What is ‘Root Cause Analysis’ In ISO 9001 Standards?

What is ‘Root Cause Analysis’ In ISO 9001 Standards?
Suppose you come across a dandelion weed while in your garden. (If you have as little time in the garden as I do, at times you may find too many!) You pull off the head of the dandelion and all the leaves. There – you can’t see it any more.
The question is: does this fix the problem?
To illustrate, let me share some findings from an audit in a type of courier company. They collect & deliver items for their customers, and have contracts with large customers. If any customer complaints arise, the operations manager must respond in writing.
For audit, I chose a sample of complaints from the last 3 months and looked at what they’d done with them. Most complaints were for late/missed pick-ups or deliveries.
Some sample responses from the manager to the client:
A. This route has too many sites on it, we are looking at changing it.’
B. ‘The entry disappeared from the system. It was re-entered, and the pick-up went ahead the next day.’
C. ‘The driver was new and didn’t know. He has been spoken to.’ (A week later, the same driver missed another pick-up for the same customer.) ‘He no longer works for us.’
D. ‘I can only assume this happened while I was on leave, and the supervisor didn’t know he had to respond to your calls urgently.’

And my favourite E: ‘The driver was late because there were delays during the day.’
These responses are typical of just looking at symptoms: pulling off the dandelion leaves. That approach leaves the root of the problem still intact. Like the dandelion, you can pretty much bank on the fact that it’s going to come up again. And again. And again. Until you do something to find the real cause (or causes). That’s effective root cause analysis, because you get to the root: the real underlying cause.
For example: Why does a route have ‘too many sites’ on it? What does ‘looking at changing it’ mean? Has it been done? If it was changed, did the changes work? If not, when will it be done? How did that route get ‘too many sites’ on it? And what would stop that happening again, or on another route?
Consider the ‘new’ driver: Why didn’t he know what to do? Had he received the information he needed such as induction and training? If not, why not? Why is ‘speaking to’ a driver adequate to prevent recurrence? (it’s not) Has the company reviewed how it selects its drivers? Because the recurrence a week is a strong sign of inadequate cause analysis and ineffective corrective action.
Why Find the Root Cause?
Most organisations are busy and somewhat chaotic. Immediacy often rules. So there’s often a tendency to go for the quick fix – treat the symptom rather than the real, underlying cause. The driver is ‘spoken to’, the order ‘re-entered into the system’. But this almost guarantees the same or very similar situation will recur, and have to be dealt with again. And again.
When problems come up in your organisation – which they will – you can choose how to respond. You can look for someone to blame and stop at the symptom (‘the driver was new… the supervisor didn’t know… it disappeared from the system’). Quite apart from the damage it causes to personnel relations, this approach isn’t effective.
An organisation with an intelligent approach to quality knows the value of a systematic approach to problems, including root cause analysis. The best question is: What can we learn from this situation? And then: How can we apply that learning to improve?
When Should You Use Root Cause Analysis?
If you have or aspire to ISO 9001, you must have a systematic approach to problems: nonconformance, corrective and preventive action. Without it, you’ll find it hard to pick problems for root cause analysis, because they’re often distributed over time (so you don’t realize they recur), or happen to different people (so you don’t realise they recur in your organisation).
Good candidates for root cause analysis are the situations that recur most often, and use the most resources to rectify or those that cause the most damage when they do.
Remove the Root Cause or Not?
After you’ve identified the root cause/s, you have to decide if it’s worth removing the root cause or whether you continue to treat the symptoms. This isn’t always an easy decision.
It’s often relatively easy to estimate the cost of removing the root cause, but less easy to assess the cost of not doing so. Suppose, for example, a truck breakdown turns out to have been caused by ineffective maintenance by a supplier. And suppose that supplier costs $10,000 less per year than the other. Superficially, the cost vs savings looks good.
But suppose that also means a truck off the road for at least an extra 5 days a year – and your largest customer got so angry about one too many crucial but failed pick-ups that they don’t renew your contract. And tell everyone what an unreliable company you are.

