ISOscribe

"Membuat Kualitas melalui Kata-kata: Perjalanan Seorang Blogger ke Dunia Sistem Manajemen ISO"

IV. ISO 9001 Internal Audit Preparation

  September 23, 2023    



The Internal Audit phase is a critical checkpoint in the ISO 9001 certification process. Led by the Management Representative (MR), this phase involves conducting a thorough examination of the organization's Quality Management System (QMS) to ensure its compliance with ISO 9001 requirements. Internal audits provide insights into the effectiveness of the QMS and identify areas that may require improvement. Let's delve into the key steps and requirements involved in the Internal Audit phase:

A. Establishing an Audit Plan

The MR should develop a comprehensive audit plan that outlines the scope, objectives, criteria, and schedule of the internal audit. This plan serves as a roadmap for the audit process and ensures that all relevant processes and areas are systematically reviewed. The audit plan should also define the roles and responsibilities of the audit team members.

Reading Sources:
  • Tukel, O. I. (2016). Developing an ISO 9001 audit checklist: A case study. Total Quality Management & Business Excellence, 27(11-12), 1249-1263.
  • Kasperskaya, Y., & Dumea, A. (2015). Evaluation and improvement of audit planning and effectiveness. Procedia Economics and Finance, 26, 715-719.

B. Conducting the Internal Audit

During the audit, the MR and the audit team should review the QMS processes, procedures, and documentation against the ISO 9001 requirements. This involves conducting interviews, examining records, and observing processes to verify their alignment with the standard. The audit team should remain impartial and approach the audit objectively.

Reading Sources:
  • Pivac, T., & Pivac, S. (2016). Key performance indicators for quality management in procurement. Total Quality Management & Business Excellence, 27(7-8), 800-818.
  • Liu, F. H. F., & Hai, H. L. (2005). The case study as a research method: A practical handbook. HKU Press.

C. Identifying Non-Conformities

As part of the audit, the MR and the audit team should identify any non-conformities or deviations from ISO 9001 requirements. These non-conformities could be related to processes, documentation, or the overall QMS. Each non-conformity should be documented with clear descriptions, evidence, and references to the specific ISO 9001 clause.

Reading Sources:
  • Vineyard, B. S., Sanders, J. A., & Hildreth, P. M. (2012). Auditing and assurance services. Cengage Learning.
  • Ross, S. A., Westerfield, R. W., & Jaffe, J. (2017). Corporate finance. McGraw-Hill Education.

D. Reporting and Corrective Action

After completing the audit, the MR should compile an audit report that summarizes the findings, including any non-conformities identified. The report should be clear, concise, and include recommendations for corrective actions. If non-conformities are found, the MR should ensure that the organization takes prompt corrective actions to address them.

Reading Sources:
  • Kara, A., & Spillan, J. E. (2016). ISO 9001:2015 Transition: A practical guide for internal auditors. Quality Progress, 49(2), 52-57.
  • Gitinavard, H., Salehi, M., & Khademi, M. (2017). Developing a Framework for Internal Audit of ISO 9001: 2015 Quality Management System in SMEs. Total Quality Management & Business Excellence, 28(9-10), 1041-1056.

E. Continuous Improvement

Internal audits provide valuable insights into the organization's QMS and processes. The MR should ensure that the corrective actions taken are not just reactive but also contribute to continuous improvement. Lessons learned from audits should be used to refine processes, enhance documentation, and strengthen the overall QMS.

Reading Sources:
  • Ahire, S. L., Dreyfus, P., & Narkhede, B. (2003). A comprehensive framework for selecting an ERP system. International Journal of Production Research, 41(14), 3189-3200.
  • Kara, A., & Kaynak, H. (2003). The effect of management commitment to service quality on employees' affective and performance outcomes. Journal of Operations Management, 21(5), 491-511.

Conclusion

Internal audits play a crucial role in assessing the organization's readiness for ISO 9001 certification. By establishing a well-defined audit plan, conducting comprehensive audits, identifying non-conformities, reporting findings, and promoting continuous improvement, the MR ensures that the organization's QMS aligns with ISO 9001 requirements. This phase not only serves as a checkpoint for certification but also contributes to the organization's ongoing commitment to quality enhancement and customer satisfaction.

