iso requirements. ISO International Standards System (ISO) and its requirements
Described system requirements ISO quality 9000 to job descriptions.
Quality control and management quality
Until recently, few people were able to objectively assess the level management by your company. The only standards of managerial activity concerned the rules of accounting, and many still identify control with considering. (Maybe they are still under the influence of the enigmatic phrase "Socialism is accounting"!). Perhaps the first real task in the field of setting up modern management, relatively understandable and in demand by the broad masses of Russian leaders, is the certification of an enterprise for compliance with the standards quality ISO9000 systems.
Helping cut the road Russian suppliers to the Western market, and at the same time to push competitors at home, this standard, in addition, gives a powerful impetus to improving the system management enterprises in general. Moreover, it is currently being prepared new edition these standards, based on the concept of a system of universal quality management-TQM (Total Quality Management), which covers almost all aspects of the enterprise.
V process certification, an enterprise is unlikely to be able to pass the stage of formalization business processes - description enterprises as a system processes one of the main requirements latest edition ISO9000 standard. However, at Russian enterprises, initial stage preparation for certification, you just need to figure out "who does what" or, to put it more scientifically, to determine the functionality and areas of responsibility. (One of the first guiding documents of the ISO9000 standard is called Management Responsibility). In the western, well organized business, this means issuing another document based on the existing ones, highlighting only one of the aspects of the activity (quality assurance). We have to carry out all the same work on the primary regularization business, which from the very beginning was designated by the BIG group as the first step in setting any tasks in the field of management.
When building systems quality documentation of all processes related to production products. But it is logical to assume that in general management processes companies as targeted economic systems, "documentation" is a prerequisite!
quality control- this is such coordination of activities that allows you to achieve pre-set goals with the maximum degree of confidence. At the same time, the goals should also be clearly defined and documented for a reasonable comparison of the desired result with the actual one (a typical example would be a budget form containing planned and actual indicators for a certain period).
Since often the "simple" setting of a goal and the timing of its implementation only guarantees "that the goal can be achieved on time or earlier, or may not be achieved" (see "Encyclopedic Dictionary of management personnel"), it is logical, for greater certainty, to take the next step and describe the implementation mechanism. The latter implies, in the general case, documenting typical actions, the correct implementation of which will lead to the solution of the tasks set. Accordingly, control can be carried out not only after the fact - the goal has been achieved / not achieved , but throughout process which will provide higher efficiency management deviations".
Not quite forgotten old or typical job description structure
The optimality of the "functionality" of the Company in strategic plan is determined by its ability to realize its mission, i.e. fulfill its main purpose, which determines its existence in this "best of all worlds." In a less distant future, the company is constantly solving operational problems in the near future. Going down to the lowest level of the organizational pyramid - a particular employee, we must be sure that his correct "production behavior" can contribute to the achievement of goals, and not vice versa. The classical scheme for determining and distributing the necessary functions (from the functions of the company to the functional duties of employees) was considered in detail in almost all articles of the BIG devoted to building a functional-organizational model of a company and software products of the orgware class. Here I would like to emphasize the need to document our requirements; those. creation of regulations that, on the one hand, indicate in the minds of the personnel what exactly is expected of them, and on the other hand, will serve as the basis for regular verification of the compliance of real ("as is") and ideal processes("how to").
These documents must be either Descriptions of business processes", i.e. a thing for many Russian companies unfamiliar and indigestible, or more familiar " Job Descriptions"(DI). Having overcome the natural aversion to this phrase, and having broken the stable association with piles of yellowed booms gathering dust in the archives, "where no one took them and does not take them" (except perhaps during a trial), we venture to suggest that with the right approach to definition official duties instructions (continuing to quote) - "like precious wines, their turn will come." The job description is, in fact, the only organizational and legal document that has been preserved at the enterprises that defines the tasks and responsibilities of an employee in the performance of his official activities in accordance with his position. Let us try to breathe life into it again, since, unfortunately, many concepts and tools management, among which the "official" turned into empty shells, the meaning and content of which was lost during the periods of formal use in the period of "developed socialism" or complete managerial confusion when changing formations.
Let's start by trying to remember the meaning that was originally invested in individual sections typical structure DI (Fig. 1), and at its cradle stood such patriarchs of management science at the beginning of the century as Taylor and Fayol. In the 40-50s. the concept of S. Pharma was proposed, which designated, among other things, 3 "fundamentals" with which the employee interacts in the course of his activity - things, information and people. It is important to describe the extent and modes of such interaction, as this serves as the basis for further analysis work. And this is a direct path to the concept business- reengineering, which is associated with the restructuring and optimization of material and information flows based on modern computer technologies.
In the most logical versions of the job description, as a rule, the following sections can be distinguished:
1. The exact name of the position and the place of the employee in the company - this section establishes the direct and functional subordination of the employee, replacement by position during absence, etc.
2. Directions of activity (or Functions) - a stable, separate type of activity in which the employee takes part
3. Functional responsibilities - specific operations assigned to the employee and / or form of participation in their implementation For example: Function - Quality control .
Duties:
* Distribution of work on the development, implementation and maintenance of the system quality ;
* Identification of those responsible for the performance of work;
* Analysis system implementation results quality ;
* Informing management about the status of work; on non-fulfillment by individual units/employees of their obligations to fulfill them;
* Methodological guidance on the creation of the system quality; Etc.
4. Funds - workplace, technological and communication equipment, vehicles, office equipment, etc. provided to the employee to perform their functional duties. This important section is often undeservedly omitted by our managers, which results in situations when a program for automating personnel records is purchased, the first task is determined - the development of a staffing table, and in accordance with the latest technologies in the field of management, a person responsible for its solution is appointed, but "things and now there", because "Responsible" forgot to buy a computer. By the way, this state of affairs is referred to in the ISO 9000 standards as "poor manufacturing procedure".
5. Rights - which are granted to an employee to access company resources (something, someone) and Powers - a special type of rights associated with managerial functions and decision-making
6. Responsibility - the established need to be responsible for one's actions within the framework of previously fixed duties, rights and powers
7. Regulations - documents by which the employee must be guided in his current activities. The first item in this section is often the "job description" and the disregard with which many enterprises treat this document is, to put it mildly, incomprehensible.
