International Organization for Standardization

BIBC II, Chemin de Blandonnet 8 , CP 401, 1214 Vernier, Geneva , Switzerland

Tel: +41 22 749 01 11, Web: www.iso.org

ISO 9000 Standards

Frequently Asked Questions (FAQ's)

In developing this list of Frequently Asked Questions (FAQ's), input has been obtained from experts
and users of the ISO 9000 standards from around the world. The list will be reviewed and updated on
a regular basis to maintain its accuracy, and to include new questions where appropriate. It is
intended that this list will also provide a good source of information for new users of the standards.

Please note that this is a general set of FAQs relating to the ISO 9000 standards and ISO. A specific
set of FAQs concerning ISO 9001:2015 is also available from www.iso.org/tc176/sc02/public.

1. What is ISO?

The International Organization for Standardization (ISO) was established in 1947 and is (currently) an
association of over 160 National Standards Bodies, which each represent their own country. ISO
employs a system of Technical Committees, Sub-committees and Working Groups to develop
International Standards. Besides the National Standards Bodies, ISO permits other international
organizations that develop standards to participate in its work, by accepting them as Liaison members.
ISO works in accordance with an agreed set of rules of procedure, the ISO/IEC Directives, which also
include requirements on the presentation of standards. For further details please refer to ISO's own
web site at http://www.iso.org.

2. Who are the National Standards Bodies, and who represents my country at
ISO?

Please use the link on ISO's web site that gives details, including contact information, of the National
Standards Bodies: http://www.iso.org/iso/home/about/iso_members.htm.

3. What are the ISO 9000 standards ?

The ISO 9000 standards are a collection of formal International Standards, Technical Specifications,
Technical Reports, Handbooks and web based documented information on Quality Management and
Quality Assurance. There are approximately 25 documents in the collection altogether, with new or
revised documented information being developed on an ongoing basis.

(It should be noted that many of the International Standards are numbered in the ISO 10000 range.).

4. Who is responsible for developing the ISO 9000 standards?

ISO Technical Committee (TC) number 176 (ISO/TC 176), and its Sub-committees, are responsible for
the development of the standards. The work is conducted on the basis of "consensus" among quality
and industry experts nominated by the National Standards Bodies, representing a wide range of
interested parties.

5. Where can copies of the standards be obtained?

Copies of the standards may be purchased from your National Standards Body, or from ISO itself
([email protected]). Many National Standards Bodies have them available in local-language versions.

ISO/TC 176/SC2/N1272 www.iso.org/tc176/sc02/public

6. Where can information be obtained on the ISO 9000 standards?

There are a number of sources of information on the ISO 9000 quality management system standards,
including this web site and ISO's web site, which carry information on the standards. Your National
Standards Body should be able to provide copies of the standards, and registrars/certification bodies
will be able to provide guidance on registration arrangements.

7. Where should an organization go if it needs clarification or interpretation of

the standards?
.
The starting point for an interpretation should be with your National Standards Body. ISO Central
Secretariat and ISO/TC 176/SC2 cannot accept direct requests from individuals for interpretations of
the ISO 9000 standards. Instead, ISO/TC 176/SC2 has established a Working Group for
interpretation, with a formal procedure to provide answers to the questions that are forwarded by the
National Standards Bodies. Details of agreed interpretations are now being published on the ISO/TC
176/SC2 web site at www.iso.org/tc176/sc02/public.

8. What are the main benefits to be derived from implementing an ISO 9000
quality management system?

The ISO 9000 standards give organizations an opportunity to increase value to their activities and to
improve their performance continually, by focusing on their major processes. The standards place
great emphasis on making quality management systems closer to the processes of organizations and
on continual improvement. As a result, they direct users to the achievement of business results,
including the satisfaction of customers and other interested parties.

The management of an organization should be able to view the adoption of the quality management
system standards as a profitable business investment, not just as a required certification issue.

