2007 Newsletter Articles

Audits and Cheat Sheets

Dec 8, 2007 in Newsletter | 0 comments

A “cheat sheet” is a concise set of notes used for quick reference. In the academic world, cheat sheets are so named because they may be used by students without the instructor’s knowledge to cheat on a test. However, in some educational settings, where rote memorization is not as important, the use of cheat sheets on exams may be sanctioned and even recommended by the instructor (and therefore not really cheating, despite the name). In the business world, so called “cheat sheets” are popular in any setting where...

Read More

Are e-Audits in Your Future?

Dec 8, 2007 in Newsletter | 0 comments

With the increasing use of electronic media for the operation and control of management systems, auditors need to consider new ways to efficiently and effectively verify conformity to audit criteria. For multi-site organizations, this could include remote access to electronic documents and records to save travel time and dollars. And, the remote access can be carried out without taking the time of anyone at the remote location. As a result, some organizations are already conducting remote audits using collaboration tools like MS SharePoint....

Read More

ISO 28000 for Supply Chain Security

Dec 8, 2007 in Newsletter | 0 comments

The ISO 28000 series of standards on supply chain security management systems have been upgraded from their status as Publicly Available Specifications to that of full International Standards. They are expected to help reduce risks to people and cargo by addressing potential security issues such as terrorism, fraud, and piracy. The ISO 28000 standards specify the requirements for a security management system to ensure safety in the supply chain. They can be applied by organizations of all sizes involved in manufacturing, service, storage, or...

Read More

Incident and Problem Management

Dec 8, 2007 in Newsletter | 0 comments

According to ISO 20000-1:2005, incident management and problem management are separate processes, although they are closely linked. Incident management deals with the restoration of service to users, whereas problem management is concerned with identifying and removing the causes of incidents. The objective of incident management is to restore the agreed to service to the business as soon as possible or to respond to service requests. The objective of problem management is to minimize disruption to the business by proactive identification and...

Read More

Audit Checklist with Answers

Dec 8, 2007 in Newsletter | 0 comments

A checklist is used to compensate for the weakness of our human memory when we want to ensure consistency and completeness in carrying out a task. For example, we use checklists to remind us of important actions or to even plan a trip to the grocery store. As auditors, we use checklists to remind us of the audit criteria against which we are to compare the audit evidence. In other words, we compare evidence (statements, observations, documents, and records) to the applicable requirements (customer, organization, standard, and legal). To guide...

Read More

Manufacturing Census

Nov 8, 2007 in Newsletter | 0 comments

Industry Week recently published the results of their 2007 IW/MPI Census of Manufacturers. Response summaries are shown below for improvement methodologies in use, strategic practices, and focus of market strategies. Please note that multiple responses were allowed. Improvement Methodologies in Use Lean Manufacturing = 69.6% Total Quality Management = 34.2% Six Sigma = 29.0% Toyota Production System = 17.0% Theory of Constraints = 14.4% Agile Manufacturing = 6.4% Other = 14.6% None = 11.6% Strategic Practices Continuous Improvement =...

Read More

Audit Interviews

Nov 8, 2007 in Newsletter | 0 comments

When you audit a process, you can look for evidence by observing the process, reviewing its documents, and examining its records. However, an important source of evidence is the information gained through interviews. A quick overview of the interview process is shown below: Interview reasons Supplements the documented process Determines the actual defined process Principal way of obtaining information Allows auditee to explain work practices Ascertains understanding; commitment Interview steps Interview persons at their workplace Conduct...

Read More

Communication

Nov 8, 2007 in Newsletter | 0 comments

ISO 9001:2000 recognizes the importance of communication by stating in clause 5.5.3 that the appropriate communication processes must be established within the organization. And, in clause 7.2.3, the standard adds that the organization must determine and implement effective arrangements for communicating with customers. According to the HR Daily Advisor, a study by Sirota Survey Intelligence shows that the lack of communication is a key reason why initially enthusiastic employees become unmotivated in as little as 6 months after joining their...

Read More

How Do You Audit the Analysis of Data?

Nov 8, 2007 in Newsletter | 0 comments

How do you audit conformity to ISO 9001:2000, clause 8.4, Analysis of Data? Or, do you audit it? Unfortunately, some auditors say they don’t, at least not directly. We should start by recognizing the importance of the requirement; it is one of the eight principles of quality management. ISO 9000, Clause 0.2.g, lists the 7th principle as the “Factual Approach to Decision Making” and explains that effective decisions are based on the analysis of data. Analyzing data is an essential activity for improving your system and its...

