Whittington & Associates Newsletter

Newsletter sign-upSign up for our monthly email newsletter to get the latest guidance on ISO 9001, AS9100, AS9110, AS9120, ISO 13485, IATF 16949, ISO 14001, ISO 27001, ISO 45001, ISO 20000, and related ISO standards, as well as, Six Sigma.

If you have any questions about the articles appearing in this issue, or you want to suggest topics for future issues, please let us know.

1. ISO 9001 Classes in Orlando

Jan 2, 2018 in Newsletter | Comments Off on 1. ISO 9001 Classes in Orlando

Larry Whittington will be the instructor for these ISO 9001:2015 classes in Orlando, Florida:

ISO 9001:2015 Requirements
February 5-6, 2018

ISO 9001:2015 Internal Auditor
February 5-7, 2018

ISO 9001:2015 Lead Auditor
February 5-8, 2018

Click on a course title to view the course description and enroll in a class.

If you have questions about the training, or the registration process, please call 770-862-1766.

2. Tips for Using a Consultant

Jan 2, 2018 in Newsletter | Comments Off on 2. Tips for Using a Consultant

If you are considering the use of a consultant to help you implement or improve your management system, I offer these ten tips.

Choosing a qualified consultant is no easy task. The importance of taking the time to make a thoughtful selection cannot be underestimated. Your choice could end up affecting the efficiency and effectiveness of your business operations.

1. Understand the reasons for using a consultant

Why do organizations use consultants? An organization may realize it lacks the expertise, time, experience, or objectivity to perform the work without outside assistance.

Expertise: One of the most common reasons for hiring a consultant is when you need expertise that is not available within your own organization. Although your staff may have been trained on the selected management system requirements (e.g., ISO 9001:2015), they may not have the in-depth knowledge needed to establish the management system on their own. Many consultants are also certified auditors and able to better interpret the requirements.

Time: Even if your organization has the expertise, it may not be able to make the right people available due to other business demands. These key persons may be too busy to complete the required tasks by the desired dates.

Use of a consultant can help solve this timing problem. In fact, consultants may be able to complete the tasks in less time than your own staff due to their experience with the work.
When you rely upon a consultant to supplement your own resources, care must be taken to ensure the knowledge transfer takes place and your organization becomes self-sufficient.

Experience: A consultant that has worked with many organizations can gain a great deal of experience in planning, developing, and implementing systems. If your staff has not been involved in these activities, their inexperience may cause them to make the wrong decisions. Using an experienced consultant increases the likely of a successful project.

Cost: Consultants have a reputation for being expensive. If you compare their hourly rate to that of someone on your staff, it is easy to see how this impression is formed. However, the consultant’s fee includes not only salary, but also benefits and other expenses that are hidden when considering the cost of an in-house person.

Another factor is the higher efficiency of the consultant in their area of expertise. It may very well be less costly in the long run to use a consultant for the specialized work.

Objectivity: An outside consultant can offer a fresh unbiased view of your system. No matter how hard insiders try to objectively view the issues, their own involvement in the system and culture of the organization ends up influencing their response.

A consultant can explore solutions that may have been completely overlooked by your own staff or discounted as unworkable. A consultant may even make the same recommendation as one offered earlier by your staff, but this time it may receive more consideration due to the consultant’s creditability with management as an outside expert.

2. Identify the services you need from a consultant

Now that you understand the basic reasons why your organization may want to use a consultant, you must determine the needed range of services. Competent consultants should be able to plan the activities, document your processes, suggest good practices, teach onsite classes, conduct internal audits, and recommend system improvements.

A typical sequence of services is for the consultant to teach a class on management system requirements, followed by a gap analysis to determine the conformity level of your current system. Using the assessment results, the consultant works with your staff to prepare a project plan.

Project plans usually cover activities such as policy making, objective setting, task scheduling, cost estimating, plan approval, awareness training, process definition, document creation, progress reporting, registrar selection, system operation, record keeping, internal auditing, management reviews, and the stage 1 and stage 2 certification audits.

Your request for a proposal of services and fees from the consultant will rely upon the scope of work defined at this step. The organization must agree on the desired start date and end date for the consulting activities, as well as, the budget.

3. Decide on the selection criteria

Once the decision is made to use a consultant, and the proposed services are defined, you must agree on the criteria for selecting the right consultant for your organization. Consider the following factors:

Credentials: See if the consultant is an Exemplar Global or IRCA certified auditor or lead auditor. Although some competent consultants may not be certified auditors, those that are can speak from experience when they interpret requirements and assess your practices.
You can search a list of Exemplar Global certified auditors at this web page.

