ISO 9000 (Encyclopedia of Small Business)
ISO 9000 is a set of international standards of quality management that have become increasingly popular for large and small companies alike. "ISO is grounded on the 'conformance to specification' definition of quality, " wrote Francis Buttle in the International Journal of Quality and Reliability Management. "The standards specify how management operations shall be conducted. ISO 9000's purpose is to ensure that suppliers design, create, and deliver products and services which meet predetermined standards; in other words, its goal is to prevent non-conformity." Used by both manufacturing and service firms, ISO 9000 had been adopted by more than 100 nations as their national quality management/quality assurance standard by the end of 1997.
This quality standard was first introduced in 1987 by the International Organization for Standards (ISO) in hopes of establishing an international definition of the essential characteristics and language of a quality system for all businesses, irrespective of industry or geographic location. Initially, it was used almost exclusively by large companies, but by the mid-1990s, increasing numbers of small-and mid-sized companies had embraced ISO 9000 as well. In fact, small and moderate-sized companies account for much of the growth in ISO 9000 registration over the past several years. The total number of ISO 9000 registrations in the United States increased from a little more than 2, 200 in 1993 to more than 17, 000 in 1998; of those 17, 000 registrations, nearly 60 percent were held by companies with annual sales of $100 million or less.
The increased involvement of small and midsized firms in seeking ISO 9000 registration is generally attributed to several factors. Many small businesses have decided to seek ISO 9000 certification because of their corporate customers, who began to insist on it as a method of ensuring that their suppliers were paying adequate attention to quality. Other small business owners, meanwhile, have pursued ISO 9000 certification in order to increase their chances of securing new business or simply as a means of improving the quality of their processes. "The pressure for companies to become ISO 9000-certified is absolutely increasing and will continue to increase, " predicted one management consultant in an interview with Nation's Business. "The question many smaller companies have to ask is when, not if, they [will] get ISO 9000-registered."
ELEMENTS OF ISO 9000 QUALITY MANAGEMENT SYSTEMS
The standards of ISO 9000 detail 20 requirements for an organization's quality management system in the following areas:
- Management Responsibility
- Quality System
- Order Entry
- Design Control
- Document and Data Control
- Control of Customer Supplied Products
- Product Identification and Tractability
- Process Control
- Inspection and Testing Control of Inspection, Measuring, and Test Equipment
- Inspection and Test Status
- Control of Nonconforming Products
- Corrective and Preventive Action
- Handling, Storage, Packaging, and Delivery
- Control of Quality Records
- Internal Quality Audits
- Statistical Techniques
MODELS OF ISO 9000
The ISO 9000 quality standards are broken down into three model setsSO 9001, ISO 9002, and ISO 9003. Each of these models, noted Industrial Management contributors Stanislav Karapetrovic, Divakar Rajamani, and Walter Willborn, "stipulate a number of requirements on which an organization's quality system can be assessed by an external party (registrar)" in accordance with the ISO's quality system audits standard. "A quality system, " they added, "involves organizational structure, processes, and documented procedures constituted towards achieving quality objectives."
Each of the three sets concentrates on a different quality area. ISO 9001 is the most wide-ranging, for it specifies the various operating requirements in such areas as product design and development, production, installation, and servicing. ISO 9002 is concerned with quality assurance at the production and installation stages. ISO 9003 covers testing and inspections. As Karapetrovic, Rajamani, and Willborn noted, "if the minimum requirements are met [for the above operating areas], a registrar accredited by a national accreditation institution issues a certificate of compliance and the organization's quality system becomes ISO 9001, 9002, or 9003 registered."
It is worth noting that certification is handed out for individual quality systems, not companies; this means that one company may hold more than one ISO 9000 registration. Moreover, Harvey R. Meyer pointed out in Nation's Business that "the standards do not certify the quality of a product or service. Rather, they attest that a company has fully documented its quality-control processes and consistently adheres to them. If that's done, quality products and services generally follow."
In addition to ISO 9000, two related quality standards emerged in American industries in the late 1990s. ISO 14000, also known as the Environmental Management Systems Standards, is intended to combine environmental management systems with the ISO 9000 quality system. The second system, QS9000 is an adaptation of ISO 9000 to meet the specific needs of the "big three" American automobile manufacturersord, General Motors, and Daimler Chrysler. Both systems were expected to have a substantial impact on U.S. companies.
