Certification In ISO 9001 Standards

Certification In ISO 9001 Standards

Certification involves an independent assessment of your quality system to confirm that it meets the requirements of ISO 9001. You will need to design, document and implement your own quality system.The system will need to cover all the requirements of the ISO 9001 standard. Many certification bodies will not conduct a formal assessment until the system has been operating for at least three months. Your quality system cannot be audited until you have generated documentary evidence to show that you are meeting the standard. To find a certification body with relevant experience in your sector and accreditation from the United Kingdom Accreditation Service (UKAS). Certification by a non-UKAS accredited body is likely to lead to credibility problems with your customers. Arrange a visit from the certification body’s auditors. UKAS prohibits auditors from acting as consultants. They will not tell you how to meet the standard but can offer advice. They will seek objective evidence that you are complying with each of the clauses of the ISO 9001 standard. The auditors will tell you of any shortcomings in your system. If you satisfy the standard, the auditors put your name forward for certification. You will be required to correct these problems within a specified timeframe. You can also be certificated if the auditors only identify a small number of ‘minor’ problems. Once you are certificated, you can display the certification body’s logo, and if the body is UKAS-accredited, the UKAS ‘tick and crown’ symbol (consult UKAS about exceptions to this rule). If the auditors identify more serious ‘major’ problems, you will be required to correct these before certification. These surveillance visits normally take place twice a year at agreed dates. All certification bodies are required torevisit registered companies to ensure they still meet the requirements of the standard. You will be given time to deal with any minor or major problems which are identified before any action is taken to withdraw your certificate.

ISO 9001 Standards New Blogs

Some of the new blogs on ISO 9001 Standards & ISO 14001 standards was found as below:

http://iso14000standards.blogspot.com/

http://iso-9001-standards.blogspot.com/

http://iso14001environmentmanagementsystem.blogspot.com/

http://iso9001qualitymanagementsystem.blogspot.com/

http://iso9001qualitymanual.blogspot.com/

http://iso9000standards.blogspot.com/

http://iso9001-standards.blogspot.com/

http://iso14001standards.blogspot.com/

KEY CONSIDERATIONS IN IMPLEMENTING ISO 9001 IN SMEs

KEY CONSIDERATIONS IN IMPLEMENTING ISO 9001 IN SMEs

There are many issues that must be addressed in moving the QMS from the initial state to the desired state. For example, all organizations implementing ISO 9001 will need to consider the unique culture within the organization, its size, and the resources available. Beyond those widely discussed points, three issues that merit particular attention are (1) consideration of the QMS as a parallel function, (2) training, and (3) auditing. Key points associated with these issues are discussed below.

Consideration of QMS as Parallel Function

In the case of all of the transitions depicted, real benefits from the QMS are more likely to be experienced if the QMS is implemented directly into the core structure of the organization. SMEs must be cautious against establishing a QMS that is run separately in parallel to its other systems. In SMEs, the parallel subsystem most commonly exhibits itself as a separate Quality Assurance, or in some cases, ISO 9001 department. Possible reasons for this may include the existence of rigid departmental boundaries in some SMEs or overemphasis on core activities. As Yauch and Steudel [10] note, SMEs tend to focus their attention on “…necessary routine activities (such as sales, production, shipping, etc.) rather than activities aimed at improving processes or systems.” If a SME insists on establishing a separate quality department, its level of effectiveness can be increased by embedding the QMS in widely-used organizational systems where practical. The integration is largely a function of how well the QMS manages to share information with other subsystems and its ability to align with the policies, norms, goals, and values in place throughout the organization.

Training

In SMEs, training and staff development is more likely to be ad hoc and small scale because of modest human and financial resources and the absence of a specific training budget. To prevent the problems arising from lack of education and training, two things must be done:

1. Education of Top Management: The centralization of decision-making processes within many SMEs means that the management can either be the main stumbling block to change or the main catalyst for change. Therefore, any approach to ISO 9001 implementation must involve considerable education for the top management of the organization to create awareness and understanding of the implementation process as a change initiative. Implementing a fully functional and documented QMS requires motivation by top management to appreciate, achieve, and implement the necessary measures to meet the standards’ criteria.

2. Education and Training of Employees: SMEs are often under pressure to quickly gain ISO 9001 registration. Meeting the requirements of the standard in a short period of time can prove a formidable obstacle for a small company. Since most SMEs do not possess the needed expertise internally, they may be inclined to hire external experts to provide the necessary technical expertise and manpower. However, having a functioning and documented QMS requires more than that. It requires ensuring that all employees in the organization clearly know what is expected of them and how they can contribute to the attainment of their organizations’ goals. This will likely require the preparation and implementation of a training plan tailored specifically to the unique characteristics and maturity level of the SME.

