Last time in Part 1, we discussed the early beginnings of Quality Management. We will now continue with the modern standards.
In 1987, BS 5750 became an ISO standard – Parts one, two and three became ISO 9001, 9002 and 9003. The Americans, as did most other industrial nations, had similar National Standards. In America ANSI / ASQC Q91, Q92 and Q93 were also replaced by ISO 9001, 9002 and 9003 and eventually all nations gave up their standards and supported ISO 9001.
These early standards shared accepted best practices at the time for Design Responsible organizations (ISO 9001,) Contract manufacturers (ISO 9002) and Distributors (ISO 9003) and focused on the need to follow the rules – i.e. the need for documented procedures. Of course – since they were founded in those old military standards! Regrettably, they were focused exclusively on product quality and not easily adaptable for service organizations.
As a requirement for all ISO Standards, they must be reviewed every 5 years to facilitate revision as needed due to improvements in practices, knowledge, technology, etc – keeping up with the times. In 1994, ISO 9001, 9002 and 9003 were re-released, still product oriented and with only minor revision from the 1987 version but it did introduce the permission to keep documents in any type of media – not just hard copy, allowing for electronic storage of such things as records.
The concept of Preventive Action is also introduced. This is actually a very good thing because preventive action is proactive as opposed to the reactive nature of the corrective action process. Preventive action requires organizations to anticipate problems so they can be addressed before they occur.
Unfortunately, many auditors were not ‘ready’ to accept or did not understand the value of this concept and failed to develop a culture that appreciates the benefit of pro-activity within their client organizations. They allowed their auditees to slide, claiming Observations (which by definition do not require action) as an excuse for Preventive Action. (The reasoning behind this acceptance of OBS written by himself, herself or some other auditor is based on the rationale that OBS are not a nonconformance but something that might become nonconforming. If the organization is addressing them, they are acting proactively.) Although, technically correct, this misses the mark by quite some distance.
Six years later ISO 9001:2000 is released. After lengthy review, it underwent major changes: introducing The Process Approach, a concept that all activities in an organization are connected together in some ordered structure. It
also gave us P-D-C-A (Plan, Do, Check, Act – something originally introduced by Walter Shewhart and made popular by W. Edwards Deming – see Quality Gurus.) The premise is, if an organization takes a good hard look at its operation, understands the process flow, plans and takes action, process improvement can be made. The result should lead to improvement of product quality. Moreover, if you improve product quality, the cost of poor quality goes down and the organization experiences bottom line benefits. (The theory of CoPQ was championed by Philip Crosby- see Quality Gurus.)
The 2000 revision was a quality management system, rather than a quality control system. Other key differences introduced in 2000 were, a) if a procedure was not necessary, there was no point having one. Whereas the 1994 version had required a procedure for everything now only six (6) are expressly required. In addition, b) there were only three (3) requirements for the Quality Manual: 1) that it included the scope of the quality management system including details of and justification for any exclusions, 2) documented procedures or reference to them, and, 3) a description of the interaction of processes. Companies were given a lot of freedom – maybe too much and the auditors were not prepared for it.
Also presented is this revision is the idea that one size really does fit all by eliminating ISO 9002 and 9003 and allowing exclusions. This change was welcomed but again not fully understood by the auditors, allowing some design responsible organizations to exclude the design function and get away with it! Preventive action is still here and still the auditors did not get the memo on that.
Fast-forward eight (8) years – one would think there was another ‘big’ change coming but, No! This time ISO 9001:2008 looked and felt just like the 2000 revision with the exception of some minor wordsmithing – changing Control of monitoring and measuring devices to Control of monitoring and measuring equipment as well as a few other not-worthy of mentions. It was touted as a clarification of the previous revision. We called it Process II because it gave us a second chance to get the Process Approach right – most organizations and auditors still did not and there is not a whole lot more to say about it.
On September 15, last year, the much-awaited ISO 9001:2015 Standard was published and introduces several new concepts; some of which are Risk-Based Thinking, Context of the Organization, Interested Parties – needs and expectations, Human Factors and Knowledge Management.
This signals the end of this post but heralds the beginning of our series of posts on the implementation of or transitioning to an ISO 9001:2015 compliant Quality Management System.