Saturday, December 24, 2011
Friday, April 9, 2010
Assessment to ISO 9001 Standards
Assessment to ISO 9001 Standards
Once all the requirements of ISO 9001 have been met, it is time for an external audit. This should be carried out by a third party, accredited certification body. In the UK, the body should be accredited by UKAS. The chosen certification body will review the quality manuals and procedures. This process involves looking at the companys evaluation of quality and ascertains if targets set for the management program are measurable and achievable. This is followed at a later date by a full on-site audit to ensure that working practices observe the procedures and stated objectives and that appropriate records are kept.
After a successful audit, a certificate of registration to ISO 9001 will be issued. There will then be surveillance visits (usually once or twice a year) to ensure that the system continues to work.
Once all the requirements of ISO 9001 have been met, it is time for an external audit. This should be carried out by a third party, accredited certification body. In the UK, the body should be accredited by UKAS. The chosen certification body will review the quality manuals and procedures. This process involves looking at the companys evaluation of quality and ascertains if targets set for the management program are measurable and achievable. This is followed at a later date by a full on-site audit to ensure that working practices observe the procedures and stated objectives and that appropriate records are kept.
After a successful audit, a certificate of registration to ISO 9001 will be issued. There will then be surveillance visits (usually once or twice a year) to ensure that the system continues to work.
Friday, October 9, 2009
Environmental Management Programmes
ISO 14001 Section 4.3.4, Environmental Management Program(s), requires that organizations establish and maintain one or more environmental management programs for achieving their objectives. The environmental management program is a key element to the success of an EMS. Properly designed and implemented, environmental management programs should achieve the objectives and, consequently, improve your organization’s environmental performance.
According to ISO 14001 Section 4.3.4 the environmental management program must:
1. address each environmental objective and target
2. designate the personnel responsible for achieving targets at each relevant function and level of the
organization
3. provide an “action plan” describing how each environmental target will be achieved
4. establish a time-frame or a schedule for achieving each target.
An environmental management program is an action plan or a series of action plans to achieve an environmental objective.
According to ISO 14001 Section 4.3.4 the environmental management program must:
1. address each environmental objective and target
2. designate the personnel responsible for achieving targets at each relevant function and level of the
organization
3. provide an “action plan” describing how each environmental target will be achieved
4. establish a time-frame or a schedule for achieving each target.
An environmental management program is an action plan or a series of action plans to achieve an environmental objective.
EMS Documentation
ISO 14001 Section 4.4.4, EMS Documentation, requires that organizations “. . . establish and maintain information, in paper or electronic form, to: 1. describe the core elements of the management system and their interaction; 2. provide direction to related documentation.”
ISO 14001 Section 4.4.5, Document Control, requires that organizations establish and maintain procedures to control all documents required by ISO 14001. The purpose of these document control procedures is to ensure that organizations create and maintain documents sufficient to implementing an EMS.
The procedure must ensure that:
• EMS documents can be located
• EMS documents are legible, dated (with dates of revisions) and readily identifiable
• EMS documents are maintained in an orderly manner and retained for a specified period
• EMS documents are periodically reviewed, revised as necessary, and approved for adequacy by authorized personnel
• The current versions of relevant documents are available at all locations where they are necessary
• Obsolete documents are promptly removed from all distribution points
• Any obsolete documents retained for legal and/or knowledge preservation purposes must be identified as such.
ISO 14001 Section 4.3.5 also requires that organizations establish procedures and designate responsibilities and
authority regarding the creation and modification of EMS documents.
ISO 14001 Section 4.4.5, Document Control, requires that organizations establish and maintain procedures to control all documents required by ISO 14001. The purpose of these document control procedures is to ensure that organizations create and maintain documents sufficient to implementing an EMS.
The procedure must ensure that:
• EMS documents can be located
• EMS documents are legible, dated (with dates of revisions) and readily identifiable
• EMS documents are maintained in an orderly manner and retained for a specified period
• EMS documents are periodically reviewed, revised as necessary, and approved for adequacy by authorized personnel
• The current versions of relevant documents are available at all locations where they are necessary
• Obsolete documents are promptly removed from all distribution points
• Any obsolete documents retained for legal and/or knowledge preservation purposes must be identified as such.
