ISO 9000:2000: A Shift in Focus

Changes in requirements
by Jack West, with Charles A. Cianfrani and Joseph J. Tsiakals
As we move to the next millennium, the ISO 9000 family of quality management system standards
is being updated to reflect a modern understanding of quality. In last month's Quality Progress, the
authors reviewed the reasons changes are needed and discussed changes that relate to
presentation, terminology and format. This article will review the general changes in the actual
requirements (refer to the sidebar "Requirement Changes").
The shift in focus discussed in last month's article is also evident in the overall change in focus of
some of the requirements. When the authors refer to the requirements, this means the
requirements as stated in ISO 9001. The article is not addressing the ISO 9004 guidelines for
performance improvement, which will be discussed in a future article.
The changes in ISO 9001 explained in the following are things that all organizations using that
standard will have to consider and address--assuming that the changes in the second committee
draft (CD 2) actually appear in the final ISO 9001:2000.
For this to happen, ISO/CD 2 9001:2000 will have to survive the worldwide consensus process.
This complex process includes several cycles of comments and votes. Assuming the vote on CD 2 is
positive, there still will be comments and votes on a draft international standard and final draft
international standard. It is anticipated that this consensus building process will result in the
revised standard being published in the fourth quarter of 2000 (see Figure 1).
With this caveat, let's consider a sampling of the basic changes contained in the current drafts.
Continual improvement
In ISO 9001:1994, the concept of continual improvement was, at best, implied. The 1994 edition of
the standard requires corrective and preventive action which, when taken together and linked with
the management review requirements and quality audit, strongly imply that continual improvement is
required.
But, there is quite a difference between the implied requirement in the 1994 edition and the words
in CD 2 of ISO 9001:2000. CD 2 clearly states that the organization establish "a system level
procedure ... to facilitate continual improvement."
CD 2 includes the concept that the organization measure process and product/service output,
analyze these data and include them (along with audit results and so forth) in the management
review. The emphasis has been shifted to require the use of information and data to continually
improve performance.

Customer satisfaction
One of the most fundamental reasons for the existence of ISO 9001 is to achieve customer
satisfaction with products and services provided by an organization. CD 2 underscores the
importance of customer satisfaction by specifically requiring measurement of customer satisfaction
and dissatisfaction. In addition, attention to customer satisfaction is included in the requirements
of several other elements of CD 2.
Measurement of customer dissatisfaction was added during the analysis of comments on CD 1 of
ISO 9001:2000, which had required simple measurement of customer satisfaction. Comments
indicated that it was unclear whether measurement of dissatisfaction was sufficient to comply with
the requirement to measure satisfaction.
While the basic requirement change appears to be an issue of measurement and feedback, there is
more going on here. The focus of ISO 9001 has been shifted to one of explicitly understanding and
satisfying customer requirements, needs and wants rather than merely satisfying the customer's
stated requirements. The shift may be subtle, but it is an important point to understand regarding
the evolution of the standard to address market needs.
Statistical techniques and measurement
ISO 9001 has always required measurement of products to ensure conformity with requirements,
and CD 2 is no exception.
Use of statistical techniques is not new to ISO 9001, but in CD 2 the organization must not only
consider, but also use the appropriate techniques. And the requirement does not just apply to the
product realization activities; CD 2 also requires measurement of processes as well. This is
different from the actual requirement in the 1994 edition.
The organization will have the freedom to determine what techniques are used and where in the
quality management system to apply these techniques.
While the change in measurement and statistical techniques is significant, it is more significant
that with CD 2, data must be analyzed and provided as input for management review. Clearly the
intent here is to facilitate the continual improvement of the system through actions based on facts.
Reduced scope
With ISO 9000:2000, there will be no ISO 9002 or ISO 9003. For most organizations this will not
be an issue.
CD 2 of ISO 9001 contains a clause that permits a reduction in the scope of a quality management
system with regard to product or service realization. However, an organization may not exclude any
requirement that affects its ability to provide a conforming product or service.

This clause describes what an organization may not exclude. It may prove to be somewhat difficult
for organizations that perform product or service design activities but have opted to use ISO 9002
(excluding design controls from their quality management system) in the past. CD 2 makes it clear
that organizations cannot exclude for convenience elements of the quality system that impact on
the quality of the products or services provided to customers. This will also impose a requirement
on auditing agencies to carefully train their auditing personnel.
Summary of the changes
It has been said that the devil is in the details. And so it may be with ISO/CD 2 9001:2000. The
authors have not attempted to cover all the changes in this brief article, but rather to highlight a
few of the changes that will affect organizations that desire to retain or achieve compliance status.

ISO 9000:2000 Shifts Focus of Quality Management System Standards

Look for changes in format, presentation and terminology
by Jack West, with Charles A. Cianfrani and Joseph J. Tsiakals
This is the first of a series of articles explaining the latest version (Committee Draft 2) of ISO
9000:2000.
As we move to the next millennium, the ISO 9000 family of quality management system standards
is being updated to reflect a modern understanding of quality.
This article is based on the second committee drafts (CD 2) of the three basic standards in the
family. The reader should remember that these documents are subject to change as the standards
development process continues. They should not be used as a basis for changing existing
management systems.
The three basic standards in the ISO 9000:2000 family are:
ISO 9000:2000, Quality Management Systems--Fundamentals and Vocabulary.
ISO 9001:2000, Quality Management Systems--Requirements.
ISO 9004:2000, Quality Management Systems--Guidelines for Performance Improvement.
Each of these three documents has its own role in the family. ISO 9001 will remain the most used
of the three, but the other two are useful companions that should not be ignored.

Context for the update

Over the years, the world's view of how quality is created and assured has been evolving. This
natural progression did not directly create the need to revise the ISO 9000 family, but it may be
useful to view the proposed revisions in the context of the evolution of quality thinking.
The original ISO 9000 family was based on the understandings of an earlier era in which quality
was thought to be primarily a technical discipline--the purview of the quality professional. In the
1980s we discovered that this view was incomplete. We heard the slogan "Quality is a human
resources problem, not a technical problem." So programs were developed to get workers involved in
quality improvement.
Today most organizations understand that all work is accomplished through processes, which are
most effective when they are actively managed. As the 1990s advanced it became clear that quality
has both a technical and a human side.
There has also been an increasing interest by organizations other than traditional manufacturing
(such as the services sector, education, governmental agencies) in using ISO 9001 as a basis for
quality management. This has proven to be somewhat awkward because ISO 9001:1994 uses
language that is focused on manufacturing.
It is not surprising to find this maturing of quality thinking and application in the mid-1990s
reflected in revisions to quality system standards.
ISO Technical Committee (TC) 176, the group responsible for the ISO 9000 family, long
recognized that the standards needed an overhaul. In the early 1990s the committee put plans in
place to make the updates. These plans included the development of specifications for the changes
to ensure that the needs of users around the world would be met.
The specifications outlined how the ISO 9000:2000 revisions would resolve perceived
shortcomings with the current documents. These specifications created the criteria for a
significant advancement of the ISO 9000 family and reflect contemporary concepts of quality
management. The goals of the specifications are summarized in the sidebar "Goals for the New
Revisions."
Basic changes
Two types of changes are apparent with the latest committee drafts. There are:
Changes in presentation, terminology and format.
Changes in the actual requirements.
This article presents an overview of the changes in presentation, terminology and format. Future
articles will highlight changes in requirements in ISO 9001.

Quality management principles

As an initial step along the road to the ISO 9000:2000 revisions, TC 176 developed a consensus on
a set of quality management principles (QMPs). The principles were developed after research of the
quality concepts in use around the world. Many input sources were considered.
Eight principles resulted from this work and they have been used as a foundation for the revisions
(see sidebar "The Eight Quality Management Principles"). These principles appear in both ISO 9000
and ISO 9004.
While the principles were a basis for developing ISO 9001, they do not formally appear in that
document. Each principle has a place within the ISO 9001 requirements, but the extent of
application to ISO 9001 is quite limited compared to its application in the new ISO 9004. ISO 9004
uses each principle fully to help organizations drive for excellence.
Format and presentation
The format of ISO 9001 and ISO 9004 has been changed to link the quality management system
with the processes followed by most organizations. The requirements of ISO 9001 are now given as
four primary processes.
The interrelationship of these four processes in the quality management system is shown
graphically in the quality management process model in Figure 1, which is reproduced with the
permission of the International Standards Organization (ISO). The model may change as the
standards progress through the draft stages. Each process is described below:
Management responsibility--Management sets direction and objectives of the system.
Resource management--Resources are determined, provided and managed.
Product and/or service realization management (called process management in Committee Draft 1)-Processes are established for creating and delivering the organization's products and services and
are verified and managed. Product realization processes take inputs from customers in the form of
requirements, needs and/or wants and convert them into the products and services that satisfy
customer requirements.
Measurement, analysis and improvement--Products, processes and customer satisfaction or
dissatisfaction are measured. Audits are conducted of the quality management system. Data are
analyzed and results provided as input to the management review process. The data and analysis are
used to improve the system continually.
Terminology

There has been a major effort to use everyday English terms that are easily understood. This is
more difficult than it would seem. For example, the first committee draft attempted to avoid
jargon by using common words.
Unfortunately, a careful reading of the draft revealed that many of these common words have
several meanings. In many cases, when words were used multiple times in the draft, the various uses
had different intended meanings. Much of this has been corrected with the CD 2, but simple
language remains a challenge.
A good example of a shift to common language is the word used to describe an organization that
implements ISO 9001. In the 1994 edition, the term "supplier" is used. This is derived from the
initial focus of ISO 9001 as a tool to be used in a contractual relationship between a customer and a
supplier. The ISO 9001:2000 drafts have used the term "organization" to describe the entity that
implements the standard, and the term "supplier" has its normal English meaning.
Changes in actual requirements
This article has discussed reasons for a change in focus for the ISO 9000:2000 standards and has
introduced the quality management principles. It has also reviewed changes in format, presentation
and terminology. Subsequent articles in this series will discuss the QMPs in more detail, particularly
the changes in requirements that are included in the second committee draft of ISO 9001:2000.

The Art of Creating a Standard

It's easier to be a critic than a playwright
by Charles A. Cianfrani, with Jeffrey H. Hooper, Joseph J. Tsiakals and Jack West
This is part three of a series of articles explaining the latest version (Committee Draft 2) of ISO
9000:2000.
The preferred way to develop an international standard is to achieve widespread consensus among
the delegates who must vote in its acceptability. These delegates represent many diverse national
interests. Understanding this process of consensus building may help Quality Progress readers
better understand the content of the updated ISO 9001:2000 and ISO 9004:2000 quality
management system standards.
The basic process whereby a standard is updated and rereleased is generally controlled by
procedures from the International Organization for Standardization (ISO).
The ISO Technical Committee (TC) called ISO/TC 176/Sub-Committee (SC) 2 is responsible for
ISO 9001 and ISO 9004 standards and has some discretion regarding how the basic standard

development process is implemented. A simplified over-view of the process implemented for the
update of ISO 9001:1994 and ISO 9004:1994 is shown in Figure 1.
Working groups (WGs) are assigned to deal with a specific standardization project covering more
than one standard. WG 18 was established under SC2 to develop the 2000 revisions to ISO 9001
and ISO 9004. Each member body of TC 176/SC 2 was permitted to nominate four experts to this
WG.
The United States has eight individuals involved directly or indirectly in the creation of ISO 9001
and ISO 9004. These include expert representatives, liaison representatives and the overall
project leader, Jeffrey H. Hooper of Lucent Technologies.
The revision of these standards began with a detailed project plan that documented the planning
and operations of the working group. The objectives of the revisions were carefully formulated.
These included:
* Providing compatibility with existing standards to enable users to build easily on existing quality
management systems.
* Providing structures for management, with emphasis on customer orientation.
* Accommodating all sizes of organizations from all industry sectors.
* Connecting business processes with an organization's quality system.
* Facilitating compatibility with other management systems.
* Providing simple and clearly understood standards.
WG 18 made impressive enhancements to the process for revising a standard and for effectively
reviewing and incorporating, as appropriate, the many suggestions and comments received from
around the world during each stage of the revision.
It is fair to say that there is more interest and involvement in the revision process of these
standards by individuals and organizations worldwide than there has ever been. The process used to
accomplish this work has combined high tech and contemporary project management methodology
with a focus on small teams and a blending of the experts' talents, backgrounds and viewpoints.
E-mail and the Internet have had a profound impact on the efficiency and effectiveness of the
development process. Essentially all communication between WG meetings takes place by e-mail and
via the WG 18 Web site, which makes an enormous amount of information pertinent to the project
readily available to all WG members.
During WG meetings, there were several computers with state-of-the-art support in every meeting
room so that work proceeded effectively. The Verification Task Group, for example, used multiple

computer driven projectors to review, sort, cut and paste thousands of comments on the first
committee draft (CD 1). During a week just prior to the full WG meeting this group devoted 1,000
intense man-hours to assure effective adjudication of comments.
WG 18, with the approval of SC 2 member bodies, instituted an important advance over past
procedures when it decided to use project management methodology for the entire development
process--from developing the management and project plans to customer needs analysis and
communications to verification and validation, product introduction and product support.
This entire spectrum of activity was broken down for work by 27 task groups. Each group had a
carefully defined task and a task monitor to help remove roadblocks. Likewise, each group was
carefully staffed with a balanced set of experts. The Planning and Operations Task Group managed
the interrelationships among the task groups. See Figure 2 for the the organizational structure
used by WG 18 and Figure 3 for the work structure breakdown.
A decision by WG 18 to manage the development of ISO 9001:2000 and ISO 9004:2000 just like
the development of any new product--in other words to follow the requirements defined in ISO
9001, Clause 4.4--had a profound effect on the update. Early on, WG 18 administered an extensive,
worldwide survey of customer needs. More than 1,100 people from 40 countries responded. Early in
the development process participants agreed that to achieve as clean a release of this new
standard as possible, the process must incorporate, among many other things, robust and formal
verification and validation.
Verification is an internal WG 18 process that independently checks the drafts of the standards
with the design specifications and project objectives. This provides quick feedback to the drafting
groups on how well they are achieving their objectives and adhering to the design specifications.
Validation is an external process that directly checks how well the new draft standards are
meeting customer needs. WG 18 structured a validation process to get direct user feedback,
expecting that changes would become necessary as a result.
On a worldwide basis, 31 countries and 338 organizations (42 from the United States) participated
in the CD 2 validation process. As shown over and over again in the industrial sector, the validation
process yields important feedback. This feedback was used to revise CD 2 and resulted in a more
robust draft international standard (DIS). There is another validation process scheduled in the
project plan for the DIS stage of revision. The process for this next step was appropriately
revised to incorporate lessons learned from the CD stage.
Another important advance resulting from addressing the development of the 2000 updates as
product development projects was the incorporation of both product introduction and product
support in the scope of the development process.

Regarding the structure and content of the standard, evolving changes reflect a growing
understanding of the needs of customers in all major product and service sectors. Balance was
sought in addressing the quality management system requirements of hardware, service, processed
material, and software customers and producers. Many of the new improvements are a reflection of
this migration from the original standard with its hardware focus to one that applies equally well to
the service and software sectors.
The U.S. participation in the actual writing of the language of the standard focused on meeting the
needs of the private sector because more than 95% of the experience base of the U.S. experts and
a vast majority of U.S. users are from that sector. The primary concern of the U.S.
representatives was to address the requirements and needs of these users, with a goal of creating
a standard that can add value, lower costs and achieve customer satisfaction.
Some major changes in the revised standards were based on a desire to improve compatibility
between ISO 9001 and ISO 14001, the environmental management standard. Most of the changes
to improve the compatibility with ISO 14000 were made in the earlier WGs and in CD 1 and CD 2.
It has been observed that the present draft is somewhat longer than the current standard. As
clarity and simplification are pursued, words and paragraphs are added. Also adding to the
standards' length is the need to make crystal clear requirements that were always intended but
previously were not explicitly stated.
An example is continual improvement. In 1987 and 1994, standards writers believed that
improvement was clearly mandated by the linked requirements of management review, corrective
and preventive action, and internal audit. However, what were believed to be clear mandates were
neither clear nor considered mandates.
Claims of extra costs associated with implementing the current ISO 9001 and even higher extra
costs for ISO 9001:2000 have no basis in fact. No organization should do anything just to meet a
requirement in a standard. The effort must have a legitimate organizational justification.
Compliance with ISO 9001 should not add any extra cost but may expose requirements that should
have been already considered but were not adequately addressed.
Perhaps the specific area requiring the greatest amount of discussion has been the question of
what constitutes minimum requirements for an effective quality assurance process. The spectrum
of opinions on this issue ranges from revisionist (revert to the 1987 requirement and even eliminate
some of those) to expansionist (include all ISO 9004 content in a requirements format and more).
These diverse viewpoints have their origins in the varying degrees of maturity of quality
management systems, the size and nature of typical user organizations (large, small, hardware,
service, sector needs and so on) and the experience of the individual experts.

