Sunday, October 9, 2011

Implementing ISO 9001 Standards

Implementing ISO 9001 standards

If you have your own business and now you are looking for ISO 9001 certification for quality standards for business to make your business products more reliable to the customers. To be in the market for any business, it needs quality and for quality any business needs to follow quality standards, so ISO 9001 Standards developed many quality standards as per different -different business areas.

ISO 9001 Standards is a generic quality standard and can be applied to any organization but before applying it, a process starts with pre-assessment audits and passes through on-going maintenance. The process of implementing ISO 9001 includes identifying, collecting and organizing the information required for certification.

For implementing ISO 9001 standards, any organization needs to hire a consultant because detailed knowledge of ISO standards is essential before successfully applying it. A consultant will analyze your organization structure, your products and their standards and will make a complete plan as per ISO standards for your organization.To hire a consultant is easiest way because they have complete knowledge of ISO standards and they perform various activities like provides class room training to your business employee about ISO 9000 standards

An ISO consultant performs the various activities and explains the course objectives :

• understand the purpose of ISO 9000: 2005, ISO 9001: 2008, ISO 9004: 2000, ISO 19011: 2002 etc. standards and their interrelationship

• describe the purpose of Quality Management Systems and 8 Quality Management Principles

• Interpret the ISO 9001: 2008 in the context of audit

•Plan and conduct an audit in accordance with guidelines as per ISO 19011: 2002, gather objective evidence via various methods and determine conformity to the requirements of Quality Management Systems

• Develop understanding of Roles & Responsibilities of Lead Auditors

Hiring a Consultant is a better and easiest way to implement ISO in your organization

How to Get an ISO 14001 Accreditation

If you are someone who is looking into getting an ISO 14001, then you may be wondering exactly why it is that you have to get this accreditation. First, you have to understand that ISO stands for the International Organisation of Standardisation. This is a series of standards that have been developed with a singular level of guidance for all companies to measure up to. The particular 14001 deals with the requirements that you will need to have in order to measure up to the environmental standards that have been set forth by the ISO.

While you do not necessarily have to get the ISO 14001 accreditation to operate your business, it is something you can do to prove to your clients and customers that you are doing your part to help out with the environment. However, you may be confused on how to go about getting this important accreditation, but it is not as difficult to attain as you might think, and most businesses should be able to get the certification within a year of the application. You should know that they will want to make sure that you have been following some form of environmental standards for at least three months prior to your application. To do this you can write an environmental review of your company’s environmental impact as it is in its current operating state. You will then want to make sure that you provide this information when you send off your initial paperwork to begin the overall process.

In order to help prove that your company is doing its part to be environmentally aware you will have to go through an initial audit once the application has been filled out and filed. After the audit has been completed you will get a list of issues that the auditor feels you need to resolve before you can be certified for the ISO 14001. You will need to work on and correct these issues before the second audit is conducted, and they will give you a time period (usually three to six months) when they will return to check on your progress.

When the second audit occurs they will once again assess the overall business and then they will address the issues that were laid out in the previous audit. If everything goes well then your company will have proven that they are doing what they can to meet the standard set forth in ISO 14001, and they will then receive accreditation. However, this is not the end of the process. Even though you are now recognised as having environmentally conscious policies that are congruent with the international standards, you will have to go through periodic audits every three years to make sure that you are still operating correctly. Not only this, but every three months partial aspects of your company will be analysed to see that they are still working within the standards as well. As long as you remain within the compliance terms you will continue to receive your ISO 14001 certification.

Is Green Business Really Environmentally Sustainable ?

Is Green Business Really Environmentally Sustainable ?

Green Business is about a good management of a range of issues including reduced carbon footprint and good energy management but also including a broader environmental sustainability, within a practical environmental management system. The most effective system is ISO 14001. Many other approaches are less than effective

There is a wide variety of concepts that are understood by some as environmental management systems or EMS and this varies in different industries. The concept has evolved over time. Essentially the name says it all – A system to enable the business owner or manager to manage environmental problems both real and potential.

Owners and managers setting out to have a green business do not always achieve their aim of environmental sustainability and may not even include reduced carbon footprint and good energy management.

