Q: How many different International Organization for Standardization (ISO) auditing standards are there for determining effective operations for business management systems (BMS) or quality management systems (QMS)? When evaluating the effectiveness of a BMS or QMS via auditing, is there a matrix that will indicate different ISO auditing standards that are compatible with one another, as well as how they differ in content and degrees of compliance?
Quality assurance engineer
Saab Grintek Defence
Centurion, South Africa
A: I would suggest you start by looking for basic information on management system standards on the ISO website. In fact, ISO has dedicated an entire section to outlining specific applications of its various standards.1
These sector-specific standards are compatible with the ISO 9001 management system standard. While I was not able to find a matrix that specifically addresses your inquiry, the ISO 9001 standard can be interpreted for any business.
There are no degrees of compliance with the basic standard, with the exception of design requirements. If your organization doesn’t design its products or services, then those requirements are not applicable. Bear in mind that you can’t just assume that’s the case. You will need to make a convincing case to an auditor.
Other than that, you are either in compliance or you are not. When you talk about degrees of compliance, there’s a chance you may be thinking of the Software Engineering Institute’s Capability Maturity Model Integration, which has levels of compliance.
There are also other ISO-based standards that are not administered by ISO itself, such as TL 9000 for the telecommunications industry and AS9100 for the aerospace industry. But, again, these are sector-specific adaptations of the ISO 9001 standard.
This may be covered in one of the many books written about QMS auditing. An oldie but goodie is Management Audits: The Assessment of Quality Management Systems by Allan J. Sayle. I would also be remiss if I didn’t suggest The ASQ Auditing Handbook, third edition, edited by J.P. Russell.
Navis Pack & Ship MD-1106
Annapolis Junction, MD
- International Organization for Standardization, "Specific Applications," www.iso.org/iso/iso_catalogue/management_standards/specific_applications.htm.
For more information
John E. "Jack," "ISO 9001 and
Advantage in the Marketplace," Quality
Progress, April 2008, pp. 73–74.
Q: At my new job, we pay lip service to ISO 9001, which is required by the company to which we sell. But lip service is pretty much all we do. I’m continually asked to develop documentation for processes we don’t follow. Can I get into legal trouble for doing this? I was out of work for six months before finding this job, and I need to hang on to it.
A: I cannot provide advice on potential legal issues with your company. I can tell you, however, that if you are certified to ISO 9001, a third party called a registrar is responsible for reviewing compliance to the standard. If the registrar finds your compliance is lacking and the company is not being honest, it can withdraw the certificate.
If your company is claiming compliance to the standard and does not have a third-party audit to back that claim, the customer may choose to cease doing business with your company if they find you are not being honest.
If your company is concerned that legal issues could be a problem, then I would advise you to work through the chain of command at your company.
Lorri Hunt and Associates
Kansas City, MO
For more information
- Arter, Dennis, "Beyond Compliance," Quality Progress, June 2000, pp. 57–61.
Lorri, "Energize Your QMS,"
Quality Progress, October 2008, pp. 20–25.
Q: I work at a pharmaceutical manufacturing firm. The general formula followed in the pharmaceutical industry for the tightening of product specifications is: average ± 3 sigma.
I have the following questions:
- How many data points would be ideal to calculate the product specification’s 3-sigma limits?
- What is the advised limit for standard deviation (sigma), knowing that the rise in sigma will give false and high limits?
- What is the cutoff point for standard deviation at which we would need to say "We need to wait for more data"?
- Why not 6-sigma limits, which would give us more cushion and also sound better than 3 sigma? This question is answered in Expert Answers in the December 2008 issue of QP, but more elaboration would be great.
Pannala Raghu Ram
A: To answer your first question, the approach to setting the product specifications you describe is based on process capability and the desired percentage of the product that is within the specifications.
Assuming Gaussian distribution of random variation, exact knowledge of the mean (µ), standard deviation (s) and the process in state of statistical control with µ ± 3σ specification limits, 0.0027 fraction of product is outside the limits. Under the same assumptions, a much smaller fraction of product is outside of wider µ ± 6σ specification limits. Shift of the average from target or an increase in random variation will result in a rise in the fraction of product outside the specification limits.
The random variation in a product is a result of random variation in the process and raw materials. The random variation in the product is minimized when the manufacturing process is stable or in a state of statistical control, with no special causes for deviation from target or increased random variation.
Therefore, the mean (m) and the standard deviation for setting the specification limits of a product using the aforementioned approach need to be estimated using product manufactured when the process is in a state of statistical control.
Specification limits calculated using those estimates contain a smaller fraction of the population inside control limits and a larger fraction outside control limits compared to the hypothetical case of known mean and standard deviation. I’ve calculated those expected fractions using the t-distribution approach. They’re shown in Table 1 for various sample sizes (N) from 2 to 1001 (numbers of degrees of freedom, N – 1, from 1 to 1000). In the last row, the fractions for an infinite number of degrees freedom, with exact knowledge of the mean and standard deviation, were calculated using Gaussian distribution.
The fractions of product outside the specification limits in the table allow for choosing a reasonable tradeoff between the data that need to be collected and the expected fraction outside the specification limits.
Questions two and three can be answered based on the formulated product application requirements, taking into account the product’s fitness for use, among other things.
Setting the specifications based on the product requirements is a more effective approach than setting them based on the process capability. When you set the specification limits based on the product requirements, the fraction of product outside the limits is a function of the standard deviation of random variation and the shift of the manufacturing process from the target.
In that situation, to provide for an acceptable fraction outside the specification limits, the allowable process shift and standard deviation of random variation can be determined. If the process is capable of generating product with an acceptable fraction outside the specification limits, the task is completed. Otherwise, the process capability needs to be upgraded by various methods, including robust process and product design, so the process or product is resistant to various sources of variation.
Regarding your question about 3 vs. 6 sigma, indeed, m ± 6 sigma specification limits drastically reduce the fraction of product outside the limits—with any sample size used for the calculation of the mean and standard deviation—compared to m ± 3 sigma limits.
Wider specification limits are acceptable only if the product is still fit for use when it is ± 6 sigma deviations from the mean (target). Such specification limits can be used if the variation in product is sufficiently small to begin with or if it is reduced through improvements in the process and product designs.
Jeffrey E. Vaks
Roche Molecular Diagnostics