Auditing

As emphasized throughout the paper, a QMS is not going to produce the expected results unless it is fully functional. While auditing must therefore verify the existence of the necessary documentation, it must also focus on the functionality of the QMS. The measurement of the functionality and the qualitative and financial impacts of a QMS have been the subject of several studies, including Kaynak [11]. Among the categories used to measure functionality and performance improvement, two are particularly noteworthy for our purposes: management commitment and employee involvement. A QMS cannot be functional in the absence of those two characteristics. Therefore, as a minimum, internal and external auditors should continually verify top management’s commitment to increased company-wide quality awareness and improvement in addition to employee involvement in the design, implementation, operation, and improvement of quality related processes and procedures.

Transition from ISO 9001:2000 to ISO 9001:2008

Transition from ISO 9001:2000 to ISO 9001:2008

This reference guide was developed to help you understand the nature of the changes to theISO 9001 standard.

Clause Change/Emphasis Not Auditable

0.1 General – Added language emphasizing statutory and regulatory requirements are a concern as it relates to products for this international standard.

0.4 Compatibility with Other Management Systems Standards - Emphasis was added on the consideration given to ISO 14001:2004 to ensure that the standards are compatible.

1.1 General

1.2 Application – “Statutory” was added in certain paragraphs to ensure the user is aware that these requirements must be taken into consideration. Additional notes were added to explain that where the word “product” appears, it refers to every stage of its existence, from raw material received to the final product being shipped to the customer.

2. Normative Reference – Reference to ISO 9000 (vocabulary and concepts) was updated to refer to the current revision (i.e. ISO 9000:2005).

3. Terms and Definitions – The supplier/organization/customer model was removed. These relationships, in reality, are not always linears.

The Auditable Requirements
Clause Change/Emphasis
4.1
In 4.1 a, “identify” was replaced with “determine” to emphasize that an organization must give careful consideration to what processes are needed in order to fulfill requirements.
A link is drawn to 7.4 in the additional note. This was done to show that the supplier approval, evaluation, and re-evaluation process is where evidence of controlled outsourced processes should be demonstrated.
4.2.1
References to records and documents were consolidated.
Also, the organization can require records not specified in this international standard that are created and maintained.
4.2.3
Clarification is given to the requirement for outsourced documents. Only those needed for the planning and operation of the QMS need to be controlled. This could exclude documents related to occupational health and safety since ISO 9001 contains requirements only concerned with product (see 0.1).
4.2.4
Rephrased, but no additional clarifications or emphasis added. Editorial change only.
5.5.2
The management representative must be from the organization’s management. This would exclude consultants and other individuals external to the organization (e.g. a management representative from the corporate entity). The purpose of this is to ensure that this individual, entrusted with the responsibilities of championing the quality management system, is not “out of touch” with the organization.
6.2.1
The boundaries of competence only extend to individuals who impact product conformity. However, this does not just include those who are directly involved in production. The decisions made by management affect product conformity; therefore, they must be competent as well.

6.2.2
If said personnel have not yet attained the competence needed to perform the assigned job, then the organization must provide training or some other remedy to ensure that competence is achieved. The organization must also have a mechanism to ensure that personnel have been evaluated based on how well they demonstrate their knowledge and skill (i.e. competence). It is not enough to merely provide training or consider an individual’s experience. The organization must prove to itself that this person can, in fact, perform.
6.3
Infrastructure also includes databases and information technology.
6.4
Emphasis is added in a note to highlight that the concept of “work environment” only extends to product quality.
7.1 c
“Measurement” is added.
7.2.1
“Post-delivery activity” is clarified in a note with examples.
7.3.1
A note emphasizes that design verification, validation, and review are different from one another and serve different purposes. Design review is where the organization evaluates if the design can meet requirements and if any changes need to be made. Design verification is where the organization has ensured that requirements have been met (e.g. is the widget blue and is it hexagonal?). Design validation is where the organization proves that the design can perform as required.
However, the records of design verification, validation, and review do not have to be separate.
7.3.3
Production and service provisions also extend to how product is preserved, handled, etc., to ensure product conformity. See 7.5.1
Design outputs must include requirements related to preservation. See 7.5.5.

