1 What is ISO 9001 and should i care? SAFER, SMARTER, GREENER
2 02 THE ROLE OF STANDARDS What is ISO 9001 and should I care? The Role of Standards The objective of any standard, whether it relates to the manufacture of cars, airplanes, machinery, or the delivery of a service transportation, hospitals, etc. is the same. Standards are designed to promote, facilitate and enable consistency in a process or product; to provide assurance that the process or product output will meet requirements; to provide a uniform and predictable output every time a set of procedures are executed. Because standards assist buyers and consumers in establishing confidence levels in the products and services they procure, standards facilitate fair trade practices.
3 What is ISO 9001 and should I care? THE ROLE OF STANDARDS 03 The ISO 9001 series of standards ISO 9001 consists of a series of Quality Management System standards that are designed to facilitate the establishment of business processes aiming to ensure that customer requirements are met or exceeded. They can be applied in any manufacturing industry or service sector. The series consists of three quality system standards: ISO 9000, ISO 9001 and ISO If a company chooses to adopt the standards, ISO 9001 is the document which contains the requirements that the company must meet in order to attain a certificate of compliance, should they choose to demonstrate conformance. The ISO 9001 series of standards is one of more than 19,000 different standards which are maintained by the International Organization for Standardization in Geneva, Switzerland. The reference to ISO comes from the Greek word isos meaning equal or the same. The concept is one of consistency, predictability and repeatability of processes. Evolution of the ISO 9001 series of standards The ISO 9001 standard has evolved from the best practices of many different international standards. Perhaps the most notable are BS 5750 (UK) and MIL-Q-9858 (a former U.S. military standard). The ISO 9001 standards were first released in 1987, revised in 1994, and again in December 2000 and October This review and revision cycle will continue approximately every five years. The December 2000 revision included some significant changes in the structure and content of the standards, which have been carried over in the 4th Edition (2008) document. The former ISO 9002 and ISO 9003 have been made obsolete. The only auditable and certifiable standard is ISO and national bodies. Each member, through its committees and subcommittees, provides input on suggested changes to the standards back through a hierarchy to ISO s headquarters in Geneva, Switzerland. The ISO Technical Committee responsible for the ISO 9001 series is the TC 176. For more information on the work of the TC 176, please visit Why should an organization implement ISO 9001 Without satisfied customers, an organization s future is at risk! To keep customers satisfied, the organization needs to meet and/or exceed their requirements. The ISO 9001 standard provides a universally recognized, tried and tested framework for taking a systematic approach to managing the organization s processes, so that they consistently turn out product that satisfies customers expectations. The 5 main clauses of ISO 9001:2008 Quality Management System Management Responsibility Resource Management Product Realization Measurement, Analysis and Improvement Application of the standards The standards are not designed to tell you how to run your business, but rather to allow you to be compliant with the standard in a manner that best suits the way you decide to run your business. There are some shalls which are non-negotiable requirements if you wish to be certified by an independent certification body, also known as registrars. ISO 9001 also allows for some of its requirements not to be applied in case such business processes are not the responsibility of the organization. The standards are revised through review and revision recommendations made by ISO member countries or national bodies. There are approximately 140 member countries
4 04 THE ROLE OF STANDARDS What is ISO 9001 and should I care? For example, if an organization is not involved with the design of the products they assemble, they can claim an exclusion of the requirements contained in ISO 9001 for product design and development, and still be considered in compliance with the Standard. Relative positioning of ISO 9001 On a scale of no formal quality management system on the left, to world-class operations on the right, an ISO 9001 compliant system is something of a midpoint. Certification to ISO 9001 is not a panacea for the troubles of industry. It is not a replacement for sound business strategies and management. It is not a solution to a weak business environment or a struggling economy. Conformance to ISO 9001 is the basis for building a sound quality system. It is an infrastructure that will facilitate improvements in processes and increases in the effectiveness and efficiency of the system. If certification to ISO 9001 is in your plans, it should be viewed as a journey and not a destination. It should be the platform on which to build operations and continual improvement towards a world class system. Acceptance of the Standards The ISO is a standard designed to ddress Environmental Management Systems. ISO 9001 and ISO are developed to make them very compatible and to facilitate implementation in an integrated manner. Acceptance of the standards The ISO 9001 series of standards has been accepted and adopted throughout the world. We approach an estimated 1.5 million certificates issued in more than 154 countries. Europe now exceeds 400,000 certificates with more than 35,000 in the UK alone. There are currently more than 35,000 certificates in the U.S., 7,000 in Canada and approximately 4,000 in Mexico. It is estimated that an additional 20,000 companies in North America are actively in the process of implementing an ISO 9001 compliant management system. Industry specific variations of ISO 9001 A number of different industry sectors have adopted ISO 9001, added supplemental requirements which are specific to their own industry, and modified the title of the standard. The most notable of these are: ISO/TS Automotive AS9100, 9110 and Aerospace ISO Medical Devices TL Telecommunications ISO 9001 implementation is the basis for building a sound quality system. It is an infrastructure that will facilitate improvements in processes and increases in the effectiveness and efficiency of the system.
