I’m Kyle Chambers. I’m the founder and owner operator of Texas Quality Assurance. I get asked by friends and family frequently about what I do.. I tell them Quality Management (Auditing, Consulting and Software Development) most commonly ISO 9001 ( I end it there, 18001, 14001, API, that will just muddy the conversational waters far too much ). And its deer in the headlights a lot. I also run into a similar situation with prospective clients and top management of companies I work with from time to time. Folks just don’t have a firm grasp on the what the process of getting and using ISO 9001 or any management system is.
Lets stat by answering some basic questions.
- What is Quality Management
- How do I “get” ISO 9001
What is Quality?
In this Quality Manager’s experience, here we go. First, we need to define what “Quality” is. There are many definitions, Dr. Google defines it as “the standard of something as measured against other things of a similar kind; the degree of excellence of something.” Maybe that’s correct, but it’s hard to understand. And if its quality, it should be easy to understand and clear to see. Texas Quality Assurance defines Quality as “Saying what you’re going to do, and doing, and doing it repeatedly”. Of course, lots of pieces of the puzzle make this definition of Quality a reality. There are four principles that build up “Quality”. Quality is all about integrity and hard work, after all isn’t integrity doing what is right when no one is looking. And hard work is sticking to the task when it’s not easy? And don’t you need to be proactive to maintain quality? You need to anticipate problems and devise solutions. And then if you’re really a Quality company, you’re going to deliver better than your customer expected, that’s “High Quality” when a spirit of generosity is applied to your work.
So lets summarize, Quality is the essence of doing what you said you’d do, over and over again. And this is based on four principles.
- Integrity – Proverbs 28:6
- Proactivity – Proverbs 1:28-31
- Generocity – Proverbs 11:24-25
- Hard Work– Proverbs 13:4
What is Quality Management?
Now let’s talk about Quality Management. It’s the act of applying our simplistic definition of quality and living the principles and infusing them in our organization. But we need a structure, we need a framework to work within. It’s true, we could on our own from our intelligence, work history, and experience develop a framework to maintain our Quality Management System. But it’s also true, this hard work has been done by others in a form that is Internationally Accepted. We find this in the form of standards such as ISO 9001 (most common Quality Management Standard World Wide) or ISO 14001 (Environmental Management) or a variety of API Standards (American Petroleum Institute), etc… But for now, we will discuss ISO 9001.
First, let’s recognize ISO 9001 comes with its own set of Quality Management Principles. You can read more about that here, Seven Quality Management Principles (ISO 9001:2015) . They are:
- Custom Focus
- Engagement of People
- Process Approach
- Evidence Based Decision Making
- Relationship Management
And these are the guiding lights of the standard. The principles translate well to MOST ANY Quality Standard as they vary from industry to industry.
ISO 9001 Framework
ISO 9001 is all about providing a base framework to ensure Quality. So how is that done you ask? Well its really quite simple. And it starts with Documented Information. If you’re part of a company, unless you’re government subsidized, you Do Something or Make Something valuable to other people. And either EVERYTHING is done verbally (not efficient and not a good way to ensure quality) or you write something down. Usually it starts with procedures to tell the next guy you hire how to do the work, or to remind you two years later when you forgot all the great things you came up with in today’s team meeting. Along the way, you’re going to need to check to make sure the part’s dimensions are correct, or a checklist to make sure you did everything you set out to do. There is an old saying that I love, and it goes “Nothing good ever happened before pen was put to paper” so if you check dimensions or do a checklist, WRITE IT DOWN AND SAVE IT SOMEWHERE. Your “Control of Documented Information Procedure” will tell you where that “somewhere” is, and it will tell you who is allowed to put it there, and who is allowed to edit it, and maybe how long you need to keep it. IE medical records must be kept for 40 YEARS past the last date of employment. So let’s say Jim worked for you for 40 years and had an accident his first week on the job, looks like you have to keep records for 80 years. Good thing you have a well-documented system for keep tracking of procedures and records. Buy beyond that, say you build a widget, maybe you make the best stapler in the world that always goes through all the pages and can staple 2 or 100 pages together effortlessly. I’ve got news for you, you didn’t design an awesome stapler, you created intellectual property such as material specs, technical drawings, contracts with suppliers, inspection forms that are used during manufacture, and so on. You created a whole heap of intellectual property. If you don’t store it, protect it, and properly track changes and revisions, your business is going to be in serious trouble in a few years. Documentation is where it starts.
“Shameless promotional plug” Texas Quality Assurance as developed software tools that manage ALL you’re documented information, and automates the process. Check out TQA Cloud|QMS simplified .
