Hello everybody. Thank you so much for being here. My name is Cindy Hate and I'm going to be your host for today's session. You can. I'm sure you had a chance to review the housekeeping guidelines while we were waiting to get started today. Today's session is the fundamentals of a quality management systems based on ISO 9001 2015. And again, my name is Cindy hate. I'll be your host. You can see me there on the right. I joined with SGS and the Academy, which is our training division just over a year ago. We offer a variety of different training courses, both online and for private instruction, and we'll touch on that a little bit later in the session. Today, I do have over 20 years of experience in the certification industry. I worked for Bureau Veritas. Which is another another company and managed key global accounts and then I moved into their training department. So I got my lot of good knowledge about ISO training there and was lucky lucky enough to join with SGS in 2002. So now I also work in the certification side so I assist customers with certification for ISO 9001 and other core standards. And it's great to be here with all of you today. I'd like to take a moment and introduce your speaker. We today we have Miss Sabrina Apolito. Sabrina is a lead auditor with SGS certification as well as a lead tutor with SGS Academy. You can see she's a classically trained biochemist and a certified lead auditor who ensures organizations maintain compliance and a realm of different industries. Certifications and standards spanning pharmaceutical, cosmetics and general manufacturing. She has directed overseeing and improved several quality systems to reduce deficiencies and increase product flow across the US and Canada. She is affiliated with the Professional Order of Chemists of Quebec as well as the American Society for Quality. Just a few things about SGS. We are the number one global company and the TIC industry that's technical testing, inspection and certification. We have over 2500 offices, almost 100,000 employees. So we have a great team with a good wealth of experience. We offer certification training, customized audit, second party audits. We do have a business line that assists with managing your supply chain as well as we offer technical consulting services. So through our combination of a high level of quality of service, our global network and our industry experience, we do have a great team and a lot to offer to our customers. Again, it's a pleasure to be here with you today. If you have any questions for myself or for Sabrina, please type them into the Q&A section. We will try to answer all your questions as much as we can. As quickly as we can, we have a very large group today, so if we don't get to your questions, we will respond to you via e-mail. Also, today's session is the first in a series of 6 webinars, so we're going to be hosting a session every couple of months throughout the rest of this year. Our next session is scheduled for April 14th and it will review risk assessment. I'm going to hand it over to Sabrina Apolito, your speaker. I hope you enjoyed the session and we look forward to answering your questions at the end. Thank you so much. Thank you, Cindy for your wonderful introduction. Hi everybody. Good afternoon. I am so excited to be here with you and to share this learning space with each and everyone of you as we speak about the fundamentals of a quality management system. The slide over here presented will review or just introduce is a very brief agenda in terms of some of the key points and key areas that we will be discussing and just touching on over the course of the webinar. So introduction I saw what is ISO 9001. ISO 9001 is an international standard. That specifies requirements for a quality management system otherwise deemed your QMS. So essentially ISO 9001 is synonymous for quality management system. Organizations use the standard to demonstrate the ability. To consistently provide products and services that meet customer and regulatory requirements, your key operative words there are consistent. ISO 9001 is the best known standard and the most used worldwide. It is the basic standard used to optimize. An organization's activities and in fact more than 1,000,000 organizations are ISO 9001 certified in over 175 countries worldwide. So very quick, my first little, I guess we can say pop quiz of the day. Do you have a quality management system within your organization? You can just. Click on yes, no or I don't know and we will look at what some of those responses are in just a little bit. OK, let's see. Nice. We've got about 92% who answered yes, about 5% who answered no. And about. 2 1/2% I don't know. OK, good. So quality management system approach. The QMS approach encourages companies and encourages all sorts of organizations to identify accurately customers needs and expectations. To define the processes that contribute to achieving products or services that meet customer requirements. Keep processes under control because at the end of the day that is what you're trying that you are aiming to keep your processes under control so that you can consistently provide the products and services that are meet your customer that do meet your customers needs. Resolve quality problems efficiently and effectively. Provides a framework. For continual improvement and enhancing customer satisfaction. Top managers must participate in the development implementation. And improvement of a quality management system. So why would we want to implement a formal quality management system? Customers demand products or services that meet their needs and expectations, and these can evolve overtime. The customer ultimately decides whether or not the product or the service is in fact acceptable. Customers needs and expectations are constantly changing, therefore organizations must continually improve their products and processes. Problems occur because of a failure to exercise control over processes and activities. So therefore we want to be able to implement a system. That is capable of monitoring or a system that is capable of ensuring that we are in fact meeting requirements that are set forth by regulatory agencies, but also by our customers. Therefore, adopting