When choosing the sections included in the Job Description, it should be considered in the context of all internal company documents regulating the activities of personnel in the enterprise. For example, the form of CI under consideration does not include relationships and connections by position and the document flow accompanying these connections. Such information, from our point of view, and with the necessary degree of accuracy, can be given in description of business processes, rather than being listed in the CI out of context. The presence of the "Regulations on subdivisions" makes it redundant to indicate in the instruction of employees subordinate by position (from the bottom in the hierarchy) - for this formally it is enough to indicate only immediate supervisor etc.
Often, requirements for personnel are placed in the Instruction. Such information, especially personal requirements, according to world standards management, are included in special internal documents like " Description positions" (or " Description workplace"), which are not shown to employees and serve as a guide for personnel services in the search and selection of personnel for vacant positions. On the other hand, in advanced companies that have implemented controlling techniques, CI may include criteria for evaluating the performance of an employee holding a given position.
But, although the canonical form of DI is not standardized, two main blocks can be distinguished in its composition - "Regulations on functional duties" (dating back to Taylor and which we will deal with later) and description balance of duties, rights and responsibilities (A. Fayol's contribution to science).
Three wrong and three right approaches to the formation of functional duties
So, the main question of creating a DI is "how to form and maintain up to date its core - the Regulations on Functional Duties"?
From the very beginning, this requires special software products of the orgware class - fixing the organizational and functional model. These products really support new Information Technology who are able to work with non-quantitative and not always clear information. It is the "paper" methods of creating and updating personnel documents, discredited in Russia a good bureaucratic idea of documenting activities (the "Germans", they say, such documents were supported, but what about the "German", etc.). "Old" software products in the field management staff in best case they automate the same old methods of work, or even completely limit themselves to the area of \u200b\u200bformal accounting (inventory!) of personnel, without explicitly fixing what these personnel are doing. There are three, most common now, ways to form the content of the DI, if such a question was raised by the company's management:
1. Speculative correction of old documents
2. Compilation of CI based on the results of a survey of employees in the workplace
3. Use of tariff-qualification directories
After the document is drawn up in one way or another, it is agreed and signed by the employee. All methods with varying degrees can fix what each individual employee does or should, but the overall picture of the activity, for someone who wants to understand the role of each in general process rather than just making sure everyone works hard, tends to be exceptionally opaque! It is practically impossible to trace the relative value of individual functions of an employee for the achievement of the company's goals, and indeed their relationship in general.
There are also three correct paths, as you may have guessed. Let's call them conditionally: deductive (top-down), inductive (bottom-up), and "from processes ".
In the first case, the company's managers are invited to take a fresh look at it - to present it in the form of a "black box", the structure of which is not known, and describe the current state: what the company offers to the world, what business-functions help this, which subsystems (functions) of management regulate the activities of the company. Functions can be formed not only "from the head" - by the "brainstorming" method, but also from a typical classifier or from reference models of similar enterprises.
Further, the structure of the "black box" is revealed, and the existing organizational links are described (for example, staffing). Functions are sequentially detailed so that the functions required at the enterprise level are brought to specific performers. This is the most radical ("zero") option can be applied to relatively small (albeit not very) enterprises, when a serious restructuring of businesses is required, cleaning up old inefficient activities and their carriers.
The second (inductive) method is used in quite successful enterprises, it is extremely attentive to positive experience, tries to preserve and systematize it. After carrying out this work, business becomes reproducible, for example, in a branch or a regional subsidiary.
The first thing that even the most "successful" enterprise will have to face is the almost complete absence of documents regulating business- at best, it is a yellowed leaf with squares (" structural scheme"), a staffing table, a telephone directory, or, all the same, "dusty" job descriptions of interest to historians of factories and plants. However, any information about the company must be carefully collected, grouped functions by departments and entered into orgware ( or, in Russian, "Structurizer") in quality primary tables - "classifiers". In separate classifiers it is necessary to enter organizational links and businesses(goods, products and services) companies.
If there are no documents, or it is clear that they are absolutely not reliable, you can start with a survey of the company's personnel. Moreover, it is desirable to conduct a survey at two levels: top managers responsible for functional areas or individual businesses("what functions do they think the departments perform"), as well as the employees of these departments ("what do they actually do"). Thus, you will get three primary models of the company: "according to documents", "view from above" and "view from below".
Having eliminated the inevitable contradictions between the "three models", you can proceed to the next stage - the classification of functions according to the components of management and the main business processes. Functions in the primary classifiers are marked by types, and then reduced to basic classifiers - "management functions" (and, separately, " business-functions").
The purpose of this work is to highlight real contours management(closed management cycles) and production and commercial chains implemented in the company. (Often, many of the functions and documents existing at enterprises were "inherited" from non-market methods management, do not carry significant information, creating only the appearance of activity and unnecessary costs).
In this case, it is advisable to follow a certain sequence of actions:
1. At the first stage, it is advisable to issue only the composition and description functions (regardless of who these functions are assigned to). This, firstly, will allow you to focus on the task, which, from the point of view of setting management very important - description enterprise functionality. Secondly, it will allow you to get rid of the impression that they just did this when the initial survey was conducted.
2. Appointment of those responsible for coordination and their further division into those responsible for description smaller fragments are best done from top to bottom. At the top level (for example: Marketing and sales, Production, Logistics, Technical support of production, Information support, Administrative control, Financial and economic control, Organization of accounting, Provision and quality control, Safety and Security environment) it would be advisable for the Director-General to do so.
3. Already at the first level, if one cannot be found who considers it possible to be responsible for the entire group of functions, they can be divided before being submitted for approval. This can be done by the director himself. (For example, to separate from the entire administrative management highlight the functions "Document management at the enterprise", "Legal support", etc.). The same is true for production, logistics, etc. But it is important that the same format and list of functions be taken as a basis. top level- it creates unity descriptions enterprises.
