KEY CONSIDERATIONS IN IMPLEMENTING ISO 9001 IN SMEs

KEY CONSIDERATIONS IN IMPLEMENTING ISO 9001 IN SMEs
There are many issues that must be addressed in moving the QMS from the initial state to the desired state. For example, all organizations implementing ISO 9001 will need to consider the unique culture within the organization, its size, and the resources available. Beyond those widely discussed points, three issues that merit particular attention are (1) consideration of the QMS as a parallel function, (2) training, and (3) auditing. Key points associated with these issues are discussed below.
Consideration of QMS as Parallel Function
In the case of all of the transitions depicted, real benefits from the QMS are more likely to be experienced if the QMS is implemented directly into the core structure of the organization. SMEs must be cautious against establishing a QMS that is run separately in parallel to its other systems. In SMEs, the parallel subsystem most commonly exhibits itself as a separate Quality Assurance, or in some cases, ISO 9001 department. Possible reasons for this may include the existence of rigid departmental boundaries in some SMEs or overemphasis on core activities. As Yauch and Steudel [10] note, SMEs tend to focus their attention on “…necessary routine activities (such as sales, production, shipping, etc.) rather than activities aimed at improving processes or systems.” If a SME insists on establishing a separate quality department, its level of effectiveness can be increased by embedding the QMS in widely-used organizational systems where practical. The integration is largely a function of how well the QMS manages to share information with other subsystems and its ability to align with the policies, norms, goals, and values in place throughout the organization.
Training
In SMEs, training and staff development is more likely to be ad hoc and small scale because of modest human and financial resources and the absence of a specific training budget. To prevent the problems arising from lack of education and training, two things must be done:
1. Education of Top Management: The centralization of decision-making processes within many SMEs means that the management can either be the main stumbling block to change or the main catalyst for change. Therefore, any approach to ISO 9001 implementation must involve considerable education for the top management of the organization to create awareness and understanding of the implementation process as a change initiative. Implementing a fully functional and documented QMS requires motivation by top management to appreciate, achieve, and implement the necessary measures to meet the standards’ criteria.
2. Education and Training of Employees: SMEs are often under pressure to quickly gain ISO 9001 registration. Meeting the requirements of the standard in a short period of time can prove a formidable obstacle for a small company. Since most SMEs do not possess the needed expertise internally, they may be inclined to hire external experts to provide the necessary technical expertise and manpower. However, having a functioning and documented QMS requires more than that. It requires ensuring that all employees in the organization clearly know what is expected of them and how they can contribute to the attainment of their organizations’ goals. This will likely require the preparation and implementation of a training plan tailored specifically to the unique characteristics and maturity level of the SME.
Auditing
As emphasized throughout the paper, a QMS is not going to produce the expected results unless it is fully functional. While auditing must therefore verify the existence of the necessary documentation, it must also focus on the functionality of the QMS. The measurement of the functionality and the qualitative and financial impacts of a QMS have been the subject of several studies, including Kaynak [11]. Among the categories used to measure functionality and performance improvement, two are particularly noteworthy for our purposes: management commitment and employee involvement. A QMS cannot be functional in the absence of those two characteristics. Therefore, as a minimum, internal and external auditors should continually verify top management’s commitment to increased company-wide quality awareness and improvement in addition to employee involvement in the design, implementation, operation, and improvement of quality related processes and procedures.

