|
Keys to Quality Success Learn the new, lean approach to Quality Management Systems pdf file |
Profit from Quality Objectives Learn how meaningful objectives add to the bottom line pdf file |
Improve Your Internal Audits Confirm the effectiveness of your Quality Management System pdf file |
Understand Preventive Action Learn how to apply this powerful risk assessment technique pdf file |
FAQ 002: Who or What is ISO?
ISO (from
the Greek word isos meaning "equal")
is a network of 156
national standards bodies, based in Geneva, Switzerland. In
English, ISO stands for the International Standardization Organization.
ISO is a non-governmental organization: its members are not delegations of national governments. Consequently, ISO is able to act as a bridge between the requirements of business and the needs of consumers and users. Many of its member bodies are part of the governmental structure of their own countries, while other members are rooted in the private sector.
See ISO's FAQ page
FAQ 003: What is ISO 9000:2008?
ISO 9000 is a generic name given to a family of
quality management standards. ISO 9000 was revised in 2000. ISO 9001:2008, the approval standard, has 5 main sections:
- Quality Management System
- Management Responsibility
- Resource Management
- Product Realization
- Measurement Analysis and Improvement
The 2008 revision features a concept called the "process model". This means that you should
- Define what your organisation does (the normal small business model is Sales, Design, Purchasing, etc.)
- Draw a process model of your organisations activities.
- Understand how those processes inter-relate (eg are there any weak-links?).
- Decide who owns these processes and ensure they are trained and competent.
- Monitor and improve your quality system by internal audit, measuring customer satisfaction, etc.
FAQ 004: Is ISO 9001 Easy To Implement In A Small Business?
Implementing
ISO 9001 in a small business has never been easier.
Many people
used to talk about the high cost of implementing ISO 9000. Our approach:
Base your
quality system on what you are already doing.
The ISO 9000:2005 Committee say...
"ISO 9000:2005 has significantly reduced the documentation requirements and is much less prescriptive than the 1994 version of the standard.
It allows an organisation more flexibility in the way it chooses to document its quality management system (QMS).
This enables each individual organisation to develop the minimum amount of documentation needed in order to demonstrate the effective planning, operation and control of its processes and the implementation and continual improvement of the effectiveness of its QMS." (our emphasis)
Taken from Document N525 - you can download N525 from the ISO 9000 Committee.
FAQ 005: How Much Documentation Is Needed?
It is often wrongly assumed that the "safest way" is to
create ever more paperwork.
Unfortunately, many consultants are happy to oblige with over-documented
and out-dated solutions.
When you understand that ISO 9000:2005 is fundamentally different from ISO 9000:1994 you realise that your normal business practices already meet most of what ISO 9001 requires and the few additional requirements are aimed at improving business performance and customer satisfaction.
ISO 9000:2005 defines a procedure as a "specified way to carry out an activity or a process", which does not necessarily have to be documented. You simply have to demonstrate that you meet the requirements.
Auditors now verify this by reviewing your records and interviewing staff to ensure consistency.
ISO 9001:2008 requires a
Quality
Manual,
ISO 9001 Procedures, a
quality policy,
quality objectives and "other
documents" you require to plan, operate and control your business processes:
The traditional method of controlling a process is to
write a procedure. Typically, procedures will be ‘text based', comprise a number
of pages broken down into paragraphs that direct the reader to
perform certain tasks.
Alternatively, they may be in the form of flowcharts
which generally contain less specific information but are easier for the reader
to obtain a quick ‘snapshot' of what is happening in the process. Flowcharts may
be backed up by text if the process is complex.
An equally valid method for controlling a
process is the use of software. e.g. the sales department may have
software that ‘drives' the order system and provides the necessary
controls.
Typically, software prompts staff to input the correct information in appropriate fields, and throws up an error message if incorrect data is entered.
Why have a documented procedure defining how to perform this task? It is more appropriate to train people to use the software. You must then review performance to evaluate their competence.
Smart Forms are another alternative. Smart forms which
contain enough information to help ensure that the activity is performed
correctly can be used to provide the necessary control.
FAQ 006: Why Do I Need
ISO 9000?
