Information Material

At this point we will not present what the literature says about what Quality is. There are also many websites that one can refer to, to find the answer of the scientific community.

However, we will mention what constitutes QUALITY for a company in its daily life, but also how we in “DESMI”, see the concept of quality, given our experience in the development and implementation of all Management Systems.

We consider QUALITY to be the superset that embraces the environmental aspects, information security, occupational health and safety, and road safety and, more generally, all the fields in which a business can be certified. Therefore, QUALITY embraces all the activities of the company.

QUALITY is for us a multi-layered solid. Each level represents a different aspect of Quality as the answer to the following questions:

• are the technical characteristics of our product/service, the agreed?
• did the customer receive the product in excellent condition?
• was the product/service delivered on the agreed date to the customer?
• is the price of the product/service competitive?
• is the invoicing correct (for the quantity agreed, at the correct address, with the correct invoicing information, etc.)?
• is the secretary, who answers the phone (but also any other staff member of the company), polite to the customers?
• can the customer speak directly with the person responsible, who can serve him effectively?
• do we answer customers' calls on the two hits or do they have to wait long enough? (i.e., how long is the customer waiting to be able to be served?)
• is the time taken to remedy a problem for our client acceptable?
• is the response to the complaint “my department is not competent; you will have to call back to this department” acceptable?
• did we consume more energy or water than we should for the volume of our activities?
• did we contaminate / burden the environment when we could have prevented it?
• is the work of our staff on construction site, done with safety for their physical integrity and health?
• could the accident of a construction site worker or the road accident caused by our worker have been prevented by proper training?
• where are the project / customer data files or construction plans I delivered?
• could the breach of the personal data of our employees or customers have been prevented?
• etc

The International Organization for Standardization (ISO) is an international organization for the creation and publication of standards consisting of representatives of national standardization organizations. The organization was founded on 23 February 1947 and produces the world's industrial and commercial standards, the so-called ISO standards. Member of ISO can become the National Foundation for The Standardization of each country. Existing members amount to 165, whose memberships vary according to the financial situation of each institution and are divided into Full Members, Non-Correspond members and Subscriber members, of which only the first category has the right to vote. Every five years the members formulate the strategic plan to be followed by the Organization. Individuals and businesses can contribute to a variety of ways to ISO without being considered members.

Although certification according to one or more international standards (e.g.ISO 9001, ISO 14001, ISO 27001, ISO 45001, etc.) requires the writing, updating, correcting and controlled distribution of a series of documents and forms, it should not be seen as a bureaucratic process, but as an opportunity to record and systematize the knowledge and experience, that is in all employees of the company. It must be assumed that each company has developed its own management and work system that follows certain empirical rules. The preparation of the company for Certification includes the documentation of all the procedures followed, but also the introduction of concepts and procedures that may have been unknown, such as Internal Inspections, Supplier Evaluation, Control of Measuring Instrument, Documentation Control, Corrective Actions, Management System Reviews, etc.

The documentation of a Management System includes the writing of a Manual and Procedures. Work Instructions are also issued where deemed necessary, which concern specific and critical activities for quality, environment, safety, etc. depending on which standard is applied. Finally, the Management System Forms are issued and filled, and this demonstrates the implementation of the system (see figure below for the structure of a Management System documentation). 

The System Manual describes how the company ensures that its operations comply with the requirements of the applicable Standard (or standards). The company's Policy (or policies) is / are defined for the applicable standard (or standards) and determines how it is  / they are applied in practice.  It identifies the responsibilities/tasks of the company's executives in relation to the Management System and sets out the framework of the procedures necessary in accordance with the Standard for the documentation, operation and control of the system. The company's Organization Chart is also included. References are made to procedures, documents and forms where necessary in the Manual. System Manual is essentially an evidence-based set of administrative policies, guidelines and methods to achieve the company's objectives in terms of quality, environment, safety, etc., describing what is being done, but not how.

The System Procedures Manual is a set of official and fully audited documents, specifying in the required detail and clarity the methods and controls adopted throughout the enterprise and having a direct or indirect relationship to the intended results (for product/service quality, environmental impact, occupational safety, information security, etc. depending on which standard(s) is(are) applied). These procedures involve all employees and often cover communication and cooperation between departments and different activities. It also includes the responsibilities and authorities of all employees per job. The Procedures make references to Working Instructions, Forms and Documents, where appropriate.

