ISO 9000 ISO 9001 ISO 9001:2000 ISO 9002 Requirements Standards Regulation Consultant Certification ISO 9000 Consultancy Company in Ambala Haryana Delhi India
Requirements
of ISO 9001:2000 (in brief) - Introduction
The
following analysis and comments on ISO 9001: 2000
are an interpretation and does not replace the Standard,
which must be the prime source document. The guidance
provided by notes in the clause requirements, and
ISO 9004 should also be read, to ensure that the specific
requirements of each clause are being met.
ISO
9000: 2000 and ISO 9004: 2000 are relevant reference
standards to understand the terminology and concepts
within ISO 9001: 2000, including the reference made
to the importance of the "8 Quality Principles"
included within it.
CLAUSE REQUIREMENTS
1.1
General
The standard is designed to apply to an organisation
that needs to consistently provide product that
meets customer and Regulatory requirements. It aims
to "enhance" customer satisfaction through
the organisation's QMS and processes for continual
improvement. This emphasis differs with the ISO
9001: 1994 standard which emphasises prevention
and aims to achieve customer satisfaction by preventing
non-conforming product.
1.2 Application
Exclusions are permitted within clause 7 provided
such exclusions do not affect the organisation's
ability to provide product that fulfils both customer
and regulatory requirements.
2) Normative references
Undated references to standards in ISO 9001: 2000
imply the latest versions should be applied.
3) Terms and definitions
ISO 9000 is an applicable reference for terms and
definitions, the terms "Organisation"
and "supplier" are defined.
4) Quality Management System
4.1 General requirements
The Quality Management System must focus on processes;
their interaction, control, resourcing, monitoring
and continual improvement.
4.2.1 Documentation, General
The Quality Management System documentation includes;
Quality Policy, Quality Objectives, Quality Manual,
Procedures, Documents for effective planning, operation
and control of processes and Quality Records.
4.2.2 Quality Manual
The Quality Manual must include a description of
the proposed scope and details of "exclusions"
(exclusions are limited to product realisation,
i.e. Clause 7 only, provided the exclusion does
not affect the ability to meet customer and regulatory
requirements). The Quality Manual must either include
or reference documentation and must provide a description
of the processes and their interaction, for example
a business process overview.
4.2.3 Control of documents
Documents required by the Quality Management System
must be controlled as specified in the standard,
these are typically documents that describe products/services
and describe how to undertake the processes e.g.
procedures and support documentation. A documented
procedure is required for controlling such documents.
4.2.4 Control of quality records
Quality records are also documents used to record
information, these must be controlled as specified
in the standard and there must be a documented procedure
as an addition to the 4.2.3 requirements.
5) Management responsibility
5.1 Management commitment
Top management commitment to the development, implementation
and continual improvement of the Quality Management
System is required. Top management has specific
responsibilities to communicate customer and Regulatory
requirements within the organisation and for establishing
the Quality Policy, Quality Objectives, Management
Reviews and Resourcing requirements.
5.2 Customer focus Determining customer requirements is a
top management responsibility with an aim at enhancing
customer satisfaction (Note: Clause 1.1 emphasis
is not as final as to "satisfy" customers
because of the enhancement of the "continual
improvement" concept within the standard).
Customer focus is also intended as a proactive process
rather than just reacting to a sale or contract.
Understanding customer needs will involve marketing
activities.
5.3 Quality policy
The Quality Policy set by top management must include
the specific requirements that provide a framework
to allow appropriate quality objectives to be set.
It is not to be a "vision" statement.
5.4.1 Quality objectives
Quality objectives must be set by top management
at all functions and levels (including for individuals
if applicable). A link with the Quality Policy should
be clear and objectives must be measurable.
5.4.2 Quality management system planning
Top management planning activities for the QMS must
be consistent with 4.1, i.e. must focus on processes,
and ensure that integrity of the QMS is retained
when changes occur.
5.5.1 Responsibility and authority
Top management must define and communicate responsibilities,
authorities and their inter-relation for the whole
organisation.
