The ISO 9000 and ISO 14000 families are among ISO’s best known standards ever.
ISO 9001:2000 and ISO 14001: 2004 are implemented by over a million organizations in 175 countries.
ISO 9000 family
The ISO 9000 family addresses "Quality management".
This means what the organization does to fulfill:
- the customer’s quality requirements, and
- applicable regulatory requirements, while aiming to
- enhance customer satisfaction, and
- achieve continual improvement of its performance in pursuit of these objectives.
ISO 14000 family
The ISO 14000 family addresses "Environmental management".
This means what the organization does to:
- minimize harmful effects on the environment caused by its activities, and to
- achieve continual improvement of its environmental performance.
ISO 9000 is a family of standards for quality management systems. ISO 9000 is maintained by ISO, the International Organization for Standardization and is administered by accreditation and certification bodies. The rules are updated, as the requirements motivate changes over time. Some of the requirements in ISO 9001:2008 (which is one of the standards in the ISO 9000 family) include
a set of procedures that cover all key processes in the business;
monitoring processes to ensure they are effective;
keeping adequate records;
checking output for defects, with appropriate and corrective action where necessary;
regularly reviewing individual processes and the quality system itself for effectiveness; and
facilitating continual improvement
A company or organization that has been independently audited and certified to be in conformance with ISO 9001 may publicly state that it is "ISO 9001 certified" or "ISO 9001 registered". Certification to an ISO 9001 standard does not guarantee any quality of end products and services; rather, it certifies that formalized business processes are being applied.
Although the standards originated in manufacturing, they are now employed across several types of organizations. A "product", in ISO vocabulary, can mean a physical object, services, or software.
Contents of ISO 9001
ISO 9001:2008 Quality management systems — Requirements is a document of approximately 30 pages which is available from the national standards organization in each country. Outline contents are as follows:.
Page iv: Foreword
Pages v to vii: Section 0 Intro
Pages 1 to 14: Requirements
Section 1: Scope
Section 2: Normative Reference
Section 3: Terms and definitions (specific to ISO 9001, not specified in ISO 9000)
Pages 2 to 14 132 1
Section 4: Quality Management System
Section 5: Management Responsibility
Section 6: Resource Management
Section 7: Product Realization
Section 8: Measurement, analysis and improvement
In effect, users need to address all sections 1 to 8, but only 4 to 8 need implementing within a QMS.
Pages 15 to 22: Tables of Correspondence between ISO 9001 and other standards
Page 23: Bibliography
The standard specifies six compulsory documents:
Control of Documents (4.2.3)
Control of Records (4.2.4)
Internal Audits (8.2.2)
Control of Nonconforming Product / Service (8.3)
Corrective Action (8.5.2)
Preventive Action (8.5.3)
In addition to these, ISO 9001:2008 requires a Quality Policy and Quality Manual (which may or may not include the above documents).
Summary of ISO 9001:2008
The quality policy is a formal statement from management, closely linked to the business and marketing plan and to customer needs. The quality policy is understood and followed at all levels and by all employees. Each employee needs measurable objectives to work towards.
Decisions about the quality system are made based on recorded data and the system is regularly audited and evaluated for conformance and effectiveness.
Records should show how and where raw materials and products were processed, to allow products and problems to be traced to the source.
You need to determine customer requirements and create systems for communicating with customers about product information, inquiries, contracts, orders, feedback and complaints.
When developing new products, you need to plan the stages of development, with appropriate testing at each stage. You need to test and document whether the product meets design requirements, regulatory requirements and user needs.
You need to regularly review performance through internal audits and meetings. Determine whether the quality system is working and what improvements can be made. Deal with past problems and potential problems. Keep records of these activities and the resulting decisions, and monitor their effectiveness (note: you need a documented procedure for internal audits).
You need documented procedures for dealing with actual and potential nonconformances (problems involving suppliers or customers, or internal problems). Make sure no one uses bad product, determine what to do with bad product, deal with the root cause of the problem seeking and keep records to use as a tool to improve the system.
(Company Name) has developed and implemented this quality management system to demonstrate its ability to consistently provide product that meets customer and statutory and regulatory requirements, and to address customer satisfaction through the effective application of the system, including continual improvement and the prevention of nonconformity. (Company Name) has excluded section 7.3 Design and Development from the applicable requirements of ISO 9001:2008, due to the nature of (Company Name) and its products. All principal product characteristics are specified by the customers or their consultants. This exclusion does not affect (Company Name)’s ability, or responsibility, to provide product that meets customer and applicable statutory and regulatory requirements.
