The new section will help organizations facilitate continual improvement.
by Jeanne Ketola and Kathy Roberts
SO 9001:2000's section 8, Measurement, analysis and improvement, will challenge most organizations. Although most understand that management review, internal audits, and
corrective and preventive action form an important integrated triangle for evaluating quality systems, many have done only a fair or inadequate job of facilitating improvement activities from the information
within their systems. As with section 5, Management responsibility, management must play an active role in section 8, which requires making decisions about key
measures and analyzing the results of information from sources such as audits, customer feedback and analysis of other information relating to products, trends and suppliers.
The brief summary that follows provides simple explanations of the new
requirements within section 8 of the ISO 9001:2000 draft international standard (DIS). Refer to Figure 1 to see where revisions are found in the DIS and how they compare to the 1994 version.
8.2.1 Customer satisfaction
The requirement states that organizations will monitor information on customer
satisfaction and/or dissatisfaction as one of the performance measurements of their quality management systems. Furthermore, organizations must determine the
methodologies for obtaining and using this information. The intent of this requirement is to ensure that organizations have a system for addressing
customer complaints and general feedback and that it's effective for addressing customer concerns. The standard has also been broadened to include customer
satisfaction, which many organizations don't measure.
The ease with which organizations are able to comply with these requirements
will depend upon the maturity of the organizations and their relationships with their customers. It will also depend upon whether the organizations have a
customer satisfaction measurement system in place and how effective it is.
"A company that is currently driven by the philosophy of producing product
that meets or exceeds the customers' requirements and expectations should not have to make any changes to monitor customers' satisfaction and/or
dissatisfaction," says Robert Chandler, international quality coordinator of Lincoln Electric in Cleveland, Ohio. "Current procedures may have to be
rewritten, but the basic approach should not require changes."
But this section might be challenging for some organizations, says Curt DeVries,
corporate ISO 9000 manager of Polaroid Corp. in Cambridge, Massachusetts. "Part of the issue will be in the definition of the customer, the end user or the next
person in the product realization chain," DeVries explains. "As so much of our product is consumer-oriented, most of our manufacturing facilities have defined
their customers as the marketing department, which is the group that defines the production requirements based on their forecast of sales. Some, but not all, of
our end-product manufacturing operations have created customer satisfaction groups that collect end-user satisfaction/dissatisfaction data and analyze it to
provide the basis for corrective actions or future product improvements." DeVries further explains that it becomes difficult--and effectively, cost
prohibitive--when there's a fragmented, geographically diverse and shrinking end-user customer base, as is the case with some of the company's older
product lines. Finally, says DeVries, "More and more we are working to get 'voice of the customer' input on problems and new design issues, because it has
proven very successful for those who were visionary enough to do it in the first place."
8.4 Analysis of data
Organizations must collect and analyze data to determine system suitability and effectiveness so that improvements can be made. Furthermore, measuring and
monitoring activities are sources of data. The data analysis must provide information on customer satisfaction and dissatisfaction, conformance to
customer requirements, process and product characteristics and their trends, and suppliers.
The revised standard is more specific in its requirement for attaining improvement. Organizations must facilitate continual improvement through the
use of the quality policy, objectives, audit results, analysis of data, corrective and preventive action, and management review. They must also plan and manage the
processes necessary for continual improvement.
Chandler believes that if a company is serious about continual improvement, the
requirements in ISO 9001:2000's section 8 will be very easy to meet. "Regardless of whether a company is ISO 9000 certified, the requirements in
this section are the basic tools for continual improvement," says Chandler.
When asked how Polaroid intended to demonstrate that it meets this
requirement, DeVries says he plans to recommend that the company clearly define one or more metrics relating to the most value-added improvement
needed in its quality management system (QMS) and utilize the components of the QMS to make it happen.
What's the same or clarified
Although most organizations talk about measurement and improvement
activities, many companies don't define formal plans. The standard now requires that measurement and monitoring activities needed to ensure conformity and
achieve improvement must be defined, planned and implemented. This must include appropriate measurement methods.
8.2.2 Internal audit
All of the requirements have been carried over from ISO 9001:1994. The revision requires organizations to review their internal audit procedures to ensure
the inclusion of responsibilities, requirements and methodologies for conducting the audits. Audit results are now an explicit requirement for management review
and for the facilitation of continual-improvement activities.
