Costs and resources Of ISO 9001 Standards

Costs and resources Of ISO 9001 Standards

The largest cost of ISO 9001 is the involvement of company employees. The ‘ownership’ created by involving employees in designing the quality system maximises the chances of them accepting it. Reducing this cost by minimising employee involvement is a false economy. The next largest cost will be for designing and developing the system. This needs to be led by someone with experience in this particular field. You may have someone within your own organisation who has carried out this role, perhaps with a former employer. Your Business Link may offer free or subsidised advice and training, and will be able to provide names of approved consultants. Grants for work in this area tend to be directed through Business Links. Different areas have different grants, which depend on local conditions. A typical grant may cover up to 50 per cent of the cost of an approved consultant. Certification fees are around £800 for the smallest companies. Overall costs depend upon company size and the number of locations involved. Ask certification bodies for quotes for initial audits and surveillance visits. Many will give an all-inclusive price, including surveillance visits for three years. Typically, special rates will depend on how long the assessment is likely to take and what the company’s turnover is. Ask your certification body if it offers special rates for small companies. The standard requires that companies have trained internal auditors to conduct audits on the system. An internal audit can provide an effective means of monitoring the system and identifying areas for improvement. For further details, contact the International Register of Certificated Auditors.

ISO 9001 Quality Policy

ISO 9001 Quality Policy

The standard requires the quality policy to be appropriate to the purpose of the organization.

The purpose of an organization is quite simply the reason for its existence and as Peter Drucker so eloquently put it there is only one valid definition of business purpose: to create a customer”(Drucker, Peter F., 1977)2 . In ensuring that the quality policy is appropriate to the purpose of the organization, it must be appropriate to the customers the organization desires to create. It is therefore necessary to establish who the customers are, where the customers are, what they buy or wish to receive and what these customers regard as value. As stated above, the quality policy is the corporate policy and such policies exist to channel actions and decisions along a path that will fulfil the organization’s purpose and mission. A goal of the organization may be the attainment of ISO 9001 certification and thus a quality policy of meeting the requirements of ISO 9001 would be consistent with such a goal, but goals are not the same as purpose as indicated in the box to the right. Clearly no organization would have ISO 9001 certification as its purpose because certification is not a reason for existence – an objective maybe but not a purpose.

Policies expressed as short catchy phrases such as “to be the best” really do not channel actions and decisions. They become the focus of ridicule when the organization’s fortunes change. There has to be a clear link from mission to quality policy.

Policies are not expressed as vague statements or emphatic statements using the words may, should or shall, but clear intentions by use of the words ‘we will’

– thus expressing a commitment or by the words ‘we are, we do, we don’t, we have’ expressing shared beliefs. Very short statements tend to become slogans which people chant but rarely understand the impact on what they do. Their virtue is that they rarely become outdated. Long statements confuse people because they contain too much for them to remember. Their virtue is that they not only define what the company stands for but how it will keep its promises.

In the ISO 9001 definition of quality policy it is suggested that the eight quality management principles be used as a basis for establishing the quality policy.

One of these principles is the Customer Focus principle. By including in the quality policy the intention to identify and satisfy the needs and expectations of customers and other interested parties and the associated strategy by which this will be achieved, this requirement would be fulfilled. The inclusion of the strategy is important because the policy should guide action and decision. Omitting the strategy may not ensure uniformity of approach and direction.

The standard requires that the quality policy include a commitment to comply with requirements and continually improve the effectiveness of the quality management system.

A commitment to comply with requirements means that the organization should undertake to meet the requirements of all interested parties. This means meeting the requirements of customer, suppliers, employees, investors, owners and society. Customer requirements are those either specified or implied by customers or determined by the organization and these are dealt with in more detail under clauses 5.2 and 7.2.1. The requirements of employees are those covered by legislation such as access, space, environmental conditions, equal opportunities and maternity leave but also the legislation appropriate to minority groups such as the disabled and any agreements made with unions or other representative bodies. Investors have rights also and these will be addressed in the investment agreements. The requirements of society are those obligations resulting from laws, statutes, regulations etc.

An organization accepts such obligations when it is incorporated as a legal entity, when it accepts orders from customers, when it recruits employees, when it chooses to trade in regulated markets and when it chooses to use or process materials that impact the environment.

The effectiveness of the management system is judged by the extent to which it fulfils its purpose. Therefore improving effectiveness means improving the capability of the management system. Changes to the management system that improve its capability i.e its ability to deliver outputs that satisfy all the interested parties, are a certain types of change and not all management system changes will accomplish this. This requirement therefore requires top management to pursue changes that bring about an improvement in performance.

IMPLEMENTATION GUIDANCE FOR ISO 9001:2008

IMPLEMENTATION GUIDANCE FOR ISO 9001:2008

This Implementation Guidance has been developed to assist users in understanding the issues that need to be considered during the co-existence period between ISO 9001:2000 and ISO 9001:2008.

While the changes between ISO 9001:2000 and ISO 9001:2008 are expected to have a limited impact on users, some arrangements regarding implementation are needed.

Note: To reflect the limited scope of the changes the term “implementation” is now being used to make a clear distinction with the former “transition” from ISO 9001:1994 to ISO 9001:2000, when there were significant changes throughout the standard.

