SBS - The Best Value in QMS software

Implement to the DIS of ISO 9001:2000 now?


Hunkered Down for the Duration with a Mask on...
Staff member
On 4/13/00 10:57 AM, Bidinger, Mark P. [MB3] at [email protected] wrote:

> Hello Marc:
> My organization is planning for certification in June of 2001. We are
> working off of the DIS, with the thought that by June 2001 we will have
> registrar's available for certification. We also are concidering a
> contingency plan for the 1994 version, but are really spending our energies
> in DIS, with the thought of worst case we will have to rearrange the quality
> manual and the procedures organization.
> any thoughts or suggestions?

I'm working with a company now which is working with the DIS. Even the quality manual will be the DIS. Just make sure you compare each DIS requirement with the applicable 1994 version requirement and do not leave out any requirements from the 1994 version.

I first did this last year. We worked from October 1998 thru April 1999. The company successfully registered (with no problems) in June 1999 - tailored after the draft as it was at that time.

The DIS really isn't much different from the 1994 version, no matter what people say. People are over complicating the changes. Oh sure, you'll hear stuff like "...Take our course! We'll help you with..." I have seen this scare tactic in several areas, including the SPC 'requirement'. The DIS says:

> ...8 Measurement, analysis and improvement
> 8.1 Planning
> The organization shall define, plan and implement the measurement and
> monitoring activities needed to assure conformity and achieve
> improvement. This shall include the determination of the need for, and
> use of, applicable methodologies including statistical techniques.

This is the same thing the 1994 version says. Determination of the need for is the critical factor. I have 2 clients who do not do any statistical analysis of any kind. They pass the audit because they can show evidence of a yearly review (during management review) of the need for, and value of, any statistical techniques within the organization, including:

> ...8.2.3 Measurement and monitoring of processes
> The organization shall apply suitable methods for measurement and
> monitoring of those realization processes necessary to meet customer
> requirements. These methods shall confirm the continuing ability of
> each process to satisfy its intended purpose.
> 8.2.4 Measurement and monitoring of product
> The organization shall measure and monitor the characteristics of the
> product to verify that requirements for the product are met. This
> shall be carried out at appropriate stages of the product realization
> process.
> Evidence of conformity with the acceptance criteria shall be
> documented. Records shall indicate the authority responsible for
> release of product (see 5.5.7).
> Product release and service delivery shall not proceed until all the
> specified activities have been satisfactorily completed, unless
> otherwise approved by the customer.

I should point out these are small companies of less than 20 employees.

A quality manual is no big deal. Tailor the text of the DIS and add your procedure references. Changing later is no big deal.

Procedures should be 'arranged' in a way that makes sense for your company - not tailored after the DIS. You can, but I wouldn't. I suggest arranging procedures by functional group or area.
Elsmar Forum Sponsor


Hunkered Down for the Duration with a Mask on...
Staff member
From: ISO Standards Discussion
Date: Thu, 20 Apr 2000 19:22:45 -0500
Subject: Re: Q: 9001 v 2000 /Marshall/Cunha/van Putten/Paten

From: Mike Paten

My responses to your questions regarding transition planning for the forthcoming ISO 9001:2000 revisions follow:

The bottom line to all of this is that the registrar holds the keys to both the nature and timing of transition activities. The second bottom line is registrars haven't announced what they're going to do yet because frankly they don't know. That is why the official transition guidance needs to be paraphrased to read (IMHO):

"You've got three years to come into compliance with the new standards - whether you're currently registered or not -- and, by the way, it's going to be up to you and your registrar to develop and agree upon a meaningful plan to get there."

If you're interested, I base this odd sounding generalization on the following facts (as I see them anyway):

Part 1: Upon its release, ISO 9001:2000 will replace ISO 9001/2/3:1994.

Part 2: However, companies (whether currently ISO certified or not) will be allowed to persue and/or maintain ISO registrations under the 1994 standards for up to three years. Regardless of when registration to ISO 9001/2/3:1994 standards is achieved, ALL will expire 3 years from publication of the new standards ? or sooner.

Part 3. ISO compliant systems are NOT put in place overnight. ISO recognizes that companies will be incrementally developing systems compliant with the new requirements over that entire three year period. So:

3a. Companies currently certified organization will need to work out a detailed transition plan with their registrar to determine if compliance will be evaluated as transition occurs or whether the registrar will wait and evaluate compliance in one complete system audit.

3b. ISO also recognizes that companies working on systems compliant with the 1994 standards should be given some transition time too. After all, they are probably somewhere in the system design/development and implementation process ? so why should they be forced to go to the new standards before companies already registered. If anything, companies already registered are in a better position to gear up for the new standards than those without a sound documented quality system. Therefore, companies not currently certified can pursue registration to either the 1994 and 2000 standards - IF their registrar agrees.

