Demonstrating conformity with ISO 9001:2008

Demonstrating conformity with ISO 9001:2008

For organizations wishing to demonstrate conformity with the requirements of ISO 9001:2008, for the purposes of certification/registration, contractual, or other reasons, it is important to remember the need to provide evidence of the effective implementation of the QMS.
Organizations may be able to demonstrate conformity without the need for extensive documentation.
To claim conformity with ISO 9001:2008, the organization has to be able to provide objective evidence of the effectiveness of its processes and its quality management system. Clause 3.8.1 of ISO 9000:2005 defines “objective evidence” as “data supporting the existence or variety of something” and notes that “objective evidence may be obtained through observation, measurement, test, or other means.”
Objective evidence does not necessarily depend on the existence of documented procedures, records or other documents, except where specifically mentioned in ISO 9001:2008. In some cases, (for example, in clause 7.1(d)
Planning of product realization, and clause 8.2.4

Monitoring and measurement of product), it is up to the organization to determine what records are necessary in order to provide this objective evidence.
Where the organization has no specific internal procedure for a particular activity, and this is not required by the standard, (for example, clause 5.6 Management Review), it is acceptable for this activity to be conducted using as a basis the relevant clause of ISO 9001:2008. In these situations, both internal and external audits may use the text of ISO 9001:2008 for conformity assessment purposes.

ISO 9001 Standards Requirements – Design and Development

ISO 9001 Standards Requirements – Design and Development

Design and Development Planning
Plan and control the product design and development. This planning must determine the:
Stages of design and development
Appropriate review, verification, and validation activities for each stage
Responsibility and authority for design and development
The interfaces between the different involved groups must be managed to ensure effective communication and the clear assignment of responsibility. Update, as appropriate, the planning output during design and development.
NOTE: Design and development review, verification, and validation have distinct purposes. They can be conducted and recorded separately or in any combination, as deemed suitable for the product and the organization.

Design and Development Inputs
Determine product requirement inputs and maintain records. The inputs must include:
Functional and performance requirements
Applicable statutory and regulatory requirements
Applicable information derived from similar designs
Requirements essential for design and development
Review these inputs for adequacy. Resolve any incomplete, ambiguous, or conflicting requirements.

Design and Development Outputs
Document the outputs of the design and development process in a form suitable for verification against the inputs to the process. The outputs must:
Meet design and development input requirements
Provide information for purchasing, production, and service
Contain or reference product acceptance criteria
Define essential characteristics for safe and proper use
Be approved before their release

Design and Development Review
Perform systematic reviews of design and development at suitable stages in accordance with planned arrangements to:
Evaluate the ability of the results to meet requirements
Identify problems and propose any necessary actions
The reviews must include representatives of the functions concerned with the stage being reviewed. Maintain the results of reviews and subsequent follow-up actions.

Design and Development Verification
Perform design and development verification in accordance with planned arrangements to ensure the output meets the design and development input requirements. Maintain the results of the verification and subsequent follow-up actions.

Design and Development Validation
Perform validation in accordance with planned arrangements to confirm the resulting product is capable of meeting the requirements for its specified application or intended use, where known. When practical, complete the validation before delivery or implementation of the product. Maintain the results of the validation and subsequent follow-up actions.

Control of Design and Development Changes
Identify design and development changes and maintain records. Review, verify, and validate (as appropriate) the changes and approve them before implementation. Evaluate the changes in terms of their effect on constituent parts and products already delivered. Maintain the results of the change review and subsequent follow-up actions.

ISO 9001 Quality Policy

ISO 9001 Quality Policy

The standard requires the quality policy to be appropriate to the purpose of the organization.

The purpose of an organization is quite simply the reason for its existence and as Peter Drucker so eloquently put it there is only one valid definition of business purpose: to create a customer”(Drucker, Peter F., 1977)2 . In ensuring that the quality policy is appropriate to the purpose of the organization, it must be appropriate to the customers the organization desires to create. It is therefore necessary to establish who the customers are, where the customers are, what they buy or wish to receive and what these customers regard as value. As stated above, the quality policy is the corporate policy and such policies exist to channel actions and decisions along a path that will fulfil the organization’s purpose and mission. A goal of the organization may be the attainment of ISO 9001 certification and thus a quality policy of meeting the requirements of ISO 9001 would be consistent with such a goal, but goals are not the same as purpose as indicated in the box to the right. Clearly no organization would have ISO 9001 certification as its purpose because certification is not a reason for existence – an objective maybe but not a purpose.

Policies expressed as short catchy phrases such as “to be the best” really do not channel actions and decisions. They become the focus of ridicule when the organization’s fortunes change. There has to be a clear link from mission to quality policy.