Resolution of what to include in ISO 9001:2000 has generated the most debate and compromise in
the overall effort to produce an updated, balanced standard that is truly generic and appropriate
for all types of users. This debate will continue up to the very last moment as the standard
progresses to its final released form.
ISO/TC 176 has a track record of successfully producing standards that add value. The last 12
years of experience with ISO 9001 demonstrate that the standard does provide a useful model for
most organizations--one that has positively contributed to meeting organizational objectives.
The authors believe that ISO 9001:2000 and ISO 9004:2000 will prove to be even more useful
and valuable to organizations than their predecessors.

The Pros and Cons of Sector-Specific Standards

Paperwork nightmare, or increased benefits?

by Leslie Norris

Sector-specific quality standards are requirements developed by a particular industry to address

specific needs or requirements. Despite the perceived flexibility of the ISO 9000 series of quality
management system (QMS) standards, the quality profession has witnessed the development of
several sector-specific documents and standards, such as AS 9000 (aerospace), QS-9000
(automotive), TE Supplement to QS-9000 (tooling and equipment), VDA 6.1 (German automotive), TL
9000 (telecommunications), and MRA (medical devices).

Although the sector-specific requirements either directly or indirectly use the ISO 9001 QMS
standard as a platform, maintaining at least some consistency among them, their impact on industry,
and quality management cannot be ignored. This article takes a brief look at the pros and cons of
sector-specific standards and the response of quality organizations to their creation.

General concerns

It appears that although the sector-specific standards are based on ISO 9001, they will inevitably
place increased pressures on industry suppliers. For example, Kathy Hinton, president of Sunrise
Consulting and vice chairperson for the American National Standards Institute (ANSI) Z1
Executive Committee, stated, "For a typical manufacturing company that has customers in different
industries, having to set up quality systems to meet each sector's requirements can be a nightmare
from a documentation and employee-training standpoint. A company needs one standard quality
system that it can comply with."

Jack West, chairman of the U.S. Technical Advisory Group (TAG) to ISO Technical Committee (TC)
176, shared many of Hinton's opinions, and was also concerned about the proliferation of
certification schemes stemming from the creation of so many specialized standards.

"Take, for example, a microprocessor manufacturer or a packaging supplier. These organizations

serve both the telecommunications and the automotive sectors. Having several sector documents,
with each based on ISO 9001, helps make their job easier, but does not guarantee a consistent
certification process," West stated.

Accentuating the positive

The impact of sector-specific standards is not all negative. The same experts who have shared
their concerns about the development of sector-specific standards were also able to offer support
for specialized requirements, provided their development occurs within certain parameters.

Hinton stated, "I can understand why there are currently so many sector-specific standards. There
is no one standard that does it for everyone. The intent of the new ISO 9000 family [speaking in
reference to the year-2000 revisions] should help this, although I think some sectors--aerospace
and the Food and Drug Administration--will always have their own requirements."

West said, "In many cases, they [sector-specific standards] rationalize company-specific
requirements that already exist. They go beyond ISO 9001 by adding requirements that are
specific to the sector."

In the cases of both QS-9000 and TL 9000, the requirements of the large customers in the
industry have been standardized, which should make compliance by their key suppliers much easier.
So, for major suppliers to a specific sector, the effect of sector documents can be positive: They
have one set of requirements rather than a set from each of their major customers.

Sandford Liebesman, ISO manager for quality and customer satisfaction at Lucent Technologies
and a member of TC 176, stated, "Every industry is different and has different requirements. As
long as they [sector-specific standards] are based on the ISO 9001 standard, they are good."

Liebesman is a member of the QuEST Forum, which is creating the TL 9000 standard. Drawing from
that experience, he also explained, "In our case, we are extending the value of ISO 9001 by
including performance measurements or metrics in our standard."

A mixed bag?

Robert W. Peach, QMS consultant, who was instrumental in the development and growth of several
standards, added, "There are legitimate observations that ISO 9001 is either strict, definitive, or
demanding for the suppliers to meet the individual needs. Evidence in the auto industry has proven
that sector-specific requirements are a definite improvement on ISO 9001 for certain industries.
ISO 9001 is a generic standard and when defined that way, how do you raise the bar where it
applies or when it is necessary? We can't, however, raise the bar for everyone. For some, ISO 9001
would be appropriate; but for others, a sector-specific standard is necessary."

Sector-specific QMS standards have been the catalyst for increased opportunities, providing
benefits that may not have been available through ISO 9001 alone. For example, the QuEST Forum
found that simply working on TL 9000 together has brought companies and their suppliers closer,
establishing new partnerships and increased communication. This input will ultimately allow suppliers
to have greater influence and more control within their marketplace, a situation not readily
available through ISO 9001.

RAB's position

The Registration Accreditation Board (RAB), responsible for providing accreditation services for
ISO 9000 QMS registrars, believes the development of sector-specific standards is not only
unnecessary, but also counterproductive.

RAB thinks the ISO 9000 family's flexibility allows for broad application to a full range of business
activities, eliminating the need for specialized standards. In addition, RAB points out that sectorspecific standards have also created a need for specialized auditors and auditor training courses,
the impacts of which remain to be seen.

Nevertheless, RAB has addressed industry's desire to create specialized standards and developed a
specific accreditation process. RAB explains the requirements of this process by stating, "For its
part, the industry group that sponsors the program must maintain the supplementary requirements
it has developed, define the auditor qualifications specific to that program, and sanction the
training that is developed to provide those special auditor skills."

In addition, RAB said the industry group must also provide evidence of support of the program
being proposed within its industry and must include the base requirements of ISO 9001 verbatim in
its program.

ISO and TC 176 respond

The International Organization for Standardization's (ISO) primary purpose is to develop and
publish international standards, while using input from and achieving consensus among government,
industry, and others. ISO's TC 176 is responsible for the quality standards. Considering their role
in standards development, how have ISO and TC 176 addressed the development of sector-specific
standards, and more important, industry's specialized needs?
"Over the years, TC 176 has had a sector-specific standards policy which is included in ISO
directives," said West. "This policy has discouraged the development of such documents within ISO.
Consequently, most of the sector-specific documents we have seen have not been issued by ISO,
but rather by industry consortia. Since most have been developed outside of ISO, there has been
little opportunity to harmonize their requirements."
But ISO hasn't ignored industry's request for more specialized standards, and has been taking
steps to further address them. "Using the evolution of draft technical report [DTR] 16949 as an

example," West explained, "sector representatives state they have needs that they feel are not
met by the basic ISO 9000 family.
"The ISO Technical Management Board [TMB] directed TC 176 to review the sector-specific
standards policy with an eye toward meeting the sectors' needs. As a result, TMB authorized a pilot
project with the automotive industry to create a document that harmonizes QS-9000, the German
VDA 6.1, and other European auto industry documents [DTR 16949]. Based on the results of the
pilot, I expect TC 176 to propose a revised sector-specific standards policy sometime in 1999."
Although we have witnessed the development of multiple sector-specific QMS standards, there are
still fewer unique requirements for suppliers. Second, the sector-specific standards continue to
reflect the widely used requirements of ISO 9001, maintaining consistency among industries.
Finally, the new challenges for registrars, consultants, and trainers have yet to be fully evaluated,
but are a variable that should be monitored.
So what have we learned? George Lofgren, QMS president of RAB, summarized the development of
sector-specific standards by stating, "We're moving away from the generic into the specific. It is
neither a positive nor a negative. What we don't want to see is a set of philosophies that would be
counterproductive. So far, they offer refinements to the generic process."

TL 9000 Quality System Requirements Rooted in ISO 9001

The new telecommunications industry standard takes shape

by James P. Gildersleeve

TL 9000 is a new set of telecommunications quality system requirements based on ISO 9001 and
incorporating performance measurements or metrics. It has been in development since January
1998.

The development effort has been led by the Quality Excellence for Suppliers of
Telecommunications Leadership Forum (QuEST Forum), made up of the world's leading
telecommunications service providers (TSPs) and their suppliers.

The QuEST Forum and its work came about in an effort to reduce the annual cost of poor quality
within the telecommunications industry, estimated at $10 to $15 billion annually. Worldwide
purchases from the industry's suppliers are estimated at more than $125 billion in products and
services annually.

The purpose of TL 9000 is to define the telecommunications quality system requirements for the
design, development, production, delivery, installation, and maintenance of products and services. In
support of these requirements, TL 9000 will also incorporate effective cost- and performancebased metrics to measure progress and evaluate results of quality system implementation.

TL 9000 will be defined in two handbooks: TL 9000 Quality System Requirements (QSRs) and TL
9000 Quality System Metrics (QSMs). Each of these will include a section pertaining to all users,
as well as sections focusing on hardware, software, and services. This corresponds to the three
registration options (or any combination) that are available:

TL 9000-HW, for hardware only

TL 9000-SW, for software only

TL 9000-SC, for services only

Each of these registration options requires compliance with the ISO 9001 elements; common
requirements and metrics; and the requirements and metrics associated with a chosen scope of
registration.

The first version of the TL 9000 QSR Handbook, which consists of the hardware and software
portions, is complete and available from ASQ by calling 800-248-1946 (ask for item T1348). The
update to this handbook, which will contain the services requirements, is currently out for vote and
should be available by early summer 1999.

The TL 9000 QSM Handbook, which will consist of hardware, software, and services as well as the
common metrics, is still under development and will be complete by the fourth quarter of 1999.

The TL 9000 structure

The five levels of requirements in TL 9000 are:

The international requirements of ISO 9001

The TL 9000 QSRs common to all industry sectors

Industry sector QSRs (in other words, hardware, software, and services)

The TL 9000 metrics common to all industry sectors

The industry sector metrics (in other words, hardware, software, and services).

This structure is reflected in the TL 9000 Model (see Figure 1).

TL 9000 contains ISO 9001 verbatim as its core requirement. From the beginning, the QuEST
Forum found the requirements of ISO 9001 to be sound but inadequate to fully define the
telecommunications industry quality needs. Necessary supplemental requirements were developed as
QSRs.

The TL 9000 QSRs developed for the telecommunications industry supplement the basic ISO 9001
provisions to address reliability, costs, software development, life-cycle management, specialized

service functions, and further growth of the positive relationship between customers and their
suppliers.

The requirements are built on currently used industry standards, including ISO 9001, Malcolm
Baldrige National Quality Award criteria, Bellcore, SEI, and ISO 12207 standards. TL 9000
combines applicable elements from all of these standards and methodologies into one industryspecific, mutually agreed-upon set of requirements to be followed by everyone in the
telecommunications industry.

TL 9000 metrics offer a balanced set of measures and effective means to communicate and monitor
actual results. Metrics enable TSPs and suppliers to measure various attributes of quality, such as
numbers of system failures, billing errors, and delivery problems. The TL 9000 QSM Handbook
states, "TL 9000 ... defines effective cost and performance-based Metrics to measure progress
and evaluate results of quality system implementation."

The University of Texas at Dallas (U.T. Dallas) has been selected to develop the QuEST Forum
Metrics concept. This concept envisions that suppliers will report specially coded metrics
information to U.T. Dallas, which will store and analyze the data. Information will be used to
calculate comparable statistics--industry mean, range, median, standard deviation, and best in
industry--among suppliers.

The resulting information will be made available on the QuEST Forum Web site to forum members
only. Suppliers' identities will remain anonymous at all times, but each company will be able to assess
its individual performance against these statistics and identify processes in need of improvement-thereby improving customer-supplier communication.

So that the data are not misused, U.T. Dallas will adopt methods to ensure that the metrics data
will be used only for authorized purposes. To protect against theft of the data, all the information
will be stored on a standalone computer in a continuously monitored and secured room. Other
safeguards will be used to prevent unauthorized entry and loss of data due to catastrophic events,
such as fire or other natural calamities.

Administration and registration

As forum administrator, ASQ has already assumed responsibility for the production and
distribution of the handbooks but will gradually increase its involvement until it has assumed its full
responsibilities, not later than December 1999.

ASQ's primary functions will include conduct of general business, management of program
responsibilities, management of accreditation body and registrar duties, administration of
membership, and distribution and publishing of approved requirements and collateral marketing
materials.

The registration process for TL 9000 is currently being developed by the Registrar Accreditation
Board (RAB) and the Standards Council of Canada (SCC), in consultation with the QuEST Forum.

"The criteria for qualifying as a registrar are dictated to a large degree by the criteria in the TL
9000 QSR Handbook, Appendices A and B," explained George Lofgren, RAB QMS president.

These criteria include add-ons (more specific industry requirements) to the basic ISO 9001/2
requirements. Suppliers that are already ISO 9001/2 registered can ask their registrar to evaluate
them against these add-on requirements. It is unlikely that any supplier registrations to TL 9000,
other than from the pilot program, will be granted before the fourth quarter of 1999.
TL 9000 training
Only two training firms have been authorized by the QuEST Forum to provide the TL 9000 QSR
and QSM training programs: EXCEL Partnership, Inc. and STAT-A-MATRIX/The Sam Group. In
addition, the TL 9000 training course materials being used by these trainers are the only materials
sanctioned by the QuEST Forum.
The courses will consist of a TL 9000 teaching lecture, coupled with case studies and workshops to
allow participants to practice using the TL 9000 requirements and metrics. Proper understanding of
the metrics and their application is so important to successful implementation of TL 9000 that all
training--including auditor and implementation--will make reference to the metrics.
The QuEST Forum has no plans currently to monitor or accredit TL 9000 consulting services. Only
the training courses will be authorized.

International participation
One of the QuEST Forum's goals for TL 9000 was that it become internationally accepted-improving the quality and reducing the cost of poor quality of telecommunications globally. But the
majority of the work on the development of TL 9000 has taken place inside North American
borders, conducted by service providers and their suppliers.
How important is it that TL 9000 be accepted globally? "Very important," explained Gene
Hutchison, Pacific Bell senior manager of supplier quality management and QuEST Forum member.
"Telecommunications is a global business--the suppliers are global suppliers. Suppliers and
consumers will benefit the most from a harmonized standard that meets the industry's needs."
In addition, Hutchison explained that the QuEST Forum will benefit from the greater diversity
international membership will bring to the table. "We had to start [the development of TL 9000]
with the participants we had to bootstrap this effort. [However] we are actively soliciting
international participants and want them to become involved as soon as possible."

