ISO quality management standards are designed to help organizations ensure that they meet the needs of their customers and other stakeholders while also meeting statutory and regulatory requirements related to their products and operations. ISO stands for the International Standards Organization whose headquarters are based in Geneva. It is made up of a group of 50+ member countries around the world with an aim to standardize the way we work and produce products or services. Standards are put in place to ensure organizations run smoothly to a pre-determined set of criteria, and to ensure the organization conforms to that criteria, and if not, the causative variations are recognized and corrected.
ISO develops International Standards but is not involved in their certification, and do not issue the certificates. ISO Certifications are carried out by an ‘Accredited external certification body’ (AECBs), whose job it is to ensure that the standard's criteria are met, and who in turn must conform to an auditor standard ISO 17021. These AECBs have been accredited by ISO to conduct ISO related programs including certification/registration in their respective jurisdictions.
The most common ISO certifications are ISO 9001 and ISO 14001. The ISO 9000 quality management standards make sure a company’s products and services meet customers' needs and are compliant for that purpose. As part of those standards criteria related to all work and operations associated with production are part of the certification review process.
From an ISO standpoint Quality refers to all of those features of a product (or service) which are required by the customer. Quality management means what the business does to ensure that its products or services satisfy the customer’s quality requirements, and how they comply with any regulations applicable to those products or services. Another aspect of ISO Quality Management takes into account how an organization goes about enhancing customer satisfaction, and achieving continual improvements in its performance.
The ISO 14000 environmental management standards focus on an improved environmental performance, this refers to what an organization does to minimize harmful effects on the environment caused by its activities, how it conforms to applicable regulatory requirements, and achieves continual improvement of its environmental performance.
While the ISO standards for quality management were developed with the expectation that it would become the global standard, its adoption has not been nearly as ‘universal’ as was anticipated. For example, in the United States only about 50,000 companies are ISO compliant and certified, in contrast to Great Britain, which is just slightly larger than the state of California, which has more than 70,000 ISO compliant companies. Worldwide about 1-million organizations have implemented ISO standards. And the trend in the United States is on the rise, more companies have sought to become ISO certified in the last 3 years than in the prior 10 years combined.
There are a number of reasons why a company would seek ISO certification. Government bodies and larger companies often require a company to hold appropriate ISO certification prior to negotiating new business. Maintaining an external ISO certification is not easy; it demonstrations a company's commitment to new objectives, better procedures, stability and continual improvement. Overwhelming evidence supports the fact that ISO certification does in fact improve quality both in production and of the finished product(s).
Both ISO 9001 and ISO 14001 are considered to be ‘generic standards’ which means they can be applied to any business, large or small, whatever its product(s) or service(s). These organizations can be from any business sector of activity and any type of business enterprise including both private and public entities. No matter what an organization’s scope of activity if it wants to establish a quality management system, ISO 9001 provides the fundamental standards by which to do so. If a business wants to establish an environmental management system, then ISO 14001 provides the essential standards by which to measure that system.
There is a lot of confusion about what ISO Standards really are, many people think they are standards that relate specifically to the product(s) or service(s) being produced. That is far from true, ISO standards are all about ‘process’ (the how the products or services come about) this is why they are appropriate for both product manufacturers and service providers. ISO 9001 gives the requirements for what a business must do to manage processes affecting quality of its products and services. ISO 14001 gives the requirements for what the organization must do to manage processes affecting the impact of its activities upon the environment.
ISO 9001 Process Flow
ISO compliance proceeds through a comprehensive audit process. These audits take many forms, first, second and third party audits, accredited audits & non-accredited audits. A qualified auditor will visit your company premises to assess management systems against the ISO Standards that you have in place. A full report will be made; this often consists of recommendations for improvement to help your company with its continuous improvement.
Implementation of ISO Standards and gaining ISO Certification can vary greatly depending on the size of a company and the level to which that company is already run in terms of processes and procedures. Some people are not aware that Certification is not a requirement of either ISO standard. Organizations can implement and benefit from ISO standards even without going through formal certification.
ISO Certification is usually undertaken for business reasons including contractual, regulatory or market requirements, customer preferences, risk management or production enhancement. The complexity of certification is really based upon what standard or standards a company needs; in some cases, these standards may depend upon specific clients or upon normalized standards for the type of business you operate, or products you produce. I should note that in some countries, ISO Certification is actually referred to as ISO Registration.
As mentioned a bit ago, the most common standards are based around ISO 9001, which, like some other standards, are changing and evolving every few years (while 2008 is the most applicable at current, the newest 2015 standards are just now being undertaken) meaning that even if you comply with the current version, you may very well have to comply with the newest version within a year or two (if not before) of its emergence.
Different ISO Certification bodies provide different periods of certification based upon the standards applied, and the products being produced or services being rendered. Some ISO certifications are for 10-years, others are for 3 years, and still others are only issues as an annual Certificate reflects ISO requirement compliance. But even though certifications may be issued for periods in excess of one year, organizations must still undergo an annual inspection and audit in order to remain compliant.
As the demand for higher quality production and products forces manufacturing organizations to ‘measure’, ‘document’ and ‘reform’ for purposes of production efficiency, so the same demands are being placed upon quality control and related quality control certification. This means, for many organizations, that if they are not already looking at implementing ISO Standards, they most probably will be within the next 10 years. What are you, as a trusted advisor to your manufacturing clients, doing about getting ready for ISO? If your client asks you, “what do you know about this ISO stuff, can you help me prepare for certification?”, how will you respond?
If you are interested in getting to know more about ISO, then see the ISO website.