ISO 9001:

Quality Management

As customers become more sophisticated, better informed and their expectations grow, the only way your business can survive and prosper is by offering a commitment to quality

A Quality Management System (QMS) such as
ISO 9001:2008 provides a management framework that gives you the necessary controls to address risks and monitor and measure performance in your business. It can also help you to enhance your image and reputation and enable you to look for improvements through internal and external communications

ISO 9001:2008 QMS

ISO 9001:2008 QMS is the latest version of quality management system standard. It specifies requirements for a quality management system.

Every organization would like to improve the way it operates, whether that means increasing market share, driving down costs, managing risk more effectively or improving customer satisfaction. A quality management system gives you the framework you need to monitor and improve performance in any area you choose.

ISO 9001 is by far the world’s most established quality framework, currently being used globally, and sets the standard not only for quality management systems, but management systems in general.

Effective design of ISO 9001:2008

Transcendent Quality Consulting uses a unique Process Mapping Technique (Business Process flowcharting methodology) as the core principle to customise the ISO 9001:2008 Quality Management System for each client. 

Our effort is to tap the existing natural business flow as the framework to build the Quality Management System.

ISO 9001:2000 / ISO 9001:2008 requirements are then mapped into the established framework to identify where the individual requirements of the standard apply within the business.  Each requirement is examined to determine which part of the business process is affected by the requirement or already satisfies the requirement. This approach complements the existing working methods and organisation culture rather than an imposed bureaucracy of control solely developed for the sake of ISO 9001:2008 certification.

Benefits of ISO 9001:2008 Quality Management System Implementation using Transcendent Quality Consulting’s Process Mapping Technique include:

  • Integrated and aligned processes
  • Overall improvement in working efficiency and effectiveness
  • Basis for effective and efficient training
  • Easy to maintain
  • Meeting certification requirements
  • Basis for continual improvement
  • Foundation for implementation of business excellence models and best practices 
  • Foundation for integration with other management systems (environmental management system, occupational health & safety management system,  information security management system, business continuity management ...)

Role of effective Training

Each project involves a carefully planned combination of training and consultancy support.  Training provides the knowledge and skills transfer which is essential for the Quality Management System development, self sufficiency in system maintenance and long term success. A willing and motivated personnel is the best resource an organization needs for effective implementation of ISO 9001:2008 Quality Management System(QMS).

We ensure the human aspect of QMS is leveraged for best results.

Overview of ISO 9001:2008
The ISO 9001:2008 standard is meant to be generic and applicable to all kinds of organizations.  Therefore, organizations from both the public and private sectors, including non-governmental organizations can benefit from the ISO 9001 quality management system model, regardless of whether they are small, medium or large organizations.   

 

 

4.GENERAL REQUIREMENTS

4.1 DEVELOP YOUR QUALITY MANAGEMENT SYSTEM (QMS)

  • Establish your organization's QMS.
  • Document your organization's QMS.
  • Implement your organization's QMS.
  • Maintain your organization's QMS.
  • Improve your organization's QMS.

 

4.2. DOCUMENT YOUR QUALITY MANAGEMENT SYSTEM (QMS)

 

4.2.1 MANAGE QUALITY MANAGEMENT SYSTEM DOCUMENTS

  • Develop documents for your organization's QMS.
  • Make sure that your organization's QMS documents
    respect and reflect what you do and how you do it.

4.2.2 PREPARE QUALITY MANAGEMENT SYSTEM MANUAL

  • Establish a quality manual for your organization.
  • Maintain your organization's quality manual.

4.2.3 CONTROL QUALITY MANAGEMENT SYSTEM DOCUMENTS

  • Control your organization's QMS documents.
  • Control documents that are used as QMS records.

4.2.4 ESTABLISH QUALITY MANAGEMENT SYSTEM RECORDS

  • Establish your organization's QMS records.
  • Establish a procedure to control your QMS records.
5. MANAGEMENT REQUIREMENTS

5.1 SHOW YOUR COMMITMENT TO QUALITY
 
  • Support the development of your organization's QMS.
  • Support the implementation of your organization's QMS.
  • Support efforts to continually improve the effectiveness of your organization's QMS.

5.2 FOCUS ON YOUR CUSTOMERS

  • Enhance customer satisfaction by ensuring that customer requirements are being identified.
  • Enhance customer satisfaction by ensuring  that customer requirements are being met.

5.3 SUPPORT YOUR QUALITY POLICY
  • Ensure that your organization's quality policy serves its overall purpose.
  • Ensure that your quality policy makes it clear that requirements must be met.
  • Ensure that your quality policy makes a commitment to continually improve the effectiveness of your QMS.
  • Ensure that your quality policy supports your organization's quality objectives.
  • Ensure that your quality policy is communicated and discussed throughout your organization.
  • Ensure that your quality policy is periodically reviewed to make sure that it is still suitable.

