness of the QMS in
meeting the policy and objectives of the
organization
• Objectives need to be set and the organization
must plan to achieve these objectives
• Continual improvement planned and
implemented
• Reviewed by Top Management
 Continual Improvement …cont
• An improvement process requiring progressive
improvement and consolidation steps
• Should anticipate and focus on the growing and
changing needs and expectations of the
customer
• Should be measurable and measured
• Use factual objective measures
• Top Management should lead, plan, provide
resources and encourage
 Possible Problem Areas
• How much evidence of improvement
• What if quality is decreasing? Major NCR
• Is a telephone call and tick list enough
• How often should the customer satisfaction be
reviewed
• What is a ‘suitable’ method for monitoring a
process
• Which functions or activities need a corrective
action procedure
• Lack of communication and understanding
 ISO 9001 : 2008
Quality Management Systems -
Requirements

Section 4
 General
8 Clauses Describe the Process Model
1. Scope
2. References
3. Definitions
4. Quality Management System
5. Management Responsibility
6. Resource Management
7. Product Realization
8. Measurement Analysis and Improvement
 1. Scope
States requirements for an organization to –
• Demonstrate its ability to consistently provide
product that meets customer and applicable
statutory and regulatory requirements, and
• Enhance customer satisfaction by effective
application of the system, including processes
for continual improvement and the assurance
of conformity to customer and applicable
statutory and regulatory requirements
 1.2 Application
• Permissible reductions of scope limited to
exclusions related to clause 7 Product
Realization and that such exclusions do
not affect the organization’s ability, or
responsibility, to provide product that
meets customer and applicable statutory
and regulatory requirements
 ISO 9001 Clauses 2 & 3

2. Normative Reference – ISO 9000 : 2005,

Quality Management Systems –
Fundamentals and Vocabulary
3. Terms and definitions
Product also means service
 4 Quality Management System
4.1 General Requirements
Shall establish, document, implement,
maintain and continually improve QMS
a) Shall identify the processes needed
b) Determine the sequence and interaction
c) Determine criteria and methods
d) Ensure resources & information available
e) Measure, monitor and analyse processes
f) Implement actions to achieve plans and
continual improvement
Controls over outsourced processes
 4.2 Documentation Requirements
4.2.1 General
• Documented Quality Policy and Objectives
• Quality Manual
• Documented procedures required by this
standard
• Documents including Records to ensure
effective planning, operation and control of
processes
Note – Documentation can be in any form or
medium
 4.2.2 Quality Manual
The Organisation shall establish and
maintain a quality manual that includes –
• Scope and justification for exclusions
• Documented procedures or reference
• Description of interaction between
processes of the QMS
 4.2.3 Control of Documents
Procedure to define controls –
• Approval prior to issue
• Review and re-approval
• Changes and status identified
• Documents available at point of use
• Legible and identifiable
• External documents identified, and controlled
• Prevent unintended use of obsolete docs
 4.2.4 Control of Records
• To provide evidence of conformity and
effective operation of QMS
• Legible, readily identifiable, retrievable
• Procedure to define controls for storage,
identification, protection, retrieval,
retention and disposition
 5. Management Responsibility
5.1 Management Commitment
Top Management shall demonstrate commitment to
development, implementation and improvement of
the QMS by –
• Communicating the importance of meeting customer
and legal requirements
• Establishing Quality Policy and objectives
• Conducting Management Reviews
• Ensuring availability of resources
5.2 Customer Focus
Top Management shall ensure customer
requirements are determined and met with the aim
of enhancing customer satisfaction
 5.3 Quality Policy
Top Management shall ensure that the
Quality Policy –

• Is appropriate
• Includes a commitment to meet requirements
and continually improve effectiveness
• Provides a framework for objectives
• Is communicated and understood
• Reviewed for continued suitability
 5.4 Planning
5.4.1 Quality Objectives
• Top Management shall ensure that objectives
are established at relevant levels and functions.
Objectives shall be measurable and consistent
with Policy
5.4.2 Quality Planning
Top Management shall ensure that the –
• Planning carried out to meet requirements and
quality objectives
• Integrity of the system is maintained and
changes are planned and implemented
5.5 Responsibility, Authority
and Communication

