ISO 9000

The ISO 9000 family of standards are related to quality management systems and designed to help organizations ensure that they meet the needs of customers and other stakeholders.^[1] The standards are published by ISO, the International Organization for Standardization, and available through National standards bodies while meeting statutory and regulatory requirements. ISO 9000 deals with the fundamentals of quality management systems,^[2] including the eight management principles^[3][2] on which the family of standards is based. ISO 9001 deals with the requirements that organizations wishing to meet the standard have to fulfill.^[4]

Third party certification bodies provide independent confirmation that organizations meet the requirements of ISO 9001. Over a million organizations worldwide^[5] are independently certified, making ISO 9001 one of the most widely used management tools in the world today. Despite widespread use, however, the ISO certification process has been criticized^[6][7] as being wasteful and not being useful for all organizations

ISO Versions:

ISO 9001:1987 Model for quality assurance in design, development, production, installation, and servicing was for companies and organizations whose activities included the creation of new products.

ISO 9000:1994 emphasized quality assurance via preventive actions, instead of just checking final product, and continued to require evidence of compliance with documented procedures

ISO 9001:2000 combined the three standards—9001, 9002, and 9003—into one, called 9001.  The 2000 version also demanded involvement by upper executives in order to integrate quality into the business system and avoid delegation of quality functions to junior administrators. Another goal was to improve effectiveness via process performance metrics.

ISO 9001:2008 basically renarrates ISO 9001:2000. The 2008 version only introduced clarifications to the existing requirements of ISO 9001:2000 and some changes intended to improve consistency with ISO 14001:2004.

Audit:

Two types of auditing are required to become registered to the standard: auditing by an external certification body (external audit) and audits by internal staff trained for this process (internal audits). The aim is a continual process of review and assessment to verify that the system is working as it is supposed to; to find out where it can improve; and to correct or prevent problems identified. It is considered healthier for internal auditors to audit outside their usual management line, so as to bring a degree of independence to their judgments.