ISO 9001 Standard / ISO 9001 Standards – ISO 9000 Standard / ISO 9000 Standards Certification & Implementation

Role of Governments in ISO 14001 Standards

Although ISO 14001 is a set of voluntary standards that individual companies may or may not choose to adopt, governments can clearly have a role in providing information, establishing the necessary framework and infrastructure, and, in some cases, helping companies to develop the
basic capabilities to adopt ISO 14001. There are wo particular areas in which government action would be useful:
(a) providing information on he sectors and markets where ISO 14001 certification s a significant issue and assisting sector rganizations to develop appropriate responses, and
(b) helping to establish a certification framework, ased on strengthening national standards organizations and encouraging competitive private sector provision of auditing and certification
services. At present, the World Bank is having discussions with a number of countries about how assistance could be provided with these issues.

Governments should see EMS approaches as part of a broad environmental strategy that includes regulatory systems, appropriate financial incentives, and encouragement of improved industrial performance. Such encouragement can really only be effective where there is cooperation at the government level between the relevant departments, including industry and trade, as well as environment. There is a growing interest in integrating environmental management issues into productivity or competitiveness centers designed to promote SME performance, but little information exists on experience to date.

IMPLEMENTATION GUIDANCE FOR ISO 9001:2008

This Implementation Guidance has been developed to assist users in understanding the issues that need to be considered during the co-existence period between ISO 9001:2000 and ISO 9001:2008.

While the changes between ISO 9001:2000 and ISO 9001:2008 are expected to have a limited impact on users, some arrangements regarding implementation are needed.

Note: To reflect the limited scope of the changes the term “implementation” is now being used to make a clear distinction with the former “transition” from ISO 9001:1994 to ISO 9001:2000, when there were significant changes throughout the standard.

A wide diffusion of this implementation guidance is recommended, in particular the comparison table between ISO 9001:2008 and ISO 9001:2000, given in Annex B to ISO 9001:2008.

ISO 9001:2008 has been developed in order to introduce clarifications to the existing requirements of ISO 9001:2000 and to improve compatibility with ISO 14001:2004. ISO 9001:2008 does not introduce additional requirements nor does it change the intent of the ISO 9001:2000 standard.

Certification to ISO 9001:2008 is not an “upgrade”, and organizations that are certified to ISO 9001:2000 should be afforded the same status as those who have already received a new certificate to ISO 9001:2008 No new requirements were introduced in this edition but, in order to benefit from the clarifications of ISO 9001:2008, users of the former version will need to take into consideration whether the clarifications introduced have an impact on their current interpretation of ISO 9001:2000, as changes may be necessary to their QMS In order to assist organizations to have a full understanding of the new ISO 9001:2008, it may be useful to have an insight on the revision process, how this revision reflects the inputs received from users of the standard, and the consideration given to benefits and impacts during its development.

Prior to the commencement of a revision (or amendment) to a management system standard, ISO/Guide 72:2001 Guidelines for the justification and development of management system standards recommends that a “Justification Study” is prepared to present a case for the proposed project and that it outlines details of the data and inputs used to support its arguments. In relation to the development of ISO 9001:2008 user needs were identified from the following:

- the results of a formal “Systematic Review” on ISO 9001:2000 that was performed by the members of ISO/TC 176/SC2 during 2003-2004

- feedback from the ISO/TC 176/Working Group on “Interpretations”

- the results of an extensive worldwide “User Feedback Survey on ISO 9001 and ISO 9004″ by ISO/TC 176/SC 2/WG 18 and similar national surveys.

The Justification Study identified the need for an amendment, provided that the impact on users would be limited and that changes would only be introduced when there were clear benefits to users.

The key focuses of the ISO 9001:2008 amendment were to enhance the clarity of ISO 9001:2000 and to enhance its compatibility with ISO14001:2004.

A tool for assessing the impacts versus benefits for proposed changes was created to assist the drafters of the amendment in deciding which changes should be included, and to assist in the verification of drafts against the identified user needs. The following decision making principles were applied:

1) No changes with high impact would be incorporated into the standard;

2) Changes with medium impact would only be incorporated when they provided a correspondingly medium or high benefit to users of the standard;

3) Even where a change was low impact, it had to be justified by the benefits it delivered to users, before being incorporated.

The changes incorporated in this ISO 9001:2008 edition were classified in terms of impact into the following categories:

- No changes or minimum changes on user documents, including records

- No changes or minimum changes to existing processes of the organization

- No additional training required or minimal training required

- No effects on current certifications

The benefits identified for the ISO 9001:2008 edition fall into the following categories:

- Provides clarity

- Increases compatibility with ISO 14001.

