ISO 9000 _ AN INTRODUCTION
Chia sẻ: tuongvan
ISO 9000 is rapidly becoming the most important quality management standard in the world. Thousands of companies in over 100 countries have already adopted it, and many more are in the process of doing so. Why? Because it controls quality. It saves money. Customers expect it. And competitors use it.
Nội dung Text: ISO 9000 _ AN INTRODUCTION
- ISO 9000 AN INTRODUCTION I S O 9 0 0 0 is rapidly becoming the most important quality management standard in the world. Thousands of companies in over 100 countries have already adopted it, and many more are in the process of doing so. Why? Because it controls quality. It saves money. Customers expect it. And competitors use it. ISO 9000 applies to all types of organizations. It doesn't matter what size they are or what they do. It can help both product and service oriented organizations achieve standards of quality that are recognized and respected throughout the world. I S O is the I nternational Organization for Standardization. It is located in Switzerland and was established in 1947 to d evelop common international standards in many areas. Its members come from over 150 national standards bodies. What is ISO 9000? The term ISO 9000 unfortunately has two different meanings: it refers to a single standard (ISO 9000) and it refers to a set of three standards (ISO 9000, ISO 9001, and ISO 9004). All three are referred to as quality management system standards. ISO 9000 discusses definitions and terminology and is used to clarify the concepts used by the ISO 9001 and ISO 9004 standards. ISO 9001 contains requirements and is often used for certification purposes while ISO 9004 presents a set of guidelines and is used to develop quality management systems that go beyond ISO 9001. I SO's purpose is to facilitate international trade by providing a single set of standards that people everywhere would recognize and respect. The ISO 9000 standards apply to all kinds of organizations in all kinds of areas. Some of these areas include manufacturing, p rocessing, servicing, printing, forestry, electronics, steel, c omputing, legal services, financial services, accounting, trucking, banking, retailing, drilling, recycling, aerospace,
- construction, exploration, textiles, pharmaceuticals, oil and gas, pulp and paper, petrochemicals, publishing, shipping, e nergy, telecommunications, plastics, metals, research, h ealth care, hospitality, utilities, pest control, aviation, machine tools, food processing, agriculture, government, education, recreation, fabrication, sanitation, transportation, software development, consumer products, product design, instrumentation, tourism, communications, biotechnology, chemicals, engineering, farming, entertainment, consulting, insurance, and so on. How does ISO 9000 Work? Here's how it works. You decide that you need to develop a quality management system that complies with the ISO 9001 r equirements. That's your mission. You choose to follow this path because you feel the need to control or improve the q uality of your products and services, to r e d u c e the costs associated with poor quality, or to become more competitive. Or, you choose this path simply because your customers e xpect you to do so or because a governmental body has made it mandatory. You then develop a quality management system that meets the requirements specified by ISO 9001. In the course of doing so, you may also wish to consult the ISO 9000 definitions and the ISO 9004 guidelines. But how do you develop such a q u a l i t y management s ystem? There are at least two approaches. You can either do a gap analysis or follow a detailed quality management system development plan. If you've already got a functioning quality management system, we suggest that you carry out a g ap analysis . A gap analysis will tell you exactly what you need to do to meet the ISO 9001 standard. It will help you to identify the gaps that exist between the ISO 9001 standard and your organization's processes. Once you know where the gaps are, you can take steps to fill your gaps. By following this incremental approach, you will not only comply with the ISO 9001 standard, but you will also improve the overall effectiveness of your organization's quality management system. A gap analysis will also help you to figure out how much time it will take and how much it will cost to bring your QMS into compliance with the ISO 9001 standard.
