Author: iarora@qmii.com

Procedure, Work Instruction, or Flowchart?

-by Dr. IJ Arora

The choice between writing a procedure or a work instruction is an essential decision when designing a management system. Clause 4.4.1 of ISO 9001:2015 (as well as all the ISO management system standards using the harmonized structure) requires the establishment and implementation of a management system. This management system will have procedures and work instructions and further down the hierarchy, checklists and forms.

Processes can be actualized in many forms. Today, mapped processes make it easy to visualize the functioning of the process. This is an important distinction in quality management systems based on ISO 9001—or for that matter any sector-specific standard like those dedicated to management within maritime, aerospace, etc. Many organizations struggle with when to write a procedure, when to write a work instruction, and how and when a flowchart should be used.

I think the core difference between a procedure and a work instruction is that a procedure answers the question, “What happens and who does it?” A procedure defines the process, its purpose, its sequence (clause 4.4.1b), and who is responsible for the work, perhaps as process owners (clause 4.4.1e). It answers what is to be done, when it must be done, who is responsible, and why it matters. The flowchart then helps visualize the inputs and outputs that flow between the steps.

What is a procedure and how it is used?

A procedure does not tell someone how to do a task; it simply describes the steps or stages necessary to accomplish it. I think of the procedure as the blueprint of the workflow. Therefore, I would recommend using the procedure when multiple people or departments are involved, when there is decision-making or sequencing, when the process crosses functional boundaries, and when documenting the process supports consistency, audits, or training. The procedure is also best when regulatory bodies expect clearly defined processes.

What is a work instruction and how is it used?

On the other hand, a work instruction shows stakeholders how exactly a task is to be accomplished. A work instruction “goes into the weeds” to the extent required by the workforce (depending on their confidence, competence, knowledge, and so on). It describes specific methods, often at a deep level of detail. It answers questions such as:

“How do I perform this task?”
“What tools, equipment, settings, forms, and/or software steps are required?”
“What are the acceptance criteria?”
“What do I check and how do I measure performance?”

Remember, work instructions are intended to be simple, direct documents for use by the workforce. Use them when:

A task requires technical, step-by-step details
Training new personnel
Incorrect execution can create quality or safety risks
Standardization is essential
Variation in execution must be eliminated

What is a flowchart and how is it used?

Flowcharts can technically be used to support both procedures and work instructions, but I generally recommend their use in conjunction with procedures. This helps make the procedure visual by mapping the 50,000-foot view of a process. A flowchart is ideal when the process has multiple decision points, parallel paths, several departments interacting, and inputs/outputs that must be made clear. The flowchart helps avoid the confusion that can come when procedures are described in long paragraphs. Flowcharts make complex processes easy to understand immediately. I therefore believe in flowcharting a procedure when the process needs high-level clarity, the sequence matters, when an organization wants to show interactions between departments, when it supports risk-based thinking, and when you want to simplify training for new personnel.

Flowcharts work best for document control, non-conformances, and corrective action processes, purchasing and supplier management, production scheduling, quality inspection, and testing flows and change management processes (as seen in clauses 5.3e, 6.3., 8.2.4, 8.3.6, and 8.5.6). Flowcharts do not replace work instructions; they complement them.

Final thoughts

To sum up how these tools work together, the practical document hierarchy an organization could consider starting with policy (and why that policy exists), move into documenting the procedure (preferably supported by a flowchart) to convey what happens and in what order, and then crafting work instructions to clarify how to carry out specific tasks. Finally, document everything through records and forms to provide evidence that the work was performed.

All this should connect as a system where a flowchart procedure should describe the process, a work instruction explains each critical task, and the documented information provides traceability. Performance monitoring (clause 9) can be documented via procedures, work instructions, and flowcharts.

Note – The above article was recently featured in an Exemplar Global publication ‘The Auditor’.

ISM Code to Bridge the Shore – Ship Gap: Making SMS a Living System

I take pride on my experience as I work with our maritime clients emphasizing the personal perspective from both below and above the surface of this ocean. My view of the ISM Code is shaped by a life at sea. I spent good 22 years of the early part of my career in the Indian Navy, eventually commanding two F-class submarines and later serving on India’s first nuclear submarine a Charlie II. After leaving the Navy, I served for a decade as Master in the mercantile marine. Then as a VP in the second largest ship registry, the Liberian Flag for 3 years and now as the leader of the QMII team. I have seen safety management from the control room of a submarine and from the bridge of a merchant ship, in fair weather and in crisis. These experiences have convinced me that a Safety Management System only works when it is lived by the people who must make decisions in real time, far from shore support.

I still remember standing on the bridge of a merchant vessel, facing commercial pressure to sail on schedule while weather and equipment concerns suggested otherwise. The manuals and procedures were on board, but what mattered in that moment was whether the company truly backed me and my Master’s judgment. That is where the real test of any SMS lies, not in what is written, but in the support given when difficult decisions must be made.

Having sailed for many years, I know how isolating a tough decision at sea can feel. A good DPA is not just a name in the manual but a trusted voice on the other end of the line, someone the Master can call at 0200 hours and speak openly with. When that relationship exists, the SMS becomes real; when it doesn’t, the paperwork quickly loses relevance on board.

After a lifetime at sea and many years working ashore with companies to implement the ISM Code, and finally leading QMII for over two decades in training, auditing and consulting in management systems, I remain convinced of one thing that the Code itself is not the problem. The real issue is whether we choose to make the SMS a living system that respects the realities of those at sea. When shore and ship learn to listen to each other through the SMS, we honor not just compliance requirements, but the professionalism and lives of the people who sail our ships.

More than 25 years after the ISM Code became mandatory, the International Safety Management (ISM) Code is still too often treated as a paper exercise. Shore offices produce manuals, checklists and forms; ships receive them, file them, and do their best to keep up. The result is a familiar complaint from both sides, “The system is for auditors, not for us.”

Yet the ISM Code was never intended to create a paperwork gap between shore and ship. It was meant to bridge that gap by providing a common safety language and a shared framework for decision-making. When understood and implemented as a living system, the Safety Management System (SMS) becomes exactly that bridge. I always recollect the curt observation by Justice Sheen post the sinking of the Herald of Free Enterprise: “…. I see a disease of sloppiness at every level of the hierarchy….”. His direct pointer at having a management system brought us the ISM Code connecting to the SOLAS.

The ISM Code’s original Intent was to have a system that connects people. The ISM Code’s purpose is clear: to provide an international standard for the safe management and operation of ships and for pollution prevention. The Code defines the Safety Management System as a structured and documented system enabling company personnel to implement the company’s safety and environmental protection policy effectively. From the beginning, the Code placed both shore and ship within the same system. Company objectives in section 1.2 of the ISM Code include:

providing safe practices in ship operation and a safe working environment,
assessing risks to ships, personnel and the environment and establishing safeguards, and
continuously improving safety management skills of personnel ashore and aboard ships.

These are not separate objectives for two separate worlds. They are shared obligations, achievable only when the SMS genuinely links the office and the vessel.

So where then does the gap come from? Despite this intent, many organizations experience a shore–ship divide in their SMS.

On shore, staff may focus on satisfying external auditors, producing beautifully formatted procedures that look good in a DOC audit but are hard to use in real operations.
On board, crews often experience the SMS as extra work: duplicative checklists, complex forms, and procedures that do not reflect the realities of weather, port pressure and human limitations.

When this happens, several symptoms appear:

“Cut-and-paste” risk assessments that no one believes in.
Non-conformities written in audit language instead of operational language.
Masters and Designated Persons Ashore (DPAs) communicating mainly for certification, not for learning.

The result is an SMS that is formally compliant but functionally weak—it exists on paper but not in daily decision-making. The SMS must be a living system. To bridge the gap, we must return to a simple idea, the SMS is not a manual. It is the way the organization manages risk and work, documented so it can be repeated, audited and improved. A living system has several characteristics:

Owned by users, not by paperwork Procedures and checklists are written in the language of the people who use them. Crew and shore staff participate in their development and revision. Guidance documents are concise, operational and easy to find.
Fed by real feedback The Code requires procedures for reporting accidents and non-conformities, and for internal audits and management reviews as functional elements of the SMS. In a living system, these are not compliance rituals but mechanisms for learning. Near misses, hazardous observations and improvement suggestions from crew are actively encouraged, analyzed and acted upon.
Adaptable, not frozen, clause 12 of the Code calls for review and evaluation of the SMS.
A living SMS changes in response to new risks, technology, trade patterns and lessons learned. Revision is continuous, not something done hurriedly before an audit.
Transparent roles and communication The Code requires defined levels of authority and lines of communication between shore and shipboard personnel. In a living system, these lines are not just organograms—they are trusted relationships. Masters feel supported, not second-guessed. The DPA is accessible, respected and known by name, not just as a title in the manual.

