3.3.4 International Organisation for Standardisation (ISO)

Introduction to ISO

The ISO 9000 series is a family of quality management and quality assurance standards developed by the International Organisation for Standardisation. It comprises of 17 different standards. Out of these 17 standards, only the ISO 9001, ISO 9002 and ISO 9003 are quotable standards, i.e., can be audited against. The others are guidelines only. ISO 9002 and ISO 9003 are sub-sets of ISO 9001. Most of the registered firms are registered under ISO 9001 or ISO 9002. Therefore, ISO 9001:1994 will be used as the framework for quality management system in TQMEX, together with ISO 9004-4:1993 as a guideline.

ISO 9001 is the Quality systems -- Model for quality assurance in design, development, production, installation and servicing. It is the most comprehensive model of quality systems offered by ISO.

As quoted from the Scope of the ISO 9001:1994, this International Standard specifies quality system requirements for use where a supplier's capability to design and supply conforming product needs to be demonstrated. The requirements specified are aimed primarily at achieving customer satisfaction by preventing nonconformity at all stages from design through to servicing. This International Standard is applicable in situations when

  1. design is required and the product requirements are stated principally in performance terms, or they need to be established; and
  2. confidence in product conformance can be attained by adequate demonstration of a supplier's capabilities in design, development, production, installation and servicing.
ISO 9004-4:1993 is the Quality management and quality system elements -- Part 4: Guidelines for quality improvement. It gives suggestions for effective quality management, helps organisations in building their quality systems, so that they can develop quality improvement practices for TQM.

ISO 9000 can minimise misinterpretation of requirements [Migliore, 1992]

back to content page

Why is ISO Useful?

Irvine [1991] points out that many companies are now seeking registration to quality standard ISO 9000 to demonstrate that they are in control of their business, and have proved it to a certification body. ISO 9000 registration is a good way of measuring progress and monitoring maintenance of the standard. It brings marketing benefits, but should be regarded as the beginning of a continuous improvement process rather than the end.

The EC Council Resolution on a global approach to conformity assessment [DTI, 1990] provides three reasons why companies should implement a quality system based on ISO 9000.

Whittington [1988] in his study to assess the interest for organisations in implementing ISO 9000 and the difficulties they faced, discovered four different reasons for implementing the standard.

Failure to implement the standard for the right reason may prevent companies from gaining the potential benefits from the system. Two of the companies studied by Whittington claimed that ISO 9000 costs much money to implement and maintain, and that their product quality is no better than before the system was implemented. He also found that there was no reduction in assessment and auditing as claimed by much of the literature. Inappropriate reasons for implementing the standard, according to Whittington, are:

Besides the right reasons, the degree of commitment by top management will determine the success of the system. Top management needs to generate a conducive environment to enhance the development of the system. This can be achieved by developing a company quality policy and objectives. This will enable all the employees to work towards the same quality goal.

back to content page

How to Implement the ISO?

Implementation of ISO 9000 affects the entire organisation right from the start. If pursued with total dedication, it results in 'cultural transition' to an atmosphere of continuous improvement. How difficult is the process of implementing ISO 9000? The answer depends on:

There are 9 essential steps to be followed through in order to implement ISO 9000 successfully. Step 1: Top Management Commitment
Step 2: Establish Implementation Team
Step 3: Assess Current Quality System Status
Step 4: Create a Documented Implementation Plan
Step 5: Provide Training
Step 6: Create Documentation
Step 7: Document Control
Step 8: Monitor Progress
Step 9: Review -- Pitfalls to Effective Implementation

STEP 1: Top Management Commitment

Without Chief Executive Officer's (CEO) commitment, no quality initiative can succeed. Where does this type of top management commitment come from? Many ISO 9000 registered companies find that the commitment comes from some, if not all of the following points.

STEP 2: Establish Implementation Teams

ISO 9000 is implemented by people. The first phase of implementation calls for the commitment of top management - the CEO and perhaps a handful of other key people. The next step is to create a personnel structure to plan and oversee implementation.

The first component of this personnel structure is the Management Representative (MR). In the context of the standard, the MR is the person within the organisation who acts as interface between organisation management and the ISO 9000 registrar.

His role is, in fact, much broader than that. The MR should also act as the organisation's "quality system champion," and must be a person with:

  1. total backing from the CEO,
  2. genuine and passionate commitment to quality in general and the ISO 9000 quality system in particular,
  3. the dignity - resulting from rank, seniority, or both - to influence managers and others of all levels and functions,
  4. detailed knowledge of quality methods in general and ISO 9000 in particular.

STEP 3: Assess Current Quality System Status

ISO 9000 does not require duplication of effort, redundant systems, or make-work. The goal of ISO 9000 is to create a quality system that conforms to the standard. This does not preclude incorporating, adapting, and adding onto quality programmes already in place.

So the next step in the implementation process is to compare the organisation's existing quality programmes -- and quality system, if there is one -- with the requirements of the standard. Programme assessment can be done internally, if the knowledge level is there. Or a formal pre-assessment can be obtained from any one of a large number of ISO 9000 consulting, implementing, and registration firms.

