The ISO 9000 family addresses "Quality management". This means what the organization does to fulfill:
the customer's quality requirements, and
applicable regulatory requirements, while aiming to
enhance customer satisfaction, and
achieve continual improvement of its performance in pursuit of these objectives.
The ISO 9000 family of standards represents an international consensus on good quality management practices. It consists of standards and guidelines relating to quality management systems and related supporting standards.
ISO 9001:2015 is the standard that provides a set of standardized requirements for a quality management system, regardless of what the user organization does, its size, or whether it is in the private, or public sector. It is the only standard in the family against which organizations can be certified – although certification is not a compulsory requirement of the standard.
The answer is that ISO 9001:2015 lays down what requirements your quality system must meet, but does not dictate how they should be met in any particular organization. This leaves great scope and flexibility for implementation in different business sectors and business cultures, as well as in different national cultures. ISO 9000:2005 describes the Eight Quality Management Principles and covers fundamentals and vocabulary, while ISO 9004 focuses on performance improvements, documentation, training, and financial and economic aspects.
Without satisfied customers, an organization is in peril! To keep customers satisfied, the organization needs to meet their requirements. The ISO 9001:2015 standard provides a tried and tested framework for taking a systematic approach to managing the organization's processes so that they consistently turn out product that satisfies customers' expectations.
In a very small organization, there may be no "system", just "our way of doing things", and "our way" is probably not written down, but all in the head of the manager or owner. The larger the organization, and the more people involved, the more the likelihood that there are written procedures, instructions, forms or records. These help ensure that everyone is not just "doing his or her own thing", and that the organization goes about its business in an orderly and structured way. This means that time, money and other resources are utilized efficiently.
To be really efficient and effective, the organization can manage its way of doing things by systemizing it. This ensures that nothing important is left out and that everyone is clear about who is responsible for doing what, when, how, why and where.
Large organizations, or ones with complicated processes, could not function well without management systems. Companies in such fields as aerospace, automobiles, defence, or health care devices have been operating management systems for years. ISO's management system standards make this good management practice available to organizations of all sizes, in all sectors, everywhere in the world.
No. In the context of ISO 9001:2000 (and ISO 9001:2008) or ISO 14001:2004, “certification” refers to the issuing of written assurance (the certificate) by an independent external body that it has audited a management system and verified that it conforms to the requirements specified in the standard.
“Registration” means that the auditing body then records the certification in its client register. So, the organization’s management system has been both certified and registered. Therefore, in the ISO 9001:2000 (and ISO 9001:2008) or ISO 14001:2004 context, the difference between the two terms is not significant and both are acceptable for general use. “Certification” is the term most widely used worldwide, although registration is often preferred in North America, and the two are used interchangeably.
This really depends on the type and size of the organization. The average time frame for a mid sized company is anywhere between six and twelve months. If the organization decides to become certified they should have been working with the quality management system for at least three months before the certification audit.
When choosing a consultant you should consider their experience of successfully implementing ISO standards in similar organization as yours. Trust is important when it comes picking your consultants; remember, they will be working with you for a couple of month, so they should be available to you to answer any questions that may come up during the process.
Before starting the implementation process the consultant should come up with a project plan detailing all the activities to be performed, including training sessions with your personnel, as well as milestones. Get an understanding of the estimated time to be invested by your staff throughout the implementation process and ensure their availability. Make sure you and your consultant have the same understanding regarding objectives and priorities, any discrepancy should be resolved before starting the work.
Small and medium sized companies may also want to consider travel expenses. A local consultant may be your better choice as long as they are qualified and you trust them.
What to avoid:
You may find consultants that offer that they will do everything for you, meaning that they will right your quality manual, your procedures and other required documentation, and they’ll also prepare the required records and reports and they promise to train your personnel on what to answer during the certification audit. This may seem very convenient for you as it looks like they’ll take care of everything and your only participation will be to write the check. Well, that’s not the way it’s supposed to be. We have seen companies go that way and guess what happened: Once they are due for the following audit they find out that they have to start again from scratch, as nobody maintained the system, personnel never got involved and lack the knowledge of what is expected from them.
Please remember that the quality management system is the way how your run your business. It is not a set of documents that you pull out once in a while but it is rather the way how the diverse processes in your organization are being performed, and it is documented. This required management and all personnel to be completely involved and to understand what is expected from them, as well as their commitment to stick to the procedures and to update them as necessary. Do it right the first time, it will save you a headache and lots of money.
A certification body (registrar) should be accredited (formally recognized) by a specialized body – an accreditation body. Accreditation means that a certification body is competent to carry out ISO 9001 or ISO 14001 certification in specified business sectors. You may contact your national accreditation body for a directory of accredited registrars.
Review the contract before you sign it, as every certificaiton body has different ways to charge. Make sure you understand all the charges before you sign.
Contracts are usually for three years, that’s the timeframe your certificate will be valid. During that period your management system will be audited at least once a year. Review cancellation policies and charges before signing the contract.
Do some research through friends, internet forums, trade organizations, etc. to find out about credibility of the certification body.