- However, if you don't have a quality management system or you're starting from scratch, we suggest that you use an ISO 9001 process-based QMS development plan to develop your quality management system. Once your QMS has been fully developed and implemented, you may wish to carry out an i nternal compliance audit to ensure that it complies with the ISO 9001 2008 requirements. Once you're sure that your QMS is fully compliant, you're ready to ask a registrar (certification body) to audit the effectiveness of your QMS. If your auditors like what they see, they will certify that your QMS has met ISO's requirements. While ISO 9001 is specifically designed to be used for certification purposes, you don't have to become certified. ISO does not require formal certification (registration). You can simply establish a compliant QMS and then announce to the world that it complies with the ISO 9001 standard. Of course, your compliance claim may have more credibility in the marketplace if an independent registrar has audited your QMS and agrees with your claim. Why is ISO 9000 Important? ISO 9000 is important because of its orientation. While the content itself is useful and important, the content alone does not account for its widespread appeal. ISO 9000 is important because of its international orientation. Currently, ISO 9000 is supported by national standards bodies from more than 150 countries. This makes it the logical choice for any organization that does business internationally or that serves customers who demand an international standard of excellence. ISO is also important because of its systemic orientation. We think this is crucial. Many people wrongly emphasize motivational and attitudinal factors. The assumption is that quality can only be created if workers are motivated and have the right attitude. This is fine, but it doesn't go far enough. Unless you institutionalize the right attitude by supporting it with the right policies, procedures, records, technologies, resources, and structures, you will never achieve the standards of quality that other organizations seem to be able to achieve. Unless you establish a quality attitude by creating a quality
- management system, you will never achieve a world-class standard of quality. Simply put, if you want to have a quality a ttitude you must have a quality s ystem . This is what ISO recognizes, and this is why ISO 9000 is important.
- ISO 9000 2005 Quality Management Principles Translated into Plain English According to ISO 9000, the ISO 9001 and 9004 standards are based on eight quality management principles . These principles were chosen because they can be used to improve performance and achieve success. But how can you ensure that your organization applies these principles? The answer is to establish a quality management system that meets the ISO 9001 2008 standard. If you do so, your organization will automatically apply these principles. This is because they permeate the ISO 9001 standard and will therefore be built into any quality system that is based on this standard. So if you want to improve the performance of your organization, you need to develop and implement an ISO 9001 2008 quality management system that applies the eight principles listed below. Organizations rely on customers. Therefore: 1 Focus • Organizations must understand customer needs. on your • Organizations must meet customer requirements. customers • Organizations must exceed customer expectations. Organizations rely on leaders. Therefore: 2 Provide • Leaders must establish a unity of purpose and leadership set the direction the organization should take. • Leaders must create an environment that encourages people to achieve the organization's objectives. Organizations rely on people. Therefore: 3 Involve • Organizations must encourage the your involvement of people at all levels. people • Organizations must help people to develop and use their abilities. Organizations are more efficient and effective 4 Use a when they use a process approach. Therefore: process • Organizations must use a process approach approach to manage activities and related resources.
- Organizations are more efficient and effective 5 Take a when they use a systems approach. Therefore: systems • Organizations must identify interrelated approach processes and treat them as a system. • Organizations must use a systems approach to manage their interrelated processes. Organizations are more efficient and effective 6 Encourage when they continually try to improve. Therefore: continual • Organizations must make a permanent commitment improvement to continually improve their overall performance. Organizations perform better when their 7 Get the facts decisions are based on facts. Therefore: before you • Organizations must base decisions on the decide analysis of factual information and data. Organizations depend on their suppliers 8 Work to help them create value. Therefore: with your • Organizations must maintain a mutually suppliers beneficial relationship with their suppliers.