7.5.2
Notes were added to give examples of the types of processes where this requirement would apply along with a statement that service organizations should have additional considerations in the planning stages when deficiencies and conformity are not likely to be identified prior to delivery.
7.5.3
Product status must be identified throughout product realization, not just the final product. See 1.2.
7.5.4
Wording was modified to add clarity, but the intent of the requirement has not changed.
7.5.5
Again, emphasis is added that care must be given to preserving the product regardless of where it falls in the realization process.
7.6
An obsolete reference to another ISO document was replaced.
The definition of “monitoring and measuring devices” has been clarified to include equipment and devices that are purposed for monitoring and measuring, regardless of their original or intended purpose.
An additional note regarding software was added.
8.2.2
Document and record requirements were reworded and their placement modified to improve clarity.
The reference to the auditing guidance document was updated (i.e. ISO 19011).

8.2.3
Wording was modified to emphasize that correction and corrective actions are not only to be taken to preserve the conformity of the product, but also to preserve the quality management system. For example, internal rejection/scrap rates could show evidence that the organization is preserving product conformity and is taking intermediate action to prevent bad product from being shipped to their customers; however, it could also be a sign that the organization is not efficient since the higher rejection/scrap rates are undesirable.
A note was added to clarify the meaning of “suitable methods” related to planning, monitoring and measurement processes. Suitability should be determined based on risk and the impact that nonconformity would have on the product or process.
8.2.4
Product can be released to other internal processes despite planned arrangements not being satisfactorily completed as long as it conforms prior to release to the customer. This relaxes requirements on intermediate inspection results and records.
8.3
Actions taken against nonconforming product must be proportional to its impact or potential impact. See 8.2.3 related to impact considerations for monitoring and measurement.
This would mean that in the planning stages of a product, the organization needs to customize responses to nonconforming products based on the risk or potential risk to the organization.
This requirement existed in ISO 9001:2000; however, its location has changed.

8.5.2
Nonconformity can have multiple causes (“cause”; i.e. a singular reason, was used in the 2000 version); therefore, the organization must consider this when conducting root cause analysis.
Also, it is not enough to simply review corrective action and ensure that procedures were changed, personnel have been re-trained, and that processes were amended. The organization must review whether or not the action(s) taken were effective; i.e. did they successfully eliminate the nonconforming condition?
8.5.3
Similar to the new emphasis on the effectiveness of corrective action, the organization must also document whether or not the preventive action(s) taken were effective in eliminating the risk of nonconformity.

Records required by ISO 9001:2008

Records required by ISO 9001:2008

Clause Record required
5.6.1 Management reviews
6.2.2 e) Education, training, skills and experience
7.1 d) Evidence that the realization processes and resulting product fulfil requirements
7.2.2 Results of the review of requirements related to the product and actions arising from the review
7.3.2 Design and development inputs relating to product requirements
7.3.4 Results of design and development reviews and any necessary actions
7.3.5 Results of design and development verification and any necessary actions
7.3.6 Results of design and development validation and any necessary actions
7.3.7 Results of the review of design and development changes and any necessary actions
7.4.1 Results of supplier evaluations and any necessary actions arising from the evaluations
7.5.2 d) As required by the organization to demonstrate the validation of processes where the resulting output cannot be verified by subsequent monitoring or measurement
7.5.3 The unique identification of the product, where traceability is a requirement
7.5.4 Customer property that is lost, damaged or otherwise found to be unsuitable for use
7.6 a) Basis used for calibration or verification of measuring equipment where no international or national measurement standards exist
7.6 Validity of the previous measuring results when the measuring equipment is found not to conform to requirements
7.6 Results of calibration and verification of measuring equipment
8.2.2 Internal audit results and follow-up actions
8.2.4 Indication of the person(s) authorizing release of product.
8.3 Nature of the product nonconformities and any subsequent actions taken, including concessions obtained
8.5.2 e) Results of corrective action
8.5.3 d) Results of preventive action

Quality characteristics in ISO 9000 Standards

Quality characteristics in ISO 9000 Standards

Any feature or characteristic of a product or service that is needed to satisfy customer needs or achieve fitness for use is a quality characteristic. When dealing with products the characteristics are almost always technical characteristics, whereas service quality characteristics have a human dimension. Some typical quality characteristics are given below.