Read More

Free Magazines

Nov 8, 2007 in Newsletter | 0 comments

Are you taking advantage of the free magazines available in your industry? I’ve listed several web sites that offer free subscriptions to trade magazines. The Business News Publishing Company offers free subscriptions to more than 40 magazines, including Quality, Assembly, Pollution Engineering, and Packaging Strategies. Canon Communications publishes 15 trade magazines covering the medical manufacturing, general design, pharmaceutical, packaging, and plastics industries. Mercury Magazines is the source for hundreds of free...

Read More

Free Online EMS 101

Oct 8, 2007 in Newsletter | 0 comments

The Environmental Protection Agency (EPA) web site has an online EMS 101 course that provides an overview of an Environmental Management System. The course also covers how an EMS program can support environmental improvements at facilities that are subject to environmental regulations. The free course takes about one hour to complete. In addition, the course describes the EPA’s involvement in supporting EMS efforts at facilities regulated under a number of environmental statutes, e.g., the Resource Conservation and Recovery Act...

Read More

IWA 2:2007 – Use of ISO 9001 in Education

Oct 8, 2007 in Newsletter | 0 comments

An International Workshop Agreement (IWA) is an ISO document produced through workshop meetings and not through the technical committee process. An IWA provides guidance and is not intended for use in contracts for conformity assessment or for certification. IWA 2 was first published in 2003. The second edition, IWA 2:2007, Quality Management Systems – Guidelines for the Application of ISO 9001:2000 in Education, is now available. IWA 2 provides guidance for a quality management system in an educational organization. It does not add to,...

Read More

Operational Excellence Online LIVE!

Oct 8, 2007 in Newsletter | 0 comments

Industry Week is hosting a free 12-session, 2-day online conference on Wednesday, October 10 and Thursday, October 11. The one-hour sessions start at 11:00 AM EDT and complete by 5:00 PM EDT each day. The sessions on October 10 are: Manufacturing Execution: Best Practices for Streamlining Global Operations Improving Operational Availability to Achieve Lean Manufacturing Goals The Benefits of Wireless Technology for the Factory Floor Enabling Lean Success through Leadership and Culture From Plant Floor to Corner Office: Facilitating...

Read More

ISO 9001:2000, Clause 7.1 and Quality Plans

Oct 8, 2007 in Newsletter | 0 comments

The words “plan”, “planned”, and “planning” are used more than 30 times in the requirement clauses of the ISO 9001:2000 standard. A plan is simply a method you develop before doing something so you are more likely to have a successful result. The term “quality plan” is only used once in the standard, in a Note associated with clause 7.1, Planning of Product Realization. The Note refers to a quality plan as a document specifying the processes of the quality management system, as well as, the...

Read More

New Software Product Quality Standards

Sep 10, 2007 in Newsletter | 0 comments

Within the Software Engineering set of ISO standards is a “25000” series of standards on Software Product Quality Requirements and Evaluation, known as SQuaRE. Newly released SQuaRE standards: ISO 25001:2007 – Software Engineering – Software Product Quality Requirements and Evaluation (SQuaRE) – Planning and Management This standard provides details about the planning and management requirements associated with software product quality requirements and evaluation. While it is mainly concerned with product quality...

Read More

Records Management

Sep 8, 2007 in Newsletter | 0 comments

Within the Software Engineering set of ISO standards is a “25000” series of standards on Software Product Quality Requirements and Evaluation, known as SQuaRE. Newly released SQuaRE standards: ISO 25001:2007 – Software Engineering – Software Product Quality Requirements and Evaluation (SQuaRE) – Planning and Management This standard provides details about the planning and management requirements associated with software product quality requirements and evaluation. While it is mainly concerned with product quality...

Read More

PAS 99 – Integrated Management System

Sep 8, 2007 in Newsletter | 0 comments

PAS 99:2006 is a specification of common management system requirements as a framework for integration. It was developed by British Standards Institution (BSI), the UK’s national standards body. This Publically Available Specification (PAS) helps organizations integrate and effectively manage the common requirements of two or more management system standards, for example, ISO 9001 – Quality ISO 14001 – Environmental ISO 27001 – Information Security ISO 22000 – Food Safety ISO 20000 – IT Service...