A wide diffusion of this implementation guidance is recommended, in particular the comparison table between ISO 9001:2008 and ISO 9001:2000, given in Annex B to ISO 9001:2008.

ISO 9001:2008 has been developed in order to introduce clarifications to the existing requirements of ISO 9001:2000 and to improve compatibility with ISO 14001:2004. ISO 9001:2008 does not introduce additional requirements nor does it change the intent of the ISO 9001:2000 standard.

Certification to ISO 9001:2008 is not an “upgrade”, and organizations that are certified to ISO 9001:2000 should be afforded the same status as those who have already received a new certificate to ISO 9001:2008 No new requirements were introduced in this edition but, in order to benefit from the clarifications of ISO 9001:2008, users of the former version will need to take into consideration whether the clarifications introduced have an impact on their current interpretation of ISO 9001:2000, as changes may be necessary to their QMS In order to assist organizations to have a full understanding of the new ISO 9001:2008, it may be useful to have an insight on the revision process, how this revision reflects the inputs received from users of the standard, and the consideration given to benefits and impacts during its development.

Prior to the commencement of a revision (or amendment) to a management system standard, ISO/Guide 72:2001 Guidelines for the justification and development of management system standards recommends that a “Justification Study” is prepared to present a case for the proposed project and that it outlines details of the data and inputs used to support its arguments. In relation to the development of ISO 9001:2008 user needs were identified from the following:

- the results of a formal “Systematic Review” on ISO 9001:2000 that was performed by the members of ISO/TC 176/SC2 during 2003-2004

- feedback from the ISO/TC 176/Working Group on “Interpretations”

- the results of an extensive worldwide “User Feedback Survey on ISO 9001 and ISO 9004″ by ISO/TC 176/SC 2/WG 18 and similar national surveys.

The Justification Study identified the need for an amendment, provided that the impact on users would be limited and that changes would only be introduced when there were clear benefits to users.

The key focuses of the ISO 9001:2008 amendment were to enhance the clarity of ISO 9001:2000 and to enhance its compatibility with ISO14001:2004.

A tool for assessing the impacts versus benefits for proposed changes was created to assist the drafters of the amendment in deciding which changes should be included, and to assist in the verification of drafts against the identified user needs. The following decision making principles were applied:

1) No changes with high impact would be incorporated into the standard;

2) Changes with medium impact would only be incorporated when they provided a correspondingly medium or high benefit to users of the standard;

3) Even where a change was low impact, it had to be justified by the benefits it delivered to users, before being incorporated.

The changes incorporated in this ISO 9001:2008 edition were classified in terms of impact into the following categories:

- No changes or minimum changes on user documents, including records

- No changes or minimum changes to existing processes of the organization

- No additional training required or minimal training required

- No effects on current certifications

The benefits identified for the ISO 9001:2008 edition fall into the following categories:

- Provides clarity

- Increases compatibility with ISO 14001.

- Maintains consistency with ISO 9000 family of standards.

- Improves translatability.

ISO 9001 Standards Requirement – Product Realization

ISO 9001 Standards Requirement – Product Realization

Planning of Product Realization
Plan and develop the processes needed for product realization. Keep the planning consistent with other requirements of the quality management system and document it in a suitable form for the organization. Determine through the planning, as appropriate, the:
Quality objectives and product requirements
Need for processes, documents, and resources
Verification, validation, monitoring, measurement, inspection, and test activities
Criteria for product acceptance
Records as evidence the processes and resulting product meet requirements

Customer-Related Processes

Determination of Requirements Related to the Product
Determine customer requirements:
Specified for the product (including delivery and post-delivery activities)
Not specified for the product (but needed for specified or intended use, where known)
Determine:
Statutory and regulatory requirements applicable to the product
Any additional requirements considered necessary by the organization

Review of Requirements Related to the Product
Review the product requirements before committing to supply the product to the customer in order to:
Ensure product requirements are defined
Resolve any requirements differing from those previously expressed
Ensure its ability to meet the requirements
Maintain the results of the review, and any subsequent follow-up actions. When the requirements are not documented, they must be confirmed before acceptance.
If product requirements are changed, ensure relevant documents are amended and relevant personnel are made aware of the changed requirements.
NOTE: In some situations, such as internet sales, a formal review is impractical for each order. Instead, the review can cover relevant product information such as catalogs or advertising material.

Customer Communication
Determine and implement effective arrangements for communicating with customers on:
Product information
Inquiries, contracts, or order handling (including amendments)
Customer feedback (including customer complaints)

Free ISO 9000 Standards E-Books

Subscribe For ISO 9000 E-Book

• Name
  
• Email
  

• 3 subscribers

GetResponse Email Marketing

Establishing Quality Policy In ISO 9000 Standards

Establishing Quality Policy In ISO 9000 Standards

The standard requires that top management establish

the quality policy.

