ISO 9001:2008 Measurement, Analysis and Improvement

ISO 9001:2008's section 8, Measurement, analysis and improvement, will challenge most organizations. Although most understand that management review, internal audits, and corrective and preventive action form an important integrated triangle for evaluating quality systems, many have done only a fair or inadequate job of facilitating improvement activities from the information within their systems. As with section 5, Management responsibility, management must play an active role in section 8, which requires making decisions about key measures and analyzing the results of information from sources such as audits, customer feedback and analysis of other information relating to products, trends and suppliers.

What's new

 The brief summary that follows provides simple explanations of the new requirements within section 8 of the ISO 9001:2008 draft international standard (DIS). Refer to Figure 1 to see where revisions are found in the DIS and how they compare to the 1994 version.

8.2.1 Customer satisfaction

 The requirement states that organizations will monitor information on customer satisfaction and/or dissatisfaction as one of the performance measurements of their quality management systems. Furthermore, organizations must determine the methodologies for obtaining and using this information. The intent of this requirement is to ensure that organizations have a system for addressing customer complaints and general feedback and that it's effective for addressing customer concerns. 

 

The standard has also been broadened to include customer satisfaction, which many organizations don't measure.

 The ease with which organizations are able to comply with these requirements will depend upon the maturity of the organizations and their relationships with their customers. It will also depend upon whether the organizations have a customer satisfaction measurement system in place and how effective it is.

  "A company that is currently driven by the philosophy of producing product that meets or exceeds the customers' requirements and expectations should not have to make any changes to monitor customers' satisfaction and/or dissatisfaction," says Robert Chandler, international quality coordinator of Lincoln Electric in Cleveland, Ohio. "Current procedures may have to be rewritten, but the basic approach should not require changes."

 But this section might be challenging for some organizations, says Curt DeVries, corporate ISO 9000 manager of Polaroid Corp. in Cambridge, Massachusetts. "Part of the issue will be in the definition of the customer, the end user or the next person in the product realization chain," DeVries explains. "As so much of our product is consumer-oriented, most of our manufacturing facilities have defined their customers as the marketing department, which is the group that defines the production requirements based on their forecast of sales. Some, but not all, of our end-product manufacturing operations have created customer satisfaction groups that collect end-user satisfaction/dissatisfaction data and analyze it to provide the basis for corrective actions or future product improvements." DeVries further explains that it becomes difficult--and effectively, cost prohibitive--when there's a fragmented, geographically diverse and shrinking end-user customer base, as is the case with some of the company's older product lines. Finally, says DeVries, "More and more we are working to get 'voice of the customer' input on problems and new design issues, because it has proven very successful for those who were visionary enough to do it in the first place."

8.4 Analysis of data

 Organizations must collect and analyze data to determine system suitability and effectiveness so that improvements can be made. Furthermore, measuring and monitoring activities are sources of data. The data analysis must provide information on customer satisfaction and dissatisfaction, conformance to customer requirements, process and product characteristics and their trends, and suppliers.

8.5 Improvement

 The revised standard is more specific in its requirement for attaining improvement. Organizations must facilitate continual improvement through the use of the quality policy, objectives, audit results, analysis of data, corrective and preventive action, and management review. They must also plan and manage the processes necessary for continual improvement.

 Chandler believes that if a company is serious about continual improvement, the requirements in ISO 9001:2008's section 8 will be very easy to meet. "Regardless of whether a company is ISO 9000 certified, the requirements in this section are the basic tools for continual improvement," says Chandler.

 When asked how Polaroid intended to demonstrate that it meets this requirement, DeVries says he plans to recommend that the company clearly define one or more metrics relating to the most value-added improvement needed in its quality management system (QMS) and utilize the components of the QMS to make it happen.

What's the same or clarified

8.1 Planning

 Although most organizations talk about measurement and improvement activities, many companies don't define formal plans. The standard now requires that measurement and monitoring activities needed to ensure conformity and achieve improvement must be defined, planned and implemented. This must include appropriate measurement methods.

