ISO 9000 Keys to Success

Are You Responsible for ISO 9000 ?

In this paper, we aim show you the intent behind the Standards, and what the requirements really are.

 • It includes a detailed introduction to ISO 9000:2000

 • An extensive list of tips including links to free information

 • And our proven project plan.

With our knowledge you can avoid complicating an otherwise simple tool. Only by ensuring a minimal amount of time is spent on administrative tasks, can the true power of your quality system deliver real business benefits.

Q: ISO 9000:2000 - What's Todays Biggest Problem ?

A: It is often wrongly assumed that the "safest way" is to create ever more paperwork.

Unfortunately, many consultants are happy to oblige with over-documented and out-dated solutions.

When you understand that ISO 9000:2000 is fundamentally different from ISO 9000:1994 you realise that your normal business practices already meet most of what ISO 9001 requires and the few additional requirements are aimed at improving business performance and customer satisfaction.

ISO 9000:2000 defines a procedure as a "specified way to carry out an activity or a process", which does not necessarily have to be documented. You simply have to demonstrate that you meet the requirements.

Auditors now verify this by reviewing your records and interviewing staff to ensure a level of consistency.

Many people talk about the high cost of implementing ISO 9000. Our approach: Base your quality system on what you are already doing.

The ISO 9000:2000 Committee say...

"ISO 9001:2000 has significantly reduced the documentation requirements and is much less prescriptive than the 1994 version of the standard.

It allows an organization more flexibility in the way it chooses to document its quality management system (QMS).

This enables each individual organization to develop the minimum amount of documentation needed in order to demonstrate the effective planning, operation and control of its processes and the implementation and continual improvement of the effectiveness of its QMS."

Taken from Document N525 (my emphasis) - you can download N525 from the ISO 9000 Committee

To Your Success !

Stephanie Keen

Stephanie Keen

Managing Partner
ISONavigator Management Systems

E-mail info@iso9001help.co.uk  

Web http://www.iso9001help.co.uk 

Use the menu and your browsers BACK button to navigate this page

What Are The Benefits of CD 9000 & QM 9001?

Introducing CD 9000 and QM 9001 Streamlined Quality System Solutions Designed for Small Business

The unique combination of ease of use, practical guidance and exceptional value for money makes CD 9000 the best all-in-one solution for your business. We've worked hard to make CD 9000 easy to use - see our screenshots http://www.iso9001help.co.uk/screenshots.htm

CD 9000 features Self-directed Training Software that Provides You with Detailed Explanations of ISO 9001:2000 and Practical Guidance INCLUDING Proven Templates to Speed the Development of Your ISO 9001 Quality Policy, Quality Manual and Mandatory QMS Procedures

• meet all ISO 9001:2000 requirements
• free from excessive paperwork
• intuitive, easy to use & easy to customize
• years of experience on your desktop

For the more experienced user QM 9001 is the Quality & Procedure module from CD 9000, but excludes the training database.

Use CD 9000 or QM 9001 to develop a flexible and sophisticated Quality Management solution.
 
I believe in the quality of our products, and offer an unconditional guarantee. If you purchase our products and are not satisfied, contact us within 14 days of purchase for an immediate refund. 

That's more than a guarantee, that's my personal promise.

HOW TO ORDER

There are 3 easy ways to order -

• Secure, online Credit Card payment and instant download from our server
• E-mail us your Purchase Order number and billing address, we send you a link to our download page
• E-mail us your Purchase Order number and billing address, we mail you CD-ROM

Order On-line And Let's Get Started...

ISO 9000:2000 Series Overview

History

ISO 9000 is a series of quality management systems standards created by the International Organization for Standardisation (ISO), a federation of 132 national standards bodies.

The ISO 9000 quality management systems (QMS) Standards are not specific to products or services, but apply to the processes that create them.

The Standards are generic in nature so that they can be used by both manufacturing and service industries. First released in 1987 and revised in a limited manner in 1994, they underwent a major revision in 2000.

The approval Standard, ISO 9001:2000, uses a simple process-based structure, which is fits easily the process management structure of most businesses.

ISO 9000 Introduction

ISO 9000 has evolved into a Standard designed to assist organisations in achieving 'quality' whilst helping to assure customers that quality will be achieved. Whatever definition you choose to use for quality, and there are many, it is essential that your customers are happy with the product/service being supplied. ISO 9000 is intended to assist that aim by helping to ensure that the product/service is right - for both the organisation itself and its customers.