5 What is ISO 9001 and should I care? SHOULD ISO 9001 CERTIFICATION BE IN MY PLANS? 05 Should ISO 9001 certification be in my plans? There are costs associated with implementing an ISO 9001 compliant quality management system. If companies are to make this investment, then it is important that they are able to derive a benefit and a return on that investment. In the late 1980 s the European Union adopted the ISO 9001 series of standards. Contracts and requests for quotations were issued to potential North American suppliers from these European countries. In many instances, in order to be able to bid on one of these contracts, the supplier had to be able to demonstrate that they were either ISO 9001 certified or in the process of implementing an ISO 9001 system. These companies were the early adopters of ISO 9001 certification. Today, however, most of the North American companies that choose to be certified have little or no interest in exporting there are other driving forces. There are really only three reasons why anyone would consider ISO 9001 certification: 1. For the value of an ISO 9001compliant system to improve processes and increase the productivity and effectiveness of the system. These attributes can, in turn, result in reduced scrap and rework, and therefore increase profitability, and increase customer satisfaction. So how do you determine if certification will have value for you and your company? The key is to benefit from those who have already gone through the certification process. Most companies that have become certified are usually proud of their achievement and happy to share their experience with others. Lists of certified companies are available from the registrars or certifying bodies. By selecting companies who are in similar businesses to yours (your direct competitors are probably not going to share much information with you!) and asking them a few pertinent questions, you can get a pretty good feel for the value of certification to these companies. Questions like: What have been the benefits of certification? Have you measured these benefits and expressed them in dollars i.e. return on investment? What was the single biggest barrier to certification? What would you do differently if you had to do this over again? How much did it cost and how long did it take? 2. From a sales and marketing point of view, would certification make a difference? With a similar price, product or service to your competitors, would ISO 9001 certification make a difference in your customers decision process in selecting a supplier? Does certification represent a means of differentiating you from your competition? Are you losing business because your competitors are already certified? Talk to your sales and marketing personnel, get answers to these questions on a regular basis things change. Talk to your major customers and find out if ISO 9000 certification has value to them. 3. Are one or more of your largest customers likely to require that you have ISO 9001 certification in order to continue to be a preferred supplier, or worse, require certification to even be allowed to bid on contracts? Ford, GM, and Daimler-Chrysler and other automobile manufacturers gave their first tier suppliers of automotive parts no option they had to be certified to ISO/TS in order to continue doing business with them. Similarly, most of the Aerospace supply chain is operating under the mandate of attaining and maintaining certification to AS9100, as a requirement to do business with aircraft manufacturers and major defense contractors.