- ISO 9001 2008 vs ISO 9001 2000 ISO 9001 2008 and ISO 9001 2000 use the same numbering system to organize the ISO 9001 2008 and ISO 9001 2000 use the same numbering system to organize the standard. As a result, the new standard looks much like the old standard. However, some important clarifications and modifications were made. These changes are summarized below. Outsourced Processes The process approach continues to be of central importance to ISO 9001. And since outsourcing has become increasingly common during the last few years, the new ISO 9001 standard has expanded its discussion of outsourced processes (see ISO 9001 Part 4.1). The new standard makes it clear that an outsourced process is still part of your QMS even though it is performed by a party that is external to your organization. The new standard emphasizes the need to ensure that outsourced processes comply with all customer and legal requirements. While the responsibility for a process may have been outsourced, your organization is, nevertheless, still responsible for ensuring that it meets all customer, regulatory, and statutory requirements. While the old standard said that outsourced processes must be controlled, the new standard goes further by expecting you also to specify the type, nature, and extent of control. ISO 9001 2008 also wants you to think carefully about how you’re going to control outsourced processes. How you choose to control an outsourced process should be influenced by the potential impact it could have on your products, whether or not process control will be shared with the process supplier, and whether or not adequate controls can be contractually established using your purchasing process. Documentation ISO 9001 2008, Part 4.2.1, makes it clear that QMS documentation
- includes not only the records required by the standard but also the records that your organization needs to have in order to be able to plan, operate, and control its QMS processes. So the new standard has expanded the definition of documentation to include all QMS process records. Part 4.2.1 makes it clear that a single document may contain several procedures or several documents may be used to describe a single procedure. While this has always been an option, the new standard makes this possibility explicit. ISO 9001 2000 Part 4.2.3 gave the impression that all external documents needed to be identified and controlled. This has now been clarified. The new standard says that you need to identify and control the distribution of only those external documents that you need in order to be able to plan and operate your QMS. In other words, only relevant external QMS documents need to be controlled, not all of them. Management Representative ISO 9001 2000, Part 5.5.2, allowed you to appoint any member of management to oversee the organization’s QMS. Since the old standard did not explicitly say that the management representative must be a member of the organization’s own management, outsiders were sometimes appointed, instead. This loophole has now been closed. ISO 9001 2008 now makes it clear that the management representative must be a member of the organization’s own management. Outsiders may no longer perform this important function. Competence While both old and new standards stress the importance of competence, the old standard wasn’t very clear about who they were talking about. Now it’s pretty clear that all QMS personnel must be competent. ISO 9001 2008, Part 6.2.1, makes it clear that any task within the QMS may directly or indirectly affect the organization’s ability or willingness to meet product requirements. Since any QMS task could directly or indirectly influence product quality, the competence of anyone and everyone who carries out any QMS task must be assured.
- Infrastructure For ISO 9001 2000 (Part 6.3) the term infrastructure includes buildings, workspaces, equipment, software, utilities, and support services like transportation and communications. ISO 9001 2008 has now added information systems to the previous list of support services. Both old and new standards expect you to provide the infrastructure (including information systems) that your organization needs in order to ensure that product requirements are being met. Work Environment According to ISO 9001 2000, Part 6.4, you are expected to manage the work environment that your organization needs in order to be able to ensure that all product requirements are being met. However, it failed to indicate exactly what they were talking about. This problem has now been solved. ISO 9001 2008 says that the term work environment refers to working conditions. These working conditions include physical and environmental conditions, as well as things like noise, temperature, humidity, lighting, and weather. According to the new standard, all of these conditions need to be managed in order to help ensure that product requirements are being met. Customer Requirements According to ISO 9001 2000, Part 7.2.1, you are expected to identify your customers’ specific delivery and post delivery requirements. Since some people weren’t sure about what post delivery meant, the new standard has tried to clarify this. According to ISO 9001 2008, post delivery requirements include things like warranty provisions, contractual obligations (such as maintenance), and supplementary services (such as recycling and final disposal). Design and Development Planning Both old and new standards expect organizations to plan and perform product design and development review, verification,
