BACKGROUND TO THE ISO 9001:2008 REVISION PROCESS

In order to assist organizations to have a full understanding of the new ISO 9001:2008, it may be useful to have an insight on the revision process, how this revision reflects the inputs received from users of the standard, and the consideration given to benefits and impacts during its development.

Prior to the commencement of a revision (or amendment) to a management system standard, ISO/Guide 72:2001 Guidelines for the justification and development of management system standards recommends that a “Justification Study” is prepared to present a case for the proposed project and that it outlines details of the data and inputs used to support its arguments. In relation to the development of ISO 9001:2008 user needs were identified from the following:

-the results of a formal “Systematic Review” on ISO 9001:2000 that was performed by the members of ISO/TC 176/SC2 during 2003-2004

-feedback from the ISO/TC 176/Working Group on “Interpretations”

-the results of an extensive worldwide “User Feedback Survey on ISO 9001 and

The Justification Study identified the need for an amendment, provided that the impact on users would be limited and that changes would only be introduced when there were clear benefits to users.

The key focuses of the ISO 9001:2008 amendment were to enhance the clarity of ISO 9001:2000 and to enhance its compatibility with ISO 14001:2004.

A tool for assessing the impacts versus benefits for proposed changes was created to assist the drafters of the amendment in deciding which changes should be included, and to assist in the verification of drafts against the identified user needs. The following decision making principles were applied:

1) No changes with high impact would be incorporated into the standard;

2) Changes with medium impact would only be incorporated when they provided a correspondingly medium or high benefit to users of the standard;

3) Even where a change was low impact, it had to be justified by the benefits it delivered to users, before being incorporated.

The changes incorporated in this ISO 9001:2008 edition were classified in terms of impact into the following categories:

-No changes or minimum changes on user documents, including records

-No changes or minimum changes to existing processes of the organization

-No additional training required or minimal training required

-No effects on current certifications

The benefits identified for the ISO 9001:2008 edition fall into the following categories:

-Provides clarity

-Increases compatibility with ISO 14001.

-Maintains consistency with ISO 9000 family of standards.

-Improves translatability.

Validity of certifications to ISO 9001:2000

One year after the publication of ISO 9001:2008 all accredited certifications issued (new certifications or re-certifications) shall be to ISO 9001:2008.Twenty four months after publication by ISO of ISO 9001:2008, any existingcertification issued to ISO 9001:2000 shall not be valid.
Organisations that are already certified to ISO 9001:2000 should contacttheir certification/registration bodies (CB/RB) to agree a programme for analysing the clarifications in ISO 9001:2008 in relation to their individual quality management systems and for upgrading their certificates.Certified organizations should bear in mind that ISO 9001:2000 certificateshave the same status as new ISO 9001:2008 certificates during the co-existence period. (i.e. Your current ISO 9001:2000 certificate will be valid up to 13th November 2010).Organizations in the process of certification to ISO 9001:2000 should change to using ISO 9001:2008 and apply for certification to it.New users should start by using ISO 9001:2008.

