TQM is infinitely variable and adaptable. Although originally applied to manufacturing operations, and for a number of years only used in that area, TQM is now becoming recognised as a generic management tool, just as applicable in service and public sector organisations. There are a number of evolutionary strands, with different sectors creating their own versions from the common ancestor.
Tuesday, December 15, 2009
ISO 9000 Total Quality Management System
TQM is infinitely variable and adaptable. Although originally applied to manufacturing operations, and for a number of years only used in that area, TQM is now becoming recognised as a generic management tool, just as applicable in service and public sector organisations. There are a number of evolutionary strands, with different sectors creating their own versions from the common ancestor.
Monday, November 30, 2009
Documents That Ensure Effective Planning, Operation And Control
Documents That Ensure Effective Planning, Operation And Control
The ISO 9000 standard requires management system documentation to include documents required by the organization to ensure the effective planning, operation and control of its processes.
The documents required for effective planning, operation and control of the processes would include several different types of documents. Some will be
product and process specific and others will be common to all processes. Rather than stipulate the documents that are needed, ISO 9000 Standards now provides for the organization to decide what it needs for the effective operation and control of its processes. This phrase is the key to determining the documents that are needed.
There are three types of controlled documents, namely:
- Policies and practices (these include process descriptions, control procedures, guides, operating procedures and internal standards)
- Documents derived from these policies and practices, such as drawings,
specifications, plans, work instructions, technical procedures and reports
- External documents referenced in either of the above
There will always be exceptions to this model but in general the majority of
documents used in a management system can be classified in this way.
Derived documents are those that are derived by executing processes;
for example, audit reports result from using the audit process, drawings result from using the design process, procurement specifications result from using the procurement process. There are, however, two types of derived document:
prescriptive and descriptive documents. Prescriptive documents are those that prescribe requirements, instructions, guidance etc. and may be subject to change. They have issue status and approval status, and are implemented in doing work. Descriptive documents result from doing work and are not
implemented. They may have issue and approval status. Specifications, plans, purchase orders, drawings are all prescriptive whereas audit reports, test reports, inspection records are all descriptive. This distinction is only necessary because the controls required will be different for each class of documents.
The ISO 9000 standard requires management system documentation to include documents required by the organization to ensure the effective planning, operation and control of its processes.
The documents required for effective planning, operation and control of the processes would include several different types of documents. Some will be
product and process specific and others will be common to all processes. Rather than stipulate the documents that are needed, ISO 9000 Standards now provides for the organization to decide what it needs for the effective operation and control of its processes. This phrase is the key to determining the documents that are needed.
There are three types of controlled documents, namely:
- Policies and practices (these include process descriptions, control procedures, guides, operating procedures and internal standards)
- Documents derived from these policies and practices, such as drawings,
specifications, plans, work instructions, technical procedures and reports
- External documents referenced in either of the above
There will always be exceptions to this model but in general the majority of
documents used in a management system can be classified in this way.
Derived documents are those that are derived by executing processes;
for example, audit reports result from using the audit process, drawings result from using the design process, procurement specifications result from using the procurement process. There are, however, two types of derived document:
prescriptive and descriptive documents. Prescriptive documents are those that prescribe requirements, instructions, guidance etc. and may be subject to change. They have issue status and approval status, and are implemented in doing work. Descriptive documents result from doing work and are not
implemented. They may have issue and approval status. Specifications, plans, purchase orders, drawings are all prescriptive whereas audit reports, test reports, inspection records are all descriptive. This distinction is only necessary because the controls required will be different for each class of documents.
Friday, November 13, 2009
ISO 9000 Standards – Design and development
ISO 9000 Standards – Design and development
Planning the design and development of a product means determining the design objectives and the design strategy, the design stages, timescales, costs, resources and responsibilities needed to accomplish
them. Sometimes the activity of design itself is considered to be a planning activity but what is being planned is not the design but the product.
The purpose of planning is to determine the provisions needed to achieve an objective. In most cases, these objectives include not only a requirement for a new or modified product but also requirements governing the costs and product introduction timescales (Quality, Cost and Delivery or QCD). Remove these constraints and planning becomes less important but there are few situations when cost and time is not a constraint. It is therefore necessary to work out in advance whether the objective can be achieved within the budget and timescale. One problem with design is that it is often a journey into the unknown and the cost and time it will take cannot always be predicted. It may
in fact result in disaster and either a complete reassessment of the design objective or the technology of the design solution. This has been proven time and again with major international projects such as Concorde, the Channel Tunnel and the International Space Station. Without a best guess these projects would not get off (or under!) the ground and so planning is vital firstly to get the funding and secondly to define the known and unknown so that risks can be assessed and quantified.
Design and development plans need to identify the activities to be performed, by whom they will be perform and when they should commence and be complete. One good technique is to use a network chart (often called a PERT chart), which links all the activities together. Alternatively a bar chart may be adequate. There does need to be some narrative in addition as charts in isolation rarely conveys everything required.
Design and development is not complete until the design has been proven as meeting the design requirements, so in drawing up a design and development plan you will need to cover the planning of design verification and validation activities. The plans should identify as a minimum:
- The design requirements
- The design and development programme showing activities against time
- The work packages and names of those who will execute them (Work
packages are the parcels of work that are to be handed out either internally or to suppliers)
- The work breakdown structure showing the relationship between all the parcels of work
- The reviews to be held for authorizing work to proceed from stage to
stage
- The resources in terms of finance, manpower and facilities
- The risks to success and the plans to minimize them
- The controls that will be exercised to keep the design on course
Planning for all phases at once can be difficult as information for subsequent phases will not be available until earlier phases have been completed. So, your design and development plans may consist of separate documents, one for each phase and each containing some detail of the plans you have made for subsequent phases.
Your design and development plans may also need to be subdivided into
plans for special aspects of the design such as reliability plans, safety plans, electromagnetic compatibility plans, configuration management plans. With simple designs there may be only one person carrying out the design activities. As the design and development plan needs to identify all design and development activities, even in this situation you will need to identify who carries out the design, who will review the design and who will verify the design. The same person may perform both the design and the design verification activities, however, it is good practice to allocate design verification to another person or organization because it will reveal problems overlooked by the designer. On larger design projects you may need to employ staff of various disciplines such as mechanical engineers, electronic engineers, reliability engineers etc. The responsibilities of all these people or groups need to be identified and a useful way of parcelling up the work is to use work packages that list all the activities to be performed by a particular group. If you subcontract any of the design activities, the supplier’s plans need to be integrated with your plans and your plan should identify which activities are the supplier’s responsibility. While purchasing is dealt with in clause 7.4 of the standard, the requirements also apply to design activities.
Integrating Management Systems Within The ISO Standards
Today’s free market economies increasingly encourage diverse sources of supply and provide opportunities for expanding markets. Fair competition needs to be based on identifiable, clearly defined common references that are recognised from one country to the next. A standard, internationally recognised, developed by consensus among trading partners, serves as the language of trade. The International Organisation for Standardisation (ISO) has developed around 8′700, mostly technical related standards on this basis. Standards Series such as ISO 9000, ISO 14000 and what is to be known as ISO 18000 and ISO 26000 are Management related. These standards contain generic guidelines for Management Systems in the area of Quality, Environment, Occupational Health & Safety and Human Resources.
ISO is a word derived from the Greek isos, meaning “equal”. ISO Standards are developed and updated by the International Organisation for Standardisation which has around 150 member bodies. A member body of ISO is the national body “most representative of standardisation in its country”.(eg. Germany – DIN, USA – ANSI, Australia – SAA).
More than 50 countries, as well as the European Community have adopted ISO 9000 which is recognised internationally as a benchmark for measuring quality in a trade context. Since its first issue in 1987, approximately 430′000 companies have been using ISO 9000. Being a standard coming from an organisation that is usually involved in the development of technical standards, ISO 9000 is often regarded as a document that belongs in the hands of a technician exposed to production line quality control. At a closer look, however, ISO 9000 Standard Series provide guidance in the development and application of Management Systems as well as Quality Control in Manufacturing and Administration.
ISO has been developing a number of Management System Guidelines for various aspects of business. The most recent are the ISO 14000 Environmental Management System Guidelines. This is an international standard that will affect business in the near future. ISO 14000 has been designed to integrate with ISO 9000. However, apart from international standards there are local standards a company has to comply with. To remain compliant with local standards, further manuals and/or procedures are required (eg. lifting procedure in a warehouse to satisfy Work Safety requirements). A company may have several Manuals describing its Management Systems (eg. Human Resources, Quality, Security, Health/Safety, Finances). An overall link between the systems is often missing which makes the monitoring and the assessment of effectiveness difficult. Double handling of information, contradicting instructions, high maintenance costs, administrative excess and lack of overall transparency are common results.
ISO 9000 Standard Series for Quality (of) Management Systems provide generic guidance for the development of an overall Management System, ISO 14000 provides guidance for Environmental Management, etc. Transparency and monitoring of all business activities can be achieved by integrating all systems into one.