The DPA then should be the human bridge. Perhaps the most powerful bridging mechanism in the ISM Code is the requirement that every company designate a person or persons ashore with direct access to the highest level of management (ISM Code clause 4).

In many organizations, the Designated Person Ashore (DPA) becomes either:

a paper coordinator, chasing signatures and tracking audits, or
a firefighter, reacting to incidents and port state control findings.

To make the SMS a living system, the DPA must instead function as a system integrator:

Listening systematically to ship feedback and ensuring it reaches senior management.
Challenging shore practices that create unrealistic demands on ships.
Ensuring that risk assessments and procedures reflect actual operations, not office assumptions.
Facilitating honest discussions after incidents—not searching for blame but for system weaknesses.

In short, the DPA should be the voice of the ship in the boardroom and the voice of the system on the ship.

The companies should plan practical steps to bridge the shore–ship gap. Companies that wish to transform a static SMS into a living one can take several practical steps as to co-create procedures with ship staff by involving the masters, officers and ratings when developing or revising procedures. I call it capturing the “as-is” of the system in preference to throwing the ‘baby with the bath water” by simply adopting a template. Pilot new checklists on board before formal approval. Ask: “does this help you do the job safely under time pressure?” If not, redesign. Management systems are not etched in stone. They should be open, flexible and adoptable to change.

Train to be competent and for understanding, not just for compliance. Move beyond “read and sign” familiarization. Use case studies, incident reviews and simulations that connect ISM clauses with real operational dilemmas. Emphasize why a procedure exists, not just how to follow it.

Most importantly, simplify and prioritize. The ISM Code specifies functional requirements, not thickness of manuals. Focus on critical operations and major risks; remove redundant or overlapping forms. A smaller, well-used SMS is better than a massive, ignored one. While doing this, also strengthen feedback loops. Make incident and near-miss reporting simple and non-punitive. Provide feedback to the crew on what was learned and what changed as a result. When people see that speaking up leads to improvement, not punishment, the system comes alive.

Remember data drives risk and trends and makes an organization proactive. Use data—and stories. Combine quantitative indicators (deficiencies, delays, injuries) with qualitative insights (crew narratives, master’s reviews). This blended view gives a more complete picture of safety performance and culture.

A change from compliance culture to learning culture must be brought in to create an environment for quality, safety, security and continual improvement. Port State Control statistics show that ISM-related deficiencies remain among the most frequently reported issues worldwide. This suggests that many SMSs still operate at a minimum compliance level. Bridging the shore–ship gap means moving toward a learning culture, where:

Deviations are signals to improve the system, not just to correct the individual.
Masters are empowered to exercise their overriding authority and supported by the shore organization with resources on as needed basis.
Top management sees the SMS not as a cost, but as an asset that protects people, ships, reputation and the marine environment.

In conclusion I would repeat that making the Code work as intended is the need. Not just talk but walk the talk. The ISM Code gave the maritime industry a powerful framework. It defined objectives, clarified responsibilities, and required a documented Safety Management System (SMS) that connects shore and ship. The challenge now is not to “comply” with the Code, but to realize its intent.

When the SMS is treated as a living system—owned by its users, nourished by feedback, continually adapted and genuinely connecting shore and ship—it becomes what the Code envisioned:

a bridge between management and operations,
a driver of safety and environmental protection, and
a practical expression of the company’s values at sea and ashore.

The choice is ours: an SMS that exists for certificates, or an SMS that saves lives, protects the environment, and unites shore and ship in a common purpose.

—

About the Author

This article was written by Inderjit “IJ” Arora, Chairman, Board of Directors at QMII. With more than 30 years’ experience spanning military service, merchant marine and civilian industries, he is an Exemplar Global-certified lead auditor and member of the U.S. TAG to ISO/TC 176 (the ISO 9000 family of standards). IJ holds an MBA from The College of William & Mary and an MSc in Defense Studies, and he brings a unique leadership and crisis-management background into quality systems consulting. He specialises in transforming management-system certification into a strategic advantage for organisations.

Hope Is Never A Plan

Wishful thinking is fine, but it rarely achieves positive results in professional settings. The best path to reach a desired outcome is to implement a structured, process-based management system. It is not a guarantee of success, but if implemented by competent and motivated teams, such a system allows the organization to produce conforming products and services and embrace continual improvements.

I often hear from leadership about their faith in the power of hope, but my experience tells me that hope is never a plan. For those who believe in hope, my advice is to base it on a well-designed management system. There is no need to re-invent the wheel. ISO standards exist for management teams to use.

In organizations of every size, across industries and borders, there is often an invisible reliance on hope. Leaders hope customer complaints will decline. Managers hope processes will perform as intended. Teams hope risks won’t materialize.

Hope can inspire, but it cannot control outcomes. It is not a strategy, and it is certainly not a plan. In contrast, a good management system transforms that hope into structured action, measurable results, and continual improvement.

A Better Way

At my organization, we have long stressed (and said) “Hope is never a plan.” The plan—the real plan—is embedded in the process-based management approach that underlies ISO 9001 and other international standards. This approach replaces uncertainty with understanding and reactivity with resilience.

The problem with hope as a strategy is there is no plan. In times of uncertainty—economic shifts, market volatility, supply chain disruptions—many organizations fall back on hope as a substitute for planning.

However, in my experience, success is built upon the foundation of a process-based management system. Remember the wise words of Deming: “A bad system will beat a good person every time.” The process approach, central to ISO 9001 and mirrored in ISO 14001, ISO 45001, and numerous other ISO standards, recognizes that results come from well-managed processes.

The journey from wishful thinking to structured management is embodied in the process approach, which was first formalized in ISO 9001:2000 and reinforced in ISO 9001:2015. The standard recognizes that consistent, predictable results arise from well-defined and managed processes, not from chance. In particular, sub-clause 4.4 of ISO 9001:2015 requires organizations to establish, implement, maintain, and continually improve a management system, including the processes needed and their interactions.

Where hope says, “Let’s see how it goes,” a process-based system asks:

What inputs are required, and what outputs are expected?
Who is responsible for the process?
What resources and controls are necessary?
How will we measure performance?

This thinking moves an organization from reacting to problems to controlling the variables that create success. Rather than managing departments or reacting to problems, organizations use the process approach to:

Define interrelated processes that deliver outputs valuable to customers and stakeholders (sub-clause 4.4.1).
Identify inputs, activities, and controls within each process (sub-clause 4.4.1).
Establish measurable objectives and performance indicators (sub-clauses 6.2 and 9.1.3)
Use data and analysis to drive decisions.

This approach replaces hope with evidence, accountability, and continual improvement.

Plan, Do, Check, Act (PDCA) and the Importance of Leadership

The PDCA cycle implies planning as the basis for turning vision into reality. Clause 6 emphasizes “Planning,” i.e., the transformation of organizational context (subclauses 4.1 and 4.2) and risks (sub-clause 6.1) into actionable objectives and opportunities for improvement:

Risks and opportunities (not just reacting to issues)
Resources and competence needed to achieve results
Process interactions that maintain flow and consistency
Measurable outcomes that guide continual improvement

In this framework, hope is replaced by proactive thinking, i.e., identifying what could go wrong and preparing responses before it happens. This is far superior to a reactive approach. Of course, in the initial functioning of the management system, any non-conformances (NCs) found will drive corrective action. However, once data accumulates (based on closed NCs and other monitoring and analysis) then those data will drive risks and trends and enable proactive system.

Leadership plays a very important part in the success of an organization. From slogans to systems, true leadership is not about motivational statements but about embedding systems that work even when leaders aren’t watching.

Leaders demonstrate commitment by:

Integrating the management system into business strategy (sub-clause 5.1.1c)
Promoting process ownership and accountability
Ensuring alignment of policies (sub-clause 5.2), objectives (sub-clause 6.2), and actions

A strong system outlives individual personalities—it ensures the organization runs effectively on principles, not just people. What employees learn during their work life at the organization is captured as lessons learned and forms the organization’s corporate knowledge (sub-clause 7.1.6).

Continual improvement (sub-clause 10.3) is the antidote to complacency. Even good systems fail if they stop evolving. ISO’s process-based model ensures continual improvement through:

Audits and reviews that identify gaps and inefficiencies
Corrective actions that prevent recurrence
Performance metrics that inform decision making

Hope says, “Things will get better.” A good management system says, “Here’s how we’ll make them better—and how we’ll know it worked.”

Conclusion

My advice to leaders is to replace hope with a system. Every organization faces uncertainty, but those that succeed do not count on hope—they rely on structured management, clear processes, and evidence-based decisions. Leadership is responsible for maintaining customer focus (sub-clause 5.1.2), understanding customer requirements and associated risks, having thorough knowledge of their products, and carefully selecting vendors.

Uncertainty and hazards must not be passed to employees, users, or other stakeholders. Instead, they should be converted into manageable and low-impact risks. Those risks can then be addressed and/or converted into opportunities for improvement.