IMPLEMENTATION GUIDANCE FOR ISO 9001:2008

IMPLEMENTATION GUIDANCE FOR ISO 9001:2008
This Implementation Guidance has been developed to assist users in understanding the issues that need to be considered during the co-existence period between ISO 9001:2000 and ISO 9001:2008.
While the changes between ISO 9001:2000 and ISO 9001:2008 are expected to have a limited impact on users, some arrangements regarding implementation are needed.
Note: To reflect the limited scope of the changes the term “implementation” is now being used to make a clear distinction with the former “transition” from ISO 9001:1994 to ISO 9001:2000, when there were significant changes throughout the standard.
A wide diffusion of this implementation guidance is recommended, in particular the comparison table between ISO 9001:2008 and ISO 9001:2000, given in Annex B to ISO 9001:2008.
ISO 9001:2008 has been developed in order to introduce clarifications to the existing requirements of ISO 9001:2000 and to improve compatibility with ISO 14001:2004. ISO 9001:2008 does not introduce additional requirements nor does it change the intent of the ISO 9001:2000 standard.
Certification to ISO 9001:2008 is not an “upgrade”, and organizations that are certified to ISO 9001:2000 should be afforded the same status as those who have already received a new certificate to ISO 9001:2008 No new requirements were introduced in this edition but, in order to benefit from the clarifications of ISO 9001:2008, users of the former version will need to take into consideration whether the clarifications introduced have an impact on their current interpretation of ISO 9001:2000, as changes may be necessary to their QMS In order to assist organizations to have a full understanding of the new ISO 9001:2008, it may be useful to have an insight on the revision process, how this revision reflects the inputs received from users of the standard, and the consideration given to benefits and impacts during its development.
Prior to the commencement of a revision (or amendment) to a management system standard, ISO/Guide 72:2001 Guidelines for the justification and development of management system standards recommends that a “Justification Study” is prepared to present a case for the proposed project and that it outlines details of the data and inputs used to support its arguments. In relation to the development of ISO 9001:2008 user needs were identified from the following:
- the results of a formal “Systematic Review” on ISO 9001:2000 that was performed by the members of ISO/TC 176/SC2 during 2003-2004
- feedback from the ISO/TC 176/Working Group on “Interpretations”
- the results of an extensive worldwide “User Feedback Survey on ISO 9001 and ISO 9004″ by ISO/TC 176/SC 2/WG 18 and similar national surveys.
The Justification Study identified the need for an amendment, provided that the impact on users would be limited and that changes would only be introduced when there were clear benefits to users.
The key focuses of the ISO 9001:2008 amendment were to enhance the clarity of ISO 9001:2000 and to enhance its compatibility with ISO14001:2004.
A tool for assessing the impacts versus benefits for proposed changes was created to assist the drafters of the amendment in deciding which changes should be included, and to assist in the verification of drafts against the identified user needs. The following decision making principles were applied:
1) No changes with high impact would be incorporated into the standard;
2) Changes with medium impact would only be incorporated when they provided a correspondingly medium or high benefit to users of the standard;
3) Even where a change was low impact, it had to be justified by the benefits it delivered to users, before being incorporated.
The changes incorporated in this ISO 9001:2008 edition were classified in terms of impact into the following categories:
- No changes or minimum changes on user documents, including records
- No changes or minimum changes to existing processes of the organization
- No additional training required or minimal training required
- No effects on current certifications
The benefits identified for the ISO 9001:2008 edition fall into the following categories:
- Provides clarity
- Increases compatibility with ISO 14001.
- Maintains consistency with ISO 9000 family of standards.
- Improves translatability.

Role of Governments in ISO 14001 Standards

Role of Governments in ISO 14001 Standards
Although ISO 14001 is a set of voluntary standards that individual companies may or may not choose to adopt, governments can clearly have a role in providing information, establishing the necessary framework and infrastructure, and, in some cases, helping companies to develop thebasic capabilities to adopt ISO 14001. There are wo particular areas in which government action would be useful:(a) providing information on he sectors and markets where ISO 14001 certification s a significant issue and assisting sector rganizations to develop appropriate responses, and(b) helping to establish a certification framework, ased on strengthening national standards organizations and encouraging competitive private sector provision of auditing and certificationservices. At present, the World Bank is having discussions with a number of countries about how assistance could be provided with these issues.
Governments should see EMS approaches as part of a broad environmental strategy that includes regulatory systems, appropriate financial incentives, and encouragement of improved industrial performance. Such encouragement can really only be effective where there is cooperation at the government level between the relevant departments, including industry and trade, as well as environment. There is a growing interest in integrating environmental management issues into productivity or competitiveness centers designed to promote SME performance, but little information exists on experience to date.