How To Write ISO 9001 Standards Procedures?

How To Write ISO 9001 Standards Procedures?

Step 1
Place the following sub sections into your procedure:
Purpose, Scope, Definitions, Associated Documentation, Responsibility/Authority, Procedure, Record Retention and Attachments. Leave blank spaces between each to add the required information.
Step 2
First, start with the Purpose Section. Describe the reason why the procedure exists. If we use the purchasing procedure as an example the Purpose might read:
“This procedure defines the process for obtaining raw materials and supplies for XYZ Company and the matter with which the requirements of these purchases are flowed down to XYZ Company’s suppliers.”
Step 3
ScopeNext, define the scope of the document. This is to what extent the process will reach within the company. For example:
“This procedure shall include all purchases directly used in the manufacture or processing of XYZ Company’s product.”
Step 4
Next make a list of terms and definitions. These should not be common terms that anyone reading the document should already know; but, should be technical terms that pertain to the procedure or common terms that may have added meaning to the company. For example:
“Supplier – XYZ Company defines a supplier as an approved company that supplies items used to produce and/or manufacture our product. This term does not include companies that supply general office product not used to produce or process XYZ Company’s products.”
In this example the common term supplier has added meaning to XYZ Company that could differ from another company’s definition of supplier. To avoid confusion a definition of the term is listed in the definitions section of the ISO 9001 procedure.
Step 5
Define the supporting document that are needed to create a complete process. If you product calls out t use only approved suppliers it may be nice to reference the supplier management procedure and the approved supplier list; because, they will be needed to complete the purchasing process.
Step 6
Now define the responsibilities and authorities. This is similar to a job description where as it defines the person that will manage and/or carry out the tasks described in the procedure. For example:
“The purchasing manager will be responsible for managing this procedure and coordinating purchases. Managing shall include the implementation and enforcement of this procedure throughout XYZ Company.”
Step 7
Define the procedure. This is the bulk of the procedure and is where the company will define the actual process. This can be detailed or simply call out what work inspection are to be used at each step of the purchasing process. It is important that all the elements of the quality standard that pertain to the procedure are defined in this part of the document. This section is usually broken into subsections. In our “Purchasing Procedure” example this might include “General procedures”, “Purchasing Components and Raw Materials” and “Purchasing Outside Services”. Usually some kind of outline method is used to layout this section.
Step 8
Next is the record retention section. This usually defines the method of controlling records related to this process. Where they will be kept, How long they will be kept, in what type of media for which they will be stored.
Step 9
Finally, the attachments section of the procedure will be defined. This will be references to other procedures, external information sources or other media used to supplement that procedure itself.

Records Required by ISO 9001 Standard

Records Required by ISO 9001 Standard
ISO 9000 requires that records be kept of critical operations. Record keeping is the fourth tier of required documentation in ISO 9000, following the Quality Policy Manual, Procedures, and Work Instructions.
Questions you may have include:
•What is a record?
•What are the required records?
•What is the reason for these records?
This lesson will answer those questions. There is a mini-quiz near the end of the lesson.
What is a record?
Records consist of any historical documentation, such as summaries or meetings and reviews, specifications, invoices, results of tests and such. This is different than procedures and instructions that tell what do to. Instead, a record is the history of what has been done.
Records required
The following lists the records required under ISO 9001 version 2000, along with the referring sub-paragraph number from the standard. ISO 9002 and ISO 9003 would be subsets of this list. Of course, a company may choose to include additional records that they deem important.
Para.
Record Required
5.6.1
Management reviews
6.2.2 (e)
Education, training, skills and experience
7.1 (d)
Evidence that the realization processes and resulting product fulfill requirements
7.2.2
Results of the review of the requirements relating to the product and actions arising from the review
7.3.2
Design and development inputs
7.3.4
Results of design and development reviews and any necessary action
7.3.5
Results of design and development verification and any necessary action
7.3.6
Results of design and development validation and any necessary action
7.3.7
Results of the review of design and development changes and any necessary action
7.4.1
Results of supplier evaluations and actions arising from evaluations
7.5.2 (d)
As required by the organization to demonstrate the validation of processes where subsequent monitoring and measurement cannot verify the resulting output
7.5.3
Unique identification of the product, where traceability is a requirement
7.5.4
Customer property that is lost, damaged, or otherwise found to be unsuitable for use
7.6 (a)
Standards used for calibration or verification of measuring equipment where no international or national measurement standards exist
7.6
Validity of previous results when measuring equipment is found not to conform to its requirements
7.6
Results of calibration or verification of measuring equipment
8.2.2
Internal audit results
8.2.4
Evidence of product conformity with the acceptance criteria and indication of the authority responsible for the release of the product
8.3
Nature of the product nonconformities and any subsequent actions taken, including concessions obtained
8.5.2
Results of corrective actions
8.5.3
Results of preventive actions
Reason for records
The reason to keep records is for future use as a reference in case of questions related to contractual and legal matters, work techniques, verification of work done, and other parts essential to the company running smoothly. The company management should use sound judgment as to what records are non-essential and how long to keep a specific record.

