|
INTRODUCTION
ISO 9000 is sweeping the world. It is rapidly becoming the
most important quality standard. Thousands of companies in over 100
countries have already adopted it, and many more are in the process
of doing so. Why? Because it controls quality. It saves money.
Customers expect it. And competitors use it.
ISO 9000 applies to all types of organizations. It doesn't
matter what size they are or what they do. It can help both product
and service oriented organizations achieve standards of quality that
are recognized and respected throughout the world.
ISO is the International Organization for Standardization.
It is located in
Switzerland
and was established in 1947 to develop common international
standards in many areas. Its members come from over 120 national
standards bodies.
What is ISO 9000?
The term ISO 9000 refers to a set of quality management
standards. ISO 9000 currently includes three quality standards: ISO
9000:2000, ISO 9001:2000, and ISO 9004:2000. ISO 9001:2000 presents
requirements, while ISO 9000:2000 and ISO 9004:2000 present
guidelines. All of these are process standards (not product
standards).
ISO first published its quality standards in 1987, revised
them in 1994, and then republished an updated version in 2000. These
new standards are referred to as the "ISO 9000 2000 Standards".
ISO's purpose is to facilitate international trade by
providing a single set of standards that people everywhere would
recognize and respect.
The ISO 9000 2000 Standards apply to all kinds of
organizations in all kinds of areas. Some of these areas include
manufacturing, processing, servicing, printing, forestry,
electronics, steel, computing, legal services, financial services,
accounting, trucking, banking, retailing, drilling, recycling,
aerospace, construction, exploration, textiles, pharmaceuticals, oil
and gas, pulp and paper, petrochemicals, publishing, shipping,
energy, telecommunications, plastics, metals, research, health care,
hospitality, utilities, pest control, aviation, machine tools, food
processing, agriculture, government, education, recreation,
fabrication, sanitation, software development, consumer products,
transportation, design, instrumentation, tourism, communications,
biotechnology, chemicals, engineering, farming, entertainment,
horticulture, consulting, insurance, and so on.
How does ISO 9000
Work?
Here's how it works. You decide that you need to develop a
quality management system that meets the new ISO 9000 Standards.
That's your mission. You choose to follow this path because you feel
the need to control or improve the quality of your products and
services, to reduce the costs associated with poor quality, or to
become more competitive. Or, you choose this path simply because
your customers expect you to do so or because a governmental body
has made it mandatory. You then develop a quality management system
that meets the requirements specified by ISO 9001:2000 (ISO 9002 and
ISO 9003 have been dropped).
In the course of doing so, you may also wish to consult the
ISO 9000:2000 and ISO 9004:2000 guidelines. However, you don't need
to study ISO's guidelines. Your quality management system must meet
ISO's requirements, not ISO's guidelines. You may ignore ISO's
guidelines (unless you need additional clarification or you wish to
develop a quality system that goes beyond the ISO 9001:2000
requirements).
But, how do you develop such a system? Well, you start with
a Gap Analysis. An ISO 9001 2000 Gap Analysis will tell you exactly
what you need to do to meet the new ISO 9001 2000 Quality Management
Standard. It will help you identify the GAPS that exist between the
new ISO 9001 Standard and your organization's processes. Once you
know precisely where the GAPS are, you can take steps to fill your
gaps. By doing so, you will not only comply with the new ISO 9001
Standard, but you will also improve the overall performance of your
organization's processes.
Once your quality system has been fully developed and
implemented, you carry out an Internal Audit to ensure that you've
met every single ISO 9001 2000 requirement.
When you're ready, you ask a Registrar to audit the
effectiveness of your quality management system. If your auditors
like what they see, they will certify that your quality system has
met ISO's requirements. They will then issue an official certificate
to you and they will record your achievement in their registry.
You can then announce to the world that the quality of your
products and services is managed, controlled, and assured by a
registered ISO 9001 Quality Management System!
However, you don't have to be registered. ISO does not
require formal registration (certification). You can be in
compliance without being registered by an accredited auditor. But,
your customers are more likely to believe that you have an effective
quality management system if an independent external auditor says
so.
Why is ISO 9000
Important?
ISO 9000 is important because of its orientation. While the
content itself is useful and important, the content alone does not
account for its widespread appeal.
ISO 9000 is important because of its international
orientation. Currently, ISO 9000 is supported by national standards
bodies from more than 120 countries. This makes it the logical
choice for any organization that does business internationally or
that serves customers who demand an international standard of
quality.
ISO is also important because of its systemic orientation.
We think this is crucial. Many people in this field wrongly
emphasize motivational and attitudinal factors. The assumption is
that quality can only be created if workers are motivated and have
the right attitude. This is fine, but it doesn't go far enough.
Unless you institutionalize the right attitude by supporting it with
the right policies, procedures, records, technologies, resources,
and structures, you will never achieve the standards of quality that
other organizations seem to be able to achieve. Unless you establish
a quality attitude by creating a quality system, you will never
achieve a world-class standard of quality.
Simply put, if you want to have a quality attitude you must
have a quality system. This is what ISO recognizes, and this is why
ISO 9000 is important.
|TOP|
ISO 9000 2000 PRINCIPLES
According to ISO, the new ISO 9000 2000 standards are based
on eight quality management principles. ISO chose these principles
because they can be used to improve organizational performance and
achieve success.
But how can you make sure that your organization applies
these principles? The answer is to implement a quality management
system that meets the new ISO 9001 2000 standard. If you do so, your
organization will automatically apply these principles. This is
because they permeate the new standard and will therefore be built
into any quality system that is based on this standard. So if you
want to improve the performance of your organization, you need to
develop and implement an ISO 9001:2000 quality management system
that applies the eight principles listed below.
|
ISO 9000 2000 Quality Management Principles |
|
1 |
Focus on your customers |
Organizations rely on customers. Therefore:
·
Organizations must understand customer needs.
·
Organizations must meet customer requirements.
·
Organizations must exceed customer expectations. |
|
2 |
Provide leadership |
Organizations rely on leaders. Therefore:
·
Leaders must establish a unity of purpose and
set the direction the organization should take.
·
Leaders must create an environment that encourages
people to achieve the organization's objectives. |
|
3 |
Involve
your
people |
Organizations rely on people. Therefore:
·
Organizations must encourage the involvement of people at all
levels.
·
Organizations must help people to
develop and use their abilities.
|
|
4 |
Use a process approach |
Organizations are more efficient and effective
when they use a process approach. Therefore:
·
Organizations must use a process approach
to manage activities and related resources. |
|
5 |
Take a systems approach |
Organizations are more efficient and effective
when they use a systems approach. Therefore:
·
Organizations must identify interrelated
processes and treat them as a system.
·
Organizations must use a systems approach
to manage their interrelated processes.
|
|
6 |
Encourage continual improvement |
Organizations are more efficient and effective
when they continually try to improve. Therefore:
·
Organizations must make a permanent commitment
to continually improve their overall performance. |
|
7 |
Get the facts before you decide |
Organizations perform better when their
decisions are based on facts. Therefore:
·
Organizations must base decisions on the
analysis of factual information and data.
|
|
8 |
Work with your suppliers |
Organizations depend on their suppliers
to help them create value. Therefore:
·
Organizations must maintain a mutually
beneficial relationship with their suppliers. |
|TOP|
WHAT'S NEW
ISO 9001 2000
versus ISO 9001 1994
New Standard
In the past, ISO had three standards: ISO 9001:1994, ISO
9002:1994, and ISO 9003:1994. Now there's only one standard: ISO
9001:2000! ISO 9002 and ISO 9003 have been dropped.
