The changes are rather minor, the way things look. Don't worry about it. At the appropriate time we'll post an easy to follow transition guide. No charge, of course. Keep checking this site!

In an ISO 9001 system, you are required to develop, publish, and promote within your company a "quality policy statement." This is a brief statement of top management's commitment to quality and to customer satisfaction.

Just about every quality policy statement says something about the company's commitment to meet customer requirements. The problem is that many companies, without really thinking about it, say that they "meet or exceed" customer requirements.

It's the "or exceed" statement that can get you into trouble. Managements include it reflexively, without thinking about it. But you can be asked, at certification audit, to show exactly what you do to exceed customer requirements. And you can be asked to show examples of where you have actually done it.

So before you finalize and publish your policy statement, think through what it says. You're held to it.

Yes, an ISO 9001 system can be implemented in a brand new company. We've done several of these "greenfield" implementations. The system has to be up and running for three months before certification audit can happen.

ISO 9001 is the "requirements" standard including the mandatory requirements against which you are audited when you go for certification.

ISO 9004 is a "guidance" standard that a) amplifies the requirements in 9001, and b) in many cases details improvement paths for the requirements. You are not audited against 9004.

I agree with you. It's absurd to say that you cannot fulfill both functions.

ISO 9001 is indeed viable and feasible for a distribution business. A quick scan of the database shows that there are already over 600 sites in the United States with warehousing / distribution as all or part of their scope. We did a project with a major electrical supply firm (six sites) that was purely warehousing / distribution. Having an ISO 9001 system provides a good blueprint for disciplined growth.

ISO 9001:2000 is appropriate for any process anywhere in the world. So it would be appropriate in China assuming the Standard is available in Chinese (check iso.org for this) and the system can be developed and implemented using the prevailing Chinese language.

ISO 9004:2000 is a guidance standard. It is not something that one can be registered to. It's positioned as a path for continuous improvement once you are comfortable with the baseline in 9001.

Improvement does not happen until top management sees what's really going on. Truly sees.

When top management does not see what's going on, it's either because a) they don't want to - which sometimes happens - or b) communication channels are hampered by disconnects or excessive bureaucracy.

But interesting things happen when top management truly sees a situation face to face.

Years ago I was implementing at a large printing company. They had no objective means for identifying nonconforming or suspect product on the floor; it was the old "the guys ust know." After much debating and arguing, they decided to print up bright red teepee signs to put on carts and racks of defective or suspect product.

I was with the company president (who was also their chief sales person) when he first visited the floor after the red teepee signs were implemented. I'll never forget the expression on his face as he looked around the vast production floor -- there seemed to be red defective product signs EVERYWHERE.

He could not believe it. He angrily questioned the production people about how come there was so much bad stuff on the floor right then. They told him that. . .well. . .this was pretty much average.

He just hadn't really seen it before.

TQM is a very generic and nebulous "catch all" phrase that applies to a wide array of quality related tools and techniques. These often include problem solving, team building, and a host of statistical tools such as SPC, design of experiments, scatter diagrams, fishbone diagrams, etc.

ISO 9000 is a very specifically defined and documented set of quality principles phrased as "requirements" by the international standards body. Many of its requirements embrace various TQM tools and techniques. The bottom line is that ISO 9000 is very specific, while TQM is "in the eye of the beholder"; and there is nothing contradictory between them.

No. Most registration bodies offer "corporate" registrations that cover multiple locations. This usually is the more economical way to go. Registration bodies have their own individual rules etc., but usually the locations have to be covered by a common policy manual -- the level 2 an 3 documents can be location specific. Only catch to this is that a problem at one location can imperil registration for all. Which should not be a problem if everyone is working satisfactorily to the same system everywhere.

No, it most certainly does not "guarantee" that. One of the "dirty little secrets" of ISO 9000 is that it is possible to implement a system, pass an audit and get registered, and have your product quality not improve at all. It shouldn't be that way, but it can be. This is because (in my opinion) registration and surveillance audits are not rigorous enough, which may in turn flow from commercial imperatives in certain cases.

