Develop Quality Management System Documentation In ISO 9000 Standards

Develop Quality Management System Documentation In ISO 9000 Standards

Documentation is the most common area of non-conformance among organizations

wishing to implement ISO 9000 quality management systems. As one company

pointed out: “When we started our implementation, we found that documentation

was inadequate. Even absent, in some areas. Take calibration. Obviously it’s

necessary, and obviously we do it, but it wasn’t being documented. Another area

was inspection and testing. We inspect and test practically every item that leaves

here, but our documentation was inadequate”.

Documentation of the quality management system should include:

1. Documented statements of a quality policy and quality objectives,

2. A quality manual,

3. Documented procedures and records required by the standard ISO 9001:2008, and

4. Documents needed by the organization to ensure the effective planning, operation and control of its processes.

Quality documentation is generally prepared in the three levels indicated below that follows. Use ISO 10013:1995 for guidance in quality documentation.

Level A: Quality manual

States the scope of the quality management system, including exclusions and

details of their justification; and describes the processes of the quality

management system and their interaction. Generally gives an organization

profile; presents the organizational relationships and responsibilities of persons

whose work affects quality and outlines the main procedures. It may also

describe organization’s quality policy and quality objectives.

Level B: Quality management system procedures

Describes the activities of individual departments, how quality is controlled in

each department and the checks that are carried out.

Level C: Quality documents (forms, reports, work instructions, etc.)

1. Work instructions describe in detail how specific tasks are performed; include

drawing standards, methods of tests, customer’s specifications, etc.

2. Presents forms to be used for recording observations, etc.

ISO 9000 Standards – Document control procedures

ISO 9000 Standards – Document control procedures

The ISO 9000 Standards requires that a documented procedure be established to define the controls needed.

This requirement means that the methods for performing the various activities required to control different types of documents should be defined and documented.

Although the ISO 9000 standards implies that a single procedure is required, should you choose to produce several different procedures for handling the different types of documents it is doubtful that any auditor would deem this noncompliant. Where this might be questionable is in cases where there is no logical reason for such differences and where merging the procedures and settling on a best practice would improve efficiency and effectiveness.

Documents are recorded information and the purpose of the document
control process is to firstly ensure the appropriate information is available
where needed and secondly to prevent the inadvertent use of invalid
information. At each stage of the process are activities to be performed that
may require documented procedures in order to ensure consistency and
predictability. Procedures may not be necessary for each stage in the process.

Every process is likely to require the use of documents or generate documents and it is in the process descriptions that you define the documents that need to be controlled. Any document not referred to in your process descriptions is therefore, by definition, not essential to the achievement of quality and not required to be under control. It is not necessary to identify uncontrolled documents in such cases. If you had no way of tracing documents to a governing process, a means of separating controlled from uncontrolled may well be necessary.

The procedures that require the use or preparation of documents should also specify or invoke the procedures for their control. If the controls are unique to the document, they should be specified in the procedure that requires the document. You can produce one or more common procedures that deal with the controls that apply to all documents. The stages in the process may differ depending on the type of document and organizations involved in its preparation, approval, publication and use. One procedure may cater for all the processes but several may be needed.
The aspects you should cover in your document control procedures, (some
of which are addressed further in this chapter) are as follows
Planning new documents, funding, prior authorization, establishing need
etc.

- Preparation of documents, who prepares them, how they are drafted,
conventions for text, diagrams, forms etc.
- Standards for the format and content of documents, forms and diagrams.
- Document identification conventions.
- Issue notation, draft issues, post approval issues.
- Dating conventions, date of issue, date of approval or date of distribution.
- Document review, who reviews them and what evidence is retained.
- Document approval, who approves them and how approval is denoted.
- Document proving prior to use.
- Printing and publication, who does it and who checks it.
- Distribution of documents, who decides, who does it, who checks it.
- Use of documents, limitations, unauthorized copying and marking.
- Revision of issued documents, requests for revision, who approves the
request, who implements the change.
- Denoting changes, revision marks, reissues, sidelining, underlining.
Amending copies of issued documents, amendment instructions, and
amendment status.
- Indexing documents, listing documents by issue status.
- Document maintenance, keeping them current, periodic review.
- Document accessibility inside and outside normal working hours.
- Document security, unauthorized changes, copying, disposal, computer
viruses, fire and theft.
- Document filing, masters, copies, drafts, and custom binders.
- Document storage, libraries and archive, who controls location, loan
arrangements.
- Document retention and obsolescence.

With electronically stored documentation, the document database may provide many of the above features and may not need to be separately prescribed in your procedures. Only the tasks carried out by personnel need to be defined in your procedures. A help file associated with a document database is as much a documented procedure as a conventional paper based procedure.

Transition from ISO 9001:2000 to ISO 9001:2008

Transition from ISO 9001:2000 to ISO 9001:2008

This reference guide was developed to help you understand the nature of the changes to theISO 9001 standard.

Clause Change/Emphasis Not Auditable

0.1 General – Added language emphasizing statutory and regulatory requirements are a concern as it relates to products for this international standard.

0.4 Compatibility with Other Management Systems Standards - Emphasis was added on the consideration given to ISO 14001:2004 to ensure that the standards are compatible.

1.1 General

1.2 Application – “Statutory” was added in certain paragraphs to ensure the user is aware that these requirements must be taken into consideration. Additional notes were added to explain that where the word “product” appears, it refers to every stage of its existence, from raw material received to the final product being shipped to the customer.

2. Normative Reference – Reference to ISO 9000 (vocabulary and concepts) was updated to refer to the current revision (i.e. ISO 9000:2005).

3. Terms and Definitions – The supplier/organization/customer model was removed. These relationships, in reality, are not always linears.

The Auditable Requirements
Clause Change/Emphasis
4.1
In 4.1 a, “identify” was replaced with “determine” to emphasize that an organization must give careful consideration to what processes are needed in order to fulfill requirements.
A link is drawn to 7.4 in the additional note. This was done to show that the supplier approval, evaluation, and re-evaluation process is where evidence of controlled outsourced processes should be demonstrated.
4.2.1
References to records and documents were consolidated.
Also, the organization can require records not specified in this international standard that are created and maintained.
4.2.3
Clarification is given to the requirement for outsourced documents. Only those needed for the planning and operation of the QMS need to be controlled. This could exclude documents related to occupational health and safety since ISO 9001 contains requirements only concerned with product (see 0.1).
4.2.4
Rephrased, but no additional clarifications or emphasis added. Editorial change only.
5.5.2
The management representative must be from the organization’s management. This would exclude consultants and other individuals external to the organization (e.g. a management representative from the corporate entity). The purpose of this is to ensure that this individual, entrusted with the responsibilities of championing the quality management system, is not “out of touch” with the organization.
6.2.1
The boundaries of competence only extend to individuals who impact product conformity. However, this does not just include those who are directly involved in production. The decisions made by management affect product conformity; therefore, they must be competent as well.

6.2.2
If said personnel have not yet attained the competence needed to perform the assigned job, then the organization must provide training or some other remedy to ensure that competence is achieved. The organization must also have a mechanism to ensure that personnel have been evaluated based on how well they demonstrate their knowledge and skill (i.e. competence). It is not enough to merely provide training or consider an individual’s experience. The organization must prove to itself that this person can, in fact, perform.
6.3
Infrastructure also includes databases and information technology.
6.4
Emphasis is added in a note to highlight that the concept of “work environment” only extends to product quality.
7.1 c
“Measurement” is added.
7.2.1
“Post-delivery activity” is clarified in a note with examples.
7.3.1
A note emphasizes that design verification, validation, and review are different from one another and serve different purposes. Design review is where the organization evaluates if the design can meet requirements and if any changes need to be made. Design verification is where the organization has ensured that requirements have been met (e.g. is the widget blue and is it hexagonal?). Design validation is where the organization proves that the design can perform as required.
However, the records of design verification, validation, and review do not have to be separate.
7.3.3
Production and service provisions also extend to how product is preserved, handled, etc., to ensure product conformity. See 7.5.1
Design outputs must include requirements related to preservation. See 7.5.5.

