An ISO Primer
Scott Paton
spaton@qualitydigest.com
I recently participated in
a meeting at a large organization that wanted to learn about
ISO 9000. It was a fascinating experience--not only to see
how a Fortune 500 organization goes about learning a new
process but also to look at ISO 9000 from a beginner's perspective.
The meeting reminded me just how many acronyms, rules,
exceptions to rules and other ISO-specific knowledge are
needed just to have a working understanding of ISO 9000.
Even explaining what "ISO" stands for is difficult.
The International Organization for Standardization uses
"ISO" to refer to itself because it eliminates
the confusion that could arise from acronyms in different
languages. For example, "IOS" in English, "OIN"
in French for Organisation internationale de normalisation).
ISO decided at the outset to use a word derived from the
Greek isos, meaning "equal" so that whatever the
country, whatever the language, the short form of the organization's
name is always ISO.
I also receive questions from people about what ISO is
and how it works. I hear people use terms incorrectly, and
I receive a plethora of article submissions from so-called
ISO experts who may know a lot about quality management
systems but seem to know very little about basic ISO terminology
and structure. So, here's a brief overview.
Let's start with what ISO doesn't do. ISO does not issue
certificates of registration to standards. Nor does ISO
write standards. Standards are written by volunteer groups
(known as technical committees) of subject-matter experts.
Furthermore, ISO does not accredit registrars.
So what does ISO do? ISO develops and administers standards;
it does not register or certify companies to them. In fact,
it's incorrect to say that a company is "ISO certified"
or "ISO registered." A company is issued a certificate
of registration to ISO 9001 by a registration/certification
body, which is accredited by an accreditation body.
An accreditation body will accredit--or, in simpler language,
approve--a certification body (registrar) as competent to
carry out ISO 9000 certification of quality management systems
in specified business sectors. Examples of accreditation
bodies include The American National Standards Institute-Registrar
Accreditation Board National Accreditation Program (ANSI-RAB
NAP) and the Dutch Council for Accreditation (RvA).
A registrar assesses an organization's quality management
system against the requirements of ISO 9001 and issues a
certificate to confirm that it is in conformance with the
standard's requirements. This process is referred to in
different countries as certification or registration. In
the United States, the term "registration" is
used. Therefore, an organization is "registered"
to ISO 9001.
ISO 9000 was revised in 2000 and companies that wish to
maintain their registration must transition to the new version
by Dec. 15, 2003. ISO replaced ISO 9000:1994 with ISO 9000:2000
(a guidance document) and ISO 9001:1994, ISO 9002:1994 and
ISO 9003:1994 with ISO 9001:2000. It also replaced ISO 9004:1994
with an entirely new ISO 9004:2000, which is a guidance
document that provides the entire text of ISO 9001:2000
and additional guidance for organizations that wish to go
beyond the basic outline of a QMS that ISO 9001:2000 provides.
Organizations cannot be registered to ISO 9004:2000.
For more information about ISO, visit www.iso.org.
Send your comments about this ISO primer to letters@qualitydigest.com.
|
