SN9001 Standard

The SN9001 Standard

There’s been some controversy brimming over ASCA’s release of SN9001, the ISO 9001 sector variant for the snow and ice management industry, but few people have actually seen a copy of the standard to assess it accurately. I’ve been personally challenged by representatives of both ASCA and Smithers to judge it only after I’ve read it.

Well, Oxebridge has obtained its copy, so the haters can relax. Well, not exactly.

Short version: for those in the snow and ice (S&I) management industry, who have never seen an international QMS standard before, it won’t appear to be much more than some good ideas. For those such as myself, who live and breath standards, SN9001 looks more like a weird manifesto than anything that could ever be audited with any seriousness. In fact, it may well be un-auditable.

Judge A Book By Its Cover

I was not expecting much in the way of presentation; ISO standards are bland fare, after all. But the publisher of SN9001 is GIE Media, a — you know — publishing company that should have some connection with — you know — an actual printing company. Alas, the standard itself is computer-printed on cheap copy paper, 16 pages manually stuck into sheet protectors, and presented in a $1.99 plastic crimp binder. But for the price — free for members of ASCA, $35 for everyone else — you get what you pay for.

(Except, as we will see, the real price for SN9001 is $400 more… keep reading.)

But the real problems are with the content, which appears as well thought out as the packaging– meaning not at all. Whereas other sector specific standards, such as AS9100 and TS9000, follow the model of ISO 9001 and generally adhere to ISO’s own guidelines on how to make a management system standard, SN9001 is having none of that. It appears to be the output of a group of people who have no experience whatsoever with international standards, and even worse grasp of basic grammar. To put it bluntly, it’s embarrassingly amateurish. If your resume was this poorly written, you’d be unemployed… forever.

Clause-trophobia

This is not just about style, mind you. It manifests as real world problems that will make it difficult, if not impossible, to comply with Sn9001 (for users) or to audit against (for certification bodies.) For example, SN9001 requirements are not actually numbered, making referring to the requirements impossible. They are tacked on to a handful of ISO 9001 clauses, such as 6.2.2 (training) and 4.2 (documentation). The add-on requirements are not uniquely identified, but glued on in bulk: under 7.1, for example, there are 23 additional bullet list items added, but rather than use a numbered or lettered list, they just used bullets. Registrars will have a terrible time writing nonconformances against “7.1(a) 16th dotted bullet.”

It gets worse… far worse. Under clause 4.2 (Documentation), ASCA has dumped 8 1/2 pages of new requirements, without any order or numbering structure whatsoever.  They are all just thrown under “documentation,” even though these include requirements for performing actual work, such as operating hours, placement of snow, and assessing site pitfalls. These are clearly requirements which should have been placed under ISO 9001’s clause 7 (Product and Service Realization) but the authors get tripped up between at first talking about documents, and then going on to talk the content of those documents. Likewise, the authors repeatedly confuse “documents” and “records,” which will make complying with the regular ISO 9001 requirements of 4.2.3 and 4.2.4 a nightmare.

(What’s frightening to think of is that I’d bet no one from ASCA reading this actually knows what clause 4.2.3 is.)

Then there’s the missing clause. Yes, an actual blank space. The document reads “ISO 9001 Sub clause 7.4.1 a, is supplemented by adding at the end the following:” …. and then there’s nothing. I mean it, nothing. It just jumps to Clause 8. Either someone intended to insert purchasing related requirement and forgot, or it was edited out, or it’s a misprint.

SN9001 Ghost Clause

SN9001’s “ghost clause” — what’s between 7.4.1 and 8.0?

Say what you will about ISO, at least they proofread their standards before selling them.

Requirements, Sort Of

Unlike other QMS standards which present hard requirements, SN9001 dips between three types of requirements: shall clauses, advice, and what I can only call “non-requirements.”

A typical shall clause: “Upon completion of an event, a summary of the property’s condition must be completed and kept on file.” Simple, clear, and auditable. If you don’t have the record, you cannot be deemed in compliance with this clause. If the entirety of SN9001 consisted of these types of sentences, all would be well.

An example of advice: “Post-event reports do not need to be complicated. Instead, they need to provide a snap shot of the quality of service provided to the client for the event.” That’s a bit more troublesome to audit against; if an SN9001 client creates complicated post-event reports, can you issue a nonconformance? Worse still, QMS standards are not supposed to be prescriptive in defining how a requirement is to be fulfilled, and sentences like this pollute the standard, providing specific methods. If any S&I company wants to interpret SN9001 for itself and put in its own best practices, it won’t be able to, even if those practices exceed those methods defined in the standard. SN9001 is rife with these, and as a result the text of SN9001 contradicts the opening clauses of ISO 9001 (especially 0.1.)