4. Further, those responsible for coordinating the selected groups of functions appointed by the director, if they cannot agree on everything in their section on their own, give authority to someone who can do this for relatively smaller functions, etc.
5. An interesting consequence of this method of coordination is that the responsibility for coordination well reflects the responsibility for performing this function in the enterprise! (In the course of work on coordination, it is advisable not to emphasize this, but keep it in mind).
Now everything becomes easy. The agreed classifiers of "functions" and "businesses" are projected onto the classifier of organizational units (performers are fixed). This, in the first approximation, ends the stage of creating a system-functional model of the enterprise and the "Regulations on the organizational structure", which orgware easily generates from this model. Further detailing of functions and links (down to employees), and consideration of the orgware model in various sections, allows you to get other basic reports - for example, Regulations on the organization of marketing work, logistics or Regulations on divisions and services. At the bottom of this "organizational programming pyramid" are the required Regulations on the functional duties of employees, which directly follow from the functions necessary for the enterprise!
And finally, the method of creating a DI, coming from business process descriptions. It, of course, most accurately allows you to identify all business-operations implemented by employees, linking them with the existing workflow. At the stage business process modeling, it is required not only to recalculate and fix businesses and functions, but to determine the interaction between the elements of the previously described organizational and functional structure. If we recall that even the first exercise in the vast majority of companies has not been completed, then what can we say about the next stage, which is an order of magnitude more difficult. However, there are software products that provide technological support, and some support both methods. descriptions. But, it must be emphasized once again that it is impossible to immediately take the second step - first, according to the technology outlined earlier, at least the "owners" should be determined processes or, what is the same, responsible for rather large functions. (A function, in general, is always advisable to interpret as a collapsed process, subject to further refinement at the operational level).
It is obvious that after process descriptions we get the most accurate level of knowledge about the activities of specific employees. After that, everything business-operations are imported (according to -ownership) into existing function classifiers and are formally assigned to employees. Here, it is important to note that with the help of orgware it is possible to balance and formally secure the rights and responsibilities of employees, thereby creating real job descriptions - the dream of many generations of personnel officers and managers.
In conclusion, two remarks.
1. Only a few companies can afford to have a complete description its activities as a system processes. Therefore, in quality objects for formal descriptions must be selected "key" processes companies that have the greatest impact on its competitiveness.
2. From the point of view of the BIG, when building a system management both ways of documenting the activities of an enterprise are important for an enterprise - "process" allows you to carry out " horizontal integration", i.e. to connect material and information flows with the necessary accuracy and completeness. The second, "system-targeted", as it were, gives meaning to the company's activities (management by objectives) and supports "vertical integration" - coordination among themselves of various hierarchical contours management from strategic planning to operational management of line units and activities of employees.
- HR records management
Keywords:
1 -1
In conditions of rather fierce competition, the introduction of certain quality guarantees is of fundamental and decisive importance in the choice of the buyer or consumer of services and products. specific company. At the same time, the best and main guarantee is the certification of quality management systems and the receipt of a standard ISO series 9001.
ISO standards in Russia, including the most famous ISO 9001 standard, combine many years of experience in most countries of the world in the field of quality system management and are the latest versions of the evaluation criteria for managing all work and production processes in enterprises.
ISO 9001 certified is an official document confirming the full compliance of the current quality management system with the requirements prescribed in the international standard ISO 9001.
Today, having gone through a whole range of various additions and modifications, the international standard ISO 9001 has become fully adapted and harmonized in accordance with current European standards and is aimed at maximizing the quality of products (services).
The ISO 9001 standard has a clear structure, consisting of 8 sections:
- scope and purpose;
- Normative references;
- basic definitions and terms;
- Quality Management System;
- level of management responsibility;
- management (management) of resources;
- output of products (services);
- analysis, measurement and improvement.
The first three sections of the standard are official and do not contain requirements and norms.
The main goal of ISO 9001 is to actively encourage proper organization various production processes and the work of the company as a whole in order to comply with specific legal requirements and the most complete satisfaction of the desires and needs of consumers and partners.
The implementation of the QMS based on the receipt of ISO 9001 standards confirms that:
- the company's personnel are well acquainted with their duties, rights, powers and responsibilities, and also have the necessary competence for better, more efficient and correct performance of work;
- the company has predetermined processes that affect the quality of products;
- all production processes are regulated and provided with all necessary resources;
- conditions have been created for the competent implementation of the production infrastructure and environment, as well as quality work employees of the enterprise;
- system of preliminary collection and further analysis of information about production processes satisfaction of consumers and products, is optimally adjusted and provides objective information for timely adoption of the necessary decisions to improve the work of personnel and the enterprise itself;
- a motivated quality-oriented system has been created;
- work processes are organized with subsequent focus on the expectations of the end user, including the implementation the latest technologies improving consumer properties, parameters and characteristics of manufactured products;
- carried out internal audits capable of ensuring continuous improvement of processes and activities;
- the company has established records management and document management;
- organization pays special attention competent work with suppliers and partners;
- the top management of the organization is familiar with the level of quality and bears full responsibility for it;
- the enterprise sets and develops quality goals and regularly plans to achieve them;
- the company has a well-functioning system of responses to claims and complaints made by buyers and customers (development of effective measures to eliminate shortcomings and failures);
- the process is functioning continuous improvement, allowing to provide sustainable development companies.
For each organization, the project for the development of quality systems in accordance with the ISO 9001 standard is unique and is determined on the basis of its size, types of activity, the presence of a branch network, features organizational structure, the level of development of the existing and current management system, etc.
Stages of standardization in accordance with ISO 9001
The ISO 9001 standardization process itself is not full guarantee the quality of a service or product, but gives only a set of norms and rules for the civilized activities of an organization in compliance with standard and universal step-by-step steps.
The stages of the project for the implementation and development of ISO 9001 series standards consist of the following main activities:
- preparatory stage - the creation of technical specifications, schedules, administrative registration of work, project management plan;
- assessment of the current quality management system (QMS) of the organization;
- conducting training and special trainings for employees and responsible officials in company;
- regulation of processes and definition of the QMS process model;
- development of QMS documentation and organizational structure of management;
- creation of a QMS improvement process;
- execution of a cycle of internal audits;
- implementation of ISO 9001 certification.
