hygiene zone
quality tools
quality techniques
human issues
quality awards
quality extra
visitor tools


Stay Informed
Sign up below to receive our Occasional Newsletter.

We Respect Your Privacy!

Web SaferPak
SaferPak: Food Packaging Safety, Food Safety, Business Improvement and Quality Management
       Home     About     Contact

The Changes in ISO 9001:2000 and the Implications for Smaller Businesses
By Mike Stone

This paper is designed to highlight some of the issues small and medium sized businesses may consider with the advent of ISO 9001:2000. Consequently, only certain clauses in the new Standard have been selected for comment.

The notes below are referenced to the paragraph numbers and headings in ISO 9001:2000.

1 The Preliminary Sections of ISO 9001 (‘Scope’ and 'Application') Organisations will need to prove that legal issues surrounding products are being addressed.
1.2 Permissible Exclusions (Reduced Scope and Tailoring) - see 4.2.2 below  
4.2 Documentation Requirements It is mandatory to document only six procedures:

1. Document Control
2. Record Keeping
3. Nonconformance Control
4. Auditing
5. Corrective Action and
6. Preventive Action

In all other cases, management must decide whether they need documentation to facilitate control.
4.2.2 Quality Manual Omissions in a current manual satisfying ISO 9001, 1994, might include:

• the need to specify and explain the organisation’s processes and their interactions (a suitable flowchart could suffice) and

• an explanation of ‘permissible exclusions’

Processes need to be specified and it may be easiest to show these in a simple flowchart form.
5.1 General

This section emphasises the need for commitment to quality and improvement from top management, including the meeting of all legal requirements.

This section will not be particularly onerous as only 'top management' will ordinarily have the authority to manage the issues raised, especially those of resourcing.

5.2 Customer Focus In smaller organisations, customer focus is normally very well handled, but assumptions are often made by both parties. Every effort must be made on a contract by contract, or order by order, basis to ensure that any 'limitations' are fully understood by the customer. See also 8.2.1 below.
5.3 Quality Policy

There is no detailed guidance as to what constitutes, or is acceptable as, a quality policy statement. It is advisable to mention commitment to continuous improvement.

Continuous improvement may sound daunting. However, some basic techniques may suffice, eg: internal audits and staff suggestions identifying issues for improvement.

5.4.1 Quality Objectives Top management shall ensure that quality objectives are established for products and the quality system itself.

This will almost certainly be done: product objectives may be a drawing or basic specification, whereas quality system issues will be covered by procedures including document control, corrective action and internal auditing.
5.4.2 Quality Planning Plans may be minimal in documentation terms, but personnel performing work will need laid down criteria to achieve (see 5.4.1 above). Drawings or simple instructions might suffice. The fact that there are procedures for various 'infrastructure' activities, such as document control etc, will prove that some form of quality system planning has been implemented.
5.5.1 Responsibility and Authority

Job descriptions are not mandatory. Procedures may define 'jobs'.

It is no longer specified that 'interrelationships' of personnel be defined.

5.5.2 Management Representative for Quality The management representative may responsibilities other than ‘quality’. The quality management representative may well be the business owner: in the event of conflict between quality and other issues, quality must be accorded a fair hearing and it is recommended that a record of such be maintained.

5.5.3 Internal Communication

There is no requirement for formal procedures here. However, some evidence of communication will be required, such as a record of 'key briefings'.
5.6 Management Review Exceptionally, in a very small organisation, the management review may not involve anyone other than the business owner. In such a case, although there will be no formal meeting, it will still be necessary to record the issues considered.
6 Resource Management It could be argued that there is little new in this section - an interpretation of various clauses of the 1994 Standard may be considered to cover most of the points raised in the new Standard. However, there is more emphasis on facilities and the working environment and the need for training evaluation.
7.1 Planning of Product Realisation
If the organisation’s procedures, instructions and specifications cover the planning requirements, it should not be necessary to demand a separate document called a ‘plan’.
A minimalist approach to the requirements here might be the production of a simple written statement specifying the desired product or service 'output'. Detailing the sequence of activities should not be necessary where simple work is concerned.
7.2.1 Determination of Requirements Related to the Product The requirement to review legal and regulatory obligations needs to be addressed and demonstrated.
7.2.2 Review Requirements Related to the Product (or Service)

This section applies to proposals, original orders and amendments.

Before submission of a tender or acceptance of an order/contract, customer requirements, whether specified by the customer or the organisation, shall be reviewed The review does not have to be carried out by a second, independent person, but a record should be available.

In some sectors, eg retailing, the only definition of what has been agreed between the buyer and seller may be a credit card slip or till receipt of some sort.

7.2.3 Customer Communication There may well be no need to make changes here as long as it is clear who it is in the customer's organisation who needs to be contacted over such matters as confirmation of requirements, change authorisation and delivery arrangements.

7.3 Design and / or Development

There are no really major changes here in relation to the previous Standard, other than the removal of the need for documented procedures.
7.4 Purchasing There is little change from the previous Standard in this section. No reference is made to a requirement for documented procedures.
7.4.3 Verification of Purchased Product and Services

This has clarified the previous Standard's section 4.6.4, but also covers incoming inspection.

Incoming checks on input goods and services at the organisation’s own premises will be at the level or depth determined by the management.