8.2.2 Internal audit

 All of the requirements have been carried over from ISO 9001:1994. The revision requires organizations to review their internal audit procedures to ensure the inclusion of responsibilities, requirements and methodologies for conducting the audits. Audit results are now an explicit requirement for management review and for the facilitation of continual-improvement activities.

 The auditing techniques that internal auditors use may change slightly. Namely, auditors will need to determine a system-auditing methodology that takes a cross-functional, process-oriented approach to developing checklists, conducting audits and reporting the results. It's recommended that the internal auditors receive additional training, as appropriate, on new auditing techniques for ISO 9001:2008.

8.2.3 Measurement and monitoring of processes and 8.2.4 Measurement and monitoring of product

 Many organizations may first struggle with the overall concept of these subsections. Both incorporate components of 1994's 4.10 Inspection and testing and 4.20 Statistical techniques clauses. Quite a bit of the text from 4.10 has been moved to ISO 9004; however, the intent of 4.10 has remained: Organizations are required to determine what measurement and monitoring methods will be employed to ensure that both process and product requirements are met. ISO 9001:2008 doesn't specify inspection and testing activities for incoming, in-process and final product. Documented evidence must still demonstrate that products and/or services conform to specifications, and evidence must show what acceptance criteria are used. Furthermore, the methods employed must demonstrate that the processes and the products satisfy their intended purpose.

 "A company should not have difficulty meeting the requirements of section 8.2.3, Measurement and monitoring of processes," says Chandler. "This section is again very basic and permits the organization to determine what suitable methods shall be used to meet customer requirements ."

8.3 Control of nonconformity

 Overall, the message of ISO 9001:1994's 4.13 Control of nonconforming product has remained the same: Product that does not conform to specified requirements should not be used or shipped. The requirements for the control of nonconforming product no longer contain the specific requirements for review and disposition of nonconforming product as in ISO 9001:1994. However, the intent remains the same. A new requirement has been added for organizations to address nonconforming product detected after delivery. Specifically, organizations must take action related to the consequences of nonconformity.

 ISO 9001:2008 has removed "where required by contract" prefacing the section relating to the reporting of the repair of nonconforming product to the customer. Instead, the passage now states that organizations are "often required" to report the "rectification" to the customer, end-user, regulatory body or other body.

8.5.2 Corrective action and 8.5.3 Preventive action

 The requirements for these sections have remained basically the same as in the 1994 version. The discussion of corrective and preventive action from the 1994 version has been reworded rather than changed. Corrective and preventive actions are now specifically referred to as tools that organizations must use to facilitate improvements. Furthermore, by requiring that the review of these actions be used as an input to management reviews, ISO 9001:2008 clearly establishes top management's responsibility for an organization's improvement. It also states that actions taken must prevent recurrence. When reviewing actions taken over time, organizations must ensure that repeat occurrences are addressed.

 Due to the greater emphasis on documenting the results of corrective and preventive actions, organizations should consider what format will be the easiest to use and understand. Many organizations document the problem-solving steps involved for the investigation of nonconformities using some type of methodology. Typically, this methodology includes problem identification, root-cause analysis, determination and implementation of corrective and preventive actions, follow-up, and closure. This information is documented and considered a quality record, which should be submitted in a summary format for management review.

The challenges organizations will face

 For many organizations, implementation of section 8 will be a challenge. The maturity of an organization's measurement systems will determine the amount of effort and development required. If organizations have measurements in place, they will need to evaluate those measurements and the results they will provide. Remember that ISO 9001:2008 focuses on using measurements and their results to drive continual improvement.

 The standard now requires that organizations analyze data to determine the suitability and effectiveness of their systems. One issue many companies have difficulty with is the ability to sort through data to find meaningful information. This may not be the fault of the data itself, but of management's ability to perform the analysis. Data should always be looked at in terms of the story it's telling. For instance, when looking at nonconforming reports or customer data, one should ask: How many times has the same problem occurred? Is the problem occurring with the same product or customer? Does it occur on certain shifts, certain times of the month or year, etc.? The organization needs to scrutinize data in this fashion to prevent the organization from jumping to conclusions or fabricating the story it wants to hear.