ISO 9001:2008 Quality Management System Standard

ISO 9001:2008 is the world most successful standard addressing best practice in the application of quality management systems.
The standard is based around the principles of customer satisfaction, continual improvement and the development of a process based quality management system. Although not referenced in the standard itself the ISO 9001:2008 document is underpinned by eight key quality management principles;
a customer focused organisation
leadership
the involvement of people
ensuring a process approach
a systematic approach to management
a factual approach to decision making
mutually beneficial supplier relations
continuous improvement
ISO 9001:2008 has been written to ensure that its guiding principles are equally relevant to all sectors of industry and to all types of organisation. Although containing requirements to control the key processes within an organisation, it only requires six documented procedures. The standard emphasises the need for an organisation to continually monitor their own processes and systems, with many clauses making reference to self monitoring or measurement or both. This emphasis aims for an integrated approach to business processes. Instead of operating to a business plan on one hand and a quality management system on the other, the standard aims to integrate both of these functions into one system.
What is a quality management system?ISO 9001:2008 is a standard that specifies criteria for a quality management system (QMS). A QMS incorporates those elements of an organisations management system that direct and control it with regard to quality. Such a system will need to be supported by top management who will need to be able to demonstrate management commitment.
How do you demonstrate management commitment?Management commitment is one of the cornerstones of ISO 9001:2008, requiring top management to develop and improve the QMS throughout the organisation. This commitment can be demonstrated by a number of methods including creating a quality policy, conducting management reviews and establishing quality objectives.
What is a quality policy?ISO 9001:2008 specifies that an organisation must have a quality policy that documents the organisations overall intentions and direction related to quality as formally expressed by top management. Such a policy will include a commitment to comply with ISO 9001:2008, to continuously improve the QMS and to set and monitor measurable quality objectives.
What are quality objectives?The quality objectives are those targets sought or aimed for by the organisation that are related to quality. These quality objectives must be SMART (suitable, measurable, achievable, reviewed and timely). Examples of quality objectives might be; to reduce machine down time by 20% or to reduce rework costs by ?00 p/m. Whatever quality objectives are chosen they must be meaningful and adequately resourced by the organisation.
What is a management review?A management review is a key element of how the top management of an organisation can assess its performance in terms of the objectives it sets itself, the requirements set by the standard and how its systems are operating. Normally, a management review is a regular meeting of the top management team and uses the information that the organisation? systems have derived. It is a useful forum to review and revise quality objectives.
What are internal audits and why do I need to carry them out?Internal audit is one of the key monitoring processes required by the standard and functions as a check on the organisation? systems. It is the opportunity for an organisation to determine compliance to the systems it has established and maintained to meet the needs of its customers and identify opportunities for improvement. Internal audit can be seen as a ealth check?for an organisation.
The ore?of ISO 9001:2008, Product realisationClause 7 of ISO 9001:2008 contains the core processes that most organisations carry out. Any clause or sub-clause in section 7 can be excluded from an organisations quality management system if it can be justifiably excluded. Examples of common exclusions are clause 7.3 design and development, clause 7.5.3 traceability and clause 7.6 the control of monitoring and measuring devices. Clauses can only be excluded if their exclusion does not affect the company? ability to provide a product or service that meets customer requirements.
These core processes should be managed and controlled via the quality management system, and are evaluated for effectiveness and suitability by the internal audits with feed back into the management review.
This is a clear demonstration of one of the key principles of ISO 9001:2008, continuous improvement by critical self-evaluation. The output from the self-evaluation is fed into a planning stage to determine actions needed to improve the system. Following the planning and consultation comes the action phase where the proposed changes are implemented. Then the cycle starts again by checking that the changes are effective and meaningful by self-evaluation.
Other requirements of section 7 are;Product planning to ascertain and then implement the necessary controls and resources to ensure product realisation.
Purchasing control to verify purchased product against comprehensive purchasing information and the selection and evaluation of suppliers.
Production and service provision to ensure that this activity is carried out in controlled conditions and that any processes that cannot be verified during production are validated to ensure capability. Where appropriate the product must be identified, and if required, traceable at all stages of production. Any customer property must be identified and protected from harm and all products must be stored and handled in such a way to preserve product conformity.
Any monitoring and measuring devices needed to provide evidence of product conformity must be identified and if necessary calibrated.
But what about the customer? All of the clauses in ISO 9001:2008 are in some way focused towards meeting and exceeding the customer? expectations. For example the requirement of management to determine and communicate the importance of customer requirements throughout the organisation, and the review of customer orders to ensure that they can be met. Companies are required to implement methods for effective communication with the client at all stages of the business including ascertaining customer satisfaction after the product or service has been delivered as well as resolving customer complaints.
Finally?ISO 9001:2008 is widely acclaimed as being the pre-eminent specification for quality management systems, it requires a company to look at itself and ask the question, ‘how can we improve?’ An ISO 9001:2008 management system should be an essential part of any business process, requiring continual improvement by self-evaluation with a goal of ensuring that current and future customer expectation can be met and exceeded.
If you have any queries concerning ISO 9001:2008 please visit http://www.iso-consults.com/

ISO 9001-2008 Vs. ISO 9001-2000 - the New Requirements and a Comparison Between Them

