Posted by & filed under Uncategorized.


I am always surprised at the attention and time paid to produce   “mission statements”.  My view has always been that my clients are entitled to the very best I can do because they are paying me and have put a considerable amount of trust in the outcome of my service; it’s as basic as that.

I would be pleased to hear from anyone who has bought an item or service based on a mission statement. I am convinced that customers are not interested in promises or elaborate statements of goodwill. They want to know if you can provide what they want, when they want it and at a price that doesn’t frighten them to death.

Having said that, I have found the quality policy outlined below, which I have used as part of my quality policy manual for many years,  has always been well accepted by assessors, and (after careful scrutiny and agreement as to the content), by my clients.

The assessors can check this statement of commitment easily against the rest of the policy manual and the quality assurance procedures that support the policies. It should also prevent senior executives from producing flamboyant statements about the business which have no basis in reality.

I have tried to keep the statements within a practical business environment to give CEOs and other senior executives a starting point in recognising where these statements relate to their business. The opening statement obliges them to really think about what the business is all about and how they would want it described on the accreditation certificate.

For example, careful attention should be paid to whether or not design is included in the business scope. If no designs are developed or purchased for inclusion in the product (including those provided by suppliers) then an exemption can be claimed for that part of the standard. If you are not sure then it pays to discuss the scope of your business with the assessor of choice before completing the application. The time and attention you pay to this will be well worthwhile.





Quality Policy


1                    I.M. Happy Company (hereafter referred to as IMH) is in the business of designing and producing (insert concise and precise description of your company’s product or service).

2                    IMH management believes that the responsibility for supplying consistently reliable products and service requires the full commitment of every IMH employee.  To achieve and maintain this commitment, employees are trained in quality assurance policies and procedures and in programmes such as Health and Safety in the workplace, Drugs and Alcohol Abuse, and Environmental awareness.

3.         IMH quality assurance is established by formal written procedures, working instructions and sufficient inspection throughout all phases of production and service carried out by IMH staff. The IMH commitment to the quality system is expressed in the company Quality System Manuals and associated documents (hard copy and on-line), which comply with the ISO9001:2008 standard.

4.         The IMH quality objectives are reviewed regularly by senior management.  Commitment to the quality programme begins with a review of customer requirements and continues through all aspects of product development and customer support.  Every effort is made to ensure prompt detection of, and response to, deficiencies in production and customer service.

5          Levels of customer satisfaction are monitored regularly to ensure that current and future requirements and preferences are met.  This commitment to quality and continuous improvement extends to suppliers, who are involved closely in IMH quality assurance requirements.

6          Quality planning includes activities and resources needed to achieve quality objectives, such as verification activities and personnel, criteria for acceptability and quality records required to maintain customer confidence.




This policy statement shows that at least you are aware of the commitment involved in developing and maintaining a quality system, which is what the assessor wants to see and confirm during the certification audit.

If you assume, however, that you need not choose your words with care when describing your business, consider the words of a well-known writer from an earlier age.

“Neither can his mind be thought to be in tune, whose words do jarre; Nor his reason in frame, whose sentence is preposterous” Ben Jonson.

(Benjamin Jonson, c. 11 June 1572 – 6 A

Posted by & filed under Uncategorized.

Electronic signatures need the same control, if not more, than written signatures.


If you use electronic signatures in your business, or have plans to do so, it is worth bearing in mind the following:


  • Each signature should be unique to an individually authorised person
  • Signatures should not be reused by, or reassigned, to anyone else.
  • The identity of the person holding each assigned signature should be verified before assigning, establishing, certifying or otherwise sanctioning signatures  

Don’t forget to add electronic signatures to your Signatories List, which you should have for all persons authorising critical quality system processes, policies, procedures. These will include all signatures required for quality management systems such as ISO9001:2008  (to be reissued as ISO9001:2015).

Include the Signatories List in your regular internal audits.

As an extra precaution, I would identify authorised electronic signatories during contract negotiation. This could save last-minute changes when contract processes are underway, and allow you to keep an eye on staff changes, vacations (holidays) and other times when the signatories might not be available.

Posted by & filed under WHAT MIGHT ASSESSORS LOOK FOR?.

Make sure everyone knows through your working instructions and training that they recognise nonconforming items through tags, labels, marking, segregation in well-marked quality control segregation or quarantine areas.These areas can be laid out on the floor with special marking, or just be a box for smaller items provided it is suitably marked.Whichever method you choose it must be secured for nonconforming items only.

