In 1987, when the ISO 9000 family was originally released, the ISO 9000 (the document) was fairly clear about the intended use of the standards. Despite this, organizations got the idea that THEY were the end users of ISO 9001. This mindset was so prevalent that it influenced later revisions of the standard, as its authors try to be responsive to customer feedback. This mindset is still prevalent today; a change in mindset would make many organizations’ experience with ISO 9001 much better.
One problem with ISO 9000 (and ISO 9004) is that the guidance contained in them is often ignored in haste to apprehend the requirements. As a result the guidance contained in ISO 9000 and ISO 9004 is often overlooked. The guidance management seeks is resident in ISO 9000 and ISO 9004, yet they would never know that since they went directly to ISO 9001 for guidance to establish their QMSs.
The reason that so many QMSs were defined as being composed of 20 procedures in 1987 was because ISO 9001 contained 20 elements. ISO 9001 was being viewed as being a management guide requiring documentation responding to the requirements. This was a mistake.
While many organizations viewed themselves as the proper audience and implementers of ISO 9001 this is clearly NOT how the standard was originally intended, according to ISO 9000:1987 itself. As we will see, the intended users of ISO 9001:1987 were those applying it for “external quality assurance purposes”—which means, today, 2nd and 3rd party auditors. ISO 9001:1987 wasn’t originally intended for use even by internal auditors, thus it wasn’t for use by a supplier organization AT ALL.
Let’s take a close look at some excerpts from ISO 9000:1987:
“1 Scope and field of application
The purposes of this International Standard are
a) to clarify the distinctions and interrelationships among the principal quality concepts (see clause 4), and
b) to provide guidelines for the selection and use of a series of International Standards on quality systems that can be used for internal quality management purposes (ISO 9004) and for external quality assurance purposes (ISO 9001, ISO 9002 and ISO 9003) (see clauses 5 to 8 inclusive).
NOTE — It is not the purpose of this series of International Standards (ISO 9000 to ISO 9004 inclusive) to standardize quality systems implemented by organizations.”
[From the above note, it’s clear that the ISO 9000 series is not intended to standardize quality systems that are implemented in organizations. Each standard in the family is clear about that. Notice that ISO 9000 and ISO 9004 are for INTERNAL QUALITY MANAGEMENT purposes, and ISO 9001 (2,3) are for EXTERNAL QUALITY ASSURANCE purposes. In other words, the guidance found in ISO 9000 and ISO 9004 is intended for management, for their use in establishing internal quality management. ISO 9001 is for external quality assurance purposes—not management purposes. External quality assurance purposes means it is applied by external parties for assessment purposes.]
“5 Characteristics of quality system situations
This series of International Standards on quality systems is intended to be used in two different situations: contractual and non-contractual.
In both these situations, the supplier’s organization wants to install and maintain a quality system that will strengthen its own competitiveness and achieve the needed product quality in a cost-effective way.
In addition, in the contractual situation, the purchaser is interested in certain elements of the supplier’s quality system which affect the supplier’s ability to produce consistently the product or service to its requirements, and the associated risks. The purchaser therefore contractually requires that certain quality system elements be part of the supplier’s quality system.
A single supplier will often be involved in situations of both types. The supplier may purchase some materials or components from standard inventory without contractual quality assurance requirements, and purchase others with contractual quality assurance requirements. The same supplier may sell some products in non-contractual situations and others in contractual situations.”
[The family of standards can be applied with or without certification. “The purchaser” (of ISO 9000 the document)—or, the customer in a customer-supplier relationship—is interested in the supplier’s QMS, and that the QMS contains all elements necessary to function properly and ship good product on time. When certification is sought, a supplier’s QMS must contain the appropriate elements, taking into consideration whatever risks affect the supplier’s ability to consistently provide products and services within scope of registration. (The scope of a QMS itself may exceed the scope of registration.)]
“6 Types of International Standards on quality systems
As indicated in clause 1, the following two types of standards, which embody the needs of the different situations classified in clause 5, are presented in this series of ISO International Standards on quality systems:
a) ISO 9004 (together with this International Standard) gives guidance to all organizations for quality management purposes.
b) ISO 9001, ISO 9002 and ISO 9003 are used for external quality assurance purposes in contractual situations.”
[ISO 9000 and ISO 9004 contain guidance for (quality) management. ISO 9001,2,3 are for 2nd and 3rd party auditors to apply in contractual situations. In these situations, auditors are working for the purchasers of ISO 9000 the document (again, the customers in the contractual relationship between customers and suppliers). Here, auditors represent the customers in a sense, and they are applying ISO 9001 to the supplier’s QMS—not to the purchaser’s (customer’s) QMS.]
“7 Use of International Standards on quality systems for quality management purposes
After this International Standard has been consulted, reference should be made to ISO 9004 in order to develop and implement a quality system and to determine the extent to which each quality system element is applicable.
ISO 9004 provides guidance on the technical, administrative and human factors affecting the quality of products or services, at all stages of the quality loop from detection of need to customer satisfaction. Throughout ISO 9004, emphasis is placed on the satisfaction of the customer’s need, the establishment of functional responsibilities and the importance of assessing (as far as possible) the potential risks and benefits. All these aspects should be considered in establishing and maintaining an effective quality system.”
