How I may help
LinkedIn Profile Email me!
Call me using Skype client on your machine

Reload this page ISO 9000

This is an introduction to ISO 9000. We would appreciate your feedback.

Sound: George Costanza says “Yada Yada Yada”


What's ISO 9000?
Who Wrote It?
Implementation Plan


Site Map List all pages on this site 
About this site About this site 
Go to first topic Go to Bottom of this page



Set this at top of window. What Is ISO 9000?

DNV: ISO 9000 means quality ISO 9000 is a series of international standards which define the requirements for a system of quality management within an organization.

Many countries have published their own equivalents of the ISO 9000 series in their native language; the US English version is called the ANSI/ASQC Q9000 series.

ISO 9000 describes “what” must be accomplished in a generic way.

Section 4.5.1 states “the supplier shall establish and maintain a documented Quality System as a means of ensuring that product conforms to specified requirements.”

The word “product” includes the result of services as well as manufacturing.

ISO 9000 is designed to address all of the most important processes affecting quality, from the initial review of contracts received from customers, to the packaging and delivery of the finished product.

“HOW” the system is implemented is left up to each individual organization.

    “ISO” comes from the Greek word iso, which means “equal.” ISO 9000 aims to establish a equal definition of quality assurance from company to company, country to country.

    Copies of Q9000 can be purchased from ANSI at 11 West 42nd Street, 13th Floor, New York, NY 10036 Phone: 212.642-4900 Fax:212.302-1286 or from the American Society for Quality (ASQ) (which changed its name from ASQC in 1997).



Set this at top of window. Who Wrote ISO 9000?

ISO 9000 was defined by an international group representing governments and professionals in the field of Quality Control and Quality Assurance.

Their documents are published by the International Organization for Standardization (IOS). Based in Switzerland since 1946, the organization is composed of the national standards bodies of 91 countries.

This organization is not an enforcement agency.



Set this at top of window. What's The Big Deal?

ISO 9000 registration has become a must especially for any company involved in international commerce.

Adherence to the standard is voluntary. But many companies do business exclusively with suppliers which have had their quality systems "registered".

A ISO 9000 certificate doesn't warrant whether specific products are any good — ISO 9000 deals with the environment for producing goods and services, not specific products.

Purchasers of goods and services ask their suppliers to be certified to ISO 9000 because they want to be assured that suppliers are competent to conduct business. Customers don't want to send their own inspectors to inspect how their suppliers conduct business.

    Many organization have obtained dramatic improvements in the course of creating an ISO 9000 compliant quality management system:
    • significant decreases in customer complaints,
    • better employee morale,
    • Reductions in operating costs, as well as
    • increased demand for their products and services.

    “Yes, ISO 9000 centralizes information. But even better -- it declares to employees at every level that their work matters enough to be looked at thoughtfully.”



Set this at top of window. Registration

An organization can declare itself “in compliance” with ISO 9000 requirements after self assessments and self audits.

But the most common way to show compliance is to obtain a certificate from an independent organization which is not affliated with the company — a Third-Party registrar, also called an “Assessment Body.”

Auditors (also called Assessors ) employed by the Registrar seek objective evidence to answer the following questions:

  • Is the documented system consistent with the standard? (Do you describe what you do?)
  • Are activities consistent with the documentation? (Do you actually do what you say you do?)
  • Do documented systems and non-documented activities help your company meet its goals and objectives (especially quality objectives)? (Is it effective?)

To answer these questions, they:

  • Read the organization's Quality Manual and other documentation.
  • Observe and interview workers to determine whether they understand the documentation and can effectively apply it to their individual job.
  • Select and review historical Quality Records created during the conduct of business.
  • Write a Report documenting non-conformances.


Set this at top of window. Certificates of Registration

Certificates are for specific plant locations in a specific market sector. An organization can seek one of three standards of certification:

  • 9001 is the most comprehensive of the standards. In the 89 version, all 138 requirements grouped into 20 elements of this standard applies to organizations involved in the design and development, manufacturing, installation, and servicing of products or services. The 2000 version is grouped into 8 elements.

  • 9002 contains 19 of 9001's elements because it is applicable to those companies which do not perform design functions, such as sub-contractors or companies operating a standard service.

  • 9003 contains 12 of the 20 elements because it is typically applied to software labs, distribution centers, and warehouse operations. It is the least comprehensive of the standards. It applies to organizations involved in only final installation and testing (but not design and development, manufacturing, installation, or servicing) of products or services.
    Our company seeks certification “ISO 9003:1994(E).” for the “testing of computer software and hardware.”.