a QMS is a strategic decision. For an organization that can help improve its overall performance and provide a sound basis for sustainable development initiatives. So 7 principles of managing quality. This is one of my favorite slides because it gives you a really good idea in terms of what is really required. When we're talking about managing quality. It is customer centered. It's customer focused. We have an intention on leadership, so if we think back to several versions of the standard, we're back in the day we used to speak about equality representative. Now that we've introduced the idea, the concept of leadership, we have to keep in mind that when we're talking about quality, quality is no longer the responsibility of the individual that has quality in their job title. But is in fact the responsibility of everyone. An engagement of people. So this means that we invite people to the proverbial table and we ask them critical thinking questions. That allows us to build a holistic system, a holistic approach to being able to resolve issues and to be able to drive whatever it is that we are manufacturing or the services that we are rendering to our clients, as efficient and effective as we possibly can. It's this. One of the principles for managing quality is that we're also considering a process approach. So we're not just thinking in terms of meeting the requirements of a clause, we are thinking in terms of a process. So think of it in terms of a chain. We have one department or we initiate a requirement such as a request for a product. This is maybe then generated by or directed by sales. Well then what is the process that is right after sales? Do we have to check our inventory? Do we have the material or the the talent necessary for us to provide the product or the service? If we don't, there's purchasing involved and that would be the next step after sales. And so on and so forth, naturally. We also consider improvements, so we're looking on ways to better our systems all the time, rendering them more efficient and more effective. So if we're at point A and we want to be able to get to point B, what is the path of least resistance ensuring that we are meeting all of those requirements? Evidence based decision making. So what are your justifications? We're saying that we're going from point A to point B. We are implementing certain requirements. That's fine. What is the reason for it? What evidence based decision allowed us to make those decisions? And finally, how do we manage our relationships and our relationships? When we're talking about relationship management, it's not just within the organization. We're talking about the relationships within our internal interested parties or our, our stakeholders, our employees, but we're also relating that to our customers, anything that is external to the organization, so our customers, our suppliers and so on and so forth, including our regulatory bodies and our certification bodies naturally. This is an interesting slide and I decided I implemented it and give you just a little bit of a of of an understanding of how we've evolved over the years or how rather the the standard ISO 9001 has evolved over the years. I remember having graduated university, and we were, and I mean just like most of my peers, we all found jobs in lab. Eventually I decided to deviate, and I figured, I said, you know what, I kind of liked this idea of audits, but I didn't really know much about it. And I remember 1 distinct conversation that I had with my grandfather. And my grandfather had asked me, like, Sabrina, what are you doing? Like, were you working? What are you doing? Are you still working in the labs? And I said, no. I said, in fact, I've decided to get into auditing. And so it's like auditing. And so these big eyes that just jumped out at me and I said, you know what? I said, yeah. I said, I think this is, this is going to be my niche. I think this is something I really want to do. And it's, it has a nice hybrid between, you know, meeting requirements. And and quality which is really it's, it's really at my heart, I love anything that's quality related but also to help people understand the requirements and what those requirements requirements mean and how we can apply those requirement. So then the dreaded question was, well, what are you auditing exactly? And I had mentioned ISO 9001 and I remembered distinctly he had pulled I think every hair out of his head saying, Sabrina, it's so heavy in terms of documentation. I remember the days where I had to do, I had to deal with ISO 9001 and that in reality was in fact true because if we consider back in 1980, seven, 1987, the quality management system was. Very heavy in terms of procedures. It was very heavy in terms of forms and records that needed to be documented. When they did the revision in 1994. They introduced the idea of preventive action. So they were being a little bit more proactive with the idea of equality management system. Later on in 2000, where they had another revision, they introduced the idea of a process approach. So we weren't just building our documentation, our dreaded SOP's based on clauses, but in reality they were based on processes such as sales, purchasing, receiving, shipping, production, testing. And they also introduced the idea of PDCA, which is plan, do, check, act and also one of the areas that we're going to be looking at today. In 2008, they had another revision of the standard. They pretty much kept things more or LES the same with a couple of changes, but the real changes happen with the 2015 version of the standard and this version of the standard. Mind you, I get it. There might be some bias, but it is the version of the standard that I absolutely adore and love the best because it has a management feel to it, a business management feel to it. So one of the major differences with I with the 2015 version of the standard is that there's no longer requirement for having a a system that is so heavy on procedures and policies. But essentially what it's doing, it's that it's giving organizations the opportunity to critically think and ask yourselves. The question is or are all of the SOP's, the procedures, the policies, the documentations, the forms is everything