ISO 9000 family of standards and SMEs

ISO 9000 family of standards and SMEs

The ISO 9000 quality management system is generic in nature and applicable to all companies, regardless of the type and size of the business, including small and medium enterprises (SMEs), and they are applicable to all categories of products, whether hardware, software, processed materials or services. ISO 9001:2008 specifies what is required to be done by an organization but does not indicate how it should be done, thus giving the enterprise a lot of flexibility to run its business.

It is simple to use, clear in language and easily understandable. The new standard is also appropriate for small companies, as it does not demand the type of paper bureaucracy needed for the implementation of the 1994 version. Only six documented procedures are now required and need for other procedures/documents can be decided by the company. Companies will, however, be required to provide objective evidence that the QMS has been effectively implemented. A small company may find it appropriate to include the description of its entire QMS within a single Quality Manual, including all the documented procedures required by the standard.

The process-based approach given in the new standard will tend to ensure that systems are documented and implemented in a manner that suits a SME’s own way of doing business. This approach makes it easier for SMEs to implement, instead of just taking over an artificial structure of QMS imposed from outside. It will also be easier for SMEs managed by their owners to demonstrate “top management commitment” towards QMS. Furthermore, in a SME, it is easier to ensure effective internal communication, better utilization of resources, people clearly understanding their roles and responsibilities, etc.

The new standard has included a provision for deciding on the applicability of

certain product realization processes included in section 7 of the standard. For example, if the SME has no responsibility for the design and development of the product it provides, the SME may say so, giving the reasoning behind it, in the Quality Manual; the certification body, being satisfied that this corresponds, would then award it certification to ISO 9001:2008. Similarly, other product realization processes such as purchasing, product identification and traceability, control of measuring devices may also be excluded if these are not applicable for the type of products or services being provided by the company.

It is also possible that SMEs may not have adequate in-house expertise or there may be other constraints to perform all processes on their own. In such cases, the new standard also permits the outsourcing of any of the QMS processes, providing the company has control over such processes. The nature of this control will depend on the nature of the outsourced or subcontracted processes and the risk involved. For example, the design and development process may be subcontracted to an expert or a specialized agency, inspection/verification of goods purchased may be subcontracted to an inspection agency, internal audit of QMS can be outsourced, etc. However, overall responsibility for ensuring control on all outsourced processes as per requirements of the standard would remain with the company’s management.

ESTABLISHING THE INITIAL STATE OF THE QMS For SME

Establishing The Initial State of The ISO 9001 QMS For SME

The implementation of an ISO 9001 conformant system must recognize that it is but a step in a long-term development of a continually improving QMS. Unfortunately, it is often the case that ISO 9001 is taken as a means to an end, where the implementation of a QMS is not the primary objective, rather certification is. As a result, SMEs may end up with stacks of documentation waiting to be processed that adds no value, but cost.

According to the requirements of ISO 9001, an organization must develop only six documented procedures: (1) control of documents, (2) control of quality records, (3) internal audits, (4) control of non-conformities, (5) corrective action, and (6) preventative action. A quality manual and several records are also required. The development of other procedures, work instructions, and

other documents is largely at the discretion of the organization. From the very beginning of the process, it is therefore essential that SMEs establish a balanced view between a short-term focus (marketing/sales) and a long-term focus (achieving company-wide quality awareness through TQM). ISO documentation should be considered as an enabler along that way and SMEs must guard against the creation of unnecessary documentation.

However, even when such a view is adopted, many SMEs struggle to move from their initial state to a fully functional ISO 9001 QMS. Over the last several years, we have been involved in ISO 9001 implementation projects in seven different SMEs. The SMEs have ranged in size from approximately 20 employees to 500 employees. The SMEs have been drawn from a variety of sectors in Virginia, including manufacturing, distribution, and services. Based on our experience, we developed a schematic of initial states of an organization in terms of the existence and functionality of the ISO 9001 QMS . Throughout this paper, existence is equated with the documentation required by the standard while functionality is equated with an effectively operated QMS that leads to increased customer satisfaction and continuous improvement of business results.

A successful QMS must be fully functional and appropriately documented. With that in mind, there are four main states in which SMEs can be located in the beginning of the implementation process:

1. Complete Death: No documentation, no functioning.

This is the state in which there is no indication of the existence and functionality of the QMS. No documentation exists and no processes are in place to help ensure the quality of the product.

Relatively few companies will find themselves in this situation.

2. Informally Alive: No documentation, some level of functioning.

Many SMEs exhibit an organic structure characterized by an absence of standardization and the prevalence of loose and informal working relationships. SMEs operating in this state are more likely to rely on people rather than a system. In such situations, key personnel may resist documentation for two key reasons “(1) documentation is considered a waste of time and (2) documentation of processes and procedures makes the individual less dependable” [2]. SMEs in this state perform some or all of the processes required by ISO 9001 and the QMS may function fairly well. However, they are not willing and ready to document those processes unless there is a cultural change lead by top management.

3. Formally Death: Some level of documentation, no functioning.

SMEs categorized in this state have documented processes and procedures at some degree, however, the documents are generally not followed and do not necessarily reflect the actual manner in which the organization undertakes its operations and management. This situation highlights the fact that the mere existence of documentation does not necessarily lead to a functional QMS. Moreover, such a situation may help perpetuate the view that ISO 9001 is a way for SMEs to market their products and services but that implementation of the standard requires stacks of documents that offer no value.

4. Formally Alive: Some level of documentation, some level of functioning.

Each SME considered in this state, achieves a unique combination of the existence and functionality of processes and procedures that may or may not be required by ISO 9001. This situation is closest to the desired state of full functionality (100%) of the ISO 9001 QMS and full documentation (100%) of this functionality.

