ISO 9001 Systems
Saturday, December 24, 2011
Sunday, June 27, 2010
Management Review IN ISO 9001 Standard
One of the most important factors in determining the success of an ISO 9001 implementation is management commitment and management understanding of what makes a good quality systems. Our turnkey Quality Management System (QMS) gives you everything you need to educate your entire company from top to bottom.
Management review is one of the key elements to building a sustainable quality system. To do this, management must be committed. This means that the management must do more than just say they are committed, they must allocate the resources to make sure that the company can continuously improve quality. Most quality systems fail from the top down! That is why external auditor almost always review the management review documentation every audit. External ISO 9001 auditors look for this commitment by evaluating the management review records. Management reviews should focus on both the quality of the products and the quality of the QMS. In general, it is very simple to maintain compliance of the management review portion of the standard. It can be done with a simple notebook that is maintained as a quality record. The Management review procedure includes a list of documentation that should be included in management review meeting. Management reviews should be done a least once per year and auditors like to see them quarterly.
Under ISO 9001, executive management has defined responsibilities. Although most of the work required to implement and maintain ISO certification is done below the executive level, ISO requires involve of personnel at the top of the organization.
It is the leader of an organization that set the goals and objectives for the quality of the company. It is also the leader that assigns resources (responsibility and authority) throughout the organization. Because of this, the leaders must be kept aware of the status of the quality system and product/service quality so they make good decision.
Much of how the company accomplishes these tasks is covered in the quality manual. Here are the 8 areas that should be address in the quality system to assure compliance to the ISO standard.
Top Management must:
Show A Commitment To The Customer
This requirement includes maintain records showing their commitment to the a customer focus, the quality system and the continuous improvement system. The use of a customer survey program is an excellent way to meet the ISO requirements for a customer focus. It is also an excellent way to keep in touch with your customers.
Make Quality Important
This includes communicating to the organization the importance of meeting the customer regulatory, legal needs as well as their produce or service needs (customer focus). Training and posting quality information around the building can do this.
Establish A Quality Policy
This should include a concise quality statement in conjunction with quality goals and a quality manual. The policy verbiage should include a commitment to continuous improvement. This information must be communicated to and understood by the entire organization.
Establish, Monitor And Update Quality objectives
These objectives should be measurable and should be relevant to all levels of the company. I recommend that they be publicly posted where everyone can see them and their status may also be posted.
Assign Resources
Ensure that resources are available to achieve the quality goals. This is the area where many companies do not meet the requirements but it is very hard to audit this general statement. Resources should be identified and planned. Planning includes manuals, procedure, work instructions and quality plans.
Assign Responsibility And Authority
Ensure that responsibilities and authorities are assigned and communicated to individuals. Responsibilities can be assigned as part of the personnel records ( see training summary sheet). Having authority means that the individual must be empowered to make changes.
Designate A Management Representative
This person will report the QMS status at periodic management reviews and promote awareness of the importance of meeting the customers needs. This is usually the quality, engineering or production manager.
Conduct Periodic Management Reviews
Management review meetings should include inputs from audits, customer feedback, process performance analysis, preventive and corrective actions system, follow-up from previous management meetings and areas for improvement. The output from the management reviews should include resource assignments, action targeting improvement of the products, processes and QMS.
The records for the management review are frequently audited so I recommend keeping a organized notebook with tabs for each management review. The creation of a check sheet (listing all the reports to be shown to top management) will make this periodic task simple to maintain. The check sheet can also be used to keep track of attendance and log feedback that is generated during the meeting.
Wednesday, May 5, 2010
FAQs On ISO 9001 Standards
FAQs On ISO 9001 Standards
What is ISO?
The International Organization for Standardization (ISO) was established in 1947 and is (currently) an association
of approximately 157 members, which each represent their own country. ISO employs a system of Technical
Committees, Sub-committees and Working Groups to develop International Standards. Besides the National
Standards Bodies, ISO permits other international organizations that develop standards to participate in its work,
by accepting them as Liaison members. ISO works in accordance with an agreed set of rules of procedure, the
ISO/IEC Directives, which also include requirements on the presentation of standards.
