Can Boeing Ship a Lengthy-Time Period Approach to their 737 MAX Issues?

Dr. IJ Arora

Boeing is within the highlight once more with its 737 MAX planes, that have already had a deeply bothered historical past. Buyer center of attention (which is clause 5.1.2 of ISO 9001 and AS9100) turns out to were misplaced someplace.

I’ve learn a number of contemporary articles on those incidents in addition to Peter Robison’s ebook Flying Blind: The 737 MAX Tragedy and the Fall of Boeing, all of which level to a worsening scenario for Boeing. The general public belief of this nice American corporate, which has all the time been dedicated to top-class engineering and depended on merchandise, is converting from one among admire to one among warning. Vacationers are questioning, “Must I fly in a 737 MAX?”

Boeing and the aerospace {industry} normally have excessive requirements for high quality and product protection. On this article, I postulate whether or not an organization’s high quality control machine can ensure that not anything is going fallacious for patrons. Can it make certain perfection? If no longer, what are the choices—and why have one in any respect?

What took place and who’s accountable?

For the ones no longer acquainted with the 737 MAX incident in January, in a while after an Alaska Airways flight departed from Portland, Oregon, a cabin door panel blew off. As investigations are nonetheless ongoing the reasons have no longer but been totally decided. Boeing additionally had a tool factor at the 737 MAX, ensuing within the crash of a Lion Air flight in 2018 and an Ethiopian Airlines flight in 2019.

Right here in the US, the Federal Aviation Management (FAA) performs a vital function in offering laws to make sure flight protection, and likewise supplies oversight of plane producers, airports, and upkeep suppliers. On the subject of the Alaska Airways flight, it kind of feels that the FAA didn’t uphold its depended on function. The FAA’s a large number of assessments and balances, maximum of that are meant to concentrate on buyer protection, had been like aligning holes in slices of Swiss cheese. It’ll be fascinating to peer what adjustments this incident brings about on the FAA. On the other hand, can regulatory oversight ensure protection of flight?

The AS9100 same old, which is restricted to the aerospace {industry}, isn’t the brainchild of a unmarried entity, however fairly a collaborative effort pushed by means of two key gamers:

  1. The World Aerospace High quality Staff (IAQG). This global group brings in combination representatives from aviation, house, and protection firms around the Americas, Asia/Pacific, and Europe. They actively take part in growing, keeping up, and updating the AS9100 same old.
  2. Standardization organizations. Those our bodies, such because the Society of Automobile Engineers (SAE) within the Americas and the Ecu Affiliation of Aerospace Industries (now the AeroSpace and Defence Industries Affiliation of Europe), formally submit and distribute the usual.

You will need to word that AS9100 builds upon the root of the extra normal ISO 9001 high quality control machine same old. Whilst ISO 9001 lays the fundamental framework, the IAQG provides industry-specific necessities a very powerful for making sure protection and high quality within the aerospace area.

Along with the producer and the FAA, the landlord/lessor of the plane additionally performs a task in making sure the aircraft is correctly maintained. This comprises settling on a reliable upkeep supplier, hiring competent engineers, and having powerful processes in position. With such a lot of other stakeholders, can blame be attributed to only one when injuries occur? Moreover, must blame be the secret? Possibly no longer! You will need to word that the machine is applied to toughen every consumer and that each one stakeholders within the worth chain play their phase as effectively.

Audits, inspections, and control methods: Are those the answer?

In the back of each tragedy, casualty, and mishap is a series of comparable occasions. The instant suspect when these kind of vital screw ups happen are deficient inspection protocols, possibly even the feared “human error.” On the other hand, this can be the low-hanging fruit and a deeper dive would possibly establish different causal elements, akin to asking if the standard audit failed.

What’s the distinction between an audit and an inspection? Can they change every different or are inspections by myself sufficient? The straightforward resolution is not any! Each are wanted because of elementary variations in method. Audits take a look at the processes to make sure the control machine produces conforming services and products. An effective control machine should come with the next, to call a couple of:

  • It should be well-defined, beginning with the “as-is” state of the machine.
  • Dangers should be known (clause 6.1) according to the context of the group (clauses 4.1 and four.2).
  • A transparent definition of the product should be known.
  • Efficient audits and periodic evaluation should be undertaken by means of control.
  • Outsourced processes should be managed.