5.5.2 Management representative
The management representative must have responsibility
and authority for the establishment, implementation
and maintenance of processes needed for the QMS,
reporting to top management on QMS performance and
promotion of awareness of customer requirements.
5.5.3 Internal communication
Appropriate internal communication processes must
be established including those related to the effectiveness
of the QMS.
5.6.1 Management review, general
Management review by top management will include
assessing opportunities for improvement and need
for change of the QMS, Quality Policy and Quality
Objectives.
5.6.2 Review input
Management review input requirements are specified
and listed as regular requirements for consideration.
Input may be in the form of a report or a presentation.
5.6.3 Review output
Management review decisions and actions are required
on improvements for the QMS and processes, improvement
of product, on resource needs and suitability of
the QMS.
6) Resource Management
6.1 Provision of resources
Resources must be determined and provided to implement,
maintain and continually improve the QMS and to
enhance customer satisfaction.
6.2.1 Human resources
Personnel performing work affecting product quality
must be competent. This means that only competent
personnel must be assigned.
6.2.2 Competence
The competence required must be determined and training
provided (or other action taken). This means that
competence of personnel must be determined and compared
with competence requirements. The effectiveness
of training in achieving the competence required
must be evaluated.
6.3 Infrastructure
The facilities provided must be appropriate for
the achievement of product quality requirements.
6.4 Work environment
The work environment must be appropriate for the
achievement of product quality requirements.
7) Product realization
7.1 Planning of product realization
Note that the whole of Clause 7 is subject to permitted
exclusion but in practice Clause 7.3, design and
development will normally be the main consideration
for exclusion if the organisation does not have
a design and development capability.
Planning for product realisation requires consideration
of the processes involved. Product realisation planning
must determine the product quality requirements,
including inspection and testing needed, control
documentation needed, resources required and records
to be retained. Where design is involved, design
controls must be included in the planning activity.
7.2.1 Determination of requirements related
to products
Determining product requirements must include not
only customer specified requirements, but also the
unspecified/implied requirements expected from the
known state of the art. The organisation is responsible
for including Regulatory requirements in determining
product requirements.
7.2.2 Review of requirements related to
products
The capability to supply a product must be reviewed
before submission of a tender or accepting an order.
In limited cases where a review is not practical,
such as internet sales, the organisation can assume
that the publication of a catalogue or advertising
material will cover the review requirement before
acceptance of an order.
7.2.3 Customer communication
Communication arrangements with customers must be
established to ensure understanding of product and
contract requirements and facilitate feedback, including
complaints.
7.3 Design and development
The organisation must ensure that it has defined,
implemented and maintained the necessary design
and development processes to respond to customer
needs and expectations. The design process must
consider expectations of "other interested
parties" e.g. customers, suppliers, employees,
society in general. All factors that contribute
to meeting the expected product and process performance
must be considered. These factors include life cycle,
safety and health, usability and user friendliness,
durability, the environment including disposability.
These factors will contribute to the identification
of interested parties and their expectations.
7.4.1 Purchasing process
The type and extent of control applied to suppliers
must be dependent upon the effect of purchased product
on the product realisation. Organisations must determine
this significance. Criteria for selection, evaluation
and re-evaluation of suppliers must be established
and implemented. The evaluation and what product(s)
have been approved for supply must be recorded.
7.4.2 Purchasing information
The adequacy of purchasing information to describe
the product to be purchased must be reviewed before
communication to the supplier. The approval process
and technical competence of "approver"
should be considered.
7.4.3 Verification of purchased product
The inspection required for incoming purchased product
must be established and implemented. The extent
of this should be considered together with 7.4.1,
7.4.2 and any intended inspection at the supplier's
premises.
7.5.1 Control of production and service
provision
The planning and provision of production should
include 7.5.1 a) - f). Although "where applicable"
is added to this requirement and the exclusion limitation
applies to clause 7 as a whole, if the exclusion
of a sub-clause requirement a) - f) would adversely
affect the product it may not be excluded.