What are the ISO 9000 standards ?
The ISO 9000 standards are a collection of formal International Standards, Technical Specifications, Technical
Reports, Handbooks and web based documents on Quality Management. There are approximately 25 documents
in the collection altogether, with new or revised documents being developed on an ongoing basis.
(It should be noted that many of the International Standards in the ISO 9000 family are numbered in the ISO
10000 range.)
Who is responsible for developing the ISO 9000 standards?
ISO Technical Committee (TC) number 176 (ISO/TC 176), and its Sub-committees, are responsible for the
development of the standards. The work is conducted on the basis of “consensus” among quality and industry
experts nominated by the National Standards Bodies, representing a wide range of interested parties.
Where can copies of the standards be obtained?
Copies of the standards may be purchased from your National Standards Body or ISO 9000 store like http://www.iso9001store.com
Where can copies of the supporting ISO 9000 guidance notes or other documents be found ?
Copies of the ISO 9000 Introduction and Support Package modules:
- Guidance on ISO 9001:2008 Sub-clause 1.2 ‘Application’
- Guidance on the Documentation Requirements of ISO 9001:2008
- Guidance on the Terminology used in ISO 9001 and ISO 9004
- Guidance on the Concept and Use of the Process Approach for management systems
- Guidance on ‘Outsourced Processes’
as well as details of the Quality Management Principles can be found at: www.iso.org/tc176/sc2
Copies of the ISO 9001 Auditing Practices Group guidance notes.
Where can information be obtained on the ISO 9001 standards?
There are a number of sources of information on the ISO 9000 quality management system standards, including
ISO’s web site (www.iso.org), which carry information on the standards. Your National Standards Body should be
able to provide copies of the standards, and registrars/certification bodies will be able to provide guidance on
registration arrangements.
Why are the standards being revised?
ISO’s formal review process:
- Requires continual review to keep standards up to date. Must be initiated within 3 years of publication of a standard.
User inputs from:
- A global user questionnaire/survey
- A market Justification Study
- Suggestions arising from the interpretation process
- Opportunities for increased compatibility with ISO 14001
- The need for greater clarity, ease of use, and improved translation
Current trends:
- Keeping up with recent developments in management system practices.
Who is responsible for revising the standards?
The revision process is the responsibility of ISO Technical Committee no.176, Sub-committee no.2 (ISO/TC 176/SC 2) and is conducted on the basis of consensus among quality and industry experts nominated by ISO Member bodies, and representing all interested parties.
When will the revised standards be available?
The revised quality management system standards (ISO 9000, 9001 and 9004) are scheduled as follows:
- ISO 9000:2005 already published – no major changes expected for 2009
- Current plan is for small changes to ISO 9001 (an “amendment”) to be published in November 2008.
- More significant changes are planned for ISO 9004 (a “revision”) to be published in mid 2009.
How much is the implementation of the new standard going to cost?
One of the goals of ISO/TC 176/SC 2 is to produce standards that will minimize any potential costs during a smooth implementation. Any additional costs may be considered as a value-adding investment. A key factor in the development of ISO 9001:2008 was to limit the impact of changes on users.
Will my organization have to re-write all its documentation?
No. ISO 9001:2008 doesn’t introduce major changes to the requirements, when compared to ISO 9001:2000. However, to benefit from the changes, we suggest you get acquainted with the new version of the standard and the clarifications introduced. If, during your analysis of the clarifications you find there are differences from your current interpretation of ISO 9001:2000, then you should analyse the impact on your current documentation and make the necessary arrangements to update it. It is intended that the amendment of ISO 9001 will have minimal or no impacts on documentation.
Will the revised standards address financial issues?
