Contact us | Careers | Sitemap
 
  Quick Connect
        
   Training Program
 Six Sigma
 Total Quality Management
 Quality Improvement Programs
 Lean Manufacturing
 Problem Solving Techniques
  Customers
  News & Events
ISO 9001:2008


What is ISO 9001:2008?


ISO 9001:2008 is an international standard that gives requirements for an organization’s Quality Management System (“QMS”).   This will  mean that they are claiming to have a QMS meeting the requirements of ISO 9001:2008, the only standard in the ISO 9000 family that can be used for the purpose of conformity assessment. It is important to understand however, that ISO is the body that develops and publishes the standard - ISO does not “certify” organizations, as will be explained later in this brochure.

The objective of ISO 9001:2008 is to provide a set of requirements that, if they are effectively implemented, will ensure that your business moves on and on.

The requirements cover a wide range of topics, including your supplier's top management commitment to quality, its customer focus, adequacy of its resources, employee competence, process management (for production, service delivery and relevant administrative and support processes), quality planning, product design, review of incoming orders, purchasing, monitoring and measurement of its processes and products, calibration of measuring equipment, processes to resolve customer complaints, corrective/preventive actions and a requirement to drive continual improvement of the QMS. Last but not least, there is a requirement for your supplier to monitor customer perceptions about the quality of the goods and services it provides.

ISO 9001:2008 does not specify requirements for the goods or services you are purchasing. That is up to you to define, by making clear your own needs and expectations for the product. You might, for example, refer to product specifications, drawings, national or international product standards, supplier’s catalogues or other documents as appropriate.

ISO today published ISO 9001:2008, the latest edition of the International Standard used by organizations in 175 countries as the framework for their quality management systems (QMS).

ISO 9001:2008, Quality management system – Requirements, is the fourth edition of the standard first published in 1987 and which has become the global benchmark for providing assurance about the ability to satisfy quality requirements and to enhance customer satisfaction in supplier-customer relationships.

ISO 9001:2008 contains no new requirements compared to the 2000 edition, which it replaces. It provides clarifications to the existing requirements of ISO 9001:2000 based on eight years’ experience of implementing the standard worldwide and introduces changes intended to improve consistency with the environmental management system standard, ISO 14001:2004.

ISO 14001:2004

An EMS meeting the requirements of ISO 14001:2004 is a management tool enabling an organization of any size or type to:

  • identify and control the environmental impact of its activities, products or services, and to
  • improve its environmental performance continually, and to
  • implement a systematic approach to setting environmental objectives and targets, to achieving these and to demonstrating that they have been achieved.

How it works

ISO 14001:2004 does not specify levels of environmental performance. If it specified levels of environmental performance, they would have to be specific to each business activity and this would require a specific EMS standard for each business. That is not the intention.

ISO has many other standards dealing with specific environmental issues. The intention of ISO 14001:2004 is to provide a framework for a holistic, strategic approach to the organization's environmental policy, plans and actions.

ISO 14001:2004 gives the generic requirements for an environmental management system. The underlying philosophy is that whatever the organization's activity, the requirements of an effective EMS are the same.

This has the effect of establishing a common reference for communicating about environmental management issues between organizations and their customers, regulators, the public and other stakeholders.

Because ISO 14001:2004 does not lay down levels of environmental performance, the standard can to be implemented by a wide variety of organizations, whatever their current level of environmental maturity. However, a commitment to compliance with applicable environmental legislation and regulations is required, along with a commitment to continual improvement – for which the EMS provides the framework.

The EMS standards

ISO 14004:2004 provides guidelines on the elements of an environmental management system and its implementation, and discusses principal issues involved.
ISO 14001:2004 specifies the requirements for such an environmental management system. Fulfilling these requirements demands objective evidence which can be audited to demonstrate that the environmental management system is operating effectively in conformity to the standard.

What can be achieved?