ISO 14001 Section 4.3.5 also requires that organizations establish procedures and designate responsibilities and
authority regarding the creation and modification of EMS documents.
Implementing ISO 9000 Quality Management System
Implementation of ISO 9000 affects the entire organization right from the start. If pursued with total dedication, it results in ‘cultural transition’ to an atmosphere of continuous improvement.The process of implementing ISO 9000 depends on:???? The sophistication of your existing quality program,???? The size of your organization, and???? The complexity of your process.The 14 essential steps, briefly described below, are to be followed through in order to implement ISO 9000 quality management system successfully.Step 1: Top management commitmentStep 2: Establish implementation teamStep 3. Start ISO 9000 awareness programsStep 4: Provide TrainingStep 5. Conduct initial status surveyStep 6: Create a documented implementation planStep 7. Develop quality management system documentationStep 8: Document controlStep 9. ImplementationStep 10. Internal quality auditStep 11. Management reviewStep 12. Pre-assessment auditStep 13. Certification and registrationStep 14: Continual ImprovementStep 1: Top Management CommitmentThe top management (managing director or chief executive) should demonstrate a commitment and a determination to implement an ISO 9000 quality management system in the organization. Without top management commitment, no quality initiative can succeed. Top management must be convinced that registration and certification will enable the organization to demonstrate to its customers a visible commitment to quality. It should realize that a quality management system would improve overallbusiness efficiency by elimination of wasteful duplication in management system.The top management should provide evidence of its commitment to the development and implementation of the quality management system and continually improve its effectiveness by:a. Communicating to the organization the importance of meeting customer as well as statutory and regulatory requirements,b. Defining the organization’s quality policy and make this known to every employee,c. Ensuring that quality objectives are established at all levels and functions,d. Ensuring the availability of resources required for the development andimplementation of the quality management system,e. Appointing a management representative to coordinate quality management system activities, and Conducting management review.The top management should also consider actions such as:1. Leading the organization by example,2. Participating in improvement projects,3. Creating an environment that encourages the involvement of people.This type of top management commitment may be driven by:1. Direct marketplace pressure: requirements of crucial customers or parentconglomerates.2. Indirect marketplace pressure: increased quality levels and visibility among competitors.3. Growth ambitions: desire to exploit market opportunities.4. Personal belief in the value of quality as a goal and quality management systems as a means of reaching that goal.The top management should identify the goals to be achieved through the quality management system. Typical goals may be:• Be more efficient and profitable• Produce products and services that consistently meet customers’ needs andexpectations• Achieve customers satisfaction• Increase market share• Improve communications and morale in the organization• Reduce costs and liabilities• Increase confidence in the production systemStep 2. Establish Implementation TeamISO 9000 is implemented by people. The first phase of implementation calls for the commitment of top management – the CEO and perhaps a handful of other key people.The next step is to establish implementation team and appoint a ManagementRepresentative (MR) as its coordinator to plan and oversee implementation. Its members should include representatives of all functions of the organization -Marketing, Design and development, Planning, Production, Quality control, etc.In the context of the standard, the MR is the person within the Organization who acts as interface between organization management and the ISO 9000 registrar. His role is, in fact, much broader than that. The MR should also act as the organization’s “quality management system champion,” and must be a person with:
1. Total backing from the CEO,2. Genuine and passionate commitment to quality in general and the ISO 9000 qualitymanagement system in particular,3. The dignity – resulting from rank, seniority, or both – to influence managers and others of all levels and functions,4. Detailed knowledge of quality methods in general and ISO 9000 in particular.The members of the implementation team should also be trained on ISO 9000 quality management systems by a professional training organization.