So, if you are currently ISO 9002:1994 or ISO 9003:1994
certified, you will now need to become ISO 9001:2000 certified. And
if you're now ISO 9001 certified, you're going to have to update
your quality system in order to meet the new ISO 9001:2000
requirements.
New Structure
When you compare ISO 9001:1994 and ISO 9001:2000 you’ll
notice that ISO has abandoned the 20-clause structure of the old
standard. Instead of 20 sections, the new standard now has 5
sections.
ISO reorganized the ISO 9001 standard in order to create a
more logical structure, and in order to make it more compatible with
the ISO 14001 environmental management standard. While this
reorganization is largely a cosmetic change, it could have some
rather profound implications if you’ve organized your current
quality manual around the old 20-part structure.
New Emphasis
In general, the new standard is more customer-oriented than
the old standard. While the old standard was also oriented towards
meeting customer requirements and achieving customer satisfaction,
the new standard addresses this in much greater detail. In
addition, it expects you to communicate with customers and to
measure and monitor customer satisfaction.
The new standard also emphasizes the need to make
improvements. While the old standard did implicitly expect
organizations to make improvements, the new standard makes this
explicit. Specifically, ISO 9001 now wants you to evaluate the
effectiveness and suitability of your quality management system, and
to identify and implement systemic improvements.
New Definitions
In the past, organizations that wished to be certified were
referred to as suppliers because they supplied products and services
to customers. Since many people were confused by this usage, ISO has
decided to use the word organization instead. Now the ISO standards
focus on the organization, not the supplier.
The term supplier now refers to the organization’s
supplier. The new redefined term supplier replaces the old term
subcontractor (which has now been dropped). While this may sound a
bit confusing, this new usage simply reflects the way these words
are normally used.
While you’re probably familiar with the previous concepts,
you may not have heard of the next one. ISO now uses the phrase
product realization. While this is a rather abstract concept, it is
now central to ISO’s approach. In fact, ISO devotes an entire
section to this new concept (Section 7). So what does it mean?
In order to grasp what it means you need to recognize that
a product starts out as an idea. The idea is realized or actualized
by following a set of product realization processes. Product
realization refers to the interconnected processes that are used to
bring products into being. In brief, when you start out with an idea
and end up with a product, you’ve gone through the process of
product realization.
New Requirements
The new ISO 9001:2000 standard introduces some new
requirements and modifies some old ones. These requirements are
summarized below. For more detail, please see the associated ISO
9001:2000 clauses (in brackets).
-
Communicate
with customers (7.2.3).
-
Identify
customer requirements (5.2, 7.2.1).
-
Meet customer
requirements (5.2).
-
Monitor and
measure customer satisfaction (8.2.1).
-
Meet regulatory
requirements (5.1).
-
Meet statutory
requirements (5.1).
-
Support
internal communication (5.5.3).
-
Provide quality
infrastructure (6.3).
-
Provide a
quality work environment (6.4).
-
Evaluate the
effectiveness of training (6.2.2).
-
Monitor and
measure processes (8.2.3).
-
Evaluate the
suitability of quality management system (8.4).
-
Evaluate the
effectiveness of quality management system (8.4).
-
Identify
quality management system improvements (5.1, 8.4).
-
Improve quality
management system (5.1, 8.5).
New Flexibility
Under the new ISO 9001:2000 standard, you may ignore or
exclude some requirements. Requirements that may be ignored under
special circumstances are known as exclusions. According to ISO, you
may ignore or exclude any of the requirements found in Section 7
Product realization as long as you meet certain conditions.
You may exclude a Section 7 requirement if you cannot apply
it. More precisely, you may exclude or ignore a requirement if:
-
You cannot
apply it because of the nature of your organization, or
-
You cannot
apply it because of thenature of your products or services
However, you may not exclude or ignore Section 7
requirements if doing so will compromise your ability or willingness
to meet the requirements set by customers and regulators.
We believe that this permissible exclusion clause is a very
important improvement. We think it’s important because it makes
implementation more flexible and conformance less rigid. Because of
this significant innovation, you’re more likely to end up with a
quality management system that not only complies with ISO’s
standards but also meets your organization’s unique needs.
This new, more flexible, approach is further demonstrated
in another way. When you study the new ISO 9001 standard, you’ll
notice that it is less prescriptive than the old standard. In
general, the new standard tells you what to do not how to do it.
This is particularly evident when you look at how many
times procedures are required. When you compare the old and the new
standard, you’ll notice that procedures are much less often required
by the new standard. This more flexible approach gives you more
freedom to decide how you’re going to meet the requirements. In
general, this should make it easier for you to develop a more
suitable and effective quality management system.
New Approach
In order to understand ISO 9001:2000 at a deeper level, you
need to recognize that ISO uses a process approach to quality
management. While the process approach is not new, the increased
emphasis ISO now gives to it is new. It is now central to the way
ISO thinks about quality management systems.
According to this approach, a quality management system can
be thought of as a single large process that uses many inputs to
generate many outputs. This large process is, in turn, made up of
many smaller processes. Each of these processes uses inputs from
other processes to generate outputs which, in turn, are used by
still other processes.
A detailed analysis of the Standard reveals that an ISO
9001:2000 Quality Management System is made up of at least 21
processes (22 if you recognize that the Quality Management System as
a whole is also a process). These 21 processes are listed below:
-
Quality
Management Process
-
Resource
Management Process
-
Regulatory
Research Process
-
Market Research
Process
-
Product Design
Process
-
Purchasing
Process
-
Production
Process
-
Service
Provision Process
-
Product
Protection Process
-
Customer Needs
Assessment Process
-
Customer
Communications Process
-
Internal
Communications Process
-
Document
Control Process
-
Record Keeping
Process
-
Planning
Process
-
Training
Process
-
Internal Audit
Process
-
Management
Review Process
-
Monitoring and
Measuring Process
-
Nonconformance
Management Process
-
Continual
Improvement Process
In order to develop a quality management system that meets
the new ISO 9001:2000 standard, you must create or modify each of
the above processes. You must:
-
Develop each
process.
-
Document each
process.
-
Implement each
process.
-
Monitor each
process.
-
Improve each
process.
Each process uses inputs to generate outputs, and all of
these processes are interconnected using these input-output
relationships. The output from one process becomes the input for
other processes. Because of this, inputs and outputs are really the
same thing.