Product characteristics

1. Accessibility Functionality Size

2. Availability Interchangeability Susceptibility

3. Appearance Maintainability Storability

4. Adaptability Odour – Strength

5. Cleanliness Operability -Taste

6. Consumption Portability – Testability

7. Durability Producibility Traceability

8. Disposability Reliability – Toxicity

9. Emittance Reparability Transportability

10. Flammability Safety – Vulnerability

11. Flexibility Security – Weight

Service quality characteristics

1. Accessibility Credibility – Honesty

2. Accuracy Dependability Promptness

3. Courtesy Efficiency - Responsiveness

4. Comfort Effectiveness Reliability

5. Competence Flexibility – Security

These are the characteristics that need to be specified and their achievement controlled, assured, improved, managed and demonstrated. These are the characteristics that form the subject matter of the product requirements referred to in ISO 9000. When the value of these characteristics is quantified or qualified they are termed product requirements. We used to use the term quality requirements but this caused a division in thinking that resulted in people regarding quality requirements as the domain of the quality personnel and technical requirements being the domain of the technical personnel. All requirements are quality requirements – they express needs or expectations that are intended to be fulfilled by a process output that possesses inherent characteristics. We can therefore drop the word quality. If a modifying word is needed in front of the word requirements it should be a word that signifies the subject of the requirements. Transportation system requirements would be requirements for a transportation system, Audio speaker design requirements would be requirements for the design of an audio speaker, component test requirements would be requirements for testing components, and management training requirements would be requirements for training managers. ISO 9000 requirements are often referred to as quality requirements as distinct from other types of requirements but this is misleading. ISO 9000 is no more a quality requirement than is ISO 1000 on SI units, ISO 2365 for Ammonium nitrate or ISO 246 for Rolling Bearings. The requirements of ISO 9000 are quality management system requirements – requirements for a quality management system.

ISO 9000 Standards – Retention Of Records

ISO 9000 Standards – Retention Of Records
It is important that records are not destroyed before their useful life is over.
There are several factors to consider when determining the retention time for records.
The duration of the contract – some records are only of value whilst the contract is in force.
The life of the product – access to the records will probably not be needed for some considerable time, possibly long after the contract has closed. On defence contracts the contractor has to keep records for up to 20 years and
for product liability purposes, in the worst-case situation (taking account of
appeals) you could be asked to produce records up to 17 years after you made the product.
The period between management system assessments – assessors may wish to see evidence that corrective actions from the last assessment were taken. If the period of assessment is three years and you dispose of the evidence after 2 years, you will have some difficulty in convincing the assessor that you corrected the deficiency.
You will also need to take account of the subcontractor records and ensure
adequate retention times are invoked in the contract.
Where the retention time is actually specified can present a problem. If you
specify it in a general procedure you are likely to want to prescribe a single
figure, say 5 years for all records. However, this may cause storage problems – it may be more appropriate therefore to specify the retention times in the procedures that describe the records. In this way you can be selective.
You will also need a means of determining when the retention time has
expired so that if necessary you can dispose of the records. The retention time doesn’t mean that you must dispose of them when the time expires – only that you must retain the records for at least that stated period. Not only will the records need to be dated but the files that contain the records need to be dated and if stored in an archive, the shelves or drawers also dated. It is for this reason that all documents should carry a date of origin and this requirement needs to be specified in the procedures that describe the records. If you can rely on the selection process a simple method is to store the records in bins or computer disks that carry the date of disposal.
While the ISO 9000 requirement applies only to records, you may also need to retain tools, jigs, fixtures, test software – in fact anything that is needed to repair or reproduce equipment in order to honour your long-term commitments.
Should the customer specify a retention period greater than what you
prescribe in your procedures, special provisions will need to be made and this is a potential area of risk. Customers may choose not to specify a particular time and require you to seek approval before destruction. Any contract that requires you to do something different creates a problem in conveying the requirements to those who are to implement them. The simple solution is to persuade your customer to accept your policy. You may not want to change your procedures for one contract. If you can’t change the contract, the only alternative is to issue special instructions. You may be better off storing the records in a special contract store away from the normal store or alternatively attach special labels to the files to alert the people looking after the archives.

Conduct Initial Status Survey In ISO 9000 Standards

Conduct Initial Status Survey In ISO 9000 Standards

ISO 9000 does not require duplication of effort or redundant system. The goal of ISO 9000 is to create a quality management system that conforms to the standard. This does not preclude incorporating, adapting, and adding onto quality programs already in place. So the next step in the implementation process is to compare the organization’s existing quality management system, if there is one — with the requirements of the standard (ISO 9001:2008).

For this purpose, an organization flow chart showing how information actually flows (not what should be done) from order placement by the customer to delivery to this customer should be drawn up. From this over-all flow chart, a flow chart of activities in each department should be prepared.

With the aid of the flow charts, a record of existing quality management system should be established. A significant number of written procedures may already be in place.

Unless they are very much out of date, these documents should not be discarded.

Rather, they should be incorporated into the new quality management system.

Documents requiring modification or elaboration should be identified and listed. This exercise is some times referred to as ” gap analysis”. During these review processes, wide consultation with executives and representatives of various unions and associations within the organization is required to enlist their active cooperation.