It all comes down to the attitudes and belief systems of top management. A well designed and implemented ISO 9000 quality system a) WILL improve product /service quality and b) WILL improve business operations in general -- if top management wants it to, believes in it, leads it, drives it, and makes it happen. If top management's approach is just to plaster a paperwork facade up there and then play cat and mouse with auditors in order simply to "pass" and get the certificate, well, then the system will tend not to help anything -- will in fact just be a cost, rather than a benefit.

Far as I know, the numbers have no significance whatsoever. ISO publishes thousands of standards and all have various series numbers -- they may be significant to someone but I wouldn't know how.

More than 75, according to Quality Systems Update.

I have not done a line by line comparison. However, in general the theme is pretty clear. The new Standard is much closer to Baldrige than the 1994 one was. Even so, it is not nearly as detailed, specific, or prescriptive. This makes sense because the ISO 9001 standard is an international standard with all kinds of handprints on it, and has to undergo multiple levels of review, voting, and approval -- frankly I'm amazed they come up with anything even this specific!

The Baldrige elements that are either not addressed by ISO or, only vaguely / inferentially, are:

The ISO 9004: 2000 "Guidelines for performance development" have in certain places allusions to the issues listed above. But the requirements don't really address them.

Bottom line is that, in my opinion, if you do well in the Baldrige criteria, you're a long ways toward being ISO 9001: 2000 compliant. There are still some elements in ISO 9000 that are not mentioned in Baldrige, but there is definite synergy between the two.

ISO 9000 is a set of rules that companies follow to assure that they have the systems needed to meet their customers' needs. It involves writing procedures, following them, and auditing how well the procedures are being followed (by both internal people and an external body). Companies who implement ISO 9000 systems generally become "registered" or "certified," which means they have passed an audit by an outside organization.

If what you want is to get to know this guy better, I suggest that you get him to explain it to you. It's a good way to draw him out and develop the relationship.

Not sure. You can be "ISO 9000 compliant" without being "ISO 9000 registered / certified." The former is the company just saying that they meet the requirements and you have to take their word for it. The latter means that an independent organization has audited them, found them to be compliant, and stands by that. Big difference.

As far as I'm concerned, saying that you're "ISO compliant" is pretty much meaningless. Anyone can say that. You'd have to audit them yourself to find out the extent to which this is true.

Your manager’s assertion that ISO 9000 is merely a "consistency" standard that could still result in inferior products is a common rap, traceable to a statement made by a Motorola executive in a Fortune article a couple of years ago.

Let me set the stage for my answer with a couple of "real world" disclaimers.

First of all, it is entirely conceivable to have one subcontractor, registered to ISO 9000, producing a higher level of "defects" than a subcontractor that is not registered. However, the latter subcontractor is, with virtual certainty, operating in a way that meets most if not all of the requirements (just doing it better than the subcontractor who is actually registered). After all, there is nothing magical, and there is no rocket science, about the ISO 9000 requirements. They are simply good common sense (I have called it "Business 101") and the best companies typically meet most, if not all, of the requirements without bothering to get registered (yet).

Second: it’s certainly possible to implement, and obtain registration for, an ISO 9000 system that produces some level of "defective" products. In the real world, defects, nonconformities, etc. are a fact of life. People are human; no system is perfect; things are constantly changing, etc.

However, the "consistent defects" rap begs the question at several different levels. First of all, the Standard does not presume to define what level of defects is acceptable. ISO 9000 is intended to be a universal standard, applicable to virtually all organizational activities everywhere in the world. If 1% of a company’s toothpicks are defective, how big a deal is that? If 1% of a company’s aircraft engines are defective, what’s the impact on the customer? What’s more, mechanisms built into the requirements, and the registration system, promote improvement at several different levels.

So, if ISO 9000 does not specify quality attributes or acceptable level of defects, who does? Ultimately, the customer.

Sometimes, they do it empirically, by requiring the supplier to maintain a certain standard of acceptability against defined quality attributes.

Even if they don’t, they always do it by inference, by "voting with their feet." If your competitor is providing a better level of service and lower level of defects / nonconformities, your customers will over time flock to that competitor and put you out of business.That’s the real world, as I see it, irrespective of anything ISO 9000 says.