ISO 9001 Standards & ISO 14001 Standards Related Blogs

ISO 9001 Standards & ISO 14001 Standards Related Blogs are as follows:

http://iso14001-standard.blogspot.com/

http://environmental-management-system.blogspot.com/

http://iso9001systems.blogspot.com/

http://iso-9000softwares.blogspot.com/

http://iso14000-series.blogspot.com/

http://iso9001qualitysystem.blogspot.com/

http://iso-14000-ems.blogspot.com/

http://iso-9001standards.blogspot.com/

http://iso9000-standard.blogspot.com/

http://iso-9001-quality-manual.blogspot.com/

http://iso-14000-standards.blogspot.com/

http://iso-14001-standards.blogspot.com/

http://iso-9001-quality-system.blogspot.com/

http://iso-9001-standard.blogspot.com/

http://iso-environmental-management-systems.blogspot.com/

http://iso-9001-quality-management-system.blogspot.com/

http://iso9000qualitymanagementsystem.blogspot.com/

http://iso-9001-standard.blogspot.com/

http://iso-14001ems.blogspot.com/

http://iso-14001-quality-system.blogspot.com/

http://iso-14001-quality-manual.blogspot.com/

http://www.iso14000store.com/blog

http://www.iso9001-standard.us

ISO 9001 Standards Requirements – Design and Development

ISO 9001 Standards Requirements – Design and Development

Design and Development Planning
Plan and control the product design and development. This planning must determine the:
Stages of design and development
Appropriate review, verification, and validation activities for each stage
Responsibility and authority for design and development
The interfaces between the different involved groups must be managed to ensure effective communication and the clear assignment of responsibility. Update, as appropriate, the planning output during design and development.
NOTE: Design and development review, verification, and validation have distinct purposes. They can be conducted and recorded separately or in any combination, as deemed suitable for the product and the organization.

Design and Development Inputs
Determine product requirement inputs and maintain records. The inputs must include:
Functional and performance requirements
Applicable statutory and regulatory requirements
Applicable information derived from similar designs
Requirements essential for design and development
Review these inputs for adequacy. Resolve any incomplete, ambiguous, or conflicting requirements.

Design and Development Outputs
Document the outputs of the design and development process in a form suitable for verification against the inputs to the process. The outputs must:
Meet design and development input requirements
Provide information for purchasing, production, and service
Contain or reference product acceptance criteria
Define essential characteristics for safe and proper use
Be approved before their release

Design and Development Review
Perform systematic reviews of design and development at suitable stages in accordance with planned arrangements to:
Evaluate the ability of the results to meet requirements
Identify problems and propose any necessary actions
The reviews must include representatives of the functions concerned with the stage being reviewed. Maintain the results of reviews and subsequent follow-up actions.

Design and Development Verification
Perform design and development verification in accordance with planned arrangements to ensure the output meets the design and development input requirements. Maintain the results of the verification and subsequent follow-up actions.

Design and Development Validation
Perform validation in accordance with planned arrangements to confirm the resulting product is capable of meeting the requirements for its specified application or intended use, where known. When practical, complete the validation before delivery or implementation of the product. Maintain the results of the validation and subsequent follow-up actions.

Control of Design and Development Changes
Identify design and development changes and maintain records. Review, verify, and validate (as appropriate) the changes and approve them before implementation. Evaluate the changes in terms of their effect on constituent parts and products already delivered. Maintain the results of the change review and subsequent follow-up actions.

ISO 9000 Standards – Design and development

ISO 9000 Standards – Design and development

Planning the design and development of a product means determining the design objectives and the design strategy, the design stages, timescales, costs, resources and responsibilities needed to accomplish
them. Sometimes the activity of design itself is considered to be a planning activity but what is being planned is not the design but the product.

The purpose of planning is to determine the provisions needed to achieve an objective. In most cases, these objectives include not only a requirement for a new or modified product but also requirements governing the costs and product introduction timescales (Quality, Cost and Delivery or QCD). Remove these constraints and planning becomes less important but there are few situations when cost and time is not a constraint. It is therefore necessary to work out in advance whether the objective can be achieved within the budget and timescale. One problem with design is that it is often a journey into the unknown and the cost and time it will take cannot always be predicted. It may
in fact result in disaster and either a complete reassessment of the design objective or the technology of the design solution. This has been proven time and again with major international projects such as Concorde, the Channel Tunnel and the International Space Station. Without a best guess these projects would not get off (or under!) the ground and so planning is vital firstly to get the funding and secondly to define the known and unknown so that risks can be assessed and quantified.

Design and development plans need to identify the activities to be performed, by whom they will be perform and when they should commence and be complete. One good technique is to use a network chart (often called a PERT chart), which links all the activities together. Alternatively a bar chart may be adequate. There does need to be some narrative in addition as charts in isolation rarely conveys everything required.

Design and development is not complete until the design has been proven as meeting the design requirements, so in drawing up a design and development plan you will need to cover the planning of design verification and validation activities. The plans should identify as a minimum:
- The design requirements
- The design and development programme showing activities against time
- The work packages and names of those who will execute them (Work
packages are the parcels of work that are to be handed out either internally or to suppliers)
- The work breakdown structure showing the relationship between all the parcels of work
- The reviews to be held for authorizing work to proceed from stage to
stage
- The resources in terms of finance, manpower and facilities
- The risks to success and the plans to minimize them
- The controls that will be exercised to keep the design on course
Planning for all phases at once can be difficult as information for subsequent phases will not be available until earlier phases have been completed. So, your design and development plans may consist of separate documents, one for each phase and each containing some detail of the plans you have made for subsequent phases.
Your design and development plans may also need to be subdivided into
plans for special aspects of the design such as reliability plans, safety plans, electromagnetic compatibility plans, configuration management plans. With simple designs there may be only one person carrying out the design activities. As the design and development plan needs to identify all design and development activities, even in this situation you will need to identify who carries out the design, who will review the design and who will verify the design. The same person may perform both the design and the design verification activities, however, it is good practice to allocate design verification to another person or organization because it will reveal problems overlooked by the designer. On larger design projects you may need to employ staff of various disciplines such as mechanical engineers, electronic engineers, reliability engineers etc. The responsibilities of all these people or groups need to be identified and a useful way of parcelling up the work is to use work packages that list all the activities to be performed by a particular group. If you subcontract any of the design activities, the supplier’s plans need to be integrated with your plans and your plan should identify which activities are the supplier’s responsibility. While purchasing is dealt with in clause 7.4 of the standard, the requirements also apply to design activities.