that I have. Place actually necessary so it allows you to do an in-depth analysis and determine. Can I do without some of these forms or does it make sense for me to maybe perhaps merge these forms? Another really big change that was introduced in the 2015 version of the standard is the idea of leadership. Because when again, when we're talking about quality, quality is not the responsibility of a quality manager. So making sure that you're ensuring or making sure that you maintain your certification status is not just the responsibility of one person, but it's everybody's responsibility. It's not one person that will ensure that yes, we're gonna have the certificate. This requires the efforts of every single individual within the organization. Naturally, there's also been some changes with terminology. For instance, we will no longer speak about the quality manager, we speak about the leadership team, or we no longer speak about exclusions, we speak about non applicable. So these are just some additional changes, another really big change. You're probably all very familiar with the acronym Kappa, which stands for corrective Action, Preventive Action while. We're looking at the preventive action segment. Through risk management. So we're looking at risk management throughout the entire supply chain. We're not just being reactive, we're being proactive. So we're trying to determine where are the potential risks from a business perspective. In terms of interested parties? But also in terms of our processes. This is why it is essential for us to go get this knowledge, this information, from the individuals. That are actually carrying out the activities. On a daily basis. So 2015, the version 2015, so the last four digits represents the year in which the. The ISO 9001 this version of the standard was published. We there was a transition period for three years, so ultimately by September 15, 2018 everybody had to have been transitioned to ISO 9120 fifteen. One of the questions I often receive from many of my clients is Sabrina, do I need to have and do I need to include 2015 in my documentation? When you are referring to the standard, when you are referring to ISO 9001, it is not required for you to put the version as well. It's understood that you need to be current. It's understood that you have to be, especially at this point. I saw 2015 so often enough what I do is I I I kind of turned the question around and I ask individuals, well, I want you to think of it from this perspective. The product that you have is ISO 9001. That's your quality management system. It's understood that you need to be relevant and current. One and if there will be a revision, they will have to change the four digits. So there is there really an added benefit of having to go through all of your documentation. And having to change the last four digits. To the new version now if you already have. Your documentation written in terms of 2015. What I highly recommend is on the next revision, whatever your revision periods are, or whenever updates need to be made to the documentation that you deemed as being necessary. At that point, it might make sense for you to just remove the last four digits. So at this point today, as we're speaking on on February 24th of 2023, even if your documentation references the version 2015, you're still conforming to the requirements. You're fine. The only thing is on the occasion where. There is an update if you're still referencing 2015 once the transition period is over, that's where you'll have a nonconformance, so just keep that in mind. So if you think of back of 2008, in 2008 we had eight clauses. In 2015 version we now have 15 clauses. So basically what we did is we put all of the requirements of 2008 in a blender, we press play and now we got 10 clauses. So it was just more or LES a reconfiguration of the requirements with a few add-ons as well. So these are all of the sections we have scope, final, Section 1, our normative. References Section 2, Section 3, our terms and definitions. Our glossary, if you will. Context of the organization is found in Chapter 4, Section 4, or clause four leadership in Section 5 Planning Section 6. Support 7. Operations 8. Performance and evaluation is 9, and improvement is chapter 10. So I'd like to focus a little bit more on the idea of processes and and and inputs so we can look at for instance. Activity. So I like to bring your attention to the diagram on the far left where we have activities in the little arrow, so. Not at the Arrowhead, but at the tail end we have what we consider our inputs. So I want you to think about when we, when we talk about sales, what drives a sale. Or when we talk about purchasing, what drives purchasing? Once we've purchased the product as an example. What is? The upward. That output therefore becomes the input to the next process. And we have found, or I have found rather in my years of working as an auditor and as a consultant, I have found that when we apply a process approach, we're creating a more holistic flow in our quality system, and it is easier. To maintain that control and to determine where the potential pitfalls may be and how to control those pitfalls. So my recommendation for anyone who is thinking about implementing a quality management system or who is looking to improve the current quality system that they have in in place. Make yourself a schematic, something similar to what I have in Gray. And ask yourself the questions. What initiates my process within the company? And what does that look like from the start to the end? What are the inputs? What are the outputs? This will also help you drive certain questions, such as where are the potential risks? And this isn't a question that you would be asking necessarily to everyone in the company, but as you are trying to develop and identifying determine these risks, maybe even during an internal audit, you may address these questions with individuals that are in the department carrying out their day-to-day. Or inviting pertinent individuals in those departments to sit down with you where you are driving the conversation and asking those questions. Just something for you to think about. So. We have another little pop quiz. Is utilizing a