ISO 9001 and Health Care

Easier, faster and better than other accreditation programs
by James W. Kolka
While it is in an early stage of development, the ISO 9001 quality management system (QMS) is
being given increasing scrutiny by various institutions for its application to the diverse U.S. health
care industry. About half a dozen hospitals and clinics have registered to the standard and several
other health care organizations are in the process of preparing for ISO 9001 registration.
In 1996, American Legion Hospital in Crawley, LA, became the first hospital to register to ISO,
thus gaining requisite third party approval that satisfied state licensure and certification
requirements and reimbursement rules of federal and state agencies.
Here is a look at ISO 9001's 20 elements and their application for health care providers wishing to
gain the quality, customer service and bottom-line benefits of certification.
* 4.1--Management responsibility. This applies to both administrative and clinical operations. The
purpose is to provide the leadership, structure and resources, and establish the quality policy for
the entire health care quality system; for example, the hospital, clinic, nursing home or hospice.
* 4.2--Quality system. As with other ISO 9001 applications, health care providers must establish a
quality manual; create a documented quality management system (QMS); and determine how the

organizational structure, procedures and processes will satisfy quality objectives. Quality planning
suggests continuous improvement.
The ISO 9001 quality system requirement is designed to accommodate ongoing internal and
external audits of the quality system at least once a year, and more frequently when needed to
maintain the integrity of the QMS.
* 4.3--Contract review. The purpose of this requirement is to ensure that all written materials
creating patient expectations are accurate. This means that customer requirements are established
before engaging in a contract, and some person in the organization is responsible for seeing that
contract requirements are fulfilled.
ISO 9001 4.3 focuses on the fact that the patient understands and acknowledges ethical issues
such as confidentiality, privacy, security, communications in regard to anesthesia plans and consents
and orders (such as admission and discharge) and formally agrees with any contracts affecting his
or her rights as a patient.
* 4.4--Design control. Design control has a broad application for health care providers. It defines
the steps that must be taken by the hospital when new or additional services are considered for
implementation. It could involve designing a plan to control patient flow or a specific service such as
a new neonatal care facility, expanded oncology program or off-site human immunodeficiency virus
(HIV) treatment facility.
* 4.5--Document and data control. This clause requires that the quality system provide timely
access to approved instructions for the accurate and timely provision of patient care and support
functions. The right documents must be available and indexed so they are readily accessible.
The clause requires that providers establish and maintain documented procedures and that
pertinent documents and data are available at all locations where operations essential to the
effective functioning of the quality system are performed. All charges must be approved, and all
obsolete documents must be promptly removed.
Health care providers often struggle when they find as many as 30 different versions of the same
form at different locations in a health care facility.
* 4.6--Purchasing. After employee health care benefits, purchasing frequently ranks number two in
expenditures for health care providers. This clause covers everything from subcontractors to
medical equipment to pharmaceuticals.
It is necessary that the QMS ensure the accurate and timely purchase of materials and supplies
from approved vendors. It also is an area that can create runaway costs if not effectively
controlled.

* 4.7--Control of customer supplied product. Any items that are used in the delivery of services,
but are not the property of the health care provider must be identified and controlled. Given the
mix of internal and external customers in health care settings, this area deserves serious attention.
* 4.8--Product identification and traceability. In health care settings, this clause has a special
application. Patient records and patient activities are generally connected to a particular patient
through the use of unique identification numbers. Yet, for some providers who interact with
patients in outpatient settings, each admission is treated as unique and not effectively linked with
prior admissions or tests. This can create a paper nightmare, as well as provide inefficient but
expensive patient service.
* 4.9--Process control. This clause covers a broad range of services in health care settings. Pulaski
Community Hospital in Pulaski, VA, describes process control as the provision of "individualized,
planned patient care in the setting that most appropriately supports the patients' needs." (It could
include controlled conditions concerning the use of suitable equipment and working environment or
monitoring, and control of suitable process parameters and service conditions to clearly stated
criteria for workmanship.
Special processes could include areas such as surgery, obstetrics, physical therapy, radiology,
anesthesia, oncology and respiratory therapy.
* 4.10--Inspection and testing. This clause involves the objective monitoring of the accuracy and
timeliness of patient care and all supporting functions that affect that care. It includes quality
checks, assessments and inspections at all process stages, from admission through patient
discharge.
Areas included would be pre-admission testing and admission, in-processing of patients and products
(for example, Is this what was ordered? Has it been tested to determine if it meets purchasing
requirements and final inspection?), and patient discharge and release.
Records need to be kept, and nonconforming product must be appropriately quarantined. Clause 4.10
can make a powerful and effective impact in a health care setting.
* 4.11--Control of inspection, measuring and test equipment. The objective here is to develop a
comprehensive system and training process to assure that all instruments and devices affecting
quality health care have been properly calibrated.
* 4.12--Inspection and test status. This clause requires verification that assessments, inspections
and tests have been performed, and a patient's medical record shows what procedures, lab tests,
results and assessments have been made. The information should be readily accessible (a problem
for some multisite health care providers) and retrievable (a problem for some providers who
archive recent information). In short, this information should be an elemental part of a QMS.

* 4.13--Control of nonconforming product. In health care settings, nonconforming product also

includes nonconforming service.
Nonconforming products could be an improperly functioning magnetic resonance imaging (MRI)
machine, an in-vitro diagnostic computer that is out of calibration, in-vitro reagents that do not
meet purchasing requirements, or sterile drapes in packaging that was punctured in transit.
Nonconforming services could be electrical outages that shut down a surgical room, untrained
personnel conducting a patient testing procedure, or a loss of critical patient records.
ISO 9001 requires that health care providers follow established procedures to prevent unintended
use or installation. Nonconforming product or service must be evaluated and its root cause
determined to prevent a reccurrence of the nonconformity.
* 4.14--Corrective and preventive action. This requires special attention in health care settings. As
noted, nonconformities can appear in both products and services. Fortunately, corrective and
preventive action in ISO 9001 systems is also driven by the internal audit process, which identifies
nonconformities, drives corrective and preventive action and reports corrective actions, processes
and any quality trends to management review on a periodic basis. It is one of the strengths of an
ISO 9001 QMS.
* 4.15--Handling, storage, packaging, preservation and delivery. This covers issues such as handling
of patients and medical supplies, storing medical supplies, packaging and sterilizing medical devices
for use in the operating room, postoperative instructions, preserving and disposing of medical
supplies, andmi delivering supplies to hospital personnel and patients.
* 4.16--Control of quality records. This differs from 4.5--Document and data control because it
concerns quality records. Which records must be kept and how they are stored are at issue. For
liability purposes, management should consider regulatory requirements and what is stored for
liability purposes.
The absence of key records can be extremely damaging to liability exposure.
* 4.17--Internal quality audits. An ISO 9001 QMS is audited regularly. Audits can be internal (first
party), insurance underwriters (second party) or qualified health care registrars (third party). They
could also be state licensure audits.
It is not possible to have an ISO 9001 registered QMS without a third party audit. The existence
of the three-tiered audit system driven by internal audits on a frequent basis is one of the
strengths of ISO 9001.
* 4.18--Training. The focus of training relates to quality. It means that health care providers must
ensure that employees have the requisite skills to do their jobs.

Further, internal auditors must have quality training certificates on record. Training must be
documented, and a central training records database must be preserved.
With the increased hiring of temporary employees, auditors evaluate to see if people have been
trained to do their jobs.
* 4.19--Servicing. This can cover servicing equipment or providing services to customers. It also can
include internal suppliers.
* 4.20--Statistical techniques. While at first blush, statistical techniques might seem remote,
statistical process control has been used with great effect in health care management. It can
provide significant insight to the efficacy of the system and areas that should be addressed.
ISO 9001 registration is relatively new to health care providers. The first hospital to register to
an ISO 9001 QMS did so in January 1996. Registration to ISO 9001 by a qualified health care
registrar provided the requisite third party approval that satisfied state licensing and certification
requirements and reimbursement by state and federal agencies.
Clearly, ISO 9001 registration offers some powerful improvements to other accreditation
programs. Although others are better known and recognized among health care providers, it should
be noted that ISO 9001 registration offers a disciplined and systematic approach to health care as
it has to other manufacturing and service industries.
While it might seem daunting at first, a documented, internally managed ISO 9001 quality
management system subject to frequent external review (once established) is easier to maintain,
financially less demanding and capable of offering better service to its customers.

The Big Picture

A context for ISO 9001 and ISO 9004

by Joseph J. Tsiakals with Charles A. Cianfrani and Jack West

This is part four of a series of articles on the year 2000 revision of the ISO 9000 series. The first
three articles explained changes in requirements, format, presentation and terminology and in the
processes and approaches used for developing the revisions. This article will elaborate on the bigger
picture: the major driving force for the change and the corresponding response.

Is the ISO 9000 series of quality management standards one of the greatest con games of all
time? What's the value? Are its critics justified? Or are they confused by a lack of understanding
of the role of ISO 9001? Should changes be made in order to deal with this confusion?

What reader hasn't heard criticisms about ISO 9001?

* ISO 9000 does not ensure quality. If you specify garbage, you will get garbage.

* ISO 9000 is very expensive to implement, with questionable benefits.

* Instead of drafting useless documents for meeting standards, it is more important to analyze and
improve the manufacturing process.

* We do Baldrige (the Malcolm Baldrige National Quality Award). ISO 9000 is the old paradigm of
an internal, overlay quality program implying that quality costs money.

* ISO 9000's focus on conformity means that it doesn't address customer-driven quality.

Although there are grains of truth in each of the above misconceptions, these criticisms, some
from supposedly informed experts, are all widely off the mark. They originate partially in the
frustration that comes from unrealized or unrealistic expectations or from expectations that arise
from different approaches.

From these and other criticisms, however, it became clear that a key motivation for the 2000
revision of the ISO 9000 series should be to address the organizational need to ensure quality,
provide for meeting customer needs and requirements, create efficient and low cost operations, and
achieve marketplace success.

Paradoxically, in light of all the criticism, there are more than 270,000 organizations currently
registered to ISO 9001. Each of these organizations has implemented a system and retains
external auditors to obtain and maintain its registration. And the upward trend is continuing.

To understand why the ISO 9000 series of quality management standards has been so widely
embraced, it's important to see the big picture. Only then does one understand the major driving
force for change and the corresponding response of ISO Technical Committee 176 (ISO/TC 176)
through development of an aligned pair of standards that are designed to be used together.

Two major approaches

The efforts of governments to lower trade barriers, along with a drive for international markets,
tough competition and customer pressures on suppliers have all resulted in great focus on quality.
Many agree that quality serves as a major unifying principle of business. The many differing
methods for achieving quality have coalesced into two main quality management approaches:

* ISO 9001 quality management systems (including ISO 9002 and ISO 9003), which focus on
process management.

* Performance excellence models, which focus on results oriented improvements. The various
national or regional quality award programs such as the Baldrige Award, the Deming Prize, and the
European Quality Award, along with efforts such as the Six Sigma process, best characterize the
performance excellence models. ISO 9004:1994, as a guidance standard for quality management,
also has had a focus on performance excellence. It uses ISO 9001 as the basic system and gives
guidance on improving all aspects of the quality system, including achieving improved performance of
the cost of quality and continual quality improvement.

Each of these two approaches--ISO 9001 and performance excellence--is legitimate. Organizations
that embrace one of these approaches typically engage in many elements of the other approach.
Both approaches, in fact, need to be embraced.

The real issues involve understanding the goals of each approach, the roles to be played by them in
providing value to an organization and the ways in which they might be integrated into one cohesive
quality system. Much of the confusion today arises because of the tendency by practitioners to
promote one approach by emphasizing the differences and inadequacies of the other. Instead, it is
better to embrace both approaches in a unified manner.

Maslow's Hierarchy of Human Needs

A useful way to illustrate the relationships between ISO 9001 and performance excellence is to
draw a parallel to a well-established model, namely Abraham Maslow's Hierarchy of Human Needs
(see Figure 1).

Maslow first published his theory of human needs and incorporated it into leadership training for
the U.S. Air Force during World War II. This theory attracted much interest as a basic structure
for at least broadly understanding human motivation. Basically, the theory holds that individuals
have a hierarchy of needs:

* Survival or basic needs.

* Security or safety.

* Love or belonging.

* Status or esteem and self-realization or self-actualization.

The theory holds that individuals are motivated by lower order needs until these are relatively
satisfied. Higher order needs are then addressed. Even so, the lower levels must be maintained. If
not, their importance overshadows the reaching to self-actualization. Lower order needs must be
dealt with first. It is difficult to be self-actualized if you are hungry, with no coat, and outdoors in
a snowstorm. First things first.

Motivation for the lower needs is to avoid deficiency, while self-actualized people are growth
oriented and continually expanding their interests and contributions to society. Fulfillment at the
highest levels of the hierarchy tends to be episodic. Maslow later redefined self-actualization as a
function of frequency of peak experiences.

The Quality Hierarchy

Consider ISO 9001 and performance excellence as existing in a hierarchy of quality needs parallel
to the Maslow model, as shown in Figure 2. ISO 9001 is at the base, and everything above the base
represents performance excellence. Goals differ at each level: survival or effectiveness (assure
quality through an effective quality system), efficiency (minimize resource utilization), and
competitive advantage (maximize shareholder value). Clearly, organizations must first meet the
needs at the base. They cannot achieve and sustain higher levels in the hierarchy without the base.

The nature of the actions differs at each level (see Figure 3):

* Effectiveness addresses such areas as conformance to customer requirements, prevention of

customer dissatisfaction, recalls and defects, and achievement of safe products.

* Efficiency is concerned with such issues as using resources prudently, reducing material costs,
reducing cycle times and increasing productivity.

* Competitive advantage focuses on ensuring delighted customers, increasing market share and
increasing profitability.

Organizations should target results at each level that are aligned with their strategic and tactical
objectives. At the base, product and service related processes, functions and workers are of
primary concern. At the top of the hierarchy, all processes, all functions and all employees need to
be involved.

There are other major differences between the base and the top of the hierarchy. The base is
defined by a quality system consisting of a minimum set of actions that must be performed. In
order to be able to provide customer confidence, the system must be able to be audited. It either
complies or it doesn't. Requirements are fulfilled, or organizations are in noncompliance. Product is
defective or acceptable. Customers either complain or don't. The base can be considered as a
binary territory. Quality, at the base, deals with meeting those aspects of customer satisfaction
achieved through conformance to requirements.

In sharp contrast to this is the nature of the world above the base. Above the base the world
exists on a continuum. Strengthening competitiveness depends upon pursuit of operational
excellence--referred to as excellent or superior or world-class quality.

Organizations must look outside of themselves and benchmark for the best practices and the best
results to gain understanding of what they must do. Success depends on deployment throughout the
organization and ever improving results. Above the base, organizations need concern themselves not
only with present but also with future customer needs.

Whereas an organization must meet all the requirements at the base in order to pass a compliance
audit and achieve registration, no organization ever fully arrives at the top of the Quality
Hierarchy.

An example

The earlier description of performance excellence (everything above the base) sounds enticing.
Why then bother with ISO 9001? Why not just go directly for world class quality and competitive
advantage? After all, isn't there criticism that ISO 9001 does not ensure quality? Surprising to
some, there is strong evidence that ISO 9001 does ensure quality, while performance excellence
may not.

Consider the fact that medical devices are among the most reliable products in the world. For
critical functional characteristics, most achieve beyond six sigma levels of performance. These

products are among the most critical, as evidenced by the fact that governments consider it
necessary to regulate them.

As an example let's look at one type of medical device--a heart valve. Heart valves are implanted
through open-heart surgery. If requirements--including those related to sterility and
functionality--are not 100% fulfilled 100% of the time, a patient's death may result. In such a
critical application, the adequacy of design and manufacture is paramount.

The U.S. Food and Drug Administration as well as corresponding regulatory bodies for other first
world countries all regulate the design and manufacture of heart valves using the ISO 9001:1994
quality system standard (or the regulatory equivalent) as the core requirements.

ISO 9001 requires the following:

1. A thorough documentation of quality requirements, quality related processing steps and results.

2. Implementation of controls to maintain the system.

3. Complete compliance to the defined system requirements.

Assurance of fulfillment of these requirements is achieved through internal audit, management

review and corrective or preventive action, which, as required in ISO 9001:1994, encourages
continuous improvement of the system for meeting customer requirements.

The ISO 9001 quality system or its equivalent is a minimum requirement with which every single
medical device manufacturer must fully comply. Compliance is a requirement to even enter the
market. It doesn't guarantee marketplace success. Instead, it is used, along with enforcement
actions, to ensure product safety and reliability.

Since performance excellence does not require the rigor of a quality management system, to be
sustained it is best implemented in the context of ISO 9001. Although some might argue that not
all products are as critical as medical devices, isn't it obvious that ISO 9001 should come first? A
major part of the 2000 revision was the restructuring and careful crafting of ISO 9001 to be
generically appropriate for all organizations and for all types of products, including services and
software. The nature and extent of the specific requirements for a given quality system are
dependent on the nature of the product, size and type of organization, complexity and interaction
of the processes and competence of personnel. For example, ISO 9001 applied to a business of 25
employees is significantly different from its application to a business of 1,000 employees, all other
aspects being equal.