Many industry groups have developed industry wide simplistic programs that they call EMS that actually miss the S for system and some really only have a checklist approach that is based on an “average” or “typical” business in that industry. So effectively they also miss much of the environment. Many do not really involve any management either. Some are very superficial in the way that they select the environmental aspects they manage because they have been drawn up to be generic and cut out the need for the business owner to stop and think. In this case it is difficult to understand how any process of continual improvement can result.

One of these programs are as simple as a checklist, or what many involved call a “tick and flick” exercise. These are barely even educational for the business owner and have no ongoing benefits like reduction of costs or legal protection.

Even where the business owners and or managers spend a lot of time filling in forms and communicating with neighbours, there is often a real lack of understanding of how to identify and varied environmental risks in an individual businesses and why these need to be manage. They can easily miss things and even find they are risking legal implications in areas that are not typical and so not covered by the so called system..

An effective management system needs individual businesses to identify and understand what their environmental risks are or may be. These risks need to be managed and there also needs to be a feedback system going into a regularly reviewed system for continual improvement. This can be enhanced with auditing by qualified independent auditors, whether internal or external; although the greatest benefit does come from employing and independent external auditing body such as a certification body.

There were some early ISO 14001 systems that gave the system a bad name because they were based on outdated engineering and military approaches to ISO systems are overly paper heavy and full of jargon. These were not suitable for small business and farms. These systems have given ISO 140001 a bad name in some circles.

Unfortunately many consultants have come from an old style quality management background without any real understanding of or training in the environment. The training to upgrade from quality auditing only involves doing a three day seminar with a minimal assessment by a training organization. Then they audit with a rigid paper based approach and do a serious disservice to both their clients and to the auditing industry.

Small to medium businesses benefit from a simpler approach based on a real understanding of the issues involved and a genuine understanding of risks. Such systems are based on ISO 14001 and have a real emphasis on keeping things simple and minimizing paperwork. These give very real benefits to the businesses involved.

Sample ISO 9001 Internal Auditing Procedure

1. PURPOSE
The purpose of this procedure is to define the steps that follows in planning, performing, reporting, recording, and following up on internal audits.
conducts internal audits to determine whether the quality management system:
- Conforms to planned arrangements, to the requirements of ISO 9001 and to the quality management system requirements established by (QMS Manual policies, procedures, work instructions, and forms)
- Is effectively implemented and maintained.

2. SCOPE
This procedure applies to all company personnel who are responsible for planning, development, use, and maintenance of the quality management system.

3. DEFINITIONS
None

4. REFERENCES
4.1 Quality Manual,
5. ASSOCIATED DOCUMENTS
5.1 Audit Check List,
5.2 ERC/ERO Procedure,
5.4 Audit Schedule,
5.3 Audit Notebook

6. PROCEDURE
NOTE 1: This procedure is typically initiated about four weeks prior to the execution of an internal audit as called for by ’s audit schedule. The audit schedule is established and maintained by The Quality Assurance Manager.
NOTE 2: Every element in the quality system is audited on a regular basis and at minimum of once per year. Activities are audited more frequently if there are significant changes taking place (i.e., many new hires/high turnover of personnel, modified procedures and work instructions, etc.) or if there is a history of problems in that area.
NOTE 3: Only qualified personnel may perform internal auditing activities. These qualified personnel are classified as internal auditors and have received the following training as a minimum: 1 day training on internal auditing techniques, 1 day training on the ISO 9001 Standard, this training may be performed by previously trained internal auditors.

6.1 AUDIT PLANNING, COORDINATION, AND PREPARATION
6.1.1 The Quality Assurance Manager defines the specific criteria, scope, methods, and objectives for the upcoming internal audit based on the status, maturity, and importance of specific elements in ’s quality system.
Audits shall be carried out to a defined scope and shall be as follows,
a) Planned: as per the internal audit plan
b) Unplanned: arising as a result of,
- Customer complaints
- Following the implementation of actions defined in a corrective action report
- Following the identification of additional or amended procedures for products
NOTE 4: In planning the particular audit, these activities include determining the extent and boundaries of the audit (locations, activities, processes); set of policies, procedures and/or requirements to be audited against; auditing methods; and audit objectives.
6.1.2 The Quality Assurance Manager selects the appropriate auditor to ensure objectivity and impartiality of the audit process.
6.1.3 The Quality Assurance Manager and the auditor review the proposed audit program to ensure that it is consistent with and effective for the defined audit criteria, scope, methods, and objectives.
6.1.4 Prior to the audit date, auditor reviews the appropriate quality system documentation, records of completed corrective and preventive actions, and past audit findings for the activities to be audited, and then develops a checklist covering the quality system elements and activities to be audited.

