The ISO 9000 family of standards relate to quality management systems and are designed to help organizations ensure they meet the needs of customers and other stakeholders. The standards are published by ISO, the International Organization for Standardization and available through National standards bodies.
ISO 9000 deals with the fundamentals of quality management systems, including the eight management principles on which the family of standards is based. ISO 9001 deals with the requirements that organizations wishing to meet the standard have to meet.
The standard specifies six compulsory documents:
Control of Documents (4.2.3)
Control of Records (4.2.4)
Internal Audits (8.2.2)
Control of Nonconforming Product / Service (8.3)
Corrective Action (8.5.2)
Preventive Action (8.5.3)
In addition to these, ISO 9001:2008 requires a quality policy and Quality Manual (which may or may not include the above documents).
Summary of ISO 9001:2008 in informal language
The quality policy is a formal statement from management, closely linked to the business and marketing plan and to customer needs. The quality policy is understood and followed at all levels and by all employees. Each employee needs measurable objectives to work towards.
Decisions about the quality system are made based on recorded data and the system is regularly audited and evaluated for conformance and effectiveness.
Records should show how and where raw materials and products were processed, to allow products and problems to be traced to the source.
The business needs to determine customer requirements and create systems for communicating with customers about product information, inquiries, contracts, orders, feedback and complaints.
When developing new products, the business needs to plan the stages of development, with appropriate testing at each stage. It must test and document whether the product meets design requirements, regulatory requirements and user needs.
The business needs to regularly review performance through internal audits and meetings. Determine whether the quality system is working and what improvements can be made. It must deal with past problems and potential problems. It must keep records of these activities and the resulting decisions, and monitor their effectiveness.
It needs a documented procedure for internal audits.
The business needs documented procedures for dealing with actual and potential non-conformances (problems involving suppliers or customers, or internal problems). It must make sure no one uses bad product, determine what to do with bad product, deal with the root cause of the problem seeking and keep records to use as a tool to improve the system.
2000 version
ISO 9001:2000 combines the three standards 9001, 9002, and 9003 into one, called 9001. Design and development procedures are required only if a company does in fact engage in the creation of new products. The 2000 version sought to make a radical change in thinking by actually placing the concept of process management front and center ("Process management" was the monitoring and optimizing of a company's tasks and activities, instead of just inspecting the final product). The 2000 version also demands involvement by upper executives, in order to integrate quality into the business system and avoid delegation of quality functions to junior administrators. Another goal is to improve effectiveness via process performance metrics numerical measurement of the effectiveness of tasks and activities. Expectations of continual process improvement and tracking customer satisfaction were made explicit.
The ISO 9000 standard is continually being revised by standing technical committees and advisory groups, who receive feedback from those professionals who are implementing the standard.[1]
ISO 9001:2008 only introduces clarifications to the existing requirements of ISO 9001:2000 and some changes intended to improve consistency with ISO 14001:2004. There are no new requirements. Explanation of changes in ISO 9001:2008. A quality management system being upgraded just needs to be checked to see if it is following the clarifications introduced in the amended version.
Certification
ISO does not itself certify organizations. Many countries have formed accreditation bodies to authorize certification bodies, which audit organizations applying for ISO 9001 compliance certification. Although commonly referred to as ISO 9000:2000 certification, the actual standard to which an organization's quality management can be certified is ISO 9001:2008. Both the accreditation bodies and the certification bodies charge fees for their services. The various accreditation bodies have mutual agreements with each other to ensure that certificates issued by one of the Accredited Certification Bodies (CB) are accepted worldwide.
The applying organization is assessed based on an extensive sample of its sites, functions, products, services and processes; a list of problems ("action requests" or "non-compliance") is made known to the management. If there are no major problems on this list, or after it receives a satisfactory improvement plan from the management showing how any problems will be resolved, the certification body will issue an ISO 9001 certificate for each geographical site it has visited.
An ISO certificate is not a once-and-for-all award, but must be renewed at regular intervals recommended by the certification body, usually around three years. There are no grades of competence within ISO 9001: either a company is certified (meaning that it is committed to the method and model of quality management described in the standard), or it is not. In this respect, it contrasts with measurement-based quality systems such as the Capability Maturity Model.
Auditing
Two types of auditing are required to become registered to the standard: auditing by an external certification body (external audit) and audits by internal staff trained for this process (internal audits). The aim is a continual process of review and assessment, to verify that the system is working as it's supposed to, find out where it can improve and to correct or prevent problems identified. It is considered healthier for internal auditors to audit outside their usual management line, so as to bring a degree of independence to their judgments.
