Implementing Integrated Management Systems for Efficiency and Effectiveness Chad Kymal CTO Omnex
Omnex
Abstract – Implementing Integrated Management Systems for Efficiency and Effectiveness In 2015 both ISO 9001 and ISO 14001 are changing. Moreover, both standards will be adopting the same high level structure now required by Annex SL of ISO. These changes and the new revision of both standards will require a restructuring of the management systems. More so, both standards now need to follow the process approach. These changes represent an opportunity for the adoption of Integrated Management Systems. Integrated Management Systems result in a reduced number of processes and process owners in an organization. This in turn results in a reduction in implementation costs for those implementing the standard for the first time. Most importantly, they also result in reduced maintenance of management systems and reduced third party auditing costs. Omnex estimates that the cost of implementation is reduced by 50%, maintenance costs by 66% and third party auditing costs by 20% when integrating ISO 9001, ISO 14001 and ISO 45001 (previously OHSAS 18001). The paper is based on a book published by ASQ called “Implementing Integrated Management Systems – QMS, EMS, OHSMS including Aerospace, Automotive and Food Safety Management”.
Agenda
• • • • •
Automotive Organizations and Supply Chain Rationale for an IMS Integrated Management Systems Integration and Standardization Self Assessment Questions for Integration and Standardization • Using Software for Integration • Conclusion • Questions?
AUTOMOTIVE ENTERPRISES The Challenge of the Enterprise
The Challenge of the Enterprise – Multi-Site, Multi-Language, and Multi-Cultural with Multiple Standards, Audits and Risk Management
Plants
Design Centers
Corporate
Entities in N. America, Europe and Asia
Sales Offices Support and Sales
Automotive Supply Chain Woes
• “Quality 2020” a 2015 Survey by AIAG of the supply chain pointed to 5 top concerns of Automotive Suppliers – The 2nd biggest concern pointed to standardization of business processes and systems. • Note – Though the overall concern was about customer specific requirements, many processes can be integrated and standardized with or without CSR proliferation.
Enterprise Problem Statement
• Lack of consistency (of standards, processes, audits, risk management, problem solving) across the Enterprise. • No central access for quality data. – Outdated systems, non-complaint software – Systems Incompatibility – Integration needs
• Process Inefficiencies – Little or no knowledge transfer or best practices between facilities. – No common nomenclature for quality metrics (including audit nonconformities). – No integration in quality and business planning efforts (audit practices).
• Lack of flexibility and functionality in current practices. This leads to financial loss due to nonconforming product and non-value added activities
Single Entity – Stand-Alone Implementations Mean More Work
OHS BMS Manual
EMS Manual
Integration in One Site
INTEGRATION VS STANDARDIZATION
Lack of Integration and Standardization in Processes
ISO 9001
Integration vs Standardization
• Integration refers to stand-alone systems that duplicate training processes, document control, and internal audit processes for each standard within the company. There is a tremendous loss of value associated with stand-alone management systems within an organization as discussed above. • Worse yet, many organizations continue this duplication of effort among their different sites—including plants, design centers, and sales offices. If there is a lack of efficiency and confusion caused by the duplication in one site, one can imagine the magnification of these same problems when duplication is repeated multiple times in a large organization.
Standardization
Lack of Integration and Standardization – Results
• Duplication of processes, audits and risk assessment • Increased cost to implement and maintain management systems, audits, and the risk analysis • Increased cost to maintain system, conduct audits or risk management systems
Duplication of Processes
Confusion for Top Management
• Management has four reviews – for example: 1. ISO 9001:2008 (QMS) 2. ISO 14001:2004 (EMS) 3. OHSAS 18001:2007 (OHSAS) 4. Review performed in order to operate the business
I really don’t have time for this! Do I need this??
Duplication of Processes
Confusion for the Engineer
• When designing a product: – Study quality procedure for FMEA and Control Plan – Study EMS planning procedure for aspects and impacts – Study OH&S planning procedure for health and safety risks
I don’t do QMS, EMS or OHSAS; I just do my job! Why am I doing Risk Analysis multiple times?
