Korean English Spanish ?
Certification > ISO9001

ISO 9001:2015

▷ Reasons for Use

The global adoption of ISO 9001 may be attributable to a number of factors. A number of major purchasers require their suppliers to hold ISO 9001 certification. In addition to several stakeholders’ benefits, a number of studies have identified significant financial benefits for organizations certified to ISO 9001, with a 2011 survey from the British Assessment Bureau showing 44% of their certified clients had won new business. Corbett et al (2005) showed that certified organizations achieved superior return on assets compared to otherwise similar organizations without certification. Heras et al (2002) found similarly superior performance and demonstrated that this was statistically significant and not a function of organization size. Naveh and Marcus (2007) showed that implementing ISO 9001 led to superior operational performance. Sharma (2005) identified similar improvements in operating performance and linked this to superior financial performance. Chow-Chua et al (2002) showed better overall financial performance was achieved for companies in Denmark. Rajan and Tamimi (2003) showed that ISO 9001 certification resulted in superior stock market performance and suggested that shareholders were richly rewarded for the investment in an ISO 9001 system.
While the connection between superior financial performance and ISO 9001 may be seen from the above, there remains no proof of direct causation, though longitudinal studies, such as those of Corbett et al (2005) may suggest it. Other writers such as Heras et al (2002) have suggested that while there is some evidence of this, the improvement is partly driven by the fact that there is a tendency for better performing companies to seek ISO 9001 certification.
The mechanism for improving results has also been the subject of much research. Lo et al (2007) identified operational improvements (cycle time reduction, inventory reductions, etc.) as following from certification. Buttle (1997) and Santos (2002) both indicated internal process improvements in organizations leading to externally observable improvements. Hendricks and Singhal (2001) results indicate that firms outperform their control group during the post implementation period and effective implementation of total quality management principles and philosophies leads to significant wealth creation. The benefit of increased international trade and domestic market share, in addition to the internal benefits such as customer satisfaction, interdepartmental communications, work processes, and customer/supplier partnerships derived, far exceeds any and all initial investment according to Alcorn.

▷ Background

ISO 9000 was first published in 1987. It was based on the BS 5750 series of standards from BSI that were proposed to ISO in 1979. Its history can however be traced back some twenty years before that when the Department of Defense published its MIL-Q-9858 standard in 1959. MIL-Q-9858 was revised into the NATO AQAP series of standards in 1969, which in turn were revised into the BS 5179 series of guidance standards published in 1974, and finally revised into being the BS 5750 series of requirements standards in 1979, before being submitted to ISO.
BSI has been certifying organizations for their quality management systems since 1978. Its first certification (FM 00001) is still extant and held by the Tarmac company, a successor to the original company which held this certificate. Today BSI claims to certify organizations at nearly 70,000 sites globally. The development of the ISO 9000 series is shown in the diagram to the right.

▷ Quality Management System Process Approach

This International Standard promotes the adoption of a process approach when developing, implementing and improving the effectiveness of a quality management system, to enhance customer satisfaction by meeting customer requirements. Specific requirements considered essential to the adoption of a process approach are included in 4.4.

Understanding and managing interrelated processes as a system contributes to the organization’s effectiveness and efficiency in achieving its intended results. This approach enables the organization to control the interrelationships and interdependencies among the processes of the system, so that the overall performance of the organization can be enhanced.

The process approach involves the systematic definition and management of processes, and their interactions, so as to achieve the intended results in accordance with the quality policy and strategic direction of the organization. Management of the processes and the system as a whole can be achieved using the PDCA cycle (see 0.3.2) with an overall focus on risk-based thinking (see 0.3.3) aimed at taking advantage of opportunities and preventing undesirable results.

The application of the process approach in a quality management system enables:

  1. understanding and consistency in meeting requirements;
  2. the consideration of processes in terms of added value;
  3. the achievement of effective process performance;
  4. improvement of processes based on evaluation of data and information.

Figure 1 gives a schematic representation of any process and shows the interaction of its elements. The monitoring and measuring check points, which are necessary for control, are specific to each process and will vary depending on the related risks.


▷ Plan-Do-Check-Act cycle

The PDCA cycle can be applied to all processes and to the quality management system as a whole.
Figure 2 illustrates how Clauses 4 to 10 can be grouped in relation to the PDCA cycle.

The PDCA cycle can be briefly described as follows:

  • Plan: establish the objectives of the system and its processes, and the resources needed to deliver results in accordance with customers’ requirements and the organization’s policies, and identify and address risks and opportunities;
  • Do: implement what was planned;
  • Check: monitor and (where applicable) measure processes and the resulting products and services
    against policies, objectives, requirements and planned activities, and report the results;
  • Act: take actions to improve performance, as necessary.

▷ Risk-based thinking

Risk-based thinking (see Clause A.4) is essential for achieving an effective quality management system.
The concept of risk-based thinking has been implicit in previous editions of this International Standard including, for example, carrying out preventive action to eliminate potential nonconformities, analyzing any nonconformities that do occur, and taking action to prevent recurrence that is appropriate for the effects of the nonconformity.

To conform to the requirements of this International Standard, an organization needs to plan and implement actions to address risks and opportunities. Addressing both risks and opportunities establishes a basis for increasing the effectiveness of the quality management system, achieving improved results and preventing negative effects. Opportunities can arise as a result of a situation favourable to achieving an intended result, for
example, a set of circumstances that allow the organization to attract customers, develop new products
and services, reduce waste or improve productivity. Actions to address opportunities can also include
consideration of associated risks. Risk is the effect of uncertainty and any such uncertainty can have positive or negative effects. A positive deviation arising from a risk can provide an opportunity, but not all positive effects of risk result in opportunities


▷ ISO9001:2015 Requirements

4 Context of the organization
4.1 Understanding the organization and its context
4.2 Understanding the needs and expectations of interested parties
4.3 Determining the scope of the quality management system
4.4 Quality management system and its processes

5 Leadership
5.1 Leadership and commitment
5.1.1 General
5.1.2 Customer focus
5.2 Policy
5.2.1 Establishing the quality policy
5.2.2 Communicating the quality policy
5.3 Organizational roles, responsibilities and authorities

6 Planning
6.1 Actions to address risks and opportunities
6.2 Quality objectives and planning to achieve them
6.3 Planning of changes

7 Support
7.1 Resources
7.1.1 General
7.1.2 People
7.1.3 Infrastructure
7.1.4 Environment for the operation of processes
7.1.5 Monitoring and measuring resources
7.1.6 Organizational knowledge
7.2 Competence
7.3 Awareness
7.4 Communication
7.5 Documented information
7.5.1 General
7.5.2 Creating and updating
7.5.3 Control of documented information

8 Operation
8.1 Operational planning and control
8.2 Requirements for products and services
8.2.1 Customer communication
8.2.2 Determining the requirements for products and services
8.2.3 Review of the requirements for products and services
8.2.4 Changes to requirements for products and services
8.3 Design and development of products and services
8.3.1 General
8.3.2 Design and development planning
8.3.3 Design and development inputs
8.3.4 Design and development controls
8.3.5 Design and development outputs
8.3.6 Design and development changes
8.4 Control of externally provided processes, products and services
8.4.1 General
8.4.2 Type and extent of control
8.4.3 Information for external providers
8.5 Production and service provision
8.5.1 Control of production and service provision
8.5.2 Identification and traceability
8.5.3 Property belonging to customers or external providers
8.5.4 Preservation
8.5.5 Post-delivery activities
8.5.6 Control of changes
8.6 Release of products and services
8.7 Control of nonconforming outputs


9 Performance evaluation
9.1 Monitoring, measurement, analysis and evaluation
9.1.1 General
9.1.2 Customer satisfaction
9.1.3 Analysis and evaluation
9.2 Internal audit
9.3 Management review
9.3.1 General
9.3.2 Management review inputs
9.3.3 Management review outputs

10 Improvement
10.1 General
10.2 Nonconformity and corrective action
10.3 Continual improvement

4 조직상황
4.1 조직과 조직상황의 이해
4.2 이해관계자의 니즈와 기대 이해
4.3 품질경영시스템 적용범위 결정
4.4 품질경영시스템과 그 프로세스

5 리더십
5.1 리더십과 의지표명
5.1.1 일반사항
5.1.2 고객중시
5.2 방침
5.2.1 방침의 수립
5.2.2 품질방침에 대한 의사소통
5.3 조직의 역할, 책임 및 권한

6 기획
6.1 리스크와 기회를 다루는 조치
6.2 품질목표와 품질목표 달성 기획
6.3 변경의 기획

7 지원
7.1 자원
7.1.1 일반사항
7.1.2 인원
7.1.3 기반구조
7.1.4 프로세스 운용 환경
7.1.5 모니터링 자원과 측정 자원
7.1.6 조직의 지식
7.2 역량/적격성
7.3 인식
7.4 의사소통
7.5 문서화된 정보
7.5.1 일반사항
7.5.2 작성(creating) 및 갱신
7.5.3 문서화된 정보의 관리

8 운용
8.1 운용 기획 및 관리
8.2 제품 및 서비스 요구사항
8.2.1 고객과의 의사소통
8.2.2 제품 및 서비스에 대한 요구사항의 결정
8.2.3 제품 및 서비스에 대한 요구사항의 검토
8.2.4 제품 및 서비스에 대한 요구사항의 변경
8.3 제품 및 서비스의 설계와 개발
8.3.1 일반사항
8.3.2 설계와 개발 기획
8.3.3 설계와 개발 입력
8.3.4 설계와 개발 관리
8.3.5 설계와 개발 출력
8.3.6 설계와 개발 변경
8.4 외부에서 제공되는 프로세스, 제품 및 서비스의 관리
8.4.1 일반사항
8.4.2 관리의 유형과 정도(extent)
8.4.3 외부공급자를 위한 정보
8.5 생산 및 서비스 제공
8.5.1 생산 및 서비스 제공의 관리
8.5.2 식별과 추적성
8.5.3 고객 또는 외부공급자의 재산
8.5.4 보존
8.5.5 인도 후 활동
8.5.6 변경관리
8.6 제품 및 서비스의 불출/출시(release)
8.7 부적합 출력/산출물(output)의 관리


9 성과 평가
9.1 모니터링, 측정, 분석 및 평가
9.1.1 일반사항
9.1.2 고객만족
9.1.3 분석 및 평가
9.2 내부심사
9.3 경영검토/경영평가(management review)
9.3.1 일반사항
9.3.2 경영검토 출력사항
9.3.3 경영검토 출력사항

10 개선
10.1 일반사항
10.2 부적합 및 시정조치
10.3 지속적 개선


▷ Factors for adjustments of audit time of management systems (QMS and EMS)

1. Increase in audit time of management systems
  1. Increase in audit time of management systems
    a. Complicated logistics involving more than on building or location where work is carried out.
       Eg., a separarte Design Centre must be audited
    b. Staff speaking in more than one language (requiring interpreter(s) or preventing individual auditors from    working independently)
    c. Very large site for the number of personnel (eg., a forest)
    d. High degree of regulation (eg., food, drug, aerospace, nuclear power, etc)
    e. Systems covers highly complex processes or relatively high number of unique activities
    f. Activities that require visiting temporary sites to confirm the activities of the permanent sites(s) whose   management system is subject to certification
    g. Outsourced functions or process
  2. Increase in audit time of management systems for QMS only
    a. Activities considered to be of high systems for EMS only
  3. Increase in audit time of management environment compared to typical location for the industry sector
    a. Higher sensitivity of receiving environment compared to typical location for the industry sector
    b. Views of interested parties
    c. Indirect aspects necessitating increase in audit time
    d. Additional or unusual environmental aspects or regulated conditions for the sector
    e. Risks of environmental accidents and impacts arising, or likely to arise, as consequences of incidents and    potential emergency situations, previous environmental problems that the organization has contributed to


2. Decrease in audit time of management systems
  1. Client is not “design responsible” or other standard elements are not covered in the scope (QMS only)
  2. Very small site for number of personnel (eg, office complex only)
  3. Maturity of management systems
  4. Prior knowledge of the client management systems (eg. Already certified to another standard by the same CAB)
  5. Client preparedness for certification (eg. Already certified or recognized by another 3rd party scheme)
    Note) if audit is conducted in accordance with IAF MD 11 this justification is invalid as reduction will be calculated from the level of integration
  6. High level of automation
  7. Where staff include a number of people who work “off location” eg. Salespersons, drivers, service personnel, etc. and it is possible to substantially audit compliance of their activities with the system through review of records
  8. Activities considered to be of low risk, Low complexity activities (eg.
    * Processes involving similar and repetitive activities (eg. Service only)
    * Identical activities of low complexity performed on all shifts with appropriate evidence of equivalent   performance on all shifts
    * Where a significant proportion of staff carry out a similar simple function. Repetitive process within scope   (when employees perform repetitive activities)

was accredited by IAS