At 9:30am I was called into the conference room with everyone else in our company. It was time for the Employee Awareness ISO Meeting. I thought the presentation would last an hour and just go over the basics of what we need to know: like an idiot –proof training video. Then at 10:45am I found out it was going to continue until 12pm. I maintained my sanity by taking notes and occasionally spacing out.
The following notes were taken between 9:30am-12:00pm on May
31st 2013 and covers everything you could ever want to know about
the ISO Certification Process:
I.
What is
ISO? (Besides frustrating…)
a. Our company
is registering for 2 ISOs:
i.
ISO 9001: 2008 = Quality Management System (QMS)
ii.
ISO 14001: 2004 = Environmental Management System
(EMS)
b. ISO stands
for “International Organization for Standardization”
i.
It was also given the “ISO” name for the Isosceles
Triangle –which is equal on all sides.
c. Blame the
British –they started the process to standardize military procedures.
II.
What does
ISO Entail?
a. ISO
Standards contain “Shells” –Things that you Must Do (Mandatory)
b. “Requirements”
are contained within the shells that must be met
III.
Common
Misconcept-Shuns + Benefits
a. Not ALL
Procedures need to be covered (Just the main ones)
i.
Too many procedures will lead to over complication
ii.
Don’t get caught up in semantics
b. There isn’t
as much paperwork as their use to be
c. It can
actually make communication and processes easier
d. You can
always change procedures to make them more effective/ updated
e. Helps
establish everyone’s roles + responsibilities so people can work well together
and achieve overall goals
f.
Helps meet customer’s standards and expectations
g. Helps
establish customer’s faith in company/products/services
h. Keeps
company accountable
i.
Leads to continual improvement of quality
IV.
Specific
Aspects of the ISO Process
a. In the ISO 9001
there are 126 shells
b. There are Internal
and 3rd Part Audits to Prove the ISO Process is being followed
c. There are
ongoing Quality checks
d. ISO 14001
makes sure participate in Environmental Programs (like Recycling)
e. ISO
standards gives Templates + Requirements then your Company creates its own Manual
on the specific ways it will achieve those requirements (and also notes the requirements
that do not apply –and why)
f.
It starts with the Manual, then Flow Charts are made
for how the Processes will be enacted, and then Concrete Records are maintained
along the way to show Proof that they are being enacted.
V.
Documentation
a. Needs to
be: Legible, Dates, Annotated with Revisements, Organized, Functional,
Retained, Easy to Understand
b. Maintain
Hard Copies and Soft Copies of the ISO Process + Data Records
i.
Make sure they are easy to find + follow
c. Share documents
on a shared Database/ File System
d. Also note
when records can be discarded/thrown away
VI.
Process
Approach
a. Customer
has Requirement/Request à Product
Created by Company (Input à Process à Output) à Product goes to Customer à Customer Satisfied? à Measure Customer Satisfaction w/
Analysis and Improvement à Management
Responsibility Given à Resource
Management Implemented à Product Adjusted
by Company à Customer
Satisfied
VII.
What You Show
Auditors
a. Show: Who
the customer is, Who is responsible for pleasing the customer, How do they
achieve that, and Where is the Proof?
b. Establish Customer
Needs à Manage
Customer Relations à Ensure
Customer Satisfaction
c. ISO
Compliant: Follows ISO Standards, but is not Registered
d. ISO
Registered: Has gone through Auditing and has met requirements
e. Make sure
Policies are Measurable and Consistent
f.
Management Review (after Audits) = Must review audit
results/ feedback
VIII.
Your
Company
a. Quality
Policy
i.
Introduction to Policy = 2 long sentences about policy
ii.
Policy Statement = 2 long sentences followed by 4 “Key
Principles”
iii.
Key Principles = How you plan to achieve Quality
Policy Goals
b. Make sure
each individual within the company can show how they specifically fulfill the
Quality Policy in their own work
c. Keep your “elevator
pitch” to 3 floors
d. Environmental
Policy
i.
Same as Quality Policy (only we had 6 Key Principles)
ii.
Company decides what the Key Principles are and how
many
IX.
Resource
Management
a. Know: What
training is needed, What is the training process, and who/who provides the
training
b. Ensure
Suppliers/Distributors are Qualified
c. Make sure
products and inventory are monitored/recorded
d. Monitor
input/output as well as housing inventory/shipments
e. Make sure
Assembly is recorded as well as Marking Individual Products
f.
Maintaining/ Handling customer property
g. Report
inconsistencies, malfunctions, nonconformities in product
X.
Review
Improvement and Maintain
a. Analyze
Data + Records à Interpret
b. Maintain
Audit Records + Improvement Efforts/ Records
c. Prove improvements
have been made during Management Reviews
d. Show
emergency preparedness and response
e. CARs =
Corrective Action Request (when someone makes an error)
f.
Look for Preventative Actions to prevent issues from
arising
g. Review
effectiveness of Policies, Processes, and Management
h. Anyone can
join the Management Review + add topics to the Agenda
XI.
Environment
(EMS)
a. This policy
really should have been implemented 5 years ago…
b. Switch from
plastic cups to everyone getting their own canteen water bottles
c. Recycle as
much as possible
d. Policy
monitors company’s effect on: Air, Water, Land, Flora, Fauna, Humans, Natural
Resources, and their inter-relation
e. Measures 2
things: “Aspects” and “Impact”
f.
Aspects = Elements that lead to company’s effect on
the environment
g. Impact = Company’s
effect on the environment
XII.
Registration
Process
a. Stage 1
Audit: 3rd Party Auditor comes in and reviews company’s
documentation that covers ALL of the ISO Standards and Requirements
b. If the
company is found to be compliant, they are then recommended to Stage 2
c. Stage 2
Audit: On-sight 3rd Party Audit checks what they want (all/most
employees)
d. Internal
Auditor oversees 3rd Party Auditor to ensure they are following
rules
XIII.
Audits
a. Like a job
interview for a Company to see if they are ISO certified
b. Occur every
6 months generally
c. Things each
person in a company should do:
i.
Explain what you do/ what you are responsible for
ii.
Just answer the questions asked à Keep it straight forward and
simple
iii.
Explain procedures in place and apply to your job
iv.
Do you have the correct procedures in place? Do they
work?
v.
What do you do if things go wrong?
vi.
Do you keep proof/ maintain records à Where?
vii.
How do you know you did things correctly?
viii.
What is the Quality Policy? How do you fulfill it?
ix.
Have you received ISO training?
x.
How is your work quality reviewed?
xi.
Don’t Add Info Not Asked For
xii.
Never Lie
xiii.
If you don’t know –say so or find the answer
xiv.
If you don’t understand a question –ask for it to be
explained further
xv.
Know the company’s policy statement in general, but
you don’t have to recite it
XIV.
Audit Fails
a. Nonconformances
= written up by Auditor and given Corrective Action
b. Make a Root
Cause Analysis to see what the underlying problem is
c. Show proof
that corrective actions have been made/ implemented
d. 2 kinds of
nonconfromances:
i.
Quality system does not meet requirements
ii.
Company does not yet show they are complying with the
system
e. You need at
least 3 months of “proof” put in place
f.
If there are nonconformities they will clearly list
them for you
g. Keep
records of all Audits
h. 3 levels of
Auditors:
i.
Provisional Auditors
ii.
Auditors
iii.
Lead Auditors