Policies are not expressed as vague statements or emphatic statements using the words may, should or shall, but clear intentions by use of the words ‘we will’

– thus expressing a commitment or by the words ‘we are, we do, we don’t, we have’ expressing shared beliefs. Very short statements tend to become slogans which people chant but rarely understand the impact on what they do. Their virtue is that they rarely become outdated. Long statements confuse people because they contain too much for them to remember. Their virtue is that they not only define what the company stands for but how it will keep its promises.

In the ISO 9001 definition of quality policy it is suggested that the eight quality management principles be used as a basis for establishing the quality policy.

One of these principles is the Customer Focus principle. By including in the quality policy the intention to identify and satisfy the needs and expectations of customers and other interested parties and the associated strategy by which this will be achieved, this requirement would be fulfilled. The inclusion of the strategy is important because the policy should guide action and decision. Omitting the strategy may not ensure uniformity of approach and direction.

The standard requires that the quality policy include a commitment to comply with requirements and continually improve the effectiveness of the quality management system.

A commitment to comply with requirements means that the organization should undertake to meet the requirements of all interested parties. This means meeting the requirements of customer, suppliers, employees, investors, owners and society. Customer requirements are those either specified or implied by customers or determined by the organization and these are dealt with in more detail under clauses 5.2 and 7.2.1. The requirements of employees are those covered by legislation such as access, space, environmental conditions, equal opportunities and maternity leave but also the legislation appropriate to minority groups such as the disabled and any agreements made with unions or other representative bodies. Investors have rights also and these will be addressed in the investment agreements. The requirements of society are those obligations resulting from laws, statutes, regulations etc.

An organization accepts such obligations when it is incorporated as a legal entity, when it accepts orders from customers, when it recruits employees, when it chooses to trade in regulated markets and when it chooses to use or process materials that impact the environment.

The effectiveness of the management system is judged by the extent to which it fulfils its purpose. Therefore improving effectiveness means improving the capability of the management system. Changes to the management system that improve its capability i.e its ability to deliver outputs that satisfy all the interested parties, are a certain types of change and not all management system changes will accomplish this. This requirement therefore requires top management to pursue changes that bring about an improvement in performance.

Management Principles Of ISO 9001 Standards

Management Principles Of ISO 9001 Standards

ISO 9000 is based on eight management principles:

• Customer focus, resulting in meeting customer requirements and striving to exceed them;

• Leadership, aiming to create an internal environment in which people are fully involved;

• Involvement of people who are the essence of an organization;

• Process approach, resulting in improved efficiency to obtain desired results;

• System approach to management, leading to improved effectiveness and efficiency through identification, understanding and management of interrelated processes;

• Continual improvement, which becomes a permanent objective of the organization;

• Factual approach to decision-making, based on the analysis of data and information; and

• Mutually beneficial supplier relationships, based on an understanding of their interdependence.

ISO 9000 encourages the adoption of the process approach to manage an organization. There are five main areas considered for the revised process model in ISO 9000:

• Quality management system

• Management responsibility

• Resource management

• Product realization

• Measurement, analysis and improvement.

ISO 9001 Standards In General

ISO 9001 Standards In General

The adoption of a quality management system should be a strategic decision of an organization. The design and implementation of an organization’s quality management systemis influenced by
— its business environment, changes in that environment, or risks associated with that environment,
— its varying needs,
— its particular objectives,
— the products it provides,
— the processes it employs,
— its size and organizational structure.
It is not the intent of this International Standard to imply uniformity in the structure of quality management systems or uniformity of documentation.
The quality management system requirements specified in this International Standard are complementary to requirements for products. Information marked “NOTE” is for guidance in understanding or clarifying the
associated requirement.
This International Standard can be used by internal and external parties, including certification bodies, to assess the organization’s ability to meet customer, statutory and regulatory requirements applicable to the
product, and the organization’s own requirements.
The quality management principles stated in ISO 9000 and ISO 9004 have been taken into consideration during the development of this International Standard.

Useful Aids to Implement ISO 9001 Standards

Useful Aids To Implement ISO 9001 Standards

Many companies implement ISO 9001 without using all the available tools. As a result, some companies may not fully optimize their implementation. This issue could be manifested as confusion over terms, misunderstanding about requirements, and perplexity concerning intention.
ISO, the International Organization for Standardization, based in Geneva Switzerland issues thousands of standards, but we limit our scope to ISO 9001:2008 and its immediate “family”.
This includes ISO 9000:2005 and ISO 9004:20002. ISO 9001 is a general industry standard forquality management, but ISO also issues industry specific standards. Many of these standards, such as ISO 13485 for medical devices, are based on ISO 9001 and can also utilize these available tools.