The poor implementation of the 1994 series resulted in many people claiming that the Standards did not prevent organisations producing sub-standard product. The 2000 edition clearly requires organisations to satisfy their customers and undertake continual improvement of their quality management systems therefore compliance with ISO 9001:2000 should result in significant benefits for organisations and their customers.

The ISO 9000:2000 series consists of

• ISO 9000:2005 - Fundamentals and vocabulary
• ISO 9001:2000 - Requirements
• ISO 9004:2000 - Guidelines for performance improvement

ISO 9000:2005 Fundamentals and vocabulary

ISO 9000 is an introduction to the philosophy of quality management and also contains the definitions used in ISO 9001 and ISO 9004. It also contains the 8 management principles which provide the foundation for the ISO 9000 series of Standards. These are:

• Customer focus
• Leadership
• The involvement of people
• Process approach
• System approach to management
• Continual improvement
• A factual approach to decision making
• Mutually beneficial supplier relationships

These principles are NOT elements against which the organisation can be directly assessed but their influence can be seen throughout the Standard. They should be considered by any organisation wishing to comply with the spirit, as well as the text of ISO 9001.

ISO 9001:2000 Requirements

ISO 9001 is the only part of the ISO 9000 family against which an organisation can become certified. 

ISO 9002 and ISO 9003 became obsolete in December 2000.

ISO 9001 contains all of the requirements which an organisation must address within their Quality Management System (QMS) if they wish to be certified against the Standard. The majority of these requirements would be identified by many organisations as 'common sense' topics which they would want to address in order to run their business well eg sales, design, purchasing, training, calibration of test equipment, control of records.

ISO 9001 is written by a committee (TC 176) and is designed for use in any type of organisation. This inevitably means that there are compromises in the wording of the Standard and some interpretation is often needed.

There are 8 sections in ISO 9001:

1. Scope
2. References
3 .Terms and definitions
4. Quality management system
5. Management responsibility
6. Resource management
7. Product realisation
8. Measurement, analysis and improvement

It is sections 4, 5, 6, 7 & 8 which contain the Requirements themselves and organisations wishing to be certified against ISO 9001 will need to demonstrate that they have addressed all of these requirements.

There are over 250 individual requirements in ISO 9001 that can be condensed into five key statements.

The organisation shall:

• Determine the needs and expectations of customers
• Establish policies, objectives and a work environment necessary to motivate people to satisfy these needs
• Design, resource and manage a system of inter-related processes to implement the policy and attain the objectives
• Measure and analyse the effectiveness of each process in fulfilling its objectives and
• Pursue the continual improvement of the system from an objective evaluation of its performance.

ISO 9001:2000 Approval

ISO 9001:2000 registration gives the organisation the benefit of an objectively evaluated and enforced quality management system. It is a tangible expression of a firm’s commitment to quality that is internationally understood and accepted.

ISO 9001:2000 registration is carried out by certification bodies (registrars), accredited organisations that review the organisation’s quality manual and working practices to ensure that they meet the Standard.

Using ISO 9001:2000

It is important that when an organisation is certified to ISO 9001, it is clear which aspects of the organisation are covered by the certificate. This is addressed through the Scope of Registration, and this must clearly identify what is included so as not to mislead.

It is a requirement that all elements of ISO 9001 must be addressed by the organisation. However, there are specific circumstances under which certain requirements of the Standard can be excluded, yet compliance with ISO 9001 still be claimed:

• any excluded requirements do not affect the ability of the organisation to meet customer and regulatory requirements
• any excluded requirements do not affect the ability of the organisation to provide conforming products or services
• any excluded requirements must only come from section 7 (Product realisation) of ISO 9001. An example may be customer property. Clearly if a company never deals with such property then the requirement would not be applicable

The company's quality manual must also clearly identify why specific requirements of ISO 9001 have been excluded and the justification for that exclusion.

What 9001 is not

ISO 9001 is NOT a product Standard - it contains no product requirements.

It is a series of generic requirements for quality management systems. Approval to ISO 9001 does not guarantee  product or service quality. Customer focused leadership, not Standards produces satisfied customers.

Approval to ISO 9001 demonstrates that you meet the minimum requirements of quality management.

ISO 9004:2000 Guidelines for performance improvement

ISO 9004 is not a guide on how to implement ISO 9001, rather a guide on how to improve on the basic requirements that ISO 9001 specifies.

The requirements statements in ISO 9001 may be seen sometimes as a little brief and it rarely, if ever, tells the user 'how' to achieve compliance with it. ISO 9004 takes the basic requirement and expands on it. It gives options for the organisation to consider if they wish to progress beyond basic compliance and into excellence.