I remember working with a Maintenance Superintendent for a freight forwarding company who had the job of isolating and identifying nonoperational forklifts. They were removed to a corner with a small (grubby) tag marked ‘DO NOT USE’ attached to each one. Unfortunately, during the night shift. operators would decide that they needed an extra forklift. or another forklift would go out of action, and they would take one of the deficient forklifts back into operation. Much curs­ing and frustration occurred the next day as the unfortunate Maintenance Foreman had to waste time tracking the wherea­bouts of the missing forklifts.

Of course, the identification was inadequate for the job it was supposed to do. We devised a much larger identification: a big tag with a skull and cross bones and the words ‘DAN­GER DO NOT MOVE!’ The tag carried a serial number (be­cause it was a controlled document), a Work Order number and a brief account of why the machine was out of action (leaking oil, gears seized). As soon as the machine was re­ported out of action (usually by the operator), the Foreman or other authority would attach the tag, after obtaining a Work Order number from the Repair Shop Work Order Log. The tag would carry an NCR number so that the item would be absorbed into the quality system, with corrective action.

We made it as simple as possible for employees to understand and respect the status of the ma­chine as soon as they looked at it. Too often people will sim­ply not follow procedures if they are not presented in suffi­ciently dramatic or sizeable terms to attract attention, espe­cially when they are in a hurry, or working under extremely difficult conditions.


Posted by & filed under WHAT MIGHT ASSESSORS LOOK FOR?.


Well-maintained Inspection, Measuring and Test Equipment is important for verifying the status of continuous improvement in company processes as well as accuracy of the product or service.

Assessors will be looking for Inspection. Measuring and Test Equipment to be cali­brated by an accredited subcontractor whose certifica­tion can be traced to national or international standards. A typical list would include gauges. micrometers: anything that needs to be calibrated regularly to maintain its status as a valid measurement for critical parts of the product or service.

Care of the equipment is essential. I have found delicate instruments pushed into drawers and covered with dust. Assessors will check that:

  • The equipment carries stickers showing the date of calibration and the stamp of the accredited agency’s representative responsi­ble for the calibration.
  • Equipment is suitably protected commensurate with its fragility.
  • An ISO label (sticker) or other applicable verification is attached to the equipment in addition to the calibration status label.
  • The applicable certificate with current status  is issued at the time of calibration.
  • The certificate shows the dates within which the calibration is valid.

If your employees are using their own inspection, meas­uring and test equipment for verifying the accuracy of items, processes or conditions in the qual­ity system make sure it is included in the IM&TE maintenance schedule.

If the owner of the equipment leaves the company or is assigned to duties where use of his or her equipment is not required, remove the equipment from the IMTE list.  If it is passed to another employee who uses it for the same purpose, or another quality-critical measurement, its status must be maintained on the list.

Equip­ment which has missed the scheduled calibration date must be labelled ‘DO NOT USE FOR CODE WORK’ or similar warning, and segregated until its calibration accuracy is restored or it is removed from use.


See also procedures available to registered subscribers at



Given the never-ending discussions on measurement my readers might find the following expansion of Management Review responsibilities and authorities helpful in deciding what should be measured for customer satisfaction and customer improvement. The standard only requires that measurement and analysis should take place within these contexts; it does not prescribe methods or identify what should be measured.

I am increasingly concerned about the emphasis on assigning numbers to conditions. Too much time is being wasted on identifying what is measurable without considering which measurements are beneficial to the company and the customer, which should be the only criteria for measurement.






  • Status of Actions from last Management Review
  • Report on quality system development
  • Work in hand on the quality system
  • Risk assessment and risk management for unresolved nonconformities (e.g., supplier, effect on delivery of services to customers)
  • Changes which could affect the quality system (regulatory, industrial codes, international standards)


  • Status of Actions from last Management Review
  • Resources needed for quality system tasks
  • Identify position of quality system development in the IMH business development plan
  • Risk assessment and risk management
  • Performance of services, operational processes, associated practices
  • External changes which could affect the quality system (legislation, industry standards)
  •  Quality planning and objectives (needs and expectations of customers and other interested parties)
  •  Business decisions as assessed for their impact on the quality system
  •  The impact of the quality system on business decisions


  • Preventive action strategies (risk assessment and risk management)
  • Quality objectives (strategies for continuous improvement)
  • Cost of quality system
  • Benefits of quality system
  • Training
  • Customer satisfaction levels (implied needs, measurement and analysis techniques)
  • Customer complaints
  • Changes which could affect the quality system

Preventive Action strategies

  • identify items and conditions for improvement in IMH processes
  • identify what has been done to date (e.g., improvement in processes,  equipment, staff training)
  • Refer to QMR reports for possible improvements

Quality Objectives

Identify all components of IMH services which are affected by quality system development, e.g.;