Inspections play the most important function by means of figuring out defects previous to unlock, thus protective no longer most effective the buyer/buyer/consumer/warfighter, and so forth., but in addition the recognition of the group itself. With that stated, inspections don’t give a contribution to power development as a result of they center of attention on fixes versus long-term answers. In impact, they don’t in reality upload worth for the reason that group has already incurred the price of generating the faulty phase or product. The creators of the Toyota Manufacturing Machine (i.e., lean) got here up with the Andon procedure to catch a defect as early within the procedure as imaginable as a way to repair it sooner than the issue went too a ways down the road.

Control methods aren’t only a choice of paperwork. To serve as correctly, they require dedication in any respect ranges of the group, together with height control offering the wanted assets. It takes time to construct a tradition of high quality wherein shortcuts are have shyed away from and there’s no worry of talking up. Buyer center of attention should no longer be compromised. As an example, unlock of conforming product must cross throughout the procedure particularly referred to as out by means of clause 8.6; any interference by means of height control to truncate this procedure would suggest the lack of buyer center of attention. Is that this an opportunity? Possibly, however the investigation should expose the reality. On this case of the Alaska Air incident each the Boeing consumers and Boeing as an organization have suffered. It’s my hope that investigators will establish all failed portions of the machine from every accountable birthday celebration. Those would possibly come with no longer most effective failed inspections, but in addition suboptimal processes. This may finally end up taking us again to an insufficient high quality control machine.

High quality control methods: Can they ship?

Given the above, can a correctly designed and well-audited control machine (supported by means of excellent inspection tactics to assist make certain conforming product) ensure that not anything is going fallacious with a company’s output? My opinion is that no person can ensure this utterly. On the other hand, possibility can indisputably be very much decreased when the entirety is applied effectively. This comprises the educational of team of workers, which correlates strongly to competence; sadly, that is ceaselessly the primary price range to get minimize when assets are scarce.

When high-visibility incidents like those happen, it can be forgotten that airplanes stay the statistically most secure mode of go back and forth on earth. That is essentially because of powerful high quality control methods, well-adopted regulatory frameworks, and common oversight. People play the most important function within the good fortune of the control machine, from the dedication on the height to the buy-in by means of the body of workers (clause 5 to clauses 7.1.3, 7.1.4, and 10.3). Taken in combination, this is helping create an atmosphere the place high quality can flourish inside the group.

Boeing could also be doing so much accurately, and but the consequences may well be unacceptable relying at the efficiency of outsourced processes (clauses 8.41/8.4.2/8.4.3). In spite of everything, the fuselages for the 737 MAX are made by means of Spirit AeroSystems Holdings Inc. Spirit AeroSystems is positioned in Wichita, Kansas; as soon as those fuselages are manufactured, they’re shipped by means of rail to Boeing’s facility in Renton, Washington. Due to this fact, no longer most effective is a significant part of the 737 MAX outsourced, however the delivery and preservation of product (clause 8.5.4) additionally may just give a contribution to the product’s nonconformity. General, Boeing stays chargeable for all the provide chain (clause 4.3), with their legal responsibility to “make certain conformity of its services and products and the enhancement of shopper delight.”

Even with a cast high quality control machine in position, this or identical screw ups can happen. There’s no technique to guarantee the general public of 100-percent acting (i.e., highest) output. The worry within the minds of air vacationers is legitimate and can stay so till an exhaustive root motive research of this factor is carried out and the ones root reasons are resolved. The present occasions beg the query: Did Boeing make stronger their control machine after the Ethiopian Airways 737 MAX crash? If that they had bent to the oars and long gone deep into their evaluation to discover and completely repair the holes of their control machine, this tournament would possibly by no means have happened. Floor corrections, or what some organizations name “repair -it” answers, most effective take away the indications. The foundation reasons should be addressed and resolved (clause 10.2.1). There aren’t any shortcuts to high quality.

In conclusion

It has taken years for air vacationers to really feel protected and unconcerned about air protection. I go back and forth so much the world over, and ceaselessly select an airline according to their carrier and luxury, however now I (in addition to the wider public, I might consider) want to imagine which plane will delivery us. This can be a new worry about product protection that has its genesis in Boeing no longer working its control machine successfully and shedding buyer center of attention. The worst is the erosion of public self assurance in federal oversight and its intent to stay the client protected.