2.0 Normative reference
The normative document contains provisions which, through reference in this text, constitute provisions of ISO 9001:2008. For dated references, subsequent amendments to, or revisions of, any of these publications do not apply. However, parties to agreements based on ISO 9001:2008 are encouraged to investigate the possibility of applying the most recent edition of the normative document indicated below. For undated references, the latest edition of the normative document referred to applies. ISO 9000: 2005 Quality Management System –Fundamentals and Vocabulary.
3.0 Terms and definitions
“Supplier” and “Vendor” are synonymous and refer to the external source used to acquire purchased products by (Company Name).
4.0 Quality management system
4.1 General requirements: The Company documents, implements, and maintains a quality management system and continually improves its effectiveness in accordance with the requirements of the ISO 9001:2008 International Standard. (BBS Holdings Limited):that comprises of; . Guard Dog Security Services Ltd
a) determines the processes needed for the quality management system and their application throughout (Company Name),
b) determines the sequence and interaction of these processes,
c) determines criteria and methods needed to ensure that both the operation and control of these processes are effective,
d) ensures the availability of resources and information necessary to support the operation and monitoring of these processes,
e) monitors, measures where applicable and analyzes these processes,
f) implements actions necessary to achieve planned results and continual improvement of these processes.
These processes are managed by (Company Name) in accordance with the requirements of the ISO 9001:2008 International Standard. Where (Company Name) chooses to outsource any process that affects product conformity with requirements, (Company Name) ensures control over such processes. The type and extent of control of such outsourced processes are identified within the quality management system.
NOTE: Processes needed for the quality management system referred to above include processes for management activities, provision of resources, product realization, measurement, analysis, and improvement.
4.2 Documentation requirements
The quality management system documentation includes:
a) documented statements of a quality policy and quality objectives,
b) a quality manual,
c) documented procedures and records required by the ISO 9001:2008 International Standard, and
d) documents, including records determined by (Company Name) to be necessary to ensure the effective planning, operation and control of its processes
NOTE 1: Where the term “documented procedure” appears within the ISO 9001:2008 International Standard, means that a procedure is established, documented, implemented and maintained.
NOTE 2: Documentation can be in any form or type of medium.
4.2.2 Quality manual
(Company Name) establishes and maintains a quality manual that includes
a) the scope of the quality management system, including details of and justification for any exclusions,
b) the documented procedures established for the quality management system, or reference to them, and
c) a description of the interaction between the processes of the quality management system.
4.2.3 Control of documents
Documents required by the quality management system are controlled. Records required by the quality management system are controlled according to the requirements given in 4.2.4. A documented procedure is established to define the controls needed:
a) to approve documents for adequacy prior to issue,
b) to review and update as necessary and re-approve documents,
c) to ensure that changes and the current revision status of documents are identified,
d) to ensure that relevant versions of applicable documents are available at points of use, e) to ensure that documents remain legible and readily identifiable,
f) to ensure that documents of external origin determined by the organization to be necessary for the planning and operation of the quality management system are identified and their distribution controlled, and
g) to prevent the unintended use of obsolete documents, and to apply suitable identification to them if they are retained for any purpose.
Supporting Documentation QOP-42-01 Control of Documents
4.2.4 Control of records
Records established to provide evidence of conformity to requirements and or the effective operation of the quality management system shall be controlled. (Company Name) will establish a documented procedure to define the controls needed for the identification, storage, protection, retrieval, retention time and disposition of records. Records will remain legible, readily identifiable, and retrievable. Supporting Documentation QOP-42-02 Control of Records
5.0 Management responsibility
5.1 Management commitment
Top management is committed to the development and implementation of the quality management system and continually improves its effectiveness by: a) communicating to (Company Name) the importance of meeting customer as well as statutory and regulatory requirements, b) establishing a quality policy, c) establishing quality objectives, d) conducting management reviews, and e) ensuring the availability of resources.
5.2 Customer focus Top management ensures that customer requirements are determined and are met with the aim of enhancing customer satisfaction. (see 7.2.1 and 8.2.1)
5.3 Quality policy “(Company Name) is committed to Exceeding Customer Expectations through Implementation and Continuous Improvement of our Quality Management System. Absolute Customer Satisfaction is the expectation and, will be achieved through supplying a Superior Product, On-time, at a Competitive Price.” Top management ensures that the quality policy a) is appropriate to the purpose of the quality policy, b) includes a commitment to comply with requirements and continually improve the effectiveness of the quality management system, c) provides a framework for establishing and reviewing quality objectives, d) is communicated and understood within (Company Name), and e) is reviewed for continuing suitability.