ISO 14001:2004 Standards Contents

ISO 14001:2004 Standards
ISO 14000 is a series of international standards on environmental management. It provides a framework for the development of an environmental management system and the supporting audit programme.
The main thrust for its development came as a result of the Rio Summit on the Environment held in 1992.
ISO 14000 is an Environmental Management System (EMS), which requires that an organization consider the environmental aspects of its products and services.
Iso14000 approach forces you to take a hard look at all areas of your business that has an environmental impact.
Iso14000 is the world’s first series of Internationally accepted Standards for Environmental Management Systems (EMS).
Iso14000 elevates Environmental Management to a Strategic Level that can be applied to any organization, from any industry, anywhere in the world.
ISO 14000 is a series of voluntary standards and guideline reference documents.
The part of the overall management system that includes organizational structure, planning activities, responsibilities, practices, procedures, processes and resources for developing, implementing, achieving, reviewing and maintaining the environmental policy.
Iso14000 is the world’s first series of Internationally accepted Standards for Environmental Management Systems (EMS).
Iso14000 elevates Environmental Management to a Strategic Level that can be applied to any organization, from any industry, anywhere in the world.
ISO 14000 is a series of voluntary standards and guideline reference documents.
The part of the overall management system that includes organizational structure, planning activities, responsibilities, practices, procedures, processes and resources for developing, implementing, achieving, reviewing and maintaining the environmental policy.
ISO 14000 is an Environmental Management System (EMS) who’s purpose is:
· A management commitment to pollution prevention.
· An understanding of the environmental impacts (reducing) of an organization’s activities.
A commitment (pollution prevention) to employees, neighbors and customers
ISO 14001 is the corner stone standard of the ISO 14000 series. It specifies a framework of control for an Environmental Management System against which an organization can be certified by a third party.
The environment cannot be protected by our convictions or goodwill alone. Efforts to protect the environment must be planned, coordinated and organized into a system, such as ISO 14001.
ISO14001 requires an Environmental Policy to be in existence within the organisation, fully supported by senior management, and outlining the policies of the company, not only to the staff but to the public. The policy needs to clarify compliance with Environmental Legislation that may effect the organization and stress a commitment to continuous improvement. Emphasis has been placed on policy as this provides the direction for the remainder of the Management System.
Those companies who have witnessed ISO9000 Assessments will know that the policy is frequently discussed during the assessment, many staff are asked if they understand or are aware of the policy, and any problems associated with the policy are seldom serious. The Environmental Policy is different, this provides the initial foundation and direction for the Management System and will be more stringently reviewed than a similar ISO9000 policy. The statement must be publicised in non-technical language so that it can be understood by the majority of readers. It should relate to the sites within the organisation encompassed by the Management System, it should provide an overview of the company’s activities on the site and a description of those activities. A clear picture of the company’s operations.
The preparatory review and definition of the organization’s environmental effects is not part of a ISO14001 Assessment, however examination of this data will provide an external audit with a wealth of information on the methods adopted by the company. The preparatory review itself should be comprehensive in consideration of input processes and output at the site. This review should be designed to identify all relevant environmental aspects that may arise from existence on the site. These may relate to current operations, they may relate to future, perhaps even unplanned future activities, and they will certainly relate to the activities performed on site in the past (i.e. contamination of land).
The initial or preparatory review will also include a wide-ranging consideration of the legislation which may effect the site, whether it is currently being complied with, and perhaps even whether copies of the legislation are available. Many of the environmental assessments undertaken already have highlighted that companies are often unaware of ALL of the legislation that affects them, and being unaware, are often not meeting the requirements of that legislation.
The company will declare its primary environmental objectives, those that can have most environmental impact. In order to gain most benefit these will become the primary areas of consideration within the improvement process, and the company’s environmental program. The program will be the plan to achieve specific goals or targets along the route to a specific goal and describe the means to reach those objectives such that they are real and achievable. The Environmental Management System provides further detail on the environmental program. The EMS establishes procedures, work instructions and controls to ensure that implementation of the policy and achievement of the targets can become a reality. Communication is a vital factor, enabling people in the organisation to be aware of their responsibilities, aware of the objectives of the scheme, and able to contribute to its success.
As with ISO9000 the Environmental Management System requires a planned comprehensive periodic audit of the Environmental Management System to ensure that it is effective in operation, is meeting specified goals, and the system continues to perform in accordance with relevant regulations and standards. The audits are designed to provide additional information in order to exercise effective management of the system, providing information on practices which differ to the current procedures or offer an opportunity for improvement.
In addition to audit, there is a requirement for Management Review of the system to ensure that it is suitable (for the organization and the objectives) and effective in operation. The management review is the ideal forum to make decisions on howe to improve for the future.
The newly revised ISO 14001:2004 specifies the requirements for an environmental management system (EMS), which provides a framework for an organization to control the environmental impacts of its activities, products and services, and to continually improve its environmental performance. It applies to those environmental aspects which the organization can control and over which it can be expected to have an influence. It does not itself state specific environmental performance criteria. ISO 14001:2004 is applicable to any organization that wishes to:
· implement, maintain and improve an environmental management system
· assure itself of its conformance with its stated environmental policy
· demonstrate such conformance to others
· seek certification/registration of its environmental management system by an external organization
· make a self-determination and self-declaration of conformance with this international standard.
All the requirements in this standard can be incorporated into any environmental management system. Having been revised, the improved ISO 14001 is now expected to bring the benefits of implementing an EMS to more businesses than ever. The standard is now easier to understand and use and has more detailed checklists for inputs and outputs from the management review and has increased compatibility to ISO 9001. Organizations who are currently registered to ISO 14001:1996 will have an 18-month transition period to register to ISO 14001:2004.

