In this episode of Kellerman Consulting’s free KPI video series, we are going to discuss practically how key performance indicators are handled in quality and safety management systems and what auditors will be looking for in properly functioning programs.
ISO 9001 KPI Requirements
For ISO 9001 there are two main sections where KPIs should be documented.
- Section 5 addresses leadership and there should be written evidence that leadership was included in selecting KPIs.
- Section 6 addresses risks and opportunities and each KPI should be documented and evaluated with risk assessment discussions.
To assure that KPIs are properly integrated into the QMS, we strongly recommend including the key performance indicators into the required policy statement for the program.
Personnel are required to know the policy statement for ISO programs, so including KPIs in this statement will further solidify the importance of KPIs and will also reinforce knowledge of the key metrics that are being measured.
Review Requirements for KPIs
Failure Mode Engineering Analysis (FMEA) is a type of risk assessment that identifies potential failures in a design, process or a product or service. If the facility uses a FMEA model of risk analysis, KPIs for operations may be included as risks that should be assessed.
Beyond risk assessment, the review requirements for KPIs include an annual review of risks and opportunities, and where KPIs are stable, only performing the review once per year may make sense.
However, when we add or make changes to our key performance indicators, and anytime we have a failure in the metrics, that should trigger a review. When this has occurred, we should expect to perform a risk and opportunities review more frequently going forward.
ISO 9001 Review Actions Should be Scheduled
For the final actions in an ISO 9001 program that have properly implanted key performance indicators, we need to make sure that the review actions by quality assurance and management occur as scheduled.
As with the risk and opportunities review of KPIs, we must review that our resources and operations actions occurred as expected.
ISO 9001 Internal Audits Include KPIs
In section 9 of the ISO 9001 code, we must perform an internal audit and management review. For the internal audit, the internal audit team must examine the recorded data for completeness and accuracy, as well as training records for personnel associated with KPI data collection, and analysis and all non-conformance root cause analyses, corrective and preventive actions associated with failures in that data.
Because key performance indicators are so important to our organization, it is best for top management to duplicate the actions of the internal audit team with respect to KPI evaluations.
Top management should be presented the findings of the internal audit to make sure that the findings of management review matched those of the internal audit.
KPIs in GFSI Programs
For GFSI programs such as SQF, BRCGS, Primus and FSSC 22000, KPIs are not required, but are highly recommended as focus points within the program.
For businesses subscribed to any GFSI program, Key performance indicators should be written into the food safety policy statement, along with a commitment to the scheme, a commitment to delivering safe food and to meeting customer expectations.
By writing the KPIs into the policy statement, each of the indicators become essential to the success of the program, are properly communicated to all staff, and the reviews of the KPIs can be submitted during audit as proof that the program is running as intended.
KPIs as Part of Management Review
Once the KPIs have been added to the Food Safety Policy Statement, they should then be reviewed as part of the review programs within GFSI schemes.
The first place where KPIs should be reviewed as part of the program is in management review processes. In all of the GFSI programs, Management Review is performed each month to confirm that the program is running as expected, as well as annually for the entire program.