The missing process…

Some years ago I audited an overseas supplier, a printed circuit board manufacturer that specialised in shorter run work. The proprietor was immensely proud of her business, and rightly so. The plant sparkled, with a level of cleanliness and order that far exceeded any other PCB manufacturing plant I had visited. Everyone knew their job well and the place ran like clockwork. They had just successfully achieved ISO 13485 certification and were on their way to ISO 14001.

We were at the end of the audit, walking away from the production area. The audit had gone well, with a couple of areas for improvement identified but no nonconformities. I was feeling pleased with them. They were feeling pleased with themselves. I was looking forward to a straightforward exit meeting, lots of happy handshaking and getting back to my hotel for a refreshing swim.

As we walked back along the corridor to the meeting room, the proprietor made a slight comment about sending out PCBs for continuity testing.

Hold it right there! The alarm bells in my head were clanging. “What testing was that? You say the PCBs go out to another company for a final test? Uhuh… And have you audited them? No… And no quality agreement, either. Right…”
My internal dialogue was firing concurrently with that conversation. I had already picked up that an area for improvement was their supplier quality programme which had yet to mature. Could this testing have an impact on the quality of the goods we purchased? Does this testing matter to the users of the PCBs in my organisation? Am I getting nervous? (Yes to all). The body language in the group had changed by now.

Their certification body had also missed this. It wasn’t an intentional exclusion from their QMS, they just hadn’t identified the testing as an outsourced process for which they had responsibility. It was easy for an outsider to miss because it wasn’t flagged anywhere in their documented system.

This particular story had a happy ending. It was rapidly and satisfactorily resolved, with lessons learnt all round. They learnt about outsourced processes as part of their QMS. What did I learn?

When I audit, I build a model of the process in my head, based on what’s documented, what I’m told and what I see. I compare that with how I expect the process to be, based on the audit criteria and my experience and research. In this instance, the model in my head appeared to be complete and ok. I completely missed the interface to another part of the process that had been outsourced. It’s possible to fall into the same trap with an internal audit, where you think you understand the entire process and familiarity blinkers your thinking.

Since then, I’ve made it my practice to ask, “Does any part of the process happen outside of this plant/organisation/production line?”

Had I been using turtle diagrams as an audit tool back then, it’s likely that the outsourced step would have become obvious to me during the audit. Had the supplier been using the tool to map their processes, it would have been obvious to them that it needed to be included in their QMS. A turtle diagram makes you look systematically at each link in a process and consider inputs, outputs and interfaces. Robert Packard is a great fan (and teacher) of turtle diagrams and includes a description in in his blog about process auditing.

Watch the free webinar that Rob and I are running on Feb 13th (Feb 14th in NZ) to hear Rob explain process auditing and how to use turtle diagrams. After the event, register here and the download will still be available.

---