Introduction to ISO Certification

Certification is a way to attest, by the intermediary of a third-party certifier, to a company’s ability to provide a service, product or system in accordance with client requirements and regulation requirements. ISO and IEC give the following definition:

 

Procedure by which a third party gives written assurance
that a product, process or service complies with the requirements
specified in a benchmark.The ISO 9000 family of standards corresponds to all the management best practices benchmarks as regards quality, which are defined by ISO (the International Organisation for Standardization).

ISO 9000 standards were originally written in 1987, with revisions taking place in 1994 and 2000. Thus, the 2000 version of the ISO 9001 standard, which is part of the ISO 9000 family, is written “ISO 9001:2000?. The ISO 9001:2000 standard mainly focuses on the processes used to produce a service or product, whereas the ISO 9001:1994 standard was mainly focused on the product itself. Here is an overview of all the different standards in the ISO 9000 family:

ISO 9000: “Quality Management Systems – Basic Principles and Vocabulary”. The ISO 9000 standard describes the principles of a quality management system and defines the terminology
ISO 9001: “Quality Management Systems – Requirements”. The ISO 9001 standard describes the requirements relative to a quality management system either for internal use or for contractual or certification purposes. Therefore, this standard is a group of requirements that companies must follow
ISO 9004: “Quality Management Systems – Guidelines for Improving Performance”. This standard, which is intended for internal use and not for contractual purposes, focuses particularly on continually improving performance
ISO 10011: “Guidelines for auditing quality management and/or environmental management systems”

Posted under ISO 9001 Standards by everise on Wednesday 30 September 2009 at 7:15 am

Business benefits of ISO 14000

Business Benefits Of ISO 14001

Any manager will try to avoid pollution that could cost the company a fine for infringing environmental legislation. But better managers will agree that doing only just enough to keep the company out of trouble with government inspectors is a rather weak and reactive approach to business in today’s increasingly environment-conscious world.

There is a better way. The ISO 14000 way. The ISO 14000 standards are practical tools for the manager who is not satisfied with mere compliance with legislation – which may be perceived as a cost of doing business. They’re for the proactive manager with the breadth of vision to understand that implementing a strategic approach can bring return on investment in environmentrelated measures. Implementing an ISO 14000-based
environmental management system, and using other tools from the ISO 14000 family,  will give you far more than just confidence that you are complying with legislation.

The ISO 14000 approach forces you to take a hard look at all areas where your business has an environmental impact. And this systematic approach can lead to benefits like the following:

a. Reduced cost of waste management
b. Savings in consumption of energy and materials
c. Lower distribution costs
d. Improved corporate image among regulators, customers and the public
e. Framework for continuous improvement of your environmental performance.

The manager who is “too busy managing the business” to listen to good sense
about environmental management could actually be costing the business plenty. Just think, for example, of the lost opportunities for achieving benefits like those above.

The ISO 14000 standards are management tools that will help your business
achieve environmental goals that go way beyond acquiring a mere “green sheen”.

Posted under ISO 14001 Standards by everise on Wednesday 30 September 2009 at 7:13 am

Requirements for Product Environmental Quality Assurance

All Mandatory Requirements for Product Environmental Quality Assurance need to be carried out in the following manner
1. Establish a system that meets all requirements
2. Ensure the system is stable and efficient.
3. Document the processes and procedures
4. Keep records of the system’s performance.

The assigned management of the supplier shall establish a system to prevent Banned
Substances from being used in the products and packaging.
(1) To determine policies and methods for ensuring Product Environment Quality.
(2) To assign a person to be in charge of managing Product Environment Quality
(“Product Environmental Quality Management Representative”)
(3) To establish an organization in managing Product Environment Quality,
determine responsibilities, authorities, roles of each department and familiarize all
members in each department with the importance of Product Environment Quality.
(4) To establish a “Cadmium-Free Factory”
(5) To review the adequacy and efficiency of the system.

Maintenance of the System
The supplier shall maintain the system in a condition to be able to respond to the
requests for Product Environment Quality and instruction letters to suppliers),
ensure the system is properly functioning.
(1) Plan and carry out an internal audit at least once a year.
(2) When Non-conforming Products or defects are found in the system, the supplier
shall conduct an internal audit immediately.
(3) The assigned management for Product Environment Products at the supplier
shall revise the system according to the results of the internal audit if necessary.

