How to Maintain the FMEA

      FMEAs are initially established in the early stage of product/process design and development. They're living documents and should be regularly reviewed and updated. Normally, FMEA review and updating should be triggered by the following events:

1. There're changes in the product/process requirements
      If there are changes in the product or process requirements, the FMEA team should review the changes and decide whether these changes can result in any new failure mode. If yes, document these new failure modes and complete the rest of FMEA accordingly.

2. A new failure mode is detected
      When creating FMEA, the FMEA team should list up all the failure modes that can occur to the product/process. Due to the limit of the team's knowledge, however, this list in most cases is not a complete list. Later on, when a new failure mode is detected, e.g. during design verification and validation, during mass production or during customer application, it should be included in the FMEA.  

3. A new cause is identified for a failure mode
      When creating FMEA, the FMEA team should also list up all the possible causes to each failure mode identified. Again, due to the limit of the team's knowledge, this list is often not a complete list. If a new root cause is identified in the failure analysis later on, it should be included in the FMEA.  

4. There's updated information to evaluate the ranking of S, O and/or D
      When creating FMEA, the FMEA team can sometimes only do the risk assessment (i.e. ranking of S, O and D) based on the best guess, as objective data or evidences are not available yet. With further deployment of the design and development activities, mass production and customer feedback, more and more objective data and evidences can be collected for more accurate ranking of S, O and D. When such information is available, the FMEA should be reviewed to re-evaluate and, if needed, to update the SOD ranking. For example, it is a common practice in factories that failure rate and cause of occurrence of each type of defects is consolidated on a monthly basis. These data should be used for the ranking of O, e.g. if a certain cause can result into a monthly failure rate of 0.2% for a certain type of defect, it indicates O=6 for this specific cause (according to the scoring criteria of AIAG's FMEA manual). If O is scored otherwise in the current revision of FMEA, it should be updated to reflect the actual situation. 
      If recommended actions are proposed, the FMEA should be updated later on to document the results of the actions. This should also be done after the actions are completed and objective data are available to evaluate the results.

5. The preventive and/or detective actions are found not effective
      As mentioned above, the risk assessment in the current revision of FMEA may not be accurate due to the limit of objective data. When these data are available, one may find out that SOD are severely under-ranked and the preventive and detective actions implemented are actually not effective. In such cases, more effective actions are should be recommended and the FMEA should be updated accordingly.

6. Proactive improvement is initiated
      One of the key principles in quality management is continual improvement. Following this principle, organizations should proactively initiate some improvement activities on a regular basis. FMEA is a good source to determine what kind of improvement activities can be initiated. It is a common practice that the FMEAs are regularly reviewed (e.g. annually), and top risks in the current revision of FMEAs are picked and actions are taken to further reduce the risks  (Please be noted that the current controls for the top risks are effective and the actions are not mandatory. Also please refer to this article on how to pick the top risks). These actions should be updated into the FMEA as the recommended actions, and the action results should be documented in the FMEA as well. 
.

How to Conduct the Internal System Audit of ISO9001

    Conducting internal system audit is a requirement of ISO9001:2015. This article will discuss how to conduct the internal audit effectively according to the requirements of ISO9001.
    A full internal audit process may be divided into four stages: planning of internal audit, conducting of internal audit, issue of audit findings and closing of audit findings. Let’s see what should be done in each stage.
1. Planning of Internal Audit

• The internal audit should be planned according to the defined frequency (e.g. once a year). In the plan, one must specify the following things:
• Scope of the internal audit and the auditees. An internal audit must cover all the quality processes, all shifts and all departments which are in the scope the quality management system.
• Criteria of audit. The criteria of audit includes the ISO9001 standards (It normally is the latest revision, unless during the transition period), legal requirements if applicable, and the internal procedures or requirements of the organization;
• Audit method. Following the process approach concept in the quality management, the internal audit is also suggested to be conducted according to this methodology, i.e. the internal audit should be carried out for individual quality process respectively as defined in the organization, and the owner and supporters of each process should be the auditee of the corresponding process;
• The auditor team, including the leader and team members;
• The timetable, i.e. when each auditee will be audited. Below this paragraph is an example of the schedule for internal audit; 
• A checklist which lists up the key points to be checked during the audit. This is not a mandatory requirement of ISO9001:2015, but it is highly recommended that a checklist is prepared and followed during the audit so that no key point is missed (The checklist is actually mandatory in other standards such as ISO/TS16949). 
  