3c. In either case, Registrar "agreement" on a transition plan will be needed. Call it speculation, but the only way I know of that a Registrar will be able to evaluate your "progress" over the next three years is that increasing portions of the new requirements will be evaluated during each surveillance audit. There may be some registrars that will use your current registration "expiration date" as a target date to get on board with the new requirements. In any case, anyone thinking they can basically "ignore" ISO 9001:2000 for 3 years is probably kidding themselves.

3d. Under any scenario, ALL registrations to the 1994 standards will expire 3 years from the date of issuance of the 2000 standards. (i.e. sometime in late 2003).

3e. There is no "grandfather" clause per se. However, what may be intended by that kind of reference is that companies already certified to the 1994 standards are probably going to be able to work out a pretty "lenient" transition plan with their registrar. On the other hand, companies trying to get certified to the old standards after issuance of the new standards are probably going to be "highly encouraged" by their registrar to go ahead and get up to speed with the new requirements. Why? Because I think once the new standards are published and the registrar/consultants/others are up to speed with them - companies are going to be expected to get online ASAP. Besides, who really wants to design a system to the old requirements when it's just as easy to design it to the new ones? Notice I'm talking about system design - not necessarily implementation.

I hope this response was useful. I have a free power point presentation on ISO 9000:2000 Revisions available on my web site in case anyone is interested in using it for awareness training, etc. Just send me a personal email if you're interested.

Mike Paten

Al the Elf

The management team of my organisation is currently having a debate about timing for transferring to 9K-2K (it is a relief to me to have got them past the debate about deciding to do it !).

I agree with the comments that the registering body will undoutedly be a driver, however I'm trying to assess what the general feeling is amongst BB contributors on timing for introduction.

One other key driver may come from 9K-2K being seen as a commercial requirement. I'm afraid that in our manufacturing sector, many organisations were forced into adopting 9K-1994 due to it's status as an order qualifier. Subsequently many, including parts of my organsiation, created bolt on "Certificate on the wall" systems that qualified them to ISO900X:1994, but had little or no positive value. If the same becomes true when 9K-2K finally appears then this may speed up the whole implementation speed within the industry. The challenge to the registering bodies will be to uphold the value of the new standard in terms of delivery of benefit to organisations (and customers).


My suggestion for transition would be:
1. Get your act together.
review DIS
Talk to your registrtar about dates
Think about costs and set up a budget
2. review and ask for committment from TopBoss
Do it now? later? last minute?
Who is on the Implementation team?
Budget approval for training and/or consulting
3. Organize the implementation team
Involve the TopBoss
Train in the differences (Plexus has excellent materials for this, so do others)
Get committment from the Team for revising and installing changes (What and when)
Determine a date when the switch is made
4. Retrain Internal audit team
5. Start the revised system with increased internal audits
6. Notify your registrar you have converted

There guys! You're welcome to take pot shots, but this is a plan.



Hunkered Down for the Duration with a Mask on...
Staff member
My 'pot shot' is this: What are the big differences? I don't see the differences as so significant that a big, expensive project will be necessary.

Jim Biz

Would I realy need to retrain my auditors gather a team.. increase the budget.. if all I need to do is add a few line items of documentation to cover the "clarified" (added) wording?

Al the Elf


Your comment about insignificant cost relates well to a system that is fully engaged already in the delivery of customer needs, through a changing and continuously improving quality policy and quality plan.

Unfortunately a significant number of us preside over systems that were designed to do the minimum possible to achieve certification. In our case, on a cost benefit analysis, this was deemed to be a better way of working at the time.

Subsequently we now face change in the system, to continue to achieve certification (which we need to sell product !). If we want to stay with our current mentality (do it as a bolt on activity to get a certificate), our costs to change to 9K-2K will be directly related to the changes in the external auditing approach to address customer requirements primarily rather than Quality Policy. We are getting the feeling that this may be substantial ! Is anyone else ?

As an aside, we are also considering the relative cost for a project to deliver something that achieves the spirit as well as the letter of 9K-2K. I am hopeful that I can persuade TOPBOSS to go down this pathway with a cost benefit analysis of added value from excellent definition and dissemination of customer needs.

Cheers, Al.