ISO 9001:2008 Requirements – Management Responsibility

ISO 9001:2008 Requirements - Management Responsibility
All requirements in clause 5 are the responsibility of top management.
5.1 Management Commitment
Provide evidence of management commitment to develop and implement the quality management system, as well as, continually improve its effectiveness by:? Expressing the importance of meeting requirements? Establishing the quality policy and quality objectives? Conducting management reviews? Ensuring the availability of necessary resources
5.2 Customer FocusEnsure customer requirements are determined and met in order to improve customer satisfaction.
5.3 Quality Policy
Ensure the quality policy is:? Appropriate to the purpose of the organization? Focused on meeting requirements and continual improvement? Used as a framework for quality objectives? Communicated and understood at appropriate levels? Reviewed for continuing suitability
5.4 Planning
5.4.1 Quality Objectives
Ensure quality objectives, including those needed to meet product requirements, are established at the relevant functions and levels within the organization. Ensure quality objectives are measurable and consistent with the quality policy.
5.4.2 Quality Management System Planning
Ensure that planning for the quality management system:? Meets the general requirements (4.1), as well as, quality objectives (5.4.1)? Maintains the system integrity when changes are planned and implemented5.5 Responsibility, Authority, and Communication
5.5.1 Responsibility and Authority
Ensure responsibilities and authorities are defined and communicated within the organization.
5.5.2 Management Representative
Appoint a member of your management who, irrespective of other duties, has the responsibility and authority to:? Ensure the needed processes are established, implemented, and maintained? Report to top management on quality management system performance? Report to top management on any need for improvement? Ensuring the promotion of awareness of customer requirements
NOTE: The responsibility of a management representative can include being the liaison with external parties on matters relating to the quality management system.
5.5.3 Internal Communication
Ensure the appropriate communication processes are established and carried out within the organization regarding the effectiveness of the system.
5.6 Management Review
5.6.1 General
Review the quality management system at planned intervals to:? Ensure a suitable, adequate, and effective system? Assess possible opportunities for improvement? Evaluate the need for any changes to the system? Consider the need for changes to the quality policy and objectivesMaintain records of the management reviews.
5.6.2 Review Input
Inputs for management review must include information on:? Results of audits? Customer feedback? Process performance and product conformity? Status of preventive and corrective actions? Follow-up actions from earlier reviews? Changes that could affect the quality system? Recommendations for improvement
5.6.3 Review Output
Outputs from the management review must include any decisions and actions related to:? Improvement of the effectiveness of the quality management system and its processes? Improvement of product related to customer requirements? Resource needs

