by Denise E. Robitaille
It finally happened. On Dec. 16, 2003, the ISO 9000:1994
series became obsolete. The long-awaited deadline passed
with much less fanfare than the hype that preceded it.
Simply stated, the International Organization for Standardization
along with all accreditation and certification bodies have
stopped supporting ISO 9001/2/3:1994 as the approved standards
for quality management systems. ISO 9001:2000 has replaced
them.
What does this mean for companies that didn’t transition
before the deadline? To answer that question, we must take
a look at what did and didn’t happen.
Organizations holding certificates for ISO 9001:1994
may no longer claim to be “ISO 9000-registered”--a
phrase that, through common consensus, refers to companies
which have successfully passed assessment audits conducted
by auditors representing accredited registrars and, further,
have undergone surveillance audits from the same bodies
substantiating their continued conformance to the standard.
Companies that haven’t transitioned can no longer
make statements about being registered, include registrar
or accreditation body logos (such as ANSI-RAB NAP or UKAS)
on their literature or sign off on supplier surveys as
ISO 9000-registered businesses.
For companies whose customers require registration to
ISO 9001 as a condition of continued contracts, their now-expired
registrations portend the loss of critical accounts as
well as a change in status among industry peers and competition.
These represent the two greatest perils attending the loss
of ISO 9001 registration: failure to fulfill customer requirements
relative to maintaining a quality management system and
loss of market share through diminished stature in a particular
selling arena.
Both of these risks are real and shouldn’t be dismissed
lightly. By not maintaining its registration, a company
loses the entry ticket to many marketplaces and a basic
tool for satisfying customers. An organization must weigh
these risks against the costs associated with transitioning
to the new standard.
The requirements and costs associated with upgrading
to the revised standard vary for each organization. Consequently,
the value a company places on registration, weighed against
those requirements and costs, will also vary. Any top management
team would profit from a discussion regarding the return
on investment for such an expenditure, regardless of the
economy’s effect on the company during the last two
years. The economic climate has significantly influenced
this deliberation for some companies as they struggle to
make optimum use of shrinking resources. As with most critical
decisions, there’s no easy answer. We all must determine
what makes good fiscal sense for our companies.
Retaining customers through a specific ISO 9001 requirement
might be the strongest justification for upgrading your
QMS to the 2000 revised standard, but it’s not the
only one. It’s important to remember that the best
reason for implementing an ISO 9001-compliant QMS is to
improve the way you do business. Inherent in ISO quality
management system models is the critical
goal of any company: to prosper through fulfilling customer-specified
requirements. By consistently using the tools found in
ISO 9001, an organization can fulfill its customers’ requirements.
These tools include effectively allocating resources, controlling
processes, training competent personnel, working with qualified
suppliers, maintaining adequate documentation, conducting
product and process monitoring, and applying appropriate
metrics.
OK, so you didn’t make the transition. Does this
mean you’re doomed? Not at all. The fact that you
can no longer claim ISO 9000 registration doesn’t
automatically degrade your system. You still have the same
great company that existed before its registration lapsed.
You didn’t arrive at work on Dec. 16 to find operators
running amok, machines broken down, inspection records
shredded, salespeople babbling nonsense, micrometers giving
bad readings, material disintegrating and the lunchroom
going up in flames. The only thing that changed was your
ISO 9000 registration status.
Managers might ask, and rightfully so: “Then why
bother transitioning at all? Why bother to even discuss
this issue? And why did ISO change the standard in the
first place?”
Taking the questions in reverse order, it’s worth
exploring how we arrived at this need to “transition” out
of what we thought were perfectly adequate systems.
According to its own bylaws, ISO is required to review
its standards at a minimum of five-year intervals to ensure
their continued applicability and to make changes as deemed
appropriate. This is similar to the requirements most organizations
have for reviewing and monitoring their own systems. It
reflects a commitment to continual improvement, one of
the basic management principles found in the ISO 9000 family
of standards.
