Beruflich Dokumente
Kultur Dokumente
of the organization
by Pretesh Biswas, APB Consultant
Introduction:
The implementation of QMS should be the strategic decision of the organization
and is influenced by the context of the organisation and the changes in that
context. The changes in the context can be with respect to its specific
objectives, the risks associated with its context and objectives, the needs and
expectations of its customers and other relevant interested parties, the products
and services it provides, the complexity of processes it employs and their
interactions, the competence of persons within or working on behalf of the
organization and its size and organizational structure.The context of an
organization will include internal factors such as organizational culture, and
external factors such as the socio-economic conditions under which it
operates.The scope of ISO DIS 9001:2015 states that organization needs
to demonstrate its ability to consistently provide products and services that meet
customer and applicable statutory and regulatory requirements and aims to
enhance customer satisfaction.
Any interested party which is not relevant to the quality management system need
not be considered and similarly any requirement of the interested party not
relevant to the quality management system need not be considered. Determining
what is relevant or not relevant is dependent on whether or not it has an impact
on the organization’s ability to consistently provide products and services that
meet customer and applicable statutory and regulatory requirements or
the organization’s aim to enhance customer satisfaction. The organization can
decide to determine additional needs and expectations that will meet its quality
objectives. However, it is at the organization’s discretion whether or not to accept
additional requirements to satisfy interested parties beyond what is required by
this Standard.
There are a new clause relating to the context of the
organization,
Internal context can also be defined as anything within the organization that may
influence the way in which the organization manages its internal risks. Once
the internal context is understood, one can conduct the macro-environmental
external analysis using “PEST” (political, economic, social and technological)
analysis.This analysis determines which factors are can influence how the
organization operates. The organization cannot control these factors, but they
must seek to adapt to them. The PEST factors can be classified as opportunities
and threats in a SWOT (strengths, weaknesses, opportunities and threats)
analysis. Alternatively, some organizations might use Porter’s “Five Forces
Model.” These methods are used to review a strategy or position or direction of
an organization. Completing a pest analysis is simple and helps the individuals
involved in the organization to understand and find ways to deal with the context.
Customers:
Organizations must attract and retain customers by offering products
services that meet their needs along with providing excellent customer
service
Employees:
There must be availability of people with the motivation to remain as
contributing members of the organization and develop the skills necessary
to provide a competitive edge
Suppliers:
Suppliers provide organizations with the resources they need to carry out
their activities. If a supplier provides bad service, this affects the way the
organization operates. Close supplier relationships are an effective way to
remain competitive and secure the resources needed
Investors:
All organizations require investment to grow. They may borrow the money
from a bank or have people invest in their work. Relationships with investors
need to be managed carefully as problems can detrimentally affect the long-
term success of the organization
Media:
Positive media attention can bring success to the organization by
maintaining its reputational strength. Managing the media (including the
presence in social media) is a challenge.
Competitors:
Example external issues could include, but are not limited to:
Firstly, the organization will need to determine external and internal issues that
are relevant to its purpose, i.e. what are the relevant issues, both inside and out,
that have an impact on what the organization does, that would affect its ability to
achieve the intended outcome(s) of its management system. It should be noted
that the term ‘issue’ covers not only problems, which would have been the subject
of preventive action in previous standards, but also important topics for the
management system to address, such as any market assurance and governance
goals that the organization might set for its management system. Next the
organization has to determine relevant interested parties and relevant
requirements of relevant interested parties.
Shareholders
Owners
Management
Employees
Trade unions
Suppliers
Partners
Client
Government agencies
Media
Society
any other person or organization interested in the organization
One tool which can be used for determining the relevant requirement of relevant
interested parties is Stakeholder analysis
Determining the scope of the Quality Management System (QMS) has been a
part of the ISO 9001 requirements for a long time. This scope is a vital part of the
QMS, as it defines how far the QMS extends within the company’s operations,
and details any exclusion from the ISO 9001 requirements and the justification
for these. It is through the scope that you define what your Quality Management
System covers within your organization. With the release of the new update to
the ISO 9001 requirements, ISO 9001:2015, there is some additional clarification
on defining the scope of the QMS. These clarifications will help to standardize
how companies define the scope of their QMS, even if they choose not to have a
quality manual, which is no longer a stated requirement in the standard. Section
4.3 of the standard details the requirements for determining the scope of the
Quality Management System. In a note about the QMS, it is stated that the QMS
can include the whole organization, specifically identified functions of the
organization, specifically identified sections of the organization, or one or more
functions across a group of organizations. To start, there are three considerations
to be included when determining the scope:
1. External and internal issues that are relevant to the purpose of the
organization, the strategic direction, and the ability to achieve intended
results
2. Requirements of relevant interested parties
3. The product and service of the organization
In addition, the scope is to include any requirements of the ISO 9001 standard
that can be applied, and if a requirement is determined to not apply, the
organization will not use this as a reason for not ensuring conformity of product
and service. The scope is to state the products and services covered by the QMS,
and justification for any instances where the ISO 9001 standard cannot be
applied. It is most common that the scope of the QMS covers the entire
organization. Some noted exceptions are when your QMS only covers one
physical location of a multi-location company, or when your manufacturing or
service is distinctly split between industries (e.g., in a plant with three assembly
lines where assembly lines 1 and 2 are for automotive and need to have a QMS
certified to the ISO/TS 16949 QMS standard for automotive, but you want line 3
to be certified to ISO 9001 since many of the automotive requirements do not
apply). So, your scope should identify the physical locations of the QMS, products
or services that are created within the QMS processes, and the industries that
are applicable if this is relevant. It should be clear enough to identify what your
business does, and if not all parts of the business are applicable, it should be
easily identified which parts are. Some examples could be:
Your scope does not have a size limit, and should include enough information to
determine what is covered by the processes of the QMS. However, it is important
to make it clear what is included and what is not. If it is not clear to you what
processes in your company are covered by your QMS, then how will it be clear
to an outside auditor or other interested party? Making your scope statement
simple and easy to read can help to focus your QMS efforts and prevent
unnecessary questions about activities that you may perform that may not be
applicable to your QMS certification.