ADVANTAGES OF ISO 9000
The advantages associated with ISO 9000 certification are numerous, as both business analysts and business owners will attest. These benefits, which can impact nearly all corners of a company, range from increased stature to bottom-line operational savings. They include:
- Increased marketabilityearly all observers agree that ISO 9000 registration provides businesses with markedly heightened credibility with current and prospective clients alike. Basically, it proves that the company is dedicated to providing quality to its customers, which is no small advantage whether the company is negotiating with a long-time customer or endeavoring to pry a potentially lucrative customer away from a competitor. This benefit manifests itself not only in increased customer retention, but also in increased customer acquisition and heightened ability to enter into new markets; indeed, ISO 9000 registration has been cited as being of particular value for small and mid-sized businesses hoping to establish a presence in international markets.
- Reduced operational expensesometimes lost in the many discussions of ISO 9000's public relations cache is the fact that the rigorous registration process often exposes significant shortcomings in various operational areas. When these problems are brought to light, the company can take the appropriate steps to improve its processes. These improved efficiencies can help companies garner savings in both time and money. "The cost of scrap, rework, returns, and the employee time spent analyzing and troubleshooting various products are all considerably reduced by initiating the discipline of ISO 9000, " confirmed Richard B. Wright in Industrial Distribution.
- Better management controlhe ISO 9000 registration process requires so much documentation and self-assessment that many businesses that undergo its rigors cite increased understanding of the company's overall direction and processes as a significant benefit.
- Increased customer satisfactionince the ISO 9000 certification process almost inevitably uncovers areas in which final product quality can be improved, such efforts often bring about higher levels of customer satisfaction. In addition, by seeking and securing ISO 9000 certification, companies can provide their clients with the opportunity to tout their suppliers' dedication to quality in their own business dealings.
- Improved internal communicationhe ISO 9000 certification process's emphasis on self-analysis and operations management issues encourages various internal areas or departments of companies to interact with one another in hopes of gaining a more complete understanding of the needs and desires of their internal customers.
- Improved customer servicehe process of securing ISO 9000 registration often serves to refocus company priorities on pleasing their customers in all respects, including customer service areas. It also helps heighten awareness of quality issues among employees.
- Reduction of product-liability risksany business experts contend that companies that achieve ISO 9000 certification are less likely to be hit with product liability lawsuits, etc., because of the quality of their processes.
- Attractiveness to investorsusiness consultants and small business owners alike agree that ISO-9000 certification can be a potent tool in securing funding from venture capital firms.
DISADVANTAGES OF ISO 9000
Despite the many advantages associated with ISO 9000, however, business owners and consultants caution companies to research the rigorous certification process before committing resources to it. Following is a list of potential hurdles for entrepreneurs to study before committing to an initiative to gain ISO 9000 certification:
- Owners and managers do not have an adequate understanding of the ISO 9000 certification process or of the quality standards themselvesome business owners have been known to direct their company's resources toward ISO 9000 registration, only to find that their incomplete understanding of the process and its requirements results in wasted time and effort.
- Funding for establishing the quality system is inadequateritics of ISO 9000 contend that achieving certification can be a very costly process, especially for smaller firms. Indeed, according to a 1996 Quality Systems Update survey, the average cost of ISO certification for small firms (those registering less than $11 million in annual sales) was $71, 000.
- Heavy emphasis on documentationhe ISO 9000 certification process relies heavily on documentation of internal operating procedures in many areas, and as Meyer stated, "many say ISO's exacting documentation requirements gobble up time. Indeed, there are horror stories about companies losing substantial business because a documentation obsession redirected their priorities." According to Nation's Business, small business owners need to find an appropriate balance between ISO documentation requirements, which are admittedly "one is ISO 9000's hallmarks, " and attending to the fundamental business of running a company: "Strike a balance among obsessively writing down every employee's task, offering training for the work, and letting common sense dictate how a task is to be performed."
- Length of the processusiness executives and owners familiar with the ISO 9000 registration process warn that it is a process that takes many months to complete. The 1996 Quality Systems Update survey indicated that it took businesses an average of 15 months to move from the early stages of the process to passage of the final audit, and that processes of 18-20 months or even longer were not that uncommon.