While ISO 9001 is necessary for assuring the meeting of quality requirements, it is not sufficient
for the organization's continuing success. Through its systems approach, ISO 9001 sets the
foundation for efficiency and low cost production, but it does not deal directly with cycle time
reduction, low cost material, higher productivity or any of the other means of achieving competitive
advantage.

Performance excellence does deal with these needs. Executive management may use performance
excellence or an equivalent approach to achieve operational excellence. By their very nature, the
tools of performance excellence work best in the project-by-project mode. As projects are
completed, focus tends to shift to other projects without adequate institutionalization. And so the
gains may be lost.

As in the Maslow model, achievement at the highest level of the Quality Hierarchy tends to be
episodic. It is the formal quality management system at the base that serves as the means to
standardize and institutionalize the improvements that are gained from the projects.

The consistent pair: ISO 9001:2000 and ISO 9004:2000

ISO/TC 176 has attempted to address the greatest concerns of the users of ISO 9001--the desire
to ensure quality and provide for marketplace success--by developing and promoting the use of a
consistent pair of standards:

* ISO 9001:2000 covers quality management system requirements.

* ISO 9004:2000 provides guidance for performance improvement.

From the initial publication of the ISO 9000 series in 1987, ISO 9004 served as guidance for
achieving improved performance. Quite naturally, with the pressure of audits for conformity to
ISO 9001, ISO 9004 has been all but ignored. Few even know of its existence.

One of the changes implemented by the 1994 revision of the ISO 9000 series was alignment
between ISO 9004 and ISO 9001 in order to allow integration of the two standards. The alignment
will be completed with the upcoming revision, which uses matching clause numbers and titles to
achieve a much higher degree of consistency between the two.

Additionally, a set of eight quality principles has been developed by ISO/TC 176 to serve as the
necessary linkage between the base (ISO 9001) and higher levels that are above the base (ISO
9004).

Why ISO 9000:2000?

If one were to gather representatives on quality worldwide from all types of organizations and
have them describe a system to ensure quality by preventing product and service failures and field
recalls, the result would be ISO 9001:2000. It encompasses the requirements at the base of the
hierarchy of quality needs.

Likewise, if one were to gather representatives on quality worldwide from all types of organizations
and have them describe approaches to provide for marketplace success through efficient
operations and competitive advantage, an equivalent or an approximation of ISO 9004:2000 would
emerge. It provides guidance for all of those activities of a quality nature that need to be
considered above the base.

The first article in this series (October 1999) outlined the technical reasons for the changes
specified in the design documents for the 2000 revision. These reasons included the need to
achieve a consistent pair of quality management system standards--ISO 9001:2000 and ISO
9004:2000. From a big picture standpoint, the new revision facilitates rapid and smooth progression
from baseline quality to performance excellence.
To ensure quality and marketplace success, all organizations need to embrace both the
requirements within ISO 9001 and the performance improvement guidance within ISO 9004.
The next article is this series will explain how these principles and their application are allowing
fulfillment of a truly unified, consistent pair of standards.
NOTES
The Quality Hierarchy was developed and trademarked by Joseph J. Tsiakals to describe the
relationships among various approaches for quality management.
To avoid awkwardness in the text of this article, the popular usage of the names ISO 9000 and
ISO 9001 is used. ISO 9000 in the listing of criticisms refers collectively to the requirement
standards ISO 9001:1994, ISO 9002:1994 and ISO 9003:1994. ISO 9001 throughout the text
means the quality management system requirements standards and includes ISO 9002 and ISO
9003. The ISO 9000 series refers to ISO 9001 and ISO 9004.

Quality Management Principles:

Foundation of ISO 9000:2000 Family
Practical application came first

by Jack West, with Charles A. Cianfrani and Joseph J. Tsiakals

This is part five of a series of articles on the year 2000 revisions of the ISO 9000 series. The
first four articles explained changes in requirements, format, presentation and terminology; the
processes and approaches used to develop the revisions; and the driving force for change and
corresponding response.

Many successful quality programs started with actions, not a defined philosophy. Often the most
successful organizations act first and only later take the time to define the basis for their actions.

The same has been true of the ISO 9000 family of standards. Past editions of the ISO 9000
family were primarily based on practices, ideas and concepts that have worked. These were
consolidated into a collection of elements that were deemed necessary for a quality system by the
experts from around the world who served on Technical Committee (TC) 176. This pragmatic
foundation has served well and the standards have become the most widely used in the
International Standards Organization's (ISO) history.

The ISO 9000:2000 revision continues to contain much of this pragmatism. Sufficient time had
elapsed to make it feasible to state the principles upon which quality management is really based.
Instead of being set out first, with practice following, the concepts and principles of quality
management in the revision have evolved from actual practice.

During the mid-1990s ISO TC 176 established a working group with the charter to research basic
quality management principles (QMPs) and develop a brochure to explain them. That work resulted
in the identification of fundamental principles (see the sidebar "The Eight Quality Management
Principles"), which are intended to be the basis of the entire system.

While it is important to understand and apply the principles in the development of quality
management systems, it is equally important to understand that the principles do not contain
auditable requirements.

The development of the principles was a difficult task. The working group assembled and reviewed a
vast array of documents on the subject of quality systems, including quality award criteria from
around the world.

Attaining consensus on core QMPs required two international ballots and consumed almost five
years of work. The result was a coherent set of principles. ISO is expected to publish a brochure
on the principles and their application sometime in 2000.

The principles can lead to quality excellence for an organization that is willing to continuously focus
its efforts on following them. This article describes the relationship of the first four quality
management principles to the requirements document (ISO 9001:2000) and to the guidelines of
ISO 9004:2000. Principles five through eight will be discussed in the March issue.

Principle 1--Customer Focused Organization

Organizations depend on their customers and therefore should understand current and future
customer needs, meet customer requirements and strive to exceed customer expectations.

Relationship to ISO 9001:2000

* At the basic quality management level, the organization's focus should address not only the
control of defined characteristics but also the understanding of overall customer needs. Even a
quality management system (QMS) containing minimum requirements (such as an ISO 9001
compliant QMS) should focus on customer requirements throughout all processes.

Examples include processes for contract review, new product design and corrective action. An
intense focus on identifying customer requirements may be the single biggest value in adopting ISO
9001 as a model for the QMS for an organization.

* A QMS typically includes linking customer complaint and returns processes to data analysis. These
processes provide the beginnings of a systematic means of understanding customer feedback in
order to prevent future problems from developing.

Relationship to ISO 9004:2000

* In relation to ISO 9004:2000, one can envision an organization that has complete knowledge of
its customers--their current and future needs and perceptions.

Many organizations claim to have this knowledge--even with no quality system at all. They might
point to their sales or research and development departments as having the customer insight
needed to understand such things even without interacting with customers (the "field of dreams"
syndrome). For some organizations, this is adequate.

But in a total quality management (TQM) environment, such knowledge is not just considered on an
individual basis nor is it the purview of only a few departments. Information should instead be
collected systematically throughout the organization from many sources and integrated into a
process that provides a coherent and balanced view of customer and marketplace needs and wants.

* At the TQM level, sharing customer information and data is also pervasive in the organization.
There are processes to define customer perceptions of organizational performance and drive
market performance by affecting changes in customer perceptions of how well their expectations
are met.

* Ultimately, the organization is able to capture markets and create loyalty because of preferred
products and services at attractive prices while addressing the requirements and needs of internal
customers as well.

Principle 2--Leadership

Leaders establish unity of purpose and direction of the organization. They should create and
maintain the internal environment in which people can become fully involved in achieving the
organization's objectives.

Relationship to ISO 9001:2000

In any organization, there are leaders at all levels. Certainly, top management is responsible for
providing the vision and strategic direction for all aspects of the business, including the vision for
quality management and the QMS.

* For every dimension of the QMS there should be a leadership presence assuring that all internal
and external processes are being structured and operated in a way that maximizes internal
productivity and external customer satisfaction.

Relationship to ISO 9004:2000

* In organizations using ISO 9004 to strive for excellence, leadership can become more personal,
with managers continually providing examples of behaviors that facilitate creation of high levels of
customer satisfaction.

* At this level, the organization's leaders treat quality as a strategic issue. Target setting and
management review are ongoing activities, and leaders fully integrate the quality and human
resources plans of the organization with strategic business plans.

Principle 3--Involvement of People

People at all levels are the essence of an organization and their full involvement enables their
abilities to be used for the organization's benefit.

Relationship to ISO 9001:2000

* A basic quality management system assures that individuals involved in work are fully qualified and
capable of carrying out the processes to which they are assigned. Training and process qualification
have been mastered by the organization and are integral elements of the QMS, not an
afterthought.

* People are respected for their ability to contribute to improvement. Examples include dynamic
participation in the corrective action process and participation on teams to introduce new products
or processes, improve safety and conduct other activities.

Relationship to ISO 9004:2000

* Organizations at this level have mastered the art of fully engaging employees in their jobs and
actively involving them in the improvement process.

* There is a process for communication between leadership and all employees. The leaders focus on
achieving full alignment between the goals of the organization and the personal goals of individual
employees.

Organizations at this level tend to share business data and information with all employees. They do
this to make certain everyone has the same understanding of goals, targets and objectives.

Principle 4--Process Approach

A desired result is achieved more efficiently when related resources and activities are managed as
a process.

Relationship to 9001:2000

A fundamental dimension of 9001:2000 is the adoption of the process approach to all work
performed by an organization. The new process model with its implications about how to carry out
work under controlled conditions should be much easier to use than the old model was since it
represents the way most organizations really operate--as a series of connected inputs and outputs.

* When a basic quality management system is present, the organization will have clearly defined the
processes for designing, producing and delivering the product or service. Processes for ensuring
that customer requirements are met will have been defined and implemented. Control of product
and service quality will have moved upstream from control only of process outputs to control of the
process itself.

* The organization should also have the other processes discussed in ISO 9001 for such activities
as corrective and preventive action, audits, management reviews and so on.
Relationship to ISO 9004:2000
* In relation to ISO 9004:2000, an organization is focused on the optimization of resources in each
process. Its culture says that the processes can always be improved, and activity is present in the
organization to make planned improvements.
* The organization will be using process measures extensively, and there is clear understanding of
process performance. The measures of process outputs are regularly correlated with measures
taken at key points in the process to help identify actions needed to make these improvements.
Quality management principles five through eight will be discussed in the March issue.

Foundation of the ISO 9000:2000 family

by Jack West, with Charles A. Cianfrani and Joseph J. Tsiakals

Last month we discussed the first four of eight fundamental quality principles identified by ISO
Technical Committee (TC) 176 as the basis for the ISO 9000:2000 revisions. This month we
continue with principles five through eight. (All eight are presented in the sidebar).

While these eight principles do not contain auditable requirements, it is important to understand
their relationship to the requirements of the 2000 revisions to both ISO 9001 and ISO 9004. The
application of the principles can lead to quality excellence for an organization.

Past editions of the ISO 9000 family were primarily based on practices, ideas and concepts. These
were consolidated into a collection of pragmatic elements by TC 176, and the ISO 9000:2000
revision continues to contain much of this pragmatism.

Principle 5--System Approach to Management

Identifying, understanding and managing a system of interrelated processes for a given objective
improve the organization's effectiveness and efficiency.

Relationship to ISO 9001:2000

* With the development of a basic quality management system, the organization moves to integrate
the processes for creating the product or service with those processes that verify that the
product or service meets customer needs.

* At this level, the emphasis is on developing a quality management system that is suitable for the
organization's situation and effective in assuring that customer requirements are met.

* The challenge at this level is to create an effective system with fully integrated processes while
avoiding unneeded paperwork and bureaucracy.

* At this level, the purpose of the quality management system is to achieve customer satisfaction.
Fully effective systems at this level use measures of customer satisfaction along with other data to
perform day-to-day management and decision making. The management review process has matured
and uses these data along with audit results to assess system effectiveness.

Relationship to ISO 9004:2000

* In relation to ISO 9004:2000, the organization fully understands and manages the interactions
among the various processes in the business. Processes are aligned with each other and with the
goals of the organization.

* At this level, the organization is focused on achieving results by continually improving the
management system. While achieving customer satisfaction remains a key driver of business

success, the organization now can use data on its processes along with customer feedback for
strategic decision making and overall business planning.

Principle 6--Continual Improvement

Continual improvement should be a permanent objective of the organization.

Relationship to ISO 9001:2000

* At this level, there are mature and robust corrective action processes, and a preventive action
process is in place.

* The organization is focused on improving the effectiveness of the quality management system
based on facts (see principle 7) obtained from pervasive measurement processes (in other words,
use of statistical methods).

Relationship to ISO 9004:2000

* At this level, leaders are establishing targets and goals based on key measures of customer
satisfaction and internal performance. There is a drive to reach challenging improvement goals.
Leaders themselves are involved in the improvement process and provide resources to ensure
targets are met.

* The organization is focused on efficiently meeting future customer needs and on achieving
business results through the quality management system.

Principle 7--Factual Approach to Decision Making

Effective decisions are based on the analysis of data and information.

Relationship to ISO 9001:2000

* Facts and data are used in the quality management system to make decisions related to the
system's operations. The information is gained from analysis of audit results, corrective actions,
process performance, customer complaints and other sources.

* Analysis tends to be focused on data that can be used to improve customer satisfaction and the
efficiency and effectiveness of the quality management system.

Relationship to ISO 9004:2000

* Decisions and actions are based on the analyses of a broad range of data. Customer data are
derived by using all available listening posts to understand what is important and make decisions
that will improve the organization's market position. Techniques such as focus groups, surveys and
tracking studies are routinely used to obtain facts that will assure understanding of customer
needs and requirements.

* Information is derived from analysis of data and from the innovative ideas of all members of the
organization. The focus is on improving productivity while eliminating waste and rework and
enhancing market value.

Principle 8--Mutually Beneficial Supplier Relationships

An organization and its suppliers are interdependent, and a mutually beneficial relationship
enhances the ability of both to create value.
Relationship to ISO 9001:2000

* With the development of a quality management system, an organization will have defined
processes and document requirements suppliers must meet. There will also be processes in place to
review and evaluate suppliers' abilities to meet those requirements and assess the congruence of
organization and supplier objectives.
Relationship to ISO 9004:2000
* The focus tends to change as organizations establish strategic alliances or partnerships with
suppliers. In many cases, organizations involve suppliers very early in defining requirements for
joint development and in broad-based concurrent engineering.
* Organizations work with suppliers to develop mutual trust, respect and commitment to customer
satisfaction. Mutual efforts focusing on continual improvement become the norm of operation for
both parties.
* Integration of the supplier quality process with other efforts related to supplier systems
becomes common.
Relationship of principles and process
In an earlier article in this series, a process model was introduced. It should be clear, however,
that there is a significant relationship between an organization's processes and principles. Indeed,
two of the principles point out that all work is best managed as a value adding process and that the
quality management system is really a collection of processes.
The relationship of processes to the principle of customer focus should also be clear: Each process
has customers with requirements that must be understood and met as well as suppliers who provide
inputs to those processes and are critical to successful operations.
The people in an organization should be using data and innovation to continually improve
performance. From beginning to end, an organization's success is driven by the leadership of its
managers and employees as it implements its work and adds value through many interconnected
serial and parallel processes.
Integration is the key
Perhaps the most important concept the principles espouse is the notion of integration. The overall
management system--its leaders, processes, data, people and suppliers--works best when fully
integrated.
The eight quality management principles, when consistently applied across an organization, should
en-gender optimal overall performance, which will lead to performance excellence far more
effectively than a series of individually optimized activities.

Why QS-9000 Was Developed And What's in Its Future

Auto suppliers were troubled by multiple specifications and standards

by R. Dan Reid

The question "Why QS-9000?" is frequently asked by people involved with standards but outside
of the auto industry. Surprisingly, it was not a Chrysler, Ford or General Motors idea. Actually the
automotive suppliers suggested it, and while automotive standardization work began in 1988, the
problem appeared much earlier.

Years ago, customers were closer to their suppliers. Think back to the rural general store. The
customer could go to the proprietor to purchase or barter for goods. If the quality of the goods
was found to be poor, the customer could return to the store and deal directly with the proprietor
to get satisfaction.

