What is ISO 9001? ISO 9001 is the international standard for creating a Quality Management Systems (QMS), published by ISO (the International Organization for Standardization). The standard was most recently updated in 2015, and it is referred to as ISO 9001:2015. In order to be released and updated, ISO 9001 had to be agreed upon by a majority of member countries so that it would become an internationally recognized standard, which means it is accepted by a majority of countries worldwide.
What are quality management systems? An ISO 9001 definition would be that this standard provides the QMS requirements to be implemented for a company that wants to create all of the policies, processes, and procedures necessary to provide products and services that meet customer and regulatory needs and improve customer satisfaction. Quality management systems are the foundation of quality assurance activities.
As stated above, ISO 9001:2015 is an internationally recognized standard for creating, implementing, and maintaining a Quality Management System for a company. It is intended to be used by organizations of any size or industry, and it can be used by any company. As an international standard, it is recognized as the basis for any company to create a system to ensure customer satisfaction and improvement and, as such, many corporations require this certification from their suppliers.
ISO 9001 certification provides your customers reassurance that you have established a Quality Management System based on the seven quality management principles of ISO 9001. To learn more about the quality management principles behind the ISO 9001 standard, take a look at this article: Seven Quality Management Principles behind ISO 9001 requirements.
In fact, ISO 9001 is such an essential and influential standard that it is used as the basis when industry groups want to create their own industry standards; this includes AS9100 for the aerospace industry, ISO 13485 for the medical devices industry, and AITF 16949 for the automotive industry.
A survey of ISO 9001 certification at the end of 2017 shows that, in spite of the global recession, the number of companies that have implemented the ISO 9001 quality management standard still remains stable worldwide. Below are the results over the previous six-year period.
Data taken from 2017 ISO Survey
The current revision of the standard is ISO 9001:2015. The ISO 9001 2015 standard, sometimes called ISO 9001 revision 2015, was released in October 2015 and replaced the previous revision ISO 9001:2008. This updated revision includes many of the processes from the previous revision of the standard, with a greater focus on risk-based thinking and understanding the context of the organization. To support this change, there was a major structural change from the ISO 9001:2008 standard – the main clauses of the standard are different between the 2015 and 2008 revisions.
To find out more about the changes, see this article: Infographic: ISO 9001:2015 vs. 2008 revision – What has changed?
ISO 9001:2008 is the revision of the ISO 9001 standard that was withdrawn in 2015. ISO 9001:2008 was based on its predecessor, ISO 9001:2000, with some minor additions. ISO 9001:2000 was the first revision of the ISO 9001 standard to be based on the seven quality management principles identified above that made the standard requirements about everything a company does to create products and services. Revisions of ISO 9001 before the ISO 9001:2000 revision (ISO 9001:1987 & ISO 9001 1994) were based more on writing and following 20 specific procedures, rather than understanding the processes of the organization.
While ISO 9001:2015 is the current ISO standard for creating a Quality Management System, there are other documents in the ISO 9000 family that support the ISO 9001 requirements. ISO 9000 explains the seven quality management principles behind ISO 9001, and defines all of the terms used within the ISO 9001 standard. Additionally, ISO 9004 provides guidance on making an ISO 9001 Quality Management System more successful and focuses on how to improve the implemented ISO 9001 processes by giving some best practice information.
With all of this talk about ISO standards, it is common to wonder what ISO is all about. The International Organization for Standardization (referred to as ISO, as this is the Greek word for “the same”) is an international organization that creates standard sets of requirements and guidelines to help organizations around the world to act in a more consistent manner. The ISO organization develops, publishes, and maintains more than 22,450 standards through technical committees that include members from all over the world. These standards provide information on how to design and build products, perform specific testing, and create management systems.
It is important to note that the ISO does not provide certification or conformity auditing or assessment. The ISO is strictly involved in the maintenance of the standards, and it leaves the assessment of companies against the standards to external certification bodies.
