ISO 9001 Quality Management Systems
ISO 9001 is an internationally recognised standard with all the kudos and clout that comes along with it. It can be used for all kinds of organisation, no matter your industry or service, and is as applicable to start-ups and micro businesses as it is to large corporate entities and everyone in between. By providing a framework for your Quality Management System (QMS), it will bring structure, process, and consistency to the way you work. QFactorial can ensure the standard bends and fits to the way you actually do business. We'll develop your QMS, together, to improve the quality of your products, services, projects and operations and top it all off with a certification at the end to prove it.
ISO 9001 is the world’s most recognised Quality Management System (QMS) standard. It aims to help any organisation – no matter what it is selling or providing – to satisfy its customers and other stakeholders, meet regulatory requirements and achieve continual improvement.
ISO 9001 has evolved over the years, emerging from its early chrysalis of detailed requirements, heavily biased towards manufacturing, it’s now become a more generic, flexible, and (dare we say?) useful framework for any kind of organisation at any stage of its development.
The standard is now based on seven key management principles – customer focus, leadership, engagement of people, process approach, improvement, evidence-based decision-making, and relationship management - which impact on quality management.
There’s much less emphasis on having documented procedures “because the standard says so” and it’s not about stuffing your entire operation into an ill-fitting suit of premade templates and hoping they work come audit time. It’s much more about how your business actually runs and the processes it already has – how they are organised, implemented, measured and improved.
We can help you navigate the requirements and ensure they work for your organisation, actively supporting you on your ISO 9001 journey as much as you need. Whether that’s taking your first steps towards certification or refreshing your existing QMS to work more effectively for you.
The beauty of ISO 9001 is that it applies to any organisation, of any size, in any sector. Some organisations get their certificate to satisfy a stakeholder or a customer, or to access new markets, but the real benefit comes to those who recognise the opportunity to use ISO 9001 as a vehicle for continuous improvement which then benefits everyone. By organising your activities around your business processes more effectively, you can improve their repeatability and performance, which helps build a more sustainable platform for improvement.
If you want to be the best business you can be, delighting your customers and stakeholders by delivering the best product or service, then ISO 9001 is relevant for you.
Increasingly, customers and stakeholders are becoming concerned with exactly who they’re doing business with and looking for verifiable, measurable assurance that their partners are taking quality seriously. You may have a specific customer who is insisting on this certification before placing their order. You may have a new market which is unbreakable without ISO in your back pocket. You might be taking the altruistic route and wanting to improve your organisation’s engagement, efficiency and internal processes following (or even in anticipation of) a period of growth. There are many drivers for seeking ISO 9001 and even if you’re feeling no pressure now from these sources, sometimes it’s best to get ahead of the curve before you end up scrambling for certification to meet stakeholder deadlines! But whatever your reason, QFactorial can support your journey and squeeze the maximum benefit out of using this standard.
We are, first and foremost, a quality management consultancy. And we are really keen on the consulting part. By engaging with us you can be assured we will listen carefully to your story and understand the details of what you want, and what you need (which are not always the same thing!). Our consultants can then offer you a uniquely tailored solution. We're Quality People, and we understand how to bend and shape the ISO framework to add value to your business.
There isn’t any! But no news isn’t necessarily good news either.
ISO 9001 is reviewed every 5 years to decide if it’s still valid or if it needs updating. Its last review was completed in June 2021 when it was agreed that no revision was needed. This, of course, means that it hasn’t changed since 2015.
But the world has changed drastically since then – remote/hybrid working is now the norm in some workplaces, technological change is accelerating, and supply chains are becoming more complicated. Not to mention the prolonged impacts of Brexit, Covid and Geo-political conflict.
Business is no longer simply the making, selling, and documenting of stuff. Everyone is online in some capacity, and many businesses are pushing the limits of technology both in what they produce and how it’s produced. From cloud-based systems to IoT, blockchain to big data, workflow automation to the rise of AI, there’s so much potential for change in the next revision of ISO 9001. Let’s face it, the current version of 9001 barely recognises that we use the internet, so there’s a long way to go.
But when the time comes, and changes are afoot, you can be confident in knowing QFactorial will be there to help your business manage the transition.
ISO 9001 promotes the use of a process approach, risk-based thinking, and encourages to adopt the Plan-Do-Check-Act “Deming Cycle” for defining, reviewing, and improving your quality management system. Building on the 7 Management Principles the standard has sections covering key requirements relating to the context of the organisation, leadership, planning, support, operation, performance evaluation and continual improvement.
The standard requires a documented quality policy to be communicated and reviewed, along with quality objectives. Risks and opportunities are to be assessed and internal and external issues relevant to the purpose and strategic direction of the organisation are to be identified. The documentation of processes and procedures is expected where necessary for effective operation of your system. Fundamental to the success of ISO 9001 is that top management must provide leadership, human resources and the environment for the QMS to be effective. The standard calls for all steps from design to delivery to be clearly defined, managed and measured and has requirements for ongoing analysis and improvement (such as corrective action and internal audits). With a deep knowledge of the standard and an eye to the benefits for your business we can support you to develop a robust and effective QMS.
Anyone can get the benefits of using ISO 9001 as a tool to establish and develop their management system, you can reap all the benefits without having to go for certification. However, certification by an independent, accredited body is the best demonstration of your compliance to the standard and how you satisfy your customers and regulatory requirements, as well as your own business commitments. Certification also shows the outside world that you work within a globally recognised framework.
Using this ISO 9001 framework, the aim is to “say what you do” and then prove that you “do what you say”. We will support you to document the QMS in a way that not only satisfies the standard requirements, but that is a true and workable reflection of the way your business operates. We can identify any gaps between where you are and where the standard needs you to be, and we can recommend improvements and changes to bridge those gaps. Make no mistake, successful compliance with ISO 9001 requires planning, commitment, and resources, but we are here to help you every step of the way with as much or as little of our support as you need to get you over that line. And once compliance is achieved, we are here to help maintain your compliance as your business grows.