ISO 9001 defines a quality policy as the overall

intentions and direction of an organization related to

quality as formally expressed by top management. It

also suggests that the policy be consistent with the

overall policy of the organization and provide a

framework for setting quality objectives. Further-

more ISO 9001 advises that the eight quality manage-

ment principles be used as a basis for forming the quality policy. The quality

policy can therefore be considered as the values, beliefs and rules that guide

actions, decisions and behaviours. A value may be ‘integrity’ and expressed as:

We will be open and honest in our dealings with those inside and outside the

organization. A rule may be ‘confidentiality’ and expressed as Company

information shall not be shared with those outside the organization. Both these are

also beliefs because it might be believed that deceiving people only leads to

failure in the long run. It might also be believed that disclosing confidential

information fuels the competition and will drive the organization out of

business. Both values guide actions, decisions and behaviours and hence may

be termed policies. They are not objectives because they are not achieved – they

are demonstrated by the manner in which actions and decisions are taken and

the way your organization behaves towards others.

The detail of quality policy will be addressed later. What is important in this

requirement is an understanding of why a quality policy is needed, what is

required to establish a quality policy and where it fits in relation to other

policies.

Defining the purpose or mission of the business is one thing but without

some guiding policies, the fulfilment of this mission may not happen unless

effort is guided in a common direction. If every manager chooses his or her

direction, and policies, the full potential of the organization would not be

realized. A shared vision is required that incorporates shared values and

shared policies.

The purpose of corporate policies is to influence the short and long-term

actions and decisions and to influence the direction in which the mission will

be fulfilled. If there were policies related to the organization’s customers, they

could be fulfilled at the expense of employees, shareholders and society. If

there were policies related to profit, without other policies being defined, profit

is positioned as a boundary condition to all actions and decisions. Clearly this

may not direct the organization towards its mission.

As stated above, the quality policy is the corporate policy and such policies

exist to channel actions and decisions along a path that will fulfil the

organization’s purpose and mission. A goal of the organization may be the

attainment of ISO 9001 certification and thus a quality policy of meeting the

requirements of ISO 9001 would be consistent with such a goal, but goals are not

the same as purpose as indicated in the box to the right. Clearly no organization

would have ISO 9000 certification as its purpose because certification is not a

reason for existence – an objective maybe but not a purpose.

Policies expressed as short catchy phrases such as “to be the best” really do

not channel actions and decisions. They become the focus of ridicule when the

organization’s fortunes change. There has to be a clear link from mission to

policy.

Policies are not expressed as vague statements or emphatic statements using

the words may, should or shall, but clear intentions by use of the words ‘we will’

– thus expressing a commitment or by the words ‘we are, we do, we don’t, we

have’ expressing shared beliefs. Very short statements tend to become slogans

which people chant but rarely understand the impact on what they do. Their

virtue is that they rarely become outdated. Long statements confuse people

because they contain too much for them to remember. Their virtue is that they

not only define what the company stands for but how it will keep its

promises.

In the ISO 9001 definition of quality policy it is suggested that the eight

quality management principles be used as a basis for establishing the policy.

One of these principles is the Customer Focus principle. By including in the

quality policy the intention to identify and satisfy the needs and expectations

of customers and other interested parties and the associated strategy by which

this will be achieved, this requirement would be fulfilled. The inclusion of the

strategy is important because the policy should guide action and decision.

Omitting the strategy may not ensure uniformity of approach and direction.

The standard requires that top management establish the quality policy.

ISO 9001 defines a quality policy as the overall intentions and direction of an organization related to quality as formally expressed by top management. It also suggests that the policy be consistent with the overall policy of the organization and provide a framework for setting quality objectives. Furthermore ISO 9001 advises that the eight quality management principles be used as a basis for forming the quality policy. The quality policy can therefore be considered as the values, beliefs and rules that guide actions, decisions and behaviours. A value may be ‘integrity’ and expressed as:

We will be open and honest in our dealings with those inside and outside the organization. A rule may be ‘confidentiality’ and expressed as Company information shall not be shared with those outside the organization. Both these are also beliefs because it might be believed that deceiving people only leads to failure in the long run. It might also be believed that disclosing confidential information fuels the competition and will drive the organization out of business. Both values guide actions, decisions and behaviours and hence may be termed policies. They are not objectives because they are not achieved – they are demonstrated by the manner in which actions and decisions are taken and the way your organization behaves towards others.

The detail of quality policy will be addressed later. What is important in this requirement is an understanding of why a quality policy is needed, what is required to establish a quality policy and where it fits in relation to other policies.

Defining the purpose or mission of the business is one thing but without some guiding policies, the fulfilment of this mission may not happen unless effort is guided in a common direction. If every manager chooses his or her direction, and policies, the full potential of the organization would not be realized. A shared vision is required that incorporates shared values and shared policies.

The purpose of corporate policies is to influence the short and long-term actions and decisions and to influence the direction in which the mission will be fulfilled. If there were policies related to the organization’s customers, they could be fulfilled at the expense of employees, shareholders and society. If there were policies related to profit, without other policies being defined, profit is positioned as a boundary condition to all actions and decisions. Clearly this may not direct the organization towards its mission.

As stated above, the quality policy is the corporate policy and such policies exist to channel actions and decisions along a path that will fulfil the organization’s purpose and mission. A goal of the organization may be the attainment of ISO 9001 certification and thus a quality policy of meeting the requirements of ISO 9001 would be consistent with such a goal, but goals are not the same as purpose as indicated in the box to the right. Clearly no organization would have ISO 9000 certification as its purpose because certification is not a reason for existence – an objective maybe but not a purpose.

