ISO 9001:2008 FAQ
What Is The ISO 9001: 2008 Standard?
The latest edition of the ISO 9001 standard ISO 9001: 2008, Quality Management Systems – Requirements, was officially published by (ISO) the International Organization for Standardization on November 14, 2008. It is the fourth edition of the ISO 9001 standard since it was first published in 1987.
Who Is Responsible For Revising The standards?
The ISO Technical Committee no.176, Sub-committee no.2 (ISO/TC 176/SC 2) is responsible for the revision process in collaboration with consensus among quality and industry experts nominated by ISO Member bodies, and representing all interested parties.
Does ISO 9001:2008 Have Additional Requirements Beyond ISO 9001:2000 ?
This latest (4th) edition of ISO 9001 contains no new requirements compared to the (3rd) year 2000 edition, which it replaces. What it does is provide clarification to the existing requirements of ISO 9001:2000 based on eight years’ experience of worldwide implementing of the standard and introduces changes intended to improve consistency with the environmental management system standard, ISO 14001:2004.
The clarifications and changes in ISO 9001:2008 represents fine-tuning, rather than a thorough overhaul. It focuses on changes that organizations might make to better comply with the spirit of the standard without adding, deleting, or altering its requirements. The changes are minor in nature and address such issues as the need to clarify, provide greater consistency, resolve perceived ambiguities, and improve compatibility with ISO 14001. The numbering system and the structure of the standard remain unchanged. As a result, the new standard looks much like the old standard.
ISO has grouped the changes incorporated in this ISO 9001:2008 edition into the following categories:- No changes or minimum changes on user documents, including records- No changes or minimum changes to existing QMS processes- No additional training required or minimal training required- No effects on current certifications
In contrast, the 3rd edition, ISO 9001:2000 published in 2000, represented a major overhaul of the standard, including new requirements and a sharpened customer focus, reflecting developments in quality management and experience gained since the publication of the initial version.
Then Why Was It Necessary To Introduce This Revision?All ISO standards – currently more than 17 400 – are periodically reviewed. To ensure that ISO standards are maintained at the state of the art, ISO has a rule requiring them to be periodically reviewed and a decision taken to confirm, withdraw or revise the documents. The review process must be initiated within 3 years of publication of a standard. The review considers several factors such as technological evolution, new methods and materials, new quality and safety requirements, or questions of interpretation and application.
The review of ISO 9001 resulting in the 2008 edition was carried out by subcommittee SC 2 of ISO/TC 176. This subcommittee, which is responsible for the ISO 9000 family, unites expertise from 80 participating countries and 19 international or regional organizations, plus other technical committees.
This review has a number of inputs that help it:
A global user questionnaire/survey
A market Justification Study
Suggestions arising from the ISO/TC 176 interpretation process
Opportunities for increased compatibility with ISO 14001
The need for greater clarity, ease of use, and improved translation
Current trends – keeping up with recent developments in management system practices.
How Does The New ISO 9001 Edition Affect Existing ISO 9001 QMS’s?
As organizations start looking at ISO 9001:2008, they will wonder to what extent the changes might affect them. To a large extent, the new standard will not result in significant change to existing quality management systems (QMS).
ISO/TC 176 was careful in not making change for change sake. In the case of editorial changes, this was especially true. This could have lead to a false impression that there was a change in requirements, carrying greater significance than was intended. In those instances, when the committee members couldn’t come to a consensus in determining if a change added or deleted a requirement, they opted to retain the existing text. They decided it was better to err on the side of caution rather than to contribute to any misunderstanding in the marketplace.
The changes that have been incorporated into this edition of the ISO 9001 standard include changes that should lead to a better understanding across a broader range of product types, including service organizations; use of deliberate wording to minimize the potential for incorrect user interpretation; and reflect nuances of similar concepts. Lastly, some of the changes to specific clauses were made based on the 2004 International User Feedback Survey. This survey was conducted after the publication of ISO 9001:2000 and had invited respondents to identify areas they most wanted to see improved.
Thursday, October 15, 2009
Update on ISO 9001:2008
Update on ISO 9001:2008
Following a recent meeting of ISO’s Technical Committee TC176 in Helsinki, Finland, from June
11 – 15t, 2007, publication of the new version of ISO 9001 has been brought forward from 2009
and is now scheduled to be published in October 2008. Experts representing over 70 ISO member
bodies, met to discuss the comments received during circulation of the Committee Draft (”CD”) of
the new standard, and concluded that in view of the very limited changes being proposed, the draft
is now sufficiently mature to progress directly to the DIS (Draft International Standard).