The scope of ISO 9001 is given in clause 1 Scope, and defines the scope of the
standard itself. This should not be confused with the scope of the QMS, which is
a term commonly used to describe the organization’s processes, products (and
/or services), and related sites, departments, divisions etc., to which the
organization applies a formal QMS. (Note, this does not necessarily include all
the processes, products, sites, departments, or divisions etc. of the organization).
The scope of the QMS should be based on the nature of the organization’s
products and their realization processes, the result of risk assessment,
commercial considerations, and contractual, statutory and regulatory
requirements. While ISO 9001 is generic and is applicable to all organizations
(regardless of their type, size or product category), under certain circumstances,
an organization may exclude complying with some specific ISO 9001
requirements , while being permitted to claim conformity to the standard. This is
because it has been recognized that not all the requirements in this clause of the
standard are relevant to all organizations. ISO 9001 itself makes allowance for
such situations. Consequently, the scope of registration/certification
encompasses the scope of the QMS, as well as describing any excluded ISO
9001 requirements. As the terms scope of the QMS and scope of
registration/certification are often used interchangeably, this can lead to
confusion when a customer or end user is trying to identify what parts of an
organization have been registered/certified to ISO 9001, what product lines or
processes are covered by the QMS, or what ISO 9001 requirements have been
excluded. In order to dissipate such confusion and to enable identification of what
has been registered/certified, the scope of registration/certification should clearly
define:
1. the scope of the QMS (including details of the product lines and related sites,
departments, divisions etc. that are covered by it).
2. the organization’s main processes for its product realisation or service
delivery activities (such as design, manufacture and delivery), for the
product lines that are covered,
3. any ISO 9001 requirement that has been excluded
(It should be noted that the scope of registration/certification is not the same
as the certificate that is awarded to the organization after successful
demonstration of conformity to ISO 9001. The certificate will usually include
a synthesized description of the scope of registration/certification, but not
the details of the ISO 9001 requirements that have been excluded; however,
it may include a note to refer to the fact that the exclusions are detailed in
the organization’s Quality Manual.)
“To become the most trusted manufacturer, installer and service provider of fiber
optic/copper cabling (IT cabling) and IT cabinets within India and Europe.“
What is our mission?
Strategic Direction:
“To open two new offices in India, and one new office in Germany, and Spain this
year. To implement and gain accredited certification to ISO 9001 and ISO 14001
in these new offices, within a year of the offices opening. To employ a motivated
workforce that will embrace the organization’s values, and complement the co-
operation and collaboration needed to achieve the effective application of our
processes for continual improvement.“
External issues
Internal issues
Determined scope
The production, installation and on-site managed service of fiber optic cabling
(for Information Technology connectivity), and the installation and on-site
managed service of copper cabling and IT cabinets, at client sites in India,
Germany and Spain.
Manufacturing sites/Offices:
India (Manufacturing)
Germany (Office)
Spain (Office)
Applicability:
All clause requirements are applicable to the above scope, except: 8.3 (Design
and development of products and services). This is because the organization
does not design its products and services, but produces fiber cable (and installs
IT cabinets, and cabling along routes) according to established/defined standards
and industry guidance. Clause 8.3 is therefore not applicable to our Quality
Management System.
