History and Evolution of ISO 9000 Standards

Pre ISO 9000
During World War II, there were quality problems in many British industries such as munitions, where bombs were exploding in factories during assembly. The solution adopted to address these quality problems required factories to document their manufacturing procedures and to prove by record-keeping that the procedures were being followed. The standard was BS 5750, and it was known as a management standard because it specified not what to manufacture, but how the manufacturing process was to be managed. In 1987, the British Government persuaded the International Organization for Standardization (ISO) to adopt BS 5750 as an international standard. The international standard was named ISO 9000.

ISO 9000: 1987 Version
ISO 9000:1987 had the same structure as the British Standard BS 5750, with three ‘models’ for quality management systems, the selection of which was based on the scope of activities of the organisation:
• ISO 9001:1987 Model for quality assurance in design, development, production, installation, and servicing was for companies and organisations whose activities included the creation of new products
• ISO 9002:1987 Model for quality assurance in production, installation, and servicing had basically the same material as ISO 9001 but without covering the creation of new products.
• ISO 9003:1987 Model for quality assurance in final inspection and test covered only the final inspection of finished product, with no concern for how the product was produced.
ISO 9000:1987 was also influenced by existing U.S. and other Defense Standards (MIL SPECS), and so was well-suited to manufacturing. The emphasis tended to be placed on conformance with procedures rather than the overall process of management—which was likely the actual intent.

ISO 9000:1994 (Year 1994 Revision)
ISO 9000:1994 emphasised quality assurance via preventive actions, instead of just checking final product, and continued to require evidence of compliance with documented procedures. As with the first edition, the down-side was that companies tended to implement its requirements by creating shelf-loads of procedure manuals, and becoming burdened with an ISO bureaucracy. In some companies, adapting and improving processes could actually be impeded by the quality system.

ISO 9000:2000 (Year 2000 Revision)
ISO 9001:2000 combines the three standards 9001, 9002, and 9003 into one, called 9001. Design and development procedures are required only if a company engages in the creation of new products. The 2000 version sought to make a radical change in thinking by placing the concept of process management front and centre (”Process management” was the monitoring and optimising of a company’s tasks and activities, instead of just inspecting the final product). The Year 2000 version also demands involvement by upper executives, in order to integrate quality into the business system and avoid delegation of quality functions to junior administrators. Another goal is to improve effectiveness via process performance metrics — numerical measurement of the effectiveness of tasks and activities. Expectations of continual process improvement and tracking customer satisfaction were made explicit.

ISO 9000:2008 (Year 2008 Revision)
The new ISO 9001:2008 was published on 15 November 2008. ISO 9001:2008 uses the same numbering system as ISO 9001:2000 to organise the standard. As a result, the new ISO 9001:2008 standard looks very much like the old standard. No new requirements have been added. However, some important clarifications and modifications have been made.

As with the release of previous versions, organisations registered to ISO 9001:2000 will be given a period to transition to the ISO 9001:2008 standard, assuming changes are needed.