7.5.2
Notes were added to give examples of the types of processes where this requirement would apply along with a statement that service organizations should have additional considerations in the planning stages when deficiencies and conformity are not likely to be identified prior to delivery.
7.5.3
Product status must be identified throughout product realization, not just the final product. See 1.2.
7.5.4
Wording was modified to add clarity, but the intent of the requirement has not changed.
7.5.5
Again, emphasis is added that care must be given to preserving the product regardless of where it falls in the realization process.
7.6
An obsolete reference to another ISO document was replaced.
The definition of “monitoring and measuring devices” has been clarified to include equipment and devices that are purposed for monitoring and measuring, regardless of their original or intended purpose.
An additional note regarding software was added.
8.2.2
Document and record requirements were reworded and their placement modified to improve clarity.
The reference to the auditing guidance document was updated (i.e. ISO 19011).

8.2.3
Wording was modified to emphasize that correction and corrective actions are not only to be taken to preserve the conformity of the product, but also to preserve the quality management system. For example, internal rejection/scrap rates could show evidence that the organization is preserving product conformity and is taking intermediate action to prevent bad product from being shipped to their customers; however, it could also be a sign that the organization is not efficient since the higher rejection/scrap rates are undesirable.
A note was added to clarify the meaning of “suitable methods” related to planning, monitoring and measurement processes. Suitability should be determined based on risk and the impact that nonconformity would have on the product or process.
8.2.4
Product can be released to other internal processes despite planned arrangements not being satisfactorily completed as long as it conforms prior to release to the customer. This relaxes requirements on intermediate inspection results and records.
8.3
Actions taken against nonconforming product must be proportional to its impact or potential impact. See 8.2.3 related to impact considerations for monitoring and measurement.
This would mean that in the planning stages of a product, the organization needs to customize responses to nonconforming products based on the risk or potential risk to the organization.
This requirement existed in ISO 9001:2000; however, its location has changed.

8.5.2
Nonconformity can have multiple causes (“cause”; i.e. a singular reason, was used in the 2000 version); therefore, the organization must consider this when conducting root cause analysis.
Also, it is not enough to simply review corrective action and ensure that procedures were changed, personnel have been re-trained, and that processes were amended. The organization must review whether or not the action(s) taken were effective; i.e. did they successfully eliminate the nonconforming condition?
8.5.3
Similar to the new emphasis on the effectiveness of corrective action, the organization must also document whether or not the preventive action(s) taken were effective in eliminating the risk of nonconformity.

How To Implement ISO 9001 Standards Using Template & Softwares

There are few ways of implementing the ISO 9000 in a particular organization. One of the easy way is hiring a ISO 9000 consultant in a turn key project basis. This definitely will incur cost. However, some of the organization will appoiint an employee to start up the ISO 9000, by learning thru seminar, preparing the ISO 9000 Quality Manual, Procedure & Form by using some of the ISO 9000 Template sell at internet. Some of the provider such as http://www.iso-consults.com & http://www.quality-template.com are providing such services.
Normally, the template provide will provides the ISO 9000 Quality Manual Template, Standand Procedure & also sample form for the ISO 9000 implementation. One of the provider like http://www.e-wia.com give a very complete set of the ISO 9000 Templates, which will help an organization to implement the ISO 9000 easily.
There are also some ISO 9000 Softwares which helps the organization in the ISO 9000 implementation. Some of the ISO 9000 Software are listed below:
a. Document Control Software – Software which Helps the organization to keep track & control of the ISO 9000 Documents.
b. Audit Control Software – Software which helps the organization to keep track of internal & external audit events.
c. Training Record Management Software – Software which helps the organization to keep track of Training records in a system.
d. Calibration Software – Software to maintain the calibration records for tool & machinery.
More Sites on ISO 9001 Standards Template & Softwares are as below:
http://www.iso9001store.com
http://www.iso14000store.com

ISO 14001 Template

The ISO 14001Template were created to help you to prepare the ISO 14001Quality Manual, ISO 14001 Operating Procedure & ISO 14001 Forms. This ISO 14001 Template contains prewritten Quality Manual, Operating Procedure along with sample forms and checklists included as Microsoft Word & Excel format. It provides sample practical documentation in the proper ISO format required by the latest ISO 14001:2004.
The ISO 14001 Template features:-
• Specifically designed to be very easy to customize so that the entire documentation that is required by ISO 14001 : 2004 can be quickly and easily developed.• Professional design and layout.• It is designed to fulfill the ISO 14001 : 2004 requirements. .• Easy to read, easy to understand, and easy to implement.• Easy to audit as it follows the structure of ISO 14001: 2004..• Includes the required Process Flowchart.
The ISO 14001 Template series itself is generic, and is designed to be applicable to any manufacturing or service process. The ISO 14001 Environmental Management System (EMS) Template are consist of:
a. ISO 14001 EMS Manual TemplateThe Policy is fundamental to meeting the needs of ISO 14001. It essentially defines the rules and requirements of the organization with respect to the standard/EMS and as such is a central plank of the initiative.ISO 14001 Manual Template Consist of:• Section 1: General EMS Requirement• Section 2: Environment Policy – Objectives, Targets & Programmes• Section 3: EMS Planning• Section 4: Implementation & Operation• Section 5: Checking & Monitoring• Section 6: Management Review
b. ISO 14001 Operating ProcedureThe ISO 14001 Operating Procedure Template includes and integrates ISO 14001 EMS requirements, thus containing the most difficult part of the ISO 14001 documentation. The ISO 14001 Operating Procedure Template include the detailed samples of the Operating Procedures to fulfill the ISO 14001 : 2004 requirements for the procedures, making the customization process even easier. The entire manual follows the structure of ISO 14001 : 2004.
ISO 14001 Operating Procedures Consist Of:• Objective & Targets Procedure• Environmental Management Program Procedure• Environmental Aspect & Impact Identification & Evaluation Procedure• Environmental Monitoring & Measuring Procedure• Legal & Others Requirement & Evaluation Of Compliance Procedure• Emergency Preparedness & Response Procedure• Chemical Control Procedure• Waste Management Procedure• 5S House Keeping Procedure
c. ISO 14001 FormsISO 14001 Forms Consist Of :• Environmental Non-Conformance Master List• Environmental Non-Conformance Notice Form• Environmental Management Program Form• Environmental Aspect & Impact Identification Form• Green Environment Internal Audit Master Plan• Green Environment Plan & Activities Form• Green Environment Material Purchase Master List• ISO 14001:2004 Internal Audit Summary Report• Equipment Monitoring Master List• Environment Preventive Action Report (PAR) Master List• Environment Preventive Action Report (PAR) Form.• Environmental Responsible Form• EMS Organization Chart.• Waste Management Schedule Form• Totally Abolish Banned Substances & Target Deadline For Total Abolishment Form
For more information, please visit us at:
http://www.e-wia.com
http://www.iso-consults.com
http://www.iso9000-software.com

Reasons a Company Becomes Certified in ISO 9001 Standards

ISO 9000 certification or registration can be an expensive process. A company must consider the reasons and promised benefits for going through this process. If a company decides to seek certification, they should consider making sure their suppliers are certified or at least compliant to the ISO 9000 standards.
Major reasonsIn the early 1990s, companies seemed to be jumping on the certification bandwagon without seriously considering the rationale for doing so. Often they did so because competitors or “everybody else” is getting registered. Today companies seriously look at the reasons and benefits for becoming registered.
The major reasons that company leadership or management decides to seek ISO 9000 certification are to gain continued or increased business and to maintain effective operations.
Improved businessA company can maintain a relationship with customers, as well as get increased business through complying to the ISO 9001 standards or becoming certified. This comes from satisfying customer demands, the desire for European business, and to advertise.
Finally, some companies want to become certified, so they can advertise that fact and give the impression of being better than their competitors.
You have seen ads with a logo stating the company is certified at some ISO 9000 level. It apparently gives those companies a leg up on competitors not registered.
Again, this seemed more important in the 1990s, but you don’t see that many companies using ISO 9000 certification as an advertising tool.
ISO 9000 is supposed to make sure your business is run in an orderly manner that will assure continued success.
One would think that a goal such as being run effectively and able to deliver goods consistently and reliably would also be desirable for a company’s own operation. Surprisingly, many companies do not consider that as a goal.

