UNKNOWN PROCESSES

The requirement that processes are identified, defined, understood and measured is (supposedly) a fundamental requirement of ISO 9001. But is it ever really examined?

In this article we look at the intent of ISO 9001 and contrast that with how things tend to work in reality, with intention and reality often being two quite different things.

It's a reasonable question. Why exactly do we need to build and manage our system from a process perspective when there are clearly other ways of doing things? What's the big deal?

Well, let's look at the merits and weaknesses of the traditional procedure-based systems. First the merits. Procedure-based systems can set clear standards of operation and execution, they can promote consistency through the use of system documentation, and they can be audited.
Procedures do have a value and, typically, focus on the execution of tasks in the correct way.
All good so far, now for the main weakness. It is well nigh impossible to establish the efficiency of a system from a procedural perspective. Conformance yes, efficiency no - and efficiency is important.

Basically, if we do not understand our end-to-end workflows we have no basis for establishing whether things are as efficient (quick, cost effective etc) as they could be. Our system could well be afflicted with all manner of bottlenecks, delays, duplication and misunderstandings and our procedural scrutiny will simply not pick them up. This is because weaknesses of this type tend to occur at interface points - in the gaps between procedures - that is, in those places we aren't looking.

That, in a nut-shell is why we need to understand and manage our processes.

In summary, not very well. The intent is laid out in clause 4.1, however take a look at this discussion thread on the forums relating to the examination of Clause 4.1 (General Requirements). Note how some contributors have taken the view that clause 4.1 is effectively met by default provided that conformance across all other clauses is strong.
Let's think about that for a moment, is that quite right?

There is no doubt that a "General Requirement" is difficult to audit by definition, in so much that an audit criteria should enable clear and objective evidence based assessment, and "general" standards are at odds with that principle. But let's take a closer look at the "general requirements" of clause 4.1.
There is one word that pops up time and time again, and that word is "processes". Processes need to be identified (a), their sequence and interactions need to be determined (b), criteria and methods for control need to be applied (c), resources need to be allocated to them (d), they need to be monitored and measured (e), and planned with a focus on continual improvement (f).
The other clauses of ISO 9001 simply don't pick up on all of these points.
Therefore it is difficult to see how most of those requirements can be met by default via an assessment of other parts of the standard. So clause 4.1 requires the implementation of the process approach, but it seems to be a common practice of assessors to side-step the requirement by adopting a convenient "default" interpretation.
The result? A lot of ISO 9001 certified systems are not process-based.

The weakness in understanding does not end there. In clause 8.2.3 we see a requirement for the monitoring and measurement of processes. Now that has to be a good thing, but again there is a convenient way of interpreting the requirement that allows us to side-step the process approach once more.

Let's analyse the situation, first by clarifying what exactly is a "process measure". Let's start by taking a look at clause 8.2.4 "monitoring and measurement of the product". These important (product) measuring activities are conformance-based. They test the product to make sure it will meet the customer's requirements.
This is important and it is quite rare to encounter a system with a general lack of product (or service) measures. If these product measures are weak, it will affect the customer directly, and sooner or later that will start becoming a serious matter - so companies are generally on that case.

Process measures on the other hand are measures focussed on efficiency. They may include monitoring the consumption levels of resources and materials, lead times, cycle times, machine utilisation rates, scrap levels, even staff turnover levels. Because matters of efficiency do not have a direct impact on the customer, they often have a much lower profile with inefficiency just being seen as a legitimate and unavoidable cost of production. The profile of these measures tends to be elevated only when economic forces start to bite.

So how is the requirement side-stepped? Well, a lot of assessors conveniently interpret the measurement of processes to include "in process inspections" (as opposed to final inspection). Whilst measurement of this type might occur at intermediate process stages, they are NOT measures of process operation - they are still conformity checks on the product and are specifically covered within clause 8.2.4. But again this weakness in interpretation allows for the certification of systems that simply have not incorporated the "process approach".