The RASCI Diagram can be used to clarify the roles and responsibilities in cross functional processes and projects. It helps determine who is Accountable, Responsible, Supporting, Consulted, or Informed.

The RASCI Diagram splits activities down to five types of roles that make up the acronym RASCI:

R = Responsible: the person(s) who performs the activity
A = Accountable: the person held accountable for completion of activity
S = Supporting: the person(s) that provide support for the work
C = Consulted: the person(s) consulted before performing the activity
I = Informed: the person(s) informed after performing the activity

The Accountable person is answerable for the correct and thorough completion of the activity. Each activity can have only one person with ultimate accountability and authority. Therefore, only one A is listed for each activity in the diagram. The A is assigned to the lowest level of accountability and is implied at the higher levels. Accountability cannot be delegated.

The Responsible person(s) performs the activity. The individual(s) assigned the R is responsible for implementation and action. The degree of responsibility is defined by the Accountable person. Responsibility can be shared and delegated.

The Supporting person(s) is a resource allocated to the Responsible person(s). Unlike Consulted, who may aid in the task, Supporting may be tasked with work.

The opinion of the Consulted person(s) is sought before a final decision or action is taken. Two-way communication is involved.

The Informed person(s) is kept up-to-date on progress, decisions, and actions. One-way communication is involved.

The RASCI Diagram identifies activities within a process or project as the rows of a table. The columns identify the involved individuals. Each row identifies one A and one or more of R, S, C, and I. You can see a table example at this Wikipedia page.

The RASCI Diagram is especially useful when everyone thinks they are responsible and accountable, resulting in duplicate effort and in-fighting. And, its use is also helpful in the reverse situation when no one seems to be responsible and some activities are not "owned".

In some cases, people may think they need to be consulted, when in reality, they just need to be told after the fact, i.e., kept informed. Or, some people really do need to be consulted, and are not. Without clear roles, there will be poor communication and unsatisfactory results.

For more information, see the article by Steven Bonacorsi at EzineArticles.

What is the difference between a procedure and an instruction? And, does it matter?

A procedure is a specified way to carry out an activity. An instruction provides detailed directions on how to perform a task.

Procedures and instructions can be documented, or not. If the activities and tasks are being carried out by competent people, written procedures and instructions may be unnecessary.

The confusion between what is a procedure and what is an instruction is magnified when organizations refer to them by different names. For example, a procedure may be referred to as a method or plan; an instruction may be called directions or guidance.

In some organizations, work instructions are named "standard operating procedures", which adds more confusion. The key to distinguishing between procedures and instructions is to look at their level of detail. Procedures describe "what" is done and instructions describe "how" it is done.

A quality management system can be decomposed into processes, activities, and tasks. In other words, a system consists of multiple processes, each of which includes multiple activities. Each activity can be further decomposed into tasks.

For example, a quality manual describes policies across the entire system. Within that system are multiple, linked processes, each with a defined, perhaps documented, procedure. If an activity within a procedure needs more of an explanation on how tasks are performed, an instruction can be written.

So, a procedure is the specified way to carry out activities making up a process. An instruction describes the sequence of steps to perform the tasks making up an activity. For documented procedures and instructions, we should be able to look at the text to see if it is a procedure or an instruction.

An example of text from a procedure might be:

The audit program manager maintains the audit schedule and assigns qualified auditors that are independent of the areas to be audited.

A procedure describes what is done, but doesn't get down to the details of how it is done. Since multiple people may be involved in carrying out the procedure, their titles are used to clarify their roles.

An example from an instruction might be:

1. Check the box.
2. Enter the value.
3. Drain the tank.

An instruction typically uses action-oriented verbs to direct or instruct the person to perform the task. Since the instruction is "talking" to the person carrying out the task, the person's title isn't needed.

So, procedures are basically descriptions of departmental activities. They provide process overviews and link to work instructions, if needed, on how to perform selected tasks within an activity.

Procedures are referenced in the quality manual and must conform to the policies stated in that document. A procedure explains why a process is performed, what is done, by whom, when it happens, and where it takes place.

ISO 9001 requires documented procedures for Document Control (4.2.3), Record Control (4.2.4), Internal Audits (8.2.2), Control of Nonconforming Product (8.3), Corrective Action (8.5.2), and Preventive Action (8.5.3). Other documented procedures may be necessary for the effective planning, operation, and control of the processes within your quality management system.

Instructions are optional for an ISO 9001-based system (see clause 7.5.1.b), but they are usually included for consistent operations. The instructions are written to give directions in a logical work sequence. They also take into account the qualifications of the persons using them.

If you'd like to learn how to write and control documents, enroll in our Quality System Documentation course. You can see the course description at our web site.

As an audited organization, do you stand up for your rights? Or, to avoid conflict, do you just accept whatever comes your way during the audit experience?