In an uncertain world, replacing hope with a system is a must. Hope may be emotionally comforting, but it is operationally dangerous. A good management system, based on ISO 9001’s process approach, gives structure to intention and reliability to performance. It enables organizations to anticipate risks, seize opportunities, and deliver consistent value. It creates confidence among customers, regulators, and employees that the organization is not merely hoping for success—it is planning, executing, and improving toward it.

The above article was recently featured in ‘The Auditor’, an Exemplar Global publication.

—

About the Author

Cost-Benefit Analysis: ROI of ISO 9001 Registration for U.S. Manufacturers

For some U.S. manufacturers, registration to ISO 9001 raises one question: “Is it worth the investment?” In other words, how can an organization maximize the benefits of ISO 9001 registration and convert them to a solid return on investment (ROI)?

Analyzing ROI

A consideration of costs and benefits must be included in an ROI analysis to allow manufacturers to make good decisions about ISO 9001 registration. Calculating the value of an effective quality management system (QMS) must include integrating quality and the overall management of the organization (as seen in clause 5.1.1 of ISO 9001). This would include the costs and payoffs that create the real ROI of ISO 9001 registration.

Mere compliance to the language of the standard is not enough; what is required is that ISO 9001 registration leads to competitive advantage. The intent for any manufacturer is to boost efficiency and revenue. In this new environment, where a considerable amount of manufacturing is being re-shored to the United States, ISO 9001 registration matters more than ever. Registration to ISO 9001 is worth it if it brings a clear ROI, such as cash in the bank in the form of cost savings or revenue increases. The answer lies in understanding the ROI that comes from building a strong QMS based on ISO 9001 or other relevant industry-specific standards such as AS9100, etc.

There is no free lunch. In other words, there are costs associated with ISO 9001 registration. Therefore, manufacturers should budget for:

Consulting and training. Staff must be prepared to align processes with the requirements of ISO 9001.
System development. This may include documenting procedures, implementing software, and updating workflows.
Certification audits. Certification bodies (CBs) require fees for initial certification and surveillance audits.
Time and resources. These may include employee hours spent on training, process improvements, and audits.

Costs vary depending on company size and can run from tens of thousands of dollars for small factories to much more for large, multi-site operations. The good news is that the benefits of working systematically using a process-based management system (as per clause 4.4.1 or ISO 9001) drive the ROI as the system implementation reduces waste and other production inefficiencies.

Although there can be significant upfront costs, the benefits of ISO 9001 registration often compound over time. These can include operational efficiency with streamlined processes which reduce waste, downtime, and rework, leading directly to lower production costs. Customer confidence and market access improve as the manufacturer consistently produces confirming products and services. Many U.S. manufacturers find ISO 9001 and/or relevant industry-specific standards to be a “ticket to entry” for bidding on contracts, especially in sectors such as automotive, aerospace, and military/defense.

Reducing Risk

Documented processes and corrective action systems reduce the likelihood of costly failures or recalls. Employee engagement improves, resulting in highly motivated teams working within clearly defined roles. Appropriate training oriented toward competency (as seen in clause 7.2 of ISO 9001) reduces errors and boosts productivity. Continual improvement is an added benefit of ISO 9001 as the implementation of the standard promotes a culture of ongoing improvement, helping companies stay competitive in fast-changing markets.

Calculating the ROI of ISO 9001 registration can be assessed by comparing costs against measurable gains such as:

Reduced scrap/rework = cost savings
Improved on-time delivery = fewer penalties and more repeat orders
Access to new markets/contracts = increased revenue
Enhanced reputation = long-term customer retention

Example: If a manufacturer spends $50,000 on registration but reduces rework costs by $80,000 and gains $200,000 in new contracts, the ROI is clear and compelling.

Then there is the real-world impact. Studies consistently show manufacturers that achieve ISO 9001 registration experience:

5–15% cost savings from efficiency gains
Revenue growth due to market access
Improved customer satisfaction scores, leading to stronger long-term partnerships

Final Thoughts

Initially, ISO 9001 registration may seem like a simple expense. But when viewed as an investment, the ROI to be found in ISO 9001 registration becomes clear. It brings definite improved efficiency, stronger customer trust, and measurable financial gains. For U.S. manufacturers competing in global markets, the payoff often far outweighs the cost.

The above article was recently published in an Exemplar Global publication ‘The Auditor’.

—

About the Author

Building a Quality Culture: The Role of Leadership

When the leadership at a U.S. industrial plant makes the strategic decision to roll out certification to ISO 9001, their first instinct is often to focus on documentation, audits, and procedures. They start by looking for a consultant who often (for quick money) provides a template. That is the start of misery for an organization.

A Better Way To Begin

The “As-Is” of the management system should be the start of this process. What has been developed over the years should not be forgotten or lost! The truth is that no checklist or manual can build a true quality culture. The secret ingredient in implementing ISO 9001 is the involvement of leadership in developing the system. As per sub-clause 5.1 (“Leadership and commitment”), their total involvement and commitment is required, in addition to others who assist them in this role, as per sub-clause 5.3 (“Organizational roles, responsibilities and authorities”).

Why leaders can make or break ISO 9001 effectiveness is an important question, and taking positive action to do so is therefore a vital decision. Employees don’t take their cues from policies—they take them from people. If leaders treat ISO 9001 as “just another certification,” that’s exactly how the workforce will see it. On the other hand, when leadership is visible, engaged, and committed, quality stops being a buzzword and becomes a way of working. A system that has the support of leadership has the best chance to produce conforming products and services and also ensure continual improvement.

ISO 9001 makes this clear. Clause 5 (“Leadership”) puts accountability squarely onto the leadership. It’s not just the quality manager’s responsibility anymore—it’s a business-wide effort, and leaders must own it. It is leadership that matters in ISO 9001 and is an important aspect of the process.

Clause 5 emphasizes that leaders must:

Demonstrate commitment to the quality management system (QMS)
Align quality objectives with organizational strategy
Promote a culture of continual improvement

The View From The Shop Floor

In U.S. industrial plants, where efficiency and production targets often dominate discussions, leadership involvement ensures quality doesn’t get sidelined. Leaders act as role models, showing that meeting quality objectives is as important as meeting delivery deadlines.

When auditors look at the implementation of a management system standard like ISO 9001, they need to be able to clearly evidence what leadership involvement looks like in practice. There are numerous indicators, most of them based on ISO 9001 subclauses 5.1, 5.1.2 (“Customer focus”), 5.2 (“Policy”), 6.1 (“Actions to address risks and opportunities”), 6.2 (“Quality objectives and planning to achieve them”), and 10.3 (“Continual improvement”). To generalize these into simple language I would say these would include the following:

Setting the tone. A plant manager who opens every team meeting with a quality update shows that it matters as much as production numbers.
Walking the floor. Leaders who regularly join quality reviews or stop by the line to ask about issues send a strong signal of support.
Connecting quality to strategy. Instead of treating ISO 9001 as paperwork, leaders can frame it as a competitive edge, leading to fewer defects, happier customers, and stronger market position.
Celebrating wins. Recognizing teams for continuous improvement projects—no matter how small—builds momentum and pride.

Culture is caught, not taught. We can train employees on ISO 9001 requirements, but culture is shaped by what leaders actually do. Creating an environment of quality is a leadership accountability issue. When executives understand the value of nonconformities as the drivers of corrective action and improvement, follow procedures, welcome audits, and act on feedback, employees naturally mirror those behaviors. Over time, this creates a culture where quality isn’t “extra work”—it’s simply the way we work. It is then that the organization can go from a reactive to a proactive manufacturing entity.

The return on investment in ISO 9001 can be traced to sub-clause 6.2 and the achievement of specific quality improvement objectives. Industrial plants that embrace ISO 9001 leadership involvement don’t just pass audits. They see less rework, stronger customer trust, and a workforce that takes pride in doing things right the first time. In today’s competitive manufacturing landscape, that’s not just compliance—it’s survival.

Bringing It Forward

Five practical steps leaders can take to lead the industry may include the following:

Communicating the vision. It is important to clearly articulate why ISO 9001 matters—not only for certification, but for customer trust, employee pride, and long-term competitiveness.
Allocating resources. Quality initiatives fail when they’re underfunded. Leaders must ensure sufficient training, technology, and staffing to support ISO 9001 compliance. Where they cannot provide resources, they must assume the risk and adjust objectives.
Engaging with the employees. This includes walking the floor, participating in quality meetings, and recognizing contributions. All of these actions reinforce that quality is everyone’s responsibility.
Integrating quality into the organization’s strategy. Quality goals should not be separate from business goals. For example, reducing defects can be tied directly to cost savings and improved customer satisfaction.
Leading by example. Leaders who adhere to procedures, value data-driven decisions, and embrace audits demonstrate that ISO 9001 is part of the plant’s DNA.