Hunkered Down for the Duration with a Mask on...
Staff member
You should be well into the project by now - I'm looking for cost and time estimations as well as feedback on any upgrades.
Thread starter Similar threads Forum Replies Date
R Using R package to implement Bayesian phase I/II dose-finding design for three outcomes ISO 13485:2016 - Medical Device Quality Management Systems 6
R AS5553 Clause 3.1.7 f - "Implement a returns process....." AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
Q AS9100:2016 D - Intent of 8.4.3 (K) - Implement QMS AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
Y When will Notified Bodies require MedDev manufacturers to fully implement ISO 14971:2019? ISO 14971 - Medical Device Risk Management 1
S How to Implement COSO 2017 Framework Various Other Specifications, Standards, and related Requirements 0
M How to implement the 4M Change Management System Lean in Manufacturing and Service Industries 3
M Can I audit processes I've established but do not implement or maintain? Internal Auditing 6
S How to address and implement OH&S opportunities in ISO 45001:2018? Occupational Health & Safety Management Standards 12
J ISO 9001:2015 Cl. 8.1 - 'and to implement the actions determined in clause 6' ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
I How to implement ISO 9001:2015 for Construction Field ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
Q Is it worth the effort to implement ISO 31000 Risk based on ISO 9001:2015? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
A How do we implement a Process Approach ISO 13485:2016 - Existing GMP QMS Other ISO and International Standards and European Regulations 2
Crusader Can I Implement AS9100 in 1 Department only? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
L How many working hours to required to implement ISO 14001 ? ISO 14001:2015 Specific Discussions 6
A Do we have to implement customer specific requirements? Customer and Company Specific Requirements 13
L Roadmap to implement Business Excellence by department Misc. Quality Assurance and Business Systems Related Topics 11
B How to implement a Nonconformance System in a Service Industry ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
R Does "establish, implement and maintain a procedure" require a Document - OHSAS 18001 Occupational Health & Safety Management Standards 1
W Working in a company where we try to implement ISO 27001 IEC 27001 - Information Security Management Systems (ISMS) 9
T What type of industries or companies that should implement PAS 55? Other ISO and International Standards and European Regulations 2
A What is QSB? How do you implement? What are your documents? IATF 16949 - Automotive Quality Systems Standard 4
B How to implement 4.2.4 - Disposition of Records in Electronic Files ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
T Metrics and Statistics for Improvement - Easy to implement Statistical Analysis Tools, Techniques and SPC 4
S How to implement protection for multi-winding transformer? IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
M My company wants me to implement ISO 17025 in our laboratory ISO 17025 related Discussions 7
C Which of these 2 ways would you implement a Quality System? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
B How to define and implement Configuration Management Document Control Systems, Procedures, Forms and Templates 5
K How Can I Implement the Process Approach in AS9100C AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 9
D Implement ISO 22000 or E-Cristal System. Food Safety - ISO 22000, HACCP (21 CFR 120) 2
R How to implement Six Sigma within an IT-driven organisation? Six Sigma 14
A How to Develop and Implement 5S +1 Program Lean in Manufacturing and Service Industries 3
L Time Required to Implement ISO 27001 if ISO 9001 certified & SOX compliant? IEC 27001 - Information Security Management Systems (ISMS) 3
R What I have to do to implement ISO 9001:2008 till Registration and Certification? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
M How to Implement QMS for an Information Solutions company Quality Management System (QMS) Manuals 2
S Planning and Costs to Implement ISO / IEC 27000 - Where to start? IEC 27001 - Information Security Management Systems (ISMS) 2
K How to start Implement SPC for Injection Molding Process? Statistical Analysis Tools, Techniques and SPC 24
C Do you implement real SPC not just a paper work? Statistical Analysis Tools, Techniques and SPC 18
2 Trying to Implement a Manufacturing Engineer Concept to my Company Manufacturing and Related Processes 5
R How does my firm implement hybrid system? ISO 13485:2016 - Medical Device Quality Management Systems 5
M How to implement ISO/TS 16949:2009 when customers do not require PPAP? IATF 16949 - Automotive Quality Systems Standard 7
E Why to Implement or Not to Implement ISO 26000 (Social Responsibility) Other ISO and International Standards and European Regulations 14
bobdoering The CORRECT steps to implement an SPC chart Imported Legacy Blogs 16
J When to implement the Development and Design Clause 7.3? Design and Development of Products and Processes 18
M Want Help to Implement IMS (Integrated Management System)? Occupational Health & Safety Management Standards 7
M How to Implement the QHSE Integrated Management System Easy Steps? Occupational Health & Safety Management Standards 1
E Should FDA implement 3rd party (PMAs) reviews? What are the pros and cons of doing so Other US Medical Device Regulations 2
N Implement the Best Format and Set of Tools for Design For Six Sigma Six Sigma 7
K Which Australian Standard will help me implement OH&S in my business ? Occupational Health & Safety Management Standards 8
D How to implement Control of Employee Access to Client Data IEC 27001 - Information Security Management Systems (ISMS) 2
K How to Implement ISO 14001 - Construction Industry - Completed examples ISO 14001:2015 Specific Discussions 3

Similar threads

Top Bottom