Then there are the non-requirements. For example:

Using web-based programs like GOILAWN or Google Maps allows for the creation of overhead photographs of the property.

That’s a statement and doesn’t actually have a requirement in it. What do we do with that information?

But wait, there’s more:

Applicable training for employees to achieve necessary competence includes but is not exclusive [sic] as defined in the ASCA Industry Standards “education and training.”

For those that bought SN9001 thinking it was the standard, they will be surprised to know that in various places, SN9001 simply refers to an open-ended series of other “ASCA Industry Standards” available only on the ASCA website, and updated at will. SN9001 warns, “Users… are advised to consult … the ASCA webpage on a regular basis to determine whether it has been revised or superseded.”

This means that SN9001 itself will never be locked down, will always be changing, and they are not even responsible for telling you when the rules change. Worse still, despite Smithers already advertising that they provide SN9001 certification, and despite ASCA selling SN9001, at press time the ASCA website did not have any pages dedicated to “Industry Standards.” However, the site does include a press blurb which contradicts the text of SN9001:

ASCA’s Industry Standards were mailed to members this week. The document is free to ASCA members and is available for purchase by nonmembers for $400.

So, no, the Industry Standards are not available on the website, and the price of SN9001 just jumped up by a whopping $400… something you’d only know after you purchased the $35 hardcopy of SN9001. Bait and switch much?

Furthermore, how this will be accredited by ANAB is a mystery. International rules prohibit ANAB from accrediting a certification body (CB) which only offers its services to members of a given organization. While CB’s like Smithers can technically say that they are offering SN9001 to everyone, that $435 penalty for non-members of ASCA will not win them any supporters. It’s an ugly business, and ANAB is on a slippery slope here. Consider that ISO 9001 only costs $140, AS9100 only $79 (and that includes the full text of ISO 9001!) and BA9000 is given away for free. The market is not going to tolerate this outlandishly punitive pricing model, apparently designed to drive members to ASCA right under ANAB’s nose.

But with the standards not actually defined in the SN9001 document itself, it’s not clear now ANAB will be able to determine if registrars such as Smithers are actually auditing against the proper requirements.  Under ISO 17021, a registrar is required to clearly document the standard and/or other normative document, including issue number and/or revision, used for audit of the certified client.” How will a registrar properly document a third party website which changes at will?

This “undocumented requirement” problem will rear its head in a myriad of other ways. What if an SN9001 client is issued a nonconformity by its registrar, but just a day later the ASCA website requirements change, and the issue is no longer nonconforming to the website? If the client doesn’t notice, they will spend time and money fixing a problem that doesn’t exist. Is the registrar responsible for updating the client of this, and cancelling the nonconformity? Or is it the client’s responsibility to check the website daily, to see if such changes may negate their findings? What happens if a change is made to the rules during the day of an audit?

ISO 17021 requires that CB’s maintain personnel trained on the standards they certify. Will ANAB verify the training of CB auditors against the latest ASCA website requirements, up to the day they are issued? Will this require a registrar to re-train its staff every time ASCA updates its website?

What’s the point of having a published standard to begin with?

The ANAB/ASCA defense will be that the website is a document, but that argument is painfully weak and will bring shame down on everyone. If international standards can be updated on a daily basis, introducing nonconformity one day and taking it back the next, they aren’t standards. They’re tweets.

Snow Crash

Like AS9100 or ISO 13485, SN9001 is built on top of ISO 9001 requirements. It only includes the text that is added to ISO 9001, and does not remove any ISO 9001 clauses. In the Introduction section, SN9001 plainly states: “this document is intended to be implemented and applied in conjunction with ISO 9001.”

Whereas AS9100 and ISO 13485 specifically modify the ISO clauses that would not fit well for their industries (13485, for example, removes continual improvement requirements in favor of compliance), SN9001 doesn’t make such distinctions. So, sitting there untouched and without any guidance or remarks, are ISO 9001 clauses like 7.5.5 Preservation of Product, 7.5.2 Validation of Processes and even 7.6 Control of Monitoring and Measurement Devices.

ASCA apologists have been quick to remark how great SN9001 is, but they lack experience with ISO 9001 to even know that 7.6 will require them to have their measurement devices calibrated, or that they may well have to define the “design” of their service under clause 7.3, complete with validation and verification. They have no idea what a “special process” is, and certainly don’t know if they have to validate one. Without guidance, these clauses are left up for debate between the client and the registrar… never a good thing, since one auditor may well demand that a clause be included, while another will not. All of this could have been mitigated by SN9001 simply declaring which ISO 9001 clauses were not appropriate for SN9001.

Slipped and Fallen

The chief, and dubious, selling point of SN9001 is that it will result in a reduction of slip and fall lawsuits, and liability insurance premiums, for those that adopt it. That’s already been debated elsewhere, and the various players are already backing off from those claims, but it’s worth discussing.