 Another area of difficulty organizations may face in pursuing continual improvement is recognizing that the QMS should reflect each company's method of operation. Companies continue to separate out the ISO 9000 requirements from their daily business. This is often evident in how a company handles its management reviews. Separating out the results from audits, corrective actions and customer complaints and missing the opportunity to correlate these results to the needs of the organization inhibits the organization from seeing viable improvement activities. The more rapidly an organization can accept its QMS as its preferred method of operation, the faster it will move away from day-to-day maintenance and into the improvement arena.

 The major challenge Polaroid's registered organizations will face will be shoring up those areas where they are currently weak, says DeVries. Furthermore, he adds, "I think this section will actually be perceived as more of a help than a problem because it more clearly lays out some requirements that were pretty vague in the earlier revision. This helps the site ISO 9000 coordinator or management representative when dealing with those members of management who are not committed to the QMS process."

What the registrars think

 While many registrars are just getting themselves up to speed on how the revisions will be audited, many are developing approaches for the revisions. For instance, in auditing conformance to the requirements for planning continual improvement, auditors will be investigating how management has used audit results, corrective and preventive action results, the quality policy and objectives, management review, and analysis of data in their continual improvement process. Auditors will look more carefully at management review to see the types of actions and achievements that have been documented.

 In assessing conformance to data analysis requirements, auditors will want to see some evidence of how data is collected, e.g., types of data, responsibilities for collection and how the data is reported. They will also be interested in how the results of the data are used and in the existence of measurements that help the organization determine whether or not its quality management system is effective.

 The requirements of the customer satisfaction section will also be scrutinized. While the standard does allow an organization to use customer dissatisfaction results as the measure of customer satisfaction, auditors will want to look at the types of data, collection frequency, when and how the information is analyzed, and the analysis results. Information used by an organization to determine customer satisfaction may include customer complaints, customer surveys, customer meetings and report cards. Auditors will also want to ensure that the organization has converted its customer data into meaningful indicators and trends.

In a nutshell

 The revised standard specifically requires the use of analysis and measurements to facilitate improvement activities. The 1994 version suggested that an organization first identify the need for statistical techniques, and if such a need wasn't found, the requirements didn't apply. It's apparent that organizations will have to implement and use measurements to achieve conformity and for improvement activities. ISO 9001:2008 makes it clear that customer satisfaction or dissatisfaction is one usable performance measure.

 "I think the standard's writers did a very good job of bringing together the most impactive elements of the QMS relative to the improvement foundation of total quality," says DeVries. "These elements have the potential for significant synergy. This will be most helpful for those just getting into the QMS business. Those with marginal or failing QMSs due to the lack of clarity and organization of the earlier versions will also be helped greatly. For those who have implemented successful QMSs by using the earlier versions of the ISO 9000 standards, managed to get through the clutter, and intuitively grasped the synergistic nature of the elements, their systems may be strengthened by this element reorganization, but the improvement will most likely be minimal."

 Overall, Chandler thinks the biggest challenge in meeting the requirements of ISO 9001:2008will be in reorganizing and rewriting the quality system to comply. He states that all current documentation should be carefully reviewed for compliance and revised accordingly. He also believes that in order to flow properly, quality manuals will need to be completely revised.

 As the final chapter closes on the standard's release, organizations will need to do some serious thinking, planning and communicating on how they will best address the revisions. This will not be the slam-dunk that many were hoping for. In fact, depending on management's support and involvement, it may prove to be more challenging. Organizations that only want the certificate and are in the maintenance mode will probably find the changes the most difficult. These companies may need to decide why they want to maintain a quality management system.

 For the companies that are registered (or are seeking registration) because they see the value in a quality management system, the revisions may pose a challenge, but the benefits of a system review will provide a fresh perspective, enhancing improvement opportunities. This review is an activity in which all key members of the organization must be involved. Management commitment, customer satisfaction, quality and continual improvement are principles that have been around for a long time. No matter how these concepts are packaged, it will still be up to top management to support and help their organizations in achieving them.

Share :