Among the perceived benefits of using the standards are:

 The connection of quality management systems to organizational processes

 The encouragement of a natural progression towards improved organizational performance,
via:

- the use of the Quality Management Principles

- the use of a "process approach"
- Enhanced leadership involvement in the management system
- Risk-based thinking
- Simplified language, common structure and terms
- Aligning QMS policy and objectives with the strategy of the organization

 Consideration of the needs of all interested parties.

The concept of organizational self-assessment as a driver for improvement (see ISO 9004)

9. What benefits are there to an organization implementing ISO 9004?

If a quality management system is appropriately implemented, utilizing the Quality Management

Principles, and in accordance with ISO 9004, all of an organization's interested parties should benefit.
For example:

Customers and users will benefit by receiving the products and services (see ISO 9000) that are:

 Conforming to the requirements

 Dependable and reliable

ISO/TC 176/SC2/N1272 www.iso.org/tc176/sc02/public

  Available when needed
 Maintainable

People in the organization will benefit by:

 Better working conditions

 Increased job satisfaction
 Improved health and safety
 Improved morale
 Improved stability of employment

Owners and investors will benefit by:

 Increased return on investment

 Improved operational results
 Increased market share
 Increased profits

Suppliers and partners will benefit by:

 Stability
 Growth
 Partnership and mutual understanding

Society will benefit by:

 Fulfilment of legal and regulatory requirements

 Improved health and safety
 Reduced environmental impact
 Increased security

10. Are the standards compatible with national quality award criteria?

The standards are based on Quality Management Principles, which are aligned with the philosophy
and objectives of most quality award programs.

ISO 9004 recommends that organizations perform self-assessments as part of their management of
systems and processes, and includes an annex giving guidance on this approach. This is similar to
many quality awards programmes.

11. Do the standards address financial issues?

Financial issues are not directly addressed in ISO 9001, but may be inferred though the requirements
for the provision of resources. ISO 9004 gives guidance that emphasizes the financial resources
needed for the implementation and improvement of a quality management system. ISO/TR 10014
"Guidelines for managing the economics of quality" also gives further guidance.

12. How will implementation of the standards help an organization to improve

its efficiency?

ISO 9001 aims at guaranteeing the effectiveness (but not necessary the efficiency) of an
organization. For improved organizational efficiency, however, the best results can be obtained by
using the guidance given in ISO 9004 in addition to ISO 9001. Additionally, the guiding Quality
Management Principles are intended to assist an organization in continual improvement, which should
lead to efficiency throughout the organization.

ISO/TC 176/SC2/N1272 www.iso.org/tc176/sc02/public

13. Why is the requirement for monitoring "customer satisfaction" included in
ISO 9001?

"Customer satisfaction" is recognized as one of the driving criteria for any organization. In order to
evaluate if a product or service meets customer needs and expectations, it is necessary to monitor the
extent of customer satisfaction. Improvements can be made by taking action to address any identified
issues and concerns.

14. Can the standards improve "customer satisfaction"?

The quality management system details that are described in the standards are based on Quality
Management Principles that include the "process approach" and "customer focus". The adoption of
these principles should provide customers with a higher level of confidence that products and services
will meet their needs and increase their satisfaction.

15. What is the "process approach"?

The "process approach" is a way of obtaining a desired result, by managing activities and related
resources as a process. The "process approach" is a key element of the ISO 9000 standards.

This International Standard employs the process approach, which incorporates the Plan-Do-Check-
Act (PDCA) cycle and risk-based thinking.

16. Can the "process approach" be applied to other management systems?

Yes. The "process approach" is a generic management principle, which can enhance an
organization’s effectiveness and efficiency in achieving defined objectives.

17. How can the PDCA cycle be used in the "process approach"?

The PDCA cycle is an established, logical, method that can be used to improve a process.

This requires:
 (P) planning (what to do and how to do it),
 (D) executing the plan (do what was planned),
 (C) checking the results (did things happened according to plan) and
 (A) act to improve the process (how to improve next time).