ISO 9001 Standards Gap Analysis

ISO 9001 Standards Gap Analysis

One of the first steps in implementing ISO 9000 is to perform a gap analysis. This is the technical name for an initial comparison of the Quality Management System to the ISO 9001:2008 Standard. The goal in find the gap between the standard and the QMS. The Gap Analysis will establish the scope of the implementation project and will therefore be important information for determining the amount of resources that will be required to complete the project in the given timeline.
Typically the gap analysis is based on a Gap Analysis checklist. These can be purchased from several different sources on the web ( like theISOstore.com). A second option is to use the internal audit checklist from this web site as a gap analysis checklist. Either way, the key to have a list of questions based on the standard that will uncover any weaknesses in the QMS before the project begins.
Gap Analysis Auditors
Performing gap analysis is best done by someone who is familiar with the ISO 9001 standard. If the company has no one with this experience, then consider outside training for the person who will be the lead internal auditor. Without grasping the goals behind the standard, you and your company can waste a lot of time improperly documenting flaws and over engineering solutions.
Performing a Gap Analysis
I recommend performing a basic ISO 9000 awareness training before the gap analysis. The awareness training will help reduce fear or resistance to the change that sometimes comes with a large company wide project. Once everyone understands the goals of the ISO project and is ready to be audited, start the gap analysis in sections. Covering sections 4,5,6,7 and 8 all in one audit is a mind melting experience. Start with section 4 to see how fast you can properly document the a section. Then schedule the remaining section based on your experience.
As you go through each section, you will either find that a system is already in place that meets the requirements of the ISO9001 standard or you will write a finding for that section. If you find that the system is in place, simply log the document numbers on the gap analysis sheet and move on. If you find that a large portions of the quality systems are missing, then you can write the equivalent of a major finding with a larger scope and not waste too much time listing every detail of what is missing.
How to use the result of the gap analysis
Once you have completed the gap analysis, you will have a list of missing or under-developed documents, records and systems. If you use the checklist from this web site, the result of the gap analysis will be a list of individual item that must be corrected. If the check sheet said “what document is used to the describe record retention?” and you found no document, then the document should be created. Once you feel that everything is in place, then you will want to repeat the audit to confirm that you can answer every question on the internal audit checklist with a positive response.
If the gap analysis show that your systems are in relatively good shape with some area for improvement, then I would make the gap analysis the first record in your internal audit notebook. This will help build a history of audits. If the gap analysis shows major flaws, you may want to fix them and then perform an internal audit as the first record to meet your internal auditing requirements. External auditor will frequently look at your internal auditing records to see if there are any blatant problems with the QMS, so don’t make their job too easy.

ESTABLISHING THE INITIAL STATE OF THE QUALITY MANAGEMENT SYSTEM

The implementation of an ISO 9001 conformant system must recognize that it is but a step in a long-term development of a continually improving QMS. Unfortunately, it is often the case that ISO 9001 is taken as a means to an end, where the implementation of a QMS is not the primary objective, rather certification is. As a result, SMEs may end up with stacks of documentation waiting to be processed that adds no value, but cost.