 

5.4 CARRY OUT YOUR QMS PLANNING

5.4.1 ESTABLISH QUALITY OBJECTIVES

  • Support the establishment of quality objectives.
  • Establish quality objectives for your organization.
  • Make sure that your quality objectives are effective.

5.4.2 PLAN QUALITY MANAGEMENT SYSTEM (QMS)

  • Plan the establishment of your QMS.
  • Plan the documentation of your QMS.
  • Plan the implementation of your QMS.
  • Plan the maintenance of your QMS.
  • Plan the continual improvement of your QMS.
 

5.5 ALLOCATE QMS RESPONSIBILITY AND AUTHORITY
 

5.5.1 DEFINE RESPONSIBILITIES AND AUTHORITIES

  • Ensure that QMS responsibilities and authorities are defined.
  • Ensure that QMS responsibilities and authorities are communicated throughout your organization.

5.5.2 CREATE MANAGEMENT REPRESENTATIVE ROLE

  • Appoint a member of your organization's management to oversee your QMS.
  • Give your management representative authority over and responsibility for your organization's QMS.

5.5.3 SUPPORT INTERNAL COMMUNICATION

  • Ensure that appropriate communication processes are established within your organization.

Ensure that internal communication occurs throughout your organization.
 
5.6 PERFORM QMS MANAGEMENT REVIEWS
 

5.6.1 REVIEW QUALITY MANAGEMENT SYSTEM (QMS)

  • Carry out management reviews of your organization's QMS at planned intervals.
  • Evaluate improvement opportunities.
  • Assess the need to make changes.
  • Maintain a record of your management reviews.

5.6.2 EXAMINE MANAGEMENT REVIEW INPUTS

  • Examine information about your QMS (inputs).

5.6.3 GENERATE MANAGEMENT REVIEW OUTPUTS

  • Generate management review decisions and actions (outputs) to improve your organization.
  • Generate management review decisions and actions (outputs) to change your general quality orientation.
Generate management review decisions and actions (outputs) to address resource needs.

6.
RESOURCE
REQUIREMENTS

6.1 PROVIDE REQUIRED QMS RESOURCES

 
  • Identify the resources that your QMS needs.
  • Provide the resources that your QMS needs.

 

6.2 PROVIDE COMPETENT QMS PERSONNEL

 

6.2.1 ENSURE THE COMPETENCE OF WORKERS

  • Ensure the competence of anyone within your QMS who could directly or indirectly affect your ability to meet product requirements.

6.2.2 MEET COMPETENCE REQUIREMENTS

  • Identify the competence requirements of personnel within your QMS who perform work that could directly or indirectly affect your organization's ability to meet product requirements.
  • Provide training, or take other suitable steps, to meet your organization's QMS competence requirements.
  • Evaluate the effectiveness of your organization's QMS training and awareness activities.
  • Maintain suitable records which show that personnel within your QMS are competent.

 

6.3 PROVIDE NECESSARY INFRASTRUCTURE

 
  • Identify the infrastructure that your organization needs in order to ensure that product requirements are met.
  • Provide the infrastructure that your organization needs in order to ensure that product requirements are met.
  • Maintain the infrastructure that your organization needs in order to ensure that product requirements are met.
 

6.4 PROVIDE SUITABLE WORK ENVIRONMENT

 
  • Identify the work environment that your organization needs in order to ensure that product requirements are met.
  • Manage the work environment that your organization needs in order to ensure that product requirements are met.

7.
REALIZATION
REQUIREMENTS

7.1 CONTROL PRODUCT REALIZATION PLANNING

 
  • Establish a product realization planning process.
  • Use your product realization planning process to plan the realization of your organization's products.
  • Prepare planning outputs that are suitable and consistent with your organization's methods.
  • Develop the processes that you will need to use in order to realize products.

 

7.2 CONTROL CUSTOMER-RELATED PROCESSES

 

7.2.1 IDENTIFY YOUR UNIQUE PRODUCT REQUIREMENTS

  • Identify the requirements that your customers want you to comply with.
  • Identify the requirements that are dictated by your product's intended use or purpose.
  • Identify the requirements that are imposed on your products by external agencies.
  • Identify any additional requirements that are important to your organization and must be met.

7.2.2 REVIEW CUSTOMERS' PRODUCT REQUIREMENTS

  • Review your customers' product requirements.
  • Maintain a record of your product requirement reviews.
  • Control changes in customers' product requirements.

7.2.3 COMMUNICATE WITH YOUR CUSTOMERS

  • Establish customer communication arrangements.
  • Implement customer communication arrangements.