6 06 HOW LONG DOES IT TAKE AND HOW MUCH WILL IT COST? What is ISO 9001 and should I care? how long does it take and how much will it cost? The answers to these three questions should provide you with a strong basis to be able to make an informed decision as to whether ISO 9001 should be in your company s plans. One thing is key if, based on the answers to the above questions, you make a determination that ISO 9001 should be in your company s future, put plans in place to do it at your speed, not someone else s. Do not wait until your best customers give you an or else ultimatum requiring you to be certified in six or nine months in order to continue to do business with them. The certification process The basic steps to certification involve a review by an external company the ISO 9001 certification body or registrar. These typically include a documentation (quality manual) review, an on-site pre-assessment or readiness review, now known as stage 1 audit and an on-site certification (stage 2) assessment. The onsite assessment is basically to verify, through objective evidence, that the documented system is implemented, effective and meets the requirements of the ISO 9001 standard. The length of time necessary to implement an ISO 9001 compliant system is a function of the size of the company, the number of employees, the complexity of the processes, the maturity of the organization and the degree to which the existing system meets the requirements of the standard. A typical time line for implementation would be six to eighteen months. Certification costs, that is those fees paid to the registrar, are typically small compared to the internal costs of implementation. The fees are generally driven by the number of audit days required to verify compliance, which in turn depends upon the number of employees, as well as the quantity and complexity of the processes. Most registrars will provide a no obligation quotation on request. Selecting a Registrar If you are planning on becoming certified to ISO 9001, ISO/TS 16949, ISO 14001, or any other accredited management system scheme, the selection of your certifying body is an important decision. Do not underestimate the importance of a How long does it take and how much will it cost? 7 careful evaluation before selecting your registrar. A poor decision might have a significant impact to your organization. Your choice of registrar is a relationship that will be in place for a long time. That is why it is so important that your choice is one which will provide you with a partnership approach to certification, provide you with value-added services, and result in a certification which is recognized and accepted by your customers and prospects. In the ISO 9001 market place there are more than 80 registrars in North America offering certification services. It is an unregulated market that is anybody can set themselves up as a certification body, perform audits and issue certificates. It is very much a buyer beware market place. So how do you go about making an informed decision when selecting your registrar? Technical competencies The rules that registrars operate under are largely governed by the accreditation bodies. Most of the countries that have adopted the ISO 9001 series of standards have their own national accreditation body. In the U.S., that body is the ANSIASQ National Accreditation Board (ANAB). Accreditation is an important attribute when selecting a registrar and a key factor in making your initial short list of candidates. In order to become accredited, a registrar has to undergo a rigorous audit and review process against the ISO/ IEC standard and additional requirements. Very similar to ISO 9001 certification process, in order to maintain their accreditation, they are subject to on-going surveillance or periodic audits. But not all accredited registrars are created equally. There are considerable differences among them.
7 What is ISO 9001 and should I care? INTERPRETATION OF THE STANDARDS 07 Areas to consider when evaluating registrars: Technical competencies Interpretation of the standards Registrars Overall philosophy Price People factors Interpretation of the standards Interpretation of the standards and overall philosophy There are variances in how registrars interpret the standards, their general audit philosophy are they auditing to the letter of the standard, or do they adopt a more pragmatic approach of auditing to the intent of the standard? What kind of customer service response can you expect if you select a particular registrar? What is their track record on customer satisfaction? What experience does this particular registrar have in your industry sector how many certificates have they issued to businesses like yours? These questions are best answered by talking to clients who have selected and have become certified by the registrar you are considering. Reference accounts are fine but are generally selected or pre-screened by the registrar. A more effective and potentially unbiased approach is for you to make the customer selection yourself. If a registrar is accredited they are obligated to produce and maintain a list of all companies that they have certified. The list may be in hard copy or part of their web page. Once you access the list, pick six or seven companies. Select companies that are either in similar businesses to yours, geographically close to you, or just pick companies whose judgment you trust. Call these companies and ask the challenging questions What was your experience with XYZ registrar? What impressed you most about the company? What did you like least about your dealings with them? Would you recommend them to others? If you ask these questions of six or seven companies, you will get a pretty good picture of the overall character and philosophy of the registrar. Money is important to most of us as individuals, as employees and as managers and owners of businesses. Most of the major registrars have an overall cost of certification, which is very similar. Auditor day rate might appear to be a convenient indicator to compare registrar costs, but it will not give you the basis for an apples-to apples comparison. An important thing to keep in mind is that registrars have many different ways of actually structuring their quotations. There are some registrars that have application, listing and administration fees, adders to travel expenses, cancellation and deferment fees. There are almost as many pricing schemes as there are registrars. How they price is not nearly as important as the overall cost for certification. Having said that, keep a look out for cancellation and deferment charges, which can be particularly unfriendly. Irrespective of how a quotation is structured, the important thing is that you are able to determine the exact cost-of-ownership. Most registrars will have certificates which are valid for three years. However the pricing is structured, ask for quotations in aformat that will allow you to determine the full costs for a three-year period,which is the typical certification cycle. That way you can make an apples to-apples comparison of registrar charges.
