August 11th, 2020
“Companies can go one of two ways with ISO certification,” says Gustave Anderson. “Some take the check-the-box approach. Cavendish Scott works only with those that take the change-the-company approach.”
The quality director for two manufacturers in Laramie, Wyoming, Anderson explains what he means, saying “It’s the difference between going to the gym and going to the gym and working out.” The check-the-box companies are missing 95 percent of the value of certification, he says.
Anderson got to know Colin Gray, president of Cavendish Scott, when the two of them took an 800-mile road trip through Wyoming, visiting Casper, Gillette, and other cities, doing ISO training and consulting.
At the time, Anderson was the assistant director at Manufacturing-Works, part of the Wyoming Business Resource Network. He felt it was important to make Wyoming manufacturers aware of ISO so that they could compete nationally and globally. He also wanted to support manufacturers that had certified in ISO 9001:2008 in meeting the 2017 deadline to update to ISO 9001:2015.
After such immersion in standards, it was only natural that Anderson would take on ISO responsibilities when he went to work in the private sector.
He first joined Avvid Corporation, a Laramie company that began in 1995 with four partners who then had day jobs at two different businesses. Approximately 14 people now work at Avvid, which offers design and computer-driven (known as CNC) fabrication of components for a range of products, including guns, aerospace equipment, and medical devices.
The Avvid website states the company “is large enough to serve BIG industry, yet small enough to make every customer feel important.”
With time, Avvid recognized a need for certain medical devices, not just components for devices, and in December 2019 Disruptive MedTech began to meet that need, specializing in orthopedic medical devices.
As 2020 began, plans were under way for both companies to become ISO certified. With its wider range of products, Avvid sought certification in both ISO 9001:2015 and ISO 13485 Medical Devices, while Disruptive MedTech sought certification only in 13485.
The original plan was to obtain all three certifications by the end of July 2020 and, despite the pandemic, the goal was reached ahead of schedule. Gray and one other Cavendish Scott consultant came for a face-to-face meeting to kick off an internal audit and the remainder was completed online.
“I’d seen Cavendish Scott work remotely when I was in my state job,” Anderson says. “They’re ahead of the curve technologically. I knew they wouldn’t miss a beat.” He adds that he hopes other clients will take advantage of this capability, along with its savings of time and money.
Even the external or certifying audits took place online and no deficiencies were noted.
Not only did Avvid and Disruptive MedTech pass their audits during the pandemic, but they also thrived. Both companies grew and, with the slowdown in elective surgeries, DMTI pivoted to add personal protective equipment to its product line.
One reason they were able to do so well, Anderson says, is standards helped them identify risks and understand opportunities. He says, “The process keeps you between your navigational beacons.”
Cavendish Scott is “an incredible resource that can help answer any question,” Anderson says. He talks to Gray often, saying they’re like partners in doing ISO.
Anderson, who continues to support other Wyoming manufacturers in meeting ISO standards, says persistence is important. Like going to the gym, he said, “You don’t quit when you’re tired. You quit when you’re done.”
Cavendish Scott offers consulting, training and auditing to help organizations obtain and maintain certification in a full range of standards. Additional information is available at cavendishscott.com.
At Cavendish Scott, we do not take a check-the-box approach to ISO. Rather, we work with our clients to ensure processes and practices that help your business operate according to international standards that help you with efficiency, efficacy and profitability.
Learn More
July 6th, 2020
Imagine you have a business making widgets and at the heart of your processes is a room full of highly trained employees who perform ten complicated functions to transform raw products into the best widgets in the world. They’re your top fabricators.
Then, suddenly a global pandemic occurs. The demand for your widgets is higher than ever and all of the top fabricators are incapacitated. Where would you turn? Panic is not an option.
While the 2020 Covid-19 pandemic may not have had a significant effect on your actual business, it underscored the importance of having in place both written documentation of procedures and a plan for continuity of operations.
