What is ISO?

Posted on April 11, 2012 by

I am frequently asked this question.  Clients want to know what it stands for and more about it?

The prefix “ISO” is from the Greek term meaning “Equal or Same.”   You will recall terms like Isosceles triangle (2 equal sides), or isothermal (same temperature), or isobaric (same pressure). The worldwide standards organization which is actually named the International Organization for Standardization (and NOT the International Standards Organization) uses this term “ISO” in front of many different standard.  But many people refer to the organization as ISO and it is also their logo.  So you are not wrong to call the organization ISO !  After all, the purpose of the organization is to spread equal standards such is ISO 9001.  However, there are many other standards supported by the ISO.

The current ISO we know today was re-organized right after WWII.  It was disbanded during WWII.  Prior to that it had roots going back into the 1920′s.  Standards have greatly improved our quality of life.  If you have ever traveled internationally, you have most likely experienced the inconvenience of NON-standardized electricity.  That is why you need a converter.

The popular ISO 9001 standard is just one category of standards.  If you want to have a little mental vacation, do a web search and go to the “International Organization for Standardization” and  look at some of the different types of standards available.   You will find standards on: Ship Building, Electrical Engineering, Mining, Mathematics, Railways, etc.

It is not just about quality.  Quality is just a small part of all of what the ISO oversees.  In fact, the ISO 9000 series did not exist before about 1986.

What BSI Says

Posted on September 17, 2011 by

Again I recently sat down with another Registrar to ask some typical questions that a company would ask.

Over a late lunch with Jason deBerardinis of BSI (British Standards Institute):

What recent changes have you seen in the registrar world?

More and more, small companies are needing certification to compete in their industrys.

What are the biggest challenges facing registrars today?

Making potential clients understand that there is a differnece in Accredited and NON-accredited registrars.

What are the biggest opportunities facing registrars today?

Again, Providing high value certification to smaller companies so they can compete in their industrys.

Why should a company choose BSI as a registrar?

One of the largest; worldwide recognition; global experience; local knowledge; available training; small business pricing; most auditors are BSI employees

How long does the entire certification process take?

60 to 90 days

What other factors should be considered before selecting a registrar?

Availability of auditors; plus the continuing education of the auditors

Where can we go for help to design, develop and implement our system?

In addition to BSI training, get help from a company like Frontline Resources.

 

ISO 9001 Registrar Interview with Bureau Veritas

Posted on September 4, 2011 by

I recently sat down with Greg Gordillo of Bureau Veritas, one of the leading registrars to ask a few questions about the registration world.

[As you know, registrars do not consult, but they can provide training and of course certification]

1. What recent changes have you seen in the registrar world?

Customized solutions – meaning customers wanting audits designed for special purposes within their own organization or for auditing their suppliers.

2. What are the biggest challenges facing registrars today?

Getting companies to understand that it is more than just a certificate on the wall.  It is the benefit of improving your business.

3. What are the biggest opportuniites facing registrars today?

Helping client companies certify to environmental based standards such as ISO 50,001 [Energy Management] for big companies using lots of energy.

4. Why should a company select you (BV) as a registrar?

Value – Competitive pricing while offering a world class widely recognized certification.

5. How long does the entire certification process take with a registrar?

It depends on the standard of course.  Once a company has signed an agreement, normally from 2 – 6 months.

6. What other factors should be considered before selecting a registrar?

National and International recognition of the certification is very important.  Also, you should ask if this registrar can help with your future desire to achieve other certifications.

7. Where can I go for help designing and implementing our quality system?

You can attend training offered by an Accredited Certification Body (such as BV) or of course select a consultant in the industry.

 

ISO 9001 Statutory and Regulatory Requirements

Posted on August 14, 2011 by

This video explains the difference in Statutory and Regulatory Requirements as stated in ISO 9001:2008 and other industry requirements.

Statutory and Regulatory requirements are the laws and regulations enforced by governments (International, Federal, State and Local Governments).  There is no mystery here, you already know about these, as they relate to your business.

The other class of requirements that create confusion are the contractual requirements that you “agree” to follow (in contracts and purchase orders) with your customers such as API (the American Petroleum Institute) and ASME (the American Society of Mechanical Engineers) Standards.  These industry standard are not law, but very important standards that exist as best practices.

Documents of External Origin ISO 9001

Posted on August 3, 2011 by

This concept of “Documents of External Origin” usually frustrates clients.  They first worry that every brochure and binder ever dropped off by a sales rep. has to be controlled as a document of external origin.  Though these were created externally, most are just kept for reference only.  It is best to have these in a separate area designated as reference only.

Documents of External Origin are those important documents needed to operate your quality system, but they were created externally.  These could be ASME Codes, ASTM Standards, API Requirements, etc.  I certified a Crash Test Company and they had to control all the testing specs from customers like Ford, Nissan, etc.

One of my clients used a diamond rating guide for how the cut diamonds were evaluated to an industry standard.  This guidance document was created by someone like DeBeers and the client used it.  It was controlled as a document of external origin – and yes it had a revision date.

Also, you do not have to make sure that you always have the latest version.  You have to make sure you have the appropriate version.  I had one client that used an older API Spec, because it was dictated by their customer in the purchasing agreement.

What has been your experience?

ISO 9000 Documentation Requirements

Posted on July 31, 2011 by

The video link is a less than 3 minute lesson on “How much documentation is enough documentation for ISO 9001 Certification?”

The key lesson here is that beyond the Quality Manual and the 6 minimum procedures required by ISO, the additional documentation is up to you.  The catch phrase is “Documentation comes down to meet what training and qualifications come up to.”  In other words, design your documentation to the needs of the qualified employee who will be doing the job.  Procedures are okay, but most employees will reference procedures only when they first start a job.

A better way can be to use flowcharts and other visuals along with the blank forms that are filled out for each task.

Keep it simple, keep it clear.

 

ISO 9001 Responsibilities and Authorities

Posted on July 27, 2011 by

ISO 9001:2008 Section 5.5.1 says

Top Management shall ensure that responsibilities and authorities are defined and communicated within the organization.”

In concept, this is a relatively easy clause.  It is basically, who does what?  And then let everybody know.

For most companies, this starts with an organization chart (though not required), then we have a list of people to match each of the positions (and don’t forget a column for the backup person, for when the primary is on vacation).  Then we progress on to position descriptions or job descriptions, of some kind, for each position (though not specifically required).  These responsibilities can be defined in other places too, like procedures, work instructions, process flowcharts, quality plans, etc. (the method is up to you).

Also, lots of client companies say, “Around here, many of us wear several hats.”  This is okay, just define each “hat” and who is wearing these hats.

Careful: This is where it can get a little complex.  The responsibilities and authorities can be different for any ONE position.  In its most basic: Responsibility is what I have to do plus I can get in trouble if I don’t do it.  Authority is what I have permission to do from top management.  [Example: As a machinist, you are responsible for inspecting all parts arriving at your station.  However, if you find an out of spec. part, you might not have the authority to scrap it or fix it.  You are instructed to call the Quality Manager for that decision.]  If the responsibility and authority is different, one easy way is to define the difference, is in the position description.

Now don’t forget, top management has to ensure that these responsibilities and authorities get communicated !

Do you have any other ideas to share on this topic?

New Blog!

Posted on July 22, 2011 by

We’ve turned the old HoustonISO9000.com website into a blog so that we may bring you more information, videos, ebooks and more.

Stay tuned as we add more.

Thank you for visiting,

John Graham