ISO 9001 contains requirements and is often used for certification purposes while ISO 9004 presents a set of guidelines and is used to develop quality management systems that go beyon
Trang 1ISO 9000
AN INTRODUCTION
I S O 9 0 0 0 is rapidly becoming the most important quality management standard in the world Thousands of companies in over 100 countries have already adopted it, and many more are
in the process of doing so Why? Because it controls quality
It saves money Customers expect it And competitors use it ISO 9000 applies to all types of organizations It doesn't matter what size they are or what they do It can help both product and service oriented organizations achieve standards of quality that are recognized and respected throughout the world.
I S O is the International Organization for Standardization.
It is located in Switzerland and was established in 1947 to develop common international standards in many areas Its members come from over 150 national standards bodies
What is ISO 9000?
The term ISO 9000 unfortunately has two different meanings:
it refers to a single standard (ISO 9000) and it refers to a set
of three standards (ISO 9000, ISO 9001, and ISO 9004) All three
are referred to as quality management system standards
ISO 9000 discusses definitions and terminology and is used
to clarify the concepts used by the ISO 9001 and ISO 9004
standards ISO 9001 contains requirements and is often used
for certification purposes while ISO 9004 presents a set of
guidelines and is used to develop quality management
systems that go beyond ISO 9001
ISO's purpose is to facilitate international trade by
providing a single set of standards that people
everywhere would recognize and respect.
The ISO 9000 standards apply to all kinds of organizations in all kinds of areas Some of these areas include manufacturing, processing, servicing, printing, forestry, electronics, steel, computing, legal services, financial services, accounting, trucking, banking, retailing, drilling, recycling, aerospace,
Trang 2construction, exploration, textiles, pharmaceuticals, oil and gas, pulp and paper, petrochemicals, publishing, shipping, energy, telecommunications, plastics, metals, research, health care, hospitality, utilities, pest control, aviation, machine tools, food processing, agriculture, government, education, recreation, fabrication, sanitation, transportation, software development, consumer products, product design, instrumentation, tourism, communications, biotechnology, chemicals, engineering, farming, entertainment, consulting, insurance, and so on.
How does ISO 9000 Work?
Here's how it works You decide that you need to develop a quality management system that complies with the ISO 9001 requirements That's your mission You choose to follow this path because you feel the need to control or improve the quality of your products and services, to r e d u c e the costs associated with poor quality, or to become more competitive
Or, you choose this path simply because your customers expect you to do so or because a governmental body has made it mandatory You then develop a quality management
system that meets the requirements specified by ISO 9001
In the course of doing so, you may also wish to consult the ISO 9000 definitions and the ISO 9004 guidelines.
But how do you develop such a q u a l i t y management
system? There are at least two approaches You can either
do a gap analysis or follow a detailed quality management
system development plan.
If you've already got a functioning quality management
system, we suggest that you carry out a gap analysis
A gap analysis will tell you exactly what you need to do to meet the ISO 9001 standard It will help you to identify the gaps that exist between the ISO 9001 standard and your organization's processes Once you know where the gaps are, you can take steps to fill your gaps By following this incremental approach, you will not only comply with the ISO 9001 standard, but you will also improve the overall effectiveness of your organization's quality management system A gap analysis will also help you to figure out how much time it will take and how much it will cost to bring your QMS into compliance with the ISO 9001 standard
Trang 3However, if you don't have a quality management system
or you're starting from scratch, we suggest that you use an
ISO 9001 process-based QMS development plan to develop your quality management system
Once your QMS has been fully developed and implemented, you may wish to carry out an internal compliance audit to ensure that it complies with the ISO 9001 2008 requirements Once you're sure that your QMS is fully compliant, you're ready
to ask a registrar (certification body) to audit the effectiveness
of your QMS If your auditors like what they see, they will
certify that your QMS has met ISO's requirements.
While ISO 9001 is specifically designed to be used for
certification purposes, you don't have to become certified ISO does not require formal certification (registration) You can simply establish a compliant QMS and then announce
to the world that it complies with the ISO 9001 standard Of course, your compliance claim may have more credibility
in the marketplace if an independent registrar has
audited your QMS and agrees with your claim
Why is ISO 9000 Important?