Policies expressed as short catchy phrases such as “to be the best” really do not channel actions and decisions. They become the focus of ridicule when the organization’s fortunes change. There has to be a clear link from mission to policy.

Policies are not expressed as vague statements or emphatic statements using the words may, should or shall, but clear intentions by use of the words ‘we will’ – thus expressing a commitment or by the words ‘we are, we do, we don’t, we have’ expressing shared beliefs. Very short statements tend to become slogans which people chant but rarely understand the impact on what they do. Their virtue is that they rarely become outdated. Long statements confuse people because they contain too much for them to remember. Their virtue is that they not only define what the company stands for but how it will keep its promises.

In the ISO 9001 definition of quality policy it is suggested that the eight quality management principles be used as a basis for establishing the policy.

One of these principles is the Customer Focus principle. By including in the quality policy the intention to identify and satisfy the needs and expectations of customers and other interested parties and the associated strategy by which this will be achieved, this requirement would be fulfilled. The inclusion of the strategy is important because the policy should guide action and decision.

Omitting the strategy may not ensure uniformity of approach and direction.

ISO 9000 Standards – Document control procedures

ISO 9000 Standards – Document control procedures
The ISO 9000 Standards requires that a documented procedure be established to define the controls needed.

This requirement means that the methods for performing the various activities required to control different types of documents should be defined and documented.

Although the ISO 9000 standards implies that a single procedure is required, should you choose to produce several different procedures for handling the different types of documents it is doubtful that any auditor would deem this noncompliant. Where this might be questionable is in cases where there is no logical reason for such differences and where merging the procedures and settling on a best practice would improve efficiency and effectiveness.

Documents are recorded information and the purpose of the document
control process is to firstly ensure the appropriate information is available
where needed and secondly to prevent the inadvertent use of invalid
information. At each stage of the process are activities to be performed that
may require documented procedures in order to ensure consistency and
predictability. Procedures may not be necessary for each stage in the process.

Every process is likely to require the use of documents or generate documents and it is in the process descriptions that you define the documents that need to be controlled. Any document not referred to in your process descriptions is therefore, by definition, not essential to the achievement of quality and not required to be under control. It is not necessary to identify uncontrolled documents in such cases. If you had no way of tracing documents to a governing process, a means of separating controlled from uncontrolled may well be necessary.

The procedures that require the use or preparation of documents should also specify or invoke the procedures for their control. If the controls are unique to the document, they should be specified in the procedure that requires the document. You can produce one or more common procedures that deal with the controls that apply to all documents. The stages in the process may differ depending on the type of document and organizations involved in its preparation, approval, publication and use. One procedure may cater for all the processes but several may be needed.
The aspects you should cover in your document control procedures, (some
of which are addressed further in this chapter) are as follows
Planning new documents, funding, prior authorization, establishing need
etc.

- Preparation of documents, who prepares them, how they are drafted,
conventions for text, diagrams, forms etc.
- Standards for the format and content of documents, forms and diagrams.
- Document identification conventions.
- Issue notation, draft issues, post approval issues.
- Dating conventions, date of issue, date of approval or date of distribution.
- Document review, who reviews them and what evidence is retained.
- Document approval, who approves them and how approval is denoted.
- Document proving prior to use.
- Printing and publication, who does it and who checks it.
- Distribution of documents, who decides, who does it, who checks it.
- Use of documents, limitations, unauthorized copying and marking.
- Revision of issued documents, requests for revision, who approves the
request, who implements the change.
- Denoting changes, revision marks, reissues, sidelining, underlining.
Amending copies of issued documents, amendment instructions, and
amendment status.
- Indexing documents, listing documents by issue status.
- Document maintenance, keeping them current, periodic review.
- Document accessibility inside and outside normal working hours.
- Document security, unauthorized changes, copying, disposal, computer
viruses, fire and theft.
- Document filing, masters, copies, drafts, and custom binders.
- Document storage, libraries and archive, who controls location, loan
arrangements.
- Document retention and obsolescence.

With electronically stored documentation, the document database may provide many of the above features and may not need to be separately prescribed in your procedures. Only the tasks carried out by personnel need to be defined in your procedures. A help file associated with a document database is as much a documented procedure as a conventional paper based procedure.

Create a Documented Implementation Plan In ISO 9000 Standards

Create a Documented Implementation Plan In ISO 9000 Standards

Once the organization has obtained a clear picture of how its quality management system compares with the ISO 9001:2008 standard, all non-conformances must be addressed with a documented implementation plan. Usually, the plan calls for identifying and describing processes to make the organization’s quality management system fully in compliance with the standard.

The implementation plan should be thorough and specific, detailing:

a. Quality documentation to be developed

b. Objective of the system

c. Pertinent ISO 9001:2008 section

d. Person or team responsible

e. Approval required

f. Training required

g. Resources required

h. Estimated completion date

These elements should be organized into a detailed chart, to be reviewed and

approved. The plan should define the responsibilities of different departments and personnel and set target dates for the completion of activities. Once approved, the Management Representative should control, review and update the plan as the implementation process proceeds.