ISO 9000 — a way of managing for conformance
Quality assurance, according to the Standard, is a way of managing that prevents non-conformance and thus “assures quality”. This is what makes ISO 9000 different from other standards: it is a management standard, not a product standard. It goes beyond product standardisation: it is standardising not what is made but how it is made. To use standards to dictate and control how organisations work was to extend the role of standards to new territory. To take such a step we might have firstly established that any such requirements worked — that they resulted in ways of working which improved performance.
Yet the plausibility of this Standard, and the fact that those who had an interest in maintaining it were (and still are) leading opinion, prevented such enquiries. In simple terms the Standard asks managers to say what they do, do what they say and prove it to a third party.
ISO 9000 (1994) paragraph 1: “The requirements specified are aimed primarily at achieving customer satisfaction by preventing non-conformity at all stages from design through servicing.”
To put it another way, the Standard asserts that preventing non-conformance achieves customer satisfaction. But does it? Of course it matters to customers that a product works. But there is no guarantee that the Standard will ensure even that. Furthermore, customers take a total view of an organisation — how easy it is to do business with — in respect of all things of importance to each and every customer.
ISO 9000 requires managers to “establish and maintain a documented quality system as a means of ensuring that product conforms to specified requirements”. Loosely translated this is “say what you do”. Management is supposed to “define and document its policy for quality . . . including its commitment to quality”.
What management would not declare its commitment to quality? But would they know what it means? Would they argue (as they should) that quality management is a different and better way to do business, or would they believe that ISO 9000 will take care of quality? The Standard encourages managers to think of “quality” and “business as usual” as separate and distinct. It helps managers avoid the revelation that quality means a wholly different view of management. Instead, the organisation “shall appoint a management representative who, irrespective of other responsibilities, shall have defined authority and responsibility” [for ISO 9000]. At a practical level this means only one executive might decide he or she had better learn a thing or two about quality. However, would being responsible for ISO 9000 lead to learning about quality or simply enforcing the ISO 9000 regime in an organisation?
Key to the regime is auditing. The Standard requires organisations to conduct internal quality audits to “verify whether quality activities comply with planned arrangements”. This can be loosely translated as “do you do as you say?” and the purpose of the audit is to see that you do. It was not until the 1994 review that the words were changed to “quality activities and related results”. It was a Standard which was rooted in the philosophy of inspection: fifteen years after its initial promulgation the promoters sought to extend the focus to results. But results or improvements assessed by what means? Inspection. By the time the Standard was adopted world-wide, quality thinking had moved a long way from the philosophy of inspection. It is now understood, at least by a few, that quality is achieved through managing the organisation as a system and using measures which enable managers to improve flow and reduce variation (which we explore in chapters 5 and 7). The defenders argue that there is nothing stopping a company having ISO 9000 and implementing methods for managing flow and reducing variation, but where are such companies? Few of the companies we researched, formally and informally, knew anything about this thinking. The Standard does not talk about it; moreover, the Standard effectively discourages managers from learning about it by representing quality in a different way.
According to ISO 8402 (quality vocabulary), quality is:
“The totality of features and characteristics of a product or service that bear on its ability to satisfy stated or implied needs.”
Everything we have learned about ISO 9000 suggests that the people who created this definition were thinking about the things which need to be controlled, those things which “bear on its ability . . .”. The builders of the Standard assumed that customer needs would be listed in contractual agreements between the supplier and customer. ISO 9000 has a “make” logic — procedures for “how you do what you do” — and a “control” logic — check to see that it is done. It is a relic of the era when contractual agreements were perceived to be an important device for regulating the behaviour of suppliers. In these ways, ISO 9000 encouraged “planning for quality”.
Planning for quality sounds plausible, but it assumes many things: that the plan is the right plan, that it is feasible, that people will “do it”, that performance will improve. It is an approach which, paradoxically, leads to poor decisions. Planners of quality systems, guided by ISO 9000, start with a view of how the world should be as framed by the Standard. Understanding how an organisation is working, rather than how someone thinks it should, is a far better place from which to start change of any kind.

Quality characteristics in ISO 9000 Standards

Quality characteristics in ISO 9000 Standards

Any feature or characteristic of a product or service that is needed to satisfy customer needs or achieve fitness for use is a quality characteristic. When dealing with products the characteristics are almost always technical characteristics, whereas service quality characteristics have a human dimension. Some typical quality characteristics are given below.