ISO 9000 is important because of its orientation While
the content itself is useful and important, the content
alone does not account for its widespread appeal.
ISO 9000 is important because of its international orientation
Currently, ISO 9000 is supported by national standards bodies from more than 150 countries This makes it the logical choice for any organization that does business internationally or that serves customers who demand an international standard
of excellence.
ISO is also important because of its systemic orientation
We think this is crucial Many people wrongly emphasize
motivational and attitudinal factors The assumption is that quality can only be created if workers are motivated and have the right attitude This is fine, but it doesn't go far enough Unless you institutionalize the right attitude by supporting
it with the right policies, procedures, records, technologies, resources, and structures, you will never achieve the standards
of quality that other organizations seem to be able to achieve
Unless you establish a quality attitude by creating a quality
Trang 4management system, you will never achieve a world-class
standard of quality.
Simply put, if you want to have a quality attitude you must
have a quality system This is what ISO recognizes, and
this is why ISO 9000 is important
Trang 5ISO 9000 2005 Quality Management
Principles Translated into Plain English
According to ISO 9000, the ISO 9001 and 9004 standards are based on
eight quality management principles These principles were chosen
because they can be used to improve performance and achieve success
But how can you ensure that your organization applies these principles? The answer is to establish a quality management system that meets the
ISO 9001 2008 standard If you do so, your organization will automatically apply these principles This is because they permeate the ISO 9001 standard and will therefore be built into any quality system that is based on this standard So if you want to improve the performance
of your organization, you need to develop and implement an
ISO 9001 2008 quality management system that applies the eight principles listed below
1 Focus
on your
customers
Organizations rely on customers Therefore:
• Organizations must understand customer needs.
• Organizations must meet customer requirements.
• Organizations must exceed customer expectations.
2 Provide
leadership
Organizations rely on leaders Therefore:
• Leaders must establish a unity of purpose and
set the direction the organization should take.
• Leaders must create an environment that encourages
people to achieve the organization's objectives.
3 Involve
your
people
Organizations rely on people Therefore:
• Organizations must encourage the
involvement of people at all levels.
• Organizations must help people to
develop and use their abilities.
• Organizations must use a process approach
to manage activities and related resources.
Trang 6• Organizations must identify interrelated
processes and treat them as a system
• Organizations must use a systems approach
to manage their interrelated processes.
• Organizations must make a permanent commitment
to continually improve their overall performance.
7 Get the facts
before you
decide
Organizations perform better when their decisions are based on facts Therefore:
• Organizations must base decisions on the
analysis of factual information and data.
8 Work
with your
suppliers
Organizations depend on their suppliers
to help them create value Therefore:
• Organizations must maintain a mutually
beneficial relationship with their suppliers.
Trang 7ISO 9001 2008 vs ISO 9001 2000
ISO 9001 2008 and ISO 9001 2000 use the same numbering system
to organize the ISO 9001 2008 and ISO 9001 2000 use the same numbering
system
to organize the standard As a result, the new standard looks much like the old standard However, some important clarifications and modifications were made These changes are summarized below
Outsourced Processes
The process approach continues to be of central importance to
ISO 9001 And since outsourcing has become increasingly common during the last few years, the new ISO 9001 standard has expanded its discussion of outsourced processes (see ISO 9001 Part 4.1)
The new standard makes it clear that an outsourced process is
still part of your QMS even though it is performed by a party that
is external to your organization The new standard emphasizes
the need to ensure that outsourced processes comply with all
customer and legal requirements While the responsibility for
a process may have been outsourced, your organization is,
nevertheless, still responsible for ensuring that it meets all
customer, regulatory, and statutory requirements
While the old standard said that outsourced processes must be
controlled, the new standard goes further by expecting you also
to specify the type, nature, and extent of control ISO 9001 2008
also wants you to think carefully about how you’re going to control outsourced processes How you choose to control an outsourced
process should be influenced by the potential impact it could have
on your products, whether or not process control will be shared
with the process supplier, and whether or not adequate controls
can be contractually established using your purchasing process
Documentation
ISO 9001 2008, Part 4.2.1, makes it clear that QMS documentation