Establishing Quality Objectives In ISO 9000 Standards

Establishing Quality Objectives In ISO 9000 Standards

The ISO 9000 Standard requires that top management ensure that quality objectives are established.

ISO 9001 defines quality objectives as results sought or aimed for related to quality. It also suggests that these

objectives be based on the quality policy and be specified at different levels in the organization, being

quantified at the operational level. As with quality policy the details will be addressed later and here we

will focus on what it means to establish qualityobjectives and how they relate to other objectives.

As the quality policy equates to the corporate policy, it follows that quality objectives equate to corporate objectives. All of the organization’s objectives should in some way serve to fulfil requirements of customers and other interested parties. It is also interesting to note that inISO 9001, the term requirement is defined as a need or expectation that is stated, customarily implied or obligatory. While an investor may not specify a requirement for growth in share value, it would certainly be an expectation. While an employee does not express requirements for salary increases when profits rise, it would certainly be an expectation and while society has no way other than to protest or invoke the law to impose its desires upon an organization, it certainly has the power to make organization’s comply and even change the law in extreme cases. So quality objectives do equate to corporate objectives.

Management needs to ensure that the objectives are established as a basis for action. All work serves an objective and it is the objective that stimulates action.

The reason for top management setting the objectives is to ensure that everyone channels their energies in a positive direction that serves the organizations purpose and mission.

For an objective to be established it has to be communicated, translated into action and become the focus of all achievement. Objectives are not wish lists. The starting point is the purpose and mission statement and the factors

identified as affecting the ability of the organization to accomplish its mission. It is in these areas the organization needs to excel and therefore they become the focus for action and consequently the setting of objectives. Although ISO 9001 suggests that the quality objectives should be based on the quality policy, it is more likely to be current performance, competition and opportunities arising from new technology that drive the objectives.

An objective is a result that is aimed for and is expressed as a result that is to be achieved. Objec-

tives are therefore not policies. The requirement should also not be interpreted as applicable only to

organizational functions and levels. Objectives are required at levels within the organization not levels

within the organization structure. This is clarified by the requirement for objectives to include those

needed to meet requirements for product. There are therefore five levels at which control and improve-

ment objectives need to be established:

Corporate level where the objectives are for the whole enterprise to enable it to fulfil its vision

Process level where the objectives are for specific processes to enable them to fulfil corporate goals

Product or service level where the objectives are for specific products/services or ranges of products/services to enable them to fulfil or create customer needs and expectations

Departmental or function level where the objectives are for an organizational component to enable it to fulfil corporate goals Personal level where the objectives are for the development of individual competency

A management system is not a static system but a dynamic one and if properly designed and implemented can drive the organization forward towards world class quality. All managerial activity is concerned either with maintaining performance or with making change. Change can retard or advance performance. That which advances performance is beneficial. In this regard, there are two classes of quality objectives, those serving the control of quality

(maintaining performance) and those serving the improvement of quality (making beneficial change).

maintain or to prevent from deteriorating. To maintain your performance and your position in the market you will have to continually seek improvement.

Remaining static at whatever level is not an option if your organization is to survive. Although you will be striving for improvement it is important to avoid slipping backwards with every step forwards. The effort needed to prevent

regression may indeed require innovative solutions. While to the people working on such problems, it may appear that the purpose is to change the status quo, the result of their effort will be to maintain their present position not raise it to higher levels of performance. Control and improvement can therefore be perceived as one and the same thing depending on the standards being aimed for and the difficulties in meeting them.

The statements of objectives may be embodied within business plans, product development plans, improvement plans, process descriptions and even procedures.

Achievable objectives do not necessarily arise from a single thought even when the policies provide a framework. There is a process for establishing objectives.

At the strategic level, the subjects that are the focus for setting objectives are the factors that affect the organization’s ability to accomplish its mission – the critical success factors such as marketing, innovation, human resources,

physical and financial resources, productivity and profit. There may be other factors such as the support of the community, of unions, of the media as certain businesses depend on continued support from society. Customer needs, regulations, competition and other external influences shape these objectives and cause them to change frequently. The measures arise from an analysis of current performance, the competition and there will emerge the need for either improvement or control. The steps in the objective setting process are as follows:

Identifying the need

Drafting preliminary objectives

Proving the need to the appropriate level of management in terms of:

whether the climate for change is favourable

the urgency of the improvement or controls

the size of the losses or potential losses

the priorities

Identifying or setting up the forum where the question of change or control is discussed Conducting a feasibility study to establish whether the objective can be achieved with the resources that can be applied Defining achievable objectives for control and improvement

Communicating the objectives

The standard does not require that objectives be achieved but it does require that their achievement be planned and resourced. It is therefore prudent to avoid publishing objectives for meeting an unproven need and which has not

been rigorously reviewed and assessed for their feasibility. It is wasteful to plan for meeting objectives that are unachievable and it diverts resources away from more legitimate uses.

