ISO 9001 & ISO 14001 Standards

Preparing ISO 9001 Quality Manual

The standard requires a quality manual to be established and maintained that includes the scope of the quality management system, the documented procedures or reference to them and a description of the sequence and interaction of processes included in the quality management system.

ISO 9001 defines a quality manual as a document specifying the quality management system of an organization. It is therefore not intended that the quality manual be a response to the requirements of ISO 9001. As the top-level document describing the management system it is a system description describing how the organization is managed.

Countless quality manuals produced to satisfy ISO 9001:2008, were no more than 20 sections that paraphrased the requirements of the standard. Such documentation adds no value. They are of no use to managers, staff or auditors. Often thought to be useful to customers, organizations would gain no more confidence from customers than would be obtained from their registration certificate.

A description of the management system is necessary as a means of showing how all the processes are interconnected and how they collectively deliver the business outputs. It has several uses as :

1. a means to communicate the vision, values, mission, policies and objectives of the organization

2. a means of showing how the system has been designed

3. a means of showing linkages between processes

4. a means of showing who does what an aid to training new people

5. a tool in the analysis of potential improvements

6. a means of demonstrating compliance with external standards and regulations

When formulating the policies, objectives and identifying the processes to achieve them, the manual provides a convenient vehicle for containing such information. If left as separate pieces of information, it may be more difficult to see the linkages.

The requirement provides the framework for the quality manual. Its content may therefore include the following:

1 Introduction

(a) Purpose (of the manual)

(b) Scope (of the manual)

(c) Applicability (of the manual)

(d) Definitions (of terms used in the manual)

2 Business overview

(a) Nature of the business/organization – its scope of activity, its products and services

(b) The organization’s interested parties (customers, employees, regulators, shareholders, suppliers, owners etc.)

(c) The context diagram showing the organization relative to its external environment

(d) Vision, values

(e) Mission

3 Organization

(a) Function descriptions

(b) Organization chart

(c) Locations with scope of activity

4 Business processes

(a) The system model showing the key business processes and how they are interconnected

(b) System performance indicators and method of measurement

(c) Business planning process description

(d) Resource management process description

(e) Marketing process description

(f) Product/service generation processes description

(g) Sales process description

(h) Order fulfilment process description

5 Function matrix (Relationship of functions to processes)

6 Location matrix (Relationship of locations to processes)

7 Requirement deployment matrices

(a) ISO 9001 compliance matrix

(b) ISO 14001 compliance matrix

(c) Regulation compliance matrices (FDA, Environment, Health, Safety, CAA etc.)

8 Approvals (List of current product, process and system approvals)

The process descriptions can be contained in separate documents and should cover the topics identified previously (see Documents that ensure effective planning, operation and control of processes ).

As the quality manual contains a description of the management system a more apt title would be a Management System Manual (MSM) or maybe a title reflecting its purpose might be Management System Description (MSD).

In addition a much smaller document could be produced that does respond to the requirements of ISO 9001, ISO 14001, and the regulations of regulatory authorities. Each document would be an exposition produced purely to map your management system onto these external requirements to demonstrate how your system meets these requirements. When a new requirement comes along, you can produce a new exposition rather than attempt to change your system to suit all parties. A model of such relationships is illustrated in Figure 4.10. The process descriptions that emerge from the Management System Manual describe the core business processes and are addressed in Chapter 4 under the heading of Documents that ensure effective operation and control of processes.

TAGS: quality manual

Scope Of The Quality Management System

The ISO 9001 standard requires the quality manual to include the scope of the quality management system including details of justification for any exclusion. The standard addresses activities that may not be relevant or applicable to an organization. The permissible exclusions are explained in section 1.2 of ISO 9001. Here it states that the organization may only exclude requirements that neither affect the organization’s ability, nor its responsibility to provide product that meets customer and applicable regulatory requirements. The requirements for which exclusion is permitted are limited to those in section 7 of the standard.