Rationale for Integration and Standardization
• In an enterprise of four sites with three management systems – twelve individual management systems vs. one integrated management system shows that – if there are 100 process documents on average in each of the systems, then there are 1200 documents in twelve
management systems vs. one hundred in one integrated and standardized management system. • If there are 100 process owners in one system it equates to twelve hundred process owners in the four sites each carrying out specific tasks assigned to them. 1200 process owners vs. one hundred process owners carrying out globally assigned processes. Just the magnitude of extra work of twelve hundred processes vs. one hundred global processes should explain the efficiency of Integration and Standardization.
RATIONALE FOR AN IMS Integrated Management Systems
IMS Drivers
High Level Structure
Proliferation of Standards IMS Drivers Impl and Maint Costs
Challenge of the Enterprise
Emergence of a High Level Structure
• ISO has long had high interest in developing an integrated management system standard. De-proliferation mandate
Annex SL is the latest effort
High Level Structure (HLS) is Changing New Clause Numbers
1. 2. 3. 4.
Scope Normative References Terms and Definitions Context of the Organization – Understanding the Organization and its Context – Needs and Expectations – Scope – Management System
5. Leadership – Management Commitment – Policy – Roles, Responsibility and Authority
6. Planning – Actions to Address Risks and Opportunities – Objectives and Plans to Achieve Them
7. Support – – – – –
Resources Competence Awareness Communication Documented Information
8. Operation – Operational Planning and Control
9. Performance Evaluation – Monitoring, Measurement, Analysis and Evaluation – Internal Audit – Management Review
10. Improvement – Nonconformity and Corrective Action – Continual Improvement
Proliferation of Standards
• Organizations today adhere to multiple standards Some examples include: – – – – – – – – – – – – – –
ISO 9001:2008 – QMS Standard ISO 22000:2005 – FSMS Standard ISO/TS 16949:2009 – QMS Standard ISO 26262 – Functional Safety VDA 6.3 – VDA Process Audit Standard ISO 14001:2004 – EMS Standard OHSAS 18001:2007 – OH&S Standard ISO 17025:2005 – Laboratory Standard Sarbanes-Oxley (SOX) – Financial Controls Malcolm Baldrige – Excellence Standards JACHO – Medical Industry Quality Standard AS9100 – Aerospace Standard ISO/IEC 20000 – Information Technology – Service Management ISO/IEC 27001 – Information Security Management
The Challenge: Growing Expectations
Source: W. Visser
Why Multiple Standards?
• Customers require it! • Management wants to reduce risks: – – – –
Quality Environmental Health & safety Financial
• Markets require it • Certification required in order to supply product. – Industry – Government
Increasing Costs for Maintaining Standards
• As standards, customer specific requirements, and regulations grow the need for management systems documentation and staff grows. • Standards are expensive to implement and maintain – Cost of implementation – $50,000 – Cost to maintain – $30,000 - $35,000
IMS Drivers
High Level Structure
Proliferation of Standards IMS Drivers Impl. and Maint. Costs
Challenge of the Enterprise
INTEGRATED MANAGEMENT SYSTEM
What is an Integrated Management System?
• An Integrated Management System includes integrated processes, integrated risk, and integrated audits.
Integrated Processes
• Management systems are considered integrated with 70% to 95% integration for the procedures and at least 30% for work instructions. • For a process or work instruction to be fully integrated, it should be managed by one process owner. • All processes do not have to be integrated. – Organizations need to determine what they want to integrate.
Single Site Process Integration Matrix
Integrated Risk
• Integrated management systems have integrated risks (common risk methodology) between quality, environmental, health and safety, and food safety (Q, E, HS, and or FS) and have comparable severity (Sev.) and occurrence (Occ.) risk ratings between the categories. • Optimally, one team conducts the risk analysis for the three different categories.
Integrated Audits
• The use of one common audit process and audit program for Q, E, HS, or FSMS management systems in one site. • The audit process uses an integrated audit checklist and an audit team capable of auditing the integrated system.
Rationale for Integration
• The object of each standard is reduction and control of variation in processes resulting in: – Product nonconformity and waste – Injuries, illness and deaths – Environmental impact and/or contamination
• System approaches to management, improvement and control are the same.
Benefits of Integration
• Focus – Integration of organization’s overall goals and objectives.
• Efficiency – Reducing the number of processes and process owners. – Integration of management planning, realization and control processes.