5.5.1 Responsibility and Authority

Responsibilities and authorities and their

interrelations are defined and
communicated
 5.5.2 Management Representative
Top Management shall appoint a management
member who shall have responsibility and authority
for
• Ensuring that processes of the QMS are established,
implemented and maintained
• Reporting to top management performance and need
for improvement
• Promoting awareness of customer requirements
throughout organization
5.5.3 Internal Communication
Shall ensure appropriate communication processes
are established and takes place
 5.6 Management Review
5.6.1 General
Top Management shall review the QMS at planned
intervals to ensure continuing suitability, adequacy
and effectiveness. Shall review need for changes to
the system, policy or objectives
5.6.2 Review Input
• Audit results and customer feedback
• Process reports + conformity analysis
• Status of preventive & corrective actions
• Actions from prior reviews. Changes
• Recommendations for Improvement
 5.6.3 Review Output
Outputs from the review shall include
actions related to
• Improvement of the effectiveness of the
QMS and processes
• Improvement of product related to
customer requirements
• Resource needs
 6. Resource Management
6.1 Provision of Resources
The organisation shall provide resources needed to
•Implement and maintain the QMS and continually
improve its effectiveness
•enhance customer satisfaction by meeting customer
requirements
6.2 Human Resources
6.2.1 General
Personnel performing work affecting quality shall
be competent on the basis of appropriate education,
training, skills and experience
6.2.2 Competence awareness and training

• Determine competency needs

• Provide training or take other actions to
satisfy these needs
• Evaluate effectiveness of actions taken
• Ensure that employees are aware of the
relevance and importance of activities
and contribution to meeting objectives
• Maintain records
6.3 Infrastructure
• Determine and maintain infrastructure to
achieve conformity to requirements –
• Buildings, Workspace and Utilities
• Equipment, hardware and software
• Supporting services
6.4 Work Environment
Determine and manage the work
environment to achieve conformity
 7. Product Realization
7.1 Planning Product Realization
Plan and develop processes & determine –
• Quality objectives & requirements for product
• Need for processes, documents, and provide
resources
• Verification, validation, monitoring and test
activities, and criteria for acceptance
• Records to provide evidence of conformity
• Outputs shall be in a suitable form
7.2 Customer – related processes
7.2.1 Determination of requirements
related to the product
The organisation shall determine requirements
• Specified by the customer including delivery
and post delivery
• Not specified by the customer but necessary for
intended use
• Statutory and regulatory requirements
• Any others
 7.2.2 Review of Requirements
Related to the Product
Review the identified needs before commitment
to supply – ensure that
• Product requirements are defined
• Requirements differing from those previously
expressed are resolved
• Requirements can be met
• Records of reviews and actions kept
• If requirements change, documents change &
personnel shall be made aware of changes
7.2.3 Customer Communication

Determine and implemented plans for

customer communications relating to –

• Product Information
• Enquiries, contracts or order handling
including amendments
• Customer feedback and complaints
 7.3 Design and Development
7.3.1 Design and Development Planning

Plan control design and development – include

• Stages of design and development
• Review, verification and validation activities
• Responsibilities and authorities for activities
Interfaces managed to ensure clarity of
communication and responsibilities
Planning output updated as appropriate
 7.3.2 Design and Development
Inputs
Requirements recorded and include –
• Function and performance requirement
• Applicable statutory and regulatory
requirements
• Information derived from other similar designs
and any others needed
• Review for adequacy, incomplete, ambiguous or
conflicting requirements resolved
 7.3.3 Design and Development
Outputs
• The outputs shall be recorded in a format that
allows verification v inputs. Output documents
reviewed & approved
• Design output shall –
• Meet input requirements
• Provide information for purchasing, production
and service provision
• Contain or reference acceptance criteria
• Specify characteristics essential to safe and
proper use
 7.3.4 Design and Development
Review
Formal reviews conducted as per plans to –
• Evaluate capability to meet requirements
• Identify problems and propose necessary
actions
Participants to include representatives of
functions concerned with stages for review
Results of design reviews and follow up actions
shall be recorded
 7.3.5 / 6 Design and Development
Verification / Validation