Read More

ISO 17799 Changes to ISO 27002

Sep 8, 2007 in Newsletter | 0 comments

To consolidate information security standards under the “27000” series number, ISO 17799:2005 has been changed to ISO 27002:2005. The renumbered standard has the same content and retains the same title, “Information Technology – Security Techniques – Code of Practice for Information Security Management”.  The ISO 27000 family currently consists of: ISO 27001:2005 – Information Security Management Systems – Requirements ISO 27002:2005 – Information Technology – Security Techniques...

Read More

Audit Conference in October in Atlanta

Sep 8, 2007 in Newsletter | 0 comments

Hundreds of auditors from all over the world are expected to attend the ASQ Audit Division’s annual conference in Atlanta. The conference will be held at the Sheraton Atlanta on October 11-12, 2007 with a theme of “Strategic Auditing: Innovation, Implementation, Interaction”. Larry Whittington will speak on “How to Audit the Difficult Areas”. For more information about the conference, visit the conference web...

Read More

OHSAS 18001 Revised for Health and Safety

Aug 8, 2007 in Newsletter | 0 comments

OHSAS 18001:2007 specifies the requirements for an organization to control its Occupational Health and Safety risks and improve its performance. OHSAS 18001:2007 has been issued as a British Standard and supersedes OHSAS 18001:1999, which will remain current until 2009. There have been a number of significant changes made to the standard to reflect its widespread use in more than 80 countries and by approximately 16,000 certified organizations. The principal changes include a much greater emphasis on “health” rather than just...

Read More

CMMI for Development

Aug 8, 2007 in Newsletter | 0 comments

The Software Engineering Institute (SEI) has identified three critical dimensions that organizations typically focus on to improve their business: 1) people, 2) procedures and methods, and 3) tools and equipment. But what holds everything together? It is the processes used in your organization. Processes allow you to align the way you do business. They allow you to address scalability and provide a way to incorporate knowledge of how to do things better. Processes allow you to leverage your resources and to examine business trends. Of course,...

Read More

Revisions for AS9100 Family of Standards

Aug 8, 2007 in Newsletter | 0 comments

The International Aerospace Quality Group (IAQG) is revising the IAQG 9100 family of standards. Since the IAQG 9100 standard is published as AS9100 in the USA, I will refer to it as AS9100 in the remainder of this article. AS9100 uses ISO 9001:2000 as its foundation, with additional aerospace requirements highlighted in bold, italic type. The ISO 9001 standard is being amended with publication expected in May 2009. This revision is driving an update of AS9100. According to Buddy Cressionnie in a recent Quality Progress article, the objectives...

Read More

Medical Laboratory Accreditation by A2LA

Aug 8, 2007 in Newsletter | 0 comments

The American Association for Laboratory Accreditation (A2LA) now offers accreditation for medical laboratories to ISO 15189:2007. ISO 15189 specifies requirements for quality and competence particular to medical laboratories. It is for use by medical labs in developing their quality management systems and assessing their own competence, as well as, for use by accreditation bodies like A2LA in confirming or recognizing the competence of medical laboratories. In addition to examining the technical aspects of a lab’s operation, the A2LA...

Read More

IT Infrastructure Library (ITIL)

Aug 8, 2007 in Newsletter | 0 comments

The Information Technology Infrastructure Library (ITIL) is a framework of best practice approaches intended to help with the delivery of high quality information technology (IT) services. ITIL outlines an extensive set of management procedures that are intended to support businesses in achieving high quality and value in IT operations. These procedures are supplier-independent and were developed to provide guidance across the breadth of IT infrastructure, development, and operations. ITIL is published in a series of books (Library), each of...

Read More

Quality Measurement Data Specification

Aug 8, 2007 in Newsletter | 0 comments

According to AIAG News, automotive manufacturers and suppliers lose millions of dollars and weeks of product development time from the lack of interoperability from proprietary quality data collection solutions. The Quality Measurement Data (QMD) Specification enables the seamless exchange of quality measurement information between disparate and proprietary gages and reporting tools, solving this data integration problem by reducing as many as 1,500 data formats to one single open reporting format. Currently, companies are forced to integrate...

Read More

IIA Global Technology Audit Guides

Jul 8, 2007 in Newsletter | 0 comments

The Institute of Internal Auditors (IIA) is producing a series of publications with guidance on information technology. Each guide is written in straightforward business language to address timely issues related to information technology management, control, or security. Click on the links below to download the free GTA Guides in PDF format. Guide 1: Information Technology Controls This guide covers technology topics, issues, and audit concerns, as well as, issues surrounding management, security, control, assurance, and risk...