In order to ensure that you understand what we're talking
about, we've provided the following incomplete list of some general
types of inputs/outputs:
-
Products
-
Services
-
Information
-
Documents
-
Reports
-
Records
-
Results
-
Needs
-
Data
-
Expectations
-
Requirements
-
Complaints
-
Comments
-
Feedback
-
Resources
-
Measurements
-
Authorizations
-
Decisions
-
Plans
-
Ideas
-
Solutions
-
Proposals
-
Instructions
In summary, an ISO 9001:2000 Quality Management System is
made up of many processes, and these processes are glued together by
means of many input-output relationships. These input-output
relationships turn a simple list of processes into an integrated
system. Without these input-output relationships, you wouldn't have
a Quality Management System.
|TOP|
INTERNAL AUDIT PROGRAM
Phase 1: Plan
Internal Audit
Phase 1 asks you to prepare an internal audit plan. In
order to do so, you would use our planning checklist and our outline
(in Part E). Once you’ve answered all the planning questions and
prepared your internal audit plan using our outline, you’re ready to
perform the audit.
Phase 2: Perform
Internal Audit
However, you need more than a plan. You also need to know
how to carry out the audit. You also need a procedure. While the
structure of this Internal Quality Audit Program is itself a
detailed audit procedure, we have also provided a diagrammatic
summary of this procedure. Part D introduces this general audit
procedure using a flow chart.
This procedure distinguishes between two kinds of internal
quality audits: a Standards Audit and a Procedures Audit. The
Standards Audit evaluates how well the ISO standard is being
applied, while the Procedures Audit evaluates how effective your
quality procedures, policies, plans, and instructions are.
You start the Standards Audit by studying the audit
questions. Once you're familiar with these audit questions, you can
begin collecting evidence. You need evidence in order to answer the
questions. You collect your evidence by interviewing auditee
personnel, reading documents, reviewing manuals, checking records,
examining data, observing activities, and studying working
conditions.
As you collect your evidence, you answer each audit
question and record your observations using our 5 questionnaires.
Three answers are possible: YES, NO, and N/A. A YES answer means
you're in compliance with the standard, a NO answer means you're not
in compliance, and an N/A answer means that this question is not
applicable in your situation. Once you've completed an audit
questionnaire, you list all nonconformities (NO responses), and you
summarize your evidence. We have provided a Noncompliance Worksheet
for this purpose.
You start your Procedures Audit by listing your quality
procedures, policies, plans, and work instructions using the
Procedures Audit Form. You do this for each of the 5 parts that make
up the audit process. Then for each procedure, policy, plan, or work
instruction you answer three questions: Is it documented? Is it
being followed? Is it effective?
On the basis of the evidence you collect, you answer YES or
NO to each question. A YES answer means you're in compliance, while
a NO answer means you're not in compliance. Once you've completed a
Procedures Audit Form, you list your nonconformities (NO responses),
summarize your evidence, and formulate conclusions using our
Noncompliance Worksheet.
Once you've collected all your evidence and answered all
the audit questions, you've completed the audit of your quality
management system.
Phase 3:
Summarize Audit Results
Next you summarize your audit results. Part T provides a
checklist and some forms for this purpose. In order to summarize
your audit, you use our Audit Summary Checklist as a guide, and you
use our Noncompliance Report to list your nonconformities.
Part T also shows how to summarize your audit results in
quantitative terms. It provides two forms that you can use to
prepare two reports: the Compliance Status Report and the Compliance
Scores Report. The Compliance Status Report allows you to
summarize your compliance status using YES and NO totals, while the
Compliance Scores Report allows you to use these totals to calculate
Compliance Scores.
Compliance Scores can be used in at least two ways.
Firstly, they can give you a quick way of determining where remedial
resources ought to be allocated and therefore which areas your audit
report ought to emphasize. Secondly, these scores can be used to
measure whether the performance of your quality system is improving
over time.
Finally, you prepare an Audit Conclusions Report. In order
to do so, we have developed a form that shows you how to draw audit
conclusions and how to summarize the evidence that supports these
conclusions.
Phase 4: Evaluate
Internal Audit
Now you’re ready to audit the audit process. Please use the
Audit Evaluation Questionnaire in Part U for this purpose. This
audit evaluation questionnaire is designed to help the Lead Auditor
ensure that the quality system audit was carried out in a fair and
reasonable manner. Its purpose is to help the internal audit team do
a good job and to help improve the performance of future audits.
Just like the Standards Audit questionnaires, a YES answer
means you're in compliance, a NO answer means you're not in
compliance, and an N/A answer means that the question is not
applicable.
Phase 5: Prepare
Audit Report
Now that you’ve audited the audit process and summarized
your audit results, you’re ready to prepare your audit report. To do
so, you use our Audit Report Checklist and our Audit Report Outline
(Part V). Your audit report lists the nonconformities you have
discovered and summarizes the observations you have made. Your audit
report also summarizes the evidence you have collected and discusses
the conclusions you have drawn. Finally, your report discusses the
recommendations that should be implemented in order to correct or
prevent nonconformities and to make improvements.
Phase 6: Review
Audit File
Once the audit has been completed and the audit report has
been finalized, it’s time for the Audit Manager or Senior Audit
Executive to review and evaluate the audit file. The file review is
carried out by answering a set of audit file review questions (Part
W). These questions are designed to ensure that the internal audit
is complete and that all tasks have been carried out. In addition,
it gives management a chance to review and evaluate the quality of
both the internal audit and the audit file.
Phase 7: Take
Remedial Action
The final phase of the program asks you to take remedial
actions, and to monitor, control, and record the implementation
process using our Implementation Record (Part X). You begin by
recording a nonconformity. You describe it, discuss root causes, and
list effects. Next, you record the remedial actions that should be
carried out to correct or prevent the nonconformity. Then you
prepare an implementation plan and monitor its implementation. And
once the plan has been implemented, you record the results achieved
and recommend follow-up actions.