Update on ISO 9001:2008

Update on ISO 9001:2008

Following a recent meeting of ISO’s Technical Committee TC176 in Helsinki, Finland, from June
11 – 15t, 2007, publication of the new version of ISO 9001 has been brought forward from 2009
and is now scheduled to be published in October 2008. Experts representing over 70 ISO member
bodies, met to discuss the comments received during circulation of the Committee Draft (”CD”) of
the new standard, and concluded that in view of the very limited changes being proposed, the draft
is now sufficiently mature to progress directly to the DIS (Draft International Standard).
The main changes being introduced into the new standard are as follows:
Clause 0.2 (Process approach)
Text added to emphasize the importance of processes being capable of achieving desired outputs
Clause 1.1 (Scope)
Clarification that “product” also includes intermediate product
Explanation regarding statutory, regulatory and legal requirements
Clause 4.1 (General requirements)
Notes added to explain more about outsourcing
Types of control that may be applied to outsourced processes
Relationship to clause 7.4 (Purchasing)
Clarification that outsourced processes are still responsibility of the organization and must be
included in the quality management system
Clause 4.2.1 (Documentation)
Clarification that QMS documentation also includes records
Documents required by the standard may be combined
ISO 9001 requirements may be covered by more than one documented procedure
Clause 4.2.3 (Document control)
Clarification that only external documents relevant to the QMS need to be controlled
Clause 4.2.4 (Records control)
Editorial changes only (better alignment with ISO 14001)
Clause 5.5.2 (Management rep)
Clarifies that this must be a member of the organization’s own management
Clause 6.2.1 (Human resources)
Clarification that competence requirements are relevant for any personnel who are involved in the
operation of the quality management system
Clause 6.3 (Infrastructure)
Includes information systems as example
Clause 6.4 (Work environment)
Clarifies that this includes conditions under which work is performed and includes, for example
physical, environmental and other factors such as noise, temperature, humidity, lighting, or weather
Clause 7.2.1 (Customer related processes)
Clarifies that post-delivery activities may include:
- Actions under warranty provisions
- Contractual obligations such as maintenance services
- Supplementary services such as recycling or final disposal
Clause 7.3.1 (Design & development planning)
Clarifies that design and development review, verification and validation have distinct purposes
These may be conducted and recorded separately or in any combination as suitable for the product
and the organization
Clause 7.3.3(Design & development outputs)
Clarifies that information needed for production and service provision includes preservation of the product
Clause 7.5.4 (Customer property)
Explains that both intellectual property and personal data should be considered as customer property
Clause 7.6 (Now retitled Control of Monitoring and Measuring equipment)
Explanatory notes added regarding the use of computer software: “Confirmation of the ability of computer software to satisfy the intended application would typically include its verification and configuration management to maintain its suitability for use.”
Clause 8.2.1 (Customer satisfaction)
Note added to explain that monitoring of customer perception may include input from sources such as customer satisfaction surveys, customer data on delivered product quality, user opinion surveys, lost business analysis, compliments, and dealer reports
Clause 8.2.3 (Monitoring / Measurement of process)
Note added to clarify that when deciding on appropriate methods, the organization should consider impact on the conformity to product requirements and on the effectiveness of the quality management system.

Goal and Scope of an ISO 9000 quality system

Goal and Scope of an ISO 9000 quality system

The ISO 9000 Standard states its goal in two blunt words: customer satisfaction.How do we achieve customer satisfaction? By meeting customer requirements.The quality management system (QMS) helps us to dothis by:
a. Applying the system. Actually using it. Putting it at the heart ofour organization.b. Continually improving the system. The QMS is never done. Afterall, customer requirements do not stand still—they evolve and grow tougher.So we have to improve continually in order to survive.
(The guidance document, ISO 9004: 2000, sets a compatibleand in some respects more ambitious goal: “improving theprocesses of an organization to enhance performance.”) Prevention of nonconformity. Prevention is the key term here: prevention,rather than detection. Quality management has longsince evolved away from the old “inspect quality in” approach.Prevention is cheaper, more effective, and more protective of thecustomer. Detection is also a different mindset. It requires a veryhigh degree of process orientation, upstream thinking, and relentlessanalysis.To what types of organizations does the Standard apply? Alltypes. The requirements “are generic and applicable to all organizations,regardless of type and size.” A compliant QMS can be implementedby any organization, producing any product or service,anywhere in the world.Within the organization, the impact of the requirements and theQMS are similarly broad. The Standard “applies to the activities of organizationsfrom the identification of customer requirements, throughall quality management system processes, to the achievement of customersatisfaction.” Every activity within the organization that impactsthe process of creating customer satisfaction is affected by therequirements of the Standard.