2. Conducting of Internal Audit
    When conducting the internal audit, what the auditors do are asking questions and verifying evidences provided by the auditees. If there is a checklist, questions should be asked according to the checklist. The checklist should be designed and the questions should be asked following the PDCA loop, i.e.

• Firstly, the auditors should ask the auditees whether there is an established procedure to carry out the audited process and specify how the process is controlled to ensure it achieves the intended results. For example, when auditing the document control process, the auditors can ask what the procedure is to create, update or obsolete a document, how it is ensured that new documents are distributed promptly to the users and how it is ensured that obsoleted documents are retrieved to prevent misuse. The auditors have to check whether the established procedure meets the requirements of the audit criteria;
• Secondly, the auditors should verify that the actual process is conducted according to the established procedure. For example, when auditing the document control process, the auditors can check an actual record of document updating and distribution and see whether what shows in the records is consistent to the established procedure.
• Thirdly, the auditors should check whether the auditees evaluate the effectiveness of the process. For example, when auditing the document control process, the auditors can check whether there’s any target for this process and whether the achievement of targets is regularly monitored. 
• Finally, the auditors should check whether corrective actions are taken when the process targets are not achieved or whether continual improvement is taken when the targets are achieved.

3. Issue of Audit Findings
    Based on questions asked and evidences verified, the auditors issue findings to the auditees. In some organizations, the findings can be classified as major nonconformance, minor nonconformance or opportunities for improvement. The classification is somehow subjective. It is not a mandatory to have such classification for internal audit findings. Anything about the quality process which does not meet the requirements of audit criteria or is not effective in achieving the intended results can be considered as a finding.
    When issuing a finding, it normally should include the following information: finding, objective evidences and rules violated. Below is an example:

4. Closing of Audit Findings
    After the auditees are issued the findings, they’re responsible to provide a root cause analysis, propose the corrective actions and implement the proposed corrective actions within the specified time frame. Various tools can be used for root cause analysis and the most common one is probably 5 Whys (Please see this article about how to use 5 Whys analysis). The auditors (usually leader auditor) are responsible to review the root cause analysis and proposed corrective actions by the auditees. If it is approved, the auditees can proceed to implement the corrective actions. The auditors should follow up to collect objective evidences that the corrective actions are indeed implemented, and also need to collect objective evidences that the corrective actions are indeed effective to prevent the recurrence of nonconformance. Only if the corrective actions are proved effective, the finding can be closed.

Design and Development Review, Verification and Validation

    Clause 8.3.4 of ISO9001:2015 requires that design and development should be reviewed, verified and validated:

The requirements here are probably confusing to many readers - What are the differences in these three activities? And what shall be done exactly for each activity?

Design and Development Validation
    Let's first take a look at design and development validation. In ISO9000:2015, validation is defined as "confirmation, through the provision of objective evidence, that the requirements for a specific intended use or application have been fulfilled". ISO9001:2015 says, as cited from Clause 8.3.4, the purpose of validation is to ensure the resulting products and services meet the requirements for the specified application or intended use. From these statements in ISO9000 and ISO9001, several points can be extracted:
1. Validation is done on the resulting product, so it should be done on the real product, not just the ideas of the product.
2. Validation must be done with objective evidences. So it involves a process of obtaining objective evidences. This process can be inspection, testing, and so on.
3. Validation is to confirm the resulting product meet the requirements. So it involves a judgment or a decision making process. 
    As a summary, design and development validation involves analysis (e.g. inspection, testing, etc.) on a real product and a judgement based on the analysis result whether the product actually meets the requirements of the intended use or application.