• Verification shall be planned and carried out to

ensure outputs meet inputs
• Record results of verification and actions
• Validation shall be performed to confirm
product / service is capable of meeting the
needs of specific customer use
• If possible performed before delivery
• Record results of validation and actions taken
 7.3.7 Design Changes
• Changes shall be identified and recorded,
and shall be reviewed, verified, validated
and approved by authorized personnel
before implementation
• Consider effects between elements and
interaction between constituent parts and
product already delivered
• Record review of changes and actions
 7.4 Purchasing
7.4.1 Purchasing Process
• Shall control purchasing processes to
ensure conformance to requirements
• Type and extent of control depends on
the effects on processes & final product
• Shall evaluate and select suppliers based
on ability to meet requirements
• Criteria to be established
• Results and actions recorded
 7.4.2 Purchasing Information
Purchasing information shall describe the product
to be purchased
May include –
• Requirements for approval of product,
procedures, processes, and equipment
• Requirements for qualification of personnel
• Any system requirements
Shall ensure adequacy prior to release
7.4.3 Verification of Purchased
Product
• Shall establish and implement plans for
verification of product / services
• Where verification is performed at the
suppliers’ premises shall specify the
verification requirements and method of
release in purchasing documentation
7.5.1 Production and Service Provision

Shall control operations through –

• Availability of product information
• Availability of work instructions
• Use of suitable equipment
• Suitable working environments
• Availability and use of inspection, measuring
and test devices
• Monitoring and measurement activities
• Release, delivery, post – delivery activities
 7.5.2 Validation of Processes
Shall validate processes where output not verified
by monitoring and measurement. Includes
faults appearing after delivery
Validation shall be planned and include –
• Defined criteria for review and approval of
processes
• Approval of equipment & personnel
• Use of specific methods and procedures
• Requirements for records & re – validation
7.5.3 Identification & Traceability

Where appropriate –
• Identify status of product with respect to
monitoring and measurement
requirements
• Where tractability is required shall
control and record the unique
identification of the product
 7.5.4 Customer Property

• Exercise care with customer property

• Identify, verify, protect and safeguard
customer property for use or inclusion
• Any product or property lost, damaged
or unsuitable for use shall be recorded
and reported to the customer
Note – May include intellectual property
and personal data
 7.5.5 Preservation of Product
• Shall preserve conformity of product
during internal processing and delivery
to intended destination
• Shall include identification, packaging,
storage, handling and protection
• Applies to constituent parts of a product
7.6 Control of Monitoring and
Measuring Equipment
• Shall determine monitoring and
measurement equipment to be used to
provide evidence of product conformity
• Establish and implement measurement
processes to enable needs can be met
• Assess validity of previous inspections
• Initiate actions if found out of calibration
• Software shall be confirmed
 Calibration
• To ensure valid results –
• Calibrate at specified intervals or prior to use
• Traceability to national standards
• Adjusted as necessary
• Identify to show calibration status
• Safeguard against adjustment
• Be protected from damage or deterioration
 8 Measurement Analysis and
Improvement
8.1 General
Plan & implement measurement monitoring,
analysis and improvement
• To demonstrate conformity of product
• Ensure conformity of QMS
• Continually improve effectiveness of QMS
Includes determination of methods and extent of
use also Statistical Methods, Quality Tools to
analyse data to bring about improvement
8.2 Monitoring and Measurement
8.2.1 Customer Satisfaction
• Shall monitor information relating to
customer perception as to whether their
expectations have been met
• Methods for obtaining and using this
information and data determined
 8.2.2 Internal Audit
• Audits to determine if system is effectively
implemented and is current
• Planned based on status and importance and
previous results
• Define audit criteria, scope, methods, frequency
• Auditors to be independent
• Responsibilities for planning and conducting
audits and records defined in a procedure
• Management shall ensure corrective actions taken
without undue delay
• Follow up actions including verification and
reporting of results
• See ISO 19011 for guidance
 Measurement of Processes / product
8.2.3 Shall apply suitable methods for measurement of
processes to meet customer requirements
• Results shall be used to determine opportunities for
improvement
• If planned results not achieved must take corrective
action
8.2.4 Monitor and Measure product at appropriate
stages to verify product requirements met
• Evidence of conformity with criteria maintained
• Records of authority for release
8.3 Control of Nonconforming Product
• Shall ensure nonconforming product is
identified and controlled to prevent inadvertent
use or delivery. Controls, responsibilities and
authorities shall be defined in procedures
• Shall take actions to eliminate problem or
authorize release by relevant authority, or take
action to preclude its use
• Records of the nature of nonconformities and
actions taken including concessions kept
• If product is corrected must be re – validated
• If problem after delivery must take actions
 8.4 Analysis of Data
Analyse of data for improvements –
• Suitability and effectiveness of QMS
• Process operation trends
• Customer satisfaction
• Conformity to requirements
• Characteristics of process, product and
opportunities for preventive actions
• Suppliers
 8.5 Improvement
8.5.1 Shall continually improve effectiveness of
QMS
8.5.2 Corrective Action – to eliminate causes of
nonconformity
Procedure to define requirements for –
• Reviewing nonconformities
• Determining causes and need for actions
• Determine, implement and record actions
• Review actions taken
 8.5.3 Preventive Action
Process for eliminating potential causes to
prevent occurrence
Documented procedure to define –
• Determination of potential problems and
causes
• Evaluation of need for action
• Determine and implement actions
• Record results of actions taken
• Review actions taken
Audit Preparation