The International Organization for Standardization (ISO) does not carry out certification directly but there are many certification bodies who can audit organisations and issue ISO 9001 certificates. In the UK, ISO 9001 certification is most beneficial through one of the certification bodies accredited by UKAS. UKAS is the UK’s National Accreditation Body for certification, calibration, inspection, and testing services. As such, they are the only authority recognised by the UK Government and major purchasers. We can help you to choose a UKAS-accredited certification body and support you through the certification process by preparing documentation, training and mentoring, reviewing, auditing and improving your QMS. We can help you to continue developing your system beyond certification so that it always meets the needs of the standard and your business.
Becoming ISO 9001 certified and continuing to develop and maintain the system requires planning, commitment and resources. How much work is involved will depend on your current stage of development, the size of your organisation and number of people involved. We will work closely with you to identify gaps and synergies against the requirements of the standard, drawing up an action plan to achieve certification in the most efficient way. Our effective project management will support your schedule and budget, tailoring our resources to help you at every stage.
Most of us have moved on from wall-to-wall dusty lever-arch folders, to the modern horror story of a hodge-podged SharePoint system with hundreds of empty folders, broken links and no permission to actually access the files anyway. But there are some evolved beings who have broken free entirely to use sophisticated document control software or beautifully simple mobile apps to keep their house in order without drowning in paperwork. The 2015 revision of ISO 9001 brought with it much more flexibility for organisations to choose how they document their Quality Management System, and the format you keep it in is your choice – as long as it is relevant, useful, and includes evidence of conformity to the standard.
Yes, there are some mandatory requirements for documents which have to be maintained (such as the scope of the QMS, the Quality Policy, Quality Objectives and criteria for evaluation and selection of suppliers) and a number of records which need to be kept as factual evidence. But in practice the aim is to look at such things as how you actually perform your activities, what processes you use, who is involved and how you record your results. In other words, you need to design and describe the system that works for your business. For certification you will need to show that your system is effective in planning, operation and control of your processes and provides evidence of continual improvement.
We at QFactorial don’t believe in producing a tome of paper that thuds onto the desk once a year when the auditor asks to see it. We want to create a tailor-made, usable, readable and (dare we say) useful QMS that actually helps you run your business efficiently and effectively. So, whether you are just starting to develop a QMS or you have a system that you know needs updating so that it works better for you, we can help.
How long is a piece of string?
You’re not a cookie-cutter company, so we don’t deal with cookie-cutter prices. But let’s talk about what makes up the cost of ISO certification:
- Finding out where you’re starting from, where you need to be and how to get there. (GSAAP).
- In house resources to manage and deliver the work plan.
- External consultants to help with parts of the plan that are outside your skills and experience (or time).
- Certification Body.
- Maintenance of your certification. Not just polishing the frame.
Depending on the size, scale and complexity of your organisation, you may need more or less consultancy time. We can work with you based on a specific number of days at an agreed rate, carefully scoped, fixed price work packages, or a combination of both to suit your budget.
There is a difference between certification and accreditation. In the UK there is only one government approved accreditation body (UKAS). When your customers are asking to see your ISO certification, they expect to see the UKAS logo alongside the certification body’s logo. Without this, your customer may reject the certificate and you may find you've a costly exercise to undo the commercial damage, upgrade your system and put yourself through the certification process all over again. We can help you choose a UKAS accredited certification body to make sure you aren’t going to get any awkward questions later.
We’ve been in this game a long time now and have developed a proven system of tackling the requirements of ISO certification with you. We begin with our Gap & Synergy Assessment with Action Plan (GSAAP for those acronym lovers) which shows us how close you already are to the standard requirements. We find, usually, that there are many more synergies than you’d expect - you’re running a successful business after all, aren’t you?
This gives us a head-start when creating the QMS and gives you the opportunity to get to know your consultant and confirm you enjoy working with us before embarking on the good ship certification. At this point you’re able to take the GSAAP and run, but of course we’d like to think you’d want to keep working with us to help you with the documentation (Stage 1) and implementation (Stage 2).
We help share the load by reviewing what you create, or creating things for your review - business manuals, process maps, policies and procedures, etc. Once this is all done, there’s a desktop audit by the certification body to check all your documentation complies with the rigours of your chosen standard - and yes, we can be involved in this as your advocate, interpreter, translator or referee. Stage 1 is all about ‘saying what you do’ as a business. But you can’t just say what you do, you also need to ‘do what you say’. Stage 2 is all about those documents coming off the page and becoming a ‘real’ entity in your business. The burden of proof is on you to show that your system, as you’ve set out in Stage 1, is working as you say it should be. It takes time to gather this body of evidence, anywhere from 2-3 months, and this evidence can take various forms. Our role during Stage 2 is to provide training, mentoring, internal audits and management reviews to ensure your business is ready for the Stage 2 external audit. It’s entirely normal for a few ‘nonconformities’ to arise, especially at this stage, but we’ll be there to help you deal with them and make sure you get that recommendation for certification.
At this point you’re able to take your new ISO Certificate, pat yourselves on the back for a job well done and send us on our merry way, happiness all round. However, we recommend you stick with us for this first year. Why? So we can help establish quarterly health checks to keep things ticking over. No one wants to be thrown into a full-blown panic 11 months down the line as the surveillance visit looms and you realise things have gotten a little wobbly. With us on board that little while longer, you can be sure that the gears are turning and the processes are followed so when the auditor returns, you’re armed and, if not dangerous, at least prepared.
Speak with a Qfactorial expert