Frequently asked questions
What is ISO 9001?
How I can get my business ISO certified?
It needs to be understood that ISO never issues a certification to a company or an organization. ISO is a body that sets these International Standards across diverse business areas. There are external certification bodies who would certify your compliance to the well-established ISO standards. You need to hire one of these external certification bodies who will create a detailed certification audit and issue the desired accreditation once every compliance parameter is met. Contact HM Consulting for more information or selecting a certification body.
Is it mandatory that every business get ISO 9001certification?
No, not at all.
What are the documents required for ISO certification?
Anyone who has taken the ISO 9001 internal/lead auditor training will tell you about the importance of a Quality Manual as one of the most important documents required for ISO certification. Apart from this manual, you also need a clearly outlined quality policy along with the objectives that you want to achieve. You will also have to maintain records in detail to help auditors ensure compliance with the documented quality policy. Contact HM Consulting for more information or selecting a certification body.
What is the process of becoming ISO certified?
If you’re in India, as per the ISO India website, following are the key stages of the ISO certification process; Application Review & Contract Review; Stage 1 & Stage 2 Audits; Certification Decision; Surveillance Audit (continuous assessment); Renewal Audit; Suspension/Withdrawal/Extension/Reduction of Scope of Certification. Contact HM Consulting now for more details.
Why we should implement a QMS? What values it will add to my business?
QMS purpose is to improve the quality of products and/or services you are providing resulting in enhanced customer satisfaction as well. A quality management system ultimately influences the maintenance and expansion of the customer base and thus the financial performance of the company. With the ISO 9001 standard you can establish processes that define how efficiently your organization operates and addresses a fast and competitive business environment.
How the QMS will impact my business efficiency?
When you implement ISO 9001 certification, an independent third party confirms the implementation of a functional QMS in your organization. This requires that the QMS be more stringently assessed than might be the case if it is evaluated internally. The external auditors will use the scientific approach or specific industry practice to evaluate your QMS and will rate you in accordance. Adherence to and regular verification of ISO 9001 requirements leads to more efficiency and better business performance.
What are the benefits of a QMS?
The benefits of a certified QM system according to ISO 9001 are:
- Clearly defined responsibilities.
- Straightforward processes that are generally better implemented.
- Greater confidence in management.
- Better relationships with suppliers.
- Better understanding of customer needs.
- Improved leverage regarding visa-vis banks and insurance companies.
Competitive advantage, e.g. in the case of public tenders
What are the prerequisite for QMS Implementation?
The prerequisites for implementing a QM system are:
The will to act systematically.
The will to lead transparently.
Prerequisites for the certification of an ISO 9001 quality management system are:
Understanding of ISO 9001.
The willingness to explain (especially to document) the system.
Can I combine more ISO standards with ISO 9001?
ISO 9001 is a standard that can be applied to any business for the certification of quality management systems. Audits according to ISO 9001, it can be combined with other industry-specific audits for quality management systems as well as other management systems. You can take more advantage of a combined certification. Visit our IMS Implementation page for more details on a combined standard implementation.
What is ISO 9001:2008 and ISO 9001:2015.
ISO 9001:2008 is the previous version of the Quality Management System. Now it is the QMS standard has been updated with ISO 9001:2015. The number clauses are increased from eight to ten. Added the concept of Risk approach for more effective implementation and other many changes/ amendments were made in new standard.
What are the key changes in the ISO 9001 version 2015?
Adoption of a 10-clause structure and core text consistent with all other ISO management systems.
Better compatibility with the service sector and non-manufacturing users.
A need to clearly understand the organization and its context to avoid a “one size fits all” approach to QMS application and implementation.
The recognition that while preventive action was implicit throughout the standard, there was need to make it more explicit through the application of risk-based thinking, i.e. the identification and associated mitigation, both at the strategic and operational levels.
The need to consider additional factors in determining the boundaries and applicability of the QMS to establish its scope.
Improving the understanding and application of the process approach through the application of risk-based thinking in conjunction with the context of the organization.
Greater emphasis on achieving desired process results to improve customer satisfaction.
