SPC Guide
First Word



Quality defined

Some 20 years ago, Philip Crosby made millions taking the mystery out of "quality" and providing corporate America with the ability to manage it. I'm sure he's not the only one "in a swivet" over Scott Madison Paton's March 2000 "First Word" column and personal opinion. I disagree with Paton's view that all those definitions are "valid"--why, I disagree that they're even definitions! To define is "to describe exactly; to state the meaning." Most of these definitions are subjective and therefore based on personal opinion, as stated in Webster's. What every manufacturing executive from Frederick Taylor on has eventually come to realize is that it's impossible to manage and reproduce subjectivity. Although I understand you are members of the media, I would hope that you'd be a beacon for clarification instead of a promoter of confusion. At any rate, it appears Crosby will be in business for at least another 20 years.

--Michael W. Young
Process Integrity Inc.


Can I practice what I've preached?

 In his March column, H. James Harrington presented seven situations that could challenge his own quality advice. Here's a summary of his questions: 1. Should you drop a quality assurance test to deliver a product on time? 2. Should you sign a contract to deliver a product if you lack some of the resources but believe you could hire or subcontract the work? 3. Should you drop two of your three approved suppliers for professional-contract personnel? 4. How much training should you provide employees during a tightly scheduled year? 5. Should you reassign a manager to the job of documenting and implementing the quality system? 6. Should you document contract reviews or design reviews in the absence of problems? 7. If customers have requested that the company reach a computer maturity model (CMM) Level 3 but haven't requested ISO 9001 registration, should you try to become ISO 9001 registered anyway?

1. Have quality assurance review the testing and define the criteria that is most applicable/critical to real-world situations, and repeat. (It's not fair to tell me that all testing is applicable/critical) 2. If this belief is based in hard fact, yes. If it is hope, no. 3. Evaluate supplier capability to ensure they can meet all situations required by your firm. Pose the scenario to them and find out how they will be able to meet your criteria. You may determine, by fact, that more than one supplier is required for the short term. 4. Seek to reduce training and focus that on senior management. This company sounds like it is in the short-term mode. It takes time to change, and 12 months won't cut it. As you know, management must drive quality, but they must have the right frame of mind and the knowledge and reasoning for doing so. 5. This is not an issue for the next 12 months. Again, implementing quality methodologies and philosophies takes time. 6. Yes. How difficult could either be? The added value is that there is a responsible party with expertise to deal with contract interpretations and issues to ensure agreement and capability on both sides. Design review documentation is just as good for recording what went right as for what went wrong. 7. I come from a Good Manufacturing Practices environment (pharmaceuticals) where it is assumed that Food and Drug Administration regulations are more stringent than ISO 9000's. In monotonous detail for safety's sake, this is true. But from a process improvement model, it's far less clear or effective. We both operate in an environment where there is heavy focus on the support of technology for the sake of the product but minimal resources designated for technology (and ISO 9000) for support of the business operation. I'm working hard to improve that situation because they are both heavily intertwined, and in a start-up situation, not utilizing the tools and methods that you have taught for so long gives you a 70-percent chance of failure.

--K. Campbell
Quality Assurance Manager
PR Pharmaceuticals Inc.


The good news is that you only have to do one out of the seven. The bad news is that it's No. 5 (which will indirectly oblige you to do the other six).

--Raouf Mallouh


1. I would have the two departments perform gap analysis with associated risks (compare tests already run and identify risks associated with those not run), testing the top five high-risk gaps. Based on the results of those tests, either stop (if they're all OK) or continue with the next top five and so on. 2. Yes. 3. There's no reason to drop any agency--assuming they're all "approved." 4. I'd cut back to 20 hours of training due to the compressed time schedule. 5. I would add quality system responsibilities to a software engineer's plate--this would avoid the crunch to get registered but would keep some semblance of order for documentation, procedures and so on. 6. Absolutely document design and contract reviews. They're your mechanism for ascertaining exactly what your customer wants. 7. I wouldn't worry about registration at this point. Due to the judicious assignments to other software engineers (see No. 5), the infrastructure will be there when registration is eventually required.

