gsfc quality management system code 400 audit readiness training bob bridgers july 25 2003 l.
Skip this Video
Loading SlideShow in 5 Seconds..
GSFC Quality Management System Code 400 Audit Readiness Training Bob Bridgers July 25, 2003 PowerPoint Presentation
Download Presentation
GSFC Quality Management System Code 400 Audit Readiness Training Bob Bridgers July 25, 2003

Loading in 2 Seconds...

play fullscreen
1 / 44
Download Presentation

GSFC Quality Management System Code 400 Audit Readiness Training Bob Bridgers July 25, 2003 - PowerPoint PPT Presentation

Download Presentation

GSFC Quality Management System Code 400 Audit Readiness Training Bob Bridgers July 25, 2003

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. GSFCQuality Management SystemCode 400Audit Readiness TrainingBob BridgersJuly 25, 2003

  2. What is the Goddard Quality Management System (QMS)? • TheQuality Management System (QMS) is our business system, which has been set up to comply with ISO 9001. It is documented as a series of GSFC procedures and guidelines, or GPGs, that implement the requirements of ISO 9001.

  3. ALL PERSONNEL SHOULD: • Know the GSFC Quality Policy • Know the requirements of applicable directives, from your organization’s Directives Requirements List.(Goddard Directives Management System (GDMS) at URL • Know who the GSFC ISO Management Representative is. (Richard Day) • Know your defined job responsibilities. (TA for Contractors; PD for Civil Servants) • Know if there are any Records associated with your work and be able to find them. GSFC/QMS Training 2003

  4. GSFC/QMS Training 2003 ALL PERSONNEL SHOULD (Continued) • Know your organization’s objectives, and how your job contributes to the achievement of those objectives • Know how to access the GDMS, Directives Requirements List, controlled documents, and associated records for documents related to your work. • Know what to do if you are audited

  5. GSFC/QMS Training 2003 PROGRAM AND PROJECT MANAGEMENT PERSONNEL SHOULD: • Understand and comply with the requirements of 400-PG-8730.3.1 • Be able to describe how you interact with your customer • Be able to describe how you measure customer satisfaction • Be able to describe how your organization’s goals map or contribute to the Code 400 Directorate goals. • Ensure that the QMS requirements applicable to the organization are communicated and understood throughout the organization.

  6. GSFC Quality Policy Q: What is the GSFC quality policy? A: “ With customer satisfaction as our primary goal: • GSFC is committed to meeting or exceeding our customer's requirements • We achieve excellence in all of our efforts.” • You may be asked what this means to you in the performance of your job. • It will not have to be recited or paraphrased. • The GSFC Quality Policy is officially established in the GSFC Quality Manual (GPG 8730.3), and is unchanged since 1999. • The GSFC Quality Manual is located in the GSFC Directive Management System (DMS) at: Effective Date: January 27, 1999

  7. GSFC/QMS Training 2003 • Who is the QMS Management Representative? Richard Day His role, and that of the Quality Management System Council, are described in GPG 1060.1.

  8. ISO 9001’s Governing Body at GSFC • The Center Director appoints the Management Representative (MR) and a Quality Management Council (QMSC) • the Management Representative interfaces between the general work force and the Center Director. This is a specific, ISO-required function, and you will be asked about by the auditors. • The QMSC includes a directorate-level representatives from each Goddard Directorate and each Code 100 organization that has a significant role in the QMS.

  9. GSFC’s QMS Implementation • The QMS has been implemented such that it: • Reflects the way we actually do our work, changing as few things as possible. • Meets the requirements of ISO 9001

  10. Who is in scope? Is anyone exempt? • Every organization in 400 is in scope. • Everything 400 programs and projects do in scope. • Some organizations at GSFC are out of scope. Examples: Health Unit, Security. • Some of the work of some organizations is in scope, and some is out. Example: Facilities.

  11. Our Scope to the Goddard QMS is defined by Our Core Processes Science Enabling This includes: the grants process; providing data to the science community; science support tools; proposal support process; and the science research management process. Systems Development This includes: space flight systems; balloons; sounding rockets; aircraft experiments; ground systems; data systems.

  12. In Scope to the Goddard QMS (cont’d) Program/Project Management This includes cost, schedule, and technical control; review and reporting; budgets; procurement; contracts; and safety and mission assurance. Technology Enabling This includes the technology research and development management; mission specific products; transfer; and commercialization.

  13. In Scope to the Goddard QMS (cont’d) Mission Operations This includes operations of on-orbit spacecraft; maintenance of on-orbit operations systems; collection and preservation of all data from on-orbit spacecraft; and communications support to other NASA mission operations.

  14. And What About Our Contractors? • Contractors must comply with the Quality System requirements cited in their contract: • On-site contractors classified as GSFC employees are subject to the GSFC QMS and must follow the same procedures as civil servants. • Off-site contractors are not subject to either our QMS internal audits or ISO 9001 registrar audits.