Under the 1994 standard, the auditing process could be adequately addressed by performing "compliance auditing":
Tell me what you do (describe the business process)
Show me where it says that (reference the procedure manuals)
Prove that this is what happened (exhibit evidence in documented records)
The 2000 standard uses a different approach. Auditors are expected to go beyond mere auditing for rote "compliance" by focusing on risk, status and importance. This means they are expected to make more judgments on what is effective, rather than merely adhering to what is formally prescribed. The difference from the previous standard can be explained thus:
Under the 1994 version, the question was broadly "Are you doing what the manual says you should be doing?", whereas under the 2000 version, the question is more specific "Will this process help you achieve your stated objectives? Is it a good process or is there a way to do it better?"
Effectiveness
The debate on the effectiveness of ISO 9000 commonly centers on the following questions:
Are the quality principles in ISO 9001:2000 of value? (Note that the version date is important: in the 2000 version ISO attempted to address many concerns and criticisms of ISO 9000:1994).
Does it help to implement an ISO 9001:2000 compliant quality management system?
Does it help to obtain ISO 9001:2000 certification?
Effectiveness of the ISO system being implemented depends on a number of factors, the most significant of which are:
1- Commitment of Senior Management to monitor, control, and improve quality. Organizations that implement an ISO system without this desire and commitment, often take the cheapest road to get a certificate on the wall and ignore problem areas uncovered in the audits.
2- How well the ISO system integrates into their business practices. Many organizations that implement ISO try to make their system fit into a cookie-cutter quality manual rather than create a manual that documents existing practices and only adds new processes to meet the ISO standard when necessary.
3- How well the ISO system focuses on improving the customer experience. The broadest definition of quality is "Whatever the customer perceives good quality to be". This means that you don't necessarily have to make a product that never fails, some customers will have a higher tolerance for product failures if they always receive shipments on-time, or some other dimension of customer service. Your ISO system should take into account all areas of the customer experience, the industry expectations, and seek to improve them on a continual basis. This means taking into account all processes that deal with the three stakeholders (your customers, your suppliers, and your organization), only then will you be able to sustain improvements in your customer experience.
4- How well the auditor finds and communicates areas of improvement. While ISO auditors may not provide consulting to the clients they audit, there is the potential for auditors to point out areas of improvement. Many auditors simply rely on submitting reports that indicate compliance or non-compliance with the appropriate section of the standard, however, to most executives, this is like speaking a foreign language. Auditors that can clearly identify and communicate areas of improvement in language and terms executive management understands allows the companies they audit to act on improvement initiatives. When management doesn't understand why they were non-compliant and the business implications, they simply ignore the reports and focus on what they do understand.
Advantages
Create a more efficient, effective operation
Increase customer satisfaction and retention
Reduce audits
Enhance marketing
Improve employee motivation, awareness, and morale
Promote international trade
Increases profit
Reduce waste and increases productivity.
Problems
A common criticism of ISO 9001 is the amount of money, time and paperwork required for registration.[25] According to Barnes, "Opponents claim that it is only for documentation. Proponents believe that if a company has documented its quality systems, then most of the paperwork has already been completed."[26]
ISO 9001 is not in any way an indication that products produced using its certified systems are any good. A company can intend to produce a poor quality product and providing it does so consistently and with the proper documentation can put an ISO 9001 stamp on it. According to Seddon, ISO 9001 promotes specification, control, and procedures rather than understanding and improvement.[27][28] Wade argues that ISO 9000 is effective as a guideline, but that promoting it as a standard "helps to mislead companies into thinking that certification means better quality, ... [undermining] the need for an organization to set its own quality standards." [29] Paraphrased, Wade's argument is that reliance on the specifications of ISO 9001 does not guarantee a successful quality system.
While internationally recognized, most US consumers are not aware of ISO 9000 and it holds no relevance to them. The added cost to certify and then maintain certification may not be justified if product end users do not require ISO 9000. The cost can actually put a company at a competitive disadvantage when competing against a non ISO 9000 certified company.
The standard is seen as especially prone to failure when a company is interested in certification before quality.[27] Certifications are in fact often based on customer contractual requirements rather than a desire to actually improve quality.[26][30] "If you just want the certificate on the wall, chances are, you will create a paper system that doesn't have much to do with the way you actually run your business," said ISO's Roger Frost.[30] Certification by an independent auditor is often seen as the problem area, and according to Barnes, "has become a vehicle to increase consulting services." [26] In fact, ISO itself advises that ISO 9001 can be implemented without certification, simply for the quality benefits that can be achieved.[31]
Another problem reported is the competition among the numerous certifying bodies, leading to a softer approach to the defects noticed in the operation of the Quality System of a firm.
Abrahamson[32] argued that fashionable management discourse such as Quality Circles tends to follow a lifecycle in the form of a bell curve, possibly indicating a management fad.
source: Wikipedia
M Junaid Tahir
No comments:
Post a Comment