Typical implementation action plan is shown in Figure 2. Use ISO 10005:1995 for guidance in quality planning.

ISO 9001 Standards Check List

ISO 9001:2008 include these checklists as follows:

1. ISO 9001 General Requirements

Has the organization established, documented, implemented and maintained a quality management system in accordance with the requirements of ISO 9001?

2. General Documentation Requirements
Does the quality management system documentation include documented procedures and records required ensuring effective operation and control of its processes?

3. Quality Manual
Has a quality manual been established and maintained that includes:

4. Control of Documents
Are documents required for the quality management system controlled?

5. Control of Records
Have records been established and maintained to provide evidence of conformity to requirements and of the effective operation of the quality management system?

6. Management Commitment
How has top management demonstrated commitment to the development and improvement of the quality management system?

7. Quality Policy
Organization has top management ensured that the quality policy:

8. System Planning
1. Quality Objectives
a. What are the quality objectives that have been established at relevant functions and levels within the organization?

9. Responsibility, authority and Communication
Responsibility, authority and Communication Audit Checklist
1. Responsibility and authority

10. Resource Management
Resource Management Audit Checklist

1. Provision of resources

11. Planning of Product/Service Realization
Planning of Product/Service Realization Audit Checklist
Is planning of the realization processes consistent with the other requirements of the organization’s quality management system?

12. Management Review
Management Review Audit Checklist
1. General checklist
a) Does the top management review the quality management system, at planned intervals, to ensure its continuing suitability, adequacy and effectiveness?

13. Product review
Determination of Requirements Related to the Product (7.2.1)

14. Design and Development Planning and Design and Development Inputs
What is the design and development planning methodology described in the design procedure?

15. Design and Development Outputs Audit
Are the outputs of the design and/or development process documented in a manner that enables verification against the design and/or development inputs?

16. Design and Development Review Audit
Are systematic reviews of design and/or development conducted at suitable stages?

17. Design and/or Development Verification
Is design and/or development verification performed to ensure the output meets the design and/or development inputs?

18. Design and/or Development Validation
Is design and/or development validation performed to confirm that resulting product is capable of meeting the requirements for the intended use?

19. Control of Design and Development Changes
Are design and/or development changes identified, documented, and controlled?

20. Purchasing Process
Does the organization control its purchasing processes to ensure purchased product conforms to requirements?

21. Purchasing Information
Do purchasing documents contain information describing the product to be purchased?

22. Verification of Purchased Product
Have the inspection or other activities necessary for ensuring that purchased product meets specified purchase requirements been established and implemented?

23. Control of Production and Service
Are the production and service provision planned and carried out under controlled conditions including:

24. Validation of Processes for Production and Service Provision
Have processes where deficiencies may become apparent only after the product is in use or the service has been delivered been validated?

25. Identification and Traceability
Is the product identified by suitable means throughout product realization?

26. Customer Property
How does the organization exercise care with customer property while it is under the
organization’s control or being used by the organization?

27. Preservation of Product
Is conformity of product preserved during internal processing and delivery to the intended destination?

28. Audit Checklist of Control of Measuring and Monitoring Devices
Has the organization determined the monitoring and measurement to be undertaken and the monitoring and measurement devices needed to provide evidence of conformity of product to determined requirements?

29. Customer Satisfaction
Are measurement and monitoring activities needed to assure conformity and achieve improvement been identified and included in the product quality plan?

30. Internal Audit Checklist
Are periodic internal quality audits conducted to determine whether the quality management system has been effectively implemented and maintained?

31. Monitoring and Measurement of Processes
Are suitable methods applied for monitoring and where applicable, measurement of the quality management system processes necessary to meet customer requirements?

32. Monitoring and Measurement of Product
Are product characteristics monitored and measured to verify that product requirements are met?

33. Control of Nonconforming Product Checklist
Is nonconforming product identified and controlled to prevent unintended use or delivery?

34. Analysis of Data
Is appropriate data determined, collected and analyzed to demonstrate the suitability and effectiveness of the quality management system and to evaluate where continual improvement of the effectiveness of the quality management system can
be made?

35. Corrective Action
How is corrective action taken to eliminate the cause of nonconformities in order to prevent recurrence?

36 Continual Improvement
Are processes necessary for the continual Improvement of the quality management system planned and managed?

37. Preventive Action
Has the organization determined actions to eliminate the causes of potential nonconformities in order to prevent occurrence?

These checklists also called ISO 9000 audit checklist.

Origin Of ISO 9000 Standards Video

Origin Of ISO 9000 Standards

The story of ISO 9000 Standards is a story of standards, methods and regulation. The brief history that follows is in no way comprehensive but is intended to illustrate four things:
1. that ISO 9000 standards are an ancient concept that survived several millennia; that a means of verifying compliance often follows the setting of
standards;
2. that the formalizing of working practices is centuries old and seen as a
means to consistently meet standards;
3. that market regulation (relative to the standard of goods and services) has
been around for centuries for the protection of both craftsmen and
traders.
4. ISO 9000 is a symptom of practices that were around centuries before anyone coined the term quality management. It is in some respects a natural
progression that will continue to evolve. The story is told from a British
viewpoint.

