Implement to the DIS of ISO 9001:2000 now?

[Marc]

On 4/13/00 10:57 AM, Bidinger, Mark P. [MB3] at [email protected] wrote:

> Hello Marc:
>
> My organization is planning for certification in June of 2001. We are
> working off of the DIS, with the thought that by June 2001 we will have
> registrar's available for certification. We also are concidering a
> contingency plan for the 1994 version, but are really spending our energies
> in DIS, with the thought of worst case we will have to rearrange the quality
> manual and the procedures organization.
>
> any thoughts or suggestions?

I'm working with a company now which is working with the DIS. Even the quality manual will be the DIS. Just make sure you compare each DIS requirement with the applicable 1994 version requirement and do not leave out any requirements from the 1994 version.

I first did this last year. We worked from October 1998 thru April 1999. The company successfully registered (with no problems) in June 1999 - tailored after the draft as it was at that time.

The DIS really isn't much different from the 1994 version, no matter what people say. People are over complicating the changes. Oh sure, you'll hear stuff like "...Take our course! We'll help you with..." I have seen this scare tactic in several areas, including the SPC 'requirement'. The DIS says:

> ...8 Measurement, analysis and improvement
>
> 8.1 Planning
>
> The organization shall define, plan and implement the measurement and
> monitoring activities needed to assure conformity and achieve
> improvement. This shall include the determination of the need for, and
> use of, applicable methodologies including statistical techniques.

This is the same thing the 1994 version says. Determination of the need for is the critical factor. I have 2 clients who do not do any statistical analysis of any kind. They pass the audit because they can show evidence of a yearly review (during management review) of the need for, and value of, any statistical techniques within the organization, including:

> ...8.2.3 Measurement and monitoring of processes
>
> The organization shall apply suitable methods for measurement and
> monitoring of those realization processes necessary to meet customer
> requirements. These methods shall confirm the continuing ability of
> each process to satisfy its intended purpose.
>
> 8.2.4 Measurement and monitoring of product
>
> The organization shall measure and monitor the characteristics of the
> product to verify that requirements for the product are met. This
> shall be carried out at appropriate stages of the product realization
> process.
>
> Evidence of conformity with the acceptance criteria shall be
> documented. Records shall indicate the authority responsible for
> release of product (see 5.5.7).
>
> Product release and service delivery shall not proceed until all the
> specified activities have been satisfactorily completed, unless
> otherwise approved by the customer.

I should point out these are small companies of less than 20 employees.

A quality manual is no big deal. Tailor the text of the DIS and add your procedure references. Changing later is no big deal.

Procedures should be 'arranged' in a way that makes sense for your company - not tailored after the DIS. You can, but I wouldn't. I suggest arranging procedures by functional group or area.

 

[Marc]

From: ISO Standards Discussion
Date: Thu, 20 Apr 2000 19:22:45 -0500
Subject: Re: Q: 9001 v 2000 /Marshall/Cunha/van Putten/Paten

From: Mike Paten

My responses to your questions regarding transition planning for the forthcoming ISO 9001:2000 revisions follow:

The bottom line to all of this is that the registrar holds the keys to both the nature and timing of transition activities. The second bottom line is registrars haven't announced what they're going to do yet because frankly they don't know. That is why the official transition guidance needs to be paraphrased to read (IMHO):

"You've got three years to come into compliance with the new standards - whether you're currently registered or not -- and, by the way, it's going to be up to you and your registrar to develop and agree upon a meaningful plan to get there."

If you're interested, I base this odd sounding generalization on the following facts (as I see them anyway):


Part 1: Upon its release, ISO 9001:2000 will replace ISO 9001/2/3:1994.

Part 2: However, companies (whether currently ISO certified or not) will be allowed to persue and/or maintain ISO registrations under the 1994 standards for up to three years. Regardless of when registration to ISO 9001/2/3:1994 standards is achieved, ALL will expire 3 years from publication of the new standards ? or sooner.

Part 3. ISO compliant systems are NOT put in place overnight. ISO recognizes that companies will be incrementally developing systems compliant with the new requirements over that entire three year period. So:

3a. Companies currently certified organization will need to work out a detailed transition plan with their registrar to determine if compliance will be evaluated as transition occurs or whether the registrar will wait and evaluate compliance in one complete system audit.

3b. ISO also recognizes that companies working on systems compliant with the 1994 standards should be given some transition time too. After all, they are probably somewhere in the system design/development and implementation process ? so why should they be forced to go to the new standards before companies already registered. If anything, companies already registered are in a better position to gear up for the new standards than those without a sound documented quality system. Therefore, companies not currently certified can pursue registration to either the 1994 and 2000 standards - IF their registrar agrees.