process approach when implementing a quality management system mandatory? The key operative word there is mandatory, so is it mandatory to have? A process approach. Give you guys a couple of. That's right. The answer is in fact, no, it's not mandatory. It's recommended. We prefer that you think of your organization holistically instead of just saying, OK, I'm going to do an SOP for section 4.0 context of the organization. I'll have an SOP for Section 5 leadership. We don't want you to think like that. We want you to ask yourselves the questions. What are the all of the different departments? What are all of the different activities? What's the flow within the company? What's the flow within the organization? How does leadership fall into this? How does context of the organization fall into this? Who are our interested parties? What are the strengths, the weaknesses, the opportunities, the threats of all of our interested parties within the organization and external to the organization? So it's not mandatory for you to follow a process approach. It's definitely recommended. So a company that shows to me that they are following a process approach or a company that shows me that they're following the elemental approach are equally acceptable. Good. So this brings me to the plan. Do check acts, otherwise known as the dimming wheel. I want you to think about your organization. Individuals that are implementing either implementing a new quality system, implementing any type of system. It could be environmental, it could even be a pharmaceutical, it could be a cosmetics management system. Any type of system that you're implementing naturally, where you start off becomes your base. What we're expecting to see, not even what we're expecting to see as auditors before yourselves, OK, for yourselves, for your company, for your entity, for your. Industry even. Where are you right now? We are looking to find improvements. We're looking for efficiencies. How do you go from where you are? And just improve yourself a little bit better. We're not expecting to see from one year to another where you've had maybe 50 or 60 non conformances to all of a sudden you have zero non conformances. And I'll probably be scratching my head and be like, hmm, we may need to do a little bit more digging. But essentially what we're wanting from you is for you to, to ***** ** your quality belt just a little bit tighter and say how could we ensure quality is further embedded in our policies, in our processes and our procedures. You know, work instructions. Do forms need to be modified? Do they need to be made better? Do they need to be more succinct? Do I need all of this information that I'm expecting people to fill out on a form? Is that information actually necessary so already when we start making these small changes? We start identifying and determining where potential risks are within within the organization. Right then and there we can say, OK, well, you know what, we've identified a potential risk. We were able to determine that it's a moderate risk or a high risk. It might make sense for us to get pertinent individuals together. Let's discuss and see what is it that we can put in place to ensure that if you're not capable of eliminating that risk, at least you're capable of managing it. And mitigating it. So you get together and you determine what is it that we do. So this plan, do check act, you're going to plan for change. The doing aspect is to actually carry it out. So consider it this way. What is the step by step approach? What is it that you're going to do? Step one, what is it that you're going to do? Step 2, step three-step four and involve individuals in that discussion, involve pertinent people in that discussion. Once you've determined what the steps should look like. Who is responsible for carrying out that step? And this does not mean that you put a job title. This means is that you're actually giving a step to an individual, to a person, because the last thing you want is for you to do a follow up, let's say at the end of the month or at the end of the quarter. And it's like, well, we thought someone else was taking care of it in the department. And this is often what we end up seeing when we're doing audits. So when you're doing your step, step by step approach. Assign the step to an actual individual and give a due date. You can give a specific date such as the 28th of February 2023, or you can speak in terms of months, April 2020 2023 words. Understood that when you're giving the months until the end of the month. Or speak in terms of quarters if you think that it's going to take more time, so for instance Q2 2023? So you can determine that, but one of the things I definitely recommend, and something that I'd like for you to think about, is when you are stipulating who's responsible for carrying out a task or an activity. I again, I highly, highly recommend. That you that you specify the individual's name, OK. So here we go. Plan do, check acts. So. Section 1 speaks about the scope. The scope is really. If we will, the scope is really a. It sets the boundaries of your company. Sets the boundaries of your organization. Who are you? What is it that you're manufacturing? Are you just in manufacturing? Are you doing design and development? Are you doing research? Are you doing any testing? So it really sets the parameters. So what are the activities that you are actually doing within your organization? The normative references are all of the other requirements, standards, licenses that are required, so I'll give you an example if you decided to implement equality system within a. Drug manufacturing system and that there becomes your base is your QMS. It's fine. Part of your normative references would also include your good manufacturing practices, your GMP's, whether it's the license that you're obtaining from Health Canada or the licensing that you're obtaining from the FDA. These are what would be considered as your normative references. Again, like I mentioned, the terms and the definitions. Are is a glossary. It's just to help you navigate the terminology within the standard. And again, if we take the plan, do, check, Act, sections 4-5 and six are clauses. Four or five and six are part of the