ISO 9000 grew out of BS 5750, a standard published by the British Standards Institution (BSI) in 1979. Initially, it was used only in manufacturing industries. ISO 9000 is now employed across a variety of other types of businesses. It is a set of international standards of quality management systems. ISO 9000 has been accepted by more than 100 countries as their national quality assurance standard by the end of 1997.
The history of ISO 9000 Standards dates back to Mil-Q-9858a, the first quality standard for military procurement established in 1959 by the US. By 1962, NASA (National Aeronautics and Space Administration) developed its quality system requirements for suppliers. In 1965, NATO (North Atlantic Treaty Organization) accepted the AQAP (allied quality assurance procedures) specifications for the procurement of equipments.
During the 1970s, BSI published BS 9000 (the first UK standard for quality assurance) and BS 5179 (guidelines for quality assurance) norms. In 1979, it created BS 5750, a series of standards for use by manufacturing companies. They were enforced through assessments and audits. In 1988, ISO (International Standards Organization) adopted the BS 5750 standard without changes and published it globally under the name ISO 9000. The ISO adopted this standard with a view to create an international definition of the necessary characteristics of a quality system for all businesses, regardless of industry. In 1994, the ISO revised the ISO 9000 standard and published it globally.
In the beginning, ISO 9000 was implemented exclusively by large companies. But by mid-1990s, small and mid-sized companies began to increasingly implement these standards. In the United States, the total number of registrations increased from a little more than 2,200 in 1993 to more than 17,000 in 1998. Of these 17,000 registrations, almost 60 percent were held by businesses with annual sales of $100 million or less.

ISO 9001:2008 Quality Management System Standard

ISO 9001:2008 is the world most successful standard addressing best practice in the application of quality management systems.

The standard is based around the principles of customer satisfaction, continual improvement and the development of a process based quality management system. Although not referenced in the standard itself the ISO 9001:2008 document is underpinned by eight key quality management principles;

• a customer focused organisation
• leadership
• the involvement of people
• ensuring a process approach
• a systematic approach to management
• a factual approach to decision making
• mutually beneficial supplier relations
• continuous improvement

ISO 9001:2008 has been written to ensure that its guiding principles are equally relevant to all sectors of industry and to all types of organisation. Although containing requirements to control the key processes within an organisation, it only requires six documented procedures. The standard emphasises the need for an organisation to continually monitor their own processes and systems, with many clauses making reference to self monitoring or measurement or both. This emphasis aims for an integrated approach to business processes. Instead of operating to a business plan on one hand and a quality management system on the other, the standard aims to integrate both of these functions into one system.

What is a quality management system?
ISO 9001:2008 is a standard that specifies criteria for a quality management system (QMS). A QMS incorporates those elements of an organisations management system that direct and control it with regard to quality. Such a system will need to be supported by top management who will need to be able to demonstrate management commitment.

How do you demonstrate management commitment?
Management commitment is one of the cornerstones of ISO 9001:2008, requiring top management to develop and improve the QMS throughout the organisation. This commitment can be demonstrated by a number of methods including creating a quality policy, conducting management reviews and establishing quality objectives.

What is a quality policy?
ISO 9001:2008 specifies that an organisation must have a quality policy that documents the organisations overall intentions and direction related to quality as formally expressed by top management. Such a policy will include a commitment to comply with ISO 9001:2008, to continuously improve the QMS and to set and monitor measurable quality objectives.

What are quality objectives?
The quality objectives are those targets sought or aimed for by the organisation that are related to quality. These quality objectives must be SMART (suitable, measurable, achievable, reviewed and timely). Examples of quality objectives might be; to reduce machine down time by 20% or to reduce rework costs by ?00 p/m. Whatever quality objectives are chosen they must be meaningful and adequately resourced by the organisation.

What is a management review?
A management review is a key element of how the top management of an organisation can assess its performance in terms of the objectives it sets itself, the requirements set by the standard and how its systems are operating. Normally, a management review is a regular meeting of the top management team and uses the information that the organisation? systems have derived. It is a useful forum to review and revise quality objectives.

What are internal audits and why do I need to carry them out?
Internal audit is one of the key monitoring processes required by the standard and functions as a check on the organisation? systems. It is the opportunity for an organisation to determine compliance to the systems it has established and maintained to meet the needs of its customers and identify opportunities for improvement. Internal audit can be seen as a ealth check?for an organisation.

The ore?of ISO 9001:2008, Product realisation
Clause 7 of ISO 9001:2008 contains the core processes that most organisations carry out. Any clause or sub-clause in section 7 can be excluded from an organisations quality management system if it can be justifiably excluded. Examples of common exclusions are clause 7.3 design and development, clause 7.5.3 traceability and clause 7.6 the control of monitoring and measuring devices. Clauses can only be excluded if their exclusion does not affect the company? ability to provide a product or service that meets customer requirements.

These core processes should be managed and controlled via the quality management system, and are evaluated for effectiveness and suitability by the internal audits with feed back into the management review.

