 |
|
|
|
|
 |
|
 |
|
This site is updated periodically with different articles and information that may be of interest to you. Visit often, enjoy.
Interesting Books:
"Good to Great" Jim Collins
"The World is Flat" Thomas Friedman
"Raging Fans" Ken Blanchard and Sheldon Bowles
"Who Moved My Cheese" Spencer Johnson
"Machine that changed the world" J. Womak, D Jones, D Roos
Thought:
Letting your customers set your standards is a dangerous game,
because the race to the bottom is pretty easy to win.
Setting your own standards-and living up to them-is a better way to profit. Not to mention a better way to make your day worth all the effort you put in to it.
Seth Godin (1960- )
Useful Web Sites:
QSU whosregistered.com
Elsmar Cove
Kaizen Continual Incremental Improvement EVOLUTION
Kaikaku Revolutionary Improvement REVOLUTION
THE COST OF YOUR CERTIFICATION
Doing business today requires careful attention to detail and customer service, and ensuring that all those details are seen to is no small job. Becoming certified to an established international standard is one way organizations can prove and publicize their quality control efforts, but the certification process can be long, complicated and expensive. There are also a lot of options: Is it better to hire an independent auditor, or would it be better to retain a certification body that provides one of its own auditors? Which certificate holds more cachet with potential clients? Does any of this really matter, as long as the certification process is successful? Finally, how much is all this going to cost?
There's no question that auditing has changed over the years, a shift that has been led by the changing needs of clients. Attaining certification to ISO 9001, ISO 14001 or any of the dozens of the derivative standards used to be an operational function of doing business, and, in many cases, it was treated as such: something to be checked off of executives' to-do lists, with little expected value from the auditing process. All that has changed. As profit margins have tightened and international business has become more competitive, organizations have increasingly come to expect added value from their certification investments. This has led to changes in the market for quality-system certification. Increased competition has commoditized certification and allowed a small number of certification bodies, usually unaccredited and some of dubious intent, to provide cut-rate certification that's more of a rubber-stamp than an indication of improved business processes and outcomes. It has also caught the attention of accreditation bodies. The result is a certification process that is evolving to compete for clients through value-added services and results, rather than through price alone.
The wild west
Attaining certification can be an enormous cost to an organization in terms of time spent on preparing for third-party auditing, required reports and related meetings. It's also costly financially. Predictably, organizations want to get the most "bang for their buck." Focusing only on the cost of certification, though, can be a slippery slope. Increased competition has made auditors--especially those who work independently--more willing to negotiate on their day rates, and although retaining an inexpensive auditor may save money in the short term, it almost certainly will cost more in the long term.
This was a topic discussed at the International Accreditation Forum's March meeting held in San Francisco, with participants from around the world noting that widespread cut-rate certification could undermine the credibility of all certifications--even those that result in measurable improvements in process and product. Nigel Croft, convener of ISO/TC 176 (which oversees the ISO 9000 series of standards and is currently revising ISO 9001 and ISO 9004) went so far as to separate certification bodies into the "good guys" and the "bad guys."
"The bad guys are almost completely commercially driven, and only concerned with increasing their market share," Croft says. "The good guys, the ones we need to promote and encourage, consider the needs of their client, as well as the client's customer. They protect the consumer's interest by ensuring that their clients produce well-made products. They are rigorous but fair.? There are a lot of minimalist organizations out there [that don't care if] bad certification organizations give them certifications that don't mean anything. We need to get angry and get those bad guys out of the business because they are doing us all a disservice."
Finding the balance between these characteristics--detail-oriented and careful without being too tough--can be challenging. Although delivering high-quality, careful audits with attention to detail is supremely important to maintaining a good reputation as an effective quality auditor, very few auditors want the reputation of being nitpicky documentation commandos who make the auditing process a lot more stressful than it needs to be. On the flip side, being too lax with clients--which may result in almost certain certification, with few if any nonconformances--isn't any good either. Leaning too far this way could lead into the "bad guy" territory Croft warns against.
"This is a free market, and there is no requirement (sector-specific standards like AS9100, ISO/TS 16949, etc., excluded) to have any form of accreditation or oversight," says Bill Sullivan, DNV Certification North America director of marketing. "This means that any company can set itself up as an ISO 9001 or ISO 14001 certification body, conduct audits and issue certificates. It is very much a buyer-beware situation."