If you had written procedures and a continuity of operations plan, then you might just need to sanitize the workspace, hire some healthy people capable of following directions, train them, and put them to work. Or, if hiring people were not an option, you might need to have identified in advance personnel who could be reassigned to the fabrication room.
While ISO 9001:2015 doesn’t explicitly require much documentation, written procedures are necessary to prove to auditors that your business can continue despite potential disruptive factors. And, of course, they’re necessary to keep your business running when actual disruptions occur.
A good place to start with documentation is the list that was required by the 2008 version of ISO 9001. The six mandatory procedures requiring documentation under ISO 9001:2008 were:
Control of documents Control of records Internal audits Control of non-conforming products Corrective action Preventive action
Processes, Procedures And Work Instructions Additional procedures vary from one organization to another. Procedures may be considered in the middle of a three-part hierarchy, even though sometimes these are blended into just two parts or a single item. Generally, a process is a strategy while a procedure is a uniform method for executing a specific aspect of the strategy. Work instructions provide guidance to an individual on their role in carrying out a procedure or part of a procedure.
In writing procedures, Cavendish Scott recommends that several factors be considered, though not all apply to every procedure. These include:
The purpose of the procedure and how it fits into the process of which it is a part. Who and what is involved in the procedure The qualifications and role of each person The machinery, equipment, and tools used and how they are used, along with detailed specifications What resources are used, how they are used, and how they are changed through the procedure What the product is Where the procedure is performed The standards required of the resources and final products A glossary of terms
Redundancy is an important aspect of continuity of operations, so it’s also helpful to have some backup for the procedures. These may include the following factors, which can be included in the procedures:
Forms Controls Organization Specific personnel
Procedures Exist Only If They’re Written You may be tempted to forego written procedures and rely only on backups, but Cavendish Scott recommends against that. Nothing is as reliable as having written procedures and not having a written procedure is the fastest way to lose certification. The firm takes the stand that if a procedure is not in writing it doesn’t exist.
Writing procedures is consistent with the approach to business processes promulgated by William Edwards Deming and followed by Cavendish Scott. It part not just of being good but being good all the time.
Cavendish Scott offers consulting, training and auditing to help organizations obtain and maintain certification in a full range of standards. Additional information is available at cavendishscott.com.
Cavendish Scott has been conducting ISO internal audits for 25 years. We have always followed a process approach having adopted it in principle right from the start. We teach thousands of auditors each year how to audit correctly. We are a certified training organization with the IRCA and are all qualified and practicing ISO Lead Auditors.
Learn More
May 12th, 2020
To have a successful audit, the right people within an organization need to receive appropriate training and be supported in making and maintaining the tweaks and improvements needed to maintain certification.
Choosing Employees To Take Training
The number and role of in-house auditors vary among organizations, but usually, their functions include the following at a minimum:
Planning and scheduling internal audits, whether these are conducted entirely in-house or using Cavendish Scott (or a similar firm) Serving as the point of communication for the registration auditor Ensuring audit findings are reported to top management and corrective actions are taken and enforced
Managers do well to consider several relevant factors in selecting employees for training as auditors.
Independence is important. It’s best to assign at least one person to work full-time as an in-house auditor. Otherwise, auditing may take a back seat to other duties. Changes that were made in the immediate aftermath of an audit may give way to older habits. In addition, employees who audit the areas of their primary jobs may blind to needed changes or reluctant to suggest them. If it’s necessary for auditors to split their time between auditing and other duties, it’s best if they do not audit their own areas. Auditing teams can be helpful, too, as they can assist with culture change related to quality improvement.
Consistency is helpful. Career-oriented auditors who want to stay in a position over time are the best candidates for training. It doesn’t help to train someone who will leave the organization or move out of the auditing role prematurely.
Personalities matter. The best auditors are usually good listeners who like people and processes. They’re confident enough to deliver sometimes unwelcome news to top management. They’re observant, patient and smile easily.