Documents, Data and Records
The supplier should manage documents, verification data related to Product
Environment Quality.
(1) Keep documents, verification data for three years or longer, if required by law.
(2) Provide documents and verification data when requested.
(3) Review the documents regularly and keep them updated instructions

Selection of Materials and Parts
The supplier has to comply with the following request when selecting material and parts.
(1) “No Use of Banned Substances Allowed” (or equal) must be mentioned in all
relevant documents (specifications, blueprints, purchase orders, etc)
(2) Materials must not contain any Banned Substances.
(3) Only purchase Designated Raw Materials from Green Partners.

Posted under ISO 14001 Standards by everise on Wednesday 30 September 2009 at 7:13 am

ISO 9000 Standards

ISO 9000 Standards

ISO 9000 is a written set of rules (a “Standard”) published by an international
standards writing body (International Organization for Standardization. The rules define practices that are universally recognized and accepted for assuring that organizations consistently understand and meet the needs of their customers.
ISO 9000 is also highly generic. Its principles can be applied to any organization providing any product or service anywhere in the world.
Since meeting customer needs is one of the (many) definitions of quality, ISO 9000 is often called a quality system or a quality management system. But the rules, referred to as requirements, go beyond quality matters as they are traditionally understood. The requirements fall roughly into the following types:

a.  Requirements that help assure that the organization’s output (whether product, service, or both) meets customer specifications. (Making, and keeping, them happy.)

b. Requirements that assure that the quality system is consistently implemented and verifiable. (We must actually do what we say we are supposed to do. This must be verifiable via independent, objective
audit.)

c.  Requirements for practices that measure the effectiveness of various
aspects of the system. (In God we trust; all others bring data.)

d. Requirements that support continuous improvement of the company’s
ability to meet customer needs. (We cannot sit still. We must strive to get better all the time, because customers change, and competitors gain strength.)

Nothing in ISO 9000 is new. The first edition, published by ISO in 1987, was drawn almost word for word from a British quality system standard. It in turn evolved from a long succession of written quality system specifications that had their ultimate origin in the defense and arms industries. Most of the practices required by ISO 9000 have been in use in industries of various kinds for decades. One intent of ISO 9000 is to simplify things for organizations. ISO 9000 strives to harmonize the sometimes conflicting, sometimes redundant quality programs that have traditionally been imposed by major corporations on their suppliers. (Note, however, that ISO 9000 is not meant to supersede customer, legal, or regulatory requirements.)

Very often, major customers require or strongly “suggest” that their suppliers implement ISO 9000 systems. Equally often, such customers require independent verification that suppliers are meeting the  equirements.

So third-party registration bodies  audit suppliers, confirm compliance to the ISO 9000 standard, and register the suppliers. It does not stop there. To stay registered, suppliers must undergo periodic (often semi-annual) surveillance audits, also carried out by their registration body.

Implementing an ISO 9000 quality system is neither cheap, nor easy. How costly and difficult it can be depends on:

a. The level of commitment of senior management. (The single most important factor.)

b. Where you are when you start. If you have already implemented a disciplined, documented quality system, you will have a less difficult time migrating to ISO 9000. (But that does not mean you will waltz to registration, either.)

c.  Whether your company (or any part of it) is “design responsible” or not.

d.  How much time you have. If you are under the customer’s gun and have merely months to get the job done, the process will be highly stressful.

e. The physical size and configuration of your company.

The bottom line is this. ISO 9000 is a comprehensive set of rules—a business system, really—that can cause the way your organization runs to profoundly change, almost always for the better. Yet, because it is often customer-mandated, many suppliers regard ISO 9000 as “just another hoop to jump through to keep our customers happy.”

They see their choice as swallow hard, pony up, and jump through the hoops; or walk away from the customer. What many do not fully appreciate is that implementing ISO 9000—expensive, exhausting, and annoying as it can be—can also have the salutary effect of improving the performance of your organization. Not just at first, but on an ongoing basis.

