LEM TECH France External Quality Assessor who triggered a CTO approved internal Documentation/Configuration Management Initiative at Group Level which I defined the roadmap implemented by an external consultant+ implemented an IATF16949 and ASPICE Risk Management compliant process using state-of-the-art online ALM and tool

Considering I had no official management  responsibilties/ non-exhaustive list:

QUALITY ASSURANCE / PROCESS IMPROVEMENT

• First time 2 internal Quality Assessments (performed with a highly skilled co-assessor, the Group FuSa & QA Manager, and whose recommendation is added in the dedicated section ), lead to:

  • a tangible awareness from Senior Management and CTO of the critical situation of the Documentation / Configuration practices (low level SW & high level documentation management findings) in terms of cost, time efficiency and maturity (potentially 0.5Meuro/year/site to save = 2Meuros once fixed on all LEM sites and an increased level of CM process maturity clearly required to comply with ASPICE, IATF 16949 and ISO 9001 that should lead to much better quality / reliability / data integrity due to process automation).

  • a Major internal company-wise initiative sponsored/approved by the CTO based on my Assessment results and the road map with its 6-7 Work Packages I defined and that resulted in the hiring of a Senior Consultant to implement the roadmap in LEM Product Development Process.

  • To be noted, the VP Quality said during the conclusion meeting of the first interim assessment “with Antoine, we don’t need any BIG external agency to perform our assessments”.

• First time the findings raised during the internal Assessment and the SW PPAP action plan are properly tracked in CodeBeamer ALM.

• First time Confluence and Sharepoint tools are used in the FuSa/SWQA/Cybersecurity team with state of the art practices to exhaustively (no use of basic hard drive / server without real Version Mgt tool installed on it, like Tortoise SVN) and properly store/archive/retrieve, automatically handle versions, allow collaborative and simultaneous modifications and create baselines of formal work products (whether these are process or project/product-related Configuration Items) + use of advanced dynamic and asynchronous Sharepoint features to send automatic and real time notifications when specific work products under configuration have just been modified (=> ensure better CM integrity / visibility on few sensitive work products). It motivated other team members to manage their documents in Sharepoint as well.

• First time an independent Authority (V&V, QA, FuSa, CS, PQE, external IATF/ISO certification body…) detects that the automatic Polyspace (Bugfinder/Codeprover) source code analyses have been deactivated from the DevOps (CI/CB/CD) process for a while, potentially hiding major defects and causing bottleneck effects at the EOF the project.

• Huge rework of the QAP template structure and content (Quality Assurance Plan) to document a brand new QAP in Confluence web based tool and use its review features to organize the first very effective and collaborative formal and informal reviews of the QAP in LEM Tech France on an ASIL B Residual Current Detection Sensor: 71 informal review findings raised by Project Quality Engineer, FuSa Manager, SW Lead, System Engineer and PM in Confluence tool using its “resolved/unresolved comments” feature + 30 formal review findings raised by an independent QA Engineer using the first template of Formal Work Product Review Form including automatic KPIs that I created during the first week of my contract in LEM Tech France (Pivot tables).

• First time a formal Work Product/Project Plan (QAP) integrated an easy-to-understand, graphical and brief textual overview of the RCD product in English language (without the use of AI) based on documents and an informal technical presentation provided by an Innovation Expert, this brand new sensor supposed to be a SeooC (Safety Element Out Of Context) and innovative COTS (Component On The Shelves) based on the fluxgate technology (electromagnetism concept) which was one of the key products for the future international sales strategy of the company still had NO CONCRETE HIGH LEVEL DESCRIPTION of the PRODUCT in ENGLISH LANGUAGE in a half-page to properly document and communicate project work products internally, and most important, to all external Stakeholders, including current potential clients. I then witnessed several other project plans/items that reused my product overview / high-level description in English (e.g. Functional Safety Concept from Project FuSa Manager). 🙂

• First time Codebeamer ALM has been used to estimate, schedule, track and close the FuSa and QA tasks (transversal, process & project/product). I initiated these practices spontaneously, then the Line Manager decided to move the fuSa & QA Team Tasks plan and tracking from a basic excel sheet to Codebeamer trackers and metrics.

• First time a concrete and formal Risk Management process has been established including a Risk Management Plan documented in Confluence and covering all requirements from applicable standards (the latest version of the IATF 16949 which now insists on the need to manage all risks properly, ASPICE Risk Management Process) and a formal Risk Tracker in Codebeamer ALM that implements Risk Mgmt Plan requirements.