The cost of the audit is usually determined by the number of days an auditor or audit team spends on-site. Therefore, the only negotiable part of a rate quote is the auditor's day rate. This fee generally includes the auditor's per diem expenses (for lodging, if necessary, and for meals), and can vary widely. An auditor who has to travel out of town for an on-site audit will naturally cost more, as the client will be responsible for his or her lodging. Auditors with experience in a client's specific industry will also cost more, because their feedback is considered more valuable.
A decade ago, there were approximately 10 certification bodies operating in North America; now, there are almost 100. Worldwide, reports the ANSI-ASQ National Accreditation Board (ANAB), there are more than 750 certification bodies operating. As the market has become more crowded, more auditors and registrars are willing to negotiate on their day rates. This can be good and bad, and clients should be vigilant when selecting an auditor.
"Choosing based on price alone is a very bad idea," says Denise Robitaille, an independent auditor with more than 15 years of experience. "That will almost certainly end up costing the client extra in the future because, while they might get a certificate, they most certainly won't be improving, and their competitors will be. The certificate is important, but it's not as important as the process improvement that it should indicate."
Why certify?
The reasons for attaining certification are as varied as industry needs. According to a survey conducted by the Independent Association of Accredited Registrars, the main reasons organizations cited for quality management system certification are as follows:
? Customer mandate: 29 percent
?Competitive pressure or advantage: 17 percent
?Continuous improvement based on customer requirements: 16 percent
?Improve quality: 14 percent
Less frequently cited reasons also included "implementation of best practices" (10%) and "corporate mandate" (9%); reduced cost and legal reasons were each cited by 1 percent of respondents. In the IAAR survey, 84 percent of certified companies realized a positive return on their investment (ROI) in certification. Eleven percent of these reported an ROI from their certification of more than 20 percent, 15 percent of organizations had an ROI of 10-20 percent, and 27 percent attained an ROI of 6-10 percent. For 31 percent of respondents, the ROI on certification was 5 percent or less.
Although the bottom line may mean a lot to management, the process improvement that comes with quality certification was also noted by respondents to the IAAR survey. The most frequently named external benefits were "improved perceived quality" (57%), "improved customer satisfaction" (55%), "competitive advantage" (38%), "reduced customer audits" (31%), "increased market share" (11%), and "quicker time to market" (4%). Internal improvements were also cited as benefits of certification, with 73 percent of respondents reporting greater quality awareness and better documentation, 37 percent reporting increased efficiency, 33 percent citing positive cultural change, 12 percent finding improved financial performance and 9 percent reporting improved employee morale.
A comprehensive 2002 study published by the International Organization for Standardization ("Does ISO 9000 Certification Pay?" ISO Management Systems , July-August 2002) found that improving profit was not the most cited result of certification. Instead, the survey of 7,598 organizations found that internal productivity almost always spikes--and remains improved--when the certification process starts. Firms that don't seek certification, according to the study, saw no such organic process improvement. In other words, the study seems to suggest that if organizations don't make process improvement a priority, business will almost certainly suffer in the long term.
According to the study, noncertified organizations experience a substantial loss of productivity and sales compared to certified firms, a gap that widens to 9.9 percentage points three years after certification. The study authors summarize that certified firms avoid the steady erosion of their quality and internal processes that noncertified organizations almost always suffer from.
"It seems as if ISO 9001 certification is more often a necessary condition to maintain current performance, rather than a sure-fire way to improve performance," write the study authors. "Our results suggest that failing to seek ISO 9001 certification contributes to gradually worsening performance.? This leads us to a seemingly contradictory conclusion: The decision to seek ISO 9001 certification did lead to substantial performance improvement, but it is difficult to justify in advance using a traditional cost-benefit analysis, implying that it has to be based, to some extent, on faith."
Making it work
For Custom Stamping Inc., a Carson City, Nevada-based supplier of precision stampings, the road to ISO 9001 certification was anything but easy. The company attempted certification three times before it was successful--a process that was both costly and demoralizing. The company decided to seek ISO 9001 certification after several of its clients asked it to do so, but the first two consultants Custom Stamping hired to get it ready for the process drowned the company in paperwork and complicated bureaucratic requirements. Twice, it failed to get past the internal audit stage before frustrated managers pulled the plug.
"We had consultants in here who wanted us to document every time someone blew their nose," recalls Tom Rettura, Custom Stamping's quality assurance manager. "It got to the point where we were saying, 'Is this even worth it?'"
The third time, however, turned out to be the proverbial charm. An early pre-audit and abbreviated quality manual helped streamline the process, and DNV Certification issued Custom Stamping's certification in January 2005.
