ISO 9001 - Practical, Simple and Effective
Searching for simple clear information on ISO 9001? It's here.
So what is ISO 9001?
It's the international standard for a quality management system. It says what your system should do, be and have to get consistent quality of services or products, to keep improving and help increase the satisfaction of your customers.
The Standard is often just called 9001 for short. It consists primarily of a series of statements of what you are required to have or do. These are called 'requirements'.
The requirements are grouped under 7 sections (clauses). A useful way to to think of them is in these broad categories:
- Requirements for whoever owns or leads the organisation ('top management'): to know your 'context' - the field and environment you operate in, know your customers (and any other 'interested parties' if relevant) - what they want, need and expect, ensure a focus on customers, and demonstrate leadership and commitment to their system. They are responsible for its results. When planning, you must consider all these factors, have a policy on quality, and have defined responsibilities and authorities.
- Requirements for the system itself: to create, operate and maintain a suitable system, using the process approach. If you don't know what a 'process approach' means, see the short video below. Top management must set the quality policy and objectives, and make sure that suitable planning is done, for your products or services, but also for the management system itself. Risks and opportunities need to be considered.
- Support and infrastructure requirements to make sure you have what you need for what you do, including competent people, suitable plant, tools and equipment (if they are relevant to your business) and having certain information documented.
- Operational requirements: these require processes to do whatever you do, from 'designing' it (if applicable) all the way through developing/making it to supply or delivery. You must know what your customers want, give it to them, suitably control your operations and thus make sure your customers get what was agreed. This includes controlling nonconformity (that's stuff that doesn't meet all requirements, whether that is failures in product, items or services).
- Assess and improve: have suitable methods to assess performance: of the system, your services/products and your processes. Get and use suitable information for this assessment, so you can figure out if you are doing what you planned to and achieving your objectives, and also to improve what you do and how you do it. This includes using of internal audits and corrective action to fix weaknesses in your system and stop them happening again.
See my ISO 9001 requirements in a nutshell for a longer outline.
In a nutshell, the requirements of 9001 are really just good practice and common sense.
Some examples of what you have to do:
- Know what your customers want.
- Supply them with whatever you agreed (to make, design, obtain or do, product or service).
- Plan, manage and control your operations to achieve the results you want. If you don't, figure out what happened and do something about it, if needed.
- Ensure people are competent for the work they do.
See what I mean about good practice and common sense?
What's a Process?
The Standard is based around your processes. If you're not sure what they are, see this video for a quick view, especially for service businesses.
How do you get ISO 9001?
To get ISO 9001 certification (often incorrectly called 'ISO accreditation'), your quality management system has to meet all the requirements. You must show this at a formal audit that assesses this. Note this is an audit of your management system rather than your financials and must be done by a duly accredited certifier (also called external auditor). Sorry about all the alternative terms, but this field does have a few!
Then you get your certificate - assuming of course you pass, never a problem for our clients. You are then referred to as ISO 9001 certified, or to have ISO 9001 certification or be registered to ISO 9001. Several different terms, all meaning the same thing.
Some myths around 9001
Myth: It's only for large businesses.
Reality: Nope. Small businesses can get enormous benefit from using and applying the 9001 Standard, regardless of whether you choose to become certified or not.
Myth: It's only for manufacturing.
Reality: Most definitely not. It is used successfully by service businesses, including consulting firms, importers, distributors and retailers. Around 40% of certifications are now issued for services. And the 2015 version for the first time explicitly recognised this, by referring throughout to 'products or services', whereas up until then it only used the term 'products'.
Myth: It's only for commercial businesses.
Reality: wrong again. It is used successfully by many non-commercial organisations, including schools and colleges, statutory authorities including government departments, agencies, police forces, charities, churches and missions.
Myth: It dictates exactly what you have to do and how.
Reality: No (again). While ISO9001 does say what you have to do or have, it does not specify how. An example: the Standard requires you to plan what you want to achieve, organise your processes to achieve your goals, and operate, maintain, improve and control your processes to get there.
But it doesn't prescribe any specific methods or ways to do anything. That's up to you. Which is good news. You see, the vast majority of standards are very specific and highly prescriptive, but 9001 isn't. It's what's called a generic standard, meaning it can be used by any kind of business or organisation, small or large and in any field. Use it to improve what you do, irrespective of whether or not you decide to become certified.
Myth: You have to document everything you do. 'Say what you do and do what you say'.
Reality: also wrong. Yes, you do have to have some things written down, but probably far less than you think. Many people still repeating this tired old mantra are far behind the times - stuck way back in last century! The Standard has changed a lot since then, and all for the better.
What's the catch?
By far the biggest one is that someone sets up a complicated, rigid and bureaucratic system, most often because they don't know any better and think it 'has to be like this' to get the certificate for ISO 9001. That's just not true. You can do it with an intelligent quality management system, one that's simple, practical and effective. I know because I've been showing and helping people do it this way for many years now.
Doesn't everyone do that? Unfortunately, no. Some struggle with complex and bureaucratic systems, weighed down by practices and documents that are hard to understand, let alone use. Expensive to create - far worse to try and use.
How does that happen? Most often it's a lack of understanding and experience. Because you really do need knowledge and experience: pitfalls for the ignorant or unwary are many. To recognise the most frequent and see how to avoid them, get my free report on the most common mistakes with ISO 9001. Or the Youtube video for an animated version.
Why settle for less than a simple, practical and effective quality management system? So you can do what you do now, but even better, and use the power of ISO 9001 to get tangible improvements?
Author: Jane Bennett