Category Archives: audit

Gap Analysis – Close the Gaps in Your Business

In the previous article (Part 1), we revealed the importance of setting up a skilled team for the execution of a gap analysis. During ‘’Part 2’’ we will tell you how to perform a successfully Gap Analysis, so you can be sure to include all the necessary steps.

1. Analyze Your Current Situation

During this step it is important to define your current situation. That may sound overwhelming, so I recommend that you start collecting data from your current QMS. In this case, a properly structured QMS can save you a lot of valuable time.

In this phase, it is your goal to determine which quality management processes your company already has, and where there is room for improvement before you start implementing new processes. Mapping out the different processes and how they work will give this insight.

2. Identify the Ideal Future

Now a clear picture of the current situation is created, it’s time to think about what needs to be done to meet the new requirements and goals. This new future can be based upon the requirements of customers, new legislation or maybe some new international standards the company wants to comply with. Make sure you have a good overview of the requirements for this new future.

When this overview is clear, you should place it next to your current system. A great approach is simply to list all the requirements and how you comply with them based on your current system. When you have gone through every requirement, you are ready to fill in the gaps that show up of the different points you don’t comply with.

3. Fill the Gap

Once all steps have been completed, a detailed Gap Analysis Report can be created. This report lists all the points the organization doesn’t comply with. After all the gaps have been identified, a structured action plan can be created. The different tasks can be assigned to different people in order to reach compliance. When all actions are finished, an additional check is required to see if all the gaps are now filled. This can simply be performed by going through step 3 but this time with all the new measures in place.

With the online solution of Qooling you can easily manage your action plan by displaying important tasks and the ability to assign tasks to the responsible person in the organization.

Published by:

Gap Analysis – Creating a team

Gap Analysis is a technique companies use to compare their current performance with potential performance. For example, their current practices compared to an international standard such as ISO9001, AS9001, ISO14001, ISO13485 or customer requirements. A well-executed gap analysis can help you improve quality, business efficiency and fulfil the customer needs by allowing you to pinpoint ‘’gaps’’ within your company. It outlines what areas of your current Quality System needs improvement to meet the requirements. Therefore, you need to clearly define and analyze these ‘’gaps’’ so you can set-up an action plan to move the organization to a future state and fill the gaps in performance.

So where do you start? If you’re wondering this, I advise you to follow the next steps to move your company to a future state.

1.1 Identify

The first step to creating a successful gap analysis is to identify one or more employees to perform it. In this process, it is crucial to choose the right people to fulfill the tasks. Think of quality managers or other employees who have experience with quality management systems, auditing systems or the requirements of the standard/customers. The team must be familiar with the challenges and opportunities your company faces during this analysis. Also good communication skills are required to make sure the results are communicated properly throughout the organization. If your team has not been trained on the requirements, be sure to provide proper training before performing the gap analysis.

1.2 Consultancy

You may also want to consider having assistance from a consultant. You may decide to hire a consultant for several reasons. However, knowledge of the requirements is not the primary reason organizations tell us they have chosen to utilize consultants to upgrade their Quality System. The people in your organization have their own daily responsibilities. Therefore, additional work can have consequences for the quality that they deliver. Also, a fresh pair of outside eyes can have refreshing results. In this case, a consultant comes in handy, so that your employees can continue to focus on what they are really good at and use their valuable time productively. If the requirements are highly technical or require a specialist, we always recommend to find a professional with experience in that particular field.

1.3 Gap Analysis Checklist

A commonly used tool for the gap analysis is the gap analysis checklist. This is a checklist of the requirements in the standard, written in a question-based format. The implementation team will use this list to compare your current management system with the requirements of the standard. This will provide your team with the right information. They will know which documents to look for to compare your management system with the standard.

Next week we will discuss the following steps, and dive deeper into the important elements needed to successfully perform a gap analysis. Don’t forget to keep up-to-date with the latest quality and safety news and subscribe to our blog! Until next week!