There is an interesting irony documented in the standard itself. On page 5 (again, the clauses are not numbered), it states:

For liability purposes at no time is a CB employee to “ride” with a snow and ice management company’s personnel. There is extreme liability in performing snow and ice management services during and after an event.

The fact that the standard itself is so terrified of liability issues that it had to hardcode in protection for auditors and SN9001 clients doesn’t say much for the its ability to reduce slip and fall lawsuits, does it?

But of course it wouldn’t. No reasonable person could assume that it would, but unfortunately that’s the marketing spin being thrown around for SN9001. Clearly the SN9001 standard itself doesn’t even believe it.

Then there’s this:

Post-event audits at the commercial property must be conducted after an event has ceased, but within a 48-hour period of the event’s ceasing. An employee of the snow and ice management company will meet the auditor at the selected properties. The snow and ice management company will provide access to the crews that performed on the sites visited. This access could be a [sic] simple as an e-mail or phone communication with the CB

There are two significant problems here. First, ANAB has an entire special set of “CAAT” rules — very rarely used, by the way — for conducting remote auditing via phone or email. The intent is to prove that the guy on the other end of the phone or email is really an employee, and not the boss’ son sitting in the other room, chuckling while eating cheese puffs, and feeding pre-packaged evidence to a dimbulb auditor.

Second, there’s the requirement that CB auditors will have to make themselves available within 48 hours of a snow event. In an industry where auditors are routinely booked up two months in advance, it’s not clear how this will even be possible, especially since a CB like Smithers is likely to only have two or three trained SN9001 auditors on staff, and all of them will have to make themselves available to all SN9001 clients in an effected area within the same 48 hour period. Will auditors have to abandon their existing clients mid-audit to rush to the SN9001 clients? Consider that bad travel conditions after a snow event affect auditors, too, especially when they have to fly in from other states. There is almost no way a CB can comply with this requirement, and audit a client within 48 hours.

Add to the mix that ANAB will have to witness the registrar, which means requiring ANAB auditors to be available on a 48-hour notice, and I expect this requirement to magically disappear faster than the sense of restraint in a Quentin Tarantino movie.

Show Me the Money

ASCA has announced that SN9001 audits will run about $1200 per day, but that claim ignores application fees, expenses, consulting and training. Since SN9001 is ISO 9001 plus additional requirements, it’s clear that SN9001 will cost more than “vanilla” ISO 9001.

But SN9001 requires that “in-season audit process to include include property visits to no fewer than five locations or a random selection of 5% of properties serviced.” Depending on the geographic spread of a given S&I company’s client base, this could mean a day of driving to given sites, … or many days. It’s not at all clear how CB’s will determine this when quoting their services, unless they develop a detailed map of each client’s properties even before they ever provide a quote. Don’t expect that to happen, either.

One Good Idea

There’s one bright spot amid all this dreck, however. The requirement for a preseason inspection of the SN9001 company’s client properties would appear to be a very wise idea. It requires S&I companies to perform a property assessment when the weather is clear (which itself assumes that one isn’t implementing SN9001 in Alaska, but whatever…), so a plan can be developed ahead of time. It suggests, however awkwardly, that a company use Google Maps to obtain an overhead shot of the property to document it’s state, to record existing property damage and thereby prevent frivolous lawsuits later. It’s not perfect — Google Maps data can be months or years out of date — but we get the idea.

But it’s still a far cry away from the wild claims made by ASCA and Smithers, that this will reduce liability insurance and scare off attorneys. And, of course, preseason inspections can easily be done without having to go through the expensive and confusing process of third party auditing under SN9001. Google Maps is free; SN9001, not so much.

(There’s also the uncomfortable name-dropping of the Google brand inside an industry standard, which could open up ASCA to a lawsuit by competitor Microsoft, and it’s search engine Bing. Didn’t legal look at this?)

Abominable Snow Standard

All in all, SN9001 represents the strangest QMS standard ever released. Poorly written, badly proofread, and clearly designed by staffers with no knowledge of international standards or even the most basic requirements document, SN9001 will be a serious challenge to CB’s attempting to audit against it. By not clarifying or excluding clauses like calibration, product identification or design, and by poorly wording requirements and linking them to an ever-changing set of ancillary web-based requirements, SN9001 will likely prove to be an impossible task for snow and ice companies to implement without considerable consulting or third party support.

 

About Christopher Paris

Christopher Paris is the founder and VP Operations of Oxebridge. He has over 30 years' experience implementing ISO 9001 and AS9100 systems, and is a vocal advocate for the development and use of standards from the point of view of actual users. He is the author of Surviving ISO 9001 and Surviving AS9100. He reviews wines for the irreverent wine blog, Winepisser.

Advertisements

ISO 14001 Implementation