Section 5
 Audit
Definition –
A systematic, independent and
documented process for obtaining audit
evidence and evaluating it objectively to
determine the extent to which audit
criteria are fulfilled
 CERTIFICATION
The act of formally recognizing that an
organization’s management system
conforms to specified published
management system standards and any
supplementary documentation required
under the system
 CERTIFICATION BODY
Definition –
A third party that audits and Certifies or
Registers the quality system of an
organization with respect to published
quality system standards and any
supplementary documentation required
under the system
 ACCREDITATION
Definition –
The act of formally recognizing the
system and competence of a certification
body as meeting the requirements of the
published accreditation standard.
 Audit Principles
• Independence of Auditors
• Detailed Effective Planning
• Competence of Auditors for the Audit
• Records of Objective Evidence
• Integrity – Confidentiality
• Auditors Code of Conduct
 Reasons for Audits
• To determine conformity to requirements
• To determine effectiveness of the system
• For improvement of the system
• To meet regulatory requirements
• To meet contract requirements
• To gain registration for marketing and
customer assurance purposes
 Reasons for Auditing
• To determine the effectiveness of one’s
own system. (1st Party)
• To evaluate a supplier. (2nd Party)
• To determine the effectiveness in meeting
contract requirements
• To verify (continued) conformity for
registration purposes. (3rd Party)
• To improve business efficiency
 Audit Types
• Improvement. (includes consultancy)
• Management System
• Regulatory Compliance
• Product
• Internal – 1st Party
• Supplier – 2nd Party
• Independent – 3rd Party
 Audit Types …contd 2
• Compliance Audits – For compliance with a
specific requirement – Legal
• May be regulations, contracts, industry
standards or agreed procedures
• Conformance Audits – For conformance with
management systems or other standards
• Product Audits – Made on the product itself
and the components and processes associated
with it
 Audit Types …contd 3
• 1st Party – Internal audits of business
system
• 2nd Party - Supplier Audits
• 3rd Party - Independent or
Certification Audits
 1st Party Audits
• Auditors – Own Staff
• Beneficiaries – Audi tees / our company
• Style – Can be relaxed and friendly
• Planning – Less demanding as systems
and locations already known
• Depth – Areas audited in detail
• Follow up – fairly simple – own company
 2nd Party Audits
• Customer audits supplier with their staff
• Beneficiaries – Supplier and Customer
• Style – Can be very formal or informal
depending on whether the contract is at
stake or whether for improvement
• Planning – depends if new supplier
• Depth – Detail depends on the contract
• Follow up – depends on contract
 3rd Party Audits
• Auditors – Independent
• Beneficiaries – Company
• Style – Formal according to procedures
• Planning – Done in detail to procedures
• Depth – Sufficient to check compliance
and effectiveness
• Follow up – CA always checked
 Overview
• Initiating the Audit
• Information gathering
• Documentation Review
• Preparation for audit
• The on site implementation Audit
• Audit Reports and Records
• Corrective Action
• Follow up activities
 Terms
• Audit Team – Team Members
• Auditor – Competent to conduct audits
• Lead Auditor – Team Leader
• Auditee – Company Audited
• Audit Plan – Prepared by Team Leader
• Audit Programme
• ISO 9001 : 2008 – Audit Standard
• ISO 9004 : 2000 – Audit Guidance
 Auditing Organization
• Determines Audit Scope and objectives
• Selects the Team Leader
• Provides Audit Team Resources
• Determines competence of Auditors
• Ownership of the audit report
• Controls follow up action
Responsibilities – Lead Auditor
• Determine the scope and objectives
• Obtain background information
• Conduct Documentation Review
• Select and assign audit team members
• Prepare the plan including date and duration
• Representing the team at all stages including
Opening and Closing Meetings
• Resolution of any problems arising
• Evaluation of Evidence and Results Reporting
• Prepares and presents the report makes
recommendations, and follow up, reports
findings and recommends actions
 Responsibilities - Auditor
• Competent to conduct the audit
• Prepare checklists
• Conduct audits according to audit plan
• Communicate with Auditees and Team
• Record and report observations clearly
• Safeguard audit documents
• Follow protocols and plans
• Check on Corrective Actions if required
• Confidentiality – Code of Conduct
 Responsibility - Auditors
• Keep within the agreed scope
• Carry out assigned tasks
• Work objectively
• Collect and analyse evidence
• Remain alert
• Act in an ethical manner
• Support the Audit Team Leader
 Responsibility - Auditees
• Assist auditors by supplying information
and documents as requested
• Answering questions
• Making themselves available at the
appropriate times
• Providing facilities as agreed
• Guide the auditors where to go
 Auditees Management
• Inform all employees about audit scope and
objectives of the audit
• Provide resources and facilities
• Supply guides
• Provide information and supply documents
• Provide access
• Ensure Auditee cooperation
• Take corrective action
 Initiation
• Client sets the scope of the audit considering
permissible exclusions
• May consult Lead Auditor or registration body
• Questionnaire or application data reviewed
along with any other data and industry guides
• LA reviews written documentation for
conformance with the standard and policies
done on site to review the QMS processes
• Reports findings of document review
 Initial Document Review
• Performed to determine the state of readiness
• Preliminary on site visit may be made to gather
further information to plan the audit
• Identify key areas and technical expertise and
exclusions as allowed by the standard
• Compliance with the audit standard and
applicable legislation is assessed. Usually done
on site to view coverage of processes
• Deficiencies are reported for corrective action
• An audit programme should be in operation
• Management review must be completed
 Preparation
• Who, When & Where
• Objective and Scope
• Methods, Procedures & working documents
• Identification of key staff to interview
• Identification of units to audit
• Decide on key and priority areas
• Produce an audit plan
• Pre-Audit Visit to the organization if feasible
 Preparation …Contd
• Selection of Team Members
• Must ensure competence of team
• Standards and reference documents
• Language and experience in the culture
• Lunches and other requirements
• Shift changeovers, breaks, prayer times
• Timing and Meeting Schedule
• Report Process Format and Confidentiality
• Record retention
 Audit Plans and Audit
Programmes
• Audit Plan is a detailed time schedule for who
will conduct what activities for a single audit
• Usually produced by the Lead Auditor from the
flowcharts, quality manual or organization
charts provided by the auditee organization
• Sent to auditors and auditees
• Audit Programme is the schedule of audit
activities for a single organization over a
defined period
• Required for all types of audits
 Audit Plan
• Prepared from business documented system
• Identify all the key processes and activities and
allocate the time to audit
• Link related processes and activities
• Consider how the 8 principles are applied
• Allocate the activities to the team
• Balance the auditing times with key areas of
importance and start and finish of operations
• Compatible with auditees operating practices
 Checklists
• Checklists guide the auditor through the audit
and to cover all the main points
• Checklists usually consist of bullet points
• Normally prepared from a process flow map
added to by relevant clauses of the ISO 9001
standard and the application of 8 principles
• Should cover both horizontal & vertical issues
• Useful as a record of the topics covered as
auditors can put comments against each point
• Remember objectives / continual improvement
Process Auditing

