One Quality System, Please
The organization should have only one quality system. And, unless there is an overwhelming need, the organization should have one quality system certification or accreditation. For clarity, an overwhelming need would include ISO certification and a regulatory registration (e.g., FDA), not two separate ISO or ISO-equivalent certifications. This is true whether your organization serves a single industry segment or, like many job shops, multiple industry segments. To have more than one quality system invites confusion and nonconformance. To have more than one quality system certification is costly and is an unnecessary burden on your staff. The most efficient and effective approach is one system, and that one system should serve your company first.
One system means that a conscious choice must be made about the quality system, weighing the potential risks and rewards of the choice. Like quality systems becoming onerous due to layers of changes driven from outside the organization (see “Whose Quality System Is It?”), the quality system’s goal and the certification(s) held by the company may or may not have been a conscious choice. The system and certification(s) may have evolved over time, trying to serve multiple masters, both internal and external. There are a number of potential approaches to selecting a target system and/or certification. To make a conscious choice, consider the following questions.
The first question that should be addressed is whether to seek certification or not. There are advantages to certification, including, but not limited to, a hopefully unbiased assessment of your quality-business management system by a third-party auditor and brand recognition for purposes of marketing. Side benefits might include fewer customer audits and surveys to complete, or, minimally, shorter customer audits and shorter surveys. There are also disadvantages to certification, including, but not limited to, the human resource and financial costs associated with certification(s), and the potential that the benefits do not materialize. Depending on the size and depth of your organization, certification may be of questionable value. Consider what supply chain tier your organization occupies, and consider the risks versus opportunities of certification.
If you decide that a certification (with a third-party audit) or conformance to a standard (without a third-party audit) is appropriate for your organization, the second question that should be addressed is which quality system to adopt or model – general, medical device, aerospace, automotive, food safety, or other. Two simple approaches to selecting your system or model include (1) choosing the system or model that fits the majority of your customer base, or (2) choosing the model that is the most stringent, which would, in essence, encompass all of your customers. Alternatively, a requirements matrix could be prepared using each standard to which your organization might be held accountable. This third approach would take the most time to implement, and it would require the most vigilance to monitor and update as standards are revised. This approach would also require a terminology matrix to ensure that comparable requirements that are identified by different terms are understood and communicated as comparable.
In general, the various standards cited above share 80% of the same requirements, which are considered good business practices. There are some specialized requirements, and the remaining “differences” are usually differences in terminology. Keep in mind that you need to own your quality (business) management system, and you should make a conscious decision about what that system includes. Be the owner, not the tenant, of your system.
Contributed by TDQA Consulting