This is a clear demonstration of one of the key principles of ISO 9001:2008, continuous improvement by critical self-evaluation. The output from the self-evaluation is fed into a planning stage to determine actions needed to improve the system. Following the planning and consultation comes the action phase where the proposed changes are implemented. Then the cycle starts again by checking that the changes are effective and meaningful by self-evaluation.

Other requirements of section 7 are;
Product planning to ascertain and then implement the necessary controls and resources to ensure product realisation.

Purchasing control to verify purchased product against comprehensive purchasing information and the selection and evaluation of suppliers.

Production and service provision to ensure that this activity is carried out in controlled conditions and that any processes that cannot be verified during production are validated to ensure capability. Where appropriate the product must be identified, and if required, traceable at all stages of production. Any customer property must be identified and protected from harm and all products must be stored and handled in such a way to preserve product conformity.

Any monitoring and measuring devices needed to provide evidence of product conformity must be identified and if necessary calibrated.

But what about the customer?
All of the clauses in ISO 9001:2008 are in some way focused towards meeting and exceeding the customer? expectations. For example the requirement of management to determine and communicate the importance of customer requirements throughout the organisation, and the review of customer orders to ensure that they can be met. Companies are required to implement methods for effective communication with the client at all stages of the business including ascertaining customer satisfaction after the product or service has been delivered as well as resolving customer complaints.

Finally?
ISO 9001:2008 is widely acclaimed as being the pre-eminent specification for quality management systems, it requires a company to look at itself and ask the question, ‘how can we improve?’ An ISO 9001:2008 management system should be an essential part of any business process, requiring continual improvement by self-evaluation with a goal of ensuring that current and future customer expectation can be met and exceeded.

Process Approach In ISO 9001 Standards

The process approach was introduced into ISO 9001 with the year 2000 version of the standards.

Prior versions used an element approach. The document Guidance on the concept and use of the process approach for management systems describes to process approach and offers an implementation paradigm.

2.4. Verify the process and its activities against its planned objectives
3. Implementation and measurement of the process
4. Analysis of the process
5. Corrective action and improvement of the process Implementation
This document explains the process used to evaluate changes to the 2008 version. In particular, it explains the revision process and illustrates the impact vs. benefit analysis used to evaluate potential changes.
In addition to the guidance documents, ISO maintains a web site with “official interpretations” of

approach was introduced into ISO 9001 with the year 2000 version of the standards.
Prior versions used an element approach. The document Guidance on the concept and use of the process approach for managementsystems describes to process approach and offers an implementation paradigm.
1. Identification of processes of the organization
1.1. Define the purpose of the organization
1.2. Define the policies and objectives of the organization
1.3. Determine the processes in the organization
1.4. Determine the sequence of the processes
1.5. Define process ownership
1.6. Define process documentation
2. Planning of a process
2.1. Define the activities within the process
2.2. Define the monitoring and measurement requirements
2.3. Define the resources needed

ISO 9001. Currently, these interpretations only include ISO 9001:2000, but, because the changes to the 2008 version were limited, they are valuable.
Consider a common question. An organization needs a documented procedure for preventive action (8.5.3), and must keep records of the results of preventive action (8.5.3.d). One of the interpretation requests asks, “Does sub-clause 8.5.3 a) require organizations to demonstrate, with objective evidence in the form of records, that they have undertaken actions to determine the existence of ‘potential nonconformities and their causes’?” The answer is “No”.
Auditing Practices
The ISO 9001 Auditing Practices Group maintains a website9 with guidance and information on auditing ISO 9001 quality management systems. It is an informal group of quality management system (QMS) experts, auditors, and practitioners drawn from the ISO Technical Committee 176 Quality Management and Quality Assurance(ISO/TC 176) and the International Accreditation Forum (IAF).
The website, primarily aimed at QMS auditors, consultants, and quality practitioners, is an online source of papers and presentations on auditing a QMS and reflect the process based approach.
The website contains almost forty guidance documents with practical advice ranging from “How to audit top management processes” to “The role and value of the audit checklist”.

Advantages Of ISO 9001 Standard

Successful firms are good at two things: increasing sales and reducing costs. However, these two things may prove irrelevant if the quality of the product or service is poor. ISO 9001 Standard is concerned with improving the quality of operations which can affect both top and and bottom line growth. Implementation of ISO 9001 Standard affects the entire organization by providing a transition to both a new common language and a new way of thinking about continuous process improvement. Here’s how you can bring the benefits of ISO 9001 Standard to your organization.

1. Obtain management buy-in. The most important step to any quality initiative is to obtain management commitment. This will increase both the visibility and awareness of your efforts.

2. Create an implementation team. This should include a representative from all functional areas of the organization including marketing, finance, planning, production and design. Also be sure to assign a Management Representative. This should be your strongest upper-level advocate for the success of ISO 9001 Standard implementation.

3. Communicate the goals of the program and provide training. This should include employees as well as major suppliers. The communication should be concise, tied to improving the success of current goals and objectives, and in a language in which employees are familiar with.

4. Map out the most critical processes of the current system. Use an organizational flow chart to show how information flows from the placement of an order to delivery. Compare this flowchart with the ISO 9001 system (see Resources for a link to Management Standards) and identify areas for improvement.