- Maintains consistency with ISO 9000 family of standards.

- Improves translatability.

KEY CONSIDERATIONS IN IMPLEMENTING ISO 9001 IN SMEs

There are many issues that must be addressed in moving the QMS from the initial state to the desired state. For example, all organizations implementing ISO 9001 will need to consider the unique culture within the organization, its size, and the resources available. Beyond those widely discussed points, three issues that merit particular attention are (1) consideration of the QMS as a parallel function, (2) training, and (3) auditing. Key points associated with these issues are discussed below.

Consideration of QMS as Parallel Function

In the case of all of the transitions depicted, real benefits from the QMS are more likely to be experienced if the QMS is implemented directly into the core structure of the organization. SMEs must be cautious against establishing a QMS that is run separately in parallel to its other systems. In SMEs, the parallel subsystem most commonly exhibits itself as a separate Quality Assurance, or in some cases, ISO 9001 department. Possible reasons for this may include the existence of rigid departmental boundaries in some SMEs or overemphasis on core activities. As Yauch and Steudel [10] note, SMEs tend to focus their attention on “…necessary routine activities (such as sales, production, shipping, etc.) rather than activities aimed at improving processes or systems.” If a SME insists on establishing a separate quality department, its level of effectiveness can be increased by embedding the QMS in widely-used organizational systems where practical. The integration is largely a function of how well the QMS manages to share information with other subsystems and its ability to align with the policies, norms, goals, and values in place throughout the organization.

Training

In SMEs, training and staff development is more likely to be ad hoc and small scale because of modest human and financial resources and the absence of a specific training budget. To prevent the problems arising from lack of education and training, two things must be done:

1. Education of Top Management: The centralization of decision-making processes within many SMEs means that the management can either be the main stumbling block to change or the main catalyst for change. Therefore, any approach to ISO 9001 implementation must involve considerable education for the top management of the organization to create awareness and understanding of the implementation process as a change initiative. Implementing a fully functional and documented QMS requires motivation by top management to appreciate, achieve, and implement the necessary measures to meet the standards’ criteria.

2. Education and Training of Employees: SMEs are often under pressure to quickly gain ISO 9001 registration. Meeting the requirements of the standard in a short period of time can prove a formidable obstacle for a small company. Since most SMEs do not possess the needed expertise internally, they may be inclined to hire external experts to provide the necessary technical expertise and manpower. However, having a functioning and documented QMS requires more than that. It requires ensuring that all employees in the organization clearly know what is expected of them and how they can contribute to the attainment of their organizations’ goals. This will likely require the preparation and implementation of a training plan tailored specifically to the unique characteristics and maturity level of the SME.

Auditing

As emphasized throughout the paper, a QMS is not going to produce the expected results unless it is fully functional. While auditing must therefore verify the existence of the necessary documentation, it must also focus on the functionality of the QMS. The measurement of the functionality and the qualitative and financial impacts of a QMS have been the subject of several studies, including Kaynak [11]. Among the categories used to measure functionality and performance improvement, two are particularly noteworthy for our purposes: management commitment and employee involvement. A QMS cannot be functional in the absence of those two characteristics. Therefore, as a minimum, internal and external auditors should continually verify top management’s commitment to increased company-wide quality awareness and improvement in addition to employee involvement in the design, implementation, operation, and improvement of quality related processes and procedures.

ISO 14001:2004 Evaluation of compliance

This clause has been separated from 4.5.1 and includes two sub-clauses, as well as clarification and an addition to the ISO 14001:1996 standard. Included in Clause 4.5.1 of ISO 14001:1996 was a requirement for the organisation to periodically evaluate compliance with relevant (now applicable) environmental legislation and regulations. This requirement has been retained in Clause 4.5.2.1 of the revised standard. In Clause 4.5.2.2, ISO 14001:2004 includes evaluation of compliance with other requirements to which the organisation subscribes, which was not specifically required by ISO 14001:1996. This clarification also includes a requirement for records of periodic evaluations of compliance to be kept.

The UK-based Institute of Environmental Management and Assessment (IEMA) has published an opinion that this means that compliance against each and every piece of legislation / regulation relating to an organisation’s environmental aspects will need to be evaluated before it can be considered to be in conformity with ISO 14001: 2004; it will not be acceptable for organisations to claim that the periodic evaluation will be covered by their internal EMS audit program at some future date.

This has always been one of the most difficult issues in ISO 14001:2004, and organisations will need to review and revise their compliance procedures to ensure that they meet these new requirements.