A competently and correctly designed and implemented quality management system, as well as its subsequent certification in the ISO system, has a number of economic and strategic advantages for business owners.
Key Benefits of Holding an ISO 9001 Certification
The high level of competitiveness of an enterprise and its products or services in the market is directly affected by regular and continuous improvement of the company's activities as a whole. This ensures a uniform improvement in the quality of products and services offered. The main rules and regulations in this area and defines the well-known international standard ISO 9001, which is evidence of the company's production of goods High Quality and compliance of its technologies and activities with international standards.
A company that owns this certificate has a number of undeniable advantages over other companies that do not have such a standard, namely:
- Achieving a high level of quality makes it possible to reduce the overall cost of production, as well as lower the cost of defective products;
- significant improvement and optimization of current business processes;
- increasing the level of cooperation;
- active improvement of the quality of personnel work;
- ability to streamline activities structural divisions enterprises;
- the possibility of obtaining government orders and the company's entry into the international external consumer market;
- increasing confidence on the part of financial and insurance organizations, which affects the investment of large investments in the development of the enterprise.
Based on this, an organization or company that adheres to the conditions and requirements of this certificate receives many useful opportunities, ranging from effective competition with other manufacturers to a significant improvement in the quality of the manufactured product or service. Even these two basic parameters can maximize and increase the profit of the company. The ISO 9001 standard in this regard is a worthy guarantee of success, longevity and prosperity of the manufacturer.
Standardization according to ISO 9001 does not eliminate the need to issue separate certificates for certain types of goods, products and services included in the list of categories that provide mandatory passage certification.
ISO 9001 standard
ISO 9001 standards are international standards that describe the requirements for the quality management system of organizations and enterprises. ISO 9000 standards include ISO 9001 standards, the demand for which is increasing every day. real current version ISO9001:2008 Quality management systems. Requirements." This is the only compliance standard that can be certified. This procedure is not a mandatory certification and is carried out at the request of the applicant.
It is worth noting that the ISO 9001:2008 standard is successfully used by organizations of any size, it has been successfully implemented by more than 1 million companies in 170 countries around the world. Using the ISO 9001:2008 standard ensures that the customer receives high quality products and services, which leads to increased sales growth and business success. In addition, the implementation of the ISO 9001:2008 standard can help check the performance of the entire system, improve its efficiency, motivate, involve top management and reduce losses.
Important feature of ISO 9001:2008
An important feature of the ISO 9001:2008 standard is that it does not imply monotonous structure of quality management systems and related documentation describing them. Therefore, by implementing a quality management system based on the ISO 9001:2008 standard, you can be sure of exceptional individuality and see for yourself how flexible this system is. After all, the development and implementation of an organization's quality management system is influenced by: the size of the organization, the products manufactured, the structure of the organization, the applicable processes, changing needs, specific goals, external environment, changes or risks associated with this environment.
ISO 9001:2008 is used successfully by organizations of all sizes and has been successfully implemented by more than 1 million companies in 170 countries.
ISO 9001:2008 aims to apply a process approach to the development, implementation, and subsequently improvement of the effectiveness of a quality management system in order to increase end-user satisfaction by predicting and fulfilling its requirements. The benefits of the process approach are innumerable. First of all, it is the continuity of control, which is achieved through combinations and interactions at the junction of individual processes.
This approach helps to better understand and fulfill requirements, achieve planned results, ensure their effectiveness, improve the process by objectively evaluating and measuring it. Also, in addition to the process approach, the implementation of a quality management system based on the ISO 9001:2008 standard for all processes in an organization can allow the application of the Plan-Do-Check-Act cycle. This cycle can be briefly described as:
- planning (plan) - the development of goals and processes necessary to achieve results in accordance with the requirements of consumers and the policy of the organization;
- implementation (do) - implementation of processes;
- check (check) - continuous control and measurement of processes and products in comparison with the policy, goals and requirements for products and reporting on the results;
- action (act) - taking actions to continuously improve the performance of processes.
The terms and cost of implementing the ISO 9001:2008 standard depend on the individual characteristics of your type of organization and the degree of functioning of the system's actions. In most cases, this does not take more than 2 weeks. If you still have doubts, you can order a free consultation of our specialists ( there should be some kind of "click" button here). With their help, you can choose a certification system that is best suited for your organization.
And let the lack of standard price lists not scare you, it only means that we approach each case separately, weigh all the exclusivity of the situation and take all possible measures to optimize the implementation of the ISO 9001:2008 standard. By contacting us, you are guaranteed to receive a unique offer that allows you to improve existing processes and establish thorough control, and most importantly, increase the position of your organization / company in the market.
Upon completion of the work, you receive from us:
- ISO 9001:2008 certificate in Russian and English;
- permission to use the quality mark;
- a quality manual for your organization;
- organization standards for your organization.
Remember that working with us will help you reach new heights!
Relatively recently, domestic businessmen did not even think about what ISO is and why this system is needed. Naturally, at the same time, no one could even think that obtaining such a certificate would somehow affect the success of the organization itself.
In fact, this system of standards was created almost 70 years ago, and Russia is one of the members of its board, and most successful global organizations necessarily think about how to meet the established requirements for doing their business.
Dear readers! The article talks about typical ways to solve legal issues, but each case is individual. If you want to know how solve exactly your problem- contact a consultant:
APPLICATIONS AND CALLS ARE ACCEPTED 24/7 and 7 days a week.
It's fast and IS FREE!
That is why any company that is going to act on international level, and at the same time want to run a successful business, should learn about what the ISO standard is and what its requirements are.
The essence and necessity of international standardization
The main task of this organization is the formation of unified world standards in various industries and ensuring maximum control over their observance, which should positively affect the general state of world trade. At the moment, ISO committees have already issued thousands of documents that set the quality parameters for almost any industry and direction, and the only exception today is the field of electronics, which at the moment is not yet burdened with any restrictions.