  15. What is the importance of Process Documentation? • We document the processes for doing work that is in-scope to the QMS • We need to keep process control documents up to date, use correct versions, and get rid of obsolete copies. • Any document that affects the quality of our products must be controlled. • Documents are controlled by two systems: • Directives, in the GDMS • Controlled Documents, by configuration management.

  16. The QMS Document Pyramid Tier 1-Quality Manual Tier 2-Center Procedures Tier 3-Directorate Procedures Tier 4-Work Instructions Base - Records

  17. OK, Tell Me About These Levels... • Tier 1 is our Quality Manual, GPG 8730.3. It describes our commitment to quality, our organization, and our implementation of ISO 9001. It shows how our QMS meets the requirements specified in ISO 9001. • Tier 2 is the set of about 30Goddard Procedures and Guidelines (GPGs) that implement the ISO 9001 requirements. These are Center procedures that implement the requirements of ISO 9001.

  18. Go on -- I Can Tell You’re Going to... • Tier 3 are the Procedures and Guidelines, or PGs, which are Directorate and lower-level directives used to implement the GPGs. The details of implementation are left to the Directorates or lower-level organizations. These details are documented in PG’s. • Tier 4 are the Work Instructions used by employees in doing their work. Work instructions may be procedures, handbooks, flow charts, drawings, checklists, forms, or anything that provides us with very specific directions for performing specific tasks.

  19. Finally, the Bottom of the Pyramid… • The foundation of the QMS are our Records. ISO 9001 requires evidence of QMS implementation, and these records are it. • All QMS-required records are specified in directives: • GPGs • PGs • WIs. • These records are kept by designatedorganizations. Each program and project has a records manager who is responsible for the safe-keeping and location of all records.

  20. Goddard Internal QMS Homepage: • • Provides links to GDMS, CCMS, all other QMS functions • Provides access to Audit Database • Provides access to NCR/CAS and other problem reporting systems • Provides other information such as audit schedules, membership of QMS, and many other functions

  21. What is the GDMS? • GDMS refers to the Goddard Directives Management System -- an automated collection of Goddard directives which are to be followed by employees, along with the procedures for establishing and maintaining such collection. • GDMS is a web-based application located at:

  22. GDMS Objectives • Document and control policy statements and implementing instructions unique to GSFC. • Provide GSFC managers with the means to efficiently convey current, controlled, up-to-date instructions to employees, customers, and the public. • Provide a standard method for initiating, reviewing, approving, distributing, revising, tracking, managing, and canceling GDMS-controlled directives.

  23. What is a directive, and what kinds are there? • A directive is a policy, procedure and guideline, or instruction that has been approved and published by the appropriate authority. GDMS includes four types of directives: • Goddard Policy Directive (GPD) (replaces GMI’s) • Goddard Procedures and Guidelines (GPG) (replaces GHB’s) • Procedures and Guidelines (PG) • Work Instruction (WI) GPD’s and GPG’s are Center-level Directives. PG’s and WI’s are Lower-level Directives.

  24. GDMS Who can access GDMS? • Everyone has Read Only access. • All individuals registered in LISTS have an account in GDMS and can login as a User. The URL is ID - Your User ID is usually the first initial of your First Name followed by your Last Name. User ID is not Case Sensitive. If this doesn’t work, call for help. PASSWORD - If this is your first Login, your Password is your Last Name (ALL CAPS). GDMS will prompt you to change your Password. Whatever you set up will be your permanent password. The password is always case-sensitive.

  25. What’s all this about Objectives and Measurements? • The new ISO standard requires quality objectives, metrics, and analysis to improve your processes. • By now, your program office should have established their quality objectives from their existing goals. • The quality objectives must be traceable to Code 400’s objectives, published in 400-PG-8730.3.1. • You need to be able to explain how your job contributes to the achievement of these objectives.

  26. What else do I need to know? • Your job responsibilities. What procedures and work instructions tell you how to do your job, and where can you find these procedures? Where are they located? • All personnelmust be able to answer these questions. Each person should be able to place and explain his or her job and responsibilities within the appropriate directives. • The relevant directives are all identified on your Directives Requirements List. • All directives must be accessed using the GDMS. Don’t keep hard copies around.

  27. What about configuration control? • Configuration Control (CM) is used in every Code 400 organization. Your configuration manager should be able to explain everything dealing with CM. • Remember that every document that affects the quality of your product must be controlled. It must be a directive or a Controlled Document. • A Controlled Document is any document that is controlled by the organization’s CM processes.

  28. I keep hearing about Nonconformances…. • Nonconformance Reports are written for the failure to meet requirements. • The process is being revamped so that NCRs are written mainly for customer complaints, audit nonconformances, systemic problems, and supplier audits. Product problems are handled by a new problem-reporting system. • You need to know that your organization has a Nonconformance Lead that deals with NCRs received by your organization.