7.5.1 Control of Production and Service Provision 7.1 requires work planning and this section, 7.5.1, requires some form of written or pictorial instruction specifying standards of work. These two issues may be combined: a drawing alone may specify what is required.
7.5.3 Identification and Traceability

Product and Service should be identified throughout all ‘production’ processes - where appropriate.

Traceability shall be maintained if this is a requirement and then appropriate records kept.

Documented procedures are not specifically required now for controlling identification and traceability.

The status of product and indeed services should be established during processing. For example, the status of a car service during the service process needs to be determined and this is normally achieved by a ‘tick list’ indicating those tasks which have been completed and those which have not.

7.5.4 Customer Property

The requirements here are generally clear.

This may now include non-products such as intellectual property.

7.5.5 Preservation of Product (Handling, Storage, Packaging, Preservation and Delivery)

Apart from the demand in the old Standard for documented procedures, the new, shortened, requirements actually cover most of whatever went before.

The '94 Standard hints very strongly at the need to log goods in and out of stores, but this is no longer stipulated. This will help organisations where exceptionally low value items are kept in store pending use in production. Precise stock levels are not essential.

Whilst checking ‘the condition of product in stock at appropriate intervals’ is no longer a specific requirement, management will need to be able to control shelf-lifed items to ensure product conformity.

7.6 Control of Measuring, Inspection and Test Equipment

It might be considered that the requirements in the new Standard are less stringent than the old.

The statements 'Where necessary to ensure valid results, measuring equipment shall be….calibrated' and '…. monitoring and measuring can be carried out in a manner consistent with measuring requirements' suggest that managements and certification organisations might take a more lenient view over what equipment needs to be calibrated

8.2.1 Customer Satisfaction A formal arrangement needs to be set up to evaluate customer satisfaction (not just dissatisfaction/complaints). The arrangement can not be a ‘one-off’ exercise: the wording is ‘customer satisfaction must be monitored’, implying at least periodic if not continuous monitoring.
8.2.2 Internal Audit Truly independent auditing may be difficult in a really small organisation. The new Standard effectively asks for objectivity. In this case, the most senior person in the business may be the one who is less involved in the minutiæ of the business and be best suited to undertake internal auditing.
8.2.3 Measurement and Monitoring of Processes

This section has introduced process checking in addition to product measurement (see 8.2.4 below). Examples of process monitoring checks might include:

• temperature and pressure measurement in chemical processes
• checking / adjusting grass cutting blades in mowing machines
• the voltage on 'flash test' equipment for insulation checks

8.2.4 Measurement of Product and/or Service In addition to process measurement, product measurement is required: the amount of checking and measuring carried out is down to management. A minimum could probably be some form of final check immediately prior to delivery to customer.
8.3 Control of Nonconforming Product

Arrangements for dealing with items found to be nonconforming after delivery now need to be in place.

Control of nonconformances is a serious, formal process. There are no shortcuts for smaller organisations.

8.4 Analysis of Data for Improvement

This section stipulates some new requirements, but many organisations will be carrying out this work anyway.

Data from the quality management system is required to be analysed. Action resulting from analysis of this data, ie the introduction of improvements, is then required by other sections, viz: 5.6 (Management Review) and 8.5 (Improvement).

The extent of data collection and analysis is not specified.

8.5.1 Planning for Continual Improvement

Improvement processes must be established within the organisation.

Although there is no requirement for a documented procedure, a plan is required to explain how the following are used to generate continual improvement:

• quality policy
• objectives
• internal audit results
• analysis of data
• corrective action
• preventive action
• management review

8.5.2 Corrective Action

The meaning of corrective action is clearly explained in the first sentence of this section: ‘establishing a process for reducing or eliminating the causes of nonconformity by preventing recurrence’.

Corrective action is to be 'commensurate with the risks involved'. This means that it not necessary to spend a pound to save a penny, or take action over events, which, after due consideration, are considered to be extremely unlikely to recur.

8.5.3 Preventive Action

The first statement in this section defines what is meant by preventive action: ‘establishing a process for eliminating the causes of potential nonconformities to prevent occurrence’ (ie there is no problem as yet). Although the old Standard contained requirements for preventive action, it was not clearly defined and many organisations failed to address this area of activity with any conviction.

Preventive Action shall be taken ‘appropriate to the impact’ of the potential problem.

The most basic techniques to address this involve only internal auditing and staff suggestions to identify possible problems.

"Many SME's, therefore, may not have so very much to do to accommodate the new Standard. Modifications to the structure of their existing documentation may be worthwhile. The quality manual (where that currently exists) may well need to be amended to address the modest number of new requirements, such as:

• the monitoring of customer satisfaction
• continuous improvement and
• describing the organisation's processes

SMEs may review existing procedures to see if it might be possible to abandon some of them and restructure others to address the enhanced requirements for process control. However, ISO 9001:2000 may not be the headache expected by many SMEs.

References: ISO 9001:2000

Mike has been a management consultant since 1987 and has been associated with Services Ltd for several years. He is now a Director of Services Certification and Training, specialising in Environmental and Quality consultancy, auditing and training, with considerable experience in both the public and private sectors.







Back to previous page









top of page


home :: about :: contact :: terms

© 2006 SaferPak Ltd.