In the process of development of domestic companies and with their attempts to enter the international markets many understood why an ISO certificate is needed, since its absence significantly reduces the possibility of interaction with foreign organizations or makes it impossible in principle.
So for modern business compliance with established international standards represents the best tool for reducing costs, including minimizing production waste, personnel or managerial errors, as well as limitations in the growth of labor productivity.
What is The International Organization for Standardization?
The International Organization for Standardization is an international organization for standardization that was founded in 1947.
To date, members of this organization are 164 countries and more than three thousand technical bodies. The Central Secretariat of ISO is located in Switzerland, and it is a completely independent and non-governmental structure, which is managed only by its members.
From Russia, this organization includes FATRIM or Rosstandart.
There are several types of ISO membership:
The development of the standards of this organization is carried out by highly qualified groups of experts who unite in specialized technical committees, of which more than 250 are registered today.
Varieties of ISO standards
The ISO standard is a specialized document that contains information about what quality characteristics this or that product should have, how management processes in the organization, what needs to be taken into account in the production process, the performance of work or services, and so on. In themselves, they are extremely diverse, since in total they cover almost any economic activity.
Series 9000
There are several main types of ISO 9000 series:
It is worth noting the fact that the standards from this series do not refer to the standardization of any products, and include only various methodological or methodological standards, with the help of which the company will be able to create for itself the most optimal quality management system, ensuring the European quality of its work and continuous improvement of competitiveness at the international level.
Other series
As already mentioned, to date, more than 20,000 international standards have already been adopted, so it is almost impossible to consider all of them. Today, with the help of ISO, it is possible to standardize almost any area, from standard file systems in the form of CDs, to the technologies used to support management and make managerial decisions.
Thus, for example, the 12800 standard allows to regulate the procedure for the production of nuclear fuel, while ISO 14000 includes a series of standards by which the environmental management system should work.
Quality Management System 9001
The ISO 9001 standard includes several important principles:
| Customer focus | In this case, not only end customers are considered, but also internal employees of the organization, since all departments in any case must cooperate with each other, conducting a kind of production chain. |
| Leadership | It is always nice when employees can show their initiative, but the management team must always participate in all processes, control them and make important decisions. |
| Employee Engagement | Regardless of the position held, each employee must perfectly understand his own contribution to the quality of manufactured products and understand why it is his actions that affect its achievement. |
| Process approach | The ISO 9001 system includes several divisions, taking into account the needs, opportunities and problems of each of them. |
| Systems approach | If in a company all departments work only for themselves and to achieve their success, it will be necessary to find a compromise and ultimately achieve a solution that will fully satisfy the needs of all employees, thus increasing the quality of manufactured products and the image of the organization. |
| Continuous Improvement | The company should not stop growing and constantly think about how to improve its work and bring it to a new level. |
| Actual Solutions | The management team of the company must make certain decisions based on audits, reports, evaluations, analysis of indicators, complaints from various lilas and other documents. |
| Mutually beneficial relationships with suppliers | Suppliers of any marketable products are an integral part of the business, so the fruitfulness of any company will also depend on their interest. |
Features of the new 2020 version
For a long time, businessmen from all over the world have regularly turned to ISO, asking about the development of a standard for integrated management systems. In this regard, in 2020, it was decided to revise the ISO directives, which established the basic rules by which standards were developed, adopted and revised. Thus, a separate SL annex to the directives appeared, in which rather stringent requirements were affixed to the structure, requirement and the main part of the text of standards related to management systems.
Thus, 9001, 14001 and other standards receive a certain similarity, and in the future they will differ from each other only in name and certain additions. Thus, the new SL application has become a full-fledged template for the work of standards creators, who can now fully concentrate their efforts on making requirements for certain disciplines, reflecting their specifics mainly only in chapter 8 of all standards.
Companies, on the other hand, will now be able to choose standards much more easily in accordance with their specifics, without thinking too much about how best to integrate them into a single system.
In addition, it will be easier for auditors to work, who will now only be able to increase their competence in certain sectors of the economy, as well as applicable legal requirements.
How to get a 9001 conformity certificate?
The presence of a certificate indicates that the company operates in accordance with the quality management system, basing it on a process approach to doing business.
The presence of this certificate opens the door to the region public procurement, providing access to various industry tenders, as well as providing additional benefits in case of joining self-regulatory organizations.
But the most important thing in this case is that management system, which meets international requirements, belongs to the category of highly adaptive, which significantly increases the company's resistance to any negative impacts from the economic environment, as well as to achieve survival in crisis conditions and achieve competitive positions in the market.
To receive you need to this certificate, you will need to contact any bodies that have passed the appropriate accreditation, and go through several stages:
- Apply for certification along with a package of all required documents.
- Conduct a preliminary assessment of the QMS.
- Complete the training procedure by specialists and managers who are directly related to the company's QMS.
- Conduct an audit of the QMS.
- If the organization's activities comply with ISO 9001, obtain a certificate.
The package of documents that accompany the application may also include the composition whole line constituent documents, all kinds of permits and licenses, previously received awards, a list of objects handed over and many other papers.
Safety quality requirements
To date, the assessment of the security of information systems is a rather complicated procedure, but, as you know, this is possible, and for this, a number of qualitative methods for assessing the level of security have been developed, with the help of which it is possible to obtain not a quantitative, but a qualitative assessment at the output, that is, to determine conformity of the protection system to a certain class or level. Quantitative assessment methods have not yet been applied in practice.
The use of qualitative assessment methods at the moment can be called the only way how you can get an idea of what the real level of security is informational resources companies.
The international standard for the security of information systems is called BS 7799 and sets out the rules in accordance with which the process of managing the entire information security companies, regardless of the industry in which they operate.
The security service and the management of the organization work in accordance with the general regulations, and there is no difference in whether the protection of a paper document or electronic information is ensured.
GOST R ISO 10007-2007
Group T59
NATIONAL STANDARD OF THE RUSSIAN FEDERATION
Organisation management
CONFIGURATION MANAGEMENT GUIDELINES
organization management.