In the review process, documents should be collected, studied and registered for

further use, possibly after they have been revised. Before developing new quality

management system documentation, you need to consider with which quality

requirements or department you should start. The best is to select an area where

processes are fairly well organized, running effectively and functioning satisfactorily.

The basic approach is to determine and record how a process is currently carried out.

We can do this by identifying the people involved and obtaining information from them during individual interviews. Unfortunately, it often happens that different people will give different, contradicting versions of a process. Each one may refer to oral instructions that are not accurate or clear. This is why the facts are often not described correctly the first time around, and have to be revised several times.

Once it has been agreed how to describe the current process, this process has to be adapted, supplemented and implemented according to the requirements of the quality standard (ISO 9001:2008). This requires organizational arrangements, the drawing up of additional documents and possible removal of existing documentation (e.g. procedures, inspection/test plans, inspection/test instructions) and records (e.g. inspection/test reports, inspection/test certificates).

In introducing a quality management system, the emphasis is on the improvement of the existing processes or the re-organization of processes.

In general, the steps to follow are the following:

a. Ascertain and establish the following:

What is the present operation/process? What already exists?

b. Analyze the relevant sections of the quality standard – ISO 9001:2008:

What is actually required?

c. If necessary, supplement and change operational arrangements in accordance

with the standard, develop documents and records, and describe operations/

processes:

What is the desired operation/process?

The gap analysis can be done internally, if the knowledge level is there. Or a formal pre-assessment can be obtained from any one of a large number of ISO 9000 consulting, implementing, and registration firms.

BACKGROUND TO THE ISO 9001:2008 REVISION PROCESS

BACKGROUND TO THE ISO 9001:2008 REVISION PROCESS

In order to assist organizations to have a full understanding of the new ISO 9001:2008, it may be useful to have an insight on the revision process, how this revision reflects the inputs received from users of the standard, and the consideration given to benefits and impacts during its development.

Prior to the commencement of a revision (or amendment) to a management system standard, ISO/Guide 72:2001 Guidelines for the justification and development of management system standards recommends that a “Justification Study” is prepared to present a case for the proposed project and that it outlines details of the data and inputs used to support its arguments. In relation to the development of ISO 9001:2008 user needs were identified from the following:

-the results of a formal “Systematic Review” on ISO 9001:2000 that was performed by the members of ISO/TC 176/SC2 during 2003-2004

-feedback from the ISO/TC 176/Working Group on “Interpretations”

-the results of an extensive worldwide “User Feedback Survey on ISO 9001 and

The Justification Study identified the need for an amendment, provided that the impact on users would be limited and that changes would only be introduced when there were clear benefits to users.

The key focuses of the ISO 9001:2008 amendment were to enhance the clarity of ISO 9001:2000 and to enhance its compatibility with ISO 14001:2004.

A tool for assessing the impacts versus benefits for proposed changes was created to assist the drafters of the amendment in deciding which changes should be included, and to assist in the verification of drafts against the identified user needs. The following decision making principles were applied:

1) No changes with high impact would be incorporated into the standard;

2) Changes with medium impact would only be incorporated when they provided a correspondingly medium or high benefit to users of the standard;

3) Even where a change was low impact, it had to be justified by the benefits it delivered to users, before being incorporated.

The changes incorporated in this ISO 9001:2008 edition were classified in terms of impact into the following categories:

-No changes or minimum changes on user documents, including records

-No changes or minimum changes to existing processes of the organization

-No additional training required or minimal training required

-No effects on current certifications

The benefits identified for the ISO 9001:2008 edition fall into the following categories:

-Provides clarity

-Increases compatibility with ISO 14001.

-Maintains consistency with ISO 9000 family of standards.

-Improves translatability.

What Is ISO 9000 Standards

What Is ISO 9000 Standards?

ISO 9000 is a set of interrelated ideas, principles and rules and could therefore be considered a system in the same way that we refer to the metric system or the imperial system of measurement. ISO 9000 is both an international standard and until year 2008, was a family of some 20 international standards. As a standard, ISO 9000 was divided into 4 parts with part 1 providing guidelines on the selection and use of the other standards in the family. The family of standards included requirements for quality assurance and guidelines on quality management. Some might argue that none
of these are in fact standards in the sense of being quantifiable. The critics argue that the standards are too open to interpretation to be standards anything that produces such a wide variation is surely an incapable process with one of its primary causes being a series of objectives that are not measurable. However, if we take a broader view of standards, any set of rules, rituals, requirements, quantities, targets or behaviours that have been agreed by a group of people could be deemed to be a standard. Therefore by this definition, ISO 9000 is a standard.