The PDCA cycle can be applied within an individual process, or across a group of processes.

18. Can any organization apply the "process approach"?

Yes. Many organizations already apply a "process approach" without recognizing it. They could
achieve additional benefits by understanding and controlling it.

19. Why should an organization apply the "process approach"?

By applying the "process approach" an organization should be able to obtain the following types of
benefits:
 The integration and alignment of its processes to enable the achievement of its planned
results.
 An ability to focus effort on process effectiveness and efficiency.
 An increase in the confidence of customers and other interested parties as to the consistent
performance of the organization.
 Transparency of operations within the organization.
 Lower costs and shorter cycle times through effective and efficient use of resources.
 Improved, consistent and predictable results.
 The identification of opportunities for focused and prioritized improvement initiatives.

ISO/TC 176/SC2/N1272 www.iso.org/tc176/sc02/public

  The encouragement and involvement of people, and the clarification of their responsibilities.
 The elimination of barriers between different functional units and the unification of their focus
to the objectives of the organization.
 Improved management of process interfaces.

20. What is meant by the “sequence” of processes and their "interactions"?

The "sequence" of processes shows how the processes follow, or link, to each other to result in a final
output.
For example, one process may become the output of the next process or processes.

The "interactions" show how each process affects or influences one or more of the other processes.
For example, the monitoring or controlling of a process may be established in a separate process.

21. Is there a standard way of describing a process?

No, there is no standard way to describe a process. It depends on the culture, management style, staff
literacy, personal attributes and their interactions.

A process may be described using a flow chart, block diagram, responsibility matrix, written
procedures or pictures.

Process flowcharts or block diagrams can show how policies, objectives, influential factors, job
functions, activities, material, equipment, resources, information, people and decision making interact
and/or interrelate in a logical order.

22. What should an organization do to adopt the "process approach"?

To adopt the "process approach" an organization should apply the following steps:
 Identify the processes of the organization,
 Plan the processes,
 Implement and measure the processes,
 Analyse the processes,
 Improve the processes.

23. How can a process be measured?

There are various methods of measuring process controls and process performance, ranging from
simple monitoring systems up to sophisticated statistically based systems (e.g. Statistical process
control, or SPC, systems). The selection and use of any particular method will be dependent on the
nature and complexity of an organization's processes, products or services. The effectiveness of an
individual process may be measured by the conformity of its output or product or service to customer
requirements. Its efficiency may be measured from its use of resources. In all cases the measurement
of the process determines if its (measurable) objectives have been achieved. Sometimes it only
requires monitoring to confirm process operations.
Typical factors that are useful to consider when identifying measures of process control and process
performance include:
 Conformity with requirements,
 Customer satisfaction,
 Supplier performance,
 On time delivery,
 Lead times,
 Failure rates,
 Waste,
 Process costs.
 Incident frequency

ISO/TC 176/SC2/N1272 www.iso.org/tc176/sc02/public

24. What is the difference between a "process" and "documented
information"?

A "process" may be explained as a set of interacting or interrelated activities, which are employed to
add value. “Documented information” is a method of describing the way in which all or part of that
process is to be performed. A process does not necessarily have to be documented information.

25. What does an organization need to do to comply with ISO 9001?

When initially starting to use ISO 9001, an organization should familiarize its personnel with the
Quality Management Principles, analyze the standards (especially ISO 9004), and consider how their
guidance and requirements may affect your activities and related processes. If it then wishes to
proceed to registration/certification, it should perform a gap analysis against the requirements of ISO
9001 to determine where its current quality management system does not address the applicable ISO
9001 requirements, before developing and implementing additional processes to ensure that
compliance will be achieved.

26. Can an organization be certified/registered to ISO 9004?

ISO 9004 is a guidance standard, which is not intended to be used for third party
registration/certification purposes. A key element of ISO 9004 is the ability to perform self-
assessments. Third party quality management system certifications/ registrations are performed to
ISO 9001.

27. How does ISO 9001 relate to the needs of specific business sectors?

The text of ISO 9001 is applicable to organizations that provide different types of product and services
to organizations of different sizes. Due to this generic nature, some industrial or commercial sectors
find that they need to identify additional requirements to attend to their specific requirements, so
develop their own standards or related documented information.

To assure consistency between the ISO 9001 requirements and sector requirements, ISO's rules
require that ISO/TC 176 be invited to review sectoral documented information while they are being
developed by ISO.

28. Is an organization's ISO 9001 certificate applicable to all of its products and
services?

When an organization seeks to have its quality management system registered/certified to ISO 9001,
it is required to agree a "scope of certification" with its registrar/certification body. This will define the
products and services to which the organization's quality management system is applicable, and
against which it will be assessed. An organization is not obliged to include within its "scope of
certification" all the products and services that it provides, but may be selective about those that are
included. All applicable requirements of ISO 9001 will need to be addressed by the organization's
quality management system that covers those products and services that are included in the "scope of
certification".

29. How will a small organization be able to adapt the requirements of ISO
9001? What flexibility will be allowed?

The requirements of ISO 9001 are applicable to small, medium, and large organizations alike. ISO
9001 provides some flexibility on the applicability of certain requirements for specific processes that
may not be performed by the organization.

30. What is the relationship between ISO 9001 and ISO 14001?

ISO 9001 has been developed to be "aligned" with ISO 14001 Environmental management systems –
Requirements with guidance for use, particularly with regard to terminology and content.

ISO/TC 176/SC2/N1272 www.iso.org/tc176/sc02/public

With the adoption of Annex SL for all ISO management system standards will have the same
structure. This makes it easier for an organization to more efficiently address multiple management
system requirements, provides the option of integrating management systems and standardizes core
definitions and text.

There is collaboration between the technical experts of ISO/TC 176 and ISO/TC 207 (the Technical
Committee responsible for the ISO 14000 series of standards) during the development of their
respective standards, to ensure that the level of alignment is maintained or enhanced.

31. How are the standards applicable to organizations that provide services?

The standards are applicable to all types of organizations, operating in all types of sectors, including
service providers.

32. What do quality management practitioners (consultant, auditor, or trainer)

need to know about the standards?

As a minimum, quality management practitioners should familiarize themselves with the requirements
of ISO 9001, and also with the content and philosophies of ISO 9000, ISO 9004 and the Quality
Management Principles. They should understand their client’s activities and processes, before
providing appropriate interpretations of the requirements of the standards, to add value to the client's
operations.

33. How should regulatory bodies use the standards?

Regulatory bodies should review their regulations currently in effect (or under development) and
identify points where reference to the quality management system standards would be appropriate,
before making recommendations to the legislative body.

34. What do auditors need to know about the standards?

Auditors, whether external or internal, should be able to demonstrate their competence on the
structure, content and terminology of the standards, and also on the underlying Quality Management
Principles.

The standards require that auditors are able to understand the organization's activities and processes
and appropriately audit against the requirements of the ISO 9001 in relation to the organization's
objectives. According to joint advice from the International Accreditation Forum (IAF), ISO's Policy
Committee for Conformity Assessment (ISO-CASCO) and ISO TC 176, auditors should be able to
demonstrate competency in:

 The requirements of the ISO 9001.

 The concepts and terminology of the ISO 9000.
 The eight Quality Management Principles
 A general understanding of the performance improvement guidelines of ISO 9004
 Familiarity with the auditing guidance standard ISO 19011.

A recent initiative between ISO/TC 176, ISO/CASCO and the IAF has been the establishment of an
ISO 9001 Auditing Practices Group, which has issued a number of web based guidance notes to
assist auditors.

ISO/TC 176/SC2/N1272 www.iso.org/tc176/sc02/public