Thursday, April 29, 2021

Following the rules is not Quality

[This article originally appeared in LinkedIn. You can find that copy of it here.]

Every so often during an ISO 9001 audit, I'll find a (to me) common-sense omission. If it's trivial I might just discuss it and move on, or write an Opportunity for Improvement. But if it's something basic to the system, I might write a Nonconformity.

Once in a while I get the reply, Where does it say I have to do that? Or, more completely, In which company directive is it written that I have to do that?

When I hear this objection, I never know where to start — because there are no right answers to wrong questions.

A compliance audit (for companies that have to deal with those) is, yes, focused on checking our compliance with corporate or legal directives with a fine-toothed comb.

But that's not a Quality audit.

For Quality audits — notwithstanding years of ISO jokes — following the rules is secondary. The important thing is to have an effective way to get what we want. Of course we need procedures and rules for the complicated stuff. In a big company we need plenty, because everything one department does affects others. We need clear directives just to keep from stepping on each other's feet.

But we can follow all the rules in the world and still ship garbage. Just following the rules doesn't get us Quality. Or, to put it another way: We all know that following the rules is no excuse for doing the wrong thing. So too, the absence of a rule is no excuse for failing to do the right thing.

OK, Mister, that's nice, but I've got two problems with everything you just said.

1. You want to go by the book? A "nonconformity" means there's some rule I have failed to comply with. That's what the word means. Show me the rule.

2. You want to talk about the real world? My team has a lot of work to do. Sure, there's stuff we'd love to do to make the world a better place. But our requirements come first. So if you can't show me that this cool idea is actually a requirement, frankly we're going to deprioritize it into next year because we've already got too much real work to do.

This objection is completely fair. Let me answer it.

1. The latest edition of the ISO 9001 standard explicitly requires us to check for risks in what we are doing, and to take action as needed to mitigate those risks, even if they aren't listed (yet) in our written procedures. The main reference is in clause 6.1, though you can find cross-references in 9.1.3 and 10.2. So if I see something obviously missing, even if there is no rule telling anyone to do it, that is a nonconformity against clause 6.1.

2. We can't do everything. That's true. But the way to pick and choose is by assessing risk. It says that too, also in clause 6.1: "Actions taken to address risks and opportunities shall be proportionate to the potential impact on the conformity of products and services." If there's no risk, do nothing.

Hold up a minute! Don't your remarks in #2 cancel what you said in #1? What if you write me up for not doing something, but we do a risk analysis that says it's no big deal?

Could be. Show me the risk analysis, and let's discuss it. The answer will always be a judgment call, on somebody's part. There is no algorithm for a perfect decision … the same way there's no set of rules guaranteed to give us Quality.

All we can ever do is talk to each other. So let's talk.

     

Thursday, April 15, 2021

Defining Quality

What is Quality?

If you want to implement a management system that's supposed to achieve Quality, it's fair to ask what you think you are achieving. Knowing the destination will influence how you choose to get there.

Unfortunately this is not exactly an easy question. Many authorities in the field have tried their hand at it, and each one has a different answer.  

Philip B. Crosby: Quality is conformance to requirements.*

Joseph M. Juran: Quality is fitness for use.*

W. Edwards Deming: Good quality means a predictable degree of uniformity and dependability with a quality standard suited to the customer.*

American Society for Quality (ASQ): Quality denotes an excellence in goods and services, especially to the degree they conform to requirements and satisfy customers.*

ISO 9000:2015, def. 3.6.2: "degree to which a set of inherent characteristics (3.10.1) of an object (3.6.1) fulfils requirements (3.6.4)."

This is fine, and there may be good reasons to argue for one or another in an academic setting. Unfortunately they are all too narrow for practical use in a real-life Quality Management System. Pragmatically, a QMS influences every aspect of the organization. These definitions either refer to requirements (which don't always exist, or at least not explicitly), or refer to products and neglect services (although ISO 9000:2015, def. 6.6.1 does helpfully explain that an "object" can include a service), or at any rate limit themselves to the context of satisfying paying customers while ignoring the rest of an organization's interested parties.

Fortunately, I can give you a definition which is simpler than any of these, which includes them all as special cases, and which is broad enough to match the applicability of a fully-realized QMS:

Quality means getting what you want.