- and validation activities (Part 7.3.1). While each of these three activities serves a different purpose, ISO 9001 2008 makes it clear that these three activities can be carried out and recorded separately or in any combination as long as it makes sense for the product and the organization. Design and Development Outputs Part 7.3.3 of ISO 9001 2000 wants you to make sure that the design and development process generates information (outputs) that your purchasing, production, and service provision processes need to have. ISO 9001 2008 now also says that design and development outputs could include information that explains how products can be preserved during production and service provision. Monitoring and Measuring Equipment While ISO 9001 2008, Part 7.6, refers to the need to control monitoring and measuring equipment, the old standard talked about controlling devices. Since the term device can refer to almost anything from a literary contrivance to a machine, its meaning wasn’t exactly clear. The new ISO 9001 standard has removed this ambiguity by using the term equipment. Both the old and the new standard wants you to confirm that monitoring and measuring software is capable of doing the job you want it to do. In addition to this requirement, the new standard suggests (in a note) that configuration management and well established verification methods can be used to ensure the ongoing suitability of monitoring and measuring software. However, this is not a requirement, just a statement that explains how the ongoing suitability of software can be maintained. Customer Satisfaction Both old and new standards want you to monitor and measure customer satisfaction (perceptions). A new note to
- ISO 9001 2008, Part 8.2.1, explains that there are many ways to monitor and measure customer satisfaction. You could use customer satisfaction and opinion surveys. And you could collect product quality data (post delivery), track warranty claims, examine dealer reports, study customer compliments and criticisms, and analyze lost business opportunities. Internal Audit Records Both old and new standards refer to the need to establish a procedure to define how internal audits should be planned, performed, reported, and recorded (Part 8.2.2). However, the old standard did not explicitly state that audit records must actually be maintained. This oversight has now been corrected. ISO 9001 2008 now explicitly says that you must maintain a record of your internal audit activities and results. Process Monitoring and Measurement Both old and new standards expect you to monitor and measure your QMS processes. A new note to ISO 9001 2008, Part 8.2.3, wants you to consider the impact each process has on the overall effectiveness of your QMS and the impact it has on your ability to meet product requirements (when you’re making decisions about what kinds of process monitoring and measurement methods should be used). Release of Product According to ISO 9001 2000, Part 8.2.4, you must make sure that product monitoring and measuring records indicate who was responsible for authorizing the release of products. However, the old standard did not specify who must be on the receiving end. This has now been clarified. ISO 9001 2008 now makes it clear that products are released for delivery to customers. Records must now indicate who releases products for delivery to customers.
- standard. As a result, the new standard looks much like the old standard. However, some important clarifications and modifications were made. These changes are summarized below.
- ISO 9001 2000 versus ISO 9001 1994 New Standard In the past, ISO had three standards: ISO 9001:1994, ISO 9002:1994, and ISO 9003:1994. Now there's only one standard: ISO 9001:2000! ISO 9002 and ISO 9003 have been dropped. So, if you are currently ISO 9002:1994 or ISO 9003:1994 certified, you will now need to become ISO 9001:2000 certified. And if you're now ISO 9001 certified, you're going to have to update your quality system in order to meet the new ISO 9001:2000 requirements. New Structure When you compare ISO 9001:1994 and ISO 9001:2000 you’ll notice that ISO has abandoned the 20-clause structure of the old standard. Instead of 20 sections, the new standard now has 5 sections. ISO reorganized the ISO 9001 standard in order to create a more logical structure, and in order to make it more compatible with the ISO 14001 environmental management standard. While this reorganization is largely a cosmetic change, it could have some rather profound implications if you’ve organized your current quality manual around the old 20-part structure. New Emphasis In general, the new standard is more customer-oriented than the old standard. While the old standard was also oriented towards meeting customer requirements and achieving customer satisfaction, the new standard addresses this in much greater detail. In addition, it expects you to communicate with customers and to measure and monitor customer satisfaction. The new standard also emphasizes the need to make improvements. While the old standard did implicitly expect organizations to make improvements, the new standard makes this explicit. Specifically, ISO 9001 now wants you to evaluate the effectiveness and suitability of your quality management system, and to identify and implement systemic improvements. New Definitions
