ISO 9001 Standard / ISO 9001 Standards – ISO 9000 Standard / ISO 9000 Standards Certification & Implementation

ISO 9001:2008 Draft Changes

0.1 Changes here are a statement about whom and where the standard is including any statutory requirements and have the same scale as any customer or regulatory requirements. It’s also clarified that these requirements are restricted to those applicable to the product.

0.4 There is a comment that state that the new standard is made due consideration to ISO 14001:2004.

1.1 &1.2  Statutory requirements had been referred in connection with purchased products and product realization. Second note explains that a statutory requirement can be a legal requirement.

After so many years of auditions the long last debate had been settled. Statutory legal requirements and statutory requirements are obliged to the purchasing processes. It was always an open area that no one had the correct answer: is your supplier must follow the law or not? Apparently yes.

2Normative reference – the ISO 9000 is now replaced by ISO 9000:2005.

3The explanations about what is a customer and what is an organization and what is a supplier had been removed.

4.1 Clause a – The word “determine” is replacing the “identify”

A note had been added stating that a purchased processes are regarded as purchasing products and another note that demand that these processes would be controlled as far as products.

4.2.1 Slight change of words but when you examine the change you realize the meaning is the same.

Note 2 was changed – a single document may include requirements for more than one procedure and requirements of one procedure may appear in more than one document.

It’s about time. A lot of headaches are vowed to be save. If your audit was one of the old school and demanded everything by the book – now you may combine two quality procedures to one document: Job description and training for example or you can split one document into two. How ever it is suitable for you as long as you provide the requirements.

4.2.3 A clarification that external documentation is considered while it is part of the quality management system.

5.1 Clause a – the word “statutory” had been added.

5.5.2 An addition for a requirement that the management representative would be a member of the organization’s management.

That addition puts all external consultants at risk – you can no longer be the

management representative. That sets a whole new line of form and documentations for you to develop in order that the external consultants would be considered as a management representative.

6.2.2Clause b –”provide training or take other actions to satisfy these needs” changed to “where applicable training needs to be provided to achieve the necessary competence”

Clause c – you must ensure that the training is with competence rather than if it was an effective training.

It all goes back to defining .You defined what is necessary now you must provide it nothing is new.

On one hand it is an improvement. The training must be reviewed before. But I think it’s not such an improvement. Instead of testing your employees if they got anything of the training you must now check the training itself before.

6.3 Clause c – information systems are included.

6.4 A new note: noise, humidity, temperatures are part of a working environment.

7.1 Clause c – measurement had been added to the activities.

7.2.1

Clause a – change of words – not of the meaning.

Clause c – the word ‘applicable’ replaces ‘related’.

Clause d – change of words – not of meaning.

A note has been added to explain what is the meaning of “post delivery activities”.

7.3.1 A note had been added clarifying that design review, verification and

validation are separated processes but they might be conducted together.

7.3.3

A change of words.

A note had been added clarifying what is included in “preservation of product”.

7.5.3 A requirement added specifying that product traceability must be included throughout the product realization.

That actually means that the product must be identified not only on the shelves after or between, but also throughout the realization process. Is pacticable? Only time will tell…

7.5.4

A change of words in the requirement to inform the customer of any problem

regarding his property.

The note had been amended that also personal data is included as customer’s

property.

7.5.5

A change of words:

from “conformity of” to “in order to maintain conformity to requirements”.

7.6

A change of words: from “devices” to “equipment”.

The reference to paragraph 7.2.1 had been removed.

Clause c – from “be identified to enable the”

to ” identification to enable their”.

Changes in the notes:

Note 1 – the reference to ISO 100012-2 had been removed.

Note 3 – explanation about when configuration of computer must be applied when the computer is used for monitor and measurements processes.

That means that from now on a computers that provides any kind of measurements services is considered a monitoring and measuring device. How can one calibrate a computer? Ask the supplier or your system administrator. They will know better than anyone. But you would have to prove it has been done.

8.2.1

A note had been added to suggest some means of conducting customer satisfaction evaluation.

8.2.2

Requirements for the audit evidence and results had been added and also that the management is responsible for ensuring preventive and corrective action to be taken.

The reference to the ISO 10011 is changed to ISO 19011.

8.2.3

A change of words:

“to ensure conformity of the product” had been removed.

A note had been added to clarify that the organization should determine the type of the monitoring and measuring according to the processes and how will this affect the quality management system.

8.2.4

A change of word:

“maintain evidence of conformity with acceptance criteria” had been removed but it is still a requirement.

8.3

An addition Clause d – specify how to deal with a nonconforming product that was discovered after delivery – but actually there nothing new only that they moved it to a new clause.