The Working Instructions are a set of official written instructions clearly indicating the actions to be taken by an employee to carry out a job. For example, the inspection instructions at a specific product checkpoint, the operating setting of a machine, the methods of testing materials, what it should be like to present a text (font, limitation, etc.) how to produce backups of digital files (back-up), how to check and accept work by a subcontractor, how to check the supplied materials etc.

System Forms are system-supporting forms, which are filled by personnel, specially authorized for this purpose, and demonstrate the continuous operation of the system. How to fill out these forms is described in detail in the Procedures or Working Instructions.

Documentation is the cornerstone of the implementation and operation of a Management System. That's why it's important to determine how to control all documentation levels. It is also important to make the relationship between documents clear, so that, when any changes are made to one of them, the related documents and forms are updated accordingly.

Finally, the design and development of the System should be done in order to keep its bureaucracy as low as possible, ensuring, on the one hand, the proper functioning of the enterprise and the work of its various departments, but also the satisfaction of both targets and objectives of the company regarding quality, environment, safety, etc, as well as the requirements of customers and stakeholders.

• Simple in its structure
• Written in simple and understandable language
• It embraces all company activities related to the certification field
• Applied by all parties involved
• Functional, having added value for the company
• It takes into consideration the existing organizational structure of the company
• It adapts to the requirements of the applied standard to the needs of the company and not the other way around
• Dynamic, i.e. it has the ability to change, adapt to the changing needs of all stakeholders (customers, company, society, market, etc.) and thereby constantly improve.

Each company is different from any other company operating even in the same area, in terms of how its administrative and production functions are organized. Therefore, the Management System implemented by each company is unique. But there are some basic principles and characteristics that are the same for all enterprises, whether they are manufacturing, construction, service provision or high-tech or "traditional" companies.

The Management System Basic Principles are the following:

1. It is based upon the understanding of:
   • the operations of the company
   • the requirements of internal and external stakeholders (customers, employees, administration, regulatory bodies and government agencies, society/local society, competition, etc.)
2. it has the full support of the management and embraces all the activities of the employees
3. it focuses on prevention and not on correction
4. it is dynamic, i.e. adaptable as the business changes and develops and the requirements of the interested parties
5. planning: it determines in advance exactly what will be done
6. everything is implemented based on prescribed actions
7. verification checks are carried out to determine whether the prescribed have been achieved
8. in the event of a finding of discrepancy between prescribed and implemented, appropriate corrective action shall be taken to ensure that such deviations do not re-occur.
9. records are kept, showing the above (5) to (8).

The concept of continuous improvement is an inherent feature in all management systems and is based on Deming's Improvement Cycle: PLAN – DO – CHECK – ACT (process approach).

Namely:

PLAN: I plan what I want to do, I establish the goals and processes to achieve them

DO: I apply what I planned

CHECK: Check if what I'm doing is consistent with what I planned

ACT: I act on the difference – I improve, i.e. I redesign, if I find a problem and restart the cycle.

The above improvement cycle is a recurring process for achieving continuous improvement and can be applied both globally in the Management System and separately in its individual areas.

The main advantages of implementing and certifying a management system with regards to quality, environment, occupational health and safety, information security, road safety, etc., can be summarized as follows:

• Defining the organizational structure of the business
• Clarifying the roles, authorities and responsibilities of all employees
• Improving communication between different parts of the business
• Improving the quality of products / services, the environmental footprint of the company, the level of occupational health and safety, the safety of information moving within and outside the company, road safety, etc. according to the standard we apply
• Improving the quality of equipment used
• Reduction of production costs, since more effective control is achieved at all levels of operation of the company and deviations are prevented which should then be corrected
• Helping the company to acquire measurable indicators for its performance in various sectors/segments
• Improved relations with suppliers / external partners / subcontractors
• Better clarifying the requirements of customers and stakeholders
• Ensuring the safety of the product produced during its use / consumption
• All actions focusing on prevention and less on treatment of problems
• Providing the infrastructure for continuous improvement of the business
• Increasing customer confidence in the quality of the products/services they will receive
• Being a strong marketing tool so that the company better promotes itself it in the market.
• Increasing the competitiveness of the company, its prestige and reputation in the market
• Increasing the confidence and solvency of the company, which increases its financial capacity by economic operators
• Ensuring business continuity to a large extent through risk analysis

Finally, certification according to an international standard by an established certification body is the outside good testimony that the company effectively implements the management system and ensures to a large extent the trust of customers.