Once your documentation systems are somewhat in place (they will evolve as your program does) it’s time to get to the work. First, let’s hit on leadership. I’m going to be honest, not all leadership “gets it” they just know their biggest customer is pushing for ISO 9001 or some other standard, and they are ordering you to “get ISO 9001” as though it were a product to purchase at a supplier. If this is your management team, you have my condolences. But all hope is not lost. This places you in a WONDERFUL position to develop those dormant leadership skills and inspire your team to action as you show value for each process and each improvement. Show them the light at the end of the tunnel, that fewer rework, more efficiency, and less headache and more enjoyable job are at the end of the ISO Rainbow. Now that “Leadership” is established, it’s time to get to work on developing a “Quality Policy” – effectively a mission statement for your Quality Management System, but this one has key objectives attached to it, so you can measure how good of a job you did next year.
So regardless if your leadership is leading the charge or you are, leadership is now involved, and we’ve got to make a plan. Fail to Plan – Plan to Fail, that’s how the old axiom goes, and its gospel truth. The biggest threat to your Quality of your products and/or services is Risk. This just goes without saying. So from the get-go, make a plan to identify risk, and document how you addressed it. We’ve presented just a few ideas in this article for you to read. Risk Based Thinking – How to solve the problem during transition. Next, you need a plan for changes. What happens when someone needs to update the drawing on that awesome stapler, who gets notified, who approves the changes? You need to identify these sort of things. Last, let’s make a plan to achieve the Quality Objectives. This is your own personal scorecard to measure how great the system is.
Every company has at least one supplier. I heard a story of a company that make the concrete pads that were used for Verizon cell phone towers out in the middle of nowhere. The company had only 2 employees, and only two suppliers (chicken wire and concrete). But don’t you know that the concrete they used was some special grade that was specifically selected and mixed for this purpose? Even in this most simplistic example, we had a rudimentary supplier approval process. You need to identify your suppliers, and grade them on impact to the quality of your organization, IE commodity (Office Depot, CDW) direct material, or Quality Critical. And then simply create a plan to get these different suppliers approved, and monitor them, and re-valuate them on a schedule that makes sense for your organization. Some companies opt to hire auditors to go check out critical suppliers on an annual basis. But for crying out loud, don’t make Office Depot go through a supplier approval process unless you’re and arts and crats company and buy all your paper from Office Depot.
Competence and Training
You’re steadily marching forward, and now it’s time to talk about making sure folks are trained “Competence, Training & Awareness”. By now, you’re got some process procedures, and best practices identified. Let’s make a matrix of skills folks have to have. Let’s make sure EVERYONE has a job description. Regularly review and make sure folks meet the requirements for their job. Few things are worse for Quality AND Moral than an employee who doesn’t know how to do their job and doesn’t feel supported. Nip that in the bud.
With any Quality Management System, and of course with ISO 9001 you’ve got to make sure folks do the work. Production schedules are an amazing way to do this. Get key folks together, and get input, and get a plan together to meet deadlines and due dates. Of course, during this process, things WILL GO WRONG. But that’s OK, because you planned for Risk, and can handle that. Simple tools such as a “Nonconformance Report (NCR)” will track every little defect and detail of what went wrong. After weeks or months, you can see trends in the data, and this might clue you in that these 10 defects might actually be related. Here is where we issue a “Corrective Action Report (CAR)”. The CAR is often quite similar to an NCR, but the goal is vastly different. The goal here is to find the ROOT CAUSE and eliminate or at least mitigate it.
Monitoring and Measuring
All that’s left now is to monitor your processes. IE do inspections on your parts, checklists on services. Go ahead and find out what your customers think along the way, after all aren’t they the judge of your Quality? Once your organization is ready, it’s time for an Internal Audit. An Internal Audit can be conducted 100% by your folks, 100% by an outside company such as Texas Quality Assurance, or some mix of the both. The goal is to inspect every process, every department, and judge it against your procedures and the standard, IE ISO 9001. The length of the audit can vary depending on how many employees you have, from a 2-day audit to a 10-day audit. Once everything is said and done, it’s time to gather all the metrics collected during the year, and 100% including the results of measuring against the Quality Objectives, results from the Internal Audit, and put together a Management Review. This document has some very specific requirements outlined in the standard, but provided you include these requirements, and assemble all the great data your collected it should be a great snapshot of the health of your Quality Management System.
Internal Audit & Management Review
If this is your first round of Internal Audit and Management Review, then you’re likely looking forward to going for certification for a 3rd party company known as a Registrar. There are many companies qualified to conduct 3rd party audits, but be weary not all are created equal. Check out their credentials, sniff it out, check out the company that registered them. If you need some official recommendations, I can recommend NSF, Dekra, and of course the big boys Lloyd’s Register and Bureau Veritas. Its normal to be audited twice. Once for a Stage 1 audit often called a “Readiness Review” and a Stage 2 “Certification” audit. Stage 1 is generally 1-2 days and Stage 2 generally 2-5 days. You can expect at least a month in between audits.
Now you’re certified, you “got ISO 9001”. This is where continual improvement really comes into play. Innovate or die, this is true for getting new products to market, and its true for your Quality Management System. There will always be ways to improve, to streamline, and to get better employee engagement. Take every opportunity, get out there and do the work.