A somewhat contentious change to the use of the term “documented information” from the terms “documents” and “records”; and secondly providing greater flexibility in the need for providing documented information.
A change in terminology from the use of the terms “purchasing” and “outsourcing” to the term “externally provided products and services”.
A wider scope has been put on seeking opportunities for improvement. While continual improvement still remains a requirement at the operational level to enhance customer satisfaction, the need for strategic improvements through break-through change, innovation, use of new technologies, reorganization and other means to significantly improve products, performance and customer satisfaction, has been added.
The wording of Leadership requirements has been beefed up to put more specificity and emphasis on leadership requirements.
More emphasis on change management throughout the standard.
What is the process approach and is it still applicable to ISO 9001:2015?
The process approach is a methodology for obtaining a desired result, by managing activities and related resources as a process. Although the clause structure of ISO 9001:2015 follows the Plan-Do-Check-Act sequence, the process approach is still the underlying concept for the QMS.
Do we have to change our QMS structure and terminology to reflect the changes in the ISO 9001 revision 2015 standard?
No, there is no requirement for the structure and terminology used in this Standard, to be applied in developing and documenting an organization’s quality management system. Organizations can choose to use structure and terminology that suits their operations (e.g. using “records”, “documentation” or “procedures” rather than “documented information”; or “supplier”, “subcontractor” or “vendor” rather than “external provider”).
How the ISO 9001:2015 quality management system documentation requirements changed?
Requirements for specific documented procedures are no longer mentioned; it is the responsibility of the organization to maintain documented information to support the operation of its processes and retain the documented information necessary to have confidence that the processes are being carried out as planned. The extent of the documentation that is needed will depend on the business context.
The ISO 9001 requirements do not mention a quality manual. Is it still required?
The new standard does not specifically mention a quality manual; however, it requires the organization to maintain documented information necessary for the effectiveness of the quality management system (QMS). An organization may find it convenient and appropriate to describe its quality management system in a quality manual.
The title of management representative has been removed. How is the performance of the system reported to top management?
Although the specific requirement for a management representative has been removed, top management must still ensure that roles and responsibilities are assigned for reporting on the performance of the QMS. Some organizations might find it convenient to maintain their current set-up and designations, with a single person carrying out this role. Others might take advantage of the additional flexibility to consider sharing the responsibilities depending on their organizational setup.
What is ISO 14001?
The ISO 14001 standard is primarily concerned with "environmental management". This means what the organizations does to minimize harmful effects on the environment caused by its activities, and to achieve continual improvement of its environmental performance. Most companies are familiar with the ISO9000 series of standards. The ISO-14000 series have been developed for integrating the environmental aspects into operations and product standards. The latest version of ISO 14001 is 2015 and termed as ISO 14001:2015.
Who is required to be ISO 14001 certified?
ISO 14001:2004 can be applied to any type of business; organization or industry; service or manufacturing sector; for profit or non-profit operations; and irrespective of their size. A wide range of industries, including, Agriculture, Forestry & Mining; Petrochemicals & Plastics, Food, Tobacco, Textiles & Wood products, Electronics & Instruments, Manufacturing, Metals & Machinery, etc. have taken an active role in implementing this standard.
Note: Registration to ISO 14001 has become a requirement for some sectors and organizations, eg., the automotive industry has placed requirements for ISO 14001 registration of supply chain manufacturing facilities.
What are the benefits of getting ISO 14001 certification?
Some of the benefits of implementing an Environmental Management System (EMS) in accordance with the ISO 14001 standards, include:
Discovering areas for reduction in energy usage and other resource expenditure,
Reducing environmental liability and risk,
Helping to maintain reliable compliance with legislative & regulatory requirements,
Benefiting from regulatory incentives that reward companies showing environmental leadership through certified compliance with an internationally recognized EMS standard,
Reducing the pollution and reducing waste,
Responding to pressure from customers and shareholders,
Improving community goodwill,
Profiting in the market for "green" products,
Respond to insurance company pressure for proof of good management before pollution-incident coverage is issued, and
Demonstrating commitment to high-quality and caring brand.
What are the requirements of ISO 14001?