--Erich W. Klippel


1. For this delivery, let quality assurance (QA) do sample testing of the most quirky parts of the system and decree that in the future, QA will witness final testing to avoid double testing. 2. Not unless you had bid the contract in the mode you stated and have quotes from your suppliers. 3. Keep 'em all. You need maximum flexibility in your enterprise. You wouldn't cut off your nose to spite your face. 4. Compromise. Have all your departments work out a training scenario (as would be required by ISO 9000) and hammer out a compromise with each department that would give the maximum training for your budget. 5. No. You need someone in QA to do that. However, achieving CMM Level 3 is much more important to you than is ISO 9001. 6. The reasons contracts are reviewed are to ensure that the contract reflects the proposal you submitted and to ensure that you can perform on the contract. The documentation is one sheet of paper for each contract, an easy way to comply. 7. You would first want to achieve as high a CMM level as you could reasonably do. ISO 9000 would be nice, but isn't a priority. The CMM is your ISO 9000.

--Howard C. Swartz


1. Testing has been completed. If quality assurance wasn't satisfied with the first results, why would you be more confident with a second series of tests? Additional data will only confound interpretation. 2. Sure you would. Business will never be risk-free. You didn't get to be a CEO without the ability to make educated guesses. 3. Never! Being single-sourced for a critical service and being without options almost always leads to disaster. 4. Forty hours. 5. Your question here relates to No. 7. You need a documented quality system. It doesn't have to be ISO 9000-based or registered. There were thousands of good companies before ISO 9000; registration is not a necessity and can simply be an added expense if your customers do not require it. 6. Yes and yes. As a CEO you want to assure that these processes don't get shortchanged. The costs of design and contract reviews are insignificant when compared to the cost of litigation and replacement costs. 7. There would be two reasons that might drive you to be ISO 9000 registered. First is to position the company ahead of the competition in future markets that you might identify later. Second, ISO 9000 registration is valuable because it gives you a nonprejudiced third party to review your business systems to assure that key processes continue to work as you would have them.

--William R. Hubbard


In the high tech industry, we call it fighting for our food. Ours is a prime example of a company that uses the quality concepts to help us win the fights. And we fight for our food every day! Here are my suggestions: 1. Your customers come first. Explain the testing dilemma to them. If they want it untested and on time, that requirement is changed. If they can wait for testing, again your requirement is changed. Let them change the requirements! 2. Team decisions are best. You never know your true capacity until you ask for it. Our competitors create more havoc for themselves by dictating conditions to their people. We love it! 3. As a human resource professional, I always hate it when people are listed as commodities. They may perform similar functions, but people are far from commodities. In today's tight labor market, they're actually more of a rarity. 4. We live on training, but ours is a mature industry. It changes so fast that I can only imagine how much training is wasted. Use the self-managed team concepts. Force weekly skills meetings so that a team helps itself acquire competence. We have used these with tremendous success… Think of it as peer-pressure on-the-job training. 5. To succeed, you must have a market-driven product and a solid process for delivering it to market. If you lack in either area, any success is short-lived. We see ISO 9001 as a consultant to oversee our kaizen. You must have kaizen to have a solid company. 6. Electronic media seems to make everything easier. When we got our procedures online (on our company intranet), our improvement efforts increased four-fold. Why not document in today's world? It's 10 times easier than it was a few years ago. 7. If you can attain CMM Level 3 status, ISO 9000 certification is simply a money issue. The substance is what's important. If the standard is dissolved tomorrow, I would still want to run my company according to its guidelines. In my experience with software start-ups, we found two types of owner: The long-term thinker (who would favor quality concepts) and the hit-and-run driver (who would opt for the quickest buck). Which do you serve? Fighting for your food is exhilarating, isn't it?