Read More

IT to Deliver, Score, and Record Tests

Jul 8, 2007 in Newsletter | 0 comments

ISO 23988:2007, Information Technology – A Code of Practice for the Use of Information Technology (IT) in the Delivery of Assessments Growth in the power and capabilities of Information Technology (IT) has led to its increasing use to deliver, score, and record responses of tests and assessments in a wide range of educational and other contexts. Suitably used, IT delivery offers advantages of speed and efficiency, better feedback, and improvements in validity and reliability. However, its increased use has raised issues about the...

Read More

ISO 27006 for ISMS Certification Bodies

Jul 8, 2007 in Newsletter | 0 comments

The new standard, ISO 27006:2007 is titled, Information Technology – Security Techniques – Requirements for Bodies providing Audit and Certification of Information Security Management Systems. ISO 27006 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS) beyond the requirements within ISO 17021 and ISO 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification. The requirements in ISO...

Read More

CMMI versus ISO 9001

Jul 8, 2007 in Newsletter | 0 comments

The 2Q07 issue of the TickIT software quality journal includes the final article of a three part series exploring the relationship between ISO 9001:2000 and CMMI in terms of the benefits gained by undertaking combined surveillance audits. The first article explained that a good mapping between ISO 9001 and CMMI would be essential for the combined surveillance audits to work effectively. The first two articles developed this mapping from an ISO 9001 perspective, that is, would an organization with CMMI level 3 satisfy the requirements of ISO...

Read More

ISO 9001:2009 – Clause 8 Changes

Jul 8, 2007 in Newsletter | 0 comments

In previous newsletters, I have reviewed the proposed changes for clauses 4, 5, 6, and 7 of the draft ISO 9001:2009 standard. This month, we’ll look at the suggested changes for clause 8, Measurement, Analysis, and Improvement. Please note that only the new or changed sections are discussed below. Unaffected text has not been included. 8.2.1 Customer Satisfaction As one of the measurements indicators of the performance of the quality management system, the organization shall monitor information relating to customer perception as to...

Read More

TL 9000 R4.0 Requirements

Jun 8, 2007 in Newsletter | 0 comments

The TL 9000 standard (based on ISO 9001:2000) specifies requirements for suppliers of telecommunications products: hardware, software, and/or services. A summary document that identifies the unique TL 9000 Release 4.0 requirements has been placed in the Resources section of our web site. The ISO 9001:2000 clause numbers and titles have been boxed in the text to set them off from the TL 9000 R4.0 requirements. The ISO 9001:2000 requirements were not included since the focus of the document is on the TL 9000 R4.0 adders. TL 9000 identifies its...

Read More

ASME Measurement Uncertainty Standard

Jun 8, 2007 in Newsletter | 0 comments

The National Institute of Standards and Technology (NIST) engineers, together with colleagues from industry and other standards organizations, have completed a five-part series of standards designed to evaluate the accuracy and usability of manufacturing measurements. The American Society of Mechanical Engineers (ASME) recently published the last in the series, B89.7.3.2 – 2007, Guidelines for the Evaluation of Dimensional Measurement Uncertainty. A copy can be obtained for $35.00. Click on the title above to go to its ASME Product...

Read More

ISO 9001:2009 – Clause 7 Changes

Jun 8, 2007 in Newsletter | 0 comments

In the last newsletter, I reviewed the proposed changes for clauses 5 and 6 of the draft ISO 9001:2009 standard. This month, we’ll look at the suggested changes for clause 7, Product Realization. 7.1 Planning of Product Realization The only change to the text of clause 7.1 is the addition of “measurement” as one of the required activities to be determined during the planning of product realization. In planning product realization, the organization shall determine the following, as appropriate: c) required verification,...

Read More

FMEA Quality Tool

Jun 8, 2007 in Newsletter | 0 comments

Have you heard about FMEA, but remain unsure of its use as a quality tool? Well, FMEA is the acronym for Failure Modes and Effects Analysis. Failure Modes are the ways in which something might fail. The failures are actual or potential errors or defects, especially those affecting the customer. Effects Analysis refers to studying the consequences or effects of those failures. Failures are prioritized according to the seriousness of their consequences, the frequency of their occurrence, and likelihood of their detection. The purpose of FMEA is...