New QA Strategy establihed in Confluence tool in order to get it much more interactive => it led to a very effective and collaborative formal and informal review of this QAP:

• 71 informal review findings raised by the Project Quality, Functional Safety, System Engineer, SW Product Leader and Project Manager (using "(un)Resolved Comments" feature of Confluence tool)

• 30 formal review finding raised by the independent Quality Engineer who used the first template of Formal Work Product Review Form (see below) including automatic KPIs that I created during the first week of my contract in LEM Tech France (Pivot tables).

"Confidence in the Use of SW Tools" mandatory activities from ISO26262 (SW Tools Usage Report) managed in Confluence tool as per my decision and presentation to the external safety assessors. Not in CodeBeamer as secretly attempted by the Head of SW, which would have caused us major problems during the final assessment.

Easy-to-understand, graphical and brief textual overview of the RCD product in English language (without the use of AI) based on documents and an informal technical presentation provided by an Innovation Expert, this brand new sensor supposed to be an ISO26262 SeooC (Safety Element Out Of Context) and innovative COTS (Component On The Shelves) based on the fluxgate technology (electromagnetism concept) which was one of the key products for the future international sales strategy of the company still had NO CONCRETE HIGH LEVEL DESCRIPTION of the PRODUCT in ENGLISH LANGUAGE in a half-page to properly document and communicate project work products internally, and most important, to all external Stakeholders, including current potential clients. I then witnessed several other project plans/items that reused my product overview / high-level description in English (e.g. Functional Safety Concept from Project FuSa Manager). 🙂

I was rewarded throughout my 2 years as a freelance engineer at LEM TECH France right from the end of the first month when my workload increased from 60% to 100% (there were 2 freelancers hired at the same time, but the other one was not retained) and being responsible, in addition to quality assurance on the RCD project, for Functional Safety on the BDM project (in particular, "Confidence in the Use of SW Tools" and "Dependent Failure Analysis", 2 subjects required by ISO26262 and not yet addressed by LEM). My freelance contracts were extended 3 times through a recruitment agency with an increase in the hourly rate at each contract renewal, and then LEM hired me for 1 year as a tier #1 supplier and increased my hourly rate by 40%. Once again, the greatest reward remains the human adventure I had in this team as you can see from the 2 reviews that Raphaël and Massimiliano have provided. With Valeo and Ausy, LEM TECH France remains one of my best professional memories.

Silicon Gears ISO9001 Project: Quality Lead reporting to Company CEO & setting up corporate QMS

Directly reporting to the CEO, I was in charge of setting up and managing the implementation of our internal Quality Management System based on ISO 9001, A-SPICE, ISO 26262, SAFe and the QMS of our main customer.
I established the Process Improvement Plan (written in "Confluence" tool - see picture below) covering both the Company level processes required for an ISO 9001 certification (Management, Risks, HR, Finance, IT, Quality etc.) and the Automotive Software processes required for a compliance with ISO 26262 and A-SPICE (SW Project Management, Agile, SW Configuration Management, Peer Reviews, SW Quality Assurance, etc.)
Regarding the implementation of the ISO 9001:2015 (which was my top priority defined by the General Manager), I drafted the Quality Management Manual (including the SWOT Analysis & the Process Map) and performed the COTO exercise (Context of the Organisation). I also drafted the Risk Management Procedure, the Risks & Opportunities Register (see pictures below), and the a significant part of the SWQA and Peer Review processes as detailed hereafter.

I was also responsible for deploying the very first SW Quality Assurance activities on our Automotive SW projects:
- I established the first SW Quality Assurance Plan/Schedule to plan and track the QA activities (see picture below).
- I implemented the Peer Review process defined by our main customer within our automotive SW projects. I deployed into the company an excellent online Review tool called SmartBear Collaborator It was covering all phases of the SW development lifecycle, from SW Plans and Requirements reviews to Code, Unit, Integration and Functional Testing reviews. I practically managed these reviews using the defined process and coached the SW engineers to implement them efficiently.
- I also hired 1 SWQA engineer

Left the company when it has been acquired by its main customer: indeed there was no need to define and deploy a new QMS anymore as the new Owner of the Company wanted to simply transfer its own QMS from Austria to the site in Barcelona, which makes no sense IMHO when there is such a difference of culture. Managers/Engineers from Barcelona needed to be involved and coordinated (by myself) to establish their own processes/tools and not reuse a legacy QMS already out-of-date and not adapted to latin engineers. The scope of my job was therefore very reduced compared to the initial commitment. I decided to leave the company to start a new challenge with my own Limited Company based in the UK.