Scope Of The Quality Management System

Scope Of The Quality Management System
The ISO 9001 standard requires the quality manual to include the scope of the quality management system including details of justification for any exclusion. The standard addresses activities that may not be relevant or applicable to an organization. The permissible exclusions are explained in section 1.2 of ISO 9001. Here it states that the organization may only exclude requirements that neither affect the organization’s ability, nor its responsibility to provide product that meets customer and applicable regulatory requirements. The requirements for which exclusion is permitted are limited to those in section 7 of the standard.
Under ISO 9001:2008, it was possible for organizations to exclude functions and processes of their organization that may have been difficult to control or were not part of the order fulfilment cycle. Organizations that designed their own products but not for specific customers could escape bringing these operations into the management system. Marketing was omitted because it operated before placement of order. Accounting, Administration, Maintenance, Publicity, Public Relations and After Sales Support functions were often omitted because there were no requirements in the standard that specifically dealt with such activities. As there is no function in an organization that does not directly or indirectly serve the satisfaction of interested parties, it is unlikely that any function or process will now be excluded from the quality management system.
It is sensible to describe the scope of the quality management system so as to ensure effective communication. The scope of the quality management system is one area that generates a lot of misunderstanding particularly when dealing with auditors, consultants and customers. When you claim you have a management system that meets ISO 9001 it could imply that you design, develop, install and service the products you supply, when in fact you may only be a distributor. Why you need to justify specific exclusions is uncertain because it is more practical to justify inclusions.
The scope of the quality management system is the scope of the organization. There is no longer any reason to exclude locations, activities, functions or processes for which there is no requirement in the standard. The reason is because the ISO 9000 family now serves customer satisfaction and is not limited to quality assurance as were the 1994 versions of ISO 9001, ISO 9002 and ISO 9003.
It is not appropriate to address exclusions by inserting pages in the manual corresponding to the sections of the standard and adding justification if not within the scope of the management system – such as ‘We don’t do this!’.
It is much more appropriate to use an appendix as indicated previously in the manual contents list. By describing the nature of the business, you are establishing boundary conditions. If in doing so you do not mention that you design products, it will be interpreted that design is not applicable.
For exclusions relative to detail requirements, the Compliance Matrix may suffice but for an unambiguous solution, it is preferable to produce an exposition that addresses each requirement of the standard.

ISO 9001 Quality Policy

ISO 9001 Quality Policy
The standard requires the quality policy to be appropriate to the purpose of the organization.
The purpose of an organization is quite simply the reason for its existence and as Peter Drucker so eloquently put it there is only one valid definition of business purpose: to create a customer”(Drucker, Peter F., 1977)2 . In ensuring that the quality policy is appropriate to the purpose of the organization, it must be appropriate to the customers the organization desires to create. It is therefore necessary to establish who the customers are, where the customers are, what they buy or wish to receive and what these customers regard as value. As stated above, the quality policy is the corporate policy and such policies exist to channel actions and decisions along a path that will fulfil the organization’s purpose and mission. A goal of the organization may be the attainment of ISO 9001 certification and thus a quality policy of meeting the requirements of ISO 9001 would be consistent with such a goal, but goals are not the same as purpose as indicated in the box to the right. Clearly no organization would have ISO 9001 certification as its purpose because certification is not a reason for existence – an objective maybe but not a purpose.
Policies expressed as short catchy phrases such as “to be the best” really do not channel actions and decisions. They become the focus of ridicule when the organization’s fortunes change. There has to be a clear link from mission to quality policy.
Policies are not expressed as vague statements or emphatic statements using the words may, should or shall, but clear intentions by use of the words ‘we will’
– thus expressing a commitment or by the words ‘we are, we do, we don’t, we have’ expressing shared beliefs. Very short statements tend to become slogans which people chant but rarely understand the impact on what they do. Their virtue is that they rarely become outdated. Long statements confuse people because they contain too much for them to remember. Their virtue is that they not only define what the company stands for but how it will keep its promises.
In the ISO 9001 definition of quality policy it is suggested that the eight quality management principles be used as a basis for establishing the quality policy.
One of these principles is the Customer Focus principle. By including in the quality policy the intention to identify and satisfy the needs and expectations of customers and other interested parties and the associated strategy by which this will be achieved, this requirement would be fulfilled. The inclusion of the strategy is important because the policy should guide action and decision. Omitting the strategy may not ensure uniformity of approach and direction.
The standard requires that the quality policy include a commitment to comply with requirements and continually improve the effectiveness of the quality management system.
A commitment to comply with requirements means that the organization should undertake to meet the requirements of all interested parties. This means meeting the requirements of customer, suppliers, employees, investors, owners and society. Customer requirements are those either specified or implied by customers or determined by the organization and these are dealt with in more detail under clauses 5.2 and 7.2.1. The requirements of employees are those covered by legislation such as access, space, environmental conditions, equal opportunities and maternity leave but also the legislation appropriate to minority groups such as the disabled and any agreements made with unions or other representative bodies. Investors have rights also and these will be addressed in the investment agreements. The requirements of society are those obligations resulting from laws, statutes, regulations etc.
An organization accepts such obligations when it is incorporated as a legal entity, when it accepts orders from customers, when it recruits employees, when it chooses to trade in regulated markets and when it chooses to use or process materials that impact the environment.
The effectiveness of the management system is judged by the extent to which it fulfils its purpose. Therefore improving effectiveness means improving the capability of the management system. Changes to the management system that improve its capability i.e its ability to deliver outputs that satisfy all the interested parties, are a certain types of change and not all management system changes will accomplish this. This requirement therefore requires top management to pursue changes that bring about an improvement in performance.

Why Deploy Six Sigma?

Why Deploy Six Sigma in your organization?
Here are some reasons why we should be using Six Sigma to make process improvements:
a) It is a structured approach – if we follow the process, people will not forget any important steps along the way before they implement the solution.
b) It helps quantify the benefits and thus make it easier to sell the improvements to senior managers in the company.
c) It uses facts & data and the rigor of statistical testing to arrive at the right root cause instead of fixing symptoms or putting band-aids.
d) There is a greater likelihood of the solution being sustainable if we follow the Six Sigma process.
e) Six Sigma focuses of solving the right problems using the project selection matrix.
f) It has proven itself in a large number of deployments. Frankly, there is no better tool out there to make process improvements – especially when the root cause or the solution is not known.

