ISO 9000 Documentation
ISO 9000 (9001) certification is often required by a potential buyers of product from a manufacturing operation. The certification implies that the process used to manufacture the product is following the ISO 9000 standards and procedures. Process Technical Services (PTS) can provide valuable assisatance in developing the ISO 9000 documentation that will lead to ISO 9000(9001) certification.
Achieving ISO 9000 certification and retaining that certification requires requires a serious effort on the part of the entire organization. PTS has the capability to provide the expertise to both develop the procedures and ISO 9000 documentation required to receive certification, and also provide a consulting and auditing services to ensure the system can retain its certifification throughout its operating life.
ISO 9000 is a family of standards for quality management systems. ISO 9000 is maintained by ISO, the International Organization for Standardization and is administered by accreditation and certification bodies. Some of the requirements in ISO 9001 (which is one of the standards in the ISO 9000 family) include a set of procedures that cover all key processes in the business;
- monitoring processes to ensure they are effective;
- keeping adequate records;
- checking output for defects, with appropriate and corrective action where necessary;
- regularly reviewing individual processes and the quality system itself for effectiveness; and
- facilitating continual improvement
A company or organization that has been independently audited and certified to be in conformance with ISO 9001 may publicly state that it is "ISO 9001 certified" or "ISO 9001 registered." Certification to an ISO 9000 standard does not guarantee the compliance (and therefore the quality) of end products and services; rather, it certifies that consistent business processes are being applied.
ISO 9000 includes the following standard:
- ISO 9001:2000 Quality management systems – Requirements is intended for use in any organization which designs, develops, manufactures, installs and/or services any product or provides any form of service. It provides a number of requirements which an organization needs to fulfill if it is to achieve customer satisfaction through consistent products and services which meet customer expectations. It includes a requirement for the continual (i.e. planned) improvement of the Quality Management System, for which ISO 9004:2000 provides many hints.
This is the only implementation for which third-party auditors may grant certification. It should be noted that certification is not described as any of the 'needs' of an organization as a driver for using ISO 9001, but does recognize that it may be used for such a purpose.
Note that the previous members of the ISO 9000 family, 9001, 9002 and 9003, have all been integrated into 9001. In most cases, an organization claiming to be "ISO 9000 registered" is referring to ISO 9001.
Summary of ISO 9001:2000
ISO 9000 documentation includes the following functions:
- The quality policy is a formal statement from management, closely linked to the business and marketing plan and to customer needs. The quality policy is understood and followed at all levels and by all employees. Each employee needs measurable objectives to work towards.
- Decisions about the quality system are made based on recorded data and the system is regularly audited and evaluated for conformance and effectiveness.
- Records should show how and where raw materials and products were processed, to allow products and problems to be traced to the source.
- ISO 9000 documentation includes procedures to control quality documents in your company. Everyone must have access to up-to-date documents and be aware of how to use them.
- To maintain the quality system and produce conforming product, ISO 9000 documentation must provide suitable infrastructure, resources, information, equipment, measuring and monitoring devices, and environmental conditions.
- You need to map out all key processes in your company; control them by monitoring, measurement and analysis; and ensure that product quality objectives are met. If you can’t monitor a process by measurement, then make sure the process is well enough defined that you can make adjustments if the product does not meet user needs.
- For each product your company makes, you need to establish quality objectives; plan processes; and document and measure results to use as a tool for improvement. For each process, determine what kind of procedural documentation is required (note: a “product” is hardware, software, services, processed materials, or a combination of these).
- You need to determine key points where each process requires monitoring and measurement, and ensure that all monitoring and measuring devices are properly maintained and calibrated.
- You need to have clear requirements for purchased product.
- You need to determine customer requirements and create systems for communicating with customers about product information, inquiries, contracts, orders, feedback and complaints.
- When developing new products, you need to plan the stages of development, with appropriate testing at each stage. You need to test and document whether the product meets design requirements, regulatory requirements and user needs.
- ISO 9000 documentation stresses the need to regularly review performance through internal audits and meetings. Determine whether the quality system is working and what improvements can be made. Deal with past problems and potential problems. Keep records of these activities and the resulting decisions, and monitor their effectiveness (note: you need a documented procedure for internal audits).
- ISO 9000 documentation includes procedures for dealing with actual and potential nonconformances (problems involving suppliers or customers, or internal problems). Make sure no one uses bad product, determine what to do with bad product, deal with the root cause of the problem and keep records to use as a tool to improve the system.
ISO 2000 version
The 2000 version sought to make a radical change in thinking by actually placing the concept of process management front and center ("Process management" was the monitoring and optimizing of a company's tasks and activities, instead of just inspecting the final product). The 2000 version also demands involvement by upper executives, in order to integrate quality into the business system and avoid delegation of quality functions to junior administrators. Another goal is to improve effectiveness via process performance metrics — numerical measurement of the effectiveness of tasks and activities. Expectations of continual process improvement and and tracking customer satisfaction were made explicit.
ISO does not itself certify organizations. Many countries have formed accreditation bodies to authorize certification bodies, which audit organizations applying for ISO 9001 compliance certification. Although commonly referred to as ISO 9000:2000 certification, the actual standard to which an organization's quality management can be certified is ISO 9001:2000. Both the accreditation bodies and the certification bodies charge fees for their services. The various accreditation bodies have mutual agreements with each other to ensure that certificates issued by one of the Accredited Certification Bodies (CB) are accepted world-wide.
The applying organization is assessed based on an extensive sample of its sites, functions, products, services and processes; a list of problems ("action requests" or "non-compliances") is made known to the management. If there are no major problems on this list, the certification body will issue an ISO 9001 certificate for each geographical site it has visited, once it receives a satisfactory improvement plan from the management showing how any problems will be resolved.
An ISO certificate is not a once-and-for-all award, but must be renewed at regular intervals recommended by the certification body, usually around three years.
Two types of auditing are required to become registered to the standard: auditing by an external certification body (external audit) and audits by internal staff trained for this process (internal audits). The aim is a continual process of review and assessment, to verify that the system is working as it's supposed to, find out where it can improve and to correct or prevent problems identified. It is considered healthier for internal auditors to audit outside their usual management line, so as to bring a degree of independence to their judgments.
Auditors are expected to go beyond mere auditing for rote "compliance" by focusing on risk, status and importance. This means they are expected to make more judgments on what is effective, rather than merely adhering to what is formally prescribed.
PTS has the technical expertise and experience to develop the procedures and ISO 9000 documentation required to receive certification. PTS can also provide consulting and auditing services to ensure the process can maintain its certifification throughout its operating life. As product quality becomes more of an issue, particularly in the area of foreign trade, the demand that suppliers be ISO 9000 certified will continue to increase.