 

7.3 CONTROL PRODUCT DESIGN AND DEVELOPMENT

 

7.3.1 PLAN PRODUCT DESIGN AND DEVELOPMENT

  • Plan the design and development of your products.
  • Control the design and development of your products.
  • Update your planning outputs whenever product design
    and development progress makes this necessary.

7.3.2 IDENTIFY DESIGN AND DEVELOPMENT INPUTS

  • Define product design and development inputs.
  • Maintain a record of design and development inputs.
  • Review your product design and development inputs.

7.3.3 GENERATE DESIGN AND DEVELOPMENT OUTPUTS

  • Produce product design and development outputs.
  • Approve product design and development outputs before they are formally released.
  • Verify that product design and development outputs meet design and development input requirements.

7.3.4 CARRY OUT DESIGN AND DEVELOPMENT REVIEWS

  • Perform systematic design and development reviews throughout the design and development process.
  • Maintain a record of design and development reviews.

7.3.5 PERFORM DESIGN AND DEVELOPMENT VERIFICATIONS

  • Carry out design and development verifications.
  • Maintain a record of design and development verifications.

7.3.6 CONDUCT DESIGN AND DEVELOPMENT VALIDATIONS

  • Perform design and development validations.
  • Maintain a record of design and development validations.

7.3.7 MANAGE DESIGN AND DEVELOPMENT CHANGES

  • Identify changes in design and development.
  • Record changes in design and development.
  • Review changes in design and development.
  • Verify changes in design and development.
  • Validate changes in design and development.
  • Approve changes in design and development before you implement these changes.

 

7.4 CONTROL PURCHASING AND PURCHASED PRODUCTS

 

7.4.1 ESTABLISH CONTROL OF YOUR PURCHASING PROCESS

  • Establish criteria that you can use to control suppliers.
  • Evaluate your suppliers' ability to supply products that meet your organization's requirements.
  • Select suppliers that are capable of supplying products that meet your organization's specified requirements.
  • Make sure that purchased products meet specified purchase requirements.

7.4.2 SPECIFY YOUR PURCHASING REQUIREMENTS

  • Describe your purchasing requirements.
  • Ensure that purchasing requirements are adequately specified before you discuss them with suppliers.

7.4.3 VERIFY YOUR PURCHASED PRODUCTS

  • Establish product verification or inspection methods in order to ensure that purchased products meet purchase requirements.
  • Implement product verification or inspection methods in order
    to ensure that purchased products meet purchase requirements.

 

7.5 CONTROL PRODUCTION AND SERVICE PROVISION

7.5.1 ESTABLISH CONTROL OF PRODUCTION AND SERVICE

  • Carry out production under controlled conditions.
  • Carry out service provision under controlled conditions.

7.5.2 VALIDATE PRODUCTION AND SERVICE PROVISION

  • Validate production and service provision processes whenever process outputs cannot be measured, monitored, or verified until after the product is in use or the service has been delivered (such a process is often referred to as a special process).
  • Establish arrangements to control special processes.

7.5.3 IDENTIFY AND TRACK YOUR PRODUCTS

  • Establish the unique identity of your organization's products (if appropriate).
  • Identify the monitoring and measurement status of your organization's products.

7.5.4 PROTECT PROPERTY SUPPLIED BY CUSTOMERS

  • Identify property supplied to you by customers.
  • Verify property supplied to you by customers.
  • Protect property supplied to you by customers.
  • Safeguard property supplied to you by customers.

7.5.5 PRESERVE YOUR PRODUCTS AND COMPONENTS

  • Make sure that your products and components continue to conform to requirements while they are being processed internally.
Make sure that your products and components continue to conform to requirements while they are being delivered to the intended destination.

 

7.6 CONTROL MONITORING AND MEASURING EQUIPMENT

 
  • Identify your organization's monitoring and measuring needs and requirements.
  • Select equipment that can meet your organization's monitoring and measuring needs and requirements.
  • Establish monitoring and measuring processes.
  • Calibrate your monitoring and measuring equipment whenever necessary to ensure that results are valid.
  • Protect your monitoring and measuring equipment.
  • Confirm that monitoring and measuring software is capable of doing the job you want it to do.
  • Evaluate the validity of previous measurements whenever you discover that your measuring or monitoring equipment is out-of-calibration.

8.
REMEDIAL
REQUIREMENTS

8.1 ESTABLISH MONITORING AND MEASUREMENT PROCESSES

 
  • Identify the monitoring, measurement, and analytical processes that your organization needs to have in order to be able to demonstrate conformity and make improvements.
  • Plan how monitoring, measurement, and analytical processes will be used to demonstrate conformity and make improvements.
  • Implement your organization's monitoring, measurement, and analytical processes.
 

8.2 CARRY OUT MONITORING AND MEASUREMENT ACTIVITIES

 

8.2.1 MONITOR AND MEASURE CUSTOMER SATISFACTION

  • Establish methods that you can use to monitor and measure customer satisfaction (perceptions).
  • Monitor and measure customer satisfaction.