According to the requirements of ISO 9001, an organization must develop only six documented procedures: (1) control of documents, (2) control of quality records, (3) internal audits, (4) control of non-conformities, (5) corrective action, and (6) preventative action. A quality manual and several records are also required. The development of other procedures, work instructions, and other documents is largely at the discretion of the organization. From the very beginning of the process, it is therefore essential that SMEs establish a balanced view between a short-term focus (marketing/sales) and a long-term focus (achieving company-wide quality awareness through TQM). ISO documentation should be considered as an enabler along that way and SMEs must guard against the creation of unnecessary documentation.

However, even when such a view is adopted, many SMEs struggle to move from their initial state to a fully functional ISO 9001 QMS. Over the last several years, we have been involved in ISO 9001 implementation projects in seven different SMEs. The SMEs have ranged in size from approximately 20 employees to 500 employees. The SMEs have been drawn from a variety of sectors in Virginia, including manufacturing, distribution, and services. Based on our experience, we developed a schematic of initial states of an organization in terms of the

existence and functionality the documentation required by the standard while functionality is equated with an effectively operated QMS that leads to increased customer satisfaction and continuous improvement of business results. A successful QMS must be fully functional and appropriately documented. With that in mind, there are four main states in which SMEs can be located in the beginning of the implementation process:

1. Complete Death: No documentation, no functioning This is the state in which there is no indication of the existence and functionality of the QMS. No documentation exists and no processes are in place to help ensure the quality of the product. Relatively few companies will find themselves in this situation.

2. Informally Alive: No documentation, some level of functioning Many SMEs exhibit an organic structure characterized by an absence of standardization and the prevalence of loose and informal working relationships. SMEs operating in this state are more likely to rely on people rather than a system. In such situations, key personnel may resist documentation for two key reasons “(1) documentation is considered a waste of time and (2) documentation of processes and procedures makes the individual less dependable” . SMEs in this state perform some or all of the processes required by ISO 9001 and the QMS may function fairly well. However, they are not willing and ready to document those processes unless there is a cultural change lead by top management.

3. Formally Death: Some level of documentation, no functioning SMEs categorized in this state have documented processes and procedures at some degree, however, the documents are generally not followed and do not necessarily reflect the actual manner in which the organization undertakes its operations and management. This situation highlights the fact that the mere existence of documentation does not necessarily lead to a functional QMS. Moreover, such a situation may help perpetuate the view that ISO 9001 is a way for SMEs to market their products and services but that implementation of the standard requires stacks of documents that offer no value.

4. Formally Alive: Some level of documentation, some level of functioning Each SME considered in this state, achieves a unique combination of the existence and functionality of processes and procedures that may or may not be required by ISO 9001. As illustrated in Figure 2, this situation is closest to the desired state of full functionality (100%) of the ISO 9001 QMS and full documentation (100%) of this functionality.

Integrating Management Systems Within The ISO 9001 Standards

Integrating Management Systems Within The ISO 9001 Standards

Today’s free market economies increasingly encourage diverse sources of supply and provide opportunities for expanding markets. Fair competition needs to be based on identifiable, clearly defined common references that are recognised from one country to the next. A standard, internationally recognised, developed by consensus among trading partners, serves as the language of trade. The International Organisation for Standardisation (ISO) has developed around 8?700, mostly technical related standards on this basis. Standards Series such as ISO 9000, ISO 14000 and what is to be known as ISO 18000 and ISO 26000 are Management related. These standards contain generic guidelines for Management Systems in the area of Quality, Environment, Occupational Health & Safety and Human Resources.

