posted 29 December 2000 07:32 AM               

A current client wants me to put together a plan for upgrade of his system to ISO 9000:2000. I hadnât done any work on the new version, having waited until the final draft was out before spending effort on it and now I see it has presented me with something of a quandry;
My impression from various sources was that there would be few changes necessary - the general opinion seemed to be that if you qualified for Î94 then you would qualify for Î2000 without much re-documentation. Certainly, my view of Î94 and the developerâs approach to the subject led me to think that this would be the case.
Now Iâve looked in detail at some of 2000, I see a new approach. A lot of things which were assumed or implied before, are now written down as specific requirements. My conclusion is that we need a considerable documentation effort to upgrade.
My Îquandryâ is that the rest of the world might not see it like that.
I think it is quite possible that these requirements, that I see as specific, will go on being seen as Îassumedâ and that little will be done to come up to the new level and that registrars will accept it that way and go on as before.
Let me give an example;
In the 2000 version section 4.1 there are 9 requirements, including a) to f) plus a note. The first line and the note, indicate that procedures are required to cover requirements for section 4 and, as in any audit, the auditor is likely to ask were you doing the right thing and have you evidence of doing it. As I see it, each of these requirements is specific, individual and open to these questions from a registrar auditor; ÎHave you done this? Where is it documented? Tell me how you did it? Can you show me evidence (ie; quality records) that you have done it.â

In the appendix showing correspondance 2000 to Î94 it states that this 4.1 corresponds to 4.2.1 of ISO 9001:â94. But, in fact, the old version asks for only 3 specific responses, ie; Îdocument, etc a DMS, prepare a QManual, refer to the procedures and outline the structure of the quality system.
The old version does not ask for continuous improvement. It does not ask us to Îidentify the processes needed and their applicationâ, which I see as asking for a process of identifying the correct ones and a means of providing evidence. It does not ask us to determine the sequence and interaction (quite a different thing from Îstructureâ. Nor does it ask for what I consider to be the best and biggest question of all; ÎDetermine criteria and methods to ensure implementation and control is effectiveâ. Thatâs the $64000 question (or requirement). A whole lot of thought and good work would go into that one to come up with a valid answer.
Similarly; ÎMonitor, measure and analyse these processes; Implement actions to achieve planned results, continuous improvement. The final requirement, ÎProcesses needed for QMS including management, resources, product realisation and measurementâ, leaves us open to be written up on any significant process that isnât documented.

I hoped that this new approach would only apply to section 4, but as I go on, I see the same type of specific requirement appearing where, before, the method was assumed and the end product was all that was asked for. It seems like a totally new standard to me.

Iâd like to hear comment on this issue. How far do people think we have to go? Is my comment valid? practicable? likely to be the right and the effective way to deal with things?

My own view is that it is right to read into it these specific requirements. They have always been part of the response to the standard, as I saw it, but not specified. However, since I object to the restriction and the problems likely to arise from registrars, I do not approve of their appearance in the 2000 version.

posted 29 December 2000 05:52 PM               

Good luck!

posted 01 January 2001 07:08 PM               

On the other hand, I offer the following:
****************************
Newsgroups: misc.industry.quality
Subject: Re: ISO 9001:2000
Date: Mon, 1 Jan 2001 21:58:51 -0000

> > Dave & Rachael [email protected] wrote in message
> > news:[email protected]
> >
> > How did the ISO9000:2000 audit differ from an ISO9000:1994 audit? My
> > assessment body is still considering [at the start of December 2000] how to
> > audit against the new standard.