ISO 9000 family of standards and SMEs

ISO 9000 family of standards and SMEs
The ISO 9000 quality management system is generic in nature and applicable to all companies, regardless of the type and size of the business, including small and medium enterprises (SMEs), and they are applicable to all categories of products, whether hardware, software, processed materials or services. ISO 9001:2008 specifies what is required to be done by an organization but does not indicate how it should be done, thus giving the enterprise a lot of flexibility to run its business.
It is simple to use, clear in language and easily understandable. The new standard is also appropriate for small companies, as it does not demand the type of paper bureaucracy needed for the implementation of the 1994 version. Only six documented procedures are now required and need for other procedures/documents can be decided by the company. Companies will, however, be required to provide objective evidence that the QMS has been effectively implemented. A small company may find it appropriate to include the description of its entire QMS within a single Quality Manual, including all the documented procedures required by the standard.
The process-based approach given in the new standard will tend to ensure that systems are documented and implemented in a manner that suits a SME’s own way of doing business. This approach makes it easier for SMEs to implement, instead of just taking over an artificial structure of QMS imposed from outside. It will also be easier for SMEs managed by their owners to demonstrate “top management commitment” towards QMS. Furthermore, in a SME, it is easier to ensure effective internal communication, better utilization of resources, people clearly understanding their roles and responsibilities, etc.
The new standard has included a provision for deciding on the applicability of
certain product realization processes included in section 7 of the standard. For example, if the SME has no responsibility for the design and development of the product it provides, the SME may say so, giving the reasoning behind it, in the Quality Manual; the certification body, being satisfied that this corresponds, would then award it certification to ISO 9001:2008. Similarly, other product realization processes such as purchasing, product identification and traceability, control of measuring devices may also be excluded if these are not applicable for the type of products or services being provided by the company.
It is also possible that SMEs may not have adequate in-house expertise or there may be other constraints to perform all processes on their own. In such cases, the new standard also permits the outsourcing of any of the QMS processes, providing the company has control over such processes. The nature of this control will depend on the nature of the outsourced or subcontracted processes and the risk involved. For example, the design and development process may be subcontracted to an expert or a specialized agency, inspection/verification of goods purchased may be subcontracted to an inspection agency, internal audit of QMS can be outsourced, etc. However, overall responsibility for ensuring control on all outsourced processes as per requirements of the standard would remain with the company’s management.

Management Principles Of ISO 9001 Standards

Management Principles Of ISO 9001 Standards
ISO 9000 is based on eight management principles:
• Customer focus, resulting in meeting customer requirements and striving to exceed them;
• Leadership, aiming to create an internal environment in which people are fully involved;
• Involvement of people who are the essence of an organization;
• Process approach, resulting in improved efficiency to obtain desired results;
• System approach to management, leading to improved effectiveness and efficiency through identification, understanding and management of interrelated processes;
• Continual improvement, which becomes a permanent objective of the organization;
• Factual approach to decision-making, based on the analysis of data and information; and
• Mutually beneficial supplier relationships, based on an understanding of their interdependence.
ISO 9000 encourages the adoption of the process approach to manage an organization. There are five main areas considered for the revised process model in ISO 9000:
• Quality management system
• Management responsibility
• Resource management
• Product realization
• Measurement, analysis and improvement.

What does ISO 9000 offer?

What does ISO 9000 offer?

What does ISO 9000 offer? For one thing, it offers you continuedbusiness with customers who may be requiring you to register. That isa pretty strong benefit right there.These customers may never question your quality, but these customersdepend heavily on their main suppliers. They know they canimprove their quality and through-put, if you improve yours. Just because you are great does not mean you are as great as you couldbe. ISO 9000 mandates a continuous improvement system. Youcan wriggle and fudge, but if you implement that system and workit conscientiously, you cannot help but improve. Continuous improvementis not just a buzz term. It is an imperative. Just because you are great today does not mean you will be great tomorrow.Has your industry changed? Has your organizationchanged? A well-implemented ISO 9000 helps your organizationadapt to change. It brings independence of individuals and consistencyof practices—two features that tend to resist declines inperformance.
What else does ISO 9000 bring you? When well implemented, anISO 9000 quality system improves organization performance. That is,after all, the whole point. In cases where it does not, the fault tendsnot to be in the ISO 9000 process (its inherent deficiencies notwithstanding).When an ISO 9000 system does not provide substantial benefits andimprovement in performance, it is usually because managementhas consciously chosen to cut corners, blowsmoke,stay uninvolved, and starve the system of all but the most essentialresources. “We’ll do this stupid thing, but we’re sure not goingto change the way we operate.”ISO 9000 registration brings you one more thing that your organizationmay not have today: International credibility. ISO 9000 is deployedand practiced in nearly 100 countries around the world. Intoday’s ever-growing international economic climate, this is not a bademblem to have, however narrow the scope of your market today.

ISO 9001 And ISO 14001 Information Site

ISO 9001 And ISO 14001 Information Site
http://iso9001-procedure.blogspot.com/
http://iso-14001-ems.blogspot.com/
http://iso14001qualitymanual.blogspot.com/
http://iso14001requirements.blogspot.com/
http://iso14001certification.blogspot.com/
http://iso14001qualitysystem.blogspot.com/
http://environmentsystem.blogspot.com/
http://iso14000series.blogspot.com/
http://iso9000standard.blogspot.com/
http://six-sigma-qc.blogspot.com/
http://iso9001-documents.blogspot.com/
http://iso9001-training.blogspot.com/
http://quality-assurance-system.blogspot.com/
http://iso14001standard.blogspot.com/
http://iso9001-certification.blogspot.com/
http://iso9001-certification.blogspot.com/
http://iso9000series.blogspot.com/
http://iso9001standards.blogspot.com/
http://iso9000certification.blogspot.com/
http://isotemplate.blogspot.com/
http://iso9001training.blogspot.com/
http://qualitymanualsystem.blogspot.com/

How long does it take to implement ISO 9001?

It depends on you and your company. The very fastest is 2-3 months because most ISO 9001 registrars require at least 2 months ISO 9001 track record before the certification audit.
More realistically: if you have a relatively small company (say, less than 20 employees), if your employees are motivated and if they don’t oppose change, if you have the backing of all senior executives, if you and other managers are ready to put some significant time and efforts into this endeavor, and if you use a really good ISO 9001 quality manual template (a sample ISO 9000 quality manual that you can modify to make it your own ISO 9000 quality manual), then you may be able to get certified in as short as 3-4 months; templates for ISO 9000 forms are an additional time-saver. Some companies are significantly slower, with 6-12 months not being unusual.
However, companies that write their ISO 9001 quality manual and their ISO 9001 quality procedures from scratch, rather than base them on a proven sample ISO 9001 quality manual, often take up to 2 years or longer.

Quality management and quality assurance (ISO 9000

ISO 9000 is primarily concerned with quality management. The definition of "quality" in ISO 9000 refers to all those features of a product or a service which are required by the customer. Quality management means what the organization does to ensure that its products conform to the customer's requirements.
ISO Guide 34:1996 Quality system guidelines for the production of reference materials
ISO 8402:1994 Quality management and quality assurance -- Vocabulary
ISO 9000-1:1994 Quality management and quality assurance standards -- Part 1: Guidelines for selection and use
ISO 9000-2:1997 Quality management and quality assurance standards -- Part 2: Generic guidelines for the application of ISO 9001, ISO 9002 and ISO 9003
ISO 9000-3:1997 Quality management and quality assurance standards -- Part 3: Guidelines for the application of ISO 9001:1994 to the development, supply, installation and maintenance of computer software
ISO 9000-4:1993 Quality management and quality assurance standards -- Part 4: Guide to dependability program management
ISO 9001:1994 Quality systems -- Model for quality assurance in design, development, production, installation and servicing
ISO 9002:1994 Quality systems -- Model for quality assurance in production, installation and servicing
ISO 9003:1994 Quality systems -- Model for quality assurance in final inspection and test
ISO 9004-1:1994 Quality management and quality system elements -- Part 1: Guidelines
ISO 9004-2:1991 Quality management and quality system elements -- Part 2: Guidelines for services
ISO 9004-3:1993 Quality management and quality system elements -- Part 3: Guidelines for processed materials
ISO 9004-4:1993 Quality management and quality system elements -- Part 4: Guidelines for quality Improvement

ISO 9000 - Benefits and Problems

ISO 9000 has received much publicity. Some managers see it as a prerequisite for conducting business. For others, it substitutes for the difficulties and vagaries of Total Quality Management (TQM). Some see only a needless bureaucratic boondoggle. Depending on the situation, any of these views might be correct.
Sensibly applied, ISO 9000 is a qualifier for international markets or specific domestic customers. Certification can be a valuable marketing tool. The standards are a sound blueprint for a quality system. They can lead the way to the more difficult and sophisticated approaches of Total Quality Management. ISO 9000 can improve a company's cost structure by 5%-20%.
Approached unwisely, ISO 9000 can be costly and unproductive. It may create a quality bureaucracy which adds to the cost structure and slows product development. It can focus people on paperwork instead of customers. It can divert management concentration and energy from more vital issues.