The main changes being introduced into the new standard are as follows:
Clause 0.2 (Process approach)
Text added to emphasize the importance of processes being capable of achieving desired outputs
Clause 1.1 (Scope)
Clarification that “product” also includes intermediate product
Explanation regarding statutory, regulatory and legal requirements
Clause 4.1 (General requirements)
Notes added to explain more about outsourcing
Types of control that may be applied to outsourced processes
Relationship to clause 7.4 (Purchasing)
Clarification that outsourced processes are still responsibility of the organization and must be
included in the quality management system
Clause 4.2.1 (Documentation)
Clarification that QMS documentation also includes records
Documents required by the standard may be combined
ISO 9001 requirements may be covered by more than one documented procedure
Clause 4.2.3 (Document control)
Clarification that only external documents relevant to the QMS need to be controlled
Clause 4.2.4 (Records control)
Editorial changes only (better alignment with ISO 14001)
Clause 5.5.2 (Management rep)
Clarifies that this must be a member of the organization’s own management
Clause 6.2.1 (Human resources)
Clarification that competence requirements are relevant for any personnel who are involved in the
operation of the quality management system
Clause 6.3 (Infrastructure)
Includes information systems as example
Clause 6.4 (Work environment)
Clarifies that this includes conditions under which work is performed and includes, for example
physical, environmental and other factors such as noise, temperature, humidity, lighting, or weather
Clause 7.2.1 (Customer related processes)
Clarifies that post-delivery activities may include:
- Actions under warranty provisions
- Contractual obligations such as maintenance services
- Supplementary services such as recycling or final disposal
Clause 7.3.1 (Design & development planning)
Clarifies that design and development review, verification and validation have distinct purposes
These may be conducted and recorded separately or in any combination as suitable for the product
and the organization
Clause 7.3.3(Design & development outputs)
Clarifies that information needed for production and service provision includes preservation of the product
Clause 7.5.4 (Customer property)
Explains that both intellectual property and personal data should be considered as customer property
Clause 7.6 (Now retitled Control of Monitoring and Measuring equipment)
Explanatory notes added regarding the use of computer software: “Confirmation of the ability of computer software to satisfy the intended application would typically include its verification and configuration management to maintain its suitability for use.”
Clause 8.2.1 (Customer satisfaction)
Note added to explain that monitoring of customer perception may include input from sources such as customer satisfaction surveys, customer data on delivered product quality, user opinion surveys, lost business analysis, compliments, and dealer reports
Clause 8.2.3 (Monitoring / Measurement of process)
Note added to clarify that when deciding on appropriate methods, the organization should consider impact on the conformity to product requirements and on the effectiveness of the quality management system.
Following a recent meeting of ISO’s Technical Committee TC176 in Helsinki, Finland, from June
11 – 15t, 2007, publication of the new version of ISO 9001 has been brought forward from 2009
and is now scheduled to be published in October 2008. Experts representing over 70 ISO member
bodies, met to discuss the comments received during circulation of the Committee Draft (”CD”) of
the new standard, and concluded that in view of the very limited changes being proposed, the draft
is now sufficiently mature to progress directly to the DIS (Draft International Standard).
The main changes being introduced into the new standard are as follows:
Clause 0.2 (Process approach)
Text added to emphasize the importance of processes being capable of achieving desired outputs
Clause 1.1 (Scope)
Clarification that “product” also includes intermediate product
Explanation regarding statutory, regulatory and legal requirements
Clause 4.1 (General requirements)
Notes added to explain more about outsourcing
Types of control that may be applied to outsourced processes
Relationship to clause 7.4 (Purchasing)
Clarification that outsourced processes are still responsibility of the organization and must be
included in the quality management system
Clause 4.2.1 (Documentation)
Clarification that QMS documentation also includes records
Documents required by the standard may be combined
ISO 9001 requirements may be covered by more than one documented procedure
Clause 4.2.3 (Document control)
Clarification that only external documents relevant to the QMS need to be controlled
Clause 4.2.4 (Records control)
Editorial changes only (better alignment with ISO 14001)
Clause 5.5.2 (Management rep)
Clarifies that this must be a member of the organization’s own management
Clause 6.2.1 (Human resources)
Clarification that competence requirements are relevant for any personnel who are involved in the
operation of the quality management system
Clause 6.3 (Infrastructure)
Includes information systems as example
Clause 6.4 (Work environment)
Clarifies that this includes conditions under which work is performed and includes, for example
physical, environmental and other factors such as noise, temperature, humidity, lighting, or weather
Clause 7.2.1 (Customer related processes)
Clarifies that post-delivery activities may include:
- Actions under warranty provisions
- Contractual obligations such as maintenance services
- Supplementary services such as recycling or final disposal
Clause 7.3.1 (Design & development planning)
Clarifies that design and development review, verification and validation have distinct purposes
These may be conducted and recorded separately or in any combination as suitable for the product
and the organization
Clause 7.3.3(Design & development outputs)
Clarifies that information needed for production and service provision includes preservation of the product
Clause 7.5.4 (Customer property)
Explains that both intellectual property and personal data should be considered as customer property
Clause 7.6 (Now retitled Control of Monitoring and Measuring equipment)
Explanatory notes added regarding the use of computer software: “Confirmation of the ability of computer software to satisfy the intended application would typically include its verification and configuration management to maintain its suitability for use.”