RENESAS Electronics Europe: Maintain compliance with ISO9001 and CMMI L3

In 2014, Antoine, among other PMO activities, project leader for the AUTOSAR MCAL software lifecycle transformation and ISO26262 Functional Safety Auditor, had the heavy responsibility of maintaining compliance with ISO 9001 (and CMMI L3) for nearly all automotive, industrial, and HW/SW development kit projects of Renesas Electronics Europe in London and Düsseldorf. This involved auditing around 20 projects per month using the QMS audit checklist as you can see in the images below. I also include feedback from my client, the Manager of the SWQA & PMO department, David Clark, the PMO expert, Principal Engineer, Joanne Barnes, and the AUTOSAR Verification Manager, Meena Rajamani.

Rewards:

12 months contract extended 12 more months and proposal for permanent hiring

10% Increase of the rate at the contract extension

Full autonomy on the Audits of approx. 20 AUTOSAR, Industrial and Renesas development kits (HW/SW) projects per month

Full autonomy on the Functional Safety Audit on the AUTOSAR MCAL ASIL B raised as one of the main strengths by a recognized External ASPICE/ISO26262 Assessor & 2 QA Managers from our German customer HELLA.

Approval of my proposal for the Transformation project of the traceability and consistency of the  SW lifecycle items

Again, a very good welcoming from my colleagues, including a German one from Düsseldorf, and a great experience in London city!

What's a good Quality/Safety Culture? The one we still believe in PragmaCert, but that many consultancies forgot...

We strongly think that if any company follows the principles of a good quality/safety culture listed above (extract from ISO26262) implemented via its own QMS (and supported by an honest external consultancy & certification body), then it will improve its performance in ALL areas of the company, from the employee involvement, the management culture, the HR turnover to the reputation on the market, the customer satisfaction and the company growth.

You would achieve these great results with ISO9001, ISO26262, ISO27001, IATF16949, ASPICE, CMMI, PMP, etc.

All these frameworks, when well tailored and implemented in any organization, lead to tangible and significant improvements in both internal and external activities.

ISO 9001 standard: a key tool for the performance of your company

The ISO 9001 standard related to quality management systems (QMS) can provide your company with a significant competitive advantage in an intensely competitive market marked by the increasing pace of technological advancements.

From project management to quality, training, and risk management, this standard promotes operational excellence and customer satisfaction.

The ISO 9001 standard, officially "ISO 9001:2015," is an international standard that defines the requirements for a quality management system (QMS). This standard applies to any type of organization, regardless of its size or industry sector. It is based on seven principles of quality management:

Customer focus: the ultimate aim of the company is to meet the needs and expectations of its customers in the broadest sense;

Leadership: top management must provide a direction and an internal environment conducive to achieving objectives;

Employee engagement and involvement: a high-performing organization attracts and retains competent individuals. It involves and empowers them to achieve its goals;

Process approach: to obtain consistent and predictable results, activities and related resources are managed as processes;

Continuous improvement: high-performing organizations commit to a continuous improvement approach for their processes, as well as their products and services, particularly based on feedback from their customers;

Evidence-based decision-making: the decision-making process is based on data rather than gut feeling and intuition;

Stakeholder relationship management: high-performing organizations manage relationships with actors of their ecosystem in a rational and voluntary manner in the service of customer satisfaction.

The ISO 9001:2015 standard introduces the concept of "risk-based approach" for the QMS: the organization must indeed identify the risks and opportunities that could affect the conformity of its products and services and provide itself with the means to achieve the expected results.

Lastly, note that the ISO 9001:2015 standard is based on the PDCA approach (Plan - Do - Check - Act), which works for continuous improvement.

Obtaining ISO 9001 certification certifies that the organization has implemented an effective QMS that complies with the requirements of the standard. It is generally granted by an independent and recognized certification body after a thorough audit of the organization's QMS.

ISO 9001: what is the benefit for your company? Let's explore how the ISO 9001 standard can serve as a lever to optimize operations, quality, and reputation of your company.

Improvement of project management: companies often manage numerous projects simultaneously with different clients, teams, and technologies. The use of subcontractors and external consultants adds a layer of complexity to project management.

The ISO 9001 standard encourages the standardization and documentation of project management processes, which helps improve efficiency, coordination, and communication, as well as reduce the risks associated with subcontracting.