8.2.2 PLAN AND PERFORM REGULAR INTERNAL AUDITS

  • Establish an internal audit procedure.
  • Carry out internal audits of your QMS.
  • Take action to address audit results.

8.2.3 MONITOR AND MEASURE YOUR QMS PROCESSES

  • Select suitable methods to monitor and measure the processes that make up your organization's QMS.
  • Monitor and measure your QMS processes.
  • Take appropriate action whenever your QMS processes fail to achieve planned results.

8.2.4 MONITOR AND MEASURE PRODUCT CHARACTERISTICS

  • Monitor your organization's product characteristics.
  • Measure your organization's product characteristics.

 

8.3 IDENTIFY AND CONTROL NONCONFORMING PRODUCTS

 
  • Establish a nonconforming products procedure.
  • Document your nonconforming products procedure.
  • Implement your nonconforming products procedure.
  • Maintain your nonconforming products procedure.

 

8.4 COLLECT AND ANALYZE QUALITY MANAGEMENT DATA

 
  • Figure out what kind of data you need to collect about your organization's QMS.
  • Collect data about your organization's QMS.
  • Provide information by analyzing your QMS data.

ISO 9001 Changes
The following changes have been made to ISO 9001 :

Section

Changes

0.1
Para. 3

Statement of where and who can use the standard now includes statutory requirements as well as customer and regulatory and clarifies that these requirements are restricted to those applicable to the product

0.4

A comment has been added that the development of ISO 9001:2008 made due consideration to ISO 14001:2004

1.1 & 1.2

Again, statutory requirements have been added (as in 0.1) and Note 1 has been amended to include comments regarding purchased product as well as product from realisation processes. Note 2 has been added explaining that statutory and regulatory requirements may be expressed as legal requirements

2

The reference to ISO 9000 now states the fact that is at version 2005

3

The explanation of who the ‘customer’, ‘organisation’ and ‘supplier’ are, has been removed

4.1

a) The word ‘identify’ has been replaced with ‘determine’
The statement regarding outsourced processes has been slightly re-worded but the intent is the same. Note 2 has been added to reflect the fact that outsourced processes may be linked to clause 7.4 (purchasing) and Note 3 expands on the type of control that may be applied to outsourced processes in order to ensure control over them

4.2.1

The wording has been slightly re-modelled but the intent stays the same.
Note 2 has been added to clarify that a single document may include the requirements for
one or more procedures. A requirement for a documented procedure may be covered by more than one document. e.g. you may combine the documented procedures for corrective and preventive action if you wish

4.2.3 f

Clarification that the external documents referred to are those needed for use in the QMS

4.2.4

This clause has been significantly reduced in length but the requirement remains unchanged

5.1 a

The word statutory has again been added

5.5.2

The requirement that the management representative needs to be a member of the organisation’s management has been added

6.2

Change in title but keeps same words (change in their order)
Where the current version mentions ‘… affecting product quality’, it now states ‘… affecting conformity to product requirements’.
6.2.2 b) now states that ‘where applicable’ training needs to be provided to achieve the ‘necessary competence’
6.2.2 c) now requires that the achievement of competence has been ensured rather than checking the effectiveness of training

6.3

c) now includes information systems

6.4

A note has been added to clarify what work environment includes and gives some examples such as noise, temperature, humidity

7.1 c

The word measurement has been added

7.2.1

a) slightly re-worded
c) the word ‘related’ has changed to ‘applicable’
d) the statement about additional requirements determined by the organisation becomes ‘considered necessary’ by the organisation
A note has been added to explain what the phrase ‘post delivery activities’ may include i.e. warranty provisions, etc

7.3.1

A note has been added to explain that design review, verification and validation are separate activities though they may be performed separately or in any combination e.g. verification and validation may be performed together

7.3.2

‘These’ inputs becomes ‘the’ inputs (last para)

7.3.3

The word ‘provided’ has been removed and the phrase ‘suitable for’ replaces ‘that enables’
b) the word ‘for’ (service provision) has been removed
A note has been added regarding the inclusion of ‘preservation of product’

7.5.3

An added requirement to clarify that inspection and test status must be identified ‘throughout product realisation’
Slight re-wording of record requirement under traceability

7.5.4

Re-wording of the requirement to inform the customer if there is a problem and keep records
The phrase ‘and personal data’ has been added to the note about intellectual property

7.5.5

Re-wording of ‘conformity of’ to ‘in order to maintain conformity to requirements’
‘Where appropriate, this’ has changed to ‘as applicable’