Complaints that ISO 9000 is paralysing operations and, that it does not reflect reality are usually a result of not clearly understanding how the standard can be properly structured to address the needs of a company. ISO 9000 can be structured by focusing on “best practice” process rather than the standard, by fitting the standard to the process and not the process to the standard. Having recognised this, ISO has been working on a new structure for ISO 9000, called “Vision 2000″, taking a process orientated approach to ensure that “best practice” as well as several standards can be addressed within one system. Focusing on process allows the development of a practical “working document”, providing an effective management tool. Having learned from the past, the trend to Process Orientated Management Systems started about three years ago in Europe and is finding increasing approval from certification bodies.Every company has its own culture and key individuals.
The business environment influences processes in certain ways (eg. employee market, laws, infrastructure, client, etc.)
To ensure competitiveness a company needs to ensure adequate flexibility in their system to effectively respond to changes in the business environment.
An effective system is a lean system that incorporates all necessary functions, controls of activities and “best practice” without being caught up in detail.
An effective system must also be flexible enough to enable the proper controls on outsourcing and sub-contracting of activities (eg. production, administration, service, etc.)
Wednesday, October 21, 2009
Reasons a Company Becomes Certified in ISO 9000 Standards
ISO 9000 certification or registration can be an expensive process. A company must consider the reasons and promised benefits for going through this process. If a company decides to seek certification, they should consider making sure their suppliers are certified or at least compliant to the ISO 9000 standards.
Major reasonsIn the early 1990s, companies seemed to be jumping on the certification bandwagon without seriously considering the rationale for doing so. Often they did so because competitors or “everybody else” is getting registered. Today companies seriously look at the reasons and benefits for becoming registered.
The major reasons that company leadership or management decides to seek ISO 9000 certification are to gain continued or increased business and to maintain effective operations.
Improved businessA company can maintain a relationship with customers, as well as get increased business through complying to the ISO 9000 standards or becoming certified. This comes from satisfying customer demands, the desire for European business, and to advertise.
Finally, some companies want to become certified, so they can advertise that fact and give the impression of being better than their competitors.
You have seen ads with a logo stating the company is certified at some ISO 9000 level. It apparently gives those companies a leg up on competitors not registered.
Again, this seemed more important in the 1990s, but you don’t see that many companies using ISO 9000 certification as an advertising tool.
ISO 9000 is supposed to make sure your business is run in an orderly manner that will assure continued success.
One would think that a goal such as being run effectively and able to deliver goods consistently and reliably would also be desirable for a company’s own operation. Surprisingly, many companies do not consider that as a goal.
Major reasonsIn the early 1990s, companies seemed to be jumping on the certification bandwagon without seriously considering the rationale for doing so. Often they did so because competitors or “everybody else” is getting registered. Today companies seriously look at the reasons and benefits for becoming registered.
The major reasons that company leadership or management decides to seek ISO 9000 certification are to gain continued or increased business and to maintain effective operations.
Improved businessA company can maintain a relationship with customers, as well as get increased business through complying to the ISO 9000 standards or becoming certified. This comes from satisfying customer demands, the desire for European business, and to advertise.
Finally, some companies want to become certified, so they can advertise that fact and give the impression of being better than their competitors.
You have seen ads with a logo stating the company is certified at some ISO 9000 level. It apparently gives those companies a leg up on competitors not registered.
Again, this seemed more important in the 1990s, but you don’t see that many companies using ISO 9000 certification as an advertising tool.
ISO 9000 is supposed to make sure your business is run in an orderly manner that will assure continued success.
One would think that a goal such as being run effectively and able to deliver goods consistently and reliably would also be desirable for a company’s own operation. Surprisingly, many companies do not consider that as a goal.
Demonstrating conformity with ISO 9001:2008
Demonstrating conformity with ISO 9001:2008
For organizations wishing to demonstrate conformity with the requirements of ISO 9001:2008, for the purposes of certification/registration, contractual, or other reasons, it is important to remember the need to provide evidence of the effective implementation of the QMS.
Organizations may be able to demonstrate conformity without the need for extensive documentation.
To claim conformity with ISO 9001:2008, the organization has to be able to provide objective evidence of the effectiveness of its processes and its quality management system. Clause 3.8.1 of ISO 9000:2005 defines “objective
evidence” as “data supporting the existence or variety of something” and notes that “objective evidence may be obtained through observation, measurement, test, or other means.”
Objective evidence does not necessarily depend on the existence of documented procedures, records or other documents, except where specifically mentioned in ISO 9001:2008. In some cases, (for example, in clause 7.1(d)
Planning of product realization, and clause 8.2.4 Monitoring and measurement of product), it is up to the organization to determine what records are necessary in order to provide this objective evidence.
Where the organization has no specific internal procedure for a particular activity, and this is not required by the standard, (for example, clause 5.6 Management Review), it is acceptable for this activity to be conducted using as a basis the relevant clause of ISO 9001:2008. In these situations, both internal and external audits may use the text of ISO 9001:2008 for conformity assessment purposes.
For organizations wishing to demonstrate conformity with the requirements of ISO 9001:2008, for the purposes of certification/registration, contractual, or other reasons, it is important to remember the need to provide evidence of the effective implementation of the QMS.
Organizations may be able to demonstrate conformity without the need for extensive documentation.
To claim conformity with ISO 9001:2008, the organization has to be able to provide objective evidence of the effectiveness of its processes and its quality management system. Clause 3.8.1 of ISO 9000:2005 defines “objective
evidence” as “data supporting the existence or variety of something” and notes that “objective evidence may be obtained through observation, measurement, test, or other means.”
Objective evidence does not necessarily depend on the existence of documented procedures, records or other documents, except where specifically mentioned in ISO 9001:2008. In some cases, (for example, in clause 7.1(d)
Planning of product realization, and clause 8.2.4 Monitoring and measurement of product), it is up to the organization to determine what records are necessary in order to provide this objective evidence.
Where the organization has no specific internal procedure for a particular activity, and this is not required by the standard, (for example, clause 5.6 Management Review), it is acceptable for this activity to be conducted using as a basis the relevant clause of ISO 9001:2008. In these situations, both internal and external audits may use the text of ISO 9001:2008 for conformity assessment purposes.
Monday, October 12, 2009
Certification In ISO 9000 Standards
Certification In ISO 9000 Standards
Certification involves an independent assessment of your quality system to confirm that it meets the requirements of ISO 9000. You will need to design, document and implement your own quality system. The system will need to cover all the requirements of the ISO 9000 standard. Many certification bodies will not conduct a formal assessment until the system has been operating for at least three months. Your quality system cannot be audited until you have generated documentary evidence to show that you are meeting the standard. To find a certification body with relevant experience in your sector and accreditation from the United Kingdom Accreditation Service (UKAS). Certification by a non-UKAS accredited body is likely to lead to credibility problems with your customers. Arrange a visit from the certification body’s auditors. UKAS prohibits auditors from acting as consultants. They will not tell you how to meet the standard but can offer advice. They will seek objective evidence that you are complying with each of the clauses of the ISO 9000 standard. The auditors will tell you of any shortcomings in your system. If you satisfy the standard, the auditors put your name forward for certification. You will be required to correct these problems within a specified timeframe. You can also be certificated if the auditors only identify a small number of ‘minor’ problems. Once you are certificated, you can display the certification body’s logo, and if the body is UKAS-accredited, the UKAS ‘tick and crown’ symbol (consult UKAS about exceptions to this rule). If the auditors identify more serious ‘major’ problems, you will be required to correct these before certification. These surveillance visits normally take place twice a year at agreed dates. All certification bodies are required to revisit registered companies to ensure they still meet the requirements of the standard. You will be given time to deal with any minor or major problems which are identified before any action is taken to withdraw your certificate.
Certification involves an independent assessment of your quality system to confirm that it meets the requirements of ISO 9000. You will need to design, document and implement your own quality system. The system will need to cover all the requirements of the ISO 9000 standard. Many certification bodies will not conduct a formal assessment until the system has been operating for at least three months. Your quality system cannot be audited until you have generated documentary evidence to show that you are meeting the standard. To find a certification body with relevant experience in your sector and accreditation from the United Kingdom Accreditation Service (UKAS). Certification by a non-UKAS accredited body is likely to lead to credibility problems with your customers. Arrange a visit from the certification body’s auditors. UKAS prohibits auditors from acting as consultants. They will not tell you how to meet the standard but can offer advice. They will seek objective evidence that you are complying with each of the clauses of the ISO 9000 standard. The auditors will tell you of any shortcomings in your system. If you satisfy the standard, the auditors put your name forward for certification. You will be required to correct these problems within a specified timeframe. You can also be certificated if the auditors only identify a small number of ‘minor’ problems. Once you are certificated, you can display the certification body’s logo, and if the body is UKAS-accredited, the UKAS ‘tick and crown’ symbol (consult UKAS about exceptions to this rule). If the auditors identify more serious ‘major’ problems, you will be required to correct these before certification. These surveillance visits normally take place twice a year at agreed dates. All certification bodies are required to revisit registered companies to ensure they still meet the requirements of the standard. You will be given time to deal with any minor or major problems which are identified before any action is taken to withdraw your certificate.
