ISO 9001-2000: What to expect
James Lamprecht, PhD
Sections of this document include: general observations;
measur, measurement and more measurement; other improvements; ISO9000:2000 a predjudiced view; and conclusion.
The Draft International Standard (DIS) for ISO 9001:2000 was released in late November 1999. Reaction to this latest revision will no doubt vary and will likely depend on how one approaches the document. A casual, non-critical reading of the DIS will probably leave most readers with an overall feeling of satisfaction vis-à-vis the standard. Indeed, people may even comment that the 9001, 9000 and 9004 standards read better and are clearer than previous editions (1987 and 1994). However, upon closer examination, a more careful and critical reading will no doubt reveal that this latest revision was prepared in haste and is still in need of major editing. Indeed, the DIS is still replete with repetitions (and hence redundancies), as well as vaguely phrased or inelegant sentences. Editing these sentences and removing persistent redundancies would produce a more elegant, concise and thus, clearer DIS.
What is interesting to note about the DIS is that, on first impression, only minor changes seemed to have been introduced; a word changed here and there, a few paragraphs renumbered or, a few sentences slightly rephrased. However, when one compares the CD 2 document to the DIS, one notices that the nature of some of these changes is more significant than at first thought. For example, one notable change inserted to the DIS addresses the need for documented procedures. The CD 2 draft document hardly made any references to the need to establish documented procedures. This apparent omission is now corrected in the DIS. Indeed, the phrase, A documented procedure shall be established . . is now referenced six times! One wonders who recommended the change.
The six specific references to establishing documented procedures are found in the following paragraphs:
5.5.6 Control of documents; 5.5.7 Control of quality records; 8.2.2 Internal audit; 8.3 Control of nonconformity; 8.5.2 Corrective action; and 8.5.3 Preventive action
In addition, references to the need for documentation are also stated in paragraphs 7.1 and 5.4.2. Paragraph 7.1 Planning of realization processes currently states: Planning of the realization processes shall be consistent with the other requirements of the organizations quality management system and shall be documented in a form suitable for the organizations method of operation.
Paragraph 5.4.2 Quality planning, states that: The output of the planning shall be documented. These last two examples (7.2 and 5.4.2) could also be cited as an example of redundancy (7.1 partly repeats what is already stated in 5.4.2); and obfuscation. Indeed, who has ever heard of realization processes. Still, having coined a new term, the standard does define product realization as that sequence of processes and sub-processes required to achieve the product. Government bureaucrats could not have written a better sentence.
Should there be any doubts as to the nature of documentation, the DIS currently states that:
The organization shall establish, document, implement, maintain and continually improve a quality management system in accordance with the requirements of this International Standard. (4.1)
The quality management system documentation shall include:
a) documented procedures required in this International Standard;
b) documents required by the organization to ensure the effective operation and control of its processes. (4.2)
Procedures and documents are still very much alive and well in ISO 9001:2000. So are redundancies which were so noticeable in the CD 2 document. A review of the DIS revealed nine cases of redundancy and/or repetition. Examples of repetition would include sentences that repeat or nearly duplicate (using different words) a point made in an earlier (or later) paragraph or sometime, in the same paragraph.
Despite these flaws which may be corrected in the next DIS, one must recognize that the specific reference to establishing and maintaining documented procedures, so prevalent in the 1987 and 1994 versions, has now been significantly reduced.
One of the major additions, one could even say, improvements to the ISO 9001:2000 standard is paragraph 8 entitled: Measurement, analysis and improvement. This paragraph now requires that an organization measures and monitors customer satisfaction, the effectiveness of the quality management system (via the internal audit process), processes and products. Whether or not people will understand the difference between measurement and monitoring remains to be seen.
Since the ISO 9001:2000 will require organizations to collect much data, one should not be surprised to learn that all these data will have to be analyzed (8.4 Analysis of data) to assess customer satisfaction, conformance to requirements, characteristics of processes, products (and their trends) and suppliers (performance?). The DIS is not always clear or direct as to what is meant. For example, with respect to the last requirement (suppliers), the DIS currently reads (8.4): The organization shall analyze this data (sic) to provide information on: d) suppliers. What type of information is not stated. However paragraph 7.4.1 does state that that The organization shall evaluate and select suppliers based on their ability to supply product in accordance with the organizations requirements. This last example indicates that the standard still needs to be edited (this data should read these data), and moreover, readers will occasionally have to cross-reference two or more paragraphs to better understand the intent of a sentence or paragraph.
The new standard has tightened up previous requirements and clarified others. For example, quality objectives must not only be measurable but also consistent with the quality policy. Management reviews must not only include specific inputs (e.g., results of audits, customer feedback, process performance, status of preventive and corrective actions, follow-up actions, etc.), but must also contain specific outputs. Management minutes for example must now include actions related to: a) improvement of the quality management system and its processes, b) improvement of product related to customer requirements and resources needed (supposedly to achieve these improvements.)
It is no longer sufficient to assess training needs and conduct training. An organization will have to evaluate the effectiveness of the training provided. The old design control paragraph (4.4 in ISO 9001:1994) has now been renamed design and/or development. Although the paragraphs reads much the same as the old 4.4 Design control, a few requirements have been added. For example, one notes that evidence of design and/or development validation must now be recorded.
In an article entitled The Art of Creating Standards, the authors (all members of the US TC 176 committee), make several interesting claims regarding the ISO 9000:2000 series of standards. They state that As clarity and simplification are pursued, words and paragraphs are added. Also adding to the standards length is the need to make crystal clear requirements that were always intended but previously were not explicitly stated. Although it is true that certain sections (and/or paragraphs) of the the ISO 9001:2000 are now clearer, it is also true that the standard is longer because it introduces new requirements and repeats many requirements often using imprecise sentences. We are then told that the standard needs to be longer because requirements that were always intended must now be made crystal clear. But who would lay claim to these intended requirements? Is it some mythical customer or perhaps some registrars, consultants, members of the TC 176 committee or a combination of all four! No one knows, we are simply told that such requirements were always implied but, we are never told why they were implied nor are we told why these implied requirements would necessarily benefit a company. These assertions are posited as obvious truth to be recognized by anyone with the proper experience and knowledge.
The authors then proceed to assure the reader that Compliance with ISO 9001 should not add any extra cost but may expose requirements that should have been already considered but were not adequately addressed. This statement, bordering on arrogance, is even more remarkable because it clearly demonstrates that the authors are clearly detached from the economic realities of everyday businesses. The logic is rather simple: these additional requirements (which were supposedly implied in the first place), are not really additional requirements because companies should have adequately addressed them in the first place. We still do not know who has the authority to decide what is adequate and what is not adequate implementation. What is clearly implied by the authors statement is that organizations throughout the world have obviously misunderstood the intent of ISO 9001 requirements which would explain why clarifications are needed to correct these deficiencies. As far as the authors are concerned, the cost of properly addressing these requirements is not really a cost because these requirements were not adequately addressed in the first place! Confused? Dont be because ISO 9001:2000 or perhaps, a future revision, will surely prescribe the best remedy to all your woes.
You can rest assured that the new ISO 9001:2000 will cost more to implement. Naturally, the cost will vary and, it is also true that for some companies which already have a system that complies with the new list of requirements listed in 9001:2000, the cost will be negligible. Nonetheless, for many other companies, there will be a cost associated with the need to align their quality management system with the new requirements.
Once the DISs (9000, 9001 and 9004) are edited, as we all hope they will be, will they provide the reader with a better set of standards which will be easier to interpret and implement? The authors of The Art of Creating Standards are, as can be expected, optimistic in their answer. The authors believe, they conclude, that ISO 9001:2000 and ISO 9004:2000 will prove to be even more useful and valuable to organizations than their predecessors. Based on this statement, one can assume that the authors believe that the new standards will be better than their predecessors. Is that necessarily true and, more importantly, will it be easier to interpret and implement ISO 9001:2000? There is little doubt that the new standards are better written. The definition of terms provided by ISO 9000:2000 as well as the prose of 9001 and 9004:2000, are an improvement over previous releases. One would hope that one of the advantages of these improvements is that fewer books on ISO 9000 will be published. However, this is not likely to happen because ISO 9001:2000 will not necessarily be easier to interpret and thus, implement. The Plan Do Check Act (PDCA) structure implied in ISO 9001, although useful as a methodology, renders the structure of ISO 9001 ponderous, and at times, difficult to interpret. For example, one likely source of confusion will be paragraphs 8.2.3 Measurement and monitoring of processes and 8.2.4 Measurement and monitoring of products. Since the effectiveness of a process has traditionally been assessed by measuring product conformance, one is curious to see how organizations will monitor processes. Other examples could be cited.
Consequently, although ISO 9001:2000 will probably read better (and perhaps, even be more useful and valuable to some), it will not be easier to implement particularly, for first time implementers. It will be more demanding simply because the standard now places more demands on organizations. And that is why more books and thousands of pages of advice and opinions on ISO 9001:2000 will be published even before the standards are officially released. The more things change, the more they remain the same.