Sample
ISO 9001 2000 INTERNAL AUDIT PROGRAM
|
|
6 RESOURCE REQUIREMENTS |
STANDARDS AUDIT FORM |
|
6.1 PROVIDE QUALITY RESOURCES |
ANSWER INTERNAL AUDIT QUESTIONS |
|
Q |
IDENTIFY QUALITY RESOURCE REQUIREMENTS |
ANSWERS |
OBSERVATIONS AND EVIDENCE |
O |
|
1 |
Has your organization identified the resources that your
quality management system needs? |
YES |
NO |
N/A |
|
|
|
2 |
Have you identified the resources that are needed to support
the quality management system? |
YES |
NO |
N/A |
|
|
|
3 |
Have you identified the resources that are needed to implement
the quality management system? |
YES |
NO |
N/A |
|
|
|
4 |
Have you identified the resources that are needed to maintain
the quality management system? |
YES |
NO |
N/A |
|
|
|
5 |
Have you identified the resources that are needed to improve
the quality management system? |
YES |
NO |
N/A |
|
|
|
6 |
Have you identified the resources that are needed to improve
customer satisfaction? |
YES |
NO |
N/A |
|
|
|
7 |
Have you identified the resources that are needed to meet
customer requirements? |
YES |
NO |
N/A |
|
|
|
Q |
PROVIDE QUALITY SYSTEM RESOURCES |
ANSWERS |
OBSERVATIONS AND EVIDENCE |
O |
|
8 |
Does
your organization provide quality system resources? |
YES |
NO |
N/A |
|
|
|
9 |
Do you
provide the resources that are needed to support the quality
management system? |
YES |
NO |
N/A |
|
|
|
10 |
Did you
provide the resources that were needed to implement the
quality management system? |
YES |
NO |
N/A |
|
|
|
11 |
Do you
provide the resources that are needed to maintain the quality
management system? |
YES |
NO |
N/A |
|
|
|
12 |
Do you
provide the resources that are needed to improve the quality
management system? |
YES |
NO |
N/A |
|
|
|
13 |
Do you
provide the resources that are needed to improve customer
satisfaction? |
YES |
NO |
N/A |
|
|
|
14 |
Do you
provide the resources that are needed to meet customer
requirements? |
YES |
NO |
N/A |
|
|
|
6.2 PROVIDE QUALITY PERSONNEL |
ANSWER INTERNAL AUDIT QUESTIONS |
|
Q |
6.2.1 USE COMPETENT PERSONNEL |
ANSWERS |
OBSERVATIONS AND EVIDENCE |
O |
|
15 |
Does
your organization ensure that the people who influence product
quality are competent? |
YES |
NO |
N/A |
|
|
|
16 |
Do you
ensure that personnel have the right experience? |
YES |
NO |
N/A |
|
|
|
17 |
Do you
ensure that personnel have the right education? |
YES |
NO |
N/A |
|
|
|
18 |
Do you
ensure that personnel have the right training? |
YES |
NO |
N/A |
|
|
|
19 |
Do you
ensure that personnel have the right skills? |
YES |
NO |
N/A |
|
|
|
Q |
6.2.2 SUPPORT COMPETENCE |
ANSWERS |
OBSERVATIONS AND EVIDENCE |
O |
|
20 |
Does
your organization takes steps to ensure that the people who
influence product quality do in fact achieve an acceptable
level of competence? |
YES |
NO |
N/A |
|
|
|
21 |
Have you
defined acceptable levels of competence? |
YES |
NO |
N/A |
|
|
|
22 |
Have you
identified training and awareness needs? |
YES |
NO |
N/A |
|
|
|
23 |
Do you
deliver appropriate training programs? |
YES |
NO |
N/A |
|
|
|
24 |
Do you
deliver appropriate awareness programs? |
YES |
NO |
N/A |
|
|
|
25 |
Do you
evaluate the effectiveness of your training programs? |
YES |
NO |
N/A |
|
|
|
26 |
Do you
evaluate the effectiveness of your awareness programs? |
YES |
NO |
N/A |
|
|
|
27 |
Does
your organization maintain a record of competence? |
YES |
NO |
N/A |
|
|
|
28 |
Can your
records prove that your personnel are trained? |
YES |
NO |
N/A |
|
|
|
29 |
Can your
records prove that your personnel are educated? |
YES |
NO |
N/A |
|
|
|
30 |
Can your
records prove that your personnel are experienced? |
YES |
NO |
N/A |
|
|
|
31 |
Can your
records prove that your personnel are skilled? |
YES |
NO |
N/A |
|
|
|
32 |
Do you
make your personnel aware of how their activities and
attitudes influence product quality? |
YES |
NO |
N/A |
|
|
|
33 |
Do you
help your personnel to understand how they can help your
organization to achieve its quality objectives? |
YES |
NO |
N/A |
|
|
|
6.3 PROVIDE QUALITY INFRASTRUCTURE |
ANSWER INTERNAL AUDIT QUESTIONS |
|
Q |
IDENTIFY INFRASTRUCTURE NEEDS |
ANSWERS |
OBSERVATIONS AND EVIDENCE |
O |
|
34 |
Has your
organization identified the infrastructure that it needs
in order to ensure that products meet requirements? |
YES |
NO |
N/A |
|
|
|
35 |
Has your
organization identified quality building needs? |
YES |
NO |
N/A |
|
|
|
36 |
Has your
organization identified quality workspace needs? |
YES |
NO |
N/A |
|
|
|
37 |
Has your
organization identified quality equipment needs? |
YES |
NO |
N/A |
|
|
|
38 |
Has your
organization identified quality hardware needs? |
YES |
NO |
N/A |
|
|
|
39 |
Has your
organization identified quality software needs? |
YES |
NO |
N/A |
|
|
|
40 |
Etc ... |
|
|
|
|
|
|
41 |
Etc ... |
|
|
|
|
|
|
42 |
Etc ... |
|
|
|
|
|
|
|
|TOP|
ISO 9000 2000 DEFINITIONS
|
A B C
D
E F G H
I J K L
M
N
O
P
Q
R
S
T U V
W X Y Z
|
|
|
Conformity
is all about meeting requirements. ISO 9001 2000 lists many
quality system requirements. If your organization meets these
requirements, you can say that it conforms to these
requirements. |
Continual
improvement
|
Continual improvement
is a set of activities that an organization routinely carries
out in order to enhance its ability to meet requirements.
Continual improvement can be achieved by carrying out
internal audits, performing management reviews, analyzing
data, and implementing corrective and preventive actions.
|
Contract
review
|
Contract
review
is a set of activities that an organization carries out in
order to make sure that customer orders and contracts specify
all the requirements that must be met, and in order to
establish that the organization can actually meet these
requirements. |
Corrective
actions
|
Corrective actions
are steps that are taken to remove the causes of an existing
nonconformity or to make quality improvements. Corrective
actions address actual problems. In general, the corrective
action process can be thought of as a problem solving process. |
Customers
|
A
customer is anyone who receives products or services
from a supplier. A customer can be either external or internal
to the supplier organization. |
Customer satisfaction
|
Customer
satisfaction
is a perception. It is also a question of degree. It can vary
from high satisfaction to low satisfaction.
If customers believe that you've met their requirements, they
experience high satisfaction. If they believe that
you've not met their requirements, they experience low
satisfaction. |
|
|
A design
review is a set of activities whose purpose is to
evaluate how well a potential product (a design) meets all
quality requirements. During the course of this review,
problems must be identified and solutions must be
developed. |
Design
validation
|
Design
validation
is a process whose purpose is to examine
products and to use
objective evidence to confirm that these
products meet user
needs. |
Design
verification
|
Design
verification
is a process whose purpose is to examine
design outputs and
to use objective evidence to confirm that
outputs meet input
requirements. |
|
|
An
entity could be a product, process, person, activity,
machine, service, system, department, company, institution,
or organization. |
|
|
The term
infrastructure includes buildings, workspaces, equipment,
hardware, software, utilities, and support services such as
transportation and communication. |
Internal
quality
audit
|
Internal
audits
are carried out by your personnel. Internal quality audits
examine the elements of a quality management system in order
to evaluate how well these elements comply with quality system
requirements. |
|
|
The purpose
of a management review is to evaluate the overall
performance of an organization's quality management system and
to identify improvement opportunities. These reviews
are carried out by the organization's top managers and are
done on a regular basis.
|
|
|
When one or
more characteristics of a product fail to meet specified
requirements, it is referred to as a nonconforming product.