SELECTING A LEADER FOR THE ISO 9000 REGISTRATION PROCESS
ISO 9000 experts and businesses that have gone through the rigorous process of certification agree that businesses that appoint someone to guide the process are much more likely to be able to undergo the process in a healthy, productive manner than are firms that have murky reporting relationships. Hiring an outside consultant is one option for businesses. "An ISO 9000 advisor could give you a rough sketch of the registration process and help you get started, " stated Nation's Business. "Or the consultant could counsel you through the entire process, writing the company's quality policy statement and even specific operating procedures." In addition, firms should hire an ISO-9000 registrar with a background in their industry, legitimacy with international customers, and knowledge of small business issues.
Some small firms choose to appoint an employee as their ISO 9000 representative rather than hire an outside consultant. Many companies have done this successfully, but small business owners should take great care in making this decision. "The ISO 9000 representative [should be] a person who encompasses a genuine and passionate commitment to quality and success, knowledge of processes and systems within the company, and power to influence employees at all levels, " wrote Karapetrovic, Rajamani, and Willborn. "He should be familiar with the standards. If this is not the case, there are ample training opportunities available to acquire sufficient expertise."
For more information on ISO 9000 registration, small business owners can contact several different organizations, including the American Society for Quality and American National Standards Institute.
Buttle, Francis. "ISO 9000: Marketing Motivations and Benefits." International Journal of Quality and Reliability Management. July 1997.
Johnson, P.L. ISO 9000: Meeting the New International Standards. McGraw-Hill, 1993.
Kanji, G.K. "An Innovative Approach to Make ISO 9000 Standards More Effective." Total Quality Management. February 1998.
Karapetrovic, Stanislav, Divakar Rajamani, and Walter Willborn. "ISO 9000 for Small Business: Do It Yourself." Industrial Management. May-June 1997.
Meyer, Harvey R. "Small Firms Flock to Quality System." Nation's Business. March 1998.
Rabbit, J.T. The ISO 9000 Book: A Global Competitor's Guide to Compliance and Registration. Quality Resources, 1993.
Rayner, P., and L.J. Porter. "BS 5750/ISO 9000: The Experience of Small and Medium-Sized Firms." International Journal of Quality and Reliability Management. Vol. 8, no. 6, 1991.
Simmons, Bret L., and Margaret A. White. "The Relationship between ISO 9000 and Business Performance: Does Registration Really Matter?" Journal of Managerial Issues. Fall 1999.
Van der Wiele, Tom, et al. "ISO 9000 Series and Excellence Models: Fad to Fashion to Fit." Journal of General Management. Spring 2000.
Voehl, F., P. Jackson, and D. Ashton. ISO 9000: An Implementation Guide for Small to Mid-Sized Businesses. St. Lucie Press, 1994.
Wilson, L.A. "Eight-Step Process to Successful ISO 9000 Implementation: A Quality Management System Approach." Quality Progress. January 1996.
Wright, Richard B. "Why We Need ISO 9000." Industrial Distribution. January 1997.
SEE ALSO: Quality Control; Total Quality Management
ISO 9000 (Encyclopedia of Business)
- MAJOR PROVISIONS OF THE STANDARDS
- REASONS TO ADOPT ISO 9000 STANDARDS
- TRANSITIONAL ISSUES
- FURTHER READING:
The ISO 9000 Series Standards for Quality Management and Assurance were issued by the International Organization for Standardization (ISO) in 1987. They reflect an important trend in business practice. Early in the 20th century, quality was viewed by businesses as an additional cost of production. However, as businesses realized that high quality leads to more efficient and less expensive production processes, the pursuit of quality became a desirable goal. Businesses began to implement quality control programs, and they began to require such programs of their suppliers. Quality control programs proliferated at the same time that businesses were being globalized. This led to the realization that international quality assurance standards were needed to avoid the need to comply with multiple, conflicting systems. The ISO responded to the need for harmonization by publishing the ISO 9000 series standards.
The ISO 9000 series is a set of standards for quality management and quality assurance. The standards apply to processes and systems used to produce products; they do not apply to the products themselves. Further, the standards provide a general framework for any industry; they are not industry-specific. A company that has a quality management system (QMS) that is "certified to" ISO 9000 has demonstrated that it has a documented QMS in place and that it is applied consistently. The ISO 9000 series emphasizes prevention of problems and meeting customers' needs. ISO 9000 standards apply to all companies large or small, whether in services or manufacturing.