The auditing techniques that internal auditors use may change slightly. Namely,
auditors will need to determine a system-auditing methodology that takes a cross-functional, process-oriented approach to developing checklists,
conducting audits and reporting the results. It's recommended that the internal auditors receive additional training, as appropriate, on new auditing techniques for ISO 9001:2000.
8.2.3 Measurement and monitoring of processes and 8.2.4 Measurement and monitoring of product
Many organizations may first struggle with the overall concept of these subsections. Both incorporate components of 1994's 4.10 Inspection and testing
and 4.20 Statistical techniques clauses. Quite a bit of the text from 4.10 has been moved to ISO 9004; however, the intent of 4.10 has remained: Organizations
are required to determine what measurement and monitoring methods will be employed to ensure that both process and product requirements are met. ISO
9001:2000 doesn't specify inspection and testing activities for incoming, in-process and final product. Documented evidence must still demonstrate that
products and/or services conform to specifications, and evidence must show what acceptance criteria are used. Furthermore, the methods employed must
demonstrate that the processes and the products satisfy their intended purpose.
"A company should not have difficulty meeting the requirements of section
8.2.3, Measurement and monitoring of processes," says Chandler. "This section is again very basic and permits the organization to determine what suitable methods shall be used to meet customer requirements
8.3 Control of nonconformity
Overall, the message of ISO 9001:1994's 4.13 Control of nonconforming
product has remained the same: Product that does not conform to specified requirements should not be used or shipped. The requirements for the control of
nonconforming product no longer contain the specific requirements for review and disposition of nonconforming product as in ISO 9001:1994. However, the
intent remains the same. A new requirement has been added for organizations to address nonconforming product detected after delivery. Specifically,
organizations must take action related to the consequences of nonconformity.
ISO 9001:2000 has removed "where required by contract" prefacing the
section relating to the reporting of the repair of nonconforming product to the customer. Instead, the passage now states that organizations are "often required"
to report the "rectification" to the customer, end-user, regulatory body or other body.
8.5.2 Corrective action and 8.5.3 Preventive action
The requirements for these sections have remained basically the same as in the 1994 version. The discussion of corrective and preventive action from the 1994
version has been reworded rather than changed. Corrective and preventive actions are now specifically referred to as tools that organizations must use to
facilitate improvements. Furthermore, by requiring that the review of these actions be used as an input to management reviews, ISO 9001:2000 clearly
establishes top management's responsibility for an organization's improvement. It also states that actions taken must prevent recurrence. When reviewing actions
taken over time, organizations must ensure that repeat occurrences are addressed.
Due to the greater emphasis on documenting the results of corrective and
preventive actions, organizations should consider what format will be the easiest to use and understand. Many organizations document the problem-solving steps
involved for the investigation of nonconformities using some type of methodology. Typically, this methodology includes problem identification,
root-cause analysis, determination and implementation of corrective and preventive actions, follow-up, and closure. This information is documented and
considered a quality record, which should be submitted in a summary format for management review.
The challenges organizations will face
For many organizations, implementation of section 8 will be a challenge. The maturity of an organization's measurement systems will determine the amount of
effort and development required. If organizations have measurements in place, they will need to evaluate those measurements and the results they will provide.
Remember that ISO 9001:2000 focuses on using measurements and their results to drive continual improvement.
The standard now requires that organizations analyze data to determine the
suitability and effectiveness of their systems. One issue many companies have difficulty with is the ability to sort through data to find meaningful information.
This may not be the fault of the data itself, but of management's ability to perform the analysis. Data should always be looked at in terms of the story it's
telling. For instance, when looking at nonconforming reports or customer data, one should ask: How many times has the same problem occurred? Is the
problem occurring with the same product or customer? Does it occur on certain shifts, certain times of the month or year, etc.? The organization needs to
scrutinize data in this fashion to prevent the organization from jumping to conclusions or fabricating the story it wants to hear.
Another area of difficulty organizations may face in pursuing continual improvement is recognizing that the QMS should reflect each company's method
of operation. Companies continue to separate out the ISO 9000 requirements from their daily business. This is often evident in how a company handles its
management reviews. Separating out the results from audits, corrective actions and customer complaints and missing the opportunity to correlate these results to
the needs of the organization inhibits the organization from seeing viable improvement activities. The more rapidly an organization can accept its QMS as
its preferred method of operation, the faster it will move away from day-to-day maintenance and into the improvement arena.
