Quality can be defined in many ways, depending on what matters to us. More often than not, when we pay for a product or service perceived to be of ‘good quality ‘, it is considered to be a worthwhile investment – in that we expect to get the value for our money. Often we hear expressions like: “a high quality sparkling wine”, “quality leather shoes”, “unparalleled quality service”, or even “world class education”- all in relation to what we are ready to sacrifice, in exchange for value (or perceived value). But much as we may use all these expressions, we rarely give credit to the processes that are employed to produce these so called ‘quality products or services’ – the fact that the processes need to be consistent, predictable, cost effective and constantly be improved upon in order to guarantee the production of products and services that will satisfy customers, while at the same time ensure that benefits accrue to the producers and other stakeholders. These processes can be managed in such a manner through a quality management system.
According to the American Society for Quality (ASQ): “A quality management system (QMS) is defined as a formalized system that documents processes, procedures, and responsibilities for achieving quality policies and objectives. A QMS helps coordinate and direct an organization’s activities to meet customer and regulatory requirements and improve its effectiveness and efficiency on a continuous basis.”
What is ISO 9001?
ISO 9001 is the world’s most recognized and most popular Quality Management System (QMS) standard which can be implemented in organizations of any type and size in any industry. It offers the means to continually improve and measure the performance of an organization’s quality management system.
ISO 9001 provides a framework and set of principles that ensure a flexible approach to the management of an organization, in order to consistently meet the needs of customers and other stakeholders. In other words, ISO 9001 certification enables processes and people to be effective so as to ensure delivery of effective products or services on a consistent basis.
ISO 9001 was developed by the ISO/Technical Committee (TC) 176 (on Quality management and quality assurance) of the International Organization for Standardization (ISO). The standard is maintained and updated by the same committee whose membership includes approximately 120 countries.
The History of ISO 9001
The International Organization for Standardization (ISO) developed ISO 9001 in order to allow Quality Management to reach a wider international audience. The standard was built on the success of BS5750, which was the first specific quality management system applicable to industry as a whole
The first version of ISO 9001 was published in 1987. It is reviewed every 5 to 8 years, so that it remains relevant to the changing demands and challenges of global business.
Below is a timeline which shows a brief history of ISO 9001, indicating the significant changes to the standard:
ISO 9001:2015 Second Major revision
ISO 9001:2008 Second Minor revision
ISO 9001:2000 First Major revision
ISO 9001:1994 First Minor revision
ISO 9001:1987 First edition
The 7 Quality Principles
The principles were developed and are updated by international experts of ISO/TC 176 (which develops and maintains ISO’s quality management standards). They form a set of fundamental beliefs, norms, rules and values which can be used as a basis for quality management and as a foundation to guide an organization’s performance improvement. More specifically, following these principles will enable any organization to reap the rewards of greater consistency, better customer satisfaction and stronger performance. The following are the principles (They are not listed in any order of priority):
1. Engagement of people
When people at all levels of the organization are competent, empowered and engaged they will deliver value. It is essential that everyone in the organization understands their role and feels valued for their contribution to its success
2. Customer focus
Customer focus means to constantly strive to meet or exceed customer requirements and expectations. Gathering customer feedback is essential as the information can be used to improve processes and, ultimately, the organizations performance.
3. Leadership
Leadership at all levels of the organization is required in order to establish unity of purpose and direction and create an environment where people are fully engaged in a quest to achieve the organization’s quality objectives. Strong leadership means having a clear vision for the organization’s future.
4. Process approach
When activities are viewed and managed as interrelated processes that function as a coherent system, rather than separate activities, it is much easier to achieve consistent and predictable results more effectively and efficiently. The Plan Do Check Act (PDCA) principle (Discussed later) of the ISO 9001 Standard enhances the process-approach culture throughout the organization.
5. Improvement
The concept of continuous improvement is essential if an organization is going to be successful. The Risk-based Approach of ISO 9001 (Discussed later) involves implementing processes for identifying risks and opportunities and finding ways to improve and make processes better.
6. Evidence-based decision making
Desired results are more likely to be achieved when decisions based on the analysis and evaluation of data and information.
7. Relationship management
When relationships with interested parties (such as suppliers, authorities and Community) are well managed an organization’s success can be sustained. Creating lasting relationships with suppliers and other interested parties entails that the organization has to strike a balance between short-term financial gains and long-term, mutually beneficial strategies.
The above principles form the basis for the ISO 9000 suite of quality standards, including ISO 9001:2015.
