We advice printing this ISO 9001 page, otherwise look for answers or information you may be pursuing...

What is iso ?

The Greek word for equal... balanced... equitably

Then, what is I-S-O?

Specifically, our answer, is a European based confederation of countries seeking standardization, and the the term I-S-O represents the name of the International Organization for Standardization, with headquarters in Geneva Switzerland under under which management systems specifications are published... it is a non-govermental organization (NGO) who's mission is to identify, establish and promote published specifications. Each sovereign country establishes their own standards and norms, as there is no centralized world organization to establish world regulations, laws or norms.

ISO 9001 "Registration" or "Certification", what does it mean?

    ISO 9001... remains as an organization's management system has been verified and validated by a third party (namely a Registration or Certification Body) that it conforms to the Europe's International Standard ISO 9001. The terms registration and certification comes about this protocol, the term, whilst it can be with a different argument, is more in tune with colloquialism than to specifics, while the terms Certificate of Registration applies.

      In the UK the term Registration is the "norm" and Certified is the "abnormal" (...joke that is understood only in certain regions)!

ISO 9000... "the new (and improved) version"?

    ISO 9000, original publishing in 1987 (based on BS 5750, from 1979) and reviewed and updated in 1994 and again in 2000 - 2008 (and as ISO 9001), it is a guidance standard for definitions, terms and process approach concept. The standard under which an organization may seek certification is specifically 2015 version of ISO 9001.

    ISO 9001 requires the process approach and that the organization pursues continuous improvements...

Why organizations achieve ISO 9001 Registration, even they don't export?

    Based on a commercial volunteer arrangement, there are several reasons:

      A customers may require ISO 9001... as well a supplier may require ISO 9001 to a client (usually distributorship, retailer and related).

      It is a requirement within a specific industry sector, e.g. the international automotive sector through the ISO 9001 variant TS 16949. There are others for medical, food safety, telecommunication, energy, and many other sectors as these is open buesiness within a free market, and ISO 9001 is for quality management descriptive in nature.

      It may be for the purpose of reducing the number of 2nd or 3rd Party auditing. (customers have begun accepting 3rd Party Registration)

      Registration has been set by the domino effect and thus it may be the expectation within given specific industry sectors.

ISO 9000, ISO 14000... logos, what are these?

    The vast majority seen are the specific logo of a Registration Body or Registrar allowing of its use to organizations they have Registered / Certified to the International Standard. Alternatively an organization may design a logo and use this as they decide (related to the management system). What is being recognized is the management system, processes... not the product. Product registration its another "ball game". The Registration Certificate may also include the logo of one or various accreditation bodies (e.g. USA-ANAB, USA-GOB, Dutch-RvA, BRS-USA, UKAS-UK, JAB-Japan, InMetro-Brazil, IRAM-Argentina, Malaysia-DSM, SCC-Canada, ASBCe-UK and dozen others...).

So just call a Registration | Certification Body and done?

    Unfortunately some organizations do not place the level of consideration for registration | certification body whether centralized command or a local branch (namely a registrar) selection and end-up with an agreement wishing they did not signed...

    If not careful Registration may not be worth the paper it is written. Which registration body or registrar is best? It will help decision considering your region of where the product is produced / manufactured, point of sale(s), products, risk factors, market preference and name recognition, and in some cases client dictated. Ascertain that the registration body sees you as client while maintaining its own legal obligations and regulatory complinace while fulfilling requirements for accreditation, that is ethical, friendly... and adds value to the whole registration process.

Registration, Certification, and Accreditation Body, any difference?

    While accreditation is not an imperative to conduct conformity assessments and to grant certification requirement, a certification / registration body that carries ISO/IEC 17021+ accreditation to assess, evaluate and register a management system in accordance to requirements set forth by the criteria... the CAB needs to demonstrate legal and regulatory compliance + competence and impartiality by conforming with operations in accordance to the likes of such ISO/IEC 17021... [and for products as a Notified Body].

      Note of Awareness: The judging and the advising must be entirely independent, this implies that a registrar and the consulting must be two totally different entities... (in the Registrar page click the word ethics and others for specific criteria an explanations). Further, internal training by a certification body or a registrar (as a branch of a certification body) is construe as consulting!

    An accreditation entity provides verification and validation in accordance with a specific agreements for a a price and continuing payment of fee while adhering to ISO/IEC 17011, to assure that CB meets ISO/IEC 17021. The Accreditation Entity is a legal entity with authority to carry accreditation - recognition affairs, most carry a price and fees and few as a public trust by donations. Further, an accredited entity they may have recognition / accreditation for the approvals of certain products abiding to the regulatory control set by specific product directives, as a European Union business these are issued issued by the EEC (the governing bureau of the EC) and administer by the EA... see CE Marking and relating in this site... An accreditation entity may grant product certification status.

How long and how much?

    The price and fees based size, products, complexity, nature of activities and ability to work as team are key factors in how much and how long is the audit time...

      Example A - Starting from zero (for all practical purpose), a 100 people company in CNC machining activities achieved ISO 9001 in 89 days... they wanted to do it to test their team working capability... now they are a world class show case organization.

      Example B - Starting from zero, 400+ people automotive parts plant achieves ISO 9001 under 4 months and TS 16949 six months after.

      Example C - Starting from zero, a 3,000 10 facilities mining operations achieves ISO 9001 under 8 months... and ISO 14001 under 6 months.

      Example D - Starting from a TQM program, a Chemical corporation with 3,000+ took 5 years... however, add to the stretch, ineffective consulting from the beginning.

    The answer to cost and fees is specific as this relates to many factors including size, risk, complexity... contact us other than just to help... contact submittal... How to begin?

    While not needed, your organization may consider a Base Line or Gap Analysis, which may include a series of activities including training/induction to contemporary best practices to the Standard being pursuit for Registration.

    Beware that Registrars provide Pre Assessment services, which often is their recommendation, but these are for the unique purpose to assess the readiness for the Registration Audit Protocol. A Base Line Analysis can take several days (1-7+, depend on size and region) day analysis for development of the strategy, actions, status, project to achieve organisation's objective(s).

AS9100, TS 16949, TL 9000, ISO 13485, ISO/IEC 17025, ISO/IEC 17024, HACCP MS, ISO 22000, ISMS...?

    Some of these are namely ISO 9001 variants, they fall under the "umbrella" of the ISO 9000 series applicable to different industry sectors and nature of activities. Elsewhere in our site you can get specifics. However, under accreditation status the CAB needs to address specific International Standards such as ISO/IEC 27006 and ISO/TS 22003.



We manufacture medical devices, Class II... we have received orders for Europe... what is ISO 13485  about?

      Note - EN 46000 Scheme has been retired since year 2001

    ISO 13485 is a stand alone management system for the manufacturers of medical devices shipping to Europe... in tune with FDA GMP QSR. In Canada is CMDCAS based fees program of accreditation... Visit our site under CE Marking and Medical Sectors / ISO 13485 for specifics.

    If you are a second or third tier manufacturer (e.g contract manufacturer, manufacturer or parts, material supplier...) you may opt to other quality management systems, or non at all other than your own). However, if you have a supplier dictating a specific certification body or accreditation group then you have no freedom of choice.

"CE Mark"...need it?

    It is the logo that needs affixing to certain (categories) of products for import into Europe (EC) and other regions. To achieve CE it is require that your product meets specified "regulatory" requirements. Toys, medical devices, electronics, electrical, machinery, explosives... are impacted by the regulatory requirements. The Registration Body in additions needs to be a Notified Body

For how long does the Registration is in Effect?

    While no "standard" sets specific times, the registration is typically for three (3) years... but you may change certification body as you decide...

    And accreditation is typically a 4-year arrangement.

To what organizations does the hazardous substance-free (HSF) requirements apply... RoHS, SB 50, WEEE, REACH, and QC 080000?

Affects point-of-sales as well of origin where your products are manufacture. Through a hazardous substance process management (HSPM) system is an effective mean to meet HSF requirements - regulations. A scheme that encompass WEEE, SB 50, Reach and RoHS, and Green Process is in effect. These can equally integrate with ISO 9001, ISO 14001 management systems. For WEEE see directive 2002/95/EC and 2002/96/EC.  Visit RoHS, restriction of hazardous substances. Visit SB 50 for California State Bill. Visit REACH for restriction of chemicals. QC 080000 equally applies to organizations that wish to manage, minimize, and eliminate hazardous substances and may be achieved together with ISO 9001 or ISO 14001.

Evaluating the effectiveness of the quality management system ISO 9001

First piece of information - various Universities conducted studies on the benefits of ISO 9001 certification demonstrate that sales, productivity, and other measurable and non-measurable (non parametric) business parameters improve.

    Study conducted by The Anderson School at UCLA, Smith School of Business, University of Maryland, University Carlos III of Spain.

The challenge to audit a management system with lesser document-procedures brought about the year 2015 version of ISO 9001 creates benefit to organizations. Thus, auditors may face difficulty, or overlook, assessing methods and practices and how effective are these through the process focus approach. Also, many contact us to inform that the process approach is best in tune with the organization's operational practices.

"Effectiveness"? Simply... is the extent of achieving result through a realization iteration departing from planning (planned). This makes "effectiveness" not only the conformity of a process, but as well the resultant comparing to the organizations objectives.

In this "process" of effectiveness auditing must include or needs considering:

  1. Intent follows the path of objectives, documented and policies concur toward...
  2. ... implementation - does documents, methods and practices concur...
  3. ... and are we effective - or else do we realize the previous...
  4. ... resulting in the intended outcome (a).

Verifying conformity, some words on auditing in the new millennium + 

The ISO 900X "school" of thoughts (internal mostly) relying upon document verification and related records as the main evidence for conformity. This creates, at times, lacking communication wherein auditors do not communicate with process owners, operators, and alike process personnel, and perform physical observation  and interviews that relate to the operations and activities.

Gathering objective evidence can be through different means:


    Concurring with the Audits plan, communicate with process owners, operators, mechanics... Most important, listen. Investigate to gather information and data that can lead matching the defined process(es).

    Observation (note that ISO 19011, mow deleted from ISO/IEC 17021 since 2011 reference, gives a specific definition...)

    Aid you in understanding of the process by watching as its been conducted. And see if the what is observed and the practices conform with the requirements / criteria. It may be your experience that individuals may be more relaxing as the conduct the activities that you are to obtain information from... by demonstration an individual may express themselves more effectively. In addition, internal audits will be less disruptive since work continues.

    Reviewing tangible documents

    During dialogue (or when observing) inquire on documents being used (pass, present or planned) in the realization of the activities. This will allow you to find documents other than those that the level I manual outlines, procedures, instruction or else... If it needs to, are documents under adequate control? Are these available to all work shifts?

    Records (see also elsewhere in this page ISO 15489 accreditation program)

    Past operations provides evidence of process realization effectiveness and performance thus comparison can be made with present. This as well verifies effectiveness of record control.

    Cross referencing for validity...

The gathering of information and data assists in concluding the level of effectiveness to the satisfaction of a competent audit team (1 or more auditors) to conclude on whether fulfilling the requirements of the management system (see deleted ISO/IEC 17021 2011 reference ISO 19011:2002 Guideline).

ISO 9001 provides the opportunity to more effective controls byway of internal auditing

It is time to review results and ascertain that audit objectives which needs to concur with organizations objectives to improve competitively (and manage risk)...

  • Are audits being planned, given serious consideration to planning of individual audits?
  • How effective are process and activities in meeting planned arrangements and objectives toward the organizations overall...
  • Is the information provided by auditors leads to and assists in effective target improvements?
  • Are the audits being comprehensive and completed (verifying effectiveness on action that needs be taken)? How long does it take (average)?
  • Are the audit teams competent to audit?
  • Is your organization audit program seen as positive (adding-value) or is it negative (no adding value or merely to satisfy an ISO 9001 requirement)?

Training need relating with real scenario identifying what, why and wherein, and assisting the process owner in its endeavor of not only conformity, but improvement whilst enabling agility within the management system... one of the means to improve competence. 

Audit Planning - Plan twice execute effectively once

The Plan-Do-Check-Act model can easily be applied to auditing:

  • Plan: From audit programming, identify and define audit criteria, and from thereon plan the strategy to meet needs and objectives.
  • Do: Realize the audit plan.
  • Check: Verify congruency between observation, dialogue, documents and criteria.
  • Act: (Temporary) "finalize" the audit phase thus prepare for continuance examination and verification.

Audit programming, under ISO 9000:2000 scheduling by processes or functional areas will propitiate examining the applicable requirements to the specific process scope. This may indicate wherein audit results indicate betterness opportunities with specific clauses to a particular process and then may need to focus (go into deeper) to the specific clause and process that interact...

    Reiterating that ISO 9001 requires audit planning on the basis of the relevancy and importance of the activity and the results of previous audits. Critical areas, process or activities needs demonstrating effectiveness and that improvement is achievable, or in the case of "non conformance" needs be consider in the audit planning and frequency.

Record keeping, is there any guideline?

Guide ISO 15489 intent is to assist in the establishing and maintaining policies, standards, and guidelines for the management of information. ISO 15489 provides guidelines for personnel with responsibility to management for and including; archivists, librarians, KM specialists, finance, business administrators, overall is for personnel with responsibility for identifying, maintaining, safeguarding, retrieving... records and relating practices.

Is "TQM" dead?

    ISO 9000 helps in further Integrating Managerial Schemes such as ISO Kaizen-Blitz has been more effective and beneficial. Thus the answer of yes or no is dependent on whom we ask and what region of the world we ask.

    According to Michael E.D. Koening, Professor of the College of Information and Computer Science, TQM had its peak in 1992-1993 and ever since dropping from thousands to hundreds implementations.

    PDF achieves "International Standard" status

    The Portable Document Format (PDF) is available as a standard through ISO. PDF is a creation of Adobe Systems Inc.

    By making the codes open and releasing PDF codes PDF achieves standard status. As an open source the standard is available to developers.

    The International Standard is ISO 32000-1:2008 Document Management - Portable Document Format - Part 1: PDF 1.7. Available on PDF from the ISO.

    For reference visit URL: www.iso.ch


Frequently Asked QuestionsHome Portal...