STEP 4: Create a Documented Implementation Plan

Once the organisation has obtained a clear picture of how its quality system compares with the ISO 9000 standard, all nonconformances must be addressed with a documented implementation plan. This plan may be created by an ad hoc committee under the authority of the QSC. Usually, the plan calls for setting up procedures to make the organisation's quality system fully in compliance with the standard. Procedures which affect high-level policy elements of the quality system may be handled by the council itself, or by designated members. Others may be handed down to various QATs for development.

The implementation plan should be thorough and specific, detailing:

  1. Procedures to be developed
  2. Objective of the system
  3. Pertinent ISO 9000 section
  4. Person or team responsible
  5. Approval required
  6. Training required
  7. Resources required
  8. Estimated completion date
These elements should be organised into a detailed GANTT chart, to be reviewed and approved by the QSC. Once approved, the plan and its GANTT chart should be controlled by the MR. The chart should be reviewed and updated at each QSC meeting as the implementation process proceeds.

STEP 5: Provide Training

The ISO 9000 implementation plan will make provision for training in various functional areas of the quality system. Certain training needs will depend on the nonconformances addressed. The QATs should take responsibility for providing specific training in their respective functional areas.

Since the ISO 9000 quality system affects all areas and all personnel in the organisation, it is wise to provide basic orientation in the quality system standard to all employees. This can be a one-day programme which informs personnel about quality system in general and the ISO 9000 quality system in particular.

The training programme should emphasise the benefits that the organisation expects to realise through its ISO 9000 quality system. The programme should also stress the higher levels of participation and self-direction that the quality system renders to employees. Such a focus will go far to enlist employee support and commitment.

STEP 6: Create Documentation

As noted earlier, documentation is the most common area of non-conformance among organisations wishing to implement ISO 9000 quality systems. As one company pointed out: "When we started our implementation, we found that documentation was inadequate. Even absent, in some areas. Take calibration. Obviously it's necessary, and obviously we do it, but it wasn't being documented. Another area was inspection and testing. We inspect and test practically every item that leaves here, but our documentation was inadequate."

There is no way around it: documentation is mandatory. It is essential to the ISO 9000 registration process because it provides objective evidence of the status of the quality system. The two basic rules of ISO documentation are:

Many organisations find that their existing documentation is adequate in most respects. To bring it into full ISO conformance, they implement control procedures to ensure that documentation is available as needed and is reviewed, updated, stored, and disposed of in a planned, orderly manner.

STEP 7: Document Control

Once the necessary quality system documentation has been generated, a documented system must be created to control it. As noted in the Technical Requirements and Guidelines sections, control is simply a means of managing the creation, approval, distribution, revision, storage, and disposal of the various types of documentation. Document control systems should be as simple and as easy to operate as possible -- sufficient to meet ISO requirements and that is all.

The principle of ISO 9000 document control is that employees should have access to the documentation and records needed to fulfil their responsibilities. Ironically, direct access can often result in certain employees having less record-keeping and documentation to deal with -- and can be a cause of resistance. The organisation's quality manual is a primary example. "We got minor resistance from some major players who were used to having the quality manual, but who didn't really need to have their own copy of it," says Jim Ecklein of Augustine Medical [Johnson, 1993]. "We solved that by having a master quality manual, with references to sub-manuals for each organisation area. That way, people had what they needed, but we weren't passing quality manuals out to people who didn't really need it and wouldn't use it."

STEP 8: Monitor Progress

When the procedures have been completed and the quality system fleshed out, it is time to put the quality system into effect. In this extremely important phase, management must pay close attention to results to make sure that the elements of the quality system are logical and effective.

Effective monitoring is what makes or breaks ISO 9000 implementation. It is also the ultimate measure of how well -- or poorly -- organisation management lives up to its responsibilities, as described in the Management Responsibility section of the standard. In particular, management at all levels should watch out for gaps and assumptions in procedures and steps which are difficult, ineffective, or impractical.

Many such problems can be dealt with by the QATs. Resulting changes should, of course, be documented and approved in accordance with procedures provided for in the quality system.

Management, up to the level of the Quality Action Council, should simultaneously carry out its review function as prescribed by the standard and its own documented procedures. These activities include:

STEP 9: Review - Pitfalls to Effective Implementation

Here is a brief checklist of the most significant barriers to effective ISO 9000 quality system implementation.

  1. Lack of CEO commitment. As Lorcan Mooney says, "If senior management consists of four or five people, and two of them are not committed, over time they can be won over. But if the CEO is not committed, then in no way are you going to win in the long run."
  2. Failure to involve everyone in the process. Ownership and empowerment are the keys to effective implementation. To help employees feel like owners of their activity, make them responsible for developing and documenting their procedures.
  3. Failure to monitor progress and enforce deadlines. People in organisations have their routine work to do. If progress is not monitored, ISO 9000 can never be implemented effectively because programmes just drag on.
All three pitfalls are directly traceable to management -- or lack of it.

back to content page