    The current standards were adopted in 2000. Since the first version published in 1987, an edition was published July 1994. The most significant changes made in the new version are described here. For the latest, see the NIST ISO 9000 webpage

    Quality Digest magazine keeps a database of registered companies for their paid readers.

ISO 9004, QUALITY MANAGEMENT AND QUALITY SYSTEM ELEMENTS - GUIDELINES provides guidance in developing and implementing an internal quality system and in determining the extent each quality system element is applicable.  


Set this at top of window. Readiness

Achievement of ISO 9000 registration requires a rigorous approach to making changes systematically.

Readiness for performance results from a mix of several conditions. The will of an organization to achieve registration is determined by the attitudes shared by workers as well as the capabilities they exercise. Education can be provided to transfer knowledge to workers. However, people's attitudes affect their sensitivity to information. It usually requires a shift to authority based on documents rather than rank, popularity, or other sources of power.

The consistency sought by ISO 9000 is often achieved with some loss in flexibility.

    Registrars typically charge $10,000 to $25,000, depending on the size of the company. DNV provides single-plant small businesses with less than 50 employees an initial assessment for $4,950 with an on-going yearly assessment fee of $1,850.

    Companies usually obtain help for A website external to this site documentation, training, and software such as iSO-Pro to create and maintain action plans, schedules, and charts displaying measurements of key metrics.



Set this at top of window. Documentation

DNV: ISO 9000 means quality Most ISO 9000 compliant organizations document their quality system using this tiered schema:


  • A Quality Manual describes the overall system and states the general policies and distribution of authority;

  • Procedures define in general terms how the interdepartmental (cross-functional) flow of work is controlled.

  • Work Instructions define specifically how work is performed, step by tedious step, within an individual department.




Set this at top of window. Interviews
According to the Center for International Quality and Standards at Georgia Tech University, the number one cause of ISO registration failure and the number one non-complaince issue is “inadequate document control.”

To determine whether the organization's documentation is being used effectively, assessors observe and interview workers.



Set this at top of window. Records

Auditors look for objective data associated with each the 20 elements specified by the ISO 9001 standard:

  1. Management responsibility:
    define, document, and implement a policy for quality. Included in this element are requirements for periodic management review of Business Plans (4.1.4), Data Analysis (4.1.5), and Customer satisfaction (4.1.6).
  2. Quality system:
    establish, document, and maintain a quality system which includes a quality manual, system procedures, and quality planning.
  3. Contract review:
    establish and maintain documented procedures for controlling the scope of contracts and subsequent amendments.
  4. Design control:
    establish and maintain documented procedures to control and verify the design of the product to ensure conformance to specified requirements.
  5. Document and data control:
    establish and maintain documented procedures to control all documents and data (including hard copy and electronic media) including such documents as standards and customer drawings. This includes the scope of documents, other procedures referenced, and change control procedures.
  6. Purchasing:
    establish and maintain documented procedures to ensure that purchased product, associated documents and data conform to requirements.

    The standard includes the evaluation of sub-contractors based on their ability to meet subcontract requirements and the type and extent of control exercised by the supplier over sub-contractors.