Product characteristics

1. Accessibility Functionality Size

2. Availability Interchangeability Susceptibility

3. Appearance Maintainability Storability

4. Adaptability Odour – Strength

5. Cleanliness Operability -Taste

6. Consumption Portability – Testability

7. Durability Producibility Traceability

8. Disposability Reliability – Toxicity

9. Emittance Reparability Transportability

10. Flammability Safety – Vulnerability

11. Flexibility Security – Weight

Service quality characteristics

1. Accessibility Credibility – Honesty

2. Accuracy Dependability Promptness

3. Courtesy Efficiency - Responsiveness

4. Comfort Effectiveness Reliability

5. Competence Flexibility – Security

These are the characteristics that need to be specified and their achievement controlled, assured, improved, managed and demonstrated. These are the characteristics that form the subject matter of the product requirements referred to in ISO 9000. When the value of these characteristics is quantified or qualified they are termed product requirements. We used to use the term quality requirements but this caused a division in thinking that resulted in people regarding quality requirements as the domain of the quality personnel and technical requirements being the domain of the technical personnel. All requirements are quality requirements – they express needs or expectations that are intended to be fulfilled by a process output that possesses inherent characteristics. We can therefore drop the word quality. If a modifying word is needed in front of the word requirements it should be a word that signifies the subject of the requirements. Transportation system requirements would be requirements for a transportation system, Audio speaker design requirements would be requirements for the design of an audio speaker, component test requirements would be requirements for testing components, and management training requirements would be requirements for training managers. ISO 9000 requirements are often referred to as quality requirements as distinct from other types of requirements but this is misleading. ISO 9000 is no more a quality requirement than is ISO 1000 on SI units, ISO 2365 for Ammonium nitrate or ISO 246 for Rolling Bearings. The requirements of ISO 9000 are quality management system requirements – requirements for a quality management system.

ISO 9000 Standards – Design and development

ISO 9000 Standards – Design and development

Planning the design and development of a product means determining the design objectives and the design strategy, the design stages, timescales, costs, resources and responsibilities needed to accomplish
them. Sometimes the activity of design itself is considered to be a planning activity but what is being planned is not the design but the product.

The purpose of planning is to determine the provisions needed to achieve an objective. In most cases, these objectives include not only a requirement for a new or modified product but also requirements governing the costs and product introduction timescales (Quality, Cost and Delivery or QCD). Remove these constraints and planning becomes less important but there are few situations when cost and time is not a constraint. It is therefore necessary to work out in advance whether the objective can be achieved within the budget and timescale. One problem with design is that it is often a journey into the unknown and the cost and time it will take cannot always be predicted. It may
in fact result in disaster and either a complete reassessment of the design objective or the technology of the design solution. This has been proven time and again with major international projects such as Concorde, the Channel Tunnel and the International Space Station. Without a best guess these projects would not get off (or under!) the ground and so planning is vital firstly to get the funding and secondly to define the known and unknown so that risks can be assessed and quantified.

Design and development plans need to identify the activities to be performed, by whom they will be perform and when they should commence and be complete. One good technique is to use a network chart (often called a PERT chart), which links all the activities together. Alternatively a bar chart may be adequate. There does need to be some narrative in addition as charts in isolation rarely conveys everything required.

Design and development is not complete until the design has been proven as meeting the design requirements, so in drawing up a design and development plan you will need to cover the planning of design verification and validation activities. The plans should identify as a minimum:
- The design requirements
- The design and development programme showing activities against time
- The work packages and names of those who will execute them (Work
packages are the parcels of work that are to be handed out either internally or to suppliers)
- The work breakdown structure showing the relationship between all the parcels of work
- The reviews to be held for authorizing work to proceed from stage to
stage
- The resources in terms of finance, manpower and facilities
- The risks to success and the plans to minimize them
- The controls that will be exercised to keep the design on course
Planning for all phases at once can be difficult as information for subsequent phases will not be available until earlier phases have been completed. So, your design and development plans may consist of separate documents, one for each phase and each containing some detail of the plans you have made for subsequent phases.
Your design and development plans may also need to be subdivided into
plans for special aspects of the design such as reliability plans, safety plans, electromagnetic compatibility plans, configuration management plans. With simple designs there may be only one person carrying out the design activities. As the design and development plan needs to identify all design and development activities, even in this situation you will need to identify who carries out the design, who will review the design and who will verify the design. The same person may perform both the design and the design verification activities, however, it is good practice to allocate design verification to another person or organization because it will reveal problems overlooked by the designer. On larger design projects you may need to employ staff of various disciplines such as mechanical engineers, electronic engineers, reliability engineers etc. The responsibilities of all these people or groups need to be identified and a useful way of parcelling up the work is to use work packages that list all the activities to be performed by a particular group. If you subcontract any of the design activities, the supplier’s plans need to be integrated with your plans and your plan should identify which activities are the supplier’s responsibility. While purchasing is dealt with in clause 7.4 of the standard, the requirements also apply to design activities.