Financial issues are not addressed in ISO 9001:2008, which is a requirements standard. The ISO 10014:2006 and ISO 9004:2000, Guidelines for performance improvements standards will emphasize the financial resources needed for the implementation and improvement of a quality management system.
What are the benefits of the revised standards?
For ISO 9001:2008 the major benefits are:
- Simple to use
- Clear in language
- Readily translatable and easily understandable
- Compatibility with other management systems such as ISO 14001.
For ISO 9004:
- Facilitates improvement in users’ quality management systems.
- Provides guidance to an organization for the creation of a quality management system that:
- creates value for its customers, via the products it provides
- creates value for all other interested parties
- balances all interested-party viewpoints.
- Provides guidance for managers on leading their organization towards sustained success.
- Forward compatibility to allow organizations to build on existing quality management systems.
What are the main changes in ISO 9001:2008?
ISO 9001:2008 has been developed in order to introduce clarifications to the existing requirements of ISO 9001:2000 and changes that are intended to improve compatibility with ISO 14001:2004. ISO 9001:2008 does not introduce additional requirements nor does it change the intent of the ISO 9001:2000 standard.
Certification to ISO 9001:2008 is not an “upgrade”, and organizations that are certified to ISO 9001:2000 should be afforded the same status as those who have already received a new certificate to ISO 9001:2008
What are the main benefits to be derived from implementing an ISO 9000 quality management system?
The ISO 9000 standards give organizations an opportunity to increase value to their activities and to improve their performance continually, by focusing on their major processes. The standards place great emphasis on making quality management systems closer to the processes of organizations and on continual improvement. As a result, they direct users to the achievement of business results, including the satisfaction of customers and other interested parties.
The management of an organization should be able to view the adoption of the quality management system standards as a profitable business investment, not just as a required certification issue.
Among the perceived benefits of using the standards are:
- The connection of quality management systems to organizational processes
- The encouragement of a natural progression towards improved organizational performance, via:
- the use of the Quality Management Principles
- the adoption of a “process approach”
- emphasis of the role of top management
- requirements for the establishment of measurable objectives at relevant functions and levels
- being orientated toward “continual improvement” and “customer satisfaction”, including the monitoring of information on “customer satisfaction” as a measure of system performance.
- measurement of the quality management system, processes, and product
- consideration of statutory and regulatory requirements.
- attention to resource availability
How will the implementation of the amended standard help my organization to improve its efficiency?
ISO 9001:2008 aims at guaranteeing the effectiveness (but not necessarily the efficiency) of the organization. For improved organizational efficiency, however, the best results can be obtained by using ISO 9004 in addition to ISO 9001:2008. The guiding quality management principles are intended to assist an organization in continual improvement, which should lead to efficiencies throughout the organization.
What benefits are there to an organization implementing ISO 9004 ?
If a quality management system is appropriately implemented, utilizing the eight Quality Management Principles, and in accordance with ISO 9004, all of an organization’s interested parties should benefit. For example:
Customers and users will benefit by receiving the products (see ISO 9000:2005, Fundamentals and vocabulary) that are:
- Conforming to the requirements
- Dependable and reliable
- Available when needed
- Maintainable
People in the organization will benefit by:
- Better working conditions
- Increased job satisfaction
- Improved health and safety
- Improved morale
- Improved stability of employment
Owners and investors will benefit by:
- Increased return on investment
- Improved operational results
- Increased market share
- Increased profits
Suppliers and partners will benefit by:
- Stability
- Growth
- Partnership and mutual understanding
Society will benefit by:
- Fulfilment of legal and regulatory requirements
- Improved health and safety
- Reduced environmental impact
- Increased security
Are the standards compatible with national quality award criteria?
The standards are based on 8 Quality Management Principles, which are aligned with the philosophy and objectives of most quality award programs. These principles are:
- Customer focus,
- Leadership,
- Involvement of people,
- Process approach,
- System approach to management,
- Continual improvement,
- Factual approach to decision making, and
- Mutually beneficial supplier relationships.
