Tuesday, February 20, 2018

The latest version of ISO 31000:2018 Risk Management Standard has just been published

The new version of ISO 31000:2018 Risk Management Standard has been published on February 15th 2018.
It is now available in English and French on ISO website and ISO's member bodies.

You can also preview several clauses of the Standard (in English and French).

In the Press release ISO pointed out the major changes since the previous edition:
  • 'Review of the principles of risk management, which are the key criteria for its success
  • Focus on leadership by top management who should ensure that risk management is integrated into all organizational activities, starting with the governance of the organization
  • Greater emphasis on the iterative nature of risk management, drawing on new experiences, knowledge and analysis for the revision of process elements, actions and controls at each stage of the process
  • Streamlining of the content with greater focus on sustaining an open systems model that regularly exchanges feedback with its external environment to fit multiple needs and contexts'
As part of CBG Inc. commitment to continual improvement, we will review our Risk management related documents and templates to comply with the new Risk management Standard.

ISO 9001:2015 Products ISO 14001:2015 Products ISO 45001:2018 Products
IMS Products

Friday, February 16, 2018

ISO 9001 regarding Intellectual property

What are the ISO 9001:2015 guidelines regarding the intellectual property? 

ISO 9001:2015 Cl. 7.1.6 Control of organizational knowledge is aimed at:
  • Defining knowledge necessary to operate the processes and achieve products and services compliance;
  • Obtaining and maintaining of knowledge
  • Ensuring the availability of knowledge to the extent necessary;
  • Updating the current knowledge and obtaining access to any necessary additional knowledge and the required updates in response to changing needs and trends.
The basis of knowledge control is to transform the flow of information from internal and external sources to the Organization’s knowledge bank - a database, structured into groups of intellectual assets of the Organization, considering the strategic directions of development, and hosted on the server of the Organization.
More information, including Organizational Knowledge Bank Structure - in our Quality System Procedure  QSP 7.1-04 Control of organizational knowledge

Thursday, February 8, 2018

Documenting and communicating the nonconformities

Is risk understood and when appropriate, communicated throughout your Organization?

The requirements of ISO 9001:2015 states that 
“the organization shall determine the internal and external communications relevant to the quality management system.” 

What communications will you have for the QMS within your Organization?



Here below are some examples of such communication (internal and external).
Internal communication of the QMS issues is conducted:
  • Via information system;
  • Through meetings on QMS issues;
  • Via control of documented information.
Quality manager together with IT manager develops draft of the QMS relevant issues communication structure. QMS relevant issues communication structure is discussed and approved during management review. IT manager ensures placement and transfer of information on QMS relevant issues, according to the structure.
QMS issues meetings include:
  • Management review meetings - regulated by the director of the organization.
  • Internal audit meetings – held per the internal audit program and are regulated by Quality manager.
  • Subdivision QMS issues meetings – are regulated by the subdivision leader and can be conducted in the form of a video conference.
External QMS issues communication is conducted with the customers, external providers, certification bodies, and consultants.
Interaction with customers, including QMS issues, is defined by processes relevant to customers.
Interaction with external providers, including QMS issues, is defined by control of externally provided processes, products, and services. Quality manager per the responsibility and authority defines terms and content of the interaction relevant to the QMS with the certification bodies and consultants.

Do you have to communicate all product and service nonconformities?
Will you report to the media, shareholders, or other stakeholders on some topics but not others?

Control of nonconformities should be carried out in accordance with the corresponding QMS documented procedure. This Procedure usually provides guidance as to documenting the nonconformities. Communication relates to the parties involved in control of nonconformities:
  • an auditor, or any employee of the Organization, or a customer who identified the nonconformity;
  • quality representative or another staff member who coordinates the nonconformity processing;
  • process owner, relevant to the nonconformity or an authorized person, who analyzes the causes and possibilities of similar nonconformities and words the corrective actions
  • senior leadership, who conducts review of the nonconformity.
Stakeholders communication is conducted by the decision of the senior leadership of the Organization.

For the Environmental management systems and OH&S management system this is the requirement of the ISO 14001:2015 and ISO 45001:2018 respectively.

Friday, February 2, 2018

'5 WHYs' RTA methodology

Something went wrong in the process. How to clearly identify what exactly is the root cause of the issue to prevent it from happening in the future?

Let's look at the example.

A wrong product has been delivered to the customer.
Using '5 WHYs' methodology, we start asking a simple 'Why?' question.
1. WHY was the wrong product delivered?
The purchase department provided the wrong information.
2. WHY did the purchase department provide the wrong information?
The found this information on the server and assumed it was up to date.
3. WHY wasn’t the information updated on the server?
Sales had been negotiating with the customer and forgot to update the information on the server.

A possible modification to the process would be for the purchasing department to contact the sales before the delivery of the goods.

In the example above we have used just 3 WHYs. Often it takes 5 WHYs to find the cause. As an any tool, 5WHYs does not have a universal application. There will be situations when more (way more) than 5 WHYs will be necessary to find the root cause of the problem.

But in practice - this is an easy, handy and powerful tool to use.

More articles on Quality on the Qooling blog