I’ve spent my lifestyles learning identical complicated issues and main groups in serving to organizations in finding long-term sustainable answers. This calls for daring and dynamic management (clauses 5.3 and 5.1) for leaders to plot and enforce alternate. Appreciating and accepting dangers (i.e., protecting the client in center of attention) and transferring ahead is integral to true management. Ethics continues to be no longer a clause of ISO 9001 and AS9100, however moral management is ready doing the proper factor for all stakeholders.

In seminars at which I provide, I ceaselessly ask senior managers: “When you have a decision between following the process and/or doing the proper factor, what would you do as a pace-setter?” The solution—I’m hoping—is to do the proper factor always. However then, hope isn’t a plan. Air protection can’t be according to hope and religion. Boeing wishes the management to revamp their machine if they’re to carry the general public consider again for this nice American corporate.

Concerning the writer

Dr. IJ Arora, Ph.D., is the President and CEO of QMII. He serves as a workforce chief for consulting, advising, auditing, and coaching relating to control methods. He has carried out many lessons for the US Coast Guard and is a well-liked speaker at a number of universities and boards on control methods. Arora is a Grasp Mariner who holds a Ph.D., a grasp’s level, an MBA, and has a 34-year file of accomplishment within the army, mercantile marine, and civilian {industry}.

Hyperlink to the thing characteristic in Exemplar International e-newsletter – “The Auditor”

Audits VS. Inspections

There is often confusion about the difference between audits and inspections. The purpose of each may seem the same, but they are slightly different.  Audits focus on why, while inspections focus on what. The purpose of an audit is to get the confidence that processes are working well.  An audit involves various layers to answer a “why” question. It involves exploratory reviews involving documentation, risk assessments, and nonconformities, etc.  While an audit may need more effort in finding an answer, an inspection is less complicated. The answer to an inspection question will involve a straightforward yes or no answer.

Inspections focus more on the action, while audits are about the process.  Inspections review a single point in time, but an audit follows a process from start to finish.  An inspection simply looks at the product or service. The process of an inspection is quite simple, it either clears the project if it meets the requirements specification or rejects it. If it is rejected, its loss can be reworked at an extra cost. Inspections must be conducted at every step to minimize the chances of product failure.

Why are audits and inspections important to an organization?  Inspections deal with things that cause immediate accidents or other issues. Inspections protect the customer, so the customer is not harmed by a non-conforming product yet from an organization’s point of view that they are too late.  The audit is to cover the root cause of these problems. The audits provide the input and ensure continuous improvement and it is where we take on nonconformities.

Here at QMII, we provide valuable information when it comes to our auditing services. We can give insight on where your system is working well as well as the risks and suggest opportunities for improvement. QMII’s audit services reduce the fear of an audit. Some individuals fear being blamed for non-conformities and often dread the idea of an audit. Our services are to ensure auditees are put at ease while QMII auditors look to find the effectiveness of controls in the system.

Although there is often confusion when differentiating audits and inspections, it can be easier to think of it as the Plan-Do-Check-Act cycle. Inspections are a “do” while audits are a “check.”  Inspections are required to do, and the audits are the process of checking and making sure inspections have been done.

 

 

Is your organization ready for MDSAP?

Quality is important in all industries but perhaps more so in the medical industry and for those organizations producing medical devices. Apart from ISO 13485 that defines the requirement for medical device quality management systems, medical device manufacturers have to also comply with the regulations of the country their devices are going to be used within. In an effort to streamline the program for manufacturers the Medical Device Single Audit Program (MDSAP) was devised. The MDSAP program is an audit done of the company to the regulations of five participating countries. It is thus much longer than a regular ISO audit as it has to assess the system against multiple regulatory requirements.  

As your company prepares for this new audit scheme perhaps the easiest thing to do is a self-assessment. Use the MDSAP audit model guide to assess whether the company processes meet all the requirements. Conduct a gap assessment and then work to fill in the gaps including keeping records as needed by MDSAP. Just because an organization undergoes MDSAP does not mean that it will not have an ISO 13485 audit as these are two separate schemes. In the conduct of the assessment ensure that the person conducting it is competent to do so. This will avoid any last-minute surprises. Make note that the MDSAP model grades non-conformities differently and so use the same scoring scheme to know what are the priorities that need to be addressed immediately.  

