The ISO 9001:2000 transition
has held center stage in the quality arena for almost three
years now. Since the middle of 2000, when the draft issue
was circulated, it has dominated the profession. And considering
that the number of ISO 9001 registrations in North America
exceeds 50,000, the attention is warranted.
There's no denying that the clock is ticking --counting
down to Dec. 15, 2003. The ultimatum: transition or expire.
Sounds dire, almost apocalyptic.
Let's all take a deep breath, pause, ignore the ticking
clock for a few minutes and take stock of the facts. It's
On Dec. 15, 2003, registrars and accreditation bodies will
cease to support ISO 9001/2/3:1994 as the recognized, approved
international standard for quality management systems.
Any company that hasn't had its system certified by a recognized
body to the revised standard, ISO 9001:2000, will have its
Companies whose customers mandate ISO 9001 registration
as a contingency for doing business with them will have
a problem if they don't transition.
So, the transition is important. However, it's equally
true that despite it's importance, many companies have had
to place their transition project in the queue of initiatives
that have languished in limbo as organizations struggle
to revitalize their particular market sectors in this troublesome
economy. Companies have legitimate reasons for diverting
resources into other endeavors; this isn't about blame or
snickering at the procrastinators. So, again, take a deep
breath, cut yourself some slack, and let's take a realistic
look at what must be done.
Simply because the transition is important (actually,
very important) doesn't mean that it's insurmountable. It
will consume time. But that doesn't make it difficult, nor
is there any reason why it should disrupt your business.
There's still time to accomplish your transition to the
ISO 9001:2000 standard. It's even possible to make it a
value-added activity that improves your quality system and
the way you do business. Instead of grudgingly viewing this
as an onerous mandate from an external authority, seize
this opportunity to overhaul your system. The benefits of
an ISO 9001:2000 transition project include:
Rejuvenation of your quality management system
Introduction of practices that will enhance communication
with your customers and your ability to serve them
A documentation structure more closely aligned to how your
Better employee understanding of how your quality system
A more efficient and meaningful ISO 9000 system
In fact, there's no reason why you shouldn't expect a
return on investment from this project. Let's look at what's
the same, what's changed and what you must do.
A lot has stayed the same. All the requirements organized
into clauses such as "contract review," "design
control," etc., are still applicable. If you take a
quick look at Annex B at the back of the ISO 9001:2000 standard,
you'll see where the requirements from the 1994 version
wound up in the revised standard.
Many companies are overwhelmed by the notion that they
must trash their system and start all over again, but nothing
could be further from the truth. Much of your ISO 9000:1994-compliant
system is fine just the way it is. You're still required
to define those activities that are needed to fulfill requirements,
implement them under appropriately controlled conditions
and provide records as evidence of fulfillment. As long
as you're in compliance with your own procedures and with
the ISO 9001 standard, you can leave those processes alone
and focus on what really must be addressed.
There is, however, one caveat: This process will be of
limited value to companies that have allowed their systems
to lapse or have permitted glaring nonconformities to go
unresolved. If you have major gaps in your system, transition
shouldn't be your main focus; you must first regain control.
However, it's possible that doing so will help you address
some of those issues and/or shed light on a process that
has received little attention and is beginning to show signs
The standard has been reformatted and renumbered. It's
now structured to more closely parallel how businesses operate.
You set up a system, provide resources, perform all the
activities that allow you to bring product to market (such
as plan, get customer specifications, design, purchase raw
materials, produce product, inspect it, identify, store
and ultimately ship it), review the results to see what
worked, decide what must be improved and act on your decision.
That's the way ISO 9001:2000 is laid out --pretty much the
way most business operation models work.
You don't need to renumber your documentation to reflect
the revised standard. The numbers have value only as they
aid you in quickly referencing the applicable ISO standard
chapter and verse. Renumbering procedures is a time-consuming
activity with little ROI.
Much has been said about the "six mandated procedures."
The standard now only makes six references to the need for
what we formally refer to as procedures. This doesn't mean
that you can get rid of all the other documents. But the
shift does acknowledge that the methods of implementing,
controlling and monitoring processes are unique to each
organization. What constitutes adequate definition and control
for a hardware distributor will substantially differ from
that of a biopharmaceutical manufacturer.
This approach is consistent with one of the general requirements
of the standard. Clause 4.1 of the revised standard clearly
directs a company to identify its processes and determine
sequence, interaction and criteria for operation and control.