Posted under ISO 9001 Standards by everise on Wednesday 30 September 2009 at 7:12 am

REQUIREMENTS OF ISO 14001

REQUIREMENTS OF ISO 14001
In order to effectively implement and benefit from an ISO 14001 EMS, it is important to
have an understanding of the standard’s requirements. A quick review of the standard
shows that it is structured following the Plan, Do, Check, Improve philosophy of the
Total Quality Management movement, as follows: 

PLAN
4.2 Policy
4.3 Planning

DO
4.4 Implementation and Operation

CHECK
4.5 Checking and Corrective Action

IMPROVE
4.6 Management Review

Within these five elements are 17 sub-elements stating the various requirements.

4.2 Policy

4.3 Planning
4.3.1 Environmental Aspects
4.3.2 Legal and Other Requirements
4.3.3 Objectives and Targets
4.4.4 Environmental Management Programs

4.4 Implementation and Operation
4.4.1 Structure and Responsibility
4.4.2 Training Awareness and Competence
4.4.3 Communications
4.4.4 EMS Documentation
4.4.5 Document Control
4.4.6 Operation Control
4.4.7 Emergency Planning and Response 

4.5 Checking and Corrective Action
4.5.1 Monitoring and Measurement
4.5.2 Nonconformance, Corrective, and Preventive Action
4.5.3 Records
4.5.4 EMS Audit

4.6 Management Review

Within these 17 sub-elements are all of the requirements, or “shalls”, necessary to
conform to ISO 14001. There is no substitute for reading the standard in terms of
recognizing the requirements. As a matter of fact, no auditor should embark on an audit
without having easily available the criteria to which they are doing the audit. However,
below we briefly summarize the key points of the sub-elements. This summary is not
intended to be a replacement for ISO 14001, and should not be used exclusively as such
during an audit. 

Detailed Section by Section Summary

4.2 Policy
ISO 14001 requires that the organization have a policy statement to drive the EMS.
These tend to be short, one page or less documents, and simply affirm the commitments.
There is no expectation that specific details be noted in the policy. For example, the
commitment to pollution prevention can simply be stated saying, “we are committed to
prevention of pollution”. The policy must be clearly endorsed by top management and
be available to the public and employees. Although the availability to the public can be
rather passive; i.e. “is here if they want it”, there is an expectation that the employee
awareness is more proactive. Section 4.2 of ISO 14001 lists the other requirements of the
policy.

4.3.1 Environmental Aspects
This element requires a procedure that not only identifies the aspects and impacts, but
also provides for determination of significance, and keeping the information up to date.
ISO 14001 does not prescribe what aspects should be significant, or even how to
determine significance. However, it is expected the organization will develop a
consistent and verifiable process to do so.

4.3.2 Legal and Other Requirements
This is a requirement for a procedure that explains how the organization obtains
information regarding its legal and other requirements, and makes that information
known to key functions. This is not the assessment or compliance audit requirement, but
rather a more up front determination of requirements.

4.3.3 Objectives and Targets
There is no requirement for a procedure in this element, only that objectives and targets
be documented. It does require that certain items be considered in developing the
objectives, such as legal requirements and prevention of pollution. It is sometimes
easiest to develop a procedure anyway for this element to be able to verify these
considerations were made.

4.3.4 Environmental Management Programs (EMP)
EMPs are the detailed plans and programs explaining how the objectives and targets will
be accomplished. These EMPs usually note responsible personnel, milestones and dates,
and measurements of success. Noting monitoring and measurement parameters directly
in the EMP facilitates conforming to 4.5.1 on Monitoring and Measurement discussed
below.

4.4.1 Structure and Responsibility
ISO 14001 requires that the relevant management and accountability structure be defined
in this element. This usually takes the form of an organizational chart. Also, the
organization must denote the Management Representative who is responsible to oversee
the EMS and report to management on its operation.

4.4.2 Training Awareness and Competence
The key point in this element is that personnel must receive applicable training regarding
the EMS. Specific requirements are itemized in ISO 14001, and include general,
company-wide items such as knowing the policy, to more function-specific training on
aspects and emergency response. An organization usually responds to this element with a
training matrix, cross-referencing to training materials and records.

4.4.3 Communications
Procedures are required for both internal and external communications. Note that ISO
14001 only requires procedures, and allows the organization to decide for itself the
degree of openness and disclosure of information. Whatever the decision in terms of
disclosure, that decision process must be recorded.