Is the leadership prepared? Often in preparing an organization focuses on the lower echelons as also on the processes involved in the design and manufacturing processes. Ensure the leadership is briefed on the model guide and understands the expectations from them. As a part of each audit, the AO focuses on the management and assesses their commitment to the system. The leadership once committed will drive the rest of the organization to follow suit. This will make it easier for those implementing the system and assessing it internally.  

Make sure personnel are trained and understand well the expectations. QMII offers a variety of MDSAP offerings that are tailored to meet the requirements of the organization with training for each level of the organization. In addition, QMII also offers ISO 13485 lead auditor training. Organizations must recognize that participating in MDSAP will not exclude them from regulatory audits from other organizations. While the audit program may seem cumbersome at first there are benefits from participating in it that include reduced costs and a streamlined audit process.  

ISO 9001:2015 – Exclusions

Exclusions to what an organization does were integral to the ISO 9001 standard prior to the 2015 version update. After all an organization cannot do all the work. Clause 7.1.1 lays the foundation on this thought by accepting that an organization must determine and provide resources. In doing so it determines the constraints and capabilities of the existing resources and what needs to be obtained from external providers. As such in previous standards, the organization, when seeking certification, requested exclusion on those processes that it did not perform.

The drawback of this was a major flaw. Over the period of time, some of these organizations, sheltered under the exclusion provision even lost the ability to pick the correct outsourced party! For example, if the organization builds highways, but outsources bridges and tunnels, then it must have the ability to be able to pick the correct vendor/ contractor who will not let the customer down. The revised 2015 version of the standard therefore in the wisdom of TC-176, removed this exclusion provision. It does not imply now the organization cannot outsource what it does not do. All that it means that the organization can review the applicability of the requirements based on its size, complexity and decide on the activities it needs to outsource.

With the exclusion provision removed, the organization would need to do due diligence in appreciating the range of its activities and the risks and opportunities it encounters as also the effect if any of the outsourced vendors not performing to accepted requirements. The organization then remains accountable for the outcome of the outsourced processes and products and services externally obtained. To ensure their consistency and levels of acceptance, it would need to take measures as required by clauses 8.4.1, 8.4.2, and 8.4.3 of the ISO 9001 in enforcing monitoring and measuring to protect its customer and clients.

This assurance that an organization can not and will not outsource those activities which by its decision will not result in failure to achieve conformity of products and services. Clause 4.3 of ISO9001 in determining the scope of the quality management system clearly requires that conformity to the ISO 9001 can only be claimed if the requirements determined as not being applicable do not have an adverse impact on the promises made by the organization. The products it provides, based on externally obtained subproducts or services must not affect customer satisfaction.

In terms of auditing, it is incumbent upon auditors that they carefully seek conformity to this requirement when auditing. Internal audits to ISO 9001 must provide the objective inputs to top management to make better decisions and appreciate the risks of outsourcing to nonperforming and or underperforming outside organizations, remembering they remain accountable and answerable for the final product or service. Ensuring the organization’s accountability for the conforming products and services whether outsourced or not is the responsibility of the organization.

QMII’s ISO 9001 EG (Exemplar Global) certified lead auditor training designed carefully to meet the objectives as envisaged in the standard.

Effectiveness of the ISM Code

The ISM (International Safety Management) Code, in itself, is not a magic wand, that will bring safety or prevent pollution. It depends on the organization on how it implements the Code. Safe operation of ships and the prevention of pollution should have been any organization’s objective. Yet all over the world owners to save money compromise these objectives. Did not the Titanic on April 15, 1912, sink, trying to create a record of crossing the Atlantic, by going North to cut distance, run into the iceberg?

The sinking of the Titanic, with a loss of nearly 1500 passengers and the crew was an eye-opener. It led to the SOLAS (Safety of Life at Sea) convention. Did the negligence and continued operation of ships compromising safety stop with SOLAS? Sadly not. The investigation by Justice Sheen into the sinking of the Herald of Free Enterprise, on March 6, 1987, looked at why SOLAS had not helped prevent the tragedy. It brought out the necessity for a process-based management system, and the SOLAS Chapter IX was updated to authorize the ISM Code. It provides the guidelines for the implementation of a system to ensure the safety of vessels at sea.

