FAQ 1

A - Very simply, to ensure that businesses have an independently audited, coherent system which means that they understand the requirements (stated & expected, etc) of their customers and produce products and services which meet those requirements in an ever improving way.

Q - What else?

A - Nothing. That's it. Really.

Q - Is it difficult to achieve?

A - Not if you do it sensibly. Except in the six specific cases mentioned on this site as "mandatory procedures", don't write things which people already know or which they can be trained to know.  

Above all, make sure that you understand exactly what ISO9000 requires before you go ploughing into it. If you use a consultant, make certain that he/she actually understands.

In our experience, very few consultants have much idea what its all about! Try asking yours what clause 4.2.4 is about. (Answer = "control of records"), or clause 5.5.2 (responsibilities of the Management Representative). If they don't know the answer, go and find a better consultant! 

A - Not for most types of business. In a few sectors, a business may need to be compliant with a product standard (such as when producing shatter-proof safety glass or non-flammable materials for children's nightwear etc). Those product standards may themselves require that the business is ISO9000 certified.

That said, if you are ISO9000 registered you will find that you will generally have a good marketing advantage. Without ISO9000 registration some potential clients may not be interested (they can probably find a competitor who is ISO9000 registered) or you may have to jump through extra hoops just to be considered by them.

Q - So why should we bother with it?

A - In today's highly competitive world, you may find that you need ISO90000 just to to able to quote for business. Being the cheapest just isn't enough for more discerning and sophisticated buyers. There is no point getting the lowest priced goods if they fail to operate properly.

In order to stand out from the crowd, your business needs some way to show that it shines at what it does.

Having ISO9000 from a properly accredited certification body is an excellent set of credentials.

Q - Does it mean that we have to write everything down and have lots of new forms?

A - No. If you take careful note of what ISO9000 requires, then you will be surprised at how lightweight it's requirements actually are.

It is all too easy to make your system too complicated or inappropriate. Even professional consultants of many years standing can go overboard when producing an ISO 9000 system. But this quality standard does not require a complicated, burdensome system.

• It has six requirements for procedures to cover certain types of activity. 

• It requires thirteen types of records to be kept, so as to prove that the business is meeting the requirements of ISO9001

• It requires that a small number of things are "defined" such as the roles and responsibilities of people in the business, requirements for product/services, etc

• It requires that a number of things are "determined" (i.e. known about), such as the sequence and interactions of processes, the methods needed in order to ensure that processes are operating effectively, etc

In summary, if it is approached with sufficient thought, ISO9000 is not difficult to achieve.

Q - So why do we hear so many people saying that their ISO9000 system is a mountain of paperwork, with endless forms?

A - Poor consultancy is often the cause. There are few controls on people calling themselves "consultants". Many have little idea of what ISO9000 actually requires. They bring along memories of what happened at their last company and seek to impose that upon their next client.  They may be paid on an hourly or daily basis when producing the system which means that there is an incentive to keep writing, while claiming that ISO9000 requires it.

In other cases, there is a very human tendency to write down lots of minute detail about how a job is conducted. If you ask someone to write down how they make a cup of coffee, they will probably produce pages of instructions. However, if they were to ask "who is this aimed at?", they might find that it is aimed at someone who already knows how to do it, with the exception of where the milk and cups are stored. In that case, they could write down "milk in fridge, cups in cupboard over sink" and nothing else.

It takes real skill to produce small but relevant written procedures. It takes real knowledge to understand what ISO9000 actually requires. 

A - Well, technically they aren't quite the same thing. ISO9000 is the family of standards which are concerned with Quality Management Systems. ISO9001 is the member of the family which contains the "requirements", i.e. the list of things that you must do in order to become ISO9000 registered. (Or ISO9001 registered. People use them interchangeably).

To be strictly accurate, you must meet the requirements of ISO9001. You can only be ISO9001 registered (not ISO9000 registered). So why don't we just use the term "ISO9001"? Two reasons:

1. (the most important) People seem to use the term "ISO9000" most often when using a search engine. We wanted to show up on the list of results. We also use ISO9001 so that we show up when people use that search term, although fewer people do so.
2. In the good old days (in the late 1990's), everybody called it ISO9000. The Head Honcho here, Terry Russell, takes a lot of changing. I can say that because I am Terry, writing these pages! Hi.