ISO 9001 - The Evolution of a Certification

A PDF copy of our Insight Auditing brochure.

ISO 9001 was founded in 1987 as an internationally-accepted quality management certification system to define, identify and confirm quality benchmarks within organizations. But since then it has become much more. Today, ISO 9001 is helping thousands of companies worldwide manage their processes to become more efficient and cost-effective.

Progressive companies are finding the ISO 9001 process can offer real strategic value, especially if it is aligned with corporate goals and objectives. For these companies, the ISO 9001 auditing process is more than running down a checklist-it is a true business asset. To apply this model successfully, you need to work with a certifying organization that understands your business and mirrors your commitment to quality and continual improvement.

TÜV's Insight Auditing®
As the ISO 9001 auditing process has evolved over the years, so has TÜV. We've taken the process to new heights with Insight Auditing. It's more than a process, it's an attitude. Our auditors are experienced, well-trained and insightful. But above all, they're passionate about their work. They come to your facility with a fresh eye and out-of-the-box thinking. They take the time to listen to you and understand your business-so they can add value beyond the auditing process. TÜV auditors strive to work as business partners with you. At each engagement we "read between the lines" of the audit to uncover observations that can lead to increased efficiency, reduced costs and increased speed to market.

Quick History of ISO 9001
The International Organization for Standardization (ISO) was founded 1946. Based in Geneva, Switzerland, it created the first international standards for manufacturing, trade and communications. ISO 9001 was initially published in 1987 and specifies, in broad terms, the
necessary components of a quality management system and, in detail, the basic requirements of the quality function for all industries.

Today, more than 90 countries are members, with the U.S. representative being the American National Standards Institute (ANSI). There are over 700,000 ISO 9001 certified companies around the world (including more than 50,000 in North America), all demonstrating a commitment to continual improvement in quality.

The most recent change to the ISO 9001 standard is ISO 9001:2000. This new standard is now in place and includes improvements in three key areas:

• Creating a common structure based upon a process model.
• Creating a method to demonstrate continual improvement and customer
  satisfaction.
• Developing metrics to determine how effectively internal processes are working
  with a focus on improving results.

ISO 9001 will continue to evolve to meet the needs of an ever-changing marketplace and to insure adherence to quality standards. In fact, TÜV experts are part of the ISO Technical Subcommittee working on the development of the next ISO Standard.

Building Strong Partnerships Through ISO 9001
Compliance with ISO 9001 demonstrates to other companies that you take quality and customer satisfaction seriously. Companies with a similar philosophy will know you share their commitment.

Many companies, both in the US and abroad, insist suppliers have a certified quality system in place as a condition of doing business. This requires suppliers to use sub-suppliers to comply with quality standards to ensure quality throughout the supply chain.

A company with ISO 9001 certification has a competitive edge over nonqualified companies. Any company can make claims about quality; ISO 9001 certified companies have proof of their commitment to quality and continuous improvement. Who would you rather build a business partnership with?

Insight Auditing Increases The Many Benefits of ISO 9001 Certification
The difference in ISO auditing is found when the chemistry between your ISO auditors and staff creates a bond that becomes more than the sum of its parts. Not only are problems solved and opportunities uncovered, there is added value extending to areas you may not expect. Implementing our Insight Auditing process within the context of an ISO 9001 certification can also verify your organization's quality process is aligned with your business strategy. This alignment is critical to ensure your organization functions smoothly and processes complement the company's overall mission and vision.

The initiation of ISO certification may have started because of troubles conducting business internationally or from certification demands from a customer. Once the spirit of quality management and continual improvement is embraced, organizations experience a wide range of unexpected benefits beyond certification and extending throughout their organizations.

• Improved customer satisfaction.
• Increased profits.
• Enhanced marketplace recognition.
• Break down of internal organizational boundaries as staff from different functions and levels work together.
• Increased productivity as the correct data, equipment, tools and documentation are integrated into the total process.
• Decreased operating costs due to fewer problems and reduced rework…not to mention fewer returns and lower after-sales support costs.
• Increased employee responsiveness to customer needs and requirements…focus on driving continual improvement.
• Elevated confidence among sales force as quality improves.
• Improved employee understanding of how ISO efforts, quality management systems and your business strategy are aligned for organizational improvement.
  