Understanding the ISO 14001 Standard

ISO 14001 is an international voluntary standard that specifies the minimum elements for an environmental management system. It was published in 1996 by the International Organization for Standardization and is being taken up by organizations throughout the world at varying speeds.
The above is accepted as true by most people who are aware of the standard. Beyond these simple facts, however, there are many misconceptions about ISO 14001. For instance:
ISO 14001 will be a requirement for all companies.As with ISO 9000, conformance to ISO 14001 may become a condition of doing business in certain countries, regions or markets. This process already has begun in some industrial sectors, such as the automotive and electronics markets. However, there are still a tremendous number of companies in business today that do not conform to ISO 9000, even though that standard is now 13 years old. Thus it is too early to tell how widely ISO 14001 will be required in the future.
Implementing ISO 14001 means getting a registration.Many suppliers choose to demonstrate conformance to ISO 14001 through third-party certification. Some customers may require this. However, the standard itself considers a company's self-declaration of conformance as an acceptable alternative. Further, some companies simply use the ISO 14001 model for internal purposes as a means to enhance their environmental performance.
ISO 14001 is just paperwork and won't really help my company.ISO 14001 is like many things in life - you get out of it what you put into it. The way a company implements the standard determines what benefits it receives. Many companies that have implemented ISO 14001 report a variety of benefits, including improved environmental performance, greater operating efficiency, cost reduction, improved employee awareness and enhanced public image, among others.
Implementing ISO 14001 means throwing out our current environmental programs.ISO 14001 criteria specify "what to do," not "how to do it." Implementation approaches vary widely. There is no reason to think that your existing approach to environmental management must be put aside to satisfy ISO 14001.

Quality Characteristic in ISO 9000

Any feature or characteristic of a product or service that is needed to satisfy
customer needs or achieve fitness for use is a quality characteristic. When
dealing with products the characteristics are almost always technical character-
istics, whereas service quality characteristics have a human dimension. Some
typical quality characteristics are given below.

Product characteristics
1. Accessibility Functionality Size
2. Availability Interchangeability Susceptibility
3. Appearance Maintainability Storability
4. Adaptability Odour – Strength
5. Cleanliness Operability -Taste
6. Consumption Portability – Testability
7. Durability Producibility Traceability
8. Disposability Reliability – Toxicity
9. Emittance Reparability Transportability
10. Flammability Safety – Vulnerability
11. Flexibility Security – Weight

Service quality characteristics
1. Accessibility Credibility – Honesty
2. Accuracy Dependability Promptness
3. Courtesy Efficiency – Responsiveness
4. Comfort Effectiveness Reliability
5. Competence Flexibility – Security

These are the characteristics that need to be specified and their achievement
controlled, assured, improved, managed and demonstrated. These are the
characteristics that form the subject matter of the product requirements
referred to in ISO 9000. When the value of these characteristics is quantified or
qualified they are termed product requirements. We used to use the term quality
requirements but this caused a division in thinking that resulted in people
regarding quality requirements as the domain of the quality personnel and
technical requirements being the domain of the technical personnel. All
requirements are quality requirements – they express needs or expectations that
are intended to be fulfilled by a process output that possesses inherent
characteristics. We can therefore drop the word quality. If a modifying word is
needed in front of the word requirements it should be a word that signifies the
subject of the requirements. Transportation system requirements would be
requirements for a transportation system, Audio speaker design requirements
would be requirements for the design of an audio speaker, component test
requirements would be requirements for testing components, and management
training requirements would be requirements for training managers. ISO 9000
requirements are often referred to as quality requirements as distinct from other
types of requirements but this is misleading. ISO 9000 is no more a quality
requirement than is ISO 1000 on SI units, ISO 2365 for Ammonium nitrate or
ISO 246 for Rolling Bearings. The requirements of ISO 9000 are quality
management system requirements – requirements for a quality management
system.

ISO 9001:2008 Documentation Requirements

ISO 9001:2008 Documentation Requirements
ISO 9001:2008 clause 4.1 General requirements requires an organization to “establish, document, implement, and maintain a quality management system and continually improve its effectiveness in accordance with the requirements of this International Standard”
ISO 9001:2008 Clause 4.2.1 General explains that the quality management system documentation shall include:
documented statements of a quality policy and quality objectives;
a quality manual
documented procedures required by this International Standard
documents needed by the organization to ensure the effective planning, operation and control of its processes, and
records required by this International Standard;
The notes after Clause 4.2 make it clear that where the standard specifically requires a “documented procedure”, the procedure has to be established, documented, implemented and maintained. It also emphasizes that the extent of the QMS documentation may differ from one organization to another due to:
the size of organization and type of activities;
the complexity of processes and their interactions, and
the competence of personnel.
All the documents that form part of the QMS have to be controlled in accordance with clause 4.2.3 of ISO 9001:2008, or, for the particular case of records, according to clause 4.2.4.
Guidance on Clause 4.2 of ISO 9001:2008
The following comments are intended to assist users of ISO 9001:2008 in understanding the intent of the general documentation requirements of the International Standard.
a) Documented statements of a quality policy and objectives:
Requirements for the quality policy are defined in clause 5.3 of ISO 9001:2008. The documented quality policy has to be controlled according to the requirements of clause 4.2.3.Note: Organizations that are revising their quality policy for the first time, or in order to meet the amended requirements in ISO 9001:2008, should pay particular attention to clause 4.2.3 (c), (d) and (g).
Requirements for quality objectives are defined in clause 5.4.1 of ISO 9001:2008. These documented quality objectives are also subject to the document control requirements of clause 4.2.3.
b) Quality Manual:
Clause 4.2.2 of ISO 9001:2008 specifies the minimum content for a quality manual. The format and structure of the manual is a decision for each organization, and will depend on the organization’s size, culture and complexity. Some organizations may choose to use the quality manual for other purposes besides that of simply documenting the QMS
A small organization may find it appropriate to include the description of its entire QMS within a single manual, including all the documented procedures required by the standard.
Large, multi-national organizations may need several manuals at the global, national or regional level, and a more complex hierarchy of documentation.
The quality manual is a document that has to be controlled in accordance with the requirements of clause 4.2.3.
c) Documented procedures:
ISO 9001:2008 specifically requires the organization to have “documented procedures” for the following six activities:4.2.3 Control of documents4.2.4 Control of records8.2.2 Internal audit8.3 Control of nonconforming product8.5.2 Corrective action8.5.3 Preventive action
These documented procedures have to be controlled in accordance with the requirements of clause 4.2.3
Some organizations may find it convenient to combine the procedure for several activities into a single documented procedure (for example, corrective action and preventive action). Others may choose to document a given activity by using more than one documented procedure (for example, internal audits). Both are acceptable.
Some organizations (particularly larger organizations, or those with more complex processes) may require additional documented procedures (particularly those relating to product realization processes) to implement an effective QMS.
Other organizations may require additional procedures, but the size and/or culture of the organization could enable these to be effectively implemented without necessarily being documented. However, in order to demonstrate compliance with ISO 9001:2008, the organization has to be able to provide objective evidence (not necessarily documented) that its QMS has been effectively implemented.
d) Documents needed by the organization to ensure the effective planning, operation and control of its processes:
In order for an organization to demonstrate the effective implementation of its QMS, it may be necessary to develop documents other than documented procedures. However, the only documents specifically mentioned in ISO 9001:2008 are:- Quality policy (clause 4.2.1.a)- Quality objectives (clause 4.2.1.a)- Quality manual (clause 4.2.1.b)
There are several requirements of ISO 9001:2008 where an organization could add value to its QMS and demonstrate conformity by the preparation of other documents, even though the standard does not specifically require them. Examples may include:- Process maps, process flow charts and/or process descriptions- Organization charts- Specifications- Work and/or test instructions- Documents containing internal communications- Production schedules- Approved supplier lists- Test and inspection plans- Quality plans
All such documents have to be controlled in accordance with the requirements of clause 4.2.3 and/or 4.2.4, as applicable
e) Records:
Examples of records specifically required by ISO 9001:2008 are presented in Annex B.
Organizations are free to develop other records that may be needed to demonstrate conformity of their processes, products and quality management system.
Requirements for the control of records are different from those for other documents, and all records have to be controlled according to those of clause 4.2.4 of ISO 9001:2008.

