Category Archives: QHSE

How management buy-in can help ISO implementation

One of the most difficult tasks that a person may need to undertake before approaching the ISO topic is to win the buy-in from top management. QHSE is considered a cost center where resources are spent to implement and manage the system, but the benefits may not be immediately apparent.

Of course, a key concern for top management is a healthy bottom-line. This is communicated to all department heads in the form of KPI’s with accountability. This means that everyone knows what is important for top management and what is expected of them. But this rarely happens when it comes to ISO.

Sending the right message to your people about the importance of cooperation with the implementation project means a smoother transition. Things get done in a more timely manner. With the right level of support, within six months you must be able to build a completely integrated management system across multiple locations and different business units.

Depending on the size and complexity of an organization, an ISO system contains multiple components. How quickly these are prepared and ready for use depends on the involvement of top management.

So what happens if the management doesn’t send the right message?

Not much attention is paid to ISO and the initial never gets off the ground, usually because the QA Manager leaves it to the departments. In this case, departments are so busy that they never manage to do their part. As a result, the term of 2 weeks changes in 1 month, then 2 months, etc.

Internal auditors are trained for a period of 2 days, but when audits are required, most trainees are not available. And if they are, they rush through the audits, missing crucial non-compliances.

There are challenges for your authority as an auditor. Non-conformities do not get addressed in a timely manner. Corrective and Preventive Actions don’t get adequately implemented or they are addressed in a rush to get you out of the way.

Requested data such as those for KPIs, HSE and customer feedback are never sent or you have to ask for it again and again.

There is a poor turnout at management assessments or safety committees.

These are the worst case scenarios, but not uncommon.

So how do you bring management on board?

  • Work out the Cost of Quality and that is not the cost involved in implementing and managing it.
  • Calculate the direct costs of not implementing health and safety, but also highlights the indirect costs of the more difficult to quantify, but are costs nonetheless.
  • Explain what QHSE would mean for their customers and future customers.
  • Explain how a QHSE system would improve their supplier relationships and business results

Because money is an important subject, it is important to emphasize that QHSE is not only a cost center, but also a profit center, provided that they become involved.

This article has been written by Birjees Hussain

Published by:

GDPR in Quality Management

The date that the General Data Protection Regulation (GDPR) is coming into effect is approaching soon. This new law affects almost all companies, but it can have a bigger effect on certified companies. Regardless of the certificate the company holds, all ISO certificates have the fundamental rule:

“The organization needs to demonstrate that they meet the legal requirements.”

This small but fundamental rule means that the certificates are only valid when an organization operates according to the law. Now we know that laws can be fluid and also contradicting depending on regions and countries, but we won’t go into this now. It is fair to say that all companies need to operate according to the GDPR. In this blogpost we provide some easy tips on how this can impact your management system. In the end a lot of companies treat compliance to laws in the same region as compliance to international standards.

The Data

There is a lot of data going through the company. In order to understand which data is stored where, classifying the data helps a lot. A good point to start with is classifying the data owners in line with the stakeholders identified in the stakeholder analysis. Most data can be classified into three categories: customers, employees and suppliers. When the type of stakeholder is known, it is important to classify the kind of data, such as: personal data, company data, payment data, etc. These classifications are highly dependent on the type of service or product you deliver. It is important to know where the data is stored. In order to have this overview you should map out all the products/services you have that hold any kind of data. Some topics we use for such a register are:

  • Company name
  • Contact person
  • Purpose of data
  • Type of Stakeholder
    • Customer
    • Employee
    • Supplier
  • Type of Data
    • Contact details
    • Payment details
    • Personal details
  • Duration of saving
  • Agreement (PDF of contract)

Management System

On top of the register there are some processes that need to be added. People now have more rights, and in order to observe that it is important to document how you support these rights. Two important points here are:

  • How is the organization going to make sure that people have the right to be forgotten? In essence, how are you going to delete all their data across all databases?
  • How will the organization support a request from a customer to get an overview of all the information the organization holds of that person?

These are just two important questions, but it shows that clearly defined processes should be in place and therefore must be added in some way to the management system.

