April Newsletter

Paperwork Myths of ISO 9001:2000

by Donna Jarvie

Over the past 8 years or so of auditing and training, I’ve heard many organizations grumble that “ISO is about paperwork.”  Why is this so?  How has this perception developed and why is it so pervasive?  With the revision to ISO 9001 approaching this year, I believe it’s time to dispense with this myth about implementing and maintaining a Quality Management System (QMS) that conforms with ISO 9001:2000.  I’ll explore a few of the factors behind this myth, including: consulting approaches, auditors approaches and lack of understanding from the client’s perspective as to the “intent” of the ISO standards as much as the “letter” of it.  Let me also state from the beginning that when I say ‘paper’ or ‘paperwork’, I mean documentation in general, whether it be hardcopy, electronic, procedures, work instructions, forms, logs, records, etc.

What better place to start than with consulting approaches & consultants (I’m one too, so I’ll try not to offend any of my colleagues…!).  When ISO 9001:1994 was issued, the common theme was, “Do what you say; say what you do; document it and prove it.”  This also made it quite easy for anyone to offer advice on building a QMS, because the standard basically said to write down everything that you do.  The biggest problem with this theme is that it’s no longer applicable – even the technical committee recognized the folly of a standard with such requirements.  Instead of the 20 clauses of ISO 9001:1994 requiring a “documented procedure”, only 6 of the ISO 9001:2000 clauses require this (4.2.3, 4.2.4, 8.2.2, 8.3, 8.5.2 and 8.5.3).  In addition, clause 4.2, General Documentation Requirements states:

“The quality management system documentation shall include:

  • documented statements of a quality policy and quality objectives,
  • a quality manual (the requirements of which are listed under clause 4.2.2),
  • documented procedures required by this International Standard (see list above),
  • documents needed by the organization to ensure effective planning, operation and control of its processes, and
  • records required by this International Standard.”

Having been employed by one of the largest registrars through the transition period, I witnessed the procrastination of organizations in making the transition to the new standard.  More than 60% of registered organizations waited until the last 6 months of the grace period before they made the step forward.  Then, in their rush to transition before the 2003 deadline, many organizations never stepped back to examine the value of their documented system (or more appropriately, the lack of value).  That is, they didn’t take the time to review which parts of their QMS made sense to their business (in other words, which components provided value to customers, management and employees), and which ones were in place purely to demonstrate conformity with ISO requirements.  As a result, organizations figured it was safer to “add to” their documented systems to demonstrate that they met what were perceived to be “additional requirements”.  Unfortunately, many third-party auditors didn’t take the time to ‘educate’ their clients and simply continued to audit what was there.

OK, now that I’ve brought up auditors, let’s look at the auditing perspective.  Although not always intentional, auditors themselves have contributed to the growing volume of paper in organizations’ QMS’.  In my experience, over the past 10 years of auditing, I have seen many auditors develop through the QA/QC ranks, and, don’t get me wrong, this is not all bad, but it does mean many auditors out there are more comfortable with “Yes/No” or “black & white” scenarios.  This worked very well for the 1994 version of the standard where auditing was basically a checkmark exercise to verify that each documented activity was being carried out.

Let me give you a couple of examples.  Have you ever had an auditor ask to see your “Approved Vendor List (AVL)”?  If you didn’t have one the first time, you did when the auditor returned for your next audit, because the perception was (and still is), that we need to satisfy the auditor.  How about this one: “What if you won the lottery next week and weren’t here to do this job anymore?” Just once, I’d love to hear someone say, “Well, I wouldn’t work here anymore, so I really wouldn’t care now, would I?”  (By the way, the correct response would be that it would be up to the organization to determine the competence necessary for the position, find an appropriate candidate, fill any competence gaps and evaluate the effectiveness of this process in filling the position).  Lastly, “Don’t you have a procedure for this?”  It is just this approach that has “worried” organizations into adding unnecessary documentation to their QMS - the fear of receiving a nonconformity if the auditor didn’t get what he/she asked for.

Organizations should have a good enough rapport with their auditor to start asking why they expect a procedure, and/or where the requirement exists that is prompting the auditor to ask.  Is it a suggestion only because they see a risk in not having one?  Is it personal opinion?  Do they have evidence of inconsistent approaches to the process that have confirmed a nonconformity?  By extension, auditors must be able to justify their requests by what is in the standard (no more, no less), and what evidence is available to demonstrate that the organization is or is not meeting the requirements.  Auditing is not about what the auditor likes or dislikes in the organization’s QMS.  It is about determining if the QMS meets the requirements of the standard and is effectively implemented. In other words, does it work for the organization?  Believe me, I’ve seen many systems that I didn’t like, or had the thought, “I could make this so much better”, but that’s not adopting one of the principles of auditing: maintaining objectivity & impartiality.