Look at the definitions above, and I think you'll agree we are all talking about the same thing. "Conformance to requirements"? But a requirement is just something that somebody wants. If a product conforms to requirements, the person asking for it gets what he wants. "Fitness for use"? Again, fitness is defined by what we are trying to get – by what we want. And so on.

Moreover, this definition can be used pragmatically and off-the-cuff, whenever you need it. It cuts through the fog. Whether you are talking with your manager or your auditor or a technician on the line, if there's a question about the relevance of this or that element of the system just ask, "Are we getting what we want? Do we need this element in order to make sure we continue to get what we want?" If yes, the element belongs in your QMS and the argument is over. If no, not. It really is that simple.    


* These four definitions can be found in many places, but in this instance I took them from the opening pages of Quality and Reliability in Engineering, by Tirupathi R. Chandrupatla, Cambridge University Press, 2009, ISBN 978-0-521-51522-1, reproduced at this link here.     

Thursday, April 1, 2021

Housekeeping details

After welcoming you to this blog in the previous post, maybe it would be helpful for me to clarify a couple of housekeeping details. 

As you can see, these first two posts are dated April 1, 2021. 

After that, I'll post once every two weeks: this means on alternate Thursday mornings. 

Please use the Comment feature to send me feedback, especially if you disagree with me or don't see how my ideas are supposed to work in your environment.

  • After all, I might be wrong. 😀 
  • Or I might have expressed myself badly. And I guarantee, if I said something that sounds wrong to you it will sound wrong to plenty of other people. Call me on it and I can fix it.
  • Finally, there's an old saying that, As iron sharpens iron, so one person sharpens another. Especially when the issue isn't open-and-shut, I welcome the chance to think it through again, and to think harder. Your criticisms will give me that chance.
In the unlikely event that someone posts comments which are abusive, insulting, or irredeemably off-topic, I will delete them. I don't expect to have to do this often.

Finally, I say above that I'll post every two weeks, on alternate Thursday mornings. I'd like to make this a commitment, but strictly speaking it is a goal or target. I draw the distinction because there's always a risk I might run out of things to say, though people who know me well might doubt it. Here is another place where I need your help. When you run across tangles in one of your own management systems, or when you are faced with an issue that you just want to talk through, let me know. Add a comment, or send me an email. I'll write a post that gives you my first thoughts, and then we can discuss it back and forth in the comments until we've clarified it.

I look forward to hearing from you.    


Quality and the weather

Everybody complains about the weather, but nobody does anything about it.

The weather touches everybody. But most people, most of the time, don’t think about the weather – they think about what they are doing. Most people, most of the time, think about the weather only when it upsets their plans: “Sorry I didn’t get to the reunion on time, but we had weather!” So for most people – most of the time – the word “weather” means “bad weather,” the kind of weather that keeps you from doing what you want to do. And in extreme cases, weather can shut you down.

Kinda like the Quality system, ain’t it?

Everybody complains about the Quality system – the processes, the paperwork – but all too often nobody seems to do anything about it. The Quality system touches everybody, but most people would rather think about their jobs instead – the other parts of their jobs, I mean. Most people think about the Quality system only when it upsets their plans: “Sorry I didn’t release that product on time, but Quality blocked it because our meeting minutes weren’t up to date.”

And in extreme cases, the Quality system too can shut you down.

Why not do something about it? Why not talk back?

After all, your Quality system wasn't imposed by aliens from Mars. It was written by human beings to do a specific job. If it asks you to do something crazy, there are only a few possibilities: maybe it doesn't really mean what it looks like it says, maybe there's a wider context where the seeming craziness actually makes sense, or maybe the people who wrote it just goofed. The only way to find out which is to challenge the system: ask questions and discuss it.

That's the point of this blog: to discuss what works and what doesn't work in management systems. My main focus is on Quality management systems, because that's where I have spent most of my career; but often the same topics recur in Environmental management systems, Health and Safety management systems, and many other kinds. I have a few topics in mind to start with, but I also hope for discussion and feedback from you  my readers. I'm as capable of being wrong as the next fellow, so I welcome disagreement and correction whenever you think it fits. Also, you may have topics in mind that I haven't thought of yet, and I would love to add them to the mix.

Let's talk.

        

Five laws of administration

It's the last week of the year, so let's end on a light note. Here are five general principles that I've picked up from working ...