Other credentials to consider are the American Society for Quality (ASQ) certifications, such as, Certified Quality Manager, Certified Quality Engineer, Certified Software Quality Engineer, and Certified Quality Auditor. Some qualified consultants may not hold these designations, but if they do, it means they passed a lengthy examination on the applicable body of knowledge.

Experience: It is important to select an experienced consultant. How many years has the consultant been in business? You also want someone that has relevant experience in your specific industry sector.

Every consultant was inexperienced at one time. We all need a break to get started in a new field. You might decide to give a talented newcomer a chance, but be aware of the risk.

Attributes: The communication skills of your consultant are extremely important. You want someone that is easily understood and relates well with all levels of the organization.

The consultant should be open-minded and flexible. You want a consultant that can adapt to different circumstances, since your organization may have unique needs. Being perceptive and practical are also valuable attributes. You want the consultant to see the big picture, relate to your environment, provide specific guidance, and suggest appropriate actions.

Consultants should be tactful in dealing with people, but also confident and assertive when the need arises. You are looking for a good “time manager” that exhibits leadership skills.

Availability: You know when you want the consulting work to be done. The question is, will the consultant have sufficient days available to provide the needed support?

No sense pursuing a highly recommended consultant if no time will be available for your organization when you need it. Start early in your search for a consultant so you are not limited to just those with no scheduling conflicts (and perhaps, little business). The more qualified and experienced consultants may be booked several months in advance.

Access: Consider how easy it has been to reach the consultant during the selection process. Has the consultant promptly returned your email messages and telephone calls? You don’t want to discover during the implementation period that your consultant is not accessible.

References: Ask the consultant for at least three references from similar organizations. Check with the listed contacts to determine their satisfaction with the work performed by the consultant. Don’t rely solely on the supplied proposal. Verify past results.

Cost: An obvious consideration will be the consultant fees and expenses. However, the decision should not be based on cost alone. The higher priced consultant may also be the most competent, and therefore, still the right choice. However, if other factors are about equal, cost may be the deciding factor.

Don’t forget to consider the travel and living costs. A consultant outside your local area will incur additional transportation, lodging, and meal expenses.

4. Find the consultant

After you’ve decided on the criteria for choosing a consultant, it is time to locate possible candidates. Unfortunately, finding the right consultant can be a frustrating experience if your organization doesn’t go about it in a thoughtful and methodical way.

You have settled on the selection criteria, but it may still be difficult to confidently assess the consultants before the work is done. As a result, it is very important to identify a good set of consultants to enter the evaluation process.

Prior Use: The ideal way to find a good consultant is to have had previous experience with one. If you have used a consultant for similar activities in the past, and were satisfied with the results, you should be able to expect similar performance in the future.

Referrals: Ask around within your own company to see if other areas have used management consultants. You may be able to contact your counterpart at another site to obtain a reference for someone they used for similar work. Also, see if your friends at other companies are willing to suggest a consultant based on their personal experience.

Contacts: Check with others in your industry regarding their use of management consultants. Remember to call the contacts in your trade and professional associations to see if they have a recommendation. You can also go to local firms outside your industry since their consultants may also be qualified for your business sector.

Directories: You can search the Exemplar Global auditor directory listed earlier to see if any of the persons are in your local area, have the necessary skills, and are available for hire. Note this certification attests to their auditing capability, not their consulting or training skills.

Advertisements: Trade and professional magazines are sources for identifying consulting firms and individual consultants. However, many successful consultants rely upon repeat business and referrals. Lack of advertising should not be viewed as a negative.

Trainers: If you were impressed with the instructor for a recent management system requirements or internal auditor course, see if the training firm also offers consulting services. Maybe you can arrange to have the instructor assigned as your consultant.

Registrar: If you have already selected a registrar, you can ask for a vetted list of consultants. The registrar will not suggest a specific person to avoid a potential conflict of interest.

5. Request a proposal

Now that you have identified a group of possible consultants, you should ask them to submit proposals for your evaluation. To help them quote the appropriate services, include the following information in your request:

Scope: Describe the expected scope of work. Are you looking for specific documentation help or general consulting assistance? Do you want onsite training classes or an audit of your system?

If you are not sure what you need, then request a discovery stage where the consultant performs a gap analysis and proposes the project plan. It is likely that you’d use the same consultant for the next stage, but it gives you the option of selecting someone else or going in a different direction.