• Effectiveness – Application of proven process and risk tool throughout the organization.
Single Entity – Stand-Alone Implementations Mean More Work
OHS BMS Manual
EMS Manual
Integration in One Site
Additional Efficiency
• Additional Efficiencies are gained by: – Integrated and Standardized Risk in the Enterprise – Integrated Audits
We will discuss this in greater detail in subsequent presentations
SELF AUDIT ON INTEGRATION AND STANDARDIZATION
Is Our Organization’s Management System Integrated? – Integration Question
Key Questions • Have any of our sites developed an integrated management system integrating QMS, EMS, OHSAS, and other management systems? • If the answer is yes, then continue. If no, go to the next slide. – Does the organization have one manual? – What percent of the processes and or procedures of the management systems are common? – What percent of the work instructions of the organization are integrated? – What percent of the forms and checklists of the organization are integrated? – Are there process measures for the integrated processes? – Is there one process owner for the integrated processes?
Is Our Organization’s Management System Standardized? – Standardization Question
• Does the organization have one manual for the entire corporation or the sites that have integrated? • What percent of the processes and or procedures of the organization are common (or the sites that have integrated)? • What percent of the work instructions of the organization are common (or the sites that have integrated)? • What percent of the forms and checklists of the organization are common (or the sites that have integrated)? • Are there global process measures for the global processes? • Are there global process owners for the global processes? To ask the standardization questions, at least two sites need to have IMS implemented
Integration Savings in a Medium Size Organization – One Site
• Assumptions: cost of implementation of three management system standards, $200,000; maintenance costs, $90,000/year; and third-party auditing costs, $45,000 for three years • Savings from implementation (one-time cost): $200,000 x .50 = $100,000 • Savings from maintenance: $90,000 x .66 = $60,000 per year for each site (NPV at 10% would be $600,000) • Savings from third-party audit costs: $3000 each year (NPV is $30,000) • Total Savings: $100,000 + $600,000 + $30,000 = $730,000 Implementation Savings – 50% and Maintenance Savings – 66% Third Party Savings – 20%
USING SOFTWARE FOR IMS
Enterprise Integrated Management Systems (EIMS)
Enterprise Integrated Management Systems (EIMS) software is defined as software that can: • Satisfy the requirements of ISO 9001:2015, ISO 14001:2015, and ISO 45001:2016. In fact, EIMS software needs to satisfy and conform to the High Level Structure of ISO that satisfies the core requirements of all ISO standards. • Satisfy APQP, FMEA, and PPAP or Risk-based Phase Gate New Product Launch processes including Design, Process, and Project Risk. Additionally the same risk tool should be able to assess risks of processes in the Process Map, EMS, OHSMS or Social Responsibility Risk (any risk from any standard).
Characteristics of an EIMS
• • • • • • • • • •
Enterprise-wide Web-based system or equivalent Manage multiple sites Support multiple languages and multiple date conventions Integrated with e-mail notification, reminders, and escalation services Ready to integrate with legacy and ERP systems One-point user authentication Role-based security Fully integrated solutions; Lean data entry Includes enterprise integrated processes Includes minimum functionality of ISO 9001, ISO 14001, OHSAS 18001/ISO 45001, and FSSC 22000 • Ability to add one site or management system and then scale up
CONCLUSION
Conclusions – Why?
• Integrated Management Systems, Integrated Audits and Risk Analysis are inevitable • Integrated Management Systems, Integrated Audits and Risk Analysis save money – Reduces confusion and duplication of efforts – Reduces implementation costs by 50%, reduces maintenance costs by 60% – Reduces internal and external auditing costs by 25% – Reduces Risk Analysis for QMS, EMS, and OHSMS by over 50%
• Using Enterprise Software Integrated Management Systems and Risk Analysis is made easy
Implementing Integrated Management Systems
Much of the information from this webinar can be found in greater detail in the book “Implementing Integrated Management Systems – QMS, EMS and OHSMS Including Aerospace, Automotive and Food Safety Management Systems” written by Chad Kymal, Gregory Gruska and R. Dan Reid. NOW AVAILABLE through ASQ Press!
Thank You! Questions? www.omnex.com
[email protected] 734.761.4940