ISO 9001 isn’t a binder sitting on a shelf. It’s a leadership-driven culture shift, and when leaders lead the way, the entire plant follows. Just keeping the binder on the shelf is no good. It may get the organization a certificate but will not result in a positive return on investment.

Without leadership involvement, ISO 9001 may become the missing link in the success of U.S. industrial plants. Your involvement as leaders at every step of your organization matters more than checklists. You must drive the culture of change.

In concluding, I would opine that rolling out ISO 9001 in U.S. industrial plants requires more than technical checklists; it requires leadership. By committing to involvement in the implementation of ISO 9001, plant managers and executives can transform their organizations into a quality-driven powerhouses that thrive in today’s competitive market.

The above article was recently published in “The Auditor” (an Exemplar Global publication).

—

About the Author

Integrating Standards for Safe Nuclear Expansion

-by Dr. IJ Arora

As nuclear energy regains attention as a low-carbon solution, organizations developing these energy sources need to consider a systems approach to the safe launch and growth of facilities. Once considered a great alternative to gasoline and coal, the nuclear energy industry’s growth was negatively affected by incidents like those at Chernobyl and Three Mile Island.

In this short article, I will attempt to convey that customer focus (clause 5.1.2 of ISO 9001:2015) is best ensured by proactive, not reactive, measures. This can be achieved through appreciating hazards, converting them to risks, prioritizing them, and planning the management system to achieve desired objectives.

Having served on a nuclear submarine and been on board when a nuclear accident took place, I know the pros and cons of this energy source. However, the world has changed since these tragic incidents and now there are advancements in not only nuclear technology but also in the management of nuclear facilities. ISO 19443:2018 a quality management system (QMS) standard built on the foundation of ISO 9001, but which is specific to the management of nuclear facilities. For those in the United States, ASME offers the NQA-1:2024 standard which is similarly dedicated to the nuclear industry.

Nuclear energy is perhaps an answer to the world’s power requirements. The demand for electricity is growing by the day with the extensive use of artificial intelligence and large data centers. A systems approach to management of this industry gives the world the best chance to appreciate risks systematically and plan for consequences proactively.

Grave negative effects to safety, security, health, and the environment are all likely consequences if a nuclear mishap takes place once again. Although the primary objective of a QMS is to get the desired output, it should not be at the cost of these potential harms.

The Three Mile Island facility is in the news once again for re-opening ahead of schedule. For those who do not remember, on March 28, 1979, a partial meltdown occurred at the Unit 2 reactor outside of Harrisburg, Pennsylvania. Environmental impacts included the release of radioactive gases into the atmosphere (albeit in limited amounts), long-term challenges in radioactive waste storage, and site contamination. Additionally, there were psychological and social effects that caused a loss of public trust in the nuclear energy industry.

As discussions emerge about reopening the Three Mile Island facility (now scheduled by 2027), evaluating its environmental effects through the lens of the ISO 14001:2015 environmental management system (EMS) is both prudent and proactive. Therefore, in the following section, I will outline the relevant applicable clauses from ISO 14001:2015.

Applicability of ISO 14001:2015 to a nuclear facility

Clauses 4.1 and 4.2, “Context of the Organization” and “Needs and Expectations of Interested Parties”

Nuclear facilities would benefit from considering:

Historical context (e.g., past accidents and public concern)
Stakeholders such as regulatory bodies, local communities, and environmental NGOs
Emerging media reports and public opposition or support as environmental risk indicators

Clause 6.1, “Actions to Address Risks and Opportunities related to Significant Environmental Aspects”

Considering a lifecycle approach, a reopened nuclear plant must assess:

Emissions of ionizing radiation
Spent fuel storage and long-term waste management
Thermal pollution from coolant discharge
Accident and emergency scenarios
And other significant environmental aspects requiring control measures and documentation

Clause 6.1.3, “Compliance Obligations”

This subclause involves alignment with:

Nuclear Regulatory Commission (NRC) rules
EPA guidelines on radiological impacts
International agreements on nuclear safety and waste

Clause 6.1.4, “Planning Action”

The plant must establish plans to:

Prevent recurrence of accidents like those of March 28, 1979
Contain and manage radioactive leaks
Mitigate environmental risks in both normal and abnormal operating conditions

Clause 8.2, “Emergency Preparedness and Response”

This subclause includes details critical for a nuclear facility and requires:

Detailed emergency response procedures for nuclear accidents
Training for first responders and public communication plans
Coordination with local and federal emergency management agencies

Clause 9.1.1, “Monitoring, Measurement, Analysis, and Evaluation”

To meet the requirements of this subclause, facilities must continuously monitor:

Radiation levels in air, water, and soil
Effectiveness of containment systems
Compliance with regulatory thresholds

Clause 10.1, “Nonconformity and Corrective Action”

This subclause would require that:

Any incident or near-miss must trigger a formal investigation
Includes lessons learned from:
- The March 28, 1979 event itself
- Any deviations during recommissioning or startup

A system approach to nuclear facility management

The opening (or, in this case, reopening) of a nuclear facility offers an opportunity to integrate modern management system practices with lessons learned from the past. ISO 19443:2018 and ISO 14001:2015 provide a structured framework to manage the needs of nuclear operations as well as public environmental concerns.

During my time consulting for numerous industries, I have found a strengths, weaknesses, opportunities, and threats (SWOT) analysis to be a very useful tool— especially the weaknesses and threats that help identify risks. A detailed SWOT analysis for the Three Mile Island facility might provide the following inputs as an example:

Technical and operational risks: aging infrastructure

Although it was not the site of the 1979 meltdown, Unit 1 is more than 50 years old.
Restarting involves complex retrofits, control system upgrades, and re-licensing—all of which require time and precision.
Rushing these checks might lead to overlooked fatigue, corrosion, or component failures.

Human factors

Post-incident, nuclear workforce training and institutional memory may be weak.
Skilled nuclear operators must be retrained or recruited, and hasty onboarding increases the chance of human error—a factor in many historical nuclear mishaps.

Environmental risks: radioactive emissions and waste

Restarting means handling spent fuel, coolant systems, and storage pools.
Hurrying these operations risks could lead to:
- Leaks during fuel handling or containment failures
- Inadequate radioactive waste protocols

Ecosystem disruption

Cooling systems may discharge thermal pollution into nearby rivers.
Emergency preparedness might not be fully revalidated for post-reopening conditions.

Better alternatives to a rushed restart

Although early reopening offers incentives like energy security, carbon reduction, and economic revival, these gains are precariously balanced against high-impact risks that could derail long-term viability. The strengths and opportunities may only be fully realized with a controlled, phased, and transparent approach, not through acceleration that bypasses environmental, technical, and social due diligence.

As such, organizations pursuing the development of nuclear energy plants must consider:

Phased reopening with public oversight
Third-party safety audits after at least two cycles of internal audits post implementation of the management system
Full-scale emergency drills and community outreach prior to operation
Independent environmental impact assessments (EIA)

Conclusion

The benefits of a fast reopening exist, however, the risks far outweigh short-term gains unless stringent safety, regulatory, and public engagement protocols are followed. Strategic value lies in measured and transparent activation/reactivation, not haste. ISO 14001:2015, ISO 19443:2018, and ASME NQA-1:2024 provide the framework for an integrated management system.

In conclusion, I would say a good strategy to implement and to safely accelerate nuclear energy deployment must include the adoption of a management system. ISO 14001:2015 ensures environmental responsibility and community accountability; ISO 19443:2018 drives quality, culture, and nuclear-supplier discipline; and ASME NQA-1:2024 enforces technical rigor and traceable QA processes. Together, these standards offer a comprehensive, risk-based, and stakeholder-aligned approach.

Rushing implementation without such integration would leave critical blind spots. An integrated implementation roadmap including these standards could guide the strategic and operational implementation in support of safe, controlled nuclear energy expansion.

The article was recently published in “The Auditor” An Exemplar Global Publication.

#ISO19443:2018 #nuclearstandard

Domestic Passenger Vessel Accidents Are Preventable Using a Management System (Part One)

Think of any accident, mishap, or tragedy involving a passenger vessel through history (or in recent times) and then look at the post-event investigation report. If you do this, you will find one shortcoming common to these tragedies: a poor appreciation of risk and the practical nonexistence of a management system. Occasionally, in slightly less disastrous events, you may see the existence of a system, but it is usually poorly implemented.

This two-part article considers the domestic passenger vessel industry in the United States, where there have been several tragedies. I hope (although hope is not a plan) that this work will inspire the industry to look at the proper implementation of management systems. In trying to narrow the discussion, we will analyze and learn lessons from the 2019 sinking of the Conception and to a limited extent the 2023 fire aboard the Spirit of Boston cruise ship. I will mention a few other incidents as well to make the connection and bring out the failure of the various systems that broke down.

A systems-based approach in analyzing accidents in the domestic U.S. passenger vessel industry involves looking at the various components and process interactions that could potentially lead to incidents. This can include factors such as crew training, vessel design, regulatory compliance, maintenance practices, and emergency preparedness. However, the major factor is usually the absence of a management system (or a badly designed and/or poorly implemented one). This is a tragedy in the making.

I am studying these accidents to demonstrate how a systems approach could have helped prevent many of these mishaps. The reluctance to implement an effective management system pains me, not to mention primary investigation agencies like the National Transportation Safety Board (NTSB), the United States Coast Guard (USCG), and other responsible bodies.

Note that I am not discussing technical processes here. Yes, those often fall short of the mark as well, but the bigger issue is the failure to apply simple systematic thinking based on existing management system standards. This reluctance to work systematically surprises me. I’ve recently expressed my views on the Baltimore Bridge collapse, the implosion of the Titan submersible, the collision between an American Airlines flight and a military helicopter over the Potomac, and the Boeing 737 Max inspection failures. In all cases, I cannot understand why a simple, cost-effective action such as properly implementing a management system should be such a critical weakness within so many different organizations. It is a leadership flaw, for (as W. Edwards Deming said) “A bad system will let down a good person every time!”

Titanic and Herald of Free Enterprise

When discussing this topic, many will think back to the Titanic tragedy which goes back more than 100 years. This is of course perhaps the most well-known sinking of all time, so I will not rehash the details, which are easily available online. However, I do want to mention that events like the sinking of the Titanic create the ultimate push—it caused a reaction and, ultimately, the creation of a workable system to help save lives and the vessels themselves. Depending on owners, operators, and masters, to use their judgment and do the right thing at the time of crisis was no longer enough. What the Titanic demonstrated was that the industry needed enforceable regulations and requirements. The result was the Safety of Life at Sea (SOLAS) Convention, which formalized a systematic approach to safety.

Before studying incidents occurring in U.S. domestic waters, I also want to mention the tragedy of the Herald of Free Enterprise, which occurred on March 6, 1987, at Zeebrugge, Belgium. The Herald of Free Enterprise was a roll-on/roll-off ferry owned by the Townsend Thoresen company. On that day, the ship capsized shortly after leaving port and 193 people lost their lives. It had departed with its bow doors open, allowing seawater to flood the car deck. Within minutes, the ship was lying on its side in shallow water.

The tragedy exposed severe deficiencies in the company’s safety culture and operational practices. Justice Barry Sheen was appointed to head the official inquiry into the disaster. His report, published in October 1987, was scathing and unprecedented in its criticism of the ferry operator, management, and the broader safety practices in the maritime industry. Justice Sheen’s report identified a “… disease of sloppiness and negligence at every level of the hierarchy.” This became one of the most quoted phrases from the report. Sheen emphasized that the disaster was not due to a single act of negligence but rather a “… catalogue of failures…” including the failure to ensure the bow doors were closed, poor communication between crew and bridge, inadequate safety procedures, and the absence of proper checks before sailing.

The report placed heavy blame on the senior management, asserting that safety was not a high priority for the company. It also noted that management failed to implement procedures that could have prevented such a tragedy.

It is indeed shocking and surprising that even today, decades later, investigations reports are still pointing out these same drawbacks. Lessons learned seem to be forgotten. I particularly wanted to focus on this incident because Justice Sheen’s report was a turning point in maritime safety regulation. It directly influenced the creation of the ISM Code under the International Maritime Organization (IMO), which mandated formal safety procedures and accountability in international shipping operations.

Conception

The Conception was a dive boat that caught fire off the coast of California, resulting in the deaths of 34 people in 2019.

Investigations into this disaster revealed several deficiencies, including inadequate fire safety procedures, lack of a proper emergency escape route, and insufficient crew training. There were also issues related to the vessel’s sleeping arrangements, where most of the passengers were asleep below deck at the time of the fire.

A systems approach would emphasize the need for comprehensive safety protocols, regular training for crew members, proper vessel design for evacuation, and effective regulatory oversight to ensure the robust implementation of safety measures.

Spirit of Boston

This incident involved a fire that broke out on the dining cruise ship Spirit of Boston while docked in 2022.

The fire was linked to a potential electrical malfunction, but it highlighted issues related to maintenance practices and emergency response protocols.

By applying a systems approach, stakeholders could focus on root cause analysis, looking into how maintenance schedules, crew training, and emergency responses are integrated and managed.

Overall recommendations for the systems approach

There are several important elements to consider in favor of the systems approach, as follows:

Interdisciplinary collaboration. Promoting collaboration among various stakeholders, including regulatory bodies, ship management companies, and safety experts, to share information and best practices
Root cause analysis. Encouraging investigations that go beyond the immediate causes of accidents to identify systemic failures that could contribute to unsafe conditions
Regular training and drills. Implementing continuous training and emergency drills for crew members to ensure readiness, competence and enhance situational awareness
Maintenance and safety protocols. Establishing stringent protocols for vessel maintenance and safety checks, with thorough documentation and compliance checks
Regulatory oversight. Advocating for robust regulatory frameworks that require adherence to safety standards and proactive risk management strategies
Cultural change. Fostering a safety-first culture within organizations that prioritize safety above operational pressures

We can see in these two recent incidents that, as with the case of the Herald of Free Enterprise, a systems approach enables a comprehensive understanding of the complexities involved in maritime operations, leading to better prevention measures and enhanced safety outcomes in the passenger vessel industry.

Other examples

Over the years, the NTSB has investigated numerous accidents involving passenger vessels. A few notable examples follow:

Estonia. Although this accident occurred in European waters, its implications affected international passenger shipping, including practices adopted in the United States. The Estonia sank in the Baltic Sea in 1994, resulting in the deaths of 852 people. The investigation revealed that the key issues were related to vessel design, including hull integrity and cargo securing. This incident led to enhanced safety regulations regarding passenger vessel construction and operational safety protocols.
Andrew J. McHugh. This collision involving the ferry Andrew J. McHugh and another vessel occurred in the narrow Houston Ship Channel, leading to the deaths of 17 passengers in 1980. The key factors included poor visibility, navigational errors, and inadequate communication between vessels. Subsequent recommendations from the NTSB aimed at improving navigational practices and vessel traffic control in critical areas.
Benson. The Benson, a tour boat in New York, capsized during a sudden storm. A total of 10 people died in this 2000 incident. The investigation pointed out questionable weather assessment practices and inadequate safety measures for handling sudden weather changes. The NTSB recommended better training for crew members regarding weather evaluation and emergency response.
Dawn Princess. A fire aboard this cruise ship in the South Pacific led to emergency evacuations in 2003. Although there were no fatalities, more than 150 passengers were affected. The fire was linked to flaws in electrical systems. The NTSB emphasized improved fire safety systems and crew training on firefighting and evacuation protocols.
Emotion. This fishing vessel capsized near Alaska in 2010, resulting in several fatalities. The investigation pointed out structural problems and issues with the vessel’s stability while loaded. Recommendations focused on vessel stability assessments and the importance of adherence to safety regulations during fishing operations.
Explorer. In 2007, the Explorer ran aground off the coast of the Antarctic Peninsula, leading to evacuations. All passengers were saved, but the incident raised alarms about navigational practices and inappropriate response to weather changes. The NTSB highlighted the need for enhanced navigational training and real-time communication.

For each of these incidents, a systems approach would involve comprehensive training programs for crew related to emergency preparedness, rigorous maintenance and operational checks, research and implementation of advanced technologies for navigation and safety, and collaboration among regulatory bodies to create uniform safety standards that encompass all aspects of vessel operation. These historical examples underscore the importance of a proactive stance on maritime safety, highlighting that every component of the system must work together to prevent accidents and improve safety outcomes in the passenger vessel industry.

A poor approach that fails to be proactive can significantly contribute to accidents such as these. When risks are not systematically identified and appreciated, several detrimental consequences can arise. Without a systematic approach to risk assessment, potential hazards may go unnoticed, increasing the likelihood of incidents. Vessels may not be adequately equipped to handle specific risks, such as extreme weather or equipment failures. There is a requirement for safety protocols, adequate training, and improvement of communications.

On the other hand, a reactive approach undermines effective communication within the organization and between vessels. Without established systems for reporting and discussing risks, lessons learned from previous incidents may be ignored.

The other factors are regulatory compliance lapses. In the absence of a proactive culture, vessels may not adhere to regulatory requirements consistently or may develop a compliance mindset that prioritizes minimum standards over comprehensive safety practices. Neglecting lessons learned from past incidents is another flaw. A failure to learn from past accidents can lead to repetitive mistakes. If organizations do not analyze historical incidents and implement changes based on those insights, they risk encountering similar situations again and again.

In the second part of this article, we will discuss the importance of using the Plan-Do-Check-Act cycle in embracing a safety management system.

To read Part 2 of the article – Click here

Note – The above article was recently published in an Exemplar Global publication – ‘The Auditor’

Click here to read the article.

