Sei sulla pagina 1di 4

Iso 9001 clauses

The steps need to be taken to prepare an organization for ISO 9001 2000 registration:

Whilst the following text is not exhaustive in its content it should give you a reasonable
idea of what's involved in setting up an ISO 9001 2000 registration within an

First and most importantly you should either purchase a copy of the ISO 9001 2000
standard or read a copy at your local library.

At first glance many of the terms referred to in the standard sound quite confusing but if
you study the content of this web site you will soon become familiar with the
terminology used.

Now that you are a little more familiar with the ISO 9001 2000 Quality Management
Standard and its terminology you should start to analyze the current practices of your
organization to those documented within the ISO 9001 2000 standard,This process is
known as a gap analysis audit. You can either carry this process out yourselves or employ
the skills of an ISO 9001 2000 consultant to carry out the task for you.

It is very important to get this audit right as the results will be used to set the direction of
your organization on its route to full ISO 9001 2000 registration. In short if this audit is
wrong or incomplete your organization will happily steam along in the wrong direction,
wasting resources as it goes, until someone tells you otherwise. If I were to give one
piece of advice here it would be to recommend using a professional, a small amount of
money spent at this stage could save you unnecessary expenditure if you were to get it

As the gap analysis audit on your organization progresses you will be able to identify the
processes which are already documented, and those that are not. It will be useful to your
organization to compile a list of documents that you will need for the Quality
Management System as you complete the gap analysis audit, there is no sense in doing
the same job twice.

It is important to remember that just because a process is documented does not

necessarily mean it is compliant with the requirements of the ISO 9001 2000 standard.
Almost certainly your organization will have to tweak existing processes and or instigate
new ones in order to comply with the documented requirements of the ISO 9001 2000

For this purpose you may decide to bring together a team of employees and have them
review the processes and suggest improvements which will make the process compliant
with ISO 9001 2000. Alternatively you may wish to employ an ISO 9001 2000 consultant
to carry out this task for you. Whilst a consultant may initially seem expensive he or she
will have the experience to complete the task expediently and cost effectively.

Now that the organizations processes and any short falls against the ISO 9001 2000
standard have been identified they have to be documented in a within a controlled
document control system. Whilst there is not a definitive, prescribed method to document
an ISO 9001 2000 Quality Management System there are, as with most things, easy and
hard ways of doing this.
If you are unsure how to do this there is an example procedure here or once again you can
employ a consultant to complete this task expediently.

Design and implement the Quality Management System to comply with the requirements
of ISO 9001 2000.

This will typically require:

Establishing a quality policy and measurable quality objectives.

Documenting a quality manual, describing your Quality Management System.

Documenting procedures which describe the processes in your organization.

Creating a document issue, withdrawal and re-issue of documents system.

Documenting test and inspection methods.

Documenting a corrective and preventive action process.

Identification of training needs and necessary job skills.

Calibrating and controlling measuring and test equipment.

Measuring and monitoring customer satisfaction.

Measuring process, and product conformity.

Training employees on the operation of the quality management system.

Planning, conducting and following up internal Quality Management System audits.

Continual improvement of the Quality Management System.

As each process in your organization is revised, documented and implemented you need
to ensure that your employees are trained accordingly in the operation of the revised
process and that their documented training records are updated. All employees must have
had at least basic ISO 9001 2000 training so that they can demonstrate that they
understand what is required of them. You can either attempt this training your self or
employ a consultant trainer to do this task for you.

You must generate and keep documented records of employee training in accordance
with your new processes procedures which, of course must be compliant with ISO 9001

These records will be used as evidence to prove to your ISO assessor that you are
operating your Quality Management System in accordance with your documented
procedures and ISO 9001 2000. Driso's Easy ISO 9001 2000® software will record,
control all of your organisations training records in an ISO 9001 2000 compliant format.

As your processes evolve you must start internal quality management system audits so as
to satisfy your organization that it is in fact operating its processes in accordance with its
own documented procedures and the requirements of ISO 9001 2000.

Your ISO 9001 2000 auditor will look at the records generated by your internal audits.
ISO 9001 2000 relies on Quality Management System audits to provide assurance that
the organization is meeting the requirements of the ISO 9001 2000 standard.

An audit includes an inspection of the documents and records that make up your quality
Most importantly it is an inspection of the way the people in the organization work and
the knowledge they have about the operation of the quality management system.
management reviews must be carried out by the top management in your organization to
ensure that your Quality Management System is working effectively and that it is geared
to produce continual improvement of your products or service.

Registration requirements vary slightly between the various certification bodies but it is
usual to have a Pre-Assessment.
A pre-assessment is a mock audit similar in duration to a full registration audit which
your organization neither passes nor fails.
The important feature of a pre-assessment is that it will provide a full list of any short
falls between the requirements of the ISO 9001 2000 standard and your Quality
Management System.

As a senior lead auditor I would always advise an organization to opt for a pre-

You now need to select a registration agency.

There are many registration agencies to choose from and in theory they are similar inthe
services they provide, chiefly because they all have to abide by the same to EN standards,
EN45011 and EN45012. In practice they offer different service levels, response times and
re-assessment periods. So my advice would be to choose your registration body very

Finally the day has arrived for your registration rudit. This is where an auditor from the
chosen certification body visits your organization and carries out a comprehensive audit
of your organization.

When the auditor identifies a discrepancy or non-conformance between the work that is
being performed and the requirements of ISO 9001 and how you say you operate your
processes the discrepancy or non-conformance will be written up. There is no specific
number of non-conformances that have to be raised for your organization to either pass or
fail. It depends on how serious each point raised is or if a number of minor issues are all
raised against one clause of ISO 9001 2000, say for example design.

For example: If only a few minor non-conformances are found during the registration
audit, the registration body will issue a certificate of registration to ISO 9001 2000 stating
that your organization complies with the requirements of the ISO 9001 standard. If
however a major non-conformance is raised this results in your organisation being told
that you must correct the non-conformance(s) and re-apply for another registration audit.
This is why I would always recommend that you have a consultant carry out a Pre-
Assessment audit on your business, re-applying for a complete re-assessment from a
registration body can be a very expensive business.

Once a certificate of registration is issued it typically expires after three years, however
some registration bodies certificates never expire.
All registration bodies typically require Quality Management System surveillance audits
of your organization at six months intervals to maintain the validity of the certificate.

At this point, you deserve to celebrate your accomplishments!

However, once the certificate is issued you need to continue to monitor your own Quality
Management System to ensure you continue to comply with the requirements of ISO
9001 2000.

If you want to download over free 50 ebook for iso 9001 standard, you can visit:

Best regards