Costs and resources Of ISO 9000 Standards
Costs and resources Of ISO 9000 Standards
The largest cost of ISO 9000 is the involvement of company employees. The ‘ownership’ created by involving employees in designing the quality system maximises the chances of them accepting it. Reducing this cost by minimising employee involvement is a false economy. The next largest cost will be for designing and developing the system. This needs to be led by someone with experience in this particular field. You may have someone within your own organisation who has carried out this role, perhaps with a former employer. Your Business Link may offer free or subsidised advice and training, and will be able to provide names of approved consultants. Grants for work in this area tend to be directed through Business Links. Different areas have different grants, which depend on local conditions. A typical grant may cover up to 50 per cent of the cost of an approved consultant. Certification fees are around £800 for the smallest companies. Overall costs depend upon company size and the number of locations involved. Ask certification bodies for quotes for initial audits and surveillance visits. Many will give an all-inclusive price, including surveillance visits for three years. Typically, special rates will depend on how long the assessment is likely to take and what the company’s turnover is. Ask your certification body if it offers special rates for small companies. The standard requires that companies have trained internal auditors to conduct audits on the system. An internal audit can provide an effective means of monitoring the system and identifying areas for improvement. For further details, contact the International Register of Certificated Auditors.
The largest cost of ISO 9000 is the involvement of company employees. The ‘ownership’ created by involving employees in designing the quality system maximises the chances of them accepting it. Reducing this cost by minimising employee involvement is a false economy. The next largest cost will be for designing and developing the system. This needs to be led by someone with experience in this particular field. You may have someone within your own organisation who has carried out this role, perhaps with a former employer. Your Business Link may offer free or subsidised advice and training, and will be able to provide names of approved consultants. Grants for work in this area tend to be directed through Business Links. Different areas have different grants, which depend on local conditions. A typical grant may cover up to 50 per cent of the cost of an approved consultant. Certification fees are around £800 for the smallest companies. Overall costs depend upon company size and the number of locations involved. Ask certification bodies for quotes for initial audits and surveillance visits. Many will give an all-inclusive price, including surveillance visits for three years. Typically, special rates will depend on how long the assessment is likely to take and what the company’s turnover is. Ask your certification body if it offers special rates for small companies. The standard requires that companies have trained internal auditors to conduct audits on the system. An internal audit can provide an effective means of monitoring the system and identifying areas for improvement. For further details, contact the International Register of Certificated Auditors.
ISO 9000 family of standards and SMEs
ISO 9000 family of standards and SMEs
The ISO 9000 quality management system is generic in nature and applicable to all companies, regardless of the type and size of the business, including small and medium enterprises (SMEs), and they are applicable to all categories of products, whether hardware, software, processed materials or services. ISO 9001:2008 specifies what is required to be done by an organization but does not indicate how it should be done, thus giving the enterprise a lot of flexibility to run its business.
It is simple to use, clear in language and easily understandable. The new standard is also appropriate for small companies, as it does not demand the type of paper bureaucracy needed for the implementation of the 1994 version. Only six documented procedures are now required and need for other procedures/documents can be decided by the company. Companies will, however, be required to provide objective evidence that the QMS has been effectively implemented. A small company may find it appropriate to include the description of its entire QMS within a single Quality Manual, including all the documented procedures required by the standard.
The process-based approach given in the new standard will tend to ensure that systems are documented and implemented in a manner that suits a SME’s own way of doing business. This approach makes it easier for SMEs to implement, instead of just taking over an artificial structure of QMS imposed from outside. It will also be easier for SMEs managed by their owners to demonstrate “top management commitment” towards QMS. Furthermore, in a SME, it is easier to ensure effective internal communication, better utilization of resources, people clearly understanding their roles and responsibilities, etc.
The new standard has included a provision for deciding on the applicability of
certain product realization processes included in section 7 of the standard. For example, if the SME has no responsibility for the design and development of the product it provides, the SME may say so, giving the reasoning behind it, in the Quality Manual; the certification body, being satisfied that this corresponds, would then award it certification to ISO 9001:2008. Similarly, other product realization processes such as purchasing, product identification and traceability, control of measuring devices may also be excluded if these are not applicable for the type of products or services being provided by the company.
It is also possible that SMEs may not have adequate in-house expertise or there may be other constraints to perform all processes on their own. In such cases, the new standard also permits the outsourcing of any of the QMS processes, providing the company has control over such processes. The nature of this control will depend on the nature of the outsourced or subcontracted processes and the risk involved. For example, the design and development process may be subcontracted to an expert or a specialized agency, inspection/verification of goods purchased may be subcontracted to an inspection agency, internal audit of QMS can be outsourced, etc. However, overall responsibility for ensuring control on all outsourced processes as per requirements of the standard would remain with the company’s management.
The ISO 9000 quality management system is generic in nature and applicable to all companies, regardless of the type and size of the business, including small and medium enterprises (SMEs), and they are applicable to all categories of products, whether hardware, software, processed materials or services. ISO 9001:2008 specifies what is required to be done by an organization but does not indicate how it should be done, thus giving the enterprise a lot of flexibility to run its business.
It is simple to use, clear in language and easily understandable. The new standard is also appropriate for small companies, as it does not demand the type of paper bureaucracy needed for the implementation of the 1994 version. Only six documented procedures are now required and need for other procedures/documents can be decided by the company. Companies will, however, be required to provide objective evidence that the QMS has been effectively implemented. A small company may find it appropriate to include the description of its entire QMS within a single Quality Manual, including all the documented procedures required by the standard.
The process-based approach given in the new standard will tend to ensure that systems are documented and implemented in a manner that suits a SME’s own way of doing business. This approach makes it easier for SMEs to implement, instead of just taking over an artificial structure of QMS imposed from outside. It will also be easier for SMEs managed by their owners to demonstrate “top management commitment” towards QMS. Furthermore, in a SME, it is easier to ensure effective internal communication, better utilization of resources, people clearly understanding their roles and responsibilities, etc.
The new standard has included a provision for deciding on the applicability of
certain product realization processes included in section 7 of the standard. For example, if the SME has no responsibility for the design and development of the product it provides, the SME may say so, giving the reasoning behind it, in the Quality Manual; the certification body, being satisfied that this corresponds, would then award it certification to ISO 9001:2008. Similarly, other product realization processes such as purchasing, product identification and traceability, control of measuring devices may also be excluded if these are not applicable for the type of products or services being provided by the company.
It is also possible that SMEs may not have adequate in-house expertise or there may be other constraints to perform all processes on their own. In such cases, the new standard also permits the outsourcing of any of the QMS processes, providing the company has control over such processes. The nature of this control will depend on the nature of the outsourced or subcontracted processes and the risk involved. For example, the design and development process may be subcontracted to an expert or a specialized agency, inspection/verification of goods purchased may be subcontracted to an inspection agency, internal audit of QMS can be outsourced, etc. However, overall responsibility for ensuring control on all outsourced processes as per requirements of the standard would remain with the company’s management.
Management Principles Of ISO 9000 Standards
Management Principles Of ISO 9000 Standards
ISO 9000 is based on eight management principles:
• Customer focus, resulting in meeting customer requirements and striving to exceed them;
• Leadership, aiming to create an internal environment in which people are fully involved;
• Involvement of people who are the essence of an organization;
• Process approach, resulting in improved efficiency to obtain desired results;
• System approach to management, leading to improved effectiveness and efficiency through identification, understanding and management of interrelated processes;
• Continual improvement, which becomes a permanent objective of the organization;
• Factual approach to decision-making, based on the analysis of data and information; and
• Mutually beneficial supplier relationships, based on an understanding of their interdependence.
ISO 9000 encourages the adoption of the process approach to manage an organization. There are five main areas considered for the revised process model in ISO 9000:
• Quality management system
• Management responsibility
• Resource management
• Product realization
• Measurement, analysis and improvement.
ISO 9000 is based on eight management principles:
• Customer focus, resulting in meeting customer requirements and striving to exceed them;
• Leadership, aiming to create an internal environment in which people are fully involved;
• Involvement of people who are the essence of an organization;
• Process approach, resulting in improved efficiency to obtain desired results;
• System approach to management, leading to improved effectiveness and efficiency through identification, understanding and management of interrelated processes;
• Continual improvement, which becomes a permanent objective of the organization;
• Factual approach to decision-making, based on the analysis of data and information; and
• Mutually beneficial supplier relationships, based on an understanding of their interdependence.
ISO 9000 encourages the adoption of the process approach to manage an organization. There are five main areas considered for the revised process model in ISO 9000:
• Quality management system
• Management responsibility
• Resource management
• Product realization
• Measurement, analysis and improvement.
Benefits Of Obtaining ISO 9000 Certification
Benefits Of Obtaining ISO 9000 Certification
Implementing a quality management system brings internal benefits to most organizations, as well as opening up opportunities vis-Ã -vis the outside world.
Internal benefits to the company include:
• improved customer focus and process orientation within the company;
• improved management commitment and decision-making;
• better working conditions for employees;
• increased motivation of employees;
• reduced cost of internal failures (lower rates of rework, rejection, etc.) and external failures (fewer customer returns, replacements, etc.); and last but not least,
• continual improvement of the quality management system.