6.2 INTERNAL QUALITY AUDIT INVESTIGATION

6.2.1 The auditor will contact the personnel in the area being audited at the time indicated on the audit program, and briefly review the audit criteria, scope, methods and objectives with them.
NOTE 5: The checklists only serve as a guide to the auditors, and other areas may be investigated as deemed necessary by the auditors or as requested by the auditee.
6.2.2 When a nonconformance is identified, the auditor presents the nature of the nonconformity and the evidence to the personnel involved for verification, clarification, and addresses any questions or concerns that the personnel may have, as well as to give advice, when requested, regarding any problems which are uncovered.
6.2.3 If the nonconformance is confirmed, then go to step 6.2.5.
6.2.4 If the possible nonconformance requires further clarification the auditor will discuss the situation with the Quality Assurance Manager.
6.2.5 After the facts of the nonconformity are verified (or modified), the auditor either drafts nonconformance statement or documents the necessary information for writing one later.
NOTE 6: The nonconformance statement includes the nature of the nonconformity, the actual evidence obtained, and the nature of the requirement that is not being complied with (i.e., the appropriate ISO 9001 clause number, the appropriate quality system document section/page/paragraph, what the personnel says is the normal practice, contract requirements, statutory regulations, current standards, and any other relevant requirements).

6.3 REPORTING AND FOLLOW-UP
6.3.1 Within 2 weeks of completing the internal audit program, the auditor prepares a brief internal audit report and submits it to The Quality Assurance Manager for review and approval.
NOTE 7: The audit report includes the audit’s criteria, scope, methods and objectives, the names and titles of the audit team members, a summary of general observations (i.e., general degree of compliance and any significant problems encountered), all statements of nonconformities, weaknesses, and/or opportunities for improvement, and verification results for follow-up activities performed during the audit.
6.3.2 The Quality Assurance Manager reviews and approves the internal audit report, and then distributes copies of the report to senior management and the personnel of the audited areas that were directly involved in the audit.
NOTE 8: Any additional comments or observations of the Quality Assurance Manager can be attached to the report, but the auditor’s observations be will not be deleted or modified by The Quality Assurance Manager.
6.3.3 The Quality Assurance Manager request a Engineering Change Request for any nonconformity listed in the Internal Audit Report and for any weaknesses and “opportunities for improvement” identified and documented.
6.3.4 The Quality Assurance Manager updates and maintains the long-range audit schedule based upon the documented results of the audit and the planned corrective and preventive actions.
6.3.5 The Quality Manager shall maintain an audit notebook detailing all internal and external audits carried out.
- Long-range audit schedule
- Internal audit program
- Completed checklists- signed and dated by each auditor
- Audit report

7. REVIEW PROCEDURE
Any suggested improvements or modifications to this procedure are to be passed on to the Quality Assurance Manager for discussion at the next Quality Review Committee meeting.

