Quality Management

in Business

Course 9

This course support contains information taken

from the book:

Maiorescu,I. Sisteme de Management al Calităţii –

ISO 9001:2015, Editura Nouă, 2016.
Course 1: An Introduction to Quality. What is Quality without Quality
Management?

Course 2- 9: Quality Management Systems. ISO 9001 principles and

requirements. Audit, implementation and certification of ISO 9001.

Course 10: Quality costs

Course 11- 12:Total Quality Management, Six Sigma and Lean Tools
for enhancing the Quality. Kaizen, Value Stream Mapping, FMEA

Course 13-14: Total Quality Management, Six Sigma and Lean Tools
for enhancing the Quality. QFD
MONITORING, ANALYSIS AND IMPROVEMENT OF PROCESSES

 The purpose of monitoring and measuring important processes for the quality
management system is to keep under control everything that can
decisively influence quality and to ensure that each process is consistently
carried out as established.

 This process monitoring and measurement is essential for diagnosing

problems in the organization and/or for continuous improvement. Just as
responsible people periodically go and do certain check ups, analyses and
medical tests to prevent the occurrence and development of more serious
diseases, the responsible organizations measure and monitor processes for
preventive/ curative purposes.
3
MONITORING, ANALYSIS AND IMPROVEMENT OF PROCESSES

 The frequency and extent of measuring the processes, as well as the strictness of the
monitoring, are given by the impact these processes have on the quality perceived by
the client/other interested parties

 A person, with fairly severe heart problems and the onset of diabetes, will monitor his/her
blood pressure very often, keep his/her weight under control by weighing themselves daily,
and eat only certain permitted foods. He/she will also periodically have an EKG and
other tests recommended by the doctor to measure the health parameters. Conversely, a
person who does not have these problems will probably do a routine check-up once or
twice a year and eat cookies and fast food when they feel like it, without immediately
thinking about the repercussions on their health. Similarly, in the case of an organization
with problems, where the processes are "sick", their measurement and monitoring must be
4
done much more carefully and more frequently.
 GENERAL INFORMATION ABOUT AUDIT

• Quality audit(SR EN ISO 9000:2015) - a systematic, independent and documented

process for obtaining objective evidence and evaluating it objectively to determine
the extent to which the audit criteria are fulfilled

• Objective evidence (SR EN ISO 9000:2015) data supporting the existence or verity of
something

• Audit evidence(SR EN ISO 9000:2015): records, statements of fact or other

information, which are relevant to the audit criteria and verifiable.

5
GENERAL INFORMATION ABOUT AUDIT

• Auditor (in the field of quality): a person who has demonstrated skills and proven
competence to perform quality audits. This person must be authorized to conduct
an audit.

Can an auditor be consultant for QMS in the same time?

• Usually, the certification bodies organize courses for preparing QMS auditors
• The audit is based on direct observation of activities, interviews with persons
involved in the audited field and on examining documents related to the quality
of products or processes, previous results of inspections
6
 THE AUDIT IN THE QUALITY MANAGEMENT SYSTEM

 Audit: objective and independent verification of the way in which certain processes
are carried out, by a person who has the skills and training for auditing. The audit in
the quality management system can be:

(1) Internal audit (first party). It is required by the ISO 9001 standard and means that
the company, at planned time intervals, checks its own processes, to see if they work
according to the requirements of the standard.

 The result of an internal audit is a report, in which the quality management system will
be described from a processes-based perspective, indicating, where applicable, the
weak, non-functional points or risk areas. This objective report must be handed over to
management, who will carefully analyze the results and make decisions, that will
7
normally lead to positive changes and improvement of problem activities.
 THE AUDIT IN THE QUALITY MANAGEMENT SYSTEM

 The internal audit can be carried out by the company's employees, trained and
qualified (they have an internal auditor's certificate) or by the specialists of
consulting and audit companies in the market. If the organization chooses that the
internal audits are carried out by its own employees, then they are not allowed to
audit the processes in which they are directly involved.