- In the past, organizations that wished to be certified were referred to as suppliers because they supplied products and services to customers. Since many people were confused by this usage, ISO has decided to use the word o rganization instead. Now the ISO standards focus on the organization, not the supplier. The term supplier now refers to the organization’s supplier. The new redefined term supplier replaces the old term subcontractor (which has now been dropped). While this may sound a bit confusing, this new usage simply reflects the way these words are normally used. While you’re probably familiar with the previous concepts, you may not have heard of the next one. ISO now uses the phrase p roduct r ealization . While this is a rather abstract concept, it is now central to ISO’s approach. In fact, ISO devotes an entire section to this new concept (Section 7). So what does it mean? In order to grasp what it means you need to recognize that a product starts out as an idea. The idea is realized or actualized by following a set of product realization processes. Product realization refers to the interconnected processes that are used to bring products into being. In brief, when you start out with an idea and end up with a product, you’ve gone through the process of product realization. New Requirements The new ISO 9001:2000 standard introduces some new requirements and modifies some old ones. These requirements are summarized below. For more detail, please see the associated ISO 9001:2000 clauses (in brackets). • Communicate with customers (7.2.3). • Identify customer requirements (5.2, 7.2.1). • Meet customer requirements (5.2). • Monitor and measure customer satisfaction (8.2.1). • Meet regulatory requirements (5.1). • Meet statutory requirements (5.1). • Support internal communication (5.5.3). • Provide quality infrastructure (6.3). • Provide a quality work environment (6.4). • Evaluate the effectiveness of training (6.2.2). • Monitor and measure processes (8.2.3). • Evaluate the suitability of quality management system (8.4). • Evaluate the effectiveness of quality management system (8.4). • Identify quality management system improvements (5.1, 8.4).
- • Improve quality management system (5.1, 8.5). New Flexibility Under the new ISO 9001:2000 standard, you may ignore or exclude some requirements. Requirements that may be ignored under special circumstances are known as exclusions. According to ISO, you may ignore or exclude any of the requirements found in Section 7 Product realization as long as you meet certain conditions. You may exclude a Section 7 requirement if you cannot apply it. More precisely, you may exclude or ignore a requirement if: • You cannot apply it because of the nature of your organization, or • You cannot apply it because of the nature of your products or services However, you may not exclude or ignore Section 7 requirements if doing so will compromise your ability or willingness to meet the requirements set by customers and regulators. We believe that this permissible exclusion clause is a very important improvement. We think it’s important because it makes implementation more flexible and conformance less rigid. Because of this significant innovation, you’re more likely to end up with a quality management system that not only complies with ISO’s standards but also meets your organization’s unique needs. This new, more flexible, approach is further demonstrated in another way. When you study the new ISO 9001 standard, you’ll notice that it is less prescriptive than the old standard. In general, the new standard tells you what to do not how to do it. This is particularly evident when you look at how many times procedures are required. When you compare the old and the new standard, you’ll notice that procedures are much less often required by the new standard. This more flexible approach gives you more freedom to decide how you’re going to meet the requirements. In general, this should make it easier for you to develop a more suitable and effective quality management system. New Approach In order to understand ISO 9001:2000 at a deeper level, you need to
- recognize that ISO uses a process approach to quality management. While the process approach is not new, the increased emphasis ISO now gives to it is new. It is now central to the way ISO thinks about quality management systems. According to this approach, a quality management system can be thought of as a single large process that uses many inputs to generate many outputs. This large process is, in turn, made up of many smaller processes. Each of these processes uses inputs from other processes to generate outputs which, in turn, are used by still other processes. In summary, an ISO 9001:2000 Quality Management System is made up of many processes, and these processes are glued together by means of many input-output relationships. These input-output relationships turn a simple list of processes into an integrated system. Without these input-output relationships, you wouldn't have a Quality Management System.
- ISO 9001 2008* Plain English Overview This page presents a plain English overview of the ISO 9001 2008 Quality Management Standard. To see a more detailed version , please visit I SO 9001 2008 Translated into Plain English . NOTE: ISO presents its requirements in sections 4 to 8 of ISO 9001 2008. Therefore, the following material begins with section 4. 4. General Requirements 4.1 • Establish your organization's QMS. Develop • Document your organization's QMS. your QMS • Implement your organization's QMS. • Maintain your organization's QMS. • Improve your organization's QMS. 4.2 4.2.1 Manage QMS documents. Document 4.2.2 Prepare QMS manual. your QMS 4.2.3 Control QMS documents. 4.2.4 Establish QMS records. 5. Management Requirements 5.1 • Support the development of your QMS. Show your • Support the implementation of your QMS. commitment to quality • Support efforts to continually improve your QMS.