When a product deviates from quality requirements, it fails to
conform. |
Nonconformity
|
ISO 9001
2000 lists quality management system requirements. When your
organization deviates from these requirements, a
nonconformity occurs. When a product, process, procedure,
system, or structure deviates from ISO requirements, a formal
nonconformity exists. |
|
|
An
organization is a company, corporation, firm, or
institution that has its own functions and administration. It
can be either incorporated or unincorporated, privately or
publicly owned. |
Organizational structure
|
The
structure of an organization is the pattern of
responsibilities, authorities, and relationships that control
how people perform their functions and govern how they
interact with one another. |
|
|
Preventive actions
are steps that are taken to remove the causes of potential
nonconformities or to make quality improvements. Preventive
actions address potential problems, ones that haven't yet
occurred. In general, the preventive action process can be
thought of as a risk analysis process. |
Procedures
|
Quality
procedures control processes or activities. A well defined
procedure controls a logically distinct process or activity,
including the associated inputs and outputs. Such a procedure
defines the work that should be done, and explains how it
should be done, who should do it, and under what
circumstances. In addition, it explains what authority and
what responsibility has been allocated, which supplies and
materials should be used, and which documents and records must
be used to carry out the work. While quality procedures may be
documented or undocumented, ISO usually expects them to be
documented. |
Process
|
In general,
a process uses resources to transform inputs
into outputs. In every case, inputs are turned into outputs
because some kind of work, activity, or function is carried
out. Processes can be administrative, industrial,
agricultural, governmental, chemical, mechanical, electrical,
and so on.
An ISO
9001 Quality Management System is made up of the following
processes:
·
Purchasing process.
·
Production process.
·
Product
design process.
·
Product
protection process.
·
Service
provision process.
·
Document
control process.
·
Record
keeping process.
·
Internal
audit process.
·
Planning
process.
·
Training
process.
·
Monitoring process.
·
Measurement process.
·
Market
research process.
·
Regulatory research process.
·
Continual improvement process.
·
Internal
Communications process.
·
Customer
Communications process.
·
Customer
needs assessment process.
·
Nonconformance management process.
|
Process
approach
|
The
process approach is a management strategy.
When managers use a
process approach, it means that they control the processes
that make up their Quality Management Systems, the interaction
between these processes, and the inputs and outputs
that glue these processes together.
It means that they
manage by focusing on processes. |
Product
|
A
product is an output that results from a process. Products
can be tangible or intangible, a thing or an idea, hardware or
software, information or knowledge, a process or procedure,
a service or function, or a concept or creation. Please note
that when ISO uses the term product they also mean
service. |
Product
inspection
|
Product
inspection
is an activity that compares product characteristics
with product requirements in order to establish conformity.
More precisely, product inspection is an activity that
compares one or more characteristics of a product with
specified requirements in order to determine if the product
meets these requirements. |
Product nonconformity
|
When one or
more characteristics of a product fail to meet specified
requirements, they are referred to as product
nonconformities. |
Product
realization
|
A product
starts out as an idea. The idea is realized or
actualized by following a set of product realization
processes. So product realization refers to all the
processes that are used to bring products into being. |
|
|
A
quality is a
characteristic that a
product or service must have. For example, products must be
reliable, useable, and repairable. These are some of the
characteristics that a good quality product must have.
Similarly, service should be courteous, efficient, and
effective. These are some of the characteristics that a good
quality service must have. In short, a
quality is a
desirable characteristic.
However, not all qualities are equal. Some are more important
than others. The most important qualities are the ones that
customers want. These are the qualities that products and
services must have.
So providing quality products and services is all about
meeting customer requirements. It's all about meeting the
needs and expectations of customers.
So a quality product or service is one that meets the
needs and expecations of customers.
|
Quality
assurance
|
Quality
assurance
(Q.A.) is defined as a set of activities whose purpose is to
demonstrate that an entity meets all quality requirements. Q.A.
activities are carried out in order to inspire the confidence
of both customers and managers, confidence that all quality
requirements are being met. |
Quality
audits
|
Quality
audits
examine the elements of a quality management system
in order to evaluate how well these elements comply with
quality system requirements. |
Quality
control
|
Quality
control
is defined as a set of activities or techniques whose purpose
is to ensure that all quality requirements are being met.
In order to achieve this purpose, processes are monitored and
performance problems are solved. |
Quality improvement
|
Quality
improvement
refers to anything that enhances an organization's ability to
meet quality requirements. |
Quality management
|
Quality
management
includes
all the activities that managers carry out in an effort to
implement their quality policy. These activities include
quality planning, quality control, quality assurance,
and quality improvement. |
Quality
manual
|
A
quality manual documents an organization's Quality
Management System. It can be a paper manual or an
electronic manual. |
Quality
planning
|
Quality
planning
is defined as a set of activities whose purpose is to define
quality system policies, objectives, and requirements, and to
explain how these policies will be applied, how these
objectives will be achieved, and how these requirements will
be met. It is always future oriented. |
Quality
plan
|
A
quality plan explains how you intend to apply your
quality
policies, achieve
your quality objectives, and meet your quality system
requirements. |
Quality
policy
|
A
quality policy statement defines or describes
an organization's commitment to quality. |
Quality
record
|
A
quality record contains objective evidence which shows
how well a quality requirement is being met or how well a
quality process is performing. It always documents what
has happened in the past. |
Quality requirement
|
A
quality requirement is a characteristic that an entity
must have. For example, a customer may require that a
particular product (entity) achieve a specific dependability
score (characteristic). |
Quality surveillance
|
Quality
surveillance
is a set of activities whose purpose is to monitor an entity
and review its records to prove that quality requirements are
being met. |
Quality management system
|
A
quality management system is a web of interconnected
processes. Each process uses resources to turn inputs into
outputs. And all of these processes are interconnected by
means of many input-output relationships. Every process
generates at least one output, and this output becomes an
input for another process. These input-output relationships
glue all of these processes together - that's what makes it a system. |
Quality system requirement
|
A
quality is a characteristic. A system is a set of
interrelated processes, and a requirement is an
obligation. Therefore, a quality system requirement is
a characteristic that a process must have. |
|
|
A record
is a document that contains objective evidence which shows how
well activities are being performed or what kind of results
are being achieved. It always documents what has happened in
the past. |
Requirement
|
A
requirement is a need, expectation, or obligation. It can
be stated or implied by an organization, its customers, or
other interested parties. There are many types of
requirements. Some of these include quality requirements,
customer requirements, management requirements, and product
requirements. |
Resources
|
Resources
include people, money, information, knowledge, skill, energy,
facilities, machines, tools, equipment, technologies, and
techniques. |
|
|
Service
is a customer-oriented result. This result is produced
when an
organization performs activities that are oriented
towards meeting customer needs and expectations. |
Service
delivery
|
Service
delivery
is a customer-oriented activity. Service delivery
activities are carried out by organizations and are oriented
towards meeting customer needs and expectations. |
Special
process
|
A
special process is any production or service delivery
process that generates outputs that cannot be measured,
monitored, or verified until it's too late. It's often too
late because deficiencies may not be obvious until after the
resulting products have been used or services have been
delivered. In order to prevent output deficiencies, these
special processes must be validated in order to prove
that they can generate planned results. |
Standard
|
A
standard is a document.
It is a set of rules that control how people develop and
manage materials, products, services, technologies, processes,
and systems.