In this case, the good news and the bad news are the same:
The decisions are yours. You have the freedom to document
your system so that it's meaningful to you within the framework
of the ISO 9001 standard. You even have the option (limited
to Section 7) to exclude certain requirements if you can
justify that they're not applicable to your company. In
a service industry, the need to control measuring devices
--often titled calibration --is a good example of an allowable
With the freedom to choose comes the responsibility to
give proper and conscientious consideration to the manner
in which your system is defined, provisioned, deployed,
controlled, monitored and improved. This responsibility
lies at the foundation of one of the other changes: Section
5 of ISO 9001:2000. Management involvement must be consistent
and visible. The requirements for management review have
been more explicitly outlined, and the responsibilities
of top management are more detailed. Consequently, it's
important that it contributes input into this transition
Other changes include:
A heightened requirement to ensure that customer requirements
are communicated and understood within the organization
More attention to establishing measurable objectives
The need to define the criteria for competency for training
Enhanced requirements for qualification and monitoring of
The need to define, monitor and analyze customer satisfaction
Increased need to gather and analyze data relative to product
conformity, process trends, and other applicable performance
Focus on continual improvement
There are other minor changes. Some of these are logical
outcroppings of existing good practices; for instance, 5.5.3
requires management to ensure that appropriate processes
exist for internal communication.
Although some of the changes and additions target specific
features, others permeate the entire quality system. The
process approach is the most prominent. It requires you
to structure your system as a series of processes. These
create the inputs and outputs that move you from concept
to product delivery. Once this system's logic becomes apparent,
the new version of the ISO 9000 family of standards becomes
much more user-friendly.
There's a fundamental shift in the entire focus of the
quality management system. The 1994 version of the standard
was based on 20 elements. These were unique features that
articulated a quality system's requirements, organized by
activities of similar profile. Inspection is the best example:
You had inspection of raw materials, inspection of work
in progress and final inspection to release goods for shipment.
Their connection to the proceeding or succeeding processes
wasn't defined. The value of many activities was often difficult
to perceive because their justification was obscured by
a structure of compartmentalized requirements. ISO 9001:2000
requires you to structure, define, implement, audit and
maintain your system based on the premise that no activity
is without an input. You must have a reason to do something.
Here are some examples of inputs:
A purchase order is the input that creates the need to receive
product. The criteria for receiving and accepting product
should be part of the specification on the purchasing document.
The justification for in-process inspection is based on
the determined need to evaluate product after one or more
defined manufacturing processes. Without manufacturing,
the need to do in-process inspection is moot.
The need to inspect may create the input to procure gages.
Generating a work order may be the input to purchase raw
The output of one process may be the input of the next.
Everything is an interrelated network of inputs and outputs
forming a long chain of many strands with a customer's request
for a quote at one end and a trailer-load of goods shipping
out at the other. This approach to your quality management
system must be apparent to your personnel and visible to
It's quite possible that you've already implemented some
of the requirements of ISO 9001:2000. As mentioned before,
these made such simple business sense that companies implemented
them as a matter of course. Other requirements, such as
enhanced attention to supplier performance, might have been
driven by the nature of companies' particular industries.
There isn't one cookie-cutter kit of what must be done.
It will vary for every company precisely because this new
version endorses a system that best meets an individual
company's needs. However, there are some general guidelines
you can follow.
Start with a methodical approach to determine what processes
are currently compliant and which need some work. Culling
the vital few will streamline the process and dispel most
of the confusion. Use the appendices at the back of the
ISO standards to help you. I've used the very basic device
of simply spreading all the current procedures out on a
large conference table and then matching them against the
requirements of the revision. If the procedure complies
with ISO 9001:2000, it goes in the "done" pile.
Any requirement left over for which the company doesn't
have a document or a controlled process goes into the "to
do" pile. That defines the scope of your transition
Ensure that key people understand the process approach.
This will increase the odds that additions and revisions
to the system are meaningful and compliant with the intent
of the new standard.
Gather all your data and conduct a management review.
The output from the review should result in:
Measurable objectives for enhanced monitoring and analysis
Increased awareness of top management's role in the quality
Consensus on decisions relative to formatting documentation
and control processes
Assigned action items directly related to the transition
shared among several stakeholders
Try not to protract the transition process. You will diffuse
the focus and end up wasting time. Implement the changes
that you must make incrementally. And don't wait to approve
all the changes all at once; use the current good practices
you have in place relative to controlling document change
and training on new procedures.
Remember that this is your system. It must work for you.
It's not too late. There's still time, and it's worth
the effort. Given adequate attention, your ISO 9001 transition
can be a beneficial and value-added experience for your
Denise E. Robitaille is a consultant, writer and trainer.
She's also a lead assessor and certified quality auditor.
Much of her work involves assisting companies with implementing
and maintaining ISO 9001-compliant quality management systems.
She is the author of The Corrective Action Handbook,
The Preventive Action Handbook and The Management
Review Handbook, all available from Paton Press
Letters to the editor regarding this article can be
sent to firstname.lastname@example.org.