Objectives are not established until they are understood and therefore communication of objectives must be part of this process. Communication is incomplete unless the receiver understands the message but a simple yes or no is not an adequate means of measuring understanding. Measuring employee understanding of appropriate quality objectives is a subjective process. Through the data analysis carried out to meet the requirements of clause 8.4 you will have produced metrics that indicate whether your quality objectives are being achieved. If they are being achieved you could either assume your employees understand the quality objectives or you could conclude that it doesn’t matter. Results alone are insufficient evidence. The results may have been achieved by pure chance and in six months time your performance may have declined significantly. The only way to test understanding is to check the decisions people make. This can be done with a questionnaire but is more effective if one checks decisions made in the work

place. Is their judgement in line with your objectives or do you have to repeatedly adjust their behaviour?

For each objective you should have a plan that defines the processes involved in its achievement. Assess these processes and determine where critical decisions are made and who is assigned to make them. Audit the

decisions and ascertain whether they were contrary to the objectives. A simple example is where you have an objective of decreasing dependence upon inspection. By examining corrective actions taken to prevent recurrence of

nonconformities you can detect whether a person decided to increase the level of inspection in order to catch the nonconformities or considered alternatives.

Any person found increasing the amount of inspection has clearly not understood the objective.

ISO 9000 Standards – Document Approval

ISO 9000 Standards – Document Approval
The ISO 9000 Standards requires that documents be approved for adequacy prior to issue.

Approval prior to issue means that designated authorities have agreed the document before being made available for use. Whilst the term ade-
quacy is a little vague it should be taken as meaning that the document is judged as fit for the intended purpose. In a paper based system, this means approval before the document is distributed. With an electronic system, it means that the documents should be approved before they are published or made available to the user community.

The ISO 9000 Standards document control process needs to define the process by which documents are approved. In some cases it may not be necessary for anyone other than the approval authority to examine the documents. In others it may be necessary to set up a panel of reviewers to solicit their comments before approval is given.
It all depends on whether the approval authority has all the information
needed to make the decision and is therefore ‘competent’. One might think that the CEO could approve any document in the organization but just because a person is the most senior executive does not mean he or she is competent to perform any role in the organization.

Users should be the prime participants in the approval process so that the
resultant documents reflect their needs and are fit for the intended purpose. If the objective is stated in the document, does it fulfil that objective? If it is stated that the document applies to certain equipment, area or activity, does it cover that equipment, area or activity to the depth expected of such a document? One of the difficulties in soliciting comments to documents is that you will gather comment on what you have written but not on what you have omitted. A useful method is to ensure that the procedures requiring the document specify the acceptance criteria so that the reviewers and approvers can check the document against an agreed standard.

To demonstrate documents have been deemed as adequate prior to issue,
you will need to show that the document has been processed through the
prescribed document approval process. Where there is a review panel, a simple method is to employ a standard comment sheet on which reviewers can indicate their comments or signify that they have no comment. During the drafting process you may undertake several revisions. You may feel it
necessary to retain these in case of dispute later, but you are not required to do so. You also need to show that the current issue has been reviewed so your comment sheets need to indicate document issue status.

Develop Quality Management System Documentation In ISO 9000 Standards

Develop Quality Management System Documentation In ISO 9000 Standards

Documentation is the most common area of non-conformance among organizations

wishing to implement ISO 9000 quality management systems. As one company

pointed out: “When we started our implementation, we found that documentation

was inadequate. Even absent, in some areas. Take calibration. Obviously it’s

necessary, and obviously we do it, but it wasn’t being documented. Another area

was inspection and testing. We inspect and test practically every item that leaves

here, but our documentation was inadequate”.

Documentation of the quality management system should include:

1. Documented statements of a quality policy and quality objectives,

2. A quality manual,

3. Documented procedures and records required by the standard ISO 9001:2008, and

4. Documents needed by the organization to ensure the effective planning, operation and control of its processes.

Quality documentation is generally prepared in the three levels indicated below that follows. Use ISO 10013:1995 for guidance in quality documentation.

Level A: Quality manual

States the scope of the quality management system, including exclusions and

details of their justification; and describes the processes of the quality

management system and their interaction. Generally gives an organization

profile; presents the organizational relationships and responsibilities of persons

whose work affects quality and outlines the main procedures. It may also

describe organization’s quality policy and quality objectives.

Level B: Quality management system procedures

Describes the activities of individual departments, how quality is controlled in

each department and the checks that are carried out.

Level C: Quality documents (forms, reports, work instructions, etc.)

1. Work instructions describe in detail how specific tasks are performed; include

drawing standards, methods of tests, customer’s specifications, etc.

2. Presents forms to be used for recording observations, etc.

Preparing ISO 9000 Standards Quality Manual

Preparing ISO 9000 Standards Quality Manual

ISO 9001 Standards defines a quality manual as a document specifying the quality management system of an organization. It is therefore not intended that the ISO 9001 Standards Quality Manual be a response to the requirements of ISO 9001 Standards. As the top-level document describing the management system it is a system description describing how the organization is managed.
Countless quality manuals produced to satisfy ISO 9001:2008, were no more than 20 sections that paraphrased the requirements of theISO 9001 standards.
Such documentation adds no value. They are of no use to managers, staff or auditors. Often thought to be useful to customers, organizations would gain no more confidence from customers than would be obtained from their registration certificate.

Why Is ISO 9000 Important?

Why Is ISO 9000 Important?