Given that 'Continual Improvement' is a requirement of ISO 9001, it is strongly recommended that you consider using ISO 9004 as a way forward in the journey of continual improvement.

Certification bodies cannot certify organisations against ISO 9004 but auditors may use it for guidance. You should consider using ISO 9004 to assist internal auditors when seeking improvement of the more mature processes.

ISO 9004 reproduces the full requirement of ISO 9001. It may also be that some of the guidance contained in ISO 9004 may one day become part of the requirements of ISO 9001 when the Standard is updated again in the future.

ISO 9000 Tips

Get Free information:

• Start with our FAQ page

• Get a work book (PDF format) from Association of British Certification Bodies

• Follow this link for some limited interpretations (PDF format) on the ISO Committee's site  http://www.tc176.org/Interpre.asp  

• NOTE: you will need Acrobat Reader to open these files. Click here for free Acrobat Reader download.

• Take a look at the public documents on the ISO 9000 committee site

• I'm not sure of the copyright status of this and it may contain errors, but you can download ISO 9004 (in MS Word) from www.uml.org.cn/rjzl/doc/Ezhinan.doc.  However, as with ANY file download, we recommend that your anti-virus software is enabled and current

• Buy ISO 9001 or ISO 9004 from http://www.bsi-global.com/  

• They’re often cheaper from Australian Standards http://www.Standard.com.au/catalogue/script/search.asp

• Follow this link to the ISO 9001 Audit Practices Group and learn more about modern audit techniques. The leading UK Certification Bodies NQA and Lloyds Register Quality Assurance both provide free, and useful information on 21st Century quality thinking.

Identify any gaps - typical gaps: no process map (Para 4.1), no policy or objectives (Para 5.3, 5.4), no internal audits (Para 8.2.2) misunderstanding Preventive Action (Para 8.5.3)

What is an appropriate level of documentation ?

• See http://www.iso9001help.co.uk/ISO_9001_quality_documentation_42.htm

TOP TIP #1 What the Standard doesn't tell you is how all this information should be documented

As a rule, you should avoid creating overly complex or burdensome documentation.

You may decide to merely "Define" simpler processes (by giving an overview in the Quality Manual) rather than "Document" them in detailed Procedures.

Rely instead on the skills, training and experience of the people doing the work. Balance lightweight procedures with heavyweight Training records.

TOP TIP #2 Start with the assumption that you are already DOING most of what ISO 9001 requires- You probably are.

Many people talk about the high cost of implementing ISO 9000 - I believe this is a false assumption. If you do it right and understand the Standard then implementation should not be that big a problem - as 75% of your quality system is already in place.

TOP TIP # 3

The traditional method of controlling a process is to write a procedure. The typical procedure will be ‘text based', comprise a number of pages broken down into paragraphs of information which direct the reader to perform certain activities.

Alternatively, they may be in the form of flowcharts which generally contain less specific information but are easier for the reader to obtain a quick ‘snapshot' of what is happening in the process. Flowcharts may be backed up by text if the process is complex.

An equally valid method for controlling a process is the use of software. e.g. the sales department may have a piece of software which ‘drives' the order system and provides the necessary control. For example, the software helps the staff to enter the correct information by prompting inputs in appropriate fields, and throws up an error message when incorrect data has been entered, why have a documented procedure defining how to perform the task? It may be more appropriate to train people in its use and then evaluate their competence by reviewing performance.

Smart Forms are another alternative. Smart forms which contain enough information to help ensure that the activity is performed correctly can be used to provide the necessary control.

FAQ's

Q Is a production process different from a business process?
A No. Production processes (or as ISO 9001:2000 calls it, "product realisation processes") are just a subset of your normal business processes.

Think of "production" as "creation". If your organisation designs training courses or provides cleaning services, your production processes are how you develop a course or how you plan and deliver your service - all just part of "running the business".

Q What is the best way to define a business process?
A There is more to a process than just the tasks and decisions which define the flow of information or material. You also need to define the materials, hardware and skills required and the environmental influences (eg light, hygiene, humidity) which could affect the operation of the process.

Q What is the "correct" level of detail to use when defining a business process?
A As little as you need. Be clear about why are you doing it and who will use the resultant definitions. But do it for yourself and your staff - a QMS is not solely for your external auditor.

Two pages of a flowchart should be sufficient for a process. Assume your people are competent - or train them if they're not.

Too many 'quality systems' have tonnes of documentation.  They are Quantity Systems, NOT Quality Systems. 

