What is ISO 9001:2000?

Information on ISO 9001:2000

The International Organization of Standardization, (ISO) is a worldwide organization that develops many different kinds of Standards. "ISO9000" is the family name for the set of standards which are concerned with the management of quality systems.
The ISO9000 family consists of a number of standards:

ISO9000 is a document which allegedly explains the requirements of ISO9001. There is also an accompanying document, ISO9000-3, which is supposed to be a guidance document for the interpretation of ISO9001 for computer software. ISO9001 is the "active" part of the standard. It contains the requirements that you must meet in order to be ISO9000 registered. ISO9002 is obsolete (since December 2000). It was a sub-set of ISO9001, but did not include control of design activities. Even if you conducted such activities, you could elect to be registered against ISO9002, but could not claim that your design activities were "quality assured". This was often viewed as as poor excuse or a way of wriggling out the requirements of the standard and is no longer permitted.ISO9003 is also obsolete. It was an even more limited sub-set of ISO9001, and did not include design activities, nor many of the production related activities, nor a lot of other quality assurance activities. Rather than the "get it right, first time" approach, it relied heavily on inspecting everything to catch mistakes, which is a very poor method (mistakes get missed, no matter how good your inspectors are!). It was rarely used and most reputable Quality Registrars would not certify against it. ISO9004 is a set of guidelines.

In December 2000, the International Organization for Standardization (ISO) merged ISO 9001, ISO 9002, and ISO 9003 into a revised ISO 9001 standard. In order to distinguish between the previous ISO 9001 version, the current standard is often referred to as ISO 9001:2000 or ISO 9000:2000.

Why do companies want ISO 9001:2000 Certification?

Market Pressure
Many organizations decide to Implement ISO 9001 and obtain registration because it assures customers that the company has a good Quality Management System (QMS) in place. An organization with an effective QMS will typically meet customer expectations better than an organization that does not have an effective QMS. Many organizations require their suppliers to have ISO 9001 Registration.

Internal effectiveness and productivity benefits
Other organizations implement an ISO 9001 QMS because it has proven over the years that it leads companies to better operations, improved performance, and improved profitability.

Develop and document your ISO 9001 Quality Manual and Procedures
The biggest portion of the project is looking at your current processes, and redesigning them to address all of the requirements in the standard. Once you have modified or developed processes to meet the standard, you will need to control those processes. Documenting the processes as Quality System procedures is part of this control.
Learn about some of our ISO 9000 Solutions

Use and improve your QMS
Once your system is developed and documented, employees will follow the procedures collect records and make improvements to the system. For approximately three months or more, your organization will run the QMS, collecting records. This prepares the organization for an Audit by a Registrar.

What is ISO 9001 Certification?
ISO 9001 certification is also known as ISO 9001 registration, ISO 9000 certification (if one is less precise), ISO 9000 registration, ISO 9001:2000 certification (if one specifically refers to the latest version of the ISO 9001 standard), or ISO 9001:2000 registration. All of these refer to an independent certification body attesting that your company’s ISO 9001 quality management system meets all requirements of the ISO 9001 2000 standard. Typically, the certification company sends one or more auditors to perform an initial audit of the quality management system. If no significant gaps to the ISO 9000 requirements are discovered, a certificate is issued. The certificate is typically valid for three years provided that period audits (usually every 6 – 12 months) continue to show compliance.

Tip: Evaluate your registrar carefully with the goal of finding a registrar whose auditors are flexible (because there are countless ways of fulfilling the ISO 9000 requirements and some may fit better for an individual business) and whose auditors don't mind sharing their experiences (auditors are not allowed to consult but they are allowed to share what they have seen to work for other companies).

Criticisms of ISO 9000

Many companies have found the transition to conforming to IS0 9000 difficult. This, along with doubts about the fundamental value of the standard, has spawned many criticisms, including:

* The compliance process is costly and time-consuming.
* Lots of administration is needed to implement it.
* Adhering to ISO 9000 makes processes more consistent; to some proponents of continuous improvement, it also makes it harder to improve and re-adapt the processes.
* "When all you have is a hammer, every problem looks like a nail." It has been argued that it may not be appropriate to apply a process such as ISO 9000 to a field requiring creativity, such as software engineering, which is more analogous to designing factories than to operating a factory.
* Bad managers still manage at arm's length, using paper reports rather than knowing what is happening on the factory floor. ISO 9000 can reinforce this behaviour. Instead of being seen as an opportunity to improve things, audits often become quite confrontational in structure.
* Many companies only register to ISO 9000 because they are forced to by the marketplace, whether or not ISO 9000 is in fact appropriate to their business.
* ISO 9001:2000 does not give too much practical advice but instead focuses on general principles. In order to create a standard applicable to almost any kind of organization, specific requirements and tools were avoided whenever possible. This is one of the reasons for the proliferation of industry specific standards which are more practical and give clear guidance about what quality tools have to be used when.

There are few objective metrics showing any effectiveness for ISO 9001. In 1997, two people took the BSI to the Advertising Standards Authority for claiming in an advertisement that ISO 9001

"improves productivity … almost always gives an immediate result in terms of productivity and efficiency, and that means cost reductions … pays for itself … Staff morale is better because they understand what is expected of them and each other,"

 … whilst being unable to produce any objective metrics to substantiate these assertions. The complaint was upheld.

Quality programmes are notoriously difficult to quantify as Crosby warned in 'Quality is Free' back in 1979, long before the first of these standards emerged. When an organization is measuring nothing, the only 'quality costs' it knows are the basics of scrap and rework, and often even these are not being tracked effectively. Once a formal system is introduced, much more accurate data starts to emerge and initial costs of quality often appear to increase.

In Japan, amidst complaints of ISO 9000 undermining world-class thinking, Toyota abandoned the standard in 2000, moving back to their in-house Toyota Production System.

My own personal opinion is you get what you put into it – if you are just seeking certification to pacify customers, then it really is just a bureaucratic exercise. If you use the standard in the manner it was was intended, that is to stimulate business improvement, then you'll see the benefits: garbage in/garbage out!

Some of the "wrong" reasons that may cause problems for a company include:
* The only thing we need is the certificate.
* Get the certificate and be done with it.
* Getting the certificate is the responsibility of the quality assurance manager only.
* ISO 9000 and QS-9000 are separate from the company's daily business.
* We only need enough to satisfy the auditors.

Some philosophies that have served companies well include:
* ISO 9000 compliance, proven by a certificate, improves the way we do business. The resulting discipline yields significant cost reductions.
* Registration gives us a competitive edge over nonregistered competitors.
* Compliance raises morale because employees clearly understand what is required of their position.

In my views, compliance with ISO 9000 enhances companies' understanding and control of their processes. Registration, being a convenient and preferred way to prove such compliance, is fast becoming a customer requirement. The combination gives industry the basis for a quality system that's logical, attainable and verifiable, improving quality worldwide and ultimately industry's future.