Read More

Risk Management for Medical Devices

Jun 8, 2007 in Newsletter | 0 comments

The second edition of ISO 14971:2007, Application of Risk Management to Medical Devices, has been released. The revised version aligns better with ISO 13485:2003 requirements and provides an improved model for implementing a risk management system. ISO 14971:2007 specifies a process for a manufacturer to identify the hazards associated with medical devices, including in vitro diagnostic (IVD) medical devices, to estimate and evaluate the associated risks, to control these risks, and to monitor the effectiveness of the controls. The...

Read More

PPAP Manual Available as e-Document

May 8, 2007 in Newsletter | 0 comments

The Production Part Approval Process (PPAP) Fourth Edition Manual offered by AIAG is now available as an e-document. The PPAP Manual was updated last year to align with the automotive process approach. The document sets forth requirements for production part approval, as defined by Chrysler Group, Ford Motor Company, and General Motors. The purpose of PPAP is to determine if all customer engineering design record and specification requirements are properly understood by the supplier, as well as, that the process has the potential to produce...

Read More

How to Audit ISO 9001:2000, Clause 4.1

May 8, 2007 in Newsletter | 0 comments

Remember when you were in school and had to write a paper on some subject? The teacher would remind you to use the opening paragraph to provide an overview before getting into the details. The opening paragraph is like a road map that helps guide the reader through the rest of your paper. Well, clause 4.1 serves that purpose for the standard. However, due to the broad scope of ISO 9001:2000, clause 4.1, auditors often wonder how to assess its general requirements. The answer: by recognizing its linkages to the clauses in the remainder of the...

Read More

Changes to ISO 9001 for Clauses 5 and 6

May 8, 2007 in Newsletter | 0 comments

In the last newsletter, I reviewed the proposed changes for clause 4 of the draft ISO 9001:2009 standard. This month, we’ll look at the suggested changes for clause 5, Management Responsibility, and clause 6, Resource Management. 5. Management Responsibility The clause 5 changes are a revision to Management Commitment to include statutory requirements, as well as, clarify that the Management Representative must be a member of the organization’s management. 5.1 Management Commitment a) communicating to the organization the...

Read More

Software-as-a-Service

May 8, 2007 in Newsletter | 0 comments

According to Gartner, a global IT research firm, the annual cost to own and manage software applications can be up to four times the cost of the initial purchase. As a result, companies end up spending more than 75% of their total IT budget just on maintaining and running existing systems and software infrastructure. The Software-as-a-Service (SaaS) revolution allows companies to subscribe to software applications and outsource operating the back-end infrastructure to the SaaS vendor. In most cases, the SaaS vendor can do this much more cost...

Read More

ISO/TS 22003 for Food Safety Audits

May 8, 2007 in Newsletter | 0 comments

A newly published document in the ISO 22000 series gives the requirements for the bodies that carry out auditing and certification of food safety management systems. ISO/TS 22003:2007 defines the rules applicable for the audit and certification of a food safety management system (FSMS) that complies with the requirements given in ISO 22000:2005. It also provides confidence to customers about the way certification of their suppliers has been granted. FSMS certification does not attest to the safety or fitness of the products of an organization...

Read More

Lifecycle Approach to Software Quality

Apr 8, 2007 in Newsletter | 0 comments

Researchers from Carnegie Mellon University estimate that programmers make between 100 and 150 errors per 1,000 lines of code. And according to the National Institute of Technology, only 70% of all application errors are found in the QA process, leaving the other 30% to be discovered by beta or pilot users. So, perhaps it’s not surprising that, according to Gartner, 40% of unplanned downtime is caused by application errors, which cost businesses an average of $100K per hour. The impact of application errors is felt by many organizations...

Read More

Tax Deduction for ISO 9001

Apr 8, 2007 in Newsletter | 0 comments

The Internal Revenue Service issued a ruling in 2000 that allows businesses to take a tax deduction for the costs of implementing and maintaining ISO 9001 registration. Several organizations had petitioned the IRS to permit firms to deduct ISO 9001-related costs in a single year instead of spreading the expenses over several years. The IRS ruling stated, “Although ISO 9000 is voluntary, it increasingly is a contractual requirement for doing business with many organizations, both public and private, worldwide.” A prior unofficial...