The structure of the ISO 9001:2015 standard is split into 10 sections (clauses). The first three are introductory, while the last seven contain the requirements for the Quality Management System against which a company can be certified. Here is what the seven main clauses are about:
Clause 4: Context of the organization – This section talks about requirements for understanding your organization in order to implement a QMS. It includes the requirements for identifying internal and external issues, identifying interested parties and their expectations, defining the scope of the QMS, and identifying your processes and how they interact. Expectations of interested parties include regulatory requirements as well.
Clause 5: Leadership – The leadership requirements cover the need for top management to be instrumental in the implementation of the QMS. Top management needs to demonstrate commitment to the QMS by ensuring customer focus, defining and communicating the quality policy, and assigning roles and responsibilities throughout the organization.
Clause 6: Planning – Top management must also plan for the ongoing function of the QMS. Risks and opportunities of the QMS in the organization need to be assessed, and quality objectives for improvement need to be identified and plans made to accomplish these objectives.
Clause 7: Support – The support section deals with the management of all resources for the QMS, covering the necessity to control all resources, including human resources, buildings and infrastructure, the working environment, monitoring and measurement resources, and organizational knowledge. The section also includes requirements around competence, awareness, communication, and controlling documented information (the documents and records required for your processes).
Clause 8: Operation – The operation requirements deal with all aspects of the planning and creation of the product or service. This section includes requirements on planning, product requirements review, design, controlling external providers, creating and releasing the product or service, and controlling nonconforming process outputs.
Clause 9: Performance evaluation – This section includes the requirements needed to make sure that you can monitor whether your QMS is functioning well. It includes monitoring and measuring your processes, assessing customer satisfaction, internal audits, and ongoing management review of the QMS.
Clause 10: Improvement – This last section includes the requirements needed to make your QMS better over time. This includes the need to assess process nonconformity and taking corrective actions for processes.
These sections are based on the Plan-Do-Check-Act cycle, which uses these elements to implement change within the processes of the organization in order to drive and maintain improvements within the processes.
To see detailed requirements of the standard, download this free white paper: Clause-by-clause explanation of ISO 9001 (PDF).
The Quality Management System, which is often referred to as a QMS, is a collection of policies, processes, documented procedures, and records. This collection of documentation defines the set of internal rules that will govern how your company creates and delivers your product or service to your customers. The QMS must be tailored to the needs of your company and the product or service you provide, but the ISO 9001 standard provides a set of guidelines to help make sure that you do not miss any important elements that a QMS needs to be successful.
Starting with management support and identifying the customer requirements for the QMS, you will need to start with defining your quality policy and quality objectives, which together define the overall scope and implementation of the Quality Management System. Along with these, you will need to create the mandatory and additional processes and procedures necessary for your organization to properly create and deliver your product or service. There are six mandatory documents that need to be included, and others to be added as the company finds them necessary. For a good explanation on this, take a look at this white paper on List of Mandatory Documentation Required by ISO 9001:2015.
This creation of documents can be done internally by your employees, or you can get help through hiring a consultant or purchasing standard documentation.
Once all of the processes and procedures are in place, you will need to operate the QMS for a period of time. By doing this, you will be able to collect the records necessary to go to the next steps: to audit and review your system and get certified.
Download this free material to see the steps in the implementation: ISO 9001:2015 Implementation Diagram.
QMS certification, also referred to as ISO 9001 certification, refers to certification of a company’s Quality Management System against the ISO 9001 requirements. ISO 9001 certification for your company involves implementing a QMS based on the ISO 9001 requirements, and then hiring a recognized certification body to audit and approve your QMS as meeting the requirements of the ISO 9001 standard. Once your organization is ISO 9001 certified, you will get the certificate with ISO 9001 logo that you can use to advertise that your company has met all of the ISO 9001 requirements.
Download this free white paper to learn more: What to expect at the ISO certification audit: What the auditor can and cannot do.
ISO 9001 certification can also refer to the certification of individuals. Individuals can obtain the certificate after attending some of these courses and passing the exam: ISO 9001 Lead Auditor Course, ISO 9001 Lead Implementer Course, ISO 9001 Internal Auditor Course, and ISO 9001 Foundations Course.