Step 3. Start ISO 9000 Awareness ProgramsISO 9000 awareness programs should be conducted to communicate to theemployees the aim of the ISO 9000 quality management system; the advantage it offers to employees, customers and the organization; how it will work; and their roles and responsibilities within the system. Suppliers of materials and components should also participate in these programs.The awareness program should emphasize the benefits that the organization expects to realize through its ISO 9000 quality management system. The program should also stress the higher levels of participation and self-direction that the quality management system renders to employees. Such a focus will go far to enlist employee support and commitment.The programs could be run either by the implementation team or by experts hired to talk to different levels of employees.Step 4. Provide TrainingSince the ISO 9000 quality management system affects all the areas and all personnel in the organization, training programs should be structured for different categories of employees – senior managers, middle-level managers, supervisors and workers. The ISO 9000 implementation plan should make provision for this training. The training should cover the basic concepts of quality management systems and the standard and their overall impact on the strategic goals of the organization, the changed processes, and the likely work culture implications of the system. In addition, initial training mayalso be necessary on writing quality manuals, procedures and work instruction; auditing principles; techniques of laboratory management; calibration; testing procedures, etc.When in-house capacity to carry out such training is not available, it may be necessary to participate in external training courses run by professional training organizations.Alternatively, an external training institution could be invited to conduct in-house training courses.
Step 5. Conduct Initial Status SurveyISO 9000 does not require duplication of effort or redundant system. The goal of ISO 9000 is to create a quality management system that conforms to the standard. This does not preclude incorporating, adapting, and adding onto quality programs already in place. So the next step in the implementation process is to compare the organization’s existing quality management system, if there is one — with the requirements of thestandard (ISO 9001:2008).For this purpose, an organization flow chart showing how information actually flows (not what should be done) from order placement by the customer to delivery to this customer should be drawn up. From this over-all flow chart, a flow chart of activities in each department should be prepared.With the aid of the flow charts, a record of existing quality management system should be established. A significant number of written procedures may already be in place.Unless they are very much out of date, these documents should not be discarded.Rather, they should be incorporated into the new quality management system.Documents requiring modification or elaboration should be identified and listed. Thisexercise is some times referred to as ” gap analysis”. During these review processes,wide consultation with executives and representatives of various unions andassociations within the organization is required to enlist their active cooperation.In the review process, documents should be collected, studied and registered for further use, possibly after they have been revised. Before developing new quality management system documentation, you need to consider with which quality requirements or department you should start. The best is to select an area where processes are fairly well organized, running effectively and functioning satisfactorily.The basic approach is to determine and record how a process is currently carried out.We can do this by identifying the people involved and obtaining information from them during individual interviews. Unfortunately, it often happens that different people will give different, contradicting versions of a process. Each one may refer to oral instructions that are not accurate or clear. This is why the facts are often not described correctly the first time around, and have to be revised several times.Once it has been agreed how to describe the current process, this process has to be adapted, supplemented and implemented according to the requirements of the quality standard (ISO 9001:2008). This requires organizational arrangements, the drawing up of additional documents and possible removal of existing documentation (e.g. procedures, inspection/test plans, inspection/test instructions) and records (e.g.inspection/test reports, inspection/test certificates).In introducing a quality management system, the emphasis is on the improvement of the existing processes or the re-organization of processes.In general, the steps to follow are the following:Ascertain and establish the following:What is the present operation/process? What already exists?
Analyze the relevant sections of the quality standard – ISO 9001:2000:What is actually required? If necessary, supplement and change operational arrangements in accordance with the standard, develop documents and records, and describe operations/processes:What is the desired operation/process?Figure 1: Steps in introducing a quality management systemThe above gap analysis can be done internally, if the knowledge level is there. Or aformal pre-assessment can be obtained from any one of a large number of ISO 9000consulting, implementing, and registration firms.Step 6. Create a Documented Implementation PlanOnce the organization has obtained a clear picture of how its quality management system compares with the ISO 9001:2008 standard, all non-conformances must be addressed with a documented implementation plan. Usually, the plan calls for identifying and describing processes to make the organization’s quality management system fully in compliance with the standard.The implementation plan should be thorough and specific, detailing:???? Quality documentation to be developed???? Objective of the system???? Pertinent ISO 9001:2008 section???? Person or team responsible???? Approval required???? Training required???? Resources required???? Estimated completion dateThese elements should be organized into a detailed chart, to be reviewed andapproved. The plan should define the responsibilities of different departments and personnel and set target dates for the completion of activities. Once approved, the Management Representative should control, review and update the plan as the implementation process proceeds.Typical implementation action plan is shown in Figure 2. Use ISO 10005:1995 for guidance in quality planning
Step 7. Develop Quality Management System DocumentationDocumentation is the most common area of non-conformance among organizations wishing to implement ISO 9000 quality management systems. As one company pointed out: “When we started our implementation, we found that documentation was inadequate. Even absent, in some areas. Take calibration. Obviously it’s necessary, and obviously we do it, but it wasn’t being documented. Another area was inspection and testing. We inspect and test practically every item that leaves here, but our documentation was inadequate”.Documentation of the quality management system should include:???? Documented statements of a quality policy and quality objectives,???? A quality manual,???? Documented procedures and records required by the standard ISO 9001:2008, and???? Documents needed by the organization to ensure the effective planning, operation and control of its processes.Quality documentation is generally prepared in the three levels indicated in the box that follows. Use ISO 10013:1995 for guidance in quality documentation.