The Flag State Administrations whose flag the ships sail under, legitimize the use of the code making it mandatory for internationally trading vessels. If any company is bent upon not implementing it in the spirit of it, then of course the objectives of the code as also the functional requirements will not be met. Owners and Operators of the vessels often look to short term gains wherein they compromise the standards and bypass the rules. They have to understand that behind every casualty at sea are many detentions and behind them indicators like Major NCs (non-conformities) and near misses.

The Flag States who do not strictly inspect and audit vessels to the ISM Code and issue SMC (safety management certificates), are actually, to retain the business of ship owners, jeopardizing the same ships! Even some responsible Flag States, due to shortage of manpower outsource their duties to ROs (recognized organizations), often represented by class societies. This results in diluted control, as an outsourced process needs strict monitoring of the process to ensure the performance is not affected. Not managing an outsourced process is as good as not taking responsibility. Authority can be delegated, bot the responsibility.

NCs (non-conformities) drive correction and CA (corrective action), and as such should be welcome as inputs to ensure continual improvement of the system based on the ISM Code. Yet, there are every day common examples of Masters of ships negotiating to somehow get the auditors to not give NCs. This is because the management ashore is not mature to realize, that keeping the master’s pressurized and performance being judged by NCs reported is creating an environment of fear and hiding of NCs. A good SMS (safety management system) based on the ISM Code, if correctly implemented should welcome NCs. The DP (designated person) should know that the “only bad NC, is the one which the organization does not know about.”

For domestic vessels, and for that matter towing and small vessels, and perhaps in due course of time for domestic passenger vessels, one would think a new standard would be required? Sub Chapter M for the towing industry in the USA, is nothing else but the ISM Code domesticated. The ISM Code is a useful well thought of document which provides strong fundamentals based on hundreds of years of sea experience, loss of life, cargoes, ships, and fortunes. The process-based management system it propagates would systematize operations. However, for an effective management system, the implementers have to be motivated and committed. The Flag States have to be strict and vigilant in their issue of certificates. When they outsource the certification to Ros, they must not wash their hands of their responsibility. The strict monitoring of the ROs by ensuring good clear concise MOUs (memorandums of understanding) with clear provisions to audit the ROs must be put in place. The owners and operators through their organization should put in place a robust internal auditing program that gives the objective inputs on the implementation of the ISM Code.

– by Dr. IJ Arora

Eight steps for a successful internal audit program

Internal audit programs play an important role in ensuring the success of the system. ISO standards such as ISO 9001, ISO 14001,  ISO 45001 provide the framework for management systems to function using a process-based approach, to achieve customer and other stakeholder’s requirements. Organizations certified to ISO standards, strive to be compliant, efficient and remain certified. Successful systems have Top Management (TM) / Leadership that are committed to and engaged with the system. They ensure regular internal audits and conduct management reviews (MR) to assess the continuing suitability, adequacy and effectiveness of the system. They further ensure that their decision-making process uses the inputs from the MR to ensure objective resourcing and support for efficiency.

External third-party audits too add value to this system, provided the auditors remain objective throughout the audit. Over the years QMII has come across instances where Non-Conformities (NC) were issued without the requirement being clearly stated or the evidence did not substantiate the requirement not met. However, these NCs are rarely challenged by organizations for “fear” of upsetting the auditors. Changes are further implemented to the system as a part of corrective action based on these findings. At times when the management is disconnected from the working system they often are surprised by the NCs presented at the closing meeting.

Is there, as a result, a case for preparing the organization for both internal audits and external audits? In well-functioning systems the organization should never have to prepare for an internal audit. The systems are designed to drive success and not for auditors or to get through audits without any NCs. NCs are, after all, an opportunity for continual improvement of the system and should be embraced, provided they are objective and not subjective to an auditor’s experience or opinion. An organization can and must respect a good NC and use it to drive correction and corrective action (CA). After all CA is NC driven. The organization/ auditee should be happy to receive a NC for risk(s) not appreciated.