Read More

Doors (Evidence) and Locks (Requirements)

Apr 8, 2007 in Newsletter | 0 comments

In our auditing classes, I discuss the “scales of conformity”. On one scale are the applicable requirements for the area being audited. The other scale contains the different types of evidence. The auditor’s job is to compare the evidence to the requirements to determine if the audit criteria are being met or not. To help the students remember the types of evidence and the different categories of requirements, I devised two acronyms: DOoRS and LOCkS. DOoRS represents forms of evidence: D = Documents O = Observations R =...

Read More

Draft ISO 9001:2009 Clause 4 Changes

Apr 8, 2007 in Newsletter | 0 comments

In my last newsletter, I gave you the link to access a copy of the draft ISO 9001:2009 standard. Many of the suggested changes are just word changes for improved clarity of the requirements. For example, under 4.1 General Requirements, sub-clause (a), the word “Identify” has been replaced with “Determine”: 4.1 General Requirements a) Identify Determine the processes needed for the quality management system and their application throughout the organization (see 1.2), Although similar, the words “Identify” and “Determine” have...

Read More

Top Management Role

Apr 8, 2007 in Newsletter | 0 comments

The word “management” comes from the Latin manu agere, “to lead by the hand”. According to ISO 9000:2005, 3.2.7, Top Management is defined as the, “person or group of people who directs and controls an organization at the highest level.” Top management, through their leadership and personal involvement, can create an environment to fully involve people and effectively operate a quality management system. They can demonstrate their commitment through the following actions: 1. Learn Determine your customer needs and...

Read More

Want to Comment on ISO 9001:2009?

Mar 8, 2007 in Newsletter | 0 comments

The ISO 9000:2000 family of quality management system standards is being updated with an anticipated final release date in 2009. The updated standards (ISO 9001 and ISO 9004) are being released as committee drafts and available for review at the American Society for Quality (ASQ) web site. Of course, the two documents are not intended to be used for quality system design purposes. As committee drafts, the two standards are offered only for public review and comment. For ISO 9001, the requirements standard, the plan is to produce minor changes...

Read More

Information Security Audit Checklist

Mar 8, 2007 in Newsletter | 0 comments

According to the Information Security Forum, security management is “keeping the business risks associated with information systems under control within an enterprise.” Requirements for security management include clear direction and commitment from the top, the allocation of adequate resources, effective arrangements for promoting good information security practice throughout the enterprise, and the establishment of a secure environment. An information security program is a critical component of every organization’s risk management...

Read More

ISO 16085 for Risk Management

Mar 8, 2007 in Newsletter | 0 comments

ISO 16085:2006, Systems and Software Engineering – Life Cycle Processes – Risk Management, defines a process for managing risk in system and software life cycles. ISO 16085 can be used with existing set of processes defined by ISO 15288, Systems Engineering – System Life Cycle Processes, and ISO 12207, Information Technology – Software Life Cycle Processes, or it can be used independently. Risk management is a key discipline for making effective decisions and communicating the results within organizations. The purpose...

Read More

Writing Checklist for Documents

Mar 8, 2007 in Newsletter | 0 comments

When writing a procedure, keep in mind these questions: • What is the objective of process? Know its purpose before starting.  • Which activities are part of scope? Agree on coverage of activities.  • Who is responsible for these activities? Identify key process players. • What are inputs and who are suppliers? Identify inputs and providers. • What are outputs and who are customers? Identify outputs and recipients. • What is referenced as an information source? Identify related documents. • What is the logical series of...

Read More

New TL 9000 R4.0 Handbooks

Mar 8, 2007 in Newsletter | 0 comments

TL 9000 was developed by the Quality Excellence for Suppliers of Telecommunications Forum (QuEST Forum) to meet the quality requirements of the worldwide telecommunications industry. The TL 9000 Requirements Handbook establishes a common set of quality management system requirements (based on ISO 9001:2000) for suppliers of telecommunications products: hardware, software, and/or services. The TL 9000 Measurements Handbook defines a minimum set of performance measurements that are used to evaluate results and identify improvement...

Read More

How to Audit Customer Communication

Mar 8, 2007 in Newsletter | 0 comments

An effective customer communication process contributes to the success of any organization’s quality management system, and ultimately, to the success of the organization itself. Conversely, many problems an organization experiences with its customers can be traced back to poor communication. ISO 9001 Requirements ISO 9001:2000, clause 7.2.3, Customer Communication, states an organization must determine and implement effective arrangements for communicating with customers in relation to: a) product information, b) inquiries, contracts or...