The following external benefits are generated:
• customers are more confident that they will receive products conforming to their requirements, which in turn results in higher customer satisfaction;
• an improved image of the company;
• more aggressive publicity, as customers can be informed of the benefits of their doing business with a company that manages the quality of its outputs;
• more confidence that the company’s products meet relevant regulatory
requirements;
• better objective evidence to defend product liability charges if such are brought by customers.
Refer http://www.iso9001-standard.us for more information.
Implementing a quality management system brings internal benefits to most organizations, as well as opening up opportunities vis-Ã -vis the outside world.
Internal benefits to the company include:
• improved customer focus and process orientation within the company;
• improved management commitment and decision-making;
• better working conditions for employees;
• increased motivation of employees;
• reduced cost of internal failures (lower rates of rework, rejection, etc.) and external failures (fewer customer returns, replacements, etc.); and last but not least,
• continual improvement of the quality management system.
The following external benefits are generated:
• customers are more confident that they will receive products conforming to their requirements, which in turn results in higher customer satisfaction;
• an improved image of the company;
• more aggressive publicity, as customers can be informed of the benefits of their doing business with a company that manages the quality of its outputs;
• more confidence that the company’s products meet relevant regulatory
requirements;
• better objective evidence to defend product liability charges if such are brought by customers.
Refer http://www.iso9001-standard.us for more information.
Hidden Businees Opportunities
The ISO 9001:2000 Standard has been revised after eight years. And the buzz is rapidly reaching a crescendo. We continue to receive numerous emails and phone calls regarding the impact of the new release. First, let me dispel any anxiety about the November 15, 2008 official “2008” release. There are no new requirements. The changes are largely interpretive, and focus on terminology clarifications. The changes to the ISO 9001 amendment, however, will have considerable benefit.As a back drop, keep in mind that ISO 9001 is not just an International Standard for a Quality Management System. It is the world’s most recognized business management standard. And it makes a strong business case. It focuses attention on leadership, business planning, organizational business processes, your customers (internal and external), measurement and reporting, and continual improvement. That translates to improved business results and a sustainable competitive advantage.
Overview of the Changes
The points of clarification focus on outsourcing, documentation, management representative, employee competence, design verification and validation, process monitoring, control of nonconforming product and corrective and preventive action. But bear in mind, no “shalls” (requirements) were added or removed.Examples of select changes include: In an attempt to clarify the term “outsourcing,” notes were added that require the organization to identify processes (and the control of these) to be completed by an external party. With respect to documentation, the changes focus on improving the compatibility between ISO 9001 and ISO 14001.The only significant addition to the management representative sub clause was to require that the MR be a member of the organization’s management team. This means a contracted person could serve in this role as long as he or she is also considered part of management. The management representative does not have to be full-time.With regard to competence of employees, a note was added to make training more pervasive throughout the organization. Training applies to all employees directly or indirectly responsible for delivering a service or producing a product (everyone that is part of the quality chain). A complete listing of changes can be found in Annex B (Table B.1) of the Standard. Also, note that there is better alignment with ISO 14001:2004.
Overview of the Changes
The points of clarification focus on outsourcing, documentation, management representative, employee competence, design verification and validation, process monitoring, control of nonconforming product and corrective and preventive action. But bear in mind, no “shalls” (requirements) were added or removed.Examples of select changes include: In an attempt to clarify the term “outsourcing,” notes were added that require the organization to identify processes (and the control of these) to be completed by an external party. With respect to documentation, the changes focus on improving the compatibility between ISO 9001 and ISO 14001.The only significant addition to the management representative sub clause was to require that the MR be a member of the organization’s management team. This means a contracted person could serve in this role as long as he or she is also considered part of management. The management representative does not have to be full-time.With regard to competence of employees, a note was added to make training more pervasive throughout the organization. Training applies to all employees directly or indirectly responsible for delivering a service or producing a product (everyone that is part of the quality chain). A complete listing of changes can be found in Annex B (Table B.1) of the Standard. Also, note that there is better alignment with ISO 14001:2004.
Understand Quality Management
Quality Management may be defined as the process through which organizations apply statistical process control mechanisms in order to improve the quality and standards of goods and services that are manufactured. Closely related to Quality Management is tqm, also known as total quality management. This is basically a management strategy that is applied in businesses in order to create awareness of high quality in most organizational processes. Quality Management features three main components including quality assurance, quality improvement and quality control. Quality management is focused not only on the quality of products and services but also on continuous improvement of quality standards.
Most methods that are now being used for Quality Management, quality system and quality manufacturing system take into consideration the need for high quality as an essential attribute in services and products that are manufactured by companies and organizations. Quality Management usually involves the successful improvement of quality of services and products. This is usually done through quality training processes where one can also acquire lessons on quality process and process management. One tool that is used for ensuring auditing quality in Quality Management is the MasterControlQAAD(TM) software. Besides using tools to carry out Quality Management successfully, one can also consider applying project management. This will help ensure continuous quality improvement.
The other way through which organizations can improve quality of process and service output is by using six sigma. This is basically a business management strategy that helps identify and remove defects and variations in the manufacturing process. It also helps guarantee Quality Management. It works by using a set of high quality business management and overall management methods to ensure quality and guarantee Quality Management. Most products and services to which Quality Management is applied are certified with iso certificates. Some of the iso certificates that guarantee that a product or service has undertaken Quality Management, change management and process improvement is iso 9001.
iso 9001 and iso 14001:2004 set down specific guidelines for environmental management systems and Quality Management. Other guidelines can be found in other generic process management philosophies such as the lean management that follows iso 9000 quality improvement standards aimed at guaranteeing total quality to its quality systems. The other mode through which organizations guarantee Quality Management is by use of a quality plan that meets iso 14000 and iso 14001 iso certification requirements. The other iso certification that guarantees product quality in Quality Management include iso 9001 2000.
In order to meet supplier quality in Quality Management systems, there are several iso training sessions that are offered. These meet iso standards. An organization that is in need of Quality Management for its products and services may also consider using a quality manual for its day to day Quality Management plans. Such a manual will usually have guidelines for iso quality. However, when applying the guidelines in the manual, regard must be had to quality audit measures aimed at guaranteeing Quality Management for the organization. Quality Management also involves knowledge of as9100 and iso 13485 that are commonly applicable in supplier management.
Quality Management programs that are iso certified help offer quality policy to existing iso 9001 certifications and quality management system that meet iso 9000 and ts16949 requirements. Quality companies that are aimed at ensuring Quality Management for the products and services that they manufacture also use quality management software that guarantees managing quality. In order to enhance Quality Management, the software guarantees quality procedures through its high rate of functionality. Besides such software, an organization can adopt quality assurance training and also offer quality consulting to its members in order to guarantee Quality Management to its products and services.
There are also several quality project management plans, which meet iso standards such as iso 9002 that are available today. Such plans are usually developed with a view to developing flexible, affordable and scalable management solutions to companies that seek to uphold Quality Management for their products and services. Such plans feature quality management systems that offer quality control management and quality assurance management through quality a management plan. Other quality objectives that can be obtained through iso 9001 training thus meeting iso 9000 certification use project management skills to improve Quality Management for the manufactured products and services.
Most methods that are now being used for Quality Management, quality system and quality manufacturing system take into consideration the need for high quality as an essential attribute in services and products that are manufactured by companies and organizations. Quality Management usually involves the successful improvement of quality of services and products. This is usually done through quality training processes where one can also acquire lessons on quality process and process management. One tool that is used for ensuring auditing quality in Quality Management is the MasterControlQAAD(TM) software. Besides using tools to carry out Quality Management successfully, one can also consider applying project management. This will help ensure continuous quality improvement.
The other way through which organizations can improve quality of process and service output is by using six sigma. This is basically a business management strategy that helps identify and remove defects and variations in the manufacturing process. It also helps guarantee Quality Management. It works by using a set of high quality business management and overall management methods to ensure quality and guarantee Quality Management. Most products and services to which Quality Management is applied are certified with iso certificates. Some of the iso certificates that guarantee that a product or service has undertaken Quality Management, change management and process improvement is iso 9001.
iso 9001 and iso 14001:2004 set down specific guidelines for environmental management systems and Quality Management. Other guidelines can be found in other generic process management philosophies such as the lean management that follows iso 9000 quality improvement standards aimed at guaranteeing total quality to its quality systems. The other mode through which organizations guarantee Quality Management is by use of a quality plan that meets iso 14000 and iso 14001 iso certification requirements. The other iso certification that guarantees product quality in Quality Management include iso 9001 2000.
In order to meet supplier quality in Quality Management systems, there are several iso training sessions that are offered. These meet iso standards. An organization that is in need of Quality Management for its products and services may also consider using a quality manual for its day to day Quality Management plans. Such a manual will usually have guidelines for iso quality. However, when applying the guidelines in the manual, regard must be had to quality audit measures aimed at guaranteeing Quality Management for the organization. Quality Management also involves knowledge of as9100 and iso 13485 that are commonly applicable in supplier management.
