ISO 9001:2015 Procedures in IIUM
QUALITY MANAGEMENT SYSTEM (QMS)
A: WHAT IS QUALITY?
As a simple definition, quality means meeting the requirements of the parties receiving the products and services.
B: WHAT IS QMS?
Quality Management System (QMS) is a formalized system that documents processes, procedures, and responsibilities for achieving quality policies and objectives.
A QMS helps coordinate and direct an organization’s activities to meet customer and regulatory requirements and improve its effectiveness and efficiency on a continuous basis.
QMS serves many purposes, including:
• Setting direction for organization
• Improving processes
• Reducing waste
• Lowering costs
• Engaging staff
• Improving customer satisfaction
C: IMPLEMENTING ISO 9001
- What is ISO 9001?
o ISO 9001 is a published standard the International Organization for Standardization (ISO) in 1987. It is the international standard that specifies requirements for a quality management system (QMS). It is meant for organizations to demonstrate their ability to consistently provide products and services that meet customer and regulatory requirements.
o ISO 9001 was first published in 1987 by, an international agency composed of the national standards bodies of more than 160 countries.
- What is ISO 9001:2015?
The ISO 9001:2015 is the latest version of ISO 9001 standard which was released in September 2015.
- Why Implementing 9001:2015?
We can use it to help ensure that our interested parties e.g. stakeholders, customers and vendors get consistent, good quality products and services, which in turn brings many business benefits such as cost saving, customer satisfaction, and good image.
This new version is a processed and objective-based. Since it requires a lot of identification of and structured planning for organizational risks and opportunities, it thus puts a greater emphasis on leadership engagement.
· Checklist for ISO9001 Implementation
a) Management support at your respective agency
b) Identification of requirements
c) Definite QMS scope
- For IIUM, the scope is Management of Academic Affairs; Research and Publication; Student Development and Corporate Services
d) Define your process and procedures
e) Implement process and procedures
f) Conduct Awareness and training for the staff
g) Implement QMS (Plan, Do, Check & Act)
h) Conduct Internal Audit
i) Conduct Management Review
j) Improvement and Corrective Action
k) Conduct Certification Audit
D: IIUM IMPLEMENTION OF ISO 9001:2015
• Background of ISO 9001 implementation
The International Islamic University Malaysia (IIUM) has started implementing ISO 9001 since 2004. Since that year, the certification process had been arranged individually by centres of studies and administrative offices but monitored by the office of Corporate Strategy and Quality Assurance (CSQA). However, in 2014, in order to save cost and time, the University started to implement the one certification for the whole university. The one certification effort was successfully coordinated by the Office of Institutional and Academic Quality Management (OQM) and the IIUM was awarded with the ISO 9001:2008 certificate for three consecutive years from 2014 to 2016.
• Quality Manual
The purpose of this Quality Manual is to display the International Islamic University Malaysia (IIUM)’s overall commitment to quality in work practice and customer service which is defined through its core and support business processes. Through each of these business processes, the University’s Management System is aligned with the goals and strategic direction of the organization. The University’s Management System as described in this Quality Manual defines the University’s commitment:
• by demonstrating its ability to consistently provide quality service that meets customer and applicable regulatory requirements,
• by addressing customer satisfaction through the effective application of the system, including processes for continual improvement and the prevention of nonconformity,
• through staff empowerment, especially for innovative action to improve the department’s performance, and
• through orderly change management that will maintain a high level of service in technologically complex and fast-paced environments, both to accommodate technological change and for continual improvement of the technical skill and capability.
This Quality Manual provides an overview of the quality policies, key requirements as well as guidelines for the University in implementing the Quality Management System (QMS). It is the source of reference for all matters dealing with quality. It is available at the Office of Institutional and Academic Quality Management (OQM) and also in IIUM Mediabank for reference by all KCDIOs and also inspection by our customers, potential customers, third party quality auditors, and regulatory agencies.
ISO 9001:2015 Programmes and Activities 2017 are as follows:
o Awareness and Training Programmes: 16 Jan – 29 Aug 2017
o Effective Implementation of ISO 9001:2015: 1st June 2017
o Opening of Internal Audit: 22nd August 2017
o Internal Audit Exercise:23rd August 2017 – 16th October 2017
o Closing of Internal Audit: 17th Oct 2017
o Management Review Meeting (MRM): 15th Nov 2017
o Certification Audit: 4th – 15th Dec 2017
The University implements the ISO 9001:2015 standard requirements in order to enhance customer satisfaction through the effective application of the system, including processes for continual improvement of the system and the assurance of conformity to customer and applicable regulatory requirements.
The scope of the University’s ISO 9001:2015 Quality Management System is:
a) Management of Academic Affairs;
b) Research and Publication;
c) Student Development; and
d) Corporate Services.
• Quality Policy:
The International Islamic University Malaysia (IIUM) is committed to achieve comprehensive excellence in managing its educational programmes and activities by adopting Quality Management System (QMS).
In pursuit of this, we are dedicated to ensure:
o That all staff are available and focusing at all times on customer needs and expectations
o Our commitment to continual improvement of the quality management system
o That all legislatives and regulatory requirements are complied with.
This POLICY will be communicated to all staff, and as a minimum, when requested, stakeholders and or interested parties.
The POLICY, procedures and objectives will be reviewed periodically with the aim of continually improving the effectiveness of the Quality Management System as well as ensuring its integrity, effectiveness, compatibility and alignment with the context and strategic direction of the University.