--Jay Bellwoar
Director of Human Resources
Colonial Electric Supply Company


1. I would not compromise the quality assurance tests, if indeed they are different tests from the ones performed by the lab. It's better to provide product further behind schedule than to provide product that is already behind schedule and additionally defective in some way. 2. I would sign the contract if I had fairly certain assurances that I could successfully subcontract. 3. I would not limit myself to only one staffing subcontractor. 4. I would provide the amount of training appropriate for my staff to perform their jobs correctly. If that means the entire 40 hours, then I would add the resources. Training is, in my opinion, one of the major factors in providing quality. If staff are not properly trained, it's likely that quality will suffer. 5. I would not implement ISO 9000 if there is another recognized (and more highly respected) quality system available for my industry. ISO 9000 is not the final word on quality--it is merely another tool to use to implement good quality practices. I believe that many companies are even capable of designing and implementing their own "quality system." The only ingredients needed are management and staff commitment, understanding customer wants or needs, and a basic knowledge of processes to detect and correct problems. 6. I may document design reviews, if only to document when they happened and what was reviewed (to assist in knowing when and what to review next). I would not document contract review, as the persons signing the contract have indicated that they have reviewed it. If I find that I have staff signing a contract without reviewing, I have a major problem in my organization (on many more scales than ISO 9000) and I would deal with that problem appropriately (most likely through termination). People who will actually sign a contract without reviewing it would most likely "invent" documentation of contract review as well. 7. See No. 5.

I believe that you cannot really write quality into procedures. Yes, you can physically write the document, and you can force staff to adhere to the guidelines. But if a company and its staff do not truly believe in quality and "live" it, the quality of the company will not increase just by virtue of having these procedures in place.

 I believe that ISO 9000 is a good tool, but I have found with my company that we have been performing most of the activities that are required by ISO since the company was founded 14 years ago--long before we implemented ISO 9000. We have also been performing activities for many years that are being written into ISO 9000:2000. ISO 9000 frequently is too stringent in the details of documentation--often we are meeting the standard and our own guidelines even when that i was not dotted or that t was not crossed. These things combined, at times, makes us wonder if we need ISO 9000 to meet quality objectives.

(Name withheld)


1. The development lab personnel should be competent to run tests and certify to the results. Quality Assurance (QA) should review the testing while the lab is performing the test and if any problems areas show up, rerun only that particular part of the test. QA could also rerun the tests as production continues to assure total compliance. 2. I would review the hiring or subcontracting needed before signing the contract; it shouldn't take that long to review. 3. There are too many reasons why a subcontractor might not be able to perform; therefore a backup is necessary. 4. This depends on the knowledge that employees already have. A training assessment is needed. Train only those employees who will benefit from the training. The training assessment should be done on a routine basis. I would hire at least one of those sales people with the money saved from not training employees who really wouldn't benefit from the training. 5.With a compressed schedule, I'd hire a retired employee or consultant to perform this task. It took us two and one-half years to fully document and approve our ISO 9000 system, and we had a good quality system to start with. 6. Documenting design reviews should not be a 20-page report but a one-page review of what was discussed, approved or disapproved and what actions are necessary to take if not approved. It shouldn't take much time to document this review and distribute it to the attendees so everyone is on the same track. Contract reviews are very important and must be documented to ensure that requirements are known and satisfied. At our facility, engineering, QA, customer service, manufacturing engineering and production control all have use for the results of the contract review. By reviewing and documenting the review, we hope to keep the contract away from our legal department. 7. ISO 9001 is very expensive to initiate and maintain, but it should result in a quality product being sent to the customer. All three of our facilities are certified to ISO 9001. I believe that our system has been very well documented, but I wonder sometimes if our end product quality is actually any better. If my customers wanted CMM Level 3 status from us and the requirements are more stringent than ISO 9001, I would put my efforts toward the CMM Level 3 program first. With the CMM Level 3 program in place, it would not take much effort to become ISO 9001 certified.

