Last week I talked about how a good understanding of the context of your organization (COTO) can support your identification of business risks, because what business you are in affects what kinds of risks you face. But your COTO does more than that. A well-analyzed COTO can clarify the scope of your Quality Management System as well.
Image by Mohamed Hassan from Pixabay |
The first time I was there I asked how they defined their management system, and they handed me a Quality Manual which looked exactly like every other Quality Manual you've ever seen. And so I asked the General Manager:
He said, "I thought we were supposed to have a Quality Manual.""Why did you write this?"
"OK, that was the old edition of the standard and you don't have to any more. But there's a bigger issue.
"Look, this says you have procedures and follow them. But if Octopus tells you all to 'Jump,' you jump, procedures be hanged. If Octopus tells you all to wear bright green hats to work, you all wear bright green hats to work. It doesn't say that here.
"I understand that legally you are a separate company. But if Octopus says to do something one day that violates your procedures, you'll do it. And then you risk having me or some other auditor write you up for not following your procedures.
"For your own protection, you should have something in your management system that explains the relationship, and that says Octopus can override your normal procedures under such-and-such conditions."
I know an auditor is never supposed to consult, but it was important for them to understand this point.
Anyway, that's what I mean when I say that understanding your COTO can clarify the scope of your QMS. Understanding your COTO means you know who wants things from you (your interested parties) and what they want (their requirements and expectations). When you know those things, you also know how much influence these interested parties have over your decisions. If your organization disagrees with a requirement from some interested party, when can you say "No," and when do you have to say "Yes, right away"? If any interested party is important enough that they can affect or override your Quality System, they ipso facto affect your scope and you should make sure to say so. Carefully understanding your COTO is what tells you this.
No comments:
Post a Comment