7.6

The word ‘devices’ in the title has been changed to ‘equipment’
The reference to 7.1 has been removed
c) ‘be identified to enable the’ has been changed to ‘have identification to enable their’
Note 1 has been amended to remove the reference to ISO 10012-2 and has been replaced by a Note 3 to explain about the verification and configuration management of computer software (where it is used to monitor and measure)

8.2.1

A Note has been added to provide some ideas as to how customer satisfaction can be measured

8.2.2

The requirement for a documented procedure has been re-worded but remains unchanged
A requirement for records of the audits and their results has been added
A requirement for management responsible for the area audited to ensure that ‘necessary corrections and corrective actions’ has been added
The Note that makes reference to the fact that ISO 10011 has changed and now refers to ISO 19011

8.2.3

The phrase ‘to ensure conformity of the product’ has been removed
A Note has been added to explain that the organisation should consider the type of monitoring and measuring of processes and the extent to which they affect quality and the QMS

8.2.4

The requirement to ‘maintain evidence of conformity with acceptance criteria’ has moved but is still a requirement.

Clarification of the fact that product release/service delivery is ‘to the customer’ has been added
 

8.3

The requirement for a documented procedure has been re-worded but remains unchanged
The phrase ‘where applicable’ has been added to the methods for dealing with nonconforming product
The requirement to deal with nonconforming product discovered after delivery has been moved to be bullet point d) but is unchanged
The records requirement has moved but is unchanged

Summary
As can be seen from the list of changes, there are very few of any consequence and most organisations will have little problem adapting their system to satisfy these changes.

 

FAQ (ISO9001:2008)

What is ISO?
The International Organization for Standardization (ISO) was established in 1947 and is (currently) an association of approximately 157 members, which each represent their own country. ISO employs a system of Technical Committees, Sub-committees and Working Groups to develop International Standards. Besides the National Standards Bodies, ISO permits other international organizations that develop standards to participate in its work, by accepting them as Liaison members. ISO works in accordance with an agreed set of rules of procedure, the ISO/IEC Directives, which also include requirements on the presentation of standards.

Who are the National Standards Bodies, and who represents my country at ISO?
Please see the relevant page on ISO website that gives details, including contact information, of the National Standards Bodies.

Where can copies of the supporting ISO 9000 guidance notes or other documents be found ?
Copies of the ISO 9000 Introduction and Support Package modules:

as well as details of the Quality Management Principles can be found at:www.iso.org/tc176/sc2
Copies of the ISO 9001 Auditing Practices Group guidance notes.  
Copies of the sanctioned ISO/TC 176 sanctioned “Interpretations” of ISO 9001 can be found at: http://www.tc176.org/

Why are the standards being revised?
ISO’s formal review process:
  • Requires continual review to keep standards up to date. Must be initiated within 3 years of publication of a standard.

User inputs from:

  • A global user questionnaire/survey
  • A market Justification Study
  • Suggestions arising from the interpretation process
  • Opportunities for increased compatibility with ISO 14001
  • The need for greater clarity, ease of use, and improved translation

Current trends:

  • Keeping up with recent developments in management system practices.

Who is responsible for revising the standards?
The revision process is the responsibility of ISO Technical Committee no.176, Sub-committee no.2 (ISO/TC 176/SC 2) and is conducted on the basis of consensus among quality and industry experts nominated by ISO Member bodies, and representing all interested parties.

When will the revised standards be available?
The revised quality management system standards (ISO 9000, 9001 and 9004) are scheduled as follows:

  • ISO 9000:2005 already published – no major changes expected for 2009
  • ISO 9001:2008 (an “amendment”) published on 14th November 2008.
  • More significant changes are planned for ISO 9004 (a “revision”) to be published in mid 2009.
Where can my organization go if it needs additional clarification or interpretation of the ISO 9001:2008 standard?
The starting point for any individual request for an interpretation should be with the enquirer's National Standards Body. ISO Central Secretariat and ISO/TC 176/SC 2 cannot accept direct requests from individuals for interpretations of the ISO 9000 standards. ISO/TC 176 has a Working Group that only accepts formal requests for interpretations from the National Standards Bodies. The agreed interpretations can be found at http://www.tc176.org/.

Will my organization have to re-write all its documentation?
No. ISO 9001:2008 doesn’t introduce major changes to the requirements, when compared to ISO 9001:2000. However, to benefit from the changes, we suggest you get acquainted with the new version of the standard and the clarifications introduced. If, during your analysis of the clarifications you find there are differences from your current interpretation of ISO 9001:2000, then you should analyse the impact on your current documentation and make the necessary arrangements to update it. It is intended that the amendment of ISO 9001 will have minimal or no impacts on documentation.

What are the benefits of the revised standards?
For ISO 9001:2008 the major benefits are:

  • Simple to use
  • Clear in language
  • Readily translatable and easily understandable
  • Compatibility with other management systems such as ISO 14001.

