ISO 9000
AN INTRODUCTION
ISO 9000 is rapidly becoming the most important quality
management standard in the world. Thousands of companies in
over 100 countries have already adopted it, and many more are
in the process of doing so. Why? Because it controls quality.
It saves money. Customers expect it. And competitors use it.
ISO 9000 applies to all types of organizations. It doesn't matter
what size they are or what they do. It can help both product and
service oriented organizations achieve standards of quality that
are recognized and respected throughout the world.
ISO is the International Organization for Standardization.
It is located in Switzerland and was established in 1947 to
develop common international standards in many areas.
Its members come from over 150 national standards bodies.
What is ISO 9000?
The term ISO 9000 unfortunately has two different meanings:
it refers to a single standard (ISO 9000) and it refers to a set
of three standards (ISO 9000, ISO 9001, and ISO 9004). All three
are referred to as quality management system standards.
ISO 9000 discusses definitions and terminology and is used
to clarify the concepts used by the ISO 9001 and ISO 9004
standards. ISO 9001 contains requirements and is often used
for certification purposes while ISO 9004 presents a set of
guidelines and is used to develop quality management
systems that go beyond ISO 9001.
ISO's purpose is to facilitate international trade by
providing a single set of standards that people
everywhere would recognize and respect.
The ISO 9000 standards apply to all kinds of organizations in
all kinds of areas. Some of these areas include manufacturing,

If you've already got a functioning quality management
system, we suggest that you carry out a gap analysis.
A gap analysis will tell you exactly what you need to do to
meet the ISO 9001 standard. It will help you to identify the
gaps that exist between the ISO 9001 standard and your
organization's processes. Once you know where the gaps
are, you can take steps to fill your gaps. By following this
incremental approach, you will not only comply with the
ISO 9001 standard, but you will also improve the overall
effectiveness of your organization's quality management
system. A gap analysis will also help you to figure out how
much time it will take and how much it will cost to bring your
QMS into compliance with the ISO 9001 standard.
However, if you don't have a quality management system
or you're starting from scratch, we suggest that you use an
ISO 9001 process-based QMS development plan to develop
your quality management system.
Once your QMS has been fully developed and implemented,
you may wish to carry out an internal compliance audit to
ensure that it complies with the ISO 9001 2008 requirements.
Once you're sure that your QMS is fully compliant, you're ready
to ask a registrar (certification body) to audit the effectiveness
of your QMS. If your auditors like what they see, they will
certify that your QMS has met ISO's requirements.
While ISO 9001 is specifically designed to be used for
certification purposes, you don't have to become certified.
ISO does not require formal certification (registration). You
can simply establish a compliant QMS and then announce
to the world that it complies with the ISO 9001 standard. Of
course, your compliance claim may have more credibility

eight quality management principles. These principles were chosen
because they can be used to improve performance and achieve success.

But how can you ensure that your organization applies these principles?
The answer is to establish a quality management system that meets the
ISO 9001 2008 standard. If you do so, your organization will automatically
apply these principles. This is because they permeate the ISO 9001
standard and will therefore be built into any quality system that is
based on this standard. So if you want to improve the performance
of your organization, you need to develop and implement an
ISO 9001 2008 quality management system that
applies the eight principles listed below.
1 Focus
on your
customers
Organizations rely on customers. Therefore:
• Organizations must understand customer needs.
• Organizations must meet customer requirements.
• Organizations must exceed customer expectations.
2 Provide
leadership
Organizations rely on leaders. Therefore:
• Leaders must establish a unity of purpose and
set the direction the organization should take.
• Leaders must create an environment that encourages
people to achieve the organization's objectives.
3 Involve
your
people
Organizations rely on people. Therefore:

Organizations perform better when their
decisions are based on facts. Therefore:
• Organizations must base decisions on the
analysis of factual information and data.
8 Work
with your
suppliers
Organizations depend on their suppliers
to help them create value. Therefore:
• Organizations must maintain a mutually
beneficial relationship with their suppliers.

ISO 9001 2008 vs ISO 9001 2000

ISO 9001 2008 and ISO 9001 2000 use the same numbering system
to organize the ISO 9001 2008 and ISO 9001 2000 use the same numbering
system
to organize the standard. As a result, the new standard looks much
like the old standard. However, some important clarifications and
modifications were made. These changes are summarized below.

Outsourced Processes
The process approach continues to be of central importance to
ISO 9001. And since outsourcing has become increasingly common
during the last few years, the new ISO 9001 standard has expanded
its discussion of outsourced processes (see ISO 9001 Part 4.1).
The new standard makes it clear that an outsourced process is
still part of your QMS even though it is performed by a party that
is external to your organization. The new standard emphasizes
the need to ensure that outsourced processes comply with all

controlled, not all of them.
Management Representative
ISO 9001 2000, Part 5.5.2, allowed you to appoint any member
of management to oversee the organization’s QMS. Since the old
standard did not explicitly say that the management representative
must be a member of the organization’s own management, outsiders
were sometimes appointed, instead. This loophole has now
been closed.
ISO 9001 2008 now makes it clear that the management representative
must be a member of the organization’s own management. Outsiders
may no longer perform this important function.
Competence
While both old and new standards stress the importance of
competence, the old standard wasn’t very clear about who they
were talking about. Now it’s pretty clear that all QMS personnel must
be competent. ISO 9001 2008, Part 6.2.1, makes it clear that any task
within the QMS may directly or indirectly affect the organization’s
ability or willingness to meet product requirements. Since any
QMS task could directly or indirectly influence product quality,
the competence of anyone and everyone who carries out
any QMS task must be assured.
Infrastructure
For ISO 9001 2000 (Part 6.3) the term infrastructure includes
buildings, workspaces, equipment, software, utilities, and support
services like transportation and communications. ISO 9001 2008
has now added information systems to the previous list of support
services. Both old and new standards expect you to provide the
infrastructure (including information systems) that your
organization needs in order to ensure that product
requirements are being met.

Part 7.3.3 of ISO 9001 2000 wants you to make sure that the
design and development process generates information
(outputs) that your purchasing, production, and service
provision processes need to have.
ISO 9001 2008 now also says that design and development
outputs could include information that explains how products
can be preserved during production and service provision.
Monitoring and Measuring Equipment
While ISO 9001 2008, Part 7.6, refers to the need to control
monitoring and measuring equipment, the old standard talked
about controlling devices. Since the term device can refer to
almost anything from a literary contrivance to a machine, its
meaning wasn’t exactly clear. The new ISO 9001 standard
has removed this ambiguity by using the term equipment.
Both the old and the new standard wants you to confirm that
monitoring and measuring software is capable of doing the job
you want it to do. In addition to this requirement, the new standard
suggests (in a note) that configuration management and well
established verification methods can be used to ensure the
ongoing suitability of monitoring and measuring software.
However, this is not a requirement, just a statement that
explains how the ongoing suitability of software can
be maintained.
Customer Satisfaction
Both old and new standards want you to monitor and
measure customer satisfaction (perceptions). A new note to
ISO 9001 2008, Part 8.2.1, explains that there are many ways
to monitor and measure customer satisfaction. You could use
customer satisfaction and opinion surveys. And you could collect
product quality data (post delivery), track warranty claims, examine

ISO 9001 2000 versus ISO 9001 1994

New Standard In the past, ISO had three standards:
ISO 9001:1994, ISO 9002:1994,
and ISO 9003:1994. Now there's only one standard: ISO 9001:2000!
ISO 9002 and ISO 9003 have been dropped.
So, if you are currently ISO 9002:1994 or ISO 9003:1994 certified,
you will now need to become ISO 9001:2000 certified. And if you're
now ISO 9001 certified, you're going to have to update your quality
system in order to meet the new ISO 9001:2000 requirements.
New Structure When you compare ISO 9001:1994 and ISO
9001:2000 you’ll notice
that ISO has abandoned the 20-clause structure of the old standard.
Instead of 20 sections, the new standard now has 5 sections.
ISO reorganized the ISO 9001 standard in order to create a
more logical structure, and in order to make it more compatible
with the ISO 14001 environmental management standard. While
this reorganization is largely a cosmetic change, it could have
some rather profound implications if you’ve organized your
current quality manual around the old 20-part structure.
New Emphasis
In general, the new standard is more customer-oriented than the old
standard. While the old standard was also oriented towards meeting
customer requirements and achieving customer satisfaction, the new
standard addresses this in much greater detail. In addition, it expects
you to communicate with customers and to measure and monitor
customer satisfaction.
The new standard also emphasizes the need to make improvements.
While the old standard did implicitly expect organizations to make
improvements, the new standard makes this explicit. Specifically,

• Identify customer requirements (5.2, 7.2.1).
• Meet customer requirements (5.2).
• Monitor and measure customer satisfaction (8.2.1).
• Meet regulatory requirements (5.1).
• Meet statutory requirements (5.1).
• Support internal communication (5.5.3).
• Provide quality infrastructure (6.3).
• Provide a quality work environment (6.4).
• Evaluate the effectiveness of training (6.2.2).
• Monitor and measure processes (8.2.3).
• Evaluate the suitability of quality management system (8.4).
• Evaluate the effectiveness of quality management system (8.4).
• Identify quality management system improvements (5.1, 8.4).
• Improve quality management system (5.1, 8.5).
New Flexibility
Under the new ISO 9001:2000 standard, you may ignore or exclude
some requirements. Requirements that may be ignored under special
circumstances are known as exclusions. According to ISO, you may
ignore or exclude any of the requirements found in Section 7 Product
realization as long as you meet certain conditions.
You may exclude a Section 7 requirement if you cannot apply it.
More precisely, you may exclude or ignore a requirement if:
• You cannot apply it because of
the nature of your organization, or
• You cannot apply it because of the
nature of your products or services
However, you may not exclude or ignore Section 7 requirements
if doing so will compromise your ability or willingness to meet the
requirements set by customers and regulators.
We believe that this permissible exclusion clause is a very

together by means of many input-output relationships. These
input-output relationships turn a simple list of processes into
an integrated system. Without these input-output relationships,
you wouldn't have a Quality Management System.
ISO 9001 2008*
Plain English Overview
This page presents a plain English overview of the ISO 9001 2008
Quality Management Standard. To see a more detailed version,
please visit ISO 9001 2008 Translated into Plain English.
NOTE: ISO presents its requirements in
sections 4 to 8 of ISO 9001 2008. Therefore,
the following material begins with section 4.

4. General Requirements
4.1
Develop
your QMS
• Establish your organization's QMS.
• Document your organization's QMS.
• Implement your organization's QMS.
• Maintain your organization's QMS.
• Improve your organization's QMS.
4.2
Document
your QMS
4.2.1 Manage QMS documents.
4.2.2 Prepare QMS manual.
4.2.3 Control QMS documents.
4.2.4 Establish QMS records.


5.5.1 Define responsibilities and authorities.
5.5.2 Create management representative role.
5.5.3 Support internal communication.
5.6
Perform QMS
management
reviews
5.6.1 Review quality management system.
5.6.2 Examine management review inputs.
5.6.3 Generate management review outputs.

6. Resource Requirements
6.1
Provide required
QMS resources
• Identify the resources that your QMS needs.
• Provide the resources that your QMS needs.
6.2
Provide
competent
QMS personnel
6.2.1 Ensure the competence of workers.
6.2.2 Meet competence requirements.
6.3
Provide necessary
infrastructure
• Identify your infrastructure needs.
• Provide needed infrastructure.
• Maintain your infrastructure.
6.4 • Identify needed work environment.

7.4
Control purchasing
and purchased
products
7.4.1 Establish control of your purchasing process.
7.4.2 Specify your purchasing requirements.
7.4.3 Verify your purchased products.
7.5
Control production
and service
provision
7.5.1 Establish control of production and service.
7.5.2 Validate production and service provision.
7.5.3 Identify and track your products.
7.5.4 Protect property supplied by customers.
7.5.5 Preserve your products and components.
7.6
Control monitoring
and measuring
• Identify monitoring and measuring needs.
• Select monitoring and measuring equipment.
equipment • Establish monitoring and measuring processes.
• Calibrate monitoring and measuring equipment.
• Protect your monitoring and measuring equipment.
• Confirm suitability of monitoring and measuring software.

8. Remedial Requirements
8.1
Establish
monitoring

8.5
Make
improvements
and take remedial
actions
8.5.1 Improve the effectiveness of your QMS.
8.5.2 Correct nonconformities to prevent recurrence.
8.5.3 Prevent the occurrence of nonconformities.
If you'd like to see how we've translated each of these ISO 9001 sections
into plain and simple English, please see our detailed ISO 9001 2008
page.