--Dale Tillotson
Director of Quality Assurance


Ugly little choices, aren't they? 1. Without knowing more than what your article stated, it would appear that QA's desire constitutes an added check step that shouldn't happen unless a) it's so safety-critical that any error could be catastrophic to human life and limb or to the company or b) flaws in the development process have been identified that make the likelihood of failure pretty high. I would say that absent those conditions, adding check steps is a Cro-Magnon approach. 2. Business is about risk--so are quality thinking and quality systems. Although your previous background is extremely valuable in helping with rigorous analysis, judgment, wisdom and experience are the only guides you have on the decision. And, of course, even then you could be wrong. 3. The argument for "single" suppliers to a process is to ensure consistency of input over time... but if your best supplier doesn't have the capacity to produce the number of widgets your process needs, you don't go and constrain your process. Not in real life. Not if you can sell that extra output. There is nothing inherently evil in having multiple suppliers, just a principle that says that the fewer qualified ones you have, the better your process will run. N'est-ce pas? 4. Training is an investment, not a cost. Barring severe cash crises, and assuming you are running a going concern, the answer to this is obvious. 5. What will you get for ISO 9000 certification? If your customers are requiring it on a short lead time, the answer is yes. If not, plan-do-check-act it and schedule it for completion within a time frame you consider useful and doable. 6. Are design development and contract development critical processes to your business? If so, conduct the reviews to create an information base for continuous improvement. If not, then you probably should put resources elsewhere. If resources are constrained and this activity is relatively rote, you might consider outsourcing it to some retiree or part timer in the field. 7. It depends. (I've had a little statistical training, and you can see that it took.) See No. five above. It's the same question reasked...

 Thanks for the opportunity to be a consultant!

--Chuck Belanger
Manager, Marketing
Ispat Inland Inc.


1. I would ship the new product and manufacture enough for a sample for the lab to conduct their analysis while product is shipped. I would also notify the customer; fitness for use is up to the customer. 2. If you could hire or subcontract and truly believed this, then why not? The question is, what timeframe do you have to complete the project? Does it allow you enough time to hire or find a subcontractor that you're comfortable with and still complete the project on time? 3. I would focus on two of the subcontractors. This way, you always have enough, no matter the situation. 4. I would ask what type of quality training is needed. Then evaluate how much you give. Forty hours is quite a bit. Also, with the sales force you have, how much harder is it to sell something that isn't a quality product? It might be more cost-effective to provide the quality training. I would start with what you currently provide and what is actually needed. 5. Because the company I work for is ISO 9001-certified, I would suggest that you do it. I also know the choice is really your customers'. Do they require it? Do your competitors have it? What do you gain from it? Can you get started without assigning one individual by getting departments involved? 6. I would document design review. It's not always about problems, just traceability. There are also problems that you may not have foreseen. 7. This goes back to question number 5. If your customer requires another certification, it makes sense to achieve that certification, If you can also use it to cover the ISO 9000 certification and the cost is negligible to do both, I would do so.

 After completing these questions, I see your dilemma. It does make quality professionals consider all aspects of the quality programs we recommend. It also makes one see the other side of the fence on all aspects of quality issues.

--Tim Bailey


As for your question on which principle you should compromise, I say none (with qualifications). The old adage "Rome wasn't built in a day" applies to your situation. All seven principles are important, but you would surely wreak havoc if you implemented them all immediately. The key is to have all seven as your ultimate goals, making decisions as you go along based on where you would like to be in x number of years. For example, in situation No. 3 you spoke of your primary subcontractors being staffing firms and the possibility of needing more Java programmers than one staffing firm could probably supply. In my opinion, it would be suicidal to cut off all other suppliers immediately, though the ultimate goal is absolutely to carve them down until you had one. You would have to look at the demand for Java programmers over a period of time; track the average number; work with your suppliers by informing them of your goals; and, after a set time period, decide which staffing firm you want to make a long-term partnership with. (Don't compromise; instead, set goals and work to meet those goals over time.) Not only do you have to believe in these principles, but you also have to take time to train and prove to your people that these principles work. If you implement a bunch of new ideas all at once that your people do not buy into, you doom yourself to failure. In my opinion, you must earn their respect as you work toward the ultimate goals, proving to them along the way that "Hey, these things work."

 Thanks for challenging me to think!