Realize Maximum Value From ISO 9001 With TÜV
Implementing ISO 9001 focuses on establishing the quality mission, policies and procedures that form the foundation of an effective and quantifiable quality management system.

Achieving certification can seem a bit overwhelming. Like most larger-scale initiatives, there are a number of steps to take prior to the certification to minimize cost, reduce risk of failure and maximize value.

STEP 1 - MANAGEMENT COMMITMENT
A commitment from senior-level management must be a driving force in this critical initiative. Again, this is not simply running down a checklist, this is a commitment to the culture of quality. Employees must understand and embrace the corporate vision. Management must reinforce and demonstrate their commitment by providing necessary resources and on-going support for the process.

Now is the time to make sure the ISO 9001 initiative is aligned with corporate goals and strategy. Establishing clear and quantifiable business objectives will help keep the process on track and people focused on the appropriate goals. As part of our Insight Auditing approach, we also audit how your business strategy is integrated into your operational processes.

Commitment also involves assigning responsibility and authority for quality initiatives, planning, problem identification, solution implementation and control. One person should have ultimate responsibility for the project. The ISO 9001 "management representative" must report directly to top management.

STEP 2 - PLANNING (NO ONE PLANS TO FAIL, BUT SOMETIMES WE FAIL TO PLAN)
Planning is the second step to certification. In addition to selecting an ISO 9001 management representative, you need to appoint a task force to champion the development and implementation process. The members should have knowledge of ISO 9001 and program management experience. Senior management should either be a part of this task force or provide very visible support. Not only does this help from an operational level, it also ensures the process stays on track with the strategic business goals of your company.

The task force is responsible for creating the implementation plan. This includes roles, responsibilities, deliverables, time lines and budget. The implementation time line should include:

• Building a project support team that includes all applicable departments.
• Documenting the initial tactics to help reach quality process goals.
• Creating a general training program to educate all workers about the new quality initiative.
• Establishing internal auditor training.
• Reviewing and implementing new process documentation.
• Scheduling internal self assessments.

News about change can be disturbing to uninformed employees. Keep the lines of communication open about your ISO 9001 activities. You need to help employees understand the value of this effort. They need to hear this from all levels of your organization.

STEP 3 - DOCUMENTATION
If you've been in business for a long time, you probably have a lot of documentation. Chances are much of it is uncontrolled, inadequate or even obsolete. If you're a start-up you probably don't have much documentation. In either case, ISO 9001 documentation standards are very clear. This is an area that requires attention to detail, commitment to effective implementation and to maintenance.

One good way to start this process is to separate your documentation into tiers, with each tier representing a different level of detail.

Tier One: Quality Manual. Required by ISO 9001, this manual identifies the strategies and policies of your organization and relates, on a macro-level scale, how your organization will address the requirements of the standard, and answers the question, "Why does your business do what it does?"

Tier Two: Processes and Procedures. Next, your organization will need to identify the processes under which your company operates. Often, these processes can be separated into two groups: "key" processes (sometimes referred to as "customer-oriented" processes) and, support processes (e.g., organizational processes supporting key processes such as human resources, training, preventive maintenance, document and data control, etc.). Some processes, depending upon their criticality to your organization or whether they are addressing specific requirements of ISO 9001:2000, may have to be documented in a formal procedure. Other processes simply may be described in the Quality Manual with sufficient detail to ensure the process is capable of being understood and effectively implemented. Either way, processes and procedures should detail such aspects as what should be done, when and where it will be done and who will do it?

Tier Three: Work Instructions. Work instructions provide details on how specific tasks or operations, as identified in Tier 2 Processes and Procedures, are to be performed. The need for work instructions can be based upon the complexity and / or criticality of the task at hand and the qualification and competency of the workforce.