5.4.1 Quality objectives Top management ensures that quality objectives, including those needed to meet requirements for product [see 7.1 a], are established at relevant functions and levels within (Company Name). The quality objectives are measurable and consistent with the quality policy. 1. Meet or exceed customer expectations by effective communication and review of customer requirements. 2. Provide our customers high quality products and services, on time delivery, and at a reasonable cost. 3. Effectively manage our products, processes, and services to provide superior customer satisfaction. 4. Promote the safety, awareness, and well being of employees through training and education.
5.4.2 Quality management system planning Top management ensures that: a) the planning of the quality management system is carried out in order to meet the requirements given in 4.1, as well as the quality objectives, and b) the integrity of the quality management system is maintained when changes to the quality management system are planned and implemented.
5.5 Responsibility, authority and communication
5.5.1 Responsibility and authority Top management ensures that responsibilities and authorities are defined and communicated within (Company Name) to promote effective management of the quality system. An Organizational Chart illustrates the responsibility and relative authority of the personnel who manage, perform, and verify the activities affecting the QMS. Changes to the quality system are planned within the framework of management reviews. These changes may be in response to changing circumstances, such as product, process, capacity, or other operational or organizational changes; or to improve the effectiveness and efficiency of the quality system. Supporting Documentation Organizational Chart
5.5.2 Management representative Top management has appointed a member of the organization’s management who, irrespective of other responsibilities, has the responsibility and authority that includes a) ensuring that processes needed for the quality management system are established, implemented and maintained, b) reporting to top management on the performance of the quality management system and any need for improvement, and c) ensuring the promotion of awareness of customer requirements throughout (Company Name). NOTE The responsibility of a management representative can include liaison with external parties on matters relating to the quality management system.
5.5.3 Internal communication Top management ensures that appropriate communication processes are established within (Company Name) and that communication takes place regarding the effectiveness of the quality management system.
5.6 Management Review
5.6.1 General Top management reviews (Company Name)’s quality management system, at planned intervals, to ensure its continuing suitability, adequacy and effectiveness. The review includes assessing opportunities for improvement and the need for changes to the quality management system, including the quality policy and quality objectives. Records from management reviews are maintained (see 4.2.4). Supporting Documentation QOP-56-01 Management Review
5.6.2 Review input The input to management review includes information on: a) results of audits, b) customer feedback, c) process performance and product conformity, d) status of preventive and corrective actions, e) follow-up actions from previous management reviews, f) changes that could affect the quality management system, and g) recommendations for improvement.
5.6.3 Review output The output from the management review includes any decisions and actions related to: a) improvement of the effectiveness of the quality management system and its processes, b) improvement of product related to customer requirements, and c) resource needs.
6.0 Resource management
6.1 Provision of resources (Company Name) determines and provides the resources needed a) to implement and maintain the quality management system and continually improve its effectiveness, and b) to enhance customer satisfaction by meeting customer requirements.
6.2 Human resources
6.2.1 General Personnel performing work affecting conformity to product requirements are competent on the basis of appropriate education, training, skills and experience. 6.2.2 Competence, training, and awareness (Company Name) : a) determines the necessary competence for personnel performing work affecting conformity to product requirements, b) where applicable, provides training or takes other actions to achieve the necessary competence, c) evaluates the effectiveness of the actions taken, d) ensures that its personnel are aware of the relevance and importance of their activities and how they contribute to the achievement of the quality objectives, and e) maintains appropriate records of education, training, skills and experience (see 4.2.4). Supporting Documentation QOP-62-01 Competence, Training, and Awareness
6.3 Infrastructure (Company Name) determines, provides for, and maintains the infrastructure needed to achieve conformity to product requirements. Infrastructure includes, as applicable: a) buildings, workspace and associated utilities, b) Process equipment (both hardware and software), and c) Supporting services (such as transport, communication or information systems). Supporting Documentation QOP-63-01 Equipment Maintenance
6.4 Work environment (Company Name) determines and manages the work environment needed to achieve conformity to product requirements.
7.0 Product realization
7.1 Planning of product realization
(Company Name) plans and develops the processes needed for product realization. Planning of product realization is consistent with the requirements of the other processes of the quality management system (see 4.1). In planning product realization, (Company Name) determines the following, as appropriate:
a) quality objectives and requirements for the product,
b) the need to establish processes, and documents, and provide resources specific to the product,
c) required verification, validation, monitoring, measurement, inspection and test activities specific to the product and the criteria for product acceptance, and
d) records needed to provide evidence that the realization processes and resulting product meet requirements (see 4.2.4).
The output of the planning is in a form suitable for (Company Name)s method of operations.
NOTE 1 A document specifying the processes of the quality management system (including the product realization processes) and the resources to be applied to a specific product, project or contract, is referred to as the quality plan.
NOTE 2 (Company Name) also applies the requirements given in 7.3 to the development of product realization processes. Supporting Documentation
QOP-71-01 Planning of Product Realization
7.2 Customer- related processes
7.2.1 Determination of requirements related to the product
(Company Name) determines:
a) requirements specified by the customer, including the requirements for delivery and post-delivery activities,
b) requirements not stated by the customer but necessary for specified or intended use, where known,
c) statutory and regulatory requirements applicable to the product, and
d) any additional requirements considered necessary by (Company Name).
QOP-72-02 Order Processing & Review
7.2.2 Review of requirements related to the product
(Company Name) reviews the requirements related to the product. This review is conducted prior to (Company Name)s commitment to supply a product to the customer (e.g. submission of tenders, acceptance of contracts or orders, acceptance of changes to contracts or orders) and ensures that:
a) product requirements are defined,
b) contract or order requirements differing from those previously expressed are resolved, and
c) (Company Name) has the ability to meet the defined requirements.
Records of the results of the review and actions arising from the review are maintained (see 4.2.4). Where the customer provides no documented statement of requirement, the customer requirements are confirmed by (Company Name) before acceptance. Where product requirements are changed, (Company Name) ensures that relevant documents are amended and that relevant personnel are made aware of the changed requirements.
NOTE In some situations, a formal review is impractical for each order. Instead the review can cover relevant product information such as catalogues or advertising material.
QOP-72-02 Order Processing & Review
7.2.3 Customer communication
(Company Name) determines and implements effective arrangements for communicating with customers in relation to:
a) product information,
b) enquiries, contracts or order handling, including amendments, and
c) customer feedback, including customer complaints.
QOP-72-02 Order Processing & Review
QOP-85-02 Customer Complaints
7.3 Design and development Excluded (See 1.0 Scope)
7.4.1 Purchasing process (Company Name) ensures that purchased product conforms to specified purchase requirements. The type and extent of control applied to the supplier and the purchased product is dependent upon the effect of the purchased product on subsequent product realization or the final product.
7.4.2 Purchasing Information
Purchasing information describes the product to be purchased, including where appropriate a) requirements for approval of product, procedures, processes and equipment,
b) requirements for qualification of personnel, and
c) quality management system requirements.
(Company Name) ensures the adequacy of specified purchase requirements prior to their communication to the supplier.
7.4.3. Verification of purchased product
(Company Name) establishes and implements the inspection or other activities necessary for ensuring that purchased product meets specified purchase requirements. Where (Company Name) or its customer intends to perform verification at the supplier’s premises, (Company Name) states the intended verification arrangements and method of product release in the purchasing information.
QOP-74-02 Verification of Purchase Product
7.5 Production and service provision
7.5.1 Control of production and service provision
As applicable, (Company Name) plans and carries out production and service provisions under controlled conditions. Controlled conditions include:
a) the availability of information that describes the characteristics of the product,
b) the availability of work instructions, as necessary,
c) the use of suitable equipment,
d) the availability and use of monitoring and measuring equipment,
e) the implementation of monitoring and measurement activities, and
f) the implementation of product release, delivery and post-delivery activities.
QOP-75-01 Work Order and Production Records
QOP-63-01 Equipment Maintenance
QOP-76-01 Measuring and Monitoring Equipment
QOP-84-02 Final Inspection
7.5.2 Validation of processes for production and service provision
(Company Name) validates any processes for production and service provisions where the resulting output cannot be verified by subsequent monitoring or measurement and, as a consequence, deficiencies become apparent only after the product is in use or the service has been delivered. Validation demonstrates the ability of these processes to achieve planned results. As applicable, (Company Name) establishes arrangements for these processes including:
a) defined criteria for review and approval of the processes,
b) approval of equipment and qualification of personnel,
c) use of specific methods and procedures,
d) requirements for records (see 4.2.4), and
Note: (Company Name) has no Special Processes at this time.
7.5.3 Identification and traceability Where appropriate, (Company Name) identifies the product by suitable means throughout product realization. (Company Name) identifies the product status with respect to monitoring and measurement requirements throughout product realization. Where traceability is a requirement, (Company Name) controls the unique identification of the product an maintain records (4.2.4). Supporting Documentation
QOP-75-04 Product Identification and Traceability
7.5.4 Customer property
(Company Name) exercises care with customer property while it is under (Company Name)s control or being used by (Company Name). (Company Name) identifies, verifies, protects and safeguards customer property provided for use or incorporation into the product. If any customer property is lost, damaged or otherwise found to be unsuitable for use, (Company Name) will report this the customer and maintain records (see 4.2.4).
Note: Customer property can include intellectual property and personal date.
Note: (Company Name) has no Customer Property at this time.
7.5.5 Preservation of product
(Company Name) preserves the product during internal processing and delivery to the intended destination in order to maintain conformity to requirements. As applicable, preservation includes identification, handling, packaging, storage and protection. Preservation also applies to the constituent parts of a product.
7.6 Control of monitoring and measuring equipment
(Company Name) determines the monitoring and measurement to be undertaken and the monitoring and measuring equipment needed to provide evidence of conformity of product to determined requirements. (Company Name) establishes processes to ensure that monitoring and measurement can be carried out, and is carried out in a manner that is consistent with the monitoring and measurement requirements. Where necessary to ensure valid results measuring equipment is:
a)calibrated, verified or both at specified intervals, or prior to use, against measurement standards traceable to international or national measurement standards; where no such standards exist, the basis used for calibration or verification shall be recorded,
b)adjusted or re-adjusted as necessary,
c)have identification in order to determine it’s calibration status,
d)safeguarded from adjustments that would invalidate the measurement result, and
e)protected from damage and deterioration during handling, maintenance and storage.
In addition, (Company Name) assesses and records the validity of the previous measuring results when the equipment is found not to conform to requirements. (Company Name) takes appropriate action on the equipment and any product affected. Records of the results of calibration and verification are maintained (see 4.2.4).
Note: Confirmation of the ability of computer software to satisfy the intended application will typically include its verification and configuration management to maintain its suitability for use Supporting Documentation
QOP-76-01 Monitoring and Measuring Equipment
 8.0 Measurement, analysis and improvement
8.1 General (Company Name) plans and implements the monitoring, measurement, analysis and improvement processes needed: a)to demonstrate conformity to product requirements, b)to ensure conformity of the quality management system, and c)to continually improve the effectiveness of the quality management system. This includes determination of applicable methods, including statistical techniques, and the extent of their use.
8.2 Monitoring and measurement
8.2.1 Customer satisfaction As one of the measurements of the performance of the quality management system, (Company Name) monitors information relating to customer perception as to whether (Company Name) has met customer requirements. The methods for obtaining and using this information are determined. Supporting Documentation QOP-82-01 Customer Satisfaction
8.2.2 Internal Audits (Company Name) conducts internal audits at planned intervals to determine whether the quality management system: a)conforms to the planned arrangements (see 7.1), to the requirements of ISO 9001:2008 and to the quality management system requirements established by (Company Name), and b)is effectively implemented and maintained. An audit program is planned, taking into consideration the status and importance of the processes and areas to be audited, as well as the results of previous audits. The audit criteria, scope, frequency and methods are defined. The selection of auditors and conduct of audits ensure objectivity and impartiality of the audit process. Auditors do not audit their own work. The responsibilities and requirements for planning and conducting audits, and for reporting results and maintaining records (see 4.2.4) are defined in a documented procedure. The management responsible for the area being audited ensures that any necessary correction and corrective actions are taken without undue delay to eliminate detected nonconformities and their causes. Follow-up activities include the verification of the actions taken and the reporting of verification results (see 8.5.2). Supporting Documentation QOP-82-02 Internal Quality Audits
8.2.3 Monitoring and measurement of processes (Company Name) applies suitable methods for monitoring and where applicable, measurement of the quality management system processes. These methods demonstrate the ability of the processes to achieve planned results. When planned results are not achieved, correction and corrective action is taken, as appropriate.
8.2.4 Monitoring and measurement of product (Company Name) monitors and measures the characteristics of the product to verify that product requirements have been met. This is carried out at appropriate stages of the product realization process in accordance with the planned arrangements (see 7.1). Evidence of conformity with the acceptance criteria is maintained. Records indicate the person(s) authorizing release of product for delivery to the customer (see 4.2.4). The release of product and delivery of service to the customer does not proceed until the planned arrangements (see 7.1) have been satisfactorily completed, unless otherwise approved by a relevant authority and where applicable, by the customer. Supporting Documentation QOP-82-03 In Process Inspections QOP-82-04 Final Inspection
8.3 Control of nonconforming product (Company Name) ensures that product which does not conform to product requirements is identified and controlled to prevent its unintended use or delivery. A documented procedure is established to define the controls and related responsibilities and authorities for dealing with nonconforming products. Where applicable (Company Name) deals with nonconforming product by one or more of the following ways: a)by taking action to eliminate the detected nonconformity, b)by authorizing its use, release or acceptance under concession by a relevant authority and, where applicable, by the customer, and c)by taking action to preclude its original intended use or application. d)by taking action appropriate to the effects, or potential effects, of the nonconformity when nonconforming product is detected after delivery or use has started. When nonconforming product is corrected the product is subject to re-verification to demonstrate conformity to the requirements. When nonconforming product is detected after delivery or use has started, (Company Name) takes action appropriate to the effects, or potential effects, of the nonconformity. Records of the nature of nonconformities and any subsequent actions taken, including concessions obtained, are maintained (see 4.2.4). Supporting Documentation QOP-83-01 Control of Nonconforming Product
8.4 Analysis of data (Company Name) determines, collects and analyzes appropriate data to demonstrate the suitability and effectiveness of the quality management system and to evaluate where continual improvement of the effectiveness of the quality management system can be made. This includes data generated as a result of monitoring and measurement and from other relevant sources. The analysis of data provides information relating to: a)customer satisfaction (see 8.2.1), b)conformity to product requirements (see 8.2.4), c)characteristics and trends of processes and products including opportunities for preventive action (see 8.2.3 and 8.2.4), d)suppliers (see 7.4), Supporting Documentation QOP-56-01 Management Review
8.5.1 Continual improvement
(Company Name) continually improves the effectiveness of the quality management system through the use of the quality policy, quality objectives, audit results, analysis of data, corrective and preventive actions and management reviews. Supporting Documentation QOP-85-01 Continual Improvement
8.5.2 Corrective action (Company Name) takes action to eliminate the causes of nonconformities in order to prevent recurrence. Corrective actions are appropriate to the effects of the nonconformities encountered. A documented procedure is established to define requirements for: a) reviewing nonconformities (including customer complaints), b) determining the causes of nonconformities, c) evaluating the need for action to ensure that nonconformities do not recur, d) determining and implementing action needed, e) records of the results of action taken (see 4.2.4), and f) reviewing the effectiveness of the corrective action taken. Supporting Documentation QOP-85-02 Customer Complaints QOP-85-03 Corrective and Preventive Actions
8.5.3 Preventive action (Company Name) determines actions to eliminate the causes of potential nonconformities in order to prevent their occurrence. Preventive actions are appropriate to the effects of the potential problems. A documented procedure is established to define requirements for: a) determining potential nonconformities and their causes, b) evaluating the need for action to prevent occurrence of nonconformities, c) determining and implementing action needed, d) records of results of action taken (see 4.2.4), and e) reviewing the effectiveness of the preventive action taken. Supporting Documentation QOP-85-03 Corrective and Preventive Actions
ISO 9000:1987 had the same structure as the UK Standard BS 5750, with three ‘models’ for quality management systems, the selection of which was based on the scope of activities of the organization:
ISO 9001:1987 Model for quality assurance in design, development, production, installation, and servicing was for companies and organizations whose activities included the creation of new products.
ISO 9002:1987 Model for quality assurance in production, installation, and servicing had basically the same material as ISO 9001 but without covering the creation of new products.
ISO 9003:1987 Model for quality assurance in final inspection and test covered only the final inspection of finished product, with no concern for how the product was produced.
ISO 9000:1987 was also influenced by existing U.S. and other Defense Standards ("MIL SPECS"), and so was well-suited to manufacturing. The emphasis tended to be placed on conformance with procedures rather than the overall process of management—which was likely the actual intent.
ISO 9000:1994 emphasized quality assurance via preventive actions, instead of just checking final product, and continued to require evidence of compliance with documented procedures. As with the first edition, the down-side was that companies tended to implement its requirements by creating shelf-loads of procedure manuals, and becoming burdened with an ISO bureaucracy. In some companies, adapting and improving processes could actually be impeded by the quality system.
ISO 9001:2000 combines the three standards 9001, 9002, and 9003 into one, called 9001. Design and development procedures are required only if a company does in fact engage in the creation of new products. The 2000 version sought to make a radical change in thinking by actually placing the concept of process management front and center ("Process management" was the monitoring and optimizing of a company’s tasks and activities, instead of just inspecting the final product). The 2000 version also demands involvement by upper executives, in order to integrate quality into the business system and avoid delegation of quality functions to junior administrators. Another goal is to improve effectiveness via process performance metrics — numerical measurement of the effectiveness of tasks and activities. Expectations of continual process improvement and tracking customer satisfaction were made explicit.
The ISO 9000 standard is continually being revised by standing technical committees and advisory groups, who receive feedback from those professionals who are implementing the standard.
ISO 9001:2008 only introduces clarifications to the existing requirements of ISO 9001:2000 and some changes intended to improve consistency with ISO 14001:2004. There are no new requirements. Explanation of changes in ISO 9001:2008. A quality management system being upgraded just needs to be checked to see if it is following the clarifications introduced in the amended version.Practical Guide to Implementing ISO 9001:2008
ISO does not itself certify organizations. Many countries have formed accreditation bodies to authorize certification bodies, which audit organizations applying for ISO 9001 compliance certification. Although commonly referred to as ISO 9000:2000 certification, the actual standard to which an organization’s quality management can be certified is ISO 9001:2008. Both the accreditation bodies and the certification bodies charge fees for their services. The various accreditation bodies have mutual agreements with each other to ensure that certificates issued by one of the Accredited Certification Bodies (CB) are accepted worldwide.
The applying organization is assessed based on an extensive sample of its sites, functions, products, services and processes; a list of problems ("action requests" or "non-compliance") is made known to the management. If there are no major problems on this list, or after it receives a satisfactory improvement plan from the management showing how any problems will be resolved, the certification body will issue an ISO 9001 certificate for each geographical site it has visited.
An ISO certificate is not a once-and-for-all award, but must be renewed at regular intervals recommended by the certification body, usually around three years. In contrast to the Capability Maturity Model there are no grades of competence within ISO 9001. Marlin (USF)
Two types of auditing are required to become registered to the standard: auditing by an external certification body (external audit) and audits by internal staff trained for this process (internal audits). The aim is a continual process of review and assessment, to verify that the system is working as it’s supposed to, find out where it can improve and to correct or prevent problems identified. It is considered healthier for internal auditors to audit outside their usual management line, so as to bring a degree of independence to their judgments.
Under the 1994 standard, the auditing process could be adequately addressed by performing "compliance auditing":
Tell me what you do (describe the business process)
Show me where it says that (reference the procedure manuals)
Prove that this is what happened (exhibit evidence in documented records)
The 2000 standard uses a different approach. Auditors are expected to go beyond mere auditing for rote "compliance" by focusing on risk, status and importance. This means they are expected to make more judgments on what is effective, rather than merely adhering to what is formally prescribed. The difference from the previous standard can be explained thus:
Under the 1994 version, the question was broadly "Are you doing what the manual says you should be doing?", whereas under the 2000 version, the question is more "Will this process help you achieve your stated objectives? Is it a good process or is there a way to do it better?
The ISO 9001 standard is generalized and abstract. Its parts must be carefully interpreted, to make sense within a particular organization. Developing software is not like making cheese or offering counseling services; yet the ISO 9001 guidelines, because they are business management guidelines, can be applied to each of these. Diverse organizations—police departments (US), professional soccer teams (Mexico) and city councils (UK)—have successfully implemented ISO 9001:2000 systems.
Over time, various industry sectors have wanted to standardize their interpretations of the guidelines within their own marketplace. This is partly to ensure that their versions of ISO 9000 have their specific requirements, but also to try and ensure that more appropriately trained and experienced auditors are sent to assess them.
The TickIT guidelines are an interpretation of ISO 9000 produced by the UK Board of Trade to suit the processes of the information technology industry, especially software development.
AS9000 is the Aerospace Basic Quality System Standard, an interpretation developed by major aerospace manufacturers. Those major manufacturers include AlliedSignal, Allison Engine, Boeing, General Electric Aircraft Engines, Lockheed-Martin, McDonnell Douglas, Northrop Grumman, Pratt & Whitney, Rockwell-Collins, Sikorsky Aircraft, and Sundstrand. The current version is AS9100.
PS 9000 is an application of the standard for Pharmaceutical Packaging Materials. The Pharmaceutical Quality Group (PQG) of the Institute of Quality Assurance (IQA) has developed PS 9000:2001. It aims to provide a widely accepted baseline GMP framework of best practice within the pharmaceutical packaging supply industry. It applies ISO 9001: 2000 to pharmaceutical printed and contact packaging materials.
QS 9000 is an interpretation agreed upon by major automotive manufacturers (GM, Ford, Chrysler). It includes techniques such as FMEA and APQP. QS 9000 is now replaced by ISO/TS 16949.
ISO/TS 16949:2009 is an interpretation agreed upon by major automotive manufacturers (American and European manufacturers); the latest version is based on ISO 9001:2008. The emphasis on a process approach is stronger than in ISO 9001:2008. ISO/TS 16949:2009 contains the full text of ISO 9001:2008 and automotive industry-specific requirements.
TL 9000 is the Telecom Quality Management and Measurement System Standard, an interpretation developed by the telecom consortium, QuEST Forum. The current version is 4.0 and unlike ISO 9001 or the above sector standards, TL 9000 includes standardized product measurements that can be benchmarked. In 1998 QuEST Forum developed the TL 9000 Quality Management System to meet the supply chain quality requirements of the worldwide telecommunications industry.
ISO 13485:2003 is the medical industry’s equivalent of ISO 9001:2000. Whereas the standards it replaces were interpretations of how to apply ISO 9001 and ISO 9002 to medical devices, ISO 13485:2003 is a stand-alone standard. Compliance with ISO 13485 does not necessarily mean compliance with ISO 9001:2000.
ISO/TS 29001 is quality management system requirements for the design, development, production, installation and service of products for the petroleum, petrochemical and natural gas industries. It is equivalent to API Spec Q1 without the Monogram annex.
The debate on the effectiveness of ISO 9000 commonly centers on the following questions:
Are the quality principles in ISO 9001:2000 of value? (Note that the version date is important: in the 2000 version ISO attempted to address many concerns and criticisms of ISO 9000:1994).
Does it help to implement an ISO 9001:2000 compliant quality management system?
Does it help to obtain ISO 9001:2000 certification?
It is widely acknowledged that proper quality management improves business, often having a positive effect on investment, market share, sales growth, sales margins, competitive advantage, and avoidance of litigation.The quality principles in ISO 9000:2000 are also sound, according to wade and barnes’",who says "ISO 9000 guidelines provide a comprehensive model for quality management systems that can make any company competitive implementing ISO often gives the following advantages:
Create a more efficient, effective operation
Increase customer satisfaction and retention
Improve employee motivation, awareness, and morale
Promote international trade
Reduce waste and increases productivity.
A common criticism of ISO 9001 is the amount of money, time and paperwork required for registration. According to Barnes, "Opponents claim that it is only for documentation. Proponents believe that if a company has documented its quality systems, then most of the paperwork has already been completed."
ISO 9001 is not in any way an indication that products produced using its certified systems are any good. A company can intend to produce a poor quality product and providing it does so consistently and with the proper documentation can put an ISO 9001 stamp on it. According to Seddon, ISO 9001 promotes specification, control, and procedures rather than understanding and improvement.  Wade argues that ISO 9000 is effective as a guideline, but that promoting it as a standard "helps to mislead companies into thinking that certification means better quality, … [undermining] the need for an organization to set its own quality standards."  Paraphrased, Wade’s argument is that reliance on the specifications of ISO 9001 does not guarantee a successful quality system.
While internationally recognized, most US consumers are not aware of ISO 9000 and it holds no relevance to them. The added cost to certify and then maintain certification may not be justified if product end users do not require ISO 9000. The cost can actually put a company at a competitive disadvantage when competing against a non ISO 9000 certified company.
The standard is seen as especially prone to failure when a company is interested in certification before quality. Certifications are in fact often based on customer contractual requirements rather than a desire to actually improve quality. "If you just want the certificate on the wall, chances are, you will create a paper system that doesn’t have much to do with the way you actually run your business," said ISO’s Roger Frost. Certification by an independent auditor is often seen as the problem area, and according to Barnes, "has become a vehicle to increase consulting services."  In fact, ISO itself advises that ISO 9001 can be implemented without certification, simply for the quality benefits that can be achieved. 
Another problem reported is the competition among the numerous certifying bodies, leading to a softer approach to the defects noticed in the operation of the Quality System of a firm.
Abrahamson argued that fashionable management discourse such as Quality Circles tends to follow a lifecycle in the form of a bell curve, possibly indicating a management fad.
A good overview for effective use of ISO 9000 is provided by Barnes: "Good business judgment is needed to determine its proper role for a company… Is certification itself important to the marketing plans of the company? If not, do not rush to certification… Even without certification, companies should utilize the ISO 9000 model as a benchmark to assess the adequacy of its quality programs."