Maybe it is time for an Auditee Bill of Rights, so organizations know what they should expect and demand from their auditors and certification bodies.

A "bill of rights" is a list of rights that are considered important and essential by a group of people. A prime example is the first ten amendments to the United States Constitution, referred to as the Bill of Rights.

However, our Auditee Bill of Rights won't be a legal document. It will be a list of economic rights from the perspective that the auditee is the customer, after all.

Patterned on the "Patient" Bill of Rights in the healthcare industry, the eight areas of consumer rights for our Auditee Bill of Rights are:

1. Choice: The auditee has the right to choose their certification body, and within the constraints of the contract, easily switch to a different certification body.

2. Information: The auditee has the right to receive timely, truthful, accurate, and easily understood audit reports that describe the audit objectives, scope, criteria, sampling, and findings. Audit reports are to address conformity, effectiveness, areas for improvement, and any unresolved diverging opinions. In addition, the auditee is to be kept informed of changes to applicable standards and certification body policies.

3. Access: The auditee has the right to communicate in a timely fashion with auditors before, during, and after the audit for an understanding of plans, interpretation of requirements, explanation of results, and confirmation that proposed corrective actions adequately address the reported nonconformities.

4. Participation: The auditee has the right to participate in the planning and performance of the audit, including the audit agenda, audit team selection, proposed logistics, audit guides, and feedback on the audit experience. The auditee will be viewed as a partner to identify applicable requirements, provide needed evidence, and confirm possible findings.

5. Respect: The auditee has the right to expect considerate, respectful behavior from the audit team and support staff at all times and under all circumstances.

6. Confidentiality: The auditee has the right for the security and confidentiality of audit reports to be protected by all audit team members and report recipients. All auditee information maintained by the certification body will be available for review by the auditee for possible corrections and changes to the records.

7. Appeal: The auditee has the right to a fair and efficient process for resolving differences, including a rigorous, written process for internal review and an independent system for external review. The documented appeal process will be publically accessible.

8. Responsibility: In a system that protects auditee rights, it is reasonable to expect and encourage the auditee to assume a supporting role. The auditee is responsible for providing access during the audit to areas, people, documents, and records. The auditee is to announce the audit in advance, explain its value, and encourage employees to fully participate with helpful and truthful responses.

Now that I've proposed an auditee bill of rights, let's look at each "right" in more depth.

Choice: The auditee has the right to choose their certification body, and within the constraints of the contract, easily switch to a different certification body.

You have many choices available. Go to the ANSI-ASQ National Accreditation Board (ANAB) web site (http://www.anab.org) to see a list of certification bodies. While at the web site, read the article, "Tips for Selecting a Certification Body".

The International Accreditation Forum (IAF) provides guidance on the transfer of a certificate from one certification body to another. The objective is to maintain the integrity of the certificate during the transfer period. You can see the current IAF GD2:2005 guidance at (www.iaf.nu).

Information: The auditee has the right to receive timely, truthful, accurate, and easily understood audit reports that describe the audit objectives, scope, criteria, sampling, and findings. Audit reports are to address conformity, effectiveness, areas for improvement, and any unresolved diverging opinions. In addition, the auditee is to be kept informed of changes to applicable standards and certification body policies.

The written audit report should be provided before the audit team leaves your site. Certificates should be issued within two weeks of your organization being recommended for certification and your submission of acceptable action plans.

Expect a written nonconformity statement to describe both the requirement not being met, as well as, the audit evidence that proves the nonconformity.

Does your auditor put in a full day's work, or are you being shortchanged? Does the auditor conduct the audit where the work is being done, or do they camp out in the conference room? Auditors need to adhere to the audit plan, watch your operations, and select their own sample of people, documents, and records.

Your certification body may have identified that your internal audits need to be more process-oriented and less clause-by-clause audits. Are their own audits good models? Or, do they provide clause-based audit agendas and reports?

If the auditor isn't assessing by process, and going downstream to see what internal customers think about the process results, then they aren't really evaluating process effectiveness. And, if they never identify any opportunities for improvement, are they really adding value, or just judging conformity?

Access: The auditee has the right to communicate in a timely fashion with auditors before, during, and after the audit for an understanding of plans, interpretation of requirements, explanation of results, and confirmation that proposed corrective actions adequately address the reported nonconformities.

You should know who at the certification body administers your account and schedules your auditors. You should be provided their contact information, as well as, the contact information for the assigned auditors.

You should be made to feel comfortable contacting the auditor to discuss the upcoming audit, as well as, later for explanations of nonconformities and the acceptability of corrective actions.

Participation: The auditee has the right to participate in the planning and performance of the audit, including the audit agenda, audit team selection, proposed logistics, audit guides, and feedback on the audit experience. The auditee will be viewed as a partner to identify applicable requirements, provide needed evidence, and confirm possible findings.

