Proposed Changes to ISO 9001:2008

Performance Improvement Solutions for Your Business Needs January 2008
In this issue

  • Proposed Changes to ISO 9001:2008
  • What Are You Doing Different in 2008?
  • ISO 28000 for Supply Chain Security
  • The Ultimate Satisfaction Question
  • Training Courses
  • Greetings!

    Welcome to Sustaining Edge Solutions E- Newsletter

    Our newsletters provide guidance on operational and quality systems ISO 9001, AS9100, ISO/TS 16949, TL 9000, ISO 13485, ISO 14001, and others. This includes process improvement methods Six Sigma, Lean Enterprise, and other topics of interest to our readers.

    If you have any questions about the articles appearing in this issue, or you want to suggest topics for future issues, please let us know.

    Newsletter Sign-up

    The Best of the New Year to You!

    Proposed Changes to ISO 9001:2008

    The Draft International Standard version is now being circulated for review and comment. The new publication date is expected to be late 2008, so I will refer to the revised standard as ISO 9001:2008.

    Please note that only the new or changed sections are discussed. Unaffected text has not been included.

    To begin, under 4.1 General Requirements, sub-clause (a), the word “Identify” has been replaced with “Determine”:

    4.1 General Requirements a) Determine the processes needed for the quality management system and their application throughout the organization (see 1.2),

    Although similar, the words “Identify” and “Determine” have slightly different meanings. To identify is to recognize or establish something as being a particular thing. To determine is to apply reason and reach a conclusive decision. Therefore, to determine the processes implies more analysis and judgment than merely identifying them.

    e) monitor, measure (where applicable) and analyze these processes, and …

    Processes are monitored, but may not need to be measured. Therefore, the requirement change indicates processes are only measured where applicable.

    4.2.3 Control of DocumentsThe first sentence of this clause in the draft standard still states that documents required by the quality management system are to be controlled. The only suggested change to clause 4.2.3 is shown below:

    f) to ensure that documents of external origin determined by the organization to be necessary for the planning and operation of the quality management system are identified and their distribution controlled, and

    The change in sub-clause (f) clarifies that not all external documents have to be identified and controlled; only those necessary for the planning and operation of the quality management system.

    4.2.4 Control of Records The opening sentence for clause 4.2.4 has expanded from records being “maintained” to having them “controlled”. Maintaining the records would be to simply keep them in good condition. Controlling the records means to regulate their use.

    The organization shall establish a documented procedure to define the controls needed for the identification, storage, protection, retrieval, retention, and disposition of records.

    The requirement for a documented Record Control procedure was rewritten as shown above, but the content is basically the same. Note that “retention time” has been reduced to “retention”. Records must still remain legible, readily identifiable, and retrievable. This text was just moved to the end of clause 4.2.4.

    5.5.2 Management Representative

    Top management shall appoint a member of the organization’s management who, irrespective of other responsibilities, shall have responsibility and authority that includes:

    I’ve encountered a few small companies that have outsourced the Management Representative role to a consultant or non-managerial personnel. I wonder if this clarification is aimed at that practice?

    7.1 Planning of Product Realization

    The only change to the text of clause 7.1 is the addition of “measurement” as one of the required activities to be determined during the planning of product realization.

    In planning product realization, the organization shall determine the following, as appropriate: c) required verification, validation, monitoring, measurement, inspection and test activities specific to the product and the criteria for product acceptance;

    7.2.1 Determination of Requirements Related to the Product

    The slight change below from “for delivery and post-delivery activities” to “for delivery, and for post-delivery activities” adds emphasis to post-delivery activities. In addition, a Note has been added with examples of post-delivery activities.

    NOTE: Post delivery activities include, for example, actions under warranty provisions, contractual obligations such as maintenance services, and supplementary services such as recycling or final disposal.

    Look for more proposed changes in Next Month’s Issue!

    What Are You Doing Different in 2008?
    New Year

    Another new year. Will it be more of the same for you?

    Think big for a change! The really positive thinker sees the invisible, feels the intangibles, and achieves the impossible. It’s called a quantum leap. Give the following some thought…

    • You don’t have to be content with improving things gradually or incrementally.
    • Historical behaviors can become obstacles to future success.
    • Don’t limit your desires to things that you think you can have; start thinking about things that you want. Give yourself permission to dream.
    • Suspend disbelief. If you must doubt something, doubt your limits.
    • Doubts are the product of habitual thinking, not accurate thinking.
    • Focus on the ends, not the means. You don’t have to know how you’re going to get there, only where you want to go.
    • A quantum leap means going into uncharted waters with no guide to follow. You’ll draw the map as you go.
    • What’s your risk? Only that you won’t get what you really want out of life. Playing it safe and living with the status quo is probably the surest way of losing.
    • It’s not taking a big chance, it’s giving yourself a big chance.
    • Positive action is more powerful than positive thoughts. Place your trust in the action.
    • Seek failure. It’s a resource, it helps you find the edge of your capabilities.
    • There’s no gain with out pain. Progress often masquerades as trouble. The road will be bumpy.
    • Be aware of your comfort zones. If you’re comfortable, you’re not stretching yourself.
    • Ready, fire, aim! Don’t get bogged down in the preparation. It’s just a stalling tactic.

    Ask yourself: What were some of the things I did last year that were non-productive; things that, given another chance, I wouldn’t do?

    What will I commit to doing differently this year?

    Thanks to Sam Williams, New View Group for the insights.

    ISO 28000 for Supply Chain Security

    The ISO 28000 series of standards on supply chain security management systems have been upgraded from their status as Publicly Available Specifications to that of full International Standards. They are expected to help reduce risks to people and cargo by addressing potential security issues such as terrorism, fraud, and piracy.

    The ISO 28000 standards specify the requirements for a security management system to ensure safety in the supply chain. They can be applied by organizations of all sizes involved in manufacturing, service, storage, or transportation by air, rail, road, and sea at any stage of the production or supply process. The standards include provisions to:

    • establish, implement, maintain, and improve a security management system;
    • assure conformity with security management policy;
    • demonstrate such conformity;
    • seek certification of conformity by an accredited third party organization; or
    • make a self-determination and self-declaration of conformity.

    The ISO 28000 series consists of:

    1. ISO 28000:2007, Specification for security management systems for the supply chain;
    2. ISO 28001:2007, Security management systems for the supply chain – Best practices for implementing supply chain security – Assessments and plans – Requirements and guidance;
    3. ISO 28003:2007, Security management systems for the supply chain – Requirements for bodies providing audit and certification of supply chain security management systems;
    4. ISO 28004:2007, Security management systems for the supply chain – Guidelines for the implementation of ISO 28000.
    5. ISO 28005:200x, Ships and marine technology – Computer applications – Electronic port clearance is being developed as the latest addition to the series.

    Organizations can then continually assess their security measures to protect their business interests and ensure compliance with international regulatory requirements. By encouraging the implementation of these standards by the various organizations in the supply chains, countries will be able to maximize the use of government’s resources, while maintaining a level of optimal security.

    ISO 28000, ISO 28001, ISO 28003 and ISO 28004 are available from the ANSI Web Store.

    The Ultimate Satisfaction Question

    Have your customers quit responding to your lengthy satisfaction surveys? Are your response rates too low for adequate analysis and action?

    Well, you know you can’t just give up. You need to know what your customers are thinking. And, for example, meeting the requirements expressed in ISO 9001:2000, clause 8.2.2, Customer Satisfaction.

    Fortunately, there is a simpler way of surveying your customers. A measurement tool, called Net Promoter Score (NPS), uses only one question:

    On a scale of 1 to 10, how likely is it that you would recommend our company to a friend or colleague?

    A study by Satmetrix Systems, in partnership with Fred Reichheld of Bain & Company, determined this single loyalty question can judge individual customer purchase and referral patterns across seemingly disparate industries.

    If customers reported they were likely to recommend a particular company to a friend or colleague, then these same customers were also likely to actually repurchase from the company, as well as, generate new business by referring the company by word-of mouth.

    If customers reported they were not likely to recommend a company, they were also less likely to engage in actual repurchase or referral behaviors.

    Ultimate Question
    One simple question – Would you recommend us to a friend or colleague? – allows companies to track promoters and detractors and produces a clear measure of an organization’s performance through its customers’ eyes.

    Promoters are customers who are so enthusiastic about a firm or brand that they not only increase their own purchases, but also refer their colleagues or friends. Promoters are customers with ratings of 9 or 10 and exhibited the highest rates of purchase and referral behaviors.

    Passive customers are those that were somewhat likely to recommend a company, i.e., ratings of 7 or 8, and exhibited moderate rates of purchase and referral behaviors.

    Detractors are customers who feel so badly treated that they cut back on purchases, switch to the competition, and warn others to stay away from the company. Detractors are customers with ratings of 1 thru 6 and exhibited the lowest rates of purchase and referral behaviors.

    Training Courses

    Our 2008 1st Quarter course schedule is now posted on our website.

    To see the course description, schedule, and on-line registration click on the course title below. Courses are awarded Continuing Education Units.

    Understanding & Implementing ISO9001:2000
    ISO 9001:2000 Process Based Internal Auditor
    Documenting Your Quality Management System

    Understanding & Implementing AS9100B:2004
    AS9100B: 2004 Process Based Internal Auditor
    Documenting Your Quality Management System

    Understanding and Implementing ISO/TS16949:2002
    ISO/TS16949:2002 Process Based Internal Auditor
    Documenting Your Quality Management System

    Understanding and Implementing ISO14001:2004
    ISO14001:2004 Process Based Internal Auditor

    The Five Pillars of a Lean Workplace Organization
    Continuous Process Improvement
    Lean Six Sigma

    All courses can be delivered at your company. Don’t see a course, location, or date that fits your needs?

    Contact Us

    Quick Links

    Comments are closed.