  29. QMS Leads in every organization: • QMS Implementation Manager - the senior QMS lead, with a high degree of training, with overall responsibility for QMS compliance in the organization • Directives Manager – responsible for helping the organization with all directives matters • Configuration Manager – responsible for proper performance of a configuration control processes • Nonconformance Lead – dispositions NCRs, coordinates corrective actions, and closes NCRs when completed • Records Manager – responsible for proper record-keeping and records maintenance in the organization. You should know who these people are.

  30. So what’s all this about an audit? • GSFC is seeking Certification of Compliance to a new version of ISO 9001. The version we are currently certified to will expire in a few months. • This audit is scheduled for the week of August 4, 2003. • Code 400 will be audited on August 7 and 8. • The schedule has been received, and is being distributed. • Nearly every program will have at least one project audited. • This audit is extremely important to us. We need this certification.

  31. And more about the audit…. • The auditors assume we already comply with the old version of ISO 9001 • They will be looking specifically at the new requirements. • Emphasis is on: • management and management commitment • Customer satisfaction • Quality objectives, which must be measurable by metrics • Analysis of metrics for Continual Improvement • Communication & understanding at all levels!

  32. Auditee Etiquette & Philosophy(con’t) • Show them that you follow procedures and work instructions where required. Understand your DRL!! • Think before answering questions • Answer truthfully, directly, and simply. Don’t volunteer information not asked for. • If you do not know the answer, direct the auditor to your supervisor • It is all right to ask for help!

  33. Listen, Listen, Listen • Listen to the question completely before answering. • Answer ONLY the question that is being asked • Do not offer additional information that you THINK the auditor will find interesting • Do not dodge questions, answer directly

  34. Get Help If You Need It!!! • Get the most knowledgeable person available relative to his/her area of expertise. Don’t guess. Get help. • Ask supervisors or team leaders for assistance • Ask other people to help as required. • Call your QMS Implementation Manager!

  35. Responding to Questions • Respond promptly, but know your answer. It is OK to think for a moment before answering • Never pretend to know the answer, and don’t try to bluff the auditor. They will know! • Unsolicited information may complicate the audit process and add to the time to complete the audit with you.

  36. “Sidewalk” Questions • Can you state the GSFC Quality Policy? (You only need to be familiar with it or be able to find it.) • Can you name the GSFC Management Rep? • How does your work contribute to achieving your organization’s quality objectives? These can be asked of anyone, at any time.

  37. Typical Audit Questions • Would you please explain to me what it is you do? • How do you know what it is you are supposed to do? • Are there instructions defining the manner in which you do your job? Show them to me. (Go to the GDMS.)

  38. Typical Audit Questions (cont’d) • What records do you keep? Can you show me? How long do you keep them? • These are specified in each directive that requires records • Do you know what the Quality Policy is? Can you tell me what that policy means to you in your job? • Who is the Management Representative? What is his role in the QMS? • How does your work contribute to your organization meeting its objectives?

  39. Some Audit No-No’s! • Don’t guess or bluff your answers. Don’t be afraid to say, “I don’t know, but I’ll find out” • Don’t volunteer information not asked for • Don’t act like the auditor is wasting your time • Don’t be rude. Be courteous instead. The auditor, and all the audit escorts, have a job they have to do. _________________________________________ Note that the auditors may speak ISO, whereas we speak QMS language. The auditors will be escorted by Code 400 QMS experts who can help.

  40. Some Audit No-No’s!(con’t) • Don’t criticize coworkers or the Center • Don’t argue with the auditor • Don’t say you don’t follow procedures don’t have time, or can’t be done that way

  41. Final Checklists • Know the “sidewalk” questions & answers • Use and understand the GDMS • Understand the ISO requirements for document control: current documents only, and removal of obsolete documents • Use and understand your Directives Requirements List. Put it on your own Working Documents List. • Be able to produce the required records • Know where the records are that you are responsible for. • Have a general, cursory understanding of what is in this presentation

  42. And finally, on our audit day …. • This may seem like a lot, be we are confident. • There are two auditors for the Center. Only one will be auditing Code 400 on Aug 7-8. • The auditor will be escorted by 2-3 Code 400 QMS experts to help him and you. The Code 400 experts will do their best to keep you informed. • Your organization needs to be available and flexible. • A call has gone out for a Point of Contact phone number that will be available all day. The team will call first. • Remember that the Audit Plan is just a Plan. It can change as the audit progresses.

  43. The Bottom Line… • ISO 9001 Registration demands the active commitment and participation of all employees at all levels. Get involved. Stay informed. • ISO 9001 Registration is critically important to GSFC and NASA • And a final point to be proud of – out of all the government agencies that have sought ISO Certification, and most have tried, NASA is the only government agency ever to achieve and keep it.

  44. Your organization’s QMS Leads are: • QMS Implementation Manager: _________________ • Directives Manager:___________________________ • Configuration Manager:________________________ • Records Manager: ____________________________ • Nonconformance Lead (NCL):___________________