ISO's standards
are agreements. ISO refers to them as agreements
because its members must agree on content and give formal
approval before they are published.
ISO standards
are developed by technical committees. Members of these
technical committees come from many countries. Therefore, ISO
standards tend to have very broad support. |
Supplier
|
A
supplier is an organization that provides products or
services to customers. Customers can be either internal
or external to the supplier organization. |
|
|
Total
quality management
is defined as a management approach that tries to achieve and
sustain long-term organizational success by encouraging
employee feedback and participation, satisfying customer
needs
and expectations,
respecting societal values and beliefs,
and obeying
governmental statutes and regulations. |
Work
environment
|
The term
work environment refers to all the factors that influence
work. In general, these include social, cultural,
psychological, physical, and environmental conditions.
The term work environment includes lighting,
temperature, and noise factors, as well as the whole range of
ergonomic influences. It also includes things like supervisory
practices as well as reward and recognition programs. All of
these things influence how work is performed. |
|
|
|TOP|
FAQ ISO
|HOW|WHAT|WHERE|OTHER|
HOW
|
|
|
QUESTION |
How much does it cost to become ISO 9001 Certified?
|
|
ANSWER |
This is
one of our most popular questions. Unfortunately, there is no
simple answer. How much it costs depends on a lot of factors.
It depends on how long you take to develop your quality
management system, how many people are involved, whether you
hire outside consultants or not, and how much your registrar
charges.
So
instead of trying to give you a simple answer, we'll show you
how to construct your own answer. One approach is to start
with a
Gap Analysis. A Gap Analysis will tell you what steps you
need to take to upgrade or develop your quality management
system. Once you know what needs to be done, you can figure
out how long the work should take, who should do it, and how
much it should cost.
With this kind of information, you can plan your system
development project and prepare a budget using the following
kinds of cost categories: |
|
|
-
Internal costs
-
Gap
Analysis
-
Project planning
-
System development
-
System documentation
-
System implementation
-
Training and awareness
-
Internal quality audit
-
System modifications
-
External costs
-
Services
-
Consultants
-
Professional fees
-
Gap Analysis
-
Project planning
-
System development
-
System documentation
-
System implementation
-
Training and awareness
-
Internal audit services
-
System modifications
-
Travel and living expenses
-
Registrars
-
Professional fees
-
Application fee
-
Registration fee
-
Initial assessment
-
Certification audit
-
Surveillance audits
-
Reassessments
-
Travel and living expenses
-
Products
|
|
|
For
detailed cost estimates, including daily fees, please
talk to ISO 9000 consultants and registrars
in your area.
|
|
|
|
QUESTION |
How long will it take to become ISO 9001 Certified?
|
|
ANSWER |
In order
to determine how long it will take to become ISO 9001
certified or registered, you have to figure out how long it
will take to develop or upgrade your quality management
system.
One way of figuring this out is to start with a
Gap Analysis. A Gap Analysis will tell you what steps you
need to take to upgrade or develop your quality system. Once
you know what needs to be done, you can figure out how long
the work should take.
In
general, it can take from 3 months to 3 years to develop
a complete quality management system. How long it will
actually take will depend on a lot of factors, including how
many people work on the project, how knowledgeable they are,
and how large your organization is.
Once you've developed your quality management system, your
registrar may want you to wait another three or more months
before the certification (registration) audit is done. This
is because you need to be able to prove that your quality
system is actually working, and because it takes at least
three months to develop an adequate record of performance. |
|
|
|
QUESTION |
How much time do we have to upgrade to ISO 9001:2000?
|
|
ANSWER |
You have
until December 15, 2003 to become ISO 9001:2000 certified.
This is because ISO published the new standard on December 15,
2000 and allowed three years to make the transition. It's also
because the old ISO 9001, 9002, and 9003 standards will
officially expire on December 15, 2003.
While you are encouraged to make the transition to
ISO 9001:2000 as soon as possible, officially you may still
become newly certified to the old ISO 9001, 9002, or 9003
standards until December 15, 2003. Of course, since you're
going to have to do it all over again with the new standard,
this may not make much sense.
While December 15, 2003 is the formal deadline, registrars
will expect their clients to become ISO 9001:2000 well before
this date. This is because they won't allow their clients to
leave it all to the last minute. We suggest that you contact
your
registrar as soon as possible to avoid unpleasant
surprises. |
|
|
|
QUESTION |
How can I get in touch with ISO Headquarters?
|
|
ANSWER |
To talk
to ISO in Switzerland, please use
ISO's Contact Page.
|
|
|
|
QUESTION |
How do I choose an ISO 9000 Registrar?
|
|
ANSWER |
When
choosing a registrar, we suggest that you:
·
Make
sure that the registrar's ISO 9000 certificates
are recognized and respected in your industry.
·
Make
sure that your customers will be
impressed with the registrar's certificate.
·
Find out
whether your registrar has been formally
certified by a recognized accreditation
body.
·
Find out
whether your registrar has been authorized
to issue ISO 9000 certificates in your specific industry.
·
Find out
how many certificates the
registrar has issued in your industry.
·
Clarify
how the registrar performs quality audits.
·
Clarify
how initial assessments are performed.
·
Clarify
how certification audits are performed.
·
Clarify
how surveillance audits are performed.
·
Specify
how the registrar handles problems.
·
Specify
how nonconformances are handled.
·
Specify
how the registrar handles complaints.
·
Specify
the conditions that would cause the
registrar to revoke an organization's certificate.
·
Ensure
that the registrar's auditors are suitable.
·
Ensure
that auditors have been properly trained.
·
Ensure
that auditors are certified or registered.
·
Ensure
that auditors know your industry.
·
Confirm
that suitable auditors are assigned to audits.
·
Confirm
that suitable auditors will be available.
·
Confirm
that suitable auditors will be available
in your area or region when you need them.
·
Confirm
that audit assignments will be formally
discussed with you before audits are scheduled.
·
Confirm
that you will have a chance to review the
auditors' credentials before audits are scheduled.
·
Visit
the
Quality Digest site to see how well the registrar scored
on the latest ISO 9000 Registrar Customer Satisfaction
Survey.
·
Verify
how much the registrar will charge.
·
Verify
how much it will cost to apply for
registration and to maintain your registration.
·
Verify
how much it will cost for the initial assessment,
for the certification audit, and for future surveillance
audits and reassessments.
·
Verify
how much it will cost for travel expenses.
·
Ask the
registrar for a list of client references.
·
Ask
referees to evaluate registrar's performance.
·
Ask
referees how problems were handled. |
|
|
|
QUESTION |
How can I become an ISO 9000 auditor?
|
|
ANSWER |
If you
wish to become an ISO 9000 auditor, probably the best place
to start is by contacting your country's
ISO Member Body. Your ISO Member Body will either be able
to provide training or tell you who to contact.
ISO Registrars will also be able to provide training or
tell you who can provide training in your area. For more
information, please see our
ISO 9000 Trainers page.
|
|
|
|
QUESTION |
How should I format my ISO 9000 documents?
|
|
ANSWER |
ISO does
not specify a document format. How you format your
ISO 9000 documents is entirely up to you. However, ISO does
expect you to control your ISO 9000 documents. For more
information about how to control your documents, please see
the next question (below).
|
|
|
|
QUESTION |
How should I control my ISO 9000 documents?
|
|
ANSWER |
Your
organization must develop and document a procedure to control
quality documents. Your procedure must ensure that you:
·
Approve documents before you distribute them.