Under ISO 9001:2008, it was possible for organizations to exclude functions and processes of their organization that may have been difficult to control or were not part of the order fulfilment cycle. Organizations that designed their own products but not for specific customers could escape bringing these operations into the management system. Marketing was omitted because it operated before placement of order. Accounting, Administration, Maintenance, Publicity, Public Relations and After Sales Support functions were often omitted because there were no requirements in the standard that specifically dealt with such activities. As there is no function in an organization that does not directly or indirectly serve the satisfaction of interested parties, it is unlikely that any function or process will now be excluded from the quality management system.

It is sensible to describe the scope of the quality management system so as to ensure effective communication. The scope of the quality management system is one area that generates a lot of misunderstanding particularly when dealing with auditors, consultants and customers. When you claim you have a management system that meets ISO 9001 it could imply that you design, develop, install and service the products you supply, when in fact you may only be a distributor. Why you need to justify specific exclusions is uncertain because it is more practical to justify inclusions.

The scope of the quality management system is the scope of the organization. There is no longer any reason to exclude locations, activities, functions or processes for which there is no requirement in the standard. The reason is because the ISO 9000 family now serves customer satisfaction and is not limited to quality assurance as were the 1994 versions of ISO 9001, ISO 9002 and ISO 9003.

It is not appropriate to address exclusions by inserting pages in the manual corresponding to the sections of the standard and adding justification if not within the scope of the management system – such as ‘We don’t do this!’.

It is much more appropriate to use an appendix as indicated previously in the manual contents list. By describing the nature of the business, you are establishing boundary conditions. If in doing so you do not mention that you design products, it will be interpreted that design is not applicable.

For exclusions relative to detail requirements, the Compliance Matrix may suffice but for an unambiguous solution, it is preferable to produce an exposition that addresses each requirement of the standard.

TAGS: quality management system

ISO 9001 Quality Policy

The standard requires the quality policy to be appropriate to the purpose of the organization.

The purpose of an organization is quite simply the reason for its existence and as Peter Drucker so eloquently put it there is only one valid definition of business purpose: to create a customer”(Drucker, Peter F., 1977)2 . In ensuring that the quality policy is appropriate to the purpose of the organization, it must be appropriate to the customers the organization desires to create. It is therefore necessary to establish who the customers are, where the customers are, what they buy or wish to receive and what these customers regard as value. As stated above, the quality policy is the corporate policy and such policies exist to channel actions and decisions along a path that will fulfil the organization’s purpose and mission. A goal of the organization may be the attainment of ISO 9001 certification and thus a quality policy of meeting the requirements of ISO 9001 would be consistent with such a goal, but goals are not the same as purpose as indicated in the box to the right. Clearly no organization would have ISO 9001 certification as its purpose because certification is not a reason for existence – an objective maybe but not a purpose.

Policies expressed as short catchy phrases such as “to be the best” really do not channel actions and decisions. They become the focus of ridicule when the organization’s fortunes change. There has to be a clear link from mission to quality policy.

Policies are not expressed as vague statements or emphatic statements using the words may, should or shall, but clear intentions by use of the words ‘we will’

– thus expressing a commitment or by the words ‘we are, we do, we don’t, we have’ expressing shared beliefs. Very short statements tend to become slogans which people chant but rarely understand the impact on what they do. Their virtue is that they rarely become outdated. Long statements confuse people because they contain too much for them to remember. Their virtue is that they not only define what the company stands for but how it will keep its promises.

In the ISO 9001 definition of quality policy it is suggested that the eight quality management principles be used as a basis for establishing the quality policy.

One of these principles is the Customer Focus principle. By including in the quality policy the intention to identify and satisfy the needs and expectations of customers and other interested parties and the associated strategy by which this will be achieved, this requirement would be fulfilled. The inclusion of the strategy is important because the policy should guide action and decision. Omitting the strategy may not ensure uniformity of approach and direction.