Before discussing quality standards, it is important to discuss the meaning of quality. Quality refers to the combined features of a product that contribute to its ability to meet identified needs. Quality assurance processes must balance the needs of the consumer with the needs of the producer, however, the consumer is the ultimate judge of quality. The process by which quality is achieved is called quality assurance. Quality assurance includes quality control procedures, quality plans, and other mechanisms. The process of implementing quality assurance standards is called quality management. Quality assurance and quality management are the areas covered by the ISO 9000 series.
More than 200,000 companies around the world have been certified to ISO 9000, and nearly 1,000 additional businesses per month seek registration. Competitive pressure is considered the primary reason for adopting ISO 9000, and in some markets adoption is obligatory. For example, in the European Union, ISO 9000 certification is a legal requirement in the medical devices, high-pressure valves, and public transportation markets.
This essay provides an introduction to the ISO 9000 series standards. Background is provided including the history of the standards. The contents of the standards are summarized, and the certification process is then described. Reasons to adopt the standards and benefits of adoption are later discussed, followed by weaknesses of the standards. This essay concludes by stating that ISO 9000 series standards meet important needs and have changed the daily operations of many businesses. But, if the standards are to continue to meet the needs of industry and society they must be continually reviewed and revised.
International standardization began early in the 20th century with the creation of the International Electrotechnical Commission (IEC) in 1906 and the establishment of the International Federation of National Standardizing Associations (ISA) in 1926. The ISA focused primarily on mechanical engineering.
The idea of quality assurance dates back to World War II. To deal with quality problems related to manufacturing of defense equipment, the U.S. Department of Defense instituted one of the first formal quality control programs in the world. The United Kingdom, influenced by the United States, developed its own quality standards for its defense industry. U.S. and U.K. standards later spread to other countries and formed the basis for a set of quality assurance standards adopted by other members of the North Atlantic Treaty Organization (NATO). Those standards were called the Allied Quality Assurance Publication (AQAP). After World War II, the U.S. government continued to develop quality standards. These standards were conveyed to defense contractors who were expected to implement them to ensure quality defense equipment.
The idea of industry standards continued to spread and develop throughout the world. At the close of World War II, in 1947, the International Organization for Standardization (ISO) was created with headquarters in Geneva, Switzerland. The ISO published its first standards in 1951, and by 1998 it had published over 10,060 standards. ISO Standards cover a multitude of topics including, but not limited to, paper sizes, a uniform system of measurement, symbols for automobile controls, film speed codes, and an internationally standardized freight container.
In 1979, the British Standards Institute (BSI) submitted a proposal to the ISO calling for the development of international quality assurance and quality management standards. Twenty member nations of the ISO participated on the ISO/TC 176, the technical committee that drafted the standards, with another 14 nations serving as observers. In 1987, eight years after the BSI proposal, the ISO published its first quality assurance standards, called the ISO 9000 Series. Since then more standards have been added to the series.
WHO HAS ADOPTED THE STANDARDS?
Over 200,000 companies have been certified to ISO 9000, and those numbers are increasing rapidly. Companies in the United Kingdom and the rest of the European Union were the first to seek certification in large numbers, while progress in the United States was initially slower. For example, as of January 1993, 893 companies in the U.S. had been certified, and by December of 1997, over 18,500 U.S. companies had been certified. In contrast, over 20,000 companies in the United Kingdom were registered by 1993. The United States was catching up quickly, however. For example, the "Big Three" auto makers in the United States created an industry-specific system, called QS 9000, that incorporates the ISO 9000 series standards. Since 1997, Chrysler (now Daimler-Chrysler) and General Motors (GM) have required that Tier I suppliers (numbering over 13,000) be certified to QS 9000. QS9000 requires compliance but not necessarily registration to do so. In some cases, those automakers are pressuring Tier I suppliers to require their suppliers (the Tier II and Tier III suppliers) to adhere to QS 9000. In addition, the automakers have been working on a version of the ISO 9000 series standards (the TE supplement for tooling companies and equipment suppliers.
ISO 9000 series standards have been adopted by at least 90 countries around the world. In 1992, the European Union established the European Council for Standardization (CEN). The Council's mission is to set a single set of standards for manufacturers to simplify trade among its 15 member states. The CEN, in turn, adopted the ISO 9000 series provisions verbatim as EN 29000. Within the EU, products such as medical devices, industrial safety equipment, telecommunications equipment, and construction-related products require ISO 9000 series certification. As a result, study of the ISO 9000 series standards is a standard part of the curriculum in European trade schools.
The American National Standards Institute (ANSI), working with the American Society for Quality Control (ASQC), has adopted the ISO 9000 series for use by businesses in the United States as ANSI/ASQU Q-90. The Q-90 series includes five books, each of which corresponds to one of five parts of the ISO 9000 Series. (The five parts are ISO 9000 through ISO 9004). The standards are available for purchase through ANSI or the ASQC. It should be noted, however, that the ANSI/ASQU harmonized variant of ISO 9000 is not sponsored by the U.S. government.
MAJOR PROVISIONS OF THE STANDARDS
The ISO 9000 Series standards are created as generic standards in order to allow them to be applied to every industry. They help businesses plan, control, and document issues related to quality. They are based on the assumption that if a quality management system is properly designed, then quality assurance programs will also be properly designed. However, it is important to note that the ISO 9000 standards relate to the quality of production processes only. They do not include provisions for evaluating the quality of the product. This means that three companies following ISO 9000 standards, each producing the same product, could produce three products of varying qualities. This fact has been the basis for criticism of the ISO 9000 series standards.
There are more than five standards in the ISO 9000 series, but five contain most of the crucial provisions. They include ISO 9000, ISO 9001, ISO 9002, ISO 9003, and ISO 9004. In addition, ISO 8402 is often grouped with the ISO 9000 series. ISO 8402, which covers vocabulary, was passed in 1986 in anticipation of the ISO 9000 series. ISO 9000 and ISO 9004 provide guidelines. To develop a quality system, a company must choose to become certified to one of three standards: ISO 9001, ISO 9002, or ISO 9003. Below is a summary of each of the six standards.
- ISO 8402 "Quality Vocabulary." This standard provides definitions of quality assurance terms. It is useful in choosing terminology when drafting quality control manuals.
- ISO 9000 "Quality Management and Quality Assurance Standardsuidelines for Selection and Use." This standard provides an overview of the other ISO 9000 series standards. It includes guidelines for choosing the applicable ISO 9000 standards, and describes the purpose and application of quality assurance programs. ISO 9000 provides quality management guidelines for all industries.
- ISO 90001 "Quality Systemsodel for Quality Assurance in Design/Development, Production, Installation, and Servicing." This standard sets out 20 element requirements and is the most comprehensive of the five ISO 9000 series standards. Although it is designed to apply to all industries, it is particularly useful in manufacturing and related industries in which a company designs, produces, installs, and services its own products.
- ISO 9002 "Quality Systemsodel for Quality Assurance in Production and Installation." This standard includes 18 element requirements. It is used primarily by companies responsible for production and installation of their own products, but not the design. These standards apply to suppliers and subcontractors for ISO 9001-certified companies.
- ISO 9003 "Quality Systemsodel for Quality Assurance in Final Inspection and Test." This standard includes 12 element requirements. It is the least complex of the five ISO 9000 series standards. Its primary users are companies that perform tests on and do final production inspections such as calibration. In general, a company that does not add any value to the manufacturing process should use ISO 9003.
- ISO 90004 "Quality Management and Quality System Elementsuidelines." This standard is similar to the ISO 9000 standard in that it provides guidelines for implementation of other standards within the ISO 9000 series. It is used for auditing purposes, and it contains guidelines that assist a company as it develops its own quality systems.
To better serve certain industries, the original 1987 standards have been modified; a major set of revisions was published in 1994. In fact, ISO 9000 includes a provision allowing the quality provisions found in ISO 9001, 9002, and 9003 to be customized to make the system applicable to certain products or services. Areas in which customized standards have been developed include, for example, ISO 9004-2, which applies to service industries; and ISO 9000-3, which covers the development and supply of computer software.
DEVELOPING A QUALITY ASSURANCE SYSTEM
Implementation of ISO 9000 series standards and certification to them is a lengthy and detailed procedure, but this section will provide a brief overview of the process. A series of six steps lead to the development of an internal quality assurance system. That system must include but is not limited to, a quality systems manual.
It is a misperception that preparation of the manual creates mountains of paperwork; the ISO quality manual is typically about 20-35 pages long. It is a major tool in developing and implementing an internal quality assurance system. The manual is to be used for training new personnel as well as in the day-to-day operations of the company.
The process of developing a system can be described in six steps.
- Management must decide which ISO standards apply to their company and which element requirements must be implemented.
- All personnel directly involved in the ISO 9000 implementation process must be trained. In turn, staff must develop policies and objectives necessary to meet the element requirements of the applicable ISO series 9000 standards.
- Procedures and documentation must be developed to carry out the policies and objectives that have been laid out. Examples of documentation include organization charts, quality plans, log books, inspection and test reports, purchase orders, and corrective action reports.
- Each employee is interviewed on how he she does his or her job, and a description of procedures is created for each job. The description must include safety procedures.
- Industry-wide standards and specifications must be documented.
- The company must establish an internal audit system. The system must be used to continually check whether the quality system is functioning properly.
The quality system process is an organization-wide process. There is no such thing as a partial quality assurance system; it is either for all of a company or none of it. The documentation gathered through these steps is used as a basis to develop the company's quality management system; and the system is described in the quality management manual.
After the quality assurance system has been developed, the next step is for the company to perform a preliminary internal assessment to measure how closely it conforms to the relevant standard (ISO 9001, ISO 9002, or ISO 9003).
There are three types of certification for ISO 9000 series standards. The ISO intended the 9000 series standards to be voluntary, and so no certification process was included in the standards issued in 1987. As a result, individual countries have developed certification procedures.
There are three ways to become certified: via first, second, or third party certification. First party certification is when a company certifies itself. Thus, it is sometimes called "self-declaration." This is accomplished using a formal internal quality assessment audit. The audit is performed by an internal quality manager or representative who examines whether the company is in conformance with the applicable ISO 9000 series standards.
Second party certification is performed by a customer of the company seeking certification. (In some cases, it is by large-scale buyers of the company's goods or services.) It is the customer's job to perform an internal audit and decide whether the company is complying with the ISO 9000 series standards. Often, when a company becomes certified through this second party process, an agreement is drawn up documenting the certification process. This agreement is used as part of the basis for future transactions.
Third party certification is done by a disinterested third party, usually a firm that specializes in ISO 9000 certification. The third party provides a registrar (also called an auditor) who performs an intensive internal audit of the company to verify its compliance with ISO 9000 standards. The process, which is described below, is similar to the review process under first or second party certification.
In practice, most companies choose third party certification. With respect to first party certification, there are credibility problems. A company that certifies itself has many opportunities to cheat in the certification; there is no enforcement or verification mechanism in the certification process. Second party certification is sometimes undesirable because of inefficiency and high costs. Every time a company wants to do business with a supplier, it must spend time and money to do an audit of the potential supplier. Yet, it can be less costly than third party certification for small and mid-size companies. Third party certification, in spite of its own inherent limitations (discussed below), is used most often, at least at present.
CERTIFICATION WITH A THIRD PARTY REGISTRAR.
The company desiring certification should hire a registrar who has been certified by a national accreditaion body. The registrar will then conduct the assessment in several stages. First, there is a pre-assessment. The registrar will review the quality system manual and other documents. The auditor will focus on the management system's ability to document the quality of the process of producing goods and services; he or she will not focus on the quality of the actual product. Based on this review the company may choose to proceed, or it may delay further assessment until deficiencies are corrected.
Second, there is a formal assessment. The registrar reviews documents and interviews company personnel. The objective is to determine whether written procedures are being implemented. Third, the audit report is issued. The registrar summarizes results of the audit and lists areas in which corrective action, if any, is needed. If deficiencies must be corrected, the company can do so and submit a report to the registrar. Corrections must be documented in that report.
The registrar can award certification based on an initial, favorable audit report or upon the initial report accompanied by the report verifying corrective action. After certification, the company can use the ISO 9000 seal on its letterhead and in advertising.
SURVEILLANCE AFTER CERTIFICATION
Following certification, twice annually the registrar will return to the company to verify that the company continues to be in compliance. Such visits will be with little or no notice. During such "spot checks," the registrar will focus on areas that were noted as weaknesses in the original report. The registrar will perform a complete audit and issue a new report every three years.
In addition, the company is expected to implement an internal auditing program to ensure the company continues to conform to ISO 9000 series requirements. A strong internal auditing program ensures that all goes well when the third party registrar visits periodically.
REASONS TO ADOPT ISO 9000 STANDARDS
Compliance with ISO 9000 series standards is voluntary in most, but not all cases. When compliance is voluntary, incentives come from a variety of internal and external benefits. An internal benefit comes from within the company and relates to the day-to-day operations of the organization. An external benefit, on the other hand, comes from outside the company and relates to other entities and factors such as customers and markets. Internal benefits can be realized by any company that uses the ISO 9000 series standards. However, external benefits are limited to those companies that are certified by a second or third party entity. This occurs because customers may not be willing to accept a company's word that it complies with ISO 9000 series and may require second or third party certification.
In some instances, ISO 9000 certification is a requirement for doing business. This may be due to the requirements of a customer, as is the case with respect to Tier I suppliers dealing with U.S. auto makers. Or, it may be due to requirements of laws of a country or trading bloc.
For example, the North American Treaty Organization (NATO) requires that its contractors be ISO 9000 certified. The U.S. Department of Defense does the same.
Some countries have passed laws requiring compliance with ISO 9000. As was discussed above, the European Union has passed directives that require ISO 9000 compliance for safety products, medical devices, and other specified products.
Whether certification is required or not, ISO 9000 series certification provides a variety of internal benefits. First, ISO 9000 certification leads to better documentation of company processes. This, in turn, leads to more efficient production processes and less waste. Both save money for a company.
Second, managers and other employees become more aware of quality. They begin to view operations through a "quality of management" lens. This leads to a more efficient company that can be more competitive in the marketplace.
Third, employee morale improves. When employees feel that they are part of the process, they accept responsibility for quality. This creates an incentive for workers to do a better job and makes the company more efficient.
Fourth, cooperation and communication are improved. Documenting procedures facilitates communication and promotes cooperation.
Fifth, production processes can be made more efficient. When there is better coordination of processes, there is less "down time," and resources are shared among departments more efficiently.
Sixth, fewer defective products are produced. Better quality results in fewer defects, less scrap, and, therefore, lower production costs. Finally, documentation of safety standards results in fewer accidents. In turn, there is less downtime for employees. The ultimate results are more efficient workers and lower costs of production.
Similarly, there are many potential external benefits. The first is that company prestige increases. Companies following ISO 9000 series standards are perceived as "good corporate citizens" that produce higher quality products. Thus, they gain prestige that can help retain old customers and attract new ones.
Second, it improves customer satisfaction. Higher quality means higher customer satisfaction. Further, the manufacturer of a product is certified, a customer may feel better about the product even if it is, in fact, of no higher quality than that of a non-certified manufacturer.
Third, it creates a higher level of trust. Customers perceive a certified company as being more trust worthy than a non-certified company.
Fourth, it reduces the need for customer audits. With certification, a company has already been audited. Therefore, customers will not feel a need to audit every time they want to do business with a company. This can result in major savings. For example, it is reported that in some industry segments in the United States, a facility may be subject to dozens of audits per year; in some cases it may be as many as 30 per month.
Fifth, it can help a company increase its market share. Certified companies gain access to markets that require ISO certification, and they can deepen penetration of existing markets. Finally, the company can respond more quickly to market needs. With better quality procedures, it is easier to develop and market new product lines. Being the first to reach a market results in higher profits for the company.
COSTS AND PROBLEMS RELATED TO ISO 9000
There are costs in time and money for companies becoming certified to an ISO 9000 series standard. For example, an ISO program may take three months to over one year to implement, and it requires continual efforts to review progress and pursue improvement. Further, it costs money to develop a certification program and attain certification. There may be benefits in terms of increased sales resulting from public perception that the firm produces quality goods, but sometimes non-ISO certified companies may be able to produce a similar product more cheaply.
ISO certification does not mean that a firm's product is better than that of a non-ISO certified firm. For example, ISO 9000 series certification does not prevent design defects. To reiterate, the ISO series 9000 standards are process standards; they are not product standards.
The quality of an audit performed for ISO certification purposes depends on the qualifications and honesty of the auditor, and whether the auditor is acting in a first, second, or third party capacity. In addition, there are numerous problems inherent in the third party certification process.
First, the ISO does not have standard procedures for certification. As a result, various countries have developed different certification procedures. For example, in the United States, the national body of accreditation is the Registrar Accreditation Board (RAB). At present, the European Union (EU) does not regulate registrars. Instead, they are accredited through national certification boards. This divergence contributes to a lack of understanding of the certification process. Without an international certification procedure, companies and members of the public are uninformed about what is involved in certification. And, of course, standards for certification are not uniform.
Second, certification is not always recognized across borders of countries. Therefore, a registrar should be chosen in view of the company's customer base. One practice that facilitates operations of companies in various countries is that some U.S. registrars have signed memoranda with registrars in Europe. As a result of such agreements, a company can become ISO-certified in several countries through the completion of a single certification process.
Third, there is no centralized record of registrations. This makes proof of certification difficult, and potential customers must rely on documents in the possession of the certified firm or the auditing firm hired by the firm.
Fourth, certification is costly. It costs from $10,000 to $20,000 or more, and may take six to 18 months to perform, depending on the size of the company. This can be prohibitive for small companies and for companies with severely limited resources. Such companies tend to come, in disproportionate percentages, from developing countries as compared to companies from industrialized countries.
Another set of objections to the ISO 9000 series standards is based on the assertion that the standards function as a non-tariff barrier to trade. The adoption of ISO 9000 series by the EU is viewed by some commentators as a trade barrier to companies from outside the EU. In other cases, it has been asserted that, as ISO 9000 certification becomes a de facto requirement for doing business, it operates as a nontariff barrier to trade with respect to struggling companies from developing countries. This argument is based on the premise that ISO certification is an expense that is beyond the means of firms with extremely limited funds.
As implementation of the ISO 9000 series standards proceeds, additional issues arise. One important set of issues relates to how ISO 9000 will be coordinated with parallel, yet slightly divergent, sets of standards that are being developed. One of these sets of standards is the QS-9000 standard developed by Ford, General Motors, and Chrysler (now Daimler-Chrysler). QS-9000 incorporated the ISO 9000 series, but it added customer-specific and sector-specific guidelines. The members of TC 176 (the ISO technical committee that developed the ISO 9000 series) emphasize that the ISO 9000 series must maintain its generic character if it is to continue to be useful over a long term.
In the summer of 1995, proposed standards developed by the Japanese caused a clash between the United States and Japan. The Japanese Accreditation Board (JAB) had announced the JIS Z9901, a variant on ISO 9000, that would be applied to software manufacturers. It included a provision that required certification through registrars who would be trained and accredited under the JAB's system. U.S. software manufacturers and electronics companies were outraged at the special registration requirements. They viewed JIS Z9901 as a potential non-tariff barrier to trade, as a mechanism through which trade secrets might be stolen, and as a mechanism that would cut their market share. After ANSI, the American Electronics Association (AEA), the Informational Technology Industry Council (ITIC), and major multinational corporations such as Apple Computer, IBM, Motorola, and others became involved. Through negotiations with ANSI, JAB agreed with ANSI to conform to ISO norms for ISO 9000 rather than create special registration requirements for software manufacturers. The JAB withdrew JIS Z9901 and averted an international trade crisis.
The ISO 9000 series standards involve potentially high economic stakes. Therefore, there must be continuing, careful surveillance by various industries throughout the world, as standards are developed and refined, and, especially, as variants on the ISO 9000 system are developed.
Certification of businesses to the ISO 9000 series standards is increasing rapidly around the world. Many companies see implementation of the standards as an investment in the future. They are convinced that the program will pay for itself as it results in lower production costs and greater efficiency in operation as well as access to new markets and new customers. In many industries, certification has almost become a necessity for doing business. And in some countries, such as in the EU, certification is mandatory in certain industries.
Yet, the ISO 9000 series standards are process standards, not product standards. Their widespread use throughout the world is creating desirable harmonization in terms of providing goods to the public. But the ISO 9000 series standards do not guarantee quality products from the companies that participate in the program.
SEE ALSO: International Organization for Standardization (ISO); ISO 14000
[Paulette L. Stenzel]
Badiru, Adedeji Docunde. Industry's Guide to ISO 9000. New York: John Wiley & Sons, Inc., 1995.
Johnson, Perry L. ISO 9000: Meeting The International Standards. 2nd ed. New York: McGraw-Hill, 1997.
Label, Wayne A., and Wilbur Priester. "Expanding Your Role in ISO." The CPA Journal, June 1996.
Mirams, Mike, and Paul McElheron. Gaining and Maintaining the New Quality Standards: The BS EN 9000 Tool Kit. Pitman Publishing, 1995.
"Using International Standards To Build A Better Business." Business Standards. British Standards Institute (BSI). Available at www.businessstandards.com.
Vloeberghs, Daniel, and Jan Bellens. "Implementing The ISO 9000 Standards in Belgium." Quality Standards, June 1996.
Zuckerman, Amy. International Standards: Desk Reference. New York: Amacom, 1997.