By adopting a systematic and consistent approach to project management, companies can better control costs, meet deadlines, ensure quality, and satisfy client expectations;

Quality assurance of services: we live in a particularly competitive market, and the range of products and services tends to standardize with the accessibility of technologies and knowledge. Consequently, prices often end up aligning. That is why the quality of service is often becomes the main differentiating factor.

The ISO 9001 standard, which emphasizes continuous improvement, equips companies to deploy a rigorous quality assurance process, particularly with the standardization of service procedures and the implementation of customer feedback systems;

Skills management and training: the digital sector is undoubtedly the most dynamic area of activity, and the pace of technological advancements increases each year. This is evident with the boom of generative AI, which sees an almost weekly rate of innovation. Therefore, companies must ensure that their teams possess the necessary skills and knowledge to equip their clients and help them navigate a turbulent technological environment.

The ISO 9001 standard encourages organizations to implement formal processes for skills and training management, thus ensuring that employees are up to date with the latest technologies and practices of the sector.

Risk management: companies face a wide range of risks, whether internally or with their clients (cyberattacks, data breaches, rapid technological changes, obsolescence, etc.). The ISO 9001 standard encourages a proactive approach to risk management by identifying potential risks, assessing their impact, and implementing appropriate management plans.

Improvement of reputation: obtaining ISO 9001 certification can enhance the reputation of companies among their clients, partners, and stakeholders. It demonstrates the company's commitment to quality and continuous improvement, which can add value to the brand image in a highly competitive market. Stakeholder management is part of the 7 key principles of the ISO 9001 standard, and this involves an effective management of third-party compliance with their contractual obligations, applicable laws, as well as your own quality standards. In an increasingly demanding legal macroenvironment, third-party compliance must no longer be the weak link in your quality management system.

THE ISO/QUALITY/SAFETY BUTCHERY: Those who totally forgot the key principles listed above

CONCRETE EXAMPLES OF CORRUPTED / FAKE / COUNTERPRODUCTIVE / DEMOTIVATING & DESTRUCTIVE ISO9001 (AND OTHER QUALITY / SAFETY / PROCESS IMPROVEMENT) INITIATIVES UNDER THE RESPONSIBILITY OF WELL-ESTABLISHED CONSULTANCIES SUPPOSED TO BE AT THE STATE-OF-THE-ART IN THIS AREA

• In one German/Spanish Automotive Tier-1 company, 2 BIG Swiss/German and Internationally well-established consultancies/certification bodies were in charge of the ISO9001 and ISO15504/ASPICE implementation support and certification audits. The results have been terrible, this is exactly what we don't want to do in PragmaCert Ltd with our clients.

  • the internal QMS/Standard Process has been written in 3 months only by 1 quality engineer alone (which consisted more or less in a rough copy/paste of the ISO9001/ASPICE models without any tailoring to the company projects / environment / characteristics) instead of the average 12 months involving all process owners from the company staff. Nobody knew this QMS/Standard Process and instead used to apply a parallel informal process documented by the real managers/engineers in other "Confluence" pages but not considered by the Corporate Quality Manager => Both external interim and final ISO9001 Audit and ASPICE Assessment should have easily detected these MAJOR weaknesses

  • Absolutely no communication from the Top / Quality Management on the Management policy, the QMM, the applicable procedures and the objectives of the organization regarding ISO9001, IATF16949 and ASPICE implementation => Both external interim and final ISO9001 Audit and ASPICE Assessment should have easily detected these MAJOR weaknesses

  • the Corporate Quality Manager used to corrupt the results of the internal ASPICE/ISO9001 Gap Analyses: I was in charge of auditing the QA process and I raised 2 blocking non-conformances which led the QA process to maturity level = ZERO. The Corporate Quality Manager sent official results with a QA process at maturity level 2... => Both external interim and final ISO9001 Audit and ASPICE Assessment should have easily detected these MAJOR weaknesses when reviewing the QA work products evidence

  • the interview of the PM during the final external Assessment has been totally corrupted: the PM used to receive all answers to the Assessor's questions on another Ms Teams chat and Screen from the Senior Quality Engineer of the assessed project. On top of that, the PM presented 3 different ways of tracking the project budget without being able to clearly states which one was used to present project KPIs to internal Management and to know whether the project was on track or not. I was co-assessor on PM process and I wrote this MAJOR weakness in the report but the external Lead Assessor ignored it... it should have led to the failure of the certification

  • 2 weeks after the external ISO15504/ASPICE Assessment provided by this well-known German certification body, one first very experienced and skilled Senior Quality Engineer resigned because of his anger against the Corporate Quality Manager and all the points above (non exhaustive list). 1 month later, the other very experienced and skilled Senior Quality Engineer (myself) resigned for the same reasons (quite a lot of insane behaviours from our line manager & HR). Finally, 6 months later, the Corporate Quality Manager has probably been pushed outside the company because she also left her position to start a much less senior role.