  

  No Comments

III. Implementing a quality management system

  September 16, 2023    
After the organization has identified its needs and developed a clear implementation plan, the next crucial phase is the actual implementation of the ISO 9001 Quality Management System (QMS). This phase, led by the Management Representative (MR), involves translating plans into action by integrating ISO 9001 principles and requirements into the organization's operations. Here's a detailed breakdown of the key steps involved in implementing the QMS:

A. Process Alignment and Documentation

The MR, along with the relevant teams, should begin aligning the organization's existing processes with the ISO 9001 requirements. This involves reviewing and revising process workflows, procedures, and work instructions to ensure they adhere to the QMS principles. All relevant documents should be updated to reflect the standardized processes.

Reading Sources:
  • Andersen, B. (2008). ISO 9001:2000 in brief (2nd ed.). CRC Press.
  • Kara, A., & Kaynak, H. (2003). The effect of management commitment to service quality on employees' affective and performance outcomes. Journal of Operations Management, 21(5), 491-511.

B. Training and Awareness

It's essential that all employees are aware of the changes and new processes introduced as part of the QMS implementation. The MR should coordinate training sessions to educate employees about the ISO 9001 requirements, the benefits of the QMS, and how it will impact their roles and responsibilities.

Reading Sources:
  • Hendricks, K. B., & Singhal, V. R. (1997). Does implementing an effective TQM program actually improve operating performance? Empirical evidence from firms that have won quality awards. Management Science, 43(9), 1258-1274.
  • Elmuti, D., & Kathawala, Y. (1997). An overview of ISO 9000 and its impact on quality management practices. International Journal of Quality & Reliability Management, 14(6), 527-541.

C. Continuous Monitoring and Measurement

Implementing the QMS involves continuous monitoring and measurement of processes, key performance indicators (KPIs), and objectives. The MR should set up mechanisms to track progress, identify deviations, and take corrective actions promptly. Regular reviews help ensure that the QMS stays aligned with ISO 9001 requirements.

Reading Sources:
  • Singh, R. K., & Garg, S. K. (2008). Prioritization of agility enablers in the supply chain of an Indian process industry. Journal of Manufacturing Technology Management, 19(1), 34-56.
  • Rahman, S. U., & Bullock, P. (2005). Soft TQM, hard TQM, and organisational performance relationships: an empirical investigation. Omega, 33(1), 73-83.

D. Employee Engagement and Communication

The successful implementation of the QMS requires the active involvement and commitment of all employees. The MR should foster an environment of open communication, encourage feedback, and promote employee engagement in the QMS processes. Regular communication about the QMS's benefits and progress can create a sense of ownership and dedication among employees.

Reading Sources:
  • Al-Bashir, A., & Ibrahim, A. (2014). Exploring the relationship between quality management practices and organizational performance in the service industry: A conceptual framework. International Journal of Quality & Reliability Management, 31(6), 609-642.
  • Talib, F., Rahman, Z., & Qureshi, M. N. (2013). An empirical investigation of relationship between total quality management practices and quality performance in Indian service companies. International Journal of Quality & Reliability Management, 30(3), 280-318.

E. Integration of Feedback Mechanisms

The MR should establish effective feedback mechanisms that allow employees to report issues, suggest improvements, and voice concerns related to the QMS. This integration of feedback ensures that the QMS remains adaptable and responsive to the evolving needs of the organization.

Reading Sources:
  • Santos-Vijande, M. L., López-Sánchez, J. Á., & Trespalacios, J. A. (2012). How organizational learning affects a firm's flexibility, competitive strategy, and performance. Journal of Business Research, 65(8), 1079-1089.
  • Vouzas, F., & Psychogios, A. G. (2015). ISO 9001 and service quality: In search of a missing link. Total Quality Management & Business Excellence, 26(7-8), 881-899.

Conclusion

Implementing the ISO 9001 Quality Management System requires meticulous effort and a cohesive approach led by the MR. By aligning processes, providing necessary training, ensuring continuous monitoring, promoting employee engagement, and integrating feedback mechanisms, the organization can successfully transition to a system that adheres to the ISO 9001 requirements. This phase transforms the QMS from theory to practice, setting the foundation for a culture of quality, continuous improvement, and enhanced customer satisfaction.

