What Is a Mature Quality Management System? 2023 Update
If you are reading this I think it’s safe to assume that your organization is still in business. It is also safe to assume that you were in business before you decided to become certified in ISO 9001. It’s a good thing that you got certified in ISO 9001 because without it, your products and services were devoid of quality and you had never once considered your customers’ perception of your performance.
That’s a ridiculous statement. So, why would we want to completely re-invent our management system to be certified to ISO 9001? We don’t need more to do. So, if during your certification process, you developed new processes for “ISO,” re-evaluate them to determine if you were already conforming to the standard with existing processes but calling them something different from the standard. We shouldn’t be doing anything just to satisfy the ISO 9001 standard.
Analyze your Activities
The first step to maturity is to analyze your activities. In my opinion, the 2015 standard has no requirement that isn’t advantageous to your business. If you are doing anything just to stay ISO 9001 certified, reevaluate it to determine if another one of your existing value-added activities satisfies the standard. If not, it would be a good idea to challenge your team to make these activities add value.
In a mature Quality Management System (QMS), the letters ISO should seldom be heard. The ultimate goal is to create a culture of continuous improvement and increased customer satisfaction. ISO is designed to provide the framework to give your employees the tools to make this culture a reality.
Let’s take a look at some more strategies to mature a management system so it can continuously improve.
Perpetual Analysis of Risks and Opportunities
In the military, they never want to pay for real estate twice. Sometimes we take two steps forward and one step back. Or, even worse, four steps back.
In the fire service, there is a paradigm that exists that few people have heard. They strive to spend 99% of their budget on fire prevention and 1% on fire suppression.
Prevent Risks and Recognize Opportunities
ISO 9001 is a framework that we can introduce into our already existing management system to prevent risks from becoming a reality and recognize opportunities before our competition does. The standard calls this the “Context of the Organization.” The result will be continuous improvement and increased customer satisfaction.
You’ve probably noticed that Preventive Action is no longer a clause in ISO 9001 2015. That seems odd. The theory behind this is that the purpose of the entire 9001 standard is prevention.
The Context of the Organization
Core uses the QMS plan to identify the Context of the Organization. When working with my clients I usually start this conversation with the management team by having them ask themselves the following:
- If [blank] changes, could it hurt our ability to maintain our business or satisfy our customers?
- Or, if [blank] changes, could it provide an opportunity for us?
So, the trick is to have these issues on your radar, understand them, and take action to ensure that you will become aware of them in time to prevent or mitigate risks or leverage opportunities.
Discuss Issues Frequently
A key to maturity is to discuss this frequently so that you can add inherent issues as you discover them and expand upon the descriptions and actions needed for your existing issues.
Define Roles, Responsibilities, and Authority
In my opinion, this requirement is the catalyst between an effective management system and an ineffective one.
Many times, organizations place an individual in “charge of the ISO stuff.” As we established earlier there is no such thing as “ISO stuff.” If this is the case in your organization, then someone is being held accountable for the work of people who they don’t have authority over. This is a recipe for failure. No matter how well your management team gets along and works together, human nature gets in the way.
In many cases, the quality assurance (QA) manager is put in charge of the “ISO stuff.” In most organizations, the QA manager has authority over no one, especially other managers or process owners. So you are setting the QA manager up in a situation where they are asking for a favor from the other managers to get information or action.
Let’s look at it from the other manager’s perspective. They have priorities. Priorities that were given to them by their supervisor. It’s human nature to address those priorities first. Now think about how awkward this can get with non-supervisory employees receiving requests from a manager who doesn’t supervise them.
I’m not suggesting a para-military regime. But, honoring your organizational chart and chain of command will do wonders for accomplishing goals.
Know Who is Accountable
The top manager must be very careful to hold the managers accountable for the information reporting and results of the processes that they own. It can be difficult to define the individual who is the process owner. When determining this, ask who is accountable to top management for the results of this process.
Assignments should be given to employees by the individual who does their performance evaluation.
Management Review
Have you ever been too busy driving to get gas?
I have a saying that if you are doing management reviews once a year, you are wasting your time. Conversely, if you are covering all of the elements of management review monthly, you are wasting your time. There is a misconception out there that if you don’t cover all required inputs of management review, you can’t count it as management review. This thought process is counterintuitive to the goals of management review.
I hear this statement frequently — “The management team meets every month to go over operational stuff but we only do management review once a year.” This is the point that I start bouncing my head off of the wall.