Timing: Let the candidates know when the work is to be done, when you expect their responses, and when you will notify them of your decision.

Methods: Ask the consultants to describe how they would perform the work and produce the deliverables. See what you think of their approach and consider how they express themselves.

Fees: Ask the consultants to identify their hourly and daily rates. Since the rates may differ by type of service, request their training, auditing, consulting, and documentation rates, as appropriate. Find out if their fees are different for onsite assistance versus remote electronic help.

Ask if they charge for travel time (this could add significant costs for remote locations).

Expenses: Some consultants charge actual and reasonable travel expenses. Some may request a flat per diem. Others may quote an all-inclusive price (fees and expenses).

Ask how they handle expenses. To evaluate the differences, you could ask them for an expense estimate for a possible trip to your location, or ask them to quote an all-inclusive price.

Format: If you want the consultants to submit their proposals in a specific format or medium, let them know. Make it easy on yourself to evaluate their responses.

6. Choose the consultant

When you receive the proposals, you should evaluate them using the agreed selection criteria. Know in advance who will participate in the evaluation and make the recommendation. Will a committee make the decision, or an individual manager? In any case, you want the decision fully supported so the consultant can work effectively with your organization.

You will evaluate their personal traits, especially their communication skills. You will also look at their experience in performing the defined scope of work. If you are dealing with consulting firms, identify the consultants that will be assigned to your organization and evaluate those individuals. Remember to assess their availability for the work, as well as, their responsiveness in returning calls and answering questions.

Be sure to check the supplied references. Ask the identified contacts what value they received from the consulting activity and if they would use the consultant again.

Use the proposals to create a short list of consultants. Thank the others, but let them know they were not selected. Evaluate the remaining candidates by interviewing them. In person is best, but by telephone or video conference may be acceptable. You want to get a sense of how compatible they seem to be with your organization. It is also an opportunity to clarify their proposals.

Although difficult to accomplish in an interview, check for possible conflicts of interest and see if you feel comfortable with the honesty and ethics of the consultant. Confirm the consulting fees and estimated expenses. Although negotiating the terms of the agreement remains to be done, you will make your initial decision based on the available facts.

Notify the preferred consultant of the selection (pending negotiation of acceptable terms). Wait until after the negotiation completes before notifying the remaining candidates.

7. Negotiate the terms

You have made a tentative selection. Discuss the specific dates for the initial visit. See if the consultant will reduce the quoted rate based on the size of the project and possible repeat assignments. Depending on your geographic location and the requested types of services, you may find the consultant is willing to lower the fee to gain your business.

Remember that you’ve already decided this consultant is the best choice if the terms can be worked out to the satisfaction of both parties. Don’t automatically exclude the person if the price cannot be negotiated to a lower amount.

8. Prepare the agreement

At this point, the consultant has been selected and you need to prepare an agreement for both parties to sign regarding the scope of work. The agreement could be a legal contract or simply a letter of understanding. The bigger the job, the more formal the agreement.

The agreement should describe the expected deliverables and their timing. Identify your contact for authorizing and scheduling the activities. Explain that monthly payments will be made based on completed work. Attach the consultant proposal to the agreement.

Use the agreement to emphasize the need for confidentiality. Describe when and how you expect the consultant to report on project status. Include a cancellation clause that allows you to terminate the agreement at any time and only pay for services already rendered.

9. Manage the consultant

Even an expert consultant needs to be managed well. Ensure the primary contact at your organization fully accepts this coordination role. Any issues or misunderstandings must be promptly resolved.

Keep management informed. Remind your organization to strive for self-sufficiency. You want to avoid a prolonged dependence on the consultant.

Give the consultant access to the appropriate people, documents, and records. Ensure the organization cooperates, but remember, the consultant makes suggestions, not business decisions. The project success depends primarily on management, not the consultant.

10. Evaluate the results

When the project completes, evaluate the results. Were the deliverables acceptable? Were they produced on schedule? Did the outcome satisfy the objectives? This evaluation will give you insights on possible improvement activities.

Assess the consultant’s performance. Did the consultant do a good job of planning? Was the plan followed without significant deviation? Were you kept informed throughout the project? Did the consultant work well with others and foster teamwork?

Was the expertise of the consultant reflected in the results? Were the recommendations workable? Does the management system perform as expected?

Be fair and consider the impact of the organization’s own performance when you evaluate the consultant. The real test: would you use the consultant again and recommend to others?

Summary and Guidance

If thoughtfully selected and wisely used, a consultant can be a valuable partner in setting up or improving your management system. However, remember that the system is owned by your organization.