Risk Analysis is the recognition of all risks and opportunities inherent in the business's activities, the analysis of how the operation of the business is affected by risks and opportunities, the assessment of their importance to the business, what measures company takes to minimize the occurrence of risks and maximize the benefits of the emergence of opportunities, and finally how it monitors the implementation of the actions taken in order to re-evaluate the measures and take corrective action.

The stages of development of a management system are as follows:

• Review of the existing Organizational Structure of the company and the Organization Chart,
• Determination of the Scope of the Standard (which business activities will be certified),
• Design and Development of the required documentation (Manual, Procedures, Working Instructions, Forms),
• Identification and organization of the required records to be kept (as proof of system application);
• Trial Application, i.e. application of all procedures, working instructions adopted, and start filling out forms (creating files),
• Conduction of an Internal Audit throughout the system in order to verify its effective implementation in accordance with the design,
• Taking Corrective Actions if deviations occur, during the Internal Audit,
• Conduction of the Evaluation Audit by a Certification Body,
• Taking Corrective Actions if deviations occur, during the Evaluation Audit,
• Award of the Certificate,
• Continuity of the implementation of the Management System.

Many times, during the development of the systems we are faced with the question " but, do we need this for ISO? (implying the management system)" or "what I do, has nothing to do with ISO".

The answer is that all the activities of the company are related to the "ISO"; with the Management System, that is.

Everything we do, any work we do, has a direct impact on the quality of the products and/or services we offer to our customers, the environment, the safety of work or food or information, etc., and all have a serious impact on the image, reputation and prestige of our business on the customers and the market we operate in general.

Training, informing all the company's staff, plays a key role in the implementation of the Management System and even more important is for all employees to understand that everyone is involved in the system, everyone has a role to play in the system. All employees are a link in the chain of product/service quality, environmental protection, safety of work or food or information, etc. depending on the standard/management system we apply, and all are an integral part of the effort for continuous improvement. Everyone needs to understand what the objectives of the system are, why we are implementing it, and realise that no one is left out in this effort. Every employee should understand that, if they do not do what is provided by the system, then the chain will break, there will be a problem at a later stage of the "production line" and the objectives of the system will not be achieved. It must be understood that each employee is the 'internal supplier' of the next worker on the “production line” of the product or service offered, which is the 'internal customer'. If the product delivered to "internal customer" does not have the required specifications, then there is a problem that the "internal customer" must solve. This results in delays, additional work, and perhaps deficiencies to the final product received by the "external customer" who is the customer of our company.

So, the training of the company's staff, in the Management System it implements is very important, because the success of the system and therefore the operational continuity, depends on each employee.

The Quality, Environment, Safety, etc Management System, must be incorporated in our daily routine, and only then will it achieve its goals and objectives. Therefore, its development must be adapted to the real needs of the company and designed and implemented in a way that has added value for the company.

Certification is the "independent testimony" of an entity that the certified company meets the requirements of a specific standard (national or international). The steps for certification are as follows:

• Submission of an Application to the Certification Body selected by the company, which issues a relevant offer.
• Acceptance of the Offer by the company and notification to the Certification Body of any documentation that does not contain know-how (e.g. Management System Manual and some administrative procedures).
• Establishment of an audit team by the Certification Body and study of the documentation submitted by the company.
• If the documentation is deemed to meet the requirements of the Standard, the date of the evaluation audit is scheduled. If the requirements are not met, a report of deficiencies to be covered is sent to the company.
• Conduction of the Evaluation Audit in order to verify that the Management System of the company:
  • is applied by all those involved in it,
  • covers all certified activities of the company,
  • is suitable and effective for the business.
• If the result of the audit is unsatisfactory (i.e. the above is not met), the audit team documents its findings in order to indicate the points of the system that need to be corrected/improved. The company determines the Corrective Actions and the time limits for their implementation, in line with the Certification Body, and proceeds to the implementation of the Corrective Actions
• If the result of the audit is satisfactory or after the successful implementation of the above Corrective Actions, the audit team shall recommend to the Certification Board  to issue the Certificate.
• Granting the Certificate of Compliance according to the requirements of the standard to the company, by decision of the Certification Board of the Certification Body.

Certification is not just about meeting the requirements of a standard and getting certified. It is the vehicle for continuous business improvement!