[AFTER consulting ISO 9000, the purchaser should reference (to the supplier) ISO 9004 for guidance in developing and implementing a QMS. If a supplier is not design responsible, the supplier’s system doesn’t contain a design element, for example. By the way, the term “quality loop” appears to be a reference to plan-co-check-act (PDCA), no?]
“8 Use of International Standards on quality systems for contractual purposes
8.1 General
After this International Standard has been consulted, the purchaser and supplier should refer to ISO 9001, ISO 9002 and ISO 9003 to determine which of these International Standards is most relevant to the contract, and what specific adaptations, if any, have to be made.
The selection and application of a model for quality assurance appropriate to a given situation should provide benefits to both purchaser and supplier. Examining the risks, costs and benefits for both parties will determine the extent and nature of reciprocal information and the measures each party must take to provide adequate confidence that the intended quality will be achieved.”
[AFTER ISO 9000 has been consulted, the customer AND supplier (understanding ISO 9004 has already been referenced to the supplier for QMS development and implementation) together refer to ISO 9001, 2, and 3 to find out which standard applies, given the elements of the supplier’s QMS. If a supplier’s QMS contains manufacturing elements, yet doesn’t contain a design element, ISO 9002 would be the appropriate standard, for example. Notice also “if any,” which suggests that if a QMS were properly established per ISO 9000 and 9004, simply applying a requirements standard may not require a QMS to be adjusted at all; this is a far cry from selecting the requirements standard first, and then developing a QMS to meet the standard’s requirements.]]
Roughly, ISO 9001 is for Auditors
The ISO 9000 family of standards was clear, upon its original release in 1987 that ISO 9000 and ISO 9004 were guidance documents intended for management’s use. With these, management was supposed to establish and document a QMS. Basically, this amounts to documenting an existing QMS, developing its robustness as necessary to be effective. This would require taking into account both common, known risks to quality performance (represented by ISO 9001 requirements), as well as risks unique to the organization (known best by management). The resulting system was to assure quality internally. It was raised for internal quality management purposes—a strategic decision.
ISO 9001:1987 was for “external” quality assurance purposes. The end user in one sense is the purchaser of ISO 9000, who hired auditors to apply ISO 9001 to assess suppliers’ QMSs. In another sense, the end user was the auditor who actually put the standard to use in assessing QMSs.
But in no sense, according to the 1987 standards, was ISO 9001 supposed to be applied internally by an organization. ISO 9001 wasn’t supposed to be applied internally by the purchaser (customer)—or anyone else for that matter—to define a QMS. In no sense was the customer of ISO 9000 supposed to be the end user of ISO 9001. (Of course, if the customer organization is also a supplier in a different customer-supplier relationship, and ISO 9001 registration was expected, it would still be a misuse of the standard to use it as a management system guide within the organization.)
Summing Up
ISO 9001:1987 was supposed to be applied to supplier organizations’ QMSs for “external quality assurance purposes.” QMSs were supposed to be established according to the quality management principles laid out in ISO 9000 and according to the guidance of ISO 9004—both of which, consistent with ISO 9001, warned against using the standard to standardize the quality management systems implemented in organizations.
Despite this consistent caveat about using the standard improperly, organizations fairly consistently viewed the standard as intending to standardize quality management within their own organizations by requiring the same systems of documents addressing the standard’s requirements. ISO 9000 professionals commonly promoted this poor approach by providing books that actually supplied the documents addressing ISO 9001 requirements in clause-by-clause fashion. The “procedures” contained in these books clearly promoted a standardized concept of quality management, contrary to the express statements in each document in the ISO 9000 family.
Instead of urging suppliers to consult ISO 9000 and ISO 9004 as suggested, customers and suppliers alike jumped to ISO 9001 (2,3) for guidance for how to raise their QMSs to pass audits. As if they were the end users of the standard intended to apply it WITHIN their organizations (as opposed to external auditors applying it TO their QMSs). How can we tell? From the thousands and thousands of QMSs that were raised merely in response to the standard intended to assess it. Of course, this mindset is still alive and well today. Hopefully ISO 9001:2015 will be received and applied properly to finally overcome it.
(Thank you to David Hoyle for supplying background information for this article.)
Bio:
T. D. (“Dan”) Nelson has been closely involved with ISO 9000 since 1994 as a technical writer, quality manager, management representative, consultant, author, and CB auditor. Holding an MA in Business Administration from the University of Iowa, Dan also has 12 years of experience as an IRCA-certified QMS Lead or Principal Auditor, conducting registration audits and surveillance audits, and training Lead Auditor candidates in accredited courses. Using a process approach, Dan has taken several scores of clients of various shapes and sizes through registration to ISO 9001:1994/2000/2008 and related sector schemes (e.g. QS 9000, AS9100, ISO 13485, and ISO 17025). Dan’s numerous articles about the process approach have also been published by Quality Digest, Inside Quality, ASQ’s Quality Management Division, the Society for Manufacturing Engineers (SME), and the South African Quality Institute (SAQI); Dan has been featured as a guest blogger by RABQSA, and has been featured on Quality Digest Live. Dan is available for management consulting, training, and coaching, as well as auditor training and coaching. Contact: dan@tdnelson.com 720 412 7994