We specialize in the following consultancy areas for both management and technical skills serving a wide range of clients:
1. GAP ANALYSIS
A gap analysis is a method of assessing the differences in performance between a business’ information systems or software applications to determine whether business requirements are being met and, if not, what steps should be taken to ensure they are met successfully. Gap refers to the space between “where we are” (the present state) and “where we want to be” (the target state). A gap analysis may also be referred to as a needs analysis, needs assessment or need-gap analysis.
There are a variety of gap analysis tools on the market, and the particular tool used on a company depends on its specific set of target objectives. The following are some common gap analysis methods:
McKinsey 7S Framework: This gap analysis tool, named after consulting firm McKinsey & Co., is used to determine specific aspects of a company that are meeting expectations. An analyst using the 7S model examines the characteristics of business through the lens of seven people-centric groupings: strategy, structure, systems, staff, style, skills and shared values. The analyst fills in the current and future state for each category, which would then highlight where the gaps exist. The company can then implement a targeted solution to bridge that gap.
SWOT analysis: SWOT, which stands for strengths, weaknesses, opportunities and threats, is a gap analysis strategy used to identify the internal and external factors that affect the effectiveness and success of a product, project or person. Once these factors are determined, the company can then determine the best solution by playing to their strengths, allocating resources accordingly, while at the same time avoiding potential threats.
Nadler-Tushman model: The Nadler-Tushman organizational congruence model, named after Columbia University professors David A. Nadler and Michael L. Tushman, examines how business processes work together and how gaps affect the operational efficiency of the organization as a whole. The model analyzes these operational gaps by analyzing the company’s operational system as one that transforms inputs into outputs, dividing the business processes into three groups: input, transformation and output. Input includes the operational environment, tangible and intangible resources used, and the company culture. Transformation encompasses the existing systems, people and project activities currently in place that convert input into output. Outputs can take place at a system, group or individual level. The Nadler-Tushman model puts a spotlight on how inadequate inputs and transformation functions that fail to work together cohesively can lead to gaps, as well as how gaps in the outputs can point to problems in the inputs and transformation functions. This model highlights how the various components fit together, or are congruent — the more congruent these parts are, the better a company performs. The Nadler-Tushman model is a dynamic one that changes over time.
A collection of information in terms of a Quality Manual,Quality Policy, Quality Objectives and Quality Statement,Standard Operating Procedures (SOP’s),Work Instructions,Checklists,Flow Charts,Forms & Records.
For both large and small organizations (SME’s) there are some important considerations when implementing a management system.
ISO is a powerful business improvement tool and so you will need to think about the way your business is managed and what your strategic goals are.
Engagement of people is also important and to successfully implement ISO you must make sure that your whole business is on board. You may also need to make sure that people are trained to effectively implement the ISO management system.
We can help remove the complexity of implementing ISO management system with our unique collection of tools and services such as Our Training Skills
Tips for implementation:
Get commitment and support from senior management.
Engage the whole business with good internal communication.
Compare your existing quality & management systems with ISO requirements.
Get customer and supplier feedback on current quality management.
Establish an implementation team to get the best results.
Map out and share roles and responsibilities.
Adapt the ISO principles of quality management to your business.
Motivate staff involvement with training and incentives.
Share ISO knowledge and encourage staff to train as internal auditors.
Regularly review your ISO management system to make sure you are continually improving it.
Auditing is the on-site verification activity, such as inspection or examination, of a process or quality system, to ensure compliance to requirements. An audit can apply to an entire organization or might be specific to a function, process, or production step.
As defined in ISO 19011:2011—Guidelines for auditing management systems, an audit is a “systematic, independent and documented process for obtaining audit evidence [records, statements of fact or other information which are relevant and verifiable] and evaluating it objectively to determine the extent to which the audit criteria [set of policies, procedures or requirements] are fulfilled.” Several audit methods may be employed to achieve the audit purpose.
There are three discrete types of audits: product (which includes services), process, and system. However, other methods, such as a desk or document review audit, may be employed independently or in support of the three general types of audits.
Some audits are named according to their purpose or scope. The scope of a department or function audit is a particular department or function. The purpose of a management audit relates to management interests such as assessment of area performance or efficiency.
An audit may also be classified as internal or external, depending on the interrelationships among participants. Internal audits are performed by employees of your organization. External audits are performed by an outside agent. Internal audits are often referred to as first-party audits, while external audits can be either second-party, or third-party.
There are 3 Types of audits namely:
Product audit – An examination of a particular product or service (hardware, processed material, software) to evaluate whether it conforms to requirements (that is, specifications, performance standards, and customer requirements).
Process audit – A verification that processes are working within established limits. It evaluates an operation or method against predetermined instructions or standards to measure conformance to these standards and the effectiveness of the instructions. Such an audit may:
Check conformance to defined requirements such as time, accuracy, temperature, pressure, composition, responsiveness, amperage, and component mixture.