• Quality Objectives:
Quality Objectives have been established at all corresponding levels and processes throughout the organization to implement the quality policy, meet and exceed requirements for product and processes, and to improve the QMS and its performance.
Quality objectives are strategic, apply to the entire University and shall:
· be consistent with the Quality Policy;
· be measurable and monitored;
· take into account applicable requirements;
· be communicated;
· be updated as appropriate;
· be relevant to conformity of products, services and enhance customer satisfaction.
Quality Objectivesare measurable targets for improving operational performance to ensure process conformity and customer satisfaction. They apply to all KCDIOs having direct responsibility for activities that require improvement. Performance objectives and goals are established by their respective management and through staff involvement and monitored within the framework of management reviews or department and Kulliyyah meetings.
The University retains documented information on the status of our quality objectives. If shortfalls are identified, management may revise objectives, issue corrective action requests, or take other appropriate actions to address the issue.
ISO 9001:2015 is a processed based instead of procedure-based. Therefore, all procedures used by the KCDIOs are expected to be made available and retained by individual KCDIOs.
The University maintains a documented QMS as a means to ensure that its products and services conform to specified requirements.
Documented information required to support the effectiveness of our QMS is controlled to ensure:
a) it is available and suitable for use, where and when it is needed;
b) it is adequately protected from loss of confidentiality, improper use, or loss of integrity.
c) distribution, access, retrieval and use;
d) storage and preservation, including preservation of legibility;
e) control of changes;
f) Retention and disposition.
In order to do all of the above, the University has established a documented procedure to define the controls needed for the identification, storage, protection, retrieval, retention and disposition of records. The University has also exercised control on these records.
Records associated with quality system and the achievement of the desired quality of services (i.e. work performance) have been identified, collected, indexed, filed, stored, maintained and disposed of in accordance with documented procedures. These records are kept safely in a systematic order for easy reference and retrieval, whenever needed.
Specific controls are implemented to maintain the security and confidentiality of all staff and student records and other confidential records. All identified records are subjected to a specific agreed retention period. Retention period is specified in each procedure. For records that are stored in electronic devices/format, password and access limitations are implemented to maintain security and confidentiality.
· References for KCDIO
All important documents related to ISO 9001:2015 are available for reference in IIUM Mediabank via this link: http://www.iium.edu.my/oqm/iium-mediabank. The facility is controlled by our office and you may request from our staff for its access.
· Internal Audit
The University conducts internal audits at planned intervals in order to determine whether:
a) K/C/D/Is have conformed to the planned arrangements in accordance to the requirements of MS ISO 9001:2015 and to the quality management system requirements established by the University.
b) K/C/D/Is have effectively implemented and maintained the quality management system.
An audit programme is scheduled at least once in the period of twelve (12) months and is planned in accordance to the status and importance of the processes and areas to be audited, as well as the results of previous audits. The audit criteria, scope, frequency and methods have been defined. The selection of auditors and conduct of audits are properly administered to ensure that the audit process is conducted objectively and impartially. Auditors shall not audit their own work.
Documented procedures have been established to define the responsibilities and requirements for planning and conducting audits, establishing records and reporting result. Records of the audits and their results are properly maintained.
The management responsible for the area being audited has ensured that any necessary correction and corrective actions have been taken without undue delay to eliminate detected non-conformities and their causes.
· Audit Findings Guidelines
All findings have to be responded in the following manner:
a) Major NCR – 15 days after the receipt of the official findings. It requires a follow – up visit or verification by your auditor or the lead auditor to close. Satisfied with the responses by the KCDIO, the auditor or the lead auditor could close the issue.
b) Minor NCR – 3 months to respond with root cause analysis and changes implemented (or timeline to be implemented) after the receipt of the official findings. A follow up at next surveillance audit is required, but in the meantime, the auditors may request additional supporting data as evidence depending on the subject. Satisfied with the responses by the KCDIO, the auditor or the lead auditor could close the issue.
b) OFIs - 30 days to respond on the proposed improvement and come out with the action plan. There is a need to report on its progress during the following audit visit and University level MRM in the following year. Satisfied with the responses by the KCDIO, the auditor or the lead auditor could close the issue.
KCDIOs should initiate actions to eliminate the cause of nonconformities in order to prevent recurrence. Corrective actions are appropriate to the effects of the nonconformities encountered. When nonconformity occurs, corrective action procedures are initiated and implemented. Examples of actions taken include:
o taking action to control and correct it;
o reviewing and analyzing the nonconformity;
o determining the causes of the nonconformity;
o determining if similar nonconformities exist, or could potentially occur;
o implementing any action needed;
o reviewing the effectiveness of any corrective action taken;
o updating risks and opportunities determined during planning, if necessary;
o making changes to the QMS, if necessary.
· Management Review
The University’ Management Review process is planned and includes the following considerations:
Management Review Inputs: Assessment of the QMS is based on a review of information inputs to Management Review. Input examples which would be derived from the implementation of QMS by the KCDIOs include:
o the status of actions from previous management reviews;
o changes in external and internal issues that are relevant to the QMS;
o customer satisfaction and feedback from relevant interested parties;
o the extent to which quality objectives have been met;
o process performance and conformity of products and services;
o nonconformities and corrective actions;
o audit results;
In addition, management review inputs shall include the adequacy of resources, the effectiveness of actions taken to address risks and opportunities and opportunities for improvement. Results of Management Review meetings shall be retained.
Management Review Outputs: Management Review Outputs include decisions and actions related to the following:
· opportunities for improvement;
· changes needed to the QMS;
· resource needs