7.5.2 Validation of processes for production
and service provision
Validation of processes is now a more clearly specified
requirement where the resulting output cannot be
monitored or measured. Typical examples include
welding, soldering, sterilisation. The requirements
for validation and re-validation are now clearly
specified in a) - e).
7.5.3 Identification and traceability
The requirement for appropriate identification and
traceability allows an understanding of the status
of product and processes through monitoring, measurement
and unique identification. The identification and
traceability requirement for product and process
activities may also arise due to the need to meet
a number of additional criteria including Regulatory
requirements, control of hazardous materials, mitigation
of risks and product recall capability.
7.5.4 Customer property
The organisation must identify responsibilities
to protect the value of the customer's property
including items supplied by the customer to be subsequently
included in product, product supplied for repair,
packaging materials and documents such as customer
specifications and drawings. Intellectual property
provided by the customer is also included in this
requirement.
7.5.5 Preservation of product
Processes must be defined to prevent damage, deterioration
or misuse during internal processing and final delivery
of the product. Suppliers must be involved with
the organisation in determining effective processes
to protect purchased materials.
The
organisation should communicate to customers and
other interested parties, the information needed
to preserve the intended use of the product throughout
its life cycle against damage or misuse. The information
must consider any precautionary aspects arising
from the nature of the product.
7.6 Control of monitoring and measuring
devices
There are two main objectives for measuring and
monitoring. The first is to collect data to ensure
compliance, i.e. for products and for testing device
calibration. The second is to collect data on processes
as a means to enhance customer satisfaction.Measuring
and monitoring processes must be defined and implemented
to 'ensure satisfaction' of customers and interested
parties. Devices used for measurement and monitoring
must be fit for the intended use, including measurement
accuracy, and have calibration traceable to national
measurement standards.Measurement and monitoring
devices must be protected against invalid adjustment
and damage.If measurement and monitoring devices
are not found to meet performance requirements,
the organisation must take appropriate action on
the product affected and preclude the use of the
device. Where used in monitoring and measurement,
validation of computer software is a requirement.
8) Measurement, analysis and improvement
8.1 General
Measurement, monitoring, analysis and improvement
processes are required to demonstrate conformity
of product, ensure conformity of the Quality Management
System and continually improve the effectiveness
of the Quality Management System. Applicable statistical
methods and the extent of their use must be determined.
Data
must be collected as the basis for factual decision
making on the performance of products, capability
of processes, achievement of objectives and level
of customer satisfaction and of other interested parties.The
analysis of relevant data must be used at management
review.
A
list of considerations for measurement, analysis
and improvement are indicated in ISO 9004: 2000
with the objective of benefiting the organisation,
establishing priorities, improving product/process
performance and effectiveness and for measuring
customer satisfaction.
8.2.1 Customer satisfaction
Monitoring and measurement must include a measure
of customer perception of the fulfilled customer
requirements and a method for obtaining and using
this information must be determined.
8.2.2 Internal audit
Planned internal audits must be carried out to demonstrate
conformity to planned arrangements (clause 7.1),
ISO 9001: 2000 and the Quality Management System.
The audit scope, frequency and method must be defined.
An audit procedure is required. Action to eliminate
the cause of non-conformity
must be taken without undue delay and verification
action recorded.
ISO
10011/1 and 10011/2 apply for audit/auditor guidance.
The audit procedure must therefore include a requirement
for the collection of objective evidence and auditors
must be competent to determine the strengths and weaknesses
of the quality management system.
Improvement
action must be taken in response to internal audit
results. Internal audit planning should consider a
wide range of subjects, ref. ISO 9004: 2000.
8.2.3 Monitoring and measurement of processes
Monitoring and measurement of processes must be carried
out to demonstrate the ability of processes to achieve
planned results. This should provide information for
continual improvement and for achieving strategic
objectives and the needs of customers and interested
parties.