History Of ISO 9001 Standards

History Of ISO 9001 Standards

Pre ISO 9000
During World War II, there were quality problems in many British industries such as munitions, where bombs were exploding in factories during assembly. The solution adopted to address these quality problems required factories to document their manufacturing procedures and to prove by record-keeping that the procedures were being followed. The standard was BS 5750, and it was known as a management standard because it specified not what to manufacture, but how the manufacturing process was to be managed. In 1987, the British Government persuaded the International Organization for Standardization (ISO) to adopt BS 5750 as an international standard. The international standard was named ISO 9000.

ISO 9000: 1987 Version
ISO 9000:1987 had the same structure as the British Standard BS 5750, with three ‘models’ for quality management systems, the selection of which was based on the scope of activities of the organisation:
• ISO 9001:1987 Model for quality assurance in design, development, production, installation, and servicing was for companies and organisations whose activities included the creation of new products
•ISO 9002:1987 Model for quality assurance in production, installation, and servicing had basically the same material as ISO 9001 but without covering the creation of new products.
•ISO 9003:1987 Model for quality assurance in final inspection and test covered only the final inspection of finished product, with no concern for how the product was produced.
ISO 9000:1987 was also influenced by existing U.S. and other Defense Standards (MIL SPECS), and so was well-suited to manufacturing. The emphasis tended to be placed on conformance with procedures rather than the overall process of management—which was likely the actual intent.

ISO 9000 Standards – Quality Management Principles

ISO 9000 Standards – Quality Management Principles
A quality management principle is defined by ISO/TC 176 as a comprehensive and fundamental rule or belief, for leading and operating an organization, aimed at continually improving performance over the long term by focusing on customers while addressing the needs of all other interested parties. Eight principles have emerged as fundamental to the management of quality.

All the requirements of ISO 9001:2008 are related to one or more of these principles. These principles provide the reasons for the requirements and are thus very important. The quality management principles can be listed as below:

1. Customer focus
Organizations depend on their customers and therefore should understand current and future customer needs, meet customer requirements and strive to exceed customer expectations.
The customer focus principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Communication with the customer
b. Care for customer property
c. The determination of customer needs and expectations
d. Appointment of a management representative
e. Management commitment

2. Leadership
Leaders establish unity of purpose and direction for the organization. They should create and maintain the internal environment in which people can become fully involved in achieving the organization’s objectives.
The leadership principle is reflected in ISO 9000 Standards through the requirements addressing:
a. The setting of objectives and policies
b. Planning
c. Internal communication
d. Creating an effective work environment

3. Involvement of people
People at all levels are the essence of an organization and their full involvement enables their abilities to be used for the organization’s benefit.
The involvement of people principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Participation in design reviews
b. Defining objectives, responsibilities and authority
c. Creating an environment in which people are motivated
d. Internal communication
e. Identifying competence needs

4. Process approach
A desired result is achieved more efficiently when related resources and activities are managed as a process.
The process approach principle is reflected in ISO 9000 Standards through the requirements addressing:
a. The identity of processes
b. Defining process inputs and outputs
c. Providing the infrastructure, information and resources for processes to
function

5. System approach to management
This principle is expressed as follows:
Identifying, understanding and managing interrelated processes as a system contributes to the organization’s effectiveness and efficiency in achieving its objectives.
The system approach principle is reflected in ISO 9001 through the requirements addressing:
a. Establishing, implementing and maintaining the management system
b. Interconnection, interrelation and sequence of processes
c. The links between processes
d. Establishing measurement processes

6. Continual improvement
This principle is expressed as follows:
Continual improvement of the organization’s overall performance should be a permanent objective of the organization.
The continual improvement principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Improvement processes
b. Identifying improvements
c. Reviewing documents and processes for opportunities for improvement

7. Factual approach to decision making
This principle is expressed as follows:
Effective decisions are based on the analysis of data and information.
The factual approach principle is reflected in ISO 9000 Standards through the requirements addressing:
a. Reviews, measurements and monitoring to obtain facts
b. Control of measuring devices
c. Analysis to obtain facts from information
d. Records for documenting the facts
e. Approvals based on facts

8. Mutually beneficial supplier relationships
This principle is expressed as follows:
An organization and its suppliers are interdependent and a mutually beneficial relationship enhances the ability of both to create value.
The mutually beneficial supplier relationships principle is reflected in ISO 9000 Standardsthrough the requirements addressing:
a. Control of suppliers
b. Evaluation of suppliers
c. Analysis and review of supplier data

How to Maintain ISO 9001 Standards QMS

How to Maintain ISO 9001 Standards QMS (Quality Management System)

ISO 9001 is a quality management system (QMS) created and maintained by the International Organization for Standardization (ISO), the largest developer of international standards in the world. QMS systems are meant to provide organizations with a formal framework for process improvements and quality standards. The system provides a set of procedures that covers all key processes to ensure they are effective. It also provides a methodology for record-keeping, checking for defects and continuous improvement and maintenance of these functions.