ISO 9000 is important because of its orientation. While the content itself is useful and important, the content alone does not account for its widespread appeal.
ISO 9000 is important because of its international orientation. Currently, ISO 9000 is supported by national standards bodies from more than 150 countries. This makes it the logical choice for any organization that does business internationally or that serves customers who demand an international standard of excellence.
ISO is also important because of its systemic orientation. We think this is crucial. Many people wrongly emphasize motivational and attitudinal factors. The assumption is that quality can only be created if workers are motivated and have the right attitude. This is fine, but it doesnt go far enough. Unless you institutionalize the right attitude by supporting it with the right policies, procedures, records, technologies, resources, and structures, you will never achieve the standards of quality that other organizations seem to be able to achieve. Unless you establish a quality attitude by creating a quality management system, you will never achieve a world-class standard of quality.
Simply put, if you want to have a quality attitude you must have a quality system. This is what ISO recognizes, and this is why ISO 9000 is important.

ISO 9000 Softwares

ISO 9000 Softwares

1. ISO 9000 Software – ISO 9000 Document Control Software

The concept of document control is integral to ISO 9000. Specifically ISO 9001: 2000, requires the establishment of a document control system that stores and manages documents relating to implementing, maintaining, and continually improving a quality management system. Within the context of ISO 9000, a quality system must be documented and quality records must be maintained. Document control helps ensure effective operation and facilitates better decision-making, by providing a vehicle for employees, customers, and partners to access controlled documentation from any location at anytime.

For high-tech companies that adhere to ISO 14000 environmental management standards, document control procedures are equally necessary to help them continuously improve their environmental management system.

The ISO 9000 Document Control Software is developed & designed to control the ISO 9000 Quality Manual, Operating Procedure, Forms & Documents digitally. System will track the all ISO 9000 Documents by ISO Document No. through out the system.

The ISO 9000 Document Control Software Provides:-

Tracking of Documents- Provides secure tracking of all your ISO 9000 Quality Manual, Operating Procedure & Forms & Documents in any format either in Microsoft Word, Excel, PDF or etc.
Efficiency Document Control- It’s uniquely qualified to be the focal point of a quality management system because it can handle all types of documents regardless of the software used to create them. It provides a secure and centralized document control repository that makes search and retrieval easy during inspections and audits.
Revision Control- Tracking of Document revisions, approval & Release Date. Manually Tracking down any revision on the ISO 9000 document activity is difficult . The ISO 9000 Document Control Software will help to keep track the numbers of revision have been carried out, and also maintain the various revision copies of the documents.
Multiple File Location – System will be able to keep track the directories & folder where the original location is saved.
Centralize Of Document Control – Do not worry about the various department is getting the correct edition of the documents, because all documents have been managed by a centralize software. Document reviews are conveniently scheduled and documented.
Security:System provide User Right Control module which enable System Administrator to define the access right to authorized users and activity allowed.
2. ISO 9000 Software – ISO 9000 Audit Control Software

The ISO 9000 Audit Control Software were designed to handle all aspects of an internal or external audit programme, from planning audits to the follow-up of corrective actions against deficiencies found.

The Control Software increases the accountability and efficiency of your internal/external audits by developing core processes with clearly defined audit plans, step-by-step procedures, and standardized auditor roles and responsibilities. It will help to put you to the right path toward developing a well-organized ISO9001:2000 internal /external audit system.

The ISO 9000 Audit Control Software Provides:-

Audit Schedule – maintains the audit schedule, checklist preparation and all audit info.
Track Non-Conformance – System will help to track all non-conformances found during the audit, including actions & verification.
Corrective Action Report (CAR) – Update of the corrective action.
Security: System provide User Right Control module which enable System Administrator to define the access right to authorized users and activity allowed.
http://www.iso9000-software.com

ISO 9001 Standard Operating Procedures

A quality management system can improve a business’ operational processes and, as a result, the quality of its products or services. A quality management program also makes clear to customers the business’ strong focus on quality and satisfaction. To this end, implementingISO 9001 quality management standards from the highly respected ISO (the International Organization for Standardization) can be an especially smart step for businesses in any industry sector or part of the world.

Source

1. ISO 9001 comes from ISO, the largest and most widely known and respected source for quality management standards. This nongovernmental organization is a network of national standards institutes of 162 countries. ISO standards do not have the power of law but are based on consensus among its members, who represent the needs of both business and society at large. Since its founding in 1947, ISO has published more than 17,500 international standards.

Benefits

2. For society, ISO 9001 standard operating procedures help to ensure that products and services around the world meet expectations for quality. For businesses who implement ISO 9001, the main benefits as described by ISO are “the connection of quality management systems to organizational processes” and “a natural progression toward improved organizational performance.” Companies using ISO 9001 see reduced costs and increased customer satisfaction due to improved quality.

Features

3. In 1987, ISO developed ISO 9001 to define the components of a quality management system—for example, specific processes, documentation and roles dedicated to ensuring quality.ISO 9001 calls for organizations to adopt ISO’s Quality Management Principles and a process approach and to heavily engage top management in the quality process. In addition, organizations following ISO 9001 must establish relevant quality objectives and closely measure outcomes with a focus on continuous improvement.

Implementation

4. Once an organization has chosen to use ISO 9001 standard operating procedures, it should begin to instill in its employees the Quality Management Principles. Next, the business should analyze the standards and conduct a gap analysis to understand how existing processes might need to change to comply with ISO 9001. Finally, the organization should work through the adjustment of existing processes and the development of new processes to achieve compliance with the ISO 9001 standards.

Certification

5. While organizations can follow ISO 9001 without being certified, taking this additional step can help raise an organization’s image and credibility. ISO does not provide certification; organizations can obtain certifications from specialized third-party auditors that verify compliance to ISO 9001. The organization can then publicize and promote its certification, within ISO guidelines, as a hallmark of its quality commitment.