I do however think that there are steps organization can take to build employee confidence in the  system, including the confidence to challenge the auditor when a NC is not clear or incorrectly given. Here are eight steps an organization can do to have its employees get that confidence for internal audit and subsequently for external audits:

  1. Conduct orientation on the process-based management system (PBMS) approach in general, and introduction to the highlights of the specific standard (e.g. ISO 9001:2015). This ensures that the basics of system approach and the internal management system are clear to all personnel.
  2. All TM must do a short training to be aware of the ISO standard, the main clauses and the benefits of the management system. This awareness leaders workshop (ALW) brings the confidence in the system, its implementation and continual improvement. This leadership awareness further encourages engagement of all personnel to use the system and increases buy-in.
  3. On regular basis, in day to day work and meetings refer to the management system. Ensure Quality, environment, safety, security, social responsibility, compliance are topics of discussion at periodic intervals. Even the middle and lower management e.g. supervisors should be encouraged to use the  system and engage others to do so. Management may have to support others in their roles of leadership at relevant levels.
  4. More than just following processes, all personnel must feel free and confident to challenge the process, make suggestions, raise NCs and submit innovative ideas. A participatory approach to system implementation is very cost effective. Let employees voice their concerns. Once they confident of their process and their system (with the fundamentals of the ISO Standard/other requirements built-in) the fear of audits will reduce.
  5. Put in place an aggressive internal audit program. When an outside (third party) auditor raises a NC, the organization does RCA (Root Cause Analysis) of the NC, but rarely does it challenge its Internal system and ask how the internal audit program missed the NC raised by the third party? Internal audits must be objective and strict and must raise all NCs.
  6. NCs must be tracked diligently and addressed within the time frame the organization has set for itself. TMs must stay involved by asking on the progress to the CA process. Overdue NCs must be investigated and TM must ask during the MR why the concerned department did not address it in time. Encourage PSW (Problem Solving Workshops) so teams can look at complex, inter-departmental NCs. Encourage use of tools as Causal Analysis and FMEA (Failure Mode Effect and Analysis).
  7. Creating a lesson learned data base has many advantages. It acts as a historic record for new joiners to learn of past occurrences. Additionally, it has great participatory value connecting each future task as a driver of improvement based on the past. The collective intelligence of the organization is available to the organization and does not vanish when individuals leave the organization.
  8. Some additional points for ISO 9001/ ISO 45001/AS9100 audit preparation:
  • Answer audit questions to the point. Do not volunteer information not sought.
  • Do not be reluctant to ask for your manager/ supervisor to support you if you are not clear on the question.
  • Have the confidence in your professionalism to ask the auditor for the requirement based on which the auditor is planning to raise a NC.
  • Be aware of risks associated with their process and actions taken to address them.
  • Explain the risks in the context of the organization and the context of what the employee does to them.

ISO 9001 certification decline – Does quality still matter?

ISO 9001 certification have seen a decline in the past two years per data from ISO. Some say that the standard has gotten too complicated with the introduction of organizational context, risk-based thinking and the removal of mandatory documented procedures. Even a few of QMII’s clients had considered letting their certification lapse as conformity to the new standard was perceived as too complex.

To certify or not

Let us begin by looking at the purpose of ISO 9001. ISO 9001 provides a framework for organizations looking to put in place a system that will enable them to consistently deliver products/services to customers that meet their requirements and enhance customer satisfaction. ISO 9001 certification is external validation that the system meets the requirements of ISO 9001. However, ISO 9001 allows organizations to use the standard and self-declare conformity without incurring the cost of certification. Many argue that there is no value in doing this. This is probably correct if you are implementing a system to meet a contractual or customer requirement. In these cases, certification is a requirement.

Waning trust in the system

Organizations that implement ISO 9001 for the benefits it will deliver in improved productivity, reduction in process waste and management of risks have seen the bottom line improve with time [1]. If implementing the standard enables consistent quality, why then the reluctance? Perhaps the trust in the ISO 9001 certification process has declined over time. Often have we heard from quality managers of the challenges faced when they raise non-conformities in internal audits. These are often viewed as “finger pointing” exercises since the certification body has already audited and “cleared” (certified) the system.

We have also heard from clients of certification bodies and auditors wanting to view documented evidence of organizational context, stakeholder needs and risks. The standard however does not require these to be documented and leaves it up to the organization to determine the risk of not doing so. Some auditors, however, struggle with auditing undocumented systems and auditing to the new standard [2]. As a result, organizations start documenting their system for the auditors and certification bodies resulting in a system tailored for auditors and  forced down on the organization by auditors. The auditors were to provide inputs to TM (top management) to make better decisions, instead now the auditors and audits have become the product. The system must be designed for the employees not for the auditors. The intent of the standard to act as a preventive tool gets lost in this compliance process.