ISO 9004 recommends that organizations perform self-assessments as part of their management of systems and processes, and includes an annex giving guidance on this approach. This is similar to many quality awards programmes.
Why is the requirement for monitoring “customer satisfaction” included in ISO 9001?
“Customer satisfaction” is recognized as one of the driving criteria for any organization. In order to evaluate if a product meets customer needs and expectations, it is necessary to monitor the extent of customer satisfaction.
Improvements can be made by taking action to address any identified issues and concerns.
Can the standards improve “customer satisfaction”?
The quality management system details that are described in the standards are based on Quality Management Principles that include the “process approach” and “customer focus”. The adoption of these principles should provide customers with a higher level of confidence that products will meet their needs and increase their satisfaction.
What is meant by “continual improvement”?
Continual improvement is the process focused on continually increasing the effectiveness and/or efficiency of the organization to fulfil its policies and objectives. Continual improvement (where “continual” highlights that an improvement process requires progressive consolidation steps) responds to the growing needs and expectations of the customers and ensures a dynamic evolution of the quality management system.
What is a process?
Any activity or operation, which receives inputs and converts them to outputs, can be considered as a process. Almost all activities and operations involved in generating a product or providing a service are processes. For organizations to function, they have to define and manage numerous inter-linked processes. Often the output from one process will directly form the input into the next process. The systematic identification and management of the various processes employed within an organization, and particularly the interactions between such processes, may be referred to as the ‘process approach’ to management.
What is the “process approach”?
The “process approach” is a way of obtaining a desired result, by managing activities and related resources as a process. The “process approach” is a key element of the ISO 9000 standards. For further guidance, please refer to the ISO 9000 Introduction and Support Package module: Guidance on the Concept and Use of the Process Approach for management systems.
Can the “process approach” be applied to other management systems?
Yes. The “process approach” is a generic management principle, which can enhance an organization’s effectiveness and efficiency in achieving defined objectives.
How can the PDCA cycle be used in the “process approach”?
The PDCA cycle is an established, logical, method that can be used to improve a process.
This requires:
(P) planning (what to do and how to do it),
(D) executing the plan (do what was planned),
(C) checking the results (did things happened according to plan) and
(A) act to improve the process (how to improve next time).
The PDCA cycle can be applied within an individual process, or across a group of processes.
Can any organization apply the “process approach”?
Yes. Many organizations already apply a “process approach” without recognizing it. They could achieve additional benefits by understanding and controlling it.
Why should an organization apply the “process approach”?
By applying the “process approach” an organization should be able to obtain the following types of benefits:
- The integration and alignment of its processes to enable the achievement of its planned results.
- An ability to focus effort on process effectiveness and efficiency.
- An increase in the confidence of customers and other interested parties as to the consistent performance of the
organization.
- Transparency of operations within the organization.
- Lower costs and shorter cycle times through effective and efficient use of resources.
- Improved, consistent and predictable results.
- The identification of opportunities for focused and prioritized improvement initiatives.
- The encouragement and involvement of people, and the clarification of their responsibilities.
- The elimination of barriers between different functional units and the unification of their focus to the objectives
of the organization.
- Improved management of process interfaces.
What is meant by the “sequence” of processes and their “interactions”?
The “sequence” of processes shows how the processes follow, or link, to each other to result in a final output.
For example, the output from one process may become the input of the next process or processes.
The “interactions” show how each process affects or influences one or more of the other processes. For example,
the monitoring or controlling of a process may be established in a separate process.
How can the processes in an organization be determined?
Identify the organization’s intended outputs, and the processes needed for achieving them. These will need to
include processes for Management, Resources, Realization and Measurement and Improvement.
- Identify all process inputs and outputs, along with the suppliers and customers, who may be internal or
external.
- Identify the sequence and interactions of the processes.
Should an organization define and document all its processes?