Published by:

How to Perform a Failure Mode Effects Analysis (FMEA) in 10 Easy Steps

History of the FMEA

The FMEA analysis is an common used Lean Six Sigma tool. In the past, the FMEA method was initially used by NASA in aerospace and for high-risk technologies. Since the 1980s, the tool has also been used in the automotive industry for Quality improvement. Nowadays the FMEA is a widely used tool for risk assessment & evaluation mainly in the manufacturing industry.

What is FMEA?

The Failure Mode and Effects Analysis (FMEA) is a structured approach for analyzing potential reliability problems at the start of the development cycle. The tool examines what can be done in the product process to ensure that appropriate measures can be taken to eliminate errors and prevent or reduce their impact. The 10 steps of the FMEA process are explained in a simple way below:

STEP 1: Review the Process

It is important to review the processes that are followed within the company. These processes can be stored in documents or maybe you make use of a dedicated solution for this such as Qooling. Then make a list of each process component in an FMEA table. Advanced QMS solutions allow you to connect the procedure directly to the FMEA table.

STEP 2: Brainstorm potential failures modes

Here you investigate what can go wrong. Therefore, study existing documentation and data which you summed up in the previous step. Identify all the ways in which the process can fail for each component. For example with Qooling you can easily assign the process to every potential failure mode.

STEP 3: List potential effects of each failures

Consider the possible failures and the effect these errors would have on the final product or the next steps in the process. It is important to think thoroughly about the potential effects because this allows you to develop some great solutions to prevent it from happening.

STEP 4: Assign a Severity Ranking for each failure mode

Give a ranking score for each effect. For example, a frequently used ranking is that 1 is not serious at all and 10 is extremely serious.

STEP 5: Assign Occurrence Ranking for each failure mode

Estimate the probability of occurrence of the cause. Also use a scale from 1 to 10 to  keep a clear picture of the severity of the causes. Where 10 signifies high frequency and 1 signifies low frequency.

STEP 6: Assign deception ranking for each failures mode or effect

What are the chances the failure will be detected prior to it occuring. Here a score of 1 would mean we have excellent control and 10 would mean we have no control or extremely weak control.

STEP 7: Calculate the RPN (Risk Priority Number) for each effect

To decide where to focus first, multiply the Severity, Occurrence and Detection scores together to find the RPN value.

STEP 8: Develop the action plan

During this step, you must prioritize which failures are processed first on the basis of the RPN scores.

STEP 9: Take action to eliminate or reduce high risk failures modes

Assign new tasks to the responsible person within your organisation. This can be collecting data, changing processes or products, adding or removing functions. A Task Management solutions makes is possible to manage those tasks in clear overviews. The responsible employee and management will receive email notifications whenever important changes are made. This makes it much easier to keep track of the progress.

STEP 10: Calculate the RPN again as the failures modes are reduced or eliminated

It is important to document the changes made to the process. Once the actions are complete, analyze the results. Determine whether the changes have helped and re-score the occurrence and detection. 

Making FMEA Easy

A Quality Management Software can help you understand your business processes so that you can identify problems at an early stage. By means of automated push notifications, the solution keeps you alert of changes in your product / development process. This allows you to quickly intervene and reduce the impact of the error. Qooling has a built-in template for FMEA risk evaluation. Contact us if you want to know more on how to use this.

Published by:

PESTEL analysis – Context of the organisation

As an addition to our previous published blog about the SWOT analysis, I decided to give you more information on another effective tool for identifying the context of the organization of clause 4.1. Just like the SWOT, the PESTEL is one of the tools that is most used by companies to identify the external aspects of the organization. You’re probably thinking that you don’t need to use both the SWOT and PESTEL analysis, and you’re right as the SWOT analysis already takes care of the external factors. Although, business environmental scanning is best achieved when using both tools in collaboration. It may be a cumbersome task, but it gives your organization the full view of defining the context.