ISO 14001:2004 is a tool that can be used to meet internal objectives:

provide assurance to management that it is in control of the organizational processes and activities having an impact on the environment

  • assure employees that they are working for an environmentally responsible organization.
  • ISO 14001:2004 can also be used to meet external objectives:
  • provide assurance on environmental issues to external stakeholders – such as customers, the community and regulatory agencies
  • comply with environmental regulations
  • support the organization's claims and communication about its own environmental policies, plans and actions
  • provides a framework for demonstrating conformity via suppliers' declarations of conformity, assessment of conformity by an external stakeholder - such as a business client - and for certification of conformity by an independent certification body.

OHSAS 18001:2007,

OHSAS 18001 is the internationally recognized assessment specification for occupational health and safety management systems. It was developed by a selection of leading trade bodies, international standards and certification bodies to address a gap where no third-party certifiable international standard exists.

OHSAS 18001 has been designed to be compatible with ISO 9001 and ISO 14001, to help your organization meet their health and safety obligations in an efficient manner.

The following key areas are addressed by OHSAS 18001:

  • Planning for hazard identification, risk assessment and risk control
  • OHSAS management programme
  • Structure and responsibility
  • Training, awareness and competence
  • Consultation and communication
  • Operational control
  • Emergency preparedness and response
  • Performance measuring, monitoring and improvement

 OHSAS 18001 can be adopted by any organization wishing to implement a formal procedure to reduce the risks associated with health and safety in the working environment for employees, customers and the general public.

 

ISO/ TS16949:2009

ISO/TS 16949:2009 Quality management systems -- Particular requirements for the application of ISO 9001:2008 for automotive production and relevant service part organizations management systems is designed for the auto industry and suppliers to the auto industry.

Some of the specific requirements of ISO/TS 16949 are discussed below. The focus below is on the differences between ISO 9001 and TS 16949. Please check the standard for the exact language and requirements. The standard emphasizes the specific differences within the text of the publication.

In TS 16949 there is a change in emphasis to include or expand on:

  • process efficiencies
  • cost of poor quality
  • discussion of business planning
  • employee motivation
  • preparation of contingency plans
  • discussion of product safety
  • cleanliness of the premises
  • confidentiality
  • predictive maintenance
  • service agreements
  • use of statistical tools and data
  • control and measurement of manufacturing processes

There are additional specific technical requirements including but not limited to: review of engineering specifications; nonconformance reporting; assignment of a customer representative; field failures; FMEA; change control; use of control plans; and production tooling.

The requirements for product design and development processes are expanded and more extensive including a number of additional items to consider and address.

Purchasing requirements provide more information and detail regarding requirements and monitoring. Preference is described toward suppliers compliant with TS 16949 or as a start registered to ISO 9001:2008.

Measurement system requirements, calibration/verification records and laboratory requirements are added section with enhanced requirements. Accreditation to ISO 17025 is helpful but not mandatory. Inspection and test activities are expanded. Control of nonconforming product is more descriptive.

Audits are expanded to include:

  • Quality management system audits,
  • Manufacturing process audits,
  • Product audits, and
  • An annual audit plan

Improvement requirements are strengthened and include problem solving, error proofing, and analysis of the impact of corrective actions to other areas of the operation.

 

ISO 27001:2005

ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof.

ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.

ISO/IEC 27001:2005 is intended to be suitable for several different types of use, including the following:

  • use within organizations to formulate security requirements and objectives;
  • use within organizations as a way to ensure that security risks are cost effectively managed;
  • use within organizations to ensure compliance with laws and regulations;
  • use within an organization as a process framework for the implementation and management of controls to ensure that the specific security objectives of an organization are met;
  • definition of new information security management processes;
  • identification and clarification of existing information security management processes;
  • use by the management of organizations to determine the status of information security management activities;
  • use by the internal and external auditors of organizations to determine the degree of compliance with the policies, directives and standards adopted by an organization;
  • use by organizations to provide relevant information about information security policies, directives, standards and procedures to trading partners and other organizations with whom they interact for operational or commercial reasons;
  • implementation of business-enabling information security;
  • use by organizations to provide relevant information about information security to customers.


Partners  
 
 
 
 
  Home | About us | Client | Resources | Enquiry | Contact us
Powered by qsys