The Interaction of Processes (IOP) chart or graphic is very important and a critical starting point for managing your Quality System. The IOP must define your business processes and address all applicable requirements of ISO9001 or AS9100. The requirements for an IOP are the same for both standards and these requirements haven't changed much since ISO9001:2000. Because these requirements have been around for so long, it is surprising how many companies struggle to get it right.
AS9100D 4.4.1 states:
The organization (that's you) shall establish, implement, maintain, and continually improve a quality management system, including the processes needed and their interactions, in accordance with the requirements of this International Standard.
The organization’s quality management system shall also address customer and applicable statutory and regulatory quality management system requirements.
The organization shall determine the processes needed for the quality management system and their application throughout the organization, and shall:
a. determine the inputs required and the outputs expected from these processes;
b. determine the sequence and interaction of these processes;
c. determine and apply the criteria and methods (including monitoring, measurements and related performance indicators) needed to ensure the effective operation and control of these processes;
d. determine the resources needed for these processes and ensure their availability;
e. assign the responsibilities and authorities for these processes;
f. address the risks and opportunities as determined in accordance with the requirements of 6.1;
g. evaluate these processes and implement any changes needed to ensure that these processes achieve their intended results;
h. improve the processes and the quality management system.
Stated plainly, you must list the processes e.g. QA, HR, Sales, Purchasing, Engineering, Production, etc., etc. Included in this "listing" are inputs, outputs and interactions.
How will you assess the performance of these processes? If the process is intended to meet certain AS9100D requirements that fall within section 8, then meaningful, measurable targets must be in place. These need to define the time frame for obtaining the objective and who is responsible and how the objective is to be met (see AS9100D 6.2). The performance of the processes shall be reviewed during management review (see AS9100D 9.3).
For these processes, assign responsibilities. This could be an organization chart. This could be defined in procedures. This could be in job descriptions.
Understand and address risks related to each process. This can be a Risk Matrix, or an FMEA or any styling of risk assessment you like.
Finally, improve the performance of these processes over time.
Will a "list" really work for this? No, but it may be a good staring point. The truth is, the best way to meet this set of requirements, is to create a flow chart which depicts the processes and shows the sequence and interactions between processes.
Tips and Tricks
No doubt you'll end up with "support processes" and/or "management processes" and/or "leadership processes." These are support processes and as such, a defined objective is NOT required if you are careful to note that these are support.
For example: you may have a process called QC and QC is responsible for the requirements of calibration (220.127.116.11, 18.104.22.168) and inspection (8.6) and control of non-conforming outputs (8.7). Processes falling within section 8 shall have objectives. For this example 8.6 and 8.7 are objectives required? Maybe. If QC is support, then no objective is required.
Why not have a process called Production which includes Purchasing, Engineering and Manufacturing? These will be considered "Core processes" and KPIs (objectives) are required. You cannot apply one objective, say on time delivery, to all of these. Objectives must be specific, measurable, and meaningful to the process. If you miss the objective, who is responsible? If you hit the objective, who is rewarded?
It is smarter to divide a large process like production into logical pieces each having their own KPI(s).
The IOP defines the business into significant processes. Sales is a likely process. Do not turn the IOP into a department flow chart noting order enter, credit check, decision points and every other activity related to Sales. Keep it simple.
Some IOPs fail to cover all AS9100D requirements. It is not required, but very helpful, to note the paragraphs of the AS9100 that apply to each process.
If you'd like to see a very easy example, please feel free to email to me and I'll send a good (not perfect) IOP back to you.
Will the QMS Database help you with all of this? Of course it does. QMS processes, objectives, responsibilities and management review are all included.
The IOP drives the audits performed by your certification body. They must follow the process you define, so keep it simple and ensure all requirements are accounted for on the IOP.