With any Quality, Safety or Environmental Management System, you are required to set Objectives that you want to achieve with the system over a given period of time. The standard is pretty open in terms of how to go about it as below.
Top management shall ensure that quality objectives, including those needed to meet requirements for product, are established at relevant functions and levels within the organization. The quality objectives shall be measurable and consistent with the quality policy.
This ties in with my post yesterday about writing a Quality Policy as your objectives must be consistent with your policy.
If you are building a new system, I would suggest having a brain storming session with top management and key employees as to what goals you want to set for the business. You can set as many or as few as you like as long as the requirements of the standard are met.
The statement "including those needed to meet requirements for product" is basically saying what are your quality requirements for the product/service that you sell? As a consulting business, our objective could be to ensure that all of our customers pass certification within a certain time frame. This is a measurable objective and something that can be reviewed periodically. I would then go on to set other objectives for relevant functions and levels within the business. For example I can set sales objectives, Customer satisfaction objectives, report writing objectives, anything that is relevant to the business that is measurable.
Go easy on yourself though at first. Setting too many objectives or setting objectives that are unreasonable will make life hard and ultimately hurt you in an audit if you're not achieving them.
Similarly you can't just pick an objective that you know you are already achieving or could achieve without any real input. For example if I am currently getting all of my reports completed within 5 days of audit, I wouldn't set my objective to complete all reports within 5 days.
Another thing to remember when setting objectives is to not set anything that may have a negative effect. For example if you set a target of no-non conformance's, it will discourage people from raising or reporting issues. Similarly setting objectives for no warranty payouts may push staff to abandon good customer service practices in order to reach targets.
The point of objectives is continual improvement, set meaningful goals that you want to achieve and can achieve.
Chevron HSEQ
HSEQ Management Systems Consulting
Thursday, November 15, 2012
Wednesday, November 14, 2012
Writing a Quality Policy
Writing any type of policy can be difficult the first time. I bet a lot of people have googled "Quality Policy" and used somebody else's as "inspiration" (also known as copy, change company name, paste).
Writing a policy doesn't have to be difficult and ISO9001 at least gives you some fairly firm guidelines as to what the policy requires (see below).
Top management shall ensure that the quality policy
a) is appropriate to the purpose of the organization,
b) includes a commitment to comply with requirements and continually improve the effectiveness of the quality
management system,
c) provides a framework for establishing and reviewing quality objectives,
d) is communicated and understood within the organization, and
e) is reviewed for continuing suitability.
If we break it down into its individual parts it can actually be pretty easy. There are only 2 things that it has to have, a commitment to requirements and continual improvement and a framework for quality objectives. The rest is up to you to make it appropriate to your business and your goals.
Lets look at requirement A. What does your business do? what do you sell? Who is your target audience? What are your goals? A discussion with Top Management will uncover this information pretty quickly.
Requirement B is even more simple, you can literally copy that sentence word for word from the standard and include it in your policy. It is up to you if you want to elaborate on it further.
Requirement C is actually the most difficult part of the policy and many people do it poorly. What you are doing here is establishing a "framework" not just telling the reader what your objectives are. You want to say how you will establish your objectives, what you are basing those decisions on an how you will review them.
As an example, say we are writing a quality policy for an smash repair business. You could say that you have set objectives for customer satisfaction, paint faults in final inspection and turnaround time. You could then elaborate on why these are the chosen objectives, how they are benchmarked, how you have set KPI's and how often it will be reviewed (frequency and method).
Requirement D can be difficult if you have a large business with people spread far and wide, the important thing is demonstrating that you have communicated it and showing evidence that it is understood. Auditors will sometimes ask your staff questions about the policy to see if it has been effectively communicated.
Requirement E is fairly straightforward, you can set your own requirements for review of the policy as long as it shows that it has been reviewed for continuing suitability.
As a final side note, your CEO/MD etc DOES NOT HAVE TO SIGN THE POLICY. There is nowhere in the standard that says the policy has to be signed by top management. Some auditors will say that you have to because they think that you should, not because you're required to. If you don't want it signed, don't sign it.
Hope this is helpful.
Writing a policy doesn't have to be difficult and ISO9001 at least gives you some fairly firm guidelines as to what the policy requires (see below).
Top management shall ensure that the quality policy
a) is appropriate to the purpose of the organization,
b) includes a commitment to comply with requirements and continually improve the effectiveness of the quality
management system,
c) provides a framework for establishing and reviewing quality objectives,
d) is communicated and understood within the organization, and
e) is reviewed for continuing suitability.
If we break it down into its individual parts it can actually be pretty easy. There are only 2 things that it has to have, a commitment to requirements and continual improvement and a framework for quality objectives. The rest is up to you to make it appropriate to your business and your goals.
Lets look at requirement A. What does your business do? what do you sell? Who is your target audience? What are your goals? A discussion with Top Management will uncover this information pretty quickly.