Design and Development Verification
    Now let's look at the design and development verification. In ISO9000:2015, verification is defined as "confirmation, through the provision of objective evidence that specified requirements have been fulfilled". ISO9001 says the purpose of verification is to ensure that the design and development outputs meet the input requirements. So the key points here are:
1. Verification is done on design and development outputs. The design and development outputs are the design concepts or ideas of the product, e.g. what materials to be used, what structure to look like. It is not talking about a real product. This is the key difference between verification and validation. In terms of time sequence, verification is done before validation, as design concepts are generated before a real product is manufactured.
2. Verification must be done with objective evidences. So same as validation,  it also involves a process of obtaining objective evidences. This process can be calculation, simulation, experiment and so on.
3. Verification is to confirm that design and development outs meet the input requirements. So same as validation, it involves a judgement or a decision making process as well.
    As a summary, design and development verification involves analysis (e.g. calculation, simulation, experiment, etc) on the design concepts and a judgement based on the analysis result whether the design concepts meets the input requirements. Please be noted that as there's no real product yet during the verification stage.

Design and Development Review
    So how about design and development review? ISO9000:2015 defines "review" as "determination of the suitability, adequacy or effectiveness of an object to achieve established objectives". ISO9001:2015 says the purpose of review is to evaluate the ability of results of design and development to meet the requirements. Based on these statements, it is important to notice that
1. Review is done on the results of design and development. Here the results of design and development can be anything generated from the design and development process, including the design and development plan, the feasibility study, the risk analysis, the design concept of the product, the verification results, the validation results, and even an individual document such as the process flow chart. 
2. Unlike verification and validation, review can be done with or without objective evidences. For example, when a material is proposed for the designed product, there's probably no objective evidence available at this point yet to prove that the material is suitable, but when reviewing the design proposal, a decision can still be made whether or not to approve this material. Review can done through meetings, emails or any other ways of communication. For example, if a document needs to be reviewed before its release, it can just be done through email by individual person, and if a design concept needs to be reviewed before its finalization, a meeting can be held.
3. Review is to confirm that results of design and development to meet the requirements, so same as validation and verification, it involves a judgement or a decision making process.
    As a summary, review is a decision making process, during which the evaluation can be done with or without objective evidences. And it can be done during any stage of the whole design and development process. As mentioned before, verification is done before validation, but review has no such time sequence in relative to verification and validation.
 
Summary
    The table below is a summary of the above discussion, which compares what to be reviewed, verified and validated, when they should be done and how they are done:

	Review	Verification	Validation
What	Almost everything	Design concepts	Real products
When	Any time	Before the design concepts are finalized	After real products are made
How	Meetings, emails,	Calculation, simulation, experiment	Testing, inspection

Knowledge Management in the Organization

    One of the new requirements in ISO9001:2015, compared with ISO9001:2008, is the management of organizational knowledge, as specified in 7.1.6:

     To implement this requirement in an organization, one first needs to understand the concept of “organizational knowledge” here. It refers to the knowledge which is needed to carry out the quality processes effectively. From the point view of a process (shown in the below graph, cited from ISO9001:2015), the organizational knowledge can be classified into four types:

1. The knowledge of the input of the process, i.e. the information which determines how to take the actions. For example, when there’s a customer claim, the engineers need to know what kind of failure it is, how the failure occurred, etc., before determining what corrective actions can be taken;
2. The knowledge of how to and where to obtain the input. For example, in the above case of customer claims, the engineers need to know how to analyze the failure product to identify the cause of the failure;
3. The knowledge of how to carry out the process, i.e. the experience or skill needed to carry out the actions based on the information obtained. For example, in the above customer claim, after identifying the nature of the failure and the reason of occurrence, the engineers should know what corrective actions to be taken;
4. The knowledge of how to evaluate the outputs, i.e. the knowledge to evaluate the effectiveness of the actions taken. For example, in the above customer claim, the engineers should have the knowledge to determine whether the actions taken are effective. 

    Now let’s see what an organization should do to fulfill the requirement of Clause 7.1.6. We can rephrase 7.1.6 and list up the requirements there as the following:

1. Identify the knowledge needed;
2. Acquire and maintain the knowledge 
3. Share the knowledge to the persons in the organization who need them;
4. Repeat the above steps in case of changes.

Let’s discuss what should be done in each step.

1. Identify the knowledge needed
    Once the organization determines the processes in its quality management system (Determining the quality processes is part of the quality planning. Please see this article about quality planning), the organization should also determine the four types of knowledge needed for each process (and for each sub-process in some cases). Below is an example of knowledge identification for the document control process. The organization should do the same for all the other quality processes it has identified.