Section 6
 Auditor Selection
• Auditors shall be selected with regards to their
knowledge and experience plus availability
• They shall also be selected on their ability to
interact with the other members of the team
and the auditees
• Technical experts and translators may be
required to assist the auditors
• Balance costs with needs of the audit
 Auditor Qualities
• Good listener • Observant
• Note taker • Logical
• Communicator • Polite
• Fair • Assertive
• Knowledgeable • Independent
• Systematic • Confident
• Patient • Diplomatic
• Punctual • Persistent
Undesirable Avoidable
• Easily lead • Unprepared
• Unsure • Demanding
• Aggressive • Unpunctual
• Careless • Inconsistent
• Opinionated • Poor record
keeper
 On Site Audit Stages
• Opening Meeting
• Examination and evaluation
• Team Meeting
• Agreement of results
• Closing Meeting
• Reporting
• Recommendation
• Follow up
 Opening Meeting
• Lead Auditor Chairs Meeting
• Introduce both sides
• Team contribute as directed by Team
Leader
• Time wasting is avoided
• Keep it short & relaxed
• Give yourself more time than you think
you will need
 Opening Meeting Agenda
• Introductions
• Record attendees
• Agree scope & objectives
• Confirm the audit plan
• Method of conduct of audit
• Confirm auditee co-operation
• Establish lines of communications
• End of Day briefings
• Promote auditees participation in audits
Opening Meeting Agenda …contd