Establishing a ISO 9001 records procedure

Establishing ISO 9001 Records Procedure

The ISO 9001 standard requires records to remain legible, readily identifiable and retrievable and that a procedure defines the controls needed for the identification, storage, protec- tion, retrieval, retention time and disposition of records. Records have a life cycle. They are generated during
which time they acquire an identity and are then assigned for storage for a prescribed period. During use and storage they need to be protected from inadvertent or malicious destruction and as they may be required to support current activities or investigations, they need to be brought out of storage quickly. When their usefulness has lapsed, a decision is made as to whether to
retain them further or to destroy them.
Readily retrievable means that records can be obtained on demand within a reasonable period (hours not days or weeks) Readily identifiable means that the identity can be discerned at a glance.

Although the requirement implies a single procedure, several may be necessary because there are several unconnected tasks to perform. A procedure cannot in fact ensure a result. It may prescribe a course of action which if followed may lead to the correct result, but it is the process that ensures the result not the procedure.

The revised requirement omits several aspects covered in clause 4.16 of the
1994 version. Collection of records is now addressed by Analysis of data (clause 8.4) Indexing of records is a specific form of identification and is therefore already addressed Access is now addressed by the requirement for record retrieval Filing is a specific form of storage and is therefore already addressed You may only need one procedure which covers all the requirements but this is not always practical. The provisions you make for specific records should be included in the documentation for controlling the activity being recorded. For example, provisions for inspection records should be included in the inspection procedures; provisions for design review records should be included in the design review procedure. Within such procedures you should provide the forms (or content requirement for the records), the dentification, collection/submission provisions, the indexing and filing provisions. It may be more
practical to cover the storage, disposal and retention provisions in separate procedures because they may not be type-dependent. Where each department retains their own records, these provisions may vary and therefore warrant separate procedures.

Unlike prescriptive documents, records may contain handwritten elements and therefore it is important that the handwriting is legible. If this becomes a problem, you either improve discipline or consider electronic data capture.

Records also become soiled in a workshop environment so may need to be protected to remain legible. With electronically captured data, legibility is often not a problem. However, photographs and other scanned images may not transfer as well as the original and lose detail so care has to be taken in selecting appropriate equipment for this task.

Whatever the records, they should carry some identification in order that you can determine what they are, what kind of information they record and what they relate to. A simple way of doing this is to give each record a reference number and a name or title in a prominent location on the record.

1994 –2000 Differences

Previously the standard covered retrieval in four ways. It required:
(a) that quality records be made available for evaluation by the customer or his representative for an agreed period, where agreed contractually Records can take various forms – reports containing narrative, computer data, and forms containing data in boxes, graphs, tables, lists and many others. Where forms are used to collect data, they should carry a form number and name as their identifica-
tion. When completed they should carry a serial number to give each a separate identity. Records should also be traceable to the product or service they represent and this can be achieved either within the reference number or separately, provided that the chance of mistaken identity is eliminated. The standard does not require records to be identifiable to the product involved but unless you do make such provision you will not be able to access the pertinent
records or demonstrate conformance to specified requirements.

Changes to ISO 9000

Changes in titles
The titles have changed – moving away from models to requirements andguidance.

Changes in scope
The scope of the standard has changed from those activities that impact theproduct to embrace all activities
in an organization that serve the satisfaction of customers. This leaves little if any activity of an organization that would be
outside the scope of the quality management system.

Changes in structure

By far the most significant change is the change in structure – away from 20elements to a model based on five elements.
The ISO 9000:2000 family of standard is based on a process model.
Changes in content
The content has changed from 20 elements organized on the basis of whatcould go wrong to four groups of requirements
that focus on elements of process management. It is however, not the fact that the original elements have
been placed onto a new structure, but that the principles upon which the standard has been based have changed.
Changes in intent
The intent of ISO 9001 has changed from a model for quality assurance to a setof requirements for an effective quality
management. The standard is now based on eight management principles not on what requirements were
necessary to prevent failures that experience had shown led to poor product quality.
The forgotten standard ISO 8402 is brought into the family of ISO 9000 thus making it more likely that people will use it.
However, in the author ’s opinion, all three standards should have been merged into one standard thus
ensuring that everyone who possessed the requirements also possessed the concepts, terminology and
guidelines to refer to as necessary.
Much damage can be done when the requirements of ISO 9000 are taken out
of context, taken in isolation and taken literally. ISO 9000 is not a productstandard therefore it is subject to
interpretation as appropriate to the conditions
in which it is being used. Whatever the initial understanding of a requirement
of ISO 9001 might be, the intent is that:
organizations design and manage their processes effectively to achievecorporate objectives, not that they create functional
silos that compete for resources.
organizations choose the right things to do based on an objective analysis of
the environment in which they operate, not slavishly follow procedures that
serve no practical purpose.
management create an environment in which people will be motivated, not
create bureaucratic systems of documentation that stifle initiative and
creativity.
Changes in language
The language in ISO 9000 has changed to reflect pressure from the usercommunity for a user-friendlier standard.
In some cases the changes are insignificant but in others the changes have a wider impact as indicated
below:
Subcontractor has changed to supplier and supplier changed to organizationso that there is now a supply
chain represented by customer – organization – supplier.
In ISO 9001 the term customer is used but in ISO 9004 the term, interested party
is used in order to embrace customers, employees, investors and otherparties.
Executive management has been changed to Top Management indicating thatwhen the standard uses
the term management responsibility it is the people who direct the organization that should address
these requirements.
Specified requirements have changed to customer and regulatory require-ments or product requirements
depending on the context.
Procedures have not exactly been changed to processes but presented in adifferent way that makes
procedures only one element of managing an effective process. Procedures have lost their dominance in
the standard to be replaced by the concept of managed processes.
Changes in requirement
ISO 9001 still contains 136 ‘shall’ statements, 2 less than the 1994 version so insome respects it is no different.
There were roughly 323 requirements in ISO 9001:1994 (Hoyle, David, 1996)6 . In ISO 9001:2000 there are roughly 250
requirements. This is still too many especially if we are trying to get across the
fundamental requirements of the standard. The following summarizes the
requirement of ISO 9001 at two levels: firstly as a single requirement, secondly
as a series of generic requirements.