2. Acquire and maintain the knowledge
    After identifying all the knowledge needed, the organization then should determine which pieces of knowledge should be acquired and how they can be acquired. It is important to know here that “acquiring” means that the organization is gaining the knowledge for the first time. Nobody in the organization has such knowledge at this point. It is different from sharing of knowledge in Step 3. Sharing means the knowledge is made available to additional persons other than the ones who have acquired it.
    There are multiple ways for an organization to acquire a piece of new knowledge, e.g. sending someone to attend external training, hiring experienced and skilled employees, receiving feedback from customers, and analyzing the failures. The organization shall define clearly the ways and the persons who’re responsible to gain the knowledge.
    After acquiring the knowledge, the organization shall maintain it. Though it is not required in ISO9001:2015, it is always preferred to maintain the knowledge in a documented format, e.g. a written procedure, a training material in the format of PPT, etc. For such documented knowledge, the organization can follow the document and records control process to maintain the knowledge. The owner to maintain each piece of knowledge should be assigned.
Following the example in Step 1, the organization can determine how to acquire and maintain each piece of knowledge with the following template:

3. Share the knowledge to the persons in the organization who need them
    After the knowledge is acquired, it should be shared inside the organization with the persons who need it. Ways to share the knowledge include but are not limited to internal training, forums, meetings, email, intranet, etc. The organization should define clearly what knowledge should be shared, how it should be shared, and whom it should be shared with.
    Again, let’s use the document control process and see how to share the knowledge.

4. Repeat the above steps in case of changes
    When there are changes in the quality management system and its processes, the knowledge needed to carry out each process may change as well. In this case, Step 1 to 3 should be redone to update the knowledge and maintain its adequacy and validity. If necessary, the documented procedures, training materials or the documented records which have been established should be updated accordingly.

Some Additional Notes
    When determining whom the knowledge should be acquired by and shared with, the organization should link it up with employee training. As discussed in the other article, what trainings are needed for each post should be defined clearly in order that the employees can have the necessary competency to perform his/her duty. Defining of such trainings for each post must be consistent with the assigning of persons to acquire the knowledge or to be shared with the knowledge.

A Summary of MSA Approaches for Attribute Measurement Systems

Attribute measurement systems (abbreviated as AMS in the rest of this article) are systems which differentiate the measured parts into some categories, such as OK and NG, instead of characterizing them with variable data. For the convenience of discussion, this article will further divide AMS into two types:

Type 1: AMS for characteristics which can also be evaluated with variable measurement systems. An example of such AMS is the system with a pin gauge. It differentiates the measured parts into two categories: OK or NG, but the diameter of the hole can also be measured with a variable measurement system such as CMM.

Type 2: AMS for true attribute characteristics which cannot be evaluated with variable measurement systems (abbreviated as VMS in the rest of this article). An example of such AMS is the manual visual inspection system on products appearance. The spec of appearance is often not defined with variable data.

In AIAG’s MSA manual (4^th edition), four approaches are introduced for the MSA of AMS, as listed below:

1.       Gauge performing curve

2.       Signal detection theory

3.       Attribute control charts

4.       Hypothesis test analysis

None of the above approaches can assess all the five types of variability of a measurement system, i.e. bias, linearity, stability, repeatability and reproducibility. They all have certain limitation as explained below:

The 1^st approached is an analytical method which gives good quantitative assessment on the measurement system. But it is only good to study the bias and repeatability. Also, it is only good for Type 1 AMS, as the reference value of the samples used in this study must be available in quantitative data. Readers may refer to AIAG’s MSA manual (Chapter III, Section C) for how to establish the gauge performing curve a measurement system. It is quite clearly illustrated there.

Same as the 1^st approach, the 2^nd approach can only be used for Type 1 AMS too. It can be used to assess the GRR and GRR only of the measurement system. It also gives a quantitative result, but it is an estimated one. The estimation becomes better with the increase of sample size. As this approach gives only an estimation of GRR, it should be approved by the customers before it is used.  