--Bret Pallotta


Here are my very quick and dirty (and probably flawed) ideas on how to handle the situations: 1. You say that QA wants to "rerun" the tests. That indicates duplication of efforts. Assuming that the test results garnered from the tests run by development are satisfactory and will not jeopardize quality and customer satisfaction, drop the QA test for now. Have QA review and validate the test parameters and procedures currently. In the future, consider having only QA test, not the development lab. 2. How strong is your belief? How dependable are your subcontractors? I am probably being conservative, but, without knowing more details, I would say no. 3. I think a little just-in-time philosophy should be used here. I don't think you should "get rid" of your incremental suppliers, especially if there is no cost to maintaining the relationship. 4. Short-term: 20 hours of training; add a salesperson. 5. Yes, reassign a key manager and use the group the manager managed to begin to move toward a self-managed environment. 6. Yes, informally document design reviews at the time of the review. Yes, contract review should be documented for planning and budgeting purposes to evaluate if the contract will be fulfilled and profitable or if it will be a risk. The review should be circulated to all key managers (self-managed teams as well) for review, comment and integration into their plans. 7. My initial thought is yes, you would want to be registered to ISO 9001, but maybe not right now. Your current customers (or a portion thereof) expect CMM Level 3, so why not do it unless the cost is prohibitive? I say my first thought is "yes" because my second thought is "maybe not," especially as CMM Level 3 is more stringent that ISO 9001. However, what about your "potential" customers? Are they more familiar with ISO 9001? Do they need to be educated? Do you need to measure your current customers' expectations more directly?

 Finally, you shouldn't be making these decisions by yourself. It's time to empower, decentralize and get your management team together to review these issues and come up with solutions and compromises. I would think that many of these are short-term issues.

--Tony D'Elia


1. I would not compromise the quality testing. I would, however, involve the customers to the point of almost having them believe they are making the decision. Software and Internet companies are in a very competitive market, and not having a stable product will allow many customers to shop elsewhere. It would be hard to get their trust back. 2. I would sign the contract if there were several provisions in the contract dealing with recruiting and training. Not addressing these issues could invite situation No. 1. 3. I believe you answered the question with the question. I don't know what the benefits of a single supplier would be in this case. 4. Training is always a tricky issue. If you trained just one or two users (thus reducing the overall training cost) and allowed those to be "super users" with the ability to tutor or assist others in real-time situations, I believe you may be able to meet both of the goals within the question. 5. No, I would not assign the lead programmer or key manager to document and implement a quality system. Their value is highest when applied to the trade they know best. I would actually hire or look internally for a quality-minded individual that does not know the system as well as the key manager and allow that person to document. My feeling toward that answer is that an uninformed individual would ask the right questions and extract the best information from those that know the system best. Those that know the systems best usually assume many aspects of the systems are fully understood and are apt not to fully address issues key to the success of the organization. 6. I would stress documenting design reviews as well as documenting contract reviews. This is probably the most important aspect of any organization. It's the first communicative step within the organization and allows each of the representatives both a voice and a stake in the initial design. 7. Yes, a documented quality system would allow the ascent to CMM Level 3 to be smoother. So it looks like I would slightly compromise some issues but stick to a quality-driven theme overall.