Requirement B is even more simple, you can literally copy that sentence word for word from the standard and include it in your policy. It is up to you if you want to elaborate on it further.
Requirement C is actually the most difficult part of the policy and many people do it poorly. What you are doing here is establishing a "framework" not just telling the reader what your objectives are. You want to say how you will establish your objectives, what you are basing those decisions on an how you will review them.
As an example, say we are writing a quality policy for an smash repair business. You could say that you have set objectives for customer satisfaction, paint faults in final inspection and turnaround time. You could then elaborate on why these are the chosen objectives, how they are benchmarked, how you have set KPI's and how often it will be reviewed (frequency and method).
Requirement D can be difficult if you have a large business with people spread far and wide, the important thing is demonstrating that you have communicated it and showing evidence that it is understood. Auditors will sometimes ask your staff questions about the policy to see if it has been effectively communicated.
Requirement E is fairly straightforward, you can set your own requirements for review of the policy as long as it shows that it has been reviewed for continuing suitability.
As a final side note, your CEO/MD etc DOES NOT HAVE TO SIGN THE POLICY. There is nowhere in the standard that says the policy has to be signed by top management. Some auditors will say that you have to because they think that you should, not because you're required to. If you don't want it signed, don't sign it.
Hope this is helpful.
Tuesday, November 13, 2012
PPE as a Risk Control Measure
This is an issue that I find coming up more and more lately. Generally it's because more and more people have increased safety management responsibilities in their roles without actually understanding safety.
The issue that I have found is people implementing PPE (Personal Protective Equipment) as a risk control measure when it should really be the last resort.
To illustrate my point I'll give an example.
Company A has had an injury and they are looking at ways of preventing the injury from happening in the future.
When investigating the cause of the injury it was found that one of the steps in the task being conducted involved a risk of a cutting injury if performed incorrectly. In order to fix the issue the company introduced Kevlar gloves for all staff.
The problem I have with this is, why didn't they look at eliminating that step first? If that's not possible then there are more options in the hierarchy of controls that can be investigated before resorting to PPE.
When introducing new PPE there is the possibility of new risks that may make the problem worse. In the example above, the gloves may make items more difficult to grip and pose a manual handling risk.
I find the majority of the time, PPE is introduced as a cheap, lazy option to fix a problem or because it is seen as an easy fix. It might be cheaper to buy everyone new gloves rather than having guarding re-engineered or making large changes to a process. At the end of the day though has it actually made the process safer, or does it just look safer?
The issue that I have found is people implementing PPE (Personal Protective Equipment) as a risk control measure when it should really be the last resort.
To illustrate my point I'll give an example.
Company A has had an injury and they are looking at ways of preventing the injury from happening in the future.
When investigating the cause of the injury it was found that one of the steps in the task being conducted involved a risk of a cutting injury if performed incorrectly. In order to fix the issue the company introduced Kevlar gloves for all staff.
The problem I have with this is, why didn't they look at eliminating that step first? If that's not possible then there are more options in the hierarchy of controls that can be investigated before resorting to PPE.
When introducing new PPE there is the possibility of new risks that may make the problem worse. In the example above, the gloves may make items more difficult to grip and pose a manual handling risk.
I find the majority of the time, PPE is introduced as a cheap, lazy option to fix a problem or because it is seen as an easy fix. It might be cheaper to buy everyone new gloves rather than having guarding re-engineered or making large changes to a process. At the end of the day though has it actually made the process safer, or does it just look safer?
I'm Back!
Hi All,
Sorry there has been such a huge delay in posts, I got caught up in training and day to day running of a business but I hope to start posting more frequently again.
Shoot me an email if there are any particular questions or topics you would like covered.
Sorry there has been such a huge delay in posts, I got caught up in training and day to day running of a business but I hope to start posting more frequently again.
Shoot me an email if there are any particular questions or topics you would like covered.
Tuesday, May 8, 2012
Spotlight on WH&S in the Real Estate Industry
I was asked by a colleague recently to write a piece for her blog on safety in the Real Estate Industry.
The post can be found below
Monday, April 9, 2012
Measuring Customer Satisfaction
Apologies for the massive break in posts. There have been weddings, house moves and lots of work going on so unfortunately the blog has fallen by the wayside. Thankfully things have quietened down again so time to focus again.
The ISO 9001 standard has a requirement for analysis of data. This analysis can cover a wide range of data depending on your type of business but today I am looking at customer satisfaction.
A simple way for businesses with less than 1000 customers is to develop a customer survey using a site like survey monkey. www.surveymonkey.com
Using the templates provided you can determine what information is pertinent to your business and decision making. It also helps cover your customer satisfaction and analysis of data requirements.
Tuesday, November 15, 2011
Something a bit different
Sorry it has been a loooooooong time since my last post. We have been flat out for the last 4 months which is great leading up to the Christmas Break.
As something a bit different this was a project done by one of my clients for the Royal Children's Hospital.
Subscribe to:
Posts (Atom)