Trainers Speak From Experience
Cavendish Scott offers a range of auditing courses, including customized options tailored to suit specific standards and individual organizations. For example, Cavendish Scott taught a three-day remote ISO 9001:2015 internal auditor course to 19 enrollees involved in microelectronics at a federal lab. Common Requests include ISO 14001:2015, ISO 13485:2016, and AS9100D. Classes may be taught remotely, on-site, or at Cavendish Scott offices.
In all cases, trainers speak from experience. They strengthen their points with personal anecdotes from actual audits and engage trainees through interactive activities. Often client documents are used for exercises and a live internal audit is conducted on processes of the client’s choosing. This allows for specific questions to be asked and advice from the instructor to be given about scenarios described by the client.
From Classroom to Implementation
Putting the knowledge gained in training to work in an organization is essential to successful audits.
Whether they are in-house or from a firm like Cavendish Scott, internal auditors provide guidance and direction on changes that need to be made to keep an organization compliant with standards. Auditors must be independent and observant enough to see what needs to be done. They also need to have enough influence to see that management follows through on their guidance.
Cavendish Scott is an approved training partner of the International Register of Certified Auditors, or IRCA. While not all of the many courses available are individually IRCA-approved, Cavendish Scott follows the IRCA principles based on the company’s commitment to professional and effective training.
Look into options for selecting and training your in-house auditor(s). We offer training on a rolling basis, and can train your team remotely as well!
Learn More
August 29th, 2016
September 20 .
Originally intended for release in April, the AS9100 standard will finally be available. But it’s not that straightforward. AS9110 (Standards for Maintenance Organizations) won’t be published until November and AS9120 (Standards for Stockist Distributors) not until December.
Also, AS9101 (Audit Requirements for ASD organizations) is slated for publication in November. This is the auditing standard – the document that guides auditors and auditing during an AS audit. And to accompany it, the formal, mandatory auditor training to be taken by all auditors before they are qualified to audit to the standard. Basically, the standard will be available in September but you won’t know how it will be audited until November 2016. No word on the specific date but you can expect it to take a few months for the certification bodies to get their systems changed and their auditors trained.
Warning – no time at all
Perhaps more serious is the date that was recently announced after which all audits must use the 2016 version of the standards — June 2017. This is huge because everyone in the AS world, everyone who is AS certified will have to have a system in place starting in 9 months (8 if the actual date is in early June). Obviously if you can get your 2009 audit in before June, then you get 12 months more. But at least one third of the AS community has no choice and only 9 months to react. And this assumes that certification bodies won’t attempt a more severe schedule which they often do. Certification bodies want to keep their customers and they often schedule critical audits 3-6 months early so that if there are any problems, there is time to put things right.
If you have an AS audit “scheduled” for next summer you should urgently confirm your pre-June audit with your certification body (this may also work bringing a July audit forward) – acknowledging that they may not be aware of the rules and changes till November and it may take time for them to get their plans and processes in place.
The changes in AS 9100 2016 are not insignificant. They require serious attention from management and bring in the strategic processes and the broader application of risk that ISO 9001 has introduced. It also requires a process approach and so organizations who have a requirements based system have major changes (a good indication is that it uses the numbering system of ISO to identify its procedures).
ISO 9001 may be a good early adoption strategy but it is clear that AS organizations need to be very focused, forward looking and ready to react. Cavendish Scott has been working with ISO, AS and other management systems since 1985. We take a practical, business approach, are very precise with interpretation and guarantee success. We provide auditing, gap analysis, training and consult services.
Be sure that your AS9100:2016 certification goes smoothly. A Cavendish Scott expert consultant can help you get it right the first time.
Free Quote
July 11th, 2016
The importance of consistency, reliability and quality assurance was brought up time and time again. AS9100 certification is established as the way in which the industry is defining its needs and mandating assurance. Colin Gray of Cavendish Scott, Inc. presented an update on the development of the standard, outlining the expected changes and timelines and giving attendees an outline of effort and approach to solving this step in their relationship with the industry.