3c. In either case, Registrar "agreement" on a transition plan will be needed. Call it speculation, but the only way I know of that a Registrar will be able to evaluate your "progress" over the next three years is that increasing portions of the new requirements will be evaluated during each surveillance audit. There may be some registrars that will use your current registration "expiration date" as a target date to get on board with the new requirements. In any case, anyone thinking they can basically "ignore" ISO 9001:2000 for 3 years is probably kidding themselves.

3d. Under any scenario, ALL registrations to the 1994 standards will expire 3 years from the date of issuance of the 2000 standards. (i.e. sometime in late 2003).

3e. There is no "grandfather" clause per se. However, what may be intended by that kind of reference is that companies already certified to the 1994 standards are probably going to be able to work out a pretty "lenient" transition plan with their registrar. On the other hand, companies trying to get certified to the old standards after issuance of the new standards are probably going to be "highly encouraged" by their registrar to go ahead and get up to speed with the new requirements. Why? Because I think once the new standards are published and the registrar/consultants/others are up to speed with them - companies are going to be expected to get online ASAP. Besides, who really wants to design a system to the old requirements when it's just as easy to design it to the new ones? Notice I'm talking about system design - not necessarily implementation.

I hope this response was useful. I have a free power point presentation on ISO 9000:2000 Revisions available on my web site in case anyone is interested in using it for awareness training, etc. Just send me a personal email if you're interested.

Mike Paten

 

[Al the Elf]

The management team of my organisation is currently having a debate about timing for transferring to 9K-2K (it is a relief to me to have got them past the debate about deciding to do it !).

I agree with the comments that the registering body will undoutedly be a driver, however I'm trying to assess what the general feeling is amongst BB contributors on timing for introduction.

One other key driver may come from 9K-2K being seen as a commercial requirement. I'm afraid that in our manufacturing sector, many organisations were forced into adopting 9K-1994 due to it's status as an order qualifier. Subsequently many, including parts of my organsiation, created bolt on "Certificate on the wall" systems that qualified them to ISO900X:1994, but had little or no positive value. If the same becomes true when 9K-2K finally appears then this may speed up the whole implementation speed within the industry. The challenge to the registering bodies will be to uphold the value of the new standard in terms of delivery of benefit to organisations (and customers).

 

[isodog]

My suggestion for transition would be:
1. Get your act together.
review DIS
Talk to your registrtar about dates
Think about costs and set up a budget
2. review and ask for committment from TopBoss
Do it now? later? last minute?
Who is on the Implementation team?
Budget approval for training and/or consulting
3. Organize the implementation team
Involve the TopBoss
Train in the differences (Plexus has excellent materials for this, so do others)
Get committment from the Team for revising and installing changes (What and when)
Determine a date when the switch is made
4. Retrain Internal audit team
5. Start the revised system with increased internal audits
6. Notify your registrar you have converted

There guys! You're welcome to take pot shots, but this is a plan.


------------------

 

[Marc]

My 'pot shot' is this: What are the big differences? I don't see the differences as so significant that a big, expensive project will be necessary.

 

[Jim Biz]

Would I realy need to retrain my auditors gather a team.. increase the budget.. if all I need to do is add a few line items of documentation to cover the "clarified" (added) wording?

 

[Al the Elf]

Marc....

Your comment about insignificant cost relates well to a system that is fully engaged already in the delivery of customer needs, through a changing and continuously improving quality policy and quality plan.

Unfortunately a significant number of us preside over systems that were designed to do the minimum possible to achieve certification. In our case, on a cost benefit analysis, this was deemed to be a better way of working at the time.

Subsequently we now face change in the system, to continue to achieve certification (which we need to sell product !). If we want to stay with our current mentality (do it as a bolt on activity to get a certificate), our costs to change to 9K-2K will be directly related to the changes in the external auditing approach to address customer requirements primarily rather than Quality Policy. We are getting the feeling that this may be substantial ! Is anyone else ?

As an aside, we are also considering the relative cost for a project to deliver something that achieves the spirit as well as the letter of 9K-2K. I am hopeful that I can persuade TOPBOSS to go down this pathway with a cost benefit analysis of added value from excellent definition and dissemination of customer needs.

Cheers, Al.

 

[Marc]

You should be well into the project by now - I'm looking for cost and time estimations as well as feedback on any upgrades.