Who Guards the Gatekeeper?
The first step is to recognize the magnitude of the effort and react precipitately. A quality manual, procedures and work instructions must be established and communicated effectively to staff. A process for updating these documents-and communicating updates internally and/or externally as needed-must be similarly defined.
The triggers for these updates also should be noted. For example, if procedures are based around industry standards or customer requirements, one procedure must govern the process-and frequency-by which it is verified that the company is operating in accordance with the most current revision of these external documents.
There is always a tussle between doing a job quickly and doing a job well. The optimum balance must be realized to operate effectively: a customer will not come back if he has to wait too long for a job to be done, but the customer also will not repeat business if the job is not done to the standard expected. Work must be done as quickly as possible, while respecting the necessary quality requirements.
Having established the groundwork effectively, there are three key tools that a company can apply to continually monitor its quality performance, although they are only three elements of a wider system.
1. Internal AuditInternal auditors are selected based on their experience and skills. On an annual basis, at an agreed time, internal auditors conduct an internal audit using checklists developed internally for this purpose. Internal audits are typically conducted a few months prior to a planned third-party or customer audit to allow any issues to be resolved beforehand.
Based on the company quality manual and procedures, the internal auditors assess the ongoing validity and suitability of these documents, using real data from their colleagues to support their findings. Any nonconformances identified are assigned to the staff working in that area, as they are best placed to recommend how to address the situation. Staff are held to the same stringent root cause corrective action requirements as the aerospace industry itself, meaning that “operator error” is not an acceptable response.
If the operator was not there, would the problem go away? Most would probably agree that, in all honesty, the answer is probably no. For this reason, the most common actions resulting from a nonconformance in an internal audit are: where the documents are proven to be valid and suitable, to provide training to affected staff to ensure future compliance; or, where the purpose or the requirement has changed, to amend the procedure or work instructions so that compliance can be achieved.
The key to a successful internal audit is to encourage staff to view it as a collective experience and nonconformances as a positive outcome. Unlike customer audits, which can be seen as intimidating events, an internal audit should be a collaborative effort, resulting in the identification of procedural and process improvements that can be effected prior to a customer audit. This shows the customer that, while no organization is perfect, your company is aware of-and in control of-any issues and is, in fact, already addressing them. No customer or third-party auditor should begrudge that in her findings.
2. Customer/Third Party AuditOn an annual basis, customers can volunteer to conduct an audit of processes and procedures, known as an oversight audit. Furthermore, much of the auditing process can be completed in advance online before the site visit when there is a real-time, Web-based global database. The oversight audit is a significant time commitment by the customer-composed audit team.
Like the internal audit, the oversight audit assesses current operations to current procedures. This is another reason why the internal audit is so vital: any procedural issues that have been resolved through document revision prior to the oversight audit cannot be found again as they have already been identified and addressed. Any new nonconformances are discussed with the relevant staff and noted for resolution. These are typically revisited in the subsequent internal and oversight audits to ensure sustaining root cause corrective action has been implemented.
As well as, or instead of, a customer audit, a third party may audit some companies. This is viewed as not quite as daunting as a customer audit: after all, the third party can only report results, not make contractual decisions that impact the future of the business relationship with customers. But it may still be viewed as more nerve-racking than an internal audit, in which the results remain in-house.
The key to a successful third-party audit is preparation. For example, one hour spent doing pre-audit preparation may save more than five hours of work after the audit. The more pre-work that has been done, such as an internal audit, the higher the probability of not only fewer nonconformances in a customer or third-party audit, but the likelihood that any nonconformances will be addressed promptly and effectively, because a process will have already been established for doings so.
3. Incident ReportsOn an ad-hoc basis, as issues are identified throughout the year, staff may issue an incident report to themselves or colleagues. These are compiled to provide a formal log to management and customers. The log will be reviewed by an entity within the organization, such as a management council ethics and appeals sub-team. The incident reports also form part of the internal and oversight audit agendas; just as nonconformances from previous audits are reviewed to ensure effective resolution, any issues raised through incident reports are examined for the same reason.
The fundamental way to make this process work is to ensure that all staff members recognize that a thorough process must be in place to maintain credibility as an organization. This is of particular importance for an organization that monitors the quality of other organizations, but the same also applies to any organization. Customers must have faith in an organization’s abilities not just to do the job, but also to monitor its own performance honestly, comprehensively and decisively, adjusting operations and documentation as appropriate.