So how DOES ISO 9000 address this issue?

ISO 9000 addresses the issue by requiring the supplier to take customer requirements and expectations into account at all critical junctures of the transaction. It does this through the three clauses that relate to the supplier’s relationship with the customer.

The first of these is Contract Review, which ensures that your customer’s requirements at the order-taking level (and afterward) are clear, complete, and unambiguous, and that you have the capability of meeting those requirements.

The second is Design Control, which ensures that your customer’s design requirements are clearly defined, understood, and consistently met throughout the design cycle and afterward.

The third is Servicing, which ensures that your customer’s servicing requirements (post-sale) are consistently met.

Meeting all of the requirements in these three clauses requires close and consistent communication with your customer at all critical stages of the transaction. That is as far as the Standard goes. The Standard does not replace, nor pretend to replace, the economic realities of life in a competitive business environment:If your customer specifies certain things, and you fail to provide those things, the customer will react in a way that has an adverse economic impact upon you.

Your competitors are continuously improving. If you do not continuously improve, you will lose share and, ultimately, your business.

Then, ISO 9000 requires you to identify defects and nonconformities immediately and to take affirmative action to identify causes, implement solutions, and follow up on those solutions to ensure that they are effective. You must have evidence that you are doing this on an ongoing basis. If you are producing a consistent level of defects and nonconformities and taking no effective action to remove the causes of those defects, you cannot obtain (or maintain) registration. It’s that simple.

At the end of the day, ISO 9000 is a very basic and fundamental benchmark system designed to put businesses, regardless of their marketplace or location, "on the same page." Through the audit and registration structure, it functions as a communications system, providing some level of confidence to customers (especially potential customers, who may know nothing about you) in the integrity of your quality practices and your ability to meet your customers’ needs.

But ISO 9000 is just a starting point. A foundation. Good common sense. It does not take the place of customer requirements (and it states this very clearly). It makes sure that you take customer requirements into account on a disciplined, consistent basis, and incorporate these into your process as required to assure that customer requirements are met, both today and in the future.

IMHO, this presumes that once you have documented a procedure or an activity, you are "stuck" with it and cannot challenge it or change it without incurring a noncompliance. If you want to accept this hamstringing voluntarily, you are welcome to do so, but nowhere in the Standard is this required.

I recommend that my clients include an action plan development and follow-through procedure in their system. (This can be tied into 4.2 under Quality Planning and/or 4.14 Corrective and Preventive Action.) When my clients want to test assumptions (try out new systems, variations on the documented system, etc.) we simply create and implement an action plan to test the assumption under documented and controlled conditions. We can run the "old" system parallel with the "new," test the assumptions, and track the results. As long as you are not in noncompliance to the Standard and not in noncompliance to your own system, there is no reason why this cannot be done.

I would welcome the opinion of my brethren and sistren in the assessor community on this one, but it has already been tested in audit and passed without a problem. And if an assessor challenged it, I would go right into his/her face on the issue. At the end of the day, we want to remain compliant to the Standard and to our own system ... but it’s even more important that we continually improve. Utilizing the creativity of everyone in the organization and testing alternatives on a planned, controlled basis is key to this and there is nothing in the Standard that says you cannot do it.

The fact that most companies don’t do it-or do it in a slapdash basis-is due to inertia, not to external influences like ISO 9000!

Neither TQM nor ISO 9000, in and of themselves, motivate employees. When an employee is unmotivated, it is due to one of three causes (or in certain cases a combination of these), IMHO) He/she is, as an individual, and by nature, indifferent, uncaring, there for the check; 2) he/she is in the wrong job (i.e. doing work he/she is just not interested in - this is a FREQUENT phenomenon); 3) he/she is in an organization that is poorly managed and poorly led.

Quality systems like ISO 9000, and quality methods that are commonly lumped under the heading of TQM, are not by nature capable of correcting any of these problems. With a well led and well managed organization that has a high percentage of well motivated employees (I've never seen an organization comprised of 100% well motivated people), a well designed and well implemented ISO 9000 system can be an outstanding tool. But it is not a quick fix or a magic cure, though it is often seized upon by managements who in many ways just don't have a clue.