planning stage. Sections 7 and eight or clause seven and eight are part of the doing phase. Section 9. The performance evaluation is part of the checking phase. Are you actually getting what you're intending to to to get? And improvement which is section 10 is part of the acting phase. So very briefly I will take you through the the requirements. So here we go. So Section 4, context of the organization, basically what context of the organization is who are you as an organization. What is it that you do? You've been in business since when? It's an analysis of who you are, but it's also an analysis of who the individuals within the organization are. So for instance, you have your internal interested parties, your employees, maybe your stakeholders, management. For your external interested parties, you would have your clients, you have your suppliers, you have registration bodies, maybe you have regulatory bodies, perhaps. So this allows you to do. An in-depth analysis in terms of the strengths, the weaknesses, the opportunities, the threats, what are the potential risks? Things that you need to be aware of so that you can hopefully mitigate them. If you cannot eliminate the risk, you have to at least attempt at reducing them. But allows you to initiate and to actually start putting in place a plan, a plan to address these issues. Moving along, we get to Section 5, where we're talking about leadership. Leadership is where our leaders are actually, they're committing to quality. So they're actually going to ensure also that. The individual that will spearhead, let's say, the implementation of a quality management system that they are well positioned to implement or to help in the implementation process and to drive these critical thinking questions and to drive the project forward. This also is the section where we're going to look at what is your quality policy, what does that look like and a quality policy, ladies and gentlemen, I'm not looking to see a dissertation. It's something brief. It's basically your statement towards. Quality. Also in section 5.3, this is where we get to speak about organizational roles, responsibilities, and authorities. Your organizational chart where we don't want to see quality reporting into production or vice versa, because obviously there's a bias. But think of it in terms of what does your organization in fact look like? Who is, who is, what is the reporting structure? The planning phase. So this isn't just planning for production or planning to render service. This is also planning to determine and address what are the risks and how do we plan and ensure that they're being mitigated and our quality objectives. So quality objectives are like KPI. But they are based on quality as an example, we want to reduce the number of non conformances or we want to reduce the number of customer complaints or we want to be able to ensure that on time delivery is no LES than 95% as an example. So what is it that you're going to put in place? How are you going to plan? In order for you to achieve those requirements, your quality objective. Support. Covers your HR for instance. It also covers training, awareness, training your competencies. So for instance, you can't have just anybody creating engineering documents. Engineering documents, as you are aware, we need to be stamped by an engineer, so there's a certain level of competency that's required there. I want to bring your focus, however, to section 7.3 which discusses awareness training. This is super important. You need to ensure that anyone and everyone who is newly hired. Has awareness training and if you're planning on implementing equality management system within your organization, you want to ensure that before you are certified or you have an external body coming to certify your organization for the QMS that everybody has received awareness training. What awareness training is, is that you are providing training to individuals that people are aware of the quality policy people are aware of. The quality objectives. People understand the benefits of implementing and maintaining equality management system and the consequences when those when those requirements are not being fulfilled. So if you have a work instruction, but someone decided not to follow the work instruction, what are the consequences? And I understand the the word consequence has a very negative connotation to it, but it's not just consequence in terms of you're going to be reprimanded, we're talking about consequences in terms of and make them aware that. We will have an increased number of of customer complaints if we're not meeting the requirements or if we're not following the what's been implemented in the quality management system. We can have an increased number of non conformances which means that there's going to be required more administrative requirements than being able to deal with these nonconforming reports or corrective action reports. So it's very important that you make and that you drive the message home that we have equality management system in place, but that the quality management. System in place. We have these benefits. They've been tried, tested and true. If, however. You have any? Ways, any methods of rendering our our QMS more efficient and more effective? We welcome the the opportunity, the opportunity to make it more efficient or more effective. At least it's going to help. Generate good conversation, but also it's showing that you're very inclusive within your quality management system and that it's not just a one person show. How you communicate your information, whether internal to external, that too is looked at in terms of support. Now, does that need to be documented? No, not necessarily. This is actually a conversation that you can just have within, let's say if you're being audited. So with the auditor. Again, this version of this quality management system does not require you to document everything. You have to determine what is necessary for you to have documented. Remember, people are coming to work to work, right? So you have to be strategic in terms of what you're actually going to have documented. If it is a policy or procedure that is necessary, then document it if it is something that you think