The key to a successful ISO 14001 Environmental Management System (EMS) is having documented policies and procedures that are implemented and managed in such a way that achievement of environmental goals is appropriate with the features and size of activities is being conducted at your facility.
In addition, the EMS must include appropriate monitoring and review to ensure effective functioning of the EMS and to identify and implement corrective measures in a timely manner.
ISO14001 standards include the need for facilities to document the Environmental Policy and make available to the public.
In addition, procedures must be established for ongoing review of the environmental aspects & impacts of products, activities, & services. Based on these environmental aspects & impacts, environmental goals and objectives must be established that are consistent with the environmental policy. Documented programs must be set in place to implement these activities.
To ensure that the EMS is operating effectively, and efficiently internal Audits of the EMS must be conducted routinely to ensure that non-conformances to the system are identified and addressed. In addition, the management review process must ensure top management involvement in the assessment of the EMS, and as necessary, addressing the need for changes.
The checking & corrective action elements of the system help ensure continual improvement by addressing root causes on non-conformances. The ongoing management review of the EMS and its elements helps to ensure continuing suitability, adequacy, & effectiveness of the program
What is an Environmental Policy?
The EMS policy(s) document(s) is the central document that describes the interaction of the core elements of the system, and provides a third-party auditor with the key information necessary to understand the environmental management systems in-place at the company. Consistent with the principles of ISO14001, the Environmental Policy and Environmental aspects/impacts analysis, including legal & other requirements, shape the program by influencing the selection of specific measurable environmental goals, objectives, & targets. Specific programs and/or projects must then be developed to achieve these environmental goals, objectives, & targets.
What does the life cycle mean?
Within the new standard, “life cycle” is defined as “consecutive and interlinked stages of a product system, from raw material acquisition or generation from natural resources to end-of-life treatment.” Life cycle includes activities, products and services that include procured goods and services, and end-of-life treatment of products and delivery of services. Examples of life cycle activities include design, manufacture, transport, packaging, and end-use or disposal. A key point to remember is that the scope of the EMS only includes areas over which the organization can be reasonably expected to have control. However, the new standard places much greater emphasis on the organization assessing its control over environmental aspects over the full life cycle of its activities, products, services, and prioritizing to address the significant aspects/impacts.
How does life cycle relate to ISO 14001?
The ISO 14001:2004 version specifically states, “The identification of environmental aspects does not require a detailed life cycle assessment” (clause A.3.1). However, the new revision ISO 14001:2015 does mention the concept of “life cycle” in several areas such as clause 1 and A.4.3 and clause 6.2.1 and A.6.1.2. Guidance on the “Typical Stages” of a life cycle assessment are provided that may include “extraction of raw materials, design, production, transportation, use and end-of-life treatment depending on the particular activity, product, or service."
Do all the (requirements) clauses of iso 14001 apply to an organization?
While developing the EMS, organizations must meet all requirements of the ISO 14001 standard with no exceptions. However, the size and complexity of the EMS, the extent of documentation, and the resources allocated will vary significantly from organization to organization, based on several factors that include:
The organizations size; location; EMS scope; content of the environmental policy; nature of activities, products, and services; The environmental impact of the environmental aspects; and the legal and other requirements that must be met.
How I can demonstrate my conformity to ISO 14001?
Self-declaration of conformity - You make a declaration affirming that your EMS is in compliance with ISO 14001, usually supported by legally binding signatures. This declaration can be based on your internal audit system.
Second party assessment - You can request your customers or other interested parties to confirm that your EMS complies with the ISO 14001 standard.
Third party certification - You can request an accredited certification body to verify that your EMS is in compliance with the ISO 14001 standard.
What is ISO 45001?
ISO 45001 - ISO's first standard for occupational health and safety management systems. The ISO 45001, which sets requirements for occupational health and safety management systems, was inspired by OHSAS 18001, and is designed to help companies and organizations worldwide protect the health and safety of the people who work for them. ISO 45001:2018 supersede the OHSAS 18001:2007.
What is the difference between OHSAS 18001 and ISO 45001?
The answer can be broken down into three major differences.
The Annex SL - The Annex is the high-level framework from which all ISO
standards will be developed going forward. There are 10 chapters that
comprise the Annex, some of these chapters will be familiar to those of
you with management systems but there are some new chapters too.