Tier Four: Quality Records. To some extent, your organization will have to add a fourth tier to include forms, charts, illustrations or checklists used on a daily basis. These documents are generically referred to as Quality Records as they demonstrate evidence of activities performed or results achieved.

Organizational processes and documented procedures are a critical part of an ISO 9001 quality management system. They define the correct and proper operation of a company from a quality perspective and are applicable to all operations within your organization, to include product development, service provision, production and delivery systems. An independent ISO 9001 Registrar (quality auditing organization) verifies that processes and procedures are followed and, that the quality management system is effective in achieving your organizations' objectives.

It may appear that ISO 9001 generates a huge amount of documentation, however, many companies find that it actually reduces their dependence on paper. As not all processes are required to be documented in procedure form, and the determination of the need for documented procedures and work instructions is based upon many different factors, processes may also be "documented" in the form of flowcharts, visual aids, data bases, and other media forms.

Finding Outside Help For Your ISO 9001 Audit
If you're ready to start the process, there is plenty of support available to you. ISO 9001 seminars are available from TÜV America and other organizations. These will give you a better appreciation of the ISO 9001 process and how it can help your company.

There is a tremendous difference between reading the ISO 9001 requirements and knowing how to establish and implement the systems that meet the requirements. Consultants can offer a variety of assistance on ISO 9001 quality awareness training, system evaluation, documentation writing/review and internal auditor training.

One sign of an experienced consultant is someone who actively engages all appropriate levels of personnel in the process. Experience within your marketplace, specific international knowledge and the right "chemistry" are other considerations.

Using a consultant will increase your cost. However, the guidance and experience of the consultant may reduce the time it takes for you to achieve your ISO 9001 certification.

Registrars (like TÜV America and TÜV Canada) are not allowed to consult. We cannot advise you on how to solve a problem. We do highlight where problems exist. The strict separation of auditing and consulting is a fundamental ethical requirement of all ISO 9001 Registrars.

Selecting the right Registrar for your situation is critical. Cutting corners at this stage could jeopardize your entire quality initiative. You need to find a Registrar that will work with you as a partner, take the time to learn your organization's needs within the context of your ISO 9001 effort and reflect your passion for quality.

Insight Auditing® from TÜV
ISO 9001 is strict and exacting. It should be more than a checklist of what is done or not done to requirements. Used properly, it can be empowering and dynamic, providing information that can help drive organizational improvements. Over the years, TÜV has refined its approach helping companies maximize the value of ISO 9001 certification. Our auditors are trained to think outside-the-box to maximize the value of the ISO 9001 certification process. We call this the IDEAL Process.

The four phases of this process include:

PHASE 1 - INFORMATION GATHERING
The process begins with an informational meeting between your company and the TÜV team. We summarize our role and explain the auditing process.

Most importantly, we listen. We listen to understand your business goals and strategies so we can help you develop a quality initiative that can best support your organization now and into the future.

During this meeting we'll answer any questions about our services and explore how we should work together as a team. You will also have the opportunity to talk with an auditor. Team chemistry is an important part of any audit. We want to set the foundation for a lasting relationship. During our initial series of information meetings we will identify any specific issues that need to be resolved prior to the actual audit.

One important consideration in the information phase is the opportunity for a pre-audit. It is not a formal requirement for certification. A pre-audit is a high level evaluation indicating where your company currently stands in compliance with ISO 9001. If you are new to ISO 9001, this will help educate your management and staff on what is about to occur. You'll become more familiar with our auditors and our Insight Auditing approach and we'll learn more about the processes within your company. Your auditor will point out any areas of concern. Addressing issues at this point reduces risk of nonconformance during the actual audit. This early observation can be immediately implemented into your management system, so you can benefit from our insights before the actual audit even starts.