Congratulations to all of us quality managers. We have a new standard. ISO 9001: 2008. This is really an exciting moment for quality managers. In order to celebrate this event in a way that only quality managers know how, I prepared here a comparison article between the ISO 9001:2000 and the new born ISO 9001:2008. I also included my comments regarding my experience and my perspective of things.
At the end of it I will summon the new requirements from the new ISO 9001:2008 standard. Paragraph number 0.1 - Changes here are a statement about whom and where the standard is including any statutory requirements and have the same scale as any customer or regulatory requirements. It's also clarified that these requirements are restricted to those applicable to the product.
Paragraph number 0.4 - There is a comment that state that the new standard is made due consideration to ISO 14001:2004.
My comment - Of course. The world is getting greener every day so they must remind you of the ISO 14001 standard. I believe and recommend to any organization that is needed of the ISO 14001 standard to implement also the 9001. There is a big correlation between these two. They actually help one another.
Paragraph number 1 - Statutory requirements had been referred in connection with purchased products and product realization. Second note explains that a statutory requirement can be a legal requirement.
My comment - After so many years of auditions the long last debate had been settled. Statutory legal requirements and statutory requirements are obliged to the purchasing processes. It was always an open area that no one had the correct answer: is your supplier must follow the law or not? Apparently yes.
Paragraph number 2 - Normative reference - the ISO 9000 is now referred to ISO 9000:2005
Paragraph number 3 - Explanation about what is a customer and what is an organization and what is a supplier had been removed.
Paragraph number 4.1 - Clause a - The word "determine" is replacing the "identify". A note had been added stating that a purchased processes are regarded as purchasing products and another note that demand that these processes would be controlled as far as products. My comment - Come on, like it wasn't obvious before....
Paragraph number 4.2.1 - Slight change of words but when you examine the change you realize the meaning is the same. Note2 was changed - a single document may include requirements for more than one procedure and requirements of one procedure may appear in more than one document. My comment - It's about time. A lot of headaches are vowed to be save. If your audit was one of the old school and demanded everything by the book - now you may combine two quality procedures to one document: Job description and training for example or you can split one document into two. How ever it is suitable for you as long as you provide the demands.
Paragraph number 4.2.3 - A clarification that external documentation are the ones needed for the quality management system.
Paragraph number 5.1 - Clause a - the word "statutory" had been added.
Paragraph number 5.5.2 - An addition for a demand that the management representative would be a member of the organization's management.
My comment - That addition puts all external consultants at risk - you can no longer be the management representative. That sets a whole new line of forms and documentations for you to develop in order that the external consultants would be considered as a management representative.
Paragraph number 6.2 - Change of words from "affecting product quality" to "affecting conformity to product requirements"
Paragraph number 6.2.2 - Clause b -"provide training or take other actions to satisfy these needs" changed to "where applicable training needs to be provided to achieve the necessary competence". My comment - It all goes back to defining .You defined what is necessary now you must provide it - nothing is new.
Clause c - you must ensure that the training is with competence rather than if it was an effective training.
My comment - On one hand it is an improvement. The training must be reviewed before. But I think it's not such an improvement. Instead of testing your employees if they got anything of the training you must now check the training itself before. Only time will tell...
Paragraph number 6.3 - Clause c - information systems are included. My comment - They are totally right!
Paragraph number 6.4 - A new note: noise, humidity, temperatures are part of a working environment.
My comment - That also puts an old debate aside. No longer can cruel owners of factories ignore these factors. Wait until they will combine OHSAS 18001...
Paragraph number 7.1 - Clause c - measurement had been added to the activities.
Paragraph number 7.2.1 - Clause a - change of words - not of the meaning. Clause c- the word 'applicable' replaces 'related'. Clause d - change of words - not of meaning. A note has been added to explain what is the meaning of "post delivery activities".
My comment - I agree with the "post delivery activities" - it wasn't clear enough for my opinion. Paragraph number 7.3.1 - A note had been added clarifying that design review, verification and validation are separated processes but they might be conducted together.
Paragraph number 7.3.3- A change of wording. A note had been added clarifying what is included in "preservation of product".
Paragraph number 7.5.3 - A requirement added specifying that product traceability must be included throughout the product realization.
My comment - That actually means that the product must be identifying not only on the shelves but also throughout the realization process.
Paragraph number 7.5.4 - A change of words to in the requirement to inform the customer of any problem regarding his property. The note had been amended that also personal data is included as customer's property.
Paragraph number 7.5.5 - A change of words: from "conformity of" to "in order to maintain conformity to requirements"
Paragraph number 7.6 - A change of words: from "devices" to "equipment" The reference to paragraph 7.2.1 had been removed. Clause c - from "be identified to enable the"to " identification to enable their"
Changes in the notes: Note 1 - the reference to ISO 100012-2 had been removed. Note 3 - explanation about when configuration of computer must be applied when the computer is used for monitor and measurements processes.
My comment - That means that from now on a computer that provides any kind of measurements services is considered a monitoring and measuring device. How can one calibrate a computer? Ask the supplier or your system administrator. They will know better than anyone.
Paragraph number 8.2.1 - A note had been added to suggest some means of conducting customer satisfaction evaluation.
Paragraph number 8.2.2- Requirements for the audit evidence and results had been added and also that the management is responsible for ensuring preventive and corrective action to be taken. The reference to the ISO 10011 is changed to ISO 19011.
Paragraph number 8.2.3 - A change of words: "to ensure conformity of the product" had been removed. A note had been added to clarify that the organization should determine the type of the monitoring and measuring according to the processes and how will this affect the quality management system.
Paragraph number 8.2.4 - A change of word: "maintain evidence of conformity with acceptance criteria" had been removed but it is still a requirement.
Paragraph number 8.3 - An addition - Clause d - specify how to deal with a nonconforming product that was discovered after delivery - but actually there nothing new only that they moved it to a new clause.
So, what are the new requirements of the new standard?
· Statutory requirements are given scale as any other legal or customer's requirements.
· The statutory requirements are including the suppliers as well.
· A purchased process is just like any other product that the organization purchased. If it's affecting the product it must be under the quality system.
· You may include two quality processes in one document and split one process to two documents.
· The management representative must be a member of the management.
· A requirement to ensure that trainings are suitable for the product in advance and not to check if the training was effective after it was taken.
· Information system in now officially considered as a substructure.
· Parameters such as humidity, noise and temperatures, concerning the employees' health are considered as working environment.
· Measuring is considered as one of the activities of product realization.
· The product must be identifying not only on the shelves but also throughout the realization process.
· The management is now responsible for preventive and corrective actions regarding nonconformities that were discovered during audit.
· The organization should determine the type of the monitoring and measuring according to the processes and how will this affect the quality management system.