Clause 8.2.1 (Customer satisfaction)
Note added to explain that monitoring of customer perception may include input from sources such as customer satisfaction surveys, customer data on delivered product quality, user opinion surveys, lost business analysis, compliments, and dealer reports
Clause 8.2.3 (Monitoring / Measurement of process)
Note added to clarify that when deciding on appropriate methods, the organization should consider impact on the conformity to product requirements and on the effectiveness of the quality management system.
Validity of certifications to ISO 9001:2000
One year after the publication of ISO 9001:2008 all accredited certifications issued (new certifications or re-certifications) shall be to ISO 9001:2008.Twenty four months after publication by ISO of ISO 9001:2008, any existingcertification issued to ISO 9001:2000 shall not be valid.
Organisations that are already certified to ISO 9001:2000 should contacttheir certification/registration bodies (CB/RB) to agree a programme for analysing the clarifications in ISO 9001:2008 in relation to their individual quality management systems and for upgrading their certificates.Certified organizations should bear in mind that ISO 9001:2000 certificateshave the same status as new ISO 9001:2008 certificates during the co-existence period. (i.e. Your current ISO 9001:2000 certificate will be valid up to 13th November 2010).Organizations in the process of certification to ISO 9001:2000 should change to using ISO 9001:2008 and apply for certification to it.New users should start by using ISO 9001:2008.
Organisations that are already certified to ISO 9001:2000 should contacttheir certification/registration bodies (CB/RB) to agree a programme for analysing the clarifications in ISO 9001:2008 in relation to their individual quality management systems and for upgrading their certificates.Certified organizations should bear in mind that ISO 9001:2000 certificateshave the same status as new ISO 9001:2008 certificates during the co-existence period. (i.e. Your current ISO 9001:2000 certificate will be valid up to 13th November 2010).Organizations in the process of certification to ISO 9001:2000 should change to using ISO 9001:2008 and apply for certification to it.New users should start by using ISO 9001:2008.
ISO 9001 Standards – Document Repository
ISO 9001 Standards - Document Repository
All QMS and product realization documents can be stored electronically within the computerize Document Management System like ISO 9001 Document Control Sytem. This provides a set of category and sub-category headings that enable users to drill down intothe different levels of the documentation category tree.QMS documents are created and maintained within a top level category entitled “ISO 9001 Quality Management System (QMS)“. Documents in this category follow a 4-tier approach:• Quality Manual – company scope and process interactions within the QMS• Quality Procedures – responsibilities, controls and activities within the QMS that effect customer service• Records – objective evidence to demonstrate our goal in achieving customer satisfaction• Forms & Reports to support the QMS processesProduct realization documents are stored in categories corresponding to Products, Projects and Departments. Each document is unique, but can be accessed from multiple categories.Documents created within the FablessSemi Inc CogniDox system are assigned a unique identifier using the format “PO-NNNNNN-XX”; where the “PO” prefix identifies them as FablessSemi Inc documents, the “NNNNNN” is an automatically generated and uniquely assigned numerical ID, and the “XX” suffix indicates the document type.All Fabless Semi Inc personnel are responsible for creating document part numbers and uploading documents to an appropriate category. Selected users with additional system privileges are responsible for creating and maintaining document categories.