PHASE 2 - DISCOVERY EVALUATION
Most Registrars call this phase "documentation review," performing a quality manual review prior to the audit. At TÜV America, we conduct a more thorough "discovery evaluation" of your documentation. Over the years we've found many audit nonconformances result from documentation problems and the procedures relating to documentation. So we've added a process to help your team at this stage. We review the quality manual and the supporting procedures. Most auditors only review the quality manual. We can discover a significant amount of documentation-related problems at this stage. In some cases we make 10-20 observations during this review. You can use the supplied report to make any necessary changes before the audit. This saves time, money and reduces the stress surrounding the audit.

In addition, TÜV reviews your organizational profile, which is an outline of your organization's operating environment. This profile includes a description of your organization, customer and market requirements, supplier and partnering relationships, competitive situation and strategic context of your operations. This review allows our audit team to better understand your business before we come to your site, so our Insight Auditing can begin long before we audit your facility.

During the entire discovery evaluation process the audit plan is being developed. Our auditors gather all pre-audit and relevant data and construct more than a checklist. The Insight Auditing approach to creating the audit plan is designed to reflect your company's audit priorities and help align your overall business goals/objectives with the quality initiative.

PHASE 3 - AUDIT
After all the planning and preparation comes the actual audit.

The length of the audit depends on the size of the business. A small business may be audited by a single auditor in one day. A large organization may require a team of auditors working over several days. If a number of facilities perform identical tasks, we use sampling techniques to minimize the number of locations visited. Audits are typically performed by:

• Touring your facility and observing ongoing operations.
• Interviewing employees working at various levels in your organization.
• Reviewing documentation and evaluating quality records.

The audit team collects evidence that your company has implemented a quality management system in compliance with the ISO 9001 standard and that your practices match the descriptions captured in your quality documentation.

TÜV's Insight Auditing process then takes it one step further. The quality management system is then evaluated against your business objectives, strategies and vision statement. All must be aligned to ensure overall success and continuous improvement.

During the auditing process our auditors will probably ask a number of intriguing questions. During the closing meeting you'll see the value of these questions and Insight Auditing. Our auditors are sensitive to the needs of your business and the integrity of the ISO 9001 process. In addition to the ISO requirements, we'll also present a series of observations. We can't consult but we can point out areas for improvement. Our auditors are trained to look beyond the numbers and uncover findings you can use to increase efficiency, process effectiveness and quality. This is what Insight Auditing is all about.

A closing meeting is conducted at the audit's completion and all identified problems are reviewed. The audit team will also share its recommendation regarding your certification. If all goes well, your company will be recommended for certification and issued an ISO 9001 certificate. If nonconformances are identified, the audit team will confer with you and agree upon the required follow-up actions. Certification is not a "pass/fail" activity. It is an eventual certainty unless you decide not to proceed or can't correct the nonconformance.

PHASE 4 - LEARNING
Following the certification audit, an auditor will return periodically (once or twice a year) for routine surveillance visits. This ensures that your management system continues to comply with ISO requirements and continuously improves.

The audit team will evaluate portions of your quality system for evidence that the system's original baselines are still being followed.

A quality system is dynamic. The audit team also looks for evidence of continual improvement. If processes or procedures change and the changes are beneficial in meeting organizational objectives that indicates your system is working well.

While this seems like the end, this is a phase that never ends.

TÜV's Insight Auditing® approach, including the IDEAL Process, is a unique combination of longer-term business strategy and shorter-term operational tactics. We don't simply monitor procedures. Using the IDEAL Process, we strive to bring findings to your attention that may directly improve your quality program. At the same time our Insight Auditing discipline continues to align your business strategy and corporate vision with your organization's operational process. We constantly keep an eye on your business so you can use your quality system to improve today and set the stage for future growth tomorrow.

Following Through on Your ISO 9001 Certification
ISO 9001 certification is the first step in a never-ending journey toward continuous improvement. Now you have the foundation to integrate your quality process into your company's overall business plan. You can also use this certification as springboard toward more advanced high-performance business models such as Six Sigma or the Malcolm Baldrige National Quality Program Criteria.

So where do you begin? Contact TÜV today. We'll show you how to get started on the road to ISO 9001 certification and how our Insight Auditing approach can bring your quality management system to a new level of effectiveness.

For more information, contact us.