ISO is a word derived from the Greek isos, meaning “equal”. ISO 9000 Standards are developed and updated by the International Organisation for Standardisation which has around 150 member bodies. A member body of ISO is the national body “most representative of standardisation in its country”.(eg. Germany – DIN, USA – ANSI, Australia – SAA).
More than 50 countries, as well as the European Community have adopted ISO 9000 which is recognised internationally as a benchmark for measuring quality in a trade context. Since its first issue in 1987, approximately 430?000 companies have been using ISO 9000. Being a standard coming from an organisation that is usually involved in the development of technical standards, ISO 9000 is often regarded as a document that belongs in the hands of a technician exposed to production line quality control. At a closer look, however, ISO 9000 Standard Series provide guidance in the development and application of Management Systems as well as Quality Control in Manufacturing and Administration.

ISO has been developing a number of Management System Guidelines for various aspects of business. The most recent are the ISO 14000 Environmental Management System Guidelines. This is an international standard that will affect business in the near future. ISO 14000 has been designed to integrate with ISO 9000. However, apart from international standards there are local standards a company has to comply with. To remain compliant with local standards, further manuals and/or procedures are required (eg. lifting procedure in a warehouse to satisfy Work Safety requirements). A company may have several Manuals describing its Management Systems (eg. Human Resources, Quality, Security, Health/Safety, Finances). An overall link between the systems is often missing which makes the monitoring and the assessment of effectiveness difficult. Double handling of information, contradicting instructions, high maintenance costs, administrative excess and lack of overall transparency are common results.
ISO 9000 Standard Series for Quality (of) Management Systems provide generic guidance for the development of an overall Management System, ISO 14000 provides guidance for Environmental Management, etc. Transparency and monitoring of all business activities can be achieved by integrating all systems into one.
Complaints that ISO 9000 is paralysing operations and, that it does not reflect reality are usually a result of not clearly understanding how the standard can be properly structured to address the needs of a company. ISO 9000 can be structured by focusing on “best practice” process rather than the standard, by fitting the standard to the process and not the process to the standard. Having recognised this, ISO has been working on a new structure for ISO 9000, called “Vision 2000?, taking a process orientated approach to ensure that “best practice” as well as several standards can be addressed within one system. Focusing on process allows the development of a practical “working document”, providing an effective management tool. Having learned from the past, the trend to Process Orientated Management Systems started about three years ago in Europe and is finding increasing approval from certification bodies.Every company has its own culture and key individuals.
The business environment influences processes in certain ways (eg. employee market, laws, infrastructure, client, etc.)
To ensure competitiveness a company needs to ensure adequate flexibility in their system to effectively respond to changes in the business environment.
An effective system is a lean system that incorporates all necessary functions, controls of activities and “best practice” without being caught up in detail.
An effective system must also be flexible enough to enable the proper controls on outsourcing and sub-contracting of activities (eg. production, administration, service, etc.)

ISO 9000 Standards Document control procedures

ISO 9000 Standards Document control procedures
The ISO 9000 Standards requires that a documented procedure be established to define the controls needed.

This requirement means that the methods for performing the various activities required to control different types of documents should be defined and documented.

Although the ISO 9000 standards implies that a single procedure is required, should you choose to produce several different procedures for handling the different types of documents it is doubtful that any auditor would deem this noncompliant. Where this might be questionable is in cases where there is no logical reason for such differences and where merging the procedures and settling on a best practice would improve efficiency and effectiveness.

Documents are recorded information and the purpose of the document control process is to firstly ensure the appropriate information is available where needed and secondly to prevent the inadvertent use of invalid
information. At each stage of the process are activities to be performed that may require documented procedures in order to ensure consistency and predictability. Procedures may not be necessary for each stage in the process.

Documentation Structure For ISO 14001 EMS

ISO 14001 Standard does not require an Environmental Manual. Despite this, almost all companies I worked with developed and used EMS Manuals. Many of our clients use a four-level structures, including records, as shown below:
Manual – level 1
Procedures – level 2
Instructions – level 3
EMS Records – level 4
While auditing EMS systems like the one above, I often asked clients about the position of their Environmental policy in this structure. If you start from an Environmental Manual, how would you know what standard this manual should cover? The Environmental policy defines it and therefore it may be included into the structure:
Policy – level 1
EMS Manual – level 2
ISO 14001 Procedures – level 3
Work Instructions – level 4
EMS Records – level 5