The dust has settled, the tablets have been handed down from the mountain and copies of the improved, orderly and understandable ISO 9001: 2000 standard have been landing on the desks of management all over the world. After reading the new standard, and getting a brain cramp from comparing the 1994 standard to the 2000 standard, most managers realize that the conversion is not going to be as straightforward as the last revision.

The standard has been reorganized to increase the emphasis in the following areas:

  • planning;
  • customer satisfaction;
  • measurement and analysis of system effectiveness;
  • continual improvement.

    This is good news for those who attempted to implement reality-based quality management systems that reflect and build on actual business configurations and resources. This is bad news for those who still have the mental approach that maintains a separation between actual business practices and all of this "stuff" done to keep the paper certificate hanging in the lobby.

    Auditors and assessors will not get off easy either. To assess an organization's compliance to the new standard in areas such as Monitoring and Measurement, and Analysis of Data and Improvement, auditors must ask questions, read and understand quality records and reports, and invoke critical thinking when assessing the content. Gone are the days of ticking off questions on a list and being satisfied if a check is marked in every box.

    Some auditors, quality professionals and business registrations will not survive the experience; others will thrive and profit from the new requirements.

    Where to begin
    The first step in the transition is to be educated about the new standard. Don't rely on a single source -- talk to your registrar, read books and briefings on the subject, and search the Internet. Look for common interpretations, as well as areas where the experts seem not to agree; both are equally important.

    Develop a timeline for the transition now. In general, companies with an existing registration will have up to 3 years to become compliant to the new requirements. Most registrars will assess companies against individual sections of the standard during each surveillance audit as requested by the client. This step-by-step process permits the development of a timeline toward full compliance.

    Encourage others in the organization to participate in developing the timeline. This will provide the benefits of educating a cross-section of the organization on the new requirements, obtain companywide buy-in, and ensure that the changes fit and enhance the existing business model and quality management system.

    Use a visual tool to document the plan and publicize the change throughout the organization. The tool can be as simple as a dedicated white board, or it can be as elegant as a detailed Gantt chart, which is used to display planned and completed activities in specific time periods, posted on the company's Web site. Whatever the format, it is important to get the plan into an accessible working model. Keep the entire organization apprised of expectations, progress and obstacles every step of the way.

    Be prepared to set goals and objectives, and determine what metrics will meaningfully measure status and progress throughout the organization. Additionally, be prepared to demonstrate that someone actually evaluates and acts on this data.

    If a minimalist approach to management review was taken before, rethink that model before going forward. Hanging control charts on an office wall and showing the registrar the attendee list and minutes for a once-a-year quality meeting will not likely support the requirements of the new standard.

    Get the audit team trained on the new standard and get a good gap analysis as a working baseline. The team will need to adapt to a different auditing style that emphasizes assessment to the elements of the new standard. Do not abandon compliance auditing altogether. It will still show if what is being done meets the standard and matches the approved procedures. Make sure audit checklists are tied back to the specific elements of the standard.

    Understand the integrated nature of the new vs. the old standard when approaching the transition planning. By looking at any of the comparison charts published for the new standard, it's evident that there is not an element-by-element matchup. Consider the new standard a body of work in order to understand what must be done. If the new requirements are divided into sections and each one is attacked as an isolated component, key requirements may be missed. Each new section now takes from previous sections and feeds into a loop that leads back to one of the basic foundations of quality assurance.

    For example, section 8.4 Analysis of Data refers to, among other elements, 8.2.1 Customer Satisfaction and 7.2.1 Conformity to Product Requirements. The first sentence in 8.4 refers to continual improvement, and if a conceptual understanding of 8.5.1 Continual Improvement is lacking, a failure will occur during the transition to comply to 8.4 Analysis of Data.

    There also is an opportunity to miss what is perhaps one of the highest magnitude changes in the standard -- the change of the word "continuous" improvement to "continual." It is critical to understand that this distinction makes a difference. The traditional interpretation of continuous improvement in the 1994 standard was to evaluate the opportunity for improvement. Auditors typically only required an evaluation of the indicators available, such as corrective and preventive action, and were looking for areas of improvement. Now manufacturers should expect to be required to demonstrate positive movement across the entire system, even if it is incremental.

    For instance, section 8 Measurement, Analysis and Improvement refers to both the process planning and customer satisfaction elements in terms of continual improvement. The section also serves as fodder for the specific directive to "determine, collect and analyze data to demonstrate the suitability and effectiveness of the quality management system and to evaluate where continual improvement of the effectiveness of the quality management system can be made."

    Don't start over
    Companies do not have to dismantle and reassemble the quality system to the new standard. Most assessors will accept matrixes that relate existing documents to the new requirements and elements. Develop a quality plan to go along with the timeline and reference or include these matrixes in the plan. Share the plan and timeline with the assessor during visits and discuss it with them. If they have a problem with the approach or the adequacy of the plan, they will have ample time to raise objections and provide guidance.

    Effectiveness and follow-up are terms used repeatedly in the new standard. Training requirements and records must now include a means and evidence of measuring the effectiveness and competency of resources. Compliance evidence can be a post training follow-up with the employee's manager, proficiency testing, performance re-views or any number of creative approaches.

    The requirements for process identification, mapping, definition and change management are not specifically new, but they elaborate on past expectations. Organizations will need the ability to measure the impact of processes on quality of product and service delivery as it relates to the customer, the environment and the worker's health. Increased measuring and reporting of metrics across the organization will likely assure that reactive behavior and poor change management show up even during a cursory analysis of the data.

    Even the advanced task of determining which elements are required for compliance should begin now. With the demise of ISO 9002, organizations will have to determine which elements of the standard do not apply to their industry or business. Some elements that may not apply to particular businesses include:

    • 7.6 Monitoring of Measuring Devices or 7.5.4 Customer Property, expect to receive increased scrutiny around preventative maintenance and design exclusions.
    • Section 6.3 Infrastructure is specific about including facilities and work environment.
    • 7.2 Customer Related Processes will make it more difficult for organizations to disconnect from the responsibility for design verification and validation that occurs within the organization, even if it is by a sister division.

    The assessor will carefully scrutinize the exchange and impact of design activities on the customer. As a result of poor execution of their responsibilities, design organizations excluded from registration might negatively impact a supplier's ability to meet customer expectations and requirements, potentially putting the supplier's compliance in jeopardy.

    These are just a few of the affects expected from the new standard. Each organization will need to assess what the requirements mean to their company. The new standard is a customer centric, process oriented model that can benefit any business that correctly implements it. The new standard can leave an organization better informed and better prepared to compete in the new economy. The 2000 standard requires an understanding and clear definition of one's own business processes, the requirements and expectations of customers, and the ability to analyze, critique and improve an organization's performance.

    By using the methods and tools described in the new standard when developing the transition plan, an organization will be well on the way to realizing the first of many potential benefits. ISO 9001: 2000 is an exciting return to the vision and spirit of the original aspirations for process-based quality management that began in the original standard. It is an important step forward for the organizations that understand the message and seize the opportunity to improve. Those who survive and thrive will be those who understand themselves, their customer's expectations and can effectively manage change.