With the advent of the Industrial Age, the distance between customers and suppliers increased.
As the population grew, new companies were formed and fitted into material supply chains. It
became difficult for companies to obtain what is called the "voice of the customer."

As an interim step, suppliers worked to a specification. As specifications multiplied, terminology

became difficult to understand. There were multiple terms with the same meaning and terms that
had multiple meanings. Over time, multiple specifications led to standards development.

By the mid-1980s, suppliers were subject to numerous military, national and customer standards.
Some companies dedicated full-time employees to each customer account just to understand the
varying quality requirements.

Situation worse for Tier Two suppliers

For Tier Two suppliers--those who sell to a tier one supplier--the situation was worse. They were
subject to numerous unique Tier One supplier quality standards, which incorporated their own
standards with those of the final customer. In addition, these Tier Two suppliers typically have
fewer resources with which to deal with the variation than Tier One suppliers have.

By 1987, the ISO 9000 family of quality management system standards was released. The use of
ISO 9000 promoted the use of consistent quality terminology internationally and resulted in
significant harmonization. The standards were slow to take root in the United States, however.

Chrysler, Ford and GM elected to use the ISO 9001 standard as the base requirements for the
automotive sector document called QS-9000. This happened mainly because there was a widespread
rumor that companies would have to be ISO 9000 certified by the mid-1990s in order to do
business in Europe.

While nothing in ISO 9000 was objectionable to the Big Three automakers, it lacked some
elements that were in automotive industry documents at that time, such as business plans, customer
satisfaction, continuous improvement, manufacturing capabilities and much of the advanced quality
planning content.

Today there are a number of sector-specific ISO 9000 based quality system standards or
requirements, for example, AS9000 and the new AS9100 (aerospace) and TL 9000
(telecommunications). However, some sectors object to adding elements like customer satisfaction
and continuous improvement to ISO 9000, particularly if applied to the product, while others find
this objection troubling.

QS-9000 use adds to supplier profits

The benefit of the QS-9000 has been proven. A 1998 ASQ/Automotive Industry Action Group
survey of more than 200 suppliers reported the average cost of QS-9000 registration to be about
$120,000.1 All but $20,000 paid to the certification body--17% of the total reported cost--turned
out to be discretionary cost on the part of the supplier, for example consultants or training. The
average sales of the respondents was $130 million, and they reported an average savings of 6% of
sales as a result of the QS-9000 registration, which is about $8 million per company.

This 1998 survey also correlated greatly with the 1997 version of the same survey, which had over
600 respondents.2 That survey indicated a 3-to-1 return on total costs and almost 17-to-1 return on
the certification body costs. The quality benefits in terms of parts per million (PPM) defects
indicated that about half the suppliers improved their PPM by about 50%.

This is in contrast to the benefits of ISO 9000. In a 1999 McGraw Hill ISO 9000 survey with over
1,100 respondents, the average total cost of ISO 9000 registration was reported to be $156,000,
with an average total savings of $187,000, or a savings-to-cost ratio of only 1.2-to-1.3 Less than
19% reported that their defect rate was significantly improving, and of these only one-third
reported that the improvement was attributable to the ISO 9000 registration to a high or very
high extent.

Additional requirements

The difference in quality improvement and savings between QS-9000 and the ISO 9000 scheme is
primarily due to the additional sector specific requirements and process controls imposed on the
third party registration system, for example QS-9000 Appendices B, G, H and I.

Given that ISO 9000 is considered inadequate as is, there is a legitimate need for industry
supplemental requirements. However, there is no consensus among the various sectors as to how the
additional requirements should be published. In fact, most sectors, including those affected by
regulatory requirements, prefer to see ISO 9001 contain only the minimum requirements for quality
assurance. They want to publish their own supplemental requirements, sometimes in the form of
company specific requirements outside of the ISO 9000 portfolio. Only the automotive sector has
considered migrating to use of an improved ISO 9000 over time.

The automotive sector has worked with ISO Technical Committee (TC) 176--the group responsible
for the ISO 9000 family of standards--for several years to see how sector needs might be
accommodated. Initially, TC 176 was resistant of sector specific documents. It preferred that the
sectors use ISO 9000 as is.

Automotive industry representatives were invited to participate in the ISO 9000 revision for the
year 2000 to see if ISO 9000 could incorporate enough additional content to avoid the need for
sector specific additions. However, this participation came about too late. The year 2000 design
specifications were complete by then, therefore much of the significant content brought forward
was rejected by TC 176 on the basis that it was outside of the design specification.

TS 16949

In discussion with the other sectors, it became apparent that a way would have to be found for
ISO 9000 to accommodate sector-specifics or the sectors would continue to publish the sectorspecifics outside of the ISO 9000 portfolio. QS-9000 and the similar European automotive
requirements manuals, including VDA 6.1, have been harmonized into a new ISO portfolio of
documents called a technical specification (TS). ISO/TS 16949 was released one year ago as the
first ISO TS and as an optional document for automotive suppliers. All this was accomplished in
cooperation with the International Organization for Standardization, known as ISO.

Suppliers with numerous automotive customers requiring third-party certification to their own
requirements document can now choose a certification to ISO/TS 16949, which will satisfy those
customers when the relevant customer specific requirements are included in the registration scope
by a recognized certification body. A listing of the recognized certification bodies for ISO/TS
16949 is available from the International Automotive Oversight Board at 248-799-3939.

The various sector specific documents mentioned earlier satisfy the needs of customers in these
sectors, but the varying terminology and areas of emphasis among these documents continue to be a
challenge for the lower tier suppliers that often sell to companies representing different sectors.
The process of standardization has been iterative from the beginning, so there will be future
opportunity for harmonization to benefit the mutual supply chain.

Four product categories

Four categories of products are defined in the ISO 9000 family: hardware, software, services and
processed materials. A comparison of the sector specific documents reveals that a number of
similar concepts use different terminology, for example "production part approval" vs. "first article

inspection." These are particularly evident in documents within the same product category. Here
lies an opportunity.

The current issues of these sector specific documents are based upon the 1994 version of ISO
9000. New efforts should focus on revising the current sector-specific issues to incorporate the
new ISO 9000 text scheduled for release by the end of this year. These efforts should include
discussion between sectors to standardize as much as possible. In the worst case scenario, common
terminology should be used for like concepts. In the best case, a hardware specific manual that
more than one sector could adopt would replace the current sector-specific documents.

This would mean that a customer requirement going forward would be the new ISO 9001 standard,
with the hardware-specific additions and, perhaps, a few company-specific requirements.

The additional benefit of migrating to product-category specific documents would be in

standardizing requirements further into the supply chain. To the degree that multiple sectors can
agree on terminology and format, the customer and supply chain will benefit through better
understanding and implementation of the fundamental quality system requirements. If past gains
are any indication, significant cost and quality improvements would be achieved.

Valuing standardization work

There are a number of roadblocks to seeing this realized. One significant problem is with the
reward system inside companies. Employees are traditionally rewarded for developing creative
solutions to problems, not for standardizing requirements with other companies or with other
industry sectors. We need to find a way to value the work of standardization and revise the reward
systems in companies to reflect this value.

Another roadblock is the standardization process itself. Over time this process has become biased
against the customer by a disproportionate number of supplier advocates and consultants. To
continue to thrive, quality management stakeholders need to focus on the needs of the customer
and end user of the product and on continual quality improvement of their product and service.

A recent example of this focus on the customer is American Airlines, which announced it would
revise current aircraft to provide additional legroom for passenger comfort.
REFERENCES
1. 1998 Annual Quality Survey Report (Southfield, MI: Automotive Industry Action Group [AIAG],
1998).
2. "1997 AIAG/ASQ Quality Survey Results" presented at the 1997 Quality Survey Workshop,
March 17 in Novi, MI.
3. ISO 9000 Survey '99: An Analytical Tool To Assess the Costs, Benefits and Savings of ISO
9000 Registration prepared by Quality Systems Update and Plexus Corp. (New York: McGraw-Hill
Inc., 1999).

he Past, Present and Future Direction Of Aerospace Quality Standards

Designed to solve problem of duplication and contradiction

by Dale K. Gordon

Original equipment manufacturers (OEMs) and suppliers in the aerospace community are very
concerned about the proliferation of standards used to define quality system requirements. While
this is certainly an issue across all industries, we need to examine exactly what is happening.

For many years the aerospace OEMs took customer and regulatory requirements, such as Mil-Q9858, Mil-I-45208, Mil-I-1535, NATO AQAP-1 and FAR Part 21, and added company specific
requirements to them. These requirements were translated into company specific documents and
sent to suppliers as quality system requirements that each individual OEM performed audits
against. These slightly differing requirements sometimes took on a life of their own, causing
suppliers to be constantly audited to different criteria for the same basic top level standard.

As the military, NASA and the entire aerospace industry began to look for cost savings, one of the
first and most logical steps was the elimination of dual or redundant quality systems and the
adoption of a single process for quality assurance.

In the early '90s, the Department of Defense (DoD) head of acquisition called for a single process
initiative and asked DoD procurement officers to drop as many contract specific requirements as
possible and adopt commercial practices instead. Since there was no other readily available
standard in place at the time, ISO 9001:1987 (and subsequently 1994) was easily accepted as the
commercial equivalent quality system.

Another thing that made the ISO 9000 series of standards appealing was the growing supplier
base. As products grew in complexity, the need for cost containment and reduction became more
prevalent. An increasing amount of the OEM's work was contracted out so the major OEMs were
looking for a simple cost effective tool to control quality in the aerospace supplier community.

While an excellent model for a quality system, ISO 9001 (and ISO 9002) is minimalist and neither
fulfills all the needs of the industry nor covers the regulatory requirements. So it had to be
supplemented. Supplemental requirements were easily written into the quality programs of the
OEMs, but they still caused proliferation of flow down requirements to the supplier base. This was
especially true in commercial aviation where the Federal Aviation Administration (FAA) sees the
supplier community as an extension of the prime manufacturer.

Development of an aerospace industry standard

The problem of duplicative and contradictory requirements was long recognized by the aerospace
industry, and several attempts were made along the way to find a satisfactory solution.

U.S. aerospace companies learned the hard lesson that product and service quality as a determinant
in customer selection is now on par with price, delivery and performance. The problem with flow
down requirements and multiple audits had not diminished in the supplier community. With the high
costs of design and development and the prevalence of joint partnerships, most companies are both
suppliers and customers to each other as well as to their vast supplier networks.

In 1995 several major aerospace manufacturers, recognizing the need for uniform supplier
requirements, came together under the umbrella of ASQ and created the American Aerospace
Quality Group (AAQG). AAQG's original aim was to procure higher quality and lower cost materials
and services faster and more reliably from a stable long-term supplier base. The first effort was in
the same area where other industries such as automotive had already made significant progress-process variation reduction. One area of variation reduction targeted by the AAQG was the
multiple quality system requirements and specifications imposed on the aerospace supplier
community.

The AAQG first discussed the use of ISO 9001 as a standalone document. Discussions with the
automotive industry about the creation and use of QS-9000 firmly planted the concept that an ISO
9001 based document tailored for aerospace was doable.

The first product of this attempt at an industry standard was published by the Society of
Automotive Engineers (SAE) in October 1996 as ARD 9000. Subsequent to this interim publication,
some changes occurred within the AAQG, not the least of which was that the group left the
umbrella of ASQ and became an SAE Aerospace Council subcommittee. The AAQG began to see its
mission as creating requirements and solutions and bringing homogeneity to the quality side of the
industry. Refinement of the ARD 9000 document led to a final release of a standard called AS9000
in May of 1997.1

Why is an aerospace standard necessary? Some very key concepts--not the least of which are safe,
reliable and maintainable products--are missing from ISO 9001. Aerospace industry customers
(airlines, DoD, aviation public, NASA and others) expect and demand that quality systems employed
by manufacturers assure that products are safe and reliable, perform as intended and operate
normally when maintained in accordance with the requirements of the manufacturer.

Another caveat is the recognition that in matters pertaining to civil aviation, the FAA and civil
aviation authorities of other countries have the final say on acceptable practices and procedures
during the design, development, manufacture, assembly and testing of civil aerospace products.

AS9000 focuses on areas that are important to the aerospace industry. It recognizes the
relationships and requirements of the regulatory agencies. It recognizes that the supplier
community is an extension of its own processes and procedures and therefore must be tightly
controlled to reduce variation. It focuses on processes whose sensitivity can have extreme
consequences to the product's safety, reliability and performance. AS9000 added 31 new
requirements in the areas of:

4.2--Quality system and planning.

4.5--Document and data control.

4.6--Procurement.

4.9--Process control.

4.13--Control of nonconforming material.

Some unique items include the requirement for foreign object damage control--one of the most
prevalent and potentially deadly problems in the industry. It puts emphasis on the complete supply
chain for any errors may have disastrous effects. It puts emphasis on the control of processes and
process planning--not just the process itself but the tooling, equipment, software and people
involved. Any variations from the specified requirements can build in latent defects that cannot be
tolerated in service. Finally, it increases documentation of results requirements since many times at
the end of the day the only evidence that processes were correctly performed is the documented
evidence created while the work was being performed.

Making the standard global

While satisfied with the result of AS9000, the AAQG recognized that all the OEMs operate
globally so it was necessary to include the worldwide aerospace supplier community. To this end,

ISO TC 176 (the International Organization for Standardization technical committee for quality
system standards) and other sectors were approached about sector specific standards. The
proposal for an international standard was rejected at the time and tabled for further study.

In 1998, ISO TC 20 (aerospace) agreed to sponsor Working Group (WG) 11 to create an ISO
technical paper for quality system requirements using AS9000 as a basis along with a corresponding
European document called prEN 9000-1.

WG 11 included the United States, Canada, Brazil, Mexico, England, Spain, France, Germany, China,
Japan and others. All recognized the need for a specific industry standard. There was one major
problem: If published by ISO TC 20, the standard would take additional time and would lose its
9000 number as did the similar effort by the automotive industry (ISO/TS 16949, the
international version of QS-9000).

So the decision was made to have the harmonized document, still based on the English version of
ISO 9001:1994, published by each individual country's aerospace association or standards body. In
the U.S. the harmonized standard is an SAE document, AS9100.2 In Europe it is AECMA EN9100,
and in Japan it is SJAC9100. Others are yet to come as 9100 numbered documents.

Harmonization added almost 55 more amplifications and requirements than there are in ISO 9001.
The harmonization retains all of the areas added in AS9000 and focuses on additional criteria such
as design control, configuration management and process change control. It hones in even more on
process and special process control. It strengthened internal audit requirements, which can lead to
a healthy continuous improvement activity if used correctly.

Some examples of the additions to AS9100 include:

4.2.4--References to ISO 10007 for configuration management.

4.4.2.2--Reliability, maintainability and safety (in design).

4.4.8.1--Documentation of design verification and validation.

4.4.8.2--Design verification and validation testing.

4.9.1.1--Production documentation.

4.9.1.2--Control of production process changes.

4.9.1.3--Control of production equipment, tools and numerical control programs.

4.10.6--First article inspection.

The creation of this document has also had other desirable effects. It has helped spawn the
creation of the International Aerospace Quality Group (IAQG), a worldwide association of
aerospace companies.

Beyond a quality system standard

The creation of IAQG led to other worldwide variation reduction projects. These include:

1. Common questionnaires for an audit on the 9100 series of standards.

2. Common or similar certification processes for the 9100 requirements by registrars.

3. Quality system standard for the repair and overhaul of aerospace products.
4. Quality system standard for distributors.
5. Common nonconformance documentation.