  7. Control of customer-supplied product:
    establish and maintain documented procedures for the control of verification, storage and maintenance of customer-supplied product provided for incorporation into the supplies or for related activities.
  8. Product identification and traceability:
    where appropriate, establish and maintain documented procedures for identifying the product from receipt and during all stages of production, delivery and installation.
  9. Process control:
    identify and plan the production, installation and servicing processes which directly affect quality, and to ensure these processes are carried out under controlled conditions.
  10. Inspection and testing:
    establish and maintain documented procedures for inspection and testing activities, in order to verify that the specified requirements for the product are met.
  11. Control of inspection, measuring and test equipment:
    establish and maintain documented procedures to control, calibrate and maintain inspection, measuring and test equipment (including test software) used by the supplier to demonstrate the conformance of product to the specified requirements.
  12. Inspection and test status:
    the inspection and test status of product shall be identified and maintained throughout the production, installation and servicing of the product to ensure that only product that has passed the required inspections and tests (or released under an authorized concession) is dispatched, used or installed.
  13. Control of non-conforming product:
    establish and maintain documented procedures to ensure that product that does not conform to specified requirements is prevented from un-intended use or installation.
  14. Corrective and preventive action:
    establish and maintain documented procedures for implementing corrective action in the handling of customer complaints, product non-conformities, and the application of controls to ensure corrective action is taken and that it is effective. Preventive action procedures will detect, analyze, and eliminate potential causes of non-conformities.
  15. Handling, storage, packaging, preservation and delivery:
    establish and maintain documented procedures to prevent damage or deterioration of product.
  16. Control of quality records:
    establish and maintain documented procedures for identification, collection, indexing, access, filing, storage, maintenance and disposition of quality records. Quality records shall be maintained to demonstrate conformance to specified requirements and the effective operation of the quality system.
  17. Internal quality audits:
    establish and maintain documented procedures for planning and implementing internal quality audits to verify whether quality activities and related results comply with planned arrangements and to determine the effectiveness of the quality system.
  18. Training:
    establish and maintain documented procedures for identifying training needs and provide for the training of all personnel performing activities affecting quality. Appropriate records of training shall be maintained.
  19. Servicing:
    where servicing is a specified requirement, establish and maintain documented procedures for performing, verifying and reporting that the servicing meets the specified requirements.
  20. Statistical techniques:
    the supplier identify the need for statistical techniques required for establishing, controlling and verifying process capability and product characteristics, and shall establish and maintain documented procedures to implement and control their application.

The QS-9000 standard drafted by the Automotive Industry Action Group (AIAG) extended ISO 9000 to include

  • Production Part Approval Processes,
  • Continuous Improvement, and
  • Manufacturing Capability analysis.


Set this at top of window. Implementation Plan

A full Implementation Plan includes:
  • A description of the benefits and risks from this project.
  • A Timeline of tasks and milestones for each phase of the project.
  • The resources needed to achieve this timeline:
    • Training materials, trainers, and consultants needed;
    • When workers are expected;
    • Equipment (flip charts, computers, printers, copiers, etc.);
    • Facilities (meeting rooms, etc.).
  • Policies and procedures for obtaining resources and providing status updates.
    ISO 9000 does not address some issues which are the focus of Total Quality Management (TQM):

    • Leadership Style,
    • Team Building, and
    • Employee Empowerment,
    • Customer Service, and
    • Strategic Planning.


Set this at top of window. Timeline for Implementation

Auditors look for a minimum of 6 months of Quality Record history. The most ambitious schedule for certification is 9-12 months.



Tasks and Milestones


Senior management champion recognizes a need
Introductory Meetings Held
Conduct Initial Readiness Survey
Review Readiness with senior managers


Select and assemble a cross-functional implementation team.
Train Internal Quality Auditors
Train Implementation Coordinators
Select and Contract with Registrar
Answer Registrar's Questionaire
Implementation Plan Approved and Published by Executive Team


Quality Manual drafted
Conduct Quality System Workshop for managers
Prioritize Operating Procedure Writing Efforts
Quality Manual approved and distributed
Preventive and Corrective Action controls initiated


Conduct Quality System Workshops for workers
Workers Draft Operating Procedures
Prioritize Work Instruction Writing Efforts
Operating Procedures approved and distributed


Work Instruction

Conduct Work Instruction Writing Workshops
Work Instructions reviewed and approved


Conduct Quality System Audit
Corrective Actions issued by auditors
Conduct Quality System Management Review
Additional Corrective Actions issued by management


Workers Implement Corrective Actions
Auditors Confirm Effectiveness of Corrective Actions


External Auditors conduct Pre-Assessment Audit
External Audit findings reported to management
Corrective Actions issued by management


Workers resolve all known nonconformities
Internal Auditors confirm status of Corrective Action Requests
Readiness for Certification Audit announced by management


3rd Party Auditor conduct Certification Audit
and issue a report

After non-conformances are corrected, Certificate is issued
Publicity and
Send out Press Release about ISO 9000 CERTIFICATION!
Semi-annual Periodic Audits.


Set this at top of window. Extensions

Certificates are typically valid for three years. During that time Periodic Surveillance Audits are carried out semi-annually. At the end of three years, a Certificate Extension Audit is conducted, after which time a new certificate is issued.


Set this at top of window. More About ISO 9000

    Check out these sites:

Portions ©Copyright 1996-2010 Wilson Mar. All rights reserved. | Privacy Policy |

How I may help

Send a message with your email client program

Your rating of this page:
Low High

Your first name:

Your family name:

Your location (city, country):

Your Email address: 

  Top of Page Go to top of page

Thank you!