"We knew we met the requirements. It was just figuring out a way to document everything correctly, while not burdening us with more requirements," says
Rettura.
Post-registration, business at Custom Stamping is very much as it was prior to registration. This mirrors the results of ISO's survey, which found that certified organizations generally maintain the status quo, avoiding the probable gradual erosion of quality at their noncertified peers' organizations. Rettura reports that the company is not disappointed, though.
"It was always about maintenance for us, anyway," he says. "We didn't expect dramatic changes or major new customers because we're registered now. Just to maintain what we have is good enough for now?. The way things are in manufacturing in this country right now, we're happy to be in business."
Conclusion
In the end, registration to quality, environmental or any other standard is what an organization--and its managers--make it. Research proves that certification will help a company maintain and improve its processes and product quality, but the decision to undertake the registration process is a major one that should be carefully considered. Chief among the decisions to be made is how to prepare for the required audits and how to hire a certification body or auditor to guide the company through the process. Choosing based solely on price is a very bad idea. Choosing an inexpensive, commercially driven auditor with little experience in your industry may result in certification, but it almost certainly won't drive the quality and process improvements that the registration is supposed to show. That will cost dearly in the long term.
"What it comes down to is, if you pay peanuts you'll get monkeys," says Croft. "To maintain credibility in the process, certification has to be what it's designed to be: evidence that the organization has quality products and services. Anything else damages the entire economy."
About the author
Laura Smith is Quality Digest's assistant editor.
Do We Have To?
Are you sure?
by Denise Robitaille
Every once in a while, when I'm doing an audit someone will ask me in a whiney voice about some ISO 9001 requirement. The whine sounds something like, Do we really have to ________? Fill in the blank with any of a number of shalls from the standard. They know they have to, but they're hoping that I'll give them some easy out so they can ignore the requirement or get by paying it minimal lip service.
The question ticks me off, and I bite my tongue because I like most of my clients, and I know they're struggling to do the right thing. Also, like the vast majority of people, I need to work for a living.
Nevertheless, sometimes I really want to say, No, you don't have to do anything. You can choose to have a crummy, ineffective, minimally compliant system that creates no value and is a bloody waste of everyones time. I don't because I know that their question isn't posed out of miserliness or indolence, but out of genuine confusion and frustration. They can't figure out why some of this stuff is supposed to matter. Besides, good managers should be able to justify expenditures even those originating from quality management systems (QMS) standards.
The fact is we haven't demonstrated the value. Somewhere along the line we've failed to make the case. We've failed to show the return on investment.
How is it that some organizations have had systems for years and still don't understand the why behind many of the requirements? How have we failed the market? What have we missed in all our publications, conversations, training, and conferences that make it possible for people to still ask the whiney "Do we have to?"
I think that, as consultants, we do a pretty good job of hammering in the requirements. We make sure that our clients know the shalls, so they can put together a compliant QMS. They can pass an audit and can perhaps even experience increased control and marginal improvement.
But, when it comes to ensuring that they've really internalized the myriad benefits they have a right to expect from their QMS, we are probably not as vigilant.
I divide effective QMS implementation into three categories:
a What you need to do to get through an audit
b What you should do so that your system is effective
c What you choose to do, using your QMS, to make your organization awesome
We need to do a better job of conveying just how cool an ISO 9001 system can be. It's not just a matter of instructing them about the requirements. It's also important for us to teach them how this will benefit their organization.
Let's take, for example, the requirements relating to objectives. They're sprinkled throughout multiple clauses. Why? Because they define the deliverables. This is the target we're shooting for. If it relates to process it might be: Decrease cycle time for new design to 18 weeks. For a product, the objective might be to: Increase the ambient temperature range in which the product can effectively perform by 15 degrees.
Management communicates these objectives to the players who can influence the outcome. Further, they furnish the resources (time, tools, training, etc.) to facilitate the outcome. The process owners provide the data indicating progress toward the fulfillment of the objective, hence the need for the objectives to be measurable.
For the fulfillment of requirements relating to quality objectives to be compliant and value-added, there must be dialog with management and relevant process owners that connects the dots. We begin with the information that suggested the need for the identified objective. For the process, it was the need to shorten the design cycle to 18 weeks. Information indicates that the current cycle is 26 weeks. The cost of not addressing the objective could be loss of a customer or a sale. The value of the customer's business or the individual sale creates the mandate for the objective. Periodic monitoring measures progress toward the goal. If you don't measure, you have no way of knowing how you're doing. You're also lacking data that'll help you determine how much it costs in time, resources, and manpower to achieve the objective. It's basically a calculation of return on investment.