Introduction to ISO 9001 Standard Certification

Introduction to ISO 9001 Standard Certification

Certification is a way to attest, by the intermediary of a third-party certifier, to a company’s ability to provide a service, product or system in accordance with client requirements and regulation requirements. ISO and IEC give the following definition:
Procedure by which a third party gives written assurancethat a product, process or service complies with the requirementsspecified in a benchmark.The ISO 9000 family of standards corresponds to all the management best practices benchmarks as regards quality, which are defined by ISO (the International Organisation for Standardization).
ISO 9000 standards were originally written in 1987, with revisions taking place in 1994 and 2000. Thus, the 2000 version of the ISO 9001 standard, which is part of the ISO 9000 family, is written “ISO 9001:2000?. The ISO 9001:2000 standard mainly focuses on the processes used to produce a service or product, whereas the ISO 9001:1994 standard was mainly focused on the product itself. Here is an overview of all the different standards in the ISO 9000 family:
ISO 9000: “Quality Management Systems – Basic Principles and Vocabulary”. The ISO 9000 standard describes the principles of a quality management system and defines the terminologyISO 9001: “Quality Management Systems – Requirements”. The ISO 9001 standard describes the requirements relative to a quality management system either for internal use or for contractual or certification purposes. Therefore, this standard is a group of requirements that companies must followISO 9004: “Quality Management Systems – Guidelines for Improving Performance”. This standard, which is intended for internal use and not for contractual purposes, focuses particularly on continually improving performanceISO 10011: “Guidelines for auditing quality management and/or environmental management systems”.

FAQs On ISO 9001 Standards

FAQs On ISO 9001 Standards

What is ISO?

The International Organization for Standardization (ISO) was established in 1947 and is (currently) an association

of approximately 157 members, which each represent their own country. ISO employs a system of Technical

Committees, Sub-committees and Working Groups to develop International Standards. Besides the National

Standards Bodies, ISO permits other international organizations that develop standards to participate in its work,

by accepting them as Liaison members. ISO works in accordance with an agreed set of rules of procedure, the

ISO/IEC Directives, which also include requirements on the presentation of standards.

The International Organization for Standardization (ISO) was established in 1947 and is (currently) an association

of approximately 157 members, which each represent their own country. ISO employs a system of Technical

Committees, Sub-committees and Working Groups to develop International Standards. Besides the National

Standards Bodies, ISO permits other international organizations that develop standards to participate in its work,

by accepting them as Liaison members. ISO works in accordance with an agreed set of rules of procedure, the

ISO/IEC Directives, which also include requirements on the presentation of standards.

What are the ISO 9000 standards ?

The ISO 9000 standards are a collection of formal International Standards, Technical Specifications, Technical

Reports, Handbooks and web based documents on Quality Management. There are approximately 25 documents

in the collection altogether, with new or revised documents being developed on an ongoing basis.

(It should be noted that many of the International Standards in the ISO 9000 family are numbered in the ISO

10000 range.)

Who is responsible for developing the ISO 9000 standards?

ISO Technical Committee (TC) number 176 (ISO/TC 176), and its Sub-committees, are responsible for the

development of the standards. The work is conducted on the basis of “consensus” among quality and industry

experts nominated by the National Standards Bodies, representing a wide range of interested parties.

Where can copies of the standards be obtained?

Copies of the standards may be purchased from your National Standards Body or ISO 9000 store like http://www.iso9001store.com

Where can copies of the supporting ISO 9000 guidance notes or other documents be found ?

Copies of the ISO 9000 Introduction and Support Package modules:

- Guidance on ISO 9001:2008 Sub-clause 1.2 ‘Application’

- Guidance on the Documentation Requirements of ISO 9001:2008

- Guidance on the Terminology used in ISO 9001 and ISO 9004

- Guidance on the Concept and Use of the Process Approach for management systems

- Guidance on ‘Outsourced Processes’

as well as details of the Quality Management Principles can be found at: www.iso.org/tc176/sc2

Copies of the ISO 9001 Auditing Practices Group guidance notes.

Where can information be obtained on the ISO 9001 standards?

There are a number of sources of information on the ISO 9000 quality management system standards, including

ISO’s web site (www.iso.org), which carry information on the standards. Your National Standards Body should be

able to provide copies of the standards, and registrars/certification bodies will be able to provide guidance on

registration arrangements.

Why are the standards being revised?

ISO’s formal review process:

- Requires continual review to keep standards up to date. Must be initiated within 3 years of publication of a standard.

User inputs from:

- A global user questionnaire/survey

- A market Justification Study

- Suggestions arising from the interpretation process

- Opportunities for increased compatibility with ISO 14001

- The need for greater clarity, ease of use, and improved translation

Current trends:

- Keeping up with recent developments in management system practices.

Who is responsible for revising the standards?

The revision process is the responsibility of ISO Technical Committee no.176, Sub-committee no.2 (ISO/TC 176/SC 2) and is conducted on the basis of consensus among quality and industry experts nominated by ISO Member bodies, and representing all interested parties.

When will the revised standards be available?

The revised quality management system standards (ISO 9000, 9001 and 9004) are scheduled as follows:

- ISO 9000:2005 already published – no major changes expected for 2009

- Current plan is for small changes to ISO 9001 (an “amendment”) to be published in November 2008.

- More significant changes are planned for ISO 9004 (a “revision”) to be published in mid 2009.

How much is the implementation of the new standard going to cost?

One of the goals of ISO/TC 176/SC 2 is to produce standards that will minimize any potential costs during a smooth implementation. Any additional costs may be considered as a value-adding investment. A key factor in the development of ISO 9001:2008 was to limit the impact of changes on users.

Will my organization have to re-write all its documentation?

No. ISO 9001:2008 doesn’t introduce major changes to the requirements, when compared to ISO 9001:2000. However, to benefit from the changes, we suggest you get acquainted with the new version of the standard and the clarifications introduced. If, during your analysis of the clarifications you find there are differences from your current interpretation of ISO 9001:2000, then you should analyse the impact on your current documentation and make the necessary arrangements to update it. It is intended that the amendment of ISO 9001 will have minimal or no impacts on documentation.

