The new edition of ISO 9000 has been hailed as a big improvement on the 1994 version. The revision has created a standard that is far more relevant for SMEs. In November’s Quality World magazine, Ray Tricker, MD of Herne European Consultancy Ltd, examines how good it really is for the smaller organisation

When ISO 9000 was first released in 1987, it was considered to be largely incomplete, requiring auditors to fill in the gaps. Although it was still heavily biased towards large manufacturing businesses, the 1994 version got rid of many of the original problems. Unfortunately it still meant that an organisation could conform to the standard while producing substandard products. It was possible to comply with the requirements of ISO 9000:1994 without having to improve the quality of a product. Without doubt, ISO 9001:2000 represents a vast improvement, but is it any better for the SME?

The revision process

Under existing agreements, all international standards have to be re-inspected for applicability five years after publication. In accordance with this agreement, ISO contacted over 1,000 users and organisations, many of which were SMEs, and asked for their views on ISO 9000:1994. It used a questionnaire which covered: problems with the existing standards; requirements for new/revised standards; and possible harmonisation between quality management, environmental management and health and safety standards.

The revision process took more than three years to complete and was the responsibility of the ISO technical committee ISO/TC176. The committee’s main task was to ensure that standards produced would actually meet the requirements of the user, as opposed to becoming yet another ‘committee standard’. To avoid this, ISO/TC176 went out of its way to consult as many organisations in as many countries as possible.

The bad old days

ISO 9000:1994 was adequate for large manufacturers, but it was far too involved and dictatorial for the average SME. Most organisations did not need to carry out all 20 elements that made up the standard and feedback from SMEs found the old standard to be less than satisfactory for a number of reasons, for example ISO 9000:1994:

• was too biased towards large manufacturing industries - very inflexible and could not be ‘tailored’ to fit all product and service sectors


• was inconsistent with other management systems such as ISO 14001 (environmental management) and BS 8800 (health and safety)


• did not cater for continual improvement


• failed to emphasise the need to meet customer requirements


• did not fully address customer satisfaction


• was unclear (in language and terminology) and difficult to understand


• was incapable of demonstrating prevention of non-conformity


• did not provide a natural stepping stone towards performance improvement


• was not future proof

Key changes

After the first few months of using ISO 9001:2000, most SMEs agree that it is a vast improvement on the 1994 version. Particularly noteworthy is the replacement of the 20 elements previously contained in section four of ISO 9001:1994 with four major generic business processes, namely:

• management responsibility - containing much of ISO 9001:1994’s management responsibility and quality requirements all rolled together (eg policy, objectives, planning, system, review
• 
  
• resource management - covering human resources, information and facilities (eg training, induction, responsibilities, working environment, equipment requirements, maintenance


• product realisation - which absorbs most of the 20 elements of ISO 9000:1994, including process control, purchasing, handling and storage, and measuring devices (eg design, purchasing, production, calibration, customer care and satisfaction)


• measurement, analysis and improvement - which absorbs the former inspection and measurement control sections of ISO 9001:1994 (eg audits, process control, product control, continual improvement)

Another improvement to the standard is the re-definition of product as: ‘a system of activities which uses resources to transform inputs into outputs’. The standard now allows for four agreed generic product categories: hardware, software, services and processed materials. In practice, of course, most products combine aspects of these four generic product categories. Whether the combined product is then called hardware, processed material, software or service will depend on the dominant element.

The ‘consistent pair’

Many SMEs wanted to progress beyond the confines of ISO 9000 towards TQM. To satisfy this need, the new standard has been split, so that one standard (ie ISO 9001:2000) addresses requirements, while another (ISO 9004:2000) addresses the gradual improvement of an SME’s overall quality performance.

Although ISO 9004:2000 also includes the requirements of ISO 9001:2000, with text boxes inserted in appropriate places, it is intended to provide guidance aimed at improving an SME’s overall quality performance. Though SMEs may be tempted to just purchase ISO 9004:2000 (rather than both of the standards) it is not meant as a guideline for implementing ISO 9001:2000, nor is it intended for certification or contractual use.

Permissible exclusions

Another big plus for SMEs is the increased flexibility of the standard. For while ISO 9001:2000 is primarily focused towards; ‘providing confidence, as a result of demonstration in product conformance to established requirements’; it also includes a section entitled ‘permissible exclusions’. This section allows SMEs to formally exclude certain non-applicable requirements of the standard, while still conforming to the standard (providing the company is able to prove its exemption). For example, when an SME supplies products or services that require no design activities (and who would previously have sought ISO 9002:1994 certification), these activities can be excluded, provided that the exclusion does not reduce the scope of their QMS or exclude any QMS requirements that affect their ability to provide a product and/or service which meets customer requirements.

