Mark Hammar Implementing a quality management system (QMS) in an SME (small- to medium-sized enterprise) using the requirements of ISO 9001:2015 can bring a lot of benefits. The problem is that there are also some challenges that are not as easy for an SME to overcome as they are for larger businesses. In this article I will discuss three key questions that you will need to consider, and some ideas on how to overcome these challenges.
For more on the benefits of ISO 9001:2015 as they apply to SMEs, see this article: How SMEs can use ISO 9001 to grow their business.
1) How much do you document?
This may seem like an easy question, but it really is not. It is a question of balancing employee competence with having detailed, documented procedures. It is true that there are some mandatory pieces of information that need to be documented according to the ISO 9001:2015 standard requirements. Those requirements aside, it is up to you to decide what procedures need to be documented for your unique QMS. The main question to ask is, “If I don’t document this procedure could I have a nonconformity?” For the SME, there are a few extra things to consider that larger organizations will not run into:
- Is only 1 person doing this job? – If so, it is best to document the procedure, even if it is fairly simple for that one person to do. If that person is not available and you need to cover for them, then a documented procedure will be very useful.
- Is this procedure used very rarely? – There are a lot more procedures that are not routinely used in an SME, than there are in a large business. With these procedures, it is best to document them so that you can ensure consistency, even if the procedure is only used once a year.
- Is the competence level needed more important? – With some processes, the level of competence needed is just too much for a procedure to relay. Focusing more on how you can get employees to gain this competence is more important than writing a document.
Remember, the less you document the more flexible and responsive your processes can be to improvement opportunities, so try to only document what makes sense for you.
For more information on documenting your QMS see this article: Deciding Which Procedures to Document in QMS and the white paper: Checklist of Mandatory Documentation Required by ISO 9001:2015.
2) How do we deal with outsourced services?
With an SME, there tends to be a lot more outsourced services than are found in larger companies. This can often lead to the impression that the company has less control over how these processes happen. How do you show that you have control over your production and service processes if they are not done in your building? This can be a struggle for SMEs.
The trick to showing this control in an SME is in the use of many different control vehicles. Well-documented service level requirements, second party audits, well thought out monitoring methodologies and follow-up activities for outsourced services are all great controls to have in place. The fact is that you do have a way to control your outsourced service. You can’t just hope for the best, so you need to identify how you have this control so that you can demonstrate it during your QMS audit. This will be documented in the records you keep for all of the control vehicle activities that are listed above.
For more ideas on controlling outsourced services see this article: How to control outsourced processes using ISO 9001.
3) How do you handle ongoing internal audits?
One of the key methods of ensuring performance evaluation of your process is the ongoing internal audit process. Using an internal audit, you take a look at each of your processes at regular intervals to see what is actually happening with the process. Through a review of records and meeting with the participants of the process, you can then compare this with the planned arrangements of the process to ensure that events are happening as expected. Auditing is a skill that needs to be learned and used to ensure it is sustained.
This is where the concern comes for SMEs; how do we choose, train and sustain the skills of internal auditors if they are not used routinely? For large businesses, keeping an internal audit department makes sense, but this may not be the case for a smaller company. Since there are companies that will perform this service for you, you will need to ask yourself: is it better to hire an external company to perform our internal audits for us? If you do hire an external company, remember this is an outsourced service that you need to keep control over as identified above.
For more on internal audit see this article on Five Main Steps in ISO 9001 Internal Audit.
The QMS should be a benefit, not a financial burden
One thing to keep in mind when overcoming these challenges is this: implementing the requirements of ISO 9001:2015 are intended to provide you with a QMS that will benefit your company and help you focus on enhancing customer satisfaction and improving your processes. The intent is not to cost a lot of money for little gain. With that in mind, design your QMS to give you the benefits of your improvement activities, and ultimately reap the financial gains you want from your quality management system.
Download this free template: Project Plan for ISO 9001 implementation to effectively organize your ISO 9001 implementation.
