ISO Compliance Dates are Approaching!

Today’s guest blog is provided by Ty Haines, president of Manufacturing Solutions, LLC. 

How to Ensure You Maintaining ISO Compliance

Yes, the parent ISO operates like a monopoly.  Yes, it appears they bundled up minor clarifications, reshuffling the requirements and twists of definitions to create ‘new’ standards with the intent to make money.  Yes, a change in the Standards requires about $1B to change hands globally.  The need filled remains international standards for quality.  Customers require the certification so we comply.  When done well, a Quality Management System (QMS) pays for itself as a requirement to participate in certain markets, reduces wastes and requires continual improvement.

Revisions to the ISO Standards for 9001:2015, TS16949:2016, Medical 13485:2016 and more are in place and the clock is ticking for the dates of required compliance.  September 2018 is when companies are expected to have their upgraded certifications in place for 9001, the basic standard.  Many companies already have this upgraded certification in place.  Some put it off as long as possible and end up in the last-minute rush.  I have heard a Consultant scare the daylights out of people at events to generate business.  My perspective is simpler and direct:

• Companies can comply on their own, given adequate resources. Consultants make it easier, shorter and can often spot gaps to improve the system performance.
• The changes to the standard are tedious but not that tough: much you already do!

What you need to do for ISO 9001, and similarly for the more advanced standards includes:

1. Read the Standard: I favor the $10 9001:2015 Pocket Primers from Indiana Quality Council vs. spending the $150 from ASQ or other sources.  To read is to learn:  document this as training – seminars in Vegas are not an ISO requirement.
2. Largest changes:
   1. Went back to more sections: now 10, was 8
      1. Decide if you want parity with the new section count and the new shuffling of requirements within the sections, or just go with a cross reference table. Your format matching the Standard is easier on Auditors.
   2. Terminology changes: these redefine common terms into abstracts only ISO would endorse.  Example:  “Control of externally provided processes, products and services” is ISOese for what any normal business person would call Purchasing and as a title, it fits on a business card!
   3. Risk: take credit in your procedures for what you do to address Risk, both positive and negative.  Common Risk control actions to put in a table:
      1. RFQ: quote acceptable risk; initial & date no quotes of unacceptable risks
      2. Contract Review & change orders: orders are rejected if we cannot meet requirements
      3. Purchasing: good contracts and specs ensure on time and quality
      4. Inspections: verify that all requirements are met

3. Knowledge capture: procedures, work instructions, ERP & system backups plus training work for most.

4. Clarify or add wording to meet the other minor changes in the Standard and your system will comply. Check your work instructions still fit the revisions.

I favor avoiding a gap analysis as the value is low and starting in by updating the first procedure, then the next. The Standard remains redundant section to section and definitions are a bit more esoteric.  Documentation process is same:  revise the procedures, train, audit, fix and you are ready for the Registrar.

Need Help with ISO Compliance?  Contact Ty Haines at HainesMFG@roadrunner.com