4.4.4 EMS Documentation
This requirement is simply that the organization has documented the system in either
electronic or paper form such that it addresses the elements of the standard and provides
direction to related documentation. Not all ISO 14001-required procedures need to be
documented, as long as the system requirements can be verified.

4.4.5 Document Control.
Procedures are required to control documents, such as system procedures and work
instructions, and to ensure that current versions are distributed and obsolete versions are
removed from the system.

4.4.6 Operational Control
This element is the one which connects the EMS with the organization as a whole. Here,
the critical functions related to significant aspects and objectives and targets are identified
and procedures and work instructions created to ensure proper execution of activities.
Requirements for communicating applicable system requirements to contractors are also
addressed.

4.4.7 Emergency Planning and Response
Although typically addressed through conventional emergency response plans, this
element also requires that a process exist for identifying the potential emergencies, in
addition to planning and mitigating them. A linkage to the aspects analysis, where
impacts are assessed, is appropriate. Emergency incidents include those that may not be
regulated, but may still cause significant impact as defined by the organization.

4.5.1 Monitoring and Measurement
Procedures are required describing how the organization will monitor and measure key
parameters of operations. These parameters relate to the significant aspects, objectives
and targets and legal and regulatory compliance. In order to properly manage the system,
measurements must be taken of its performance to provide data for action. Responses to
this element usually cross reference to many other specific procedures and work
instructions describing measurement and equipment calibration. It is in this element that
we find the requirement for what is commonly referred to as a compliance audit.

4.5.2 Nonconformance, Corrective, and Preventive Action
This element requires procedures for acting on Non-conformances identified in the system,
including corrective and preventive action. Non-conformances may be identified through
audits, monitoring and measurement, and communications. The intent is to correct the
system flaws. Typically, Corrective Action Report (CAR) forms are the norm, noting the
nonconformance, the suggested fix, and closure of the action when completed. Note that
this requirement does not imply in any way that the party identifying the nonconformance
must be the one to suggest the fix. Instead, it is expected that the system provide for the
information to be routed to the most appropriate party to address the concern.

4.5.3 Records
Records are expected to exist to serve as verification of the system operating. For
example, records include audit reports and training records. Unlike controlled
documents, records are “once and done” documents, resulting from the execution of some
process or procedure. Procedures in this element are required for the maintenance of
records.

4.5.4 EMS Audits
ISO 14001 requires that the system provide for internal audits. This procedures(s) will
include methodologies, schedules, and processes to conduct the audits. Interestingly, the
EMS audit will in essence, audit the audit process itself!

4.6 Management Review
This element requires that periodically, top management will review the EMS to ensure it
is operating as planned. If not, resources must be provided for corrective action. For
areas where there are no problems, the expectation is that with time, management will
provide for improvement programs. Usually there is no detailed procedure for this
element, although records of agendas, attendance, and agreed upon action items are
maintained as verification.

Posted under ISO 14001 Standards by everise on Wednesday 30 September 2009 at 7:10 am

Structure Of ISO 9001

ISO 9001 was first published in 1987. Later, it went through three revisions in 1994, 2000 and 2008. The latest version version of the ISO 9001 standard was published on 14th November 2008. This is the structure of the standard:
  • Clause 1 Scope
  • Clause 2 Normative reference
  • Clause 3 Terms and definitions
  • Clause 4 Quality management system
  • Clause 5 Management responsibility
  • Clause 6 Resource management
  • Clause 7 Product realization
  • Clause 8 Measurement, analysis and improvement

http://www.e-wia.com

Posted under ISO 9001 Standards by everise on Wednesday 30 September 2009 at 7:08 am

ISO 9001:2008 General Requirements

4.1 General requirements

The organization shall establish, document, implement and maintain a quality management system and continually improve its effectiveness in accordance with the requirements of this International Standards. The organization

  • shall determine the processes needed for the quality management system and their application throughout the organizations,
  • determine the sequence and interaction of these processes,
  • determine criteria and methods needed to ensure that both the operation and control of these processes are effective,
  • ensure the availability of resources and information necessary to support the operation and monitoring of these processes,
  • monitor, measure (where applicable) and analyze these processes, and
  • implement actions necessary to achieve planned results and continual improvement of these processes.

