Fundamentals, Structure and Key Characteristics

Abstract

All ISO management standards are based on the idea that a QM system that can be understood by third parties is the best prerequisite for an appropriate level of quality. The standard therefore specifies minimum requirements that are independent of the specific service provision (product or service) and the size of the organization in order to enable a uniform and comparable quality standard.

2.1 Basic Principles and Structure

All ISO management standards are based on the idea that a QM system that can be understood by third parties is the best prerequisite for an appropriate level of quality. The standard therefore specifies minimum requirements that are independent of the specific service provision (product or service) and the size of the organization in order to enable a uniform and comparable quality standard.

The conformity or certification according to the 9001 standard serves the goal,

• to create and maintain a sustainable competitiveness through an effective QM system with efficient processes and its constant evaluation.

• to constantly and systematically plan, implement and evaluate improvements to the QM system.

• that the organization is constantly dealing with its own non-conformities, weak points and waste in order to sustainably eliminate the root causes.

The content of ISO 9001 remains largely unspecific. Although the standard defines what has to be implemented in the end, it does not define how processes and work steps have to be designed in detail. No tools, instruments or implementation methods are specified, only the output requirements are defined. The standard therefore leaves the detailed process design, i.e. the choice of means, to the organization.

High Level Structure

All management system standards have a uniform and so-called High-Level Structure. This means that the first and, in most chapters, the second level of structure is identical in all important system standards. Whether ISO 9001, EN 9100 (aviation), IATF 16949 (automotive), ISO 14001 (environment), OHSAS 18001 (occupational health and safety) or ISO/IEC 27001 (information technology), all these and other standards have the following uniform basic High Level Structure:

Overview

• 4 Context of the organization

• 4.1 Understanding the organization and its context

• 4.2 Understanding the needs and expectations of interested parties

• 4.3 Defining the scope of the quality management system

• 4.4 XXX [Requirements of the respective] management system

• 5 Leadership

• 5.1 Leadership and commitment

• 5.2 Policy

• 5.3 Organizational roles, responsibilities and authorities

• 6 Planning

• 6.1 Actions to address risks and opportunities

• 6.2 XXX [Requirements of the respective management system] Objectives and planning to achieve them

• 7 Resources

• 7.1 Resources

• 7.2 Competence

• 7.3 Awareness

• 7.4 Communication

• 7.5 Documented information

• 8 Operation

• 8.1 Operational planning and control XXX [Requirements of the respective management system]

• 9 Performance evaluation

• 9.1 Monitoring, measurement, analysis and evaluation

• 9.2 Internal audit

• 9.3 Management review

• 10 Improvement

• 10.1 General

• 10.2 Nonconformity and corrective action

The texts and terminology of the standards have also been adapted in certain areas in line with this. The High-Level Structure simplifies the work of organizations and auditors in the case of multiple certifications because it simplifies a consolidated presentation of their own quality management. Different standards can be better interlinked within the organization and do not have to run in isolation. However, organizations are not obliged to adapt the high-level structure for their own QM system as long as only the respective standard requirements are fulfilled.

2.2 Key Characteristics of the ISO 9001:2015

Process Orientation

Since its major revision in 2000, ISO 9001 has followed the approach of process-oriented quality management, which has not only been adopted by the revision in 2008, but has also been tightened up in its current version. For ISO certification, a fundamental understanding of the process-based organizational structure is therefore more necessary than ever.

Through this approach, the process orientation demands and promotes a stronger examination of operational processes and responsibilities. The organization is made more comprehensible and thus facilitates the clarity and comprehensibility of the process structures. The employees recognize their place within the processes relevant to them as well as within the entire value chain.

It is important for the success of the process-oriented approach and thus also for the passing of the certification audit that an internal control loop is established between the incoming customer requirements (input) and the determined customer satisfaction (indirect output). ISO 9001:2015 therefore requires the implementation of Deming’s PDCA cycle (Plan-Do-Check-Act) (see Fig. 2.1).

Fig. 2.1

The Plan-Do-Check-Act cycle (PDCA)

The process orientation must also be reflected in the QM documentation. The starting point is a process map in order to obtain a complete overview of the organization and its core processes. On the second level, which serves to describe individual processes, flow charts, flow diagrams or turtle diagrams, for example, are used. Tasks and procedures, which are visually divided into process description are thus easier to identify. It is important that the employees are instructed in such a form of presentation. They must find their roles, activities and interfaces and understand how their tasks are integrated into the entire operational value chain.

Risk-based Thinking

Section 6.1 of ISO 9001:2015 requires risk-based thinking and actions within the organization. The aim is to deal in a structured manner with operational risks, in particular those which have a direct or indirect influence on the organization’s objectives. These include process risks, risks in customer and supplier relationships, dependencies on employees, machine failure risks, planning risks, etc.

As an important element of the QM system, risk-based action is a management task and must be anchored throughout the organisation. However, the standard provides only limited information on the type and scope of the expected risk orientation. In any case, the management must ensure that a risk process is established and that the risk concept is anchored in all processes, so that a structured identification, evaluation and control of hazards is ensured in operational practice. One of the essential tasks is to identify risks on time and to keep them under control or eliminate them wherever feasible by means of targeted measures.

Customer Orientation

Customer orientation is a core characteristic not only in numerous business management approaches, but also in ISO 9001. Some basic requirements are formulated in Sect. 5.1.2 for this purpose.

The aim is to place the customer at the centre of all business activities. An essential element for successful customer orientation is the consistent process orientation of one’s own organization. Today’s customers’ basic needs such as flexibility, short reaction times and low prices can only be met if the organisations own operational processes are properly coordinated and smoothly connected.

A structured customer orientation is particularly required in the sales area (Sect. 8.2), where customer contact is naturally intensive. However, customer care also requires clearly defined procedures and behaviour after signing the contract, especially in the case of subsequent changes to the order.

In order to do justice to the “C” (check) of the PDCA cycle, Sect. 9.1.2 defines requirements on customer satisfaction.