—————————End of example—————————————
Clause 4.4.2
The primary focus of clause 4.4.1 requirements is to manage and control all your
QMS processes including processes for operations. QMS includes processes
for management(leadership) activities, Planning which includes risk assessment,
support processes (such provision of resources, communication etc), Operation,
performance evaluation and Improvement as part of QMS. Clause 4.4.1 requires
the ‘Process Approach’ to be used in defining your QMS. Documentation of QMS
processes and the need for and detail of specific process documentation is
determined by ISO 9001, customer, regulatory and your own organizational
requirements, complexity of products and processes, effect on quality,risk of
customer dissatisfaction, economic risk,effectiveness and efficiency, competence
of personnel.Clause 4.4.2 requires you to have documents needed to ensure the
effective planning, operation and control for QMS processes. Based on these
factors, you must determine what processes need to be documented and how
you will document it. Not all processes need to be documented; your
documents must also include a description of the interaction between your QMS
processes. A number of different methods can be used to document processes,
such as graphical representations, written instructions, checklists, flow charts,
visual media, or electronic methods, etc. Process flowcharts or block diagrams
can show how policies, objectives, influential factors, job functions, activities,
material, equipment, resources, information, people and decision making interact
and/or interrelate in a logical order. Procedures may be an acceptable way to
document processes provided they describe inputs and outputs, appropriate
responsibilities, controls and resources needed to satisfy customer
requirements. Regardless of whether or not you document all of your processes,
you must provide evidence of effective implementation of all your QMS
processes. Such evidence does not necessarily need to be documented.
Clause 4.4 c requires you to determine criteria for effective process operation and
control. You could determine criteria to control inputs, outputs and resources
used. For example
a.
Raw materials as an input to production would have acceptance criteria
that it must meet before it can be used.
Finished product as an output of the production process must meet
acceptance criteria before it can be shipped to the customer;
The equipment used to transform raw materials into finished product
may have set-up and capability criteria or parameters that it must meet
in order to produce conforming product.
These criteria (controls) must be established for each QMS process. Note that
such controls may also come from the customer, regulatory or industry
bodies. Equally important are the specific methods required for effective
operation and control of each process. These may include job travelers; work
instructions; in process inspection sheet; specifications and drawings; SPC
charts; set up checklist; machine manuals; etc. Note these control methods may
apply to any or all of inputs, outputs or conversion activities.
This clause also requires you to monitor and measure your QMS processes.
Clause 9.1 provides requirements to plan and implement these controls for
monitoring and measuring conformity to process performance criteria determined
above. Ways to monitor and measure QMS processes may include – tracking
against process parameters, goals and objectives, using tools and records such
as process check-sheets; product acceptance criteria; SPC records; production
records; maintenance records; labor records, etc. More details on monitoring and
measuring controls are covered in clause 9.1.
Under 4.4.1d, resources for QMS processes may include facility, material,
equipment, labor, supplies, utilities etc. Every QMS process will require a different
combination of resources. Resource details may be identified in
specifications,production schedules, bill of materials, production travelers or
routers, work instructions, etc. Information for QMS processes will vary from
process to process and may include -production schedules, bill of materials,
product acceptance and process performance criteria, production traveler or
router, work instructions etc. Use clause 7.5 and other relevant clauses to control
process information.
Under 4.4.1 e the organization shall has to ensure that adequate responsibilities
and authorities are assigned as per as the requirements given in the clause 5.3.
This promotes the use of risk based thinking. Risk is defined as the “effect of
uncertainty.” Notes in the definition further describe risk as a “deviation from the
expected,” either positive or negative. The term “uncertainty” is defined as a lack
of information or knowledge about a potential event that can be expressed as a
result of the likelihood and consequence of such an event. A positive deviation
arising from a risk can provide an opportunity, but not all positive effects of risk
result in opportunities. Actions to address opportunities can also include
consideration of associated risks. Clause 4.4.1 f requires that when planning its
QMS, the top management must implement and promote a culture of risk-based
thinking throughout the organization to determine and address the risks and
opportunities associated with providing assurance that the QMS can achieve its
intended result(s); provide conforming products and services, enhance customer
satisfaction; promote desirable effects and improvement; and prevent, or
mitigate, undesired effects.
Clause 4.4.1 g requires evaluate of QMS processes as per the requirement given
in clause 9.1.3 and evaluation may be done through a review of measurement
and monitoring records and performance indicators for each process. These
reviews must identify opportunities to improve QMS processes, use of resources
and product quality. Clause 4.4.1 h calls for improvement in process as per as
the requirement given in clause 10. When process nonconformities occur, then
corrective action is required to bring the QMS process under control. Remember,
the corrective action process is not just for product related
nonconformities. Processes must be continually improved through setting of
incrementally realistic, measurable objectives. Planning for continual
improvement requires a review of process data, resources and controls to bring
about the desired change.
Clause 4.4.1a – 4.4.1h must be applied to all QMS processes. Note also that
many ISO 9001 clauses (e.g. clause 8.2; 8.4; 8.6; etc.), require specific processes
to be established within your QMS, These processes must also be identified and
controlled in your QMS.