The major challenge Polaroid's registered organizations will face will be shoring up those areas where they are currently weak, says DeVries. Furthermore, he
adds, "I think this section will actually be perceived as more of a help than a problem because it more clearly lays out some requirements that were pretty
vague in the earlier revision. This helps the site ISO 9000 coordinator or management representative when dealing with those members of management who are not committed to the QMS process."
What the registrars think
While many registrars are just getting themselves up to speed on how the
revisions will be audited, many are developing approaches for the revisions. For instance, in auditing conformance to the requirements for planning continual
improvement, auditors will be investigating how management has used audit results, corrective and preventive action results, the quality policy and objectives,
management review, and analysis of data in their continual improvement process. Auditors will look more carefully at management review to see the types of actions and achievements that have been documented.
In assessing conformance to data analysis requirements, auditors will want to see some evidence of how data is collected, e.g., types of data, responsibilities
for collection and how the data is reported. They will also be interested in how the results of the data are used and in the existence of measurements that help
the organization determine whether or not its quality management system is effective.
The requirements of the customer satisfaction section will also be scrutinized.
While the standard does allow an organization to use customer dissatisfaction results as the measure of customer satisfaction, auditors will want to look at the
types of data, collection frequency, when and how the information is analyzed, and the analysis results. Information used by an organization to determine
customer satisfaction may include customer complaints, customer surveys, customer meetings and report cards. Auditors will also want to ensure that the
organization has converted its customer data into meaningful indicators and trends.
In a nutshell
The revised standard specifically requires the use of analysis and measurements to facilitate improvement activities. The 1994 version suggested that an
organization first identify the need for statistical techniques, and if such a need wasn't found, the requirements didn't apply. It's apparent that organizations will
have to implement and use measurements to achieve conformity and for improvement activities. ISO 9001:2000 makes it clear that customer satisfaction or dissatisfaction is one usable performance measure.
"I think the standard's writers did a very good job of bringing together the most impactive elements of the QMS relative to the improvement foundation of total
quality," says DeVries. "These elements have the potential for significant synergy. This will be most helpful for those just getting into the QMS business. Those with
marginal or failing QMSs due to the lack of clarity and organization of the earlier versions will also be helped greatly. For those who have implemented successful
QMSs by using the earlier versions of the ISO 9000 standards, managed to get through the clutter, and intuitively grasped the synergistic nature of the elements,
their systems may be strengthened by this element reorganization, but the improvement will most likely be minimal."
Overall, Chandler thinks the biggest challenge in meeting the requirements of ISO 9001:2000 will be in reorganizing and rewriting the quality system to
comply. He states that all current documentation should be carefully reviewed for compliance and revised accordingly. He also believes that in order to flow
properly, quality manuals will need to be completely revised.
As the final chapter closes on the standard's release, organizations will need to
do some serious thinking, planning and communicating on how they will best address the revisions. This will not be the slam-dunk that many were hoping for.
In fact, depending on management's support and involvement, it may prove to be more challenging. Organizations that only want the certificate and are in the
maintenance mode will probably find the changes the most difficult. These companies may need to decide why they want to maintain a quality management system.
For the companies that are registered (or are seeking registration) because they see the value in a quality management system, the revisions may pose a
challenge, but the benefits of a system review will provide a fresh perspective, enhancing improvement opportunities. This review is an activity in which all key
members of the organization must be involved. Management commitment, customer satisfaction, quality and continual improvement are principles that have
been around for a long time. No matter how these concepts are packaged, it will still be up to top management to support and help their organizations in achieving them.
About the authors
Jeanne Ketola, CEO of Pathway Consulting Inc. in Minneapolis,
Minnesota, is an ASQ Certified Quality Auditor, an RAB Quality Systems Auditor and a trained management coach. E-mail her at email@example.com .
Kathy Roberts, President of Sunrise Consulting Inc. in Raleigh, North Carolina, is an ASQ Certified Quality Auditor and a trained examiner for
the North Carolina Performance Excellence Process. E-mail her at firstname.lastname@example.org .
Ketola and Roberts are authors of the new book ISO 9001:2000 In a Nutshell: A Concise Guide to the Revisions, published by Paton Press. For more information about their book, visit
www.paton press.com, e-mail email@example.com or call (530) 342-5480.