For ISO 9004:

  • Facilitates improvement in users’ quality management systems.
  • Provides guidance to an organization for the creation of a quality management system that:
    - creates value for its customers, via the products it provides
    - creates value for all other interested parties
    - balances all interested-party viewpoints.
  • Provides guidance for managers on leading their organization towards sustained success.
  • Forward compatibility to allow organizations to build on existing quality management systems.
What are the main changes in ISO 9001:2008?
ISO 9001:2008 has been developed in order to introduce clarifications to the existing requirements of ISO 9001:2000 and changes that are intended to improve compatibility with ISO 14001:2004. ISO 9001:2008 does not introduce additional requirements nor does it change the intent of the ISO 9001:2000 standard.
Certification to ISO 9001:2008 is not an “upgrade”, and organizations that are certified to ISO 9001:2000 should be afforded the same status as those who have already received a new certificate to ISO 9001:2008
All changes between ISO 9001:2000 and ISO 9001:2008 are detailed in Annex B to ISO 9001:2008.

Why is the requirement for monitoring "customer satisfaction" included in ISO 9001?
"Customer satisfaction" is recognized as one of the driving criteria for any organization. In order to evaluate if a product meets customer needs and expectations, it is necessary to monitor the extent of customer satisfaction. Improvements can be made by taking action to address any identified issues and concerns.

Can the standards improve "customer satisfaction"?
The quality management system details that are described in the standards are based on Quality Management Principles that include the "process approach" and "customer focus". The adoption of these principles should provide customers with a higher level of confidence that products will meet their needs and increase their satisfaction.

What is meant by "continual improvement"?
Continual improvement is the process focused on continually increasing the effectiveness and/or efficiency of the organization to fulfil its policies and objectives. Continual improvement (where "continual" highlights that an improvement process requires progressive consolidation steps) responds to the growing needs and expectations of the customers and ensures a dynamic evolution of the quality management system.

What is a process?
Any activity or operation, which receives inputs and converts them to outputs, can be considered as a process.  Almost all activities and operations involved in generating a product or providing a service are processes.
For organizations to function, they have to define and manage numerous inter-linked processes. Often the output from one process will directly form the input into the next process.  The systematic identification and management of the various processes employed within an organization, and particularly the interactions between such processes, may be referred to as the ‘process approach’ to management.
For further information, refer to the paper Guidance on the Concept and Use of the Process Approach, available from www.iso.org/tc176/sc2. What is the "process approach"?
The "process approach" is a way of obtaining a desired result, by managing activities and related resources as a process. The "process approach" is a key element of the ISO 9000 standards. For further guidance, please refer to the ISO 9000 Introduction and Support Package module: Guidance on the Concept and Use of the Process Approach for management systems.

Can the "process approach" be applied to other management systems?
Yes. The "process approach" is a generic management principle, which can enhance an organization’s effectiveness and efficiency in achieving defined objectives.

How can the PDCA cycle be used in the "process approach"?
The PDCA cycle is an established, logical, method that can be used to improve a process.
This requires:

  • (P) planning (what to do and how to do it),
  • (D) executing the plan (do what was planned),
  • (C) checking the results (did things happened according to plan) and
  • (A) act to improve the process (how to improve next time).

The PDCA cycle can be applied within an individual process, or across a group of processes.

Can any organization apply the "process approach"?

Yes. Many organizations already apply a "process approach" without recognizing it. They could achieve additional benefits by understanding and controlling it.  

Why should an organization apply the "process approach"?

By applying the "process approach" an organization should be able to obtain the following types of benefits:

  • The integration and alignment of its processes to enable the achievement of its planned results.
  • An ability to focus effort on process effectiveness and efficiency.
  • An increase in the confidence of customers and other interested parties as to the consistent performance of the organization.
  • Transparency of operations within the organization.
  • Lower costs and shorter cycle times through effective and efficient use of resources.
  • Improved, consistent and predictable results.
  • The identification of opportunities for focused and prioritized improvement initiatives.
  • The encouragement and involvement of people, and the clarification of their responsibilities.
  • The elimination of barriers between different functional units and the unification of their focus to the objectives of the organization.
  • Improved management of process interfaces.

What is meant by the “sequence” of processes and their "interactions"?
The "sequence" of processes shows how the processes follow, or link, to each other to result in a final output.
For example, the output from one process may become the input of the next process or processes.
The "interactions" show how each process affects or influences one or more of the other processes. For example, the monitoring or controlling of a process may be established in a separate process.

How can the processes in an organization be determined?
Identify the organization's intended outputs, and the processes needed for achieving them. These will need to include processes for Management, Resources, Realization and Measurement and Improvement.