- Provide resources needed to support process operations, monitoring and the management review process.

- Transform and maintain physical workspaces, equipment, hardware, software, utilities and support services needed to meet requirements.

- Develop a system to review transportation (if any), communication and information services for sharing data relating to ISO 9001 standards.

- Provide adequate training for management reviewers (MRs) and internal auditors. They should have the right experience, education and skills needed to ensure that competence requirements are being met.

- Keep a record of the review process. This includes corrective and preventive action procedures.

The ISO 9001 & ISO 14001 Standards and the environment

The ISO 9001 & ISO 14001 Standards and the environment

The ISO 14000 family of International Standards on environmental management is a relative newcomer to ISO’s portfolio – but enviroment-related standardization is far from being a new departure for ISO.

In fact, ISO has two-pronged approach to meeting the needs of business, industry, governments, non-governmental organizations and consumers in the field of the environment.

On the one hand, it offers a wideranging portfolio of standardized sampling, testing and analytical methods to deal with specific environmental challenges. It has developed more than 350 International Standards (out of a total more
than 12000) for the monitoring of such aspects as the quality of air, water and soil. These standards are means of providing business and government with scientifically valid data on the environmental effects of economic activity.

They also serve in a number of countries as the technical basis for environmental regulations.

ISO is leading a strategic approach by developing environmental management system standards that can be implemented in any type of organization in either public or private sectors (companies, administration, public utilities). To spearhead this strategic approach, ISO establish a new technical commitee, ISO /TC 207, Environmental management, in

1993. This followed ISO’s successful pioneering experience in management system standardization with the ISO 9000 series for quality management.

ISO’s direct involvement in environmental management stemmed from an intensive consultation process, carried out within the framework of a Strategic Advisory Group on Environment (SAGE),set up in 1991, in which 20 countrie, 11 international organizations and more than 100 environmental experts participated in defining the basic requirements of a new approach to environment-related standards.

This pioneering work was consolidated with ISO’s commitment to support the objective of “sustainable development” dicussed at the United Nations Conference on Environment and Development in Rio de Janeiro in 1992.

Today, delegations of business and government experts from 55 countries have participate actively within TC 207,

and another 16 countries have observer status. These delegations are chosen by the national standars institute concerned and they are required to bring to TC 207 a national consensus on issue being addressed by the commitee.

This national consensus is derived from a process of consultation with interested parties.

From its beginning, it was recognized that ISO/TC 207 should have close cooperation with ISO/TC 176, Quality management and quality assurance, in the areas of management systems, auditing and related terminology. Active efforts are under way to ensure compatibility of ISO environmental management and quality management standards, for the benefit of all organizations wishing to implement them.

Audit Of Electronic Documents In ISO 9001 Standards

Audit Of Electronic Documents In ISO 9001 Standards

Electronic documents that establish management system policies and procedures can be in a variety of file formats depending on the software applications that are utilized by the organization to generate the documents. Electronic file formats include, Text, HTML, PDF, etc. Spreadsheets and databases formats are also considered to be electronic “documents” subject to the control elements of the management system to being audited.

Given the relative ease with which users can now create electronic spreadsheets and other electronic documents, auditors (either internal or external) should ensure that policies governing the controls that apply to management system documentation in-general are also employed for electronic documents through appropriate procedures.

Organizations need to employ suitable and effective methods within the electronic environment for ensuring the adequate review, approval, publication and distribution of its management system documentation. These should be consistent with the methods for the development and modification of electronic documents.

In many cases document control measures may also be standard features of software applications used for their creation. Therefore auditors should understand these application-specific controls to the degree that these are utilized as a basis for conformance to the applicable management system standard.

Given the increased capacity to modify, update, reformat and otherwise improve documents within an electronic-based management system, auditors should pay particular attention to control elements such as document identification and document revision level.

As electronic media facilitates an increased rate of document modifications, auditors should verify that the controls being employed for the management of obsolete documents are considered within the organizations’ document control policies and procedures.