These processes shall be managed by the organization in accordance with the requirements of this International Standard.

Where an organization chooses to outsource any process that affects product conformity to requirements, the organization shall ensure control over such processes. The type and extent of control to be applied to these outsourced processes shall be defined within the quality management system.

NOTE 1: Processes needed for the quality management system referred to above include processes for management activities, provision of resources, product realization and measurement, analysis and improvement.

NOTE 2: An outsourced process is identified as one being needed for the organization’s quality management system, but chosen to be performed by a party external to the organization.

NOTE 3: Ensuring control over outsourced processes does not absolve the organization of the responsibility of conformity to all customer, statutory, and regulatory requirements. The type and extent of control to be applied to the outsourced process can be influenced by factors such as
a) the potential impact of the outsourced process on the organization’s capability to provide product that conforms to requirements,
b) the degree to which the control for the process is shared;
c) the capability of achieving the necessary control through the application of clause 7.4.

Clause 4.2 Documentation requirements

4.2.1 General

The quality management system documentation shall include
documented statements of a quality policy and quality objectives,

  • a quality manual,
  • documented procedures and records required by this International Standard,
  • documents including records, needed determined by the organization to be necessary to ensure the effective planning, operation and control of its processes

NOTE 1: Where the term “documented procedure” appears within this International Standard, this means that the procedure is established, documented, implemented and maintained. A single document may include the requirements for one or more procedures. A requirement for a documented procedure may be covered by more than one document.

NOTE 2: The extent of the quality management system documentation can differ from one organization to another due to the size of organization and type of activities, the complexity of processes and their interactions, and the competence of personnel.

NOTE 3: The documentation can be in any form or type of medium.

4.2.2 Quality Manual

The organization shall establish and maintain a quality manual that includes the scope of the quality management system, including details of and justification for any exclusions (see 1.2), the documented procedures established for the quality management system, or reference to them, and a description of the interaction between the processes of the quality management.

4.2.3 Control of documents

Documents required by the quality management system shall be controlled. Records are a special type of document and shall be controlled according to the requirements given in 4.2.4.

A documented procedure shall be established to define the controls needed

  • to approve documents for adequacy prior to issue,
  • to review and update as necessary and re-approve documents,
  • to ensure that the changes and the current revision status of documents are identified,
  • to ensure that relevant versions of applicable documents are available at points of use,
  • to ensure that documents of external origin are identified and their distribution controlled, and
  • to prevent the unintended use of obsolete documents, and to apply suitable identification to them if they are retained for any purpose.

4.2.4 Control of records

Records established to provide evidence of conformity to requirements and of the effective operation of the quality management system shall be controlled. The organization shall establish a documented procedure to define the controls needed for the identification, storage, protection, retrieval, retention, and disposition of records. Records shall remain legible, readily identifiable, and retrievable.

Posted under ISO 9001 Standards by everise on Wednesday 30 September 2009 at 7:08 am

ISO 9001 and ISO 14001 Information Site

ISO 9001 And ISO 14001 Information Site

http://iso9001-procedure.blogspot.com/
http://iso-14001-ems.blogspot.com/
http://iso14001qualitymanual.blogspot.com/
http://iso14001requirements.blogspot.com/
http://iso14001certification.blogspot.com/
http://iso14001qualitysystem.blogspot.com/
http://environmentsystem.blogspot.com/
http://iso14000series.blogspot.com/
http://iso9000standard.blogspot.com/
http://six-sigma-qc.blogspot.com/
http://iso9001-documents.blogspot.com/
http://iso9001-training.blogspot.com/
http://quality-assurance-system.blogspot.com/
http://iso14001standard.blogspot.com/
http://iso9001-certification.blogspot.com/
http://iso9001-certification.blogspot.com/
http://iso9000series.blogspot.com/
http://iso9001standards.blogspot.com/
http://iso9000certification.blogspot.com/
http://isotemplate.blogspot.com/
http://iso9001training.blogspot.com/
http://qualitymanualsystem.blogspot.com/

Posted under ISO 9001 Standards by everise on Wednesday 30 September 2009 at 7:06 am