  • Customer requirements
  • What is happening to our customer (changes that would affect IMH services)
  • Resources required (e.g., equipment, skills, labour, time)
  • Training
  • Processes (administration, production)

Cost of quality system

  • Cost of quality system; e.g., staff time, consulting fees, equipment, staff training
  • Projected costs for quality system development during, and until,   assessment and certification stage

 Benefits of quality system

  • Identify benefits to date; e.g., production time saved, processes clearly understood and verified by users, authority and responsibility identified

 Customer Satisfaction levels and customer complaints

  • Identify method(s) for measuring customer satisfaction.  What constitutes customer satisfaction for IMH customers?  Where is this not happening?  How can we improve our service to customers? (anticipating customer needs at quotation and contract stages). These might not be contained in the Request for Proposal or Quotation from the customer.

Measurement and Analysis techniques

  • Identify trends which can be measured; e.g.,  nonconformity, market trends (measurements must be beneficial to the organisation and improve organisation’s performance)




















Posted by & filed under THE ISO9001 CHALLENGE.

First, allow me to wish everyone a very healthy and happy New Year. I hope my blogs will be useful and help you navigate the often stormy waters of quality system management.

Training for ISO9001 implementation can often be difficult. For example, I once trained a Quality Assurance Manager who was extremely good at picking up the detail and was dedicated to the job, although she had other duties to do. This is a very common situation which creates many difficulties for me and for the trainee QAM. We achieved a very good result in the audit, even though we were up until 3 a.m. the night before completing the Master Docu­ment List.

Unfortunately, after a resoundingly successful result, the idea of being a ‘Manager’ went completely to her head. and she made life unbearable by adopting a very authoritarian manner and upsetting workshop employees who, at the beginning, had been very co-operative. About four months after regis­tration, I got a panic call from the President, who told me that the quality system was costing a huge amount of money because everything was being done strictly according to the procedures, which had not been changed since the audit. She asked me to come in and see what I could do to ‘loosen things up’.

When I arrived, I noticed a very sullen atmosphere in the office and the shop. The QAM complained to me that no one co-operated and they were not completing the documents according to the procedures. I asked her if she was monitor­ing the quality system for possible changes (‘continuous im­provement’) and reporting her recommendations to senior management. Unfortunately. she did not see this as part of her job, and was probably unable to do it anyway. I could not budge her from her view that her position as ‘Man­ager’ was all-prevailing over the quality system. She spent all her time making sure everyone toed the line, instead of evalu­ating a quality system that was a year old, and could cer­tainly have been improved. Eventually, she was replaced, which cost a great deal of money and aggravation for the company, whose employees had to undergo yet another change of management pace.

My clients often assume that training the Quality As­surance Manager (or management representative) to be a manager is part of my job as a consultant. While I expect to train the incumbent or candidate for QAM in quality system policies and procedures, I can’t make managers out of them if they haven’t the potential. So many attributes are required to make a good Quality Assurance Manager, besides being able to implement the quality system. QAMs must be able to walk a very tight rope between the needs of the quality system and the practicalities of company business, and have a mature outlook when handling difficult employees.

Posted by & filed under ISO9001:2015.

Just received – proposed changes to terminology for the 2015 revision which,  if implemented in the final issue, mean considerable editing of current quality system documentation. I will be suffering; I have to change the offerings on the QUALIDOC website. At least everyone who watches this blog and my website will not be caught napping.

Expected timescales are now-

 Feb 2014- Draft International Standard (or this may be a Committee Draft (2) considering the number of comments received).
Feb 2015- Final Draft International Standard
Sept 2015- Published International Standard

Proposed changes (sample)

  •  “Product” will be referred to  as “goods and services” (but not always)
  •  “Supplier” will be referred to as an “external provider” (but not always)
  •  “Records” as a term no longer exists – it is included in the new term “documented information” (This takes the place of Documentation Requirements).
  •  “Documented Procedure” is included in the new term “documented information”
  •  “Product realization” becomes “realization of goods and services”

 In the current Committee Draft there are no longer requirements for a Quality Manual, Management Representative, and Preventive Action.It will be interesting to see how these are covered; they are important ingredients.

I will be posting more terminology and let you know when my new drafts are available via the website.


Don’t panic – amendments could still be made, but just the removal of the Quality Manual alone is a big change. My Quality Manual comprises the Quality Policy and a separate document for Quality Assurance Procedures.

Posted by & filed under ISO9001: RISK ASSESSMENT AND MANAGEMENT, Uncategorized.