In small companies, the above levels of documentation could be presented in one manual; otherwise, separate manuals should be prepared.A list of the documents to be prepared should be drawn up and the responsibility for writing the documents should be assigned to the persons concerned in various functional departments. They should be advised to prepare the drafts within a specific time frame.Step 8: Document ControlOnce the necessary quality management system documentation has been generated, a documented system must be created to control it. Control is simply a means of managing the creation, approval, distribution, revision, storage, and disposal of the various types of documentation. Document control systems should be as simple and as easy to operate as possible — sufficient to meet ISO 9001:2008 requirements and that is all.Document control should include:???? Approval for adequacy by authorized person (s) before issue,???? Review, updating and re-approval of documents by authorized person (s),???? Identification of changes and of the revision status of documents,???? Availability of relevant versions of documents at points of use,???? Identification and control of documents of external origin,???? Assurance of legibility and identifability of documents, and???? Prevention of unintended use of obsolete documents.The principle of ISO 9000 document control is that employees should have access to the documentation and records needed to fulfil their responsibilities.Step 9. ImplementationIt is good practice to implement the quality management system being documented as the documentation is developed, although this may be more effective in larger firms. In smaller companies, the quality management system is often implemented all at once throughout the organization. Where phased implementation takes place, the effectiveness of the system in selected areas can be evaluated.It would be a good idea initially to evaluate areas where the chances of a positive evaluation are high, to maintain the confidence of both management and staff in the merits of implementing the quality management system.The implementation progress should be monitored to ensure that the qualitymanagement system is effective and conforms to the standard. These activities include internal quality audit, formal corrective action and management review.Step 10. Internal Quality AuditAs the system is being installed, its effectiveness should be checked by regular internal quality audits. Internal quality audits are conducted to verify that the installed quality management system:
???? Conform to the planned arrangements, to the requirements of the standard (ISO 9001:2008) and to the quality management system requirements established by your organization, and???? Is effectively implemented and maintained.Even after the system stabilizes and starts functioning, internal audits should be planned and performed as part of an ongoing strategy.A few staff members should be trained to carry out internal auditing. Use ISO 19011 for guidance in auditing, auditor qualification and programmes.Step 11. Management ReviewWhen the installed quality management system has been operating for three to six months, an internal audit and management review should be conducted and corrective actions implemented. The management reviews are conducted to ensure the continuing suitability, adequacy and effectiveness of the quality management system.????The review should include assessing opportunities for improvement and the need for changes to the quality management system, including the quality policy and quality objectives.The input to management review should include information on:???? Results of audits,???? Customer feed back,???? Process performance and product conformity,???? Status of preventive and corrective actions,???? Follow-up actions from previous management reviews,???? Changes that could affect the quality management system, and???? Recommendations for improvements.Management reviews should also address the pitfalls to effective implementation, including lack of CEO commitment, failure to involve everyone in the process, and failure to monitor progress and enforce deadlines.Step 12. Pre-assessment AuditWhen system deficiencies are no longer visible, it is normally time to apply for certification. However, before doing so, a pre-assessment audit should be arranged with an independent and qualified auditor. Sometimes certification bodies provide this service for a nominal charge. The pre-assessment audit would provide a degree of confidence for formally going ahead with an application for certification.Step 13. Certification and RegistrationOnce the quality management system has been in operation for a few months and has stabilized, a formal application for certification could be made to a selected certification agency. The certification agency first carries out an audit of the documents (referred to as an “adequacy audit”). If the documents conform to the requirements of the quality standard, then on-site audit is carried out. If the certification body finds the system to be working satisfactorily, it awards the organization a certificate, generallyfor a period of three years. During this three-year period, it will carry out periodic surveillance audits to ensure that the system is continuing to operate satisfactorily.Step 14: Continual ImprovementCertification to ISO 9000 should not be an end. You should continually seek to improve the effectiveness and suitability of the quality management system through the use of:???? Quality policy???? Quality objectives???? Audit results???? Analysis of data???? Corrective and preventive actions???? Management reviewISO 9004:2008 provides a methodology for continual improvement.