Will the revised standards address financial issues?

Financial issues are not addressed in ISO 9001:2008, which is a requirements standard. The ISO 10014:2006 and ISO 9004:2000, Guidelines for performance improvements standards will emphasize the financial resources needed for the implementation and improvement of a quality management system.

What are the benefits of the revised standards?

For ISO 9001:2008 the major benefits are:

- Simple to use

- Clear in language

- Readily translatable and easily understandable

- Compatibility with other management systems such as ISO 14001.

For ISO 9004:

- Facilitates improvement in users’ quality management systems.

- Provides guidance to an organization for the creation of a quality management system that:

- creates value for its customers, via the products it provides

- creates value for all other interested parties

- balances all interested-party viewpoints.

- Provides guidance for managers on leading their organization towards sustained success.

- Forward compatibility to allow organizations to build on existing quality management systems.

What are the main changes in ISO 9001:2008?

ISO 9001:2008 has been developed in order to introduce clarifications to the existing requirements of ISO 9001:2000 and changes that are intended to improve compatibility with ISO 14001:2004. ISO 9001:2008 does not introduce additional requirements nor does it change the intent of the ISO 9001:2000 standard.

Certification to ISO 9001:2008 is not an “upgrade”, and organizations that are certified to ISO 9001:2000 should be afforded the same status as those who have already received a new certificate to ISO 9001:2008

What are the main benefits to be derived from implementing an ISO 9000 quality management system?

The ISO 9000 standards give organizations an opportunity to increase value to their activities and to improve their performance continually, by focusing on their major processes. The standards place great emphasis on making quality management systems closer to the processes of organizations and on continual improvement. As a result, they direct users to the achievement of business results, including the satisfaction of customers and other interested parties.

The management of an organization should be able to view the adoption of the quality management system standards as a profitable business investment, not just as a required certification issue.

Among the perceived benefits of using the standards are:

- The connection of quality management systems to organizational processes

- The encouragement of a natural progression towards improved organizational performance, via:

- the use of the Quality Management Principles

- the adoption of a “process approach”

- emphasis of the role of top management

- requirements for the establishment of measurable objectives at relevant functions and levels

- being orientated toward “continual improvement” and “customer satisfaction”, including the monitoring of information on “customer satisfaction” as a measure of system performance.

- measurement of the quality management system, processes, and product

- consideration of statutory and regulatory requirements.

- attention to resource availability

How will the implementation of the amended standard help my organization to improve its efficiency?

ISO 9001:2008 aims at guaranteeing the effectiveness (but not necessarily the efficiency) of the organization. For improved organizational efficiency, however, the best results can be obtained by using ISO 9004 in addition to ISO 9001:2008. The guiding quality management principles are intended to assist an organization in continual improvement, which should lead to efficiencies throughout the organization.

What benefits are there to an organization implementing ISO 9004 ?

If a quality management system is appropriately implemented, utilizing the eight Quality Management Principles, and in accordance with ISO 9004, all of an organization’s interested parties should benefit. For example:

Customers and users will benefit by receiving the products (see ISO 9000:2005, Fundamentals and vocabulary) that are:

- Conforming to the requirements

- Dependable and reliable

- Available when needed

- Maintainable

People in the organization will benefit by:

- Better working conditions

- Increased job satisfaction

- Improved health and safety

- Improved morale

- Improved stability of employment

Owners and investors will benefit by:

- Increased return on investment

- Improved operational results

- Increased market share

- Increased profits

Suppliers and partners will benefit by:

- Stability

- Growth

- Partnership and mutual understanding

Society will benefit by:

- Fulfilment of legal and regulatory requirements

- Improved health and safety

- Reduced environmental impact

- Increased security

Are the standards compatible with national quality award criteria?

The standards are based on 8 Quality Management Principles, which are aligned with the philosophy and objectives of most quality award programs. These principles are:

- Customer focus,

- Leadership,

- Involvement of people,

- Process approach,

- System approach to management,

- Continual improvement,

- Factual approach to decision making, and

- Mutually beneficial supplier relationships.

ISO 9004 recommends that organizations perform self-assessments as part of their management of systems and processes, and includes an annex giving guidance on this approach. This is similar to many quality awards programmes.

Why is the requirement for monitoring “customer satisfaction” included in ISO 9001?

“Customer satisfaction” is recognized as one of the driving criteria for any organization. In order to evaluate if a product meets customer needs and expectations, it is necessary to monitor the extent of customer satisfaction.

Improvements can be made by taking action to address any identified issues and concerns.

Can the standards improve “customer satisfaction”?

The quality management system details that are described in the standards are based on Quality Management Principles that include the “process approach” and “customer focus”. The adoption of these principles should provide customers with a higher level of confidence that products will meet their needs and increase their satisfaction.

What is meant by “continual improvement”?

Continual improvement is the process focused on continually increasing the effectiveness and/or efficiency of the organization to fulfil its policies and objectives. Continual improvement (where “continual” highlights that an improvement process requires progressive consolidation steps) responds to the growing needs and expectations of the customers and ensures a dynamic evolution of the quality management system.

What is a process?

Any activity or operation, which receives inputs and converts them to outputs, can be considered as a process. Almost all activities and operations involved in generating a product or providing a service are processes. For organizations to function, they have to define and manage numerous inter-linked processes. Often the output from one process will directly form the input into the next process. The systematic identification and management of the various processes employed within an organization, and particularly the interactions between such processes, may be referred to as the ‘process approach’ to management.

What is the “process approach”?

The “process approach” is a way of obtaining a desired result, by managing activities and related resources as a process. The “process approach” is a key element of the ISO 9000 standards. For further guidance, please refer to the ISO 9000 Introduction and Support Package module: Guidance on the Concept and Use of the Process Approach for management systems.

