Implementing Iso 90012008 Quality Management System A Reference PDF

Second Edition
IMPLEMENTING
ISO 9001:2008
QUALITY MANAGEMENT SYSTEM
A Reference Guide
ISO
9001: 2008 CERTIFIED
Divya Singhal
Keshav Ram Singhal
Implementing ISO 9001:2008

Quality Management System
A Reference Guide
Second Edition
DIVYA SINGHAL
Assistant Professor
General Management Area
Goa Institute of Management
Ribandar, Goa
KESHAV RAM SINGHAL

Centre Coordinator
National Centre for Quality Management
Ajmer Centre
Rajasthan
New Delhi-110001
2012
` 195.00
IMPLEMENTING ISO 9001:2008 QUALITY MANAGEMENT SYSTEM: A Reference Guide
Second Edition
Divya Singhal and Keshav Ram Singhal
2012 by PHI Learning Private Limited, New Delhi. All rights reserved. No part of this book
may be reproduced in any form, by mimeograph or any other means, without permission in
writing from the publisher.
ISBN-978-81-203-4574-4
The export rights of this book are vested solely with the publisher.
Second Printing (Second Edition)
. . .
. . .
. . . April, 20102
Published by Asoke K. Ghosh, PHI Learning Private Limited, M-97, Connaught Circus,
New Delhi-110001 and Printed by Mudrak, 30-A, Patparganj, Delhi-110091.
Contents
Foreword...................................................................................................... ix
Preface......................................................................................................... xi
1. Quality Concept and Quality Management Systems.......... 116
Introduction............................................................................................ 1
The Noun Quality............................................................................ 1
The Adjective Quality...................................................................... 2
A Two-Dimensional Model of Quality............................................. 2
Thoughts on Quality......................................................................... 2
ISO Standards on Quality.................................................................... 4
A Leading National Daily................................................................. 4
A Few More Thoughts/Facts on Quality......................................... 4
Customer Perception......................................................................... 8
Quality and Quality Management System..................................... 8
How Can We Achieve Quality?........................................................ 9
Quality System Concepts.................................................................. 9
Total Quality Management (TQM)................................................ 10
International Organization for Standardization and ISO 9000..... 11
Historical Background: Origin of Quality and Evolution of ISO 9000 ..... 13
ISO 9000 Standards on Quality Management and Quality
Assurance..................................................................................... 15
Questions............................................................................................... 15
2. Quality Management Principles............................................. 1722
Introduction.......................................................................................... 17
Quality Management Principle........................................................... 18
1st Principle: Customer Focus....................................................... 18
2nd Principle: Leadership............................................................... 19
3rd Principle: Involvement of People............................................ 19
4th Principle: Process Approach.................................................... 20
5th Principle: System Approach to Management........................ 20
6th Principle: Continual Improvement......................................... 21
iii
iv
Contents
7th Principle: Factual Approach to Decision-making.................. 21

8th Principle: Mutually Beneficial Supplier Relationship.......... 22
Questions............................................................................................... 22
3. Step-by-step Process for Developing and
Implementing ISO 9001:2008 QMS......................................... 2333
Step 1: Commitment from Top Management................................. 23
Step 2: Appointment of a Management Representative............... 24
Step 3: Establishing a Steering Committee................................... 25
Step 4: Establishing a Task Force.................................................. 25
Step 5: Appointing a Consultant..................................................... 26
Step 6: Obtain Information about the ISO 9000 Family.............. 26
Step 7: Start ISO 9001:2008 QMS Awareness Programme
in Your Organization...................................................................... 27
Step 8: Action Plan............................................................................ 27
Step 9: Training and Guidance........................................................ 28
Step 10: Initial Status Survey........................................................... 29
Step 11: Develop Your Documentation............................................. 29
Step 12: Implementation.................................................................... 31
Step 13: Internal Audit....................................................................... 31
Step 14: Management Review............................................................ 32
Step 15: Pre-assessment Audit........................................................... 32
Step 16: Certification........................................................................... 32
Questions............................................................................................... 33
4. Certification/Registration ProcessISO 9001:2008 QMS....... 3438
What Does Certification/Registration Mean?.................................... 36
Why Do Customers Require their Suppliers to have
ISO 9001:2008 QMS Certifications?.......................................... 37
How Much Will Certification Cost?............................................... 37
Initial Audit by Certification Body.................................................... 37
Questions............................................................................................... 38
5. Quality Management System Standards: ISO 9000 Family...... 3948
ISO 9000 Family Standards ............................................................. 39
Quick ReferenceISO 9001:2008 Quality Management System..... 41
How to Obtain ISO 9000 Series Standards?................................ 43
ISO 9001:2008 QMS general.......................................................... 44
Process Approach............................................................................. 45
Relationship with ISO 9004........................................................... 47
Compatibility with Other Management Systems......................... 48
Questions............................................................................................... 48
Contents
6. Scope and Normative ReferenceISO 9001:2008 QMS....... 4953

Scope...................................................................................................... 49
Normative Reference........................................................................... 51
Terms and Definitions......................................................................... 51
Questions............................................................................................... 53
7. General and Documentation

RequirementsISO 9001:2008 QMS....................................... 5464
General Requirements......................................................................... 54
Documentation Requirements............................................................. 57
Quality Manual................................................................................ 60
Control of Documents...................................................................... 61
Control of Records........................................................................... 63
Questions............................................................................................... 63
8. Management ResponsibilityISO 9001:2008 QMS............. 6574
Management Commitment.................................................................. 65
Customer Focus.................................................................................... 67
Quality Policy....................................................................................... 67
Planning................................................................................................ 68
Quality Objectives........................................................................... 68
Quality Management System Planning........................................ 69
Responsibility, Authority and Communication................................. 70
Responsibility and Authority.......................................................... 70
Management Representative.......................................................... 71
Internal Communication................................................................. 71
Management Review............................................................................ 71
General............................................................................................. 71
Review Input.................................................................................... 71
Review Output................................................................................. 72
Role of the Top Management............................................................. 73
Questions............................................................................................... 74
9. Resource ManagementISO 9001:2008 QMS...................... 7578
Provision of Resources......................................................................... 75
Human Resources................................................................................ 76
General............................................................................................. 76
Competence, Awareness and Training.......................................... 76
Infrastructure....................................................................................... 77
Work Environment.............................................................................. 77
Questions............................................................................................... 78
vi
Contents
10. Product RealizationISO 9001:2008 QMS......................... 7991

Product Realization........................................................................... 80

Planning of Product Realization...................................................... 80

Customer-related Processes.............................................................. 81
Determination of Requirements Related to the Product.......... 81
Review of Requirements Related to the Product....................... 82
Customer Communication............................................................ 82

Design and Development.................................................................. 83
Design and Development Planning............................................. 83
Design and Development Inputs................................................. 84
Design and Development Outputs............................................... 84
Design and Development Review................................................ 85

Design and Development Verification......................................... 85
Design and Development Validation........................................... 85
Control of Design and Development Changes........................... 85

Purchasing.......................................................................................... 86
Purchasing Process........................................................................ 86
Purchasing Information................................................................ 87

Verification of Purchased Product............................................... 87

Production and Service Provision.................................................... 88
Control of Production and Service Provision............................. 88
Validation of Processes for Production and Service Provision.88

Identification and Traceability..................................................... 89
Customer Property........................................................................ 89
Preservation of Product................................................................ 90

Control of Monitoring and Measuring Devices.............................. 90

Questions............................................................................................. 91
11. Measurement, Analysis and Improvement
ISO 9001:2008 QMS................................................................ 92103

Measurement, Analysis and Improvement..................................... 92

General................................................................................................ 92

Monitoring and Measurement.......................................................... 93
Customer Satisfaction................................................................... 93
Internal Audit................................................................................ 94
Monitoring and Measurement of Processes................................ 96
Monitoring and Measurement of Product................................... 97

Control of Nonconforming Product.................................................. 97

Analysis of Data................................................................................ 98

Improvement...................................................................................... 99

Continual Improvement.................................................................... 99

Corrective Action............................................................................. 100

Preventive Action............................................................................. 101

Questions........................................................................................... 103
Contents
vii
12. Increasing the Power of Your QMSAchieve

Performance Excellence Through Continual
Improvement.......................................................................... 104110

Questions........................................................................................... 110
13. Adding Value to Internal QMS Audit............................. 111121

Audit Types...................................................................................... 111
Who Is the Customer for Audit?............................................... 112
Value Added Audit Situation..................................................... 112

What Is an Internal Audit?............................................................ 113

Internal Audit Requirements......................................................... 114
Nonconformity.............................................................................. 115
Why May Internal Audit Useless?............................................ 115
Adding Value to QMS Internal Audit....................................... 115
Why, Why, Why........................................................................... 118
ISO 9001 Auditing Practices Group.......................................... 119
Training of Internal Auditor must be a Regular Process...... 120

Questions........................................................................................... 121
14. Developing QMS Documentation
ISO 9001:2008 QMS.............................................................. 122130

Structure of QMS Documentation in ISO 9001:2008.................. 122

Purposes and Benefits of QMS Documentation........................... 123
Developing QMS Documentation................................................... 124
Quality Manual................................................................................ 125
Procedures........................................................................................ 127
Work Instructions............................................................................ 128
Forms................................................................................................ 129
Quality Plan..................................................................................... 129
Approval and Issue of Documents................................................. 129
Questions........................................................................................... 130
Appendix A Sample QMS Procedures ......................................133146

Appendix B Certification Bodies in India ................................147152
Appendix C Frequently Asked Questions ..................................153159
Appendix D Some Useful Websites Blogs...........................................160
Appendix E Checklist for ISO 9001:2008 QMS .......................161176
Bibliography ..............................................................................177178
Index.............................................................................................179183
Foreword
Quality is a concept associated with the expectation of every individual.

In other words, quality means meeting customer needs. We can write
volumes interpreting the term quality. When we have varied explanations
for this simple word, it is only natural that people want to have more
clarity and correct understanding of the tools like Quality Management
System (ISO 9001:2008), which is undoubtedly most popular and widely
accepted standard in the world today.

Talking of interpretation, I would like to share a recent experience
with you. I was travelling to Valsad in Gujarat and my cotraveller
was a bright, young school student. After discussing general things I
just asked him some Quality questions. Regarding ISO 9001, he said
he had seen this in advertisements of many educational institutions.
I handed over the standards copy (ISO 9001:2008) to him and asked
him to study as a pastime and give his opinion. He took an hour or so
studying the standard and scribbling something on a sheet of paper.
After having read he said Uncle, I found the word requirements was
used the maximum number of times (60 times) in this booklet. How
many of us interpreted the standard like this.

I have not met Mr. K.R. Singhal or Dr. Divya Singhal personally.
But their talent and worth are known to me as they have created
a niche for themselves through their well researched articles being
regularly published in Quality World. In all their writings, I found
a sincerity of purpose in spreading the real spirit of Quality and its
associated tools.

ISO 9001:2008 is a simple and user friendly standard which can
be easily adapted by any organization. As the standard provides only
guidelines for the organization to derive maximum benefit, a publication
like this will be very useful.

The contents of this book are so designed that the reader can understand the essence of each element and help in effective implementation
of the system. Questions are provided at the end of each chapter and if
the reader can answer those questions, confidence of understanding the
standard is ensured.
ix
Foreword

I am sure students will be immensely benefited as I find this book to
be very useful for both the student and the teacher alike. I also prompt
the learned authors to continue similar work for other standards like
EMS, OHSAS, etc.
Wishing all quality reading.
H. JAYARAM
Editor,
Quality World, Delhi
Email: qw@qualitypride.com
Preface
The American writer H. James Harrington expressed that quality is a

universal languagea rallying cry for everyone. It is equally important
to all countries, regardless of whether they are large or small, socialists
or democratic, developed or developing. Though all countries need to
improve, no one knows the best route to quality. Everyone must take
responsibility for achieving quality. The authors have endeavoured in
this book to provide comprehensive guidance on implementing ISO
9001:2008 Quality Management System.

A quality management system is a management system (a set of
interrelated or interacting elements to establish policy and objectives
and to achieve those objectives) to direct and control an organization
with regard to quality. Accordingly, by implementing the requirements
of ISO 9001:2008 QMS standard, an organization can establish and
maintain a documented quality management system as a means of
ensuring product/service conformance to specified requirements on
continual basis.

The ISO Survey reveals that by the end of December 2010, at least
1,109,905 ISO 9001:2008 certificates had been issued in 178 countries
and economies. The 2010 total represents an increase of 45,120 (+4%)
over 2009, when the total was 1,064,785 certificates in 178 countries
and economies. This clearly indicates the universality of ISO 9001:2008
Quality Management System (QMS).

The first chapter of this book discusses quality and quality management
systems. Chapter 2 describes the eight quality management principles
and Chapter 3 explains how to develop and implement ISO 9001:2008
QMS standard in an organization. In Chapter 4, the certification
process is discussed in detail. Chapter 5 introduces the ISO 9000
family of Quality Management System standards. Chapters 611 deal
with the eight clauses of ISO 9001:2008 QMS standard. Chapter 12
provides solutions to increase the power of quality management system.
Chapter 13 presents information on adding value to internal QMS audit
while Chapter 14 focuses on how to develop QMS documentation for
implementing ISO 9001:2008 QMS in an organization. Most importantly,
xi
xii
Preface
this book also provides sample QMS procedures on control of documents,

control of records, internal audit, control of nonconforming product,
corrective action, and preventive action in Appendix A. Other appendices
deal with the certification bodies in India, frequently asked questions,
some useful websites and blogs, checklists for ISO 9001:2008 QMS
useful for implementation, initial survey and audit purpose including
internal audit, and bibliography.

This book is designed for the students of management institutes for
courses in quality management. It will also be useful for professionals
who opt for short courses in quality management systems. Besides,
corporate sector will find this book, to serve them as a reference guide
to implementing ISO 9001:2008 QMS.

Any accomplishment requires the effort of many people and this
book is no different. This book is an outcome of our participation in
discussions at various forums/groups, our teaching as well as consulting
experience and study of this subject over a considerable period of time.
Various information, quotes and data in this book are the result of
collection from various sources, such as newspapers, books, magazines,
websites, authors, speakers etc. Unfortunately, sources were not always
noted. Every effort has been made to provide reference of the source.
If we have omitted any source for the material contained herein,
we will include the same in future edition that are brought to our
information. We extend our sincere thanks to all those who directly
or indirectly helped us to facilitate the writing of this book. We thank
Mr. H. Jayaram for encouraging us by writing the Foreword of the
book. We also appreciate the efforts of concerned staff at PHI Learning
Private Limited, New Delhi, for their support and cooperation extended
during production of this book.

Utmost care has been taken to ensure correctness and accuracy of
the contents. However, omissions and errors, if any, in this book are
regretted. We fervently hope that the readers will find this book useful.
Suggestions for improvements will be welcomed and acknowledged.
The readers may email to us at divyagim@gmail.com and krsinghal@
rediffmail.com or write to us through the publishers.
Divya Singhal
Keshav Ram Singhal
Quality Concept and

Quality Management
System
INTRODUCTION
Quality is a fluid concept, difficult to define and hard to manage largely
because it is so subjective. Every person has his or her own perception
about quality. Many authors have defined quality differently. Let us
see following definitions of quality. Quality means:

Fitness for use. (Joseph M. Juran, 1988). Note: The customer

defines the fitness.
Compliance with specified requirements. (Crosby)
Conformance to requirements. (Crosby, 1979)
Conformance to specifications. (Crosby, 1980s). Note: The difficulty
with this definition of quality is that the specifications may not be
what the customer wants. Crosby treats this as a separate problem.
Degree of excellence.
Meeting requirements. (Oakland)
Customer satisfaction. (Juran, 1993)
Delighting customers.
Freedom from defects, imperfection or contamination.
The total composite product and service characteristics of
marketing, engineering, manufacture and maintenance through
which the product or service in use will meet the expectations
by customers. (Feigenbaum, 1983, 1991)
Value to some person. (Gerald M. Weinberg)
Quality is pride of workmanship. (W. Edwards Deming)
The Noun Quality

The noun quality has following five meanings:

An essential and distinguishing attribute of something or someone.

A degree or grade of excellence or worth. Synonyms: Caliber, Calibre.
1
2 Implementing ISO 9001:2008 QMSA Reference Guide

A characteristic property that defines the apparent individual

nature of something. Synonyms: Character, Lineament.
The distinctive property of a complex sound (a voice or noise or
musical sound). Synonyms: Timbre, Timber, Tone.
High social status.
The Adjective Quality

The adjective quality has following two meanings:

Of superior grade. Synonyms: Choice, Prime, Prize, Select.

Of high social status.
A Two-dimensional Model of Quality

According to Noriaki Kano and others, the quality has two dimensions
must be quality and attractive quality. The former is near to the
fitness for use and later is what the customer would love, but has not
yet thought about. Supporters characterize this model more succinctly as:
Products and services that meet or exceed customers expectations. We
believe that this is today the most used interpretation for the term quality.
Thoughts on Quality
Defining quality has always been a difficult task. Juran offers two
definitions of quality in his must-have reference, Jurans Quality
Handbook:

Quality means those features of products, which meet customer

needs and thereby provide customer satisfaction.
Quality means freedom from deficienciesfreedom from errors
that require doing work again (rework) or that result in field
failures, customer claim and so on.

Deming defines quality as the need to provide customers what they
need, when they need and at a higher perceived value and lower cost
than everyone else. Quality should be aimed at the needs of customer,
present or future. In his landmark quality book, Out of Crises, Deming
dances around a definition of quality, explaining that quality means
different things to different people, depending on the task at hand.
Ultimately, he claims, the customers definition of quality is the only
thing that matters.

In 1985, F. Galetto proposed the following:

Quality is a set of characteristics of a system that makes it able
to satisfy the needs of the customer, of the user and of the society.
Quality Concept and Quality Management System

Others define quality differently. Philip B. Crosby says it is conformance to requirements. Philip Crosby defined four quality absolutes:

1. Quality has to be defined as conformance to requirements, not

as goodness
2. The system for causing quality is prevention, not appraisal
3. The performance standard must be zero defects, not thats close
enough.
4. Quality is measured by the Price of Nonconformance (PONC), not
by indices

The above four absolutes originally coined by Crossby in his
famous book Quality is Free. Philip Crossby Associates two years after
Crossbys death, added another absolute, which statesThe purpose
of quality is to ensure customer success, not customer satisfaction.

Websters New World Dictionary, 4th edition, defines quality as the
degree of excellence which a thing possesses.

Mikal Harry and Richard Schroeder challenge the conformance-torequirements approach. They say that quality should focus on value
entitlement, which means that companies are entitled to produce quality
products at the highest possible profits and customers are entitled to
buy high-quality products at the lowest possible cost.

Mathematically, the term quality can be expressed as equal to
Performance (P) or Result (R) divided by Customers Expectations (E).

Most ideal situation, when Q = 1 that means that the customers
expectations are complied with and full customer satisfaction is
attained.

American writer H. James Harrington expresses following views on
quality:

Most people think they understand quality and excellence, but

very few people will agree on a common definition of either term.
The meaning of quality is based on personal experience and
everyone defines it in his or her own way.
Quality is a universal languagea rallying cry for everyone. It
is equally important to all countries, regardless of whether
they are large or small, socialists or democratic, developed or
developing. They all need to improve. No one knows the best
route to quality, and certainly everyone must take responsibility
for achieving it.
Quality is meeting or exceeding customers expectations at a price
that represent value to them.
ISO STANDARDS ON QUALITY

ISO standard ISO 8402:1994, Quality management and quality assurance
Vocabulary, defined quality as totality of characteristics of an entity
that bears on its ability to satisfy stated and implied needs. Here in this
definition, we should also understand the word entity. An entity may
be, for example, an activity, or a process, a product, an organization,
a system or a person, or combination thereof. Here it is important to
note that ISO 9000:2000 has replaced ISO 8402:1994. ISO standard
ISO 9000:2000 (also new version ISO 9000:2005), Quality Management
SystemsFundamentals and Vocabulary defines quality as degree to
which a set of inherent distinguishing features (characteristics) fulfills
requirements (needs or expectations that are stated, generally implied
or obligatory). The standard ISO 9000:2000 (also new version ISO
9000:2005) provides following clarifications while defining quality:

The term quality can be used with adjectives such as poor, good
or excellent.
Inherent means existing in something, especially as a permanent
characteristic.
Inherent is opposed to assigned.
A Leading National Daily

A leading national daily has described quality as follows:

Quality has a strong impact on corporate economiesit seeks to

improve the organizations business performance. Till the middle
of the last century, however, the concept of quality was nebulous
and ill defined.
People associated quality with any well-known brand name, and
often (erroneously), with a price tag.
At best, the word quality was defined as conformity to specification.
But then, specifications need not exactly and explicitly match a
particular want of the customer. Hence the operation definition of
qualityin sequel to this incongruitywas derived and evolved
as meeting the customers expectations.
In other words, quality is giving the customer what he wants, at
a price he is pleased to pay; and at a cost, which can be pegged
and contained. Quality is the confidence of customer expectation
and realization.
A Few More Thoughts/Facts on Quality

A bunch of thoughts/facts on quality are:

Quality is a very talked and in fashion subject today.

Quality is a factor, which interests everyone.
It is no longer true that quality is linked to higher cost.

Only shortsighted people have been relating quality to high cost.
Profit is positively correlated with quality.
In 1961, A.V. Feigenbaum devised the concept named Total
Quality Control (TQC). He spread his ideas all over the world.
From 1950, scholars like W.E. Deming and J. Juran, taught, for
more than 40 years, quality ideas.
In 1988, the presidents of 14 European companies created the
European Foundation for Quality Management (EFQM) to stress
the importance and value of TQM, to reach total customer
satisfaction.
Many people have provided new ideas on TQM (Total Quality
Management) during the last 25 years.
In 1994, the standard ISO 8402 reported the official ISO
definition of TQM.
In 1984, Galetto developed a model for quality, called as integral
quality approach (IQA).
Top managers think, All the poor quality problems are originated
by the workers. They do not understand the idea that more than
90% of times poor quality depends on the managers.
Human resources are one of the biggest assets of an organization
for achieving quality.
Everyday managers are faced with poor quality problems and they
have to make quality decisions on quality of products/services.
Quality has always been a competitive advantage.
Actually, quality is a serious and difficult business.
Quality has to become an integral part of management. Too
many organizations are well behind the desired level of quality
management practices.
Managers have the responsibility of major decisions in an
organization and the soundness of their decisions affects the
quality of the products and the satisfaction of customers needs.
In order to make sound decisions, managers have to be aware
of the consequences of their decisions in relation to quality
matters.
Management of an organization need to be made fully aware and
convinced that they need to expand their knowledge in order to
improve their quality.
Experience alone, without theory, teaches nothing about what to
do and how to improve quality.
Management must understand that they have a new job: Learning
how to use quality methods for quality.
If an organization is able to produce quality items (products or
services) at minimum cost, it can sell them at lower prices than
competitors.
TQM is about continuous improvement.

Quality is a competitiveness factor that has to be integrated in

all organizational activities in order to prevent failures.
Quality is a relative term and it is generally used with reference
to the end use of the product.
The quality depends on the perception of a person in a given
situation. The situation can be user-oriented, cost-oriented or
supplier-oriented.
A product is manufactured for the use of the customer, the requirements of the customer dictates the quality of the product.
Quality is to be planned, achieved, controlled and improved
continuously.
Quality in product or service is not what the supplier puts in.
It is what the customer gets out and is willing to pay for. A
product is not quality because it is hard to make and costs a lot of
money, as manufacturers typically believe. This is incompetence.
Customers pay only for what is of use to them and gives them
value. Nothing else constitutes quality. (Peter Drucker)
Quality today has many dimensions. Gone are the days when
quality was identified with product alone. (Girdhar J. Gyani)
The quality management system (QMS) approach encourages
organizations to analyze the customer requirements, define the
process that contributes to the achievement of a product, which
is acceptable to the customer, and keep these processes under
control. (Girdhar J. Gyani)
In old days, quality advocates functioned more or less as
company cops, authoritative figures who would get you in
trouble for taking shortcuts. Today, and definitely in future, the
quality professionals role will have less to do with blowing the
whistle than seamlessly integrating processes within all business
operations relating to customers. (Derrell S. James)
The cost of quality at both ends of the life cycle needs to be
examined. Quality should include not only the quality of the
product itself, but also its impact on environment.
(Dirk Dusharme)
Quality is becoming a function of every job title in every
organization. One reason for this is that the speed of technological
growth is exceeding the capability of transactional processes in
all forms of customer services, and organizations are struggling
to keep pace with increased customer demands. Mistakes cost
more, even when the overall percentage of mistakes remains the
same. (Joseph A. DeFeo)
Quality is migrating internationally. Third World countries are
making quantum leaps. (Joseph A. DeFeo)
Before you can improve quality, you must know what it means
to your organization. (Scott M. Paton)
Management of quality is not a one-shot affair. It covers all

transactions. Continuous creation of value addition is possible
only when we manage change; that too proactively. (Dr. R.H.G. Rau)

Attaining and maintaining quality is not is one time task, but
rather an ongoing process. Quality is a long journey and when
one thinks of having reached the destination, one realizes that
the path ahead is still longer. There is never a full stop in the
quest for quality. (K.C. Mehra)

Quality! Call it a concept, an approach, a way of life, a tool for
achievement or merely a word. Whatever definition you give or
whatever approach you take, this subject has made people think
and think in a big way. (Hariharan Jayaram)

With the economic liberalization and opening up of markets,
Indian businesses are exposed to international level of technology
and quality. Quality today is a strategic competitive edge and is
a business agenda. (A.K. Puri)

It is pretty evident that quality now means better business.
Absolutely yes! We have not fully realized that quality means
better business sense because it brings huge cost benefits in its
wake. (General H. Lal)

Quality and integrity are non-negotiable because that is the only
way to be and to behave It is important to live and practice
quality as a journey and not a destination. (Azim Premji)

It is the quality of our work which will please God and not the
quantity. (Mahatma Gandhi)

Quality is everyones responsibility. (W. Edwards Deming)

Quality is not an act, it is a habit. (Aristotle)

Quality means doing it right when no one is looking.

(Henry Ford)

In the race of quality, there is no finish line.

It is true that quality is a very talked and in fashion subject
today. Quality is a factor, which interests everyone. However,
still there is a need to create awareness about quality concepts
in our county. Awareness should not be limited to big or medium
sized organizations. Rather quality concepts should be taught in
colleges. (K.R. Singhal)

Quality management is a company-wide activity where every
member is an important participant. It aims at total satisfaction of
the customers in product as well as services. (Jayprakash Zende)

Quality so also cost of quality: unavoidable but unwelcome
erosion on the profits is process dependent Process control is
the means for making sure not only quality but also least of cost
of quality. (K.V.S.S. Iyer)

Quality has indeed become a buzzword today. Quality has
different meanings for different people. As a matter of fact,
quality needs a paradigm shift in India especially in the era of
globalization and liberalization. (Kailash Soni)

Best quality, best management, and delivery on timethe

customer wants all this and more, and that is the quality way
for the manufacturing industry. (Arvind Kapur)
The journey of quality speaks of the paradigm of a process
approach of good inputs to a high success. (Prof Priyavrat Thareja)

Thus, in broader sense, quality is a degree of excellence, the extent
to which something is fit for its purpose. Product or service quality can
be stated as:

Conformance with requirements

Freedom from defects or contamination
A degree of customer satisfaction
Customer Perception
Due to technological advancement and increase in income level of
people, customer needs and expectations are constantly changing. Also
awareness of legislation, problems, and other products availability
creates new wants for customers that turn to their new demand.
Therefore, it is necessary for organization to keep constantly improving
quality of their products.
Quality and Quality Management System

The concept of quality underlying ISO 9001:2008 QMS is meeting
requirements (needs or expectations that are stated, generally implied
or obligatory). A product or service, therefore, has quality when it
satisfies the users needs, both stated and implied, and also obligatory
(statutory and legal). Thus, quality is fitness for purpose.

Now the question arisesWho is to judge the fitness for purpose?

The customer?
The manufacturer (or provider) of the product or service?
An independent auditor?
The final judges of quality are customers. They will either inform
their suppliers directly of their dissatisfaction or make it known by
withdrawing their patronage, leading to the loss of sales for suppliers,
reduction in their market share and sometimes, the ultimate loss of
their business. Certainly, Quality is what the customer says he needs,
NOT what the supplier believes to be satisfactory.

Suppliers can establish standards of quality in their management
systems and have them assessed against internationally agreed
standards (ISO 9001:2008 QMS) by an independent, international
accredited certification body.

Quality management system (QMS) helps organization maximize
resources while minimizing waste. It will help an organization to
consistently provide product that meets customer and applicable legal
(statutory and regulatory) requirements. QMS will help identify the
causes of problems, so that the organization can define their solutions.
QMS will help organizations define their objectives and, through
continual improvement, achieve them.
How Can We Achieve Quality?

Traditional methods used include inspection, tests, audits to detect
errors and eliminating them by scrapping or reworking products to
conform specification. This system of appraisal is known as Quality
Control. Here inspection is the King.

However, the philosophy of prevention rather than detection
provides the opportunity for eliminating the chances of error. It involves
identifying opportunities for errors and taking actions to eliminate those
opportunities before a problem arises.

In order to remain in business, an organization (manufacturer as
well as service provider) has to:

Provide goods and service of right quality

Sell at the right price
Meet delivery requirements
Make a profit.
Organization can achieve the above by implementing quality management

system. A quality management system is a management system (set of
interrelated or interacting elements to establish policy and objectives
and to achieve those objectives) to direct and control an organization
with regard to quality. Accordingly, by implementing requirements
of ISO 9001:2008 QMS standard, the organization can establish and
maintain a documented quality management system as a means of
ensuring product/service conformance to specified requirements on
continual basis.
Quality System Concepts

Quality of a product/service has many aspects. However, the fact that
quality should conform to customers requirements, has now become the
focal point in managing quality in an organization. The word quality
in popular usage often means different things to different people.

Mere conformance to specifications is no longer considered as
measure of quality. Dr. Juran has, therefore, very appropriately summed
up quality as fitness for use. It is this emphasis on total effort in the
organization, that the quality often is referred as total quality. Thus,

quality from being conformance to specifications has travelled to be
total quality.

Quality control phase: Quality considered as conformance to
specifications and was based on the detection of defects at the end
of production stage and sorting out the rejects. Quality control phase
emerged as a function in industry after the Second World War.

Quality assurance phase: It put stress on process control with a
view to minimize the rejects. Statistical process control techniques were
employed to assure the product meeting specified requirements. Quality
assurance phase emerged in 1968 with the publication of Mil-Q-9858
(the first quality standard for military procurement established in
1959 by the US). In 1965, NATO (North Atlantic Treaty Organization)
accepted the AQAP (allied quality assurance procedures) specifications
for the procurement of equipments. During the 1970s, British Standards
Institution (BSI) published BS 9000 (the first UK standard for quality
assurance), BS 5179 (guidelines for quality assurance) norms and in
1972 the British Standards Institution (BSI) published BS 4891, a guide
to quality assurance.

Total quality control phase: Total quality control phase
attempts to expand quality assurance philosophy beyond manufacturing
operation into other areas of the organizational structure.

Total quality management phase: While total quality control
phase aimed at 3Ms (machine, material and method) to achieve desired
output, the total quality management encompasses men in every aspect
concerning quality. Total quality management (TQM) organization is
one where continual improvement is the norm, where everyone, at all
levels and in all functions, is committed, to a philosophy of problem
prevention rather than detection. TQM aims at integration of all efforts
in the organization towards quality improvement.
Total Quality Management (TQM)

ISO 8402:1994 defined TQM as the management approach of an
organization, centred on quality, based on participation of all its members
and aiming at long-term success through customer satisfaction, and
benefits to all members of the organization and to society. TQM brings
to quality concepts a long-term global management strategy and the
participation of all members of the organization for the benefit of the
organization itself, its members, its customers and society as a whole.

TQM is a concept that goes beyond ISO 9000. ISO 9001:2008 QMS
standard and TQM are not two different alternatives, nor is there any
contradiction between them.

ISO 9001:2008 QMS standard provides a strong base on which an
organization can build a TQM culture with a focus on the customer
involving all employees and demanding continual improvement. It is
11
advisable for organizations first to provide a formal quality framework

in the form of an ISO 9001:2008 QMS standard to create stability in
the organization and achieve consistency in quality. When the system is
well in place and has attained certification, the organization can start
using advanced concepts and tools to enhance employee motivation and
operational efficiency. Organization can use ISO 9004:2009 standard,
which provides guidelines on managing for the sustained success of an
organization. ISO 9004:2009 standard provides guidance to support the
achievement of sustained success for any organization in a complex,
demanding and ever-changing environment, by a quality management
approach.
INTERNATIONAL ORGANIZATION FOR STANDARDIZATION

AND ISO 9000
International Organization for Standardization is abbreviated as ISO.
It is a worldwide federation of national standards bodies, at present
comprising 160 members (as on 28 February 2011), one in each country.
The objective of ISO is to promote the development of standardization
and related activities in the world with a view to facilitating international
exchange of goods and services, and to developing cooperation in the
spheres of intellectual, scientific, technological and economic activity.
The results of ISO technical work are published as International
Standards. ISO has its headquarters in Geneva.

ISO 9000 is a series of standards relate to quality management
systems. ISO 9000 is not a mandatory system. It is not a government
regulation. However, it is very important customer regulation. ISO 9000
QMS standards are much more than the recent world-wide drive for
quality. ISO 9000 is international in scope and impact. The introduction
of ISO 9000 QMS has influenced to a great extent the development
of organizational efforts toward quality management. ISO 9000 QMS
standards are applicable to all types of business, whether they are
manufacturing industries (such as chemicals, electronics, paper, steel,
etc.), or services (such as banking, insurance, medicine, transportation,
hotel, etc.). ISO 9001:2008 QMS is a certifiable QMS standard of the
ISO 9000 series. ISO 9001:2008 QMS standard requires organizations to
establish and maintain a documented quality management system as a
means of ensuring product/service conformance to specified requirements
on continual basis.

ISO 9000 series standards are listed below:

ISO 9000:2005
and vocabulary
ISO 9001:2008
ISO 9004:2009
organizationA
Quality management systemsFundamentals

Quality management systemsRequirements
Managing for the sustained success of an
quality management approach

ISO 9001:2008 QMS is not TQM. ISO 9001 is a sub-component of
TQM. It is just the beginning towards TQM. International Organization
for Standardization (ISO) introduced in the year 1987, the ISO 9000
series standards (such as ISO 9000, ISO 9001, ISO 9002, ISO 9003,
and ISO 9004) as a set of guidelines for developing and demonstrating
a documented quality management system.

ISO 9000 series standards have changed the whole concept of
quality management system. ISO 9000:2000 series standards have been
adopted as National Standards or endorsed for use in more than 175
countries and economies. ISO 9000 structure is prepared by Technical
Committee ISO/TC 176.

Number of ISO 9001 certifications in the world (and also in India
and neighbouring countries)growth from the end of 2002 to the end
of 2006 is given in the table below:

Dec. 2002 Dec. 2003 Dec. 2004 Dec. 2005 Dec. 2006
World
1,67,124
India
2,247
Pakistan
167
Bangladesh
6
4,97,919
8,367
464
49
6,60,132
12,558
695
182
7,73,867
24,660
2,013
570
8,97,866
40,967
2,291
570

Number of ISO 9001 certifications in the worldgrowth from the
end of 2007 to the end of 2010 is given in the Table below:

December
December
December
December
2007
2008
2009
2010
9,51,486
9,82,832
10,64,785
11,09,905
ISO 9001 certification in a number of countries are given below:

Number of
countries

Number of
countries
98
133
149
154
161
170
175
176
178
178
Source: The ISO Website.

Up to the end of December 2010, at least 11,09,905 ISO 9001(2008)
certificates had been issued in 178 countries and economies. The 2010
total represents an increase of 45120 (+4%) over 2009, when the total
was 10,64,785 certificates in 178 countries and economies. This shows
13
the world-wide use of ISO 9001 QMS standards with increasing trend
of certification. Here it should be noted that certification is not a
requirement of the standard and many organizations are implementing
ISO 9001:2008 QMS without obtaining its certification with a view to
strengthen their quality management system.
HISTORICAL BACKGROUND: ORIGIN OF QUALITY AND

EVOLUTION OF ISO 9000
In the middle of 18th century, there was a move to urbanization and
industrial revolution, which witnessed mass production and machinery
replacing hand-skills. But the worker lost touch with the customer
resulting in deterioration of work conditions and reduction in quality.
The urbanization and industrial expansion continued right through to
the 20th century.

In the early 1900s, before the First World War, there was introduction
of scientific management concept. Frederick Winslow Taylor is renowned
for his scientific approach to increase productivity. Henry Ford introduced
moving assembly lines with similar objectives. Many others followed
and work movement provided a base for identification and analysis of
micro movements. Bonus incentives schemes became the norm with the
objective of increased productivity but not necessarily quality. The basic
idea of quality control at that time was inspection of products.

In late 1920s, Quality Guru Deming emphasized his approach to
quality. Greater emphasis was placed on a mathematical approach to
quality control and use of SPC methods. Because of greater manufacturing activity demand during World War Second, inspection remained
the King of quality.

Deming had been, imparting training to engineers and designers,
describing Shewarts SQC methods in his training. The result of his
training witnesses a marked reduction in scrap and rework.

In 1946, Deming went to Japan. His major contribution, towards
building Japan into the dominating world power in manufacturing, was
based on quality. Deming explained the need to consider the causes of
variability and split them into two typesSpecial Causes and Common
Causes. Ishikawa, Taguchi and Shingo also contributed in Japan in the
post-war years.

During and after World War Second, military purchasing was an
important element in UK and USA. In those days, it was found that
reliability of Armament used during the war was very poor; hence there
was a need to check supplies. Ministry of Defence in UK developed
a series of military purchasing standards such as Standard 0521. In
USA, NASA produced a document NPC 200-2 in 1962 laying down
the quality standard in the space technology programme and this led
to the introduction of MIL-Q-9858 Quality Programme Requirements

(the first quality standard for military procurement established in
1959 by the US) in 1963. These were primarily meant to audit the
organizational set-up of the supplier in terms of efficiency and to ensure
that suppliers were capable of meeting the requirements on the longterm basis. Benefits for adopting this kind of standardized approach
were appreciated by industries in civil sector.

In 1972, British Standards Institution (BSI) published BS 4891 A
Guide to Quality Assurance and this led to publication of the first
British Standard BS 5179. Thereafter British government set up a
Warner Committee and its report was published in 1977. Thus, after
review of earlier British Standard BS 5179, a new British Standard BS
5750 was adopted in 1979.

The ISO 9000 series of standards were derived from a number of
national standards that were established during the 1970s to provide
industry with a series of guidelines on how to establish a system for
managing product quality in manufacturing industry. The BS 5750:1979
standards had certain shortcomings. As a result of pressures applied
from the Society of Motor Manufacturers and Traders (led by Ford Motor
Company in particular), International Organization for Standardization
(ISO) developed standards on quality. This has led to the introduction
of ISO 9000 series in 198384. The ISO 9000 (BS 5750) standard was
introduced in July 1981, known as EN 29000 standards in Europe.
In 1987, on an international level, International Organization for
Standardization (ISO) introduced ISO 9000:1987 series of standards
as a set of guidelines for developing and demonstrating a documented
Quality Management System. Introduction of ISO 9000:1987 largely
followed the pattern of BS 5750:1979. In a short span of time, these
ISO standards have been adopted as National Standards or endorsed
for use in more than 100 countries world over and at present ISO 9001
certification is in 178 countries and economies.

ISO 9000 standards were first published in 1987 as a set of six
standards: ISO 8402, ISO 9000-1, ISO 9001, ISO 9002, ISO 9003 and
ISO 9004-1. ISO standards are reviewed periodically and accordingly
ISO 9000 series was reissued in July 1994 as ISO 9000:1994. ISO
9000 series have undergone major revision with the arrival of ISO
9000:2000 series standards in the year 2000. A set of three standards
(ISO 9000:2000, ISO 9001:2000 and ISO 9004:2000) were published on
15 December 2000. ISO 9000:2005, ISO 9001:2008 and ISO 9004:2009
(revised standards) have been published in the year 2005, 2008 and
2009 respectively.

Accordingly, there have been four editions to certifiable ISO 9000
series standards:

ISO
ISO
ISO
ISO
9001/2/3:1987
9001/2/3:1994
9001:2000
9001:2008
15
ISO 9000 Standards on Quality Management and Quality Assurance

International Organization for Standardization (ISO) has developed
a few standards that are related to quality management and quality
assurance. A few standards are as under:

ISO 9000:2005Quality management systemsFundamentals

and vocabulary
ISO 9001:2008Quality management systemsRequirements
ISO 9004:2009 + Cor1:2009Managing for the sustained success
of an organizationA quality management approach
ISO 10001:2007Quality managementCustomer satisfaction
Guidelines for codes of conduct for organizations
ISO 10002:2004 + Cor1:2009Quality managementCustomer
satisfactionGuidelines for complaints handling in organizations
ISO 10003:2007Quality managementCustomer satisfaction
Guidelines for dispute resolution external to organizations
ISO/TS 10004:2010Quality managementCustomer satisfaction
Guidelines for monitoring and measuring
ISO 10005:2005Quality management systemsGuidelines for
quality plans
quality management in projects
configuration management
ISO 10012:2003Measurement management systemsRequirements for measurements processes and measuring equipments
ISO/TR 10013:2001Guidelines for quality management system
documentation
ISO 10014:2006 + Cor1:2007Quality managementGuidelines
for realizing financial and economic benefits
ISO 10015:1999Quality managementGuidelines for training
ISO/TR 10017:2003Guidance on statistical techniques for ISO
9001:2000
ISO 10019:2005Guidelines for the selection of quality management systems consultants and use of their services
ISO/TS 16949:2009Quality management systemsParticular
requirements for the application of ISO 9001:2008 for automotive
production and relevant service part organizations
ISO 19011:2011Guidelines for auditing management systems
QUESTIONS

1. What do you mean by quality?
2. Express the term quality mathematically.
3. What is ISO definition of quality?

4. Which ISO standard has defined the term quality?
5. Why do organizations consider it necessary to adopt a quality

management system?
6. Quality from being conformance to specifications has travelled

to be total quality. Write a short note.
7. What is TQM?
8. What is ISO 9000?
9. Narrate historical background giving details of origin of quality

and evolution of ISO 9000.
10. Is certification to ISO 9001:2008 QMS standard mandatory?
Quality Management
Principles
The customer comes first.
Leaders establish unity of purpose.
People at all levels are essence of an organization.
Quality happens through people.
All work is part of process.
A system approach improves effectiveness and efficiency.
Improvement never ends and is necessary for consistent growth.
Analysis of data provides effective decisions.
A mutually supplier relationship creates value.
INTRODUCTION
The revision of ISO 9001 and ISO 9004 in the year 2000 had been
developed on the basis of eight quality management principles. These
principles reflected best management practice and were prepared by
international quality experts and endorsement by ISO/TC 176/SC
2 (a sub-committee of ISO). These quality management principles
are mentioned in International Standard ISO 9000:2005, Quality
management systemsFundamentals and vocabulary and also ISO
9004:2000, Quality management systemsGuidelines for performance
improvements, published by the International Organization for
Standardization, Geneva, Switzerland. Top management of an organization should use these quality management principles, so that the
organization may lead to the path towards improved performance.

ISO Central Secretariat has published a document Quality
Management Principles (English versionISBN 92-67-10332-6). This
document provides the standardized descriptions of the principles as
published in the ISO 9000:2005 and ISO 9004:2000. This document
also provides examples of the benefits derived from their use and
actions that management take in applying the principles to improve
organizations performance. This document can be obtained from ISO
17

Central Secretariat, 1 rue de Varembe, Case postale 56, CH-1211
Geneva, Switzerland. Email: central@iso.org
QUALITY MANAGEMENT PRINCIPLE

A Quality Management principle is a comprehensive and fundamental
belief, for leading and operating an organization, aimed at continually
improving performance on a long-term basis by focusing on customers
while addressing the needs of all the other stakeholders.

ISO 9001:2008 QMS standard is built upon eight quality management
principles described in ISO 9000 Standard. Briefly they are:

1.
2.
3.
4.
5.
6.
7.
8.
Customer focus
Leadership
Involvement of people
Process approach
System approach to management
Continual improvement
Factual approach to decision-making
Mutually beneficial supplier relationship
It is necessary to manage the organizations processes and activities in a

systematic and visible manner. The eight quality management principles
have been developed for use by the people of the organization in order
to have better performance. These quality management principles have
been integrated in the requirements of ISO 9001:2008 standard.

The eight quality management principles are described below:
1st Principle: Customer Focus

We know that organizations always depend on its customers. Quality is
a moving target that is defined and judged by the customer. Therefore,
organization should:

1. Understand current and future needs and expectations of its

customers for products, delivery, price, dependability, etc.
2. Ensure a balanced approach, create awareness and communicate
customer requirements throughout the organization
3. Meet customer requirements
4. Strive to exceed customer expectations
5. Measure customer satisfaction and act on results

By understanding current and future customer needs, meeting customer requirements and exceeding customer expectations, an organization
becomes customer-focused organization. By understanding the customer
needs and listening to the voice of the customer, the organization gets
valuable information and inputs to drive improvement initiatives.
Quality Management Principles
19

Benefits that may be derived from the use of customer focus
principle include:

Increased business
Increased market share
Enhanced customer satisfaction
Repeat business.
2nd Principle: Leadership

Leaders establish unity of purpose and direction of the organization.
Leadership in organization should create and maintain the internal
environment in which people can become fully involved in achieving
the organizations objectives. Top management of the organization needs
to play leadership role through management commitment, customer
focus, quality policy, planning, responsibility authority, effective
communication and management review. Therefore, the leaders of the
organization should:

Be proactive
Understand and respond to changes that are visible in the industry
environment
Establish clear vision of the organization
Build trust, eliminate fear and motivate people
Benefits that may be derived from use of leadership principle include:
Employees motivation towards organizations goals and objectives

Better understanding of organizations objectives
Better communication within the organization.
3rd Principle: Involvement of People

There are various activities in an organization and people in the
organization perform all these activities. People at all levels are the
essence of an organization. Without involvement of human resource,
nothing can be achieved. Full involvement of people at all levels enables
human resource abilities to be used for the organizations benefit. Top
management should make efforts to take maximum involvement of
people in the organization. Involvement of people can be increased in
an organization by taking steps to empower them and also by providing
ways to increase their skills and knowledge.

Benefits that may be derived from use of involvement of people
principle include:

Motivation and commitment of employees

Involvement of employees at all levels
Innovation and creativity of employees
Employees participation and contribution for continual improvement.
4th Principle: Process Approach

A desired result can be achieved more efficiently when all related
resources and activities are managed as a process.

The ISO 9001:2008 QMS standard promotes the adoption of a
process approach. It is the intention of the ISO 9001:2008 QMS standard
that the organization must adopt process approach when developing,
implementing and improving the effectiveness of its quality management
system. The main objective behind adoption of process approach is to
enhance customer satisfaction by meeting customer requirements.

To function effectively, an organization has to determine and
manage numerous linked activities. What is a process? An activity
using resources, and managed in order to enable the transformation of
inputs into outputs can be considered as a process. In the organizations
activities, the output from one process can form the input to the next
process. The application of a system of processes within an organization
can be termed the process approach. Process approach requires
determination of processes, interactions of the determined processes
and their management.

Benefits that may be derived from use of process approach quality
management principle include:

Effective use of resources

Lower cost
Shorter cycle times
Improved, consistent and desired results.
5th Principle: System Approach to Management

A system contains various interrelated processes. A system approach to
management can be explained as identifying, understanding and managing a system of interrelated processes for a given objective. A system
approach to management improves the organizations effectiveness and
efficiency, and thus necessary.

It is necessary for process centred organizations to adopt system
approach to management for ensuring sustained results and also
continual improvement in the organization. The organization needs to
use system approach to management principle from the beginning.
For example, to adopt customer focus, the organization needs to have a
system to understand customer requirements, so that the same may be
met. Proper structure of quality management system can be developed
by applying system approach to management, since this approach
creates strong linkage among various processes.

Benefits that may be derived from use of system approach to
management principle include:

Integration and alignment of processes
Quality Management Principles
21
Achievement of desired results

Increase in effectiveness and efficiency in the organization
Achievement of organizations objectives.
6th Principle: Continual Improvement

Where an organization aims to enhance customer satisfaction, the
organization must have a permanent objective of continual improvement
of the quality management system. Continual improvement is necessary
for consistent growth of an organization.

ISO 9001:2008 QMS standard specifically mentions continual
improvement as a requirement of the standard by which an organization
needs to continually improve the effectiveness of the quality management
system.

Benefits that may be derived from use of continual improvement
principle include:

Performance advantage
Improvements
Alignment of improvement activities.
Consistent growth
7th Principle: Factual Approach to Decision-making

Effective decisions can be taken if there is analysis of data and
information to demonstrate the stability and effectiveness of the quality
management system. Effective decisions are based on analysis of data
and information. Factual approach to decision making for continual
improvement is possible through analysis of data. Proper use of
statistical techniques will ease analysis of data and decision making.

In India and also in developing countries, it is seen that large and
medium-sized organizations are using statistical tools, however there is
a need to increase awareness for using statistical tools among people
working in small-scale industry. Decisions taken based on data and
analysis will lead to the right path for consistent improvement of the
processes of the organization and also the resulting product.

Benefits that may be derived from use of factual approach to
decision-making principle include:

Increased ability to have decisions based on analysis

Increased ability to review, challenge and change opinions and
decisions
Improvement in the system
8th Principle: Mutually Beneficial Supplier Relationship

An organization and its suppliers are interdependent. A mutually
beneficial relationship between the organization and its suppliers
enhances the ability to both to create value to each other. To have
the greater benefit of the mutually beneficial supplier relationship, it
is necessary to evaluate and select suppliers based on their ability to
supply product in accordance with organizations requirements.

Benefits that may be derived from use of mutually beneficial
supplier relationship principle include:

Increased ability to create value for the organization and its

suppliers
Optimization to resources
Long-term benefits.
QUESTIONS

1. What do you understand by quality management principle?
2. Describe quality management principles.
3. Describe benefits derived from quality management principles?
4. Which quality management principles are important in your

opinion for quality management system in an organization?
Step-by-Step Process
for Developing and
Implementing
ISO 9001:2008 QMS
Once an organizations top management decides to develop and
implement ISO 9001:2008 QMS, the following step-by-step process to
implement ISO 9001:2008 QMS standard may be adopted:
Step 1: Commitment from Top Management

For developing and implementing an effective quality management
system, following three things facilitate proper implementation:

Leadership
Top management commitment
Active involvement of the top management
As such, the top management of the organization should demonstrate

a commitment and determination to implement ISO 9001:2008 Quality
Management System Standard. The top management must be convinced
that registration and certification will enable the organization to
demonstrate a visible commitment to quality and continual improvement.
The top management must be aware of the overview of ISO 9001:2008
Quality Management System. For this awareness, one-day presentation
training can be organized for top management personnel, covering the
following:

Overview of ISO 9001:2008

Identification of goals and expectations
Management responsibility in ISO 9001:2008
Formulation of Quality Policy
Formulation of Quality Objectives
Appointment of Management Representative
23

Establishing a steering committee and a task force

Why appoint a consultant
Step-by-step process for implementation.
This one-day presentation can be organized by personnel, who are

trained in ISO 9001:2008 QMS. An outside consultant may be asked
to give the presentation.

The top management should demonstrate its commitment and
determination to implement ISO 9001:2008 QMS Standard by involving
themselves actively in the following tasks:

Ensuring people in the organization understand the importance

of meeting customer requirements and also legal (statutory and
regulatory) requirements
Defining organizations quality policy and quality objectives
and commitment to quality and ensuring that everyone in the
organization understands the Quality Policy and how it applies
to their work
Performing management reviews regularly to see the continuing
suitability. Adequacy and effectiveness of the quality management
system
Providing necessary resources to all quality activities

The top management team should identify the goals the organization
wants to achieve. Typical goals of an organization may be following:

Providing more efficient products (services)

Be more profitable
Producing products (services) that consistently meet customer
requirements
Achieving customer satisfaction
More business
Maintaining market share (business)
Improving communication in the organization
Improving morale in the organization
Reducing costs and liabilities
Reducing waste and rework
Increasing confidence in the production process
Technical up-gradation.
The top management should also determine what others expect from the
organization. There may be some expectations of interested parties such as
customers (and end-users), employees, suppliers, shareholders, and society.
Step 2: Appointment of a Management Representative

The top management should appoint a Management Representative to
coordinate quality management systems activities. Appointment of a
Step-by-Step Process for Developing and Implementing ...
25
Management Representative is also a requirement of ISO 9001:2008

QMS Standard. The requirement is that the top management of the
organization nominates someone from the organizations management
with authority and responsibility for quality management system.
The person nominated as Management Representative should be a
member of the organizations management. The responsibility and
authority of Management Representative cannot be assigned to an
outside person.

The Management Representative has the responsibility and authority
for ensuring that the quality management system is properly maintained
in the organization. He is a link between the top management and the
organizations people. He also has the authority to report to the top
management on the performance of the quality management system
and any improvement needs. The Management Representative is an
important person who can create awareness about the ISO 9001:2008
QMS and also customer requirements throughout the organization.

It is advisable that the Management Representative should undergo
Lead Auditor Training, so that he may be able to understand insights of
ISO 9001:2008 QMS standard, however undergoing Lead Auditor training
by the Management Representative is not a mandatory requirement.
Step 3: Establishing a Steering Committee

The top management of the organization should set up a steering
committee. The chief executive of the organization should head the
steering committee and steering committee members should include the
organizations functional heads and the Management Representative.
The committee should be responsible for the overall planning of the
implementation process, giving directions and allocating resources.

The members of the steering committee should be trained on ISO
9001:2008 Quality Management System by a professional trainer or
training organization.
Step 4: Establishing a Task Force

The steering committee should set up a task force. The Management
Representative should be made its coordinator. The task force should
be allocated the work of preparation of documentation, such as, manual,
procedures, work-instructions, etc. The task force members should
have good understanding of the organizations processes and also good
communication-writing skill.

The members of the task force should be trained on ISO 9001:2008
Quality Management System and specifically on Developing QMS
Documentation by a professional trainer or training organization.
Step 5: Appointing a Consultant

Appointing a consultant is not necessary. However, the steering committee
should determine whether a consultant is required. Appointing a
consultant may be worthwhile investment. A good consultant will effect
speedy transfer of knowledge and skills to the organization and he will
be needed to provide guidance to keep the implementation programme
on track. Consultants temporarily provide the people power to complete
the work when needed, with no further costs or commitment.

There are five general reasons to hire consultants:

1. Consultants have the experience, expertise and time that employees

may not. Organizations turn to consultants to fill the knowledge
and time gaps.
2. Consultants provide flexibility of time. Consultants work any
timeincluding nights, weekends and holidays and leave when
the project is completed.
3. Consultants offer the latest, objective point of view. Consultants
bring the latest and unbiased ideas from their vide experiences.
4. Consultants are more efficient and focus on assigned project with
sincerity.
5. Consultants may be proof of honest endeavour. Organizations
may use consultants to show that an effort is being made to
correct gaps in compliance with regulations.

Thus, a consultant may be an important resource to assist and
guide the organization in developing, implementing and maintaining
ISO 9001:2008 QMS and getting its accredited certification.

However, it is essential, before appointing consultants, to check
their working knowledge and knowledge with regard to ISO 9000 series
and ISO 9001:2008 QMS.

Costs are an important consideration in deciding to engage a
consultant; therefore, the organization should obtain quotations from
several consultants. However, please note that the cheapest consultant
may not always be the best. Emphasis should be on consultants
qualifications, knowledge and experience.

It is necessary to establish what the consultant is expected to do
and what the organization people are expected to do or provide. Hiring
a consultant should not be regarded as an exercise in shifting the
responsibility for establishing the quality system to someone else.
Step 6: Obtain Information about the ISO 9000 Family

The management representative should collect information about the
ISO 9000 family. If you have appointed a consultant, then it will be
easier for you. For general information, look to the brochure ISO 9000
Selection and Use (English Version, ISBN 978-92-67-10494-2) published
27
by International Organization for Standard (ISO), Geneva, Switzerland.

This brochure can be obtained from the central secretariat of ISO. Its
Address is: ISO Central Secretariat, 1, rue de Varembe, Case postale 56,
CH-1211 Geneva 20, Switzerland. Email: central@iso.org. The Management Representative should download relevant and supporting
information from ISO website (www.iso.org) and IAF website (www.
iaf.nu).

Purchase of the following may be useful:

ISO 9000:2005 Quality management systemsFundamentals

and vocabulary
ISO 9001:2008, Quality management systems-Requirements
ISO 9004:2009, Managing for the sustained success of an
organizationA quality management approach
ISO 19011:2011, Guidelines on auditing management systems
Various other publications/literature providing knowledge on ISO
9001:2008 QMS and related issues.
Step 7: Start ISO 9001:2008 QMS Awareness

Programme in Your Organization
ISO 9001:2008 QMS Awareness programme should be conducted
to communicate to the employees the aim of ISO 9001:2008 quality
management system, the advantage it offers (to employees, customers
and the organization), how it will work, and employees roles and
responsibilities within the system.

This programme can be conducted by the management representative
or by the task force or by consultant to talk to different levels of
employees. For general awareness, the duration of such programme
may be four hours.
Step 8: Action Plan

An action plan should be formulated for the implementation of ISO
9001:2008 quality management system. The action plan should define
the responsibilities of different departments and personnel and set
target dates for the completion of activities and should include following
activities:

Establishing steering committee

Establishing task force
Appointing management representative
Appointing consultant
Collecting information on ISO 9000 series
Purchase of Standards/books/literature
Awareness programme: Top management

Awareness programme: Steering committee

Awareness programme: Task force
Awareness programme: Employees
Training: Internal audit
Training: Documentation
Training: (on specific identified subject)
Initial status survey
Start developing documentation
Issue of documentation
Implementation to begin
Measurement, analysis and improvement activities (including
internal audit)
Management review
Preassessment audit
Certification body selection
Application for certification
Certification audit
Step 9: Training and Guidance

Training programmes should be organized for different categories of
employeessenior managers, supervisors and workers. The training
should cover the basic concepts of quality management systems and
their overall impact on the strategic goals of the organization, eight
quality management principles, the changed processes, and the likely
work culture implications of the system. In addition, initial training
may also be necessary on writing QMS documentation (including quality
manuals, procedures and work instructions, etc.), auditing principles,
techniques of laboratory management, calibration, testing procedures,
etc.

An in-depth training programme covering the following areas
should be organized for steering committee and task force members
(as necessary):

ISO 9001:2008 QMS and its requirements

Internal quality audit
Statistical tools
Developing documentation.
The organization can organize such trainings as in-house programmes.

The consultant, if appointed or an external training institution could
be invited to conduct in-house training programmes. When in-house
capacity to carry out such training programmes is not available, you
can depute your personnel to external training programmes organized
by professional training organizations.

The management representative of the organization is the key
personnel for the implementation of ISO 9001:2008 quality management
29
system. He should obtain guidance on specific topics within the quality

management system from time to time. Some topic-specific standards
(the latest versions) that may be referred to are given below:

I SO 10001, ISO 10002, ISO 10003 and ISO 10004 for customer
satisfaction
ISO 10005 for quality plans
ISO 10006 for project management
ISO 10007 for configuration management
ISO 10012 for measurement systems
ISO 10013 for documentation
ISO 10014 for realizing financial and economic benefits
ISO 10015 for training
ISO 10019 for selection of QMS consultants
ISO/TS 16949 for automotive suppliers
ISO 19011 for auditing.
Step 10: Initial Status Survey

Conduct initial status survey. Initial status survey may be useful to
establish your current status, determine the gaps between your quality
management system and the requirements of ISO 9001:2008 QMS
standard. The organization may use one or more of the following:

Self assessment
Assessment by an external organization or by consultant.
Initial status survey should be helpful in determining the following:

Any need of efforts required for the development of the ISO

9001:2008 QMS in the organization
Any need of developing or modifying documentation in compliance
to ISO 9001:2008 QMS standard in the organization
Any need of change in the organization structure and/or processes
Any need of change in the action plan
Any need of additional resources

For conducting self-assessment, checklist questions may be helpful.
Obtain or prepare checklist questions for proper assessment. After
conducting initial status survey, you will be in a position to know the
gaps between your quality management system and the requirements
of ISO 9001:2008 QMS standard. Now you know the clear path of
implementation and expected timetable as mentioned in the action plan.
Step 11: Develop Your Documentation

As per requirements of ISO 9001:2008 QMS standard, you need to
develop documentation. Development of documentation is the most

important activity in the implementation process. It is better, in the
beginning, to formulate the organizations quality policy and quality
objectives in line with vision, mission and long-term business goals of
your organization. Quality objectives need to be developed for different
levels and functions of the organization.

The members of the task force should be assigned the work of
preparation of documentation. After developing your quality policy and
quality objectives, you need to develop three levels of documentation
described below:
Level A: Quality manual: The organization needs to establish and
maintain a quality manual. The quality manual must provide the
following:

The scope of the quality management system

If there are any exclusions then such details with justification
The documented procedures established for the quality management system or their reference
Details of the interaction between the processes of the quality
management system.

The quality manual generally gives organizations profile, presents
the organizational relationships and responsibilities of personnel and
outlines the main procedures.
Level B: Quality system procedures: ISO 9001:2008 QMS standard
requires documentation to include documented procedures required by
the International Standard (six mandatory documented procedures)
and also documented procedures determined by the organization. Six
mandatory documented procedures required by the ISO 9001:2008 QMS
standard are as under:

Control of documents
Control of records
Internal audit
Control of nonconforming product
Corrective action
Preventive action.
Level C: Documents for effective planning, operation and control

of processes: This type of documents is required to be decided by the
organization. The documentation may include the following:

Work instructions or procedures describe in detail how a specific

tasks are performed, include drawing standards, methods of tests,
customers specifications, etc.
Forms, reports to be used for recording observations, etc.

A list of the documents to be prepared should be drawn up and the
responsibility for writing the documentation should be assigned to the
31
persons in various functional departments (members of task force), they

should be advised to prepare the drafts within a specific timeframe.

In your quality manual, you need to include permissible exclusions.
Before developing the quality manual of your organization, you should
review the requirements of the ISO 9001:2008-Clause 7, Product
Realization, to determine how they apply or do not apply to your quality
management system:

Customer related processes

Design and development
Purchasing
Production and service operations
Control of measuring and monitoring equipment

Before issue of any documentation for implementation, please
remember to get the documentation approved for adequacy prior to
issue as per organizations procedure on control of documents.
Step 12: Implementation

You need to close the gaps (as identified in step 10), allocate resources
to perform actions and implementation, assign responsibilities and
establish a final time schedule to complete the needed actions. For
guidance please refer to ISO 9001:2008 QMS standard, Clause 4.1
(General requirements) and 7.1 (Planning of product realization).

It will be a good practice to implement the procedures being
documented as the documentation is developed, although this may
be more effective in larger organizations. In small organizations, the
quality management system is often implemented all at once throughout
the organization. Where phased implementation takes place, the
effectiveness of the system in selected area can be evaluated. It would
be a good idea initially to evaluate areas where the chances of a positive
evaluation are high, to maintain the confidence of both management
and staff in the merits of implementing the quality management system
as per ISO 9001:2008 QMS standard. The steering committee of the
organization should monitor the implementation progress on a regular
basis.
Step 13: Internal Audit

As the system is being installed, its effectiveness should be checked by
regular internal audits. Internal audits are conducted to ensure that
the quality management system of the organization conforms to the
planned arrangements and to verify whether the documented system is
actually being implemented as laid down. When a documented quality

management system has been operating for three to six months, an
internal audit should be conducted. A few staff members should be
trained to carry out internal auditing. Even after the system stabilizes
and starts functioning, internal audits should be planned and performed
as an outgoing strategy. After conducting the internal audit, the
organization is able to know detected nonconformities. Therefore, action
should be taken promptly to eliminate the detected nonconformities and
its verification.

Make sure that nonconformance pointed out in the internal audit
are resolved by ensuring corrective action and turned to conformances.
Make sure to maintain records of the audit and its results.
Step 14: Management Review

When implementation of the documented quality management system
has been operating for three to six months and an internal audit has
been conducted, a management review should be conducted by the top
management of the organization by considering the following inputs:

Internal audit results

Customer feedback
Process performance
Product conformity
Status of corrective and preventive actions
Changes that could affect the quality management system and
recommendations for improvement

Management review forms an integral part of the quality management
system and it should be conducted at planned intervals. Make sure to
maintain records from the management review.
Step 15: Pre-assessment Audit

When system deficiencies are no longer visible, it is normally time to
apply for certification. However, before doing so, a pre-assessment audit
should be arranged with an independent and qualified auditor. Your
consultant may be able to do such an audit. Sometimes certification
bodies also provide this service for a nominal charge. The pre-assessment
audit would provide a degree of confidence for formally going ahead with
an application for certification.
Step 16: Certification

Once the quality system as per ISO 9001:2008 QMS standard has been
in operation for a few months and has stabilized, a formal application
for certification could be made to a selected certification body. The
certification body first carries out an audit of the documents (referred
33
to as an adequacy audit). If the documents conform to the requirements

of ISO 9001:2008 QMS standard, then on-site audit is carried out. If
the certification body finds the system to be working satisfactorily, it
awards the organization a certificate, generally for a period of three
years. During the three-year period, the certification body will carry out
surveillance audits to ensure that the system is continuing to operate
satisfactorily.

Certification is not a mandatory requirement of ISO 9001:2008
QMS standard. An organization may implement ISO 9001:2008 QMS
standard without obtaining certification. If an organization wishes
to get ISO 9001:2008 QMS certification, then certification should be
obtained from an accredited certification body. Please ensure that the
certification body is accredited to grant certification in the area your
organization operates.
QUESTIONS

1. Write a step-by-step process to implement ISO 9001:2008 QMS.
2. Write a short note on the commitment from top management to

implement ISO 9001:2008 QMS.
3. Examine why an organization needs a consultant to implement

ISO 9001:2008 QMS.
4. Write a short note on documentation.
5. Prepare an action plan for implementing ISO 9001:2008 QMS in

an organization.
Certification/Registration
Process
ISO 9001:2008 QMS
Implementing ISO 9001:2008 quality management system confers longterm benefits. However, an immediate goal for most organizations is
to achieve ISO 9001:2008 QMS certification. It should be noted that
International Organization for Standardization (ISO) itself neither audit
organizations nor issues ISO 9001:2008 certificates. The task of ISO
9001:2008 QMS certification/registration is carried out independently
by more than 800 certification bodies around the world.

Many organizations decide to implement ISO 9001:2008 QMS and
obtain its certification/registration because the certification/registration
assures customers that the organization has a good quality management
system in place. Many users of product require their supplier to have
ISO 9001 certification/registration. Certification is the term most widely
used worldwide, although registration is often used in America (most
widely in North America), and the two are used interchangeably and
having the same purpose.

An organization, preparing for certification/registration of its ISO
9001:2008 QMS, should contact registration/certification bodies at an
early stage of its ISO 9001:2008 QMS implementation project. A number
of certification bodies are operating in our country. If your organization
is seeking certification, you have a wide selection of certification bodies
to choose from. The organization should contact certification bodies with
brief description about the organization, nature of business and its
assessment requirements. Also find out whether the certification body
is accredited to provide certification services in your area of business.
In India, NABCB (National Accreditation Board of Certification
Bodies) grants accreditation to certification bodies. Many foreign
accreditation bodies (such as, United Kingdom Accreditation Services
UKAS, The Dutch Accreditation CouncilRvA, ANSI-ASQ National
Accreditation BoardANAB, Joint Accreditation System of Australia
and New ZealandJAS-ANZ, etc.) have also granted accreditation to
certification bodies operating in India. Therefore, there are more than
fifty certification bodies operating in India, which have been granted
34
Certification/Registration Process
35
accreditation from NABCB or any foreign accreditation body. The

management representatives role is important with regard to selection
of certification body. You should know the details of certification services
and cost of certification. Therefore, you should write letters to various
certification bodies asking their certification services details and cost of
certification. Upon receipt of your letter, certification body will advise
you the certification process as well as quotation for certification fee.
After receipt of quotation from certification bodies, you will be in a
position to decide a particular certification body. Please note that
while deciding a certification body, dont go for cheap or non-accredited
certification. Quotations will normally include a one-time certification
fee (covering a period of three years), costs per day for auditing work
(before, during and after certification), travel and other expenses. The
number of workdays required for each audit will depend on the size of
operation and the location of the organization to be audited.

Generally, the certification body follows following procedure for
quality system certification:

Documentation review

Initial visit

Initial audit

Corrective actions and verification (as necessary)

Issue of certificate

Periodical audits

Renewal of certificate.

Organizations interested in ISO 9001:2008 QMS certification should
ensure that they are operating quality management system in accordance
with the requirements of ISO 9001:2008 QMS standard. Following
application for certification by an organization, the certification body, at
the beginning of the certification process, agrees with the organization
on the scope of quality management system, then carries out a review
of the organizations documentation and the applicant (organization) is
informed of any nonconformity in the documented system against ISO
9001:2008 QMS standard. Initial visit by certification body includes
provision for the certification body to plan the initial audit, confirm the
basis of certification and discuss the review of the quality manual. At
this stage, the certification body assesses the degree of implementation
and any obvious nonconformity in the quality management systems,
which require attention before the audit. Preparing for the audit in
advance will be a right approach for which organization should make
the following preparations:

Communicate to employees about the audit, its purpose, date and

audit process
Make sure your premises (all areas of operation) are clean, safe
and having good working environment

Make sure that all current documents and records are available
at point of use
Make sure that obsolete documents are removed from the
workplace
Make sure that measuring equipment are calibrated
Keep ready a copy of the quality manual and related QMS
procedures available for the auditor
Keep ready a suitable place for auditor to work (writing audit
findings and reporting)
Assign someone to assist auditor as a guide

Following the initial visit, rectification of any notified nonconformities
and the establishment of an agreed audit plan, the certification body
would carry out the initial audit. On completion of the initial audit, the
certification body will issue a report inter alia mentioning nonconformities
with requirements of ISO 9001:2008 QMS Standard. Observations may
also be given to define or illustrate the nonconformity.

The applicant (organization seeking certification) then responds
to the nonconformities, and submits for approval, proposed corrective
actions to nonconformities found in the quality system. Thereafter, the
certification body will confirm completion of the corrective action by a
documentation review or follow-up visit, as appropriate.

Upon completion of a satisfactory initial audit, the certification
body issues to the applicant a Quality System Certificate of Conformity,
generally valid for three years, subject to compliance with the conditions
of the certificate. For maintenance of the certificate, certification body
performs periodical audits (known as surveillance audits) generally at
six/nine monthly intervals. Renewal of certificate is carried out after
three years and involves a satisfactory re-audit of the quality system.

It should be noted that International Organization for Standardization
(ISO) does not assess the conformity of quality management system to
ISO 9001:2008 QMS standard and also ISO does not issue certificates
of conformity to this standard. Certification is carried out independently
of ISO by more than 800 certification or registration bodies active in
178 countries and economies.
WHAT DOES CERTIFICATION/REGISTRATION MEAN?

Certification/registration is not a mandatory requirement of implementing
ISO 9001:2008 QMS standard. Certification may be regarded as the
formal recognition of your quality management system.

Organizations obtain certification in order to have confidence of their
quality management systems or the same could be required by their
customers. Organizations decision regarding certification/registration
might also be influenced by their competitors or by regulatory or statutory
requirements.
Certification/Registration Process
37
Why Do Customers Require Their Suppliers to Have

ISO 9001:2008 QMS Certifications?
The use of quality management systems standards has grown since they
were first published in 1987. Now ISO 9001:2008 QMS certification has
become very important criteria for selecting or identifying suppliers,
because customers have confidence that ISO 9001:2008 certified
organizations consistently provide product that meet their (customer)
and applicable legal (statutory and regulatory) requirements. ISO
9001:2008 QMS is recognized worldwide as a successful management
system for ensuring consistent quality.
How Much Will Certification Cost?

This is a question generally asked by organizations people implementing
ISO 9001:2008 QMS standard. The cost of certification will depend on
the size of your organization, and the particular certification body with
whom you choose to work. Certification body may be able to provide
details of the cost, if you send them the details of the business and
size of your organization.
INITIAL AUDIT BY CERTIFICATION BODY

Initial audit is also known as Implementation Audit, Compliance
Audit or Conformance Audit. This is an on-site assessment by the
certification body. Certification body sends its auditor(s) to the site of
the organization seeking certification. It is a systematic examination
of whether each requirement of ISO 9001:2008 QMS standard is being
implemented effectively and the procedures followed. The emphasis is on
hard data (i.e. documented evidence). The first area generally examined
is the findings of the internal audits, management reviews, corrective
actions taken, and changes made as a result of the documentation audit.
The audit generally consists of the steps outlined below:

1. Opening meeting: This is held to introduce the audit team,

confirm the scope of the audit, the timetable and reporting
method, and clarify and unclear aspects.
2. Assessment: During this step, auditor(s) will interview staff at
selected locations of the organization to determine how work is
carried out in certain areas, establish if it conforms to organization
policies and procedures, seek objective evidence of the facts and
compare the facts with the requirements of ISO 9001:2008 QMS
standard. Auditors will then put their observations in writing and
ask the organization to endorse the report. Some of the actions
that auditors may take are listed below:

Ask to see customer complaints and verify whether corrective

actions have been taken.
Ask to see internal audit reports.
Ask staff how they deal with specific requirements of the
standard.
Ask staff why they are performing certain tasks.
Ask whether an instrument (measuring equipment) has been
calibrated and if so where the evidence is.
Ask management to explain how the quality management
system works.
Ask staff about the quality policy.
3. Preparation of assessment report: At the end of the assessment,
the auditor will prepare a report detailing observations and
identifying nonconformity with the requirements of the standard.
The lead auditor will draw conclusions from the findings and
formulate the recommendations.
4. Closing meeting: There will be a closing meeting to emphasize
good points, to explain the audit observations and findings of
nonconformities, and to disclose whether or not the organization
will be recommended for certification/registration.
QUESTIONS

1. Describe the ISO 9001:2008 QMS certification/registration process.
2. Why do organizations prefer to obtain ISO 9001:2008 certification?
3. What is documentation audit?
4. What is initial audit by certification body?
5. Describe the steps outlined in initial audit.
Quality Management
System Standards
ISO 9000 Family
ISO 9000 FAMILY STANDARDS
ISO 9000 Quality Management System Standards have undergone
major changes with the arrival of ISO 9000:2000 series standards. The
ISO 9000:2000 series standards were developed to assist organization,
of all types and sizes, to implement and operate effective quality
management systems. The ISO 9000:2000 series consisted of three
main standards, viz. ISO 9000:2000, ISO 9001:2000 and ISO 9004:2000
that have also been revised as ISO 9000:2005, ISO 9001:2008 and
ISO 9004:2009 standards, respectively. However, the ISO 9000 family
has the standards, guidelines and technical reports. ISO 9000 family
includes the following three basic standards:

1. ISO 9000:2005Quality management systemsFundamentals

and vocabulary.
This standard describes fundamentals of quality management
system and also specifies the terminology used in the standards.
Eight quality management principles have been discussed in this
standard.
2. ISO 9001:2008Quality management systemsRequirements.
This standard specifies requirements for a quality management
system. This standard is used for third party certification. The
organization must meet the requirement of this standard in order
to achieve certification. However, it should be noted certification
to ISO 9001:2008 is not a requirement of this standard. Many
organizations in the world are implementing ISO 9001:2008 QMS
standard without obtaining its certification.
3. ISO 9004:2009Managing for the sustained success of an
organizationA quality management approach.
This standard provides guidelines for sustained success of an
organization using a quality management approach. However,
this standard is not used for third party certification. If an
39

organization wishes to go beyond ISO 9001:2008 QMS standard
that meets customer requirements and also focuses on sustained
success, the standard ISO 9004:2009 provides guidelines.

Other supporting standards for ISO 9000 family are:
1. ISO 19011:2011Guidelines on auditing management systems.

This standard provides with guidelines for verifying the
management systems ability to achieve defined objectives. You
should use this standard internally for internal audit of your
QMS. The earlier ISO 19011:2002 standard applied to quality
and/or environmental management systems, however, owing
to the development and publication of a growing number of
management systems standards for different disciplines such
as information security, health and safety, food safety, and risk,
ISO 19011 has been revised to be applicable to the audit of any
management systems.
2. ISO 10001:2007Quality managementCustomer satisfaction
Guidelines for codes of conduct for organizations.
3. ISO 10002:2004 + Cor1:2009Quality managementCustomer
satisfactionGuidelines for complaints handling in organizations.
4. ISO 10003:2007Quality managementCustomer satisfaction
Guidelines for dispute resolution external to organizations.
5. ISO/TS 10004:2010Quality managementCustomer satisfaction
Guidelines for monitoring and measuring.
6. ISO 10005:2005Quality management systemsGuidelines for
quality plans.
quality management in projects.
configuration management.
9. ISO 10012:2003Measurement management systemsRequirements for measurements processes and measuring equipments.
10. ISO/TR 10013:2001Guidelines for quality management system
documentation.
11. ISO 10014:2006 + Cor1:2007Quality managementGuidelines
for realizing financial and economic benefits.
12. ISO 10015:1999Quality managementGuidelines for training.
13. ISO/TR 10017:2003Guidance on statistical techniques for ISO
9001:2000.
14. ISO 10019:2005Guidelines for the selection of quality management systems consultants and use of their services.
15. ISO/TS 16949:2009Quality management systemsParticular
requirements for the application of ISO 9001:2008 for automotive
production and relevant service part organizations.
(The above list is indicative.)
Quality Management System Standards
41
ISO 9001:2008 QMS standard is a generic standard. It can be implemented

by organization of all types (such as manufacturing, service) and sizes
(such as small, medium, large). ISO 9001:2008 standard consists of five
main sections:

1. Quality management systemgeneral and documentation

requirements: This section focuses on general and documentation requirements including requirements for quality manual,
control of documents, control of records.
2. Management responsibility: This section focuses on the
responsibilities of the top management.
3. Resource management: This section focuses on the requirements for resource management including human resources,
infrastructure and work environment.
4. Product realization: This section focuses on the requirements
related to the product and/or service realization.
5. Measurement, analysis and improvement: This section
focuses on the methods used to measure, analyze and improve
the quality management system, processes, products and services.
QUICK REFERENCEISO 9001:2008

A quick reference journey to ISO 9001:2008 QMS standard is given below:
1. Scope
1.1 General

Discusses the scope in general and the term product.

It states that ISO 9001:2008 QMS requirements are generic
and can be applied to any type and size of the organization.
1.2 Application

Discusses application of requirements and concession granted
to an organization for exclusion of any requirements.
2. Normative reference
States that ISO 9000:2005 standard is a normative reference
document.
3. Terms and definitions
Terms and definitions given in ISO 9000:2005 standard apply for
the purpose of ISO 9001:2008 QMS standard.
4. Quality management system
Discusses general requirements and documentation requirements
including requirements for quality manual, control of documents
and control of records.
4.1 General requirements

4.2 Documentation requirements

4.2.1 General

4.2.2 Quality manual

4.2.3 Control of documents

4.2.4 Control of records
5. Management responsibility
Discusses management responsibility requirements for the top
management including requirements for management commitment, customer focus, quality policy, planning (including quality
objectives), responsibility, authority, management representative,
communication and management review.
5.1 Management commitment
5.2 Customer focus
5.3 Quality policy
5.4 Planning

5.4.1 Quality objectives

5.4.2 Quality management system planning
5.5 Responsibility, authority and communication

5.5.1 Responsibility and authority

5.5.2 Management representative

5.5.3 Internal communication
5.6 Management review

5.6.1 General

5.6.2 Review input

5.6.3 Review output
6. Resource management
Discusses resource management requirements for provision of
resources, human resources, infrastructure and work environment.
6.1 Provision of resources
6.2 Human resources

6.2.1 General

6.2.2 Competence, training and awareness
6.3 Infrastructure
6.4 Work environment
7. Product realization
Discusses product realization requirements such as planning of
product realization, customer-related processes, design and development, purchasing, provision and service provision (including
control, validation of processes, identification, traceability, customer
property and preservation) and control of monitoring and measuring
equipment
7.1 Planning of product realization
7.2 Customer-related processes

7.2.1 Determination of requirements related to the product

7.2.2 Review of requirements related to the product

7.2.3 Customer communication
43
7.3 Design and development

7.3.1 Design and development planning

7.3.2 Design and development inputs

7.3.3 Design and development outputs

7.3.4 Design and development review

7.3.5 Design and development verification

7.3.6 Design and development validation

7.3.7 Control of design and development changes

7.4 Purchasing

7.4.1 Purchasing process

7.4.2 Purchasing information

7.4.3 Verification of purchased product

7.5 Production and service provision

7.5.1 Control of production and service provision

7.5.2 Validation of processes for production and service provision

7.5.3 Identification and traceability

7.5.4 Customer property

7.5.5 Preservation of product
7.6 Control of monitoring and measuring equipment
8. Measurement, analysis and improvement

Discusses monitoring, measurement (of processes and product
including customer satisfaction and internal audit), control of
nonconforming product, analysis of data and improvement (including continual improvement, corrective and preventive action)
requirements.
8.1 General
8.2 Monitoring and measurement

8.2.1 Customer satisfaction

8.2.2 Internal audit

8.2.3 Monitoring and measurement of processes

8.2.4 Monitoring and measurement of product

8.3 Control of nonconforming product

8.4 Analysis of data
8.5 Improvement

8.5.1 Continual improvement

8.5.2 Corrective action

8.5.3 Preventive action
How to Obtain ISO 9000 Series Standards?
The ISO 9000 series standards are available from the ISO Central
Secretariat and ISOs national member institutes. Bureau of Indian
Standards is the national member of ISO in India. In India, you may
contact Bureau of Indian Standards (BIS) for obtaining ISO 9000 series
standards.

The addresses of ISO and BIS are as follows:
International Standardization Organization (ISO), ISO Central

Secretariat, 1, rue de Varembe, Case postale 56, CH-1211, Geneva
20, Switzerland. Phone: +44 22 7490336. Fax: +44 22 7490947.
Email: central@iso.org
Website: www.iso.org
Bureau of Indian Standards, Manak Bhavan, 9, Bahadurshah
Zafar Marg, New Delhi-110002, India. Phone: +91 11 23230131,
23233375, 23239402. Fax: +91 11 23234062, 23239399

Bureau of Indian Standards (BIS) provides Indian Standards that
are identical with international standards issued by the ISO.

Please note that this book should not be used as a substitute
of the ISO 9001:2008 QMS standard. Organizations, implementing
ISO 9001:2008 QMS, should have a copy of the ISO 9001:2008 QMS
standard. It is better to have a set of at least three standards (ISO
9000:2005, ISO 9001:2008 and ISO 19011:2011), however, procurement
of other ISO 9000 family standards will provide added advantage. This
book is developed to create awareness for implementing ISO 9001:2008
QMS and as an academic reference study.
ISO 9001:2008 QMS

General
An organization should adopt a quality management system as its
strategic decision. An organizations quality management system design
and implementation has influence on the following factors:

Varying needs of the organizationEvery organization has its

own needs and one organizations needs may differ from other
organizations
Particular objective(s) of the organizationEvery organization
has its particular objective(s)
Product(s) provided by the organization
Processes employed in the organization
Size of the organization
Structure of the organization
Organizations environment, changes in that environment and
risks associated with that business environment.
The intention of the ISO 9001:2008 QMS standard is not to imply

uniformity in the structure of quality management system or uniformity
of documentation (such as quality manual, system procedures, etc.). Due
to the above influence factors organization can have its own structure
of its quality management system and its documentation. Quality
management system documentation of one organization can differ from
45
another organization due to the above influence factors and also due
to the complexity of processes employed, and their interaction, and the
competence of personnel working in the organization.

All requirements specified in the standard are complementary
to requirements for products. In the ISO 9001:2008 QMS standard,
information marked NOTE has been mentioned at the bottom of the
requirement. This note has been given in the standard for guidance in
understanding or clarifying the associated requirement.

ISO 9001:2008 QMS standard is used to assess the organizations
ability to meet customer requirements, statutory and regulatory
requirements and the organizations own requirements. The ISO
9001:2008 QMS standard can be used by:

Internal parties (such as organizations people, internal auditor)

External parties (such as customer, prospective customer)
Certification bodiesThe ISO 9001:2008 QMS standard is a
certifiable standard and certification bodies grant certification of
conformance to ISO 9001:2008 QMS standard.
ISO 9001:2008 QMS standard has been developed on the basis of eight
quality management principles stated in ISO 9000:2005 standard.
Process Approach
The ISO 9001:2008 QMS standard promotes the adoption of a process
approach. It is the intention of the ISO 9001:2008 QMS standard
that the organization must adopt process approach when developing,
implementing and improving the effectiveness of its quality management
system. The main objective behind adoption of process approach is to
enhance customer satisfaction by meeting customer requirements.

To function effectively, an organization has to determine and
manage numerous linked activities. What is a process? A process is
defined as an activity or set of activities using resources, and managed
in order to enable the transformation of inputs into outputs. In the
organizations activities, the output from one process can form the input
to the next process. The application of a system of processes within an
organization can be termed process approach. Process approach requires
determination of processes, interactions of the determined processes and
their management. In this connection, general requirements mentioned
in clause 1.1 of the ISO 9001:2008 QMS standard are relevant.

Ongoing control is one advantage of the process approach. Process
approach provides over the linkage between the individual processes
within the system of processes, as well as over their combination and
interaction. A process approach (when used in the quality management
system) emphasizes the importance of:

Understanding customer requirements, applicable statutory and

regulatory requirements and organizations own requirements

Fulfilling customer requirements, applicable statutory and

regulatory requirements and organizations own requirements
The need to consider processes in terms of added value
Continual improvement of processes based on objective measurement.

The model of a process-based quality management system has been
shown in figure 1 of the ISO 9001:2008 QMS standard. The model
shows the concepts of the process linkage presented in clause 4 to 8
of the ISO 9001:2008 QMS standard. It shows that customers play
a significant role in defining requirements as inputs. Monitoring of
customer satisfaction requires the evaluation of information relating
to customer perception. It requires, whether the organization has meet
the customer requirements. The model covers all the requirements of
the standard, however, the model does not show processes at a detailed
level.

The ISO 9001:2008 QMS standard suggests applying the PDCA
(Plan-Do-Check-Act) methodology to all processes.
Plan
Do
Check
Act
: Establish the objectives (organizational goals at relevant

functions and levels within the organization) and processes
necessary to deliver results. The results should be in accordance
with customer requirements and the organizations policies.
: Implementation of processes as planned.
: Monitor and measure processes and product and report the
results. Monitoring and measuring processes and product
should be against organizations policies, objectives and
requirements for the product.
: Take actions to continually improve performance of its processes.
Comments
What is meant by process approach?
Unfortunately, people confuse the term process and system. It
is necessary to understand both terms clearly. A process is a set
of interrelated or interacting activities, which transforms inputs
into outputs. The process of a business is the totality of all of the
individual activities that the business performs. The process includes
identifying a customer need, creating a product or service concept to
meet the need, defining how that concept will be executed, executing
or deploying the concept, measuring customer satisfaction, and
continually improving both concepts and deployment. To manage the
process, the organization develops management systems, including
financial, human resources, materials, quality, environmental, health
and safety, and other management systems. Some of these systems
will meet the international standards such as ISO 9001: 2008 QMS
standard.

In each such system, there are number of component processes.
The summation of these component processes constitutes the specific
47
management system. Typical processes in the quality management

system include leadership, planning, administration, purchasing,
training, design and development, production and service, operations,
measurement, audit, corrective and preventive actions, and improvement.

A process map is a very significant tool as part of quality
management system of an organization. Part of creating this map is
defining where process starts and ends and determining: the specific
activities that need to be performed, the process owners for each of
the activities, and customer satisfaction measures. From this map,
the organization can begin to define which QMS-related processes are
involved and how organization can flowchart them in detail, improve
them, update the flowchart, and document, deploy and maintain the
process.
Relationship with ISO 9004

ISO 9001 and ISO 9004 standards have been designed to complement
each other. However both the standards can be used independently.
Both the standards (ISO 9001:2008 and ISO 9004:2009) have different
scopes.

ISO 9001:2008 QMS standard specifies requirements for a quality
management system that can be used for:

Internal application by an organization, or

Certification, or
Contractual purposes.
ISO 9004:2009 standard provides guideline beyond the requirements

given in the ISO 9001:2008 QMS standard. ISO 9004:2009 standard
provides a quality management approach guidelines for managing for
the sustained success of an organization.

ISO 9001:2008 QMS standard focuses on the effectiveness of
the quality management system in meeting customer requirements,
applicable statutory and regulatory requirements and organizations own
requirements. ISO 9004:2009 provides guidance on a wider range for
the sustained success of an organization by using a quality management
approach. At the time of publication of ISO 9001:2008 QMS standard,
ISO 9004:2000 standard was under revision. The revised edition of ISO
9004:2009 provides guidance to management for achieving sustained
success and this is expected for any organization in an environment
that may be complex, demanding and ever changing. If top management
of an organization wishes to move beyond the requirements of ISO
9001:2008 QMS standard (in pursuit of continual improvement of
performance and the sustained success of the organization), then ISO
9004:2009 is recommended as a guide. However, it should be noted that
ISO 9004:2009 is not developed for certification or contractual purposes.
If an organization wishes to implement ISO 9004:2009, then it can use

the standard as a guide, but the organization will not be able to get
certificate of conformance to ISO 9004:2009 standard.
Compatibility with Other Management Systems

For the benefit of the user community, ISO 9001:2008 QMS standard
is developed by providing due consideration to ISO 14001:2004 EMS
standard. Purpose is to enhance the compatibility of these two standards
(one on quality management systems and other on environmental
management systems) for the benefit of the user community. ISO
9001:2008 QMS standard does not include requirements specific to
other management systems (such as environmental management
system, occupational health and safety management system, financial
management system, risk management system, social responsibility
management system). However, ISO 9001:2008 QMS standard enables
an organization to align or integrate its own quality management
system with related management system requirements. An organization
can adopt its existing management systems (such as environmental
management system, occupational health and safety management
system, financial management system, risk management system and/
or social responsibility management system) in order to establish a
quality management system that complies with the requirements of
ISO 9001:2008 QMS standard.

There have been instances where organizations have adopted
Integrated Management Systems integrating ISO 9001:2008 QMS,
ISO 14001:2004 EMS and OHSAS 18001:2007 and such instances are
growing day by day as users find implementing integrated management
systems cost-effective.
QUESTIONS

1. Describe the ISO 9000 family.
2. Which is a certifiable standard in the ISO 9000 family?
3. Can an organization get certification to ISO 9004:2009 standard?
4. It is better to procure a few standards for implementing ISO

9001:2008 QMS. Which standards will you suggest to procure
and why?
5. What do you understand by process approach?
6. Who can use ISO 9001:2008 QMS standard?
7. Describe PDCA.
8. Describe the relationship of ISO 9001:2008 QMS standard with

ISO 9004 standard and compatibility with other management
systems?
Scope and Normative

Reference
ISO 9001:2008 QMS
Clauses 1 to 3 of the ISO 9001:2008 QMS standard are organized as

under:

Clause

1

2

3
Scope
1.1 General
1.2 Application
Normative Reference
Terms and Definitions
SCOPE
ISO 9001:2008 QMS standards specifies requirements for a quality
management system:

1. Where an organization needs to demonstrate its ability to

consistently provide product that meets: (i) customer requirements,
and (ii) applicable legal (= statutory + regulatory) requirements,
and
2. Where an organization aims to enhance customer satisfaction
through the effective application of the system and the assurance
of conformity to customer and applicable legal (= statutory +
regulatory) requirements.
The term product mentioned in the ISO 9001:2008 QMS standard

applies to the product intended for a customer, or the product
required by a customer, and it includes services. The term product also
applies to any intended output resulting from the product realization
processes.
49

Comments
What does a product mean? A product is a result of activities or
processes (set of interrelated or interacting activities which transform
inputs into outputs). There are four generic product categories
mentioned in ISO 9000:2005 standard1. Services, 2. Software,
3. Hardware, and 4. Processed material.

All requirements of the ISO 9001:2008 QMS standard are generic.
The requirements mentioned in the ISO 9001:2008 QMS standard
are intended to be applicable to all organizations regardless of type,
size and product provided. Accordingly, ISO 9001:2008 QMS standard
requirements are applicable to all types of business, whether they are
manufacturing industries (such as, chemical, electronic, paper, steel,
etc.) or services (such as banking, insurance, medicine, transportation,
hotel, etc.).

Clause 1.2 (Application) provides concession to organization for
exclusion of any requirement(s). It provides that where any requirement(s)
of the ISO 9001:2008 QMS standard cannot be applied due to the nature
of an organization and its product, this can be considered for exclusion.
Exclusions are limited to requirements within Clause 7 of the ISO
9001:2008 QMS standard. The organizations claim of conformity to the
ISO 9001:2008 QMS standard are acceptable (i) only when exclusions
are limited to requirements within Clause 7 of ISO 9001:2008 standard
and (ii) such exclusions do not affect the organizations ability or
responsibility (to provide product that fulfils customer and applicable
statutory and regulatory requirements). Organizations cannot claim
exclusions to the requirements mentioned in Clauses 4, 5, 6 and 8 of
the ISO 9001:2008 QMS standard.

Some of the requirements in Clause 7 of ISO 9001:2008 QMS
standard may not apply to your organization. If your organization is
not involved in designing activities, then the requirements of Clause 7.3
will not apply to your organization. If an organization manufactures a
product designed and developed by its customer, then the requirements
of Clause 7.3 could be excluded.

The Clause 7.5.2 (validation of processes) applies to processes where
resulting output cannot be verified by subsequent monitoring and
measurement. Where resulting output can be verified by subsequent
monitoring and measurement, then the requirements of Clause 7.5.2
could be excluded.

If an organization does not receive customer property, the requirements of Clause 7.5.4 (customer property) could be excluded.

If no physical monitoring/measuring equipment is employed, then
the specific requirements within Clause 7.6 for calibration or verification
of measuring equipment at specified intervals could be excluded.

Please note that an organization cannot exclude any requirements of
Clause 7 simply because the organization does not want to meet them.
Scope and Normative Reference
51

More information can be found in the Guidance on ISO 9001:2008
Clause 1.2 Application published by ISO as document ISO/TC 176/SC2/
N524 and can be downloaded from the website www.bsi.org.uk/isotc176-sc2. The International Accreditation Forum (IAF) has also issued
guidelines on the application of ISO 9001 QMS, which addresses the
issue of exclusion. IAF website: www.iaf.nu
NORMATIVE REFERENCE
The ISO 9001:2008 QMS standard refers to ISO 9000:2005 as normative
reference document. ISO 9000:2005 is a standard pertaining to ISO 9000
family and it relates to Quality management systemFundamentals
and vocabulary.

The ISO 9000:2005 standard describes fundamentals of quality
management system and also specifies the terminology used in the
standards. Eight quality management principles have also been provided
in this standard. ISO 9000:2005 standard describes the following twelve
fundamentals of quality management systems:

1. Rationale for quality management system

2. Requirements for quality management systems and requirements
for products
3. Quality management systems approach
4. The process approach
5. Quality policy and quality objectives
6. Role of the top management within the quality management
system
7. Documentation (value of documentation and types of documents
used in quality management systems)
8. Evaluating quality management systems (evaluating processes
within the quality management system, auditing the quality
management system, reviewing the quality management system,
and self-assessment)
9. Continual improvement
10. Role of statistical techniques
11. Quality management systems and other management system
focuses
12. Relationship between quality management systems and excellence
models
TERMS AND DEFINITIONS

As mentioned above the terms and definitions given in the latest edition
of ISO 9000:2005 standard apply for the purposes of the ISO 9001:2008
QMS standard.

ISO 9000:2005 is the standard that provides fundamentals and
vocabulary related to quality management systems. ISO 9000:2005
standard provides definitions to the following terms:

Terms relating to quality: Quality, requirement, grade,

customer satisfaction, capability, and competence.
Terms relating to management: System, management system,
quality management system, quality policy, quality objective,
management, top management, quality management, quality
planning, quality control, quality assurance, quality improvement,
continual improvement, effectiveness, and efficiency.
Terms relating to organization: Organization, organizational
structure, infrastructure, work environment, customer, supplier,
interested party, and contract.
Terms relating to process and product: Process, product,
project, design and development, and procedure.
Terms relating to characteristics: Characteristic, quality
characteristic, dependability, and traceability.
Terms relating to conformity: Conformity, nonconformity,
defect, preventive action, corrective action, correction, rework,
regrade, repair, scrap, concession, deviation permit, and
release.
Terms relating to documentation: Information, document,
specification, quality manual, quality plan, and record.
Terms relating to examination: Objective evidence, inspection,
test, verification, validation, qualification process, and review.
Term relating to audit: Audit, audit programme, audit
criteria, audit evidence, audit findings, audit conclusion, audit
client, auditee, auditor, audit team, technical expert, audit plan,
audit scope, and competence.
Terms relating to quality management for measurement
processes: Measurement management system, measurement
process, metrological confirmation, measuring equipment, metrological characteristic, and metrological function.

Terms, used in the ISO 9001:2000 standard, were changed to reflect
the vocabulary used in the 1994 version of ISO 9001/2/3). The following
terms in ISO 9001:2000 QMS standard described the supply chain:

Supplier
Organization
Customer
The term used in

ISO 9001:1994
have been changed
to the term in
ISO 9001:2000
Subcontractor
Supplier
Supplier
Organization
Scope and Normative Reference
53

Accordingly, (i) a supplier is the organization or person that provides
a product to the organization and (ii) the organization is group of people
and facilities (with an arrangement of responsibilities, authorities and
relationships) that provides a product to the customer.

ISO 9001:2000 QMS standard (the earlier version) described the
supply chain, however, this has not been described in the current
ISO 9001:2008 QMS standard as the terms supplier, organization and
customers are clear and also defined in ISO 9000:2005 standard. Here
it is important to note that the term organization in the supply chain
refers to the unit to which the ISO 9001:2008 QMS standard applies.
The term product also means service, which is the result of a process.
QUESTIONS

1. What is the scope of ISO 9001:2008 QMS standard?
2. Can one-man organization providing consultancy services implement ISO 9001:2008 QMS standard and obtain certification?
3. Write a short note on the application of ISO 9001:2008 QMS

standard?
4. Which standard is the normative reference document for ISO

9001:2008 QMS standard?
5. Can an organization exclude any requirements of Clause 7

because it does not want to meet them?
General and Documentation

Requirements
ISO 9001:2008 QMS
Clause 4 of ISO 9001:2008 standard deals with the basic general and
documentation requirements for establishing a quality management
system. The relevant sub-clauses are as under:

4 Quality Management System
4.1 General Requirements
4.2 Documentation Requirements

4.2.1 General

4.2.2 Quality manual

4.2.3 Control of documents

4.2.4 Control of records
GENERAL REQUIREMENTS
According to the requirements of the standard, the organization is
required to:

Establish (set-up on a permanent basis, install, or create) a

quality management system
Document (write on hard copy or soft copy) the quality management
system
Implement (as established and documented) the quality management system
Maintain the quality management system.
The organization is also required to continually improve the effectiveness

of the quality management system in accordance with the requirements
of the ISO 9001:2008 QMS standard.
54
General and Documentation Requirements
55
Comment
The words continually improve the effectiveness were not used in
ISO 9001:1994 version. The ISO 9001:2000 as well as ISO 9001:2008
standards lay down an emphasis on continual improvement of the
quality management system.
Accordingly, the organization needs to:

Determine the processes needed (required) for the quality

management system
Apply determined processes throughout the organization
Determine the sequence and interaction of the determined processes
Determine criteria and methods to ensure the effective operation
and effective control of the determined processes
Ensure the availability of resources (such as, human resources,
infrastructure and work environment) and information necessary
to support the operation and monitoring of the determined
processes
Monitor, measure and analyze the determined processes
Implement actions necessary to achieve planned (desired) results
(objectives) and continual improvement of the determined
processes.

Determined processes must be managed by the organization
in accordance with the requirements of the ISO 9001:2008 QMS
standard. The determined processes needed for the quality management
system should include processes for management activities (such as
demonstrating management commitment, determining and meeting
customer requirements, establishing quality policy, quality management
system planning, establishing quality objectives, defining responsibility
and authority, appointing management representative, establishing
appropriate communication processes, conducting management review,
etc.), provision of resources (human resources, infrastructure and
work environment), product realization (planning, determining and
reviewing requirements related to product, providing effective customer
communication, design and development, purchasing, production and
service delivery, controlling monitoring/measuring equipment, etc.) and
measurement (such as, monitoring customer satisfaction, conducting
internal audit, of the system monitoring/measuring processes and
product, controlling nonconforming product, analyzing data and
continual improving the effectiveness of the quality management system
through corrective and preventive action). The ISO 9001:2008 QMS
standard promotes the adoption of process approach.

Comments
The word identify (mentioned in clause 4.1 of the ISO 9001:2000)
has been replaced by the word determine in the new version.
Accordingly, now the organization needs to determine the processes
needed for the quality management system and their application
throughout the organization. The new version has made the
requirement more clearly in meaning.
The changes appeared in ISO 9001:2008 standard are more of
editorial improvement. There appears no change in the intent of
the requirement. However, the word identify means to establish
the identity, while the word determine means to decide or settle
conclusively and authoritatively, to give direction to .
As we could understand that ISO 9001:2000 wants to establish the
identity of the processes needed for the quality management system,
while the ISO 9001:2008 wants to decide or settle conclusively and
authoritatively the processes needed for the quality management
system and to give direction to such processes.
The difference between identify and determine appears to be
quite large. In identifying the processes just find out and name the
processes; while in determining the processes, it need to apply some
formula/criteria to those processes that may have impact on the
quality management system of the organization.

Where an organization chooses to outsource any process that affects
product conformity to requirements, the organization is required to
ensure control over such processes. Control of such outsourced processes
(type and extent of control to be applied) required to be defined within
the quality management system. Some of the outsourced processes
may be fabrication, assembly, painting, finishing, welding, etc. in the
manufacturing sector. Control of outsourced process can be determined
by establishing process objectives and verifying that the supplier has
met organizations process objectives.

In the new version (ISO 9001:2008), three notes have been mentioned
at the end of the Clause 4.1, clarifying: (i) processes needed for the QMS,
(ii) an outsourced process, and (iii) responsibility of the organization.
Accordingly:

Processes needed for the QMS include (a) processes for management
activities, (b) processes for provision of resources, (c) processes for
product realization, and (d) processes for measurement, analysis
and improvement.
An outsourced process is a process that the organization needs
for the quality management system of the organization and which
the organization chooses to have performed by an external party
(another organization or person). An outsourced process is one
57
that is managed by external party (another organization or

person) for and on behalf of the organization.
Ensuring control over outsourced processes does not absolve the
organization of the responsibility to fulfill all customer and legal
requirements. In case organization outsources any process, then
it is the responsibility of the organization to ensure that all
customer and legal requirements are fulfilled.
Comments
If we carefully look at the requirements under this clause, we notice
that emphasis has been laid on the quality management principles
particularly on the following:
Process approach
System approach to management
Continual improvement
Factual approach to decision-making.
DOCUMENTATION REQUIREMENTS
Documentation and record keeping are important aspects of the ISO
9001:2008 quality management system. Organizations implementing
ISO 9001:2008 QMS need to develop and establish documentation
(including quality policy, quality objectives, quality manual, procedures,
etc.) and also to keep records of information that is useful in operation
and assessment of the organizations quality management system. The
quality management system documentation of the organization needs
to include the following documents:

1.
2.
3.
4.
5.
6.
Documented statement of a quality policy

Documented statement(s) of quality objectives
A quality manual
Documented procedures required by the standard
Records required by the standard
Documents (such as procedures, work instructions, etc.) determined
by the organization to ensure the effective planning, operation
and control of its processes
7. Records determined by the organization to ensure the effective
planning, operation and control of its processes.
With regard to control of records, a reference to Clause 4.2.4 of the ISO

9001:2008 QMS standard is needed. Clause 4.2.1 of the ISO 9001:2008
QMS standard provided various clarifications, such as:

1. Documented procedure in the ISO 9001:2008 standard means

that the procedure is established, documented, implemented
2.

3.
and maintained. It is also clarified that a single document may

address the requirements for one or more procedures. Further
clarified that a requirement for a documented procedure may be
covered by more than one document.
Quality management system documentation (such as quality policy,
quality objectives, quality manual, procedures, documents and
records) of one organization can differ from another organization
due to various reason(s) including the following:
(a) size of the organization
(b) type of its activities
(c) complexity of its processes, and interactions between the
processes
(d) competence of personnel working in the organization.
The quality management system documentation of the organization
can be in any form or type of medium (such as hard copy or
electronic media or in any language).

Clause 4.2.1 of ISO 9001:2008 QMS standard requires the quality
management system documentation will include documented procedures required by the ISO 9001:2008 QMS standard. Documented
procedures required by the ISO 9001:2008 QMS standard are the six
documented procedures as mentioned below:

Clause Title
4.2.3
4.2.4
8.2.2
8.3
8.5.2
8.5.3
Control of records
Internal audit
Corrective action
Preventive action
The 1994 version of ISO 9000 series were often criticized because of
their heavy emphasis on documenting procedures. The 2000 version
of ISO 9001 standard has reduced the requirement of documenting
procedures to just a few areascontrol of documents, control of records,
internal audit, control of nonconforming product, corrective action and
preventive action (six mandatory documented procedures) and the same
have been retained in the new version (ISO 9001:2008 QMS standard).
In addition to the six mandatory documented procedures required by the
ISO 9001:2008 QMS standard, it is for the organization to decide the
documents (information and its supporting medium), determined by the
organization, to ensure effective planning, operation and control of its
processes. Such documents may include process maps, process procedure,
organization chart, quality plans, work instructions, specifications,
reports, internal references, external reference documents, various
records, etc. Why are documented procedures necessary? Documented
procedures are necessary in ensuring the effective operation and control
59
of the processes. Documented procedures are also an evidence of effective

planning of activities to be carried out. A procedure is a sequence of
steps to execute a given task. A procedure prescribes how one should
proceed in order to produce a desired output.

The ISO 9001:2008 QMS standard also states that the quality
management system documentation to include records required by the
ISO 9001:2008 QMS standard. In this connection the reference of clause
and records required by the ISO 9001:2008 QMS standard are given
below:
Clause
Records required
5.6
Management reviews
6.2.2(e) Appropriate records of education, training, skill and experience
7.1(d) Records showing evidence that the realization processes and
resulting product fulfil requirements
7.2.2 Records of the results of the review of the requirements and
actions arising from the review
7.3.2
Design and development inputs
7.3.4 Results of design and development reviews and any necessary
actions
7.3.5 Results of design and development verification and any
necessary actions
7.3.6 Results of design and development validation and any
necessary actions
7.3.7 Results of review of design and development changes and any
necessary actions
7.4.1 Purchasing process (results of supplier evaluation and actions
arising from such evaluations)
7.5.2(d) Validation of processes for production and service provision
(where the resulting output cannot be verified by subsequent
monitoring or measurement)
7.5.3 Identification and traceabilitythe unique identification of
the product, where traceability is a requirement
7.5.4 Customer property (lost, damaged or otherwise found to be
unsuitable for use).
7.6(a) Basis used for calibration or verification of measuring equipment, where no international/national measurement standards
exist
7.6 Control of monitoring and measuring equipmentrecord
the validity of the previous measuring results when the
equipment is not found to conform to requirements
7.6
Records of the results of calibration and verification of
monitoring and measuring equipment
8.2.2
Internal audits and their results
8.2.4 Evidence of the product conformity with the accepted criteria
and records indicating the person(s) authorizing release of
product

8.3 Nature of nonconformities and any subsequent actions taken,
including concession obtained
8.5.2
Results of corrective action
8.5.3
Results of preventive action

In addition to above, the organization may have records determined
by the organization to be necessary to ensure effective planning,
operation and control of the processes of the organization. With regard
to control of records, a reference to Clause 4.2.4 of the ISO 9001:2008
QMS standard is needed.
Comment
ISO 9001:2008 standard requires analysis of data. As such, the
organization should also have records that provide information
relating to analysis of data for customer satisfaction, conformity to
product requirements, characteristics and trends of processes and
products (including opportunities for preventive action) and suppliers.
Quality Manual
The organization needs to establish and maintain a quality manual
(document specifying the quality management system of the organization).
The quality manual must include the following:

The scope of the quality management system of the organization

Details of exclusions (if any) with justification
The documented procedures established for the quality management system (six mandatory documented procedures as required
by the ISO 9001:2008 QMS standard and also documented process
descriptions), or their reference
Details of the interaction between the processes of the quality
management system of the organization.
The details and format of the quality manual of one organization may
differ from another organization to suit the size of the organization and
complexity of its processes. Quality manual is a document containing
a number of documents that provide consistent information about the
organizations quality management system.

To achieve control, there must be a structure of documentation and
such structure must be defined in the organizations quality manual.
Please remember that now it is very important to describe the details
of exclusions (if any) and its justification in the quality manual. The
permissible exclusions are mentioned in Clause 1.2 (under the heading
Application) of the ISO 9001:2008 QMS standard.
61
Control of Documents
All documents required by the quality management system of the
organization need to be controlled. Records are also required to be
controlled as per requirements mentioned in Clause 4.2.4 of the ISO
9001:2008 standard. This is separately addressed in this chapter under
the heading Control of Records. For control of documents, a procedure
is required to be documented. The documented procedure needs to define
the controls needed:

To approve documents for adequacy prior to issue

To review and update as necessary and re-approve documents
To ensure that changes and the current revision status of
documents are identified
To ensure that relevant versions of applicable documents are
available at points of use
To ensure that documents remain legible (clearly readable) and
readily identifiable
To ensure that documents of external origins are determined
(which are necessary for the planning and operation of the quality
management system)
To ensure that distribution of determined external origin documents
are controlled
To prevent the unintended use of obsolete documents.
To apply suitable identification to obsolete documents if they
retained for any purpose.

Approval of document for adequacy prior to issue means that some
authority (with responsibility to manage and direct quality management
system affairs of the organization) has agreed the document before being
made available for use (i.e. approval before the document is distributed,
or published or made available to the users).

Reviewing document means another look at the document and this
is a task, which should be carried out at the time following the issue
of the document by the management representative or by the person,
who is linked with the affairs mentioned in the document. Review of
document may be carried out randomly or periodically. Periodic review
is proactive action and it is better if the management representative
carries out periodic review (at least once in a year) of the issued
document. If a document is updated with any change, then the same
is required to be approved for adequacy prior to issue.

Changes to document may be identified by mentioning a change
record within the document that denotes the nature of change. Current
revision status of document may be identified by issue number, revision
number or date of the document.

To ensure that document is available at the point of use, the
organization needs to establish who needs which document at what

time. The document access should be available to persons who need it
for better work performance.

To ensure that documents remain legible and readily identifiable, it
is required that contents of the documents are readable and documents
can be identified easily. Document identification can be done by
classification, titles or identification numbers of documents.

In order to control the distribution of external documents, the
organization should establish appropriate process or mechanism for
identification, classification, distribution and availability of such external
documents.

Obsolete documents should not be available at the point of use. Use
of obsolete documents may lead to errors, failures or hazards, which
become an evidence of nonconformity. Sometimes superseded or obsolete
documents need to be retained by the organization for a variety of
reasons (e.g. legal or reference purpose) and for this the organization
must have a method of identifying the status of such documents to
prevent their accidental use in place of current documents. In practice,
organizations put stamp as Obsolete Document in red ink on the
face of the obsolete document.

For effective document control, the following points should also be
taken due care:

The documents (manual, procedures, and work-instructions)

should be written as a value-added proposition, not only as
required step in the compliance process of the ISO 9001:2008
standard.
The documents style, format, vocabulary and language should be
easy to understand.
The process owners should be included in writing relevant
procedures or in reviewing the documents. Make sure that
the people who use the document are involved in writing and
reviewing them.
The change (revision of documentation) process should be
accessible to the people most affected by document inadequacies.
Developing an effective value-added controlled document requires
planning and regular monitoring.
Write processes as they exist.
Developing reliable and consistent process execution is critical
for effective production planning.
Make sure that documents are available at the point of use.
Providing electronic access to documents at the point of use may
be one good solution.
Manage document changes efficiently.
Documents should be reviewed regularly for accuracy. Failing
to review documents for accuracy is one of the bigger mistakes
organization does.
Keep documents content current and accurate.
63
Control of Records
Records established and determined must be controlled. The purpose to
maintain records is to provide evidence of conformity to requirements
and of the effective operation of the quality management system.
Records must remain:

Legible
Readily identifiable
Retrievable.
For control of records, a procedure is required to be documented. The

documented procedure needs to define the controls needed for the:

Identification of records
Storage of records
Protection of records
Retrievable of records
Retention of records
Disposition of records.

Why managing and controlling records necessary? Records exist in
every organization. Records provide with information to help people
to manage processes of the organization effectively. Records are the
evidence of the past performance. Records provide with information of
results achieved or evidence of activities performed. Appropriate ways to
control records include indexing, filing, proper keeping so that the risk of
deterioration, damage or loss of record is minimized. It is better to decide
who will have access to which records and how readily available and
identifiable. Proper indexing, filing and safe keeping facilitate retrieval
of records. It is better that records are not destroyed or disposed of
before the end of their usefulness. While deciding the retention time of
a particular record, also look into the legal requirements in this regard,
so as to avoid forthcoming problems. Control on disposition of records
should ensure that records are not destroyed prior authorization and
organization should specify the method of disposal.

Records serve three purposes: (i) Records provide evidence of
conformity with the requirements of the ISO 9001:2008 QMS standard;
(ii) Records demonstrate that the organization has an effective quality
management system; and (iii) Records document continual improvement.
QUESTIONS

1. What are the general requirements of ISO 9001:2008 QMS

standard?
2. What may be the processes for management activities that need

control?

3. Describe the documentation requirements of ISO 9001:2008 QMS

standard.
4. Name the six documented procedures required by the ISO

5. Why are documented procedures necessary in an organization?
6. Why are records necessary in an organisation?
7. What are the documentation requirements with regard to quality

manual in ISO 9001:2008 QMS?
8. Specify the requirements for the control of documents for

implementing ISO 9001:2008 QMS.
9. Specify the requirements for the control of records for implementing

ISO 9001:2008 QMS.
10. Write short notes on: (a) Retention time of record, (b) Disposition
of record.
Management Responsibility
ISO 9001:2008 QMS
Management responsibility section in ISO 9001:2008 QMS standard

mentions requirements for the top management of an organization.
Clause 5 of ISO 9001:2008 QMS standard deals with management responsibility requirements. The relevant clause and sub-clauses are as under:

5 Management responsibility
5.1 Management commitment
5.2 Customer focus
5.3 Quality policy
5.4 Planning

5.4.1 Quality objectives

5.4.2 Quality management system planning
5.5 Responsibility, authority and communication

5.5.1 Responsibility and authority

5.5.2 Management representative

5.5.3 Internal communication
5.6 Management review

5.6.1 General

5.6.2 Review input

5.6.3 Review output
MANAGEMENT COMMITMENT
Responsibility: Top management
Purpose: To provide evidence of its commitment to the development
and implementation of the quality management system and continually
improve its effectiveness.
Requirement: Top management is required to:

Communicate to the organization the importance of meeting

customer, statutory and regulatory requirements
Establish the quality policy
Ensure that quality objectives are established
65

Conduct management reviews

Ensure availability of resources.
A study of the requirements mentioned in Clause 5 of the ISO 9001:2008

QMS standard is helpful in understanding the top managements role
with respect to the quality management system.

The development of the quality management system of the
organization is the responsibility of the top management at the
strategic level in the organization. Accordingly, implementation of all
requirements of ISO 9001:2008 standard is the responsibility of the
top management, however, requirements mentioned in Clause 5 of the
ISO 9001:2008 QMS standard are indeed the main responsibility of
the top management. All the requirements in the Clause 5 commence
with the wordingsTop management shall The top management
must know and communicate (to the people in the organization) the
importance of meeting customers requirements as well as the statutory
and regulatory requirements that are applicable to product quality.

Top management of the organization has important and relevant role
in implementation of quality management system in the organization.
Top management is defined as person or group of people who direct and
control an organization at the highest level. The top management is
responsible for developing and improving the quality and demonstrates
its commitment to the quality management system.

New commitments on the part of the top management, were added
in the ISO 9001:2000 standard and also retained in ISO 9001:2008
QMS standard, were not mentioned in 1994 versions of ISO 9001/2/3
standards. These new commitments are:

Communicating to the organization the importance of meeting

customer as well as statutory and regulatory requirements
Ensuring that quality objectives are established.

Through leadership and action, the top management can create an
environment where people are fully involved and in which a quality
management system can operate effectively. Top management should
use the quality management principles in order to lead the organization
towards improved performance.

The top management defines the purpose of the organization and
provides leadership to the employees. Following may be important for
the top management:

The top management should establish and maintain the quality

policy and quality objectives of the organization.
The top management should promote the quality policy and quality
objectives throughout the organization to increase awareness,
motivation and involvement of people.
The top management should ensure implementation of appropriate
processes, so that customers and other requirements are fulfilled
and quality objectives are achieved.
67
The top management should ensure to establish, implement and

maintain an effective quality management system so that quality
objectives of the organization are achieved.
The top management should ensure availability of necessary
resources.
The top management should ensure review of quality management
system periodically.
The top management should decide on actions regarding the
quality policy and quality objectives.
The top management should decide on actions of improvement of
the quality management system.
CUSTOMER FOCUS
Purpose: To enhance customer satisfaction
Requirement: To ensure that customer requirements are determined
and fulfilled.

The term Customer focus means that the organization makes
sincere efforts for continuing successful relationship with its customers,
potential customers and end-users of the product that is provided by
the organization. A customer is defined in ISO 9000:2005 standard as
an organization or person that receives a product.

According to the requirements of ISO 9001:2008 QMS standard, it
is required to understand the customers needs and expectations and
to determine the key product characteristics of the products. The ISO
9001:2008 QMS standard also requires that customer requirements to
be met with the aim of enhancing customer satisfaction.

If we carefully look to the ISO 9001:2008 QMS standard, the whole
standard addresses the requirements of quality management system
that aims to achieve customer satisfaction.
QUALITY POLICY
Purpose: To have commitment to comply with requirements and
continually improve the effectiveness of the quality management system
and also to have a framework for establishing and reviewing quality
objectives.
Requirement: The organization must ensure the following:

The quality policy is appropriate to the purpose of the organization

The quality policy includes a commitment to comply with requirements of the quality management system
The quality policy includes a commitment to continually improve
the effectiveness of the quality management system

The quality policy provides a framework for establishing quality

objectives
The quality policy provides a framework for reviewing quality
objectives
The quality policy is communicated within the organization
The quality policy is understood within the organization
The quality policy is reviewed for continuing suitability.

The quality policy is usually included in the quality manual and
is part of the documentation that is required by Clause 4.2.1 of ISO
9001:2008 QMS standard. Everyone in the organization must be aware
of and understand it.
PLANNING
Quality Objectives
Purpose: To establish measurable quality objectives.
Requirement: To ensure that quality objectives (including those needed
to meet requirements for product) are established at relevant functions
and levels (i.e., just everywhere) within the organization. The quality
objectives must be measurable and consistent with quality policy.

Quality objectives are the basis of improvement and growth.
Craig Cochran rightly said, The manner in which quality objectives
are established and managed will have an enormous impact on the
organizations performance. The quality objectives will either drive
strategic improvement throughout the organization significantly elevating
the importance of quality management system, or theyll simply become
a meaningless exercise in data collection. It all depends on how the
task is carried out. (Quality Digest, November 2000). The requirement
of Clause 5.4.1 for setting quality objectives at different functions and
levels is one of the most important requirements. Without assessing/
measuring quality objectives, an organization cannot get information
about its performance. Look at Clause 7.1(a) of the ISO 9001:2008
standard, which lays down that in planning product realization, the
organization must determine quality objectives and requirements for the
product. Accordingly, the standard now calls for objectives for quality
management system and also for product and services. Objectives of
organization need to be realistic and related to achievable outcomes. It
is also important for the people in the organization that they are aware
of the quality objectives and how they can contribute to the achievement
of those objectives.
69

SMART (specific, measurable, achievable, realistic and time-bound)
quality objectives should be set and regularly monitored. In this regard,
an organization can define in process monitoring and output measures.

For example, A school can set quality objectives for academic
excellence of its students. Output measures: (i) 90%+ examination
result, (ii) Minimum 25% students getting distinction marks. Inprocess monitoring: (i) Timely submission of lesson plans, (ii) Classroom teaching by teachers as per time-table, (iii) Correction of homework copies of students within two days, (iv) Monthly interaction with
parents in the parent-teacher meeting, (v) Periodic class test evaluation.

The basic requirements for quality objectives are:

Establish quality objectives at relevant functions and levels

Make sure quality objectives are measurable
Include quality objectives needed to meet product requirements
Communicate to all personnel the importance and meeting of the
objectives and how each person helps to achieve them
Evaluate the need for changes to quality objectives during the
management review
Quality Management System Planning

Responsibility: Top management.
Purpose: To have proper quality management system planning.
Requirement: To top management of the organization must ensure the
following:

The planning of the quality management system is carried out

in order to meet the requirements given in Clause 4.1 of the ISO
9001:2008 QMS standard (General requirements) as well as the
quality objectives.
The integrity of the quality management system is maintained
when changes to the quality management system are planned
and implemented.
If we look to the requirements under Clause 5.4.2 of the ISO 9001:2008

standard, we find that the requirements deal with planning at two
levels:

First level: Where the organization needs to do planning to meet

general requirements of the standard.
Second level: Where organization needs to achieve its quality
objectives.
Further, the top management needs to manage any changes to ensure

that its quality management system continues to be effective during
and after changes.
RESPONSIBILITY, AUTHORITY AND COMMUNICATION

Responsibility and Authority
Purpose: To define responsibility and authority and its communication
within the organization.
Requirement: The top management of the organization must ensure
that the responsibilities and authorities are defined and communicated
within the organization.
The top management of the organization needs to ensure that everyone
in the organization know and understand responsibilities (what people
are expected to do) and their authorities (what people are allowed to
do). The ISO 9001:2008 QMS standard does not stipulate the method
to be used for communication of responsibility and authority, however,
there are several ways of communication, such as organization structure
diagram, function description, job description, flow chart, description in
procedures, etc.
Management Representative
Responsibility: Top management to appoint a management representative.
Purpose: To have responsible personnel with defined responsibility and
authority for the quality management system.
Requirement: Appointment of a member of the organizations management as management representative. A management representative can
have other responsibilities, however his responsibility and authority
must include:

To ensure that processes needed for the quality management

system are established, implemented and maintained
To report to top management on the performance of the quality
management system and any need for improvement
To ensure the promotion of awareness of customer requirements
throughout the organization.

Liaison with external parties (such as consultant, certification body,
trainer, etc.) on matters relating to the quality management system can
be included in the responsibility of a management representative.

A management representative acts as a link person between the
top management and the organization. His role is very important for
establishing, developing, implementing and maintaining the quality
management system. Management representative should be a person,
who is well versed with the requirements of the ISO 9001:2008 QMS
71
standard, development of QMS documentation, audit procedure,

analyzing data, etc. He should plan and organize internal QMS audit
and management reviews at defined intervals. Further, he should create
awareness on ISO 9001:2008 QMS requirements among the staff of the
organization.
Internal Communication
Purpose: To have appropriate communication processes within the
organization for the effectiveness of the quality management system.
Requirement: To ensure that appropriate communication processes are
established within the organization. To ensure that communication takes
place regarding the effectiveness of the quality management system.
Mechanism: May include periodic meetings, email, bulletin boards,
suggestion boxes, circulars, etc.
MANAGEMENT REVIEW
General
Purpose: To ensure continuing suitability, adequacy and effectiveness
of the QMS.
Requirement: To review the organizations quality management system
at planned intervals. Frequency of the management review is not defined
by the ISO 9001:2008 QMS standard, it is required to be defined by the
organization in advance. Review must include assessing opportunities
for improvement and need for changes to the quality management
system, including the quality policy and quality objectives. Records from
management reviews need be maintained. Such records should include
information relating to review input and output.

The purpose of the management review is to improve the
effectiveness, suitability and adequacy of the quality management
system, its processes and resulting products. It is an opportunity
to make improvement or changes to the quality policy and quality
objectives. A consistent approach should be taken to the review of the
Review Input
Purpose: To conduct management review with relevant input information

Requirement: Input to management review must include information
on the following:

Audit(s) results (from internal and external audits)

Customer feedback
Process performance
Product conformity
Status of corrective actions
Status of preventive actions
Follow-up actions from previous management reviews
Changes that could affect the quality management system
Recommendations for improvement.
Previous audit results (both internal and external) should be used to

establish whether the system is being working properly. Customer
feedback should be used to know the customer satisfaction level
and area of improvement. Process performance data should be used
to establish whether process objectives of the organization are being
achieved. Product performance data should be used to establish whether
product meets the product requirements. Corrective action data help
organization to find whether the recurrence of problem is prevented or
not. By knowing the status of preventive action, the organization is able
to find current performance position of action taken and also provide
way to new solutions.
Review Output
Purpose: To conduct management review with relevant decisions and
actions
Requirement: Output from management review must include any
decisions and actions related to:

Improvement of the effectiveness of the QMS

Improvement of the effectiveness of the organizations process
Improvement of product related to customer requirements
Resource (human, infrastructure, machine etc.) needs.

Management review forms an integral part of a quality management
system. It should be conducted regularly at planned intervals. ISO
9001:2008 QMS standard does not stipulate fixed timeframe for
conducting the management review. It is for the top management
to conduct management review at planned intervals to review the
organizations quality management system. It would be better if organization determines the planned intervals frequency of the management
review and document the same in the QMS documentation.
73
ROLE OF THE TOP MANAGEMENT

Role of the top management is important and relevant in implementing
ISO 9001:2008 quality management system. Top management is defined
as person or group of people who directs and control an organization
at the highest level (ReferenceClause 3.2.7ISO 9000:2005 standard).

Through leadership and actions, the top management is able to
create an environment in the organization where people are fully
involved in their activities as per their defined responsibility and
authority in the organization. They should also be able to create a
proactive internal environment in the organization in which a quality
management system can operate effectively and the people are fully
involved in achieving the organizations objectives.

ISO 9001:2008 quality management system is based on eight
quality management principles: (i) Customer focus, (ii) Leadership,
(iii) Involvement of people, (iv) Process approach, (v) System approach
to management, (vi) Continual improvement, (vii) Factual approach to
decision making, and (viii) Mutually beneficial supplier relationship. The
top management should use these eight quality management principles
in developing and implementing quality management system in the
organization.

Following actions on the part of the top management are proactive
actions in developing and implementing ISO 9001:2008 quality
management system:

The top management should establish and maintain quality

policy and quality objectives in the organization.
The top management should promote the quality policy and
quality objectives throughout the organization to increase
awareness, motivation and involvement of people.
The top management should ensure focus on customer requirements
throughout the organization.
The top management should ensure implementation of appropriate
processes, so that customers and other requirements are fulfilled
and quality objectives are achieved.
The top management should ensure to establish, implement and
maintain an effective quality management system so that quality
objectives of the organization are achieved.
The top management should ensure availability of necessary
resources.
The top management should ensure review of quality management
system periodically at defined intervals.
The top management should decide on actions regarding the
quality policy and quality objectives.
The top management should decide on actions of improvement of
the quality management system.

A study of requirements mentioned in Clause 5 of ISO 9001:2008
QMS standard is helpful in understanding the top managements role
with respect to the quality management system development and its
maintenance.
QUESTIONS

1. What is the role of the top management in the development of

quality management system?
2. How can the top management show its commitment towards

communicating to the organization the importance of meeting
customer requirements?
3. What is customer focus?
4. Define quality policy. What points will you take into account
while preparing a quality policy?
5. What are the requirement with regard to quality objectives in

ISO 9001:2008 QMS standard?
6. What should be the responsibility and authority of a management

representative?
7. Who should appoint a management representative.
8. A management representative acts as a link person between

the top management and the organization. Do you agree? Give
reasons.
9. Narrate requirements of management review for implementing

ISO 9001:2008 QMS.
10. Why is management review important for quality management

system?
11. Narrate the requirements of responsibility and authority for
implementing ISO 9001:2008 QMS?
Resource Management
ISO 9001:2008 QMS
Resource management is the efficient and effective deployment of an

organizations resources for a cause. Here the purpose of resource
management is maintain and improve the quality management system
of the organization. Clause 6 of ISO 9001:2008 QMS standard deals
with resource management requirements. Relevant clauses and subclauses are as under:

6 Resource management
6.1 Provision of resources
6.2 Human resources

6.2.1 General

6.2.2 Competence, training and awareness
6.3 Infrastructure
6.4 Work environment

The intent of requirements mentioned in Clause 6 of the ISO
9001:2008 QMS standard is to make sure that the organization has the
resources needed to both maintain and improve its quality management
system and also to carry out the work required in a manner that will
satisfy organizations customers.
PROVISION OF RESOURCES
Purpose: To have adequate resources needed in the organization.
Requirement: The organization must determine and provide resources
needed to:

Implement and maintain the quality management system

Continually improve the effectiveness of the quality management
system
Enhance customer satisfaction by meeting customer requirements.
Resource management is the efficient and effective deployment for

organizations resources (such as financial resources, inventory, human
75

skills, production resources, information technology). Resources in ISO
9001:2008 QMS standard include human resources, infrastructure
and work environment. Resources include the personnel needed and
also the finance, facilities and equipments as well. The organization
should review resources on a regular basis. This could be part of the
management review. A review of resources may be carried out when a
new tender or contract is considered.
HUMAN RESOURCES
General
Purpose: To have competent personnel carrying out work affecting
conformity to product requirements.
Requirement: Personnel carrying out work affecting conformity to
product requirements must be competent. The competence of the
personnel should be on the basis of appropriate education, training,
skills and experience.

Here it is important for the organization to determine necessary
competence requirements of personnel carrying out work affecting
product requirements and ensure competent personnel.
Competence, Awareness and Training

Purpose: To provide appropriate competence, awareness and training
to staff.
Requirement: The organization must determine the necessary competence for personnel carrying out work affecting conformity to product
requirements. Where applicable, the organization is required to provide
training or take other actions to achieve the necessary competence of
personnel performing work affecting conformity to product requirements.
The organization must evaluate the effectiveness of the actions taken.
The organization is required to ensure that its personnel are aware of
the relevance and importance of their activities. The organization must
ensure that how its personnel contribute to the achievement of the
quality objectives. The organization is required to maintain appropriate
records of education, training, skills and experience.

Competence is a standardized requirement for an individual
to properly perform a specific job. It encompasses a combination of
knowledge, skills and behaviour to improve performance. Competence
can be measured by the achievement of results.

Awareness is common knowledge or understanding about any issue
and training is a way to foster awareness and competence. Organizations
need to check their employees competence and training regularly. One
Resource Management
77
can compare the current competence of their personnel against what

they require; this is called competence gap analysis. The gaps need to
be filled through training or by acquiring extra competence.

Training may be at the actual workplace (as on the job training),
in-house or at some external location. It is not sufficient to just provide
(and record) training, the organization has to evaluate it.

As an organization, it is important to evaluate the effectiveness
of the action taken. For example: Has the organization chosen the
appropriate training course? Are the contents of the training course
relevant to the organizations needs? Is the training useful for the job?

Organizations need to maintain records that show what competencies
an employee possesses. Organizations also need to keep records of the
training employees have received and results of those trainings. It is
also important that training should be carried out by personnel with
appropriate skills, qualifications and experience.
INFRASTRUCTURE
Purpose: To provide necessary and suitable infrastructure needed to
achieve conformity to product requirements.
Requirement: The organization must determine, provide and maintain
the infrastructure needed. Infrastructure needed may include (as
applicable):

Building
Work space
Associated utilities
Process equipment (hardware and software)
Supporting services (such as transport, communication, information system).
ISO 9000:2005 standard defines infrastructure as organizations

system of facilities, equipment and services needed for the operation
of the organization. Accordingly, infrastructure includes basic facilities
(example: land, buildings, office accommodation, furniture, fixtures
and utilities such as electricity, gas, water, telecommunication, etc.),
equipment, services and installations needed for the functioning of
the organization and also for organizations development and growth.
The emphasis of the ISO 9001:2008 QMS standard requirement is on
infrastructure needed to achieve conformity to product requirements.
WORK ENVIRONMENT
Purpose: To provide suitable work environment needed to achieve
conformity to product requirements.

Requirement: The organization must determine and manage the work
environment needed.

A work environment can be identified as the environment of the
place where organizations people work. In this connection a new
note at the end of the Clause 6.4 of ISO 9001:2008 QMS standard
has been added which clarifies the term work environment as relates
to those conditions under which work is performed and includes
physical, environmental and other factors, such as noise, temperature,
humidity, lighting, weather. According to ISO 9000:2005 standard,
work environment has been defined as a set of conditions under which
work is performed. Conditions include physical, social, psychological
and environmental factors (such as temperature, recognition schemes,
ergonomics and atmospheric composition).

The organization should consider how to provide, manage and
maintain the various requirements of the workplace as well as process
equipments. In this regard, one has to understand ergonomics. The
term ergonomics is derived from two Greek words ergon meaning
work and nomoi meaning natural laws. Ergonomics study human
capabilities in relationship to work demands. Work demands can be an
office environment where lighting, noise and air quality are important,
or it can be a factory where there are particular safety and other specific
conditions to be considered. Ergonomics is commonly thought of as how
organizations design task/work areas to maximize the efficiency and
quality of their employees work. Ergonomics involves people, work
system, leisure, and health and safety aspects. Considering the following
may be useful:

Is there appropriate control of light, air, heat, humidity, noise,

vibration, etc. at the workplace?
Are there appropriate waiting room and facilities for customer to
facilitate smooth functioning of the tasks of the organization?
Are proper sanitation and hygiene maintained at the work-place?
Are there proper methods/mechanisms to avoid electrostatic
discharge for organizations manufacturing/producing/handling
electronic components or volatile chemicals?
QUESTIONS

1. What is needed in resource management?

2. What are human resources requirements in the ISO 9001:2008
QMS standard?
3. What do you understand by the term infrastructure?

4. What do you understand by the term work environment?
5. Write a short note on checking competence and training with
regard to ISO 9001:2008 QMS standard?
10
Product Realization
ISO 9001:2008 QMS
All phases involved in the development of a product, come under product

realization. Clause 7 of the ISO 9001:2008 QMS standard deals with
product realization requirements. The relevant clauses and sub-clauses
are as follows:

7 Product realization
7.1 Planning of product realization
7.2 Customer-related processes

7.2.1 Determination of requirements related to the product

7.2.2 Review of requirements related to the product

7.2.3 Customer communication
7.3 Design and development

7.3.1 Design and development planning

7.3.2 Design and development inputs

7.3.3 Design and development outputs

7.3.4 Design and development review

7.3.5 Design and development verification

7.3.6 Design and development validation

7.3.7 Control of design and development changes
7.4 Purchasing

7.4.1 Purchasing process

7.4.2 Purchasing information

7.4.3 Verification of purchased product
7.5 Production and service provision

7.5.1 Control of production and service provision

7.5.2 Validation of processes for production and service

provision

7.5.3 Identification and traceability

7.5.4 Customer property

7.5.5 Preservation of product
7.6 Control of monitoring and measuring equipment
79
PRODUCT REALIZATION
Product realization is the term, which means to cover the delivery of
a service or the manufacture of a product, or combination of these. It
covers all phases of development of a product, including idea (determination of requirements), design, and production.

Some of the requirements in Clause 7 of ISO 9001:2008 QMS
standard may not apply to your organization. For example, if your
organization is not involved in designing activities, then the requirements
as mentioned in Clause 7.3 (design and development) will not apply
to your organization and you can claim the exclusion. A school can
claim exclusion from the requirements of Clause 7.3 for designing and
developing course syllabus, as the same is designed and developed
by a recognized board (such as CBSE). The organization can claim
exclusion from the requirements of Clause 7.3, where the organization
manufactures product as per the design of the customer.

Please see Clause 1.2 (Application) of the ISO 9001:2008 QMS
standard. It provides concession to organizations for the exclusion of
any requirement(s). It provides that where any requirement(s) of the
ISO 9001:2008 QMS standard cannot be applied due to the nature of
an organization and its product, this can be considered for exclusion.
Exclusions are limited to requirements within Clause 7 of the ISO
9001:2008 QMS standard. Where exclusions are limited to requirements
within Clause 7 of the standard and such exclusions do not affect the
organizations ability or responsibility (to provide product that fulfils
customer and regulatory requirements), the organizations claim of
conformity to the ISO 9001:2008 QMS standard are acceptable, otherwise
not. The quality manual must describe where a quality management
system claims exclusion to some of the requirements in Clause 7.
PLANNING OF PRODUCT REALIZATION

Purpose: To have a proper planning so that the output of planning
gets converted to a form suitable for the method of operation.
Requirement: The organization must plan and develop the processes
needed for product realization. Planning of product realization must
be consistent with the requirements of other processes of the quality
management system.

In planning, the organization must determine the following:

Quality objectives for the product

Requirements for the product
Need to establish processes
Need to establish documents
Need to provide resources specific to the product
Required verification specific to the product
Product Realization
81
Required validation specific to the product

Required monitoring specific to the product
Required measurement specific to the product
Required inspection specific to the product
Required test activities specific to the product
Criteria for product acceptance
Records needed, which can provide evidence that the realization
processes and resulting product fulfill requirements.

The output of the planning must be in a form suitable for the
organizations method of operation. It is clarified that a document
specifying the processes of the quality management system (including
the product realization processes) and the resources to be applied to a
specific product, project or contract, is termed as a quality plan. The
organization may also apply the requirements mentioned in Clause 7.3
to the development of product realization processes.

The ISO 9000:2005 standard has defined quality plan as the
document specifying which procedures and associated resources shall
be applied by whom and when to a specific project, product, process or
contract. The quality plan normally describes or references the quality
control and inspection activities that apply throughout the production
and service provision processes. A quality plan is a very useful tool and
should be well utilized. A quality plan can also provide instructions for
dealing with nonconforming product. A quality plan should describe how
to confirm that the product meets the specified requirements. Clause 7.3
of the ISO 9001:2008 QMS standard deals with design and development
requirements that have also been dealt in this chapter.
CUSTOMER-RELATED PROCESSES
Determination of Requirements Related to the Product
Purpose: To determine requirements specified by customer and other
requirements.
Requirement: The organization must determine requirements specified
by the customer. These should include requirements for delivery and
post-delivery activities. The organization is also required to determine
those requirements necessary for specified use or known intended use.
The customer need not specify these requirements. The organization
must also determine legal (statutory and regulatory) requirements
applicable to the product and any additional requirements considered
necessary by the organization.

A new note under the Clause 7.2.1 has been added in ISO 9001:2008
QMS standard clarifying post-delivery activities to include:

Actions under warranty provisions

Contractual obligationsmaintenance services
Supplementary servicesrecycling (conversion of waste into
useful product), final disposal.
Review of Requirements Related to the Product

Purpose: To properly review the requirements related to the product
before submission of tenders/acceptance of contracts or orders/acceptance
of changes to contracts or orders.
Requirement: Prior to the organizations commitment to supply
a product to the customer, the organization needs to review the
requirements related to the product. The organization must ensure
that product requirements are defined. If there are any contract or
order requirements differing from those previously communicated or
mentioned, then organization must ensure that such contract or order
requirements are resolved. The organization must ensure that the
organization has the ability to meet the defined requirements.

Records of the results of the review and actions arising from the
review must be maintained.

Customer generally does not mention its requirements in writing
always. There may be cases where the customer provides no documented
statement of requirements (exampleverbal communication of the
customer), in such cases the customer requirements must be confirmed
by the organization before acceptance. Where product requirements are
changed, the organization must ensure to amend relevant documents
and make aware the relevant personnel with the changed requirements.
There may be situations, when a formal review is impractical for
each order. In such situations, the review can cover relevant product
information such as catalogues, or advertising material.

The ISO 9000:2005 standard has defined review as an activity
undertaken to determine the suitability, adequacy and effectiveness
(extent to which planned activities are realized and planned results
achieved) of the subject matter to achieve established objectives. Review
can also include the determination of relationship between the results
achieved and the resources used (efficiency). Examples of review may be
several, such as, management review, design and development review,
review of customer requirements, nonconformity review, quality policy
review, quality objectives review, documentation review, etc.
Customer Communication
Purpose: To implement effective communication arrangements with
customers.
Requirement: The organization must determine and implement effective
communication arrangements with customers for the following:
Product Realization
83
Product information
Enquiries
Contracts or order handling (including amendments)
Customer feedback (including customer complaints).
Make sure that the organization understand and can meet its customers
requirement and this could be possible only when the organization have
effective communication arrangements with its customers.

Effective customer communication can be done in many ways, such
as, providing product information in the form of advertising material,
catalogues, specifications, samples, etc. Product information may also be
communicated in hard copy as well as in soft copy (such as website, email,
CD-ROM). With regard to order handling or contracts, it is necessary
that the organization has an effective process for handling orders and
contracts with the objective to ensure no doubt to the expectations under
the contract to both parties, before work commences. At the time when
order is received, designated person in the organization should review
the order.

Organizations need to have effective mechanism for obtaining
customer feedback and also the complaint handling process.
DESIGN AND DEVELOPMENT

Design and Development Planning
Purpose: To properly plan and control design and development
activities.
Requirement: The organization is required to plan and control
the design and development of product. During such planning, the
organization must determine:

Design and development stages,

Review, verification and validation of design and development,
and
The responsibilities and authorities for design development.
The review, verification and validation should be appropriate to each

design and development stage. The organization must manage the
interfaces between different groups involved in design and development.
This is required to ensure effective communication and clear assignment
of responsibility. Planning output must be updated, as appropriate,
as the design and development progresses (i.e. during all stages of
design and development). Design and development process is shown
in Figure 10.1.

A new note has been added at the end of clause 7.3.1 of the ISO
9001:2008 QMS standard clarifying that design and development processes

Customer/User
needs
Design
input
Design
output
Product
or service

Verification

Validation
Figure 10.1 Design and development process.
(namely, design and development review, verification and validation)

have distinct purposes. These design and development processes
(namely design and development review, verification and validation)
can be conducted and recorded separately or in combination, as suitable
for the product and the organization.
Design and Development Inputs

Purpose: To have proper design and development inputs.
Requirement: Inputs relating to product requirements must be
determined, which must include:

Functional and performance requirements,

Applicable legal (statutory and regulatory) requirements,
Information derived from previous similar design (where applicable), and
Any other requirements essential for design and development.
Records of design and development inputs are required to be

maintained. The design and development inputs must be reviewed
for adequacy. Requirements must be complete, unambiguous and not
in conflict with each other.
Design and Development Outputs

Purpose: To have proper design and development output that enables
verification against the design and development input.
Requirement: The outputs of design and development must be in a
form that enables verification and these must be approved prior to
release.

Design and development outputs must meet the input requirements
for design and development. These outputs must provide appropriate
information for purchasing, production and for service provision. The
outputs must contain or reference product acceptance criteria. And also
the outputs must specify the characteristics of the product that are
essential for its safe and proper use.
Product Realization
85

A new note has been added at the end of Clause 7.3.3 of ISO
9001:2008 QMS standard clarifying that details for the preservation
of the product can be included in the information for production and
service provision.
Design and Development Review

Purpose: To evaluate the ability of the results of design and development to fulfil requirements and to identify any problems and propose
necessary actions.
Requirement: Organization must conduct systematic reviews of design
and development at suitable stages in accordance with the planned
arrangements to evaluate the ability of the results of design and
development to fulfill requirements and to identify any problems and
propose necessary actions. Participants in such reviews must include
representatives of functions concerned with the design and development
stage(s) being reviewed. Records of the results of reviews and any
necessary action need to be maintained.
Design and Development Verification

Purpose: To ensure that the design and development outputs have
satisfied the design and development input requirements.
Requirement: Organization must perform verification in accordance with
the planned arrangements. Records of the results of the verification
and any necessary actions must be maintained.
Design and Development Validation

Purpose: To ensure that the resulting product is capable of fulfilling
the requirements for the specified application or intended use, where
known.
Requirement: Organization must perform design and development
validation in accordance with planned arrangements. Where practicable,
validation must be completed prior to the delivery or implementation
of the product. Records of the results of validation and any necessary
actions must be maintained.
Control of Design and Development Changes

Purpose: To have proper control of design and development changes.
Requirement: Design and development changes must be identified.
The design and development changes records must be maintained.
The design and development changes must be reviewed, verified and

validated, as appropriate, and approved before implementation. The
review of design and development changes must include evaluation of
the effect of the changes on constituent parts and delivered product.
Organizations need to maintain records of the results of the review of
design and development changes and any necessary actions.

To understand the requirements relating to Clause 7.3 of the
ISO 9001:2008 QMS standard, it is necessary to understand related
vocabulary. A reference to ISO 9000:2005 Standard documents is
necessary for this purpose. However for ready reference, a few terms
are given herein below:

Design and development: Design and development is defined

as set of processes that transforms requirements into specified
distinguishing features (characteristics) or into the specification
of a product, process or system.
Design and development review: Design and development review
is an activity undertaken to determine the suitability, adequacy
and effectiveness of the design and development.
Design and development verification: Design and development
verification is confirmation, through the provision of objective
evidence that specified requirements have been fulfilled (i.e.
design and development outputs have satisfied the design and
development input requirements).
Design and development validation: Design and development
validation is confirmation, through the provision of objective
evidence, that the requirements for the specified application or
intended use (where known) have been fulfilled.
PURCHASING
Purchasing Process
Purpose: To evaluate and select suppliers.
Requirement: The organization needs to ensure that purchased product
conforms to specified purchase requirements. The organization must
evaluate and select suppliers based on their ability to supply product
in accordance with organizations requirements. The type and extent of
control on supplier and the purchased product must be dependent upon
the effect of the purchased product on subsequent product realization or
the final product. The organization must establish criteria for selection,
evaluation and re-evaluation of suppliers. The organization is required
to maintain following records.

Records of the results of evaluation, and

Records of any necessary actions arising from the evaluation.
Product Realization
87

Selection and ongoing evaluation of suppliers are important activities
for an organization. Appropriate purchasing (including supplier selection)
procedure should be followed to ensure the performance capabilities of
suppliers. Purchased products (and services) should conform to specified
requirements and this starts with selection of appropriate suppliers
that have the capability and system to supply products (and services)
to satisfy organizations requirements.
Purchasing Information
Purpose: To ensure adequacy of specified purchase requirements.
Requirement: The organization must communicate purchasing information to the supplier that must describe the product to be purchased.
The organization needs to ensure the adequacy of specified purchase
requirements prior to their communication to the supplier. Purchasing
information must include (where appropriate):

Requirements for approval of product

Requirements for approval of procedures
Requirements for approval of processes
Requirements for approval of equipment
Requirements for qualification of personnel, and
QMS requirements.

The organization has an important role to play by specifying to its
supplier what it actually wants. The objectives of describing appropriate
purchasing information to the supplier are:

(i) The supplier may clearly understand the needs of the organization
and its customers
(ii) The ways in which supplied products (and services) can be verified
as meeting the requirements
Verification of Purchased Product

Purpose: To ensure that purchased product meets specified purchase
requirements.
Requirement: The organization must establish and implement the
inspection and other activities necessary. Where the organization or its
customer intends to perform verification at the suppliers premises, in such
case the organization must state the intended verification arrangements
and method of product release in the purchasing information.

Purchasing is an important activity. Since organization provides
product to its customers and it is the intention of the quality
management system to enhance customer satisfaction by meeting
customer requirements, the organization needs to purchase product

(that may be raw material or any services) from its suppliers for
production, so that the resulted product delivered to the customer meets
specified requirements. ISO 9001:2008 QMS standard does not require
documented procedure for purchasing. However, it would be a good
idea if an organization determines documenting purchasing procedure
for effective control of purchasing process, purchasing information and
verification of purchased product.
PRODUCTION AND SERVICE PROVISION

Control of Production and Service Provision
Purpose: To carry out production and service provision under controlled
conditions.
Requirement: The organization needs to plan and carry out production
and service provision under controlled conditions. As applicable,
controlled conditions must include the following:

The availability of information (that describes the characteristics

of the product)
The availability of work instructions, as necessary
The use of suitable equipment
The availability and use of monitoring and measuring equipment
The implementation of monitoring and measurement, and
The implementation of product release, delivery and post-delivery
activities.
Validation of Processes for Production and

Service Provision
Purpose: To have validation of processes to achieve planned results.
Requirement: Where the resulting output cannot be verified by
subsequent monitoring or measurement and, as a consequence,
deficiencies become apparent (known) only after the product is in use or
the service has been delivered, the organization must validate processes
for production and service provision.

Validation must demonstrate the ability of these processes to
achieve planned results. The organization must establish arrangements
for these processes. As applicable, the following should be included:

Defined criteria for review of the processes

Defined criteria for approval of the processes
Approval of equipment
Approval of qualification of personnel
Product Realization
89
Use of specific methods

Use of specific procedures
Requirements for records
Re-validation.
Identification and Traceability

Purpose: To provide product identification and ensure traceability.
Requirement: The organization is required to identify (where
appropriate) the product. This should be done by suitable means
throughout product realization. The organization must identify
the product status with respect to monitoring and measurement
requirements throughout product realization. Where traceability is a
requirement, the organization must control the unique identification of
the product and maintain records. It has been clarified in the standard
that in some industries, configuration management is a means by which
identification and traceability are maintained.

ISO 9000:2005 standard has defined traceability as the ability
to trace the history, application or location of that which is under
consideration. Following clarification further clarifies traceability: When
considering product (result of a process), traceability can relate to:

The origin of materials and parts

The processing history
The distribution and location of the product after delivery.

Configuration management is a management discipline that applies
technical and administrative direction to the development, production
and support life cycle of a configuration item. In this connection ISO
document standard ISO 10007: 2003, Quality managementGuidelines
for configuration management should be referred to.
Customer Property
Purpose: To protect and safeguard customer property including
intellectual property.
Requirement: There may be cases where organization uses customer
property or incorporate customer property into the product. The
organization is required to exercise care with customer property while
it is under the organizations control or being used by the organization.
The organization is required to identify, verify, protect and safeguard
customer property. If any customer property is lost, damaged or
otherwise found to be unsuitable for use, the organization must report
this to the customer and maintain records. The standard clarifies that
customer property can include intellectual property and personal data.
Preservation of Product
Purpose: To ensure that product is appropriately handled, i.e. to
prevent damages and mix-ups.
Requirement: During internal processing and delivery to the intended
destination (during product realization processes and also during delivery
process), the organization must preserve the conformity of product. This
preservation must include identification, handling, packaging, storage
and protection; and must apply to the constituent parts of a product.

It is the intention of the ISO 9001:2008 QMS standard that the
product, during all stages of product realization from acquiring from
suppliers to delivery to the intended destination, must be protected and
it will be a good if the following precautions are taken:

(i)
(ii)
(iii)
(iv)
(v)
(vi)
Mark designated area for storing product

Store the product in the designated area to prevent mix-ups
Control inward receipt
Control outward release
Make proper attention to packaging
Periodically review storage, packaging and delivery methods to
intended destination
CONTROL OF MONITORING AND MEASURING EQUIPMENT

Purpose: To ensure suitability of monitoring and measuring equipment.
Requirement: The organization must determine the monitoring and
measurement to be undertaken and the monitoring and measuring
equipment is needed. Monitoring and measuring equipment is needed to
provide evidence of conformity of product to determined requirements.
The organization must establish processes to ensure the suitability of
monitoring and measuring equipment.

Where necessary to ensure valid results, measuring equipment
must be:

Calibrated or verified or both (calibrated and verified) at specified

intervals or prior to use, against measurement standards traceable
to international/national measurement standards
Adjusted or readjusted as necessary
Identified in order to determine calibration status of the equipment
Safeguarded from adjustment that would invalidate the measurement result
Protected from damage and deterioration during handling, maintenance and storage.
The organization also needs to assess and record the validity of

the previous measuring results when the equipment is found not to
Product Realization
91
conform to requirements. The organization must take appropriate action

on the equipment and any product affected. The organization must
maintain records of the results of calibration and verification. Where
no international/national standards exist, then the organization must
record the basis for calibration or verification of the equipment.

When used in the monitoring and measurement of specified requirements, the organization must confirm the ability of computer software
to satisfy the intended application. This must be undertaken prior to
initial use and reconfirmed as necessary. A new note under Clause 7.6
of the ISO 9001:2008 QMS standard has been added to clarify that
confirmation of the ability of computer software to satisfy the intended
application will include verification and configuration management of
the computer software to maintain its suitability for use.
QUESTIONS

1. What does product realization mean?
2. If any requirements of Clause 7 are not being met by your

organization, what you will look for and proceed to implement
ISO 9001:2008 QMS standard?
3. Describe planning of product realization.
4. Describe customer related processes?
5. Describe requirements for design and development in the ISO

9001:2008 QMS Standard.
6. Describe purchasing
9001:2008 QMS.
7. Describe production and service provision requirements for

implementing ISO 9001:2008 QMS.
8. Why is control of monitoring and measuring equipment necessary?
9. Describe requirements for control of monitoring and measuring

equipment for implementing ISO 9001:2008 QMS.
requirements
for
implementing
ISO
10. When no national or international standards exist, then what will

you do with regard to calibration or verification of monitoring and
measuring equipment.
11. What does traceability mean?
11
Measurement, Analysis
and Improvement
ISO 9001:2008 QMS
It is the famous quotation of H. James Harrington that says,

Measurement is the first step that leads to control and eventually to
improvement. If you cant measure something, you cant understand it.
If you cant understand it, you cant control it. If you cant control it,
you cant improve it. Clause 8 of the ISO 9001:2008 QMS standard
deals with requirements for monitoring, measurement, analysis and
improvement. Relevant clauses and sub-clauses are as follows:

8 Measurement, analysis and improvement
8.1 General
8.2 Monitoring and measurement

8.2.1 Customer satisfaction

8.2.2 Internal audit

8.2.3 Monitoring and measurement of processes

8.2.4 Monitoring and measurement of product
8.3 Control of nonconforming product
8.4 Analysis of data
8.5 Improvement

8.5.1 Continual improvement

8.5.2 Corrective action

8.5.3 Preventive action

Requirements in this section address the wider monitoring, measurement, analysis and improvement of the performance of the quality
management system.
MEASUREMENT, ANALYSIS AND IMPROVEMENT

General
Purpose: To ensure conformity of the quality management system,
continually improve the effectiveness of the quality management
92
Measurement, Analysis and Improvement
93
system and to demonstrate conformity to product requirement. To make

sure that the organization is producing product that meets product
requirement; monitoring and measurement activities are planned to
continually improve.
Requirement: The organization needs to plan and implement the
monitoring, measurement, analysis and improvement processes needed.
This is required for the following:

To demonstrate conformity to product requirements

To ensure conformity of the quality management system
To continually improve the effectiveness of the quality management
system.

The organization must determine applicable methods (including
statistical techniques) and the extent of their use for monitoring,
measurement, analysis and improvement.

Accordingly, the organization needs to plan how the organization
intends to carry out the monitoring and measuring activities with
regard to the following:

Customer satisfaction
Internal audit to monitor and measure quality management
system performance
Process conformance by monitoring and measuring processes
Product and service conformance by monitoring and measuring
product.

For guidance on statistical techniques, there is technical report
ISO/TR 10017, which should be referred to. Here is important for the
organization to give awareness training on the use of statistical tools.
MONITORING AND MEASUREMENT

Customer Satisfaction
Purpose: As one of the measurements of quality management system
performance, to know whether the organization has fulfilled customer
requirements.
Requirement: The organization must monitor information relating to
customer perception as to whether the organization has met customer
requirements. The methods for obtaining and using this information
must be determined.

The organization is required to monitor its performance as a
supplier to their customers and more specifically, the organization is
required to monitor information on the customers perception of how
well the organization satisfied the customers needs and expectations.

The ISO 9000:2005 has defined customer satisfaction as the customers
perception of the degree to which the customers requirements (needs
or expectations) have been fulfilled. It has been clarified that customer
complaints are a common indicator of low customer satisfaction but
their absence does not necessarily imply high customer satisfaction.
Further, even when customer requirements have been agreed with the
customer and fulfilled, this does not necessarily ensure high customer
satisfaction.

Measurement of customer satisfaction is a vital tool. There may be
various methods to measure customer satisfaction. The organization
can analyze customer complaints as well as communicate directly
with customers to obtain their feedback by way of questionnaires and
surveys. Monitoring customer perception can be done by obtaining input
from various sources, such as,

Customer satisfaction surveys

Customer data on delivered product quality
User opinion surveys
Lost business analysis
Compliments
Warranty claims
Dealer reports

Monitoring of customer satisfaction should be a continual activity
and results of customer satisfaction monitoring should be included in
the management review.
Internal Audit
Purpose: To ensure that the quality management system of the
organization conforms to the planned arrangements to the requirements
of the ISO 9001:2008 QMS standard and the quality management system
requirements established by the organization and also that the quality
management system of the organization is effectively implemented and
maintained.
Requirement: The organization needs to conduct internal audits at
planned intervals. An audit programme must be planned. Following
consideration be taken into account:

The status and importance of the processes

Areas to be audited
Results of previous audits.
The organization must define audit criteria, scope, frequency and

methods. Selection of auditors and conduct of audits must ensure
objectivity and impartiality of the audit process. Auditors are not
allowed to audit their own work. The organization is required to define
95
in a documented procedure the responsibilities and requirements

for planning and conducting audits, and for reporting results and
maintaining records. Records of audit and their results are required
to be maintained.

The management responsible for the area being audited must
ensure that any necessary correction and corrective actions are taken
promptly to eliminate detected nonconformities and their causes. Followup activities must include the verification of the actions taken and the
reporting of verification results.

As regards guidelines on auditing management systems, including
quality management system, it is suggested to refer to ISO 19011:2011
standard.

Internal audit is an ongoing activity and during the internal audit
the organization needs to find some form of evidence, which can conform
that the quality management system is performing in the way it was
planned and established.

How frequently does an organization need to perform internal audit?
The ISO 9001:2008 QMS standard does not mention frequency of the
internal audits; it says conduct internal audits at planned intervals.
Accordingly, it is now for the organization to decide the frequency of
internal audits. However, the internal audits should be scheduled to
cover all the quality related activities the organization undertakes and
all the requirements of the ISO 9001:2008 QMS standard. In deciding
how to manage the audit schedule and how often any particular aspect
should be audited, the organization should consider complexity of
procedures, complexity of processes, nature of business activity, need
for monitoring, etc.

A report or summary of each internal audit should be prepared (listing
findings and action need to be taken). The information from internal
audit should be input into the organizations management review.

Who should conduct internal audits? This is a vital question. In
this connection, the ISO 9001:2008 QMS standard has two important
requirements in this regard: First, selection of auditors must ensure
objectivity and impartiality of the audit process; second, auditors must
not audit their own work. If we go through the requirements of the
Clause 6.2.1 of the ISO 9001:2008 QMS standard, which says that
personnel performing work affecting conformity to product requirements
must be competent on the basis of appropriate education, training, skill
and experience. The note under Clause 6.2.1 states that conformity to
product requirements can be affected directly or indirectly by personnel
performing any task within the quality management system. Accordingly,
the internal auditors should also be competent to audit. It is suggested
to organize a two-day training programme for the persons selected
as auditors and they should be given training on understanding ISO
9001:2008 QMS standard requirements, audit principles, and planning
and conducting audit as per ISO 19011:2011 standard guidelines.
Monitoring and Measurement of Processes

Purpose: To demonstrate the ability of the processes to achieve planned
results.
Requirement: The organization must apply suitable methods for
monitoring and, where applicable, measurement of quality management
system processes. When planned results are not achieved, appropriate
correction and appropriate corrective action must be taken. When
determining suitable methods, the organization should consider the type
and extent of monitoring or measurement appropriate to each of its
processes in relation to their impact on the conformity to the product
requirements and on the effectiveness of the quality management system.

Data are good. Data gathered quickly at the earliest point in a
process are best of all. (Derek Nogiec, Quality Digest, November 2005).
Data should be collected quickly at the earliest point in every process.
There are several methods available to monitor and measure processes.
Some examples of monitoring and measurement of a process may
include:

Measuring dimensions
Matching colours
Process parameters such as monitoring and measuring time,
temperature, humidity, etc.
Carrying out chemical analysis
Visual observation by a trained person to detect variations with
a process.

Monitoring and measurement of processes should be performed to
establish that processes are achieving result for which the processes
have been set. Accordingly, two questions are important to know:

Whether the process is performing as planned?

Whether the process is achieving the desired (planned) results?

If planned results are not achieved, then it is time to think for a
change (correction) in the process and such correction must be applied.
Comment: Process management is the basis of improvement
methodology. A process is a series of interconnected activities that
take input, add value to it and produce output. In order to manage a
process, it is better to define input requirements, output requirements,
process activities (capable of transforming input into output), process
measurement system and feedback measurement from suppliers/
customers. Study and reference to ISO 10012:2003 standard may be
useful. ISO 10012:2003 is the ISO standard that specifies generic
requirements and provides guidance for the management of measurement
processes. It also provides requirements for metrological confirmation
of measuring equipment used to support and demonstrate compliance
with metrological requirements.
97
Monitoring and Measurement of Product

Purpose: To verify that product requirements are fulfilled.
Requirement: The organization needs to monitor and measure
characteristics of the product, to be carried out at appropriate stages of
the product realization process in accordance with planned arrangements.
In this connection, a reference to Clause 7.1 of ISO 9001:2008 QMS
standard (planning of product realization) should be made.

Evidence of conformity with the accepted criteria must be maintained.
Records are required to be maintained, which must indicate the
person(s) authorizing release of product for delivery to the customer.
The release of product and delivery of service to the customer must not
proceed until the planned arrangements, as mentioned in Clause 7.1
of the ISO 9001:2008 QMS standard (planning of product realization),
have been satisfactorily completed, unless otherwise approved by a
relevant authority and, where applicable, by the customer.

Monitoring and measurement of product may be carried out in a
number of ways, such as:

According to quality plan

According to sampling plan
By an inspection and test plan
As per procedure
As per instructions
By using a checklist
By comparing the requirements of the product with the customers
order.
CONTROL OF NONCONFORMING PRODUCT

Purpose: To prevent unintended use or delivery of nonconforming product
and to establish ways of identifying and dealing with nonconformity.
Requirement: Product, which does not conform to product requirements
(i.e. nonconforming product), must be identified and controlled to
prevent the unintended use or delivery of the product. To deal with
nonconforming product, the controls and related responsibilities and
authorities are required to be defined in a documented procedure.
The organization must deal with nonconforming product by one or more
at the following ways:

By taking actions (so that the detected nonconformity is eliminated)

By authorizing its use, release or acceptance under concession
by a relevant authority (authorized official of the organization
in this regard) and, where applicable, by the customer
By taking action to preclude original intended use or application
of the product.

The organization must maintain records of the following:
Nature of nonconformity
Any subsequent actions taken
Concession obtained.

When nonconforming product is corrected, it must be subject to reverification. That is to demonstrate conformity to requirements.

When a nonconforming product is detected after delivery or use
has started, then the organization must take action appropriate to the
effects, or potential effects, of the nonconformity.

According to ISO 9000:2005 standard, nonconformity is defined
as non-fulfilment of a requirement. Product that does not conform to
product requirements can be termed nonconforming product.
ANALYSIS OF DATA
Purpose: To demonstrate the stability and effectiveness of the quality
management system and to evaluate where continual improvement in
the quality management system can be made.
Requirement: The organization is required to determine, collect and
analyze appropriate data. This must include data generated from
relevant sources including as a result of monitoring and measurement.
The analysis of data must provide information relating to:

Customer satisfaction (See for reference Clause 8.2.1 of the ISO

9001:2008 QMS standard)
Conformance to product requirements (See for reference Clause
8.2.4 of the ISO 9001:2008 QMS standard)
Characteristics and trends of processes and products including
opportunities for preventive action (See for reference Clause 8.2.3
and 8.2.4 of the ISO 9001:2008 QMS standard)
Suppliers (See for reference clause 7.4 of the ISO 9001:2008 QMS
standard)
As regards role of statistical techniques in quality management, a

reference to Para 2.10 of the ISO 9000:2005 standard is useful. The use
of statistical techniques helps organization in understanding variability.
It helps organizations to solve problems. It also helps organization to
improve effectiveness and efficiency. The statistical techniques also
facilitate better use of available data to assist in decision making.

ISO 9001:2008 QMS standard includes statistical techniques among
the methods for monitoring, measuring, analyzing and improving the
processes to demonstrate product conformity. A factual approach to
decision making is one of the eight quality management principles that
form the basis of the process-based quality management system set out
99
in the ISO 9001:2008 QMS standard. The principle requires the use of
appropriate statistical or other techniques to help in the understanding
of both process and measurement variation, and to improve process and
product performance by controlling variation, as mentioned in Clause 8
of the ISO 9001:2008 QMS standard. The ISO 9001:2008 QMS standard
also states that decisions based on facts require effective and efficient
actions such as use of appropriate statistical techniques.

Many statistical techniques can be used in quality management.
Such techniques include check sheets, tally charts, histograms, scatter
diagrams, stratification and Pareto analysis.

Analysis of data can help organizations to determine the root cause
of existing or potential problems, and therefore guide decisions about
the corrective and preventive actions needed for improvement. In other
words, statistical techniques provide the way in the right direction.

ISO/TR 10017:2003 standard may be referred to for guidance on
statistical techniques. Further the document ISO/TR 13425 is a guide for
the selection of statistical methods in standardization and specification.

Supplier performance is important to organizations. Information
about supplier performance should be collected, such as timely delivery,
conformance to quality requirements.
IMPROVEMENT
Continual Improvement
Purpose: Continual improvement in the effectiveness of the quality
management system.
Requirement: The organization needs to continually improve the
effectiveness of the quality management system. It must be done
through the use of the quality policy, quality objectives, audit results,
analysis of data, corrective and preventive actions and management
review.

Any management approach centred on quality should be based on
the fundamental assumption that there is always scope for improvement
in every area of business including organizations processes. Focusing
improvement efforts bring better results. With regard to improvement,
the following views of Mahesh Gandhi (Past President, National Centre
for Quality Management) are relevant:

The more one digs in, more the discovery of areas of improvement.
The extent of improvement needed is dictated not so much
by what we feel we should improve, but by where we are, in
comparison to the most successful competition.
Experience has shown that once an organization successfully creates
improvement culture across all its operations, the employees would
also develop high level of analytical skills and apply them most
beneficially even in their personal lives.
Management of improvements is not a one-shot affair. A judicious
combination of both incremental and breakthrough improvements
approach, on a continual basis, would surely propel an organization
to leadership position and help in its sustenance.
If we look to the earlier versions of ISO 9000 series, we find, with the
publication of ISO 9000:2000 series in the year 2000, the ISO 9000
series radically revised, and now for implementing ISO 9001:2008 QMS
constant quality is no longer good enough and continual improvement
is needed.
Corrective Action
Purpose: To eliminate the cause of nonconformities in order to prevent
recurrence.
Requirement: The organization must take corrective action. Corrective
action must be appropriate to the effects of the nonconformities
encountered. A documented procedure must be established. The
following requirements must be defined for:

Reviewing nonconformities
Customer complaints
Determining the causes of nonconformities
Evaluating the need for action
Determining and implementing the action needed
Records of the results of actions taken
Reviewing corrective action taken.

Actions taken to eliminate the cause of a detected nonconformity or
other undesirable situation is known as corrective action. Please refer
to ISO 9000:2005 standard. Accordingly, corrective action is taken to
prevent an existing problem from recurring. Corrective action is often
used to deal with product nonconformance but it goes beyond that
narrow activity and includes customer complaints, supplier problems,
audit reports and all other situations that deviate from planned
conditions.

The ISO 9001:2008 QMS standard requires a written (documented)
procedure to describe the corrective action processes to be followed.
The procedure should describe who will identify opportunities for
corrective action, how they will be documented and what action is
to be taken to implement it. Corrective action is a major tool in the
quality management system to achieve improvement but it must be
used vigorously and correctly. Corrective action is agenda item for
management review.
101
Comment: Corrective action is a requirement of ISO 9001:2008 QMS

standard to eliminate the cause of nonconformities in order to prevent
recurrence that requires the organization to take corrective action
appropriate to the effects of the nonconformities encountered.

This requirement basically relate to learning from errors to prevent
their repetition. The following process can be a suggestive way:

Begin with identification of a problem or nonconformity

Continue with identification of the root cause of the problem
Plan your corrective action initiatives
Start your corrective action for the root cause
Check the result of the corrective action take
If desired result not achieved after checking, root cause analysis
need to be done once again and plan-do-check-act cycle process
for the correction
In case problem is not solved or nonconformity is not eliminated
then to control such nonconforming product, it is suggested to
deal as per requirements of Clause 8.3 of ISO 9001:2008 QMS
standard (control of nonconforming product)authorizing its use,
release or acceptance under concession or by taking action to
preclude its original intended use or application.
Standardize the improvement in the similar related activities
(use of learning from the corrective action for the improvement
of the organizations processes)
Preventive Action
Purpose: To eliminate the causes of potential nonconformities in order
to prevent their occurrence.
Requirement: The organization must determine preventive action.
Preventive action must be appropriate to the effects of the potential
problems. A documented procedure must be established to define
requirements for:

Determining potential nonconformities and their causes

Evaluating the need for action
Determining and implementing needed action
Records of results of action taken
Reviewing the preventive action taken.

The proverb says, Prevention is better than cures. Preventive
action is taken to prevent a potential problem from occurring in the
first place. It is a major improvement tool in the quality management
system. Problems that can affect business results, products, processes,
customer satisfaction and the quality management system itself must
be prevented to the greatest extent possible. The quality management
system and other performance measurements will provide a great deal

of information about where things are not going well or if there is too
much variation from acceptable performance. Variation is a statistical
concept but it has practical applications in almost all processes of the
organizations. Customer complaints and uncontrolled processes are
undesirable conditions. In both cases, the optimum output must be
compared against an objective, a standard or a benchmark. Action can
be implemented to bring the variation back to the desired level and
preventive action is often needed to maintain it. The P-D-C-A cycle is
often used for this purpose.

The following process can be a suggestive way for preventive action:

Begin with identification of a potential problem or potential

nonconformance
Notify to appropriate management personnel
Gather data and interview appropriate personnel to enable a
complete understanding of the potential problem or potential
nonconformance
Continue with identification of the potential source and root cause
Evaluate need for preventive action
Plan your preventive action initiative
Start your preventive action for the root cause
Check the results of preventive action taken

Also keep necessary records of the preventive action results.
Keep reviewing preventive action initiatives and their results in the
management review.
Note
Documented Procedures required as per Clause 8 of the ISO 9001:2008
QMS standard are as follows:

Clause
Clause
Clause
Clause
8.2.2
8.3
8.5.2
8.5.3
:
:
:
:
Internal audit
Corrective action
Preventive action
Records required as per Clause 8 of the ISO 9001:2000 standard

are as follows:
Clause 8.2.2
Clause 8.2.4
Clause 8.3
Clause 8.5.2
Clause 8.5.3
: Internal audit results

: Evidence of product conformity with the accepted
criteria and records indicating the person(s)
authorizing the release of product
: Nature of nonconformities and any subsequent
actions taken including concession obtained
: Results of corrective action
: Results of preventive action
103
QUESTIONS

1. How would you perform monitoring and measurement of a quality

management system?
2. Why do you consider internal audit as a vital tool in quality

management system?
3. Describe monitoring and measurement of processes and product.
4. What is a nonconforming product?
5. How would you deal with a nonconforming product in quality

management system?
6. Why is analysis of data important?
7. Describe corrective action vs. preventive action.
8. What is to be included in the documented procedure for the

control of nonconforming product?
9. Describe the role of statistical technique in quality management

system.
10. Write a note on customer satisfaction.
12
Increasing the Power

of Your QMS
Achieve Performance Excellence

Through Continual Improvement
Achieving excellence is the result of high performance throughout

the entire organization. This chapter deals with the importance of
continual improvement in organizations in enhancing the satisfaction
of all stakeholders. This chapter also describes the requirements of ISO
9001:2008 QMS related with continual improvement.

Hariharan Jayaram once writes in the Quality WorldQuality!
Call it a concept, an approach, a way of life, a tool for achievement
or merely a word. Whatever definition you give or whatever approach
you take, this subject has made people think and think in a big way.
Girdhar J. Gyani says, Quality today has many dimensions. Gone are
the days when quality was identified with product alone. Dr. R.H.G.
Rau opines, Management of quality is not a one-shot affair. It covers
all transactions. Continuous creation of value addition is possible only
when we manage change; that too proactively. Continuous creation of
value addition has now become the expectation of consumers. Presently
constant quality is no longer good enough and continual improvement
is needed.

There is a need of continual improvement in the effectiveness of
the quality management system because:

Continual improvement is needed by customers because of their

changing expectations
Continual improvement is one of the quality management
principles on which your quality management system is based
Continual improvement is one of the requirements of ISO
9001:2008 QMS standard and you are required to comply with
it. Organizations, implementing ISO 9001:2008 QMS, must
understand that continual improvement is a must requirement
of the standard.
104
Increasing the Power of Your QMS
105

Today, more and more organizations, both in the public and private
sector, are committing to quality practices and focusing performance
excellence.
Continual Improvement Process

Identification of
improvement
areas
Setting up
improvement
strategy
Increased satisfaction
of all stakeholders
Implementation
Performance Excellence

Continual improvement is a recurring (step-by-step) activity followed
by: (i) identifying opportunities for improvement and their justification,
(ii) deciding how to improve on the available resources, and (iii) implementing (carrying out) improvement.

We need to improve the effectiveness of the quality management
system, but how can we do such improvement, thats a relevant question.
In this regard ISO 9001:2008 QMS standard mentions use of quality
policy, quality objectives, audit results, analysis of data, corrective and
preventive actions and management review to continually improve the
effectiveness of the quality management system. Clause 8.5 of the ISO
9001:2008 QMS standard specially deals with the requirements for
improvement. Continual improvement is a defined requirement of the
standard. (Clause 8.5.1)

If you wish to improve the power of your quality management
system, achieve performance excellence through continual improvement.

General requirements (Clause 4.1) of ISO 9001:2008 QMS standard
stipulate that the organization must continually improve the effectiveness
of its QMS in accordance with the requirements of the standard.
The standard also stipulates to ensure top management to include a
commitment to comply with requirements and continually improve the
effectiveness of the quality management system. (Clause 5.3).

Clause 5.5.2 of ISO 9001:2008 QMS standard stipulates responsibility
and authority of the management representative to report to the top
management on the performance of the quality management system
and any need for improvement. The requirements for management
review (Clause 5.6.1) stipulate that management review must include
assessing opportunities for improvement and need for changes to the

quality management system, including the quality policy and quality
objectives. Review input requirements (Clause 5.6.2) include information
on recommendations for improvement. Review output requirements
(Clause 5.6.3) include any decisions and actions related to improvement
of the following:

the effectiveness of the quality management system

the effectiveness of the processes
product related to customer requirements

ISO 9001:2008 QMS standard takes care to determine and provide
resources needed to continually improve the effectiveness of the quality
management system (Clause 6.1). The standard also stipulates the
requirements (Clause 8.1) for the organization to plan and implement
monitoring, measurement, analysis and improvement processes. This is
required to demonstrate conformity of the product, to ensure conformity
of the quality management system and to continually improve the
effectiveness of the quality management system.

Clause 8.5 of ISO 9001:2008 QMS standard specially deals with
the requirements for improvement. Continual improvement is a defined
requirement of the standard (Clause 8.5.1). Accordingly, the organization
is required to improve the effectiveness of the quality management
system through the use of quality policy, quality objectives, audit results,
analysis of data, corrective action, preventive action and management
review.
Use of quality policy and quality objectives
Quality policy must include a commitment to comply with requirements
and continually improve the effectiveness of the quality management
system. It must also provide a framework for establishing and reviewing
quality objectives. Quality objectives must be measurable and consistent
with the quality policy of the organization. The organization must also
ensure to review quality policy for continuing suitability. Framework for
reviewing provides a way for improvement as review include assessing
opportunities for changes to the quality management system, including
quality policy and quality objectives. (Relevant Clauses of ISO 9001:2008
QMS standard5.3, 5.4.1, 8.5.1.)
Use of audit results
QMS audit is a systematic process and conducted at defined intervals.
Audit evidences are input to QMS audit process and audit results are its
output. Audit results become the input to management review process,
which provides opportunities for improvement. When any nonconformity
are detected during QMS audit, ISO 9001:2008 QMS standard requires
to eliminate such nonconformities and their causes. (Relevant Clauses
of ISO 9001:2008 QMS standard5.6.2, 8.2.2, 8.5.1.)
107
Use of analysis of data

One purpose of analysis of data is to evaluate where continual
improvement in the quality management system can be made. The
organization is required to determine, collect and analyze appropriate
data relating to customer satisfaction, conformity to the product
requirements, characteristics and trends of processes and products
(including opportunities for preventive action), and suppliers. Analysis
of data helps organization to solve problems and also helps to improve
effectiveness and efficiency. Analysis of data can help organizations
to determine the root cause of existing and potential problems, and
therefore guide decisions about corrective and preventive actions
needed for improvement. (Relevant Clauses of ISO 9001:2008 QMS
standard8.4, 8.5.1.)
Use of corrective action
ISO 9001:2008 QMS standard requires to take action eliminate the
causes of nonconformities in order to prevent recurrence. Corrective
action is a major tool in the quality management system to achieve
improvement. It should be noted that corrective action is agenda item
for management review. (Relevant Clauses of ISO 9001:2008 QMS
standard8.5.1, 8.5.2.)
Use of preventive action
ISO 9001:2008 QMS standard requires to take action to eliminate
the causes of potential nonconformities in order to prevent their
occurrence. Preventive action is a major improvement tool in the
quality management system. (Relevant Clauses of ISO 9001:2008 QMS
standard8.5.1, 8.5.3.)
Use of management review
Management review is conducted at defined intervals to ensure continuing
suitability, adequacy and effectiveness of the quality management system.
Management review includes assessing opportunities for improvement
and need for changes to the quality management system. Output to the
management review to include any decisions and actions relating to:
(i) improvement of the effectiveness of the quality management system,
(ii) improvement of the effectiveness of the processes of the organization,
(iii) improvement of product related to customer requirements, and
(iv) resources needs of the organization. (Relevant Clauses of ISO
9001:2008 QMS standard5.6, 8.5.1.)

ISO 9000:2005, Quality management systemsFundamental and
vocabulary, identifies eight quality management principles to be used by
the top management of the organization in order to lead the organization
towards improved performance. Among eight principles stated in this

fundamentals and vocabulary standard, continual improvement is
one of the quality management principles. It states that continual
improvement of the organizations overall performance should be a
permanent objective of the organization.

What is the aim of continual improvement? ISO 9000:2005 standard
provides the answer. According to Clause 2.9 of ISO 9000:2005, the
aim of continual improvement of the quality management system is
to increase the probability of enhancing customer satisfaction and also
satisfaction of other interested parties. Following actions are needed for
improvement:

Identifying areas of improvement through analysis and evaluation

of the existing situation
Establishing objectives for improvement
Searching for and evaluating possible solutions to achieve the
objectives
Making a selection from the possible solutions and implementing
the selected solution
Measuring, verifying, analyzing and evaluating results of the
implementation to determine whether the objectives have been
met, and
Formalizing changes

Results should be reviewed to determine further opportunities
for improvement. Accordingly, improvement is a continual activity to
be undertaken by the organization and the top management has the
important role to play in this regard. To identify opportunities for
improvement, following actions may be useful:

Obtaining feedback from customers and other interested parties

Audit results
Review of the quality management system

Process for improvement may be breakthrough improvement or
small-step ongoing improvement. The distinction between two may be
understood as under:

(i) In small-step ongoing improvement there remains involvement of

people working in the process, while in breakthrough improvement
there remains involvement of cross-functional teams outside
routine operation (such as managers, engineers, consultants)
(ii) In small-step ongoing improvement size of changes remain small,
while these are big in breakthrough improvement.
(iii) In small-step ongoing improvement results show small
improvements, while the results show big jump in performance
in breakthrough improvement.
(iv) Cost is low (within operating budget) in small-step ongoing
improvement, while cost is high (may involve additional capital
investment) in breakthrough improvement.
109
(v) Types of changes in small-step ongoing improvement include

modification in practices, procedures, equipment, elimination and
simplification of activities, while types of changes in breakthrough
improvement include process reengineering, major process
upgrades, change in technology and addition of new equipment.

The earlier version ISO 9004:2000 standard provided steps involved
in the method of continual improvement that included:

Identification of a process problem

Selection of area of improvement
Noting the reason for improvement
Evaluating effectiveness and efficiency of the existing process
Collecting relevant data
Analyzing relevant data to discover the generally occurring
problems
Selecting a specific problem
Setting objective for improvement for such specific problem
Identifying and verifying the root causes of the problem
Identifying possible solutions as well as exploring alternative
solutions
Evaluating effects to conform that the problem and its root causes
have been eliminated or their effects reduced
Implementing and standardizing new solutions by replacing old
process with improved process as a preventive action
Evaluating effectiveness and efficiency of the process.

Since the above steps provide improvement solution to a specific
process problem, so the above steps should be repeated on remaining
other identified problems, thereby making the improvement as real and
effective.

John E. (Jack) West in his article Continuous Improvement and
Your QMS says, Piecemeal improvements are no improvements at
all. He also suggests, First, lets review what continual improvement
is and what its not. Continual improvement isnt necessarily improving
everything in the organization. However, it does not entail identifying
and planning changes to those products, processes or systems that will
improve the organization performance. John E. (Jack) West correctly
opines, Sometimes sustained improvement isnt achievable unless
several processes are changed. In the case of improving a product design,
it might be necessary to change not only the design and development
process but also the process for hiring designers, the capital allocation
process and the process for understanding customer requirements. In
such a case, overall systems changes are needed; just starting a new
product design project may be the organizations worst approach.

It is necessary to create people awareness in the organization on
continual improvement and this may be created by forming small
groups, selecting their group leaders, allowing people to control and

improve their workplace and developing peoples knowledge, experience
and skills.

The role of the top management and management representative
are important in continual improvement of the effectiveness of the
quality management system and they should take effective steps to do
so.
QUESTIONS

1. What is continual improvement?
2. What is the aim of continual improvement?
3. Why there is a need of continual improvement in the effectiveness

of the quality management system?
4. How can an organization increase the power of quality management

system?
13
Adding Value to
Internal QMS Audit
AUDIT TYPES
Audits are categorized under three types:

First party or internal audit

Second party or supplier audit
Third party or certification audit
First party or internal audit

First party or internal audit is conducted by the organization itself
(or conducted on behalf of the organization) for management review
and other internal purposes. It is an internal management tool. People
within the organization generally conduct this type of audit. First
party (internal) audit may form basis for self-declaration of conformity
to management systems. Many organizations in the world are now
implementing ISO 9001:2008 QMS standard without obtaining third
party certification. Internal audit is a mandatory requirement of ISO
9001:2008 QMS standard.
Second party or supplier audit
Second party or supplier audit is conducted on supplier or organization
(excepting customers) by parties having an interest in the organization
(such as customer), or other persons on their behalf. Such type of audit
provides a vendor assessment facility for an organization as it audits its
supplier to assess their suitability for future or continuing contracts.
Third party or certification audit
Audits conducted for certification fall in this category. An assessment
to achieve certification to the ISO 9001:2008 QMS standard would
111

fall under this category. Third party (certification) audit is conducted
by external, independent auditing organization (generally known as
certification body or registration body).
Who Is the Customer for Audit?

ISO 9000:2005 standard defines customer as the organization or person
that receive a product. Accordingly, a customer may be a consumer,
client, end-user, retailer, beneficiary and purchaser. Customer with
respect to different audit situations may be as under:

First party audit customer: Management representative, top

management and the auditee department.
Second party audit customer: Typically the purchasing
department of an organization, which use the results of the audit
as a basis for supplier qualification.
Third party audit customer: There are two types of
customers:
* Contractual customer: Organization interested in certification

or the certified organization. Example: ABC Organization
obtained ISO 9001:2008 certification from XYZ Certification
Body, then Management Respresentative/Top Management of
ABC Organization is the contractual customer.
* Ultimate customer: Those who purchase or receive product
from the organization. Example: ABC Organization obtained
ISO 9001:2008 certification from XYZ Certification Body and
MN Customer purchases product from ABC Organization,
then MN Customer is the ultimate customer. (The certification
body should never lose sight to this point and the body should
act in the interest of the ultimate customer.)
Value Added Audit Situation

Value added internal audit should be useful to the auditee, management
representative and top management.

To the auditee: By describing areas of weakness (i.e.

non-compliance of requirements) and by promoting a better
understanding of the organizations quality management system
or environmental management system.
To the management representative: By having an overview
of the organizational processes and interactions, by promoting
a better understanding of internal supplier/customer relations,
and by stimulating better communication between functions (i.e.
breaking down interdepartmental barriers).
Adding Value to Internal QMS Audit
113
To the top management: By verifying effective deployment of

policies and objectives throughout the organization.

Value added third party audit should be useful to the certified
organization (or organization seeking certification), to the organizations
customers and to the certification body in the following manner:

To the certified organization: By providing information to the

organizations top management regarding organizations ability to
meet strategic objectives, by identifying problems (if resolved,
will enhance the organizations performance) and by identifying
improvement opportunities and possible areas of risk.
To the organizations customers: By enhancing the
organizations ability to provide conforming product.
To the certification body: By improving the credibility of the
third party certification process.
WHAT IS AN INTERNAL AUDIT?

Internal audit is used as a tool to monitor and determine the health of
the quality management system implemented in the organization. The
findings of internal audit can help in initiating appropriate measures.
Internal audit is used to measure the effectiveness of an organizations
quality management system. The ISO 9000:2005 standard defines audit
as systematic, independent and documented process (set of interrelated
or interacting activities which transform inputs into outputs) for
obtaining audit evidence (records, statements of fact or other information
which are relevant to the audit criteria and verifiable) and evaluating
it objectively to determine the extent to which audit criteria (set of
policies, procedures or requirements relating to audit) are fulfilled.

Accordingly, we can come to the following conclusions:

An audit is a systematic process

An audit is an independent process
An audit is a documented process. There must be a documented
procedure
An Audit is conducted for obtaining audit evidence
An audit is conducted for evaluating audit evidence objectively
An audit determines the extent to which audit criteria are
fulfilled.

Organizations, implementing ISO 9001:2008 quality management
system for certification/registration, periodically go through two types
of audits:

1. Third party audits by certification/registration body, and

2. Internal audits.

Internal audit is called first-party audit. It is conducted by the
organization itself or conducted on behalf of the organization. Internal
audit is self-audit by the organization and generally conducted by its
own auditors. Internal audit can form the basis for an organizations
self-declaration of conformity.

Internal audit is a systematic process. A process is defined as
set of interrelated or interacting activities, which transforms inputs
into outputs. Accordingly, audit evidences are inputs to internal audit
process and audit results are its output. Audit results become the input
to management review process (please refer to Clause 5.6.2 of ISO
9001:2008).
INTERNAL AUDIT REQUIREMENTS

Internal audit requirement are mentioned in Clause 8.2.2 of the ISO
9001:2008 standard. The purpose of internal audit is to ensure that the
quality management system of the organization conforms to the planned
arrangements to the requirements of the ISO 9001:2008 standard
and the quality management system requirements established by the
organization. The purpose of internal audit is also to ensure that the
quality management system is effectively implemented and maintained
in the organization.

Requirements of the ISO 9001:2008 standard with regard to internal
audit are as under:

The organization needs to conduct internal audits at planned
intervals. Accordingly, frequency of internal audit is to be decided by
the organization. The International Standard has not stipulated any
time period.

An audit programme must be planned taking into consideration of
the following:

The status and importance of processes

Areas to be audited
Results of previous audit(s)
The organization must define audit criteria, scope, frequency and
method
Selection of auditors and conduct of audit must ensure objectivity
and impartiality of the audit process
Auditor is not allowed to audit his own work
The organization is required to define in a documented procedure
the responsibilities and requirements for planning and conducting
audits, and for reporting results and maintaining records.

The management responsible for the area being audited must ensure
that actions are taken promptly to eliminate detected nonconformities
115
and their causes. Follow-up activities must include the verification of

the actions taken and reporting of verification results.
Nonconformity
ISO 9000:2005 standard defines nonconformity as non-fulfilment of a
requirement. Accordingly, non-fulfilment of need or expectation (stated,
generally implied or obligatory) is termed nonconformity. In simple
terms, nonconformity is something that did not go according to plan.
Nonconformity is a deviation from the requirement. Nonconformity
provides improvement opportunity to the organization.
Why may Internal Audit Useless?

Ellen Willoughby (Management Consultant and Owner, All About
Quality, Northampton, UK) says, The main reason internal audits
are useless because they are being carried out to a check-list that is
designed against the quality management Standard you are working
to and not your business.
Adding Value to QMS Internal Audit

Felix Dlamini, a Project Manager in Swaziland, says, Focusing on
specific areas or clauses of the standard to which the internal audit
is conducted is one way of increasing the understanding of the
requirements of a QMS and to ensure the organization complies. This
however requires that the internal auditors are competent and are able
to bring together related concepts within a standard even if they appear
on different clauses of a standard.

Madhavi Shrivastava, a Quality Management Professional in
Houston, USA says, Often it happens that external auditors are able
to find gaps and improvement areas but internal audits portray a
highly satisfactory picture of QMS. She suggests a few points that
can increase value addition of internal audits:

1. Senior management and management representative are

successful in creating a climate where internal audits are valued
and taken seriously by all.
2. QMS objectives and targets are linked to business results.
And internal audits are able to bring out what is the trend of
improvement of key business processes.
3. Internal auditors are selected, trained and coached well to conduct
a useful audit. Compliance verification is the basic requirement
but as time progresses auditors need to go beyond that to keep
QMS really adding new improvement.

Important point we believe that an internal audit requires internal
auditor(s) that should be well trained in auditing techniques and
knowledgeable in effective, improvement and cost reduction methods
to provide value added results. Most organizations that are certified
to ISO 9001:2008 QMS standards use organizations internal auditors
who do internal audits on an as needed basis. Training and conducting
audits is such a small amount of their job that they never have time to
tune and improve their audit skills. Employees often get promotions, get
busier, or may even leave the organization. All of these circumstances
cause organizations to be in a constant internal auditor training mode,
leading to ineffective audits costing money each year, which normally
are not resulting in a positive result. When an experienced, trained
staff conducts audits for a living, which is well trained, and very
knowledgeable about improvement methods and techniques, then the
internal audit will result in a positive outcome. The internal auditor
must undergo training each year to ensure continuing to improve his
knowledge and skills. Every internal audit must provide results in
opportunities for improvements and/or preventive actions, which will
reduce risks, increase customer satisfaction, reduce costs, improve
product and service quality, and much more.

We give below a few tips by which internal auditors will be able
to add value. Internal auditors should use PDCA methodology for
conducting internal audit. It can be done by proper audit planning, using
audit techniques that should focus on processes and results, obtaining
and reporting objective audit findings and carrying out follow-up for
eliminating nonconformance. Accordingly, it is better for the internal
auditor to use the following tips:

The internal auditors should understand the intent of ISO

9001:2008 QMS standard, expectations of the top management
towards continual improvement and corporate culture
The internal auditors should peruse the output from previous
audits (both internal and external) to identify any specific issue
or concern still requires improvement
The internal auditor should understand what are customers and
applicable legal requirements
The internal auditor should seek adequate time for auditing
The internal auditor should focus more on the process, process
performance and results.
The internal auditor should remember eight quality management
principles and use of PDCA approach to evaluate the process
effectiveness: (i) Whether process planning carried out? (ii) Whether
the process carried out according to the process planning?
(iii) What are the expected results? (iv) Whether expected results
are being achieved? (v) What is the nonconformance?
The nonconformance identified by the internal auditor should be
based on an objective evidence
117
The internal auditor should provide adequate opportunity to

correct the nonconformity
The internal auditor should make effort to identify root causes
of problems
The internal auditor should not see who is responsiblerather
consider why and what caused the problem (please see here-inbelow note in this regard)
The internal auditor should adopt a holistic approach while
gathering objective evidence during auditing
The internal auditor should analyze the finding and relate to the
organizations ability to provide product that meet customer and
applicable legal requirements
The internal auditor should report audit findings
The internal auditor should also emphasize positive findings as
appropriate
The internal auditor should consider solution/correction proposed by
the auditee in response to the negative finding (nonconformance)
The internal auditor should carry out process audit by following
the path the auditee takes to carry out the process

Rob De Leur, Process Risk Advisor at Amsterdam, Netherlands is
of the opinion that the internal audit often brings to little serious input
for improvement and says, I am auditing now for almost 20 years and
think that a lot (most) of the internal audits performed dont bring much
for the management. Auditing is a profession and when you do this now
and then with all the good effort, it results to many times in some nonconformity that cant really improve the system or the organization. Too
many times the internal auditor is happy when he/she finds something
and then the management of course always react great job. When I do
my ISO 9001 audits combined with the approach and principles of risk
management, then we are really talking serious auditing (and clients
also confirm). My opinion is not negative but too many times realistic.
I am sure that a good professional executed internal audit can be of
great help. Dominador, Jr. Garrovillas, Audit and Systems Compliance
Manager in Philippines says, We use the RFR approach, i.e., we write
first the Requirements, second the Findings, and lastly the Risk to the
business. (From a discussion in ISO 9001 group at linkedin.com)
Do not see who is responsible. Rather consider why and what caused
the problem or nonconformity?
When you observe nonconformity, do not see who is responsible. Rather
consider why and what caused the problem or nonconformity. When you
consider why and what caused the problem, you may find:

There was inadequate training

Applied procedures were unrealistic
Resources were insufficient

There was not enough time for doing things properly

There may be a better way of doing things.
What is most important? Find out fundamental cause of the nonconformity and stop it from happening again. We need to ask WHY? WHY?
WHY? We should not askWHO?
WHY? WHY? WHY?
Why should we consider WHY? WHY? WHY? question? The simple
reason is that we may be able to find the root cause of the problem.
The following examples may clarify this technique.
First Example

WHY was there nonconformity in the design department?

Because Mr. Jain did not follow the procedure.

WHY did not Mr. Jain follow the procedure?

Because Mr. Jain never received training.

WHY did not Mr. Jain receive the training?

Because Mr. Jain was on leave at that time. Or Because the
department head did not relieve Mr. Jain for the training.

WHY did not the organization management realize this, and train
him later?

Because the organization management or department people do
not foresee this in the SYSTEM.
Here we find that there is an area of improvement.
Second Example

WHY was there nonconformity in the manufacturing section?

Because Mr. Desai did not follow the procedure.

WHY did not Mr. Desai follow the procedure?

Because Mr. Desai did not have the right equipment.

WHY did not Mr. Desai have the right equipment?

Because our organization does not have a preventive maintenance
plan.

WHY did not the organization have a preventive maintenance
plan?

Because preventive maintenance plan is not in the system.

Third Example

WHY did not things go according to plan?

Because Mr. Sharma followed the procedure, even though he
knew the procedure was wrong.

WHY did Mr. Sharma follow the procedure?

Because the procedure was a documented procedure and
Mr. Sharma was scared to get nonconformity!! Alternatively,
119
Because that is the easy way out, he followed documented

procedure. Or Because then Mr. Sharma cannot be blamed.

It is not value added

We should understand that value added is NOT making the audit
more difficult by adding on additional requirements. The auditor should
not add additional requirement, which is not required. We should also
understand that value added is NOT making the audit too easy, so
nobody believes in the results of the audit.

Value added auditing aims to add value, the organization will find
useful. Value added auditing encourages result-focused systems, with
minimum bureaucracy. Value added auditing helps to identify strong
and weak points and focus on the ways to improve. Value added
auditing provides confidence that the quality management system is
king and the organization is consistently providing quality product
to its customers.
ISO 9001 Auditing Practices Group

The ISO 9001 Auditing Practices Group is an informal group of quality
management system (QMS) experts, auditors and practitioners drawn
from the ISO Technical Committee 176 Quality Management and
Quality Assurance (ISO/TC/176) and the International Accreditation
Forum (IAF).

The group has developed a number of guidance papers and
presentations on various QMS auditing topics including the following:

Introduction to the ISO 9001 Auditing Practices Group

The need for a two-stage approach to auditing
Measuring QMS effectiveness and improvements
Identification of processes
Understanding the process approach
Determination of the where appropriate processes
Auditing the where appropriate requirements
Demonstrating the conformity to standard
Linking an audit of a particular task, activity or process to the
overall system
Auditing continual improvement
Auditing a QMS which has minimum documentation
How to audit top management processes
The role and value of the audit checklist
Scope of ISO 9001, scope of Quality Management System and
defining scope of certification
Auditing competence and the effectiveness of the actions taken

Making effective use of ISO 19011

Auditing statutory and regulatory requirements
Auditing quality policy, quality objectives and management
review
Auditing ISO 9001, Clause 7.6 control of monitoring and measuring
equipment
How to add value during the audit processes
Guidance for reviewing and closing nonconformities
Auditing internal communication
Auditing service organization
Third party auditor impartially and conflict of interest
Auditing the effectiveness of the internal audit
Auditing electronic based management systems
Auditing the management of resources
Auditing customer communications
Auditing the design and development process
Documenting a nonconformity
Auditing preventive Action
Auditor code of conduct and ethics
Auditing customer feedback processes
Guidance on cultural aspects of auditing
Output matters!
The above mentioned guidance papers and presentations on various

QMS auditing topics are very useful for auditors for adding value to
their audit. These guidance papers and presentations can be downloaded
from the website of International Accreditation Forum.
Training of Internal Auditor must be a Regular Process

Internal audits require a staff that is well trained in auditing techniques
and knowledgeable in effective, improvement and cost reduction methods
to provide value added results. Most organizations, implementing ISO
9001:2008 QMS standard and also certified to ISO 9001:2008 QMS
standards, use organizations internal auditors who do internal audits
on needed basis. Training and conducting audits is such a small amount
of their job that they never have time to tune and improve their audit
skills. Employees often get promotions, get busier, or may even leave
the organization. All of these circumstances cause organization to be
in a constant internal auditor training mode, leading to ineffective
audits costing huge amount of money each year, which normally are
not resulting in a positive ROI. Experienced, trained staff when conduct
audits for a living, they must be well trained, and very knowledgeable
about improvement methods and techniques. They should undergo
training each year on regular basis to ensure they continue to improve
their knowledge and skills. Every audit they conduct must result in
121
opportunities for improvements and/or preventive actions, which will

reduce risks, increase customer satisfaction, reduce costs, improve
product and service quality, and much more. Training of internal
auditor must be a regular process in an organization implementing ISO
9001:2008 QMS standard so as to create value to internal QMS audit.
QUESTIONS

1. Explain the types of audits?
2. Who are the customers in first party, second party and third
party audits?
3. What is value added audit?
4. Explain value added audit situations.
5. How can you make your internal audit as value added to the
organization?
14
Developing QMS
Documentation
ISO 9001:2008 QMS
Structure of QMS Documentation in ISO 9001:2008
QMS documentation is the basis for establishment, implementation and
maintenance of a quality management system. Generally, there are
three levels of documentation for a quality management system:

Level A Documents: Consisting of Quality Policy, Quality

Objectives and Quality Manual.
Level B Documents: Consisting of Quality Procedures (including
six mandatory procedures for Control of documents, Control
of records, Internal audit, Control of nonconforming product,
Corrective action and Preventive action).
Level C Documents: Consisting of documents needed by the
organization (such as various records, forms, standards, drawings,
specifications, etc.).
The documentation pyramid is shown in Figure 14.1.
Quality
policy
Quality
objectives
Level A
documents
Quality manual
Documented procedures
Documents needed by the organization
Records, forms, standards, drawings, etc.
Figure 14.1 Documentation pyramid.

122
Level B
documents
Level C
documents
Developing QMS Documentation
123

It is not necessary for an organization to have three levels of
documentation separately. An organization can combine all documentation in one manual or can have separate manual for each level. QMS
documentation of one organization can differ from another due to the
following reasons:

The size of the organization may differ from the size of other
organizations.
The type of activities may be different from the activities of other
organizations.
The complexity of processes and their interactions of the
organization may be different from the complexity of processes
and their interactions of other organizations.
The competence of personnel of the organization may differ from
the competence of personnel of other organizations.

As per the provisions of ISO 9001:2008 QMS Standard (Reference
Clause 4.2.1), the quality management system documentation of an
organization need to include the following:

Documented statement of quality policy

Documented statement of quality objectives
A quality manual
Documented procedures required by the standard
Documents (such as procedures, work instructions, etc.) determined
by the organization to ensure effective planning, operation and
control of organizations processes
Records required by the standard
Records determined by the organization to ensure effective
planning, operation and control of organizations processes
Purposes and Benefits of QMS Documentation

There are several purposes and benefits of having QMS documentation.
QMS documentation generally serves the following purposes:

QMS documentation establishes that the organization is dependant

on the system, and not on person.
QMS documentation describes the quality management system
of the organization.
QMS documentation provides evidence of management commitment to the system. It communicates to the employees of the
organization management commitment to quality.
QMS documentation provides an invaluable training aid to its
employees. It defines and guides how the quality management
system is managed in the organization. It provides a basis
for training new employees and periodic re-training of current
employees.

QMS documentation assists employees to carry out their jobs

more effectively by removing ambiguities, defining the system,
designing responsibilities and identifying those responsible for
the activities. It helps employees to understand their roles within
the organization.
QMS documentation provides mutual understanding between
employees and management.
QMS documentation provides a basis for periodic audit and
management review.
QMS documentation provides a basis for expectations of work
performance. It states how activities are to be carried out in
order to achieve specified requirements.
QMS documentation demonstrates to the organizations customers,
certification body and stakeholders that the quality management
system has been systematically planned.
QMS documentation is a vehicle for change management. It
denies ad hoc management and brings systematic management
in the organization.

Responsibility for preparation of QMS documentation should be defined.
It will lead to better understanding of necessary requirements. It will
also provide a sense of responsibility (including the sense of involvement
and ownership by personnel).

It is suggested that a task force with Management Representative (MR)
as its coordinator should be set up for the preparation of documentation.
Initial training may also be necessary on developing documentation (for
writing quality manuals, procedures, work instructions, etc.).

Developing QMS documentation is the most important activity in
the implementation process. A list of documents to be prepared should
be drawn up and the responsibility for writing the documents should be
assigned to persons concerned in various functional departments. The
responsibility to develop QMS documentation (for example: procedures,
work instructions) should be given to those persons, who are involved
with the processes and activities. This will lead to ownership of
documents and better understanding of the processes.

The QMS documentation generally includes the following:

Quality manual, quality policy and quality objectives

Documented procedures (including documented procedures
required by the standard)
Work instructions
Forms
Quality plans
Specifications
125
External documents
Records.

QMS documentation may be any type of media, such as hard copy
or electronic media.

Presently there is an increasing trend of using electronic media.
The reasons are many including the following:

Appropriate persons may have access to the QMS documentation

with up-to-date information all times
Access to QMS documentation may be easily made and
controlled
Changes to the QMS documentation may be easily made and
controlled
Distribution of electronic documentation is fast
Option of printing documentation as hard copies possible
Electronic version of QMS documentation can be accessed from
remote locations
It is easy, simple and effective to withdraw obsolete documents.
Quality Manual
The primary purpose of the Quality Manual is to provide an adequate
description of the quality management system and to serve as a
permanent guide to the implementation and maintenance of that system.
A Quality Manual is unique to each organization. ISO 9000:2005 defines
Quality Manual as document specifying the quality management
system of an organization. It also provides a clarification that quality
manuals can vary in detail and format to suit the size and complexity
of an individual organization.

A small organization may have the description of its entire
quality management system within a single manual, including all the
documented procedures required by ISO 9001:2008 QMS standard.
Large organizations may need several manuals and more complex
hierarchy of documentation.

According to the requirements of ISO 9001:2008 QMS standard, the
Quality Manual must include the following:

The scope of the quality management system

Details of exclusions (if any) with justification
The documented procedures established for the quality
management system (six mandatory documented procedures
as required by the ISO 9001:2008 QMS standard and also
documented process descriptions determined by the organization),
or their reference
Details of interaction between the processes

The Quality Manual normally contains the following:
Title and scopesuch as name of the organization and reference

of the standard
Table of contents
Scope and field of application including details of exclusions (if
any) with justifications
Issue number and date of issue
Amendment record
Evidence of review, approval and revision status
Quality policy
Quality objectives
Organization structure, responsibilities and authorities
Description of applicable elements of the QMS and documented
procedures established for the quality management system or
their reference and details of interaction between the processes
Referenceslist of documents referred to but not included in the
quality manual
Definition section
An appendices showing supporting records, if appropriate.
The Management Representative (MR) as coordinator of the task force

is normally the person, who coordinates the activity of writing quality
manual and other QMS documentation. Following steps may be useful
for the preparation of quality manual:

The coordinator should make a list of all existing quality-related

documents and he/she should obtain copy of each document for
reference.
The coordinator should study each process and prepare a flow
chart of activities.
The coordinator should examine interfaces or lack of interfaces
between the processes.
The coordinator should review the process flow charts and identify
duplication or omissions in the information or process flow.
The coordinator should map out what is to be written in the
Quality Manual.
The coordinator should verify the presence of all the required
elements of ISO 9001:2008 in the current system.
The coordinator should allocate responsibilities for preparing
drafts of relevant parts of the quality manual to the persons
actually concerned with specific operations.
It is always better to first deal with documentation covering
critical areas and thereafter deal with documents that can be
prepared easily.
The coordinator should circulate the completed drafts to persons
concerned for comments.
127
The coordinator should consider comments received and incorporate

necessary corrections.
The coordinator should take action to prepare final manuscript
of the quality manual.
There are two approaches to write a quality manual:

The first approach is to write the quality manual according to

the sequence and layout of the standard.
The second approach is to write the quality manual according to
the organization work flow. Under this approach, cross-references
are given in a schedule of conformity to the relevant elements of
the standard.

The first approach is generally used for writing Quality Manual by
most organizations (particularly small and medium sized organizations)
as it has advantage of making it easy to establish concordance with
the requirements of the standard. The second approach is practical for
large organizations.
Procedures
ISO 9000:2005 standard defines a procedure as specified way to carry
out an activity or a process. A procedure can be documented or not.
When a procedure is documented, it is usually referred to as a written
procedure or documented procedure.

A written procedure usually covers the following:

Title
Document number
Reference
Cross-reference
Purpose
Scope
Responsibility and authority
Description of activitiesProcedures (what, when, where, how,
etc.), process controls, defining necessary resources, defining
input and output of the process, defining measurements, etc.
Records related to the activities
AppendicesInformation supportive to the procedure
Review, approval and revision status
Identification of changes.

As per the requirements of ISO 9001:2008 QMS standard, the
organization must have documented procedures for the following six
activities:

Control of records

The following steps for developing procedures may be useful:
The Management Representative (MR) should identify the need.

In addition to six documented procedures (as mentioned above),
the MR should identify critical activities for formalization of
procedures.
The Management Representative should identify the person
concern to write the procedures.
The Management Representative should authorize the person
concern to develop specific procedure(s).
The person concerned should collect relevant information about
the procedure.
The person concerned should prepare a draft procedure and
should hand over the same to MR.
The MR should circulate the draft procedure to all persons in
the organization who deal with the activity/process. He/She
should obtain comments on the draft procedure and incorporate
necessary changes.
Internal audit
Corrective action
Preventive action
Work Instructions
Work Instructions (WI) should be developed and maintain to describe
the performance of all work that performance of such work would be
adversely affected by lack of such work instructions. The structure,
format and level of detail used in the Work Instructions should be
according to the needs of the organization and its people, and should
depend on the complexity of the work, methods used and the competence
of the people of the organization.

The structure of work instructions may vary from that of documented
procedures. However, work instructions should include the following:

Title
Unique identification
ContentsDescription of critical activities.
Purpose and scope of the work and objectives
Reference to the pertinent documented procedures
Review, approval and revision status
Records, where applicable
Identification of changesWhere practicable, the nature of
changes identified either in the document or the appropriate
attachments.
129
Work instructions should describe critical activities.
Following steps for developing work instructions may be useful:
The Management Representative (MR) should identify the need

of work instructions.
The Management Representative should identify the person
concerned to write the work instructions.
The Management Representative should authorize the person
concerned to develop specific work instructions.
The person concerned should collect relevant information about
the work instructions.
The person concerned should prepare a draft work instructions
and should hand over the same to MR.
The MR should circulate the draft work instructions to persons
handling/supervising the work. He/She should obtain comments on
the draft work instructions and incorporate necessary changes.
Forms
Forms are developed and maintained to record data. The form should
contain the following:

Title
Identification number
Revision level and date of revision.
Reference of forms should be given in manual, documented procedures

and/or work instructions.
Quality Plan
ISO 9000:2005 standard defines quality plan as a document specifying
procedures and associated resources shall be applied by whom and
when to a specific project, product, process or contract. Quality plan
procedures generally include procedures referring to QMS processes and
product realization processes. A Quality Plan often makes reference to
parts of the quality manual or to documented procedures. A Quality
Plan is generally one of the results of quality planning. Thus, Quality
Plan should contain scope, unique procedures, work instructions and/
or records.
Approval and Issue of Documents

After developing documentation, appropriate steps regarding approval
and issue of documents should be taken as per documented procedure
Control of documents.
QUESTIONS

1. Describe the structure of QMS documentation for implementing

ISO 9001:2008 QMS.
2. What is documentation pyramid?
3. Describe the purpose of documentation.
4. What is quality manual?
5. How you propose to develop documentation of your organization?

Prepare a plan.
6. What is procedure?
7. What is a work instruction?
8. Specify the mandatory QMS procedures in ISO 9001:2008 QMS.
9. Narrate the steps for developing procedures.
10. Narrate the steps for developing work instructions.
APPENDICES
A P P E N D I X
Sample QMS Procedures

Sample QMS Procedure on Control of Documents
Organization QMS Procedure
Name
Control of Documents
XYZ

Procedure No. XYZ/QP/01

Amendment No. 00
Page 1 of ..
Effective Date DD-MM-YYYY
1. Purpose: The purpose of this QMS procedure is to define a

procedure for control of documents.
2. Scope: This QMS procedure is applicable to all departments of
our company.
3. Reference: ISO 9001:2008 QMS standard Clause 4.2.3
4. Cross Reference: Quality Manual Para . (Please mention
appropriate reference).
5. Responsibility: Management Representative and respective
departmental heads.
6. Procedure:
6.1 The Quality Manual and QMS Procedures of our company
are documented in a standard format having following
information:

Organization name

Type of document (Quality Manual or QMS Procedure)

Title (for example, Control of Documents)

Document number

Page number

Effective date

Prepared by

Copy number

Date of issue

Approved by

Issued by.
6.2 The Managing Director is the competent authority to
approve for adequacy prior to the issue of the Quality
133
134 Appendix A
Manual and QMS Procedure(s). Thereafter, the Management
Representative issues these documents.
The quality manual and quality management system
procedures are reviewed and approved by the Managing
Director. The Management Representative issues such
approved documents.
6.3 Controlled copies of documents are stamped controlled copy
in red ink and issued to locations where they are required
for effective functioning of the quality management system.
6.4 The Management Representative ensures that controlled
copies of relevant documents and their amendments, if
any, are promptly distributed to holders. The Management
Representative takes necessary steps to immediately remove
superseded documents from all points of issue or use. He
destroys superseded documents to prevent any unintended
use. However, the Management Representative retains a set
of all superseded documents under his issuing authority for
reference. Such documents are stamped superseded.
6.5 Each document binder has an index indicating the current
revision status of the documents. When an amendment is
made, the amendment number of the document is revised
upwards and the same is indicated on the document, index
and amendment record sheets. Changes to documents are
described in brief in the amendment record sheet of the
respective document binders.
6.6 The index has following details:

Sr. Title Document/

No.
Procedure No.
Amend-
ment No.
Amend-
ment No.
Amendment No.
Effective
Date
Effective
Date
Effective
Date
6.7 The amendment record sheet has following details:

Sr.
No.
Document/
Amendment
Procedure No.
No.
Effective
Date
Reason for
Amendment
6.8 A list of controlled copyholders of documents/procedures are

maintained with following details:

Copy No.
Holder Documents (Sr. No.) issued as per index

Such list is distributed to controlled copyholders.
6.9 Auditors copy of documents is under the control of the
Management Representative and issued to the auditor(s)
whenever required by him/them.
Appendix A
135
6.10 A master list of procedures, work instructions, formats/charts,

etc. are maintained by the Management Representative. The
current revision status of these documents is also indicated
in the list.
6.11 The Management Representative ensures that:

Changes and the current revision status of documents are
identified

Relevant versions of applicable documents are available
at points of use

Documents remain legible and readily identifiable.
6.12 Documents of external origin (such as National / International
Standards, Statutory Rules/Regulations, etc.) are identified
and their distribution are controlled by maintaining following
list:
Sr. No.
Document of External Origin
Holder
The Management Representative maintains such list.

7. Distribution: Following are the holders of controlled copy of this
QMS procedure:

Managing Director
Manager (Purchase)
Manager (Works)
Manager (Marketing)
Manager (Customer Service)
Auditor.
(Please note that the above list is illustrative)
Prepared by

Copy
No. 1
Date of Issue
DD-MM-YYYY
Approved by:
Sd/-M.D.
Issued by:
Sd/-M.R.
Sample QMS Procedure on Control of Records

Organization
QMS Procedure

Name
Control of Records

XYZ


Amendment No. 00
Page 1 of .
Effective date: DD-MM-YYYY

procedure for control of records in the organization.
our company implementing ISO 9001:2008 QMS.
136 Appendix A

4. Cross Reference: Quality Manual Para (Please mention

5. Responsibility: Management Representative and respective
departmental heads.
6. Procedure:
6.1 Records in our organization are maintained to provide
evidence of conformity to requirements and of the effective
operation of the quality management system. The records
are established and maintained as per documented procedure
and are accessible to all users.
6.2 Records are maintained in a legible manner and are readily
retrievable.
6.3 Records are stored in suitable facilities to prevent damage,
deterioration or loss.
6.4 Following records have been identified and are kept in
respective files indicating the file number and retention
time:
Records

Management review
Education, training, skill
and experience
Evaluation of suppliers
File No.
Retention time
QMS/RF/001
5 years
QMS/RF/002
QMS/RF/003
Pl. see Para. 6.5

5 years
(Above list is illustrative. It is advised to complete the list of

records as per your organizations needs and QMS requirements.)
6.5 Records of education, training, skill and experience of
employees are kept in the personnel files of employees
concerned. Such records are kept till employee remains in
the service of the organization.
6.6 After expiry of the retention period, a particular record may
be disposed of with the sanction of the General Manager incharge of the department concerned. For example, record of
evaluation of a supplier may be disposed of with the sanction
of the General Manager (Purchase).
6.7 Records are maintained and kept in good manner by the
respective department heads/personnel as indicated below:

Records
Holder of records
Management review
Education, training, skill
and experience
Evaluation of suppliers
Internal audit
(Above list is illustrative. It is advised to complete the list of

records as per your organizations needs and QMS requirements.)
Manager, HRD
Manager (Purchase)
Appendix A
137
7. Distribution: Following shall be holders of controlled copy of this

QMS procedure:
Managing Director
Manager (Purchase)
Manager (Works)
Manager (Marketing)
Manager (Customer service)
Auditor.
(Please note that the above list is illustrative.)

Prepared by

Copy
No. 1
Date of Issue
DD-MM-YYYY
Approved by:
Sd/-M.D.
Issued by:
Sd/-M.R.
Sample QMS ProcedureInternal Audit

Organization
QMS Procedure

Name
Internal Audit

XYZ


Amendment No. 00
Page 1 of 7

procedure for internal audit in the organization.
5. Responsibility: The Management Representative shall be
responsible for planning and execution of internal audit in our
organization at planned intervals.
6. Procedure:
6.1 The internal audits in our organization are conducted
to verify the compliance and effectiveness of the quality
management system in our organization to ensure that the
quality management system:

Conforms to the planned arrangements, to the requirements of ISO 9001:2008 QMS standard and to quality
management requirements established by our organization

Is effectively implemented and maintained.
6.2 The frequency of internal audit is at least once in a year.
Accordingly, each activity/location unit is audited at least
once a year.
6.3 Based on the recommendation of the Evaluation Panel and
selection procedure for internal auditors, the Management
138 Appendix A
Representative decides the audit team and team leader.
Qualification criteria for internal auditors are on the basis
of the guidelines given in ISO 19011:2011 standard.
6.4 The Management Representative decides the quantum of
work relating to internal audit. He advises the tentative
dates to the auditors and auditees (i.e. department head of
the departments under audit). Reference form is used: XYZ/
QF/11-Audit Scope.
6.5 The audit team leader decides the exact dates and time with
team members and informs the same to auditee and the
Management Representative.
6.6 The Audit Team Leader prepares checklist for system/
adequacy audit in consultation with team members. Checklist
form: XYZ/QF/12 should be used.
6.7 It is the duty of the Audit Team Leader to carry out adequacy
system audit based on our Quality Manual. Observations are
noted in checklist form No. XYZ/QF/12.
6.8 On the fixed date and time, a formal entry meeting is
conducted by the audit team with the head of the auditee
department with the following agenda:

Introduction of team members

Scope of audit

Guide for auditors

Special requirements of safety kits (if needed)

Any other point.

Responsibility: Audit Team Leader.
6.9 Thereafter, the team members as per direction of the Audit
Team Leader conduct the audit. During audit, the respective
team members in his observation notes record objective
evidence. In case of nonconformity, an acceptance is obtained
from the guide or person concerned at the place of audit.
This is properly recorded in Corrective Action Request (CAR)
form No. XYZ/QF/13.
A summary of audit along with CAR forms is prepared
and presented in the exit meeting at the end of audit to the
head of department. If a follow-up audit is agreed upon, then
follow-up audit is conducted at a decided date.

On completion of corrective actions, a particular
nonconformity may be cleared and the same is recorded in
the CAR form.
6.10 A final report on form No. XYZ/QF/14 is submitted to the
auditee department by the Audit Team Leader with a copy
to the Management Representative.
6.11 Corrective action is planned and initiated by the department
head under intimation to the Management Representative.
Appendix A
139
6.12 Management Representative monitors timely compliance of

CARs. The Management Representative maintains records
of internal audits. Management Representative puts the
results of internal audit for Management Review.
6.13 There may be instances where audit team may consist of
single internal auditor and such auditor acts as Audit Team
Leader.
7. Documents:
Audit Scope Form
: Form No. XYZ/QF/11
Checklist Form
Corrective Action Request (CAR) Form : Form No. XYZ/QF/13
Audit Report Summary Form
8. Distribution: Following are holders of the controlled copy of this
QMS procedure:

1. Managing Director
2. Management Representative
3. Manager (Purchase)
4. Manager (Works)
5. Auditor.

Specimen: Form No. XYZ/QF/11
Organization Name: XYZ
Audit Scope
Department/Area ..
Audit No.
1.
2.
3.

4.

5.

6.
7.

8.
Audit Date(s) planned

Audit Team
Audit Scope
Check (x)
[ ] Full
[ ] Closing out (See 4)
[ ] Specific (See 5)
Audit Scope: Closing out
Reference of previous audit report(s)
Audit Scope: Specific
Details of aspects to be checked
Standard covered: ISO 9001:2008 QMS
Distribution
1. Audit Team Members:
2. Auditee Department:
Signature of MR and Date:
140 Appendix A

Sl. No.

Sheet of

Checklist Form
Clause Quality
Aspect
ISO
Elements
1
2
Remark/
System Compliance Comments
Please indicate with following codes:

At Serial No. 1System
At Serial No. 2Compliance
ADefined
BDefined with deviation
CNot defined
DNot applicable
ACompliance in full
BCompliance with deviation
CNon-compliance MINOR
DNon-compliance MAJOR
Note: For B, C and D, auditor should indicate his remarks/comments.


Corrective Action Request (CAR)
Department:
Auditor(s):
Department Representative:
Audit Reference No. and Date:
Quality Manual/Procedure Reference:
Standard: ISO 9001:2008 QMS
Non-compliance Remarks (by the auditor)
Auditor Signature with date
Major/Minor
Auditee Signature with date
Corrective Action Recommended/Agreed (Auditee should make his remarks)

Tentative date for completion
Auditee Signature with date
Follow-up Action
Action Completed (Verification should be done)
Appendix A
141

Audit Report Summary

1.
2.
3.
4.
5.
6.
7.
8.
9.
10.

11.
12.

Department
Audit No.
Audit Team
Date(s) of Actual Audit
Total No. of Nonconformances reported (6+7+8)
No. of nonconformances for which QMS requirements not defined
No. of nonconformances for which QMS requirements not
implemented
No. of nonconformances where the practice is not effective
Enclosures (please indicate total number of pages)
Signature of auditors with date
(1) .......................................
(2) .......................................
Review by the Management Representative
Signature of the Management Representative with date
Prepared by

Copy
No. 01
Date of Issue
DD-MM-YYYY
Approved by:
Sd/-M.D.
Issued by:
Sd/-M.R.
Sample QMS Procedure on Control of Nonconforming

Product
Organization
QMS Procedure

Name
Control of non-

XYZ
conforming product


Amendment No. 00
Page 1 of ....
1. Purpose: The purpose of this quality management system

procedure is to define a procedure for control of nonconforming
product in the organization.
3. Reference: ISO 9001:2008 QMS standard Clause 8.3
5. Responsibility: The Manager (works) is authorized to take
suitable steps for control of nonconforming product.
142 Appendix A
6. Procedure:
6.1 Our manufacturing processes undergo through various
inspections and tests. A nonconforming product is normally
detected during one of the inspection and/or test stages.
6.2 The moment any nonconformity is noted, the product is
clearly identified with suitable code or mark. This code or
mark makes it apparent that the product does not conform
to requirements. Details of such nonconforming product is
recorded in the Record Performa of nonconforming product
(Form No. XYZ/QF/15).
6.3 Such nonconforming product is physically segregated and
kept at a place meant for storing nonconforming products
pending review.
6.4 Details of such nonconforming product are brought to the
knowledge of the Manager (works) for review.
6.5 The manager (works) reviews the nature of nonconformity
of the product and he may take one of the following
decisions:

Releasing nonconforming product as the nonconformity is
so minor as to have no effect on the performance of the
end-products, subject to approval by the customer (where
applicable).

To rectify the nonconformity by reworking, thereby ensuring
complete compliance with specified requirements.

By repairing or reprocessing so as to meet specifications.

By regrading the product to a lower quality category with
whose requirements it complies or by marking as a second
product to be sold at a reduced price.

By declaring the nonconforming product as scrap, if none
of the above actions can be taken.
6.6 When a nonconforming product is to be used as it is or after
repair, it is said to be under acceptance on concession. In
contractual situation, a reporting is made to the customer,
describing the nature on the nonconformity, the quantity
affected and the details of the rectification proposed.
6.7 Decision taken by the manager (works), based on
the review of the nonconforming product, is quickly
implemented to minimize the effect on production schedule.
Accordingly, product needs rework/repair/reprocess is sent
to the department concerned promptly. Disposal of products
(declared as scrap) is done periodically by the manager
(works) as per his delegated authority.
7. Documents: Performa Record of Nonconforming Product
XYZ/QF/15.
Appendix A
143

QMS procedure:
4. Manager (Works)
5. Auditor.

(Please note that above list is illustrative)
Proforma Record of Nonconforming Product
Department:
Reporting No.: .......

1.
2.
3.
4.
5.
6.
Description of the product (with batch number, if any):

Nature of the nonconformity observed:
Identification mark/code marked on the nonconforming product:
Have you physically segregated the product? If yes, where kept?
Comments/Recommendations:
Signature of Reporting Personnel, designation and date

Review by the Manager (Works)
The above mentioned nonconforming product may be

] Released as the nonconformity is so minor as it will have no

effect on the performance of the end product.
[
] Repaired.
[
] Reprocessed.
[
] Regarded to lower quality category.
[
] Marked as second product for selling at a reduced price.
[
] Declared as scrap.
Specific remarks, if any:
Date:
Signature of the Manager (Works)

Disposal Action Taken
Date:
Prepared by

Signature with designation

Copy
No. 01
Date of Issue
DD-MM-YYYY
Approved by:
Sd/-M.D.
Issued by:
Sd/-M.R.
144 Appendix A
Sample QMS Procedure on Corrective Action

Organization
QMS Procedure

Name
Corrective action

XYZ


Amendment No. 00
Page 1 of 2
1. Purpose: The purpose of this quality management system

procedure is to define a procedure for corrective action in our
organization.
4. Cross Reference:
1. Quality Manual Para (Please mention appropriate
reference).
2. QMS Procedure No. XYZ/QP/04.
5. Responsibility:
1. Head of departments
2. Manager (Works).
6. Procedure:
6.1 Our organization is committed to eliminate causes of
nonconformities in order to prevent recurrence.
6.2 Manager (Works) is authorized to review and deal nonconformities as per our QMS Procedure Ref. No. XYZ/QP/04.
6.3 Customer complaint received in the organization is brought
to the notice of the head of the department to which it relates.
The head of the department reviews the customer complaint,
evaluate the need for action, determine and implement the
action needed.
6.4 If the customer complaint relates to nonconformity of
the product manufactured by our organization, then such
customer complaint is sent to the Manager (Works) for his
review and necessary action.
6.5 Our organization maintains records of customer complaints
in a register, having following details:

1. Sr. No.

2. Date of receipt of customer complaint

3. Customers name and address

4. Brief details about the nature of customers complaint

5. Actions suggested/taken

6. Results of action taken

7. Date(s) of reply to customer

8. Date of closure of customer complaint
6.6 Monthly report of customer complaints is prepared by each
department and sent to the Manager (Customer Relations)
and a copy to the Management Representative.
Appendix A
145
6.7 The Manager (Customer Relations) reviews the corrective

actions taken periodically and submits his consolidated report
to the Management Representative once in a quarter.
QMS procedure:
4. Manager (Customer Relations)
5. Manager (Works)
6. Auditor.
Prepared by

Copy
No. 01
Date of Issue
DD-MM-YYYY
Approved by:
Sd/-M.D.
Issued by:
Sd/-M.R.
Sample QMS Procedure on Preventive Action

Organization
QMS Procedure

Name
Preventive action

XYZ


Amendment No. 00
Page 1 of 2

procedure for preventive action in our organization.
4. Cross Reference:
Quality Manual Para (Please mention appropriate
reference).
5. Responsibility:
1. Manager of departments, and
2. Management representative.
6. Procedure:
6.1 Our organization is committed to eliminate causes of potential
nonconformities in order to prevent their occurrence.
6.2 Customer complaints, internal audit reports, customer
feedback, employees suggestions are used as inputs for
determining potential nonconformities and their causes.
6.3 It is the responsibility of the managers of departments and
the Management Representative to take suitable steps to
eliminate the causes of potential nonconformities.
6.4 Applying and adhering to the stipulated norms, procedures
and processes reduce potential nonconformities.
146 Appendix A
6.5 Managers of departments and the Management Representative meet once in a quarter to determine and discuss
potential nonconformities and their causes, evaluating the
need for action, determining and implementing the action
needed. The Management Representative calls such meeting.
Top Management Executive(s) is/are also invited in such
meetings.
6.6 The Management Representative maintains records of the
minutes of such meetings and records of results of action
taken.
6.7 Status of preventive actions is reviewed in the Management
Review meetings, which is held once in six-month period.
QMS Procedure:
4. Manager (Customer Relations)
5. Manager (Works)
6. Auditor.

Prepared by

Copy
No. 01
Date of Issue
DD-MM-YYYY
Approved by:
Sd/-M.D.
Issued by:
Sd/-M.R.
Note: Please note that the quality management system documentation

of one organization can differ from another due to:

The size of the organization

Type of activities
The complexity of procedures, and their interactions
The competence of personnel.
Above QMS procedures have been given only for guidance purpose.
A P P E N D I X
Certification Bodies in India
This annexure provides details of certification bodies operating in India.

This list is indicative and does not include each and every certification
body. Utmost care has been taken to ensure correctness and accuracy
of the contents. However, omissions and errors, if any are regretted.
AGSI Certification Pvt. Ltd.
208, Kartik Complex, New Link Road,
Opp. Laxmi Industrial Estate,
Andheri (West), Mumbai 400 053
Email: agsicert@gmail.com
Website: www.agsicertification.com
American Quality Assessors (India) Pvt. Ltd.
Quality House,
Plot No. MCH 452,
H.No. 8-2-601/P/6, Panchvati Colony,
Road No. 10, Banjara Hills,
Hyderabad 500034.
Email: aqaindia@aqa.in
Website: www.aqa.in
BSCIC Certifications Pvt. Ltd.
Suites 2nd Floor,
SCO 150, Sector 21C,
Faridabad 121001
Email: bscic@bsc-icc.com
Website: bsc-icc.com
BSI Group India Pvt. Ltd.
The Mira Corporate Suites (A-2),
Plot 1 & 2, Ishwar Nagar,
Mathura Road, New Delhi 110 065
Email: india.marketing@bsigroup.com
Website: www.bsigroup.co.in
147
148 Appendix B
Bureau of Indian Standards
9, Bahadur Shah Zafar Marg,
New Delhi 110 002 (India)
Email: mscd@bis.org.in
Website: www.bis.org.in
Bureau Veritas Certification (India) Pvt. Ltd.
Marwah Centre, 6th Floor,
Opposite Ansa Industrial Estate,
Kishanlal Marwah Marg, Opp Sakivihar Road,
Andheri East, Mumbai 400 072
Email: Rajendra.sharma@in.bureauveritas.com
rad@in.bureauveritas.com
Website: www.bureauveritas.co.in
Det Norske Veritas AS (Certification Services, India)
9th Floor, NDMII, Netaji Subhash Place,
Near TV Tower, New Delhi 110034.
Email Krishna.Kumar@dnv.com
Website: www.dnv.com
GCAS Quality Certifications Pvt. Ltd.
Door No. 96/104, Kaveri Complex,
Flat No. 403, 4th Floor,
Nungambakkam High Road,
Chennai 600034.
Email: info@gcasquality.com
Website: www.gcasquality.com
ICMQ Certification India Pvt. Ltd.
A/518, Sagar Tec Plaza,
Sakinaka Ju, Andheri (East),
Mumbai 400072.
Email: info@icmq.in
Website: www.icmq.in
ICRS Management Systems Pvt. Ltd.
C53, Ground Floor, Sector 2,
Noida 201301
Email: info@icrsms.com
Website: www.icrsms.com
Indian Register Quality Systems (IRQS)
9th Floor, BETA Building,
i-Think Techno Campus, Near Kanjumarg Railway Station,
Kanjumarg (East), Mumbai 400042.
Email: irqs@irclass.org
Website: www.irclass.org
Appendix B
Integrated Quality Certification Pvt. Ltd.

Platinum City, G/13/03, Site No. 02,
Next to CMTI, HMT Road, Yeshwantpur Post,
Bangalore 560022
Email: bkpai@iqcglobal.com
madhu@iqcglobal.com
Website: www.iqcglobal.com
International Certifications Services Pvt. Ltd.
22/23, Goodwill Premises, Swastik Estate,
178, CST Road, Kalina, Santacruz (East),
Mumbai 400 098
Email: info@icsasian.com
Website: www.icsasian.com
Intertek India Pvt. Ltd.
F Wing, 2nd Floor, Tex Centre,
Chandivali Farm Road, Andheri (East),
Mumbai 400072.
Email: chandrakant.kulkarni@intertek.com
Website: www.intertek.com
ISOQAR (India) Pvt. Ltd.
E102, 10th Floor, Galaxy Apartments,
Next to Grand Bhagwati Hotel Bodakdev,
Ahmedabad 380054.
Email: contact@isoqarindia.com
Website: www.isoqar.com
KBS Certification Services Pvt. Ltd.
414424, Om Shubham Tower,
Neelam-Bata Road,
N.I.T. Faridabad 121001.
Email: info@kbs-smr.com
info@kbsindia.in
Website: www.kbsindia.in
Lloyds Register Quality Assurance Ltd. (India Branch)
Unit 63 & 64, 6th Floor, Level 5,
Kalpataru Square, Kondivita Lane,
Off Andheri-Kurla Road, Andheri (East),
Mumbai 400059
Email lrqa-india@lrqa.com
149
150 Appendix B
MS Certification Services Pvt. Ltd.
3/23, R K Chatterjee Road,
Kolkata 700042
Email: mscertisp@yahoo.co.in
Website: www.mscertification.com
NQAQSR Certification Pvt. Ltd.
107/55, 1st Floor, Madhuban Building,
Nehru Place, New Delhi 110019.
Email: info@nqacertification.com
Website: www.nqacertification.com
NVT Quality Certification Pvt. Ltd.
CAP-1, EOIZ, Export Promotion Industrial Park,
Near ITPL, Whitefield,
Bangalore 560 066.
Email: nvt@nvtquality.com
Website: www.nvtquality.com
Phoenix Progressive Certifications Enterprise Pvt. Ltd.
502, The Chambers, 4/12/13, Viman Nagar,
Pune 411014
Email: pune@ppceworld.com
Website: www.ppceworld.com
QMS Certification Services Pvt. Ltd.
207, Durga Towers, RDC, Raj Nagar,
Ghaziabad (U.P.) 210002
Email: qms@qmscertification.com
Website: www.qmscertification.com
QSI (India) Certifications Pvt. Ltd.
557, Sector 1, Vidyadhar Nagar,
Jaipur 302 023 (India)
Email: qsicert@gmail.com
rameshag@ieee.org
Website: www.qsi-india.org
RINA India Pvt. Ltd.
B Wing 607/608, Everest Chambers,
Marol Naka, Andheri-Kurla Road,
Andheri (E), Mumbai 400 059.
Email: Bombay.Office@rina.org
Website: www.rina.org
Appendix B
SGS India Pvt. Ltd.

SGS House, 9-1-127/2, 43, Sarojini Devi Road,
Secunderabad 500 003, India
E-mail: sgs_india@sgs.com
K_madhusudan@sgs.com
Website: www.sgs.com
STQC Certification Services
Ministry of Communication & IT, STQC Directorate,
Electronic Niketan, 6 CGO Complex,
Lodhi Road, New Delhi 110003
Email: gsaxena@mit.gov.in
SWISS CERT Pvt. Ltd.
507 Pragati Tower, 26 Rajendra Place,
New Delhi 110008
Email info@swisoindia.com
Website: www.swisoindia.com
Transpacific Certifications Ltd.
61, Rani Jhansi Road, Opp. Jhandewalan Mandir,
New Delhi 110055
Email: operations@tclcertifications.com
Website: www.telcertifications.com
Tuv India Pvt. Ltd.
801, Raheja PlazaI, L.B.S Marg,
Ghatkopar (west), Mumbai 400086
Email: rai@tuv-nord.com
TUV Intercert India Pvt. Ltd.
Vistar Enclave, No. 12, 1st Floor, 4th Main Road,
Malleshwaram, Bangalore 560003.
Email: riyer@tuv-intercert.org
Website: tuv-intercert.org
TUV Rheinland (India) Pvt. Ltd.
Alpha Tower, Sigm Tech Park, 7,
Whitefield Main Road,
Varthur Kodi, Bangalore 560066.
Email info-ind@ind.tuv.com
Website: www.ind.tuv.com
TUV South Asia Pvt. Ltd.
Off. Saki Vihar Road, Saki Naka Andheri (East),
Mumbai 400072
Email Mario.Rodrigues@tuv-sud.in
Website: www.tuv-sud.in
151
152 Appendix B
TQ Services
Mithona Towers 1, 1-7-80 to 87,
Opp. Wesley Co-ed Jr. College,
Prenderghast Road, Secundrabad 500003
Email: tplqs@tataprojects.com
Website: www.tataprojects.com
UL Management Systems Solutions India Pvt. Ltd.
147, 5th Floor, Anjaneya Techno Park,
Airport Road, Kodihalli, Bangalore 560017.
Email: customerservice.india@in.dqs-ul.com
Website: www.ul-dqs.in
URS Certification Ltd.
B-8, Dayanand Colony, Lajpat Nagar IV,
New Delhi 110 024
Email info@ursindia.com
Website: www.ursindia.com
Vexil Business Process Services Pvt. Ltd.
10184, 3rd Floor (Landmark Inn),
Main Arya Samaj Road, Karol Bagh,
New Delhi 110005.
Email: info@vexilbps.com
vinod.jain@vexilbps.com
Website: www.vexilbps.com
Vincotte International India Assessment Services Pvt. Ltd.
B86, Sector 57, Sushant LokIII, Gurgaon.
Email: mandar.sathaye@vi-india.com
Website: www.vi-india.com
A P P E N D I X
Frequently Asked Questions
1. What is ISO?
ISO (from the Greek word ISOS meaning equal) refers to the
International Organization for Standardization. ISO is based in Geneva,
Switzerland. ISO is a non-governmental organization and has issued
more than nineteen thousand international standards, among which is
the ISO 9000 series on quality management. ISO is the largest developer
and publisher of international standards for business, government and
society to ensure desirable characteristics of products and services such
as quality, environmental friendliness, safety, reliability, efficiency and
interchangeability at an economic cost. ISO standards are creating
confidence globally for improving the quality of human life.
2. What is ISO 9000?
ISO 9000 is a generic name given to the family of standards developed
to provide a framework around which a quality management system
can effectively be implemented.
3. What are the ISO 9000 series of standards?
ISO 9000 series consists of four primary standards supported by several
other documents. These four primary standards are:
ISO 9000:2005, Quality Management SystemsFundamentals and vocabulary;
ISO 9001:2008, Quality Management SystemRequirements;
ISO 9004:2009, Managing for the sustained success of an organization
A quality management approach.
The ISO 9000 standards were published initially in 1987, revised for
the first time in 1994, and revised for the second time in 2000. The
current ISO 9001 standard in the ISO 9000 family is the fourth edition
that is revised in 2008.
4. Is there any relation between ISO 9001: 2008 QMS standard
and other quality initiatives?
Yes, ISO 9001:2008 QMS standard is closely linked with other quality
initiatives. Other quality initiatives, e.g. BPR (business process reengineering),
153
154 Appendix C
Kaizen, six sigma, 5-S etc. help any organization in identifying what they
need in order to improve quality and ISO 9001:2008 QMS standard provides
a strategic approach for how to implement along with the roadmap for that
implementation. In other words, ISO 9001:2008 QMS standard provides a
way to document the what.
5. What is ISO 9004:2009?
ISO 9004:2009 standard provides organizations with a model for
sustained success in todays complex, demanding, and ever-changing
environment. It provides guidance for the continual improvement of an
organizations overall performance, efficiency and effectiveness by using
a quality management approach to manage for the sustained success of
an organization. This standard provides a broader perspective of quality
management particularly for performance improvement. It is useful for
the organizations to move beyond ISO 9001:2008 QMS requirements,
in pursuit of ongoing improvement.
6. What is the purpose of the various clauses mentioned in ISO
The clauses mentioned in ISO 9001:2008 QMS standard cover all
aspects of a business operation (management responsibility, resource
management, design and delivery, and measurement and improvement)
needed to implement quality management system for satisfying customer
needs and provide evidence of its effective operation.
7. What does Conformity to ISO 9001:2008 mean?
Coformity to ISO 9001:2008 means that the organization who
declares conformity has established a systematic approach to quality
management, and is managing its business to ensure that customers
needs are clearly understood, agreed and fulfilled. It is very important
to understand that ISO 9001:2008 is a system conformity standard, and
not a product conformity standard.
8. Is ISO 9001:2008 QMS standard applicable to both the manufacturing and the services sector?
The ISO 9001:2008 QMS standard is very generic in nature so that
it can be implemented by all organizations, regardless of the type
and size of the business, and they are applicable to all categories of
products, whether hardware, software, processed material or services.
Accordingly, ISO 9001:2008 QMS standard is applicable to both the
manufacturing and the service sector.
9. What were the major changes between 1994 and 2000 versions
of the standards?
The ISO 9000:2000 series standards has a greater focus on top
management commitment, customer satisfaction, factual approach to
Appendix C
155
decision making, continual improvement and emphasize a process-based

approach to quality management.

A process-oriented structure with more logical sequence of the
contents differentiates the 2000 version standard from the 1994 version,
which was clause-oriented. The ISO 9001:2000 QMS standard retains a
large part of ISO 9001:1994, but the 20 requirements were grouped in
five sections: quality management system; management responsibility;
resource management; product realization; and measurement, analysis
and improvement. The ISO 9001:2000 standard has also reduced
significantly the amount of documentation required.
10. What are the major changes between ISO 9001:2000 QMS
standard and ISO 9001:2008 QMS standard?
ISO 9001:2008 QMS standard has retained the same numbering system
of ISO 9001:2000 QMS standard and no new requirements have been
added. Changes are mostly editorial giving more clarity to the right
interpretation of requirements. Users will find the ISO 9001:2008
QMS standard useful for the right interpretation of the standards
requirements.
11. What is meant by the quality policy of an organization?
The quality policy is the document that records the intentions of the
organization in terms of providing products meeting the needs and
expectations of its customer.

It is top managements responsibility to ensure that:

Quality policy is appropriate to purpose of organization.

Quality policy has commitment to comply with requirements and
continually improve quality management system effectiveness.
Quality policy has framework for quality objectives and its review.
Quality policy is communicated and understood (within organization).
Quality policy is reviewed for continuing suitability.
12. What is an internal audit?

Internal audit is used as a tool to monitor and determine the health of
the quality management system implemented in the organization. The
findings of internal audit can help in initiating appropriate measures.
Internal audit is used to measure the effectiveness of an organizations
13. What is nonconformity?
Nonconformity is defined in ISO 9000:2005 standard as non-fulfilment
of a requirement. Any product (material) that does not conform to
product requirements may be termed as a nonconforming product.
156 Appendix C
14. Describe the terms major nonconformity, minor nonconformity and observation?
A major nonconformity indicates that the organization has failed
to implement any one part or the full quality management system; or
any specific department of the organization has failed to implement
the quality management system as applicable to the department; or
a number of minor nonconformities in the same quality management
system requirements are found. A major nonconformity indicates that
the system is crashing.

A minor nonconformity means an isolated incident of a failure
to comply with a defined process or quality management system
requirement.

An observation indicates that if the situation as found during
the audit is not addressed it may lead to an NC in future.
15. What is meant by process approach?
A process is a set of interrelated or interacting activities, which
transforms inputs into outputs. The process of a business is the totality
of all of the individual activities that the business performs. The process
includes identifying a customer need, creating a product or series
concept to meet the need, defining how that concept will be executed,
executing or deploying the concept, measuring customer satisfaction,
and continually improving both concepts and deployment.
16. What does ISO 9001:2008 QMS registration/certification mean?
Registration/certification to ISO 9001:2008 QMS takes place when an
accredited third party (Registration or Certification Body) visits and
assesses organizations management system and issues a certificate to
show that the organization meets the requirements of ISO 9001:2008
QMS standard.
17. How much will certification cost?
The cost of certification will depend on the size of organization, and
the particular certification body with whom organization will choose
to work. Certification body may be able to provide details of the cost,
if organization ends them the details of the business and size of their
organization. To find the certification cost, the organization should
contact certification body.
18. What are the different levels of documentation for a quality
management system?
There are three levels of documentation for a quality management
system:

Level A Documents: Consisting of Quality Policy, Quality

Objectives and Quality Manual.
Appendix C
157
Level B Documents: Consisting of Quality Procedures (including

six mandatory procedures for Control of documents, Control
of records, Internal audit, Control of nonconforming product,
Corrective action and Preventive action).
Level C Documents: Consisting of documents needed by the
organization (such as various records, forms, standards, drawings,
specifications, etc.).
19. What is the purpose of the Quality Manual?

The primary purpose of the Quality Manual is to provide an adequate
description of the quality management system and to serve as a permanent
guide to the implementation and maintenance of that system. A Quality
Manual is unique to each organization. ISO 9000:2005 defines Quality
Manual as document specifying the quality management system of an
organization.
20. What is accreditation?
Accreditation is the recognized mechanism for establishing equivalence
of certification/inspection schemes operated in different countries as also
the test results of various laboratories.

Accreditation by an authoritative body is the formal recognition
of the competence of an organization to perform a specific task such
as analysis, calibration, inspection or certification. Thus, accreditation
is the mechanism for indicating that the assessing organization for a
demarcated work area justifies confidence. In ISO 9001 QMS certification
context it relates to competence of a certification body that grants ISO
9001:2008 QMS certification.
21. How to implement the requirements of ISO 9001:2008 QMS
standard in any organization?
As a minimum, organization should familiarize themselves not only
with the requirements of ISO 9001:2008 QMS standard but also with
the content and philosophies given in ISO 9000:2005 QMS standard
and the Quality Management Principles. The organizations people have
to clearly understand their organizations activities and processes and
appropriately interpret the requirements of the standards. Implement
the requirements in the various activities and processes adding value
to these processes and activities.
22. What are the main benefits of implementing ISO 9001:2008
QMS requirements?
To retain customers and to keep them satisfied, products and services
need to meet their requirements. And, ISO 9001 QMS provides a tried
and tested framework for taking a systematic approach to managing
business processes/activities so that they consistently turn out product
conforming to the customers expectations. It also provides an opportunity
158 Appendix C
to increase value to the activities of the organization and creates
better management control. Some of the benefits of implementing ISO
9001:2008 QMS are:

System improvement
Customer orientation
Marketing advantage
Recognition
Confidence creation
Consistency in quality
Productivity improvement
Financial performance improvement
Reduction in rejects
Clarity in job specification
Traceability
Human resource development
Continual monitoring
Export potential improvement
Innovation and improvement
23. What are the common pitfalls and problems encountered in

implementing ISO 9001:2008 QMS standard?
Some of the common pitfalls and problems encountered in implementing
ISO 9001:2008 quality management systems are described below:

Lack of top management commitment

Lack of awareness among staff
Inappropriate documentation
Lack of training in ISO 9001:2008 QMS, documentation, internal
audit and use of statistical techniques
Inadequate consultancy service to advise on implementation
High cost of certification
Resistance to change
Lack of proper planning.
24. Why should any organization implement ISO 9001:2008 QMS

standard?
There are number of benefits. An organization should implement
ISO 9001:2008 QMS standard to retain customers and to keep them
satisfied, products and services needs to meet their requirements. And,
ISO 9001:2008 QMS provides a tried and tested framework for taking
a systematic approach to managing business processes/activities so
that they consistently turn out product conforming to the customers
expectations. And meeting customer expectations is maintaining
quality.
Appendix C
159
25. Why does ISO 9001 use continual improvement vs.

continuous improvement?
This issue was debated very strongly during the development of the
9000:2000 series standards. From a pure quality philosophy, we would
encourage organizations to seek continuous improvement. However,
it was recognized that not all organizations are able to demonstrate
an incessant set of improvement actions, whereas they are able to
demonstrate discrete improvement actions. For this reason continual
was used in preference to continuous improvement.
160 Appendix C
A P P E N D I X
Some Useful
Websites/Blogs
www.iso.org
www.bsi.org.uk/iso-tc176-sc2
www.irca.org
www.iqa.org
www.iatca.org
www.asq.org
www.iaf.nu
www.tc176.org
www.intracen.org
www.qualitydigest.com
www.qcin.org
www.bis.org.in
http://iso9001-2008awareness.blogspot.com
http://iso9001awareness.blogspot.com
http://allaboutquality.net
http://www.linkedin.com (Group discussions at various groupsISO 9001,
ISO 9001:2008 QMS Awareness, Management Systems Professionals
and Users, QualityNetQuality Professionals Network, etc.)
160
A P P E N D I X
Checklist for
ISO 9001:2008 QMS
(Useful for Implementation, Initial Survey and

Audit Purpose Including Internal Audit)
Always make use of ISO 9001:2008 QMS standard while implementing,

carrying out initial survey and auditing.

Clause 4.1: General Requirements

1. Does the organization establish, document, implement and

maintain a quality management system as per the requirements
of ISO 9001:2008 standard?
2. Does the organization take steps to continually improve effectiveness of the QMS?
3. Does the organization determine the processes needed for the
QMS and their application throughout the organization?
4. Does the organization determine the sequence and interaction of
the determined processes?
5. Does the organization determine criteria and methods needed
to ensure that both the operation and control of determined
processes are effective?
6. Does the organization ensure the availability of resources (such
as human resources, infrastructure, and work environment) and
information necessary to support the operation and monitoring
of determined processes?
7. Does the organization monitor, measure (where applicable), analyse
the determined processes?
8. Does the organization implement actions necessary to achieve
planned results and continual improvement of the determined
processes?
161
162 Appendix E

9. Does the organization manage the determined processes in

accordance with the requirements of ISO 9001:2008 standard?
10. Has the organization outsourced any process that affects product
conformity to requirements?
11. What are such outsourced processes?
12. Has the organization defined with the quality management system
the type and extent of control to be applied to such outsourced
processes?
13. Does the organization ensure control over such outsourced processes?
Clause 4.2: Documentation Requirements

14. Does the organization have a documented statement of a quality
policy?
15. Does the organization have a documented statement of quality
objectives?
16. Does the organization have a quality manual?
17. Does the organization have documented procedures required by
ISO 9001:2008 standard?
Note: ISO 9001:2008 standard requires mandatory documented
procedures on (i) Control of documents, (ii) Control of records,
(iii) Internal audit, (iv) Control of nonconforming product, (v) Corrective
action, and (vi) Preventive action. There may be single document or
more documents to address these procedures.
18. Does the organization have records required by ISO 9001:2008
standard?
Note: ISO 9001:2008 standard requires certain records to be maintained,
such as,

(i) Management reviews (Clause 5.6)

(ii) Appropriate records of education, training, skills and
experience (Clause 6.2.2)
(iii) Records showing evidence that the realization processes and
resulting product meet requirements (Clause 7.1)
(iv) Records of the results of the review of requirements
related to the product and action arising from such review
(Clause 7.2.2)
(v) Design and development inputs (Clause 7.3.2)
(vi) Results of design and development reviews and any necessary
actions (Clause 7.3.4)
(vii) Results of design and development verification and any
necessary actions (Clause 7.3.5)
(viii) Results of design and development validation and any necessary
actions (Clause 7.3.6)
Appendix E
163
(ix) Results of the review of design and development changes and

any necessary actions (Clause 7.3.7)
(x) Purchasing processResults of suppliers evaluations and any
necessary actions arising from such evaluation (Clause 7.4.1)
(xi) Validation of processes for production and service provision
(Clause 7.5.2)
(xii) Identification and traceabilitythe unique identification of
the product where traceability is a requirement (Clause 7.5.3)
(xiii) Customer propertylost, damaged or otherwise found to be
unsuitable for use (Clause 7.5.4)
(xiv) Basis used for calibration or verification of monitoring
and measuring equipment, where no international/national
measurement standards exist (Clause 7.6)
(xv) Results of calibration and verification of monitoring and
measuring equipment (Clause 7.6)
(xvi) When the monitoring and measuring equipment is found not
to conform to requirements, the validity of previous measuring
results (Clause 7.6)
(xvii) Internal; audits and their results (Clause 8.2.2)
(xviii) Person(s) authorizing release of product for delivery to the
customer (Clause 8.2.4)
(xix) Nature of nonconformities and any subsequent actions taken,
including concessions obtained (Clause 8.3)
(xx) Results of corrective action taken (Clause 8.5.2)
(xxi) Results of preventive action taken (Clause 8.5.3)

19. What are the documents (including records) determined by the
organization to be necessary to ensure the effective planning,
operation and control of organizations processes?
20. Does the organization maintain documents (including records)
determined by the organization?
21. Does the quality manual include the scope of the quality
management system?
22. Does the quality manual mention details of and justification for
any exclusion to the requirement within Clause 7?
23. Does the quality manual include the documented procedure
established for the quality management system for their reference?
24. Does the quality manual include a description of the interaction
between the processes of the quality management system?
25. Are documents required by the QMS controlled?
26. Is there any documented procedure that defines control of documents?
27. Does a documented procedure define the controls needed to
approve document for adequacy prior to issue?
28. Does a documented procedure define the controls needed to review
and update as necessary and re-approve documents?
164 Appendix E
29. Does a documented procedure define the controls needed to ensure
that changes and the current revision status of documents are
identified?
that relevant versions of applicable documents are available at
points of use?
Note: It should be seen that relevant documents (such as quality
manual, documented procedures, work instructions) are available at
points of use.
that documents remain legible and readily identifiable?
that documents of external origin determined by the organization
are identified and their distribution control?
Note: All external origin documents are not required to be controlled.
Only external origin documents determined by the organization to be
necessary for the planning and operation of the quality management
system are required to be controlled.
33. Does a documented procedure define the controls needed to
prevent the unintended use of obsolete documents and to apply
suitable identification to them, if they are retained for any
purpose?
34. Does the organization maintain records to provide evidence of
conformity of requirements and of the effective operation of the
35. Does a documented procedure define the controls needed for the
identification of records?
storage of records?
protection of records?
retrieval of records?
retention of records?
disposition of records?
41. Are records of the organization legible?
42. Are records of the organization readily identifiable?
43. Are records of the organization retrieval?
Appendix E
165
MANAGEMENT RESPONSIBILITY
Clause 5.1: Management Commitment
44. Has the top management communicated to the organization the
importance of meeting customer as well as statutory and regulatory
requirements?
45. Has the top management established a quality policy?
46. Has the top management ensured that quality objectives are
established?
47. Has the top management conducted management reviews?
48. Has the top management ensured the availability of resources?
Clause 5.2: Customer Focus

49. Has the top management ensured that customer requirements
are determined with the aim of enhancing customer satisfaction?
50. Has the top management ensured that customer requirements
are met with the aim of enhancing customer satisfaction?
Clause 5.3: Quality Policy

51. Is the quality policy of the organization appropriate to the purpose
of the organization?
52. Does the quality policy of the organization include a commitment
to comply with requirements?
53. Does the quality policy of the organization include a commitment
to continually improve the effectiveness of the quality management
system?
54. Does the quality policy of the organization provide a framework
for establishing quality objectives?
55. Does the quality policy of the organization provide a framework
for reviewing quality objectives?
56. Is the quality policy of the organization communicated within the
organization?
57. Is the quality policy of the organization understood within the
organization?
58. Is the quality policy of the organization reviewed for continuing
suitability?
Clause 5.4: Planning

59. Are quality objectives (including those needed to meet requirements
for product) established at relevant functions and levels within
the organization?
166 Appendix E
60. Are established quality objectives measurable?
61. Are established quality objectives consistent with the quality
policy of the organization?
62. Is the planning of the quality management system carried out
in order to meet the requirements given in Clause 4.1 of the
standard?
63. Is the planning of the quality management system carried out in
order to meet the quality objectives?
64. Is the integrity of the quality management system maintained
during changes to the quality management system (when changes
to the quality management system are planned and implemented)?
Clause 5.5: Responsibility, Authority and Communication

65. Are responsibilities and authorities defined by the top management?
66. Whether the defined responsibilities and authorities have been
communicated within the organization?
67. Has a management representative appointed by the top management?
68. Is the appointed management representative a member of the
organizations management?
69. Do the responsibilities and authorities of the management representative include the provisions mentioned in Clause 5.5.2 (a),
(b) and (c)?
70. What is the appropriate communication processes established
within the organization by the top management?
71. Does the communication within the organization take place
regarding the effectiveness of the quality management system?
Clause 5.6: Management Review

72. What are the planned intervals to conduct management review?
73. Does the top management review the organizations quality
management system at planned intervals?
74. When was earlier management reviews conducted?
75. Are records of management reviews available?
76. Whether input to management review includes information on
results of audits (internal as well as external audits)?
customer feedback?
process performance and product conformity?
status of preventive and corrective actions?
follow-up actions from previous management reviews?
Appendix E
167

changes (that could affect the quality management system)?
recommendations for improvement?
83. Does the output from the management review include any
decisions and actions related to improvement of the quality
management system (effectiveness and its processes)?
decisions and actions related to improvement of product related
to customer requirements?
decisions and actions related to resource needs?
RESOURCE MANAGEMENT
Clause 6.1: Provision of Resources
86. What resources have been determined by the organization?
87. Has the organization provided the resources needed?
Clause 6.2: Human Resources

88. What is the necessary competence of personnel performing work
affecting conformity to product requirements determined by the
organization?
89. Are personnel performing work affecting conformity to product
requirement competent?
90. Does the organization provide training or take other actions
where applicable to achieve the necessary competence?
91. How the organization evaluates the effectiveness of the actions
taken?
92. Are organizational personnel aware of the relevance and
importance of their activities?
93. How organizational personnel contribute to the achievement of
the quality objectives of the organization?
94. Whether the organization maintains appropriate records of
education, training, skills and experience?
Clause 6.3: Infrastructure

95. Has the organization determined the infrastructure needed to
achieve conformity to product requirements?
96. Has the organization provided and maintained the determined
infrastructure needed?
168 Appendix E
Clause 6.4: Work Environment

97. Has the organization determined the work environment needed
to achieve conformity to product requirements?
98. How the organization managing the work environment needed?
PRODUCT REALIZATION
Clause 7.1: Planning of Product Realization
99. Has the organization planed and developed the processes needed
for product realization?
Note: The auditor should see whether there is any quality plan
document. In product realization planning the organization should
determine the following, as appropriate:

Quality objectives,
Requirements for the product,
The need to establish the processes and documents,
The need to provide resources specific to the product,
Required verification, validation, monitoring, measurement,
inspection and test activities specific to the product,
The criteria for product acceptance,
Records needed
100. Is the planning of product realization consistent with the

requirements of other processes of the quality management
system?
101. What are the records that provide evidence that the realization
processes and resulting product meet requirements?
Clause 7.2: Customer Related Processes

102. Has the organization determined requirements specified by
the customer (including delivery and post delivery activities
requirements)?
103. Has the organization determined requirements not stated by
the customer but necessary for specified or intended use (where
known)?
104. What are the statutory and regulatory requirements (applicable
to the product) determined by the organization?
105. What are any additional requirements considered necessary
determined by the organization?
Appendix E
169
106. Has the organization reviewed the requirements related to the

product?
107. Is the review of the requirements related to the product conducted
prior to the organizations commitment to supply a product to the
customer?
108. Are product requirements defined?
109. Are contract or order requirements differing from previously
expressed requirements resolved?
110. Has the organization ability to meet the defined requirements?
111. Has the organization maintained records of the results of the
review and actions arising from the review?
112. Are the customer requirements confirmed by the organization
before acceptance where the customer provides no documented
statement of requirements?
113. Are relevant documents amended where product requirements
changed?
114. Are relevant personnel made aware of the changed requirements?
115. What is the arrangement for communicating with customers in
relation to product information and whether such arrangement
effective?
116. What is the arrangement for communicating with customers
in relation to enquiries, contracts or orders handling (including
amendments) and whether such arrangement effective?
117. What is the arrangement for communicating with customers in
relation to customer feedback (including customer complaints)
and whether such arrangement effective?
Clause 7.3: Design and Development

118. Is the organization plan and control the design and development
of the product?
119. What are the design and development stages determined by the
organization during the design and development planning?
120. Whether the organization has determined the review, verification
and validation to each design and development stage during the
design and development planning?
121. Has the organization determined the responsibilities and
authorities for design and development during the design and
development planning?
122. Has the organization managed the interfaces between different
groups involved in design and development to ensure effective
communication and clear assignment of responsibility?
123. Has planning output updated as appropriate as design and
development progresses?
124. Whether any records show inputs relating to product requirements
including functional and performance requirements?
170 Appendix E
including applicable statutory and regulatory requirements?
including, where applicable, information derived from previous
similar designs?
including other requirements essential for design and development?
128. Whether inputs relating to product requirements are reviewed
for adequacy?
129. Whether inputs relating to product requirements are complete,
unambiguous and not in conflict with each other?
130. Whether outputs of design and development are suitable for
verification against the design and development inputs?
131. Are outputs of design and development approved prior to release?
132. Whether design and development outputs meet the input
requirements for design and development?
133. Whether design and development outputs provide appropriate
information for purchasing, production and service provision?
134. Whether design and development outputs contain or reference
product acceptance criteria?
135. Whether design and development outputs specify the characteristics of the product that are essential for its safe and proper
use?
136. Whether systematic reviews of design and development at suitable
stages performed in accordance with planned arrangements?
137. Whether participants in design and development review include
representatives of functions concerned with the design and
development stages being reviewed?
138. Are records of the results of the design and development reviews
and any necessary actions maintained?
139. Whether design and development verification performed in
accordance with planned arrangements to ensure that the design
and development outputs have met the design and development
inputs requirements?
140. Are records of the results of design and development verification
and any necessary actions maintained?
141. Whether design and development validation performed in accordance with planned arrangements to ensure that the resulting
product is capable of meeting the requirements for the specified
application or intended use (where known)?
142. Are records of the results of validation and any necessary actions
maintained?
143. Whether there are any identified design and development changes?
144. Whether records of design and development changes maintained?
145. Whether the design and development changes reviewed, verified and
validated (as appropriate) and approved before implementation?
Appendix E
171
146. Are records of the results of the review of design and development
changes and any necessary actions maintained?
Clause 7.4: Purchasing

147. Whether the organization ensures that purchased product
conforms to specified purchased requirements?
148. What are the type and extent of controls applied to the supplier
and the purchased product?
149. Whether the organization evaluates and selects suppliers based on
their ability to supply product in accordance with organizations
requirements?
150. Whether criteria for selection, evaluation and re-evaluation
established?
151. Are records of the results of evaluation and any necessary actions
arising from the evaluation maintained?
152. Whether purchasing information describes the product to be
purchased?
Note: Please see what is described in the purchasing information.
153. Whether the organization ensures the adequacy of specified
purchased requirements prior to their communication to the
supplier?
154. Whether the organization establishes and implements the
inspection or other activities necessary to ensure that purchased
product meets specified purchased requirements?
155. Whether the organization states the intended verification
arrangements and method of product release in the purchasing
information (where the organization or its customer intends to
perform verification at the suppliers premises)?
Clause 7.5: Production and Service Provision

156. Whether the organization plans and carries out production and
service provision under controlled conditions?
157. Are controlled conditions including availability of information
that describes the characteristics of the product?
158. Are controlled conditions including availability of work instructions,
as necessary?
159. Are controlled conditions including use of suitable equipment?
160. Are controlled conditions including availability and use of monitoring and measuring equipment?
161. Are controlled conditions including implementation of monitoring
and measurement?
172 Appendix E
162. Are controlled conditions including implementation of product
release, delivery and post-delivery activities?
163. Whether the organization validates any processes for production
and service provision, where the resulting output cannot be
verified by subsequent monitoring or measurement and, as a
result, deficiencies become apparent only after the product is in
use or service has been delivered?
164. Whether the organization has established arrangements for
validation of processes for production and service provision that
includes, as applicable, defined criteria for review and approval
of the processes?
includes, as applicable, approval of equipment and qualification
of personnel?
includes, as applicable, use of specific methods and procedures?
includes, as applicable, requirements for records?
includes, as applicable, re-validation?
169. Whether the organization, where appropriate, identifies the
product by suitable means throughout product realization?
170. Whether the organization identifies the product status with
respect to monitoring and measurement requirements throughout
product realization?
171. Whether the organization, where traceability is a requirement,
controls the unique identification of the product and maintains
records?
172. Whether the organization exercises care with customer property
while it remains under the control of the organization or being
used by the organization?
173. Does the organization identify, verify, protect and safeguard
customer property?
174. Does the organization report to the customer and maintain
records when customer property is lost, damaged or otherwise
found unsuitable for use?
175. Does the organization preserve the product during internal
processing to maintain conformity to requirements?
176. Does the organization preserve the product during delivery to
the intended destination in order to maintain conformity to
requirements?
177. What is included in the preservation of the product?
Appendix E
173
Note: As applicable, preservation includes identification, handling,

packaging, storage and protection.
178. Does the organization apply preservation to constituent parts of
a product?
Clause 7.6: Control of Monitoring and Measuring Equipment

179. Does the organization determine the monitoring and measurement
to be undertaken by the organization?
180. Does the organization determine the monitoring and measurement
equipment?
181. Does the organization establish processes to carry out monitoring
and measurement consistent with the requirements?
182. Whether the measuring equipment is calibrated or verified or both,
at defined intervals, or prior to use against measurement standards?
183. Whether basis used for calibration or verification recorded when
no such national or international standards exist?
184. Whether the measuring equipment adjusted or re-adjusted as
necessary?
185. Whether the measuring equipment has identification in order to
determine its calibration status?
186. Whether the measuring equipment is safeguarded from adjustments that may invalidate the measuring results?
187. Whether the measuring equipment is protected from damage and
deterioration during handling, maintenance and storage?
188. Whether the organization assesses and records the validity of the
previous measuring results when measuring equipment is found
not to conform to requirements?
189. Whether the organization takes appropriate action on the
measuring equipment and any product affected, when measuring
equipment is found not to conform to requirements?
190. Does organization maintain records of the results of calibration
and verification?
191. Does the organization confirm the ability of computer software
(when used in the monitoring and measurement of specified
requirements) to satisfy intended application?
MEASUREMENT, ANALYSIS AND IMPROVEMENT

Clause 8.1: General
192. Does the organization plan and implement monitoring, measurement, analysis and improvement processes?
193. What are the applicable methods determined by the organization?
174 Appendix E
Clause 8.2: Monitoring and Measurement

194. Does the organization monitor information relating to customer
perception?
195. What are the determined methods for obtaining and using
information relating to customer perception?
196. What are the planned intervals to conduct internal audits?
197. Does the organization conduct internal audits at planned intervals?
198. Does the organization plan an audit programme?
199. Are audit criteria, scope, frequency and methods defined?
200. Does the selection of auditors (to conduct internal audits) ensure
objectivity and impartiality of the audit process?
201. Does the conduct of internal audits ensure objectivity and impartiality of the audit process?
202. Is the documented procedure for internal audit available that defines
the responsibilities and requirements for planning and conducting
internal audits, establishing records an reporting results?
203. Does organization maintain records of audits and their results?
204. Are detected nonconformities and their causes eliminated without
undue delay?
205. Are internal auditors trained to conduct QMS internal audits?
206. Does the organization undertake follow-up activities that
include the verification of the actions taken and the reporting of
verification results?
207. Does the organization apply suitable methods for monitoring and,
where applicable, measurement of quality management system
processes?
208. Do the methods (used in monitoring and measurement of quality
management system processes) demonstrate the ability of the
processes to achieve planned results?
209. Does the organization take corrective action and correction, when
planned results are not achieved?
210. Does the organization monitor and measure the characteristics
of the product to verify that product requirements are met?
211. Does the organization maintain evidence of conformity with the
accepted criteria?
212. Do records indicate the person(s) authorizing release of product
fro delivery to the customer?
Clause 8.3: Control of Nonconforming Product

213. Does the organization identify and control nonconforming product
to prevent unintended use or delivery?
214. Is a documented procedure established that defines the controls
and related responsibilities and authorities for dealing with nonconforming product?
Appendix E
175
215. How the organization deals with the nonconforming product?

216. Does the organization undertake reverification upon correction of
nonconforming product?
217. Does the organization maintain records of the nature of the
nonconformities and any subsequent actions taken, including
concessions obtained?
Clause 8.4: Analysis of Data

218. Does the organization determine, collect and analyze data?
Note: It is required to analyze appropriate data (including data
generated as a result of monitoring and measurement and from other
relevant sources) to demonstrate the suitability and effectiveness of
the quality management system and to evaluate where continual
improvement can be made.
219. Does the analysis of data provide information relating to customer
satisfaction?
220. Does the analysis of data provide information relating to
conformity to product requirements?
characteristics and trends of processes and products, including
opportunities for preventive action?
suppliers?
Clause 8.5: Improvement

223. Does the organization continually improve the effectiveness of its
224. Does the organization take corrective action?
225. Are corrective actions appropriate to the effects of the
nonconformities encountered?
226. Is a documented procedure established for corrective action?
227. Is the documented procedure defined requirements for reviewing
nonconformities and customer complaints?
228. Is the documented procedure defined requirements for determining
the causes for nonconformities?
229. Is the documented procedure defined requirements for evaluating
the need for action to ensure that nonconformities do not occur?
and implementing action needed?
231. Is the documented procedure defined requirements for records of
the results of corrective action taken?
the effectiveness of the corrective action taken?
176 Appendix E
233. Does the organization maintain records of corrective action?
234. Does the organization determine preventive action?
235. Are the preventive actions appropriate to the effects of the
potential problems?
236. Is a documented procedure established for preventive action?
potential nonconformities and their causes?
238. Is the documented procedure defined requirements for evaluating
the need for action to prevent occurrence of nonconformities?
and implementing action needed?
240. Is the documented procedure defined requirements for records of
results of preventive action taken?
the effectiveness of the preventive action taken?
242. Does the organization maintain records of preventive action?
Note: Checklist questions mentioned above are indicative. There may
be more check questions. Always make use of ISO 9001:2008 QMS
standard while implementing, carrying out initial survey and auditing.
The auditor should use 5 Ws and 1 H (what, why, where, who, when
and how) appropriately to obtain objective evidence.
Bibliography
Applying ISO 9000 Quality Management Systems, International

Trade Centre UNCTAD/WTO, Geneva, Switzerland.
ISO 9000 Quality Management Systems: Guidelines for enterprises
in developing countries, International Trade Centre UNCTAD/WTO,
Geneva, Switzerland.
ISO 9001 Fitness Checker, International Trade Centre UNCTAD/
WTO, Geneva, Switzerland.
ISO 9001 for small businessesWhat to doAdvice from ISO/TC/
176, Joint publication of ISO and ITC.
ISO 9001:2000A workbook for service organizations, International
Trade Centre UNCTAD/WTO, Geneva, Switzerland.
ISO 9000 Quality Systems Handbook, David Hoyle, Elsevier.
Literature Understanding ISO 9001:2000 QMS, K.R. Singhal.
Training Material ISO 9001:2008 QMS Awareness, Singhal
Institute for Training and Education Trust, Ajmer (India).
Literature Checklist for ISO 9001:2008 QMS, K.R. Singhal and
Dr. Divya Singhal, National Centre for Quality Management, Ajmer
Centre, Ajmer, India.
Publication series Management Systems Awareness, National
Centre for Quality Management, Ajmer Centre, Ajmer (India).
Quality Digest, Monthly magazine, USA.
Quality World, Monthly magazine, New Delhi, India.
Quality Striving for Excellence, Bi-monthly Newsletter, National
Centre for Quality Management, Mumbai (India).
Reference Guide to ISO 9000 Certification, K.R. Singhal.
Training Manual on ISO 9000:2000 and TQM, Girdhar J. Gyani, Raj
Publishing House, Jaipur (India).
Management in Government, Quarterly Journal, Government of
India, New Delhi, IndiaVol XXXXI No. 3 (OctoberDecember 2009)
177
178 Bibliography
Implementing ISO 9001:2000 Quality Management System: A
Reference Guide, Divya Singhal and K.R. Singhal, PHI Learning
Pvt. Ltd., New Delhi, India.
ISO 9000:2005
ISO 9001:2000
ISO 9001:2008
ISO 9004:2000
ISO 9004:2009
ISO 19011:2002
ISO 19011:2011
ISO/TR 10013
Index
Accreditation, 157
Action plan, 27
ANAB (ANSI-ASQ National Accreditation Board), 34
Analysis of data, 9899, 107
Aristotle, 7
Audit, QMS, 3738
assessment, 3738
certification, 111112
closing meeting, 38
first party, 111
internal, 111, 113114
opening meeting, 37
second party, 111
supplier, 111
third party, 111112
types, 111
value added situation, 112
who is customer? 112
Audit customer, 112
first party, 112
second party, 112
third party, 112
Auditing management systems, 40
Auditing practices group, 119120
Awareness, 7677
Awareness programme, 27
British Standards Institution (BSI), 14

Bureau of Indian Standards (BIS), 44
Certification, 3233, 3438

cost, 37
initial audit, 37
initial visit, 36
ISO 9001:2008, 34
meaning, 36
why? 37
Certification bodies in India, 147152
Cochran, Craig, 68
Competence, 76
Consultant, 26
Continual improvement, 21, 99, 104110
Crosby, Philip B., 1
quality is free, 3
Philip Crosby associates, 3
Customer
communication, 8283
focus, 18, 67
perception, 8
property, 89
satisfaction, 93
Customer-related processes, 8183
customer communication, 8283
determination of requirements, 8182
review of requirements, 82
Customer satisfaction
ISO 10001:2007, 40
ISO 10002:2004, 40
ISO 10003:2007, 40
ISO/TS 10004:2010, 40
monitoring and measurement, 9394
DeFeo, Joseph A., 6
Deming, W. Edwards, 1, 2, 5, 7, 13
out of crises, 2
Design and development
control of changes, 8586
inputs, 84
outputs, 84
planning, 8384
review, 85
validation, 85
verification, 85
179
180 Index
Dlamini, Felix, 115
Documentation, QMS, 2931, 122129
approval and issue, 129
developing, 124125
forms, 129
levels, 122
procedures, 127128
purpose and benefits, 123124
pyramid, 122
quality manual, 125127
quality plan, 129
work instructions, 128129
Documented procedure, 57, 58
Drucker, Peter, 6
Dusharme, Dirk, 6
European Foundation for Quality
Management (EFQM), 5
Factual approach to management, 21
Feigenbaum, A.V., 1, 5
Ford, Henry, 7, 13
Ford motor company, 14
Forms, 129
Galetto, F., 2, 5
Gandhi, Mahatma, 7
Gandhi, Mahesh, 99
Garrovillas, Dominador, Jr., 117
Gyani, Girdhar J., 6, 104
Harrington, H. James, 3
Harry Mikal, 3
Implementation, QMS, 31
Improvement
continual improvement, 99100
corrective action, 100101, 107
preventive action, 101102, 107
Initial status survey, 29
Internal audit, 31, 9495, 113114
requirements, 114115
why useless? 115
adding value, 115117
Internal auditor training, 120121
Internal communication, 71
International Accreditation Forum

(IAF), 51, 119
International Organization for Standardization (ISO)
ISO and ISO 9000, 11, 43
address, ISO, 43
Involvement of people, 19
Ishikawa, 13
ISO 9000, 15, 26, 3940
evolution, 13
family, 26, 3940
fundamentals and vocabulary, 39
how to obtain standards, 43
ISO 9000 standards, 15
ISO 9001 certification
countries, 12
number, 12
ISO 9001:2008 QMS
action plan, 27
analysis of data, 9899
application, 50
awareness programme, 27
benefits, 157158
compatibility, 48
control of documents, 61
control of monitoring and measuring
equipment, 9091
control of nonconforming product,
9798
control of records, 63
design and development, 8386
developing and implementing, 2333
developing documentation, 124125
documentation requirements, 5760
documented procedures, 58
documents for effective planning,
3031
five main sections, 41
general requirements, 5457
human resources, 7677
implementation, 31
improvement, 99102
infrastructure, 77
initial status survey, 29
internal audit, 3132, 9495, 113114
management commitment, 2324,
6567
management representative, 2425,
7071, 126, 128
management responsibility, 41,
6572
Index

management review, 32, 7172, 107

normative reference, 51
PDCA methodology, 46
pre-assessment audit, 32
process approach, 4547
production and service provision,
8890
product realization, 7991
provision of resources, 7576
purchasing, 8688
QMSRequirements, 39
quality manual, 60
quick reference, 4143
QMSGeneral, 44
records required, 5960
resource management, 7578
scope, 49
terms and definitions, 5152
training and guidance, 28
work environment, 7778
ISO 9004:2009
quality management approach, 39
relationship, 47
ISO 10005
guidelines for quality plan, 15, 40
ISO 10006
guidelines for project management,
15
ISO 10007
guidelines for configuration management, 15, 40
ISO/TR 10012
measurement management systems,
15, 40
ISO/TR 10013
guidelines for QMS documentation,
15, 40
ISO 10014
guidelines for realizing financial and
economic benefits, 15, 40
ISO 10015
guidelines for training, 15, 40
ISO/TR 10017
guidance on statistical techniques,
15, 40
ISO 10019
QMS consultants, 15, 40
ISO/TS 16949
automotive and relevant service part
organizations, 15
181
ISO 19011
guidelines on auditing management
systems, 15, 40
ISO central secretariat, 17, 43
ISO technical committee 176 (ISO/TC
176), 12
Iyer, K.V.S.S., 7
James, Derrell S., 6
JAS-ANZ (Joint accreditation system of
Australia and New Zealand), 34
Jayaram, Hariharan, 7, 104
John, E. Jack, 109
Juran, Joseph M., 1, 5, 9
Kano, Noriaki, 2
Kapur, Arvind, 8
Lal, General H., 7
Lead auditor training, 25
Leadership, 19
Leur, Rob De, 117
Management
commitment, 2324, 6567
representative, 2425, 7071, 126,
128
responsibility, 41, 6572
Management review, 32, 7172, 107
general, 71
input, 71
output, 72
Measurement, analysis and improvement, 92102
general, 9293
processes, 96
product, 97
Mehra, K.C., 7
Ministry of Defence (UK), 13
Mutually beneficial supplier relationship, 22
NASA, 13
National Accreditation Board of Certification Bodies (NABCB), 34, 35
182 Index
National Centre for Quality Management (NCQM), 99, 177
Nonconforming product, 9798
Nonconformity, 115
Oakland, 1
Obsolete documents, 62
Paton, Scott M., 6

Performance excellence, 104
Plan-Do-Check-Act (PDCA), 46
Pre-assessment audit, 32
Premji, Azim, 7
Process approach, 20, 4547
Product, 49, 50, 53
Product information, 83
Product preservation, 90
Product realization, 7991
configuration management, 15, 29,
40, 89, 91
control of changes, 85
customer communication, 8283
customer property, 89
customer-related processes, 8183
determination of requirements, 8182
identification and traceability, 89
planning, 8081
production and service provision, 8889
term, 80
Production and service provision
control, 88
customer property, 89
identification and traceability, 89
preservation of product, 90
validation of processes, 8889
Purchasing
information, 87
process, 8687
verification of purchased product, 87
Puri, A.K., 7
QMS (Quality Management System)

action plan, 27
application, 50
awareness programme, 27
benefits, 157158
compatibility, 48
control of documents, 61
control of monitoring and measuring
equipment, 9091
control of nonconforming product,
9798
control of records, 63
developing and implementing, 2333
developing documentation, 124125
documentation requirements, 5760
documented procedures, 58
documents for effective planning,
3031
five main sections, 41
fundamentals and vocabulary, 4, 52
general requirements, 5457
implementation, 31
improvement, 99102
infrastructure, 77
initial status survey, 29
internal audit, 3132, 9495, 113114
management commitment, 2324,
6567
management representative, 2425,
7071, 126, 128
management responsibility, 41, 6572
management review, 32, 7172, 107
normative reference, 51
PDCA methodology, 46
pre-assessment audit, 32
product realization, 7991
production and service provision,
8890
purchasing, 8688
QMSRequirements, 39
quality manual, 60
quick reference, 4143
QMSGeneral, 44
records required, 5960
resource management, 7578
scope, 49
terms and definitions, 5152
training and guidance, 28
QMS documentation, 2931, 122129
Index
183
Quality, 113
absolutes of quality management, 3
adjective quality, 2
attracting quality, 2
EFQM, 5
evolution of ISO 9000, 13
fitness for purpose, 8
fitness for use, 1, 2
IQA (Integral quality approach), 5
ISO standards on quality, 4
mathematical expression, 3
noun quality, 1
origin of quality, 13
quality absolutes, 3
quality and quality management
system, 8
quality assurance phase, 10
quality control, 9
quality control phase, 10
quality system concepts, 9
thoughts on quality, 27
total quality control phase, 10
total quality management phase, 10
two-dimensional quality, 2
Quality management principles, 1722
continual improvement, 21
customer focus, 18
factual approach to decision making,
21
introduction, 17
involvement of people, 19
leadership, 19
mutually beneficial supplier relationship, 22
system approach to management,
20
Quality management system (QMS),
4143
quick reference, 41
planning, 69
Quality manual, 30, 57, 60
Quality objectives, 6869
SMART quality objectives, 69
Quality plan, 129
Quality policy, 67, 68
Quality system procedures, 30
Quality world, 104
Resource management, 41, 7578

awareness, 76
competence, 76
infrastructure, 77
training, 7677
Responsibility and authority, 70
RvA (The Dutch Accreditation Council),
34
Rau, R.H.G., 7, 104
Zende, Jayprakash, 7
Schroeder, Richard, 3
Scope and normative reference, 4953
exclusion, 50
Shingo, 13
Shrivastava, Madhavi, 115
Singhal, Divya, 177, 178
Singhal, K.R., 7, 177, 178
Society of motor manufacturers and
traders, 14
Soni, Kailash, 7
Steering committee, 25
Supplier, 52, 53
Supply chain, 52, 53
System approach to management, 20
Taguchi, 13
Task force, 25
Taylor, Frederick Winslow, 13
Thareja, Priyavrat, 8
Top management, 2324, 7374
commitment, 2324
role, 7374
Total quality management (TQM), 5, 10
Training, 2829, 77
UKAS (United Kingdom Accreditation
Services), 34
Warner committee, 14
Websites/blogs, 160
Weinberg, Gerald M., 1
West, John E. (Jack), 109
IMPLEMENTING
ISO 9001:2008
Second Edition
A Reference Guide
Divya Singhal
Keshav Ram Singhal
ISO 9000 series standards have changed the whole concept of quality management methods. ISO 9001:2008
QMS standard has been implemented and ISO 9000 series standards have been adopted as national standards
or endorsed for use in 178 countries and economies.
ISO 9001:2008 Quality Management System (QMS) is based on eight quality management principles and there
are various internal and external benefits of implementing this standard, whether or not an organization goes
for certification.
This book provides the readers with an accessible and up-to-date introduction to the essentials of a quality
management system, discusses what is in the ISO 9001:2008 QMS and shows how the organizations can
implement this system. With the authors extensive experience in QMS audit, training and advisory services, the
book incorporates basic information on understanding and implementing ISO 9001:2008 QMS and highlights its
importance towards making quality the fundamental business principle.
The text contains plenty of practical tips and guidance on how to implement ISO 9001:2008 QMS in the real world.
It discusses sample QMS procedures, emphasizes the importance of maintaining a value added internal audit
system and highlights the necessity of developing the QMS documentation procedures.
Apart from the regular BBA, MBA, and diploma courses in Total Quality Management, this book is also suitable
for Management Development Programmes in Quality Management and ISO 9001 offered to professionals by many
of the B-schools.
THE AUTHORS
DIVYA SINGHAL, Ph.D. and FDPM (IIM-A), is Assistant Professor at the Goa Institute of Management, Goa. She
teaches subjects of general management including Research Methods, TQM, and Lyrics and Management. She is a
gold medalist in M.A. (Economics) and a recipient of several other awards including Rastrapati Guide Award and
Young Achiever Award in Quality-2006 (NCQM) and Sustaining Member Award-2011 (NCQM). She is a member of
Social Responsibility Sectional CommitteeMSD 10 of Bureau of Indian Standards (BIS).
KESHAV RAM SINGHAL, M.A. (Political Science), is the Ajmer Centre Coordinator and Fellow Member of National
Centre for Quality Management (NCQM). He possesses several professional qualifications in the areas of banking,
business finance, quality auditing, etc. and is presently engaged in the area of creating awareness of management
systems including ISO 9001:2000 QMS. He is internationally recognized professional, who has undertaken jobs
assigned by various organizations including ASQ (USA) and Raad voor Accreditatie (RvA)Dutch Accreditation
Council (Netherlands).
Our Other Books on Quality Management

Total Quality Management, P.N. Mukherjee
Total Quality Management, L. Suganthi and Anand A. Samuel
Total Quality Management: Text and Cases, B. Janakiraman and R.K. Gopal
Six Sigma Simplified: Methodlogy, Tools and Implementation, N. Gopalakrishanan
ISBN:978-81-203-4574-4
` 195.00
www.phindia.com
9 788120 345744

Implementing Iso 90012008 Quality Management System A Reference PDF

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Implementing Iso 90012008 Quality Management System A Reference PDF

Caricato da

Copyright:

Formati disponibili

Second Edition

Implementing ISO 9001:2008

KESHAV RAM SINGHAL

7th Principle: Factual Approach to Decision-making.................. 21

6. Scope and Normative ReferenceISO 9001:2008 QMS....... 4953

7. General and Documentation

10. Product RealizationISO 9001:2008 QMS......................... 7991

12. Increasing the Power of Your QMSAchieve

Structure of QMS Documentation in ISO 9001:2008.................. 122

Appendix A Sample QMS Procedures ......................................133146

Quality is a concept associated with the expectation of every individual.

The American writer H. James Harrington expressed that quality is a

this book also provides sample QMS procedures on control of documents,

Quality Concept and

Fitness for use. (Joseph M. Juran, 1988). Note: The customer

The Noun Quality

An essential and distinguishing attribute of something or someone.

2 Implementing ISO 9001:2008 QMSA Reference Guide

A characteristic property that defines the apparent individual

The Adjective Quality

Of superior grade. Synonyms: Choice, Prime, Prize, Select.

A Two-dimensional Model of Quality

Quality means those features of products, which meet customer

Quality Concept and Quality Management System

1. Quality has to be defined as conformance to requirements, not

Most people think they understand quality and excellence, but

4 Implementing ISO 9001:2008 QMSA Reference Guide

ISO STANDARDS ON QUALITY

A Leading National Daily

Quality has a strong impact on corporate economiesit seeks to

A Few More Thoughts/Facts on Quality

Quality is a very talked and in fashion subject today.

Quality Concept and Quality Management System

It is no longer true that quality is linked to higher cost.

6 Implementing ISO 9001:2008 QMSA Reference Guide

Quality is a competitiveness factor that has to be integrated in

Quality Concept and Quality Management System

Management of quality is not a one-shot affair. It covers all

8 Implementing ISO 9001:2008 QMSA Reference Guide

Best quality, best management, and delivery on timethe

Conformance with requirements

Quality and Quality Management System

Quality Concept and Quality Management System

How Can We Achieve Quality?

Provide goods and service of right quality

Organization can achieve the above by implementing quality management

Quality System Concepts

10 Implementing ISO 9001:2008 QMSA Reference Guide

Total Quality Management (TQM)

Quality Concept and Quality Management System

advisable for organizations first to provide a formal quality framework

INTERNATIONAL ORGANIZATION FOR STANDARDIZATION

Quality management systemsFundamentals

12 Implementing ISO 9001:2008 QMSA Reference Guide

ISO 9001 certification in a number of countries are given below:

Source: The ISO Website.

Quality Concept and Quality Management System

HISTORICAL BACKGROUND: ORIGIN OF QUALITY AND

14 Implementing ISO 9001:2008 QMSA Reference Guide

Quality Concept and Quality Management System

ISO 9000 Standards on Quality Management and Quality Assurance

ISO 9000:2005Quality management systemsFundamentals

1. What do you mean by quality?

24 Implementing ISO 9001:2008 QMSA Reference Guide

26 Implementing ISO 9001:2008 QMSA Reference Guide

28 Implementing ISO 9001:2008 QMSA Reference Guide