Take care to avoid these common problems:

  • Not obtaining multiple proposals
  • Not clear on what is to be done
  • Expecting too much for too little
  • Not checking the references
  • Relying solely on the consultant

An effective and sustainable management system should show evidence of employee involvement. Use the advice of the consultant, but remember your organization owns the system and is responsible for its success.

I hope you find these tips useful in selecting and using a consultant. Best wishes for an efficient and effective journey with your consultant as a seasoned and skillful guide.

3. Papers, Glossary, and Links

Jan 2, 2018 in Newsletter | Comments Off on 3. Papers, Glossary, and Links

Look at the updated “Resources” tab at the top of our website home page.


The Papers section provides 22 handouts that can be downloaded for:

  • AS9100:2016
  • AS9110:2016
  • AS9120:2016
  • ISO 9001:2015
  • ISO 14001:2015
  • IATF 16949:2016
  • ISO 27001:2013
  • ISO 13485:2016


The Glossary section includes 123 quality and audit-related definitions based upon ISO 9000:2015 and ISO 19011:2011.


The Links section includes 146 web links to quality and industry-related associations, councils, centers, forums, societies, institutes, and agencies.

4. AS9116A:2017

Jan 2, 2018 in Newsletter | Comments Off on 4. AS9116A:2017

AS9115A:2017, Quality Management Systems – Requirements for Aviation, Space, and Defense Organizations – Deliverable Software, is a supplement for AS9100D:2016 to clarify the requirements for deliverable software.

AS9115 contains quality management system requirements for organizations that design, develop, and/or produce deliverable software and services for the aviation, space, and defense industry. This includes, as required, support software that is used in the development and maintenance of deliverable software and services. The deliverable software may be stand-alone, embedded, mobile application, or loadable into a target computer. This deliverable software may also be part of services (e.g., cloud environment, web hosted solutions or platforms).

Where the use of Hardware Description Language (HDL) or high order language is utilized as the design source of electronic hardware [e.g., Application Specific Integrated Circuit (ASIC), Programmable Logic Device (PLD)]; the organization and customer, and/or supplier must agree on the extent of applicability of this supplement.

NOTE: For airborne electronic hardware guidance, see RTCA/DO-254 or EUROCAE ED-80. For operations requirements, see AS9100 Section 8.

Where Commercial-off-the-Shelf (COTS) or non-developmental software is integrated into a deliverable product, the organization and customer must agree on the extent of applicability of this supplement.


AS9115:2017 supersedes AS9115:2010. AS9115 has been revised to incorporate the new clause structure and content of ISO 9001:2015. In addition, industry requirements, definitions, and notes have been revised in response to ISO 9001:2015 and AS9100:2016 revisions and stakeholder needs.

AS9115 is a supplement to AS9100 providing clarification of the corresponding AS9100 requirements, as necessary, for deliverable software. In some cases, where clarification is needed, it was necessary due to the complexity of software to decompose “shall” statements in AS9100 into more granular requirements. Where no software clarification is required of the AS9100 requirements, the following phrase is presented: “The requirements of AS9100 apply. No clarification required for software.”

NOTE: AS9115 must be used in conjunction with AS9100; references throughout the text to AS9100 are understood to mean AS9100:2016.

You can order the 25-page AS9115A:2017 standard for $76 at this SAE web page.

5. Quality Manual Templates

Jan 2, 2018 in Newsletter | Comments Off on 5. Quality Manual Templates

We have quality manual templates for IATF 16949:2016, AS9100D, AS9110C, AS9120B, and ISO 9001:2015-based quality management systems:

We have a policy manual template for an ISO 14001:2015-based environmental management system, and a policy manual template for an integrated QMS-EMS management system:

Click on a template above to view its description. To purchase a template, click on the “Buy Now” button within the template description.

You don’t need a PayPal account to buy a template by credit card. After payment, you’ll be directed to a template download page. The file is supplied in Word format for ease of editing.

If you have any questions about these templates, please contact Larry Whittington at <larry@whittingtonassociates.com>.

6. ISO 10006:2017

Jan 2, 2018 in Newsletter | Comments Off on 6. ISO 10006:2017

ISO 10006:2017, “Quality management – Guidelines for quality management in projects” is available for the application of quality management in projects. This third edition of the standard replaces ISO 10006:2003.