Implementing ISO 9000 Quality Management System

Implementation of ISO 9000 affects the entire organization right from the start. If pursued with total dedication, it results in ‘cultural transition’ to an atmosphere of continuous improvement.The process of implementing ISO 9000 depends on:???? The sophistication of your existing quality program,???? The size of your organization, and???? The complexity of your process.The 14 essential steps, briefly described below, are to be followed through in order to implement ISO 9000 quality management system successfully.Step 1: Top management commitmentStep 2: Establish implementation teamStep 3. Start ISO 9000 awareness programsStep 4: Provide TrainingStep 5. Conduct initial status surveyStep 6: Create a documented implementation planStep 7. Develop quality management system documentationStep 8: Document controlStep 9. ImplementationStep 10. Internal quality auditStep 11. Management reviewStep 12. Pre-assessment auditStep 13. Certification and registrationStep 14: Continual ImprovementStep 1: Top Management CommitmentThe top management (managing director or chief executive) should demonstrate a commitment and a determination to implement an ISO 9000 quality management system in the organization. Without top management commitment, no quality initiative can succeed. Top management must be convinced that registration and certification will enable the organization to demonstrate to its customers a visible commitment to quality. It should realize that a quality management system would improve overallbusiness efficiency by elimination of wasteful duplication in management system.The top management should provide evidence of its commitment to the development and implementation of the quality management system and continually improve its effectiveness by:a. Communicating to the organization the importance of meeting customer as well as statutory and regulatory requirements,b. Defining the organization’s quality policy and make this known to every employee,c. Ensuring that quality objectives are established at all levels and functions,d. Ensuring the availability of resources required for the development andimplementation of the quality management system,e. Appointing a management representative to coordinate quality management system activities, and Conducting management review.The top management should also consider actions such as:1. Leading the organization by example,2. Participating in improvement projects,3. Creating an environment that encourages the involvement of people.This type of top management commitment may be driven by:1. Direct marketplace pressure: requirements of crucial customers or parentconglomerates.2. Indirect marketplace pressure: increased quality levels and visibility among competitors.3. Growth ambitions: desire to exploit market opportunities.4. Personal belief in the value of quality as a goal and quality management systems as a means of reaching that goal.The top management should identify the goals to be achieved through the quality management system. Typical goals may be:• Be more efficient and profitable• Produce products and services that consistently meet customers’ needs andexpectations• Achieve customers satisfaction• Increase market share• Improve communications and morale in the organization• Reduce costs and liabilities• Increase confidence in the production systemStep 2. Establish Implementation TeamISO 9000 is implemented by people. The first phase of implementation calls for the commitment of top management – the CEO and perhaps a handful of other key people.The next step is to establish implementation team and appoint a ManagementRepresentative (MR) as its coordinator to plan and oversee implementation. Its members should include representatives of all functions of the organization -Marketing, Design and development, Planning, Production, Quality control, etc.In the context of the standard, the MR is the person within the Organization who acts as interface between organization management and the ISO 9000 registrar. His role is, in fact, much broader than that. The MR should also act as the organization’s “quality management system champion,” and must be a person with:
1. Total backing from the CEO,2. Genuine and passionate commitment to quality in general and the ISO 9000 qualitymanagement system in particular,3. The dignity – resulting from rank, seniority, or both – to influence managers and others of all levels and functions,4. Detailed knowledge of quality methods in general and ISO 9000 in particular.The members of the implementation team should also be trained on ISO 9000 quality management systems by a professional training organization.
Step 3. Start ISO 9000 Awareness ProgramsISO 9000 awareness programs should be conducted to communicate to theemployees the aim of the ISO 9000 quality management system; the advantage it offers to employees, customers and the organization; how it will work; and their roles and responsibilities within the system. Suppliers of materials and components should also participate in these programs.The awareness program should emphasize the benefits that the organization expects to realize through its ISO 9000 quality management system. The program should also stress the higher levels of participation and self-direction that the quality management system renders to employees. Such a focus will go far to enlist employee support and commitment.The programs could be run either by the implementation team or by experts hired to talk to different levels of employees.Step 4. Provide TrainingSince the ISO 9000 quality management system affects all the areas and all personnel in the organization, training programs should be structured for different categories of employees – senior managers, middle-level managers, supervisors and workers. The ISO 9000 implementation plan should make provision for this training. The training should cover the basic concepts of quality management systems and the standard and their overall impact on the strategic goals of the organization, the changed processes, and the likely work culture implications of the system. In addition, initial training mayalso be necessary on writing quality manuals, procedures and work instruction; auditing principles; techniques of laboratory management; calibration; testing procedures, etc.When in-house capacity to carry out such training is not available, it may be necessary to participate in external training courses run by professional training organizations.Alternatively, an external training institution could be invited to conduct in-house training courses.
Step 5. Conduct Initial Status SurveyISO 9000 does not require duplication of effort or redundant system. The goal of ISO 9000 is to create a quality management system that conforms to the standard. This does not preclude incorporating, adapting, and adding onto quality programs already in place. So the next step in the implementation process is to compare the organization’s existing quality management system, if there is one — with the requirements of thestandard (ISO 9001:2008).For this purpose, an organization flow chart showing how information actually flows (not what should be done) from order placement by the customer to delivery to this customer should be drawn up. From this over-all flow chart, a flow chart of activities in each department should be prepared.With the aid of the flow charts, a record of existing quality management system should be established. A significant number of written procedures may already be in place.Unless they are very much out of date, these documents should not be discarded.Rather, they should be incorporated into the new quality management system.Documents requiring modification or elaboration should be identified and listed. Thisexercise is some times referred to as ” gap analysis”. During these review processes,wide consultation with executives and representatives of various unions andassociations within the organization is required to enlist their active cooperation.In the review process, documents should be collected, studied and registered for further use, possibly after they have been revised. Before developing new quality management system documentation, you need to consider with which quality requirements or department you should start. The best is to select an area where processes are fairly well organized, running effectively and functioning satisfactorily.The basic approach is to determine and record how a process is currently carried out.We can do this by identifying the people involved and obtaining information from them during individual interviews. Unfortunately, it often happens that different people will give different, contradicting versions of a process. Each one may refer to oral instructions that are not accurate or clear. This is why the facts are often not described correctly the first time around, and have to be revised several times.Once it has been agreed how to describe the current process, this process has to be adapted, supplemented and implemented according to the requirements of the quality standard (ISO 9001:2008). This requires organizational arrangements, the drawing up of additional documents and possible removal of existing documentation (e.g. procedures, inspection/test plans, inspection/test instructions) and records (e.g.inspection/test reports, inspection/test certificates).In introducing a quality management system, the emphasis is on the improvement of the existing processes or the re-organization of processes.In general, the steps to follow are the following:Ascertain and establish the following:What is the present operation/process? What already exists?
Analyze the relevant sections of the quality standard – ISO 9001:2000:What is actually required? If necessary, supplement and change operational arrangements in accordance with the standard, develop documents and records, and describe operations/processes:What is the desired operation/process?Figure 1: Steps in introducing a quality management systemThe above gap analysis can be done internally, if the knowledge level is there. Or aformal pre-assessment can be obtained from any one of a large number of ISO 9000consulting, implementing, and registration firms.Step 6. Create a Documented Implementation PlanOnce the organization has obtained a clear picture of how its quality management system compares with the ISO 9001:2008 standard, all non-conformances must be addressed with a documented implementation plan. Usually, the plan calls for identifying and describing processes to make the organization’s quality management system fully in compliance with the standard.The implementation plan should be thorough and specific, detailing:???? Quality documentation to be developed???? Objective of the system???? Pertinent ISO 9001:2008 section???? Person or team responsible???? Approval required???? Training required???? Resources required???? Estimated completion dateThese elements should be organized into a detailed chart, to be reviewed andapproved. The plan should define the responsibilities of different departments and personnel and set target dates for the completion of activities. Once approved, the Management Representative should control, review and update the plan as the implementation process proceeds.Typical implementation action plan is shown in Figure 2. Use ISO 10005:1995 for guidance in quality planning
Step 7. Develop Quality Management System DocumentationDocumentation is the most common area of non-conformance among organizations wishing to implement ISO 9000 quality management systems. As one company pointed out: “When we started our implementation, we found that documentation was inadequate. Even absent, in some areas. Take calibration. Obviously it’s necessary, and obviously we do it, but it wasn’t being documented. Another area was inspection and testing. We inspect and test practically every item that leaves here, but our documentation was inadequate”.Documentation of the quality management system should include:???? Documented statements of a quality policy and quality objectives,???? A quality manual,???? Documented procedures and records required by the standard ISO 9001:2008, and???? Documents needed by the organization to ensure the effective planning, operation and control of its processes.Quality documentation is generally prepared in the three levels indicated in the box that follows. Use ISO 10013:1995 for guidance in quality documentation.
In small companies, the above levels of documentation could be presented in one manual; otherwise, separate manuals should be prepared.A list of the documents to be prepared should be drawn up and the responsibility for writing the documents should be assigned to the persons concerned in various functional departments. They should be advised to prepare the drafts within a specific time frame.Step 8: Document ControlOnce the necessary quality management system documentation has been generated, a documented system must be created to control it. Control is simply a means of managing the creation, approval, distribution, revision, storage, and disposal of the various types of documentation. Document control systems should be as simple and as easy to operate as possible — sufficient to meet ISO 9001:2008 requirements and that is all.Document control should include:???? Approval for adequacy by authorized person (s) before issue,???? Review, updating and re-approval of documents by authorized person (s),???? Identification of changes and of the revision status of documents,???? Availability of relevant versions of documents at points of use,???? Identification and control of documents of external origin,???? Assurance of legibility and identifability of documents, and???? Prevention of unintended use of obsolete documents.The principle of ISO 9000 document control is that employees should have access to the documentation and records needed to fulfil their responsibilities.Step 9. ImplementationIt is good practice to implement the quality management system being documented as the documentation is developed, although this may be more effective in larger firms. In smaller companies, the quality management system is often implemented all at once throughout the organization. Where phased implementation takes place, the effectiveness of the system in selected areas can be evaluated.It would be a good idea initially to evaluate areas where the chances of a positive evaluation are high, to maintain the confidence of both management and staff in the merits of implementing the quality management system.The implementation progress should be monitored to ensure that the qualitymanagement system is effective and conforms to the standard. These activities include internal quality audit, formal corrective action and management review.Step 10. Internal Quality AuditAs the system is being installed, its effectiveness should be checked by regular internal quality audits. Internal quality audits are conducted to verify that the installed quality management system:
???? Conform to the planned arrangements, to the requirements of the standard (ISO 9001:2008) and to the quality management system requirements established by your organization, and???? Is effectively implemented and maintained.Even after the system stabilizes and starts functioning, internal audits should be planned and performed as part of an ongoing strategy.A few staff members should be trained to carry out internal auditing. Use ISO 19011 for guidance in auditing, auditor qualification and programmes.Step 11. Management ReviewWhen the installed quality management system has been operating for three to six months, an internal audit and management review should be conducted and corrective actions implemented. The management reviews are conducted to ensure the continuing suitability, adequacy and effectiveness of the quality management system.????The review should include assessing opportunities for improvement and the need for changes to the quality management system, including the quality policy and quality objectives.The input to management review should include information on:???? Results of audits,???? Customer feed back,???? Process performance and product conformity,???? Status of preventive and corrective actions,???? Follow-up actions from previous management reviews,???? Changes that could affect the quality management system, and???? Recommendations for improvements.Management reviews should also address the pitfalls to effective implementation, including lack of CEO commitment, failure to involve everyone in the process, and failure to monitor progress and enforce deadlines.Step 12. Pre-assessment AuditWhen system deficiencies are no longer visible, it is normally time to apply for certification. However, before doing so, a pre-assessment audit should be arranged with an independent and qualified auditor. Sometimes certification bodies provide this service for a nominal charge. The pre-assessment audit would provide a degree of confidence for formally going ahead with an application for certification.Step 13. Certification and RegistrationOnce the quality management system has been in operation for a few months and has stabilized, a formal application for certification could be made to a selected certification agency. The certification agency first carries out an audit of the documents (referred to as an “adequacy audit”). If the documents conform to the requirements of the quality standard, then on-site audit is carried out. If the certification body finds the system to be working satisfactorily, it awards the organization a certificate, generallyfor a period of three years. During this three-year period, it will carry out periodic surveillance audits to ensure that the system is continuing to operate satisfactorily.Step 14: Continual ImprovementCertification to ISO 9000 should not be an end. You should continually seek to improve the effectiveness and suitability of the quality management system through the use of:???? Quality policy???? Quality objectives???? Audit results???? Analysis of data???? Corrective and preventive actions???? Management reviewISO 9004:2008 provides a methodology for continual improvement.