“AS9100 is an important step” says Gray, “that, done well, gives customers confidence in the suppliers ability. It overcomes one major set of questions and allows the supplier to proceed developing a mutually beneficial business relationship.”
View Colin Gray’s AS9100 Update and Review slide show presented during the Aerospace and Defense Small Business Industry Day on June 28, 2016. Organizations that are considering entering the aerospace industry can contact Cavendish Scott, Inc. for more information about AS9100.
Be sure that your AS9100:2016 certification goes smoothly. A Cavendish Scott expert consultant can help you get it right the first time.
Free Quote
July 8th, 2016
A new release of the AS9100 standard should be released soon and you must transition your certificate to the new standard by September of 2018. You should allow 6 months to a year for the transition and it’s never too early to start. Learn more about what changes are expected in the new standard.
To view the presenter notes in addition to the slides, click on the link below to access the SlideShare page and then click the “Notes” button below the author name.
It’s better to be safe than sorry. Cavendish Scott provides expert AS9100 auditing services to ensure your success.
Tell Me More
May 24th, 2010
Official AS Training Announced
The IAQG mandated training was announced on May 1. The training mandatory for any professional auditor to upgrade from Rev B to Rev C. Before they can conduct registrar audits they must take and pass the training. Then they must reapply to the RABQSA to upgrade their registration status so they can be formally recognized as Rev C auditors. For new auditors, the content of this training will have to be integrated into the “normal” lead auditor training.
This training is also important for organizations upgrading to Rev C. Not that they should attend the training but they should be aware of what auditors are being told. It is likely this training will tell them where to focus, and how aggressive to be. It is essential that you don’t upgrade your system to Rev C without knowing how and what will be audited. Unfortunately the training content is still not available. While some training courses have been presented, there is still no public information on content at this time. We’ll bring you this final piece of the puzzle as soon as more information is available.
The training is substantial. There is an 8 our on-line module (which can be avoided if you pass the exam at the beginning) and then 4 days in class training. Also the training is very expensive – about $4000 for the training itself, then add travel and accommodation, loss of work revenue and re-registration fees. For most auditors this will represent about $10,000. There is a good chance that some auditors simply wont do this and thus availability of Rev C auditors will become even more difficult.
Cavendish Scott, Inc. has analyzed the changes from Rev B to Rev C and identified the best solutions for different situations. We have also designed solutions to address the issues introduced in AS9101D. While these changes are simple in some area, it is likely to be the most rigorously audited and if you have not fully addressed everything there is a significant chance of you losing your registration for a year. With our approach Cavendish Scott, Inc. guarantees that you will maintain your registration. Here are more details or contact us if you have any specific questions.
May 24th, 2010
The final published version of AS9101D has been released. This is a supporting standard to AS9100C that describes a mandatory auditing approach. It also contains the auditing checklist and the report format. This document is incredibly important because it will affect how your system is going to be audited and surreptitiously adds extra requirements that have to be met. Key elements of this document are:
Process approach. Many organizations wanted ISO for cheap. They implemented a documented system that basically copied the standard. It was quick. It was easy. But it wasn’t particularly useful. It didn’t describe what actually went on in the organization and never helped with understanding how the organization worked. It didn’t help with improvement but it did take maintenance to make sure it was working. It was often bureaucratic, difficult to follow and was managed separately to how the organization was actually run. Finally someone is pushing the process approach. If your documents were written around the structure of the ISO standard then you are not demonstrating a process approach. Ideally you should re-write you system in a process based manner. If you don’t then you need a good way to demonstrate that you fully understand and use your system in a process based manner. This should be a tangible response to be able to demonstrate it to an auditor.
Process Based Auditing. Registrars are mandated to audit in a process based manner. Six audit approaches have been included in the standard are although registrars are free to audit in any manner they want, it is likely that they will opt to simply follow these approaches. While it might not change the way you design your system, you should at least ensure you change the way you conduct audits to fully prepare for your AS auditor.