Examine the resources (equipment, materials, people) applied to transform the inputs into outputs, the environment, the methods (procedures, instructions) followed, and the measures collected to determine process performance.
Check the adequacy and effectiveness of the process controls established by procedures, work instructions, flowcharts, and training and process specifications.
System audit – An audit conducted on a management system. It can be described as a documented activity performed to verify, by examination and evaluation of objective evidence, that applicable elements of the system are appropriate and effective and have been developed, documented, and implemented in accordance and in conjunction with specified requirements.
A quality management system audit evaluates an existing quality program to determine its conformance to company policies, contract commitments, and regulatory requirements.
Similarly, an environmental system audit examines an environmental management system, a food safety system audit examines a food safety management system, and safety system audits examine the safety management system.
Internal & external audits: first-, second-, and third-party audits:
A first-party audit is performed within an organization to measure its strengths and weaknesses against its own procedures or methods and/or against external standards adopted by (voluntary) or imposed on (mandatory) the organization. A first-party audit is an internal audit conducted by auditors who are employed by the organization being audited but who have no vested interest in the audit results of the area being audited.
A second-party audit is an external audit performed on a supplier by a customer or by a contracted organization on behalf of a customer. A contract is in place, and the goods or services are being, or will be, delivered. Second-party audits are subject to the rules of contract law, as they are providing contractual direction from the customer to the supplier. Second-party audits tend to be more formal than first-party audits because audit results could influence the customer’s purchasing decisions.
A third-party audit is performed by an audit organization independent of the customer-supplier relationship and is free of any conflict of interest. Independence of the audit organization is a key component of a third-party audit. Third-party audits may result in certification, registration, recognition, an award, license approval, a citation, a fine, or a penalty issued by the third-party organization or an interested party.
Purposes of audits:
An auditor may specialize in types of audits based on the audit purpose, such as to verify compliance, conformance, or performance. Some audits have special administrative purposes such as auditing documents, risk, or performance or following up on completed corrective actions.
A product, process, or system audit may have findings that require correction and corrective action. Since most corrective actions cannot be performed at the time of the audit, the audit program manager may require a follow-up audit to verify that corrections were made and corrective actions were taken. Due to the high cost of a single-purpose follow-up audit, it is normally combined with the next scheduled audit of the area. However, this decision should be based on the importance and risk of the finding.
An organization may also conduct follow-up audits to verify preventive actions were taken as a result of performance issues that may be reported as opportunities for improvement. Other times organizations may forward identified performance issues to management for follow-up.
There are 4 Phases of an audit:
Audit preparation – Audit preparation consists of everything that is done in advance by interested parties, such as the auditor, the lead auditor, the client, and the audit program manager, to ensure that the audit complies with the client’s objective. The preparation stage of an audit begins with the decision to conduct the audit. Preparation ends when the audit itself begins.
Audit performance – The performance phase of an audit is often called the fieldwork. It is the data-gathering portion of the audit and covers the time period from arrival at the audit location up to the exit meeting. It consists of activities including on-site audit management, meeting with the auditee, understanding the process and system controls and verifying that these controls work, communicating among team members, and communicating with the auditee.
Audit reporting – The purpose of the audit report is to communicate the results of the investigation. The report should provide correct and clear data that will be effective as a management aid in addressing important organizational issues. The audit process may end when the report is issued by the lead auditor or after follow-up actions are completed.
Audit follow-up and closure – According to ISO 19011, clause 6.6, “The audit is completed when all the planned audit activities have been carried out, or otherwise agreed with the audit client.” Clause 6.7 of ISO 19011 continues by stating that verification of follow-up actions may be part of a subsequent audit.
Certification can be a useful tool to add credibility, by demonstrating that your product or service meets the expectations of your customers. For some industries, certification is a legal or contractual requirement.
Choosing a certification body
When choosing a certification body, you should:
Evaluate several certification bodies.
Check if the certification body uses the relevant Committee on Conformity Assessment CASCO standard
Check if it is accredited. Accreditation is not compulsory, and non-accreditation does not necessarily mean it is not reputable, but it does provide independent confirmation of competence. To find an accredited certification body, contact the national accreditation body in your country or visit the International Accreditation Forum.
Displaying your certificate
Remember, when labeling a product or system as certified to an ISO standard:
Don’t say: “ISO certified” or “ISO certification”
DO say: “ISO 9001:2008 certified” or “ISO 9001:2008 certification”
Contact us for one or more of the above consultancy work which we offer till you get certified and ensure system implementation and continual improvement.
Our Trainers and Consultants are registered under the Directorate of Occupational Safety and Health Services (DOSH) in the Ministry of Labour, National Environmental Management Authority (NEMA), National Industrial Training Authority (NITA), Rainforest Alliance (RA) and National Quality Institute under Kenya Bureau of Standards (NQI-KEBS). This guarantees the quality of services we provide.