by Cynthia McMillan Industrial facilities publicly celebrate when they establish an official Quality Management System (QMS) and obtain certification from the International Standards Organization (ISO). As time goes on and your organization evolves, however, maintaining the designation and planning for how the QMS will change can present unique challenges. Creating an effective process to plan for and manage changes to your system sounds simple but it can be difficult because the list of considerations is virtually endless, for example:

• • An employee comes up with a great idea to update an internal process
  • A new customer is brought on board and outlines specific requirements
  • An auditor review requires corrections
  • A new piece of technology makes your current processes ten times more efficient
  • A CEO is hired and alters your organization’s strategic plan

As you can see, any organization must have the ability to change its QMS in response. The process of planning for changes is specifically outlined in section 6.3 of the ISO 9001:2015 standard. It requires management to approach changes to:

• maintain the integrity of the Quality Management System (QMS)
• assign responsibility for planning and implementation of changes
• assess the potential impacts of changes

Maintain System Integrity While change is essential to the continual improvement of a QMS, managers should take a holistic view of their systems. Changes in one area can impact other areas within the QMS. Leadership and all associates should approach any change to the documentation by asking, “if we implement this change, what other processes may be affected?” As an example within our own company, one of Cornerstone’s primary goals is to assist client organizations in maintaining compliance with applicable environmental and safety regulations. Therefore, monitoring government agency communications regarding regulatory updates is a critical internal function. When a regulation changes, our process includes having one of our experts evaluate its impact on our QMS. In addition, we review all other areas of our operation that could be impacted, including areas such as changes to training, certification, or licensing requirements for our staff, communication of the regulatory update to our clients, and the potential impact on projects that are in progress. Assign Responsibility It is critical to identify a leader or champion with the responsibility to authorize changes. The manager should consult with stakeholders and team members to gather knowledge of the current process and understanding of the impact of the suggested change. After identifying changes to documented processes or other areas of the operation, it is imperative to have continual communication from all responsible parties regarding the status of updates. Providing a transparent tracking system allows management to easily determine progress toward completion.  A well-designed process will encourage collaboration which, hopefully, will lead to more comprehensive adoption and acceptance of the change throughout the organization when it is implemented. Assess Potential Impacts A well-laid plan will include an assessment of the scope, feasibility, timing, cost benefits, resource requirements, as well as the impact on clients. Depending on the complexity of the change being considered, the planning stage may take hours or months from start to finish. Managers must expect longer planning time when the change is complex and anticipated to have a significant impact. When a complex change is coming, managers should ask important questions such as:

• • What is the priority of making the change?
    • Is this a high priority with a threat of legal liability?
    • Is this more of a medium priority that will have a good impact on our profitability or safety?
    • Is it a low priority with no underlying threat or obligation?
  • What will be put in motion as a result of change?
    • Will we need changes to documentation?
    • What departments will be affected?
    • Will our people need new training?
  • What is the timeline for the change?
  • What financial and staff resources will we need for training and implementation?

Plan-Do-Check Act (PDCA) Throughout the planning process, it is critical to keep the ISO “Plan-Do-Check-Act” (PDCA) methodology in mind. PDCA is a circular process of continuous improvement and is a key component of quality control. To keep your ISO system working effectively, you need to value each PDCA element equally and not favor one over the others. Keeping a focus on the “check and act” portion of the cycle ensures that managers protect against unforeseen consequences and address them quickly. Starting with a solid strategy helps create an adaptable system that incorporates risk-based thinking and improves management’s ability to anticipate and plan rather than react. Cynthia McMillan serves as Director of Quality and Internal Improvement. She worked as part of Cornerstone’s original ISO 9001 implementation team. Her experience with quality systems includes more 10 years as Document Control Manager as well as 7 years of internal auditing. After the release of ISO 9001:2015, Cynthia helped lead the re-implementation/transition team that updated our documented processes to conform with the new standard. Cornerstone’s QMS has been ISO certified since 2008.