Guidelines for configuration management
Introduction date 2008-06-01
Foreword
Goals and principles of standardization in Russian Federation established by the Federal Law of December 27, 2002 N 184-FZ "On Technical Regulation", and the rules for the application national standards Russian Federation - GOST R 1.0-2004 "Standardization in the Russian Federation. Basic provisions"
About the standard
1 PREPARED BY OPEN joint stock company"Research Center for Control and Diagnostics technical systems"(JSC "NITs KD") and the Technical Committee for Standardization TC 10 "Promising production technologies, management and risk assessment" based on our own authentic translation of the standard specified in paragraph 4
2 INTRODUCED by the Development Department, information support and accreditation of the Federal Agency for Technical Regulation and Metrology
3 APPROVED AND PUT INTO EFFECT by Order of the Federal Agency for Technical Regulation and Metrology dated November 14, 2007 N 302-st
4 This standard identical to the international standard ISO 10007:2003 "Quality management systems. Guidelines for configuration management" (ISO 10007:2003 "Quality management systems - Guidelines for configuration management").
The name of this standard has been changed relative to the name of the specified international standard to bring it into line with GOST R 1.5-2004 (subsection 3.5).
When applying this standard, it is recommended to use instead of the reference international standards the corresponding national standards, details of which are given in Appendix B.
5 INTRODUCED FOR THE FIRST TIME
Information about changes to this standard is published in the annually published information index "National Standards", and the text of changes and amendments - in the monthly published information indexes "National Standards". In case of revision (replacement) or cancellation of this standard, a corresponding notice will be published in the monthly published information index "National Standards". Relevant information, notification and texts are also placed in information system general use - on the official website of the Federal Agency for Technical Regulation and Metrology on the Internet
Introduction
The purpose of this International Standard is to improve the understanding of the configuration management process.
Configuration management - activities aimed at applying technical and administrative process control life cycle products, product configuration items, and product configuration-related data.
The product configuration shall be documented so that the status of meeting the physical and functional requirements of the product is identified and traceable and accurate data is available at all stages of the life cycle.
Configuration management depends on the size of the organization and the nature and complexity of the products.
Configuration management can be used to fulfill the product identification and traceability requirements specified in ISO 9001:2000 Quality management systems — Requirements.
1 area of use
1 area of use
This International Standard provides guidance on the application of configuration management. The standard is intended to be used at all stages of the product life cycle from concept to disposal.
Prior to describing the configuration management processes, which include configuration management planning, configuration identification, change management, configuration status reporting, and configuration auditing, responsibility and authority should be assigned.
The standard is not intended for certification purposes and for use in contracts.
2 Normative references
This standard uses normative reference to the following standard:
ISO 9000:2005 Quality management systems. Fundamentals and vocabulary
3 Terms and definitions
This part of ISO 9000 applies the terms and definitions of ISO 9000 and the following terms with their respective definitions:
3.1 change management(change control) actions to control the product after formal approval of the product configuration data (see 3.9)
3.2 permission to deviate(concession): Permission to use or release products that do not meet specified requirements.
Notes
1 Permission to deviate usually covers the delivery of products with nonconforming characteristics and with established agreed limits on the time or quantity of this product.
[cm. definition 3.6.11 of ISO 9000:2005].
2 Permission to deviate does not affect the basic configuration (see 3.4) and includes permission to produce non-conforming products.
3 Some organizations use the terms waiver or waiver instead of waiver.
3.3 configuration(configuration) The interrelated functional and physical characteristics of a product as specified in the product configuration data (see 3.9)
3.4 basic configuration baseline configuration approved product configuration data (3.9) that establishes the related functional and physical characteristics of a product at a specified point in time and is used as a reference throughout all stages of the product life cycle
3.5 configuration element(configuration item): A configuration object (see 3.3) that performs a complete function.
3.6 configuration management(configuration management): Coordinated activities aimed at the formation and control of the configuration.
NOTE Configuration management typically includes support for the technical and administrative activities associated with managing the product and its configuration requirements at all stages of the product life cycle.
3.7 configuration status reporting(configuration status accounting): Records and reports in prescribed form product configuration data (see 3.9), the status of proposed changes, and the status of implementation of approved changes.
3.8 responsible executor dispositioning authority person or group of persons with the necessary authority who is responsible for making the configuration decision (see 3.3).
Notes
1 The responsible persons are also referred to as the "configuration management committee".
NOTE 2 Relevant stakeholders within and outside the organization should be represented as responsible actors.
3.9 product configuration data*(product configuration information): Requirements for the design, manufacture, verification, operation and maintenance of products.
________________
* Data are given in the product configuration documentation.
4 Configuration management responsibilities
4.1 Responsibility and authority
The organization shall identify and describe the responsibilities and authorities associated with the implementation and verification of the configuration management process. Consider the following:
- the complexity and nature of the product;
- requirements for products at various stages of the life cycle;
- boundaries between various types activities directly involved in the configuration management process;
— other interested parties within and outside the organization;
- identification of responsible executors for verification of actions for the implementation of the configuration management process;
- identification of responsible executors.
4.2 Responsible person
Prior to the approval of the changes, the responsible executor, within their authority, must verify the following:
- the necessity of the proposed change and the acceptability of its consequences;
— properly documenting and classifying the change;
- the sufficiency of the planned actions to introduce changes to documents, hardware and/or software.
5 Configuration management process
5.1 General
To increase the efficiency of the process, it is important that configuration management activities are coordinated.
The configuration management process should be focused on customer requirements for products and should take into account the specific conditions of production. The configuration management process should be detailed in the configuration management plan. The configuration management plan should specify all procedures defined in the project and the extent to which they are applied at all stages of the product life cycle.
5.2 Planning for configuration management
Configuration management planning is the foundation of the configuration management process. Effective planning allows you to coordinate configuration management activities in specific situations at all stages of the product life cycle. The output of the product configuration management planning process is the configuration management plan.
The product-specific configuration management plan should:
- be documented and approved;
- to be managed;
— identify the configuration management procedures used;
- include references to relevant applicable processes in the organization (if appropriate);
- contain an updated description of the responsibility and authority of responsible persons to maintain the configuration management process at all stages of the product life cycle.