  

  No Comments

ISO 9001 common non-conformance examples and How to Address Them

  September 10, 2023    

Introduction: In this article, we will explore the prevalent non-conformances frequently encountered during ISO 9001:2015 quality management system audits. These common issues have been compiled from experiences, and categorized by the relevant clauses or sections of the standard. By addressing these non-conformances, organizations can enhance their compliance with ISO 9001:2015.

Clause 4: Identification of Interested Parties and Process Monitoring One significant change introduced in the 2015 version of ISO 9001 is the requirement to identify and define interested parties. Unfortunately, many organizations are falling short in this regard. It is crucial for your organization to meet this new requirement. Additionally, in Clause 4, we find that many companies are struggling to fulfill the requirement of monitoring and measuring processes. Ensuring your processes are adequately monitored is essential for maintaining the quality management system's effectiveness.

Clause 6: Planning Actions for QMS Changes and Risk Evaluation Another noteworthy addition in ISO 9001:2015 is the requirement for planning actions when making changes to the Quality Management System (QMS). Many organizations are failing to comply with this requirement. Furthermore, auditors are frequently discovering issues with organizations properly evaluating risks. It is imperative to evaluate risks comprehensively across your entire organization, including areas often overlooked, such as warehouses and external factors.

Clause 7: Accuracy in Measurement Devices and Record-Keeping Accurate measurement devices are mandatory in Clause 7. Organizations must ensure they use appropriate measuring tools to avoid inaccuracies. Additionally, maintaining records of training, education, and ongoing findings is essential. This record-keeping helps track progress and compliance with ISO 9001:2015 requirements.

Clause 8: Control of Operations and Vendor Approval Clause 8 focuses on the control of operations, and auditors frequently identify issues with first-piece and receiving inspections. It is also essential for organizations to have a robust process for approving vendors and eliminating those that do not meet ISO 9001:2015 requirements. Many organizations neglect to define the materials involved in their processes, leading to non-conformances. Prior to audits, organizations should thoroughly examine their operations to ensure compliance with requirements.

Clause 9: Internal Audits and Risk Mitigation Despite language changes, internal audits in Clause 9 have remained largely consistent between the 2008 and 2015 versions. However, auditors often discover organizations failing to meet the requirements, with common shortcomings including the lack of addressing risk mitigation or actions related to QMS performance. It is crucial for an organization's internal auditor to identify and address these shortcomings.

Clause 10: Non-Conformances and Corrective Actions, Including Customer Complaints Clause 10 addresses non-conformances and corrective actions, with the added inclusion of addressing customer complaints in ISO 9001:2015. While customer complaints are often recorded, organizations frequently fall short of meeting the requirements due to a lack of defined corrective actions. It is vital for organizations to establish clear processes for addressing non-conformances, including those arising from customer complaints.

Conclusion: By recognizing and addressing these common non-conformances in ISO 9001:2015 quality management systems, organizations can enhance their compliance, improve their processes, and ultimately maintain a robust and effective QMS. Regular self-assessment and proactive measures will contribute to long-term success in meeting ISO 9001:2015 requirements.

Reading sources:

Here are some reading sources that can provide further information on common ISO 9001:2015 non-conformances and how to address them:
  • ISO 9001:2015 Standard:
The primary source is the ISO 9001:2015 standard itself. Reading the standard will provide you with a comprehensive understanding of its requirements and how to comply with them. You can obtain a copy of the standard from the ISO website or through your national standards body.
  • ISO.org:
The International Organization for Standardization (ISO) website (www.iso.org) offers a wealth of information and resources related to ISO standards. You can find articles, guides, and publications specific to ISO 9001:2015 and its implementation.
  • ISO 9001:2015 Handbook:
Consider reading handbooks or guides specifically written to explain ISO 9001:2015 and its practical implementation. Such resources often provide insights into common non-conformances and tips on how to address them.
  • Quality Management System Books:
There are numerous books available on quality management systems and ISO 9001. Look for reputable authors who discuss ISO 9001:2015 compliance, non-conformances, and corrective actions. Some recommended books include "ISO 9001:2015 Explained" by Charles Cianfrani and "ISO 9001:2015 Internal Audits Made Easy" by Ann W. Phillips.
  • Industry Journals and Magazines:
Industry-specific journals and magazines often feature articles on ISO 9001:2015 implementation and common challenges faced by organizations. Examples include "Quality Progress" and "Quality Digest."
  • Online Forums and Communities:
Participating in online forums and communities related to quality management and ISO 9001 can provide practical insights and real-world experiences from professionals and organizations. Websites like LinkedIn and specialized forums like Elsmar Cove can be valuable resources.
  • Training and Certification Courses:
Consider enrolling in ISO 9001:2015 training and certification courses offered by accredited organizations. These courses often cover common non-conformances and best practices for compliance.
  • Consulting Firms and Auditors:
Consulting firms and ISO auditors often publish articles and case studies related to ISO 9001 implementation. Their websites and publications can be excellent sources of information.
  • Regulatory and Accreditation Bodies:
Check with your local regulatory and accreditation bodies, as they may provide guidance documents and resources related to ISO 9001 compliance and common non-conformances.

