The steps need to be taken to prepare an organization for ISO 9001 2000 registration:
Whilst the following text is not exhaustive in its content it should give you a reasonable idea of what's involved in setting up an ISO 9001 2000 registration within an organization.
First and most importantly you should either purchase a copy of the ISO 9001 2000 standard or read a copy at your local library.
At first glance many of the terms referred to in the standard sound quite confusing but if you study the content of this web site you will soon become familiar with the terminology used.
Now that you are a little more familiar with the ISO 9001 2000 Quality Management Standard and its terminology you should start to analyze the current practices of your organization to those documented within the ISO 9001 2000 standard,This process is known as a gap analysis audit. You can either carry this process out yourselves or employ the skills of an ISO 9001 2000 consultant to carry out the task for you.
It is very important to get this audit right as the results will be used to set the direction of your organization on its route to full ISO 9001 2000 registration. In short if this audit is wrong or incomplete your organization will happily steam along in the wrong direction, wasting resources as it goes, until someone tells you otherwise. If I were to give one piece of advice here it would be to recommend using a professional, a small amount of money spent at this stage could save you unnecessary expenditure if you were to get it wrong.
As the gap analysis audit on your organization progresses you will be able to identify the processes which are already documented, and those that are not. It will be useful to your organization to compile a list of documents that you will need for the Quality Management System as you complete the gap analysis audit, there is no sense in doing the same job twice.
It is important to remember that just because a process is documented does not necessarily mean it is compliant with the requirements of the ISO 9001 2000 standard. Almost certainly your organization will have to tweak existing processes and or instigate new ones in order to comply with the documented requirements of the ISO 9001 2000 standard.
For this purpose you may decide to bring together a team of employees and have them review the processes and suggest improvements which will make the process compliant with ISO 9001 2000. Alternatively you may wish to employ an ISO 9001 2000 consultant to carry out this task for you. Whilst a consultant may initially seem expensive he or she will have the experience to complete the task expediently and cost effectively.
Now that the organizations processes and any short falls against the ISO 9001 2000 standard have been identified they have to be documented in a within a controlled document control system. Whilst there is not a definitive, prescribed method to document an ISO 9001 2000 Quality Management System there are, as with most things, easy and hard ways of doing this.
If you are unsure how to do this there is an example procedure here or once again you can employ a consultant to complete this task expediently.
Design and implement the Quality Management System to comply with the requirements of ISO 9001 2000.
This will typically require:
Establishing a quality policy and measurable quality objectives.
Documenting a quality manual, describing your Quality Management System.
Documenting procedures which describe the processes in your organization.
Creating a document issue, withdrawal and re-issue of documents system.
Documenting test and inspection methods.
Documenting a corrective and preventive action process.
Identification of training needs and necessary job skills.
Calibrating and controlling measuring and test equipment.
Measuring and monitoring customer satisfaction.
Measuring process, and product conformity.
Training employees on the operation of the quality management system.
Planning, conducting and following up internal Quality Management System audits.
Continual improvement of the Quality Management System.
As each process in your organization is revised, documented and implemented you need to ensure that your employees are trained accordingly in the operation of the revised process and that their documented training records are updated. All employees must have had at least basic ISO 9001 2000 training so that they can demonstrate that they understand what is required of them. You can either attempt this training your self or employ a consultant trainer to do this task for you.
You must generate and keep documented records of employee training in accordance with your new processes procedures which, of course must be compliant with ISO 9001 2000.
These records will be used as evidence to prove to your ISO assessor that you are operating your Quality Management System in accordance with your documented procedures and ISO 9001 2000. Driso's Easy ISO 9001 2000? software will record, control all of your organisations training records in an ISO 9001 2000 compliant format.
As your processes evolve you must start internal quality management system audits so as to satisfy your organization that it is in fact operating its processes in accordance with its own documented procedures and the requirements of ISO 9001 2000.
Your ISO 9001 2000 auditor will look at the records generated by your internal audits. ISO 9001 2000 relies on Quality Management System audits to provide assurance that the organization is meeting the requirements of the ISO 9001 2000 standard.
An audit includes an inspection of the documents and records that make up your quality system.
Most importantly it is an inspection of the way the people in the organization work and the knowledge they have about the operation of the quality management system. management reviews must be carried out by the top management in your organization to ensure that your Quality Management System is working effectively and that it is geared to produce continual improvement of your products or service.
Registration requirements vary slightly between the various certification bodies but it is usual to have a Pre-Assessment.
A pre-assessment is a mock audit similar in duration to a full registration audit which your organization neither passes nor fails.
The important feature of a pre-assessment is that it will provide a full list of any short falls between the requirements of the ISO 9001 2000 standard and your Quality Management System.
As a senior lead auditor I would always advise an organization to opt for a pre-assessment.
You now need to select a registration agency.
There are many registration agencies to choose from and in theory they are similar inthe services they provide, chiefly because they all have to abide by the same to EN standards, EN45011 and EN45012. In practice they offer different service levels, response times and re-assessment periods. So my advice would be to choose your registration body very carefully.
Finally the day has arrived for your registration rudit. This is where an auditor from the chosen certification body visits your organization and carries out a comprehensive audit of your organization.
When the auditor identifies a discrepancy or non-conformance between the work that is being performed and the requirements of ISO 9001 and how you say you operate your processes the discrepancy or non-conformance will be written up. There is no specific number of non-conformances that have to be raised for your organization to either pass or fail. It depends on how serious each point raised is or if a number of minor issues are all raised against one clause of ISO 9001 2000, say for example design.
For example: If only a few minor non-conformances are found during the registration audit, the registration body will issue a certificate of registration to ISO 9001 2000 stating that your organization complies with the requirements of the ISO 9001 standard. If however a major non-conformance is raised this results in your organisation being told that you must correct the non-conformance(s) and re-apply for another registration audit. This is why I would always recommend that you have a consultant carry out a Pre-Assessment audit on your business, re-applying for a complete re-assessment from a registration body can be a very expensive business.
Once a certificate of registration is issued it typically expires after three years, however some registration bodies certificates never expire.
All registration bodies typically require Quality Management System surveillance audits of your organization at six months intervals to maintain the validity of the certificate.
At this point, you deserve to celebrate your accomplishments!
However, once the certificate is issued you need to continue to monitor your own Quality Management System to ensure you continue to comply with the requirements of ISO 9001 2000.
Driso provide ISO 9001 2000 consultancy, auditing, software, and training Services.
They also supply Easy ISO 9001 2000? software for initially setting up an ISO 9001 2000 compliant Quality Management System or improving upon an existing one.
To contact Driso Consultancy Services visit the web site below and see what they can do for you and your business.
Contact: http://www.driso.co.uk for more details.