you could do without. Then maybe all you need is really just the form or a register to help control the process. And then we have documented information, which is also in terms of your paperwork, in terms of your policies, your procedures, your work instructions, your forms, your logs, how do you manage updates. And so forth. Section 8 speaks about operations. OK. So we have operational planning and control. How do you plan? Once you know that you have your your contracts have been signed or once you know that you need to be producing things, what does the planning look like? How are you managing, planning? What are the requirements for those products and services? Are there any in process checks that need to be done design and development of products and services. This is like R&D. So if you are an organization that does not do any R&D you would take non applicability to the section of the standard. Section 8.4 speaks about the control of externally provided processes, products and services. So what does that control look like? Think about it and if it is something that needs to be documented, then you'll document it. 8.5 is production and service provision. 8.6 piece involved the release of products and services. So what does the release look like? Is there a final testing that's required? Do you maybe need to take a sample of what's been manufactured and send it out for testing? What does that look like? Section 8.7 the control of nonconforming outputs is in the event of a non conformance in production or in the event of a non conformance during a servicing. What do you do? What does that look like? My favorite section of the of this Sunday is performance evaluation because this allows me to do a snapshot of the company whether it's during a specific time in the year or throughout the throughout the year. So this is usually in the in the in terms of the, say internal audits where I take specific time within the year and I have a one-on-one with departments with individuals with with each as many people as I possibly can to get an in-depth understanding. In terms of were there any changes between one year and the other, is the system that we have in place, are there any, is there any room for improvement? Did an individual this determined that we have 4 forms that we're filling out that all say the same thing? There's just certain elements missing on one form that are find themselves in another form. So we have individuals that are writing the same information four different times on four different forms. A potential error that may happen because how do I know which form needs to be filled out? So it gives the opportunity for an individual to take time from their busy schedule and say, OK, talk to me about your processes, talk to me about your day-to-day. Are there any, is there any room for improvement? Can we make your system a little bit leaner? Is there anything that we need to consider? Anything I need to be need to that needs to be brought back to the proverbial table that we need to? Discuss. And then section 9.3. Is management review. Management review are specific inputs with specific outputs. It's a study. It's basically a summary of the organization and how it performed throughout the year. And we get to illustrate and again this is not meant for it to be a thesis. If you wanted to write a thesis will go off and we'll go do a masters degree or a PhD. This is really meant to drive home a message to say this is what we were looking for in terms of our quality objectives. We were able to attain them or this is what we were looking for in terms of quality objectives. We could not attain them. Why? What happened? What do we need to do better next time? It allows to have these types of discussion. Section 10 speaks about the nonconformity, which also comes up again. Yes, we did see it in Section 8 when we're talking about a product, not conformance, but we can also have other types of non conformances. So how are those addressed? How about corrective actions? And you'll notice that here we're talking about corrective actions and not corrective and preventive actions because the preventive action aspect is covered through risk management. Section 10 speaks about 10.3 rather speaks about continual improvement. So what improvement projects are we implementing? Are we putting in place? And sometimes it could even be a question of doing an overhaul of your documentation just to lean up your quality management system. And what does that look like? Had some clients tell me that Sabrina were wanting to clean up our documentation systems. However, it's not something I can do in a month. I know you'll open up a corrective action and even if I lost you. A year, a year and a half, three years. As long as you're showing a follow through and that it's not a document that's been left neglected. But that you're demonstrating that little by little you are putting, you are making improvements, whatever that looks like. Then that means you are improving your system and some improvements are not improvements that can be determined, identified, or or or or completed in in a span of a week or a month or four months. Sometimes it takes far longer than that, and that's OK as long as you're documenting the information. So the benefits of a quality management system. An effective QMS provides the organization and its customers with. Confidence that it can provide products that consistently meet requirements. Improve business planning. Greater quality of awareness throughout the organization. Improves communication. Higher customer satisfaction and reduced cost of non quality. Can I purchase? So this is another pop quiz and I promise you it's the last one of the day. Can I purchase a quality management system from a quality management consultant? And expect. To pass a certification audit, yes or no? I'll give you a couple of minutes, a couple seconds rather. Theoretically speaking, you can if you wanted to. I'm not quite sure what you're going to do with it. You don't want something generic. Your quality management system has to be a representation of your organization, where you're at at this moment in time. It has to be flexible. Your QMS is fluid. Remember that businesses change. Things change