6. Common first article inspection process.

7. Common process approval requirements (similar to production part approval requirements, or
PPAP, in automotive).
These and many other projects are all aimed at getting the supply chain focused on the quality of
processes, reduction of variations, and increased reliability and safety of products.
The future
Since most of the recent work was based on ISO 9001:1994, another committee has been formed
within the IAQG to update the 9100 document to coincide with the ISO 9001:2000 revisions. The
expectation is that the new IAQG document will lag the release of the ISO 9001:2000 version by
about 12 months and will attempt to consolidate some of the 55 specific additions.
There are problems with the proposed year 2000 version of the ISO 9001 standard for the
aerospace industry. The consolidation of elements in the standard eliminated specific language
deemed beneficial in describing requirements. Areas such as quality planning, process control,
measuring and test equipment, and inspection have been changed enough that we have some work to
do to decide the best way to make the industry expectations clear. However, the revision's focus on
the product and continuous improvement is seen as a real benefit.
Looking way out into the future, I have to agree with R. Dan Reid of General Motors Corp.3 Many
sectors--automotive, telecommunications, medical devices and food services, in addition to
aerospace--are looking at their unique quality system requirements and want to standardize within
their industries. In a way, it's a real credit to ISO TC 176 that ISO 9001 is still seen as the
baseline from which to start.
Some discussions between the aerospace and automotive people indicate much common ground.
Both are labor intensive and process oriented manufacturing industries. We might consider looking
at our quality system requirements in terms of hardware manufacturers, designers, software and
commodities. We may not want sector specific standards but instead more process/commodity
specific standards that are focused around a common set of requirements, with elements added or
deleted to meet the needs of the customer.

Leveraging a Quality System To Establish an EMS

Similarities are many; differences are few

by Marilyn R. Block

Despite overwhelming similarities between ISO 14001, Environmental Management Systems-Specification With Guidance for Use and ISO 9001 based quality systems, the vast majority of
quality assurance managers are as unfamiliar with ISO 14001 today as when it was published in
1996.

The current ISO 9001 revision effort, with its focus on compatibility between the two standards,
exacerbates the misperception that implementing ISO 14001 within a quality registered company is
difficult at best. With publication of ISO 9001:2000 anticipated shortly, an overview of the
similarities between the two standards is warranted.

The 18 numbered elements contained in ISO 14001 are loosely organized to reflect planning,
implementation and evaluation activities. The greatest differences between ISO 14001 and ISO
9001 are found in the area of planning. Implementation and evaluation requirements are almost
identical.

Among the five environmental management system (EMS) planning elements, ISO 14001 requires
identification of environmental aspects and evaluation of their impacts. Simply stated, an aspect is
any element of an organization's activities that can interact with the environment.

Take paint as an example of an aspect. An environmental impact would be a change to the

environment that results from an aspect--for example, emission of volatile organic compounds into
the air, or land or groundwater contamination resulting from disposal of used paint containers in a
landfill.

Remarkable similarities

There is no comparable requirement in ISO 9001; however, once environmental aspects and impacts
are identified, remaining planning elements are remarkably similar. ISO 14001 requires development
of an environmental policy statement, just as ISO 9001 mandates a quality policy statement.

ISO 14001 also requires the articulation of environmental objectives and targets and establishment
of a formal program to achieve them. These activities are similar to the quality planning component
in ISO 9001.

Finally, ISO 14001 planning efforts require that an organization is knowledgeable about its
environmental legal obligations. ISO 9001:1994 does not directly address this issue; however, it is
indirectly addressed under process control, which does require compliance with reference
standards and codes.

QS-9000, the automotive derivative, is more explicit--the purchasing element refers clearly to
government, safety and environmental regulations. And ISO 9001:2000 contains a note in the
section on customer focus that stipulates the importance of regulatory and legal requirements.

Of the seven implementation elements in ISO 14001, five are virtually identical to quality standard
requirements. EMS requirements about structure and responsibility mirror quality requirements
dealing with definition of responsibility and authority of personnel, provision of resources and
designation of a management representative.

Training requirements

The EMS training element also reflects ISO 9001 training requirements. Both standards mandate
the identification of training needs, provision of training for specified personnel and determination
that personnel performing certain tasks are qualified to perform those tasks. ISO 14001 imposes
one additional requirement pertaining to general awareness training for workers in relevant
functions.

Both standards require system documentation, although ISO 14001 does not specify, as does ISO
9001, that such documentation be in the form of a manual. Both standards also require document
control procedures that ensure that procedures and other documents related to the requirements
of the standard are appropriately established, approved, reviewed, revised and current.

The EMS operational control requirement, which specifies procedures and work instructions for
tasks associated with significant environmental aspects, is virtually identical to the ISO 9001
process control requirement covering production, installation and servicing procedures.

ISO 14001 also stipulates that procedures related to the environmental aspects of goods and
services provided by suppliers and contractors must be established and communicated. The closest
requirement in ISO 9001:1994 is embedded in evaluation of subcontractors. Although ISO
9001:2000 replaces the words "evaluation of subcontractors" with "purchasing control," it retains
the same language about supplier ability to provide product in accordance with the organization's
requirements.

Communication and environmental preparedness

The two EMS elements for which no comparable requirements can be found in ISO 9001:1994 are
communication and emergency preparedness and response. ISO 9001:2000 contains two references
to communication. The requirement to ensure communication between various organizational levels
and functions reflects the ISO 14001 requirement for internal communication. And separately,
there is a requirement for customer communication that is similar to the ISO 14001 requirement
regarding communication with external interested parties.

With respect to the seven ISO 14001 requirements that contribute to evaluation of the system,
only one--evaluation of regulatory compliance--differs from quality system activities. All other
evaluation requirements are similar, if not identical, to ISO 9001 requirements.

ISO 14001 requires that all operations and activities that can have a significant environmental
impact are monitored and measured regularly. This is analogous to the quality process control
requirement to monitor process parameters and product characteristics.

ISO 14001 goes on to stipulate that monitoring equipment must be calibrated and maintained--a
requirement virtually identical to the ISO 9001 element about control of inspection, measuring and
test equipment.

Internal system audits are mandated by both ISO 14001 and ISO 9001, and both standards
address corrective and preventive action in response to identified system nonconformances.

Difference in preventive action

A notable difference between the two standards concerns the approach to preventive action. In a
quality system, preventive action refers to activities designed to avoid a nonconformance. In an
EMS, preventive action pertains to activities intended to keep a nonconformance from happening
again.

Both standards impose the same requirements on the identification, maintenance and disposition of
records. Finally, both standards require that senior management review the system on a regular
basis.

An element-by-element comparison of ISO 14001 and ISO 9001 reveals that only five issues that
must be addressed by an EMS are not required by a quality system:

1. Identification of legal requirements.

2. Evaluation of regulatory compliance.

3. Emergency preparedness and response.

4. Communication.

5. Environmental aspects.

Interestingly, four of these five issues are addressed within companies anyway, although this
usually occurs outside the boundaries of the quality system.

The environmental function typically identifies an organization's legal requirements and takes
appropriate steps to determine whether the organization is in compliance. If these activities are
not already captured in documented procedures, it is a relatively straightforward process to
formalize established practices.

Safety function

Similarly, the safety function typically identifies the potential for accidents and emergency
situations and develops response plans that can serve as the foundation for fulfilling the EMS
requirement. Existing response plans often require little more than some expansion to ensure that
potential environmental incidents are identified and reflected in emergency procedures.

Although communication plans are rarely captured in the form of documented procedures, all
companies maintain internal and external communication practices with a variety of individuals,
functions and groups. Therefore, the creation of procedures for purposes of fulfilling the ISO
14001 communication requirement tends to be relatively straightforward.

It is probably fair to state that the only truly new activities imposed by ISO 14001 revolve around
the need to identify the environmental aspects and impacts associated with a company's operations
and activities and the goods and services provided by suppliers and contractors.

Contrary to the implication fostered by the revision effort of ISO Technical Committee 176--that
ISO 14001 and ISO 9001 are incompatible--it should be apparent that the two standards are
remarkably alike in many areas.

Growth of ISO 14000 implementation

As increasing numbers of companies implement ISO 14001, either as the result of a voluntary senior
management decision or at the behest of a customer, organizations already registered to a quality

management system will enjoy a distinct advantage because existing quality procedures can be used
with only minor modification to fulfill EMS requirements.
Procedures such as identification of training needs, document control, internal audits, records and
management review are as applicable to an EMS as they are to the quality system for which they
were created.
The ability to use quality procedures has significant resource implications. An entire EMS can be
designed and implemented in approximately half the time in a company registered to a quality
management system as is needed in companies that do not have quality systems in place. Moreover,
the number of common requirements simplifies the task of ensuring employee awareness and
understanding of the EMS.
There are many issues that must be addressed in making the decision to implement an EMS.
However, compatibility with an existing quality system is not one of them.

TL 9000An Update On the Metrics Process

Validation of training, registration and metrics completed

by Sandford Liebesman

A great deal has happened since Gene Hutchison and I described the launching of the
telecommunications industry quality initiative, TL 9000, in the December 1998 issue of Quality
Progress.1

TL 9000 is a sector specific derivative of the ISO 9000 quality management standard. It was
developed and is managed by the Quality Excellence for Suppliers of Telecommunications (QuEST)
Forum, which represents both service providers and suppliers. The QuEST Forum Web site is at
www.questforum.org.

Recent progress includes the following:

* The requirements handbook2 and the metrics handbook3 were published.

* Sanctioned training courses were developed by the two authorized trainers, STAT-A-MATRIX
and Excel Partnership Inc.

* An accreditation/registration process was developed with the help of the Registrar

Accreditation Board, the Standards Council of Canada and 12 registrars.

* A metrics gathering process was developed and tested to ensure feasibility.

* A pilot project was completed to validate the training, registration and metrics processes. Eleven
companies completed the registration process and received 16 certificates.

The metrics process

The unique difference between TL 9000 and current ISO 9001 practice is TL 9000's use of
metrics in continuous quality improvement. These metrics are used to determine the quality level of
products and services. Examples are circuit pack return rate, number of problem reports and
software update quality.

Extending ISO 9001 in this direction is expected to result in an industry drive to improve overall
quality. Certainly, when suppliers know where their products stand relative to those of their
competitors, and their customers know the quality level of best in class, there will be a drive by all
to improve.

The metrics implementation process

The supplier gathers the data on a monthly basis and sends three months of data to the University
of Texas at Dallas (UTD) for inclusion in the industry database. A double blind system ensures that
the data are secure and not available to competitors and other unauthorized persons.

UTD was selected because of its longstanding role in telecommunications engineering education.
It's expected that UTD will also provide insight into benchmarking industry quality problems and
identifying quality trends and solutions to problems.

The process works as follows:

* When a supplier has gathered the data, a notification is sent to QuEST Forum's administrator,
ASQ, which provides encryption keys back to the supplier to be used in sending the data to the
industry database.

* The supplier encrypts the data and sends them to the data repository at UTD. Personnel transfer
the data from the receiving server into the industry database. At least three individuals must be
present during the transfer to ensure security of the data.

UTD has complied with BS 7799,4 the information security management requirements document
developed by the British Standards Institute (BSI). UTD is the first U.S. organization to be
certified to this document by BSI.

The statistics published by UTD will identify the mean (or median) standard deviation (or range)
and best in class for each product category that has at least five inputs. The data will be published
on the QuEST Forum Web site at www.questforum.org.

Approved metrics

Eleven metrics in four categories have been approved. The categories and metrics are as follows:

1. Hardware, software and services: five metrics including number of problem reports, problem
report fix response time, overdue fix responsiveness, system outage measurement and on time
delivery.

2. Hardware only: return rates.

3. Software only: four metrics including quality of emergency fixes between software releases
(corrective patches), quality of emergency feature improvements (feature patches), quality of
software updates and failures of scheduled new software releases (aborts).

4. Services only: service quality.

A major issue during the development of these metrics was the identification of normalization
factors, which allow comparison of similar products with different characteristics. For example, for
switching systems, the normalization factor for return rate is "returns per 10,000 terminations per
year." Returns are units that are removed and returned for repair or disposition or components that
are removed and replaced. Thus products with a large number of circuits attached per circuit pack
are measured fairly against those with fewer circuits attached.

Another issue was a result of a requirement from some service providers that the suppliers send
them reliability and quality measurements for telecommunications systems (RQMS) metrics as
defined in the Telcordia Technologies document GR-929-CORE.5 In these cases the supplier may
provide the RQMS metrics in place of the TL 9000 metrics.

Other metrics and indicators are under consideration but have not been approved. Indicators are a
separate category of measures that are used to flag potential cost, schedule, productivity and
quality issues, but are not reportable to UTD.6

The service providers have an important role with respect to certain metrics. They must provide
data necessary to calculate them. If the data are not forthcoming, the supplier is excused from
providing the associated metric. For example, service providers must report problems and
normalizing information to suppliers so that suppliers can calculate the number of problem reports
by product category and severity.

The registrar has an important role in assuring compliance to the metrics requirements. "This
includes assuring data validity and integrity, verifying [that] the benchmark metrics have been
reported within the required time frame and [assuring] that any metric-specific nonconformance is
resolved in a timely manner."7

In addition, because of the requirement that "objectives for quality shall include targets for the
TL 9000 metrics defined in the TL 9000 Quality System Metrics handbook,"8 the registrar has a
role in assuring this use of the metrics. Finally, the registrar must assure that the supplier collects
and analyzes customer satisfaction, field performance and service performance data, some of which
are metrics data.9

Product and service categories

The following are the product and service categories defined for the metrics implementation:

* Switching--broadly defined to include packet or circuit switched architectures.

* Signaling--five basic categories of signals including supervisory, information, address, control and
alerting.

* Transmission--connects the customer to the central office, providing access to the interoffice
network.

* Operations and maintenance--management, upkeep, diagnosis and repair equipment.

* Common systems--shared equipment to support network elements.

* Customer premises--equipment installed beyond the network demarcation point.

* Services--includes installation, engineering, maintenance, repair, call center and other support
services.

* Supply chain--includes components, contract manufacturers and original equipment manufacturer

suppliers.

Pilot program

One QuEST Forum initiative was the creation of a pilot program to validate TL 9000 and its
associated activities. The goals of the program were to provide feedback on the bottom-line value
of the 83 TL 9000 requirements that are not in ISO 9001, the processes that form the metrics
reporting system, the processes used to manage the registrar accreditation and supplier
assessment/certification system, and the sanctioned training courses.

Feedback was accomplished through weekly conference calls, monthly meetings, documented
lessons learned, case studies and commonly asked questions. The conference call minutes and
commonly asked questions were posted on the members only section of the Quest Forum Web site.

Sixteen organizations from 11 companies participated in the program in four categories:

* Hardware, software and services: Fujitsu Network Communications, Lucent Technologies (Illinois,
the Netherlands and Poland), Marconi Communications (Access) and Nortel Networks.
* Hardware only: ADTRAN, Marconi Communications (Power), NEC America, Nortel Networks,
Pirelli Cables and Systems LLC, Siecor (North Carolina), Siecor (Texas) and Tellabs (Texas).

* Software only: Motorola, Nortel Networks and SBC (California).

* Services only: Nortel Networks.
Each pilot organization had to train its auditors and implementers, perform a gap analysis, develop
processes for collection of the metrics and submit the metrics data to UTD. The organizations that
completed the process and were certified were not allowed to advertise the fact until the end of
January 2000. They were honored at the January 2000 Forum meeting in Dallas.
Future activities
The QuEST Forum authorized the following ongoing activities:
* The requirements are being aligned with ISO 9001:2000.
* The metrics are being reviewed for possible changes and additions.
* The Business Excellence Acceleration Model is being developed to provide industry guidelines for
continuous improvement through linkages to awards criteria such as the Malcolm Baldrige National
Quality Award.

ISO 9000:2000 Revision Process Reaches Final Draft Stage

Last stage before final approval

by John E. "Jack" West

The revision process for the ISO 9000 family is right on schedule, having reached the Final Draft
International Standard (FDIS) stage. The FDIS is now out for the final ballot--the last stage prior
to final approval.

The Draft International Standards (DIS) of ISO 9000:2000, ISO 9001:2000 and ISO 9004:2000
were submitted for international ballot from November 1999 to May 2000. All documents easily
received positive votes to be elevated to the FDIS stage. However, more than 4,000 comments
were received. These comments were sorted, and items critical to achieving full consensus on the
documents were defined.

A meeting was held in Cairo, Egypt, to determine the key issues on ISO/DIS 9001:2000 and
ISO/DIS 9004:2000 and delineate key issues on definitions in ISO/DIS 9000:2000.

A meeting in London followed to deal with needed improvements to DIS 9004:2000. Operating by
e-mail, task groups worked out possible minor changes to text and definitions. With all of this
preparatory work, the stage was set for finalizing consensus.