High Level Structure and “Plan-Do-Check Act”
ISO 9001:2015 is based on a structure provided by Annex L (originally called Annex SL, then renamed in 2019 as Annex L). Annex L provides the new high level structure for ISO management systems standards - it replaces the historical ISO Guide 83 and expands on the base structure already implemented. It has been created to introduce identical core text and common terms and definitions. This will: streamline standards, encourage standardization and ease the integration of management systems.
As a result of the new arrangement consisting of ten clauses, ISO 9001:2015 now has an identical structure to all standardized management systems, known as ‘High Level Structure’ (HLS). Therefore, the core elements of ISO 9001, ISO 14001, ISO 22301, ISO 45001 etc. are now the same. This has made it easier to integrate various combinations of ISO management systems. It is easy, for example, to see the common clauses of ISO 14001 and ISO 9001 during the implementation or auditing of the integrated management system of the two standards.
The clauses of ISO 9001:2015, according to the High Level Structure are as follows:
Clause 1 Scope
Clause 2 Normative References
Clause 3 Terms and Definitions
Clause 4 Context of the Organization
Clause 5 Leadership
Clause 6 Planning
Clause 7 Support
Clause 8 Operation
Clause 9 Performance Evaluation
Clause 10 Improvement
Clauses 4 to 10 are arranged according to the PDCA cycle (Plan, Do, Check, Act), as shown in the figure below:
Figure 1: The 10 Clauses of ISO 9001:2015 (Luc Marivoet - Pauwels Consulting 2019)
Clauses 4, 5, 6 and 7 of ISO 9001:2015 form the PLAN phase; clause 8 is in the DO phase; clause 9 comes under CHECK; and clause 10 is the ACT phase. This arrangement of clauses in ISO 9001:2015 according to the Plan-Do-Check-Act (PDCA) gives more emphasis on “Process Approach” and “Continuous Improvement”.
Context of the Organization
Determining the Context of the Organization, as required by clause 4 of ISO 9001:2015, is about determining both the internal and external issues and requirements that can impact the organization’s strategic objectives and the planning of its QMS. This includes identifying interested parties and their requirements. Interested parties are people or groups of people that provide significant risk to organizational sustainability if their needs and expectations are not met (ISO 9000:2015 2.2.4). Examples of interested parties include: Suppliers, Customers, Partners, Employees, Investors, Owners, Bankers, Regulatory bodies, Unions, Competitors, Society, Opposing pressure groups. Organizations are only required to take into consideration those interested parties that are relevant to their quality management system. Once those interested parties have been identified, their requirements are determined and a system to monitor or review their requirements is put in place.
To be ISO compliant, an organization should demonstrate that they are reviewing internal and external issues (context) at periodic intervals. This means that they need to define influences of various elements on the organization and how they reflect on the QMS. The Internal and External issues to be considered in the Context of the Organization Include:
External: cultural, social, political, regulatory, financial, economic, natural and competitive issues, whether international, national, regional or local.
Internal: organization’s activities, products, services, strategic direction and capabilities (people, knowledge, processes, systems).
There is no requirement to go beyond interested parties that are relevant to the quality management system. And in determining internal and external issues, one must consider the impact on the organization’s ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements; including the organization’s quest to increase customer satisfaction.
Internal and External Issues must be documented, including the processes used by the organization to identify them. Reference should be made to all objective evidence, including examples of these issues. This will indicate whether an organization has a high-level, conceptual understanding of its internal and external issues that affect it.
Risk-Based Approach
It is a requirement in ISO 9001:2015 to evaluate risk when establishing processes, controls and improvements in a Quality Management System.
In previous editions of ISO 9001, preventive action was a separate clause within the standard. By using risk-based thinking the consideration of risk is integral to the whole standard. Unlike its previous versions, ISO 9001:2015 is more proactive in that undesired effects are identified early, since preventive action is built-in when a management system is risk-based. ISO defines risk as anything that is produced that deviates from the predicted objectives. This means that risk can have a positive side.
It must be noted that the concept of risk is not limited to negative possibilities. An organization can use risk-based thinking to identify opportunities, which form the positive aspect of risk. In ISO 9001:2015 risks and opportunities are often considered together. An opportunity is a set of circumstances which provides possibilities for improvement or doing things better.
The concept of risk is found in clauses of ISO 9001:2015 covering the following areas:
Organizational context
Leadership
Planning
Operation
Performance evaluation
Improvement
What are the Benefits of ISO 9001?