Friday, August 19, 2011

Revision Of Documents In ISO 9000 Standards

The ISO 9000 Standard requires that documents be updated as
necessary and re-approved following their review.
Following a document review, action may or may not be necessary. If the
document is found satisfactory, it will remain in use until the next review. If the
document is found unsatisfactory there are two outcomes.
The document is no longer necessary and should be withdrawn from use –
this is addressed by the requirement dealing with obsolescence.
The document is necessary but requires a change – this is addressed by this
requirement.
The standard implies that updating should follow a review. The term update
also implies that documents are reviewed only to establish whether they are
current when in fact document reviews may be performed for many different
reasons. A more appropriate term to update would be revise. Previously the
standard addressed only the review and approval of changes and did not
explicitly require a revision process. However, a revision process is executed
before a document is subject to re-approval.
This requirement responds to the Continual Improvement principle.
It is inevitable that during use a need will arise for changing documents and
therefore provision needs to be made to control not only the original
generation of documents but also their revisions.
The document change process consists of a number of key stages some of
which are not addressed in ISO 9000 Standards.
a. Identification of need (addressed by document review)
b. Request for change (not addressed in the standard)
c. Permission to change (not addressed in the standard)
d. Revision of document (addressed by document updates)
e. Recording the change (addressed by identifying the change)
f. Review of the change (addressed under quality planning)
g. Approval of the change (addressed by document re-approval)
h. Issue of change instructions (not addressed in the standard)
i. Issue of revised document (addressed by document availability)
As stated previously, to control documents it is necessary to control their
development, approval, issue, change, distribution, maintenance, use, storage,
security, obsolescence or disposal and we will now address those aspects not
specifically covered by the standard.
In controlling changes it is necessary to define what constitutes a change to a
document. Should you allow any markings on documents, you should specify
those that have to be supported by change notes and those that do not.
Markings that add comment or correct typographical errors are not changes
but annotations. Alterations that modify instructions are changes and need
prior approval. The approval may be in the form of a change note that details
changes that have been approved.
Anyone can review a document but approved documents should only be
changed/revised/amended under controlled conditions. The document
review will conclude that either a change is necessary or unnecessary. If a
change is necessary, a request for change should be made to the issuing
authorities. Even when the person proposing the change is the same as would
approve the change, other parties may be affected and should therefore be
permitted to comment. The most common method is to employ Document
Change Requests. By using a formal change request it allows anyone to request
a change to the appropriate authorities.
Change requests need to specify:
a. The document title, issue and date
b. The originator of the change request (who is proposing the change, his or her
location or department)
c. The reason for change (why the change is necessary)
d. What needs to be changed (which paragraph, section, etc. is affected and
what text should be deleted)
e. The changes in text required where known (the text which is to be inserted
or deleted)
By maintaining a register of such requests you can keep track of who has
proposed what, when and what progress is being made on its approval. You
may of course use a memo or phone call to request a change but this form of
request becomes more difficult to track and prove you have control. You will
need to inform staff where to send their requests.
On receipt of the request you need to provide for its review by the change
authority. The change request may be explicit in what should be changed or
simply report a problem that a change to the document would resolve.
Someone needs to be nominated to draft the new material and present it for
review but before that, the approval authorities need to determine whether
they wish the document to be changed at all. There is merit in reviewing
requests for change before processing in order to avoid abortive effort. You
may also receive several requests for change that conflict and before processing
you will need to decide which change should proceed. While a proposed
change may be valid, the effort involved may warrant postponement of the
change until several proposals have been received – it rather depends on the
urgency
Ensuring the availability of controlled documents
The ISO 9000 standards requires that relevant versions of applica-
ble documents are available at points of use.
The relevant version of a document is the version
that should be used for a task. It may not be the latest
version because you may have reason to use a
different version of a document such as when
building or repairing different versions of the same
product. Applicable documents are those that are
needed to carry out work. Availability at points of use
means the users have access to the documents they
need at the location where the work is to be
performed. It does not mean that users should possess copies of the documents
they need, in fact this is undesirable because the copies may become outdated
and not withdrawn from use.
This requirement exists to ensure that access to documents is afforded when
required. Information essential for the performance of work needs to be
accessible to those performing it otherwise they may resort to other means
of obtaining what they need that may result in errors, inefficiencies and
hazards.