Does your auditor send you an audit plan in advance, or is the agenda developed after the auditor arrives? ISO 17021 requires certification bodies to communicate and agree upon the plan with your organization before the audit.

ISO 17021 also requires certification bodies to identify the auditors, and when requested, to provide background information on the team members so your organization can possibly object to the selection of a specific auditor and have the team reconstituted based on valid objections.

To minimize travel costs, the auditor visit to your geographic area should be synchronized with other audits to include multiple organizations in one trip.

For continuity, you should expect the same lead auditor to be assigned for your three year recertification period, as well as, to avoid having to training multiple auditors on your system. However, you should be willing to accept a new lead auditor after the recertification to introduce a fresh auditor perspective.

And, does the certification body request feedback on your level of satisfaction with the audit process and auditor competence? If not, are they afraid of what you might say?

Respect: The auditee has the right to expect considerate, respectful behavior from the audit team and support staff at all times and under all circumstances.

The certification body and auditors should remember that your organization is the customer. Therefore, they should want to provide outstanding service and support to gain your loyalty and continued business. They can begin by promptly responding to your phone calls and emails.

Auditors should be respectful during interviews and meetings. They should avoid appearing to criticize people when identifying process nonconformities. The focus should be on the process, not the person. They are fact finding, not fault finding.

Although you requested the audit, and it is hopefully beneficial, the auditor's visit is somewhat disruptive. Employees will be unable to fully perform their jobs while being interviewed. As a result, the auditors should respect your valuable time and come prepared to efficiently and effectively assess your system.

Confidentiality: The auditee has the right for the security and confidentiality of audit reports to be protected by all audit team members and report recipients. All auditee information maintained by the certification body will be available for review by the auditee for possible corrections and changes to the records.

You should expect the certification body to safeguard the confidentiality of the information they obtain or create during the performance of your audit. And, information about your organization should not be disclosed to a third party (other than the accrediting body) without your written consent.

As you may know, the code of conduct for third party auditors does not allow them to offer consulting advice. This is to ensure they do not inadvertently share proprietary information, to encourage the client to develop their own corrective actions, and for the auditors to remain impartial in future audits.

You should refrain from asking the auditors for their suggestions on how to fix a problem. Respect their code of conduct. And, if you encounter an auditor that wants to offer unsolicited consulting advice, you might have a valid concern that some of your proprietary approaches could become suggestions for other clients.

Appeal: The auditee has the right to a fair and efficient process for resolving differences, including a rigorous, written process for internal review and an independent system for external review. The documented appeal process will be publically available.

If you are unable to resolve differences with the auditor, you can appeal to the certification body. If the issue is still not resolved to your satisfaction, you can then appeal to the ANSI-ASQ National Accreditation Board (ANAB).

ISO 17021 describes the requirements for an appeals-handling process and complaints-handling process to be used by a certification body.

Responsibility: In a system that protects auditee rights, it is reasonable to expect and encourage the auditee to assume a supporting role. The auditee is responsible for providing access during the audit to areas, people, documents, and records. The auditee is to announce the audit in advance, explain its value, and encourage employees to fully participate with helpful and truthful responses.

Your management team must communicate their support of the audit program throughout the organization. Attitudes are contagious.

Management must ensure that timely and effective corrective action is taken on each nonconformity to avoid the same problem repeating over and over again.

Your organization should notify the certification body without delay of any matters that may affect the capability of your quality management system to continue to meet the requirements of the applicable standard.

Four industry associations have joined forces to create a set of metrics for gauging the performance of execution in production plants and warehouses.

The associations are the Manufacturing Enterprise Solutions Association (MESA) International; Order Fulfillment Council (OFC); Supply Chain Execution Systems and Technologies Group (SCE Group) of the Material Handling Industry of America (MHIA); and Warehousing Education and Research Council (WERC).

The group's first paper was a report, "Improving Order Execution Performance: A Holistic View of Metrics across Plant and Warehouse," which introduces the framework that the four associations will benchmark.

The framework categorizes the metrics in six major performance areas:

Customer Metrics

1. order fulfillment

2. mass customization (flexibility)

Internal Metrics

3. inventory management

4. execution productivity

General Metrics

5. quality and compliance

6. business and financial

According to the collaborative paper from the group, a perfect order index is a compilation score which measures the result of each of four major components of a perfect order:

• delivered on-time (% of orders arriving at final destination at agreed upon time)
• shipped complete (% of orders shipped with all lines and units)
• shipped damage free (% of orders shipped in good and usable condition)
• correct documentation (% of orders with accurate invoice and required documents)

The perfect order index is computed by multiplying each component for a total score, e.g., if the score is 95% for each of the four components, then the perfect order index would be 81.5%.