Approval
is often a pre-requisite when bidding for major contracts and government
work
Whether you wish to operate internationally or to expand locally ISO 9001:2008 approval will help demonstrate to your customers that you have a commitment to quality.
The approval and assessment process ISO 9001 can help you improve overall performance and widen business opportunities.
FAQ 007: How Do I Implement ISO 9001?
These are key steps
for anyone implementing ISO 9000:2005:
Training, support literature and softwareThere are a wide range of quality publications, training courses and software tools designed to explain the 2000 standard and help you understand, implement and become registered to ISO 9001:2008.
You should begin by preparing your organisational strategy with top management. Responsibility for a QMS lies with Senior Management, therefore it is vital that Top Management are involved from the start.
Do I Need a Consultant?You can receive advice from independent consultants on how to implement your quality management system. Or you can do it yourself using our products and free White Papers which explain ISO 9001:2008 and provide a realistic, small business model.
Choose a registrarThe registrar (certification body) is the 3rd party who will assess your quality management system, and issue a certificate if it meets the requirements of ISO 9001:2008. In choosing a registrar you should consider industry experience, geographic coverage, price and service level offered.
The key is to find a registrar who can meet your requirements.
Get information on potential UK certification bodies
http://www.ukas.org.
NOTE: Accreditation Bodies audit and "accredit" the Certification Bodies who audit and "certify" you.
Write your Quality
Manual
A Quality Manual is a high level document that outlines your quality management system. It outlines how you apply ISO 9001:2008 to your business activities.
Develop QMS Procedures
and
ISO 9001 ProceduresThere is usually a procedures manual that supports the Quality Manual. Quite simply, it outlines what you do to complete a task. It describes who does what, in what order and to what standard.
Implement your Quality Management SystemThe key to implementation is communication and training. During the implementation phase everyone operates to the procedures and collects records that demonstrate you are doing what you say you do. Carry out internal audits and management review
Pre-assessmentA pre-assessment by your registrar normally takes place about 6 weeks before Registration (at extra cost). The purpose of the pre-assessment is to identify areas where you may not be operating to the standard. This allows you to correct any areas of concern before assessment (registration).
ISO 9001 Registration
You should arrange your initial assessment with your registrar. At this
point the registrar will review your QMS (by interviewing staff, observing
activities and checking records) to decide whether you should
be recommended for Registration.
Continual assessment
Once you have received Registration and been awarded your certificate, you
can begin to advertise your success and promote your business. To maintain
your Registration, you need to continue to use and
review your quality
system. This will be periodically checked by your registrar to ensure that
your Quality System continues to meet the requirements of the standard.
FAQ 008: Tell Me About Costs & Timescales
Costs and timescales vary depending on the size of the organization, the nature of your business and what controls you already have in place
Assuming you are
- a small business (say around 20 staff),
- doing fairly straightforward things (eg stockholding and distribution)
- with networked PC's and Smart Forms
Then you should be able to set-up your QMS in 6 to 12 months, following the project plan in FAQ 007.
Fees vary from one Certification Body (Registrar)
to another and from one country to another.
In the UK, the typical fee would be around £2000 GBP (approx. US$ 3500, €uro 2600) for the initial audit and certification and around £1500 GBP (US$ 2600, €uro 2100) per year for surveillance visits.
FAQ 009: What Does Registration Mean?
Registration to ISO 9000 takes place when an accredited
3rd party visits you,
assesses your management system and issues a certificate to show that the
organisation meets the requirements of ISO 9001:2008.
Your ISO 9001 certificate is a sign of acceptability which saves you from having to prove your quality standards to demanding customers. ISO 9000 is an international language.
FAQ 010: How Do I Choose a Registrar?
In additional to asking about fees and timescales you should
ask the following questions:
Are they authorized to issue certificates in your industry? How many have
they issued?
-
initial assessment process
-
certification audit process
-
surveillance audits (eg are they by appointment? what is the usual length of notice?, how many per year, etc.)
-
how you an check an individual auditors' credentials before (or at the start of) an audit.
- Non-conformances in your QMS - eg how can you get a second opinion?
- Complaints about their service - always remember -- you are their customer
- Withdrawing your certificate - your certificate can be removed if you continually fail to meet requirements