1. Total backing from the CEO,2. Genuine and passionate commitment to quality in general and the ISO 9000 qualitymanagement system in particular,3. The dignity – resulting from rank, seniority, or both – to influence managers and others of all levels and functions,4. Detailed knowledge of quality methods in general and ISO 9000 in particular.The members of the implementation team should also be trained on ISO 9000 quality management systems by a professional training organization.
Step 3. Start ISO 9000 Awareness ProgramsISO 9000 awareness programs should be conducted to communicate to theemployees the aim of the ISO 9000 quality management system; the advantage it offers to employees, customers and the organization; how it will work; and their roles and responsibilities within the system. Suppliers of materials and components should also participate in these programs.The awareness program should emphasize the benefits that the organization expects to realize through its ISO 9000 quality management system. The program should also stress the higher levels of participation and self-direction that the quality management system renders to employees. Such a focus will go far to enlist employee support and commitment.The programs could be run either by the implementation team or by experts hired to talk to different levels of employees.Step 4. Provide TrainingSince the ISO 9000 quality management system affects all the areas and all personnel in the organization, training programs should be structured for different categories of employees – senior managers, middle-level managers, supervisors and workers. The ISO 9000 implementation plan should make provision for this training. The training should cover the basic concepts of quality management systems and the standard and their overall impact on the strategic goals of the organization, the changed processes, and the likely work culture implications of the system. In addition, initial training mayalso be necessary on writing quality manuals, procedures and work instruction; auditing principles; techniques of laboratory management; calibration; testing procedures, etc.When in-house capacity to carry out such training is not available, it may be necessary to participate in external training courses run by professional training organizations.Alternatively, an external training institution could be invited to conduct in-house training courses.
Step 5. Conduct Initial Status SurveyISO 9000 does not require duplication of effort or redundant system. The goal of ISO 9000 is to create a quality management system that conforms to the standard. This does not preclude incorporating, adapting, and adding onto quality programs already in place. So the next step in the implementation process is to compare the organization’s existing quality management system, if there is one — with the requirements of thestandard (ISO 9001:2008).For this purpose, an organization flow chart showing how information actually flows (not what should be done) from order placement by the customer to delivery to this customer should be drawn up. From this over-all flow chart, a flow chart of activities in each department should be prepared.With the aid of the flow charts, a record of existing quality management system should be established. A significant number of written procedures may already be in place.Unless they are very much out of date, these documents should not be discarded.Rather, they should be incorporated into the new quality management system.Documents requiring modification or elaboration should be identified and listed. Thisexercise is some times referred to as ” gap analysis”. During these review processes,wide consultation with executives and representatives of various unions andassociations within the organization is required to enlist their active cooperation.In the review process, documents should be collected, studied and registered for further use, possibly after they have been revised. Before developing new quality management system documentation, you need to consider with which quality requirements or department you should start. The best is to select an area where processes are fairly well organized, running effectively and functioning satisfactorily.The basic approach is to determine and record how a process is currently carried out.We can do this by identifying the people involved and obtaining information from them during individual interviews. Unfortunately, it often happens that different people will give different, contradicting versions of a process. Each one may refer to oral instructions that are not accurate or clear. This is why the facts are often not described correctly the first time around, and have to be revised several times.Once it has been agreed how to describe the current process, this process has to be adapted, supplemented and implemented according to the requirements of the quality standard (ISO 9001:2008). This requires organizational arrangements, the drawing up of additional documents and possible removal of existing documentation (e.g. procedures, inspection/test plans, inspection/test instructions) and records (e.g.inspection/test reports, inspection/test certificates).In introducing a quality management system, the emphasis is on the improvement of the existing processes or the re-organization of processes.In general, the steps to follow are the following:Ascertain and establish the following:What is the present operation/process? What already exists?