--John Dilger
Quality Engineer


1. QA may want to rerun the test, but why? If it's simply to gain a general increase in confidence, I wouldn't delay the schedule. I don't believe rerunning tests that have already been done adds that much confidence. If there is something specific or a particular problem or failure mechanism that QA is looking for, perhaps a risk assessment or specific and limited testing could be accomplished to both increase the assessment for that risk and limit the delay. 2. If the customer is the type that you would only deal with once, I would probably take the contract and run, still doing my best to provide as much customer satisfaction as possible within the resource limitations. If, however, I'm interested in a long-term relationship with this customer, I probably wouldn't take the contract that day but would instead try to keep negotiations open, with an eye on a partnership-type relationship, in the hopes of long-term success. 3. It depends on the track record and commitment of that supplier. It would be foolish to have only one supplier of anything unless you could really depend on that supplier--not just to provide to the letter of a contract, but to go above and beyond the call of duty on special occasions because you are highly valued as a customer. 4. I would definitely make the commitment to training. Yes, it's 40 hours per employee. But isn't one of the benefits of training a more efficient work force? It's possible you won't get back the equivalent of 40 hours in the next 12 months--but then, you could get much more. And your schedule is always going to be compressed--it's really not a situation that's only going to last for the next 12 months. The only way you'll ever get on the path of having a trained work force is to bite the bullet where you are and make it a priority. 5. I would if there is nothing else in place. It would be better to get a system than to have none. However, if you already have a system that just isn't registered, then I wouldn't, especially if the system can be evaluated and determined to be adequate for the present circumstances. I would assign a key manager or programmer now that he or she will be responsible for the eventual responsibility of documenting and implementing a "register-worthy" quality system. 6. Absolutely. Unfortunately, I really don't know anything about contract reviews. However, if something is important enough to have a lot of highly paid people preparing and reviewing something, then the least that can be done is to document the results. 7. CMM and ISO 9001. I think I'd change the focus on why I would want to be registered to ISO 9001. If the primary motivation to register is because your customers are asking for it, but you don't really buy into the value of it, then I would not become registered. Pursue registration once the value of it has been sold to you--and you be the champion of it. Ask yourself how your company will benefit from being registered, what processes registration will improve and so on.

--Allan McBride
Reliability Engineer
Superconductor Technologies Inc.


1. Have the development lab meet with QA to review the test protocols and results. Focus testing on areas where either the development lab was weak or the risk to the customer (FMEA severity) of a defect is high. Ship the product as soon as these tests are done and continue the QA test protocol to catch any loose ends. 2. Yes, sign the contract. Expedite all of the development functions. 3. No single sources! Contrary to automotive philosophy, if you're going to put all of your eggs in one basket, it had better be a very good basket. 4. Training is key. Adult training theories indicate that we learn best when we can immediately apply the skills we are learning. Even better, adults would be exposed to the situation to determine for themselves what they need to learn. Identify key facets of the job to identify initial training needs, then do follow-up or on-the-job training to deal with errors that come up as they are working. 5. Assign one driver-type manager to head a steering committee of the other managers. Managers will be responsible for writing the procedures their department has the lead interest in. Procedures written by people outside of an activity are rarely accepted or effective. The lead manager would then compile and align the procedures. 6. Contracts need to be signed to get business. If you document the contract reviews and the steps you take, you accomplish two things: a) You have a record of who looked at what and the decisions made. If something goes wrong, you can back-track to identify where the error could have been detected and dealt with. b) You have a better defense in a legal situation where you can show you did review the contract as compared to not being able show you even looked at the documentation. It's a so-called "sin of omission" instead of a "sin of commission." 7. If ISO 9001 is not applicable to your customer base, do not do it. Go after the CMM Level 3. As you document your procedures, as may be required by CMM Level 3, make sure they comply with ISO 9001 at the same time. ISO 9001 doesn't hold you to a maximum quality commitment; it does, however, specify minimums.

(Name Withheld)


1. To decide if the tests should be rerun, you need to answer some questions: What type, severity, volume of defects did the development lab find? Has your shop delivered this type of software previously? ("No" is obviously a negative here). What quality (from a customer's perspective) was delivered? If the answers have a negative flavor, bite the bullet, talk to the customer and rerun those tests. If the answers are generally positive, you might want to go with it and build in those test runs for the next delivery of software. 2. Yes. 3. Having multiple contracts to supply development resources only makes sense in this world of scarce development resources (especially programmers). Maintain your philosophy of one supplier for items where it makes sense (software, hardware, etc.). 4. Training is such an important item for the continued improvement of your business. I would not eliminate it if I were you. If necessary, cut it to 20 hours. 5. I wouldn't waste my time or valuable resources with ISO anything. 6. You need to look for value--value to the customer, the business and the product. If something doesn't add value, it eats resources. Drop it. 7. CMM is the way to go. Government customers and, increasingly, others in the public sector are seeing the value in achieving CMM levels. There is no perceived value in ISO 9000. So what if you have it documented--what value does it add?