It’s also a good idea.
When members of ISO Technical Committee 176 reviewed
the standard, they realized they could improve it by making
it more user-friendly and applicable to a typical organization.
A tremendous amount of effort went into the revisions that
followed. The standard’s structure was revamped and
additions made in the areas of executive management, customer
relations, and internal communications and interactions.
Discussing the benefits of transitioning to ISO 9001:2000
can yield important information about how your company
might proceed with the project. Like all management decisions,
this one must take into consideration another quality management
principle found in the new standard, namely, a “factual
approach to decision making.”
In other words, you shouldn’t expend resources
without understanding the benefits such an outlay would
bring or the implications it has for your bottom line.
You shouldn’t transition to ISO 9001:2000 simply
because your registrar recommends it. Rather, you should
upgrade your system because you know, based on reliable
research, that doing so would benefit your company. Without
the discussion, the transition would strike many managers
as just another unfunded, irresponsible mandate promulgated
by disinterested entities with no connection to the business
community. Given this attitude, it’s not surprising
that managers would comply to the transition grudgingly
and with a visible lack of commitment.
If your customers don’t mandate your registration
to the standard, your industry and competitors don’t
espouse quality management systems, you’re confident
that you can maintain your system’s integrity without
periodic audits from a registrar and you have limited cash
flow, you may not need to upgrade your system.
It’s more likely, however, that one or more of
the following is true:
Your customers have more confidence in ISO 9001-registered
companies, regardless of what they demand of you. As the
economy recovers, they might find it more cost-efficient
to align themselves with suppliers whose systems are certified
by independent, third-party assessors.
Few markets fail to recognize certified quality management
systems as a basic benchmark--the minimum requirement for
doing business in that particular industry.
It’s difficult to maintain a reliable quality
management system without the support inherent in objective
third-party audits.
The ROI usually outweighs the negative effects of the
initial outlay for the transition project.
In short, you should have the discussion, but the conclusion
most organizations will reach is that upgrading to ISO
9001:2000 is a prudent expenditure of resources that will
yield significant results.
Aside from the customer-requirement motivation, you might
also decide to transition because ISO 9001:2000 includes
some great tools to help you run your organization more
efficiently. For one thing, it’s been reformatted
to parallel more closely how businesses operate.
Typically, businesses set up a system, provide resources,
perform the activities that result in bringing a product
to market (such as planning, getting customer specifications,
designing, purchasing raw materials, producing the product,
then inspecting, identifying, storing and, ultimately,
shipping it), review the results
to see what worked, decide what must be improved and act
on that decision. ISO 9001:2000 is laid out in the same
way most business operation models work.
The new standard’s organization reflects the process
approach, an underlying quality principle from ISO 9004:2000
and a feature that permeates the entire quality system.
Basically, you structure your system as a series of processes.
These create the inputs and outputs that move you from
concept to product delivery. Initiating an activity directly
results from fulfilling the preceding one; nothing happens
without
a requirement. There are no purposeless or isolated activities.
Everything is linked, providing traceability and increased
accountability.
The standard places a greater emphasis on management’s
involvement and attention to processes that ensure customer
requirements are communicated and understood throughout
the organization. Other additions to ISO 9001 that will
benefit your organization include:
Enhanced requirements for qualifying and monitoring
suppliers
Defining, monitoring and analyzing customer satisfaction
Establishing measurable objectives
Defining the criteria for competency and training effectiveness
Focusing on continual improvement
Gathering and analyzing data relative to product conformity,
process trends and other applicable performance indicators
Beyond the benefits of the revised standard, the transition
project itself carries its own payback. This includes:
Rejuvenating your quality system
Introducing practices that will enhance communication
with your customers and your ability to serve them
Creating a documentation structure more closely aligned
to how your business operates
Increasing employee awareness of how your quality system
works
Creating a more efficient and meaningful ISO 9001 system
Improving control over your supply chain
Assuming you’ve decided to proceed with the transition,
here are a few things to bear in mind:
A lot stayed the same. Although the requirements have
been shuffled around a bit and renumbered, the standard’s
intent remains unchanged. All the requirements organized
into clauses such as “contract review,” “design
control,” “purchasing” and “inspection” still
apply. If you take a quick look at Annex B at the back
of ISO 9001:2000, you’ll see where the requirements
from the 1994 version landed in the revised standard.
