Users of ISO 9001 know that since its inception, the standard has required user organizations to develop a “Quality Policy” statement. A popular gimmick among ISO consultants, the actual purpose of the policy has been murky at best, downright dumb at worst.

For example, over time, the authors of ISO 9001 have layered in more and more mandatory language and rules regarding the Quality Policy, as well. Here’s how the QP requirement appeared in the very first version of ISO 9001 from 1987:

 

Quality Policy requirement as it originally appeared in ISO 9001:1987

And here’s what it has since grown into, in the current 2015 version:

Quality Policy requirements as they appear in the ISO 9001:2015 version.

It’s gotten so bad, this latest version openly violates ISO’s own rules, that its standards can dictate what to do, but not how. The 2015 version throws out they “Golden Rule” and we watch as ISO just literally tells you the words to write in the Policy (“continual improvement” and “satisfy applicable requirements“). TC 176 confirmed, in an official interpretation, that yes you must literally write those words or you’d be nonconforming.

Meanwhile, W. Edwards Deming railed against slogans and management-by-big-ass-banners. They serve no function other than window dressing, and provide no actual tool towards the control or improvement of quality. If the Quality Policy worked, you wouldn’t need a single other thing, because everyone would slavishly obey the “Policy.” Everything would be perfect always.

Enter Q001

If you recall, these were the types of problems that the Oxebridge Q001 standard intended to correct, by re-presenting quality management system requirements in an easier-to-understand manner, with improved ability to assess them later during audits.

To maintain cross-compliance with ISO 9001, the Q001 standard still begrudging includes a requirement for a Quality Policy, although does strip out the demand that specific language be used. (Users wanting to maintain full ISO 9001 compliance while using Q001 would have to add that language back into their Policy, alas.)

Here’s how the QP requirement appears in Q001 version 1.2.

Quality Policy requirement as it appears in version 1.2 of the Oxebridge Q001 standard.

Notice, however, how the Q001 requirement ties this into another concept entirely, that being “quality culture.” The idea of instilling a formal culture of quality into an organization dates back to Deming and his peers, but is still not something that is widely seen in modern organizations. ISO appears largely unaware of the concept, and the “improvement guidance” standard ISO 9004 talks of “culture” as something entirely outside of quality. That standard instead appears to copy and paste some generic language on “mission, vision, values and culture” and hopes ISO will get points for what is, essentially, a random name-check.

Q001 instead adds an entire — albeit brief and easily understood — clause on Quality Culture. This reads, simply:

Top management shall adopt and implement a culture of quality that focuses on satisfying the customer’s requirements. The definition of this culture and the plan for its implementation shall be documented.

Quality Culture clause as it appears in Oxebridge Q001 version 1.2.

You’ll notice a few things here: first, improvement is absent, by design. Clauses later in Q001 discuss continual improvement, and we felt that it should be an optional concept for the company when developing their overall cultural blueprint. The requirement essentially allows the company to define its culture however it wants, and then only demands that it be documented.

Next, Q001’s clause on Quality Culture provides for a way to audit conformity to the requirement later, by demanding the “plan” for implementation be documented in some fashion. ISO 9001, due to criticism by lazy users, has moved away from documentation, and instead relies on companies doing things by tribal knowledge and oral history, two very dangerous practices. Q001 puts back in the requirements for documentation and records, understanding that (1) this is how good companies operate, and (2) this is how you build a standard intended for third-party conformity assessment.

So what might a Quality Culture document look like? It would be more than just more fluffy, feel-good mottos and slogans, that’s for sure.

The Quality Culture document must, as I said, define the plan for the culture. That means clearly stating things that will be done, and which can be verified, related to building a culture of quality. Here’s an example:

Ape-X Genetics has implemented a Culture of Quality that aims to ensure company-wide understanding of the importance of quality and process controls.

The Quality Culture requires the following:

  • All production and service delivery processes will be subject to measurable objectives, with goals established and communicated so that corrective  actions can be taken when processes begin to fall out of control.
  • Process objectives and goals will be communicated in an easy-to-understand manner so that affected employees understand them.
  • All employees are empowered to report existing or potential nonconformities through our Corrective Action Request system. This system may also be used to report suggestions for improvement.
  • Senior management will demonstrate their commitment to quality by participating in weekly “floor walks” of the production area, with the intent to uncover waste, hurdles or roadblocks to quality. Any issues found will be captured and processed through the CAR system.
  • Etc….

I’ve truncated this because I typically find these documents run about 2 pages long, going far beyond the quickie 1-paragraph “Quality Policy” approach proffered by ISO 9001.

The point here is that each of the bullet points results in a deliverable that can be verified. That means that employees will get something they can actually use, beyond a slogan, such as a goal or training or a CAR system tool. Next, top management is issued actual real “marching orders,” which things they have to do, rather than given a set of vague talking points they can just parrot later during an audit.

(On this point, Q001 then goes further, requiring a “Statement of Management commitment” to be signed by executive management, detailing the things they agree to do. But that’s a separate requirement, and we can discuss that in a future article.)

Failure of a company to be able to produce the deliverables that prove the Quality Culture leads to a Q001 nonconformity, and could risk the loss of Q001 certification. Compare that to ISO 9001’s wimpy audit approach for the Quality Policy, which is essentially to ask a few people to rattle off a slogan “in their own words,” without ever verifying its real-world efficacy.

This is just one way that Q001 — both the standard and the conformity assessment approach — improves on ISO 9001 to take quality management systems into a new era. To learn more about this new approach, try one of the links below:

Already on the road to implementing Q001, and need to get certified? Contact us to learn about Q001 certification bodies looking for pilot clients.

About Christopher Paris

Christopher Paris is the founder and VP Operations of Oxebridge. He has over 30 years' experience implementing ISO 9001 and AS9100 systems, and is a vocal advocate for the development and use of standards from the point of view of actual users. He is the author of Surviving ISO 9001 and Surviving AS9100. He reviews wines for the irreverent wine blog, Winepisser.

Advertisements

ISO 17000 Series Consulting