In order to make sure that documents are available you should not keep them
under lock and key (or password protected) except for those where restricted
access is necessary for security purposes. You need to establish who wants
which documents and when they need them. The work instructions should
specify the documents that are required for the task so that those documents
not specified are not essential. It should not be left to the individual to
determine which documents are essential and which are not. If there is a need
for access out of normal working hours, access has to be provided. The more
copies there are the greater the chance of documents not being maintained so
minimize the number of copies. A common practice is to issue documents to
managers only and not the users. This is particularly true of management
system documents. One finds that only the managers hold copies of the
Quality Manual. In some firms all the managers reside in the same building,
even along the same corridor and it is in such circumstances that one invariably
finds that these copies have not been maintained. It is therefore impractical to
have all the copies of the Quality Manual in one place. Distribute the
documents by location, not by named individuals. Distribute to libraries, or
document control centres so that access is provided to everyone and so that
someone has responsibility for keeping them up to date. If using an intranet,
the problems of distribution are less difficult but there will always be some
groups of people who need access to hard copy.
The document availability requirement applies to both internal and external
documents alike. Customer documents such as contracts, drawings, specifica-
tions and standards need to be available to those who need them to execute
their responsibilities. Often these documents are only held in paper form and
therefore distribution lists will be needed to control their location. If documents
in the public domain are required, they only need be available when required
for use and need not be available from the moment they are specified in a
specification or procedure. You should only have to produce such documents
when they are needed for the work being undertaken at the time of the audit.
However, you would need to demonstrate that you could obtain timely access
when needed. If you provide a lending service to users of copyrighted
documents, you would need a register indicating to whom they were loaned so
that you can retrieve them when needed by others.
A document that is not ready for use or is not used often may be archived.
But it needs to be accessible otherwise when it is called for it won’t be there. It
is therefore necessary to ensure that storage areas, or storage mediums provide
secure storage from which documents can be retrieved when needed. Storing
documents off-site under the management of another organization may give
rise to problems if they cannot be contacted when you need the documents.
Archiving documents on magnetic tape can also present problems when the
tape cannot be found or read by the new technology that has been installed!
Electronic storage presents very different problems to conventional storage and
gives rise to the retention of ‘insurance copies’ in paper should the retrieval
mechanism fail.
Ensuring documents are legible and identifiable
The standard requires documents to remain legible and
readily identifiable.
Legibility refers to the ease with which the informa-
tion in a document can be read or viewed. A
document is readily identifiable if it carries some
indication that will quickly distinguish it from
similar documents. Any document that requires a reader to browse through it
looking for clues is clearly not readily identifiable.
The means of transmission and use of documents may cause degradation
such that they fail to convey the information originally intended. Confusion
with document identity could result in a document being misplaced, destroyed
or otherwise being unobtainable. It can also result in incorrect documents
being located and used.
This requirement is so obvious it hardly needs to be specified. As a general
rule, any document that is printed or photocopied should be checked for
legibility before distribution. Legibility is not often a problem with electron-
ically controlled documents. However, there are cases where diagrams cannot
be magnified on screen so it would be prudent to verify the capability of the
technology before releasing documents. Not every user will have perfect
eyesight! Documents transmitted by fax present legibility problems due to the
quality of transmission and the medium on which the information is printed.
Heat sensitive paper is being replaced with plain paper but many organiza-
tions still use the old technology. You simply have to decide your approach.
For any communication required for reference, it would be prudent to use
photocopy or scan the fax electronically and dispose of the original.
Documents used in a workshop environment may require protection from oil
and grease. Signatures are not always legible so it is prudent to have a policy
of printing the name under the signature. Documents subject to frequent
photocopying can degrade and result in illegible areas.
Although a new requirement, it is unusual to find documents in use that carry
no identification at all. Three primary means are used for document
identification – classification, titles and identification numbers. Classification
divides documents into groups based on their purpose – policies, procedures,
records, plans, etc are classes of documents. Titles are acceptable providing
there are no two documents with the same title in the same class. If you have
hundreds of documents it may prove difficult to sustain uniqueness.
Identification can be made unique in one organization but outside it may not
be unique. However, the title as well as the number is usually sufficient.
Electronically controlled documents do not require a visible identity other than
the title in its classification. Classifying documents with codes enables their
sorting by class.