Management review is a process of reviewing data and information pertaining to the performance of the organization. Almost every organization that I visit as a consultant has team meetings frequently. Sometimes daily. Should we document minutes from every daily or weekly meeting? No, but at least once a month I would cover a minimum of quality objectives and results, nonconformance/corrective action, resource needs, and improvement recommendations.
Review Open Action Items Often
I also suggest that you review open action items. I strongly suggest that you use a formal system to track action items. This relies on top management holding the assignee accountable. Informal action items get forgotten by the assignee and the assigner.
If the individual who management is holding accountable for the action is not one of the people who attend management review, you either have the wrong person accountable or the wrong people at your management review meeting.
This is a good time to make a critically important point. I said, “Your management review meeting.” This must absolutely be the top manager’s meeting. The management representative or QA manager can referee but the top manager must set the agenda and not accept the absence of assigned inputs.
Management Review Frequency
Conducting your management reviews at the right intervals is an important part of using them to their fullest advantage. A good outline for full management reviews is about twice a year, but addressing the topics mentioned above more frequently is a smart idea. Use your full management review period to look at QA from a top-down view, separate from everyday operations. Management review timing will vary by business and operational requirements.
Objectives/Data Collection and Reporting
As QA manager of a furniture factory, I had an objective to reduce the overall cost of quality by .5% of sales for the fiscal year. I wasn’t getting much traction. I held a quality meeting monthly with the factory manager, the five shop foremen, and their lead worker as well as the quality inspectors. There wasn’t much engagement so I tried something new. I printed out a bar chart for each foreman showing their process defects for the previous month by cost and handed them out before the meeting.
The meeting started and the lead inspector started giving his spiel. I started to notice conversations breaking out between the foremen and their leads in the corners of the room. The conversations became louder and hands started moving. It got to the point where they were interrupting my lead inspector’s report. The factory manager started to address the issue and I stopped him. Within a minute all of the foremen and their leads were out on the factory floor in heated discussions.
The lead inspector saw them leave and looked at me. I gave him the wrap-it-up sign and said to the factory manager, “I think we’re on to something.”
A Mature QMS Leads to a Culture Shift
From that point on, no process had the same defect in the #1 spot two months in a row. In the subsequent months, the foremen were anxious to see their charts at the meeting, and eventually, they were bringing their numbers to the meeting. We witnessed a culture shift. In this case, it was a metric they could get their heads around and had the ability and know-how to find root causes and eliminate them. The cost of quality went down 4% in that fiscal year.
“A measured process is an improved process.”
All Processes Should be Measured
All processes should be measured and all owners should know how it’s measured and have some say if it’s an appropriate measurement. Remember, the quality assurance department is the headlights of the car. People want to do a good job — give them the tools they need.
Internal Audit
Do the root causes of your findings always end up being a person or group?
Success relies on how the audit is perceived by the people getting audited. It’s amazing how we say that it’s an audit of the process not the people but root-cause analysis ends with the failure of a person or group. Internal audits are an excellent opportunity the allow your employees to voice their concerns. We’re all busy, and sometimes the communication between management and employees gets strained.
Internal audits can be a very effective tool if executed properly. Discipline should never be handed out as the result of an audit. If you have behavioral issues with employees, deal with them. But, if you use the results of internal audits to justify discipline you may never have another effective audit again.
Outsource your Internal Audits
I encourage outsourcing your internal audits to a second party. This takes away the perception of co-workers protecting their colleagues and managers digging for dirt. I suggest reassurance from top management before the audit.
Internal audits should ask the simple question: Are we doing what we say we are doing? If not, should we change what we are saying or change what we are doing back to what we are saying?
These answers generally come from the employees that have been taking pride in their work for years. That said, don’t forget about the newly hired people. Their observations can be very valuable.
Optimizing Your QMS
In closing, your QMS will mature if it’s used as a tool to drive improvement and not as an extra thing to do. If your top manager has memorized the quality policy, knows the status of the quality objectives, and owns the management review process, you’re on your way. An optimized QMS can reduce the costs associated with unnecessary ISO steps and help you collect as much value from your existing processes as possible.
To gain system maturity, spend some time looking at the chain of command, risk assessment, objectives, and frequency of reviews. It’s not always straightforward to know what you’re looking for, which is why the consultants at Core Business Solutions are ready to help. We’re experts in ISO certification and understand how these requirements fit into a well-run operation. Optimizing a QMS maturity assessment is a key part of that setup.
Visit our page on staying certified to learn more about quality management maturity models, or reach out to us to talk with a representative.