A configuration management plan can be a separate document, or part of another document, or it can be composed of several documents.
In some situations, an organization needs a vendor to provide its own configuration management plan. The organization may retain such plans as separate documents or include them in own plan configuration management.
Annex A provides examples of the structure and content of a configuration management plan.
5.3 Configuration identification
5.3.1 Product structure and selection of configuration items
The selected configuration items and their relationships should describe the structure of the product.
Configuration items must be identified using established criteria. Configuration items must be selected so that functional and physical characteristics can be controlled autonomously to achieve full performance of the item's end function.
When choosing a criterion, it is necessary to take into account:
— criticality of configuration items with respect to risk and safety;
- application of new or modified technologies, designs or developments;
- relationships with other configuration items;
- conditions for the acquisition of configuration elements;
- support and maintenance of products.
The number of configuration items selected should be optimal for product management. The selection of configuration items should begin as early as possible in the product life cycle. Configuration items need to be analyzed to improve and upgrade products.
5.3.2 Product configuration data
Product configuration data includes a description of the product and its performance characteristics. Typically, product configuration data includes requirements, specifications, project documentation, parts list, software documentation, models, test requirements, maintenance and operation manual.
Product configuration data must be relevant and traceable. Product configuration data must be assigned a unique identifier (such as a numeric code). Identification should be clear and unambiguous, and should ensure that configuration items are properly managed, be based on the organization's existing data management identity, and provide for document and data revision status.
5.3.3 Basic configuration
The baseline consists of the approved product configuration data, which is the data for defining product requirements. The baseline configuration and approved changes to it represent the current approved configuration.
A baseline should be established whenever necessary during the life cycle of a product in order to determine recommendations for further action.
The level of detail with which products are defined in the base configuration depends on the degree of control required.
5.4 Change management
5.4.1 General
After the initial establishment of the product configuration data, all changes to the product configuration must be managed. The potential impact of changes, customer requirements, and base configuration will affect the degree of control required to implement a proposed change or apply a waiver.
The change management process should be documented and should include:
- description of the process, supporting documents and change records;
- classification of the change in terms of its complexity, necessary resources and planning for execution;
- assessment of the consequences of the change;
— a detailed description of how the change is to be prepared;
— a detailed description of how the change is to be made and verified.
5.4.2 Initiation, identification and documents required for changes
The change can be made by an organization, a customer, or a supplier. Before a change is submitted to the authorized responsible party for evaluation (see 4.2), all change proposals must be identified and documented. The proposed changes should include the following:
— the configuration item(s) and associated information(s) to be changed, including a detailed description of their name and current revision status;
- a description of the proposed change;
- a detailed description of other configuration items or information that may be affected by the change;
- the interested party that submitted the proposal and the date of its preparation;
- the reason for the change;
- the category of the change.
The status of the change procedure and related decisions should be documented. A typical method for documenting a change is to use a standard form that is assigned a unique identification number for ease of identification and traceability.
5.4.3 Change assessment
5.4.3.1 The proposed change shall be evaluated and documented. The evaluation should be based on the complexity of the product, the category of change and should include:
- the technical benefits of the proposed change;
- the risks associated with the change;
- potential impact on contract, schedule and costs.
5.4.3.2 In determining the impact of a change, the following factors should also be considered:
- established statutory and mandatory requirements;
- interchangeability of configuration elements and the need for their re-identification;
- relationship between configuration elements;
- methods of testing, control and manufacture;
- inventory and purchases;
- supply chain activities;
- customer service requirements.
5.4.4 Distribution of responsibilities
A process for assigning responsibilities for submitting and implementing a change should be established, which includes the appointment of a responsible person (see 4.2) for each proposed change. This should take into account the category of the proposed change.
After evaluating the proposed change, the responsible executor should review the evaluation and decide on the distribution of responsibilities for presentation and implementation.
The division of responsibilities must be recorded. A notice of assignment of responsibilities should be circulated to stakeholders within and outside the organization.
5.4.5 Execute and verify the change
Implementing an approved change typically involves:
- change in the requirements for the configuration of the product, given in the interests of interested parties;
— actions taken by relevant interested parties (inside and outside the organization) associated with the change.
After the necessary actions have been taken, their compliance with the approved change must be verified. This verification must be recorded to ensure traceability.
5.5 Accounting for configuration status
5.5.1 General
The output of the configuration status activity is records and reports of product requirements and product configuration data.
The organization shall implement activities to record the status of the configuration throughout all stages of the product life cycle to maintain and ensure an effective configuration management process.
5.5.2 Entries
5.5.2.1 Records of the status of the configuration shall be maintained as part of the configuration identification and change control activities. These records are required to provide visibility, traceability, and efficiency in managing configuration improvements. They usually include the following:
- detailed data on the product configuration (identification number, name, effective date, revision status, history of changes and their inclusion in the basic configuration, etc.);
— product configuration (part number, product design or design status);
- status of acceptance of new product configuration data;
- change procedures.
5.5.2.2 Specified product configuration data shall be recorded in a manner that allows identification with cross-references and relationships necessary to fulfill specified reporting (see 5.5.3).
5.5.2.3 To ensure the integrity of product configuration data and the basis for change management, it is recommended that configuration items and their associated data be aligned to external influences, including:
- corresponded to the required conditions (for hardware, software, data, documents, drawings);
— provide protection from damage or unauthorized modifications;
- provide means of disaster recovery;
- allow repairs.
5.5.3 Reports
For configuration management purposes, reports should be made on the types of changes. Such reports can cover both individual configuration items and entire products.
Typically reports include:
- a list of product configuration data included in the basic configuration;
- list of configuration items and their basic configuration;
- a detailed description of the current status of the revision and the history of changes;
- status of change reports and waivers;
- a detailed description of the status of delivered and repaired products (or parts thereof) with identifiers to ensure traceability and revision status.
5.6 Configuration audit
A configuration audit shall be performed in accordance with documented procedures to determine whether a product conforms to specified requirements and product configuration data.