ISO 14001 Standards Certification


ISO 14001 Standards Certification
ISO 14001 sets out a system that can be audited and certified. In many cases, it is the issue of certification that is critical or controversial and is at the heart of the discussion about the trade implications.
Certification means that a qualified body (an “accredited certifier”) has inspected the EMS system that has been put in place and has made a formal declaration that the system is consistent with the requirements of ISO 14001.
The standard allows for “self-certification,” a declaration by an enterprise that it conforms to ISO 14001. There is considerable skepticism as to whether this approach would be widely accepted, especially when certification has legal or commercial consequences. At the same time, obtaining certification can entail significant costs, and there are issues relating to the international acceptance
of national certification that may make it particularly difficult for companies in some countries to achieve credible certification at a reasonable cost. For firms concerned about having certification that carries real credibility, the costs of bringing in international auditors are typically quite high, partly because the number of internationally recognized firms of certifiers is limited at present.2
The issue of accreditation of certifiers is becoming increasingly important as the demand increases.
Countries that have adopted ISO 14001 as a national standard can accredit qualified companies as certifiers, and this will satisfy national legal or contractual requirements. However, the fundamental purpose of ISO is to achieve consistency internationally. If certificates from certain countries or agencies are not fully accepted or are regarded as “second class,” the goal will not have been achieved. It is probable that the international marketplace will eventually put a
real commercial value on high-quality certificates, but this level of sophistication and discrimination has not yet been achieved. It is essential to the ultimate success of the whole system that there be a mechanism to ensure that certification in any one country has credibility and acceptability elsewhere.
The ISO has outlined procedures for accreditation and certification (Guides 61 and 62), and a formal body, QSAR, has been established to operationalize the process. At the same time, a number of established national accreditation bodies
heavily involved in ISO have set up the informal International Accreditation Forum (IAF) to examine mechanisms for achieving international reciprocity through multilateral agreements (MLAs). However, these systems are in the early
stages, and many enterprises continue to use the established international certifiers, even at additional cost, because of lack of confidence in the acceptability of local certifiers.
Given the variability in the design of individual EMS and the substantial costs of the ISO 14000 certification process, there is a growing tendency for large companies that are implementing EMS approaches to pause before taking this
last step. After implementing an EMS and confirming that the enterprise is broadly in conformance with ISO 14001, it is becoming routine to carry out a “gap analysis” to determine exactly what further actions would be required to achieve
certification and to examine the benefits and costs of bringing in third-party certifiers.

ISO 14001 Standards Certification

ISO 14001 Standards sets out a system that can be audited and certified. In many cases, it is the issue of certification that is critical or controversial and is at the heart of the discussion about the trade implications.

Certification means that a qualified body (an “accredited certifier”) has inspected the EMS system that has been put in place and has made a formal declaration that the system is consistent with the requirements of ISO 14001 Standards.

The standard allows for “self-certification,” a declaration by an enterprise that it conforms to ISO 14001 Standards. There is considerable skepticism as to whether this approach would be widely accepted, especially when certification has legal or commercial consequences. At the same time, obtaining certification can entail significant costs, and there are issues relating to the international acceptance

of national certification that may make it particularly difficult for companies in some countries to achieve credible certification at a reasonable cost. For firms concerned about having certification that carries real credibility, the costs of bringing in international auditors are typically quite high, partly because the number of internationally recognized firms of certifiers is limited at present.2

The issue of accreditation of certifiers is becoming increasingly important as the demand increases.

Countries that have adopted ISO 14001 Standards as a national standard can accredit qualified companies as certifiers, and this will satisfy national legal or contractual requirements. However, the fundamental purpose of ISO is to achieve consistency internationally. If certificates from certain countries or agencies are not fully accepted or are regarded as “second class,” the goal will not have been achieved. It is probable that the international marketplace will eventually put a

real commercial value on high-quality certificates, but this level of sophistication and discrimination has not yet been achieved. It is essential to the ultimate success of the whole system that there be a mechanism to ensure that certification in any one country has credibility and acceptability elsewhere.

The ISO has outlined procedures for accreditation and certification (Guides 61 and 62), and a formal body, QSAR, has been established to operationalize the process. At the same time, a number of established national accreditation bodies

heavily involved in ISO have set up the informal International Accreditation Forum (IAF) to examine mechanisms for achieving international reciprocity through multilateral agreements (MLAs). However, these systems are in the early

stages, and many enterprises continue to use the established international certifiers, even at additional cost, because of lack of confidence in the acceptability of local certifiers.

Given the variability in the design of individual EMS and the substantial costs of the ISO 14000 certification process, there is a growing tendency for large companies that are implementing EMS approaches to pause before taking this

last step. After implementing an EMS and confirming that the enterprise is broadly in conformance withISO 14001 Standards, it is becoming routine to carry out a “gap analysis” to determine exactly what further actions would be required to achieve

certification and to examine the benefits and costs of bringing in third-party certifiers.