throughout the year. Requirements change. Your customers and their needs are going to change, and therefore your quality management system has to be able to adapt to those changes. So I highly recommend if you're planning on implementing a quality management system, do not just buy one off a consultant. You maybe want to work with a consultant to determine what are your needs, how are you going to frame it, how are you going to frame your documentation? What's the documentation? That you need versus the one that you can do without. Remember, this version of the standard, not everything needs to be documented. It's only way you determine has to be what's necessary for it to be documented. There are obviously some other things that do need to be documented, but not everything has to be documented. Good. I'm happy to say I got 100% on this one. Awesome. Cindy, I'm going to turn this over to you. Hi, everybody. Thank you so much again for being here. Sabrina, that was awesome. So much good information. Good. Here's just a little slide about SGS Academy. We operate centers of excellence across the globe. We provide different training programs and costs. They're very engaging and you know, intended to deliver opportunities to our customers and to individuals without excessive costing for you. And we have the academies in over 100 countries. We we've trained 220 thousand courses or something like that. We have tutors globally, just a really great team. Since this is an ISO 9001 based session, I just thought that we would share our upcoming training dates. We have a modular course of study available for public enrollment, so these are the first three. You can see the dates are together and the first few days are learning the requirements in detail. The third day is for internal auditing and then the 4th day if you stay all four days you become. Qualified as a lead auditor to ISO 9001. We also offer IRCA lead auditor training, which is like the highest level of training and that will qualify you to be an IRCA lead auditor, meaning that you know you could go into learning how to be an auditor, it qualifies you and and allows you to work as a third party auditor. Um, so Sabrina, if you're up for it, we do have some questions from our audience. Thank you again for being here. There you can see there's our emails as well as some links to our social media as well as our main website. I wanted to let you know a lot of you did ask. We will be sharing a copy of the slides to you as well as a recording of the session today. OK, so Sabrina, we have a question. If I wanted to start structuring a QMS, what should I document first? Nice question. They would definitely start off with your processes. Determine what are your actual departments, how does one process lead into another process? Get an idea of what that structure looks, what it looks like it's going to help you in determining certain sections. Certain requirements and context of the organization is going to help you determining what. Procedures. What SOP standard operating procedures or work constructions or forms or logs that are necessary. So I would definitely say the first thing I would probably do is do a schematic. What does your process see? What do your processes actually look like from the very start to the very end? That's an excellent question, very good. Excellent. OK. Our next question is what are the rules for quality reporting into production? Is there a clause or section that covers the reporting structure? Ohh. So quality does not report into production. Production does not report into quality. They can be dotted line. However they work together, but one does not report into the other. So you cannot have. I'll give you an example. If I did have quality reporting into production, and as a quality person I say OK, I can't release this product because I have a not a specification on pH or have an out of specification on the measurements. Production cannot override that. Period. I can have a more in depth conversation. It really depends on the situation in the scenario. Cindy, the chair, my e-mail address. If you're wanting me to entertain this further and maybe use your personal example, personal example or something, I'm more than happy to entertain an e-mail conversation. Or even if we need to pick up the phone, I can better guide you in there. But generally speaking, production doesn't report into quality. Quality does not report into production. They are completely separate. They can be however, dot online because they do need to work together as an example during a process. Checks just to make sure that things are are progressing the way that they show. All right, excellent. Here's another question. What is the difference between a process and a procedure? Hmm. I use them synonymously. If this is something that you want to stipulate and have a you know specific terminology for process or for procedure, you can, generally speaking a procedure or a step by step instruction. And the process could be the process, the process for purchasing. So what is the procedure required? What are the step-by-step instruction for purchasing? All right. Here's another one on clause seven. Can you give examples of resources? Resources. Like I said, we are talking about human resources, so all of the requirements and everything that generally human resources would take care of. We speak about competency and training. We speak about also calibration. Calibration is another thing that I don't think I mentioned in the. In the the training, but calibration is also covered in resources as well. We look at preventive maintenance. So for instance if you have lift trucks or if you have overhead cranes, hoists, this is also part of resources. The environment in which you are actually carrying out the work, conducting the work, the servicing, whatever it is, that is also part of resources. We also consider, for instance, our IT. So for instance, what does the IT look like? What does your, your antivirus? Is this something that's being outsourced? Is this something that's being done in house? And everything around IT. How often do you change your passwords? How often are backups done? The use of USB keys a risk. The use of USB keys, something I'm definitely