Can the “process approach” be applied to other management systems?

Yes. The “process approach” is a generic management principle, which can enhance an organization’s effectiveness and efficiency in achieving defined objectives.

How can the PDCA cycle be used in the “process approach”?

The PDCA cycle is an established, logical, method that can be used to improve a process.

This requires:

(P) planning (what to do and how to do it),

(D) executing the plan (do what was planned),

(C) checking the results (did things happened according to plan) and

(A) act to improve the process (how to improve next time).

The PDCA cycle can be applied within an individual process, or across a group of processes.

Can any organization apply the “process approach”?

Yes. Many organizations already apply a “process approach” without recognizing it. They could achieve additional benefits by understanding and controlling it.

Why should an organization apply the “process approach”?

By applying the “process approach” an organization should be able to obtain the following types of benefits:

- The integration and alignment of its processes to enable the achievement of its planned results.

- An ability to focus effort on process effectiveness and efficiency.

- An increase in the confidence of customers and other interested parties as to the consistent performance of the

organization.

- Transparency of operations within the organization.

- Lower costs and shorter cycle times through effective and efficient use of resources.

- Improved, consistent and predictable results.

- The identification of opportunities for focused and prioritized improvement initiatives.

- The encouragement and involvement of people, and the clarification of their responsibilities.

- The elimination of barriers between different functional units and the unification of their focus to the objectives

of the organization.

- Improved management of process interfaces.

What is meant by the “sequence” of processes and their “interactions”?

The “sequence” of processes shows how the processes follow, or link, to each other to result in a final output.

For example, the output from one process may become the input of the next process or processes.

The “interactions” show how each process affects or influences one or more of the other processes. For example,

the monitoring or controlling of a process may be established in a separate process.

How can the processes in an organization be determined?

Identify the organization’s intended outputs, and the processes needed for achieving them. These will need to

include processes for Management, Resources, Realization and Measurement and Improvement.

- Identify all process inputs and outputs, along with the suppliers and customers, who may be internal or

external.

- Identify the sequence and interactions of the processes.

Should an organization define and document all its processes?

The main purpose of documentation is to enable the consistent and stable operation of an organization’s

processes.

Although statutory, standards’ or customer requirements may require certain documentation, there is no defined

“catalogue”, or list of processes that has to be documented in ISO 9001, apart from the 6 indicated ones.

The organization should determine which processes are to be documented on the basis of:

- The size of the organization and type of its activities,

- The complexity of its processes and their interactions,

- The criticality of the processes and

- Availability of competent personnel.

A number of different methods can be used to document processes, such as graphical representations, written

instructions, checklists, flow charts, visual media, or electronic methods.

How much detail is required in process documentation?

The extent of detail is likely to depend upon factors such as:

- the size of an organisation and its types of activities,

- the complexity of its processes and their interactions, and

- the competence (level of education, training, skills and experience) of its personnel.

What is the difference between a “process” and a “procedure”?

A “process” may be explained as a set of interacting or interrelated activities, which are employed to add value. A

“procedure” is a method of describing the way or How in which all or part of that process activities shall/should be

performed.

ISO 9000:2005 defines a procedure as a “specified way to carry out an activity or a process”, which does not

necessarily have to be documented.

An organization has a well-established set of procedures. Can these procedures be used to help

describe its processes?

Yes, if the procedures describe inputs and outputs, appropriate responsibilities, controls and resources needed to satisfy customer requirements.

What documentation is required by ISO 9001?

ISO 9001:2008 refers specifically to only 6 documented procedures; however, other documentation (including more documented procedures not specifically mentioned in ISO 9001:2008) may be required by an organization, in order to manage the processes that are necessary for the effective operation of the quality management system. This will vary depending on the size of the organization, the kind of activities in which it is involved and their complexity. For further guidance, please also refer to the ISO 9000 Introduction and Support Package module “Guidance on the Documentation Requirements of ISO 9001:2008″

What does an organization need to do to comply with ISO 9001?

When initially starting to use ISO 9001, an organization should familiarize its personnel with the Quality Management Principles, analyze the standards (especially ISO 9000 and ISO 9004), and consider how their guidance and requirements may affect your activities and related processes. If it then wishes to proceed to registration/certification, it should perform a gap analysis against the requirements of ISO 9001 to determine where its current quality management system does not address the applicable ISO 9001:2008 requirements, before developing and implementing additional processes to ensure that compliance will be achieved.

What will happen to the 2000 version of ISO 9001?

ISO 9001:2008 will supersede ISO 9001:2000 However, noting the IAF/ISO-CASCO/ISO TC176 agreement that accredited certification to the 2000 edition should remain possible for up to 2 years after the publication of ISO 9001:2008, copies of the 2000 edition will still be available on request from ISO and the national standards bodies during that period, and possibly for even longer.

Can organizations remain certified/registered to the 2000 version?

Yes. Certification to ISO 9001:2008 is not an “upgrade”, and organizations that are certified to ISO 9001:2000 should be afforded the same status as those who have already received a new certificate to ISO 9001:2008. However, certificates to ISO 9001:2000 will only remain valid until 2 years after the publication of ISO 9001:2008. Contact your certification/registration body to get details on the certificates transition process.

What will happen to the other standards and documents in the current (2000) ISO 9000 family?

The four primary standards of the current ISO 9000 family are the following:

- ISO 9000:2005 already published – no major changes expected for 2009

- ISO 9001:2000 to be superseded by ISO 9001:2008

- More significant changes are planned for ISO 9004 with a planned publication date of late 2009.

- ISO 19011:2002 is currently beginning the revision process, with a new version expected in 2011.

The other standards and documents will be reviewed and updated as necessary