Documented information in a Quality Management System (QMS)
- and why it's time for a radical overhaul of how we use QMS data
Without a valid ISO 9001 certificate, it is increasingly difficult - or even impossible - to be a supplier in many of the world's sector supply chains.
Third-party certification bodies provide independent confirmation that organizations meet the requirements of ISO 9001. But what exactly do the many thousands of qualified assessors do when carrying out an audit - what is the process? And what part does documented information play?
Complying with ISO 9001 requirements - what is being audited?
Quite simply: ISO 9001 auditors evaluate the documented information in a QMS for evidence of conformance and effectiveness. Although they will interview employees, - a few at Stage 1 and a larger sample at Stage 2 - what ISO 9001:2008 termed "documented procedures" and "records" are as necessary for the auditing process as they are for operating your QMS. Compliance to ISO 9001 is to be found in the documented quality system.
Auditors are keenly aware that QA is often seen as just a certification “badge” and that there is often no real change towards quality assurance. It’s also the case that a organization’s procedures can be highly complex. What starts as a simple “this is what we do when…” analysis can turn into a maze of exceptions, edge cases and if-then rules. The more complicated the documentation that results, the more likely it is to become shelfware.
So how can we create a documented quality management system that not only meets with the approval of ISO 9001 auditors, but also helps us to better manage processes, monitoring and optimizing tasks and activities?
This series of blog posts will propose a way forward that is itself a step change in the way that we think about the question: 'What is a QMS?'
Will managing documented information in a DMS improve Quality?
Start by asking, 'What is documented information'? I have dealt with this subject in earlier posts, however, a quick reminder of Clause 3 Terms and definitions in ISO 9001:2015 will help set the scene for the story:
information (3.50) required to be controlled and maintained by an organization (3.01) and the medium on which it is contained
So how do we get started with ISO 9001:2015 Documented Information?
The first task is:
Choose the medium on which it [documented information] is contained.
Paper-based systems are effectively dead. If you still have one, then your business belongs in a small minority of organisations and/or markets that have resisted change - although the clock is ticking at the eleventh hour!
At the other extreme, and if you work for a high technology organization with sizeable resources, a bespoke web design for a company Intranet that uses an optimised combination of diagrams, graphics and text is one possible alternative. However, in most cases, skill and budget are usually in short supply to attempt this 'high cost + high maintenance' approach.
A popular, but often no less expensive in the long run, method is to turn to Wiki-editng. Those of you who have tried this will be aware that a QMS wiki is hard to write, and can become very text-based. This information serves for record keeping and to 'tick the box' in terms of standards compliance, but it's not a graphically-based browser-delivered Quality Management System. Your growing store of wikis will not fully capture end-to-end processes across all of your business, and they will not be controlled. This could impact on operating effectiveness due to compounding errors and inefficiencies.
Other solutions for QMS can turn out to be just templates for common procedures. Whilst these are useful to help you get started in creating the documentation that you require, they don't help address business needs.
The forthcoming ISO9001:2015 standard looks set to dispense with the "Quality Manual" as a document. That does not, as we've already said in the blog series on the changes, remove the need for "documented information" (it's in clause 7.5.1 (b)). Instead of debating if the quality manual is or isn't required, it would be even better if the change ushered in some new and innovative thinking on what is a QMS?
For example, the Oxebridge blog has recommended using an Interpretations Manual in which each requirement of the ISO 9001:2015 standard is mapped onto an intepretation of what the requirement means for the company and what company processes does the requirement apply to? This could be captured in a familiar and easier-to-maintain format such as a spreadsheet.
Cognidox see it as a chance to make company procedures and processes more graphical through use of a gQMS. People have been used to clicking on hyperlinks in hypertexts for a long time now - it's time the quality manual caught up!
The challenge then becomes: how do we imitate the high-end Intranet approach, but at a fraction of the time, cost, and complexity?
That's a topic we will return to in the next post of this series.
This post was authored by: Michael Shuff
CogniDox is designed for Document Control. It provides ISO-compliant procedures for information governance; including version control, document lifecycle, review/approval workflows, access control, and auditability.
It also enables you to create a graphical Quality Management System (QMS) as a collection of interlinked web pages. The gQMS provides a strong focal point for your quality initiative, and demonstrates Leadership and commitment. By making the process visual, it dramatically improves end-user adoption.
Contact us to find out more.