Quality Management programs that are iso certified help offer quality policy to existing iso 9001 certifications and quality management system that meet iso 9000 and ts16949 requirements. Quality companies that are aimed at ensuring Quality Management for the products and services that they manufacture also use quality management software that guarantees managing quality. In order to enhance Quality Management, the software guarantees quality procedures through its high rate of functionality. Besides such software, an organization can adopt quality assurance training and also offer quality consulting to its members in order to guarantee Quality Management to its products and services.
There are also several quality project management plans, which meet iso standards such as iso 9002 that are available today. Such plans are usually developed with a view to developing flexible, affordable and scalable management solutions to companies that seek to uphold Quality Management for their products and services. Such plans feature quality management systems that offer quality control management and quality assurance management through quality a management plan. Other quality objectives that can be obtained through iso 9001 training thus meeting iso 9000 certification use project management skills to improve Quality Management for the manufactured products and services.
ISO 14001 Standards – Complying with Environmental Laws and Regulations
One of the most commonly cited reasons for implementing an ISO 14001 environmental management system is that it helps an organization comply with environmental laws and regulations.
ISO 14001 registration will provide additional assurance to City Council, senior management, regulators and key stakeholders that appropriate procedures have been implemented to identify, track, and communicate environmental laws and regulations. ISO 14001 registration will also provide assurance that our Administration is controlling, monitoring, and improving performance, relative to these laws/regulations.
A strong environmental management system, aimed at legal/regulatory compliance, will serve the City of Edmonton by increasing the likelihood of avoiding convictions, fines and judgments; avoiding internal legal costs; and promoting positive relations with regulators.
ISO 14001 registration will provide additional assurance to City Council, senior management, regulators and key stakeholders that appropriate procedures have been implemented to identify, track, and communicate environmental laws and regulations. ISO 14001 registration will also provide assurance that our Administration is controlling, monitoring, and improving performance, relative to these laws/regulations.
A strong environmental management system, aimed at legal/regulatory compliance, will serve the City of Edmonton by increasing the likelihood of avoiding convictions, fines and judgments; avoiding internal legal costs; and promoting positive relations with regulators.
IS0 14001 – HISTORICAL DEVELOPMENT
Firstly ISO 14000 environment system standards was prepared in June of 1992 year in Rio at world apex and this standard brooks decisions of this world apex and Rio contract principles. After 1 year, ISO established one technique committee which is yielded by 50 different country representatives to prepare international environment management system in 1993 year. ISO 14001 environment management system standard was issued in September of 1996 year with works of this committee. ISO 14001 standard is used as voluntary now but ISO 14001 will be burden by coercions of societies, international organizations, states in the future. Levels which environment management system passed are the following briefly:
= Europe community countries issued I action plan in 1973 year (to practice protecting preventions of environment )= BS 7750 Standard in 1992= Rio Declaration in 1992 year= ISO/TC 207. Environmental management technique committee was established in 1993 year to develop ISO 14000 family standards= TS 9719 standard (environment management system – General features) in 1994 year= ISO 14001 standard in 1996 year= ISO 14001 current version in April of 2005 Nisan 2005
= Europe community countries issued I action plan in 1973 year (to practice protecting preventions of environment )= BS 7750 Standard in 1992= Rio Declaration in 1992 year= ISO/TC 207. Environmental management technique committee was established in 1993 year to develop ISO 14000 family standards= TS 9719 standard (environment management system – General features) in 1994 year= ISO 14001 standard in 1996 year= ISO 14001 current version in April of 2005 Nisan 2005
ISO 14001 and The Environment
The ISO 14000 family of International Standards on environmental management is a relative newcomer to ISO’s portfolio – but enviroment-related standardization is far from being a new departure for ISO.
In fact, ISO has two-pronged approach to meeting the needs of business, industry, governments, non-governmental organizations and consumers in the field of the environment.
On the one hand, it offers a wideranging portfolio of standardized sampling, testing and analytical methods to deal with specific environmental challenges. It has developed more than 350 International Standards (out of a total morethan 12000) for the monitoring of such aspects as the quality of air, water and soil. These standards are means of providing business and government with scientifically valid data on the environmental effects of economic activity.
They also serve in a number of countries as the technical basis for environmental regulations.
ISO is leading a strategic approach by developing environmental management system standards that can be implemented in any type of organization in either public or private sectors (companies, administration, public utilities). To spearhead this strategic approach, ISO establish a new technical commitee, ISO /TC 207, Environmental management, in
1993. This followed ISO’s successful pioneering experience in management system standardization with the ISO 9000 series for quality management.
ISO’s direct involvement in environmental management stemmed from an intensive consultation process, carried out within the framework of a Strategic Advisory Group on Environment (SAGE),set up in 1991, in which 20 countrie, 11 international organizations and more than 100 environmental experts participated in defining the basic requirements of a new approach to environment-related standards.
This pioneering work was consolidated with ISO’s commitment to support the objective of “sustainable development” dicussed at the United Nations Conference on Environment and Development in Rio de Janeiro in 1992.
Today, delegations of business and government experts from 55 countries have participate actively within TC 207,
and another 16 countries have observer status. These delegations are chosen by the national standars institute concerned and they are required to bring to TC 207 a national consensus on issue being addressed by the commitee.
This national consensus is derived from a process of consultation with interested parties.
From its beginning, it was recognized that ISO/TC 207 should have close cooperation with ISO/TC 176, Quality management and quality assurance, in the areas of management systems, auditing and related terminology. Active efforts are under way to ensure compatibility of ISO environmental management and quality management standards, for the benefit of all organizations wishing to implement them.
In fact, ISO has two-pronged approach to meeting the needs of business, industry, governments, non-governmental organizations and consumers in the field of the environment.
On the one hand, it offers a wideranging portfolio of standardized sampling, testing and analytical methods to deal with specific environmental challenges. It has developed more than 350 International Standards (out of a total morethan 12000) for the monitoring of such aspects as the quality of air, water and soil. These standards are means of providing business and government with scientifically valid data on the environmental effects of economic activity.
They also serve in a number of countries as the technical basis for environmental regulations.
ISO is leading a strategic approach by developing environmental management system standards that can be implemented in any type of organization in either public or private sectors (companies, administration, public utilities). To spearhead this strategic approach, ISO establish a new technical commitee, ISO /TC 207, Environmental management, in
1993. This followed ISO’s successful pioneering experience in management system standardization with the ISO 9000 series for quality management.
ISO’s direct involvement in environmental management stemmed from an intensive consultation process, carried out within the framework of a Strategic Advisory Group on Environment (SAGE),set up in 1991, in which 20 countrie, 11 international organizations and more than 100 environmental experts participated in defining the basic requirements of a new approach to environment-related standards.
This pioneering work was consolidated with ISO’s commitment to support the objective of “sustainable development” dicussed at the United Nations Conference on Environment and Development in Rio de Janeiro in 1992.
Today, delegations of business and government experts from 55 countries have participate actively within TC 207,
and another 16 countries have observer status. These delegations are chosen by the national standars institute concerned and they are required to bring to TC 207 a national consensus on issue being addressed by the commitee.
This national consensus is derived from a process of consultation with interested parties.
From its beginning, it was recognized that ISO/TC 207 should have close cooperation with ISO/TC 176, Quality management and quality assurance, in the areas of management systems, auditing and related terminology. Active efforts are under way to ensure compatibility of ISO environmental management and quality management standards, for the benefit of all organizations wishing to implement them.
ISO 14001 ENVIRONMENTAL MANAGEMENT SYSTEM AUDIT
In order to be in conformance with this provision of ISO 14001 an organization must be able to answer the overall question: “How does the organization conduct environmental audits of the EMS?”. In order to answer that question four specific tasks must be addressed under the Management System Audit section of the standard.
First, the organization must develop a program and related procedures that define an audit plan of the environmental management system. In addition the program must define frequency of the audit process. Second, the procedures must specify the methodology of the audit process, including the qualifications of the auditors. Third, the audit reports must be submitted to top management. Fourth, the audit reports must provide recommendations directed at correcting any reported nonconformance that was discovered in the audit process.
The audit process discussed in this section of the standard is directed at internal audits. The standard is silent on the frequency issue. Generally accepted practice with a mature ISO 14001 system is a total audit of the system once a year. In the implementation phase of an environmental management system a more frequent audit process might be appropriate. In addition any part of the environmental management system that has been previously determined to be in nonconformance should be audited with an increased frequency. The methodology of the audit process required by the standard requires two distinct steps:
A. determine whether the environmental management system conforms to the requirements of ISO 14001, andB. that the system has been managed as described in the Environmental Policy statement, the Environmental Objectives and Targets, and the related work descriptions and procedures.
It is critical that an audit report that relates a nonconformance be forwarded to top management promptly. The internal audit staff must be competent with respect to the requirements of ISO 14001.
First, the organization must develop a program and related procedures that define an audit plan of the environmental management system. In addition the program must define frequency of the audit process. Second, the procedures must specify the methodology of the audit process, including the qualifications of the auditors. Third, the audit reports must be submitted to top management. Fourth, the audit reports must provide recommendations directed at correcting any reported nonconformance that was discovered in the audit process.