PEAR. The Process Effectiveness Assessment Report. Auditors are required to assess the effectiveness of your systems. A low score results in a nonconformity including a major nonconformity. Although this is not a “requirement” contained in the AS standard, you are just as likely to lose your certificate (and new rules mean you could lose it for a year minimum) for missing this. The scoring is applicable to key production and service provision processes. The first thing you need Is a process (with supporting evidence) to identify which processes you are going to score and to justify those that you are not. Although this is not your choice and your auditor may require a score for processes you have tried to exclude, you are likely to be more successful if you have a formal process with tangible evidence. This is going to be a controversial area. It is not difficult to perceive many organizations missing the issue (it is not in AS), complaining, appealing and even asking their customers to intervene. It is going to be interesting. By implementing a solution in advance, there is a good chance that your auditor will simply accept it.
AS9100C Checklist. While rumored that it would be cut out of the Rev D standard, it is still there. This is a good thing for auditing as it ensures a thorough audit is completed. Fundamentally nothing changed here but continue to expect a thorough and complete audit.
This standard provides us much more to think about than AS alone. How its actually implemented is yet to be seen. The IAQG mandatory training, which might resolve this is reviewed here.
Cavendish Scott, Inc. has analyzed the changes from Rev B to Rev C and identified the best solutions for different situations. We have also designed solutions to address the issues introduced in AS9101D. While these changes are simple in some area, it is likely to be the most rigorously audited and if you have not fully addressed everything there is a significant chance of you losing your registration for a year. With our approach Cavendish Scott, Inc. guarantees that you will maintain your registration. Here are more details or contact us if you have any specific questions.
It’s better to be safe than sorry. Cavendish Scott provides expert AS9100 consulting to ensure your success.
Get Started
February 22nd, 2010
The IAQG recently released the latest on timing for upgrading to AS9100C.
Their original schedule still remains intact. Key milestones for this schedule are:
Release of sanctioned (mandatory) auditor training – End of April 2010
Once re-accredited for AS91ooC with trained auditors for AS9100C Certification Bodies are free to start updating clients to AS9100C.
Until July 1, 2011 Certification Bodies can audit to either AS9100B or C.
After July1, 2011 all audits must be to the AS9100C version of the standard.
As mentioned this schedule that was published in 2009 is still approximately accurate. The additional information provided gives specific deadlines to accreditation agencies, auditor oversight bodies and training organization oversight bodies. For example it requires the auditor oversight bodies to come up with a transition path for their auditor members to upgrade.
The auditor training material will be available at the end of April and it might take the training organizations say a month to train their trainers, incorporate the material and get themselves organized to be able to present the courses. These training organizations must then be formally reviewed by the training oversight organizations. Perhaps allow another month for this to take place. Now auditors can formally access the training courses, pass the exam and submit their information to be included on the OASIS database (recognizing them as fully qualified AS auditors). This might take another month. Thus it may take until the end of July until auditors are trained and available.
Certification Bodies also need to be accredited to perform AS9100C audits. This will involve them updating their management system and using trained auditors. They can then be subject to an accreditation audit as the final step. If then had been planning the upgrade well, their management system will already be modified and they will be attempting book their accreditation as soon as they have qualified auditors. Lets allow just another month to do this. In this scenario it might be the end of August 2010 before AS9100C upgrade audits can take place.
Obviously there are possible scenarios that might allow upgrades to take place sooner. If the auditor training can be managed in May (and some may be) and the Certification Body accreditation audit can take place in June, for instance. However, there is a limited number of both training oversight auditors and accreditation auditors. And whether it is booking a training class or and oversight/accreditation audit, flights are preferred with 2-3 weeks notice and these things just take time.
It is almost certain that Certification Bodies wont be able to upgrade ALL of their auditors for some time – perhaps until after the end of the year. This will have an impact on your choice of when you upgrade.
