Articles and Comments
Still wasting your time with ISO 9001?
"9001 does not give me quality" "We get no value from our ISO system" "It costs too much to keep it up to date" "There's too much paperwork" An ISO 9001 Quality Management System was supposed to provide all sorts of benefits, but many organisations still think it is a waste of time. So why has it not delivered? There are lots of reasons, including these:
- The consultant created a monster.
- Senior management don't support it.
- Staff don't understand it.
- Company just wants a certificate on the wall.
- It is only required so that the company can win a contract.
- The auditor is happy to just sign it off and move on, without supporting improvements.
ISO 9001 certification was originally promoted on the basis that it was going to improve business processes. Large organisations and councils took this onboard and, in some cases, forced it upon their suppliers and contractors. You may have thought that some consultants were paid by the page or, you might remember sending out supplier questionnaires which sometimes only benefited the consultants as this was how they identified new potential clients. As a result, what should have been, for many, a simple set of supportive business tools, became an expensive dust-collector.Many contractors within the Fire Protection Industry would be quite happy to simply dump their ISO 9001 system and carry on without it. Certification to ISO 9001 is, however, a requirement of the industry and for some very good reasons.
Industry regulators need confidence that contractors are in control of their activities and conduct their business in a systematic and consistent manner. They need assurance that all requirements are being met during production and installation, thereby reducing reliance on inspection of the final product.So why is your system not delivering as it is intended? What can be done to change your ISO 9001 system into something that works for you?
Firstly, use your quality system as it was intended. Use it as a business management tool. It needs to be part of the business system and not just an extra thing that you have.
As certification auditors, we often ask about company objectives and are told that there are none or there are a couple of token objectives, such as reducing complaints. When we ask if there have been any complaints, we are often told there are none. Often, after some lengthy discussion, it becomes apparent that the organisation has a number of business goals, such as increasing profit, market share, upgrading computer systems, hiring additional staff, upskilling, entering new industry sectors, restructuring the organisation. The only problem is that these goals and business plans are detailed in the annual business plan, which the company did not think was relevant to the ISO 9001 system.In actual fact, the business plan is the basis for the quality system and the procedures in the 9001 manual are supposed to support the achievement of those objectives.
ISO 9001 is an international standard for Quality Management Systems. It is simply a set of guidelines that provide sound business practices when properly applied. It is a tool for controlling your business processes and assisting with achieving your business objectives. More often than not, the quality system is virtually separate from the business system and business planning functions. These should be completely integrated.
The success of a Quality Management System has a lot to do with the attitude/leadership of senior management and how this is reflected to the rest of the staff. The quality policy should be a reflection of your attitude towards your business and its performance. The standard only has a few basic requirements about compliance and continual improvement. From there you can put anything you like into your policy. But, can you actually stand behind your Quality Policy and, for that matter, your Health & safety Policy, and confirm that you are achieving it. Quality Policies often have wonderful statements, saying the company is committed to: "meeting or exceeding customer expectations" "providing the highest quality of service" "continually improving our performance" "providing a great working environment" "providing staff with training and resources to ensure they perform to their best ability" "providing a framework to monitor and control our performance" "complying with all laws and regulations" But, how many of these do you actually achieve and can you prove it. One purpose of the Management Review is to confirm that these policy statements have been achieved, yet we often find that these have not even been discussed. Senior management need to be involved in the review of the Quality System. If you don't have time to be involved, why did you sign the policy to say that you were committed to quality? Give your staff some encouragement and stand by what you say your company stands for.
The Quality Policy
Internal audits can be such a drag. Bad luck! Those that do them properly have the best systems. Doing them properly does not mean spending hours and hours on them for no reason. Doing them properly means confirming that your staff are consistently meeting their responsibilities. Why would you not want to check that activities are done as you expect them to be done? It's too late when you loose a client or get hit by an insurance claim or find someone has quoted on a job that you did not want to get stuck with.
Are you sure that:
- Quotes and contracts are raised by the person with the authority to do so.
- Your staff are purchasing within their spending limit.
- All clients service jobs are being done on time.
- Staff are not buying more than they need.
- All contract information is recorded before work starts.
- All contracts are managed systematically.
- All liabilities are managed.
- Your staff havent changed the procedures without telling you.
There are several ways to complete your internal audits but they all involve checking that procedures are being followed. For some reason, this seems to be confused with reviewing procedures to check that they are relevant and current, which generally achieves very little. A decent internal audit will confirm both compliance and accuracy of the procedure.