Analyze the relevant sections of the quality standard – ISO 9001:2000:What is actually required? If necessary, supplement and change operational arrangements in accordance with the standard, develop documents and records, and describe operations/processes:What is the desired operation/process?Figure 1: Steps in introducing a quality management systemThe above gap analysis can be done internally, if the knowledge level is there. Or aformal pre-assessment can be obtained from any one of a large number of ISO 9000consulting, implementing, and registration firms.Step 6. Create a Documented Implementation PlanOnce the organization has obtained a clear picture of how its quality management system compares with the ISO 9001:2008 standard, all non-conformances must be addressed with a documented implementation plan. Usually, the plan calls for identifying and describing processes to make the organization’s quality management system fully in compliance with the standard.The implementation plan should be thorough and specific, detailing:???? Quality documentation to be developed???? Objective of the system???? Pertinent ISO 9001:2008 section???? Person or team responsible???? Approval required???? Training required???? Resources required???? Estimated completion dateThese elements should be organized into a detailed chart, to be reviewed andapproved. The plan should define the responsibilities of different departments and personnel and set target dates for the completion of activities. Once approved, the Management Representative should control, review and update the plan as the implementation process proceeds.Typical implementation action plan is shown in Figure 2. Use ISO 10005:1995 for guidance in quality planning
Step 7. Develop Quality Management System DocumentationDocumentation is the most common area of non-conformance among organizations wishing to implement ISO 9000 quality management systems. As one company pointed out: “When we started our implementation, we found that documentation was inadequate. Even absent, in some areas. Take calibration. Obviously it’s necessary, and obviously we do it, but it wasn’t being documented. Another area was inspection and testing. We inspect and test practically every item that leaves here, but our documentation was inadequate”.Documentation of the quality management system should include:???? Documented statements of a quality policy and quality objectives,???? A quality manual,???? Documented procedures and records required by the standard ISO 9001:2008, and???? Documents needed by the organization to ensure the effective planning, operation and control of its processes.Quality documentation is generally prepared in the three levels indicated in the box that follows. Use ISO 10013:1995 for guidance in quality documentation.
In small companies, the above levels of documentation could be presented in one manual; otherwise, separate manuals should be prepared.A list of the documents to be prepared should be drawn up and the responsibility for writing the documents should be assigned to the persons concerned in various functional departments. They should be advised to prepare the drafts within a specific time frame.Step 8: Document ControlOnce the necessary quality management system documentation has been generated, a documented system must be created to control it. Control is simply a means of managing the creation, approval, distribution, revision, storage, and disposal of the various types of documentation. Document control systems should be as simple and as easy to operate as possible — sufficient to meet ISO 9001:2008 requirements and that is all.Document control should include:???? Approval for adequacy by authorized person (s) before issue,???? Review, updating and re-approval of documents by authorized person (s),???? Identification of changes and of the revision status of documents,???? Availability of relevant versions of documents at points of use,???? Identification and control of documents of external origin,???? Assurance of legibility and identifability of documents, and???? Prevention of unintended use of obsolete documents.The principle of ISO 9000 document control is that employees should have access to the documentation and records needed to fulfil their responsibilities.Step 9. ImplementationIt is good practice to implement the quality management system being documented as the documentation is developed, although this may be more effective in larger firms. In smaller companies, the quality management system is often implemented all at once throughout the organization. Where phased implementation takes place, the effectiveness of the system in selected areas can be evaluated.It would be a good idea initially to evaluate areas where the chances of a positive evaluation are high, to maintain the confidence of both management and staff in the merits of implementing the quality management system.The implementation progress should be monitored to ensure that the qualitymanagement system is effective and conforms to the standard. These activities include internal quality audit, formal corrective action and management review.Step 10. Internal Quality AuditAs the system is being installed, its effectiveness should be checked by regular internal quality audits. Internal quality audits are conducted to verify that the installed quality management system:
???? Conform to the planned arrangements, to the requirements of the standard (ISO 9001:2008) and to the quality management system requirements established by your organization, and???? Is effectively implemented and maintained.Even after the system stabilizes and starts functioning, internal audits should be planned and performed as part of an ongoing strategy.A few staff members should be trained to carry out internal auditing. Use ISO 19011 for guidance in auditing, auditor qualification and programmes.Step 11. Management ReviewWhen the installed quality management system has been operating for three to six months, an internal audit and management review should be conducted and corrective actions implemented. The management reviews are conducted to ensure the continuing suitability, adequacy and effectiveness of the quality management system.????The review should include assessing opportunities for improvement and the need for changes to the quality management system, including the quality policy and quality objectives.The input to management review should include information on:???? Results of audits,???? Customer feed back,???? Process performance and product conformity,???? Status of preventive and corrective actions,???? Follow-up actions from previous management reviews,???? Changes that could affect the quality management system, and???? Recommendations for improvements.Management reviews should also address the pitfalls to effective implementation, including lack of CEO commitment, failure to involve everyone in the process, and failure to monitor progress and enforce deadlines.Step 12. Pre-assessment AuditWhen system deficiencies are no longer visible, it is normally time to apply for certification. However, before doing so, a pre-assessment audit should be arranged with an independent and qualified auditor. Sometimes certification bodies provide this service for a nominal charge. The pre-assessment audit would provide a degree of confidence for formally going ahead with an application for certification.Step 13. Certification and RegistrationOnce the quality management system has been in operation for a few months and has stabilized, a formal application for certification could be made to a selected certification agency. The certification agency first carries out an audit of the documents (referred to as an “adequacy audit”). If the documents conform to the requirements of the quality standard, then on-site audit is carried out. If the certification body finds the system to be working satisfactorily, it awards the organization a certificate, generallyfor a period of three years. During this three-year period, it will carry out periodic surveillance audits to ensure that the system is continuing to operate satisfactorily.Step 14: Continual ImprovementCertification to ISO 9000 should not be an end. You should continually seek to improve the effectiveness and suitability of the quality management system through the use of:???? Quality policy???? Quality objectives???? Audit results???? Analysis of data???? Corrective and preventive actions???? Management reviewISO 9004:2008 provides a methodology for continual improvement.
ISO 14001 Auditing and Registration
ISO 14001 Registration
A registration system has grown up around the implementation of the ISO 9000 quality management documents and has formed the basis for a similar system of registration to ISO 14001. At this writing, ISO 14001 is the only specification_ document of the ISO 14000 series and the only standard that is intended to be auditable; all of the other standards are, or will be, guidance documents.
Registrars – Globally, there are 40 – 50 or more organizations established to register organizations to ISO 14001. These registration organizations are accredited by the standards bodies in, for the most part, major industrial nations that have adopted ISO 14001 as their country’s EMS standard. In the U.S., for example, the body that accredits registrars is the ANSI-ASQ National Accreditation Board (ANAB). ANAB passes on the credentials of registrars to register organizations to ISO 14001.
ISO 14001 Audits
First-, second-, or third-party auditors can assess an organization’s conformity to the requirements of the standard. First-party Audits – In the first-party circumstance, the internal auditors of the implementing organization conduct an audit to determine that the EMS has been properly implemented and is being maintained. If the organization passes the internal audit, it may self declare_ its conformity to ISO 14001.
Second-party Audits – In the second-party circumstance, the audit is conducted by a representative of a party interested in the environmental performance of the implementing organization. The interested party_ may be a customer, an environmental regulator, an insurance company, or any other organization affected by the environmental performance of the implementing organization. The second-party audit can be a condition of doing business with the auditor’s organization.
Third-party Audits – In the third-party circumstance, an external EMS auditor conducts an audit, usually at the request of the implementing organization, to determine if the organization conforms to the requirements of ISO 14001. The third-party audit is most often for the purpose of certifying_ that the organization is in conformity with the requirements of ISO 14001.
Typically, when a registration is awarded, it is for a period of three years with a provision for the periodic conduct of surveillance_ audits to ensure continuing conformity.
A principal benefit of the third-party audit is that it compels organizations to continually maintain the EMS in order to pass the follow-up surveillance audits; without this, there might be slippage in the maintenance of ISO 14001.
It is not a requirement of implementing ISO 14001 that organizations have a registration audit conducted; this is a decision made by each organization based upon its determination of the commercial value or necessity of certifying. When an ISO 14001 EMS is intended to be audited,
the requirements must be implemented and documented sufficiently for an auditor/registrar to be
able to conduct the audit based on the finding of objective evidence that the organization has implemented an EMS conforming to ISO 14001.