Trang 8includes not only the records required by the standard but also the records that your organization needs to have in order to be able to plan, operate, and control its QMS processes So the new standard has expanded the definition of documentation to include all QMS process records
Part 4.2.1 makes it clear that a single document may contain several procedures or several documents may be used to describe a single procedure While this has always been an option, the new standard makes this possibility explicit
ISO 9001 2000 Part 4.2.3 gave the impression that all external
documents needed to be identified and controlled This has now been clarified The new standard says that you need to identify and control the distribution of only those external documents that you need in order to be able to plan and operate your QMS In other
words, only relevant external QMS documents need to be
controlled, not all of them
Management Representative
ISO 9001 2000, Part 5.5.2, allowed you to appoint any member
of management to oversee the organization’s QMS Since the old standard did not explicitly say that the management representative must be a member of the organization’s own management, outsiders were sometimes appointed, instead This loophole has now
been closed
ISO 9001 2008 now makes it clear that the management representative must be a member of the organization’s own management Outsiders may no longer perform this important function
Competence
While both old and new standards stress the importance of
competence, the old standard wasn’t very clear about who they
were talking about Now it’s pretty clear that all QMS personnel must
be competent ISO 9001 2008, Part 6.2.1, makes it clear that any task within the QMS may directly or indirectly affect the organization’s ability or willingness to meet product requirements Since any
QMS task could directly or indirectly influence product quality,
the competence of anyone and everyone who carries out
any QMS task must be assured
Trang 9For ISO 9001 2000 (Part 6.3) the term infrastructure includes
buildings, workspaces, equipment, software, utilities, and support services like transportation and communications ISO 9001 2008 has now added information systems to the previous list of support services Both old and new standards expect you to provide the infrastructure (including information systems) that your
organization needs in order to ensure that product
requirements are being met
Work Environment
According to ISO 9001 2000, Part 6.4, you are expected to
manage the work environment that your organization needs
in order to be able to ensure that all product requirements are being met However, it failed to indicate exactly what they were talking about This problem has now been solved ISO 9001 2008
says that the term work environment refers to working conditions
These working conditions include physical and environmental conditions, as well as things like noise, temperature, humidity, lighting, and weather According to the new standard, all of
these conditions need to be managed in order to help
ensure that product requirements are being met
Customer Requirements
According to ISO 9001 2000, Part 7.2.1, you are expected to identify your customers’ specific delivery and post delivery requirements Since some people weren’t sure about what post delivery meant, the new standard has tried to clarify this
According to ISO 9001 2008, post delivery requirements include things like warranty provisions, contractual obligations (such as maintenance), and supplementary services (such as recycling and final disposal)
Design and Development Planning
Both old and new standards expect organizations to plan and perform product design and development review, verification,
Trang 10and validation activities (Part 7.3.1)
While each of these three activities serves a different purpose, ISO 9001 2008 makes it clear that these three activities can be carried out and recorded separately or in any combination as long as it makes sense for the product and the organization
Design and Development Outputs
Part 7.3.3 of ISO 9001 2000 wants you to make sure that the design and development process generates information
(outputs) that your purchasing, production, and service
provision processes need to have
ISO 9001 2008 now also says that design and development outputs could include information that explains how products can be preserved during production and service provision
Monitoring and Measuring Equipment
While ISO 9001 2008, Part 7.6, refers to the need to control
monitoring and measuring equipment, the old standard talked about controlling devices Since the term device can refer to
almost anything from a literary contrivance to a machine, its meaning wasn’t exactly clear The new ISO 9001 standard
has removed this ambiguity by using the term equipment
Both the old and the new standard wants you to confirm that monitoring and measuring software is capable of doing the job you want it to do In addition to this requirement, the new standard suggests (in a note) that configuration management and well established verification methods can be used to ensure the ongoing suitability of monitoring and measuring software However, this is not a requirement, just a statement that
explains how the ongoing suitability of software can
be maintained
Customer Satisfaction
Both old and new standards want you to monitor and
measure customer satisfaction (perceptions) A new note to