ISO certification of the QMS according to the ISO 9001 2015 standard is very often a customer requirement for its supplier, but the standard itself does not require a certification. When the customer requires the certification, it is not acceptable only to implement the ISO 9001 requirements and claim conformance to them; you need also to undergo the certification process and have certification body auditors confirm that your processes meet all requirements. Companies also go for the certification because they find a benefit in being able to demonstrate to interested parties that an independent party has confirmed their QMS.
ISO certification 9001 for individuals is also not a requirement of the standard, but ISO 9001 training and certification is the best method to obtain knowledge and competence about this standard.
ISO 9001 certification costs will differ from company to company. Every company is different; for instance, some include the design and development process and some don’t, and the amount of effort needed to implement the necessary processes to meet the requirements (and the costs associated with this) will vary. Likewise, the cost of having the certification auditors come in will be different depending on the complexity of your processes and the number of employees involved. Some of the main categories of cost that you will need to consider include learning about ISO 9001, external help, cost of employee time, certification costs, and, finally, the costs to maintain your QMS.
Since one of the biggest costs could be the cost of certification, it is best to contact several certification bodies to get a quote on how much they will charge. The certification body can also help you to identify what requirements are not yet met, the gaps; you can then determine the cost to close these gaps by changing or implementing processes.
You can find out more in this article: How much does the ISO 9001 implementation cost?
For the company QMS to be certified, you need to first finish the implementation. After finishing all your documentation and implementing your processes, your organization also needs to perform these steps to ensure a successful certification:
Internal audit – The internal audit is in place for you to check your QMS processes. The goal is to ensure that records are in place to confirm compliance of the processes and to find problems and weaknesses that would otherwise stay hidden.
Management review – A formal review by your management to evaluate the relevant facts about the management system processes in order to make appropriate decisions and assign resources.
Corrective actions – Following the internal audit and management review, you need to correct the root cause of any identified problems and document how they were resolved.
The company certification process is divided into two stages:
Stage One (documentation review) – The auditors from your chosen certification body will check to ensure your documentation meets the requirements of ISO 9001.
Stage Two (main audit) – Here, the certification body auditors will check whether your actual activities are compliant with both ISO 9001 and your own documentation by reviewing documents, records, and company practices.
For an individual to become ISO certified, you need to take the appropriate ISO 9001 training, and pass any applicable ISO certification exams that accompany it.
Although ISO 9001 certification is a requirement of many customer contracts, it is not a legal requirement to implement the ISO 9001 standard. In fact, there are many other standards for implementing a Quality Management System. Many of these other standards are based on the ISO 9001 2015 standards (such as AS9100 and IATF 16949), while others have complementary but separate requirements (such as the Malcolm Baldridge National Quality Award in North America).
The benefits of ISO 9001 cannot be overstated; companies large and small have used this standard to great effect, securing cost savings and additional revenue. Here are just a few of these benefits:
Improve your image and credibility – When customers see that you are certified by a recognized certification body, they will understand that you have implemented a system that is focused on meeting customer requirements and improvement. This improves their trust that you will deliver what you have promised, and it will get you new clients.
Improve customer satisfaction – One of the key principles of the ISO 9001 QMS is the focus on improving customer satisfaction by identifying and meeting customer requirements and needs. By improving satisfaction, you improve repeat customer business.
Fully integrated processes – By using the process approach of ISO 9001, you not only look at the individual processes in your organization, but also at the interactions of those processes. By doing this, you can more easily find areas for improvement and resource savings within your organization.
Use evidence-based decision making – Ensuring that you are making decisions based on good evidence is a key to the success of an ISO 9001 QMS. By ensuring that your decisions are based on good evidence, you can better target resources to the best effect to correct problems and improve your organizational efficiency and effectiveness.
Create a culture of continual improvement – With continual improvement as the main output of the QMS, you can attain ever-increasing gains in savings of time, money, and other resources. By making this the culture of your company, you can focus your workforce on improving the processes they are directly responsible for.
Engage your people – Who better than the people working within a process to help find the best solutions for improving that process? By focusing your workforce on not only managing, but also improving the processes, they will be more engaged in the outcome of the organization.
Here you can learn how to make your investment in ISO 9001 profitable, and here you can learn how to achieve organizational excellence with ISO 9001.