Organizational Impact

The organization can be quite significant. You need to assess whether a data protection officer is required. The three main assessment points are:

  • Public authorities or bodies, except for courts acting in their judicial capacity.
  • Companies who process data requiring ‘regular and systematic monitoring of data subjects on a large scale’.
  • Companies who process, on a large scale, any special category of personal data. This includes data which reveals racial or ethnic origin; political opinions; religious or philosophical beliefs and other such information.
  • Companies who process, on a large scale, personal data relating to criminal convictions and offences.

In case you are required to appoint a data protection officer it is good to include this in the management system, just like your prevention officer is part of the management system.

Policies

The last important part of the GDPR is that the organization has a clear policy on how to handle data and how to protect it. This policy should be readily available and easy accessible for stakeholders.

Impact on Management System

With the requirement to work according to the law and regulations, the GDPR has a clear impact on most management systems around the world. Due to the overlap in a lot of best practices within international standards, we recommend to make the GDPR an inclusive part of your management system, and not to treat it as a separate part.

If you want to know how you can structure a lot of the GDPR related activities within an integrated management system, just contact us.

Published by:

How to keep your quality management system simple

That may sound like a contradiction in terms, particularly if you’ve ever read a management system standard document! They’re not the simplest of things to comprehend but that doesn’t mean your management system has to be just as hard work.

Keep it simple!

A quality management system is mainly focused on customer satisfaction, in which a healthy amount of risk management is introduced for a good dose.

The vast majority of business owners want happy customers and lower risks right? So think about the steps that you naturally take to ensure these are achieved and hey presto! you have the basis for implementing your system.

You don’t have to reinvent the wheel. It is not necessary to make a shoehorn in extra forms, registers, checks or balances to meet a theoretical need. Start with what you have and keep it simple.

Mandatory requirements

Among the mandatory requirements of a formally certified quality management system are a quality policy and quality objectives. Even if you have no need for a formally certified system, your business can still benefit from having these in place.

Your customers will be happy that you’re demonstrating your commitment to quality. Your business will have additional direction and purpose created by your quality objectives.

Be authentic

The remaining requirements of a quality management system include sufficient process documentation that you can be sure things are working to plan. You will define the measures of success and when and how these are to be monitored and evaluated.

Don’t be tempted to download a template package. Yes, I know it’s free and it promises to be super easy. The reality is it will never be anything more than a burden. Be authentic. Write your own.

Simply the best

The best systems are the simplest ones. Simplicity doesn’t mean that something isn’t fit for purpose. Conversely, just because something is complicated doesn’t mean it’s better.

The best person to write your policies and processes is you. You can employ the services of a consultant to coach and guide you. They may even do some writing for you but ultimately you know your business best.

If you’re a slightly bigger business with segregated duties and responsibilities, get the process owners to do the writing. Process owners are the people who operate and/or manage an activity on a daily basis. The experts.

 

This article has been written by Lucy Payne of valeqms.co.uk

Published by:

The Importance of Top Management Buy-In

Top management is crucial when it comes to a successful management system. Management should actively show that they can see the added value of the system. Almost every director states that quality is at the core of the organization and is recognized as one of the pillars of the company. Ensuring that this is actually the case and how to keep it maintained proves to be much harder. Once too often top management points the finger to the quality department when it comes to maintaining the quality. Having a quality department doesn’t say anything about the quality you deliver, actual actions should be taken.

Why a Management System?

Top management might feel like the management system is a necessary evil because they don’t see what it brings for them. Most of them may agree that having proper processes gives guidance to the employees and a certain amount of structure to the organization. However, when it comes to managing the system and more importantly the information that comes out of it, most managers get lost. When asked about the cost of quality of their company or their cost of safety they have no clue and might be able to come up with a educated guess. Though most agree that having these actual figures helps them to make better decisions. That is why using the proper solutions for managing the quality and safety are so important. Qooling gives top management constant real-time insight in their actual cost of safety. It also lowers the barrier for employees to file these mistakes which leads to much more data to analyse, and therefore the opportunity to make better informed decisions.