Supplier audits

Over the past two decades there have been several mergers and acquisitions leading to larger multi-site organizations and perhaps as a result a reduction in certifications. As these organizations have grown, and maybe in part owing to the declining trust in the certification system, they have decided to conduct their own supplier audits. As such suppliers have chosen to let their certification lapse since they are nevertheless being audited by the customer and that is the audit that really counts for them.

Supplier audits are more focused on the customer contractual requirements. Organizations who perceive ISO 9001 as a documentation burden will then only document the parts of the system to meet contractual requirements rather than document the system to meet the organization’s requirements based on ISO 9001. They fail to see that ISO 9001 leaves the extent of system documentation up to the organization and often perceive it as everything needs to be documented.

Conclusion

While quality does matter and customers are still looking to receive a quality product, oft incorrect interpretation of the standard leads many to choose against ISO 9001 certification. At times other certification requirements like CE marking may be more desired and certification to two standards be burdensome. Also methodologies like Six Sigma and Lean have gained prominence. So, ISO 9001 certification gets the boot.

Those looking to gain the benefits of a quality management system need not re-invent the wheel. ISO 9001 provides the framework that essentially reflects business 101. If you do not need ISO 9001 certification then you can self-declare and let the doubters come and assess for themselves. In the meantime, you will still gain from a well implemented management system. Remember, you already have a system that has brought you thus far, align ISO 9001 to your system and not your system to ISO 9001.

[1] Guasch, Luis J.; Racine, Jean-Louis; Sanchez, Isabel; Diop, Makhtar. 2007. Quality systems and standards for a competitive edge (English)

[2]Quality Progress October 2017, Article: The results are in…

Obtaining Top Management Commitment

Who cares about the system? 

Management systems need top management commitment to work well, and yet many systems lack the necessary commitmentYou may recognize some symptomsPolicy – ignoredObjectives  are barely alive. Corrective actions remain open. Managers seem not to appreciate the value of the requirementsEmployees are unsure about the system’s requirementsProactive identification and addressing of risks/opportunities is rareRoot causes of failure remain in the system. Consequently, the system is not improved. Employees are unaware of what the system should do for themManagement reviews are embarrassingLeaders either do not show or do not contribute. Top Management Commitment is lacking. Audits may temporarily energize the playersManagement representatives ask, Am I the only person who really cares?” 

Who trained the leaders? 

Many leaders do not explain their management systemsThey may know the importance of certification, but they rarely explain why their system is vital for survival and growthWhy is this? Examine your internal audit program; is it driven by top management’s objectives?  Audit your training recordsDo they show that leaders are competent and confident to show their top management commitment? Who trained the leaders in their organizational management systemCompetent leaders take responsibility for their systemThey explain how their system works and why its requirements are so important to themUnaware leaders blame employees for mistakes caused by their system. 

Your system, is it perceived as worthy? 

Even if your system is certified, do not expect leaders to support it Every organization is a systemDoes the documented part of this system describe how it converts stakeholder needs into cash (or continued funding)?  Is this the management system that was certified or was it some new ISO system built on templates?  

Is your system irresistible to the leaders?  If notshow how your system converts needs into cash so top managers would not want to lead without itTry our methodology to appreciate how others have developed systems and gained top management commitment beyond certification. Everyone should fulfill their objectives and earn their bonuses by using and improving  the system.  

Awareness Leaders Workshop 

Engage us to design and facilitate your one-day Awareness Leaders Workshop™Select attendees who are leaders by job title and those who are leaders by personalityInclude the skeptics! 

We listen to your objectives and design your workshop to fulfill your required outcomesThis may need  system analysis to result in a diagram that explains how the system converts needs into cash. This  workshop is facilitated by our senior management system consultant and auditor, who for over 20 years  has helped many willing and reluctant managers to understand and commit to their systems. 

Prepare for action 

Remove the root causes of what ails many management systemsYou want your top management commitment  to the requirements of their management systemClear the backlog of stale CARs  and pending actions on identified risks to prepare for the surge of improvements flowing from the renewed leadership of your system 

When you are ready, please email IJ Arora or call 888.357.9001 with your requirements.

Stop the Firefighting: Use Effective Root Cause Analysis

Root Cause Analysis (RCA) or Causal Analysis when applied correctly should help to prevent the recurrence and occurrence of similar issues within the organization. Why then is such little time, money and or effort afforded to it?