During intense early summer meetings in Kyoto, Japan, each critical item was resolved, and each
comment received was considered. The process for resolving the issues proved to be a model of
openness and transparency.

This work is a part of the process to update the ISO 9000 standards to create a modern family of
fully consistent quality management system standards. The key standards involved are the
following:

* ISO 9000:2000, Quality management systems--Fundamentals and vocabulary is a normative

reference in both ISO 9001 and ISO 9004 and describes the basic fundamentals of quality
management and quality management systems. The vocabulary of quality management systems is also
included. Where terms are used in ISO 9001 and defined in ISO 9000, the required definition is
that given in ISO 9000.

* ISO 9001:2000, Quality management systems--Requirements is the standard used to

demonstrate conformity with a minimum quality management system. It is appropriate for
certification or registration of a quality management system.

* ISO 9004: 2000, Quality management systems--Guidelines for performance improvement is

intended as guidance for developing a quality management system focused on improving
performance. It is fully compatible and can easily be used with ISO 9001:2000. It is not intended
for and should never be used for certification purposes.

During preparation of the FDIS for ISO 9001:2000, a number of minor changes were made to
improve clarity and intent, ensure applicability to service and software organizations, clarify
definitions and improve auditability. Significant improvements were also made to ISO 9004:2000.

FDIS 9001:2000

The technical changes to ISO/DIS 9001 were very minor overall. On the other hand, they satisfied
U.S. objections that led to the initial vote of disapproval. Members of the U.S. Technical Advisory
Group (TAG) to Technical Committee (TC) 176 had raised several major and minor concerns related
to ISO/DIS 9001 that the TAG as a whole agreed needed to be addressed. The six major issues
involved the following areas of the DIS:

* The definition of "work environment" in DIS 9000 was very broad, and usage in DIS 9001 (clause
6.4) was not clear. Both issues were corrected.

* The clause of DIS 9001 on internal audit (subclause 8.2.2) had two problems. First, it recognized
only auditing for conformity to ISO 9001 and did not address auditing of the organization's internal
arrangements for meeting 9001. Second, the DIS requirements regarding auditor independence
were unclear. Both issues were resolved.

* The clause on control of nonconformity (clause 8.3) was confusing. In fact, when taken literally, it
would not have permitted decisions to use nonconforming items as is or scrap them. The clause was
rewritten.

* The DIS also lacked adequate clarity as to when documents and records are required. In
preparing the FDIS, use of the terms "document" and "record" was clarified throughout the clause
structure. While the FDIS requirements are much clearer, the simplified documentation
requirements of the DIS were retained.

Every U.S. concern--major and minor--was addressed in Kyoto, and all significant issues were
resolved to the satisfaction of the U.S. delegates participating in task groups that drafted the
FDIS documents.

Most of the key requirements were retained as described in earlier issues of Quality Progress. A
few of the other minor changes made in creating FDIS 9001:2000 were:

* The clause relating to "Permissible exclusions" was clarified and renamed "Application."

* The location of text on control of documents and records was made more logical by moving it
from clause 5 on management responsibility to clause 4, which covers the general documentation
requirements.

* Determination of customer "needs and expectations" was changed to determination of customer

"requirements" to align with the scope of ISO 9001.

* The requirement for measuring customer satisfaction was retained and clarified to mean
measuring the customers' opinions of how well requirements have been met. This should be much
easier to interpret than the DIS wording that required measurement of customer satisfaction
and/or dissatisfaction.

* The confusing usage of "and/or" was eliminated so the DIS words "customer satisfaction and/or
dissatisfaction" and "design and/or development" are now "customer satisfaction" and "design and
development." This eliminates the translation difficulties associated with the term "and/or" and
clarifies intent.

The concept of continual improvement was retained and clarified to retain a strong emphasis on
improvement including the continual improvement of the quality management system. Such activities
as top management commitment to ongoing improvement, setting of measurable objectives,
corrective and preventive actions, and a strong emphasis on management review were all retained.

FDIS 9000:2000

Perhaps the most significant step forward made in the evolution from DIS to FDIS has been the
improvements in the definitions of terms contained in ISO 9000. Those who studied the DISs
carefully know that a number of terms had gaps between the definitions in ISO/DIS 9000 and the
word usage in ISO/DIS 9001 and ISO/DIS 9004. These incompatibilities have largely been
resolved.

FDIS 9004:2000

The 1994 ISO 9000 family also includes ISO 9004: Quality Management and Quality System
Elements--Guidelines, which was intended as a full set of quality management system elements that
could be used by any organization to develop a quality management system.

Use of the 1994 version of ISO 9004 could result in an organization developing a fully effective
quality system focused not only on conformity of the product but also on improving the overall
operations of the organization and its ability to meet customer needs.

Unfortunately, ISO 9004:1994 was developed independently from ISO 9001/2/3:1994. In fact, it
was the responsibility of a different working group within the committee that developed the
standards. For this reason, the form, format and even approach taken by the 1994 version of ISO
9004 were quite different from those taken by ISO 9001/2/3:1994. The documents were not fully
aligned so that they could be easily read and used together.

This lack of consistency between ISO 9001 and ISO 9004 was corrected with early drafts of ISO
9004:2000. On the other hand, early drafts of ISO 9004:2000 were criticized as being too
"immature" to use for performance improvement.

While the United States and others did not vote negatively on DIS 9004:2000, it was recognized
that even at the DIS stage the document lacked the maturity needed for an international standard
relating to performance improvement.

This situation is largely resolved with the FDIS. It still retains the alignment with ISO 9001:2000
but has been significantly expanded to provide additional examples of practices that organizations
may wish to consider when pursuing performance improvement.

Final approval

At the closing plenary meetings in Kyoto, formal votes were taken on whether to elevate these
three documents to the FDIS stage. The votes were overwhelmingly in favor with unanimous
approval for ISO 9000, with only Japan voting negatively on ISO 9001 and only France voting
negatively on ISO 9004.

This step sent the documents to an editing process and the final up or down vote to elevate the
documents to international standards. We are now in the middle of that final voting period. If the
vote is positive--and all indications are that it will be--there will be new standards in December.

The FDIS is now available for purchase from ASQ Quality Press.

JOHN E. "JACK" WEST is a professional management consultant in the areas of productivity and
quality after being with Tenneco Inc. for 30 years. He served on the Board of Examiners for the
Malcolm Baldrige National Quality Award and is now the chair of the U.S. TAG to ISO TC 176 and
lead delegate for the United States to the International Standards Organization, known as ISO,
committee responsible for the ISO 9000 family of quality management standards. He is co-author
of ISO 9001:2000 Explained, published by ASQ Quality Press.

Standards Q&A

Q. We just received our certification to ISO 9001 and want to celebrate and promote our success
in becoming registered. We don't want to misrepresent our certification. What promotional
methods and language are appropriate?

A. There are some simple things to remember: don't be misleading, be specific, obtain permission if
you use a registrar's name or logo, don't claim ISO 9000 certification for a product and don't use
the ISO logo! Here are a few pointers:

* It is quite easy to be unintentionally misleading in your claims. For example, if the ABC
manufacturing company has two plants, with one plant registered to ISO 9002 and the other not
registered, it would be misleading for the registered plant to claim, "ABC is registered to ISO
9002." The stated claim in this case should be clearly restricted to the registered plant.

* Be very specific as to the standard you are using. For example, if you claim to be "registered to
ISO 9000 by XYZ registrars," you are not providing potential customers with complete information.
Quality management systems are usually registered to ISO 9001, ISO 9002 or ISO 9003. Each of
these has a different scope. You should be specific in stating which of the three you mean.
Remember, too, that the selection of the proper standard to use for registration is a matter of
quality management system scope, and you should not imply that registration to one of the
standards is better than registration to another.
* Don't claim to be "ISO certified" or "ISO registered." ISO does not certify or register quality
management systems. It is appropriate, however, to claim that your quality management system is
registered or certified.
* ISO does not permit use of its logo in promoting registration. This is quite appropriate since ISO
itself does not perform certification or registration. Often certification bodies or registrars will
permit use of their names or logos in such promotional materials. You should contact your registrar
for permission and specific guidance.
* Remember that registration to ISO 9001, 9002 or 9003 relates to the quality management
system. It does not imply certification of a specific product. Promotional material should never be
written or used in a way that could be interpreted as a claim that a product is certified to any of
these standards.

All About Auditing

ISO 9000:2000 will create challenges, require new competencies

by J.P. Russell

Auditors are a coalition of men and women who verify that people are doing what they promised or
planned to do. They supply a service for the third-party conformity assessment process, for
evaluating supplier partners and for an organization's quality management system.

Auditors are an independent lot, yet they must conform to a variety of rules, standards and
procedures and to a code of conduct. Few other professionals have to adhere to as many rules and
requirements to remain qualified to work each year as do U.S. Registration Accreditation Board
(RAB) certified auditors.

Independence

As an auditor, I worry about maintaining independence and remaining open minded. I am pleased to
report that I am not writing this column to promote the agenda of any organization, nor am I
limited because of any allegiances. The comments that follow are my independent views--based on
experience, research and comments from others.

While I am a member of many organizations, I have none of the obligations associated with being
CEO, president, board member or official spokesperson. I am also not a spokesperson for Quality
Progress magazine or ASQ. My agenda is writing what I think is best for all auditors and customers
of the audit process.

The new system audit standard

Third-party environmental and quality system auditors will be interested in the new (still in
development) system audit standard. Called ISO 19011, it will replace the ANSI/ISO/ASQ Q10011
guidelines for auditing quality systems and the ISO 14010, 14011 and 14012 guidelines for
environmental auditing.

The good news is that the environmental and quality folks combined their knowledge to come up
with what many say is an excellent, mature auditing standard. It is also good that there will be one
less standard to contend with. The new standard is still evolving, and it may be several months
before it is ready to be published in its final form.

To some, this combined standard is a win-win one, while others think it is a win-lose--a win for the
third party compliance assessment process and a loss for quality auditing and system effectiveness
improvement.

The complication is that the focus of a quality system is to provide a product or service that will
achieve customer satisfaction, while the focus of an environmental system is to achieve compliance
to statutory and regulatory requirements.

The environmental auditors may worry about liability if they assess for effectiveness, while quality
auditors may worry that they cannot provide a value added service unless they assess for
effectiveness. Mix in the different agendas for first-, second- and third-party auditing, and you
have potential fireworks. So far, however, what I have seen is a usable document for both quality
and environmental system compliance audits.

This still leaves some auditors and organizations with a potential predicament. When the new ISO
9000 series standards are published, there will be no defined term "quality audit." The words have
been deleted from the vocabulary of the ISO 9000:2000 Draft International Standard and the
proposed ISO 19011 Committee Draft 1 (ISO/CD 1) of the guidelines on quality and environmental
auditing.

The new auditing standard simply defines the word "audit" to include auditing for all types of
standards whether quality, environmental or other. This underscores the point that many audit
methods are common no matter what type of system or market sector is being audited. The only
differences are in some auditing techniques, objectives and performance standards.

There are emerging interests in process auditing. No body of knowledge or auditing standards exist
to provide adequate guidance for process or product audits. ISO/CD 1 19011 falls short of meeting
process and product audit needs, and there is no existing American National Standards Group/ASQ
standard to provide guidance. There has been some talk at ASQ Audit Division meetings that there
is a need to develop a process audit standard. By the time this column is published the idea will be
moving forward or tabled depending on division member interest.

One of the good things about the ASQ Audit Division is that every dues-paying member has a right
to be heard. Simply attend one of the three yearly business meetings or contact a regional councilor
or division officer. For additional information about the division meetings, call ASQ customer
service at 800-248-1946 or 414-272-8575.

Internal auditing

There are also significant changes pending for the internal audit clause of the proposed ISO
9001:2000 standard. The title of the ISO 9001 clause was changed from Internal Quality Audits to
Internal Audits to eliminate the word quality.

At first this seemed odd to me since it is a quality management standard, but since there will be no
quality audit term definition, it is consistent. The existing 1994 ANSI/ISO/ASQ Q9001 standard
states that audits shall "verify whether quality activities and related results comply with planned
arrangements and to determine the effectiveness of the quality system." The new proposed
ISO/DIS 9001 standard requires that audits "determine whether the quality management system
conforms to requirements of this international standard and has been effectively implemented and
maintained."

It states very clearly in the proposed standard that internal organizational auditors are to audit
against the international standard and determine if it has been properly deployed and maintained.
Critics would say that internal auditors should also determine whether the quality management
system conforms to internal procedure requirements and whether the resulting system is effective.

While some say the preceding is simply a duel over wording, others believe significant changes are
being made. Are we losing the up-side potential of quality audits to contribute to business

improvement, or are we simply refocusing auditing to where it needs to be? Personally I think we
need to continually find ways to utilize internal auditing resources for the benefit of
organizations--and any initiative that does not promote optimum use of resources is not in the best
interest of the organization.

Auditor certification

As most of you know, ASQ offers a Certified Quality Auditor (CQA) program. You take a 4-hour
exam and meet the requirements to become an ASQ CQA. This program is similar to programs like
Certified Public Accountant or Professional Engineer. It is well-designed, professionally maintained
and highly respected.

The news here is that there will be new supplemental options for auditors as ASQ creates add-on
exams. Soon, CQAs will be able to qualify as HACCP (Hazard Analysis Critical Control Point)
auditors. Next, ASQ is considering an add-on exam for the biomedical industry. The add-on exams
will be about two-thirds the size of the existing CQA exam, and to qualify, one must first pass the
CQA exam.

RAB launched an internal quality management system (QMS) auditor certification program last
spring. The program allows internal auditors (company auditors doing internal audits) to be certified
by the RAB after providing verifiable evidence of education, a QMS auditor training course, work
experience in quality assurance activities, personal character attributes and QMS audit experience
gained within the last five years.

The United Kingdom's International Register of Certificated Auditors (IRCA) has had a worldwide
internal auditor certification program since 1992, with about 380 internal auditors currently
registered by the IRCA organization. Anyone interested in the new internal RAB QMS auditor
certification should visit www.rabnet.com for details.

Auditing against

Some of the biggest news for auditors comes with the new ISO 9001:2000 standard. The new
QMS standard is designed to be more flexible and user friendly. It has fewer mandated system
requirements and emphasizes the importance of achieving customer satisfaction.

This is wonderful news for the organizations registered to the standard, and I think it is in the
best interest of ongoing improvement. However, there are a lot fewer prescriptive requirements--in
other words, there are fewer easy-to-audit requirements.

The new standard has more results oriented and conceptual requirements. Some auditors have
described these requirements as not auditable. For example, an easy-to-audit requirement might
say, "The company shall have a written procedure for doing the best it can at all times." In this
example, the auditor can determine if the organization has a written procedure and if it is being
followed.

An example of a requirement that may be identified as not auditable is, "The company shall do the
best it can at all times." In this example, collecting objective evidence to determine conformance or
nonconformance to the requirement is more difficult.
Since the new ISO 9001 standard contains many of these not-so-easy-to-audit requirements, an
agreement was reached that requires auditors to demonstrate new competencies including
knowledge and understanding of the requirements of the new ISO 9001:2000 standard, the
concepts and terms in new ISO 9000:2000 standard, and the eight quality management principles.
The agreement does not tell auditors how this will be done, but a training program coupled with
observations of auditor work may satisfy the requirement.
The conformity assessment process (system of accreditation, registration and auditing of
organizations) will be challenged over the next several years to make the necessary changes for the
new ISO 9001:2000 standard style. Critics question the issuance of standards with requirements
that cannot be checked (audited), saying it's similar to legislators issuing a new law that cannot be
enforced. On the other hand, why should the standard writers be constrained by the existing
conformity assessment system?

Quality Health Care--A Path Forward

ASQ Division, AIAG and accreditation bodies develop guidance document based on ISO 9004

by R. Dan Reid

If all goes according to plan, sometime in the next two months a new guidance document based on
ISO 9004:2000 will be released for health care organizations' use in implementing or improving
their quality systems.

This document is the result of intensified efforts this year by the ASQ Health Care Division, more
than 2,000 health care practitioners and the Automotive Industry Action Group (AIAG), including
GM, Ford, DaimlerChrysler and the United Auto Workers, with the help of U.S. health care
accreditation bodies.

