CERTIFICATION
DEVELOPING ISO QMS FOR CERTIFICATION
The ISO 9000 standards originally were intended to be advisory in nature and to be used for two-party contractual
situations (between a customer and supplier) and for internal auditing. However, they quickly evolved into criteria for
companies who wished to certify their quality management or achieve registration through a third-party auditor,
usually a laboratory or some other accreditation agency (called a registrar). This process began in the United
Kingdom. Rather than a supplier being audited for compliance to the standards by each customer, the registrar
certifies the company, and this certification is accepted by all of the suppliers customers.
The registration process includes document review by the registrar of the quality system documents or quality
manual; pre-assessment, which identifies potential noncompliance in the quality system or in the documentation;
assessment by a team of two or three auditors of the quality system and its documentation; and surveillance, or
periodic re-audits to verify conformity with the practices and systems registered. During the assessment, auditors
might ask such question as (using management responsibility as an example): Does a documented policy on quality
exist? Have job descriptions for people who manage or perform work affecting quality been documented? Are
descriptions of functions that affect quality been documented? Are descriptions of functions that affect quality
available? Has management designated a person or group with the authority to prevent nonconformities in products,
identify and record quality problems, and recommend solutions? What means are used to verify the solutions?
Re-certification is required every three years. Individual sites not entire companies must achieve registration
individually. All costs are borne by the applicant, so the process can be quite expensive.
The ISO 9000 development effort will benefit by having the following components: an executive-level steering
committee, a vision with the guiding principles, a set of broad objectives, baselines on employee and customer
satisfaction, an objective view of the organizations strengths and weaknesses, and an indication of which employees
at all levels can be counted on for support during the implementation. In addition, the organization will have a well
thought out means of communicating with employees and all other stakeholders to keep them apprised of the
changes taking place, why they are happening, and what they will mea to everyone.
The development and implementation of an organization's quality management system is influenced by its varying
needs, its particular objectives, the products it provides, and the processes it employs. It is not the purpose of this ISO
to imply uniformity of quality management systems.
The selection of the appropriate quality related processes described in this ISO Standard and the extent to which
these processes are adopted and applied by an organization depends upon factors such as its size and structure, the
market being served and the resources available.
To identify and meet the needs and expectations of its customers and other interested parties (i.e.
employees, suppliers, owners, society), to achieve competitive advantage, and to do this in an effective and efficient
manner;
Revenue (turnover), profits and market share; these may be increased by such aspects as leadership,
increased efficiency, improved employee performance, and employee and customer satisfaction;
Costs due to resources needed for business; inadequate resource funding is likely to cause losses and be a
Process approach
The ISO-9001(2000) Standard encourages the adoption of a process approach to quality management. Any activity
which receives inputs and converts them to outputs can be considered as a process. For organizations to function
effectively, they have to identify and manage numerous inter-linked processes. Often the output from one process will
directly form the input into the next process. The systematic identification and management of the processes
employed by an organization, and the interactions between such processes, may be referred to as the 'process
approach.
Following Figure is a conceptual illustration of one of the process approach. The model recognizes that customers
and other interested parties play a significant role in defining inputs. Monitoring the satisfaction of customers and
other interested parties is necessary to evaluate and validate whether the requirements of customers and other
interested parties have been met. This model does not reflect processes at a detailed level, but covers all the contents
of the ISO Standard.
The purpose of ISO 9001 is to define the minimum Quality Management System requirements needed to achieve
customer satisfaction by meeting specified product requirements. Compliance with ISO 9001 may be used by an
organization to demonstrate its capability to meet customer requirements.
Terms and definitions
For the purposes of this ISO 9001(2000) International Standard, the terms and definitions given in ISO 9000:2000,
are applied in following way.
Hardware,
Software,
Services,
Processed materials.
Most products are combinations of some of the four generic product categories.
Whether the combined product is then called hardware, processed material, software or service depends on the
dominant element.
Following is one of the model methodology which can be used to develop the documentation for QMS and to get
ready for certification by implementing clause by clause requirements (in the box) as given in ISO 9001(2000) as the
minimum requirement for certification and one can also take help from the guidelines given in ISO-9004(2000) as
presented below after the boxes.
1. Identify the processes needed for the quality management system and their application throughout the
organization;
3. Determine criteria and methods needed to ensure that both the operation and control of the processes are
effective;
4. Ensure the availability of resources and information necessary to support the operation and monitoring of
these processes;
6. Implement action necessary to achieve planned results and continual improvement these processes.
These processes shall be managed by the organization in accordance with the requirements of this International
Standard.
Where an organization chooses to outsource any process that affects product conformity with requirements, the
organization shall ensure control over such processes.
NOTE Processes needed for the quality management system referred to above should include processes for
management activities, provision of resources, product realization and measurement.
The quality management system of an organization is an important part of the overall management system.
Organizations should define their systems and the processes contained within them to enable the systems and
processes to be clearly understood, managed and improved. Management should ensure effective operation and
control of processes and the measures and data used to determine satisfactory performance. The management of
the organization should closely monitor the movement toward performance improvement. The activities and
processes that can lead to performance improvement should be described and defined by the management. In
general, to fulfill the requirements of ISO standard;
Fourth, Show and prove to an external auditor that work is really being done as was stated in the first place.
So what in terms of documentation required is a manual altogether in one volume to be called as ISO 9000 QMS
Manual or can be separated into following manuals:
2. A quality manual;
4. Documents needed by the organization to ensure the effective planning, operation and control
1. The scope of the quality management system, including details of and justification for any exclusion,
2. The documented procedures established for the quality management system, or reference to them, and
3. A description of the interaction between the processes of the quality management system.
Control of Documents
Documents required by the quality management system shall be controlled. Records are a special type of document
and shall be controlled according to the requirements.
3. to ensure that changes and the current revision status of documents are identified,
4. to ensure that relevant versions of applicable documents are available at points of use,
6. to ensure that documents of external origin are identified and their distribution controlled, and
7. to prevent the unintended use of obsolete documents, and to apply suitable identification to them if they are
Control of Records
Records shall be established and maintained to provide evidence o conformity to requirements and of the effective
operation of the quality management system. Records shall remain legible, readily identifiable and retrievable. A
documented procedure shall be established to define the controls needed for the identification, storage, protection,
retrieval, retention time and disposition of records.
Documentation control should be defined and implemented to ensure that correct documents arc used. All obsolete
documents should be promptly removed from all points of issue and use, or otherwise prevented from unintended
use.
Documents to be retained, and records of quality performance, should be controlled, maintained and protected.
The organization should ensure that sufficient records be maintained to demonstrate conformance to requirements
and verify effective operation of the quality management system. These records can also provide know1edge for
maintenance and improvement of the quality management system.
Quality records should be analyzed to provide inputs for corrective and preventive action, and process improvements.
Analysis of records may also provide information for use in the improvement of the Quality management system.