  • Identify all process inputs and outputs, along with the suppliers and customers, who may be internal or external.
  • Identify the sequence and interactions of the processes.
Should an organization define and document all its processes?
The main purpose of documentation is to enable the consistent and stable operation of an organization's processes.
Although statutory, standards' or customer requirements may require certain documentation, there is no defined “catalogue”, or list of processes that has to be documented in ISO 9001, apart from the 6 indicated ones.
The organization should determine which processes are to be documented on the basis of:  
  • The size of the organization and type of its activities,
  • The complexity of its processes and their interactions,
  • The criticality of the processes and
  • Availability of competent personnel.

A number of different methods can be used to document processes, such as graphical representations, written instructions, checklists, flow charts, visual media, or electronic methods.

How much detail is required in process documentation?
The extent of detail is likely to depend upon factors such as:
  • the size of an organisation and its types of activities,
  • the complexity of its processes and their interactions, and
  • the competence (level of education, training, skills and experience) of its personnel.

Is there a standard way of describing a process?
No, there is no standard way to describe a process. It depends on the culture, management style, staff literacy, personal attributes and their interactions.
A process may be described using a flow chart, block diagram, responsibility matrix, written procedures or pictures.
Process flowcharts or block diagrams can show how policies, objectives, influential factors, job functions, activities, material, equipment, resources, information, people and decision making interact and/or interrelate in a logical order.

What should an organization do to adopt the "process approach"?
To adopt the "process approach" an organization should apply the following steps:

  • Identify the processes of the organization,
  • Plan the processes,
  • Implement and measure the processes,
  • Analyse the processes,
  • Improve the processes.

What is a "process owner"?
A person who is given the responsibility and authority for managing a particular process is sometimes referred to as the "process owner".
It may be useful for an organization's Management to appoint individual "process owners" and to define their roles and responsibilities; these should include the responsibility for ensuring the implementation, maintenance and improvement of their specific process and its interactions.
It should be noted, however, that ISO 9001:2008 does not specifically require the appointment of "process owners".

How can a process be measured?
There are various methods of measuring process controls and process performance, ranging from simple monitoring systems up to sophisticated statistically based systems (e.g. statistical process control, or SPC, systems). The selection and use of any particular method will be dependent on the nature and complexity of an organization's processes and products. The effectiveness of an individual process may be measured by the conformity of its output or product to customer requirements. Its efficiency may be measured from its use of resources. In all cases the measurement of the process determines if its (measurable) objectives have been achieved. Sometimes it only requires monitoring to confirm process operations.
Typical factors that are useful to consider when identifying measures of process control and process performance include:  

  • Conformity with requirements,
  • Customer satisfaction,
  • Supplier performance,
  • On time delivery,
  • Lead times,
  • Failure rates,
  • Waste,
  • Process costs.
  • Incident frequency
What is the difference between a "process" and a "procedure"?
A "process" may be explained as a set of interacting or interrelated activities, which are employed to add value. A "procedure" is a method of describing the way or How in which all or part of that process activities shall/should be performed.
ISO 9000:2005 defines a procedure as a "specified way to carry out an activity or a process", which does not necessarily have to be documented.

An organization has a well-established set of procedures. Can these procedures be used to help describe its processes?
Yes, if the procedures describe inputs and outputs, appropriate responsibilities, controls and resources needed to satisfy customer requirements.

What documentation is required by ISO 9001?
ISO 9001:2008 refers specifically to only 6 documented procedures; however, other documentation (including more documented procedures not specifically mentioned in ISO 9001:2008) may be required by an organization, in order to manage the processes that are necessary for the effective operation of the quality management system. This will vary depending on the size of the organization, the kind of activities in which it is involved and their complexity. For further guidance, please also refer to the ISO 9000 Introduction and Support Package module "Guidance on the Documentation Requirements of ISO 9001:2008"

What does an organization need to do to comply with ISO 9001?

When initially starting to use ISO 9001, an organization should familiarize its personnel with the Quality Management Principles, analyze the standards (especially ISO 9000 and ISO 9004), and consider how their guidance and requirements may affect your activities and related processes. If it then wishes to proceed to registration/certification, it should perform a gap analysis against the requirements of ISO 9001 to determine where its current quality management system does not address the applicable ISO 9001:2008 requirements, before developing and implementing additional processes to ensure that compliance will be achieved.

What will happen to the 2000 version of ISO 9001?
ISO 9001:2008 will supersede ISO 9001:2000 However, noting the IAF/ISO-CASCO/ISO TC176 agreement that accredited certification to the 2000 edition should remain possible for up to 2 years (i.e. 14th November 2010) after the publication of ISO 9001:2008, copies of the 2000 edition will still be available on request from ISO and the national standards bodies during that period, and possibly for even longer.

Can organizations remain certified/registered to the 2000 version?
Yes. Certification to ISO 9001:2008 is not an “upgrade”, and organizations that are certified to ISO 9001:2000 should be afforded the same status as those who have already received a new certificate to ISO 9001:2008. However, certificates to ISO 9001:2000 will only remain valid until 2 years after the publication of ISO 9001:2008 (i.e. 14th November 2010).