ISO 9001:2015 has many benefits. The number of benefits will vary depending on the size and type of organization, and, of course, the type of industry. The following benefits are the most common for all organizations:
Increased revenue
Greater employee morale
International recognition
Factual approach to decision making
Better supplier relationships
Improved record keeping
Improved customer
Continuous
ISO 9001 Certification Process
The certification process for ISO 9001 is represented by the following 13 steps:
Management support – Management has to be convinced of the benefits of ISO 9001. Without the support of management, the implementation of ISO 9001 will almost certainly fail.
Identify requirements – The requirements are made up of customer requirements, as well as those of other stakeholders (interested parties).
Define scope – This includes all areas of the business to be covered by the quality management system (QMS) – departments, divisions, processes etc.
Define processes and procedures – All mandatory procedures need to be documented; including any other procedures deemed necessary by the organization, in order to ensure compliant products and services. The purpose of this step is to define all the processes in the organization and examine how they interact with one another – in line with the process approach.
Implement processes and procedures – Where processes are already in place in the organization, all that is required is to ensure they are documented according to the ISO 9001:2015 standard requirements. The standard does not require all processes to be documented procedures.
Training and awareness programs – All employees and managers in the organization should be made aware of the QMS and the importance of their contribution towards its performance.
Choose a certification body – It is important to choose the right certification body, since the certification body is the party that will, ultimately, audit the QMS and decide if it is compliant with ISO 9001 requirements, and whether it is effective and improving.
Operate the QMS / Measure the system – Collect all the records pertaining to the operation of processes as these will be required to perform internal audits prior to certification.
Conduct internal audits – Internal audits must be performed by the organization before the certification body can audit the new system.
Conduct management review – One of the ways management show commitment to the QMS is by carrying out a Management review. Management uses the performance evaluation data and internal audit reports from the operation of the QMS processes in order to allocate adequate resources and to ensure the QMS is effective and improving.
Corrective Action – Corrective action is taken on problems found during the measurements, internal audits and management review. The aim is to find the root cause of each problem – an important step toward improvement, and which is one of the cornerstones of a QMS.
Stage 1 certification audit – The objective of a Stage 1 Audit is to determine how ready an organization is for their Stage 2 Certification Audit. This includes: a review of documented information by the certification body auditors, evaluation of site-specific conditions, and discussions with personnel. At the end of the audit, the auditors will issue a report of their findings, and the organization will be given a chance to implement any corrective actions to address any problems highlighted in the report. This may take place in the window defined for the initial operation of the QMS.
Stage 2 certification audit – The Stage 2 Audit evaluates the implementation and effectiveness of the QMS. Certification body auditors will review records of internal audits, management review, corrective actions and any other relevant records accumulated by operating the QMS processes. If the Stage 2 audit is successful, the organization’s QMS will be certified. Any non-conformances or potential non-conformances highlighted in the report will have to be corrected before the certification can be issued.
It is essential to plan thoroughly when you decide to implement ISO 9001 and work toward certification. This will save the organization time and resources later on.
References
Pauwels Consulting. (2019). Insights. Important differences between ISO 9001:2015 and ISO 9001:2008. Available at: http://www.paulwelsconsulting.com/blog/
ETQ. (2017). what-does-risk-based-thinking-mean-within-the-new-iso-standards. Available at: http://www.etq.com/blog/
Hammar, M. Checklist-of-iso-9001-implementation-certification-steps. Available at: https://advisera.com/9001academy/knowledgebase [Accessed July 23rd 2021].
ASQ. (2021). What is ISO 9001:2015 – quality management systems. Available at https://asq.org/quality-resources/iso-9001
John Ruskin 2021, digital photograph, AZ Quotes, accessed July 27th 2021, <https://www.azquotes.com/quotes/topics/quality-management.html>.
This article will be very helpful to anyone who wants to learn about ISO 9001, and to prepare for certification in the same.
You may contact me directly for any of the following reasons:
1. Comments on the article
2. General questions concerning ISO 9001
3. Consultation in areas of Lean, TPS, Six Sigma and ISO 9001
4. ISO Corporate and Professional certifications.
About the Author
Andrew Salimu is an independent Consultant who works with organizations of all kinds to help them Improve their processes, improve productivity, and to implement ISO Standards. Andrew believes Process improvement and optimization are key for any organization to grow and remain profitable and competitive in today’s global economy. Andrew has various certifications, including Project Management, ISO Management Systems, Six Sigma, Lean, Digital Marketing, Strategic Management, Kaizen and Toyota Production System. He holds a BEng degree in Mechanical Engineering from The University of Birmingham, England.
E-mail: andrewsalimu@yahoo.com
Comments