·
Provide the correct version of documents at points of use.
·
Review and re-approve documents whenever you update them.
·
Specify the current revision status of your documents.
·
Identify changes that are made to documents.
·
Preserve the usability of your quality documents.
·
Preserve the identity of your documents.
·
Preserve the readability of your documents.
·
Monitor documents that come from external sources.
·
Identify documents that come from the outside.
·
Control the distribution of these external documents.
·
Prevent the accidental use of obsolete documents.
·
Identify obsolete documents that have been retained.
But HOW
you do this is entirely up to you!
|
|BACK TO FAQ ISO|
WHAT
|
|
|
QUESTION |
What does the term "ISO" stand for?
|
|
ANSWER |
The term
ISO stands for the International Organization for
Standardization. You would reasonably assume that it ought
to be IOS, but it isn't. Apparently, the term ISO
was chosen (instead of IOS), because iso in
Greek means equal, and ISO wanted to convey the idea of
equality - the idea that they develop standards
to place organizations on an equal footing.
|
|
|
|
QUESTION |
What standards make up the new ISO 9000 2000 series?
|
|
ANSWER |
So far,
ISO has developed three new standards in the ISO 9000 series:
ISO 9000:2000, ISO 9001:2000, and ISO 9004:2000.
ISO 9001:2000
contains ISO's new quality management system requirements.
This is the standard you need to use if you wish
to become certified (registered).
ISO 9000:2000 and ISO 9004:2000 contain ISO's new quality
management system guidelines. Refer to these standards
if you wish to learn more about ISO's approach to quality
management. ISO 9000:2000 presents definitions and discusses
terminology, while ISO 9004:2000 is a set of guidelines for
improving performance. Use ISO 9004:2000 if you wish to
develop a quality management system that goes beyond the basic
ISO 9001:2000 requirements, or if you wish to continually
improve the performance of your quality management system.
While these two guideline standards will certainly help
you, they are not intended to be used for certification
purposes.
ISO is also working on a fourth new standard: ISO 19011.
ISO 19011 will replace the old
ISO 10011 quality auditing standards. The final version of
this new standard is expected in the year 2002 or 2003.
In
summary, the new ISO 9000 series of standards will ultimately
consist of four primary standards: ISO 9000, ISO 9001,
ISO 9004, and ISO 19011. |
|
|
|
NEW
FAQ |
What's the difference between ISO 9000 and ISO 9001?
|
|
ANSWER |
The term
ISO 9000 has two meanings: a broad one and a narrow
one. In the broad sense, the term ISO 9000 includes at
least the following standards: ISO 9000:2000, ISO 9001:2000,
ISO 9004:2000, and ISO 19001 (an audit standard not yet
available). In the narrow sense, the term ISO 9000
refers only to the ISO 9000:2000 standard (which talks
about definitions and vocabulary). But, in most cases, the
term ISO 9000 is used in the broad sense. So the term
ISO 9000 has two meanings (a broad one and a narrow
one), while the term ISO 9001 has only one very
specific meaning (it refers to the ISO 9001:2000 standard,
or an older version of this standard).
Unfortunately, ISO has created this fundamental ambiguity.
Who knows why? We don't. We don't like it, but we're stuck
with it, along with everyone else. |
|
|
|
QUESTION |
What's the difference between being certified and being
registered?
|
|
ANSWER |
None.
There is no difference. In some countries companies say
they're certified, and in others they say they're registered.
It's the same thing.
|
|
|
|
QUESTION |
What's the difference between being certified and being
compliant?
|
|
ANSWER |
When a
company claims that they are ISO 9000 certified or
registered, they mean that an independent
registrar
has audited their quality system and certified that it meets
the ISO 9001:2000 requirements (or the old ISO 9001:1994,
9002:1994, or 9003:1994 requirements). It means that a
registrar has given a written assurance that ISO's
quality management system standard has been met.
However, when a company says that they are ISO 9000
compliant, they usually mean that they have met ISO's
quality system requirements but have NOT been formally
certified by an independent registrar. In effect, they are
self-certified. This is perfectly acceptable for many
companies, especially small ones. Of course, an official
Certificate does tend to carry more weight in the market
place.
Please note that when a company says they're certified
or compliant, they're NOT saying that their products
and services meet the ISO 9000 requirements. The ISO 9000
standards are process standards, not product
standards. |
|
|
|
QUESTION |
What's the difference between being certified and being
accredited?
|
|
ANSWER |
Registrars audit and certify organizations who wish to
become ISO 9000 registered or certified.
Accreditation Bodies, on the other hand, evaluate and
accredit registrars. In effect, accreditation bodies audit the
auditors.
Accreditation bodies certify that registrars are competent and
authorized to issue ISO 9000 certificates in
specified business sectors.
|
|
|
|
NEW
FAQ |
What's the difference between a Quality Manual and a Quality
System?
|
|
ANSWER |
A
quality manual is just a document, while a quality
system is a network of processes. Your quality manual is
supposed to document your quality system; it's not supposed to
BE your system. Your manual is NOT your system. They're two
different things. Your quality manual is all about paperwork,
while your quality system is a web of REAL processes.
A
quality system is a network of interrelated processes. A
process is made up of people, work, activities, tasks,
records, documents, forms, resources, rules, regulations,
reports, materials, supplies, tools, equipment, and so on -
all the things that are needed to transform inputs into
outputs. In general, a quality system includes all the things
that are used to regulate, control, and improve the quality of
your products and services.
Obviously, a quality system is not a manual; nor is it a
computer program. This is an important point. It's important
because many consultants sell quality manuals and computer
programs that claim to provide an instant solution: usually
all you have to do is edit the manual or install the computer
program and, bingo, you've got yourself a complete quality
system. This is false and misleading!
A
manual is just a document and a computer program is just an
information system, it's not a real quality system that exists
in the real world. Your quality
system does not sit on your shelf, nor does it live inside
your computer!
All of this needs to be clarified because some people think
that once they've written their quality manual or purchased a
computer program to manage ISO documents, they're finished.
This is because they believe that their quality manual or
their computer program IS their quality system. As we have
seen, this is wrong.
Of
course, there's nothing wrong with writing a manual or using
computers to help you manage or document your quality system.
Just don't confuse a paper
system with real system!
NOTE:
The terms quality system and quality management
system mean the same thing. Remember, ISO wants you to
develop a quality management system that meets the
ISO 9001:2000 standard. That's your mission. |
|
|
|
QUESTION |
What's the difference between a procedure and a work
instruction?
|
|
ANSWER |
A
procedure describes how a process is performed,
while a work instruction describes how a task is
performed. Work instructions tend to be more detailed than
procedures.
|
|
|
|
QUESTION |
What should our procedures and work instructions look like?
|
|
ANSWER |
Procedures
and work instructions can take any suitable form as
long as the result is effective. ISO does not specify what
form these documents should take. Procedures can take the form
of a narrative, a flow chart, a process map, or any other
suitable form. As long as the procedure is effective, it
really doesn't matter what it looks like.