Leadership – It’ll no longer be enough for senior leaders to sign the
occupational health and safety policy and forget about safety until next
year when the policy is up for review. Leaders must embody health and
safety and build it into the decision-making process.
Terms and definitions – Terms and definitions are being amended to bring
the standard more in line with all sectors and to make it more suitable for
organizations of any size. The term ‘hazard identification’ will go and is
likely to be replaced by the terms ‘risk identification’ and ‘risk control’ to
account for those sectors outside of manufacturing (e.g. retail) where
‘hazard identification’ doesn’t apply in a lot of cases.
How the role of the organization's leadership is different?
ISO 45001 insists that these occupational health and safety aspects now be embodied in the overall management system of the organization, requiring a much stronger buy-in from its management and leadership. This will be a big change for users who may currently delegate responsibility to a safety manager rather than integrate this entirely into the organization’s operations. ISO 45001 requires health and safety aspects to be part of an overall management system and no longer just an added extra.
To whom the ISO 45001 standard apply?
The ISO 45001 Standard can be applied to any organization that likes to:
Sustain and upgrade good OH&S practices
Committed to reduce safety risks in the workplace
Assures the right deployment of its OH&S policy and the accomplishment of objectives
Innovates a common language for health and safety within the organization
Demonstrates, deploys, supervises, and improve the OH&S management system
Establishes OHSMS conformity to stakeholders
What are the main benefits of getting certified?
Following the benefits:
Ongoing conformity with Health and Safety rules
Minimize the risk of injury and accidents for your employees
Improved awareness of Health and Safety problems for your staff
Increased trust within customers and staff
A less potential of fines & penalties for non-compliance
The feasibility of lower insurance premiums
What is ISO 13485:2016?
ISO 13485:2016 is a quality management system required for regulatory purposes. It represents the requirements for a comprehensive quality management system.
The ISO 13485:2016 specifies requirements for a comprehensive quality management system for the design & development, production, storage, distribution, installation, servicing of a medical device where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer and applicable regulatory requirements.
ISO 13485 standard provides an effective framework to meet the comprehensive requirements for a medical devices quality management system. For manufacturers and service providers both comply and demonstrate their compliance with regulatory requirements. The requirements in ISO 13485 are used by suppliers or other external parties providing products or services to medical device manufacturers.
Who needs this certification?
ISO 13485 was specifically created for companies working on the Medical Device field. Companies that sell Medical Device products or provide a service to those medical devices (Installation, maintenance, cleaning…) need to comply with this standard if they choose to have an ISO one.
ISO 9001 vs ISO 13485?
ISO 9001 is a general standard for Quality Management Systems. It’s called:
“ISO 9001:2015 Quality Management Systems – Requirements”
But when you are selling Medical Devices, there are some requirements that are specific to these products as sterilization, reporting of issues to the health authority, creation of a Medical Device File…
These requirements are not mandatory for some other industries.
You then understand that no notified body will certify you for ISO 9001 if you are selling medical devices. It's called
“ISO 13485:2016 “Medical devices — Quality management systems — Requirements for regulatory purposes”
What are the benefits of ISO 13485 certification?
Following are the benefits:
Increase access to more markets worldwide with certification.
Outline how to review and improve processes across your organization.
Increase efficiency, cut costs, and monitor supply chain performance.
Demonstrate that you produce safer and more effective medical devices.
Meet regulatory requirements and customer expectations.
What are the requirements of ISO 13485:2016?
Requirements of ISO 13485:2016 are applicable to organizations regardless of their size and regardless of their type except where explicitly stated. Wherever requirements are specified as applying to medical devices, the requirements apply equally to associated services as supplied by the organization.
ISO 13485 2016 focuses on how companies should manage risk-based decisions related to purchasing, design, development, manufacturing, production control activities and other aspects of the quality management system. It is necessary to know the local applicable regulatory requirements and also any additional regulatory requirements, which you may have to comply due to an export of the product. When designing the QMS are per ISO 13485, it is also necessary to understand the size of the company, the risk classification of the product and applicable exclusions and non-applicability