KEY CONSIDERATIONS IN IMPLEMENTING ISO 9001 IN SMEs

KEY CONSIDERATIONS IN IMPLEMENTING ISO 9001 IN SMEs

There are many issues that must be addressed in moving the QMS from the initial state to the desired state. For example, all organizations implementing ISO 9001 will need to consider the unique culture within the organization, its size, and the resources available. Beyond those widely discussed points, three issues that merit particular attention are (1) consideration of the QMS as a parallel function, (2) training, and (3) auditing. Key points associated with these issues are discussed below.

Consideration of QMS as Parallel Function

In the case of all of the transitions depicted, real benefits from the QMS are more likely to be experienced if the QMS is implemented directly into the core structure of the organization. SMEs must be cautious against establishing a QMS that is run separately in parallel to its other systems. In SMEs, the parallel subsystem most commonly exhibits itself as a separate Quality Assurance, or in some cases, ISO 9001 department. Possible reasons for this may include the existence of rigid departmental boundaries in some SMEs or overemphasis on core activities. As Yauch and Steudel [10] note, SMEs tend to focus their attention on “…necessary routine activities (such as sales, production, shipping, etc.) rather than activities aimed at improving processes or systems.” If a SME insists on establishing a separate quality department, its level of effectiveness can be increased by embedding the QMS in widely-used organizational systems where practical. The integration is largely a function of how well the QMS manages to share information with other subsystems and its ability to align with the policies, norms, goals, and values in place throughout the organization.

Training

In SMEs, training and staff development is more likely to be ad hoc and small scale because of modest human and financial resources and the absence of a specific training budget. To prevent the problems arising from lack of education and training, two things must be done:

1. Education of Top Management: The centralization of decision-making processes within many SMEs means that the management can either be the main stumbling block to change or the main catalyst for change. Therefore, any approach to ISO 9001 implementation must involve considerable education for the top management of the organization to create awareness and understanding of the implementation process as a change initiative. Implementing a fully functional and documented QMS requires motivation by top management to appreciate, achieve, and implement the necessary measures to meet the standards’ criteria.

2. Education and Training of Employees: SMEs are often under pressure to quickly gain ISO 9001 registration. Meeting the requirements of the standard in a short period of time can prove a formidable obstacle for a small company. Since most SMEs do not possess the needed expertise internally, they may be inclined to hire external experts to provide the necessary technical expertise and manpower. However, having a functioning and documented QMS requires more than that. It requires ensuring that all employees in the organization clearly know what is expected of them and how they can contribute to the attainment of their organizations’ goals. This will likely require the preparation and implementation of a training plan tailored specifically to the unique characteristics and maturity level of the SME.

Auditing

As emphasized throughout the paper, a QMS is not going to produce the expected results unless it is fully functional. While auditing must therefore verify the existence of the necessary documentation, it must also focus on the functionality of the QMS. The measurement of the functionality and the qualitative and financial impacts of a QMS have been the subject of several studies, including Kaynak [11]. Among the categories used to measure functionality and performance improvement, two are particularly noteworthy for our purposes: management commitment and employee involvement. A QMS cannot be functional in the absence of those two characteristics. Therefore, as a minimum, internal and external auditors should continually verify top management’s commitment to increased company-wide quality awareness and improvement in addition to employee involvement in the design, implementation, operation, and improvement of quality related processes and procedures.