ISO Ask for Context Analysis

The new requirements of ISO 9001:2015 state that you need to carry out an analysis that indicates the internal and external factors that affect the organization. To help you further, I’ll show you examples of each factor so that you can apply them to your business.

(P)olitical factors

By examining the political factors, you should look at government decisions. Legislation and regulations are very important here. A change in these can affect your organization in the upcoming 3 to 5 years. Ask yourself the following questions:

(E)conomic factors

You will have to examine which economic factors may affect your organization. These factors are determinants of an economy’s performance that directly impact your organization and have resonating long term effects. Use the following questions to find out the important factors:

  • How stable is the current economy? Is it in an period of growth or recession?
  • How is globalization affecting the economic environment?
  • Do consumers and businesses have easy access to credit? If not, how will this affect your organization?

(S)ocio-cultural factors

The consumer is mapped out by means of socio-cultural factors. This makes it possible to determine, among other things, how far the power lies with the consumer. The socio-cultural factors can be examined by asking yourself the following questions:

  • Are people changing buying habits?
  • How do religious beliefs and lifestyle choices affect the population?
  • Are there any new social trends?

(T)echnological factors

Depending on the industry, these factors will have more impact or less impact. Assess any big technological developments and determine how they can impact your organisation. These questions can help you further:

  • Are there new technologies that you could be using?
  • Do any of your competitors have access to new technologies that will result in a competitive advantage?
  • Are there other technological developments that could affect your industry?

(E)nvironmental factors

The level at which you should identify environmental aspects will depend on your intended purpose. A company can determine that they have environmental aspects consisting of:

(L)egal factors

This factor takes into consideration all legal aspects. This point is closely related to political factors but focuses more on the actual laws and not on the political directions of a country or region. This can include:

  • Are their new environmental permitting requirements for your sector?
  • Could any industry-specific regulation affect your organization?
  • Are there changes in employees’ law?

TIP:

Do not collect large amounts of data without properly analyzing and understanding them first. After that you can carefully consider which factors are important to your organization. This allows you to create an actionable plan that is prepared for upcoming changes.

Published by:

When is an Audit not an Audit?

When you decide to become ISO certified you go through a series of steps and the certification body you choose also goes through a series of steps. Some companies hire a QA or QHSE Manager to undertake this task whereas others bring in outside help. The path you choose really depends upon your budget and how much time you are able to spend on writing processes, policies, procedures, job descriptions, conducting audits, writing reports, performing an audit, etc.

The consultant and certification body you choose have a huge impact on the integrity and robustness of your system.

Internal and 3rd Party audits serve two purposes. The audit by the Certification Body is obviously to get the certificate. The initial internal audit is to ensure that the QMS/QHSE system is ready for the 3rd party audit and subsequent audits ensure that the system maintains its integrity.

This is where 3rd party auditors play a key role. If 3rd party auditors do a bad job during audits it sends the wrong message to the companies’ management and internal auditors. A bad audit may take place because (1) the auditor is inexperienced in the industry he is auditing, (2) he generally lacks audit experience or (3) it’s deliberate. It is the latter that is the most worrying and is what I like to call a ‘fake audit’.

So what happens during these fake audits? Here are the signs to look for:

1.     The consultant comes with a 2 in 1 package, i.e. get the consultancy and the certificate for one fee. In essence, well known Certification Bodies’ fees are not cheap for a reason and these are separate from the consultant’s fees.

2.     A certificate is issued without an actual audit; maybe just after a meeting or a desktop audit.

3.     If the auditor does turn up and conducts an audit, obvious major or numerous minor non-conformities are ignored. In other words non-conformities are not issued when they should be.

4.     The Auditor says one thing to the Management Representative and another to the company management.

5.     Instead of focussing on the audit, the auditor spends more time complaining about his job and wishing he worked in a company like yours. This might give an indication as to why he is being soft.