Lead by Example

Procedure and process can be annoying sometimes. They are designed to keep things organized within an organization with the trade off of losing some time efficiency. However, having people working according a certain system helps maintain consistencies and a certain level of quality and safety. Most processes have the organization in mind, sometimes at the expense of the individual employee.

Due to these trade offs, some top management cut corners when it comes to certain processes, which might be necessary at times. The implications can be quite severe because of the sign it gives to other employees. If you don’t think the processes is important enough to follow why should others?

Actively Involved

Being actively involved in the management system will show commitment to the company. This can be as easy as pointing out certain topics when walking around. A better approach is when top management is actively performing management walks or organizing toolbox meetings. These actions directly shows the commitment of top management to these things. This doesn’t have to be all formal but can be a life conference call to the company or just a certain location. The point is, it shows how involved top management is and how important they think these matters are.

Published by:

The Importance of Toolbox Meetings

Toolbox Meetings are key when communicating safety related topics with employees. However, a number of companies still feel it is a necessary evil, mainly due to all the administration involved. In this post there are just a few topics you can touch on to inform the employees and make the toolbox meeting worth their time.

Feedback on Incidents Filed,

The toolbox meeting is a great vehicle to inform the team about incidents and issues filed by certain team members. By giving them feedback on the status of the investigation they will be more likely to file incidents in the future. Even giving them insight in what actions have been taken to improve the company will give them a sense of importance. In this whole process it is crucial to give the employee credits for filing the issue in the first place. This helps to create an open and transparent culture and keeps the team engaged in the safety culture.

Informing

It is always good to share knowledge with employees during the toolbox meeting. This can be about everything related to safety of course. Touch upon the danger they face during their day-to-day job. Keep on repeating these risks because most accidents happen when work is done solely on routine and basically on autopilot. Tell them how they can lower the risks of the work they do.

Update

The toolbox meeting is also a great opportunity to update personnel on changes to processes or work instructions. Whenever there are any changes being made, use the toolbox meeting to inform the staff and give a short explanation of why they have changed. It is even possible to get instant feedback on these changes.

Free Input

At the end of the toolbox meeting give the team the opportunity to give input. This can be about an incident they would like to report or a suggestion to improve a work instruction. Keep the dialogue open and gather the knowledge of the people in the field share during meeting.

Running efficiently

The administration that comes with the toolbox meeting can be quite a pain; inviting people, keeping track of the attendance list and analyzing which person has been attending which meeting. Automating this process will save you a lot of time and allows you to focus on having the right information to share with the team. Want to know how Qooling can help you? Just drop us an email.

Published by:

5 Questions That Reveal Management Commitment

Top Management Audits

There are two common types of Quality Management System audits. There’s the company’s 1st party audit where the organisation audits itself. This type of audit is more commonly known as an Internal Audit. Then there is the 3rd Party Audit, usually carried out by your chosen certification body. Regardless of which audit is in process, both almost always have one failing in common. Tope Management is almost always excluded from the scope of the audit.

There could be a number of reason why this is the case, not the least of which could be because staff charged with performing these audits, including the Management Representative, may be afraid of speaking to a director or an MD or are afraid of asking tough questions for fear of reprimand.

But let’s say that you have been encouraged by top management to do just that. So what should you be asking? Here are the top 5 questions that effective audits reveal about top management’s commitment.

  1. What is their vision for the company? Is that vision documented somewhere and, if so, how is it communicated to all staff and not just those immediately below them?
  2. What overall Key Performance Indicators (KPIs) have they set and do they cascade this information down the organisation in a manner that all staff understand what is required of them to achieve those objectives. Even a staff member at the lower echelons of the organisation should be made aware of what he is required to do and how important his role is in achieving those KPIs.
  3. What resources have they budgeted for to ensure that the Quality Management System functions effectively and that their Quality Policy is fulfilled? The fewer the resources, the more the QMS department will struggle to get things done and vice versa.
  4. What is their role in the Quality Management System and how do they show their commitment to their staff. Their commitment and the way they get involved in the system is an indicator of the level of buy-in across an organisation and how well the system is adhered to.
  5. And finally, how often are Management Reviews held? When was the last review? Who was present and what were the key decisions that came out of that meeting? What happens to the minutes once they are recorded and to whom are they circulated? There is no point to these reviews if they are held just because the standard mandates it.