A complete overhaul isn’t necessary. Many companies
are overwhelmed by the thought of trashing their systems
and starting all over again, but nothing could be further
from the truth. Much of your ISO 9000:1994-compliant system
is fine just the way it is.
The December 2003 expiration date has passed. Whatever
timetable you establish for transitioning will be based
on your requirements--and probably partially driven by
your customers. Make this project work for you; insist
that it have value.
The transition process remains essentially the same.
Just because the December deadline passed doesn’t
mean you can’t transition. True, your registrar must
conduct a new assessment audit, rather than a transition
or special surveillance. And you’ll probably incur
additional costs that accompany new registration. Whatever
the registrar calls it, though, it’s still a transition
to you. You’ll be performing the same tasks and activities
as companies that transitioned before the deadline. You
don’t have to apologize to anyone about when you
decided to upgrade to ISO 9001:2000.
There is, however, one caveat: If you have major gaps
in your system, transitioning shouldn’t be your main
focus. You must first regain control of your system. It’s
possible that the transition project will help you address
some
of the troublesome issues that have received little attention
in the past or give you a fresh look at inconsistent areas.
Keep in mind the following general guidelines to facilitate
your transition project and keep you on track:
Contact any customers who require you to have ISO 9001
registration, and tell them you’re working on it.
Customers don’t want to lose good suppliers or incur
the costs of evaluating and qualifying a new vendor. If
you’ve provided them with great service in the past,
they should be willing to continue business with you as
you transition. Negotiate a no-later-than date and stick
to it.
Don’t let any great practices you currently have
in place degrade. Don’t fix what isn’t broken.
A measure of how good your current system is might be how
well it functions in the midst of change.
Use your system’s tools. You have a document control
procedure that describes how you review current documents
for revision and how you create new ones. Refer to that
procedure for guidance throughout this process. If your
procedure doesn’t help you, then maybe it’s
also a good candidate for revision.
Do a gap analysis to figure out what doesn’t have
to be changed. There are lots of good books on the subject
to help you out. The tools to achieve this transition have
already been created; use them to your benefit.
Hold a management meeting. Discuss the changes and what
they mean to your organization. There’s a lot more
flexibility built into the new standard, particularly about
deciding on the volume and depth of your documentation.
For example, you might decide to use flowcharts displayed
on bulletin boards instead of procedures or opt for photos
and graphics instead of text. You must make decisions about
monitoring key processes and gathering data. You also must
determine the best way of assessing your customers’ satisfaction.
You all must agree on the process and who will be responsible
for overseeing various tasks.
Don’t renumber your system to match the new standard
unless doing so creates value for you. Don’t allow
a registrar or consultant to convince you that renumbering
is a requirement. You can show them instead where and how
the requirement is addressed in your system for the purpose
of conformance.
Retrain your auditors. They must understand the changes
to ISO 9001 requirements as well as the new emphasis on
process approach. This will ultimately result in more productive
audits.
Relax. If you have a question, feel free to contact
me.
Good luck with your transition project. Make it a value-added
experience for your organization.
Denise E. Robitaille is a consultant, writer and
trainer. She’s also a lead assessor and certified quality
auditor. She is the author of The (Almost) Painless ISO
9001:2000 Transition, The Corrective Action Handbook, The
Preventive Action Handbook and The Management Review Handbook,
all available from
Paton Press (www.patonpress.com).
|