Therefore, it’s worth remembering that not all certificates are the same.

This article has been written by Birjees Hussain

Published by:

How to prepare for an external audit!

Yes I know, ideally your company should be ready for an external audit every day of the year. However, most of the time, you will need at least a couple of weeks to gather all the information required. Here are a few important points that must always be checked before an external audit.

Perform a legislation compliance check

Make sure you have checked if your organisation complies with national and international laws and legislations. Most ISO standards are very clear on this. The company has to prove that it works according to statutory and regulatory requirements. Performing this check will help prevent a lot of uncomfortable discussions with the auditor.

Train Employees

It still happens often that employees get anxious when the auditor arrives at their desk for the external audit. You can prevent this by training the most anxious people in the team. The top performers on a regular day sometimes simply forget how they work the moment the auditor is next to them. If your management system is working as it should, the processes/procedures will describe how the people are working. There is no need for people to be anxious about the audit, just tell them to do their job as they always do.

Tools

Make sure all the tools are certified if required and properly calibrated. If during the external audit, the auditor spots an employee working with an uncertified tool this will most likely lead to an NCR, especially when he/she digs a little deeper and find more of these uncertified tools.

Documentation control

If you are not using any automated system then this is a must. Just sit down and go over every single document to make sure the latest version is available to the team and that the version is correct. You have to check these to prevent employees from using the wrong documents the moment the auditor sits next to them. Of course the easiest way is just to automate this, which will save you a lot of time.

These are by far all the points you have to take into consideration for an audit. If you have any more please share them in the comments.

Published by:

Internal audit – Involve more people to get better results

On November 3th we hosted another free Workshop “Get the most out of your Internal audit”. After the feedback of last edition we decided to create more interaction to the workshop. The presentation was shortened and the actual doing was extended. We did this to increase the collaboration between the quality professionals.

Intern audit event

Internal audit

During this edition of the workshop the participants performed an actual Brown paper audit under the guidance of Emiel Kort. Emiel showed how to apply the methodology and what the added value of this type of audit can be. All the participants agree on the following added value:

  • Get a feeling for what colleagues do
  • Easy to identify the point for improvement
  • Internal audits can be more fun this way

Again the event was a great success. The participant learned a lot of new techniques from Emiel as well as their peers. Due to this success we are planning to organise more of these events so keep an eye on our linkedin page.

Published by:

Internal audit – pick the right strategy for your internal audit

Internal audits can be performed in so many different ways that it can become pretty tough to pick the best techniques for an internal audit. To name a few techniques: department based audit, employee based audit and clause based audits. Even though these techniques have their own unique advantages they all treat the processes in silo’s.

Most of these techniques make use of some sort of checklist to guide the auditor. This list allows the auditor to simply check whether or not evidence is present that the process is being followed. This is a good approach to check if the processes are followed but doesn’t say anything about the overall performance of the company with respect to the applicable norms.

This same techniques can be used to check compliance to certain standards. The compliance check is an important exercise and should definitely be performed at least once a year (depending on the frequency of changes of the different standards). However, for the company to gain insight in the added value of the processes it is important to also audits with respect to the interactions of them. This additional analysis shows the effectiveness of the process. Like when the required output from the sales process doesn’t align with the production process.

When the audits are ready, the most important activity is cross checking the outcome of those audits. The common denominator of the audits is one of the best input for improvement actions. A good example is when 8 out of 10 sales employees don’t follow a certain procedure. We would go over the procedure/process and that specific internal audit and perform a 5-why root cause analysis to see why all 8 employees break this procedure. When the root causes are clear and they are pretty similar for the entire workforce changes can be made to the procedure.

Internal audits are very important to check the effectiveness of the company but make sure they aren’t performed in separate silos and perform cross audit analysis to really gain insight into the effectiveness of the procedures. The second lesson is: apply a diversified audit strategy. Every audit technique has his own advantages. Make sure you use them all.

Published by: