ISO 9001-2008 Vs ISO 9001-2000 – The new requirements and a comparison between them

admin Posted on 11:03 pm

ISO 9001-2008 Vs ISO 9001-2000 – The new requirements and a comparison between them

Congratulations to all the quality managers. We have a new standard. ISO 9001:2008. This is truly an exciting time for quality managers. To celebrate this event in a way that only quality managers know how to do, I have prepared here a comparative article between ISO 9001:2000 and the newborn ISO 9001:2008. I also included my comments about my experience and my perspective on things.

At the end of it I will call the new requirements of the new ISO 9001:2008 standard.

Paragraph number 0.1 – The changes here are a statement about who and where the standard includes any legal requirements. Legal requirements (of any kind) have the same scale as regulatory or customer requirements. It is also clarified that these requirements are restricted to those applicable to the product.

Paragraph number 0.4 – There is a comment that says that the new standard is made taking into account the ISO 14001:2004 standard.

My comment – Of course. The world is getting greener every day, so you should be reminded of the ISO 14001 standard. I believe and recommend that any organization that must implement the ISO 14001 standard also implement the ISO 9001 standard. There is a great correlation between the two. In fact, they support each other. It would be easier for the organization to meet the requirements of ISO 14001 if it is already ISO 9001 certified.

Paragraph number 1.1 and 1.2 – The legal requirements have been mentioned in relation to the products purchased and the realization of the product. The second note explains that a legal requirement can be a legal requirement.

My comment: after so many years of auditions, the last long debate had been resolved. Statutory legal requirements and regulatory requirements are also applicable to purchasing processes. It was always an open area that no one had the exact answer: Does your provider have to comply with the law or not? Supossely Yes.

Paragraph number 2 – Normative reference – ISO 9000 is now superseded by ISO 9000:2005.

Paragraph number 3 – The explanations about what is a client and what is an organization and what is a supplier had been eliminated.

Paragraph number 4.1 – Subsection a – The word “determine” replaces the word “identify”. Added a note indicating that purchased processes are considered as purchased products. Another note had been added requiring that these processes be controlled just like the products.

My comment: When identifying, you have to search and find something according to the requirement. When determining, the responsibility of the results is in your hands…

It used to be obvious… Sometimes you feel the need to state the obvious.

Paragraph number 4.2.1 – Slight change of words, but when you examine the change you realize that the meaning remains the same.

Note 2 was modified: A single document may include requirements for more than one procedure. The requirements of a procedure may appear in more than one document.

My Comment – About time. Many headaches are promised to be saved. If her auditor was one of the old schools and demanded everything to the letter, she was in trouble. Now you can document two quality requirements in one document: job description and training, for example. Or you can split a record into two documents. However, it is right for you as long as you meet the requirements.

A good example is that it is possible to combine corrective and preventive procedures together. As long as you meet the requirements…

Section 4.2.3 – Subsection f – Clarification that external documentation is considered as long as it is part of the quality management system.

My comment: When an external document is part of your quality management system, it is required to be included in the quality procedures: document control and record control.

Paragraph number 5.1 – Subsection a – The word “statutory” was added.

Section 5.5.2 – Additional requirement that the management representative be a member of the organization’s management.

My comment: that addition puts all outside consultants at risk – you can no longer be the management representative. That sets up a whole new line of forms and documentation for you to develop for external consultants to be considered as a representative of management. All external consultants would have to be creative in this case.

Paragraph number 6.2 – Change of words from “affecting the quality of the product” to “affecting the conformity with the requirements of the product”

Paragraph number 6.2.2 – Clause b – “provide training or take other steps to meet these needs” was changed to “where appropriate, training must be provided to achieve the necessary competency”

Clause c: You need to make sure the training is competent rather than whether it was effective training.

My comment: it all goes back to the definition. You defined what is needed, now you must provide it, nothing is new. On the one hand it is an improvement. The training must be reviewed before its competency to the requirements. But we’re still in it. We thought: instead of evaluating your employees if they got anything from the training, now you should review the training itself before or maybe both… Only time will tell…

Section 6.3 – Subsection c – Information systems are included.

My Comment – They are absolutely right!

Paragraph number 6.4 – A new note: noise, humidity, temperatures are part of a work environment.

My comment: that also puts aside an old debate. The cruel factory owners can no longer ignore these factors. Wait for them to combine the OHSAS 18001 standard…

Numeral 7.1 – Clause c – measurement was added to product acceptance activities.

Paragraph number 7.2.1 – Subsection a – change of words – not of meaning.

Clause c – the word ‘applicable’ replaces ‘related’. Change of words – not the meaning.

Subsection d – change of words – not of meaning.

A note had been added to explain the meaning of “post-delivery activities”.

My comment, I agree with “post-delivery activities”, was not clear enough for our opinion.

Paragraph number 7.3.1 – A note was added that clarifies that design review, verification and validation are separate processes but that they can be performed together.

Paragraph number 7.3.3 – Wording change. A note had been added clarifying the inclusion of “product preservation”.

My comment: Product preservation must now be factored into design and development outcomes.

Paragraph number 7.5.3 – Added a requirement on the measures and the state of the tests that must be identified throughout the realization of the product.

My comment: Until now, this requirement has been required in standards such as the ISO 13485 standard for medical devices and ISO/TS 16949 for the automotive industry. The requirement ensures that inspection activities are defined, maintained and recorded, as is the status of the product.

Section 7.5.4 – Wording change in the obligation to inform the client of any problem related to his property.

The note was modified so that personal data is also included as customer property.

Paragraph number 7.5.5 – Wording change:

“devices” in the title was changed to “computer”

“conformance of” to “in order to maintain conformance with the requirements”.

Removed reference to paragraph 7.1.

Paragraph number 7.6 – Change of words:

from “devices” to “computers”.

Removed reference to paragraph 7.2.1.

Clause c – of “identify yourself to enable the”

to “id to enable su”.

Changes in notes:

Note 1: Reference to ISO 100012-2 has been removed.

Note 3 – Explanation on when the computer settings should be applied when the computer is used for monitoring and measurement processes.

My Comment: That means that from now on, a computer that provides any type of measurement service, is considered a monitoring and measurement device. And when the configuration of the computer has been changed, it is necessary to recalibrate the software.

How can you calibrate a computer? Ask your provider or your system administrator. They will know better than anyone. But you would have to show that it was done and present evidence.

Paragraph number 8.2.1 – A note was added to suggest some means to carry out the evaluation of customer satisfaction.

Paragraph number 8.2.2- Added requirements for evidence and audit results.

Added requirements for management responsibility: management is responsible for ensuring that preventive and corrective actions are taken.

The reference to ISO 10011 is changed to ISO 19011.

My Comment – As I see it, that means an addition within the Management Responsibility procedure or the Internal Audit procedure about management ensuring that preventive and corrective actions will be taken in accordance with the results and decisions of the internal audit and a reference to validation and verification.

Take a look at the following website that provides you ready-made solutions for the internal audit procedure the9000store.com.

Paragraph number 8.2.3 – Wording change:

“to ensure product conformity” had been removed.

Added a note to clarify that the organization should determine the type of monitoring and measurement based on the processes and how this will affect the quality management system.

Paragraph number 8.2.4 – Removed one word change: “maintain evidence of conformance to acceptance criteria” but remains a requirement.

Paragraph number 8.3 – An addition: Clause d – specifies how to deal with non-conforming product that was discovered after delivery – but nothing really new just that they moved it to a new clause.

So what are the new requirements of the new standard?

  • Legal requirements have the same scale as any other legal or customer requirement.
  • Legal requirements also include suppliers.
  • A purchased process is like any other product that the organization purchased. If it is affecting the product, it must be under the quality management system.
  • You can include two quality processes in one document and split one process into two documents.
  • The management representative must be a member of senior management.
  • A requirement to ensure that trainings are appropriate for the product up front and not to examine whether the training was effective after it was delivered.
  • The information system is now officially considered as a substructure.
  • Parameters such as humidity, noise and temperature, related to the health of employees, are considered a work environment.
  • Measurement is considered as one of the product realization activities. The product realization process shall include references to inspection activities and the status of the product throughout the realization processes.
  • The product realization process shall include references to inspection activities and the status of the product throughout the realization processes.
  • Software configuration is a reason to recalibrate the software.
  • Management is now responsible for preventive and corrective actions regarding nonconformities that were revealed during internal audits.
  • The organization should determine the type of monitoring and measurement according to the processes and indicate how this would affect the quality management system.

Summary

Most of the changes made here are really minor and are helpful in understanding open issues. I waited a little more than new standard but I am satisfied. The goal was not to create any earthquakes in the quality industry, but to keep up with changes in technology and update the feedback and responses that have been collected over the past few years. I’m lucky. I already thought that all my items on our website should be changed…

Itay Abuahv Ing.

Leave a Reply

Your email address will not be published. Required fields are marked *