The standard requires that the quality policy include a commitment to comply with requirements and continually improve the effectiveness of the quality management system.

A commitment to comply with requirements means that the organization should undertake to meet the requirements of all interested parties. This means meeting the requirements of customer, suppliers, employees, investors, owners and society. Customer requirements are those either specified or implied by customers or determined by the organization and these are dealt with in more detail under clauses 5.2 and 7.2.1. The requirements of employees are those covered by legislation such as access, space, environmental conditions, equal opportunities and maternity leave but also the legislation appropriate to minority groups such as the disabled and any agreements made with unions or other representative bodies. Investors have rights also and these will be addressed in the investment agreements. The requirements of society are those obligations resulting from laws, statutes, regulations etc.

An organization accepts such obligations when it is incorporated as a legal entity, when it accepts orders from customers, when it recruits employees, when it chooses to trade in regulated markets and when it chooses to use or process materials that impact the environment.

The effectiveness of the management system is judged by the extent to which it fulfils its purpose. Therefore improving effectiveness means improving the capability of the management system. Changes to the management system that improve its capability i.e its ability to deliver outputs that satisfy all the interested parties, are a certain types of change and not all management system changes will accomplish this. This requirement therefore requires top management to pursue changes that bring about an improvement in performance.

TAGS: quality policy

Integrating Management Systems Within The ISO 9001 Standards

Integrating Management Systems Within The ISO 9001 Standards

Today’s free market economies increasingly encourage diverse sources of supply and provide opportunities for expanding markets. Fair competition needs to be based on identifiable, clearly defined common references that are recognised from one country to the next. A standard, internationally recognised, developed by consensus among trading partners, serves as the language of trade. The International Organisation for Standardisation (ISO) has developed around 8?700, mostly technical related standards on this basis. Standards Series such as ISO 9001, ISO 14000 and what is to be known as ISO 18000 and ISO 26000 are Management related. These standards contain generic guidelines for Management Systems in the area of Quality, Environment, Occupational Health & Safety and Human Resources.

ISO is a word derived from the Greek isos, meaning “equal”. ISO 9001 Standards are developed and updated by the International Organisation for Standardisation which has around 150 member bodies. A member body of ISO is the national body “most representative of standardisation in its country”.(eg. Germany – DIN, USA – ANSI, Australia – SAA).
More than 50 countries, as well as the European Community have adopted ISO 9001 which is recognised internationally as a benchmark for measuring quality in a trade context. Since its first issue in 1987, approximately 430?000 companies have been using ISO 9000. Being a standard coming from an organisation that is usually involved in the development of technical standards, ISO 9000 is often regarded as a document that belongs in the hands of a technician exposed to production line quality control. At a closer look, however, ISO 9001 Standard Series provide guidance in the development and application of Management Systems as well as Quality Control in Manufacturing and Administration.

ISO has been developing a number of Management System Guidelines for various aspects of business. The most recent are the ISO 14000 Environmental Management System Guidelines. This is an international standard that will affect business in the near future. ISO 14000 has been designed to integrate with ISO 9001. However, apart from international standards there are local standards a company has to comply with. To remain compliant with local standards, further manuals and/or procedures are required (eg. lifting procedure in a warehouse to satisfy Work Safety requirements). A company may have several Manuals describing its Management Systems (eg. Human Resources, Quality, Security, Health/Safety, Finances). An overall link between the systems is often missing which makes the monitoring and the assessment of effectiveness difficult. Double handling of information, contradicting instructions, high maintenance costs, administrative excess and lack of overall transparency are common results.
ISO 9000 Standard Series for Quality (of) Management Systems provide generic guidance for the development of an overall Management System, ISO 14000 provides guidance for Environmental Management, etc. Transparency and monitoring of all business activities can be achieved by integrating all systems into one.
Complaints that ISO 9000 is paralysing operations and, that it does not reflect reality are usually a result of not clearly understanding how the standard can be properly structured to address the needs of a company. ISO 9000 can be structured by focusing on “best practice” process rather than the standard, by fitting the standard to the process and not the process to the standard. Having recognised this, ISO has been working on a new structure for ISO 9000, called “Vision 2000?, taking a process orientated approach to ensure that “best practice” as well as several standards can be addressed within one system. Focusing on process allows the development of a practical “working document”, providing an effective management tool. Having learned from the past, the trend to Process Orientated Management Systems started about three years ago in Europe and is finding increasing approval from certification bodies.Every company has its own culture and key individuals.
The business environment influences processes in certain ways (eg. employee market, laws, infrastructure, client, etc.)
To ensure competitiveness a company needs to ensure adequate flexibility in their system to effectively respond to changes in the business environment.
An effective system is a lean system that incorporates all necessary functions, controls of activities and “best practice” without being caught up in detail.
An effective system must also be flexible enough to enable the proper controls on outsourcing and sub-contracting of activities (eg. production, administration, service, etc.)