Auditors should verify that electronic-based documentation exists to provide orientation to users with regard to the functional and control aspects associated with electronic documents. Additionally, “Point-of-use” requirements associated with the applicable management system standards will typically be addressed in part by the organization’s document access policies. Auditors should understand the organization’s policies and procedures regarding user privileges as these become important factors for properly realizing the organization’s processes.

External electronic communication with suppliers, customers and other interested parties may involve the exchange of documents. Given that these external documents may contain key parameters that specify the functioning of the organization’s processes, auditors should verify the degree to which these documents are formally introduced and controlled within the electronic-based management system.

ISO 9001 — a way of managing for conformance

Quality assurance, according to the Standard, is a way of managing that prevents non-conformance and thus “assures quality”. This is what makes ISO 9001 different from other standards: it is a management standard, not a product standard. It goes beyond product standardisation: it is standardising not what is made but how it is made. To use standards to dictate and control how organisations work was to extend the role of standards to new territory. To take such a step we might have firstly established that any such requirements worked — that they resulted in ways of working which improved performance.

Yet the plausibility of this Standard, and the fact that those who had an interest in maintaining it were (and still are) leading opinion, prevented such enquiries. In simple terms the Standard asks managers to say what they do, do what they say and prove it to a third party.

ISO 9000 (1994) paragraph 1: “The requirements specified are aimed primarily at achieving customer satisfaction by preventing non-conformity at all stages from design through servicing.”

To put it another way, the Standard asserts that preventing non-conformance achieves customer satisfaction. But does it? Of course it matters to customers that a product works. But there is no guarantee that the Standard will ensure even that. Furthermore, customers take a total view of an organisation — how easy it is to do business with — in respect of all things of importance to each and every customer.

ISO 9001 requires managers to “establish and maintain a documented quality system as a means of ensuring that product conforms to specified requirements”. Loosely translated this is “say what you do”. Management is supposed to “define and document its policy for quality . . . including its commitment to quality”.

What management would not declare its commitment to quality? But would they know what it means? Would they argue (as they should) that quality management is a different and better way to do business, or would they believe that ISO 9000 will take care of quality? The Standard encourages managers to think of “quality” and “business as usual” as separate and distinct. It helps managers avoid the revelation that quality means a wholly different view of management. Instead, the organisation “shall appoint a management representative who, irrespective of other responsibilities, shall have defined authority and responsibility” [for ISO 9000]. At a practical level this means only one executive might decide he or she had better learn a thing or two about quality. However, would being responsible for ISO 9001 lead to learning about quality or simply enforcing the ISO 9000 regime in an organisation?

Key to the regime is auditing. The Standard requires organisations to conduct internal quality audits to “verify whether quality activities comply with planned arrangements”. This can be loosely translated as “do you do as you say?” and the purpose of the audit is to see that you do. It was not until the 1994 review that the words were changed to “quality activities and related results”. It was a Standard which was rooted in the philosophy of inspection: fifteen years after its initial promulgation the promoters sought to extend the focus to results. But results or improvements assessed by what means? Inspection. By the time the Standard was adopted world-wide, quality thinking had moved a long way from the philosophy of inspection. It is now understood, at least by a few, that quality is achieved through managing the organisation as a system and using measures which enable managers to improve flow and reduce variation (which we explore in chapters 5 and 7). The defenders argue that there is nothing stopping a company having ISO 9000 and implementing methods for managing flow and reducing variation, but where are such companies? Few of the companies we researched, formally and informally, knew anything about this thinking. The Standard does not talk about it; moreover, the Standard effectively discourages managers from learning about it by representing quality in a different way.

According to ISO 8402 (quality vocabulary), quality is:

“The totality of features and characteristics of a product or service that bear on its ability to satisfy stated or implied needs.”

Everything we have learned about ISO 9000 suggests that the people who created this definition were thinking about the things which need to be controlled, those things which “bear on its ability . . .”. The builders of the Standard assumed that customer needs would be listed in contractual agreements between the supplier and customer. ISO 9000 has a “make” logic — procedures for “how you do what you do” — and a “control” logic — check to see that it is done. It is a relic of the era when contractual agreements were perceived to be an important device for regulating the behaviour of suppliers. In these ways, ISO 9000 encouraged “planning for quality”.

Planning for quality sounds plausible, but it assumes many things: that the plan is the right plan, that it is feasible, that people will “do it”, that performance will improve. It is an approach which, paradoxically, leads to poor decisions. Planners of quality systems, guided by ISO 9000, start with a view of how the world should be as framed by the Standard. Understanding how an organisation is working, rather than how someone thinks it should, is a far better place from which to start change of any kind