Quality Manuals are NOT full of weird words and convoluted language that no one can even understand much less use…

Do a risk assessment - if your product or service fails what is the worst that will happen? How serious are the consequences?

If the answer is "the end of civilisation as we know it" then you need lots of controls (checks & records).

Alternatively, if the answer is "some-one is mildly inconvenienced" or "a simple problem that is easily fixed" then you need a lot less.

If you've done ISO 9000 before, forget everything you thought you knew - 2000 is more about performance and less emphasis on procedures.
 

Involve your people in the drafting process

DON'T insult people's intelligence by stating the obvious

- "Complete form 17. In the box marked "Customer Name" insert the customer's name..."

DON’T use language that you don't understand

DON'T say things that you know you don't do

DON'T keep more records than required. Where ISO 9001 says "...see 4.2.4" that means keep a record. Records are for managers, not for auditors

Is there a record in your system with no clear business purpose? If so, get rid of it!
There are two basic purposes in business for a record:

• to record the fact that something happened. For example: the project was approved on November 12
• to record how well something happened. For example: we failed the project approval twice (for these reasons...) before it was finally approved

The key purpose of the latter form of record (the old ISO 9000 used to helpfully call them 'quality records'!) is to capture data that provides you with management information about how well - or otherwise - your system is working and the progress that is being made in achieving your objectives. It is not the purpose of any record to provide 'evidence' to auditors - this is incidental.

KEEP records long enough to cover your period of product liability - unless the law or some other Standard says different

Develop training records - that show staff are competent, Para 6.2

http://www.iso9001help.co.uk/Training_62.htm

Develop meaningful targets for improvement (quality objectives) Para 5.4.1.

http://www.iso9001help.co.uk/Quality_objectives_541.htm

First, use the quality policy statement as a framework for establishing your process and product goals. Then set specific, measurable targets on the path to attaining these goals.

Product objectives will largely be determined by your product specifications. Focus your attention on the process objectives and the methods you'll use to measure process performance. These objectives must be established at the relevant functions and levels within your organisation.

Integrate ISO 9000 into the business process

DON'T develop an alien system that sits separately from the business

DO face an audit with pride - "We are good at what we do"

DON'T face an audit with fear

Done PROPERLY ISO 9001 is a useful tool that may tell you something useful about your business

A good ISO 9001 system is practical, manageable and works FOR you… 

- It does NOT tie you in knots, weigh you down with bureaucracy, nor demand useless documentation, nor make you do pointless things just for the auditor

Done BADLY you have a meaningless pile of paperwork

- Many people even believe that 'proper' quality manuals must have a separate policy, and procedures for every clause. You DON'T need to do it.

DO develop a simple, robust system appropriate for the size of the company and the type of business

DO use a simple numbering system for documents and paragraphs.

13 Step Project Plan

 1. Find out about ISO 9001:2000.

Understand what ISO 9001:2000 means for your organisation.  

ISO 9001:2000 is intended to be generic (i.e., applicable to all organisations, regardless of type, size and product category). However, not all requirements in the new Standard will necessarily be relevant to all organisations. Under certain circumstances, an organisation may exclude some specific requirements.

ISO 9001:2000's clause 1.2, Application, states that requirements can be excluded only if they're limited to clause 7, Product realization. Exclusions are acceptable only if they don't affect an organisation's ability, or responsibility, to provide products that meet customer and applicable regulatory requirements.

Do a gap analysis - you are probably doing most of what ISO 9001 requires already as part of your normal business practice.

Get information on potential certification bodies. See http://www.ukas.org.

Or see http://www.iso.org/iso/en/info/ISODirectory/countries.html which lists national Accreditation Bodies, followed by national Certification Bodies.

NOTE: Accreditation Bodies audit and "accredit" the Certification Bodies who audit and "certify" you.

The reason you need to define 'quality' is simply that, if you don't know what it is, you'll never know whether or not you are achieving it.

Not knowing where you want to get to also makes it difficult to communicate to other people what is to be achieved and why, let alone to motivate them to act.

Most certification bodies require at least three months history between the formal implementation date of the quality system and the certification audit. Typically, they require that at least one internal audit covering all elements of the quality system is completed and followed by a management review before the certification audit. This enables the company itself to identify problems and to resolve them prior to assessment by the certification body.
 

5. Train internal auditors

They need to understand how the new clause structure and requirements will affect their audit plans. Instead of auditing by clause, your organisation may decide to audit by functional area.

8. Continue implementation plan

Make any necessary changes, from 7, above.

Most certification bodies wish to see at least 3 months of history.