Heroes save the day! Yet again! How often have we come across news articles that laud those who manage the crisis, stop the plane from crashing or save the patient. The reality in any casualty is that, a system failure has resulted in a non-conforming product/service, including failed inspection. Organizations should laud and appreciate those who prevent incidents/ accidents/non-conformities and those who perform effective root cause analysis. Those who recognize near misses and perform CA  should receive equivalent if not more praise.

The root cause of many diseases is lack of a healthy lifestyle. Presumably, annual medical check-ups would show the flaws and enable risk appreciation to prevent a disease or illness from manifesting itself. This data however may not be enough to provide an accurate diagnosis or prevent a serious medical condition. Perhaps some may see the regular check-ups as a waste of money and time! This may help to explain why companies are reluctant to do root cause analysis when non-conformities arise. Their instincts are to do the firefighting when something goes wrong. This basic firefighting often appears to be less expensive, quick and seemingly more convenient. However, as has been proved again and again in various fields (quality, safety, security, etc.) prevention is better and more cost effective than the cure.

Why Problems Persist?

There are many methodologies for root cause analysis (RCA). It is not the intent of this article to educate its readers on the various RCA methodologies. Before we delve into why problem persists let us considers why problems occur. Problems usually occur because of the lack of a functional well implemented management system. This includes the lack of management commitment, timely identification of risks and lack of controls/adequate resources for the processes. Despite repeated warnings from their doctor, patients choose to continue living their current lifestyle. During incident investigation interviews this comment is often heard ‘this is the way we always did it’. Humans are not always accepting of changes and ‘if it ain’t broke then why fix it?’ Management of change is never easy. The larger the organization the more difficult it is to enable the change. Often in management systems, problems are ‘fixed’. This makes the issue go away albeit temporarily. Everyone likes a good score card and ‘fixing’ the issue makes everything look good again. However, when the root cause(s) are not addressed this dragon will raise its ugly head again.

When root cause analysis points toward leadership or top management, the job security aspects may prevent the middle managers from completing the RCA process. This political limitation, to avoid exposing process issues within the ranks of leadership are counterproductive, and yet a reality. As preposterous as it may sound, in some cases leadership may opt for paying the fine when things go wrong and then proceeding as is. This is seen as the ‘less expensive’ option than resourcing actions to prevent the recurrence/occurrence of problems. Conflicts of interest in the workplace, can often be a reason for a lack of effective root cause analysis.

Stopping the Firefighting.

With all due respect to firefighters and other emergency personnel, organizations want to solve the problem, so they do not have to call them back! This means getting to the root cause(s) of the incident. Very often when identifying the root cause(s), the work group or practitioners often stop short of finding the actual “root cause.” These may be the immediate direct or indirect causes. The root case may lie in another part of the organization and often gets missed. Root Cause Analysis when done correctly drives systemic changes to prevent similar issues from cropping up again. As with everything else the RCA team needs the backing of the leadership including the needed resources to be effective.

In conducting effective root cause analysis, the inputs of customers and other stakeholders may be needed. For effective root cause analysis is of interest to all organizations that are integral to the successful implementation of a management system. The element of social responsibility in the defined duties of leadership need to be audited and have consequences when customer focus is lost. The new root cause analysis model should have an element of responsibility attributable to the top management. The intent, not to encourage a blame culture, but a responsibility culture. As a part of QMII’s management system implementation we train selected candidates as a problem-solving team to enable and empower continued success of the system. To sit in the fire house and focus on other initiatives such as innovation, social responsibility etc. an organization has to proactive rather than be responsive.

Conclusion

Leadership often questions why money spent on management systems, particularly when based on ISO Standards do not work? Why a conforming product or service is not constantly delivered by an organization? Mature organizations recognize that the only bad nonconformity (NC) is the one that they do not know about. Once the NC is identified, the system must drive Correction and CA (corrective action, based on RCA). Closed NCs added to the database, along with the proper analysis of the information, will allow system users to appreciate risks and trends to identify the opportunities for improvement (OFI). However, all this will fail if the MS (management system) users do not understand the value of RCA.

For the success of a Management System, its outputs based on inputs must deliver conforming products and services.  When the Management System does not achieve this, all stakeholders should be interested in the root cause analysis and corrective action.