Remember to verify the credibility and relevance of the sources you consult, as ISO standards and quality management practices may evolve over time. Keeping up-to-date with the latest information and best practices is crucial for successful ISO 9001 implementation and compliance.

  

  No Comments

Risk Management Procedure Sample

  September 09, 2023    

Here's a sample Risk Management Procedure that you can use as a starting point for your organization's quality management system. This procedure outlines how risks are identified, assessed, managed, and monitored to prevent issues and support continual improvement.
.......................................

Risk Management Procedure

Purpose:

This Risk Management Procedure is established to identify, assess, manage, and monitor risks within the organization to prevent issues, improve decision-making, and support the achievement of quality objectives in accordance with ISO 9001:2015 requirements.

Scope:

This procedure applies to all employees and departments within the organization responsible for identifying, assessing, and managing risks.

Responsibilities:

1. Risk Management Team: The Risk Management Team is responsible for coordinating and overseeing the risk management process.
2. Department Heads/Managers: Department heads and managers are responsible for identifying and assessing risks within their areas of responsibility.

Procedure:

1. Risk Identification:

a. Employees are encouraged to identify and report potential risks and opportunities within their areas of responsibility.
b. Department heads and managers regularly conduct risk assessments in their respective departments.

2. Risk Assessment:

a. Risks are assessed based on their potential impact and likelihood of occurrence.
b. Risk assessments may consider factors such as financial impact, operational disruption, safety, compliance, and customer satisfaction.
c. Risks are categorized as high, medium, or low based on their severity.

3. Risk Mitigation:

a. The Risk Management Team develops risk mitigation plans for high and medium-risk items.
b. Mitigation plans include specific actions, responsibilities, timelines, and resources required to reduce or eliminate the risk.

4. Risk Monitoring:

a. The status of risk mitigation plans is regularly reviewed by the Risk Management Team.
b. Progress is documented, and adjustments are made as needed to achieve risk reduction goals.

5. Risk Reporting:

a. Risk reports are prepared periodically to summarize the status of identified risks, mitigation efforts, and outcomes.
b. Reports are communicated to relevant stakeholders, including top management.

6. Risk Review:

a. The organization conducts periodic risk reviews to assess the effectiveness of the risk management process.
b. Reviews consider changes in the business environment, new risks, and the performance of existing risk mitigation efforts.

7. Documentation and Records:

a. All risk assessments, mitigation plans, and monitoring activities are documented and retained.
b. Records are maintained for a specified period as per the organization's document retention policy.

8. Continuous Improvement:

a. Lessons learned from risk assessments and mitigation efforts are used to drive continual improvement in risk management processes and decision-making.
b. The organization seeks opportunities to capitalize on identified opportunities.

Review and Audit:

This Risk Management Procedure shall be reviewed and audited periodically to ensure its effectiveness and compliance with ISO 9001:2015 requirements.

.......................................

Please customize this procedure to align with your organization's specific processes and requirements. Additionally, ensure that you follow any relevant industry-specific regulations or standards that may apply to risk management.

  

  No Comments

Customer Complaint Handling Procedure Sample

  September 09, 2023    

Here's a sample Customer Complaint Handling Procedure that you can use as a starting point for your organization's quality management system. This procedure outlines how customer complaints are received, documented, investigated, resolved, and analyzed to enhance customer satisfaction and identify areas for improvement.

Customer Complaint Handling Procedure

Purpose:

This Customer Complaint Handling Procedure is established to ensure that customer complaints are effectively and consistently managed to address customer concerns, improve customer satisfaction, and identify opportunities for continual improvement.