What is not clear at the time of this writing is when or whether the guidance document will be
released as an International Organization for Standardization, known as ISO, document.

Why the automobile industry cares

There are a couple of reasons the automobile industry is working on a health care initiative. In
1997, a senior GM executive asked if ISO 9000 could be applied to health care to improve quality
and lower costs as had been accomplished for the automotive production supply chain through QS9000. In automotive supplier surveys, it has been documented that QS-9000 provides up to a 3:1
return for all (internal and external) compliance related costs and a nearly 17:1 return for out-ofpocket certification costs.1

In the most recent survey, the suppliers, who averaged $130 million in annual sales, reported
average savings of 6% of sales or about $8 million as a result of QS-9000. In addition to
improvements in cost and quality, suppliers also reported improved processes and delivery, better
understanding of jobs and tasks, and improved morale.

Readers should be aware that health care cost is the largest purchased component of a vehicle.
Health care costs the domestic automotive industry billions per year. Even a 1% reduction in cost
would save millions annually.

Several groups met with President Clinton last December to discuss plans to improve patient safety
in the United States through medical error reduction. The discussions stemmed from an Institute
of Medicine report that estimated that as many as 98,000 people die annually in the United States
from preventable medical errors in hospitals. This is reported to be more than those who die from
causes such as car accidents, AIDS, workplace injuries or breast cancer.2 On average, this number
equates to more than one life each day among those GM alone covers with health insurance.

The latest research shows that almost every tenth patient suffers from preventable harm and
adverse effects related to his or her care and that variation among health care providers is big and
cannot be explained by patient characteristics.3

Isn't health care accreditation enough?

In the United States, health care organizations are accustomed to accreditation. But considering
the number of errors and variation in health care, the basic principles of process management are
still a challenge.4 In the June issue of Quality Progress, Paul Schyve, M.D., of the Joint Commission
for Accreditation of Healthcare Organizations (JCAHO) wrote, "Quality approaches initially
developed for other industries hold promise for improving the performance of health care
organizations."5 ISO 9000 was specifically mentioned.

Crosswalks between ISO 9001 and the existing health care accreditation criteria, for example,
JCAHO, the National Committee for Quality Assurance and URAC (formerly known as the American
Accreditation Healthcare Commission) have revealed significant gaps in the health care criteria
when compared to the ISO 9001 elements.

Areas with gaps include document control, purchased product control, control of inspection,
measuring and test equipment, inspection and test status, and internal auditing. One area cited as
poorly managed is the accuracy of medical technology, particularly the calibration of equipment and
devices.6

Adding ISO 9001 to the equation

ISO 9001 defines the generic minimum requirements for a fundamental quality system. The ISO
9000 series is written to apply to all types of companies, but the upcoming revision will improve its
applicability to service sectors, such as health care.

The model now being offered by the joint ASQ Healthcare Division and AIAG group is that ISO
9004:2000 should be used to define the fundamentals of the quality system and should support the
use of the existing relevant health care sector documents, such as accreditation criteria and
regulatory requirements.

There is concern that some health care organizations opting for ISO 9000 certification are using
it as a substitute for accreditation. But both ISO 9000 and accreditation are needed to address
the specific quality management needs of health care organizations (see Figure 1). In fact, the
Malcolm Baldrige Quality Award and similar criteria can also be added to the fundamentals in
defining a world-class health care quality system.

Use of ISO 9000 in health care is on the rise globally. There are now more than 300 ISO 9000
certifications worldwide that we know of. A recent study by John Sweeney and Catherine Heaton
revealed at least seven different documents created by national bodies as guidelines for the
interpretation of ISO 9001 and ISO 9002 for health care. The countries involved are Australia,
Ireland, Israel, New Zealand, Switzerland, the United Kingdom and the United States. In addition,
five countries have made use of ISO 9002 interpretations but have not generated guidelines.7

The documents discussed above do not include the potential myriad documents generated by
consultants or certification bodies for use by their health care clients. Further compounding the
problem is that these interpretations provide conflicting information. Some would have only minor
impact on the overall quality management system, but Sweeney and Heaton say others "would
completely alter the perception of the system" and point to several examples of significant
discrepancies in the areas of design control, servicing, and the definitions of "supplier" and
"product."8

The problem with the existing ISO 9000 documents

A review of several of the health care guidelines such as CEN/TC 251 Health Informatics, which is
being developed, and NCCLS GP-26A-A Quality System Model for Healthcare: Approved Guideline
(10/99)9 shows that none define the term "product."

An organization's product is integral to ISO 9000. The Draft International Standard (DIS) ISO
9001:2000 specifies quality system requirements where an organization needs to demonstrate its
ability to consistently provide product that meets customer and applicable regulatory requirements
and creates customer satisfaction.10

This use of the word "product" has been a stumbling block for most service sectors who believe
that they do not provide product. The DIS ISO 9000:2000 defines product as the "result of a
process" and identifies four generic product categories in a note: services, software, hardware and
processed materials. Thus, it is clear that services are, in fact, addressed in the ISO 9000 family
of documents. Further, health care clearly involves processes and the use of the term "process."

Design control is another element of major conflict in the existing manuals. Tor Janson and Roland
Jonsson of SWEDAC are quoted in ISO 9000+14000 News as saying, "The particular version of the
standard that is most applicable to a health or dental clinic is ISO 9002, or ISO 9001 for those
that perform research and development."11

Others also believe that only those organizations that develop health care protocols and the like
would use ISO 9001. This again reflects a misunderstanding of the term "product."

In the new document to be released (as of this writing), the ISO 9000 definition of product has
been retained, but for health care it has been further refined as "typically the planning, design and
delivery of patient care, service, training or other, for example, research, radiograph..."12 If you
consider this definition, it is clear that the primary product of the health care provider is the care
plan.13 The provider must diagnose the patient's problem and design and implement the care plan.

To say health care providers are not design responsible is analogous to saying chefs are not design
responsible for the meal because they did not design the ingredients they chose to use or that an
airline is not design responsible for flight service because it did not design the aircraft.

To make sense of the ISO 9001 standard, it is critical to identify the organization's product. Then
you can identify the customer and components of the process, such as the inputs and outputs.
Identification of the product is also important when seeking third-party certification of the
system, as it will be used to define the scope of registration.

True, health care providers do not typically design the protocols used, but they design the product
(health care) that they deliver and are compensated for. A scope of registration should accurately
define what specific product or service is provided by the organization.

The issue of design control is often further confused with the issue of subcontracted design
services. ISO 9001 has been used for two-party (customer and supplier) contractual situations. In
this context, one party has to be ultimately design responsible for the product supplied in the
transaction.

If the customer is not design responsible, then the supplier must be. If the supplier chooses to
subcontract the design, it must still be responsible for the design to the customer. If, on the other
hand, the customer selects a third-party design provider as a condition of the transaction, the
provider is then design responsible in the contract.

This understanding can be particularly helpful in health care where physicians are typically not
employees of the hospital in which they practice and where health care is provided to a given
patient across a number of providers. This continuum of care can be understood within the ISO
9001 model when you understand the product that each provider offers across the continuum.

For example, a patient goes to the doctor with various complaints. The doctor provides a diagnosis,
designs and implements a care plan for that patient and is compensated for that service.

The plan, however, may call for X-rays and referrals to various other specialists or to
rehabilitation or home care services. Each of these provides a service to the patient and is
compensated for that service. Thus, each one provides a unique product to the customer (patient).

This is a critical issue that goes well beyond the quality management system--that is, typically no
one practitioner is ultimately responsible for the coordination of the health care services across
the continuum of care by a number of providers. With no one ultimately in charge of the quality of
the total care across providers, there can be problems--for example, prescriptions issued by
different providers can have adverse effects when used in combination for the same patient.

Purchased product

Practitioners have also identified another common problem in health care. Hospitals often run
short of supplies during off shifts such as weekends. The method of obtaining replacement supplies
is not well understood in the organizations.

An effective method of inventory management, the pull system, was identified in other industries
such as retail and automotive years ago. Pull involves replenishment of stock based on consumption.
In the automotive industry, pull is an enabler of lean manufacturing, which has proved to be much
more effective and efficient than the traditional mass production inventory management method.
The latter is called push and involves replenishment of stock based on forecast. Pull has been
incorporated into the new health care guidance document as a recommendation.

An opportunity to harmonize

In the new health care guidance document, additions to ISO 9004:2000 have purposely been kept
to a minimum to promote its use. Most of the additions provide information on ISO's common
definitions and health care examples for the ISO 9004:2000 generic text. Examples of additional
content to drive improvements are error proofing, control of measuring and monitoring devices
(supplemental to ISO 9004), business planning and managing patient care processes.

The guidance document has been offered to ISO as a baseline document to encourage the
harmonization of the conflicts in the existing ISO based health care documents. It has been
written at the most fundamental level for quality systems in order to complement, rather than
replace, existing health care sector documents that assume the fundamentals and press on with
technical content.

Earlier this year the European Accreditation Cooperative announced it was launching a new group to
do the same thing. Discussions are now underway to see if these United States and European
efforts can be combined.

In August, the ISO Technical Management Board (TMB) approved a proposal to develop an ISO
Industry Technical Agreement (ITA) document using the ASQ/AIAG guidance document as the
base. The member bodies voting for were from France, Germany, Malaysia, Japan, Australia,
Canada, Sweden and Switzerland. The United Kingdom and United States voted against and
Colombia and South Africa did not vote.
A delay was experienced when the United States, represented by ANSI, requested that the issue
be further discussed at the next TMB meeting at the end of September. At the September
meeting, the TMB approved the ITA proposal but requested a delay in the writing workshop until
the first quarter of 2001. The guidance document proposers were still developing their response to
this delay at press time.
ITAs were introduced by ISO as a means for a fast track release of a document. An ITA
represents consensus of a work group and does not require consensus of an ISO technical
committee. In fact, there can be competing ITAs on the same subject in the ISO design. If ANSI
prevails, the document will likely be published by AIAG and others.
As in sports, you don't win the game without being sound in the fundamentals. We all have a vested
interest in the health care sector getting good at the fundamentals of its game. This subject has
already been the topic of a lot of interesting discussion. We who develop standards and standards
related documents value your feedback. If you would like to help, discuss this initiative with your
own health care providers and with your company's health care benefits representative. Together
we can make a difference.

Auditors and Auditing

Revisions improve on the ISO 9001 standard

by J.P. Russell

This month's column is about auditors, who are an integral part of the deployment, maintenance and
improvement of the rules we work by. Auditors collect, evaluate, and determine the extent to which
organizations are doing what they are supposed to be doing. The what they are "supposed to be
doing" may be determined by regulations, laws, industry standards, national and international
standards, internal procedures or organizational objectives.

Auditing is a service that can be purchased from an external auditing organization or provided by
an internal department or ad hoc group. Management expectations of the auditing function span
from "it is a necessary evil" to "it is an integral part of continual improvement."

Internal system auditing

The requirements in the new ISO/Final Draft International Standard 9001:2000 clause on auditing
are very similar to the existing requirements in clause 4.17 of ISO 9001:1994, but I think the new
wording is an improvement over prior versions. We even got rid of the wording that personnel must
be "independent" of those having direct responsibility and replaced it with the idea that the output
goal is for organizations to ensure objective and impartial audits.

The ISO 9001:1994 requirement for internal quality audits to determine the effectiveness of the
quality system has been left out of the new version. This seems to limit the role of the audit
program under the ISO 9001:2000 quality management systems requirement standard. However, if
we take a look at ISO 9004:2000 for business improvement, the internal audit function is
responsible for evaluating the effectiveness and efficiency of the organization.

ISO 9001:2000 audit training

Virtually all existing auditors will need training in the new version of the standard and new auditing
techniques. Put it into your budget. Existing auditors and audit program managers familiar with the
ISO 9001:1994 version will need to receive what people are calling transition or delta training.

Since many of the requirements of the new version of the standard are simply repeats or
elaborations of previous requirements, a one-day course on the changes and new audit techniques
may be sufficient for internal company auditors.

If you are a Registrar Accreditation Board (RAB) quality system auditor, you are required to take
14 hours of training to maintain your certification. The training must take place within 18 months of
the issuance of the ISO 9001:2000 international standard. Auditors wanting to maintain their RAB
certification may take the training from any organization as long as it meets RAB requirements.

RAB has preapproved some courses and put that list on its Web page at www.rabnet.com. For
courses that have not been preapproved, additional documentation will be required when auditors
seek credit for the transition or delta training. Contact RAB at 888-722-2440 for details.

We should applaud RAB for opening up the transition or delta training to as many course providers
as possible. The additional training options for veteran certified auditors should result in better
classes at lower costs. The United Kingdom based International Register of Certified Auditors
(IRCA) also requires 14 hours of training but has taken a more formal approach similar to the fiveday lead assessor class.

RAB type transition training has been advertised for just under $1,000. I expect ISO 9001:2000
transition course offerings to range anywhere from $250 to $1,200.

ASQ CQA certification

ASQ offers a certified quality auditor (CQA) program. If you take a four-hour exam, pass it and
meet the specified requirements, you can become an ASQ CQA. The ASQ Quality Audit Division

(QAD) now offers its own CQA refresher classes. When you attend a QAD conference, you can
take both the QAD CQA refresher class and the CQA exam.

The quality auditor body of knowledge used for the CQA exam is being modified with the addition
of subtext. The subtext is reported to describe what is meant by the ASQ quality auditor body of
knowledge topic headings. The subtext is expected to appear in the ASQ CQA brochure starting
this month, and candidates for the CQA exam can be tested on the content of this subtext.

The QAD certification chair is looking for volunteers to write questions for the CQA exam. If you
are an ASQ Certified Quality Auditor and would like to learn more about this valuable experience,
please contact ASQ at 800-248-1946, and ASQ staff members can put you in touch with a QAD
officer.

RAB auditor certification

RAB also offers auditor certification programs. Most auditors who conduct third-party registrar
audits are certified by the RAB or IRCA. RAB recently announced a reduction in certain quality
management system auditor certification program requirements relating to work experience and
witness audits. This reduction is welcome news because it seemed that the answer to every auditor
issue was to add another requirement for certification. RAB quality management system auditors
already have more ongoing certification requirements than most other professionals.

Auditing against

The new ISO 9001:2000 will seem like a breath of fresh air for organizations, but many auditors
are still holding their breaths with a wait and see attitude. Transitioning to the new standard should
not be a big problem for internal system auditors once they understand the new requirements and
auditing techniques. The major issues will probably be with third-party conformity assessment
auditors.

Only time will answer the following questions: Will the organizations being audited accept more
culpability when auditors cite nonconformances for higher level nonprescriptive requirements? Will
registrars support their auditors when organizations being audited appeal a nonconformance
relating to deployment or process output measures?

Auditing standards

The quality management audit (ISO 10011) and environmental management audit (ISO 14011)
standards are being replaced with a new guideline standard called ISO 19011 for quality and
environmental management systems auditing. The new standard is still in development and has
progressed to what is called the committee draft number two, or CD2, stage.

By most accounts, the new standard has been received favorably, but recent criticism and
questions about the intended users of the document have set new challenges for the task group
working on the standard's development.

The criticism includes such comments as "not user friendly," "too big" and "only for third-party
registrar auditors." To me, these are valid criticisms if the document is to be used as a guideline by
small, medium and large organizations that have implemented a management system (environmental
or quality). Before the standard is advanced to the next stage of development, the criticisms should
be resolved and the intended users clearly defined.
Auditors make front page
On Sept. 8, USA Today ran a "Money" section front-page article titled "Quality Auditor Ok'd
Deca-tur Tire Plant" by Del Jones. The article was damaging to the quality profession because it
fostered the myth that quality can be achieved through inspection and, for that matter, that
inspection can detect all imperfection and eliminate fraud.
The truth is that over the last 20 years society has been the benefactor of the fact that
organizations have improved processes instead of adding inspectors.
Auditor concerns
I have heard from registrar auditors who believe that there is not enough time allocated for an
audit to complete all the paperwork and conduct a proper audit. I would echo those concerns and
add that auditing against the new ISO 9001:2000 will take even longer.