THG Formulations

Do you control your forms within your ISO 9001 quality management system? If you do, you are on the right track. One of the divisive issues with interpretation of ISO 9001 and other standards is control of forms. Various organizations treat forms differently than other QMS documents and do not control them. Per ISO 9001 element 4.2.3, “Documents required by the quality management system shall be controlled.” Let’s investigate if a form qualifies to be a “document” that “shall be controlled”.

Very often, companies use forms as lower-level documents. Frequently, we really do not have to write a “standard” instruction with the purpose, the scope and details if a simple table will do the job. Often companies receive audit non-conformities because their forms are not controlled.

Frequently, being asked about not controlled forms, my clients reply: This is “just a form”. I always wonder why a form should be treated differently than any other instruction or a document. If a form is not controlled, how would we know that we need it to begin with? If a form is not part of your ISO 9001 QMS, it cannot be referenced! If your forms are not controlled, how would anyone know that you use the latest revision? Well, exactly what is a form? A quick test will help answer this question. If we have a list of directions telling us to:

- use a two-column table

- enter your business name into the 1st column

- enter your company’s Web address into the 2nd column

Most likely, we all would call this three-line guidance an instruction. So, since this is an instruction, it shall be controlled.

Now, let’s imagine that we were given a two-column form, only being asked to complete it. The first column is titled ‘You company name’ and the second column ‘Company’s URL’. Obviously, we would enter our company name and our Website address in the table. It means that we interpreted the table as an instruction.

If we concur that the 1st three-line instruction written in English was a “real” instruction that needs to be controlled, the other, blank form, resulting in the same output, must also be an instruction! Shouldn’t this type of an instruction be controlled as well?

I think that the confusion regarding forms is based on the fact that forms serve two purposes. Blank forms are concise instructions written in tabular language. After a form is filled out, it becomes a record. Unlike instructions, records are not expected to have a part number or a revision level. Records are managed in a different manner. Let us remember this and treat our blank forms as instructions letting the documentation management process govern them. There are a couple of simple tests you may take when you are tempted to use a form that has not been assigned a part number:

- If you created a helpful form and found it had been changed, would you like to know who did it and why?

- If you changed your, let’s say, test results form, would you like personnel to use the most resent revision?

- If you were out for awhile, would you like folks to be able to find your form just by following a reference to it?

If you answered, “yes” at least once, your form is a definite candidate for revision control, and falls under the scope of your ISO 9001 2008 documentation management process.

Tuning up your ISO 9001 documentation system? Quality Works will be glad to help! Visit our quality management documentation page.

Element 5.3 of ISO 9001 Standard requires an organization to establish a quality policy. More specifically, the standard requires: “The management” of an organization to “ensure that the quality policy”:

- Is appropriate to the purpose of the organization;

- Includes a commitment to comply with requirements;

- Includes a commitment to continual improvement of the effectiveness of the QMS;

- Provides a framework for establishing and reviewing quality objectives;

- Is communicated and understood within the organization;

- Is reviewed for continuing suitability

Despite the fact that these requirements appear to be rather simple, most companies I worked with as a consultant or an auditor, had difficulties with documenting their ISO 9001 quality policies by not addressing all the requirements above. Establishing a quality policy that, as a minimum, addresses all the requirements above is important because of our commitment to establish a QMS that comply with a given standard. Therefore, we have to adhere to it’s requirements. What if our quality policy did not require its review “for continuing suitability”? Most likely that this review would never be done.

To demonstrate my point, let’s go to the Internet and check a few quality policies on the Internet. Search for “iso 9001 quality policy” and you will find a list of companies that posted their quality policies on their Websites.

“[Company name] is committed to serve it’s customers and meet their needs and expectations in the design, manufacture and supply of reliable and innovative technologies and products for [product descriptions] using modern management, engineering and material sciences. [Company name] is committed to continuing improvement of it’s products and services to achieve increased customer satisfaction as well as to ensure compliance with the requirements of the Quality Management System and it’s continuing improvement.” Assuming that this quality policy is appropriate to the purpose of the organization and is communicated, these two requirements are met. Customer needs and expectations may be considered as requirements, so this requirement is also addressed. However, commitment to continual improvement of the effectiveness of the QMS, provision of a framework for reviewing quality objectives and commitment to review quality policy for continuing suitability are apparent.

Another one: “Quality is the heart of our business and key to our goal of total customer satisfaction. Therefore it is our policy to: Consistently provide valued products and services that meet the current and future needs of our customers and suppliers; support each other in the daily use of quality systems, processes and methods to improve every activity constantly and forever; continuously look for means to construct change which provides for significant improvements in quality beyond what can be achieved by continuous improvement methods alone.” As you can see, this quality policy did not address any, I think, of the requirements of the standard. Can you imagine their quality manual or the entire quality management system?

I did not select these examples because they did not comply with the standard. I picked them from the top of the search results, just to show that most quality policies were not written to meet requirements of the standard. If you think these examples are bad, wait a moment. One of my clients came up with a quality policy that is out of this world: “I improve the Quality of Patient Care and all things [Company name]” No! I am not kidding and I did not misspelled or took any words out of this regretful quote!

Mark Kaganov is a Director of Operations with Quality Works. Since mid 90th our business assisted hundreds of companies in the US and abroad in developing their quality assurance programs. With our focus on cost reduction and process optimization, our customers’ quality management systems showed continual improvement.