--Pamela Farmer
Citizen's Communications Business Systems Development


1. I would review with quality assurance and development all of the results of the development tests. Depending on the results of the review, I would probably require quality assurance to define which of their tests are absolutely necessary to ensure good quality and which tests could be avoided this time without making the product questionable. Then I would require quality assurance to be involved in all system level testing during the development stages to reduce the QA test time in the future. 2. It depends. If I know a network of firms with people for subcontracting on site and/or I know of reliable software companies for subcontracting, then yes. If not, I'd be really leery of doing it. The market is tight right now for hiring good software people. 3. I would keep more than one supplier of Java contract personnel. Again, the market is tight and the ability of the supplier to provide services quickly might shift dramatically in a short time period. Keeping more than one supplier keeps you with what you need if you do lose one of them. 4. Tough one here. I think I'd do the training in one- or two-hour sessions until it's done. That way the people are not away from their work for one or two weeks at a time. A lot of homework assignments are needed in this scenario to ensure that the learning is taking place. Another thought might be online training with tests. 5. My first choice would be to hire someone to implement and maintain the ISO 9001 system. I might use a key manager. I wouldn't assign a lead programmer the job of implementing ISO 9001. Standards usually aren't programmers' favorite things to think about, and documentation is usually on the bottom of their list also. 6. All reviews should be done and documented. They provide evidence of agreement or nonagreement of the parties involved. They document results of the review and action items needed. They provide history when something goes wrong. 7. CMM is an excellent standard for a software group and is much more detailed for software and projects than ISO 9001. However, it is not for the entire company. ISO 9001 is designed to define standards that reach to all parts of a company, including contracts, calibration (and there is calibration for software), servicing, etc. With the new version, ISO 9001:2000, there will be a great deal of focus on the customer. CMM doesn't address this at all. Also, ISO certification announces to the world that you have a quality system and are not afraid of an outside firm coming in to review it periodically (at least once a year). CMM doesn't. I know of one software group who passed an assessment of trained assessors to be Level 2 and still advertise that they are Level 2, but no longer do any SQA work. I would go for ISO 9001 registration for the company, which will be monitored on a periodic basis by an outside firm and have the software people go for CMM Level 5 under the standards of ISO 9001. I know it can be done; we're implementing it. Although I have to admit we're not all the way there yet, I see no reason we can't do it.

--Jean G. Hogle
Quality Leader--Compliance/BB
GE Industrial Systems


1. Your customers expect on-time delivery and product quality that is supplied at a cost they believe to be favorable. What happens when product quality is compromised, such as if the product doesn't work as intended? The answer is obvious; sometimes it's like getting no product at all. On-time delivery has no meaning if product quality is not acceptable to the customer. 2. You have to do some research to make certain that you can subcontract the work. The key point is that it will be properly done. Once you have gained those assurances from a reliable subcontractor, then you should not have any problem signing such a contract. 3. Keep more than one iron in the fire. It would be worthwhile to maintain additional approved suppliers to meet any future opportunities. 4. Compress your training schedule! 5. Your quality manager can do the job of documenting and implementing your quality system. We are also a software development company, and that's what we did. 6. Design reviews should be the standard in the development process. If you document reviews only in certain circumstances, then why bother at all? Keep the reviews and you will maintain a consistent process. Start to drop reviews and eventually they will be dropped altogether and certainly lead to problems. Contract review provides opportunities for employees within your company to contribute to your successes. Documenting contract reviews can be done by simply using a company checklist for the review process. The real value of this documentation is revealed when and if there are any issues raised during execution of the contract. 7. The driving force for ISO 9000 registration is to meet customer requirements for quality system registration. Registration also provides marketing advantages, increased operational efficiency, consistency of processes and establishes the proper processes for future operations (not to mention cost savings in heading off any after-the-fact problems). The guidelines for development, supply and maintenance of software are contained in ISO 9000-3. This is your call--if CMM Level 3 is what your customer is interested in, then go for it!

--Doug Spellman
Quality Manager


I have some expertise and experience in quality, but my focus has been in the area of training, so I'd like to offer my feedback on just the fourth situation.