 If the company has 3 employees with internal auditor training (a regional sales
manager, a production manager and the quality manager), the audit of the sales
department must be done by either the production manager or the quality manager.
If the regional sales manager audited his own processes, he could be subjective
and overlook problems and errors that exist in his department. The audit would no

8
longer be objective.
 THE AUDIT IN THE QUALITY MANAGEMENT SYSTEM

 The internal audit can be carried out by the company's employees, trained and
qualified (they have an internal auditor's certificate) or by the specialists of
consulting and audit companies in the market. If the organization chooses that the
internal audits are carried out by its own employees, then they are not allowed to
audit the processes in which they are directly involved.

 If the company has 3 employees with internal auditor training (a regional sales
manager, a production manager and the quality manager), the audit of the sales
department must be done by either the production manager or the quality
manager. If the regional sales manager audited his own processes, he could be
subjective and overlook problems and errors that exist in his department. The

9 audit would no longer be objective.

 THE AUDIT IN THE QUALITY MANAGEMENT SYSTEM

(2)External audit - second party. It is a less common form of audit strictly in the area
of ​quality management systems; it is rather practiced in the combined form: quality
management - environmental management - occupational safety management - social
responsibility management.

 It is an audit performed between organizations that are/will be business partners. It

takes place between the client-supplier/distributor, in which one of the parties
verifies the seriousness and capability of the other partner's processes, before
extending an existing contract or signing a new one.

 The companies that ask for these conditions are generally strong, with a very good
image in the market. They make sure that, by associating with certain suppliers, their
image in the market is not affected.

 It is external because the people who come to audit the organization come from the
business partner. This partnership generally requires compliance with strict
conditions for product quality assurance, environmental protection and employee
10 care.
 THE AUDIT IN THE QUALITY MANAGEMENT SYSTEM

 Renowned companies manufacture their products in factories in countries where

labor and utility costs are lower (China, India, Morocco, even Romania, Bulgaria,
etc.). Of course, before actual production begins in these factories outside of their
management, checks are made to see if indeed the production lines, personnel and
processes in general are operating according to their requirements for quality,
environment, occupational safety, responsibility social etc. In their negotiations with
their business partners, these large companies impose certain codes of conduct and
want to ensure that they are respected. It is not enough for the potential business
partner to say during the negotiations: “Yes, we certainly respect this code of
conduct! Don't worry! Choose us and you will be satisfied!". The actual visit to his
factory, the discussions held with the employees and the management of the factory
- accompanied by the verification of certain documents will give the exact picture of
reality. This is a second party audit.
11
 THE AUDIT IN THE QUALITY MANAGEMENT SYSTEM

(3) External audit - third party.

 When the organization implemented the quality management system, it also carried
out internal audits that confirmed the fact that the processes are running well -
everything is in accordance with the requirements of the ISO 9001 standard, then it
thinks about certification.
 Certification means obtaining an official confirmation that the company is oriented
towards quality, that it constantly pursues the satisfaction of customers and other
interested parties and that, in general, it respects all the principles of quality
management.
 This official confirmation can only be given by an objective third party (other than
the company or the customers), called a certification body

12
 THE AUDIT IN THE QUALITY MANAGEMENT SYSTEM

 In order for the organization that has implemented its quality management system to
obtain its certification, it must go through an audit: the so-called external (third-party)
audit.
 Following a request that the company addresses to the certification body, the latter will
send an auditor or a team of auditors (depending on how large and complex the
organization is) to perform an external audit
 This external certification audit verifies whether the existing quality management
system in the company complies with the requirements of the ISO 9001 standard or
not.
 The result of the third-party audit is a report that will reach the management of the
requesting organization, as well as the certification body. Based on the
recommendations in this report, the certification body will either grant certification to
the applicant company or defer certification until all major issues identified have been
rectified.

13
 How often a company must carry internal
audits?

• Internal audits should be carried out at planned intervals to determine if the

quality management system:
a) complies with the organization's own requirements for its quality management
system and the requirements of ISO 9001;
b) is effectively implemented and maintained.

How often do you think an internal audit - 1st party audit should be performed
( i.e. 1/year, 3/year, 1/3 years etc)? Who establishes the frequency of these internal
audits inside the companies?