MESA, OFC, SCE and WERC said they will start using these metrics in 2009. The resulting research will be an extension of the current WERC Watch benchmarking studies, as well as, MESA's Metrics that Matter series.

The paper is available to members of the four organizations and can be purchased by non-members. You can find the links for MESA, OFC and SCE at MHIA, and WERC at the Links page of the Whittington & Associates web site.

The Pipeline and Hazardous Materials Safety Administration (PHMSA), within the Department of Transportation, has proposed a modification to its current security plan requirements for the transportation of hazardous materials.

The proposed change was published in the Federal Register as 49 CFR Part 172, "Hazardous Materials: Risk-Based Adjustment of Transportation Security Plan Requirements; Proposed Rule".

PHMSA, in consultation with the Transportation Safety Administration (TSA) of the Department of Homeland Security (DHS), is proposing to modify its current security plan requirements governing the commercial transportation of hazardous materials by air, rail, vessel, and highway.

Based on an evaluation of the security threats associated with specific types and quantities of hazardous materials, the proposed rule would narrow the list of materials subject to security plan requirements, and reduce associated regulatory costs and paperwork burden.

The proposed rule also would clarify certain requirements related to security planning, training, and documentation, and incorporate and build on recent international standards governing hazardous materials security.

Under PHMSA regulations, a security plan must include an assessment of possible transportation security risks and appropriate measures to address the risks. Specific measures implemented as part of the plan may vary with the level of threat at a particular time.

Also, PHMSA set a performance standard providing offerors and carriers the flexibility necessary to develop security plans addressing their individual circumstances and operational environments. At a minimum, the security plan must address personnel security, unauthorized access, and in-route security.

The proposal responds in part to a petition from the Council on Safe Transportation of Hazardous Articles (COSTHA). COSTHA recommended that PHMSA incorporate into its security plan requirements the less extensive list of high consequence dangerous goods in the United Nations Model Regulation on the Transport of Dangerous Goods. A second petition from the American Trucking Association sought to have PHMSA expand the list of covered materials.

PHMSA decided to use the UN Recommendations as a starting point for its proposal. PHMSA notes that most entities that have commented on pre-proposal documents agreed that the list of materials for which security plans are required should be revised to include only those materials that pose a significant security threat in transportation.

Most of the existing requirements for security plans apply to hazmats that must be placarded. Among the proposed changes, PHMSA would remove security plan requirements for a variety of low-hazard explosives, some flammable gases and liquids under a threshold amount in a single package, spontaneously combustible materials below a threshold amount, and some oxidizing materials (excluding perchlorates and ammonium nitrate).

In the same proposal, PHMSA is seeking to make additional changes to the security plan regulations, including adding or clarifying requirements that the security plan is to be reviewed at least annually and updated if necessary, and that in-depth security training occur at least every 3 years, or sooner if the security plan is revised.

PHMSA's proposed amendments to the hazmat security plan requirements are available at the BLR Environmental Document Center. Note: Type in 94669 when prompted for the document number.

ISO 9001:2000
Understanding ISO 9001:2000
Implementing ISO 9001:2000
Quality System Documentation
ISO 9001:2000 Internal Auditor
ISO 9001:2000 Lead Auditor

ISO 14001:2004
Implementing an EMS
ISO 14001:2004 Internal Auditor
ISO 14001:2004 Lead Auditor

ISO/TS 16949:2002
ISO/TS 16949:2002 Internal Auditor
ISO/TS 16949:2002 Lead Auditor
Understanding and Implementing ISO/TS 16949:2002

AS9100B:2004
AS9100 Internal Auditor
Implementing AS9100
AS9100 Lead Auditor

ISO 27001 / ISO 17799
ISO 27001 - Understanding an ISMS
ISO 27001 - ISMS Implementation
ISO 27001 - ISMS Internal Auditor
ISO 27001 - ISMS Lead Auditor

ISO 20000
Understanding ISO 20000
Implementing ISO 20000
ISO 20000 Internal Auditor

ISO 22000
Understanding ISO 22000
ISO 22000 Internal Auditor
Understanding HACCP
Implementing SQF Systems
Advanced HACCP

ISO 13485:2003
Understanding ISO 13485:2003
ISO 13485:2003 Internal Auditor
Implementing ISO 13485:2003
ISO 9001 Lead Auditor - ISO 13485 Emphasis

Capability Maturity Model Integration
Introduction to CMMI v1.2

Six Sigma
Introduction to Statistics
Green Belt Certification
Black Belt Certification

Books
See our list of ISO 9001, Auditing, and Six Sigma books. Includes book descriptions and links to Amazon.

© 2000-2008 Whittington & Associates, LLC

email: larry@whittingtonassociates.com

phone: 770-517-7944

web: http://www.whittingtonassociates.com