Scope:

This procedure applies to all employees and departments within the organization responsible for receiving, investigating, resolving, and analyzing customer complaints.

Responsibilities:

1. Customer Service Representatives: Customer service representatives are responsible for receiving and initially documenting customer complaints.
2. Quality Assurance Department: The Quality Assurance Department is responsible for overseeing the complaint-handling process, conducting investigations, and ensuring effective resolution.

Procedure:

1. Complaint Receipt:

a. Customer complaints may be received through various channels, including phone, email, website forms, or in person.
b. All complaints are recorded promptly, and the date of receipt is documented.

2. Initial Documentation:

a. Customer service representatives gather essential information from the complainant, including contact information, a detailed description of the complaint, and any relevant supporting documents.
b. Complaints are classified based on their nature and severity.

3. Complaint Registration:

a. Complaints are assigned a unique reference number for tracking purposes.
b. The complaint details are recorded in a central complaint management system.

4. Investigation and Analysis:

a. The Quality Assurance department conducts a thorough investigation of the complaint, involving relevant departments or personnel as necessary.
b. Root cause analysis is performed to determine the underlying reasons for the complaint.

5. Resolution:

a. Once the investigation is complete, the organization takes corrective actions to address the root causes of the complaint.
b. Corrective actions may include process improvements, product revisions, or other measures to prevent recurrence.

6. Communication with the Customer:

a. The organization communicates with the customer to inform them of the resolution or proposed corrective actions.
b. Customers are provided with a timeline for resolution if applicable.

7. Follow-up and Closure:

a. After corrective actions have been implemented, the organization follows up with the customer to ensure their satisfaction and verify that the complaint has been resolved to their satisfaction.
b. The complaint is marked as closed in the complaint management system.

8. Documentation and Records:

a. All details related to the complaint, including the investigation, corrective actions, and customer communication, are documented and retained.
b. Records are maintained for a specified period as per the organization's document retention policy.

9. Complaint Analysis:

a. Periodic analysis of customer complaints is conducted to identify trends, recurring issues, and areas for improvement.
b. The Quality Assurance department reviews complaint data to drive continual improvement efforts.

Review and Audit:

This Customer Complaint Handling Procedure shall be reviewed and audited periodically to ensure its effectiveness and compliance with ISO 9001:2015 requirements.

Please customize this procedure to align with your organization's specific processes and requirements. Additionally, ensure that you follow any relevant industry-specific regulations or standards that may apply to customer complaint handling.

  

  No Comments

Supplier Evaluation and Control Procedure Sample

  September 09, 2023    

Here's a sample Supplier Evaluation and Control Procedure that you can use as a starting point for your organization's quality management system. This procedure outlines how suppliers are selected, evaluated, and monitored to ensure they meet the organization's quality requirements.
.............................

Supplier Evaluation and Control Procedure

Purpose:

This Supplier Evaluation and Control Procedure is established to ensure that suppliers are selected, evaluated, and monitored to ensure they consistently provide products or services that meet the organization's quality requirements and standards.

Scope:

This procedure applies to all departments within the organization responsible for supplier selection, evaluation, and monitoring.

Responsibilities:

1. Procurement Department: The Procurement department is responsible for supplier selection, evaluation, and ongoing supplier management.
2. Quality Assurance Department: The Quality Assurance Department is responsible for conducting supplier audits and assessments as needed.

Procedure:

1. Supplier Selection:

a. The Procurement department identifies potential suppliers based on the organization's needs and requirements.
b. Supplier selection criteria are established, considering factors such as product or service quality, price, delivery capabilities, reputation, and compliance with relevant standards and regulations.
c. Suppliers are assessed for their ability to meet the organization's quality requirements and standards.

2. Initial Supplier Evaluation:

a. The Procurement department conducts an initial evaluation of potential suppliers, which may include reviewing supplier documentation, quality certificates, and conducting interviews.
b. Initial supplier evaluations are documented, and a decision is made regarding whether to engage the supplier.

3. Supplier Performance Metrics:

a. Key performance metrics are established to assess supplier performance, including quality, delivery, responsiveness, and reliability.
b. Supplier performance metrics are communicated to the supplier and are included in supplier agreements or contracts.