TAGS: iso 9001, iso 9001 standard, ISO 9001 Standards

ISO 14001 Standards Environmental Management System

Environmental Management System (EMS)

Global warming, ozone depletion, pollution and extinction of numerous species of animals. These are just a few of the environmental issues that the world faces, in the name of development. As responsible corporate citizens, SMEs can play their part in preserving our natural environment for our next generation.

Both individuals and businesses especially have a social and environmental responsibility to fulfil. With the rapid development in today’s industrialised world, the issue of preserving and managing our environment has become crucial. The increasing awareness of the importance of good environmental management systems is evidenced by the amendments made to the Environmental Quality Act 1974 and other environmental regulations which serve to ensure stricter compliance of environmental standards. Malaysia also adopted the National Environment Policy in 2002 as a means of addressing environmental issues in an integrated manner while more and more companies are striving to attain the MS14001 EMS certification.

WHAT SMEs CAN DO TO SAVE THE ENVIRONMENT
As responsible corporate citizens, SMEs have a major role to play in preserving the environment. For starters, they can help the Government to achieve its recycling goals, by creating mechanisms to facilitate the segregation of recyclable wastes and to ensure that these wastes are sent to the relevant parties instead of being dumped in landfills and illegal dumpsites. Furthermore, SMEs must also ensure that proper waste management systems are in place in conducting their day-to-day businesses.

Below are a few steps that SMEs can take to do their part for the environment:
•    Dispose off company wastes properly and responsibly.
•    Encourage employees to reuse items where possible, for example, printing on both sides of the paper, etc.
•    Practise recycling in the office, by introducing a recycling programme. Among the items that can be recycled are papers, cardboards, glass, aluminium cans and scrap metals.
•    Implementing an Environmental Management System (EMS).

WHAT IS AN ENVIRONMENTAL MANAGEMENT SYSTEM (EMS)?
An EMS provides a framework for managing environmental practices that integrates with overall business goals in a systematic way. Various models can be applied to develop, implement and maintain an EMS. One of the more common models used by industries is the model described by the ISO 14001 standard which was developed by the International Organisation for Standardisation (ISO). The ISO 14001 standard EMS model focuses on continuous improvement through an on-going cycle of actions called the continual improvement cycle which incorporates the elements of planning, doing, checking and acting.

An EMS typically begins with a strong environmental policy which describes the organisation’s approach in managing its environmental affairs and reflects its commitment to protect the environment and human well-being. The environmental policy establishes the framework for environmental leadership and serves as a contract between an organisation’s employees and its stakeholders. As such, commitment and strong support from top management is essential in making an EMS a success. Developing the environmental policy also helps to lay the groundwork for the planning phase of the EMS cycle. It is in this stage that active management support is sought, a multi-disciplinary EMS implementation team is formed and an introduction meeting is held to brief employees on the implementation of EMS. On top of that, the scope and budget for the implementation of EMS is also pre-defined. In other words, it is important that management provides all the resources necessary for the successful implementation of EMS.

