In today’s contracting environment, government customers require the assurance that offerors can provide high quality products and services. International Standards Organization (ISO) 9001 certifications provide evidence to that point, proving to government program managers and contracting officers that a contractor sustains quality processes and methods.
In fact, government program managers and contracting officers are now establishing ISO certifications as requirements to be eligible to bid on services contracts. ISO updated their 9001 requirements in 2015, from 2008, changing what it meant to be ISO 9001 certified. Come September, if a company has not updated to the 2015 requirements it will lose the certification altogether.
Because of this, the ISO 9001:2015 transition process is causing angst among ISO management representatives, process managers and owners in the more than 1 million ISO 9001 certified organizations around the world. Some of these organizations may well be in “panic mode” to meet the re-certification deadline, so here are 10 tips to make the transition easier:
1. Make the decision and commit
As with most special projects, team members must also complete their daily tasks despite the short-term, high-priority recertification process. These five steps can help manage limited resources throughout the certification process:
Identify process owners early to accommodate busy schedules.
Hold short meetings of 30 minutes or less to allow process owners the ability to discuss completion risks and mitigate schedule issues.
Engage with top management early and often.
Be prepared to dynamically schedule resources. You have to be involved at the process owner level and engage in numerous 15-minute discussions to keep everyone moving forward.
Allow each process owner to own the process! In general, I followed the “Write it how you do it!” approach. Process owners were empowered to write usable processes rather than process for process sake.
2. Top management support is crucial
ISO 9001:2015 puts more emphasis on top management involvement with the addition of the context of the organization (Clause 4) and updated leadership (Clause 5). This requires executives to think about external and internal factors that could impact the organization’s ability to deliver quality products and services.
3. Take a project approach to prepare
Most process owners don’t initially think how their processes affect other process owners and business activities. To mitigate this, ensure process owners collaborate to establish seamless transition between processes, i.e. recruiting to Human Resources, marketing to business development, etc. And maintain good schedule control. As stated above, this may mean additional small group meetings. Here are a few tips to help manage the project:
Hold short, recurring meetings — see tip 1B
Conformance matrices are a must; we built a cross reference matrix to map existing 2008 activities to 2015 requirements. We used this throughout the process, including through the audit, and provided the “matrix” to our auditor as a tool so he could map across both requirements.
Train early, train often. We conducted our “transition training” almost immediately after the kick-off. By doing so, we reinforced the 2015 knowledge level providing process owners with mindset early, before they began updated processes.
Schedule an internal audit. We partitioned our internal auditor except for reviewing and updating audit-related processes.
4. Your Quality Management System (QMS) is a tool, not a record
ISO 9001 requires organizations to have a QMS to oversee its processes and services. We developed an interactive portal capable of a single view of all ISO related documents. This didn’t mean they were all stored in the same place, just accessed via a unified location. Rather than pulling all the documentation and records over to the ISO location, we simply updated our process and provided a link to record.
We also implemented a role-based permissions system, allowing process owners to update processes and documents, route for review, and notify the approver for signature. This resulted in an automated ISO documentation management system reducing coordination time and document control resources. Of note, our portal based QMS was identified as a “best practice” by the auditor.
5. If you don’t do it, don’t put it in the QMS
Too often we document for the sake of documenting. I provided some simple guidance for process owners: just write and update it the way you do it, and I’ll check for compliance. This worked. Overall, we eliminated approximately 20 percent of the documentation and shortened most of the remaining through developing clear, concise and value based operational processes, workflows and procedures.
6. Automate everything you can
Rather than writing long, drawn-out documents, we “linked” to the automated workflow tools we already had such as our customer relationship management (CRM) and recruiting tools. Our audit consisted of opening the link and describing the workflow to the auditor as the “system” worked through the process. During your planning stage, look at your supporting business systems and evaluate the workflows. If the workflow is clear in the system, then a simple link off your QMS will suffice. Automation almost always increases quality.
ISO 9001:2015 provides an opportunity for organizations to re-evaluate their quality operations. The new requirements drove us to make an overall self-assessment and some larger, business improvement decisions. This ranged from evaluating our current suppliers (i.e. external parties) to implementing risk mitigation strategies.
8. Engage your auditor
The transition to ISO 9001:2015 requires you to submit a transition application and provide some pre-audit documentation to assist the auditor in preparing. Take this opportunity to ask questions like: What is the most significant issue organizations are having? What is the most common noncompliance you are seeing? Establishing a line of communication with the auditor provides a foundation for a successful audit on both sides.
9. Streamline 2008 and 2015 documentation
As stated above, all organizations must maintain their 2008 QMS while they transition to ISO 9001:2015. This can be a challenge during your audit. Some items, such as the management action request log (MAR) were used equally in both and were critical to documenting the transition. This allowed us to document the changes as “transition” changes and implement them before the audit, saving considerable time and effort.
10. Don’t lose sight of the objective
It’s easy to get bogged down on process development and review, but keep the focus on making the QMS stronger and more efficient. Passing the audit is not the overall objective of the ISO audit preparation process! The real objective is to improve your company’s ability to provide quality products and services. This means if you’re completing a task just for the sake of the audit, you should probably evaluate the need for that task. If you remain focused on what needs to be done to manage quality operations, the audit itself should require minimal additional work.
Adam Steel is the program manager for customer success at Synergetics.