What will happen to the other standards and documents in the current (2000) ISO 9000 family?
The four primary standards of the current ISO 9000 family are the following:

  • ISO 9000:2005 already published – no major changes expected for 2009
  • ISO 9001:2000 to be superseded by ISO 9001:2008
  • More significant changes are planned for ISO 9004 with a planned publication date of late 2009.
  • ISO 19011:2002 is currently beginning the revision process, with a new version expected in 2011.

The other standards and documents will be reviewed and updated as necessary

Is an organization's ISO 9001 certificate applicable to all of its products ?
When an organization seeks to have its quality management system registered/certified to ISO 9001:2008, it is required to agree a "scope of certification" with its registrar/certification body. This will define the products to which the organization's quality management system is applicable, and against which it will be assessed. An organization is not obliged to include within its "scope of certification" all the products that it provides (note that the ISO 9000:2005 definition of "Product" includes "services"), but may be selective about those that are included. All applicable requirements of ISO 9001:2008 will need to be addressed by the organization's quality management system that covers those products that are included in the "scope of certification".
Customers should ensure that a potential supplier's "scope of certification" covers the products that they wish to order. Caveat Emptor!

What can an organization do if it is not able to comply with all of the requirements of ISO 9001?
ISO 9001 allows for the exclusion of some of its requirements (via clause 1.2 “Application”), but only if it can be shown that these requirements are not applicable to the organization.
Exclusions are limited to the requirements given in Section 7 ("Product Realization"), where individual requirements may only be excluded if it can be shown that they do not affect the organization's ability to provide product that meets customer and applicable statutory or regulatory requirements. Justification for such exclusions is also required to be detailed within the organization's quality manual.
For example, if design activities are not required by an organization to demonstrate its capability to meet customer and applicable statutory /regulatory requirements, or if its product is provided on the basis of established design, then it may be able to exclude some of the "design" requirements but still be able to be registered/certified to ISO 9001:2008.
For further guidance, see the ISO 9000 Introduction and Support Package module: Guidance on ISO 9001:2008 clause 1.2 'Application'.

How are the standards applicable to organizations that provide services. ?
The standards are applicable to all types of organizations, operating in all types of sectors, including service providers.
(Note: the definition of the term 'product' in ISO 9000:2005 also includes 'services'. ISO 9001:2008 and ISO 9004:2000 have been written to reflect this definition.)

My organization provides services. Is the new ISO 9001:2008 applicable to us?
ISO 9001 is equally appropriate to all sectors, including service providers. The standard is applicable to all types of organizations.

How will ISO 9001:2008 relate to the needs of specific business sectors?
ISO 9001:2008 remains compatible with the existing management systems standards for specific business sectors like ISO/TS 16949, AS 9000/EN 9100 and TL 9000.
Users of a specific sector scheme are recommended to refer to the organization that is responsible for that sector scheme, e.g. for:

  • ISO/TS 16 949 refer to the IATF,
  • TL 9000 refer to the QuEST Forum
  • For AS 9000/EN 9100 refer to the IAQG
My organisation fulfils the ISO 9001:2000 requirements. What do I need to do?
An organization who’s QMS fulfils the requirements of ISO 9001:2000 should check that they are following the clarifications introduced in the amended standard ISO 9001:2008.
ISO 9001:2008 has been developed in order to introduce clarifications to the existing requirements of ISO 9001:2000. It does not introduce additional requirements nor does it change the intent of the ISO 9001:2000 standard.

What is the impact of ISO 9001:2008 on certification?
Certification to ISO 9001:2008 is not an “upgrade”, and organizations that are certified to ISO 9001:2000 should be afforded the same status as those who have already received a new certificate to ISO 9001:2008.
ISO and the International Accreditation Forum (IAF) have agreed the following “Implementation Plan” with respect to accredited certification to ISO 9001:2008:
“Accredited certification to the ISO 9001:2008 can be granted from 14th November 2008  
Validity of existing certifications to ISO 9001:2000 upto 14th November 2010 
From 14th November 2009 onwards all accredited certifications issued (new certifications or re-certifications) shall be to ISO 9001:2008.
Twenty four months after publication by ISO of ISO 9001:2008 (i.e. 14th November 2010), any existing certification issued to ISO 9001:2000 shall not be valid.

Is there any way I can participate in the development of standards?
Yes. If you are interested you should contact your National Standards Body for further details.
Information on ISO’s member National Standards Bodies can be found at: http://www.iso.org/iso/about/iso_members.htm


Copyright © TRANSCENDENT QUALITY CONSULTING. All Rights Reserved.
Site Developed by www.mesotek.com