CURRENT ENVIRONMENTAL PRACTICES
It is evident that some SME has put in place various initiatives to preserve the environment while utilizing resources efficiently. These initiatives include the following:

1.    Discouraging open burning in fields and plantation sites while encouraging the composting of felled trees and crops in an environmentally-friendly way which in turn prepares land for replanting by using natural fertilizer;
2.    Discouraging the use of chlorofluorocarbons (CFCs) in various industrial, commercial and household appliances; and
3.    Encouraging the recycling of resources for example, in the plastic manufacturing industry, materials are being regenerated through the forming process in an effort to reuse biodegradable products in an environmentally-friendly way.

WHAT IS WASTE MANAGEMENT?
Waste management involves collecting, transporting, processing, recycling and disposing waste materials, in an effort to reduce their adverse effects on human health and the environment. Waste materials include solid, liquid or gaseous substances. The implementation of waste management requires careful planning and also adequate financial resources and is the responsibility of all parties involved such as individuals, businesses and corporations, including SMEs.

INCENTIVES FOR ENVIRONMENTAL PROTECTION AND WASTE MANAGEMENT
In an effort to support an enhanced level of environmental pro activity, the government provides a range of fiscal activities which includes the Pioneer Status tax exemption and the Investment Tax Allowance for the manufacture of environmentally-friendly products, the provision and supply of environmentally-friendly services and specific activities which contribute towards the presentation of the environment. The said incentives are available for the following activities:

TAGS: environmental management system, ISO 14001 Standard

ISO 14001 Standard & Environmental Issues

ISO 14001 Standard & Environmental Issues

ISO 14001 is a systematic tool that enables an organization in any market sector to focus on their situation, identify the relevant environmental issues and to lessen their impact to their benefit and the environment. It is part of a global response to the recognition that we are damaging the environment in which we all live. The cause and effect of the foremost world environmental issues, which are all due to mankind, are generally too vast and too intangible for us to grasp and so the slightly cliché expression ‘think global, act local’ is very relevant. Once the EMS is implemented and to become registered to ISO 14001, the external auditor will assess your EMS in two separate stages, on site. The first stage to understand your business activities and determine formal readiness for assessment and the second to check practical compliance with ISO 14001. After registration he will return at regular intervals every year to verify continual improvement and regulatory compliance, against your set objectives and your EMS. The external auditor should be seen as a wise friend, not a policeman. He should certainly explain his findings and assist the company to find ISO 14001 registration is not a cure for all environmental problems but I hope I’ve demonstrated that it is a worthwhile, if not essential business initiative that could enable your management to better manage your business, gain commercial advantage and minimize its environmental impact.

TAGS: ISO 14000, ISO 14000 standard

How to Get an ISO 14001 Accreditation

If you are someone who is looking into getting an ISO 14001, then you may be wondering exactly why it is that you have to get this accreditation. First, you have to understand that ISO stands for the International Organisation of Standardisation. This is a series of standards that have been developed with a singular level of guidance for all companies to measure up to. The particular 14001 deals with the requirements that you will need to have in order to measure up to the environmental standards that have been set forth by the ISO.

While you do not necessarily have to get the ISO 14001 accreditation to operate your business, it is something you can do to prove to your clients and customers that you are doing your part to help out with the environment. However, you may be confused on how to go about getting this important accreditation, but it is not as difficult to attain as you might think, and most businesses should be able to get the certification within a year of the application. You should know that they will want to make sure that you have been following some form of environmental standards for at least three months prior to your application. To do this you can write an environmental review of your company’s environmental impact as it is in its current operating state. You will then want to make sure that you provide this information when you send off your initial paperwork to begin the overall process.

In order to help prove that your company is doing its part to be environmentally aware you will have to go through an initial audit once the application has been filled out and filed. After the audit has been completed you will get a list of issues that the auditor feels you need to resolve before you can be certified for the ISO 14001. You will need to work on and correct these issues before the second audit is conducted, and they will give you a time period (usually three to six months) when they will return to check on your progress.

