This article gets up close and personal with ISO 9001 Clause 4.4, relating to quality management system and its processes. What is it? Where does it fit in the greater scheme of the ISO standard? Let’s briefly set the scene before we start.
In December 2021, the International Organisation for Standardisation (the main ISO body) reported “over one million companies and organizations in over 170 countries certified to ISO 9001:2015”. What’s more, this number continues to increase year on year for many and varied good reasons.
But there’s one not so small catch… ISO 9001 might just be the most confusing document in business history!
The good news is this series of articles and accompanying free factsheets are purpose designed to:
- Cut through the jargon
- Debunk the myths
- Make smoother sailing of your journey to certification
So, without further ado, let’s dive straight into ISO 9001 Clause 4.4 – Quality management system and its processes.
What Does “Quality Management System and its Processes” in ISO 9001 Clause 4.4 Mean?
ISO 9001:2015 is a process-based standard. But it doesn’t dictate the required processes. You’re required to determine for yourselves the key processes your organisation needs, and put the details around them, such as:
- Inputs
- Criteria
- Methods
- Outputs
The number of processes and the level of detail behind them varies for each business, according to the context of the organisation and the unique risks involved.
So, when you apply risk-based thinking to ISO 9001 clause 4.4, it’s a good idea to consider the following factors:
- The extent to which the process affects the business’ ability to achieve it’s intended results
- The likelihood of problems occurring with the process
- The potential consequences of any resulting problems
Using this framework lends logical flow to the identification of key processes, which is the next step.
Identifying the Key Processes
Key processes are the steps you follow to give your customers what they want. For example, your key processes might include elements such as:
- Ordering process
- Design
- Production methods
- Delivery
It might sound a little complicated. This is why it’s useful to also think about ‘supporting acts’. It means drilling down into parts of your processes which don’t directly contribute to what your customers ultimately buy, but how you get to this stage.
When you think about it logically, support processes often extend beyond the above elements. So, you might include other generic business functions, like:
A great place to start is by thinking how work flows through the business on a step-by-step basis. Draw up a list. Now you can start to document the inputs, methods, criteria and outputs of the process.
Top tip: I like to use flow diagrams, (not just for ISO 9001 Clause 4.4, I refer to them time and again across the whole management system!). This is because graphical representation is easier and more engaging for employees to understand than laborious lengthy documents.
Once the process flows are documented, you can start linking them together and signposting to the relevant documentation. In addition, verification checks are needed before you move on to the next stage.
With that covered, let’s break down specific requirements into manageable segments.
What’s Required?
Here are the eight components of the process as defined by ISO 9001 Clause 4.4:
- Inputs and Outputs – These can be tangibles, such as materials, components or equipment. Or they can be intangibles, such as data, information or knowledge. What’s more, inputs and outputs should both be looked at through a dual lens, in order to capture what’s required for the implementation of the process and the expected results or subsequent processes.
- Sequence and Interaction – The inputs and outputs of the previous and subsequent processes should be considered for ISO 9001 clause 4.4. For example, the purchasing process comes before the manufacturing process, which comes before the shipping process, and so on.
- Criteria and Methods – Control criteria and methods need defining, in order to ensure the processes are effective. To clarify, the criteria relate to how the process is evaluated, whilst the methods are the procedures to follow.
- Resources – Your resources might include but not be limited to things like raw materials, people, infrastructure, organisational knowledge and machinery. Additionally, you also need to think about any relevant external resources.
- Responsibility and Authority – Within your organisation, somebody is responsible for each process. When you’re assigning responsibilities and authorities, it helps to define the activities first, followed by the team members/s who perform the process. This can all be documented in an organisational chart using job descriptions, or within the procedure itself.
- Risks and Opportunities – This is a sub-clause specifically addressing the requirements under clause 6.1. It’s noteworthy here is the implementation of any actions needed to address the risks and opportunities originating from processes.
- Evaluation – Every process should include a clear description of the intended results, plus how you’ll monitor or measure them. In short, the evaluation stage is just a comparison of intended vs. actual results. It’s a great way to shine a light on any gaps.
- Improvement – The entire ethos of ISO management systems is continual improvement. This includes the improvements you can make at process level, for example, by reducing the number of variations in the way an activity is performed. Or at a system level, it could be reducing the amount of paperwork associated with that system.
What Do You Need to Document?
ISO 9001 Clause 4.4 states “maintain documented information to support the operation of its processes”. This might include operational procedures, flow charts or work instructions.
And I’ll say it again… flow diagrams. They can be highly effective for mapping and improving processes. They’re more compelling than mind-numbing wordy instructions and can also be used for new employee training.