 

This article has been written by Birjees Hussain

Published by:

The Importance of Training

As with every aspect of training employees, training them on the management system and common ways of working is critical to maintain consistency. A management system will never be effective or functional if nobody can find the different procedures and forms. Automation can help here, for example by setting up access restrictions to prevent employees from getting an information overload. However, this will only provide guidance rather than replacing the complete training.

Way of Working

New employees will unfortunately not figure out magically how certain things are done within the organization. They either need to read about it or somebody needs to tell them. A combination of both is the best way.. First a colleague explains the process while the documents are there to check later. This might seems like a time consuming exercise but it is more than worth it. Not giving enough training can cost the company much more due to error and inefficiencies. An improperly trained employee can cost a lot of money either directly due to mistakes or secondary due to keying in the wrong data into systems.

Filling in Data

In order to build a gold mine of data it is important to explain to the employees what kind of data they need to fill in these systems. It is very easy to fill in data for the sake of filling in. When the employees fill in the right data, the analytics of the data can be done immediately without any alteration and cleaning. But keying in the wrong data will cost a lot of repairing and might even lead to misinformed business decisions. By setting up restrictions on what certain people can do, a lot of mistakes can be prevented. This will reduce the room for error significantly.

Awareness of Safety Risks

Especially on dangerous sites such as during construction, in the heavy industry or offshore, it is important to train employees on awareness of risks. Not being sharp throughout day can lead to serious accidents when people are working in dangerous environment. Furthermore, it is important to train the people on how to observe and report unsafe situations. Employees have to understand that sharing this knowledge can help prevent certain situations during other shifts or other locations. When it comes to reporting again great automation solutions allow you to instantly file unsafe situations with your mobile phone. This lowers the barrier to file the report and increases the knowledge of these situations within the organization. When an unsafe situation does occur, make sure that the lessons learned are shared with the employees.

Conclusion

Please prepare a proper training system on how to make sure a new employee is aware of all the different common practices within your company. The time you put into this structured training will pay itself back in the long haul. Having the people working in a structured way will increase the consistency of the output they deliver which will increase safety of the workers and the quality of the product and services.

Published by:

Insight in Cost of Quality: the hidden gem

Total Cost of Quality is a very important topic but not well known by a lot of C-level managers. When asked about the total Cost of Quality, a lot of C-level managers simply don’t know or give an industry standard. This reaction is understandable but very striking at the same time. In many industries the estimated costs of quality is in the range of 20%, which is some serious money when you are talking about tens of millions or even hundreds of millions.

Open your eyes

Automation can help companies to get a better feeling for their cost of quality. This starts by providing employees with the tools to record a quality issue. A number of companies claim to have very little issues, only because their issue form is around 6 pages. No one in their right mind is going to fill that up so a lot of issues are not even registered. Providing a mobile app with just 2 or 3 fields and an option to add images lowers the burden significantly to report an issue. This will lead to a bigger influx of issues, which is great.

Pick up the issue

Now that the burden of reporting an issue is out of the window, the real power of automation kicks in. The different stages the issue needs to follow can be predefined with pinpoint accuracy which means that the right person can add information precisely at the right time. A good automation solution allows the option to create a structured actions plan, and distributes the action to the designated owner. This connects the corrective actions to the issue on hand.

The automation allows for the hidden costs to get exposed, for example costs like waiting hours by the team or repair hours required to fix the issue. Multiplying these hours with the internal hourly rate, the company will be able to put a price tag to the lost hours. Furthermore, the solution can give an indication of the costs the administration has cost based on the hours worked on the issue.

Finalize

When all the information required for the incident has been provided, the report can be closed. This way of tracking Total Cost of Quality allows management to get a real-time insight in the actual costs. They can always have a clear overview of what all these issues cost the company. Just check the example.

analyse issues

Dashboard

In the end it is very important to get a grip on your total cost of quality and clearly see where the company is bleeding money in order to fix this. You can only take this step when everybody in the company is able to file an issue easily. Have fun increasing your efficiency.