When the second audit occurs they will once again assess the overall business and then they will address the issues that were laid out in the previous audit. If everything goes well then your company will have proven that they are doing what they can to meet the standard set forth in ISO 14001, and they will then receive accreditation. However, this is not the end of the process. Even though you are now recognised as having environmentally conscious policies that are congruent with the international standards, you will have to go through periodic audits every three years to make sure that you are still operating correctly. Not only this, but every three months partial aspects of your company will be analysed to see that they are still working within the standards as well. As long as you remain within the compliance terms you will continue to receive your ISO 14001 certification.

TAGS: iso 14001

How to Get an ISO 14001 Accreditation

If you are someone who is looking into getting an ISO 14001, then you may be wondering exactly why it is that you have to get this accreditation. First, you have to understand that ISO stands for the International Organisation of Standardisation. This is a series of standards that have been developed with a singular level of guidance for all companies to measure up to. The particular 14001 deals with the requirements that you will need to have in order to measure up to the environmental standards that have been set forth by the ISO.

While you do not necessarily have to get the ISO 14001 accreditation to operate your business, it is something you can do to prove to your clients and customers that you are doing your part to help out with the environment. However, you may be confused on how to go about getting this important accreditation, but it is not as difficult to attain as you might think, and most businesses should be able to get the certification within a year of the application. You should know that they will want to make sure that you have been following some form of environmental standards for at least three months prior to your application. To do this you can write an environmental review of your company’s environmental impact as it is in its current operating state. You will then want to make sure that you provide this information when you send off your initial paperwork to begin the overall process.

In order to help prove that your company is doing its part to be environmentally aware you will have to go through an initial audit once the application has been filled out and filed. After the audit has been completed you will get a list of issues that the auditor feels you need to resolve before you can be certified for the ISO 14001. You will need to work on and correct these issues before the second audit is conducted, and they will give you a time period (usually three to six months) when they will return to check on your progress.

When the second audit occurs they will once again assess the overall business and then they will address the issues that were laid out in the previous audit. If everything goes well then your company will have proven that they are doing what they can to meet the standard set forth in ISO 14001, and they will then receive accreditation. However, this is not the end of the process. Even though you are now recognised as having environmentally conscious policies that are congruent with the international standards, you will have to go through periodic audits every three years to make sure that you are still operating correctly. Not only this, but every three months partial aspects of your company will be analysed to see that they are still working within the standards as well. As long as you remain within the compliance terms you will continue to receive your ISO 14001 certification.

TAGS: iso 14001

Records Required by ISO 9001 Standard

Records Required by ISO 9001 Standard
ISO 9000 requires that records be kept of critical operations. Record keeping is the fourth tier of required documentation in ISO 9000, following the Quality Policy Manual, Procedures, and Work Instructions.
Questions you may have include:
•What is a record?
•What are the required records?
•What is the reason for these records?
This lesson will answer those questions. There is a mini-quiz near the end of the lesson.
What is a record?
Records consist of any historical documentation, such as summaries or meetings and reviews, specifications, invoices, results of tests and such. This is different than procedures and instructions that tell what do to. Instead, a record is the history of what has been done.
Records required
The following lists the records required under ISO 9001 version 2000, along with the referring sub-paragraph number from the standard. ISO 9002 and ISO 9003 would be subsets of this list. Of course, a company may choose to include additional records that they deem important.
Para.
Record Required
5.6.1
Management reviews
6.2.2 (e)
Education, training, skills and experience
7.1 (d)
Evidence that the realization processes and resulting product fulfill requirements
7.2.2
Results of the review of the requirements relating to the product and actions arising from the review
7.3.2
Design and development inputs
7.3.4
Results of design and development reviews and any necessary action
7.3.5
Results of design and development verification and any necessary action
7.3.6
Results of design and development validation and any necessary action
7.3.7
Results of the review of design and development changes and any necessary action
7.4.1
Results of supplier evaluations and actions arising from evaluations
7.5.2 (d)
As required by the organization to demonstrate the validation of processes where subsequent monitoring and measurement cannot verify the resulting output
7.5.3
Unique identification of the product, where traceability is a requirement
7.5.4
Customer property that is lost, damaged, or otherwise found to be unsuitable for use
7.6 (a)
Standards used for calibration or verification of measuring equipment where no international or national measurement standards exist
7.6
Validity of previous results when measuring equipment is found not to conform to its requirements
7.6
Results of calibration or verification of measuring equipment
8.2.2
Internal audit results
8.2.4
Evidence of product conformity with the acceptance criteria and indication of the authority responsible for the release of the product
8.3
Nature of the product nonconformities and any subsequent actions taken, including concessions obtained
8.5.2
Results of corrective actions
8.5.3
Results of preventive actions
Reason for records
The reason to keep records is for future use as a reference in case of questions related to contractual and legal matters, work techniques, verification of work done, and other parts essential to the company running smoothly. The company management should use sound judgment as to what records are non-essential and how long to keep a specific record.

TAGS: iso 9001

ISO 9001 Standards Gap Analysis

ISO 9001 Standards Gap Analysis

One of the first steps in implementing ISO 9000 is to perform a gap analysis. This is the technical name for an initial comparison of the Quality Management System to the ISO 9001:2008 Standard. The goal in find the gap between the standard and the QMS. The Gap Analysis will establish the scope of the implementation project and will therefore be important information for determining the amount of resources that will be required to complete the project in the given timeline.
Typically the gap analysis is based on a Gap Analysis checklist. These can be purchased from several different sources on the web ( like theISOstore.com). A second option is to use the internal audit checklist from this web site as a gap analysis checklist. Either way, the key to have a list of questions based on the standard that will uncover any weaknesses in the QMS before the project begins.
Gap Analysis Auditors
Performing gap analysis is best done by someone who is familiar with the ISO 9001 standard. If the company has no one with this experience, then consider outside training for the person who will be the lead internal auditor. Without grasping the goals behind the standard, you and your company can waste a lot of time improperly documenting flaws and over engineering solutions.
Performing a Gap Analysis
I recommend performing a basic ISO 9000 awareness training before the gap analysis. The awareness training will help reduce fear or resistance to the change that sometimes comes with a large company wide project. Once everyone understands the goals of the ISO project and is ready to be audited, start the gap analysis in sections. Covering sections 4,5,6,7 and 8 all in one audit is a mind melting experience. Start with section 4 to see how fast you can properly document the a section. Then schedule the remaining section based on your experience.
As you go through each section, you will either find that a system is already in place that meets the requirements of the ISO9001 standard or you will write a finding for that section. If you find that the system is in place, simply log the document numbers on the gap analysis sheet and move on. If you find that a large portions of the quality systems are missing, then you can write the equivalent of a major finding with a larger scope and not waste too much time listing every detail of what is missing.
How to use the result of the gap analysis
Once you have completed the gap analysis, you will have a list of missing or under-developed documents, records and systems. If you use the checklist from this web site, the result of the gap analysis will be a list of individual item that must be corrected. If the check sheet said “what document is used to the describe record retention?” and you found no document, then the document should be created. Once you feel that everything is in place, then you will want to repeat the audit to confirm that you can answer every question on the internal audit checklist with a positive response.
If the gap analysis show that your systems are in relatively good shape with some area for improvement, then I would make the gap analysis the first record in your internal audit notebook. This will help build a history of audits. If the gap analysis shows major flaws, you may want to fix them and then perform an internal audit as the first record to meet your internal auditing requirements. External auditor will frequently look at your internal auditing records to see if there are any blatant problems with the QMS, so don’t make their job too easy.

TAGS: iso 9001