ISO 9000 Process Based Auditing

Any effective quality management system (including the subsystems) works as a control process, which has the ability to detect deviations and nonconforming products and assures that the corrective and preventive action measures are effective. The regulatory auditor should check that all subsystems and processes of the quality management system are structured as self-regulating control processes. For example Deming’s PDCA cycle demonstrates such a process with the following components:

i) Plan – Has the manufacturer established the objectives and processes to enable the quality system to deliver the results in accordance with the regulatory requirements?

ii) Do – Has the manufacturer implemented the quality system and the processes?

iii) Check – Has the manufacturer checked process monitoring and measurement results against the objectives and the regulatory requirements? Does the manufacturer evaluate the effectiveness of the quality system periodically through internal audits and management reviews?

iv) Act – Has the manufacturer implemented effective corrective and preventive actions? Confirm that the company is committed to providing high quality safe and effective medical devices, and that the company is conforming with applicable laws and regulations.

The ISO 14000 series emerged primarily as a result of the Uruguay round of the GATT negotiations and the Rio Summit
on the Environment held in 1992. While GATT concentrates on the need to reduce non-tariff barriers to trade, the Rio
Summit generated a commitment to protection of the environment across the world. The environmental field has
seen a steady growth of national and regional standards.
The British Standards Institution has BS 7750, the Canadian Standards Association has environmental management,
auditing, eco-labeling and other standards, the European Union has all of these plus the eco-management and audit
requlations, and many other countries (e.g. USA, Germany and Japan) have introduced eco-labeling programs.
After the rapid acceptance of ISO 9000, and the increase of environmental standards around the world, ISO assessed
the need for international environmental management standards. They formed the Strategic Advisory Group on the
Environment (SAGE) in 1991, to consider whether such standards could serve to:
· Promote a common approach to environmental
· management similar to quality management
· Enhance organizations’ ability to attain and measure improvements in environmental performance; and
· Facilitate trade and remove trade barriers.

In 1992, SAGE’s recommendations created a new committee, TC 207, for international environmental management standards. The committee, and its subcommittees include representatives from industry, standards organizations, government and environmental organizations from many countries.
ISO 14004 and ISO 14001—were published in September and October 1996, respectively. The ISO 14000 family
consists of standards and guidelines relating to environmental management systems and supporting standards, terminology and specific tools, such as auditing.
Essentially, the standards are concerned with what an organization does to minimize harmful effects on the environment caused by its activities: either during production or disposal, either by pollution or by depleting natural resources.

History Of ISO 9001 Standards

Pre ISO 9000
During World War II, there were quality problems in many British industries such as munitions, where bombs were exploding in factories during assembly. The solution adopted to address these quality problems required factories to document their manufacturing procedures and to prove by record-keeping that the procedures were being followed. The standard was BS 5750, and it was known as a management standard because it specified not what to manufacture, but how the manufacturing process was to be managed. In 1987, the British Government persuaded the International Organization for Standardization (ISO) to adopt BS 5750 as an international standard. The international standard was named ISO 9000.

ISO 9000: 1987 Version
ISO 9000:1987 had the same structure as the British Standard BS 5750, with three ‘models’ for quality management systems, the selection of which was based on the scope of activities of the organisation:
• ISO 9001:1987 Model for quality assurance in design, development, production, installation, and servicing was for companies and organisations whose activities included the creation of new products
•ISO 9002:1987 Model for quality assurance in production, installation, and servicing had basically the same material as ISO 9001 but without covering the creation of new products.
•ISO 9003:1987 Model for quality assurance in final inspection and test covered only the final inspection of finished product, with no concern for how the product was produced.
ISO 9000:1987 was also influenced by existing U.S. and other Defense Standards (MIL SPECS), and so was well-suited to manufacturing. The emphasis tended to be placed on conformance with procedures rather than the overall process of management—which was likely the actual intent.

ISO 9000 Standards Document control procedures
The ISO 9000 Standards requires that a documented procedure be established to define the controls needed.

This requirement means that the methods for performing the various activities required to control different types of documents should be defined and documented.

Although the ISO 9000 standards implies that a single procedure is required, should you choose to produce several different procedures for handling the different types of documents it is doubtful that any auditor would deem this noncompliant. Where this might be questionable is in cases where there is no logical reason for such differences and where merging the procedures and settling on a best practice would improve efficiency and effectiveness.

Documents are recorded information and the purpose of the document control process is to firstly ensure the appropriate information is available where needed and secondly to prevent the inadvertent use of invalid
information. At each stage of the process are activities to be performed that may require documented procedures in order to ensure consistency and predictability. Procedures may not be necessary for each stage in the process.

Implementation of ISO 9000 affects the entire organization right from the start. If
pursued with total dedication, it results in ‘cultural transition’ to an atmosphere of
continuous improvement.
The process of implementing ISO 9000 depends on:
???? a. The sophistication of your existing quality program,
???? b. The size of your organization, and
???? c. The complexity of your process.

The 14 essential steps, briefly described below, are to be followed through in order to
implement ISO 9000 quality management system successfully.
Step 1: Top management commitment
Step 2: Establish implementation team
Step 3. Start ISO 9000 awareness programs
Step 4: Provide Training
Step 5. Conduct initial status survey
Step 6: Create a documented implementation plan
Step 7. Develop quality management system documentation
Step 8: Document control
Step 9. Implementation
Step 10. Internal quality audit
Step 11. Management review
Step 12. Pre-assessment audit
Step 13. Certification and registration
Step 14: Continual Improvement