Read More

Top 5 Information Technologies in 2007

Feb 8, 2007 in Newsletter | 0 comments

There are five new technologies that appear to be the ones to watch this year according to Computerworld’s Vital Signs survey of 252 IT executives. To start, 1) Server Virtualization has caught the eye of organizations that want to transition from multiple operating systems to a smaller number of strategic platforms. Such virtualization masks server resources and creates partitions known as environments. The end result is that new automated servers begin to manage themselves. In the world of publishing, 2) Enterprise Content Management (ECM)...

Read More

Audits of Process Effectiveness

Feb 8, 2007 in Newsletter | 0 comments

Unfortunately, most audits focus on the conformity of a process, not its true performance. This emphasis on meeting requirements is important, but evaluating how well a process is achieving its planned results is critical. ISO 9001:2000 requires internal audits to determine not only if the quality management system conforms to planned arrangements, but also if it has been “effectively” implemented. ISO 9000:2005 defines effectiveness as the “extent to which planned activities are realized and planned results achieved”. So, how do we...

Read More

Benefits of an ISO 9001-based System

Feb 8, 2007 in Newsletter | 0 comments

What are the benefits of having an ISO 9001-based quality management system? Lets begin by looking at the benefits to your employees and the organization: Employee Benefits To successfully implement and maintain a quality management system, employees need to understand its value to them. The better they understand what’s in it for them personally, and how the organization also benefits, the more receptive they will be to the changes and work involved to make it happen. Employees benefit from the improved internal communication and top...

Read More

Responsibilities of a Process Owner

Feb 8, 2007 in Newsletter | 0 comments

The processes of a quality management system need to be established, implemented, controlled, and improved for an organization to consistently deliver products and services that satisfy its customers. To ensure this happens, each process should have an owner named. To understand the term “process owner”, lets begin with the definition of a process. A Process is a set of interrelated or interacting activities which transforms inputs into outputs. The inputs of a process are the outputs from other processes. And, processes are...

Read More

Guide to SOX 404 Assessments

Feb 8, 2007 in Newsletter | 0 comments

The Institute of Internal Auditors has published “Sarbanes-Oxley Section 404: A Guide for Management by Internal Control Practitioners”. The Guide incorporates guidance from the U.S. Securities and Exchange Commission, the Public Company Accounting Oversight Board, The Institute of Internal Auditors, and the real-world experience and insight of practicing internal auditors. The Guide focuses on how costs can be minimized without impairing the effectiveness of your internal controls. It also discusses the interplay between the requirements...

Read More

The Ultimate Satisfaction Question

Jan 8, 2007 in Newsletter | 0 comments

Have your customers quit responding to your lengthy satisfaction surveys? Are your response rates too low for adequate analysis and action? Well, you can’t just give up. You need to know what your clients are thinking. And, you also need to meet the requirements expressed in ISO 9001:2000, clause 8.2.2, Customer Satisfaction. Fortunately, there is a simpler way of surveying your customers. A measurement tool, called Net Promoter Score (NPS), uses only one question: On a scale of 1 to 10, how likely is it that you would recommend our company...

Read More

QMS Customer Satisfaction Survey

Jan 8, 2007 in Newsletter | 0 comments

The Independent Association of Accredited Registrars (IAAR) is an association of accredited management system registrars operating in North America. The results of their satisfaction survey on the reasons for, and benefits of, quality management standards are posted at their web site. When asked if their present certification had been a positive experience, 96% said yes. More than 2500 customers responded to questions such as: Select the one main reason your organization obtained certification to a quality management standard. Improve...

Read More

Avoiding Workplace Safety Complacency

Jan 8, 2007 in Newsletter | 0 comments

Every day in the United States, 15 workers on average lose their lives as a result of injuries or illnesses related to their work. These people leave behind families, friends, and co-workers. The single most common cause is complacency – an attitude that “it won’t happen to me.” Too often individuals and companies become complacent when it comes to safety. Managers are satisfied with mediocre safety performance and do not work to improve the environment by raising safety awareness and eliminating the potential for...

Read More

How to Audit an Internal Audit Program

Jan 8, 2007 in Newsletter | 0 comments

How do you audit an internal audit program? Lets begin by reviewing the definition of an audit from ISO 9000:2005, Fundamentals and Vocabulary, clause 3.9.1. An audit is: “a systematic, independent, and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled.” In other words, an audit is a planned, organized, and documented set of activities performed by impartial and objective auditors. The audit process collects evidence from an area to evaluate...

Read More