In addition to the information discussed below, ISO also issues standards related to specific activities that may arises in a quality management system. The following lists these supporting documents.

Automotive ISO/TS 16949:2002
Education IWA 2:2007
Energy PC 242, ISO 50001
Food safety ISO 22000:2005
Information security ISO/IEC 27001:2005
Health care IWA 1:2005
Local government IWA 4:2005
Medical devices ISO 13485:2003
Petroleum and gas ISO 29001:2003
Ship recycling ISO/PAS 30000:2008
Supply chain security ISO 28000:2007

ISO 9001:2008 FAQ

ISO 9001:2008 FAQ

What Is The ISO 9001: 2008 Standard?

The latest edition of the ISO 9001 standard ISO 9001: 2008, Quality Management Systems – Requirements, was officially published by (ISO) the International Organization for Standardization on November 14, 2008. It is the fourth edition of the ISO 9001 standard since it was first published in 1987.

Who Is Responsible For Revising The standards?

The ISO Technical Committee no.176, Sub-committee no.2 (ISO/TC 176/SC 2) is responsible for the revision process in collaboration with consensus among quality and industry experts nominated by ISO Member bodies, and representing all interested parties.

Does ISO 9001:2008 Have Additional Requirements Beyond ISO 9001:2000 ?

This latest (4th) edition of ISO 9001 contains no new requirements compared to the (3rd) year 2000 edition, which it replaces. What it does is provide clarification to the existing requirements of ISO 9001:2000 based on eight years’ experience of worldwide implementing of the standard and introduces changes intended to improve consistency with the environmental management system standard, ISO 14001:2004.

The clarifications and changes in ISO 9001:2008 represents fine-tuning, rather than a thorough overhaul. It focuses on changes that organizations might make to better comply with the spirit of the standard without adding, deleting, or altering its requirements. The changes are minor in nature and address such issues as the need to clarify, provide greater consistency, resolve perceived ambiguities, and improve compatibility with ISO 14001. The numbering system and the structure of the standard remain unchanged. As a result, the new standard looks much like the old standard.

ISO has grouped the changes incorporated in this ISO 9001:2008 edition into the following categories:
- No changes or minimum changes on user documents, including records
- No changes or minimum changes to existing QMS processes
- No additional training required or minimal training required
- No effects on current certifications

In contrast, the 3rd edition, ISO 9001:2000 published in 2000, represented a major overhaul of the standard, including new requirements and a sharpened customer focus, reflecting developments in quality management and experience gained since the publication of the initial version.

Then Why Was It Necessary To Introduce This Revision?
All ISO standards – currently more than 17 400 – are periodically reviewed. To ensure that ISO standards are maintained at the state of the art, ISO has a rule requiring them to be periodically reviewed and a decision taken to confirm, withdraw or revise the documents. The review process must be initiated within 3 years of publication of a standard. The review considers several factors such as technological evolution, new methods and materials, new quality and safety requirements, or questions of interpretation and application.

The review of ISO 9001 resulting in the 2008 edition was carried out by subcommittee SC 2 of ISO/TC 176. This subcommittee, which is responsible for the ISO 9000 family, unites expertise from 80 participating countries and 19 international or regional organizations, plus other technical committees.

This review has a number of inputs that help it:

A global user questionnaire/survey

A market Justification Study

Suggestions arising from the ISO/TC 176 interpretation process

Opportunities for increased compatibility with ISO 14001

The need for greater clarity, ease of use, and improved translation

Current trends – keeping up with recent developments in management system practices.

How Does The New ISO 9001 Edition Affect Existing ISO 9001 QMS’s?

As organizations start looking at ISO 9001:2008, they will wonder to what extent the changes might affect them. To a large extent, the new standard will not result in significant change to existing quality management systems (QMS).

ISO/TC 176 was careful in not making change for change sake. In the case of editorial changes, this was especially true. This could have lead to a false impression that there was a change in requirements, carrying greater significance than was intended. In those instances, when the committee members couldn’t come to a consensus in determining if a change added or deleted a requirement, they opted to retain the existing text. They decided it was better to err on the side of caution rather than to contribute to any misunderstanding in the marketplace.

The changes that have been incorporated into this edition of the ISO 9001 standard include changes that should lead to a better understanding across a broader range of product types, including service organizations; use of deliberate wording to minimize the potential for incorrect user interpretation; and reflect nuances of similar concepts. Lastly, some of the changes to specific clauses were made based on the 2004 International User Feedback Survey. This survey was conducted after the publication of ISO 9001:2000 and had invited respondents to identify areas they most wanted to see improved.