3 Keys to Implement an Integrated Management System With ISO 9001


2019-bl-3-critical-keys-integrated-management-page-imageWith the changes ISO 9001:2015 brought to the quality systems standards, it is more important than ever for organizations to step forward and consider implementing an integrated management system (IMS) rather than try to manage separate standards/systems.

There are three critical keys to the successful integration of systems:

  • ISO 9001:2015 (Quality Management Systems) is the foundation of a strong business structure.Leverage this standard to establish basic minimal business requirements.
  • Identify one system or tool to support all of the standards or business requirements – do not implement different tools for the individual standards.
  • Keep things simple – don’t create redundant documentation that is difficult to manage and maintain.

ISO 9001 as a Business Plan

ISO 9001:2015 is really more of a business infrastructure than a quality standard. As you look at the standard requirements, it is really the outline for a business plan:

  • Understand the context of your organization and what interested parties expect.
  • Leadership is responsible for the business.
  • Decisions and activities are built on risk and planning.
  • Determine what support is necessary for the business – infrastructure, competence, documentation and resources.
  • Define the key activities for actually producing a product or service, including the activities that you outsource to others.
  • Measure the performance of your processes – how do you determine you are meeting intended results?
  • Continuously improve your systems and processes. Identify nonconformances and address the root cause of issues to prevent recurrence.

Standards of Quality

All standards going forward will be based on these key foundation concepts. Organizations with requirements to support general business as well as more specialized activities/industries should establish a strong foundation based on these basic ISO requirements. The additional standards (ISO 14001:2015 - Environmental management systems; ISO 45001:2018 - Occupational health and safety management systems. Requirements with guidance for use; ISO 22000:2018 – Food safety management system; ISO 13485:2016 – Medical devices, etc.) all have the requirements listed above built into the standard. (Note: ISO 13485:2016 did not go to the new 10-clause format, but the new concepts were designed into the standard.)  I usually describe these additional standards as ISO 9001:2015 on steroids.

Steps to Implementation

The first critical step to the successful implementation of an integrated system is the definition of the critical business plan or strategy. In other words, determine what the organization is trying to accomplish with the system, key elements to be addressed, and scope of the operations. You should also create a process map or interaction diagram of the key processes.

white paper icon

Enjoying this article? You may also like this White Paper:

"9 Pitfalls to Avoid During the Document Control Process"

Download Free White Paper

The next key step is to identify a process owner/driver for each of the key processes. Ownership includes the definition of responsibility and accountability to ensure the processes achieve the intended goals. Rather than set the various standards and processes to compete with each other, identify opportunities to leverage the activities and eliminate or reduce redundancies. This synergy will also eliminate unnecessary complexity and costs from the overall business plan.

Once you have identified the key processes and activities, you can begin the process to select the appropriate tools to support the system. A requirements document is the best way to organize the organization’s needs and expectations for tools. There is no need to have separate tools for each standard or regulation. There are many good tools on the market for managing and controlling the documentation and data from the system. It is important to know what you want the tool to do before you complete a selection. A best practice is to select a tool that can be configured to support your business needs and will provide additional ad hoc reporting without complication. Most of the tools allow you to attach attributes to a document or record that facilitates the data analysis and/or generation. Matching your needs to the business expectation and requirements to the tool(s) can ensure a successful implementation. Never, ever, ever, ever automate a broken process. 

Final Takeaways

Most important of all is to keep things simple! Don’t overcomplicate the systems. Many of the standards require you to maintain documentation. Based on the common structure of the standards, the documentation required will be similar for the core processes. Consider building a cross-reference matrix to identify these overlaps in requirements. For example, one document can be generated to address all document control requirements for the various standards and regulations. A well-written document provides greater flexibility and compliance to the requirements than having individual documents for each system. The cross-reference matrix is used to demonstrate which requirements the document or record is designed to meet.   

Evaluate your current procedures and work instructions. Do they reflect your current practices and are they necessary? In the past, work instructions were created for almost everything done in the production. Once the employees are properly trained and working the assignments, they rarely refer back to these documents. Eliminate those documents that are not critical to the quality of the product or process. Make your forms “intelligent” forms that include work instructions where necessary rather than writing separate work instructions to complete a task. I estimate that each document you have to maintain costs approximately $500 to $1,000 to review, modify, release, etc. Imagine how much money you can save by eliminating those documents that are not required or are not being used.

Overall, these three basic steps will provide you with opportunity for greater compliance, elimination of redundancy, and lower overall costs to managing your business.


 

Christine (Chris) Park, founder and owner of Christine Park & Associates, is a seasoned quality assurance professional with a wealth of experience in establishing and remediating quality systems of all sizes. Using a pragmatic approach to compliance and quality assurance, Park has successfully focused on results-oriented solutions that integrate quality into the daily business activities of organizations. Her experience in R&D and general manufacturing for medical devices, IVDs, biotech/pharmaceuticals, chemicals, and other regulated and/or non-regulated products provides a well-balanced background for her work in compliance.

Whether working on a full quality system or on key quality components (CAPA, complaints, audits, supplier quality, management controls), Park provides employees and management not only with adequate direction and tools to maintain compliance, but also with the understanding of why they must comply with specific requirements. Christine Park & Associates is a professional referral partner of MasterControl.