> David Tan [email protected] wrote in message
> news:[email protected]
>
> Interestingly enough, the audit is very much different from the old ISO
> which stresses on COMPLIANCE. I always remembered "say what you do and do
> what you say". This rule of thumb seems to be lesser of importance. The
> new emphasis was very much on EFFECTIVENESS. By doing what you say is not
> good enough, the bottomline is "IS IT EFFECTIVE?" . Does it help the
> organisation to gain more customers, keep customer's happy, achieve business
> goals? Lastly, how can you tell how good or how far off ? Systems must be
> in place to monitor and assess the effectiveness of processes. The only way
> to be able to distinguish effectiveness is to be able to measure it and best
> of all matched against certain set benchmarks.
>
> Finally some key words that summarises the new ISO - Commitment, Customer
> focus, Continual Improvement, Effectiveness.
>
> In essence, the 9000:2000 makes more business sense and I believe would
> steer organisation towards a better customer focused, better managed
> organisation.
******************

Starting to sound strange...

posted 10 January 2001 06:14 AM               

I have been drawn to this particular post several times like a moth to a flame, as i know from previous discussions that any response is likely to be completely opposite to your preferred method of work. But what the hell, it cant hurt to look at a problem from many different angles, even if they do seem obtuse.

I seriously beleive that the new ISO 9000 is an improvement over the last version, because it requests more precisely concepts that have a chance to add value to a company. ie Customer Satisfaction, Process Measurements, Company Objectives etc.

Yes it is true that if a company was committed to enthusiastically implementing the full INTENT of ISO 9000:1994 in the first place, then there shouldnt be any major differences. I just havent met many of these companies.

The new ISO simply supports better anybody who is seriously having a go at implementing Best Practise in an organisation.

Thats the background. So how have i changed my approach when implementing the new ISO 9000:2000?.
NOT AT ALL. My approach is absolutely the same as before. I work from the point of view of what does the company need. What is the Value Chain, what are the Critical Processes needed to make this company successful (and rarely are they the same as the required processes from ISO) and then define them and improve them.

After having done all this i then go to the Standard and see how far away we are. If something is missing that can add value for the company, i am angry at myself for the oversight and i include it. If something is missing that doesnt add value i gird myself for a fight with the auditor.

However i am always surprised after building a system that the company needs just how close it is to the intent of ISO.

My point is why not try to approach the company from the point of view of what do they need to be successful, not what are the ISO 9000 requirements. Dont read too much into the Standard itself. my experience is that an auditor can differentiate between a company that is systematically striving for Best Practise and a company that is trying to pull the wool over their eyes. I suppose the risk is that you could meet a pedantic auditor who simply quotes the Standard chapter and paragraph at you, but in this case i would change the auditor instead of the system.

Regards

Andy

posted 11 January 2001 01:15 PM               

1. Read the new standard completely once.This should include the ISO 9000 and ISO 9004 documents, and of course the ISO 9001.
2. Read it again, this time making notes as you go, on ideas. Brainstorm with people from different departments.
3. Analyze the process, as if iso 9000 version 1994 never existed. Concentrate on the value chain and the process flows and interactions.
4. Identify processes, products and documents that are providing real help, value, and support to the people; and those who don't.
5. Define new processes, with two objectives in mind, first, provide a healthy and valuable quality system and second, to comply with the new ISO 9001:2000.
6. Only after those six steps, make a plan to document the sistem, that is, what, who, when and why to do it. Some useful documentation identified in step 4 can be used, changing the identification to align it with the new clauses and making any necessary changes.
7. Implement the system. Phase out all of the now obsolte 94 based system.
8. Audit internally and then with a certified outside auditor before the certification audit with the new standard takes place.

In my opinion, this is an opportunity to review and redefine our approach to quality, it may be better to go one firm step at a time. Some people already wrote manuals and procedures based on the drafts, and the standard has important changes even from the final draft. Get your copy of the standards and dump the previous drafts - the standard eliminated a lot of jargon and confusion in the redaction.

Good luck in your efforts to make a professional and sound transition !

posted 25 January 2001 10:11 PM               

Train your management in ISO 9000:2000

Train your internal auditors (thoroughly) in ISO 9000:2000

Train your employees in ISO 9000:2000

Audit your quality management system ( 2 cycles)

Tell your auditor you are compliant with ISO 9000:200 and you need to be audited to that standard.

What could be simpler?

I would be happy to help with any of these steps ([email protected]).