—

About the Author

#managementsystems #passengervessels Internal Audit leadership maritime

ISO 13485: QMS Requirements of Medical Devices for Regulatory Purposes

by Dr. IJ Arora

ISO 13485:2016 is a standard that addresses quality management system requirements for those within the medical device industry. It is based on the systems-based approach found in ISO 9001:2015, but because it emphasizes requirements for regulatory purposes, it does not align with ISO’s harmonized structure (HS). In many ways, ISO 13485 does align with the HS, particularly in the structure and foundational principles of quality management.

The introduction of ISO 13485 explicitly states that the standard is aligned with ISO 9001, and this connection is important for understanding how the two standards relate to each other. I am a bit surprised as to why ISO 13485 isn’t fully harmonized with the HS as defined in Annex SL, which is the specific document within ISO standards that outlines the HS. I believe that if this standard were aligned to the HS, it would make implementation much less laborious for all involved.

The ISO 9001 foundation

The 2015 version of ISO 9001, which is presently under revision, provides a good basis for all standards. As mentioned, ISO 13485 has its roots in ISO 9001, which is why the key QMS principles (e.g., customer focus, leadership, process approach, continual improvement, and evidence-based decision making) central to ISO 9001 are also embedded in ISO 13485.

ISO 13485 includes several core concepts and clauses from ISO 9001. Clause 4 on quality management systems (e.g., structure, documentation requirements, and the scope of the QMS); cause 5 on management responsibility (e.g., top management involvement, resource allocation, and internal audits); and clause 8 relating to measurement, analysis, and improvement (e.g., monitoring, corrective actions, and continual improvement), are just some of these examples.

As I study, teach, consult, and audit using ISO 13485, I wonder why the standard Is not fully harmonized with similar standards as laid out in Annex SL. In consulting, I feel the pain of organizations that must meet regulatory requirements and so tend to overlook the process-based management system (PBMS) approach as the fundamental to the plan-do-check-act (PDCA) cycle. This regulatory focus is one reason why, although ISO 13485 shares many similarities with ISO 9001, it is not fully aligned with the HS. ISO 13485 places a strong emphasis on compliance with regulatory requirements specific to the medical device industry. The standard’s clauses addressing design and development, post-market surveillance, risk management, and traceability requirements are all far more extensive than those found in ISO 9001. Annex SL focuses more on general management practices and less on industry-specific regulatory controls. The detail and specificity required for medical device safety and compliance often necessitates a structure that goes beyond the framework of the HS.

Overcoming differences

Different scopes and audiences are also a consideration in that, while ISO 9001 is a general quality management standard applicable across industries, ISO 13485 is designed specifically for organizations that manufacture medical devices. These organizations must meet stringent regulatory requirements that go beyond what ISO 9001 addresses. Because of this, ISO 13485 requires more detailed processes related to product lifecycle management, post-market activities, risk management, and regulatory controls, which aren’t adequately covered under the more generalized HS. ISO 13485 includes a much stronger emphasis on managing the product’s entire lifecycle, from design and development to post-market activities (e.g., complaint handling and vigilance). Although ISO 9001 mentions product realization, ISO 13485 goes into much greater depth, including extensive requirements for design control and risk management. These elements reflect the higher level of scrutiny needed in the medical device industry, where safety and compliance are paramount.

With that said, I believe that these differences don’t prevent ISO 13485 from being organized according to the HS format. The standard would not only help medical device manufacturers’ management systems conform with specific regulatory requirements but also meet the obligations for continual improvement. After all, registered organizations in the aerospace and automobile industries already do just that via sector-specific management system standards that are harmonized with ISO 9001.

The structural differences in the clauses found in ISO 13485 and the standards adopting the HS are not too far apart. Although ISO 13485 is aligned with ISO 9001, it diverges when it comes to specifics that are unique to the medical device sector and regulatory requirements.

ISO 13485’s clause 7, “Product Realization” includes additional elements, such as design controls and regulatory compliance requirements, that are critical in the medical device industry. Post-market surveillance and complaint handling are central to ISO 13485, but the HS doesn’t go to the level of detail necessary for medical device manufacturers.

ISO 13485 emphasizes the need for continuous monitoring of device performance, even after they are on the market, ensuring any issues are identified and addressed in a timely manner. I believe ISO 9001’s subclause 9.1.2, “Customer Feedback,” can be updated to incorporate this requirement.

Risk management is a vital consideration. ISO 13485 integrates risk management into the standard in a way that is far more structured and pervasive than what is found in ISO 9001. ISO 13485 has a more detailed approach to identifying, assessing, and mitigating risks throughout the lifecycle of medical devices. However, these added requirements could be added to subclause 6.1.1 (““Actions to Address Risks and Opportunities”) or subclause 8.1.1 (“Operation Planning and Control”) found in the HS.

ISO 13485 includes specific requirements for design and development processes, which are critical in medical devices due to their complexity and potential risk to patient safety. The HS doesn’t provide this level of detail for other types of products or industries.

Identifying similarities

Notwithstanding the differences between ISO 13485 and the standards that align with the HS, there are also some key similarities. As with ISO 9001, ISO 13485 is built around seven quality management principles: customer focus, leadership, engagement of people, process approach, improvement, evidence-based decision making, and relationship management. Continual Improvement of the quality management system is part of both standards, emphasizing the need for a strong focus on monitoring, auditing, corrective actions, and reviews. Document control is another similarity. Both ISO 13485 and ISO 9001 stress the importance of clear and accurate documentation to ensure that quality management processes are defined, monitored, and maintained effectively.

In keeping itself separate from the HS, ISO 13485’s clause structure, despite being based on ISO 9001, serves to meet the unique needs of the medical device industry. The decision not to fully harmonize the standard with the structure seen in Annex SL likely stems from the need to ensure a tailored regulatory focus. ISO 13485 is aligned with a variety of regulatory frameworks across different countries and regions (e.g., FDA, EU MDR, TGA, etc.). These regulations require specific processes that go beyond the generic, high-level harmonized framework provided by Annex SL to facilitate combined/ integrated management systems. The structure of ISO 13485 allows for a more detailed, industry-specific approach to product safety, efficacy, risk management, and compliance. Product lifecycle control is an essential part of the medical device industry, and it has a complex lifecycle that includes design controls, manufacturing processes, and post-market activities that require more attention than the HS would provide.

Looking at a few additional clauses reveals that ISO 13485 follows a specific structure that allows it to emphasize the unique aspects of medical device quality management while maintaining consistency with other ISO standards.

For example, Clause 1, “Scope,” is relatively straightforward and outlines the scope of the standard, which is specific to organizations that design, manufacture, and maintain medical devices. The clause also highlights exclusions (for example, aspects not applicable to the organization), which is quite typical in a quality management standard.

Clause 2, “Normative References,” lists the documents referenced within ISO 13485, which is typical for any ISO management system standard. The important point here is that ISO 13485 requires compliance with relevant regulations and standards, particularly those in the medical device sector.

Clause 3, “Terms and Definitions,” is crucial because the terminology in the medical device industry can be very specifically. Definitions clarify terms that might have different meanings in other industries (e.g., what qualifies as a “medical device,” “design verification,” or “post-market surveillance”). This ensures uniformity and understanding across the industry.

Clause 4, “Quality Management System (QMS),” describes the basic requirements for establishing and maintaining a QMS, which is a fundamental aspect of ISO 13485. This clause outlines the need for a quality policy, the establishment of objectives, and the requirement to continually improve the QMS. These are common in all ISO standards but are tailored here to fit the needs of the medical device industry.

Clause 5, “Management Responsibility,” covers executive involvement as a key theme. In ISO 13485, it emphasizes top management’s responsibility for ensuring that quality objectives are met. This clause also requires that management provide resources for quality activities and review the performance of the QMS regularly, ensuring alignment with regulatory requirements and customer needs.

Clause 6, “Resource Management,” could have been aligned to clause 7, “Support,” found in the HS. This clause in ISO 13485 requires the organization to manage resources effectively, which includes personnel training and competence (a critical area in the medical device industry). This ensures that employees have the skills needed to produce safe and effective devices. It also covers infrastructure and the control of the work environment, ensuring that conditions are suitable for maintaining product quality.

Clause 7, “Product Realization,” diverges further from the HS. Product realization in the medical device sector involves the entire lifecycle of the device—from planning, design, development, and manufacturing to service and post-market activities. This clause is extensive and includes requirements for design controls, risk management, validation, and traceability, all of which are critical in the medical device industry. The detailed focus on design and development, verification and validation, and product monitoring ensures that all aspects of a medical device’s journey, from conception to post-market surveillance, are covered.

Clause 8, “Measurement, Analysis, and Improvement,” requires organizations to evaluate the effectiveness of their QMS through regular monitoring, measurement, and audits. It also focuses on corrective and preventive actions (CAPA) to improve quality. Preventive action in the HS has not been thrown out like the proverbial baby with the bath water. It has instead been replaced by requirement to appreciate risk. For medical devices, complaints and nonconformance reporting are key to ensuring ongoing safety and compliance. ISO 13485 could also have gone from preventive action to risk.