The Benefits To Integrate ISO 14001:2004 and ISO 9001:2008

The Benefits To Integrate ISO 14001:2004 and ISO 9001:2008

Reduce the time and cost of implementing the new specification by acquiring a concise, yet thorough understanding the scope of ISO 14001:2004 and key terms.

Avoid spinning your wheels by learning precisely which modifications and additions to ISO 14001:2004 require your attention for compliance with ISO 9001:2008.

Get a quick handle, through hands-on activities, on the environmental aspects of ISO 14001:2004, including how to:
- Develop an environmental policy statement appropriate for your company
- Integrate processes for identifying environmental aspects and impacts
- Identify environmental objectives, set related targets, and establish programs for achieving results
- Integrate environmental responsibilities and authorities into a management system
- Outline an environmental awareness and training program
- Establish environmental metrics and indicators for monitoring performance
- Integrate requirements on non-conformance and corrective and preventive actions into your existing system
- Understand the purpose and scope of the environmental management review
- Integrate document control requirements of ISO 14001:2004 into your current system
- Identify those operations that need to be controlled under EMS and identify emergency operations and contingencies that must be considered as part of EMS

Get off to a running start by learning to use a versatile prioritization matrix to identify and prioritize significant environmental aspects and impacts.

Optimize understanding and retention with the Plexus Learning Model
- Multiple learning channels through lecture, coaching, group activities, innovative learning exercises and case studies.
- Hands-on insights. Lecturing is minimized so learning is maximized.
- Learn by doing. Connect the lessons learned to your real world by using your current circumstances as examples for activities.

ISO 9001 Standards – Control of Measuring and Monitoring Equipment

ISO 9001 Standards - Control of Measuring and Monitoring Equipment

Determine the monitoring and measurements to be made, and the required equipment, to provide evidence of product conformity. Use and control the monitoring and measuring devices to ensure that measurement capability is consistent with monitoring and measurement requirements.

Where necessary to ensure valid results:

- Calibrate and/or verify the measuring equipment at specified intervals or prior to use

- Calibrate the equipment to national or international standards (or record other basis)

- Adjust or re-adjust as necessary

- Identify the measuring equipment in order to determine its calibration status

- Safeguard them from improper adjustments

- Protect them from damage and deterioration

Assess and record the validity of prior results if the device is found to not conform to requirements. Maintain records of the calibration and verification results.

Confirm the ability of software used for monitoring and measuring for the intended application before its initial use (and reconfirmed as necessary).

NOTE: Confirming the ability of software to satisfy the intended application would typically include its verification and configuration management to maintain its suitability for use.

For More Information Please Visit http://www.iso9001-standard.us

Costs and resources Of ISO 9001 Standards

Costs and resources Of ISO 9001 Standards

The largest cost of ISO 9001 is the involvement of company employees. The ‘ownership’ created by involving employees in designing the quality system maximises the chances of them accepting it. Reducing this cost by minimising employee involvement is a false economy. The next largest cost will be for designing and developing the system. This needs to be led by someone with experience in this particular field. You may have someone within your own organisation who has carried out this role, perhaps with a former employer. Your Business Link may offer free or subsidised advice and training, and will be able to provide names of approved consultants. Grants for work in this area tend to be directed through Business Links. Different areas have different grants, which depend on local conditions. A typical grant may cover up to 50 per cent of the cost of an approved consultant. Certification fees are around £800 for the smallest companies. Overall costs depend upon company size and the number of locations involved. Ask certification bodies for quotes for initial audits and surveillance visits. Many will give an all-inclusive price, including surveillance visits for three years. Typically, special rates will depend on how long the assessment is likely to take and what the company’s turnover is. Ask your certification body if it offers special rates for small companies. The standard requires that companies have trained internal auditors to conduct audits on the system. An internal audit can provide an effective means of monitoring the system and identifying areas for improvement. For further details, contact the International Register of Certificated Auditors.