Establishing objective evidence requires a higher level of documentation and record keeping than is required for mere implementation of ISO 14001. The implementation of ISO 14001 is a simpler task for the organization when it is only seeking to implement the policy and sixteen procedures than when it is implementing with the intention or expectation of being audited.
A registration system has grown up around the implementation of the ISO 9000 quality management documents and has formed the basis for a similar system of registration to ISO 14001. At this writing, ISO 14001 is the only specification_ document of the ISO 14000 series and the only standard that is intended to be auditable; all of the other standards are, or will be, guidance documents.
Registrars – Globally, there are 40 – 50 or more organizations established to register organizations to ISO 14001. These registration organizations are accredited by the standards bodies in, for the most part, major industrial nations that have adopted ISO 14001 as their country’s EMS standard. In the U.S., for example, the body that accredits registrars is the ANSI-ASQ National Accreditation Board (ANAB). ANAB passes on the credentials of registrars to register organizations to ISO 14001.
ISO 14001 Audits
First-, second-, or third-party auditors can assess an organization’s conformity to the requirements of the standard. First-party Audits – In the first-party circumstance, the internal auditors of the implementing organization conduct an audit to determine that the EMS has been properly implemented and is being maintained. If the organization passes the internal audit, it may self declare_ its conformity to ISO 14001.
Second-party Audits – In the second-party circumstance, the audit is conducted by a representative of a party interested in the environmental performance of the implementing organization. The interested party_ may be a customer, an environmental regulator, an insurance company, or any other organization affected by the environmental performance of the implementing organization. The second-party audit can be a condition of doing business with the auditor’s organization.
Third-party Audits – In the third-party circumstance, an external EMS auditor conducts an audit, usually at the request of the implementing organization, to determine if the organization conforms to the requirements of ISO 14001. The third-party audit is most often for the purpose of certifying_ that the organization is in conformity with the requirements of ISO 14001.
Typically, when a registration is awarded, it is for a period of three years with a provision for the periodic conduct of surveillance_ audits to ensure continuing conformity.
A principal benefit of the third-party audit is that it compels organizations to continually maintain the EMS in order to pass the follow-up surveillance audits; without this, there might be slippage in the maintenance of ISO 14001.
It is not a requirement of implementing ISO 14001 that organizations have a registration audit conducted; this is a decision made by each organization based upon its determination of the commercial value or necessity of certifying. When an ISO 14001 EMS is intended to be audited,
the requirements must be implemented and documented sufficiently for an auditor/registrar to be
able to conduct the audit based on the finding of objective evidence that the organization has implemented an EMS conforming to ISO 14001.
Establishing objective evidence requires a higher level of documentation and record keeping than is required for mere implementation of ISO 14001. The implementation of ISO 14001 is a simpler task for the organization when it is only seeking to implement the policy and sixteen procedures than when it is implementing with the intention or expectation of being audited.
The Future of ISO 14001
ISO 14001 has the potential to reframe the conduct of environmental management. It has proven to be an elegant document that anticipates the needs of organizations of all sizes and purposes for direction on environmental management.
As ISO 14001 gains credibility as an effective system for managing and improving environmental performance, environmental regulators will be encouraged to accept registration to ISO 14001 in satisfaction of some regulatory administrative requirements and, thus, reduce the burden of compliance for those organizations that are managing their environmental exposures.
Ultimately, the greatest strides in environmental performance improvement and sustainability will come as a consequence of millions of organizations – municipalities, colleges and universities, governmental departments, and property owners and operators as well as industrial corporations – identifying and managing the environmental impacts of their activities, services, and products.
As ISO 14001 gains credibility as an effective system for managing and improving environmental performance, environmental regulators will be encouraged to accept registration to ISO 14001 in satisfaction of some regulatory administrative requirements and, thus, reduce the burden of compliance for those organizations that are managing their environmental exposures.
Ultimately, the greatest strides in environmental performance improvement and sustainability will come as a consequence of millions of organizations – municipalities, colleges and universities, governmental departments, and property owners and operators as well as industrial corporations – identifying and managing the environmental impacts of their activities, services, and products.
Subscribe to:
Posts (Atom)