When I go into a new contract, the first thing I must do is to recognise the vocabulary of the organisation. I need to know how information is expressed and conveyed. My understanding of the vocabulary, and where it might need to be changed, is critical for developing the quality system. The interpretation of nouns such as  “measurement” and “continuous improvement”  into quality system processes has become more critical now that international standards agencies are emphasising their importance for certification.

Quality records which formerly were expressed in words are being crunched into numbers which don’t always improve processes, let alone the bottom line.   I have even seen one comment that nothing in process development was any use unless it was, or could be, measured. I wonder how they manage uncertainty; I assume the need hasn’t arisen.

Uncertainty is, of course, at the heart of the requirement to assess and manage risk. One of the international standards undergoing revision defines the effects of uncertainty as “… the deficiency (in part or whole) of information {my bold italics} related to, understanding or knowledge of, an event, its consequence, or likelihood.”

So, based on the above, we need to look at potential risk in information, which can mean in product, development, documentation, employee calibre, to mention a few sources. The conversion of information into numbers requires superior and experienced judgement by suitably authorised persons within the organisation. We want to avoid creating a flurry of measurement levels, classifications and categories (to mention a few) in the never-ending search for perfection. Risk management must be based on root cause analyses of sufficient depth and clarity on which to define and base the numbers. The analyses will be described in words, not numbers. Numbers on their own describe nothing unless related to a condition that can be described in words.

Take for example the Defect Categories below. As prose they are sufficiently clear to allow the reader (QAM, Quality Engineer, technician) to make judgements (risk assessments) from their experience and to ensure the data meets the required standard or specifications.  The categories can apply to many different kinds of business. No flow charts or complicated diagrams are required. They are statements of fact, easily understood.

The “Description” vocabulary is sufficiently specific to alert interested parties, such as quality management representatives and other responsible authorities, to current or potential  nonconformances. From this specific vocabulary they should be able to initiate their corrective and preventive actions. The positive or negative effects (deviations from the expected) can be judged accordingly.

The categories can be used for internal audit, customer complaints, and part of continuous improvement and, therefore, risk assessment and management; avoid cosmetic additions such as colour; e.g., “Critical” is coloured red, “Major” yellow, and so on. If a colour is necessary to note “Critical”  e.g.,for  red tags on items segregated in the nonconformance area, the quality assurance procedure will include a reference to the tag and its place in the process being described.

The addition of colour to categories such as “critical” could imply another level of measurement; e.g., red = priority 1. We already know from the Defect Category that the first level is critical and needs priority, so there is no need to send the reader in another direction. It is over-egging the pudding and introduces the need for yet another definition.








Critical The product is inoperable and this is seriously affecting the customer’s business
Major The product is wholly or partly inoperable which is inconvenient for the customer
Significant The defect in the product should be rectified by the next planned release. If there is no planned release, a new release is required.
Minor The defect should be rectified in the next (planned?) release. The customer is prepared to accept the product in its current condition without rectification.
Enhancement The reported defect is not covered by a customer requirement.  An enhancement is advisable.


In the example above “Critical” denotes a situation with possible dire consequences to the customer’s business and (inevitably) to the supplier. Everyone in business understands that this is a two-way street; the effect on the customer has to affect the business, even if it is only short term.

These categories are useful for risk assessment: a sort of reverse root cause analysis starting with applying e.g., “Critical” to carefully-chosen Key Performance Indicators could bring a different set of information from that derived from nonconformances.

I can hear the statisticians and other measurement enthusiasts protesting, but a number does not say what is, Numbers simply indicate conditions which have had, or will have, to be defined and clarified in words..  The words in the box are easily understood; this is important when so many different languages by the readers and users could be involved. They have been in the industrial and public lexicon for a sufficiently long time to be used without misunderstanding.

Posted by & filed under ISO9001:2008.

Creating a Master Document List (MDL)

One of the main tasks in developing a formal quality system is to create an MDL that will record, in hard copy or electronically, all the documents involved — from contract review to final delivery of the product, with the revision status.

It is never too early to establish the following:

  • Who will control the list? (Preferably limited to one authorized individual, usually the Quality Management Representative (QMR)).
  • Who will have authorized access for review, revision and amendment? (Usually the QMR, but in larger companies it could be the technical library or engineering staff authorized person.)
  •  Who should be considered when compiling the list of “authorized, responsible individuals”? (Identify any persons responsible for review and release. Circulate their names and responsibilities to those with authority and responsibility for signing off design development and other critical processes).
  • Is there a Signatories List to safeguard against, and identify, the squiggles that some people use as signatures?
  • Are documents verified thoroughly before issue, including content, a logical sequence of events with the reader in mind, grammar and spelling? (No wandering apostrophes and misplaced commas!).