Post-market surveillance and vigilance is a requirement of the medical device standard. Unlike many other ISO standards, ISO 13485 places significant emphasis on post-market surveillance, which is the process of monitoring the performance of medical devices once they are in use. This is a major distinguishing factor from other ISO standards. Manufacturers are required to establish processes for post-market feedback, complaint handling, and field safety corrective actions (FSCA), which are essential for identifying and managing risks after the product is on the market.

In conclusion, I would opine and agree that although ISO 13485 is indeed based on ISO 9001, it diverges from the HS identified in Annex SL because the unique needs of the medical device industry—such as regulatory compliance, product lifecycle management, and patient safety—require a more detailed and specialized approach than the HS can provide. The clause structure of ISO 13485 reflects these specific requirements, making it a robust and industry-specific standard that ensures the safety and quality of medical devices while maintaining alignment with the foundational principles of quality management in ISO 9001.

This balance of maintaining core quality principles while addressing the needs of the medical device industry is why ISO 13485 has not fully adopted the HS but instead continues to incorporate elements of ISO 9001 alongside medical-device-specific regulatory needs. That it could still at the least attempt to align the primary clauses as risk to the HS would help all parties involved.

Note – The above article was recently featured in Exemplar Global’s publication called “The Auditor”. Click here to read it.

#managementsystems ISO13485 ISO9001 Risk Management

The Role of Management Systems in the Tragic Collision Over the Potomac

by Dr. IJ Arora

A significant tragedy occurred in Washington D.C. on January 29, 2025, with the deadly collision between a U.S. military Black Hawk helicopter and a regional jet flying for American Airlines. The resulting crash caused the loss of 67 precious lives and pointed to a multilayered failure of safety mechanisms.

In a short article like this it is not my intent to explore the reasons for this event, and I have neither the expertise nor the authority to investigate, anyway. The U.S. National Transportation Safety Board (NTSB) and other relevant agencies will do that in a most professional manner. However, I do have a degree of experience relating to the systems approach for managing processes at large and complex organizations. I feel called to share my perspective on this disaster with a systems approach in mind.

Proactive appreciation for risk

Hindsight, it has been said, is 20/20. I am aware that I’m writing this after the tragedy has already occurred. However, management systems should be proactive, where data drives the understanding and mitigation of risk. As a practitioner and advocate of process-based management systems, I believe that well-implemented procedures give an organization the best chance to produce conforming products and services.

A systems approach, based on ISO 9001’s subclause 4.4., which relates to quality management system processes, could have played a role in preventing an incident of this type. Subclause 4.4.1 states, in part, “The organization shall establish, implement, maintain and continually improve a quality management system, including the processes needed and their interactions….”

Following this requirement is no guarantee of safe and successful outcomes, but it is surely the best bet. I had similar thoughts on the tragedy of the implosion of the Titan submersible and the Baltimore Bridge collapse. The core principles of ISO 9001, especially risk-based thinking, continual improvement, and process interaction, align well with safety imperatives, particularly safety management for the aviation industry. The systems approach is a fundamental that organizations often neglect at their (and their customers’) peril.

ISO 9001—and for that matter, the aerospace standard AS9100—is built on risk-based thinking. A structured process aligned with the risk management standard ISO 31000 and aviation safety management systems are required by ISO 9001 subclause 6.1, regarding actions for addressing risks and opportunities, and subclause 8.1 concerning operation planning and controls. Conformance with these requirements can help identify and mitigate collision risks between civil and military aircraft.

Process interaction and communication are vital in such situations. A failure in communication between air traffic control, military operations, and civilian aviation may have contributed to the crash. Of course, we will wait for the full report from the NTSB investigation. However, it is never too late (or for that matter, too early) to be proactive and implement a process approach to ensure that all stakeholders follow well-defined communication and coordination protocols.

PDCA, SWOT, and FMEA

Being proactive requires an appreciation of risk at the Plan stage of the Plan-Do-Check-Act (PDCA) cycle. Note that preventive actions and continual improvement are integral to the system approach.

The media have reported on the details of numerous previous aviation incidents. Analyzing near-miss incidents and integrating lessons learned into improved procedures could enhance safety protocols. Human factors and process redundancy must be considered in a systematic manner. Human errors (e.g., miscommunication, misinterpretation of airspace usage, etc.) can be minimized with automated systems and via decision-making redundancy checks.

In principle, the process approach found in ISO 9001 emphasizes addressing process issues as opposed to blaming individuals. However, in the aviation field, the human factor is important; clause 10.2.1 b2 of AS9100 expresses the importance of this concept. The industry-specific interpretation of requirements as seen in this standard provides a robust framework (via a clause structure) to design an efficient management system. This, together with auditing and compliance requirements, gives leadership confidence that their system can and will produce conforming products and services.

Further to this point, regular audits of flight coordination between civilian and military aviation could highlight gaps before they lead to accidents. As such, integrating ISO 9001 with AS9100 and AS9110 (the aerospace quality standard specifically designed for maintenance, repair, and operations) as well as ISO 45001 covering the management of operational health and safety will provide a solution to proactively address risks in the context of the aviation industry. This would cover all interested parties, as per clauses 4.1 and 4.2 of ISO 9001. Although aviation already has strict regulatory frameworks (e.g., FAA, ICAO, etc.), the structured process management systems required by ISO 9001 and AS9100 can complement these frameworks by embedding the statutory and legal requirements into the management system.

If the organizations involved focus on how specific elements of ISO 9001 can be applied to aviation safety, particularly in preventing collisions, I would first recommend that they look at risk-based thinking as seen in clause 6.1, addressing actions related to risks and opportunities. This can partially be accomplished by undergoing a strengths, weaknesses, opportunities, and threats (SWOT) analysis. ISO 9001 emphasizes risk assessment and mitigation throughout processes.

In aviation, a structured risk-based approach would identify potential hazards (e.g., conflicting flight paths, miscommunication, system failures, etc.). The system would also assess risk severity and likelihood of occurrence and probability of detection, using tools like a failure modes and effects analysis (FMEA). Controls could be implemented (e.g., enhanced air traffic control coordination, better radar tracking, AI-driven airspace monitoring, etc.). For example, aviation safety bodies could require all civilian and military flights to undergo a real-time risk assessment check before takeoff, considering airspace congestion, weather, and military training exercises.

Potential solutions

Process interaction and communication (as seen in ISO 9001’s clause 4.4.1 b regarding understanding process interactions) would systematically improve the system. Aviation operations involve multiple stakeholders, such as airlines, air traffic controllers, military operations, ground crews, etc. A process approach would ensure defined standard operating procedures for communication between civilian and military aviation. These could include real-time data sharing using standardized digital platforms and/or automated conflict-resolution systems that detect and alert pilots and controllers regarding possible mid-air conflicts. An integrated civil-military coordination dashboard could be established, where both parties have real-time visibility on flight plans, airspace restrictions, and emergency deviations.

Risk appreciation and continual improvement (as seen in ISO 9001’s clause 10.2 regarding nonconformity and corrective action, clause 10.3 on continual improvement, and clause 5.1.2 regarding customer focus) require organizations to analyze failures, investigate causes, and take corrective actions. In aviation safety, this could mean automated reporting and analysis of near-miss incidents and regular safety audits to evaluate procedural weaknesses and machine learning-based predictive analytics to foresee and prevent future crashes.

When a near-miss incident occurs, such a system could automatically trigger a root cause analysis and recommend safety adjustments for all stakeholders. Human factors and redundancy (as seen in clause 7.1.6 regarding organizational knowledge) promote knowledge management and human reliability strategies. In aviation, this could mean mandatory cross-training for military and commercial pilots on shared airspace procedures. AI-assisted decision-making tools that provide secondary verification for pilots and controllers could be a positive outcome of data analysis.

Data drives risk and trends. A digital co-pilot system could use AI to continuously monitor air traffic conflicts and intervene if human errors are detected. Auditing and compliance (as seen in clause 9.2 regarding internal auditing) would provide objective and independent inputs by regular safety audits of flight coordination. Air traffic control systems could ensure compliance with standardized airspace usage protocols, identification of gaps in inter-agency communication, and implementation of best practices from previous incident investigations. A shared civil-military aviation audit framework could ensure uniform compliance with risk management policies, reducing the chance of airspace conflicts.

I am not a technical subject matter expert in the aviation industry. My expertise is in looking at systems. My 30 years of experience suggests the importance of strengthening the Plan stage of the PDCA cycle. Things go wrong at the Do stage (i.e., implementation), however, if the plan itself is deficient and not coordinated, the implementation can and perhaps will go wrong.

By integrating ISO 9001 principles into aviation safety proactively and appreciating the risks, management can prevent mid-air conflicts. Process-driven coordination ensures better civil-military collaboration. Automated monitoring and auditing could improve response times to emerging threats.