4. Regular Performance Evaluation:

a. Supplier performance is regularly evaluated based on established metrics.
b. Performance evaluations may include quality audits, on-time delivery assessments, and feedback from internal stakeholders.
c. Performance evaluations are documented and tracked over time.

5. Supplier Development:

a. If a supplier's performance falls below acceptable levels, the organization may work with the supplier to identify and address areas for improvement.
b. Supplier development plans are created and implemented as needed.

6. Supplier Audits:

a. Periodic supplier audits may be conducted to assess compliance with quality requirements, standards, and regulations.
b. Supplier audits are typically conducted by the Quality Assurance department or a designated auditing team.

7. Communication and Feedback:

a. Open communication channels are established with suppliers to address any issues, concerns, or improvement opportunities.
b. Feedback from internal stakeholders, such as production, quality, and procurement teams, is collected and considered when evaluating supplier performance.

8. Supplier Rating:

a. Supplier performance is rated based on established criteria and performance metrics.
b. Supplier ratings may influence decisions regarding the continuation of the supplier relationship.

Review and Audit:

This Supplier Evaluation and Control Procedure shall be reviewed and audited periodically to ensure its effectiveness and compliance with ISO 9001:2015 requirements.

............................

Please customize this procedure to align with your organization's specific processes and requirements. Additionally, ensure that you follow any relevant industry-specific regulations or standards that may apply to supplier evaluation and control.

  

  No Comments

Training and Competency Procedure Sample

  September 09, 2023    

Here's a sample Training and Competency Procedure that you can use as a starting point for your organization's quality management system. This procedure outlines how training needs are identified, training plans are developed, and employee competency is monitored to ensure that all employees have the skills and knowledge required for their roles.
........................................

Training and Competency Procedure

Purpose:

This Training and Competency Procedure is established to ensure that employees receive the necessary training, development, and assessment to perform their job functions effectively and in compliance with ISO 9001:2015 requirements. The objective is to enhance employee skills and maintain a competent workforce.

Scope:

This procedure applies to all employees and departments within the organization responsible for identifying training needs, planning training programs, and assessing employee competencies.

Responsibilities:

1. Department Heads/Supervisors: Department heads and supervisors are responsible for identifying training needs, developing training plans, and ensuring employees receive the necessary training.
2. Human Resources (HR) Department: The HR department is responsible for maintaining training records and coordinating training activities.
3. Employees: Employees are responsible for actively participating in training programs and seeking opportunities for professional development.

Procedure:

1. Training Needs Identification:

a. Department heads and supervisors regularly assess the skills and knowledge required for each job function within their department. 
b. Training needs are identified based on job requirements, changes in technology, regulatory updates, and employee performance evaluations. 
c. Training needs are documented, and a training plan is developed for each employee.

2. Training Plan Development:

a. Training plans outline the training objectives, methods, duration, and resources required to address the identified training needs.
b. Training plans are tailored to individual employees, taking into consideration their roles and responsibilities.
c. The HR department maintains a master training plan that tracks all planned training activities.

3. Training Delivery:

a. Training is delivered through various methods, including classroom sessions, online courses, on-the-job training, workshops, and external training programs.
b. Trainers or instructors are selected based on their expertise and experience in the subject matter.

4. Training Records:

a. The HR department maintains records of all training activities, including training dates, topics, attendees, and results.
b. Training records are periodically reviewed to ensure compliance with training plans.

5. Competency Assessment:

a. Competency assessments are conducted to evaluate employees' knowledge and skills after completing training.
b. Assessment methods may include written tests, practical demonstrations, or on-the-job evaluations.

6. Competency Monitoring:

a. The competency of employees is monitored regularly through performance evaluations, feedback, and observation.
b. If competency gaps are identified, additional training or support is provided to address these gaps.

7. Training Effectiveness Evaluation:

a. The effectiveness of training programs is periodically evaluated to ensure they meet their intended objectives.
b. Feedback from employees and supervisors is collected and considered for continuous improvement.

Review and Audit:

This Training and Competency Procedure shall be reviewed and audited periodically to ensure its effectiveness and compliance with ISO 9001:2015 requirements.

......................................

Please customize this procedure to align with your organization's specific processes and requirements. Additionally, ensure that you follow any relevant industry-specific regulations or standards that may apply to training and competency.

  

  No Comments

Langganan: Postingan (Atom)