The main purpose of documentation is to enable the consistent and stable operation of an organization’s
processes.
Although statutory, standards’ or customer requirements may require certain documentation, there is no defined
“catalogue”, or list of processes that has to be documented in ISO 9001, apart from the 6 indicated ones.
The organization should determine which processes are to be documented on the basis of:
- The size of the organization and type of its activities,
- The complexity of its processes and their interactions,
- The criticality of the processes and
- Availability of competent personnel.
A number of different methods can be used to document processes, such as graphical representations, written
instructions, checklists, flow charts, visual media, or electronic methods.
How much detail is required in process documentation?
The extent of detail is likely to depend upon factors such as:
- the size of an organisation and its types of activities,
- the complexity of its processes and their interactions, and
- the competence (level of education, training, skills and experience) of its personnel.
What is the difference between a “process” and a “procedure”?
A “process” may be explained as a set of interacting or interrelated activities, which are employed to add value. A
“procedure” is a method of describing the way or How in which all or part of that process activities shall/should be
performed.
ISO 9000:2005 defines a procedure as a “specified way to carry out an activity or a process”, which does not
necessarily have to be documented.
An organization has a well-established set of procedures. Can these procedures be used to help
describe its processes?
Yes, if the procedures describe inputs and outputs, appropriate responsibilities, controls and resources needed to satisfy customer requirements.
What documentation is required by ISO 9001?
ISO 9001:2008 refers specifically to only 6 documented procedures; however, other documentation (including more documented procedures not specifically mentioned in ISO 9001:2008) may be required by an organization, in order to manage the processes that are necessary for the effective operation of the quality management system. This will vary depending on the size of the organization, the kind of activities in which it is involved and their complexity. For further guidance, please also refer to the ISO 9000 Introduction and Support Package module “Guidance on the Documentation Requirements of ISO 9001:2008″
What does an organization need to do to comply with ISO 9001?
When initially starting to use ISO 9001, an organization should familiarize its personnel with the Quality Management Principles, analyze the standards (especially ISO 9000 and ISO 9004), and consider how their guidance and requirements may affect your activities and related processes. If it then wishes to proceed to registration/certification, it should perform a gap analysis against the requirements of ISO 9001 to determine where its current quality management system does not address the applicable ISO 9001:2008 requirements, before developing and implementing additional processes to ensure that compliance will be achieved.
What will happen to the 2000 version of ISO 9001?
ISO 9001:2008 will supersede ISO 9001:2000 However, noting the IAF/ISO-CASCO/ISO TC176 agreement that accredited certification to the 2000 edition should remain possible for up to 2 years after the publication of ISO 9001:2008, copies of the 2000 edition will still be available on request from ISO and the national standards bodies during that period, and possibly for even longer.
Can organizations remain certified/registered to the 2000 version?
Yes. Certification to ISO 9001:2008 is not an “upgrade”, and organizations that are certified to ISO 9001:2000 should be afforded the same status as those who have already received a new certificate to ISO 9001:2008. However, certificates to ISO 9001:2000 will only remain valid until 2 years after the publication of ISO 9001:2008. Contact your certification/registration body to get details on the certificates transition process.
What will happen to the other standards and documents in the current (2000) ISO 9000 family?
The four primary standards of the current ISO 9000 family are the following:
- ISO 9000:2005 already published – no major changes expected for 2009
- ISO 9001:2000 to be superseded by ISO 9001:2008
- More significant changes are planned for ISO 9004 with a planned publication date of late 2009.
- ISO 19011:2002 is currently beginning the revision process, with a new version expected in 2011.
The other standards and documents will be reviewed and updated as necessary
Monday, April 5, 2010
ISO 9001 Quality Management System Requirements
Quality Management System Requirements
The ISO 9001:2008 standard is meant to be generic and applicable to all kinds of organizations. Therefore, organizations from both the public and private sectors, including non-governmental organizations can benefit from the ISO 9001 quality management system model, regardless of whether they are small, medium or large organizations. The immediate benefit that can be realized from the implementation of ISO 9001 is the collective alignment of the activities of internal processes that are focused towards the enhancement of customer satisfaction which will result in many other benefits, whether internal or external. The magnitude of these benefits are determined by how effective the processes are in achieving its objectives.