Digital (electronic records)

Verify that:

  • signatures are limited to authorised persons,
  • signatures are validated against a Signatories List to ensure accuracy, reliability and consistency,
  • records are protected to enable ready retrieval throughout the retention period (MASTER DOCUMENT LIST),
  • secure, computer-generated, time-stamped audit trails are used to independently record the date and time of operator entries and actions, particularly those that create, modify or delete electronic records,
  • changes to records do not obscure previously recorded information,
  • audit trail documentation is retained for at least the time required by IMH Documentation Requirements procedures,
  •  persons who develop, maintain or use electronic record/electronic signatures have the education, training and experience to perform their assigned tasks,
  •  documents are written clearly with the reader in mind.

Consider also:

• Where do the documents begin to appear in the design and production process?

• Do they include user documents?

• What is the distribution (see Signatories List) (Please, no uncontrolled copies!)

• What are the connecting authorities and responsibilities for each document? (Who needs to know? Include external authorities where applicable)

• Where will hard copy documents be kept? (Secure from damage or other deterioration such as climate, for example):

Customer Service Documentation:
Purchase Orders                                                       Administration Department
Completed Jobs
Contracts                                                                   XYZ Computer System
I.M.Happy IM&TE Records                                      Quality Assurance Department
Quality Assurance Documentation:
Quality Policy and Procedures Manuals (Master)            Quality Assurance Dept
Audit Documentation (Master Copies)
Training Records                                                           HR Department
Personnel Files
Regulatory Files
Service Manuals                                                            Operations Department
Proprietary Documents                                      CEO’S/Finance Director’s Office

• Who will be in charge of the documents at the point of use?

• Has documentation development been included in the quality plan and management quality objectives?


You may be under the impression that the above concerns are known and understood by all senior company executives, who govern themselves accordingly; unfortunately, they do not. I have seen files of critical documents stored in the most lamentable conditions, subject to the onslaught of seagulls. This is less likely to happen nowadays, with documents stored electronically. Many companies, however, simply update documents and put the latest version online at prescribed (or ad hoc) intervals, consigning previous versions to the waste basket. The history and revision trail of the document can be preserved if the previous revisions have been exported to another authorized individual within the company, but this process can weaken the security of documents. Revision status is critical for the smooth running of the processes.

As well as all the above preparations and TLC, I would like to think that you are paying close attention to the style and content of the documents. Clarity is essential; try to stay away from “management speak” and other faddy language that can clutter the best thought-out and well-intentioned policies and procedures.


Start the document control process in small, manageable pieces. Remember to assign the relevant authorities and responsibilities at the earliest possible stage in the project. Nothing will create more confusion than a last-minute attempt to assess and categorise documents. Document control can be a major embarrassment in certification assessment; it can also hamper day-to-day activities if neglected.

You don’t want this to happen in your company, do you?


Posted by & filed under THE ISO9001 CHALLENGE.

Senior Executives need to be very sure of the commitment, responsibility, authority and extra work loads before they begin developing a formal quality system.

Many hours of patient explanation may have to go into preparing senior executives for the application of ISO9001, for example.  My first meeting with senior executives can be very revealing.

I ask: “Have you chosen the standard?”

The answer is usually yes, even if they’ve chosen the wrong one for their business.

Next question: “Have you read the standard, and do you have a good idea of what it means in commitment?” (Some­times they haven’t read it at all).

Answer: “Well, we’ve just looked through it briefly. We were hoping to get some guidance from you”

Me: “Well, that’s what I’m here for. Can you tell me why you have decided to initiate an ISO9001 quality system’?”

Answer: “Our customers are pressing for it” (or we are los­ing a share of the market, or we want a share of the market where ISO9001 is mandatory).

Me: Have you appointed anyone to be the management rep­resentative for the quality system?”

Answer: “Yes, we thought that John Bright, who is Manager of Purchasing. Shipping, Marketing, Packaging, and fills in for Operations could fit this in with his other duties”. (You think I am making this up?)

I reply something along the lines of: “I’m afraid that it would not be wise to have the quality manager do anything else but concentrate on the quality system, at least until registration. He/she will be working full time on learning the responsibili­ties and the processes. I shall be training him/her to come up to speed with writing and verifying procedures, (although I prepare the first drafts) straightening out the current docu­mentation, conducting internal audits, and training employ­ees in the company quality policy and the meaning of ISO.” At this point I can see my prospective client (with eyeballs glazing over) having second thoughts, or is still convinced that developing the quality system is only a part time job with a bit of word processing thrown in.


Careful consideration of available resources (time, skills) will save a lot of aggravation in the long run.