The audit process discussed in this section of the standard is directed at internal audits. The standard is silent on the frequency issue. Generally accepted practice with a mature ISO 14001 system is a total audit of the system once a year. In the implementation phase of an environmental management system a more frequent audit process might be appropriate. In addition any part of the environmental management system that has been previously determined to be in nonconformance should be audited with an increased frequency. The methodology of the audit process required by the standard requires two distinct steps:
A. determine whether the environmental management system conforms to the requirements of ISO 14001, andB. that the system has been managed as described in the Environmental Policy statement, the Environmental Objectives and Targets, and the related work descriptions and procedures.
It is critical that an audit report that relates a nonconformance be forwarded to top management promptly. The internal audit staff must be competent with respect to the requirements of ISO 14001.
Reasons a Company Becomes Certified in ISO 9001 Standards
ISO 9000 certification or registration can be an expensive process. A company must consider the reasons and promised benefits for going through this process. If a company decides to seek certification, they should consider making sure their suppliers are certified or at least compliant to the ISO 9000 standards.
Major reasonsIn the early 1990s, companies seemed to be jumping on the certification bandwagon without seriously considering the rationale for doing so. Often they did so because competitors or “everybody else” is getting registered. Today companies seriously look at the reasons and benefits for becoming registered.
The major reasons that company leadership or management decides to seek ISO 9000 certification are to gain continued or increased business and to maintain effective operations.
Improved businessA company can maintain a relationship with customers, as well as get increased business through complying to the ISO 900 standards or becoming certified. This comes from satisfying customer demands, the desire for European business, and to advertise.
Finally, some companies want to become certified, so they can advertise that fact and give the impression of being better than their competitors.
You have seen ads with a logo stating the company is certified at some ISO 9000 level. It apparently gives those companies a leg up on competitors not registered.
Again, this seemed more important in the 1990s, but you don’t see that many companies using ISO 9000 certification as an advertising tool.
ISO 9000 is supposed to make sure your business is run in an orderly manner that will assure continued success.
One would think that a goal such as being run effectively and able to deliver goods consistently and reliably would also be desirable for a company’s own operation. Surprisingly, many companies do not consider that as a goal.
Major reasonsIn the early 1990s, companies seemed to be jumping on the certification bandwagon without seriously considering the rationale for doing so. Often they did so because competitors or “everybody else” is getting registered. Today companies seriously look at the reasons and benefits for becoming registered.
The major reasons that company leadership or management decides to seek ISO 9000 certification are to gain continued or increased business and to maintain effective operations.
Improved businessA company can maintain a relationship with customers, as well as get increased business through complying to the ISO 900 standards or becoming certified. This comes from satisfying customer demands, the desire for European business, and to advertise.
Finally, some companies want to become certified, so they can advertise that fact and give the impression of being better than their competitors.
You have seen ads with a logo stating the company is certified at some ISO 9000 level. It apparently gives those companies a leg up on competitors not registered.
Again, this seemed more important in the 1990s, but you don’t see that many companies using ISO 9000 certification as an advertising tool.
ISO 9000 is supposed to make sure your business is run in an orderly manner that will assure continued success.
One would think that a goal such as being run effectively and able to deliver goods consistently and reliably would also be desirable for a company’s own operation. Surprisingly, many companies do not consider that as a goal.
Transition from ISO 9001:2000 to ISO 9001:2008
Transition from ISO 9001:2000 to ISO 9001:2008
This reference guide was developed to help you understand the nature of the changes to the ISO 9001 standard.
Clause Change/Emphasis Not Auditable
0.1 General – Added language emphasizing statutory and regulatory requirements are a concern as it relates to products for this international standard.
0.4 Compatibility with Other Management Systems Standards - Emphasis was added on the consideration given to ISO 14001:2004 to ensure that the standards are compatible.
1.1 General
1.2 Application – “Statutory” was added in certain paragraphs to ensure the user is aware that these requirements must be taken into consideration. Additional notes were added to explain that where the word “product” appears, it refers to every stage of its existence, from raw material received to the final product being shipped to the customer.
2. Normative Reference – Reference to ISO 9000 (vocabulary and concepts) was updated to refer to the current revision (i.e. ISO 9000:2005).
3. Terms and Definitions – The supplier/organization/customer model was removed. These relationships, in reality, are not always linears.
The Auditable RequirementsClause Change/Emphasis4.1In 4.1 a, “identify” was replaced with “determine” to emphasize that an organization must give careful consideration to what processes are needed in order to fulfill requirements.A link is drawn to 7.4 in the additional note. This was done to show that the supplier approval, evaluation, and re-evaluation process is where evidence of controlled outsourced processes should be demonstrated.4.2.1References to records and documents were consolidated.Also, the organization can require records not specified in this international standard that are created and maintained.4.2.3Clarification is given to the requirement for outsourced documents. Only those needed for the planning and operation of the QMS need to be controlled. This could exclude documents related to occupational health and safety since ISO 9001 contains requirements only concerned with product (see 0.1).4.2.4Rephrased, but no additional clarifications or emphasis added. Editorial change only.5.5.2The management representative must be from the organization’s management. This would exclude consultants and other individuals external to the organization (e.g. a management representative from the corporate entity). The purpose of this is to ensure that this individual, entrusted with the responsibilities of championing the quality management system, is not “out of touch” with the organization.6.2.1The boundaries of competence only extend to individuals who impact product conformity. However, this does not just include those who are directly involved in production. The decisions made by management affect product conformity; therefore, they must be competent as well.
6.2.2If said personnel have not yet attained the competence needed to perform the assigned job, then the organization must provide training or some other remedy to ensure that competence is achieved. The organization must also have a mechanism to ensure that personnel have been evaluated based on how well they demonstrate their knowledge and skill (i.e. competence). It is not enough to merely provide training or consider an individual’s experience. The organization must prove to itself that this person can, in fact, perform.6.3Infrastructure also includes databases and information technology.6.4Emphasis is added in a note to highlight that the concept of “work environment” only extends to product quality.7.1 c“Measurement” is added.7.2.1“Post-delivery activity” is clarified in a note with examples.7.3.1A note emphasizes that design verification, validation, and review are different from one another and serve different purposes. Design review is where the organization evaluates if the design can meet requirements and if any changes need to be made. Design verification is where the organization has ensured that requirements have been met (e.g. is the widget blue and is it hexagonal?). Design validation is where the organization proves that the design can perform as required.However, the records of design verification, validation, and review do not have to be separate.7.3.3Production and service provisions also extend to how product is preserved, handled, etc., to ensure product conformity. See 7.5.1Design outputs must include requirements related to preservation. See 7.5.5.
7.5.2Notes were added to give examples of the types of processes where this requirement would apply along with a statement that service organizations should have additional considerations in the planning stages when deficiencies and conformity are not likely to be identified prior to delivery.7.5.3Product status must be identified throughout product realization, not just the final product. See 1.2.7.5.4Wording was modified to add clarity, but the intent of the requirement has not changed.7.5.5Again, emphasis is added that care must be given to preserving the product regardless of where it falls in the realization process.7.6An obsolete reference to another ISO document was replaced.The definition of “monitoring and measuring devices” has been clarified to include equipment and devices that are purposed for monitoring and measuring, regardless of their original or intended purpose.An additional note regarding software was added.8.2.2Document and record requirements were reworded and their placement modified to improve clarity.The reference to the auditing guidance document was updated (i.e. ISO 19011).
8.2.3Wording was modified to emphasize that correction and corrective actions are not only to be taken to preserve the conformity of the product, but also to preserve the quality management system. For example, internal rejection/scrap rates could show evidence that the organization is preserving product conformity and is taking intermediate action to prevent bad product from being shipped to their customers; however, it could also be a sign that the organization is not efficient since the higher rejection/scrap rates are undesirable.A note was added to clarify the meaning of “suitable methods” related to planning, monitoring and measurement processes. Suitability should be determined based on risk and the impact that nonconformity would have on the product or process.8.2.4Product can be released to other internal processes despite planned arrangements not being satisfactorily completed as long as it conforms prior to release to the customer. This relaxes requirements on intermediate inspection results and records.8.3Actions taken against nonconforming product must be proportional to its impact or potential impact. See 8.2.3 related to impact considerations for monitoring and measurement.This would mean that in the planning stages of a product, the organization needs to customize responses to nonconforming products based on the risk or potential risk to the organization.This requirement existed in ISO 9001:2000; however, its location has changed.
8.5.2Nonconformity can have multiple causes (“cause”; i.e. a singular reason, was used in the 2000 version); therefore, the organization must consider this when conducting root cause analysis.Also, it is not enough to simply review corrective action and ensure that procedures were changed, personnel have been re-trained, and that processes were amended. The organization must review whether or not the action(s) taken were effective; i.e. did they successfully eliminate the nonconforming condition?8.5.3Similar to the new emphasis on the effectiveness of corrective action, the organization must also document whether or not the preventive action(s) taken were effective in eliminating the risk of nonconformity.
This reference guide was developed to help you understand the nature of the changes to the ISO 9001 standard.
