Systematic process improvement using ISO 9001:2000 and CMMI
Systematic process improvement using ISO 9001:2000 and CMMI
Systematic process improvement using ISO 9001:2000 and CMMI
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
8.2 <strong>ISO</strong> <strong>9001</strong>:<strong>2000</strong> registration <strong>process</strong> 255<br />
Several excellent references provide guidelines for auditing [9–11]. A<br />
very interesting approach to auditing is described in [12]. The author provides<br />
a detailed framework for auditing that emphasizes a business perspective<br />
rather than following the <strong>ISO</strong> requirements structure. The framework consists<br />
of five ‘‘audit trails’’ each covering a path through the complete <strong>ISO</strong><br />
st<strong>and</strong>ard <strong>using</strong> threads that are designed to examine related <strong>ISO</strong> requirements.<br />
It outlines what to audit <strong>and</strong> the evidence required for showing that<br />
the <strong>ISO</strong> requirements were satisfied. These five audit trails are defined next:<br />
A—Business planning <strong>and</strong> management review: Addresses the relationships<br />
between customer requirements, quality objectives, quality policy,<br />
quality planning, provision of resources, management reviews, customer<br />
satisfaction, <strong>and</strong> internal audits<br />
B—Process monitoring <strong>and</strong> <strong>improvement</strong>: Addresses the relationships<br />
between general requirements for <strong>process</strong> <strong>improvement</strong>, monitoring<br />
<strong>and</strong> measurement of <strong>process</strong>es, analysis of data, <strong>improvement</strong>,<br />
<strong>and</strong> the need for corrective <strong>and</strong> preventive actions.<br />
C—New product development: Addresses the customer-related <strong>process</strong>es,<br />
such as requirement definition <strong>and</strong> review, planning of the product<br />
realization, design <strong>and</strong> development including their reviews, verification<br />
<strong>and</strong> validation, <strong>and</strong> general measurement, analysis <strong>and</strong><br />
<strong>improvement</strong> activities.<br />
D—Provision: Addresses the control of production <strong>and</strong> service provision,<br />
purchasing, identification <strong>and</strong> traceability, control of nonconforming<br />
product, analysis of data, <strong>and</strong> <strong>improvement</strong>.<br />
E—Administration <strong>and</strong> resources: Addresses a set of tasks that support<br />
activities in all other trails, such as responsibility, authority <strong>and</strong><br />
communication, management representative, internal communication,<br />
documentation requirements, human resources, infrastructure,<br />
<strong>and</strong> work environment.<br />
Those five audit trails are shown in Table 8.6. For example, the New<br />
Product Development audit trail (Trail C) covers the requirements of these<br />
<strong>ISO</strong> <strong>9001</strong> sections:<br />
7.1 Planning of product realization;<br />
7.2 Customer-related <strong>process</strong>es;<br />
7.3 Design <strong>and</strong> development;<br />
8.1 General (measurement, analysis, <strong>and</strong> <strong>improvement</strong>).