- Reporting Procedure and Closing Meeting

- Confirm the Lunch arrangements
- Confirm any resources requested
• Role of Guides
• Conduct of the Audit
• Health and Safety Issues
• Access to facilities
• Private Room for Team Discussions
• Any questions
 Guides
• Guides are requested and made available to
assist the auditors to go to the places as easily
and as quickly as possible
• They must not interfere or interrupt the audit
and must only answer questions when asked
• If they do not follow this they should be politely
reminded of their role
• If they need to leave temporarily they should
agree a time with the Auditor or find a
replacement before leaving
 Process Control Map

Men

OUTPUTS
Materials
INPUTS

Methods Process

Machines
Environment
 3 Components of Auditing
There are 3 components of a process audit.
Horizontal and Vertical paths and Audit Trails
• Following the horizontal path we follow the
steps of the process from start to finish
• For the vertical path we must look at the
activities of managers, supervisors, operatives,
clerks and assistants up or down the activity or
process. We look at business measures down to
records of the activity
• Audit trails develop a logical sequence of
questions and interviews to explore and link
activities
Collecting Evidence - Overview
• Observations of activities and conditions
• Interviews if no procedure ask about controls
• Check documents and Records by Sampling
• Comprehensive notes of all checks / evidence
• Follow trails and links between systems,
processes, documents and records
• Use the Checklists as a memory aid
• Look over, under and around
 FINDING OUT THE FACTS
• Information can be gathered through interviews,
observation, checking records and reading
documentation
• Records and documentation often need to be cross –
checked with other records or procedures in that
area and in other parts of the system
• You will not be able to check every record. Take a
small sample and check those thoroughly
• Check controls and feedback of processes, the
responsibilities and authorities and role of
management must go up and down the structure
Audit Techniques