gonna speak about in in the risk, which is on the next webinar. So these are just some elements on resources. Is ISO currently working on a new version of this standard, and if so, when would that be coming out? That's a really good question. I'm not. I'm not Privy to that. I don't have that information. That's something I can. Maybe ask some individuals from the accreditation body, but I'm not aware of any new version in the pipeline as of as of right now. You know, we got on that one. That was good. Well. Which clause states that quality and production need to be separated? OK, so that's. I mean. So that definitely falls under risk, right? So there's not a I'd have to I I can do a more in depth analysis. I can't pick up the subclause of the subclause of the Subclause. But that also does fall under risk. There is a risk, there is an inherent risk where if we have quality that falls. Under production or production that falls under quality, there is an inherent risk. So if. If there's not verbatim word for word that you're looking for to show you that you cannot have one reporting into the other. It does fall under Section 6, which is risk. Can you provide guidance on how organizations can effectively prepare for an ISO 9001 audit and ensure they're able to demonstrate compliance? Umm. Guidance on how to effectively prepare. So. You would prepare. OK, very good. I like this question. There are a set, well first and foremost. Carrying out or understanding the fundamentals. Of the quality system is a must. So you I would probably start off with the training like go and. Maybe get? Definitely get SGS training. I I I'm one of the trainers at SGS and I find that the program that they've implemented for the requirements of ISO 9001 is definitely beneficial. And they help individuals better understand what those requirements are, especially that is spread up over 2 days. So you definitely need to have a good understanding of what those requirements are, how they pertain to your business. And the next step is also. You would require internal auditor training if you're planning on doing the internal audit. Like they're specific, they're they're specificities that are needed. Before you get certified. So the first thing is that you need training because you need to understand or the requirements of ISO 9001. The next thing you need is a training on internal audit if this is something you're planning on keeping in-house. You want to have your processes documented. You want to be able. Again, they don't. Not everything needs to be formalized, right? You have to determine what is necessary to have formalized. I generally like to formalize whatever is necessary without going overboard, but even like context of the organization being able to determine. Who those interested parties or who you are as a company? Who those interested parties are and what are the needs and the expectations, the needs and the wants? What are the strengths, the weaknesses, the opportunities and threats, and what are the foreseeable or the potential risks? Doing an analysis of the risk and demonstrating that you are managing risk throughout your entire process. Another thing is that an internal audit needs to be done, absolutely. Before a management review, and both need to be conducted before you get audited by a by let's say SGS. Now what SGS does which I think is magnificent is that they have what we call a stage one and stage 2A. Stage one audit is like a pre audit just to make sure that before you move on to certification that all the requirements that are needed are actually in place and then we can move on towards the stage two. Also during a stage one audit we determine what is the scope of your organization. We also determined the non applicability. And we lay out what the next three years of an audit of a certification audit will look like. So what are the, the, the activities that will be audited throughout each year? I hope I answered your question. That was a loaded question. A lot of things happening in that one. Well, it looks like we have time for one more. Um, if something is deemed as tribal knowledge. Example a way of or method of doing things. Is this an indication that it should be formally documented? That's a good question. Ohh yeah, that's an excellent question. Yes, I'm gonna say yes. So I'm gonna here, here, let's. Give this a situation. This is not this event. You have someone who's been with the organization for years, and they have all of this good, juicy information in their head. And they decide. Let me play the lottery. And they win the lottery and the next day they decide I bought a ticket to tour the world and I'm not coming back for a year. All of this information leaves with them. So what I want you to do is I want you to evaluate the risk of that, and I want you to think about it, think about it critically. This person will no longer there. Can I continue working or will there be a huge blip in the system? And if there's a huge blip in the system, then that should probably direct you to formalizing some information. Remember one of the biggest takeaways, especially from the fundamental the fundamental course. Think of risk. Let that guide you, document what you feel comfortable with risk in terms of your probability, in terms of the impact. Again something I'm going to go into further detail next webinar session, but I want you to really think about risk. What does that look like for you? What do you, what does your organization deem? As being an A low risk versus a very high risk in terms of a low impact versus a very high impact and measure that question on that matrix and based on your evaluation you should. Know what your next steps are. Alright. Well, thank you so much Sabrina. Thank you all for attending today. It was a wonderful session. As a reminder, you have a resources area. You can find a link to the next session which is on risk assessment. That's April 14th. So hopefully we'll see you then and I hope everyone has a great rest of your day and a great weekend. We will follow up with an e-mail with the recording or a link to the recording as well as a copy of the slides. Say so. Thanks so much. Thanks, Sabrina. Thank you. Have a great day. Bye. Bye everyone. _1732902255865