What is ISO9001? – by Phil Brown
ISO9001 2015 is the International Standard for Quality Management Systems and the various different sections of the Standard cover different areas of management for which a business has to demonstrate its compliance.
In section 1, titled scope, part a) states that a company “needs to demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements.”
Part b) states that the company “ aims to enhance customer satisfaction through the effective application of the system, including processes for improvement of the system and the assurance of conformity to customer and applicable statutory and regulatory requirements.”
Within the standard are a number of sections all designed to ensure that the company has the systems in place to meet the statements detailed in a) and b).
In Section 4 which is headed “Context of the organisation” there is a requirement for companies to identify what external issues and also internal issues are relevant to the purpose of the business and its strategic direction and which will influence its ability to achieve the specified results. To help with this the company has to demonstrate that it understands the needs and expectations of its customers. This then helps the company determine the scope of its quality management systems.
Implementing a quality management system with ISO9001
As part of this the company has to establish, implement, maintain and continually improve a quality management system, This means that the company has to identify the processes which are needed to be in place throughout the business to support the Quality Management Systems. As part of this the inputs and outputs required for each of these processes has to be identified as well as the interaction and sequencing of these processes. The company has to identify the methods to be used for monitoring these processes.; the type of data that needs to be collected; how this recorded and analysed and the actions that need to be taken resulting from this data analysis.
The company needs to identify the resources needed to support these processes and to ensure adequate resource is provided for every process. Responsibilities for each of the processes and authority to take necessary remedial action need to be identified. As part of this responsibility there is a requirement to evaluate the effectiveness of processes and to implement changes to processes when a process is seen to not fulfilling its purpose. The company is required to demonstrate that it has assessed risks to the business and has set targets for and is working on reducing the areas of highest risk.
How should ISO9001 be implemented?
There is a section on Leadership which the senior management of the company are required to demonstrate that they are committed to the Quality Management Systems and have overall leadership of the systems.
They should demonstrate their commitment to making sure that the processes are all working effectively.
There has to be a company Quality Policy Statement and Quality Improvement objectives which are communicated to all employees, and for the Quality improvement targets there needs to be evidence of data being collected and analysed.
It is a requirement that performance against the Quality Objectives is regularly reported to ll the company employees.
Areas that ISO9001 covers include:
• Organisational roles and responsibilities
• Planning
• Change control
• Resources including people, infrastructure, environment and monitoring/measuring devices
• Product and process traceability
• Competence
• Organisational knowledge
• Documented information
• Operational planning and control
• Design and development
• Control of non-conforming outputs
• Performance evaluation
• Handling of customer complaints and corrective actions
The management systems should be internally audited regularly, and at least annually.
A management review of all areas of the Quality Management Systems should be held by the senior management and actions agreed. These reviews should be held regularly and again at least annually.