5. Create an implementation plan based on opportunities for improvement found in Step 4. The plan should be thorough and specific. Document each change in the process flowchart. If you already have documentation supporting your processes, use it. However, if you identify an area which lacks documentation, this should be viewed as an opportunity. Documentation is the lifeblood of continuous improvement. If you don’t already have one, create a documentation control system which manages the creation, approval, distribution, storage and disposal of documents.

6. Report out on improvements, create metrics to track improvements and repeat the process.ISO 9001 Standard is about continuous process improvements, and the success of the program is a function of both commitment and the achievement of this goal.

ISO 9001 Standards Certification

ISO 9001 Standards Certification

When an organization chooses not to pursue ISO 9001 certification or not to retain the ISO 9001 certificate, it should make no difference to the way the organization is managed. It’s similar to the man who chooses not to take the course examination. He still has the knowledge he has acquired whether or not he takes the exam and gets a certificate. What he cannot do is demonstrate to others that he has reached a certain level of education without having to prove it every time. People who know him don’t care that he didn’t take the exam. It is only those who don’t know him that he will have difficulty convincing.

ESTABLISHING THE INITIAL STATE OF THE QUALITY MANAGEMENT SYSTEM

The implementation of an ISO 9001 conformant system must recognize that it is but a step in a long-term development of a continually improving QMS. Unfortunately, it is often the case that ISO 9001 is taken as a means to an end, where the implementation of a QMS is not the primary objective, rather certification is. As a result, SMEs may end up with stacks of documentation waiting to be processed that adds no value, but cost.

According to the requirements of ISO 9001, an organization must develop only six documented procedures: (1) control of documents, (2) control of quality records, (3) internal audits, (4) control of non-conformities, (5) corrective action, and (6) preventative action. A quality manual and several records are also required. The development of other procedures, work instructions, and other documents is largely at the discretion of the organization. From the very beginning of the process, it is therefore essential that SMEs establish a balanced view between a short-term focus (marketing/sales) and a long-term focus (achieving company-wide quality awareness through TQM). ISO documentation should be considered as an enabler along that way and SMEs must guard against the creation of unnecessary documentation.

However, even when such a view is adopted, many SMEs struggle to move from their initial state to a fully functional ISO 9001 QMS. Over the last several years, we have been involved in ISO 9001 implementation projects in seven different SMEs. The SMEs have ranged in size from approximately 20 employees to 500 employees. The SMEs have been drawn from a variety of sectors in Virginia, including manufacturing, distribution, and services. Based on our experience, we developed a schematic of initial states of an organization in terms of the

existence and functionality the documentation required by the standard while functionality is equated with an effectively operated QMS that leads to increased customer satisfaction and continuous improvement of business results. A successful QMS must be fully functional and appropriately documented. With that in mind, there are four main states in which SMEs can be located in the beginning of the implementation process:

1. Complete Death: No documentation, no functioning This is the state in which there is no indication of the existence and functionality of the QMS. No documentation exists and no processes are in place to help ensure the quality of the product. Relatively few companies will find themselves in this situation.

2. Informally Alive: No documentation, some level of functioning Many SMEs exhibit an organic structure characterized by an absence of standardization and the prevalence of loose and informal working relationships. SMEs operating in this state are more likely to rely on people rather than a system. In such situations, key personnel may resist documentation for two key reasons “(1) documentation is considered a waste of time and (2) documentation of processes and procedures makes the individual less dependable” . SMEs in this state perform some or all of the processes required by ISO 9001 and the QMS may function fairly well. However, they are not willing and ready to document those processes unless there is a cultural change lead by top management.

3. Formally Death: Some level of documentation, no functioning SMEs categorized in this state have documented processes and procedures at some degree, however, the documents are generally not followed and do not necessarily reflect the actual manner in which the organization undertakes its operations and management. This situation highlights the fact that the mere existence of documentation does not necessarily lead to a functional QMS. Moreover, such a situation may help perpetuate the view that ISO 9001 is a way for SMEs to market their products and services but that implementation of the standard requires stacks of documents that offer no value.

4. Formally Alive: Some level of documentation, some level of functioning Each SME considered in this state, achieves a unique combination of the existence and functionality of processes and procedures that may or may not be required by ISO 9001. As illustrated in Figure 2, this situation is closest to the desired state of full functionality (100%) of the ISO 9001 QMS and full documentation (100%) of this functionality

.

ISO 9001 Standards Document control procedures

ISO 9001 Standards Document control procedures
The ISO 9001 Standards requires that a documented procedure be established to define the controls needed.

This requirement means that the methods for performing the various activities required to control different types of documents should be defined and documented.

Although the ISO 9001 standards implies that a single procedure is required, should you choose to produce several different procedures for handling the different types of documents it is doubtful that any auditor would deem this noncompliant. Where this might be questionable is in cases where there is no logical reason for such differences and where merging the procedures and settling on a best practice would improve efficiency and effectiveness.

Documents are recorded information and the purpose of the document control process is to firstly ensure the appropriate information is available where needed and secondly to prevent the inadvertent use of invalid
information. At each stage of the process are activities to be performed that may require documented procedures in order to ensure consistency and predictability. Procedures may not be necessary for each stage in the process.