Preparing For ISO 9001 2000 Registration
The steps need to be taken to prepare an organization for ISO 9001 2000 registration:
Whilst the following text is not exhaustive in its content it should give you a
reasonable idea of what’s involved in setting up an ISO 9001 2000 registration within
an organization.
First and most importantly you should either purchase a
copy of the ISO 9001 2000 standard or read a copy at your local library.
At first glance many of the terms referred to in the standard sound quite confusing
but if you study the content of this web site you will soon become familiar with the
terminology used.
Now that you are a little more familiar with the ISO 9001 2000 Quality Management
Standard and its terminology you should start to analyze the current practices of your
organization to those documented within the ISO 9001 2000 standard,This process is
known as a Gap Analysis Audit. you can either carry this process out your selves or
employ a consultant to carry out the [Gap Analysis Audit]
for you.
It is very important to get this audit right as the results will be used to set the
direction of your organization on its route to full ISO 9001 2000 registration. In
short if this audit is wrong or incomplete your organization will happily steam along
in the wrong direction, wasting resources as it goes, until someone tells you otherwise.
As the gap analysis audit on your organization progresses you should Identify the processes
which are already documented, and those that are not. It will be useful to your
organization to compile a list of documents that you will need for the Quality Management
System.
It is important to remember that just because a process is documented does not
necessarily mean it is compliant with the requirements of the ISO 9001 2000 standard.
Almost certainly your organization will have to tweak existing processes and or
instigate new ones in order to comply with the ISO 9001 2000 standard.
For this purpose you may decide to bring together a team of employees and have them
review the processes and suggest improvements which will make the process compliant
with ISO 9001 2000. Alternatively you may wish to employ an ISO 9001 2000
[Consultant] to carry out this task for you.
Whilst a [Consultant] may initially seem expensive
they will have the experience to complete the task expediently.
Now that the organizations processes and any short falls against the ISO 9001 2000
standard have been identified they have to be documented in a within a controlled
document control system. Whilst there is no definitive, prescribed method to document
an ISO 9001 2000 Quality Management System there are, as with most things, easy and
hard ways of doing this.
If you are unsure how to do this there is an [Example procedure here] or once again
you can employ a [Consultant] to complete this task
expediently.
Design and implement the Quality Management System to comply with the requirements of
ISO 9001 2000.
This will typically require:
Establishing a quality policy and measurable quality objectives.
Documenting a quality manual, describing your Quality Management System.
Documenting procedures which describe the processes in your organization.
Creating a document issue, withdrawal and re-issue of documents system.
Documenting test and inspection methods.
Documenting a corrective and preventive action process
Identification of training needs and necessary job skills.
Calibrating and controlling measuring and test equipment.
Measuring and monitoring customer satisfaction.
Measuring process, and product conformity.
Training employees on the operation of the quality management system.
Planning, conducting and following up internal Quality Management System audits.
Continual improvement of the Quality Management System.
As each process in your organization is revised, documented and implemented you need
to ensure that your employees are trained accordingly in the operation of the revised
process and that their documented [training records] are updated.
You must generate and keep [documented records] of training in accordance with your
new processes procedures.
These records will be used as evidence to prove to your [ISO assessor] that you are
operating your Quality Management System in accordance with your documented procedures
and ISO 9001 2000.
As your processes evolve you must start [Internal Quality Management System Audits]
so as to satisfy your organization that it is in fact operating in accordance with
its own documented procedures and ISO 9001 2000.
Your ISO 9001 2000 Auditor will look at the records generated by your internal audits.
ISO 9001 2000 relies on Quality Management System audits to provide assurance that
the organization is meeting the requirements of the standard.
An audit includes an inspection of the documents and records that make up your
quality system.
Most importantly it is an inspection of the way the people in the organization work
and the knowledge they have about the operation of the quality management system.
[Management Reviews] must be carried out by the top management in your organization
to ensure that your Quality Management System is working effectively and that it is
geared to produce continual improvement of your products or service.
Registration requirements vary slightly between the various certification bodies but
it is usual to have a [Pre-Assessment].
A pre-assessment is a mock audit similar in duration to a full registration audit
which your organization neither passes nor fails.
The important feature of a pre-assessment is that it will provide a full list of any
short falls between the requirements of the ISO 9001 2000 standard and your Quality
Management System.
As a senior lead auditor I would always advise an organization to opt for a
pre-assessment.
You now need to select a registration agency.
There are many registration agencies to choose from and in theory they are similar in
the services they provide chiefly because they all have to abide by the same to EN
standards, EN45011 and EN45012. In practice they offer different service levels,
response times and re-assessment periods. So my advice is to choose your
registration body very carefully.
Finally the day has arrived for your [Registration Audit]. This is where an auditor
from the chosen certification body visits your organization and carries out a
comprehensive audit of your organization.
When the auditor identifies a [discrepancy or non-conformance] between the work that
is being performed and the requirements of ISO 9001 and how you say you operate your
processes the [discrepancy or non-conformance] will be written up. There is no
specific number of non-conformances that have to be raised for your organization
to either pass or fail.
For example if only a few [minor non-conformances] are found during the registration
audit, the registration body will issue a certificate of registration to ISO 9001 2000
stating that your organization complies with the requirements of the ISO 9001 standard.
If however a [major non-conformance] is raised this results in your organisation being
told that you must correct the non-conformance(s) and re-apply for another
registration audit.
Once a certificate of registration is issued it typically expires after three years,
however some registration bodies certificates never expire.
All registration bodies typically require Quality Management System surveillance
audits of your organization at six months intervals to maintain the validity of the
certificate.
At this point, you deserve to celebrate your accomplishments!
However, once the certificate is issued you need to continue to monitor your own
Quality Management System to ensure you continue to comply with the requirements of
ISO 9001 2000.
|
|
