Is That All There Is?

I’ve been working with a client on implementing an ISO 9001-compliant quality management system. As always it’s a unique and interesting project, since organizations have different cultures, processes, products, and customers. No two quality management systems are quite the same. Documentation will look different; exclusions are taken for requirements that don’t apply. The number and diversity of work instructions, forms, and training guides will vary.

ADVERTISEMENT

When working on an implementation project, I find it’s best to have a division of labor that balances the client’s time constraints against the need for their people to be actively engaged in developing documentation and corresponding training. Regardless of the consultant’s expertise in an industry, the organization knows its processes best. What consultants bring to the party is an understanding of the requirements of the ISO standard. The client organization must apply those requirements to the quality management system that they develop and implement. So, it's always a  good idea to have them own responsibility for developing a good share of the documents. Aside from the fact that it gives them ownership of their processes and the implementation, it also allows them to make use of existing procedures and other documents that they’re already using—quite effectively. This diminishes the time and extent of the writing and documenting portion of the project.

It also allows people to see that they are already in conformance with many requirements. An ISO implementation project should not reinvent a company. Although the requirements are quite straightforward, the manner in which they are applied can differ markedly.

It’s important to recognize the distinction between requirements and application of requirements. Standards such as ISO 9001 or any other sector derivative contain the requirements that are essential for an effective quality management system—one that is a benefit to the organization and facilitates its ability to fulfill customer-specified requirements. The requirements are not subject to interpretation but are reliant on the nature of the organization for their application. Herein lie all the deliberation and choices that organizations go through as they implement their QMS. They get to identify those requirements with which they already comply and choose how they will fulfill the additional requirements of the standard. These choices define the unique characteristics that, more often than not, differentiate them (favorably) from their competition.

With the exception of the six mandated documented procedures in ISO 9001:2008, organizations have substantial latitude in developing and documenting their QMS. There is no defined number of documents that must be created. There’s no one-size-fits-all kit, no canned document package that suits all organizations. ISO 9001 requires adequate documents and descriptions to ensure the control of processes. The manner in which that requirement is fulfilled is up to the organization.

Due to the persistence of some of the 9001 “kits” on the market, it’s still difficult to crack the perception that organizations need a plethora of documents that loosely follow every clause and sub-clause of the standard in order to have an ISO-compliant QMS. That’s not to say that using the standard as a guideline to ensure appropriate inclusion of warranted documentation is a bad idea. It’s just that the standard’s structure should be a guide for the kinds of documents the organization should consider including. (Note: that doesn’t mean the requirements themselves are only for guidance.)

Which gets me back to my client. We’d been working on their documentation for a couple of months when I did a recap of the project’s status. I indicated that, in my estimation, the documentation was about 90-percent complete. A look of incredulity accompanied his question: “Is that all there is?”

“Yeah, pretty much,” was my reply. What followed was a much longer conversation about what comes next. His company has well-developed processes and a healthy appreciation of the value of process control, so this won’t be difficult. He needs to add in the new processes that have been introduced: internal auditing, management review, preventive action, and process monitoring. He needs to ensure the consistent and ongoing implementation and maintenance of this system.

Many managers and executives think that once all the documentation is developed, the implementation project is almost over. Hence, the query, “Is that all there is?” What they need to see is that it’s only the beginning. What follows is the constant cycle of making sure that the processes and the system defined by those documents contribute to the desired outcome: a successfully sustained organization that satisfies its customer needs.

About The Author