So, objectives are an effective and efficient tool to see how you're doing. They can be communicated in easy charts and graphs, increasing the number of individuals who can grasp the effect of their contributions on the organization's success.
The point is that most of the requirements in ISO 9001 can be presented with similar examples of cost benefit. Regardless of the clause, competence, document control, outsourcing, design, preventive action, etc. there's a benefit to be derived from effective implementation.
Management needs to know that the answer to the question, "Do we really have to _______?" is "No." The choice is theirs. The results of those choices will predictably fall into one of the following categories:
a If you have a barely compliant system, you have spent money
b If you have an effective system, you have invested money.
c If you have a robust system, you will make money.
The next time someone asks, "Do I have to?" remind them that the choice is theirs.
About the author
Denise Robitaille has helped companies in diverse fields achieve ISO 9001 registration. She's an RAB-certified lead assessor, ASQ-certified quality auditor and senior member of the American Society for Quality. Robitaille is also a member of the U.S. TAG to ISO/TC 176, the committee responsible for updating the ISO 9000 standard series. She's the author of numerous articles, as well as The Corrective Action Handbook, The Preventive Action Handbook, The Management Review Handbook, and Managing Supplier-Related Processes, all published by Paton Professional.
Spot the difference
ISO 9001 requires the organization to have a documented procedure for preventive action. However, it is worth noting that the combination of corrective action and preventive action documented procedures into a single QMS document is acceptable, but is not recommended. If these are combined, then it is important for the auditor to verify that the organization understands clearly the difference between the intent of corrective and preventive actions.
The standard requires this documented procedure to include various important points:
1. How the organization determines potential nonconformities and their causes. Typical examples might include:
· trend analysis for process and product characteristics (output from the data analysis process)
· alarms to provide early warning of approaching "out-of-control" operating conditions
· monitoring of customer perception, by both formal or informal feedback systems
· ongoing failure mode and effect analysis for processes and products (this is a requirement of TS 16949, for the automotive industry, for example)
· evaluation of nonconformities that have occurred in similar circumstances, but for other products, processes, or other parts of the organization, or even in other organizations; through planning activities for both predictable situations (e.g. due to expansion, maintenance, or personnel changes ( see also ISO 9001, Clause 5.4.2b)) and for unpredictable situations (e.g. naturally occurring problems such as hurricanes, earthquakes, floods etc.)
2. An evaluation of the need for preventive action. Methods used in the evaluation could include risk analysis approaches or failure mode and effect analysis (neither of these specific approaches or methodologies are requirements of ISO 9001.)
3. How the organization determines what action is required, and how it is implemented. An auditor should look for evidence that:
· the organization has analyzed the causes of potential nonconformities (use of cause and effect diagrams and other quality tools may be appropriate for this)
· the required actions are deployed in all relevant parts of the organization, and in a timely manner
· there are clear definitions of the responsibilities for the identification, evaluation, implementation and review of preventive actions
4. Records of the results of the actions taken
· what records are kept?
· are they appropriate, and are they a true reflection of the results?
· are they being controlled in accordance with ISO 9001 clause 4.2.4?
5. A review of the preventive actions taken
· were the actions effective (ie nonconformity prevented from occurring and were there any additional benefits)?
· is there a need to continue with the preventive actions the way they are?
· should they be changed, or is it necessary to plan new actions?
There is often significant "philosophical" discussion between the auditor and the organization about where corrective action ends, and where preventive action begins. For example, if a nonconformity is detected in process A, are actions taken to avoid future nonconformities in processes B, C and D preventive actions, or simply within the scope of the corrective actions taken for process A? The auditor should avoid being side-tracked by these discussions, and concentrate on whether or not the actions were effective. The labeling of the actions taken is of secondary importance.
This article is an edited version of 'Documenting non-conformances' from the website of the ISO 9001 Auditing Practices Group, and is reproduced courtesy of ISO and the IAF. These papers were developed on current best practice and therefore have not been formally endorsed as International Accreditation Forum (IAF) guidance or ISO TC176 interpretations.
The ISO 9001 Auditing Practices Group is an informal group of QMS experts, auditors and practitioners drawn from the ISO Technical Committee 176 Quality Management and Quality Assurance (ISO/TC 176) and the IAF. It has developed a number of guidance papers and presentations that contain explanations about the auditing of QMSs. These reflect the process-based approach that is essential for auditing the requirements of ISO 9001.
June 20, 2008
|
|
|
 |
|
 |
|
|
|
|
 |
|