Sadly, this tragedy once again bears out the wisdom of W. Edwards Deming when he said that a bad system will beat a good person every time.

Note – The above article was recently featured in Exemplar Global’s publication ‘The Auditor”. Click here to read it.

Auditing Internal Audit ISO9001

Are Provider Audits Mandated through ISO 9001?

by- Dr. IJ Arora

In relation to outsourced processes, the query (to paraphrase William Shakespeare) is, “To audit or to not audit?”

Take, as an example, the necessities from the principle process-based control machine usual, ISO 9001:2015. One would possibly imagine the machine way as equipped in clauses 4.4.1a thru 4.4.1h and conclude that tracking and regulate are had to recognize the dangers of the inputs and make sure persistent growth. The usual is supposed to be interpreted, and so not anything prescriptive is predicted. But, the query stays as to how organizations would possibly regulate the processes and ensure they’re assembly goals. Clause 5.2, “Coverage,” resulting in clause 6.2, “Goals,” supplies a touch that proof will have to be amassed of measurable goals being met. But, how can we get the inputs to attract a conclusion? The inputs are essential, and due to this fact there’s a want to decide the to be had accumulate and regulate knowledge.

In all probability the solution may also be discovered within the auditing serve as. By means of enforcing a strong provider analysis activity, together with audits as wanted, organizations can beef up the standard control machine and construct sturdy, dependable relationships with providers. Notice that requirements similar to ISO 9001:2015 don’t particularly mandate audits, but the intent of registration to a typical is to regulate the group’s processes. if now not auditing, then what different mechanisms can organizations use to regulate an outsourced activity and decrease dangers to their finish consumers?

Exerting regulate

Clause 8.4.2 of ISO 9001:2015 offers with the sort and extent of controls that a company should practice to externally equipped processes, merchandise, and products and services. The important thing sides on this dialogue come with making sure conformity, the kinds of controls wanted, and the level of those controls. Conformity has at its core the main to make sure that those exterior provisions don’t negatively have an effect on the group’s skill to constantly ship conforming services to its consumers. This implies the group should have mechanisms in position to make sure that the standard of the exterior inputs meet the group’s necessities and in the end fulfill buyer necessities.

Kinds of controls might be interpreted as acting a point of regulate, in all probability through auditing, even supposing auditing isn’t a selected requirement. The choice and analysis of the controls can be according to organising standards for deciding on and comparing exterior suppliers (e.g., a strong high quality control machine of their very own, previous efficiency, registration, and many others.) and/or undertaking thorough checks of doable providers (e.g., audits, questionnaires, web site visits, and many others.). As well as, you will need to installed position sturdy contractual agreements with exterior providers that come with transparent and measurable necessities, explicit key efficiency signs (KPIs), and acceptance standards for the needs of tracking and size. This may come with monitoring provider efficiency towards agreed-upon KPIs, examining knowledge to spot tendencies and spaces for growth, undertaking common efficiency critiques and comments classes, acting root purpose research and corrective and preventive movements when problems are known, and appreciating dangers through being proactive and the use of preventive measures.

The level of this regulate would rely at the criticality of the externally equipped activity, product, or provider to the group’s general high quality. For top-risk pieces, extra stringent controls (e.g., extra common audits or extra rigorous inspections) could be essential as, as an example, within the aerospace trade. In essence, clause 8.4.2 emphasizes the significance of proactive measures to make sure that exterior inputs don’t compromise the group’s skill to ship high quality services to its consumers.

Auditing supplies most of these inputs if the audit is appropriately deliberate and done. For instance, with approval, this stage of regulate might be completed through far flung cameras or the presence of the group’s inspectors on the provider’s amenities. The purpose is to care for the client focal point (clause 5.1.2) and include a risk-based way. The level of regulate will have to be proportionate to the related dangers. Power growth includes that the group will have to often evaluation and reinforce its processes for exterior controls.

Subsequently, even if clause 8.4 (particularly subclauses 8.4.1, 8.4.2, and eight.4.3) does now not explicitly mandate provider audits, it strongly implies their significance. Subsequently, a robust focal point on regulate should be interpreted. Clause 8.4 emphasizes the want to regulate externally equipped processes, merchandise, and products and services. Auditing is a a very powerful instrument for comparing a provider’s skill to fulfill high quality necessities and care for regulate over their processes.

Mitigating menace

To verify ok menace control, one should imagine if the provider’s efficiency at once impacts the group’s skill to ship high quality merchandise or products and services. Audits assist establish and mitigate doable dangers related to the use of exterior suppliers. Power growth is the most important consequence of auditing and offers precious comments on provider efficiency. This allows the group to spot spaces for growth of their processes and their practices round provider variety and provider control. Subsequently, even if now not strictly mandated, provider audits are extremely really useful for organizations in the hunt for to successfully put into effect ISO 9001 and make sure the standard in their services. The important thing issues can be:

Chance-based way. Auditing efforts will have to be desirous about providers that pose the easiest menace to the group’s high quality goals.
Number of analysis strategies. Audits are only one manner of provider analysis. Different strategies come with efficiency tracking, comments research, and web site visits.
Documentation. Care for transparent documentation of all provider analysis actions, together with audit findings, corrective movements, and growth plans.

When taking into consideration the outsourcing of a activity, the group should assess and decide the factors through which providers are decided on. Via systematic analysis, a company can put into effect a rigorous provider variety activity that comes with:

Detailed questionnaires to collect knowledge at the provider’s high quality control machine, processes, and features
Reference exams made through contacting earlier consumers to evaluate the provider’s efficiency and reliability
On-site visits to watch the provider’s operations and assess their amenities, apparatus, and body of workers
A risk-based way matrix to prioritize providers according to the possible impact at the group’s high quality goals

In making plans bids, growing contractual agreements, or different processes involving outsourcing, the next will have to be regarded as:

Transparent specs. Outline transparent and measurable necessities for the outsourced services or products.
Efficiency metrics. Determine KPIs to trace provider efficiency, similar to on-time supply, defect charges, and buyer delight.
Contractual consequences. Come with clauses for non-compliance with contractual tasks, similar to past due deliveries or subpar high quality.

The procedures for tracking and measuring outsourced processes should be nicely idea out and will have to be carried out when tendering a freelance. Consider, including necessities due to this fact is continuously tricky. Imagine the next:

Common efficiency evaluation. Behavior common efficiency critiques with providers to trace their efficiency towards agreed-upon KPIs.
Knowledge research. Analyze knowledge on provider efficiency, similar to defect charges, supply instances, and buyer proceedings to spot tendencies and spaces for growth.
Comments mechanisms. Determine a machine for gathering and examining comments from interior and exterior consumers relating to provider efficiency.

Whether or not a company prefers to audit or use different way of controlling the outsourced activity, a well-thought-out collaboration and verbal exchange plan will have to be made, taking into consideration:

Open verbal exchange channels. Care for open and common verbal exchange channels with providers to deal with issues, percentage knowledge, and collaborate on growth tasks.
Joint drawback fixing. Paintings collaboratively with providers to spot and unravel problems associated with high quality, supply, or different efficiency issues.

Power growth is integral to any excellent control machine. As a abstract I’d recommend the next:

Common critiques and updates. Often evaluation and replace your provider control processes to verify they continue to be efficient and aligned with converting industry wishes.
Provider construction. Enforce methods to assist providers reinforce their high quality control programs and function.

By means of enforcing a mixture of those mechanisms, organizations can successfully regulate outsourced processes, decrease dangers, and make sure that they obtain fine quality services from their providers.

Clause 9.2.1 of ISO 9001 does certainly recommend that auditing outsourced processes is excellent follow. This clause states that organizations will have to habits interior audits to guage the effectiveness of the standard control machine. The scope of interior audits generally comprises all related processes and actions inside the group. How this pertains to outsourced processes is the place the requirement turns into open to interpretation. Despite the fact that it does now not explicitly state “provider audits,” the clause means that comparing the effectiveness of processes which might be outsourced is a part of assessing the total effectiveness of the QMS. If the outsourced processes considerably have an effect on the group’s skill to fulfill buyer necessities, then the ones processes will have to be integrated within the scope of interior audits.

Dr. IJ Arora’s article was published in the Exemplar Global Publication “The Auditor”. Click here to read the featured article.

#managementsystems #riskmanagement Auditing Audits ISO9001 ISO9001:2015 problemsolving supplieraudits

Author: iarora@qmii.com

What is a procedure and how it is used?

What is a work instruction and how is it used?

What is a flowchart and how is it used?

Final thoughts

A Better Way

Plan, Do, Check, Act (PDCA) and the Importance of Leadership

Conclusion

Analyzing ROI

Reducing Risk

Final Thoughts

A Better Way To Begin

The View From The Shop Floor

Bringing It Forward

Copyright © 2023 Quality Management International, Inc. - QMII