Ask Observe

Audit Diamond

Record Check

A-R-C-O
 Question Style
• Open – What, Where, Why, When, How, Who
• Closed – Used to confirm the facts
• Hypothetical – Used to check in depth
• Silent – Can be useful to draw out information
• Leading – Avoid
• Trick – Unprofessional
• Multiple – Bad practice as auditee has the
choice of which to answer, may also pressurise
the auditee
 INTERVIEWS
• Introduce yourself to the head
• ASK About scope of activities / responsibilities,
policy and objectives
• CHECK where responsibilities are defined
• Interview persons responsible for activities
• ASK about activities, controls and records
• OBSERVE the activities and controls
• CHECK records, procedures or systems
• RECORD the facts, Names, items checked,
procedure titles and revisions, records, details
of conformance or non – conformance
• THANK the persons interviewed
 Listening
• Auditors must demonstrate interest and listen
to the information that is being related during
interviews
• In many cultures it is insulting not to
• More essential than before as there may be no
procedures to check
• Listen to all the information not just the bits
you want to hear. (Beware of gushers )
• Do not get distracted as information may be
missed
• Do not interrupt whilst responses remain
meaningful and objective
 OBSERVATION
• Materials and information flow through
organizations and processes. The smoother the
flow the more efficient the process can be
• Look around you and try to identify the system
flow. Ask people to describe it
• Check that the process conforms to the plan or
system. How is the plan documented
• Identify any areas or items that appear to be
irregular or outside the normal system flow
• Check these thoroughly
 Checking out Systems
• Some systems may appear to be good but the
auditor must test them out using examples
• Systems include Documentation. Training,
Calibration, Maintenance, Purchasing etc
• As we go round the organization we encounter
people, equipment, materials and procedures and
instructions. Check these comply with plans
• We must record details of these in order to check
out the systems with actual examples e.g. Show me
the training record for Joe Soap from the
warehouse. What is the current revision status of
the Packing Procedure P34. Who is responsible
 Note Taking
• Good notes are essential to a good audit as you
will never remember everything without notes
• Do not be embarrassed to stop and take notes
• Make sure that your notes are legible and
organized
• Record who you are interviewing, the activity,
procedure details and records
• Note any unexpected observations
• Keep your notes safe
 Cultural Differences
• Auditors should be aware of the needs of
delegates associated with cultures and
religions
• At certain times of the day prayers may
be taken. This should be planned
• Some cultures do not like to say no
• Smiles are welcomed everywhere
 Auditing
• Interviews are more important with ISO 9001-2008
• Understand the process and the controls they have
put in place. Flowcharts are useful
• Do not jump into detail too quickly
• Follow the flow and links between processes
• Develop Audit Trails
• Once you understand the system they are using ask
selected detail and check evidence and records that
it operates according to the plan or procedure and
records confirm effective controls
• Use the checklist to ensure you do not miss
important controls keep an eye on the time
 Possible Problem Areas
• How do we assess competence
• If they use computers do we always need a
computer expert to judge competence
• What if there are no procedures and no records
of process conditions
• How do we know that we have covered all the
processes if there are no procedures
• How do we know that all 3 shifts do it the same
way if no procedures
• Will handling and storage always be the same if
there are no control procedures
• How do we judge the working environment
Reporting the Audit Findings
and Follow up

Section 7
 Auditors Team Meeting
• Held at the end of the audit by the Lead
Auditor attended by all the team members
• Auditors identify the items that they consider
should be reported and check that they have
sufficient evidence
• Lead Auditor asks team members what they
have found and collates all of the information
 Auditors Team Meeting …contd
• Lead Auditor collects and discusses all
the nonconformities to be raised and
combines items if similar examples of the
same problem checking evidence
• Decides whether major or minor
• Checks on conformity and good points
• Allocates writing of NCR’s
 Good Practice
• Use the forms provided
• Present the facts concisely
• Supply sufficient detail so that anyone
can go to the same areas and check the
facts
• Refer to the reference standard, company
documentation or legislation to state the
deficiency
 Good Practice Statement
Example 1
• The 0.150mm vernier caliper serial No.
1423 at the Inward Goods area had no
indication of its calibration status.
Calibration System requires that “all
measuring equipment must be identified
with a label indicating the calibration due
date”
Good Practice Statement …contd
Example 2
• There were no licenses or records of
training for the forklift truck drivers in
the stores area nor in personnel
• There were several boxes of components
T45 and W37 damaged by forklift truck
forks
• There was no review of competence
needs for forklift truck drivers
 AVOID
• Naming Names
• Jargon
• Generalities be specific
• Emotive terms. (Awful, worst etc.)
• Repetition. Try to group similar non
conformities together as examples of the
same problem
 Nonconformity
• The non fulfillment of a requirement
MAJOR NONCONFORMITY
• The absence or total breakdown of a
system to meet a requirement of the
standard. A number of minor
nonconformities against one requirement
can represent a total breakdown of the
system and thus be considered a major
nonconformity
 Major Nonconformities
May arise from –
• A single major quality system, product or
service deficiency, or lack of controls
needed to satisfy an agreed requirement
• Planned arrangements not being
implemented consistently
Major Nonconformity (QS 9000 )

