ISO 9000 is also highly generic. Its principles can be applied to any organization providing any product or service anywhere in the world.
Since meeting customer needs is one of the (many) definitions of quality, ISO 9001 is often called a quality system or a quality management system. But the rules, referred to as requirements, go beyond quality matters as they are traditionally understood. The requirements fall roughly into the following types:
a. Requirements that help assure that the organizations output (whether product, service, or both) meets customer specifications. (Making, and keeping, them happy.)
b. Requirements that assure that the quality system is consistently implemented and verifiable. (We must actually do what we say we are supposed to do. This must be verifiable via independent, objective
audit.)
c. Requirements for practices that measure the effectiveness of various aspects of the system. (In God we trust; all others bring data.)
d. Requirements that support continuous improvement of the companys
ability to meet customer needs. (We cannot sit still. We must strive to get better all the time, because customers change, and competitors gain strength.)
Nothing in ISO 9000 is new. The first edition, published by ISO in 1987, was drawn almost word for word from a British quality system standard. It in turn evolved from a long succession of written quality system specifications that had their ultimate origin in the defense and arms industries. Most of the practices required by ISO 9000 have been in use in industries of various kinds for decades. One intent of ISO 9001 is to simplify things for organizations. ISO 9001 strives to harmonize the sometimes conflicting, sometimes redundant quality programs that have traditionally been imposed by major corporations on their suppliers. (Note, however, that ISO 9000 is not meant to supersede customer, legal, or regulatory requirements.)
Very often, major customers require or strongly suggest that their suppliers implement ISO 9001 systems. Equally often, such customers require independent verification that suppliers are meeting the equirements.
So third-party registration bodies audit suppliers, confirm compliance to the ISO 9001 standards, and register the suppliers. It does not stop there. To stay registered, suppliers must undergo periodic (often semi-annual) surveillance audits, also carried out by their registration body.
Implementing an ISO 9001 quality system is neither cheap, nor easy. How costly and difficult it can be depends on:
a. The level of commitment of senior management. (The single most important factor.)
b. Where you are when you start. If you have already implemented a disciplined, documented quality system, you will have a less difficult time migrating to ISO 9001. (But that does not mean you will waltz to registration, either.)
c. Whether your company (or any part of it) is design responsible or not.
d. How much time you have. If you are under the customers gun and have merely months to get the job done, the process will be highly stressful.
e. The physical size and configuration of your company.
The bottom line is this. ISO 9001 is a comprehensive set of rules—a business system, really—that can cause the way your organization runs to profoundly change, almost always for the better. Yet, because it is often customer-mandated, many suppliers regard ISO 9001 as just another hoop to jump through to keep our customers happy.
They see their choice as swallow hard, pony up, and jump through the hoops; or walk away from the customer. What many do not fully appreciate is that implementing ISO 9001—expensive, exhausting, and annoying as it can be—can also have the salutary effect of improving the performance of your organization. Not just at first, but on an ongoing basis.