         The 3^rd approach is only briefly mentioned in the MSA manual (P.145, 4^th edition). This approach is only good for stability study. Same as the stability analysis of a VMS, one needs to follow the below steps: pick a sample, establish the control charts and then study the control charts (please refer to this article for stability study of VMS). Picking sample for stability study of AMS is much more critical than the stability study of VMS. It is probably the key for a good stability study of AMS. In AIAG’s manual (please refer to the footnote in P.145, 4^th edition), it’s noted that for the chosen sample, np must be greater than 4, i.e. if the sample is measured ten times, there are at least 4 times this sample is categorized as NG. So the sample should not be an OK sample which is far away from the spec limit, otherwise there is a low chance of getting an NG result from measurement. It should not be an NG sample which is far away from the spec limit either, otherwise, UCL and LCL are same and the control charts makes no sense (please refer to formula of UCL and LCL of p charts and np charts in the SPC manual). So the sample must be close to the spec limit in the gray area of the below image, with a chance of having both OK and NG results.  

In principle, this approach can be used for both Type 1 and Type 2 AMS, but if AMS involves human judgement, this approach may not work well, because the appraisers can remember the past judgements and it can influence the upcoming judgements. So this approach is good if the equipment makes the judgement, but not suggested if the appraisers make the judgement.  

The 4^th approach can be used for both Type 1 and Type 2 AMS. But unfortunately, the kappa value obtained with this approach can only assess the agreement between different appraisers and does not yield any quantitative assessment of any type of variation of the measurement systems. One cannot really tell how big the variation of the measurement system is with this approach. Therefore it should approved by the customers if an organization plans to use it. 

As a summary, below is the table which lists up the possible MSA approaches for AMS. Please be noted that the agreement analysis in the last column does not belong to the five types of MSA defined in the MSA manual.

Measuring Equipment Calibration or Verification

    In 7.1.5.2 of ISO9001:2015, it requires that measuring tools shall be calibrated or verified or both:

So in which cases shall the measuring equipment be verified, in which cases shall they be calibrated, and in which cases shall they be done both?

    To answer this, one first needs to understand the difference between verification and calibration. The measuring process is a process to assign a value to the measured characteristic. There are two values which should be noted here: one is the true value of the characteristic ut, and the other is the assigned value of the characteristic ua, i.e. the result obtained from the measurement. Verification is the serial of activities done to prove that the difference between ut and ua is within the acceptable range (which can be defined internally, according to customer requirements, according to national standard, etc.). So the result from verification is a judgement of “Acceptable” or “Not Acceptable”. Calibration, however, is the serial of activities which are done to establish the proper relationship between ut and ua, so that acceptable ua can be obtained from the measuring process. Below are two examples of calibration:
Example 1: a digital caliper gives the reading of a dimension. It first transfers the measured dimension ut into an electrical signal, and then transfers the electrical signal into a digital reading ua. The manufacturer of the digital caliper must study how the signal transferring from the measured dimension into the digital reading is done and establish their relationship properly. Otherwise, the reading ua may depart significantly from the actual dimension ut.
Example 2: an electronic scale is used to weigh the products. An operator measured 5 samples with known value and obtained following results:

From the above measurements, the operator found that the reading is always 0.1kg greater than the true value. So for future measurements, when he records the weight of products (please be noted that here ua is the recorded value, not the reading from the scale), he’ll subtract 0.1kg from the reading.

    Now let’s go back to the question: when shall the measuring equipment be calibrated, when shall they be verified, and when shall they be done both? The answer is given as below:

• If the measuring equipment is purchased, the suppliers have already done calibration, so the equipment shall be first verified before use. If it does not pass the verification (i.e. the judgement is “Not Acceptable), then it should be further calibrated.
• If the measuring equipment is homemade, the equipment shall be calibrated first. Once the calibration is done, for future use, it should be further verified, and calibrated if necessary, just as the purchased equipment.