If your audit (surveillance or reassessment) is after August 2011 (or even by the end of the year) you are unlikely to be allowed to upgrade until 2011 (and then you wont have a choice to not upgrade it being after July 2011).
You best choice is to contact your Certification Body and attempt to firm up your upgrade audit date. They are unlikely to know until more experience of the training is gained but your persistence is important. Similarly you MUST plan your system upgrade. It is essential you account for the changes that AS9100D will bring (in particular the PEAR effectiveness review process) and unless you are certain of your upgrade timing you might consider adding the AS9100C changes without removing AS9100B aspects – yet! This will mean you are ready for any date that your Certification Body might give you and you will be certain of passing.
Cavendish Scott is providing upgrade consulting including document modification, new procedures, widespread integration of new elements (e.g., risk), PEAR, training and addressing AS9100B and C. We are also providing AS9100C internal audits so that a successful upgrade can be guaranteed. Click here to find out more: AS9100C Upgrade
It’s better to be safe than sorry. Cavendish Scott provides expert AS9100 consulting to ensure your success.
Get Started
February 22nd, 2010
AS auditors are currently in great demand. Its about to get much more so.
IAQG has stipulated that to upgrade an existing AS9100B management system to AS9100C can be conducted during a normal surveillance or reassessment audit. Upgrades during surveillance will require an audit at reassessment levels (twice as long as a surveillance audit) and upgrade during reassessment will require an audit at initial assessment levels (33% more).
Further, while the audit duration tables for AS9100C remain basically the same as they are currently, the rules have been changed to state that the table only covers ON-SITE time. In other words each audit is likely to grow by a day or so as certification bodies used to include off-site time in this calculation.
What this means is that as soon as AS9100C starts to become audited, AS auditors are going to have twice their normal workload. It is extremely unlikely that certification bodies will have the capacity to take on any new AS audits as their customers push to upgrade as soon as they can so they can distinguish themselves to their customers.
If you are trying to obtain AS certification during 2010 you need to go for the B version and book your audit for no later than June/July. If you can convince a Certification Body you will be ready for the C version then book your audit later in the year (more auditors will be qualified and it will be more likely) and get a very firm commitment from the Certification Body. Good luck with that.
If you are currently AS9100B then make sure you contact your Certification Body and confirm your surveillance/reassessment audit. Make sure you confirm this very strongly with your certification body. Perhaps contact your auditor directly and confirm it. Get their personal buy-in (making it more difficult for them to change it). Maybe pay in advance.
Customers rarely inform you about their plans and Certification customers are no different. If you were a Certification Body and a large, important customer phoned requesting an upgrade with a month or two notice you are unlikely to turn them down. Auditors will be pulled off of other jobs to be able to get that job done. Smaller organizations might be made to suffer – it is even possible that the Certification Body might simply drop smaller customers if they don”t have resources.
All of this will start about July/August/September time frame as auditors and Certification Bodies become qualified to conduct audits to AS9100C and its going to last a couple of years (More on timing…) . Auditors might be tempted to switch Certification Bodies with promises of bigger fees. Audit costs to clients will rise.
Of course there is really no way of telling how this will play out in the end. The Certification Bodies don”t really know because nobody knows when everyone will want to upgrade and who else will want AS9100C audits. The IAQG has allowed a couple of years to upgrade but that only reduces the increased workload to one and a half times as busy rather than twice as busy.
We can all hope that there are no scheduling problems but there is no downside to taking charge of this situation, informing your Certification Body of your upgrade plans, your expected upgrade audit date and firming up your audit for this year.
Cavendish Scott, Inc. is providing a standard upgrade consulting package including all modifications to all documents, integration of new requirements, new procedures and importantly a thorough pre-assessment/internal audit to make sure you will pass. Guaranteed Success for a fixed price! And your audits for 2010 are taken care of! Click here to find out more: AS9100C upgrade
When you bring in field experts with years of hands-on experience to do your AS9100 audit, you can’t go wrong. Cavendish Scott is here to help.
Free Quote