Change In ISO 14001:2004 – Documentation

This clause has been updated to align it with ISO 19001:2004, but has not changed in intent. The listed EMS documentation now includes:

• the environmental policy,

• objectives and targets,

• a description of the scope of the EMS,

• a description of the main elements of the EMS and their interaction and reference to related documents, documents and records

• required by the standard, • documents and records determined by the organisation as necessary to ensure the effective planning, operation and control of processes that relate to the significant environmental aspects.

Formatting changes help align Clause 4.4.5 of ISO 14001:2004 with ISO 9001:2000. An additional clarification has been made to define records as a special type of document requiring control under Clause 4.5.4. A new addition to the requirements aims to ensure documents of external origin, (i.e. MSDS, permits) that are necessary to the system, are identified and their distribution is controlled.

Formatting changes help align Clause 4.4.5 of ISO 14001:2004 with ISO 9001:2000. An additional clarification has been made to define records as a special type of document requiring control under Clause 4.5.4. A new addition to the requirements aims to ensure documents of external origin, (i.e. MSDS, permits) that are necessary to the system, are identified and their distribution is controlled.

The revised standard requires documents required by the EMS and the standard to be controlled documents.

Note that “document” is included in the definitions, and includes its supporting medium which can be paper, magnetic, electronic or optical computer disc, photograph or master sample, or a combination thereof.

SUMMARY OF CHANGES TO ISO 14001:2004

ISO 14001:2004 aims to clarify the 1996 edition and align it more closely with the ISO 9001:2000 standard. Some clauses have not been modified for content but have been rewritten to align ISO 14001:2004 with the format, wording, and layout of ISO 9001:2000 and to enhance the compatibility between the two standards.

References in Annex A of the standard are aligned with the numbering in the standard for ease of use. Annex B of the standard identifies similarities and associations between ISO 9001:2000 and ISO 14001:2004.

An important change in wording throughout the revised standard appears in requirements that previously stated that an organisation shall “establish and maintain”; these have now been changed to “establish, implement and maintain”.

Throughout the standard the word “personnel” in the original standard is replaced with “persons working for or on behalf of the organisation” in the revised standard. This is included to ensure that external contractors and applicable suppliers are included under the requirements of certain clauses.

In developing, implementing and maintaining the organisation’s EMS, significant environmental aspects, applicable legal requirements and other requirements to which the organisation subscribes must be considered, and management must ensure the availability of resources.

There are additional paragraphs in the introduction, which generally cover:

• the aim of the ISO 14001:2004 standard is to enhance compatibility with ISO 9001:2000;

• alignment is improved between clause references and supporting Annexes. For example, 4.3.3 and A.3.3 both deal with objectives, targets and programme(s), and 4.5.5 and A.5.5 both deal with internal audit;

• an explanation of the Plan-Do-Check-Act (PDCA) model used in ISO 9001:2000;

• the use of the process approach is promoted in alignment with ISO 9001:2000;

• possible alignment and integration with other management systems is reviewed.

ISO 9001:2008 Documentation Requirements

ISO 9001:2008 clause 4.1 General requirements requires an organization to “establish, document, implement, and maintain a quality management system and continually improve its effectiveness in accordance with the requirements of this International Standard”

Clause 4.2.1 General explains that the quality management system documentation shall include:

documented statements of a quality policy and quality objectives;

a quality manual documented procedures required by this International Standard documents needed by the organization to ensure the effective planning, operation and control of its processes, and records required by this International Standard;

The notes after Clause 4.2 make it clear that where the standard specifically requires a “documented procedure”, the procedure has to be established, documented, implemented and maintained. It also emphasizes that the extent of the QMS documentation may differ from one organization to another due to:

the size of organization and type of activities;

the complexity of processes and their interactions, and

the competence of personnel.

All the documents that form part of the QMS have to be controlled in accordance with clause 4.2.3 of ISO 9001:2008, or, for the particular case of records, according to clause 4.2.4.

Guidance on Clause 4.2 of ISO 9001:2008

The following comments are intended to assist users of ISO 9001:2008 in understanding the intent of the general documentation requirements of the International Standard.

a) Documented statements of a quality policy and objectives:

Requirements for the quality policy are defined in clause 5.3 of ISO 9001:2008. The documented quality policy has to be controlled according to the requirements of clause 4.2.3.

Note: Organizations that are revising their quality policy for the first time, or in order to meet the amended requirements in ISO 9001:2008, should pay particular attention to clause 4.2.3 (c), (d) and (g).