8 08 PEOPLE FACTORS AND PRICE What is ISO 9001 and should I care? people factors and price When making a registrar selection, price is important but should not be your primary selection criteria. If you make a decision based solely on price, you are probably making a decision that you may regret later. Certification is a free market service. If a registrar is unaccredited, there are no rules or requirements for auditor training and qualifications, industry experience, the methodology for the certification process and more. Compliance with accreditation requirements costs money but has value to you as a customer. Look for registrars that offer value added services beyond the structured certification process, such as: your company s listing on their web site, electronic access to your audit reports and audit schedule. The external fees that you will pay to registrars for your certification are small compared to money you will have invested internally in putting your system in place. Most estimates will agree that the internal costs are at least 10 times the costs that you will pay the registrar. Having made the commitment and investment to implement a compliant system, keep cost in mind when making your registrar selection but make sure that you take into account the other important factors listed here. People Factors Most registrars who are accredited have very similar technical competencies because these competencies are defined and are requirements of the accreditation bodies. Some registrars will have the right philosophical approach described above and most will be about the same price range. Price All these things being equal, how do you make an informed decision? The registration process is a people business. Outside of the certificate itself, there is no physical product. The product consists of a series of interfaces from initial requests for information, requests for quotations, answers to questions, visits and presentations. Ask yourself the following questions about your initial experiences when dealing with a potential registrar candidate because they will give you a pretty good indication where the registrar is on the people factor scale: What was and has been the response to your requests? Were the responses timely? What was the general attitude of the people you had to deal with? Do they really act like they would want and work to keep your business? Are these the kind of people that you would look forward to having a long term business relationship with? Summary Selecting a registrar is an important decision. It is a relationship which will ideally be in place for a long time. Taking the time to evaluate registrars based on the above criteria will be a good investment of your time.
9 What is ISO 9001 and should I care? PEOPLE FACTORS AND PRICE 09 Why partner with DNV GL? Driven by our purpose of safeguarding life, property and the environment, DNV GL enables organizations to advance the safety and sustainability of their business. DNV GL is a leading provider of classification, certification, verification and training services. With our origins stretching back to 1864, our reach today is global. Operating in more than 100 countries, our 16,000 professionals are dedicated to helping our customers make the world safer, smarter and greener. *Risk Based Certification is a registered EU trademark of DNV GL AS. For more information contact us: As a world-leading certification body, DNV GL helps businesses assure the performance of their organizations, products, people, facilities and supply chains through certification, verification, assessment, and training services. Partnering with our customers, we build sustainable business performance and create stakeholder trust.
10 10 SECTION Brochure name SAFER, SMARTER, GREENER Why partner with DNV GL? Driven by our purpose of safeguarding life, property and the environment, DNV GL enables organizations to advance the safety and sustainability of their business. DNV GL is a leading provider of classification, certification, verification and training services. With our origins stretching back to 1864, our reach today is global. Operating in more than 100 countries, our 16,000 professionals are dedicated to helping our customers make the world safer, smarter and greener. As a world-leading certification body, DNV GL helps businesses assure the performance of their organizations, products, people, facilities and supply chains through certification, verification, assessment, and training services. Partnering with our customers, we build sustainable business performance and create stakeholder trust. DNV GL - Business Assurance 1400 Ravello Katy, TX Tel: Version