Clause Change/Emphasis Not Auditable
0.1 General – Added language emphasizing statutory and regulatory requirements are a concern as it relates to products for this international standard.
0.4 Compatibility with Other Management Systems Standards - Emphasis was added on the consideration given to ISO 14001:2004 to ensure that the standards are compatible.
1.1 General
1.2 Application – “Statutory” was added in certain paragraphs to ensure the user is aware that these requirements must be taken into consideration. Additional notes were added to explain that where the word “product” appears, it refers to every stage of its existence, from raw material received to the final product being shipped to the customer.
2. Normative Reference – Reference to ISO 9000 (vocabulary and concepts) was updated to refer to the current revision (i.e. ISO 9000:2005).
3. Terms and Definitions – The supplier/organization/customer model was removed. These relationships, in reality, are not always linears.
The Auditable RequirementsClause Change/Emphasis4.1In 4.1 a, “identify” was replaced with “determine” to emphasize that an organization must give careful consideration to what processes are needed in order to fulfill requirements.A link is drawn to 7.4 in the additional note. This was done to show that the supplier approval, evaluation, and re-evaluation process is where evidence of controlled outsourced processes should be demonstrated.4.2.1References to records and documents were consolidated.Also, the organization can require records not specified in this international standard that are created and maintained.4.2.3Clarification is given to the requirement for outsourced documents. Only those needed for the planning and operation of the QMS need to be controlled. This could exclude documents related to occupational health and safety since ISO 9001 contains requirements only concerned with product (see 0.1).4.2.4Rephrased, but no additional clarifications or emphasis added. Editorial change only.5.5.2The management representative must be from the organization’s management. This would exclude consultants and other individuals external to the organization (e.g. a management representative from the corporate entity). The purpose of this is to ensure that this individual, entrusted with the responsibilities of championing the quality management system, is not “out of touch” with the organization.6.2.1The boundaries of competence only extend to individuals who impact product conformity. However, this does not just include those who are directly involved in production. The decisions made by management affect product conformity; therefore, they must be competent as well.
6.2.2If said personnel have not yet attained the competence needed to perform the assigned job, then the organization must provide training or some other remedy to ensure that competence is achieved. The organization must also have a mechanism to ensure that personnel have been evaluated based on how well they demonstrate their knowledge and skill (i.e. competence). It is not enough to merely provide training or consider an individual’s experience. The organization must prove to itself that this person can, in fact, perform.6.3Infrastructure also includes databases and information technology.6.4Emphasis is added in a note to highlight that the concept of “work environment” only extends to product quality.7.1 c“Measurement” is added.7.2.1“Post-delivery activity” is clarified in a note with examples.7.3.1A note emphasizes that design verification, validation, and review are different from one another and serve different purposes. Design review is where the organization evaluates if the design can meet requirements and if any changes need to be made. Design verification is where the organization has ensured that requirements have been met (e.g. is the widget blue and is it hexagonal?). Design validation is where the organization proves that the design can perform as required.However, the records of design verification, validation, and review do not have to be separate.7.3.3Production and service provisions also extend to how product is preserved, handled, etc., to ensure product conformity. See 7.5.1Design outputs must include requirements related to preservation. See 7.5.5.
7.5.2Notes were added to give examples of the types of processes where this requirement would apply along with a statement that service organizations should have additional considerations in the planning stages when deficiencies and conformity are not likely to be identified prior to delivery.7.5.3Product status must be identified throughout product realization, not just the final product. See 1.2.7.5.4Wording was modified to add clarity, but the intent of the requirement has not changed.7.5.5Again, emphasis is added that care must be given to preserving the product regardless of where it falls in the realization process.7.6An obsolete reference to another ISO document was replaced.The definition of “monitoring and measuring devices” has been clarified to include equipment and devices that are purposed for monitoring and measuring, regardless of their original or intended purpose.An additional note regarding software was added.8.2.2Document and record requirements were reworded and their placement modified to improve clarity.The reference to the auditing guidance document was updated (i.e. ISO 19011).
8.2.3Wording was modified to emphasize that correction and corrective actions are not only to be taken to preserve the conformity of the product, but also to preserve the quality management system. For example, internal rejection/scrap rates could show evidence that the organization is preserving product conformity and is taking intermediate action to prevent bad product from being shipped to their customers; however, it could also be a sign that the organization is not efficient since the higher rejection/scrap rates are undesirable.A note was added to clarify the meaning of “suitable methods” related to planning, monitoring and measurement processes. Suitability should be determined based on risk and the impact that nonconformity would have on the product or process.8.2.4Product can be released to other internal processes despite planned arrangements not being satisfactorily completed as long as it conforms prior to release to the customer. This relaxes requirements on intermediate inspection results and records.8.3Actions taken against nonconforming product must be proportional to its impact or potential impact. See 8.2.3 related to impact considerations for monitoring and measurement.This would mean that in the planning stages of a product, the organization needs to customize responses to nonconforming products based on the risk or potential risk to the organization.This requirement existed in ISO 9001:2000; however, its location has changed.
8.5.2Nonconformity can have multiple causes (“cause”; i.e. a singular reason, was used in the 2000 version); therefore, the organization must consider this when conducting root cause analysis.Also, it is not enough to simply review corrective action and ensure that procedures were changed, personnel have been re-trained, and that processes were amended. The organization must review whether or not the action(s) taken were effective; i.e. did they successfully eliminate the nonconforming condition?8.5.3Similar to the new emphasis on the effectiveness of corrective action, the organization must also document whether or not the preventive action(s) taken were effective in eliminating the risk of nonconformity.
ISO 9001 Standards Requirement – Product Realization
ISO 9001 Standards Requirement – Product Realization
Planning of Product RealizationPlan and develop the processes needed for product realization. Keep the planning consistent with other requirements of the quality management system and document it in a suitable form for the organization. Determine through the planning, as appropriate, the:Quality objectives and product requirementsNeed for processes, documents, and resourcesVerification, validation, monitoring, measurement, inspection, and test activitiesCriteria for product acceptanceRecords as evidence the processes and resulting product meet requirements
Customer-Related Processes
Determination of Requirements Related to the ProductDetermine customer requirements:Specified for the product (including delivery and post-delivery activities)Not specified for the product (but needed for specified or intended use, where known)Determine:Statutory and regulatory requirements applicable to the productAny additional requirements considered necessary by the organization
Review of Requirements Related to the ProductReview the product requirements before committing to supply the product to the customer in order to:Ensure product requirements are definedResolve any requirements differing from those previously expressedEnsure its ability to meet the requirementsMaintain the results of the review, and any subsequent follow-up actions. When the requirements are not documented, they must be confirmed before acceptance.If product requirements are changed, ensure relevant documents are amended and relevant personnel are made aware of the changed requirements.NOTE: In some situations, such as internet sales, a formal review is impractical for each order. Instead, the review can cover relevant product information such as catalogs or advertising material.
Customer CommunicationDetermine and implement effective arrangements for communicating with customers on:Product informationInquiries, contracts, or order handling (including amendments)Customer feedback (including customer complaints)
Planning of Product RealizationPlan and develop the processes needed for product realization. Keep the planning consistent with other requirements of the quality management system and document it in a suitable form for the organization. Determine through the planning, as appropriate, the:Quality objectives and product requirementsNeed for processes, documents, and resourcesVerification, validation, monitoring, measurement, inspection, and test activitiesCriteria for product acceptanceRecords as evidence the processes and resulting product meet requirements
Customer-Related Processes
Determination of Requirements Related to the ProductDetermine customer requirements:Specified for the product (including delivery and post-delivery activities)Not specified for the product (but needed for specified or intended use, where known)Determine:Statutory and regulatory requirements applicable to the productAny additional requirements considered necessary by the organization
Review of Requirements Related to the ProductReview the product requirements before committing to supply the product to the customer in order to:Ensure product requirements are definedResolve any requirements differing from those previously expressedEnsure its ability to meet the requirementsMaintain the results of the review, and any subsequent follow-up actions. When the requirements are not documented, they must be confirmed before acceptance.If product requirements are changed, ensure relevant documents are amended and relevant personnel are made aware of the changed requirements.NOTE: In some situations, such as internet sales, a formal review is impractical for each order. Instead, the review can cover relevant product information such as catalogs or advertising material.
Customer CommunicationDetermine and implement effective arrangements for communicating with customers on:Product informationInquiries, contracts, or order handling (including amendments)Customer feedback (including customer complaints)
ISO 9001 Standards Requirements – Design and Development
ISO 9001 Standards Requirements – Design and Development
Design and Development PlanningPlan and control the product design and development. This planning must determine the:Stages of design and developmentAppropriate review, verification, and validation activities for each stageResponsibility and authority for design and developmentThe interfaces between the different involved groups must be managed to ensure effective communication and the clear assignment of responsibility. Update, as appropriate, the planning output during design and development.NOTE: Design and development review, verification, and validation have distinct purposes. They can be conducted and recorded separately or in any combination, as deemed suitable for the product and the organization.