Document Review In ISO 9000 Standards
Document Review In ISO 9000 Standards
The ISO 9000 Standard requires that documents be reviewed.
Previously the implication was that the review was a check by potential users that the document was fit for purpose before it was offered for approval. It could be construed that for a document to receive approval it must be checked and therefore review and approval in this context are one and the same and the requirement is in this instance enhanced rather than relaxed.
A review is another look at something. Therefore document review is a task that is carried out at any time following the issue of a document.
This requirement responds to the Continual Improvement principle.
Reviews may be necessary when:
- Taking remedial action (i.e. Correcting an error)
- Taking corrective action (i.e. Preventing an error recurring)
- Taking preventive action (i.e. Preventing the occurrence of an error)
- Taking maintenance action (i.e. Keeping information current)
- Validating a document for use (i.e. When selecting documents for use in connection with a project, product, contract or other application)
- Taking improvement action (i.e. Making beneficial change to the information)
Reviews may be random or periodic. Random reviews are reactive and arise from an error or a change that is either planned or unplanned. Periodic reviews are proactive and could be scheduled once each year to review the policies, processes, products, procedures, specification etc. for continued suitability. In this way obsolete documents are culled from the system. However, if the system is being properly maintained there should be no outdated information
available in the user domain. Whenever a new process or a modified process in installed the redundant elements including documentation and equipment should be disposed of.
Saturday, January 16, 2010
Origin Of ISO 9001 Standards
history that follows is in no way comprehensive but is intended to illustrate
four things:
1. that ISO 9001 standards are an ancient concept that survived several millennia;
that a means of verifying compliance often follows the setting of
standards;
2. that the formalizing of working practices is centuries old and seen as a
means to consistently meet standards;
3. that market regulation (relative to the standard of goods and services) has
been around for centuries for the protection of both craftsmen and
traders.
4. ISO 9001 is a symptom of practices that were around centuries before anyone
coined the term quality management. It is in some respects a natural
progression that will continue to evolve. The story is told from a British
viewpoint.
ISO 9001 grew out of BS 5750, a standard published by the British Standards Institution (BSI) in 1979. Initially, it was used only in manufacturing industries. ISO 9000 is now employed across a variety of other types of businesses. It is a set of international standards of quality management systems. ISO 9000 has been accepted by more than 100 countries as their national quality assurance standard by the end of 1997.
The history of ISO 9000 Standards dates back to Mil-Q-9858a, the first quality standard for military procurement established in 1959 by the US. By 1962, NASA (National Aeronautics and Space Administration) developed its quality system requirements for suppliers. In 1965, NATO (North Atlantic Treaty Organization) accepted the AQAP (allied quality assurance procedures) specifications for the procurement of equipments.
During the 1970s, BSI published BS 9000 (the first UK standard for quality assurance) and BS 5179 (guidelines for quality assurance) norms. In 1979, it created BS 5750, a series of standards for use by manufacturing companies. They were enforced through assessments and audits. In 1988, ISO (International Standards Organization) adopted the BS 5750 standard without changes and published it globally under the name ISO 9000. The ISO adopted this standard with a view to create an international definition of the necessary characteristics of a quality system for all businesses, regardless of industry. In 1994, the ISO revised the ISO 9000 standard and published it globally.
In the beginning, ISO 9000 was implemented exclusively by large companies. But by mid-1990s, small and mid-sized companies began to increasingly implement these standards. In the United States, the total number of registrations increased from a little more than 2,200 in 1993 to more than 17,000 in 1998. Of these 17,000 registrations, almost 60 percent were held by businesses with annual sales of $100 million or less.