8.2.4 Monitoring and measurement of product
Monitoring and measurement of product characteristics
must be carried out in accordance with clause 7.1.
Evidence
of conformity to acceptance criteria is required before
release of the product by authorised personnel. When
selecting measurement methods for products, the organisation
must consider customer needs and expectations, needs
of interested parties and also opportunities for performance
improvement, including from inspection and test reports.
Interested
parties may include the people in the organisation,
investors, suppliers and partners, regulators and
the public.
8.3 Control of non-conforming product
Non-conforming product must be identified, segregated,
and controlled to prevent misuse. The organisation
must deal with non-conforming product by taking action
to eliminate the non-conformity and either obtain
authorisation for its use from the customer, or remove
it from the possibility of use.
Review
of the extent of non-conforming product should be
part of management review to consider reduction goals
and resource needs.
People
carrying out the product non-conformity review and
making the decision on disposition must have the competence
to evaluate the total effects and the authority to
agree the outcome and corrective action.
When
non-conforming product is corrected for subsequent
use it must be subjected to re-verification to demonstrate
conformity.
When
non-conforming product is detected after delivery,
appropriate action must be taken dependent on the
effects, e.g. recall. A procedure is required to describe
the process for controlling non-conforming product.
8.4 Analysis of data
The organisation must determine, collect and analyse
appropriate data to demonstrate the suitability and
effectiveness of the quality management system. This
must give information relating to customer satisfaction,
product conformity, trends in processes and suppliers.
Other data may be collected, such as success of performance
improvement objectives, economics of quality, market
related performance, benchmarking and competitiveness.
8.5.1 Continual improvement
Continual improvement of the Quality Management System
must be demonstrated through the use of the Quality
Policy, Quality Objectives, audit results, analysis
of data, corrective and preventive action and management
review.
8.5.2 Corrective action A procedure is required to define requirements
for reviewing non-conformities, determining their
cause, evaluating the need for action to eliminate
recurrence, determining and implementing action needed,
recording the results of action taken and reviewing
corrective action taken. Sources of potential information
for corrective action are listed in ISO 9004: 2000.
Note that prevention of recurrence of non-conformity
may involve competence assessment and training.
8.5.3 Preventive action
A procedure is required to define requirements for
determining potential non-conformities and their causes,
evaluating the need for action, determining and implementing
action, record results of action taken and review
of its effectiveness.
Quality
Management Principles
These
eight principles have been identified for use by
top management in order to lead an organisation
toward improved performance, and have been integrated
in the contents of ISO 9001:2000. They should, in
particular, be taken into account by Senior Management
when developing/reviewing Quality Policy and Objectives.
a)
Customer Focus
Organisations depend on their customers and therefore
should understand current and future customer needs,
should meet customer requirements and strive to exceed
customer expectations.
b) Leadership
Leaders establish unity of purpose and direction of
the organisation. They should create and maintain
the internal environment in which people can become
fully involved in achieving the organisation's objectives.
c) Involvement of people
People at all levels are the essence of an organisation
and their full involvement enables their abilities
to be used for the organisation's benefit.
d) Process approach
A desired result is achieved more efficiently when
activities and related resources are managed as a
process.
e) System approach to management
Identifying, understanding and managing interrelated
processes as a system contributes to the organisation's
effectiveness and efficiency in achieving its objectives.
f) Continual improvement
Continual improvement of the organisation's overall
performance should be a permanent objective of the
organisation.
g) Factual approach to decision making
Effective decisions are based on the analysis of data
and information.
h) Mutually beneficial supplier relationships
An organisation and its suppliers are interdependent
and a mutually beneficial relationship enhances the
ability of both to create value.
Successful
use of the eight management principles by an organisation
should result in benefits to interested parties, such
as improved monetary returns, the creation of value
and increased stability.
Quality Management Consultancy Organization with clients from Ambala, Kalka, Varanasi, Lucknow, Yamunanagar, Kanpur, Mandi, Zirakpur, Chandigarh, Patiala, Kaithal, All over India.