 I believe that you need to restate your goal related to training. Providing 40 hours of training to each employee is missing the point in at least two critical ways. First, the goal isn't training; it's learning, and learning is not effectively quantified by hours, especially hours in a classroom. If you shift your focus to learning (continuously) for every employee, you will be freed from the constraint of thinking about time away from the job for your employees while they are being trained. More powerful is defining the learning goals of each employee (with their involvement) and then beginning to consider how best to achieve the learning. In most situations, simply defining the learning goal is enough to make its attainment possible.

 Another beneficial shift in thinking from this perspective is to focus first on identifying the skill and knowledge requirements of the organization related to its mission. This analysis begins with a review of the organization's mission and how it cascades into the organization through all its functions. Each function needs to define/review its own mission in support of the organizational mission. The next step is for the function to identify how it is organized to achieve its own mission. Some functions are organized around key jobs or people, for example, while others are organized around key processes. Once those key jobs or processes are identified, then the question can be asked, "What are the skills and knowledge needed to accomplish each job or process?" Next, you need to inventory the skills/knowledge you already have in place for those jobs/processes, and identify those where gaps exist. Only then will you be ready to make good, economical decisions about the best way to close the skill or knowledge gaps.

 This may seem like a long and time-consuming process, but the yield is far higher when these steps are taken first, as compared to training that's planned to fill up a 40-hour bucket for each employee. My point, really, is that when you reframe your thinking about training in this way, you can easily make appropriate decisions about training resources. This process will provide a foundation for clearly projecting costs versus benefits of every decision related to what employees need to learn in order to accomplish the mission of the organization at every level.

--Doug Parr


1. To me, quality assurance has always been a function of risk probability and resources. If you can't live with the result of a defect with the current process in place, then you must pay that cost of ensuring that the defect doesn't reach the customer. 2. I don't know. It would be a function of the level of trust you have in your employees to be able to improvise and respond to a crisis and your perceptions of their growth rate for a defect prevention mindset. If their maturity level is low, then avoid court costs and reworks. 3. Isn't the point of having a single supplier to build a relationship of mutual benefit--a strategic partnership? If so, the supplier should have intimate knowledge of your expansion vision and be committed to helping you succeed in exchange for being the single supplier. This level of trust and strategic partnership cannot happen overnight, and while it is building, it's prudent to have multiple suppliers. 4. Training is always a tough call. Interactive Internet training may be an alternative. After the initial investment, employees could have access any time and, if the incentives were appropriate, would find the time to get the training in. 5–7. I believe if you achieve the CMM Level 3, in the absence of a marketing impetus for ISO 9000, you will still have built a solid foundation so that the issues raised in Nos. 1, 2, 5, and 6 should not have to be faced again.

--Monroe Ratchford


Capability analysis basics

I enjoyed reading Michael J. Cleary's March 2000 article because I frequently hear people confusing Cp with Cpk. However, there are some computational errors in the article:

Example 1:

Cp = Zmin/3 = 3/3 = 1.0

This should be Cpk, not Cp.

Example 2:

Cp = Zmin/3 = 2.5/3 = 0.38

Again, this should be Cpk, not Cp.

Also, 0.38 should be 0.83.

--Rich Postrozny
Purchasing & Supplier Development
International Truck & Engine Corp.


Several readers caught these mistakes, which were the fault of Quality Digest and not of the author.



Write us!

 Quality Digest welcomes your comments. Letters to the editor or to any of our contributors automatically become property of QCI International. Published letters will be edited for grammar and length. E-mail your letters to or send them to Letters to the Editor, Quality Digest, P.O. Box 1769, Chico, CA 95927.

Menu Level Above 

This Menu LeveL 

Menu  Level Below 

[Contents] [News] [WebLinks] [Columnists]
[Applications] [Software] [SPC Guide] [Letters] [First Word] [Books]

Copyright 2000 QCI International. All rights reserved.
Quality Digest can be reached by phone at (530) 893-4095. E-mail:
Click Here

Today's Specials