Finally, let’s examine clients’ lack of understanding as to the “intent” of the
ISO 9001:2000 standard.  I can’t tell you how many times I’ve conducted an audit of an organization who doesn’t even have a copy of the standard on site, let alone having invested in educating themselves before making any changes to their QMS. There is always resistance to change and, I’m sure many management representatives perceive a lot of work in evaluating and determining what changes should take place in their QMS.  Let’s face it, it’s easier to leave things alone than to make changes, right?  However, changing the QMS should be part of the overall management responsibility, in addressing the QMS planning requirements.

Management Representatives should continue to educate themselves, sometimes with a simple reading of the Scope of the ISO 9001:2000 standard:

“This International Standard specifies requirements for a quality management system where an organization

  • needs to demonstrate its ability to consistently provide product that meets customer and applicable regulatory requirements
  • aims to enhance customer satisfaction through the effective application of the system, including processes for continual improvement of the system and assurance of conformity to customer and applicable regulatory requirements.”

The Standard itself implies that its main areas of focus are on product consistency, customer satisfaction and continual improvement of the QMS.  Therefore, organizations should use this insight, the information in clause 4.2.1 General Documentation Requirements (see above in this article for details of this clause) and the information in “Note 2” following clause 4.2.1, which indicates: “The extent of QMS documentation can differ from one organization to another due to:

  • the size of the organization and the type of activities
  • the complexity of processes and their interaction
  • the competence of personnel

In other words, organizations should carefully evaluate WHEN documentation is necessary.  Documentation should be a value-adding activity that addresses one or more of the following organizational needs:

  • a customer requirement warrants documenting an activity
  • a regulatory requirement warrants documenting an activity
  • the organization’s management warrants documenting an activity
  • the need for consistency of tasks and outputs warrants documenting an activity

To achieve a balance, organizations must weigh their organizational needs against the requirements of ISO 9001 and the competence of their staff (in other words, the higher the competence, the lower the need is for documentation and vice versa).

Each of these areas is designed to add value (in other words, improve profitability of the business), by either saving money or making money because, after all, that’s the main reason most organizations exist – the bottom line. And, most important of all, that’s the reason for establishing and maintaining a quality management system.
  Paperwork Myths of ISO 9001:2000
  Myers Briggs Type Indicator - MBTI
  Management Certification
  Health & Safety
  Computer & Workshop Classes
 

BGT Schedule

Featured Programs

Myers Briggs Type Indicator- MBTI

Date:

Wednesday., May 21, 2008

Time:

8:30 a.m. to 4:30 p.m.

Location:

Business Growth Training Inc.

59 Lorne Avenue East

Stratford, Ontario

Course Fee:

$295 per person plus GST

Lunch will be provided

The Myers Briggs Type Indicator® instrument and knowledge of personality type are used by many organizations, large and small. “Since type provides a framework for understanding individual differences, and provides a dynamic model of individual development, it has found wide application in the many functions that compose an organization," writes Gordon Lawrence and Charles Martin in Building People, Building Programs (CAPT 2001).

Type can be introduced into an organization to support many different functions. In this session we are going to be focusing on how your company can use the Myers Briggs Type Indicator® in communication and team building.

For a full course outline and registration form please contact:

Julia Opie at

Business Growth Training Inc.

519-271-0144 or

Toll Free in Ontario:

1 (888) 771-3121 or

email julia@bgt.on.ca

Management   Certification Program

We are pleased to announce that  the BGT Management Certification Program outline and schedule is complete and will run as a series of courses from September 2007 until June 2008.

Participants may choose individual courses from any of the three levels or they may choose to complete the entire program.

For a comprehensive outline and dates for each course, please click schedule or contact our office.

BGT NEWS!

Health & Safety Courses

We are pleased to announce that we have partnered with the Health & Safety Network in order to provide a very extensive line of courses offered in both Stratford and London.

Please browse through our schedule for a full listing of Health & Safety Courses now available.

3 Hour Computer Courses

2 Hour Workshops

 

Through Student Connections (Wilfrid Laurier University), we offer 3-hour computer courses and 2 hour workshops delivered in a convenient, comprehensive and cost-effective format.

We also offer a Certificate Series of classes, whereby if you attend the required classes in a series, you will be issued a Student Connections Certificate of Completion.

We have several options to meet your personal or business needs.

Please call for more information.

New BGT Schedule

We now have a comprehensive listing of all of the courses we have on offer. You can read the schedule online or download for later reference.

Quote of the Day

"We cannot live for ourselves alone. Our lives are connected by a thousand invisible threads, and along these sympathetic fibers, our actions run as causes and return to us as results."   

Herman Melville

 
 
       
Toll-free in Ontario : 1 (888) 771-3121 or Tel: 519 271-0144 • Email Us: info@bgt.on.ca