Requirements for quality objectives are defined in clause 5.4.1 of ISO 9001:2008. These documented quality objectives are also subject to the document control requirements of clause 4.2.3.

b) Quality Manual:

Clause 4.2.2 of ISO 9001:2008 specifies the minimum content for a quality manual. The format and structure of the manual is a decision for each organization, and will depend on the organization’s size, culture and complexity. Some organizations may choose to use the quality manual for other purposes besides that of simply documenting the QMS

A small organization may find it appropriate to include the description of its entire QMS within a single manual, including all the documented procedures required by the standard.

Large, multi-national organizations may need several manuals at the global, national or regional level, and a more complex hierarchy of documentation.

The quality manual is a document that has to be controlled in accordance with the requirements of clause 4.2.3.

c) Documented procedures:

ISO 9001:2008 specifically requires the organization to have “documented procedures” for the following six activities:

4.2.3 Control of documents

4.2.4 Control of records

8.2.2 Internal audit

8.3 Control of nonconforming product

8.5.2 Corrective action

8.5.3 Preventive action

These documented procedures have to be controlled in accordance with the requirements of clause 4.2.3 Some organizations may find it convenient to combine the procedure for several activities into a single documented procedure (for example, corrective action and preventive action). Others may choose to document a given activity by using more than one documented procedure (for example, internal audits). Both are acceptable.

Some organizations (particularly larger organizations, or those with more complex processes) may require additional documented procedures (particularly those relating to product realization processes) to implement an effective QMS.

Other organizations may require additional procedures, but the size and/or culture of the organization could enable these to be effectively implemented without necessarily being documented. However, in order to demonstrate compliance with ISO 9001:2008, the organization has to be able to provide objective evidence (not necessarily documented) that its QMS has been effectively implemented.

d) Documents needed by the organization to ensure the effective planning, operation and control of its processes:

In order for an organization to demonstrate the effective implementation of its QMS, it may be necessary to develop documents other than documented procedures. However, the only documents specifically mentioned in ISO 9001:2008 are:

- Quality policy (clause 4.2.1.a)

- Quality objectives (clause 4.2.1.a)

- Quality manual (clause 4.2.1.b)

There are several requirements of ISO 9001:2008 where an organization could add value to its QMS and demonstrate conformity by the preparation of other documents, even though the standard does not specifically require them. Examples

may include:

- Process maps, process flow charts and/or process descriptions

- Organization charts

- Specifications

- Work and/or test instructions

- Documents containing internal communications

- Production schedules

- Approved supplier lists

- Test and inspection plans

- Quality plans

All such documents have to be controlled in accordance with the requirements of clause 4.2.3 and/or 4.2.4, as applicable

e) Records:

Examples of records specifically required by ISO 9001:2008 are presented in Annex B.

Organizations are free to develop other records that may be needed to demonstrate conformity of their processes, products and quality management system.

Requirements for the control of records are different from those for other documents, and all records have to be controlled according to those of clause 4.2.4 of ISO 9001:2008.

Demonstrating conformity with ISO 9001:2008

For organizations wishing to demonstrate conformity with the requirements of ISO 9001:2008, for the purposes of certification/registration, contractual, or other reasons, it is important to remember the need to provide evidence of the effective implementation of the QMS.

The Benefits To Integrate ISO 14001:2004 and ISO 9001:2008

Reduce the time and cost of implementing the new specification by acquiring a concise, yet thorough understanding the scope of ISO 14001:2004 and key terms.

Avoid spinning your wheels by learning precisely which modifications and additions to ISO 14001:2004 require your attention for compliance with ISO 9001:2008.

Get a quick handle, through hands-on activities, on the environmental aspects of ISO 14001:2004, including how to:
- Develop an environmental policy statement appropriate for your company
- Integrate processes for identifying environmental aspects and impacts
- Identify environmental objectives, set related targets, and establish programs for achieving results
- Integrate environmental responsibilities and authorities into a management system
- Outline an environmental awareness and training program
- Establish environmental metrics and indicators for monitoring performance
- Integrate requirements on non-conformance and corrective and preventive actions into your existing system
- Understand the purpose and scope of the environmental management review
- Integrate document control requirements of ISO 14001:2004 into your current system
- Identify those operations that need to be controlled under EMS and identify emergency operations and contingencies that must be considered as part of EMS

Get off to a running start by learning to use a versatile prioritization matrix to identify and prioritize significant environmental aspects and impacts.

Optimize understanding and retention with the Plexus Learning Model
- Multiple learning channels through lecture, coaching, group activities, innovative learning exercises and case studies.
- Hands-on insights. Lecturing is minimized so learning is maximized.
- Learn by doing. Connect the lessons learned to your real world by using your current circumstances as examples for activities.