• Any noncompliance that would result in the

probable shipment of a nonconforming
product. A condition that may result in the
failure or materially reduce the usability of
the products or services for their intended
purposes
 Minor Nonconformity
• May be either a failure in some part of
the supplier’s quality system relative to
the standard or a single observed lapse in
following one item of a company’s quality
system
 Minor Nonconformities
• May arise when there is a defined system
and arrangements which generally satisfy
agreed requirements and the
organisation being audited is able to
demonstrate an acceptable level of
implementation overall, but there are
minor discrepancies or lapses in
discipline
 Observations
• Audit and surveillance reports may
contain “Observations” which relate to
existing conditions which, in the
Auditor’s judgment, warrants
clarification or investigation so as to
improve the overall status and
effectiveness of the quality system
• Note – may constitute consultancy
 Adding Value
Value can be added to reports through
identification of –
• Areas for improvement
• Benefits that can be realised from action
• Identification of strengths that can be
used to improve weaker areas
• Identification of sources of information
that can be accessed for guidance
 Agreement of NCR’s
• NCR’s are usually agreed with the QMR
following the Auditors Team Meeting and
before the Closing Meeting
• Points can be clarified and checked
• If a genuine error or misunderstanding
has been made withdraw the NCR
• All other NCR’s stand
 Closing Meeting
• Use an agenda or checklist
• Organize the team on the presentation
• Record attendees and proceedings
• Cover the points briefly
• Do not use jargon or emotive terms
• Stick to the facts and be prepared to
clarify points and give detail if asked
 Closing Meeting Agenda
• Re-state scope and objectives
• Thanks for cooperation
• Summary of Findings. (Strengths)
• Define NCR major and minor
• Disclaimer
• Recommendations
• Report of NCR’s
Closing Meeting Agenda …contd
• Invite questions
• Confidentiality
• Top person to sign the report
• Inform about further actions
• Ask auditees to nominate corrective
actions and time scales
• Return Documents – Thanks – Close
 The Report
• May be written on site or afterwards
• Stick to the facts
• Follow the agreed format and procedure
• Often need two reports one for internal
use and one for the auditees
• Make use of NCR forms
• Should reflect the verbal report
 Report Contents
• Date, organization and site
• Audit team and auditee’s representative
• Scope and objectives
• Reference documents
• Summary and recommendations as to
certification or approval if appropriate
• Any problems encountered
 Report Contents …contd
• Details of NCR’s
• Judgment on the overall performance
and ability to meet quality objectives
• Recommendations as to actions to be
taken if appropriate
• Report distribution and confidentiality
• Comments from the Closing Meeting
 Corrective Action
• After the closing meeting the auditee
organization must complete any agreed
corrective actions
• They need to analyse the problem to identify
the root cause, plan, implement and record the
actions taken and check or re-audit the
corrective action to ensure it has been effective
• They would then inform the LA for follow up
 Follow Up
• Agreed corrective actions are followed up by
the Lead Auditor usually by re-visiting and re-
checking the part of QMS where a deficiency
was found
• Some certification bodies do this at the next
surveillance visit
• Checks are done on the process links inputs
and outputs where the deficiency was found to
determine if the cause of the deficiency has
been addressed
 Certification System
• Certification Body – Review reports and
recommendations and decide on the
granting of certificate
• Surveillance – Visits are carried out by
the certification body, normally one per
year, auditing parts of the system to a
planed coverage to ensure that the system
continues to meet requirements
 Trienial Re-Assessment
• They are required every 3 years whereby the
whole system is subjected to a full
assessment usually in one visit including
documentation review and the
implementation audit
• Certificates are therefore valid for 3 years
 Audit Records
• Audit Plan, checklists and notes
• Agenda and attendance of opening and
closing meetings
• Written Reports of stages 1 and 2
• NCR’s plus any notes made
• Report by LA on team performance
• Follow up and surveillance reports