All QMS and product realization documents can be stored electronically within the computerize Document Management System like ISO 9001 Document Control Sytem. This provides a set of category and sub-category headings that enable users to drill down intothe different levels of the documentation category tree.QMS documents are created and maintained within a top level category entitled “ISO 9001 Quality Management System (QMS)“. Documents in this category follow a 4-tier approach:• Quality Manual – company scope and process interactions within the QMS• Quality Procedures – responsibilities, controls and activities within the QMS that effect customer service• Records – objective evidence to demonstrate our goal in achieving customer satisfaction• Forms & Reports to support the QMS processesProduct realization documents are stored in categories corresponding to Products, Projects and Departments. Each document is unique, but can be accessed from multiple categories.Documents created within the FablessSemi Inc CogniDox system are assigned a unique identifier using the format “PO-NNNNNN-XX”; where the “PO” prefix identifies them as FablessSemi Inc documents, the “NNNNNN” is an automatically generated and uniquely assigned numerical ID, and the “XX” suffix indicates the document type.All Fabless Semi Inc personnel are responsible for creating document part numbers and uploading documents to an appropriate category. Selected users with additional system privileges are responsible for creating and maintaining document categories.
Useful Aids to Implement ISO 9001 Standards
Useful Aids To Implement ISO 9001 Standards
Many companies implement ISO 9001 without using all the available tools. As a result, some companies may not fully optimize their implementation. This issue could be manifested as confusion over terms, misunderstanding about requirements, and perplexity concerning intention.ISO, the International Organization for Standardization, based in Geneva Switzerland issues thousands of standards, but we limit our scope to ISO 9001:2008 and its immediate “family”.This includes ISO 9000:2005 and ISO 9004:20002. ISO 9001 is a general industry standard for quality management, but ISO also issues industry specific standards. Many of these standards, such as ISO 13485 for medical devices, are based on ISO 9001 and can also utilize these available tools.
In addition to the information discussed below, ISO also issues standards related to specific activities that may arises in a quality management system. The following lists these supporting documents.
Automotive ISO/TS 16949:2002Education IWA 2:2007Energy PC 242, ISO 50001Food safety ISO 22000:2005Information security ISO/IEC 27001:2005Health care IWA 1:2005Local government IWA 4:2005Medical devices ISO 13485:2003Petroleum and gas ISO 29001:2003Ship recycling ISO/PAS 30000:2008Supply chain security ISO 28000:2007
Many companies implement ISO 9001 without using all the available tools. As a result, some companies may not fully optimize their implementation. This issue could be manifested as confusion over terms, misunderstanding about requirements, and perplexity concerning intention.ISO, the International Organization for Standardization, based in Geneva Switzerland issues thousands of standards, but we limit our scope to ISO 9001:2008 and its immediate “family”.This includes ISO 9000:2005 and ISO 9004:20002. ISO 9001 is a general industry standard for quality management, but ISO also issues industry specific standards. Many of these standards, such as ISO 13485 for medical devices, are based on ISO 9001 and can also utilize these available tools.
In addition to the information discussed below, ISO also issues standards related to specific activities that may arises in a quality management system. The following lists these supporting documents.
Automotive ISO/TS 16949:2002Education IWA 2:2007Energy PC 242, ISO 50001Food safety ISO 22000:2005Information security ISO/IEC 27001:2005Health care IWA 1:2005Local government IWA 4:2005Medical devices ISO 13485:2003Petroleum and gas ISO 29001:2003Ship recycling ISO/PAS 30000:2008Supply chain security ISO 28000:2007
Process Approach In ISO 9001 Standards
Process Approach In ISO 9001 Standards
The process approach was introduced into ISO 9001 with the year 2000 version of the standards.Prior versions used an element approach. The document Guidance on the concept and use of the process approach for management systems describes to process approach and offers an implementation paradigm.1. Identification of processes of the organization1.1. Define the purpose of the organization1.2. Define the policies and objectives of the organization1.3. Determine the processes in the organization1.4. Determine the sequence of the processes1.5. Define process ownership1.6. Define process documentation2. Planning of a process2.1. Define the activities within the process2.2. Define the monitoring and measurement requirements2.3. Define the resources needed
2.4. Verify the process and its activities against its planned objectives3. Implementation and measurement of the process4. Analysis of the process5. Corrective action and improvement of the process ImplementationThis document explains the process used to evaluate changes to the 2008 version. In particular, it explains the revision process and illustrates the impact vs. benefit analysis used to evaluate potential changes.In addition to the guidance documents, ISO maintains a web site with “official interpretations” of ISO 9001. Currently, these interpretations only include ISO 9001:2000, but, because the changes to the 2008 version were limited, they are valuable.Consider a common question. An organization needs a documented procedure for preventive action (8.5.3), and must keep records of the results of preventive action (8.5.3.d). One of the interpretation requests asks, “Does sub-clause 8.5.3 a) require organizations to demonstrate, with objective evidence in the form of records, that they have undertaken actions to determine the existence of ‘potential nonconformities and their causes’?” The answer is “No”.Auditing PracticesThe ISO 9001 Auditing Practices Group maintains a website9 with guidance and information on auditing ISO 9001 quality management systems. It is an informal group of quality management system (QMS) experts, auditors, and practitioners drawn from the ISO Technical Committee 176 Quality Management and Quality Assurance (ISO/TC 176) and the International Accreditation Forum (IAF).The website, primarily aimed at QMS auditors, consultants, and quality practitioners, is an online source of papers and presentations on auditing a QMS and reflect the process based approach.The website contains almost forty guidance documents with practical advice ranging from “How to audit top management processes” to “The role and value of the audit checklist”.