- 5.2 • Identify customer requirements. Focus on • Meet your customers' requirements. customers 5.3 • Ensure that quality policy expects requirements to be met. Support your • Ensure that quality policy makes a commitment to improve. quality policy • Ensure that quality policy actively supports quality objectives. • Ensure that quality policy is communicated and discussed. • Ensure that quality policy is periodically reviewed. 5.4 5.4.1 Establish your quality objectives. Carry out your 5.4.2 Plan your quality management system. QMS planning 5.5 5.5.1 Define responsibilities and authorities. Allocate QMS 5.5.2 Create management representative role. responsibility and authority 5.5.3 Support internal communication. 5.6 5.6.1 Review quality management system. Perform QMS 5.6.2 Examine management review inputs. management reviews 5.6.3 Generate management review outputs. 6. Resource Requirements 6.1 • Identify the resources that your QMS needs. Provide required • Provide the resources that your QMS needs. QMS resources 6.2 6.2.1 Ensure the competence of workers. Provide 6.2.2 Meet competence requirements. competent QMS personnel 6.3 • Identify your infrastructure needs. Provide necessary • Provide needed infrastructure. infrastructure • Maintain your infrastructure. 6.4 • Identify needed work environment.
- Provide suitable • Manage needed work environment. work environment 7. Realization Requirements 7.1 • Establish a product realization planning process. Control product • Plan the realization of your organization's products. realization planning • Prepare product realization planning outputs. • Develop your product realization processes. 7.2 7.2.1 Identify your product requirements. Control customer 7.2.2 Review customers' product requirements. related processes 7.2.3 Communicate with your customers. 7.3 7.3.1 Plan product design and development. Control your 7.3.2 Identify design and development inputs. product design and development 7.3.3 Generate design and development outputs. 7.3.4 Carry out design and development reviews. 7.3.5 Perform design and development verifications. 7.3.6 Conduct design and development validations. 7.3.7 Manage design and development changes. 7.4 7.4.1 Establish control of your purchasing process. Control purchasing 7.4.2 Specify your purchasing requirements. and purchased products 7.4.3 Verify your purchased products. 7.5 7.5.1 Establish control of production and service. Control production 7.5.2 Validate production and service provision. a nd service p rovision 7.5.3 Identify and track your products. 7.5.4 Protect property supplied by customers. 7.5.5 Preserve your products and components. 7.6 • Identify monitoring and measuring needs. Control monitoring • Select monitoring and measuring equipment. and measuring
- equipment • Establish monitoring and measuring processes. • Calibrate monitoring and measuring equipment. • Protect your monitoring and measuring equipment. • Confirm suitability of monitoring and measuring software. 8. Remedial Requirements 8.1 • Identify monitoring, measurement, and analytical processes. Establish • Plan monitoring, measurement, and analytical processes. monitoring and measurement • Implement monitoring, measurement, and analytical processes. processes 8.2 8.2.1 Monitor and measure customer satisfaction. Carry out 8.2.2 Plan and perform regular internal audits. monitoring and measurement 8.2.3 Monitor and measure your QMS processes. activities 8.2.4 Monitor and measure product characteristics. 8.3 • Establish a nonconforming products procedure. Identify and • Document your nonconforming products procedure. control nonconforming • Implement your nonconforming products procedure. products • Maintain your nonconforming products procedure. 8.4 • Define your QMS information needs. Collect and • Collect data about your organization's QMS. analyze quality management data • Provide information by analyzing your QMS data. 8.5 8.5.1 Improve the effectiveness of your QMS. Make 8.5.2 Correct nonconformities to prevent recurrence. improvements and take remedial 8.5.3 Prevent the occurrence of nonconformities. actions If you'd like to see how we've translated each of these ISO 9001 sections into plain and simple English, please see our detailed I SO 9001 2008 p age.