ISO 10006 is applicable to organizations working on projects of varying complexity, small or large, of short or long duration. It can be an individual project or part of a program or portfolio of projects, in different environments, and irrespective of the kind of product/service or process involved. The intent is to satisfy project interested parties by introducing quality management in projects. This can necessitate some tailoring of the guidance to suit a specific project.

ISO 10006 is not a guide to project management itself. It presents guidance on quality in project management processes. Guidance on project management and related processes is covered in ISO 21500.

The 34-page ISO 10006:2017 standard can be purchased at this ISO web page for about $140.

Members of ANSI can buy it for $129.60 at this ANSI web page. The price for non-ANSI members is $162.00.

Table of Contents:

4. Quality management systems in projects
4.1 Context and characteristics of the project
4.2 Quality management principles
4.3 Project quality management processes
4.4 Quality plan for project

5. Management responsibility in projects
5.1 Top management commitment
5.2 Strategic process
5.3 Management reviews and progress evaluations

6. Resource management in projects
6.1 Resource-related processes
6.2 Personnel-related processes

7. Product/service realization in projects
7.1 General
7.2 Interdependent processes
7.3 Scope-related processes
7.4 Time-related processes
7.5 Cost-related processes
7.6 Communication-related processes
7.7 Risk-related processes
7.8 Procurement processes

8. Measurement, analysis, and improvement in projects
8.1 General
8.2 Measurement and analysis
8.3 Improvement

Annex A: Overview of processes for quality management in projects
Annex B: Cross-reference matrix between this document, ISO 9001:2015, and ISO 21500:2012

7. ISO 17025:2017

Jan 2, 2018 in Newsletter | Comments Off on 7. ISO 17025:2017

ISO 17025:2017, “General requirements for the competence of testing and calibration laboratories”, third edition, is available to replace ISO 17025:2005.

ISO 17025 specifies the general requirements for the competence, impartiality, and consistent operation of laboratories. It is applicable to all organizations performing laboratory activities, regardless of the number of personnel.

Laboratory customers, regulatory authorities, organizations and schemes using peer-assessment, accreditation bodies, and others use ISO 17025 to confirm or recognize the competence of laboratories.

The 30-page ISO 17025:2017 standard can be purchased at this ISO web page for about $140.

Members of ANSI can buy it for $129.60 at this ANSI web page. The price for non-ANSI members is $162.00.

Table of Contents:

4. General requirements
4.1 Impartiality
4.2 Confidentiality

5. Structural requirements

6. Resource requirements
6.1 General
6.2 Personnel
6.3 Facilities and environmental conditions
6.4 Equipment
6.5 Metrology traceability
6.6 Externally provided products and services

7. Process requirements
7.1 Review of requests, tenders, and contracts
7.2 Selection, verification, and validation of methods
7.3 Sampling
7.4 Handling of test or calibration items
7.5 Technical records
7.6 Evaluation of measurement uncertainty
7.7 Ensuring the validity of results
7.8 Reporting of results
7.9 Complaints
7.10 Nonconforming work
7.11 Control of data and information management

8. Management system requirements
8.1 Options
8.2 Management system documentation
8.3 Control of management system documents
8.4 Control of records
8.5 Actions to address risks and opportunities
8.6 Improvement
8.7 Corrective actions
8.8 Internal audits
8.9 Management reviews

Annex A: Metrological traceability
A.1 General
A.2 Establishing metrological traceability
A.3 Demonstrating metrological traceability

Annex B: Management system options

8. Gap Checklists

Jan 2, 2018 in Newsletter | Comments Off on 8. Gap Checklists

Larry Whittington has developed ISO 9001:2015 and ISO 14001:2015 checklists for the purpose of conducting a gap analysis of your current system against the new and changed requirement of the new standards.

ISO 9001:2015 Gap Analysis Checklist 

The 27 page ISO 9001:2015 Gap Analysis Checklist contains 313 questions for organizations new to ISO 9001, and 119 delta questions for ISO 9001:2008 certified organizations.

To read a description of the ISO 9001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the checklist for $95.

ISO 14001:2015 Gap Analysis Checklist 

The 17 page ISO 14001:2015 Gap Analysis Checklist contains 213 questions for organizations new to ISO 14001, and 96 delta questions for ISO 14001:2004 certified organizations.

To read a description of the ISO 14001:2015 Gap Analysis Checklist, and see a sample page, go to this web page. You can buy the checklist for $95.


When you click the Buy Now button at the checklist description, you will be taken to PayPal. You do not need a PayPal account to make a credit card purchase.

After payment, you will be directed to a checklist download page. The file is supplied in Word format for ease of editing.