Design and Development InputsDetermine product requirement inputs and maintain records. The inputs must include:Functional and performance requirementsApplicable statutory and regulatory requirementsApplicable information derived from similar designsRequirements essential for design and developmentReview these inputs for adequacy. Resolve any incomplete, ambiguous, or conflicting requirements.
Design and Development OutputsDocument the outputs of the design and development process in a form suitable for verification against the inputs to the process. The outputs must:Meet design and development input requirementsProvide information for purchasing, production, and serviceContain or reference product acceptance criteriaDefine essential characteristics for safe and proper useBe approved before their release
Design and Development ReviewPerform systematic reviews of design and development at suitable stages in accordance with planned arrangements to:Evaluate the ability of the results to meet requirementsIdentify problems and propose any necessary actionsThe reviews must include representatives of the functions concerned with the stage being reviewed. Maintain the results of reviews and subsequent follow-up actions.
Design and Development VerificationPerform design and development verification in accordance with planned arrangements to ensure the output meets the design and development input requirements. Maintain the results of the verification and subsequent follow-up actions.
Design and Development ValidationPerform validation in accordance with planned arrangements to confirm the resulting product is capable of meeting the requirements for its specified application or intended use, where known. When practical, complete the validation before delivery or implementation of the product. Maintain the results of the validation and subsequent follow-up actions.
Control of Design and Development ChangesIdentify design and development changes and maintain records. Review, verify, and validate (as appropriate) the changes and approve them before implementation. Evaluate the changes in terms of their effect on constituent parts and products already delivered. Maintain the results of the change review and subsequent follow-up actions.
Design and Development PlanningPlan and control the product design and development. This planning must determine the:Stages of design and developmentAppropriate review, verification, and validation activities for each stageResponsibility and authority for design and developmentThe interfaces between the different involved groups must be managed to ensure effective communication and the clear assignment of responsibility. Update, as appropriate, the planning output during design and development.NOTE: Design and development review, verification, and validation have distinct purposes. They can be conducted and recorded separately or in any combination, as deemed suitable for the product and the organization.
Design and Development InputsDetermine product requirement inputs and maintain records. The inputs must include:Functional and performance requirementsApplicable statutory and regulatory requirementsApplicable information derived from similar designsRequirements essential for design and developmentReview these inputs for adequacy. Resolve any incomplete, ambiguous, or conflicting requirements.
Design and Development OutputsDocument the outputs of the design and development process in a form suitable for verification against the inputs to the process. The outputs must:Meet design and development input requirementsProvide information for purchasing, production, and serviceContain or reference product acceptance criteriaDefine essential characteristics for safe and proper useBe approved before their release
Design and Development ReviewPerform systematic reviews of design and development at suitable stages in accordance with planned arrangements to:Evaluate the ability of the results to meet requirementsIdentify problems and propose any necessary actionsThe reviews must include representatives of the functions concerned with the stage being reviewed. Maintain the results of reviews and subsequent follow-up actions.
Design and Development VerificationPerform design and development verification in accordance with planned arrangements to ensure the output meets the design and development input requirements. Maintain the results of the verification and subsequent follow-up actions.
Design and Development ValidationPerform validation in accordance with planned arrangements to confirm the resulting product is capable of meeting the requirements for its specified application or intended use, where known. When practical, complete the validation before delivery or implementation of the product. Maintain the results of the validation and subsequent follow-up actions.
Control of Design and Development ChangesIdentify design and development changes and maintain records. Review, verify, and validate (as appropriate) the changes and approve them before implementation. Evaluate the changes in terms of their effect on constituent parts and products already delivered. Maintain the results of the change review and subsequent follow-up actions.
What is a “document” In ISO 9001 Standard?
What is a “document” In ISO 9001 Standard?
The following are some of the main objectives of an organization’s documentation, independent of whether or not it has implemented a formal QMS;a) Communication of Information as a tool for information transmission and communication. The type and extent of the documentation will depend on the nature of the organization’s products and processes, the degree of formality of communication systems and the level of communication skills within the organization, and the organizational culture.b) Evidence of conformity provision of evidence that what was planned, has actually been done.c) Knowledge sharing to disseminate and preserve the organization’s experiences. A typical example would be a technical specification, which can be used as a base for design and development of a new product.A list of commonly used terms relating to documentation is presented in Annex A (taken from ISO 9000:2005). It must be stressed that, according to ISO 9001:2008 clause 4.2 Documentation requirements documents may be in any form or type of medium, and the definition of “document” in ISO 9000:2005 clause 3.7.2 gives the following examples:papermagneticelectronic or optical computer discphotographmaster sample
The following are some of the main objectives of an organization’s documentation, independent of whether or not it has implemented a formal QMS;a) Communication of Information as a tool for information transmission and communication. The type and extent of the documentation will depend on the nature of the organization’s products and processes, the degree of formality of communication systems and the level of communication skills within the organization, and the organizational culture.b) Evidence of conformity provision of evidence that what was planned, has actually been done.c) Knowledge sharing to disseminate and preserve the organization’s experiences. A typical example would be a technical specification, which can be used as a base for design and development of a new product.A list of commonly used terms relating to documentation is presented in Annex A (taken from ISO 9000:2005). It must be stressed that, according to ISO 9001:2008 clause 4.2 Documentation requirements documents may be in any form or type of medium, and the definition of “document” in ISO 9000:2005 clause 3.7.2 gives the following examples:papermagneticelectronic or optical computer discphotographmaster sample
Organizations preparing to implement a QMS For ISO 9001
Organizations preparing to implement a QMS For ISO 9001
For organizations that are in the process of implementing a QMS, and wish to meet the requirements of ISO 9001:2008, the following comments may be useful.For organizations that are in the process of implementing or have yet to implement a QMS, ISO 9001:2008 emphasizes a process approach. This includes:- Identifying the processes necessary for the effective implementation of the quality management system- understanding the interactions between these processes.- documenting the processes to the extent necessary to assure their effective operation and control. (It may beappropriate to document the processes using process maps. It is emphasized, however, that documented process maps are not a requirement of ISO 9001:2008.)These processes include the management, resource, product realization and measurement processes that are relevantto the effective operation of the QMS.Analysis of the processes should be the driving force for defining the amount of documentation needed for the quality management system, taking into account the requirements of ISO 9001:2008. It should not be the documentation that drives the processes.
For organizations that are in the process of implementing a QMS, and wish to meet the requirements of ISO 9001:2008, the following comments may be useful.For organizations that are in the process of implementing or have yet to implement a QMS, ISO 9001:2008 emphasizes a process approach. This includes:- Identifying the processes necessary for the effective implementation of the quality management system- understanding the interactions between these processes.- documenting the processes to the extent necessary to assure their effective operation and control. (It may beappropriate to document the processes using process maps. It is emphasized, however, that documented process maps are not a requirement of ISO 9001:2008.)These processes include the management, resource, product realization and measurement processes that are relevantto the effective operation of the QMS.Analysis of the processes should be the driving force for defining the amount of documentation needed for the quality management system, taking into account the requirements of ISO 9001:2008. It should not be the documentation that drives the processes.
Outsourced Processes In ISO 9000 Standards
Outsourced Processes In ISO 9001 Standards
One of the changes in ISO 9001:2008 is clarification of the role of outsourced processes in a quality management system. Guidance on ‘Outsourced processes’ helps clarify the intent and shows the linkage between Clause 4.2, where outsourced processes appear, and the purchasing controls in clause 7.4.An outsourced process is a process that the organization needs for its quality management system and is performed by an external party. This party could be another company, a corporate service, another division, etc.The organization needs to ensure the outsourced process is conducted in accordance with ISO 9001:2008 and other requirements of the quality management system. This brings in the purchasing controls of 7.4. The service may not be purchased in the traditional sense of a monetary transaction. The guidance document explains that the controls in clause 4.2 and 7.4 apply. For example, a “no charge” service from a corporate head office requires documentation of supplier selection and, most importantly, control.The guidance document addresses two important cases and gives guidance on the appropriate level of control. The cases are:• The organization has the competence and ability to carry out a process, but chooses to outsource it (for commercial or other reasons).• The organization does not have the competence to carry out the process itself, and chooses to outsource it
One of the changes in ISO 9001:2008 is clarification of the role of outsourced processes in a quality management system. Guidance on ‘Outsourced processes’ helps clarify the intent and shows the linkage between Clause 4.2, where outsourced processes appear, and the purchasing controls in clause 7.4.An outsourced process is a process that the organization needs for its quality management system and is performed by an external party. This party could be another company, a corporate service, another division, etc.The organization needs to ensure the outsourced process is conducted in accordance with ISO 9001:2008 and other requirements of the quality management system. This brings in the purchasing controls of 7.4. The service may not be purchased in the traditional sense of a monetary transaction. The guidance document explains that the controls in clause 4.2 and 7.4 apply. For example, a “no charge” service from a corporate head office requires documentation of supplier selection and, most importantly, control.The guidance document addresses two important cases and gives guidance on the appropriate level of control. The cases are:• The organization has the competence and ability to carry out a process, but chooses to outsource it (for commercial or other reasons).• The organization does not have the competence to carry out the process itself, and chooses to outsource it
Subscribe to:
Posts (Atom)