  • In summary, the ISO9001 & ISO15504 certifications supported and provided by these BIG German consultancy / certification body led to the destruction of the entire Quality Department in Spain (1 Senior Manager, 2 Senior Engineer, 1 Master's Degree Intern) which has never been created again and to the resignation of numerous staff members totally demotivated by what the Quality Manager got them think Process Improvement is, and as usual the best always leave first.

• In one Spanish company, 1 BIG French and internationally well-established consultancy/certification body was in charge of the ISO9001 implementation support and certification audit. The result has been very surprising, this is also what we don't want to do in PragmaCert Ltd with our clients.

  • the internal QMS/Standard Process has been written in less than 3 months by the Corporate Quality Manager alone and in Spanish ONLY (whereas this company was evolving in a very international environment, thus always speaking in English with customers and suppliers all over the world) instead of the average 12 months involving all process owners from the company staff. Nobody knew this QMS, neither my colleague/friend at the very important role of Head of SW & Controls nor the FuSa & CS Engineer working under my supervision (as FuSa & SWQA Manager) and in charge of merging the CSMS with the QMS => Both external interim and final ISO9001 Audit should have easily detected these MAJOR weaknesses

  • Absolutely no communication from the Top / Quality Management on the Management policy, the QMM, the applicable procedures and the objectives of the organization regarding ISO9001=> Both external interim and final ISO9001 Audits should have easily detected these MAJOR weaknesses

  • 3 Project Managers, 1 System Engineer and 1 FuSa & SWQA Manager resigned in 1 year only on the main Automotive project of the company under the direct supervision of the COO due to the very chaotic environment maintained by this Top Manager (and some of his reports). I directly pointed out his behaviour when I resigned from my external assignment there and he's been downgraded to Team Leader level few weeks later, then he resigned.

  • Despite the prevailing chaos in the company, especially in the Engineering Department, and the total lack of implementation of the supposed QMS that no one was aware of, and although the company used to work on quite various and challenging activities (top level electric racing, transition to mass production automotive sector, international context on both client and suplliers sides, highlly regulated industry R155/156, ISO26262, ISO21434, ISO9001..., both OEM and Tier-1 responsibilities, both full electric and hybrid Hydrogen/electric powertrains, no internal knowledge of real System Engineering but rather Electronics Product engineering like in the 2000's, etc.) this globally recognized French certification body has certified ISO 9001:2015 for this company less than 3 months after the annoncement of the start of the QMS project... that's just a shame, and, as I warned them when I resigned, they spectacularly crashed into the mass production automotive sector few months later (after acquiring the former Nissan production site in Barcelona Zona Franca to launch into mass production of electric vehicles, they were forced to sell back 60% of the site because they did not meet any objectives to be ready to produce a Chinese vehicle for which they were supposed to develop and produce the electric powertrain). From the last information I received form my internal contact there, all automotive activities have been stopped but they are ISO9001:2015 certified... this is the ISO/Quality/Safety Butchery that PragmaCert Ltd doesn't not want to be part of!

• 1 other quick example among several unfortunate experiences:

  • In the European R&D Centre of a quite famous Japanese Automotive Tier-1, the Quality Director used to clearly wait for the retirement and had absolutely no skills in Quality Management/Assurance, Project Management, Process Improvement, Safety etc... He was a former HW Team Leader who was more or less sent into early retirement for this position as Quality Manager, reporting to no independent quality/safety authority within the Group and only dealing with the metrics of requirements traceability under DOORS, an activity of an intern with a BTS diploma. When I proposed to him after several months in the company to start using TuleAp ALM to estimating, planning, tracking, closing, and improving the quality assurance activities of the R&D center of which I was the only Quality Engineer among over 200 engineers and technical managers (while the good ratio is about 1/10, 1/20), this so-called quality director, who arrived at the same minute every morning and left at the same minute every evening, aggressively told me, "Oh, I'm not going to start doing secretarial work at my age." This company has all the ISO 9001, IATF 16949, and ASPICE L2 certifications provided by 1 large & 1 small well-established German & French consulting firms... again, the "ISO/Quality/Safety Butchery" in all its splendor...