Disposition of ISO 9001 Records

Disposition of ISO 9001 Records

Disposition in this context means the disposal of records once their useful life
has ended. The requirement should not be confused with that on the retention
of records. Retention times are one thing and disposal procedures quite
another.
The ISO 9001 standard does not specifically require records to be authenticated, certified
or validated other than product verification records in clause 8.2.4. A set of
results without being endorsed with the signature of the person who captured
them or other authentication lacks credibility. Facts that have been obtained by
whatever means should be certified for three reasons:

They provide a means of tracing the result to the originator in the event of
problems.
They indicate that the provider believes them to be correct.
They enable you to verify whether the originator was appropriately
qualified.
They give the results credibility.

If the records are generated by computer and retained in computerized form,
a means needs to be provided for the results to be authenticated. This can be
accomplished through appropriate process controls by installing provisions for
automated data recording or preventing unauthorized access.

Control of ISO 9000 records

Control Of ISO 9000 Records
The ISO 9000 standard requires records to be established and
maintained to provide evidence of conformity to require-
ments and the effective operation of the quality manage-
ment system.
A record is defined in ISO 9000 as a document stating
results achieved or providing evidence of activities
performed.

Although a record is a document, the document

control requirement of clause 4.2.3 do not apply to

records primarily because records are not issued,
neither do they exhibit revision status simply
because they are results that are factual when
recorded. If the facts change, a new record is usually
created rather than the previous record revised. Even
where a record is revised and new facts added, the
old facts remain identified as to their date. The only reason for revising facts
contained in a record without changing the identity of the record or the date
when they were collected is where the facts were incorrectly recorded. This
subtle difference demands different treatment for documents that are classed
as records to those that are classed as informative. As with other types of
documents, records result from processes and may be used as inputs to other
processes.
Records required by the management system means records used or
generated by the management system. There is therefore no requirement to
produce records solely to satisfy an auditor. The records required are those for
the effective operation of the organization’s processes (see clause 4.1d of ISO
9001). If a record has no useful purpose within the management system there
is no requirement that it be established or maintained.
This does not mean that a record is required to prove conformity with every
single requirement for every product and service. There are those records
required by the standard (see below) that are required for every product and
service where applicable and in all other cases, audit records showing
compliance on a sample of operations would be sufficient.
Compliance with many requirements can be demonstrated by observation,
analysis, interview or examination of documentation. If a result or an activity
is not required to be recorded in order to manage the organization effectively
and satisfy the interested parties, it is not necessary to maintain records of it.