14
Accreditation vs certification

• Companies with QMS implemented aim to get certified

• Certification can be a useful tool to add credibility, by
demonstrating that company’s product or service meets the
expectations of customers.
• For some industries, certification is a legal or contractual
requirement.
• The certification is given, after a successful 3 rd party audit, by
a Certification Body( i.e. SRAC, AEROQ.
CERTIND,DEKRA, TUV Rheinland/Austria, RINA, SGS,
Lloyd's Register etc.)
Could I go and register a company at the Commerce Registry
as a certification Body?
15
Accreditation vs certification

• Accreditation is not mandatory, but it provides independent

confirmation of competence.
• A certification body may be accredited only for audits in
certain areas of expertise.
• The certification bodies get accredited by the accreditation
bodies (RENAR- Romania, DAKS, UKAS etc)
• Most of the national accreditation bodies are part of IAF
(International Accreditation Forum)

16
Audit principles

• integrity;
• fair presentation;
• professional responsibility;
• confidentiality
• independence;
• evidence-based approach.

ISO 19011 standard provides guidance on auditing principles,

audit programme management, auditing of quality management
systems and / or environmental management, as well as guidance
on the competence and assessment of auditors.
17
The audit aims at:

• determining the compliance of the quality management

system with the requirements of standards (ISO 9001 or
other business standards);
• assessing the effectiveness of the quality management
system in achieving the objectives established with regard to
quality;
• improving the quality management system of the audited
organization by spotting the flaws in the system, identifying
critical points, sources of deficiencies in the organization of
activities;
• certifying the compliance of the quality management system
related to the audited entity.
18
The audit helps at:

• better defining the necessary corrective actions for

eliminating the causes of the nonconformities found in
processes
• initiating the necessary corrective and improvement
measures on the processes and results of these processes
(products, services)
• tracking the implementation of corrective and improvement
measures
• there can be a continuous reduction of deviations and,
implicitly, an increase in meeting the requirements

19
What would an auditor check

• procedures
• various standards, documents relevant for the functionality of
processes
• documents relating to the qualifications of the staff involved
in the audited process.
• Registrations etc.

• …all against ISO 9001 requirements/ clients requirements

20
Planning an audit

When planning, establishing, implementing and maintaining

an audit programme take into account:
• the importance of the processes involved,
• changes affecting the organization
• the results of previous audits;

21
In the process of audit it is important to:

• define the audit criteria and scope for each audit;

• select auditors according to their expertise
Can an auditor with business experience in the field of IT
audit the QMS of a food producing company?
• conduct audits so as to ensure the objectivity and
impartiality of the audit process
Can an internal auditor audit his/her own department?

22
After the audit it is important to:
• ensure that the results of the audits are reported to the
relevant management;
• take appropriate corrective actions without undue delay;
redesign processes for future prevention of other non-
conformities.
• retain documented information as evidence of the
implementation of the audit programme and audit results.

23
Planning and conducting audit activities

I. Initiating the audit

a. establishing initial contact with the auditee;
b. determining the feasibility of the audit.

II. Preparation of audit activities

a. performing the analysis of the documents in order to
prepare the audit;
b. preparation of the audit plan;
c. allocation of activities within the audit team;
d. preparation of working documents.
24
Planning and conducting audit activities

III. Performing audit activities

a. the opening meeting;
b. performing document analysis during the audit;
c. communication during the audit;
d. assigning roles and responsibilities to the guide and
observers;
e. collection and verification of information;
f. generating audit findings;
g. preparing audit conclusions;
h. holding the closing meeting.
25
Planning and conducting audit activities

IV. Preparation and distribution of the audit report

a. preparation of the audit report;
b. distribution of the audit report.

V. Closing of the audit

VI. Performing follow-up audits/surveillance audits

26
 Elements of the audit report
No. Elements of the audit report
crt.
1. Audit objectives
2. Audit scope (identification of functional and organizational units
or audited processes)
3. Identifying the audit client
4. Identifying audit team members and participants of the auditee
5. The dates and locations where the audit activities were performed
6. Audit criteria*
7. Audit findings and related evidence
8. Audit conclusions
9. Statement of the extent to which the audit criteria have been met

*Audit criteria (ISO 9000:2015): set of policies, procedures or requirements

27
used as a reference against which objective evidence is compared.