How to Choose the Right Control Chart for Statistical Process Control

    For characteristics which are evaluated with variable data, AIAG’s SPC manual recommended 4 types of control charts:

1. Average and Range Chart (X ̅-R Chart)
2. Average and Standard Deviation Chart (X ̅-s Chart)
3. Median and Rang Chart (X ̃-R Chart)
4. Individuals and Moving Range Chart (X-MR Chart)

    Arising from the 4 options, a question that many SPC beginners may have is: which control chart should I use for my process? The answer can be found in P.177 of the 4th edition of the SPC manual, but it is very brief. Below is a more detailed explanation about the selection procedure of the right control chart:

    First, let’s take a look at the X ̅-R Chart, which is probably the most popular chart. For this chart, the control limits of X ̅ and R are calculated with the following equations:

where R ̅ is the average of ranges of individual subgroup. From the above equations, it can be seen that when R ̅ is 0,and. The control limits make no sense in such case. That means if one needs to use X ̅-R chart, there must exist detectable within-subgroup variation. The above equations also show that the width between UCL and LCL of X ̅  is. In order not to see too many undesired out of control signals, the X ̅-R Chart should only be used when the between-subgroup variation is insignificant compared with within-subgroup variation. Otherwise, the future data point of X ̅ may easily go out the control limits due to big between-subgroup variation (Note: generally, big between-subgroup variation, compared with within-subgroup variation, is not accepted as it indicates the existence of special causes. But if both Cpk and Ppk are significantly larger than the requirement, e.g. Cpk=8, Ppk=5, it may be accepted). As a summary, to use X ̅-R chart, the within-subgroup variation must not be 0 and the between-subgroup variation must be insignificant compared with within-subgroup variation.

    Here is an example when the X ̅-R chart should not be used: The process is to produce a chemical solution by adding solvent into the distilled water. It is produced one bath a time, and one bath is one lot. The monitored characteristic is the composition of the solution. As the solution is homogenous, taking several samples from one bath as one subgroup gives no within-subgroup variation. On the other hand, the difference between different lots may be more significant, as the amount of solvent added to each bath may differ. So using X ̅-R chart is inappropriate for this process.

  In the above case, one should use the X-MR chart. The X-MR chart requires no subgroups (or you may consider that the subgroup size is 1). Individual sample is taken, and the difference between consecutive samples is calculated to estimate the process variation and the control limits, as in the following equations:

where (MR) ̅ is the average of the differences between all consecutive samples.

    X ̅-s chart is close to X ̅-R chart. The key difference is that the process variation in this chart is estimated with the average standard deviations, instead of average ranges, of the subgroups, and the control limits are calculated with the following equations:

where s ̅ is the average of the standard deviations of individual subgroup. Similar to X ̅-R Chart, X ̅-s chart should only be used when within-subgroup variation is detectable, and the between-subgroup variation is insignificant compared with within-subgroup variation.

Since X ̅-s chart is very close to X ̅-R chart, when should they be used respectively? In fact, X ̅-s is always preferred over X ̅-R chart, as the process variation σ ̂_X ̅  is better estimated with average standard deviation of subgroups than average range of subgroups. One may consider using X ̅-R chart only if the SPC cannot be done with computer and hence calculation of standard deviation is inconvenient. But if the subgroup size is 9 or more, the estimation of σ ̂_X ̅  with average range of subgroups becomes too poor, and X ̅-s chart should be used in this case, even the calculation of standard deviation is difficult.

    X ̃-R chart is also close to X ̅-R chart. But in this chart, median, instead of average, of each subgroup is monitored. Comparing X ̃-R chart with X ̅-R chart, the latter is preferred, since for process control, one cares about the location of the process average, which is better estimated with X ̅ than X ̃. X ̃-R chart should be used only if the calculation of subgroup average is not convenient, e.g. when doing SPC on a paper.

    As a summary, when choosing the right control charts, one needs to follow the below priority:

1. Average and Standard Deviation Chart (X ̅-s Chart)
2. Average and Range Chart (X ̅-R Chart)
3. Median and Rang Chart (X ̃-R Chart)
4. Individuals and Moving Range Chart (X-MR Chart)

i.e. X ̅-s chart should be always considered first, but if the subgroup size is less than 9 and the calculation of standard deviation is not convenient, X ̅-R chart can be used as an alternative. And if the calculation of subgroup average is also not convenient, then X ̃-R chart can be used instead of X ̅-R chart. All the above control charts require that subgroups with detectable within-subgroup variation can be obtained, and the between-subgroup variation is insignificant compared with within-subgroup variation. If it’s not possible to obtain such subgroups, one can then use X-MR chart.