Published by:

Root cause analysis: Cause and Effect

A proper root cause analysis can be the difference between making money and losing money. The analysis is designed to get into the detailed fundamental causes of the issue, without any bias. The cause and effect analysis will lead to significant insight in why things went wrong.

It is very easy to come up with a result that describes the person that made the mistake. However, it is important to always go deeper than the particular person. When a person messes up there is almost always a more fundamental problem to the issue. This could include things like:

  • Lack of training
  • Company culture
  • Hiring the wrong people

These things can lead to people messing up for all kind of reasons. However, the company can change these things to reduce the number of issues for example by changing the recruitment plan or sending people to training. In the next part we will describe the Cause and Effect methodology.

Cause and Effect

With a cause and effect diagram you start off with an effect or outcome you want to analyze. This effect may be positive or negative but has to be described as clear as possible. Then the main causes are identified. The main causes that might have lead to the effect could be the following 5M’s for a manufacturing plant:

  • Machine
  • Method
  • Material
  • Man / mind power / personnel
  • Measurement / medium

When the main causes of the issue are identified the next step is to identify as many causes that might have lead to the effect. Classify the causes according to the main causes and place these below them. This will lead to a result like this.

To go one level deeper you can ask why a certain cause happened. This will give more detailed insight into this cause. Create another layer of causes that are linked to this for example speed or temperature.

When the diagram is ready you can analyze the information. The main causes with a significant number of causes under them need some further investigation. Also, when a certain cause shows up multiple times this might be the root cause. Then look for clusters, when there are a couple of causes close to each other, then that is something that needs your attention. The same is true when there are very little causes, you might need to further investigate these and why there are so few. To really start improving, identify the causes you can take actions on and put these actions in the action list with clear owners of each action.

Next post we will dive deeper into the 5 Why’s.

Published by:

Risk assessment done, now what?

Risk analysis has become a vital exercise for a lot of international standards. A large majority of certified companies are required to have a  risk assessment methodology and should be aware of the risks within their company and operations. Some companies have been creating this analysis with a lot of passion using all the knowledge they have. However, a lot of companies just perform the analysis for the certification and simply check it yearly or twice a year during an audit or management review. So how is it possible to make sure risks are really embedded in the company culture?

Risk Treatment Plan

A good way to start is by creating a Risk Treatment Plan. The purpose of a Risk Treatment Plan is to define exactly who is going to do what. You can also call this document an ‘Implementation Plan’ or ‘Action Plan’. It is crucial to get your management approval on the plan because it will take considerable time and effort (and money) to implement all of the actions. Furthermore, management approval also gives you the mandate to ensure things happen. Make sure you have clearly defined tasks for people to perform.

Issues

Next to the Plan, a great way to make the risk assessment more dynamic is by embedding it into the issue management or CAPA. When an issue has occurred, check the risk analysis and see if there is something mentioned about this specific issue. The issue could be a minor problem or a major problem, either way it is best to check the risk assessment. When the issue has some serious impact on the company, modify the risk assessment and add the risk. This way the company is able to use the risk analysis as a dynamic document that holds valuable lessons learned of the company.

Big Changes

When big changes happen within the company, you can use the risk assessment as guidance. Yes, companies should take risks to strive for a better future. But companies should make sure they take calculated risks. By embedding these big changes within the company’s risk assessment, the top management has a feeling of what could go wrong if no precautions are taken. This way, the top management can plan and prepare for the big change and manage it much better. The role of the quality manager is to ask the right questions for management.

Working environment

A big part of the risk assessment includes risks in the workplace. Of course the most obvious ones are included such as the risks with lifting machines and the other heavy-duty machinery, but the less obvious are the ones that can cause danger. The big risk comes when a routine of the work activity kicks in. When people are doing the same job every day and completely understand how to do it, less care is taken and something can be out of place. That is when the danger starts. Make sure that the employees that perform inherited dangerous tasks always perform a quick Risk assessment before they start to prevent any problems from happening. Having people sick at home is a great risk in and of itself. Next to the physical risks, psychological risks shouldn’t be neglected. The psychological risks of the stress heavy jobs should be monitored on a regular basis also.

Published by: