ISO 9000 ISO 9000 specifies requirements for a Quality Management System overseeing the production of a product or service.

It is not a standard for ensuring a product or service is of quality; rather, it attests to the process of production, and how it will be managed and reviewed. ISO 9000 was originally created by the British Standards Institute as BS 5750. History In World War II, Britain had a serious problem with bombs going off in munitions factories. In an attempt to solve the problem, the Ministry of Defence placed inspectors in munitions factories. To supply to the Government, a company had to write up the procedure for making their product, have the procedure inspected by the Ministry and ensure their workers followed these procedures. This, and similar problems in the nuclear and power generation industries over the following decades, were symptoms of rapid technological advance in manufacturing. Advances in science were pushed into technology and thence into manufacturing too fast to be properly managed. Furthermore, managers were seen as too often basing decisions on paper reports rather than on understanding what was happening on the factory floor. In 1959, the United States developed Quality Program Requirements, MIL-Q-9858a, a quality standard for military procurement, detailing what suppliers had to do to achieve conformance. By 1962, NASA had similarly developed Quality System Requirements for its suppliers. In 1968, NATO adopted the AQAP (Allied Quality Assurance Procedures) specifications for the procurement of NATO equipment. The idea of quality assurance spread beyond the military. In 1966, the UK Government led the first national campaign for quality and reliability with the slogan "Quality is everybody's business." In 1969, the Central Electricity Generating Board (UK) and Ontario Hydro (Canada) developed quality assurance standards for suppliers. By this time, suppliers were being assessed by any number of their customers. It was widely recognised that this was a very wasteful duplication of effort. In 1969, a UK committee report on the subject recommended that suppliers' methods should be assessed against a generic standard of quality assurance. In 1971, the British Standards Institute published the first UK standard for quality assurance, BS9000, which was developed for the electronics industry. In 1974, BSI published BS5179, Guidelines for Quality Assurance. In order to shift the burden of inspection from the customer, quality assurance was guaranteed by the supplier through third-party inspection. Through the 1970s, BSI organised meetings with industry to set a common standard. The result was BS5750 in 1979. Key industry bodies agreed to drop their own standards and use it instead. The purpose of BS5750 was to provide a common contractual document, demonstrating that industrial production was controlled.

Revisions The standard has evolved over several revisions.

The initial 1987 version, ISO 9000:1987, originally issued as BS 5750, focused on quality control via retroactive checking and corrective actions. This version was strongly influenced by the existing US Department of Defence Military Standards ('MILSPECS') on manufacturing, and so was well-suited to the demands of a rigorous, stable, factory-floor manufacturing process. The 1994 version, ISO 9000:1994, emphasised quality assurance via preventive actions, and required evidence of compliance with documented procedures. Unfrotunately, companies tended to implement its requirements by creating shelf-loads of procedure manuals, and becoming burdened with an ISO bureaucracy. Adapting and improving processes could be particularly difficult in this kind of environment. The 2000 version, ISO 9000:2000, introduced the concept of process effectiveness via process performance metrics, and so reduced the emphasis on having documented procedures if clear evidence could be presented to show that the process was working well. Expectations of continuous process improvement and tracking customer satisfaction were made explicit at this revision.

Certification ISO does not itself certify organisations. It does certify third-party Certification Bodies who it authorises to examine ('audit' or 'assess') organisations that wish to apply for ISO 9000 compliance certification. Both ISO and the Certification Bodies charge fees for their services. The applying organisation is assessed based on an extensive sample of its sites, functions, products, services, and processes and a list of problems ('action requests' or 'non-compliances' ) made known to management. If there are no major problems on this list, the certification body will issue an ISO 900x certificate for each geographical site it has visited once it receives a satisfactory improvement plan from the management showing how any problems will be resolved. An ISO certificate is not a once-and-for-all award, but must be renewed at regular intervals recommended by the certification body usually around 12 to 18 months. Auditing Two types of auditing are required by the standard: auditing by the external certification body and audits by internal staff trained for this process. The aim is a continual process of assessment, leading to corrective and preventive actions, is maintained throughout the scope of the certified organisation. It is considered healthier for internal auditors to audit outside their usual management line, so as to bring a degree of independence to their judgements. Under the 1994 standard, the auditing process could be adequately addressed by performing 'compliance auditing':

Tell me what you do (describe the business process) Show me where it says that (reference the procedure manuals)

Prove that that is what happened (exhibit evidence in documented records)

Under the 2000 standard, the auditor performs a similar function but is required to make more value judgements on what is effective, rather than adhering safely to the formalism of what is prescribed. ISO 9000 Document Suite ISO 9000 is composed of the following sections:

ISO 9000 covers the basic language and expectations of the whole ISO 9000 family. ISO 9001 is intended for use in organizations who do design, development, installation and servicing of their product. It discusses how to meet customer needs effectively. This is the only implementation for which third-party auditors may grant certifications. The latest version is : 2000. ISO 9002 is nearly identical to 9001, except it does not incorporate design and development. In ISO 9000:2000, this was replaced by ISO 9001:2000. ISO 9003 is intended for organisations whose processes are almost exclusive to inspection and testing of final products. In ISO 9000:2000, this was replaced by ISO 9001:2000. ISO 9004 covers performance improvements. This gives you advice on what you should (or could) do to achieve ISO 9001 compliance and customer satisfaction.

There are over 20 different members of the ISO 9000 family, most of them not explicitly referred to as "ISO 900x". For example, parts of the 10,000 range are also considered part of the 9000 family: ISO 10007:1995 discusses how to maintain a large system while changing individual components. To the casual reader however, it is sufficient to understand that when someone claims to be "ISO 9000 compliant, they are probably using a blanket statement meaning they conform to one of t"he specifications in the ISO 9000 family, more often than not ISO 9001, ISO 9002 or ISO 9003, and that certification according to ISO 9000:1994 cannot be valid after year 2004. The ISO website and documentation give more detail on what each specification entails. Many have seemingly subtle variations. Industry-specific interpretations As the paragraphs and clauses of the ISO 9000 standard have always been very generalised and abstract, they have to be carefully interpreted to make sense within a particular organisation. Developing software is not like making cheese or offering counseling services, yet the ISO 9000 guidelines can potentially be interpreted in each of these industries. Over time, various industry sectors have wanted to standardize their interpretations of the guidelines within their own marketplace.

The TICK-IT standard is an interpretation of ISO 9000 produced by the UK Board of Trade to suit the processes of the information technology industry, especially software development. AS 9000 is the Aerospace Basic Quality System Standard, an interpretation developed by major aerospace manufacturers. The current version is AS 9100. QS 9000 is an interpretation agreed upon by major automotive manufacturers.

Criticisms of ISO 9000 There are a number of common criticisms of ISO 9000, generally regarding inappropriate misapplication or extension of its use in companies and the effect this can have on organizational culture.

BS 5750 was designed to show that production was controlled; it in no way addresses process or performance improvement. Processes, technology and customer demands are ever-changing, but useful changes can be blocked for being non-compliant. Compared to the work of W. Edwards Deming, which focuses on awareness of processes, thus harnessing workers' creativity, ISO 9000 can create a culture ofritualising processes including creative ones thus suppressing it. "When all you have is a hammer, every problem looks like a nail." It may not be appropriate to apply a process such as ISO 9000 to a field requiring creativity, such as software engineering, which is more analogous to designing factories than to operating a factory. ISO 9000 is sometimes used as an excuse for inappropriate Taylorisation. Bad managers still manage at arm's length, using paper reports rather than knowing what is happening on the factory floor; but ISO 9000 reinforces this behaviour. Instead of being seen as an opportunity to improve things, the audits could become quite confrontational in structure. Many companies only register to ISO 9000 because they are forced to by the marketplace whether or not ISO 9000 is in fact appropriate to their business.

These problems were particularly pronounced with the ISO 9000:1994 revision. The 2000 revision was in part an attempt to address such criticisms. There are few or no objective metrics showing any effectiveness for ISO 9000. In 1997, two people took the BSI to the Advertising Standards Authority for claiming in an advertisement that ISO 9001 "improves productivity ... almost always gives an immediate result in terms of productivity and efficiency, and that means cost reductions ... pays for itself ... Staff morale is better because they understand what is expected of them and each other," whilst being unable to produce any objective metrics to substantiate these assertions. The complaint was upheld. In Japan, amidst complaints of ISO 9000 undermining world-class thinking, Toyota abandoned the standard in2000, moving back to their in-house Toyota Quality System. Related standards ISO 14000 exists to ensure that the manufacture of a product has the lowest possible environmental ramifications. Like ISO 9000, it pertains to how a product is produced, rather than how it is designed.