Data Center.com

ISO 9000

By Ben Lutkevich

What is ISO 9000?

ISO 9000 is a series of standards, developed and published by the International Organization for Standardization (ISO). It defines, establishes and maintains an effective quality assurance (QA) system for manufacturing and service industries.

The ISO 9000 standard is the most widely known and has perhaps had the most impact of the 13,000 standards the ISO has published. It serves many different industries and organizations as a guide to quality products, service and management.

The one standard in the ISO 9000 series of standards that an organization can earn a certification in is the ISO 9001 individual standard. By earning that certification, an organization shows it is compliant with its industry's ISO 9000 standards. To be certified, an outside examiner must check the organization's practices.

As part of an assessment, staff members are interviewed to ensure they understand how compliance works. The assessor examines the organization's paperwork for compliance and files a detailed report that identifies any parts of the standard where the organization is not in compliance. The organization then agrees to correct problems within a specific time. When all problems are corrected, the organization can then be certified.

There are more than a million organizations in more than 170 countries that have earned the ISO 9001 certification. The technical committee behind ISO 9000 is TC 176. The official American National Standards Institute versions of the ISO 9000 series of standards can be obtained at the American Society for Quality.

ISO 9000 vs. 9001

ISO 9000 is a series of individual standards. The core standards contained within the series are:

• ISO 9000 (2015). Provides information on quality management system (QMS) fundamentals and vocabulary.
• ISO 9001 (2015). Outlines QMS
• ISO 9004 (2018). Gives guidance on how to achieve sustained success in quality management.
• ISO 19011 (2018). Provides guidelines for auditing management systems.

ISO 9000 is also the name of an individual standard within that ISO 9000 series of standards. The ISO 9000 individual standard covers the fundamental vocabulary, concepts and principles for the entire 9000 series. It covers the basics of quality management as described by ISO and introduces the ISO's seven quality management guidelines.

The ISO 9001 is a standard within the ISO 9000 series. It covers the requirements an organization must meet to be certified as compliant. It defines what a company can do to provide a product or service that consistently meets customer expectations and any regulatory requirements that apply. It provides processes for QMS improvement.

ISO 9001 requires organizations conduct internal audits. And, as mentioned earlier, it is the only standard in the 9000 series that organizations can get certified for.

Why is ISO 9000 important?

ISO 9000 is significant in several ways, including the following:

• It establishes standards for how an organization's product or service will meet customer and stakeholder needs within a set of regulatory requirements.
• It helps an organization build, maintain and continuously improve its QMS with the end goal of providing the best service or product quality
• Companies that follow the guidelines are likely to reduce the cost of production because the standards and controls put in place cut down on costly and time-consuming mistakes. A focus on process also enables organizations to use personnel, resources and time most efficiently.
• Following the standards can give organizations a competitive advantage because compliance enhances an organization's reputation.
• Many industry-specific QMS standards are based on ISO 9000, such as ISO 13485, which is used in the medical industry. ISO 9000 is often integrated with industry-specific standards.

ISO 9000 quality management guidelines

There are seven quality management principles included in ISO 9000:

1. Customer focus. Businesses must understand customer requirements and aim to exceed customer expectations. Organizations should measure customer satisfaction with their product or service as well. Surveys are one way to do this, monitoring customer complaints is another.
2. Leadership. Organizational leaders should establish a vision for the direction of the company and empower employees to reach that goal. Leaders should establish trusted relationships with employees and recognize their contributions.
3. Engagement. Employees at every level should be involved.
4. Process. Organizations should manage resources as a process. They should use process analysis tools to measure what the organization is capable of, identify links between activities to streamline processes and look for ways to improve processes.
5. Continuous improvement. Companies should take a continual improvement approach and empower people to make improvements, measure improvement consistently and celebrate those improvements.
6. Evidence-based decision-making. Organizations should make decisions based on sound data analysis, balanced with practical experience and qualitative evidence. This involves using techniques like decision matrices to evaluate and rank options and multivoting, which helps a group narrow down a list of options.
7. Relationship management. Organizations should focus on fostering a mutually beneficial relationship with partner organizations, including suppliers, service providers and contractors. They should share resources, collaborate on development efforts and recognize successes to achieve efficient supply chain management.

ISO 9001 certification

An ISO 9001 certification shows an organization's products and services meet quality requirements. To earn an ISO 9001 certification, an organization must demonstrate the following:

• it follows ISO 9000 guidelines;
• it follows its own guidelines and requirements;
• it meets statutory and regulatory requirements; and
• it documents its performance.

An auditor may interview management at the organization to see if they understand their role in complying with ISO 9000. Internal audits from company staff are also required. ISO 19011 provides guidance on auditing quality management systems, and ISO 9001 clause 9.2.2 provides guidance on internal audit processes.

Organizations can work with the American Society for Quality or third-party certification organizations to get certified. They offer courses and materials to help organizations prepare for compliance. ISO does not certify organizations by itself.

History and revisions of ISO 9000

ISO 9000 has its roots in the BS 5750, a standard developed by the British Standards Institution. It was published in 1979 and is considered to be the first management systems quality standard. The BS 5750 replaced specific industry standards and provided a series of standards for all industries in the United Kingdom.

The ISO published the first version of the ISO 9000 based on the BS 5750. The two documents shared a similar structure, with three models for QMSes. This first iteration of ISO 9000 was thought of as the international version of the BS 5750.

The ISO 9000 has been through five editions, including its initial release. The timeline of new edition releases is as follows:

• 1987. The initial release had three QMS standards:
  • 9001 focused on design;
  • 9002 focused on QA in production; and
  • 9003 focused on QA during final inspection.
• 1994. This edition emphasized QA preventive action and QA post-production. It required a lot of documentation.
• 2000. This edition reduced the amount of documentation needed, replaced all three former standards and focused on process management and process performance metrics.
• 2008. There were no major changes in this edition but rather clarifications to improve consistency with other ISO standards.
• 2015. This is the current version. The structure was modified to make it easier to integrate ISO 9000 with other international standards. It also focuses on customer satisfaction, measuring performance and being less prescriptive.

Learn how to prepare for the ISO 9001 certification.