Work instructions can also take any suitable form. However,
one of the best ways to document a work instruction is to use
a form. Forms are particularly useful because they become
records once they're filled in. |
|
|
|
QUESTION |
What's the difference between a work instruction and a record?
|
|
ANSWER |
Work
instructions
describe how tasks should be done, while records
document how tasks were actually done. Work
instructions are used before the task is performed,
while records are used after the task has been
performed. Work instructions come before the fact,
while records come after the fact.
|
|
|
|
QUESTION |
What's the difference between corrective and preventive
action?
|
|
ANSWER |
Corrective actions
are steps that are taken to remove the causes of existing
nonconformities, while preventive actions are steps
that are taken to remove the causes of potential
nonconformities. Corrective actions address actual
problems, ones that have already occurred, while preventive
actions address potential problems, ones that haven't
yet occurred. In general, the corrective action process is a
problem solving process, while the preventive action
process is a risk analysis process.
|
|
|
|
QUESTION |
What's the difference between design verification & design
validation?
|
|
ANSWER |
Design
verification
is a process whose purpose is to examine design
outputs and to use objective evidence to confirm that outputs
meet design input requirements. Your purpose here is to see
whether your design outputs meet your organization's design
goals.
Design
validation
is a process whose purpose is to examine products and
to use objective evidence to confirm that these products meet
customer needs and expectations. Your purpose here is to see
whether your product does what your customer or user wants it
to do under real-world conditions. |
|BACK
TO FAQ ISO|
WHERE
|
|
|
QUESTION |
Where can I find a complete list of ISO 9000 certified
companies?
|
|
ANSWER |
While
there is no complete database of ISO 9000 certified companies,
several organizations have tried to meet this need. Links to
these organizations can be found at our
ISO 9000 Certified Companies page.
|
|
|
|
QUESTION |
Where can I find a list of ISO 9000 members?
|
|
ANSWER |
ISO is
made up of member organizations, one from each participating
country. ISO divides it's members into three categories:
-
Member
Bodies
-
Correspondent Members
-
Subscriber Members
|
|
|
For more
information about these three categories plus
a complete list of members, please visit ISO's site at:
http://www.iso.ch/iso/en/aboutiso/isomembers/index.html |
|BACK
TO FAQ ISO|
OTHER
|
|
|
QUESTION |
May I use the ISO logo? |
|
ANSWER |
"The
ISO logo is a registered trademark. Unless authorized by ISO,
use of its logo is prohibited. Notably, ISO will not allow its
logo to be used in connection with conformity assessment
activities. These include the certification of management
systems, products, services, materials or personnel, even when
these certifications attest conformity to an ISO standard,
such as one of the ISO 9000 or ISO 14000 series. Examples
of unacceptable use of the ISO logo would include use on
products, on Internet sites, in marketing materials,
advertisements and company letterheads. ...ISO will take
whatever actions it considers necessary to prevent the misuse
of its logo."
The above answer is taken from the following ISO web page:
http://www.iso.ch/iso/en/xsite/namelogo.html |
|
|
|
QUESTION |
May I use the ISO name? |
|
ANSWER |
"Within
the context of international standardization or related
activities (such as conformity assessment - including
certification, consultancy, or training) "ISO" (or "iso") is
the short name of the International Organization
for Standardization. The name is registered within this
context as the sole property of ISO and the Organization will
protect its name on behalf of all ISO’s members .... In
particular, ISO will not authorize the use of the name "ISO"
("or iso") by any organization other than its
members in Internet domain names.
Such use could mislead third parties into believing that the
organization concerned represents ISO, or has been approved or
authorized to act on behalf of ISO.
Therefore, ISO will take whatever actions it considers
necessary to prevent the misuse of its name". |
|
|
The
above answer is taken from the following ISO web page:
http://www.iso.ch/iso/en/xsite/namelogo.html
So, if
your company's domain name
contains the word "iso", you might want to move your web pages
to a new domain, and you might want to do it ASAP!
If you think ISO is just blowing smoke, think again. ISO has
already shut down some unauthorized websites. See the
following article:
ISO prevails in international arbitration over domain name use
on Internet
Also, see:
http://www.iso.org/iso/en/domains/iso-audit.html |
|
|
|
QUESTION |
May I copy the ISO 9000 standards?
|
|
ANSWER |
The
short answer is: no. The long answer is: "All ISO
publications are protected by copyright. Therefore and unless
otherwise specified, no part of an ISO publication may be
reproduced or utilized in any form or by any means, electronic
or mechanical, including photocopying, microfilm, scanning,
without permission in writing from the publisher."
The above quote is taken from the following ISO page:
http://www.iso.ch/iso/en/xsite/copyright.html
For more information, and to receive permission to use
an ISO publication, please visit the above page. |
|
|
|
QUESTION |
Why should we get ISO 9001 certified?
|
|
ANSWER |
The
purpose of ISO 9001 is to assure customers that suppliers can
provide quality products and services. It is intended to serve
the needs of customers. ISO 9001 is for customers. Supplier
needs are secondary. So, why would you want to become
ISO 9001 certified? We recommend that you become ISO 9001
certified if you meet at least one of the following
conditions:
-
You
need to control the quality of your products and services.
-
You
need to reduce the costs associated with poor quality.
-
Your
customers want you to become certified.
-
Your
markets expect you to be certified.
-
Your
competitors are already certified.
|
|
|
|
QUESTION |
Will ISO 9001 improve our financial performance?
|
|
ANSWER |
ISO 9001
can improve your company's financial performance if it is
properly implemented. An ISO 9001 Quality Management System
can help you to improve your bottom line because it can reduce
the costs associated with poor quality (the cost of repairs,
rework, complaints, returns, warranty work, law suits, etc.).
And, of course, if ISO 9001 helps you keep your old customers
and attract new ones, it will certainly improve your financial
performance.
|
|
|
|
QUESTION |
Will ISO 9001 certify the quality of my products and services?
|
|
ANSWER |
No. IS0
9001 will not certify the quality of your products and
services. That's because it's a process standard,
not a product standard. When an organization gets
ISO 9001 certified, it means that its quality management
processes have met ISO's requirements.
This also means that your packaging, advertising, and
marketing documents and programs must not imply or suggest
that the quality of your products and services have been ISO
9001 certified. |
|
|
|
QUESTION |
Does the ISO 9001 standard apply to my organization?
|
|
ANSWER |
Yes it
does. That's because it's a generic standard. It applies to
all kinds of organizations. It doesn't matter what they do or
how big they are. They can be product oriented or service
oriented. The standard works the same in all cases. |
|
|
|
QUESTION |
Does ISO issue ISO 9000 certificates?
|
|
ANSWER |
No. ISO
does not issue ISO 9000 certificates of any kind. "ISO is
not an auditor, assessor, registrar, or certifier of
management systems, products, services, materials or
personnel, nor does it endorse any such activities performed
by other parties. ISO develops International Standards but
does not operate any schemes for assessing conformance with
them".***
*** See:
http://www.iso.ch/iso/en/xsite/namelogo.html |
|TOP|
|