The process approach was introduced into ISO 9001 with the year 2000 version of the standards.Prior versions used an element approach. The document Guidance on the concept and use of the process approach for management systems describes to process approach and offers an implementation paradigm.1. Identification of processes of the organization1.1. Define the purpose of the organization1.2. Define the policies and objectives of the organization1.3. Determine the processes in the organization1.4. Determine the sequence of the processes1.5. Define process ownership1.6. Define process documentation2. Planning of a process2.1. Define the activities within the process2.2. Define the monitoring and measurement requirements2.3. Define the resources needed
2.4. Verify the process and its activities against its planned objectives3. Implementation and measurement of the process4. Analysis of the process5. Corrective action and improvement of the process ImplementationThis document explains the process used to evaluate changes to the 2008 version. In particular, it explains the revision process and illustrates the impact vs. benefit analysis used to evaluate potential changes.In addition to the guidance documents, ISO maintains a web site with “official interpretations” of ISO 9001. Currently, these interpretations only include ISO 9001:2000, but, because the changes to the 2008 version were limited, they are valuable.Consider a common question. An organization needs a documented procedure for preventive action (8.5.3), and must keep records of the results of preventive action (8.5.3.d). One of the interpretation requests asks, “Does sub-clause 8.5.3 a) require organizations to demonstrate, with objective evidence in the form of records, that they have undertaken actions to determine the existence of ‘potential nonconformities and their causes’?” The answer is “No”.Auditing PracticesThe ISO 9001 Auditing Practices Group maintains a website9 with guidance and information on auditing ISO 9001 quality management systems. It is an informal group of quality management system (QMS) experts, auditors, and practitioners drawn from the ISO Technical Committee 176 Quality Management and Quality Assurance (ISO/TC 176) and the International Accreditation Forum (IAF).The website, primarily aimed at QMS auditors, consultants, and quality practitioners, is an online source of papers and presentations on auditing a QMS and reflect the process based approach.The website contains almost forty guidance documents with practical advice ranging from “How to audit top management processes” to “The role and value of the audit checklist”.
Why Deploy Six Sigma?
Why Deploy Six Sigma in your organization?
Here are some reasons why we should be using Six Sigma to make process improvements:
a) It is a structured approach – if we follow the process, people will not forget any important steps along the way before they implement the solution.
b) It helps quantify the benefits and thus make it easier to sell the improvements to senior managers in the company.
c) It uses facts & data and the rigor of statistical testing to arrive at the right root cause instead of fixing symptoms or putting band-aids.
d) There is a greater likelihood of the solution being sustainable if we follow the Six Sigma process.
e) Six Sigma focuses of solving the right problems using the project selection matrix.
f) It has proven itself in a large number of deployments. Frankly, there is no better tool out there to make process improvements – especially when the root cause or the solution is not known.
Here are some reasons why we should be using Six Sigma to make process improvements:
a) It is a structured approach – if we follow the process, people will not forget any important steps along the way before they implement the solution.
b) It helps quantify the benefits and thus make it easier to sell the improvements to senior managers in the company.
c) It uses facts & data and the rigor of statistical testing to arrive at the right root cause instead of fixing symptoms or putting band-aids.
d) There is a greater likelihood of the solution being sustainable if we follow the Six Sigma process.
e) Six Sigma focuses of solving the right problems using the project selection matrix.
f) It has proven itself in a large number of deployments. Frankly, there is no better tool out there to make process improvements – especially when the root cause or the solution is not known.
Subscribe to:
Posts (Atom)