Common structure and terminology

ISO 9001:2000 has been based on the following eight quality management principles. Although not specifically aimed at SMEs, they do reflect SMEs’ best management practices.

Customer focus

Organisations rely on their customers. It is vital that they understand their customers’ current and future needs and strive to exceed their expectations. This aspect is heavily emphasised throughout ISO 9001:2000 and SMEs are recommended to fully address this management practice.

Leadership

Leaders create the environment in which everyone can be fully involved and assist in achieving an organisation’s objectives. SMEs should ensure that their leaders are identified and fully supported.

Involvement of people

People at all levels are the essence of a good organisation. They also need support so that their full involvement will benefit the SME’s business objectives.

Process approach

Though already practiced by many SMEs, to some this will present a culture change - one that will undoubtedly prove beneficial.

System approach to management

Identifying, understanding and managing a system of inter-related processes for a given objective contributes to the effectiveness and overall efficiency of an SME.

Continual improvement

Continual improvement should be the permanent objective of any SME.

Factual approach to decision making

Any effective decisions made by an SME should be based on the logical and intuitive analysis of data and information.

Mutually beneficial supplier relationships

Having a good relationship with suppliers, understanding their problems and always striving for mutual improvement will benefit both organisations.

Implementation of the new standard

In producing the year 2000 revision, ISO has, thankfully, emphasised that SMEs need not completely rewrite their current QMS documentation. As the major change is from a ‘system based’ to a more ‘process based’ management approach, this can be easily addressed by SMEs who already have a fully documented QMS that complies with the 1994 standard. Although upgrading a QMS to the new standard will be fairly simple if the SME is already certified to ISO 9001:1994, the impact on companies who are currently only registered to ISO 9002:1994 and 9003:1994 (ie those not involved in the design and manufacture of a product) will be more greatly felt.

Standards out of the straight jacket

With the publication of ISO 9001:2000, there is now a single quality management ‘requirements’ standard that is applicable to all SMEs, all types of products and all services. It is the only standard that can be used for the certification of a QMS. The generic requirements can be used by any SME to address customer satisfaction, meet customer and applicable regulatory requirements, enable internal and external parties (including certification bodies) and assess their ability to meet these customer and regulatory requirements.

For certification purposes, an SME will now have to possess a fully documented management system, which takes the inputs and transforms them into targeted outputs. This system will have to say what the company is going to do and be, and provide evidence that these intentions have been carried out. Part of this management system will be to record everything that you do - especially when things go wrong. The basic process to achieve these targeted outputs will encompass:

• the client’s requirements


• the inputs from management and staff


• documented controls for any activities that are needed to produce the finished product


• delivering a product or service that satisfies the customer’s original requirements

The adoption of a QMS has to be a strategic decision for any SME. The design and implementation of their QMS will be influenced by the varying needs, objectives, products, processes, size and structure of the organisation. ISO is quick to point out that it is not the intention of ISO 9001:2000 to insist on a uniform structure to QMSs, or uniformity of documentation. The QMS requirements specified in this standard should be viewed as complementary to product technical requirements.

ISO for world domination?

A survey conducted by BSI shows that SMEs are finding it increasingly difficult to do business in the world marketplace without being ISO 9000 certificated. While most SMEs accept that the initial certification process is worthwhile, these are viewed as one-offs. Once ISO 9000 has been fully adopted within an organisation it is often felt that these savings cannot be repeated. Indeed, some managers find it extremely difficult to see the real benefit of having to commit more and more of their limited workforce and finance to maintaining their ISO 9000 certification.

It can often be hard to see what is to be gained from having to continually pay for re-certification and surveillance fees. The ISO 9000 certificate has been hanging on the wall for many years, but third-party surveillance visits don’t reveal much more than what is already known from internal audits. One of the biggest problems is that, more often than not, SMEs have to seek ISO 9000 registration because it is a requirement to continue business with a client. Fortunately the flexibility of being able to exclude certain elements of the requirements (ie permitted exclusions) means this goal is now more achievable.

Whatever the relative merits of certification as a measure of quality, the publication of ISO 9001:2000 means that all SMEs, whatever their size and whatever their product now have the tools at hand to efficiently organise their activities.