There are generally two types of configuration audit:
- functional configuration audit (formal examination to verify that the configuration item has achieved the functional and performance characteristics specified for it in the product configuration data);
— physical configuration audit (a formal examination to verify that a configuration item has achieved the physical characteristics specified for it in the product configuration data).
A configuration audit may be required before a configuration item is formally accepted. A configuration audit does not replace other forms of review, analysis, testing, or control, but may take into account the results of these activities.
Annex A (informative). Structure and content of the configuration management plan
Annex A
(reference)
A.1 General
The structure of the configuration management plan should include the individual sections discussed in A.2-A.7 of this annex. A.2-A.7 also gives guidance on the content of the sections.
A.2 Introduction
The configuration management plan should include an introduction section containing general information. The introduction usually describes:
— purpose and scope of the configuration management plan;
— a description of the product configuration and item(s) to which the plan applies;
- schedule with deadlines for the execution of the main types of configuration management activities;
— description of configuration management tools (eg information technology);
— documents used in conjunction with the plan (eg supplier configuration management plan);
- a list of required documents and their relationship.
A.3 Policy
The configuration management plan should contain a detailed description of the configuration management policy, which should be agreed with the customer or suppliers. The policy is the basis for the core configuration management activities within the contract, such as:
— developing and communicating to staff a policy for configuration management and management of related activities;
- organization of work, distribution of responsibility and powers of interested parties;
- ensuring the necessary qualifications and training of personnel;
- establishing criteria for selecting configuration elements;
- frequency of release, distribution and management of reports within the organization and at the consumer;
- establishment of terminology.
A.4 Configuration identification
The configuration management plan should include detailed description details:
- family tree of configuration elements, specifications and other documents;
- numbered symbols adapted for specifications, drawings, concessions and changes;
- method for identifying revision status;
— the baseline configuration to be installed, schedule and type of product configuration requirements;
- method of use and distribution of serial numbers or other methods of identification and traceability;
- implementation of procedures for developing requirements for product configuration.
A.5 Change management
— the relationship of the responsible persons (see 4.2) of the organization with other interested parties;
— change management procedures up to the establishment of a baseline configuration in the contract;
— methods used in change procedures (including procedures for customer or supplier initiated change) and when dealing with waivers.
A.6 Accounting for configuration status
The configuration management plan should include:
- methods for collecting, recording, processing and maintaining in working order the data necessary to maintain and record records on the status of the configuration;
- definition of the content and form(s) for the full accounting of reporting on the status of the configuration.
A.7 Configuration audit
The configuration management plan should include:
- list of ongoing audits, their frequency in accordance with the project schedule;
— configuration audit procedures used;
— the authority of the relevant interested parties (inside and outside the organization);
- defining the form of audit reports.
Annex B (informative). Information on the compliance of the national standards of the Russian Federation with reference international standards
Annex B
(reference)
Table B.1
Electronic text of the document
prepared by Kodeks JSC and verified against:
official publication
M.: Standartinform, 2008
The ISO 9001 quality management system is one of the items in the ISO 9000 series. The latter is an international system that regulates quality management in an enterprise. It consists of many parts, each of which has its own task. For example, ISO 9000 itself can be described as a collection of management definitions. And ISO 9001 contains advice for practical application.
What is ISO 9001 Quality Management System for?
Any fact must be confirmed officially, and in our time it is customary to have a “piece of paper” for everything. So, enterprises that have passed a special test receive a certificate of compliance with ISO 9001.
What is it for? In truth, this document will give little to IP Vasechkin, who sells clothes on the market. This certificate is only required if your customers or suppliers are interested in it. In some business areas, ISO certification is mandatory. This applies to the economic and public spheres.
! An interesting fact is that for a large number of consumers, the inscription on the package "compliance with ISO 9001" increases the level of confidence in the company. Many believe that this certificate is a guarantee of the quality of the product. Although this is not true - the standard only guarantees the presence of work on quality in the enterprise, and nothing more.
Many firms today use ISO certification as a means of competition. For some, this allows them to achieve the best conditions for cooperation with partners, while others use it as a PR tool.
What does ISO 9001 say?
ISO 9001 2008 (latest version) is optional. But still, in order to obtain a document confirming compliance with these regulations, the company will need to work hard.
For example, the basic principle of management and the ISO standard is the simple truth: Plan, Implement, Control, Analyze (PDCA). This means that all actions of your enterprise must be clearly planned and implemented. Implementation should take place under strict control, as a result of which an analysis of the work done is carried out. If something did not work out or more perfect ideas appeared in the control process, then it is necessary to make changes to the plan and again the same circle: implementation, control, analysis.
Everything would be fine, but how will the commission know that you have a similar scheme? Of course, again papers. Therefore, every step and every point of this golden rule should be displayed in graphs, tables and other internal documents of your company.
In addition, in the ISO 9001 quality management system there is a provision that the company must have packages of documents that reflect the policy, goals and management of achieving product quality.
Also, the company must have a quality control department and, of course, the heads of this department. Of course, to work on the quality of a product, one cannot do without working with consumer opinion. Therefore, there must be continuous Feedback: consumer surveys, analysis of behavioral factors, collection of information.
By the way, one paper about each process will not be enough. All this should be carried out at the enterprise constantly and continuously.
Conclusion
We hope that we were able to clarify the situation. It is up to you to decide whether to receive an ISO certificate of conformity or not. But as practice shows, any preparation for certification has a beneficial effect on the working environment of the company. At these moments given maximum amount attention to each process, which allows you to see what was missed earlier and improve the productivity of the company.
Popular
- New Year in the work team (corporate)
- GIT check: what is checked and how to prepare
- Maintenance of military records in the organization
- Orthodox photographer - the best in Eurasia!
- We remember and are proud: original ideas for the script for Victory Day
- Is it worth calling the employer after the interview or how to find out the results: how long do they usually report?
- Features of the technique of painting plates, painting ceramic dishes White-blue painting on dishes
- Types of dish painting: Gzhel, Gorodets, Zhostovo, Khokhloma
- Marketer: job responsibilities Job description of an IT company marketer
- Child care center administrator job description