ISO 9001:2008 Requirements – QMS

ISO 9001:2008 Requirements – Quality Management System

Establish, document, implement, and maintain a quality management system. Continually improve its effectiveness in accordance with ISO 9001 requirements. Implement the system to:
? Determine processes needed for the quality management system (and their application throughout the organization)
? Determine process sequence and interaction
? Determine criteria and methods for process operation and control
? Ensure resources and supporting information are available
? Monitor, measure where applicable, and analyze these processes
? Implement actions to achieve planned results and continual process improvement
Manage these processes in accordance with ISO 9001 requirements. Define the type and extent of control applied to any outsourced processes that affect product conformity to requirements.
NOTE 1: Processes needed for the quality management system include the processes for management activities (see 5), provision of resources (see 6), product realization (see 7), and measurement, analysis, and improvement (see 8).
NOTE 2: An outsourced process is a process the organization needs for its quality management system, and which the organization chooses to have performed by an external party.
NOTE 3: Ensuring control over outsourced processes does not absolve your organization of the responsibility to conform to all customer, statutory, and regulatory requirements. The type and extent of control applied to an outsourced process can be influenced by factors such as:
? Potential impact of the outsourced process on your organization’s capability to provide product that conforms to requirements
? Degree to which the control for the process is shared
? Capability of achieving the necessary control through the application of 7.4

What is a quality systems registrar

What is a quality systems registrar

A registrar, or registration body (the preferred term), is sometimes called a certification body. (Accreditation bodies are entirely different—they are the entities that audit/approve registration bodies.)

There are some 573 registration bodies in operation worldwide, including
52 in the United States.

The registrar is the organization that checks your quality system and confirms that it meets ISO 9000 requirements for a prescribed and agreed period of time.

To do this, the registrar:
a. Audits your organization’s quality system to determine the degree of conformity to ISO 9000 standards. The audit is carried out:
— On paper (desktop study).
— On site (throughout your facility).
b. Registers your quality system, assuming it conforms, to ISO 9000.
c. Monitors conformity on an ongoing basis by means of regular reaudits
and other methods.
All quality system registrars perform these functions, with certain
variations. Registrars differ in two principal ways:
a. Accreditation status.
b. Scope of accreditation

Reputable ISO 9000 registrars are accredited by international accreditation
bodies. These enforce a standard, EN 45012 (European Standard for Bodies Certificating Suppliers’ Quality Systems), that governs the processes that registrars follow. This standard is quite strict:
a. Registrars must make their services available to all qualified suppliers
without imposing undue financial or other conditions, and
must administer their regulations in a nondiscriminatory manner.
b. The registrar’s organization must not engage in activities that may
affect its impartiality. For example:
— It must not provide consulting services “on matters to which
its certificates are related” (i.e., quality systems). This requirement
is superseded by the ISO 9000 restriction noted earlier.
— It must not directly engage in commerce with firms that it has
assessed and/or registered.
— Individuals involved in the registration process must not have
provided consulting services to registration clients, or any related
firms, within the previous two years.
— Its employees and agents must not engage in business activities
that would cause others to question the firm’s impartiality.
— The registrar may not market consultancy and registration
services together, and may not recommend consulting services
to clients.
— Auditors may not give advice as part of registration audits.
— The registrar must provide the accreditation body with documentation
of its employees’ qualifications.
— The registrar must have appropriate facilities for carrying out
its activities.
— The registrar must have a quality manual and documented
procedures. (Curiously, EN 45012 does not require that registrars
register to ISO 9000!)
— Registrars may not grant or renew certificates of registration until all major noncompliances are eliminated.

Another point of differentiation is scope of accreditation. All registrars
are not accredited, or approved, to register firms in any line of business. Each registrar is accredited to operate within the business or industrial sectors about which it has documented expertise. This is generically referred to as the registrar’s scope.