Questions and Answers

ISO Management Systems Standards

1. Who publishes the standard, and where can I purchase it?

International Organization for Standardization based in Geneva Switzerland is the publisher. You can purchase ISO standards from their website: https://www.iso.org/standards.html. Standards can also be purchased from National Standards Bodies.

2. Is the standard available in different languages?

Yes, it is; details of the same can be found here: https://www.iso.org/standard/62085.html

3. When is the next revision of ISO 9001 coming? How frequently are standards revised / updated?

All ISO standards are reviewed every five years to establish if a revision is required. (Note: According to www.iso.org)

4. Is the Standard a legal document?

When conformance to ISO 9001 Standard Requirements is a part of a contract between a supplier and customer, the conformance to the requirement is legally binding. In some countries, it may also be a government regulation.

5. What committee is responsible for the ISO 9001 Standard updates?

Standards are developed by the people that need them - that could mean you. Standards committees include experts from both standards and industry. These experts are put forward by ISO's national members. If you want to shape future standards in your field contact your national member https://www.iso.org/members.html. For further information please use this link: https://committee.iso.org/home/tc176.

6. What is meant by the process approach?

The process approach is one of the seven principles of the Standard. Consistent and predictable results are achieved more effectively and efficiently when activities are understood and managed as interrelated processes that function as a coherent system. The rationale is that the quality management system consists of interrelated processes. Understanding how results are produced by this system enables an organization to optimize the system and its performance.

7. Does certification mean my business will gain more customers?

It is quite possible you may gain more customers; however, this is not a given. In situations where a customer requires you to have certification, you might lose business if you are not certified. The biggest benefit is achieved when the Standard is applied by the entire organization for all processes.

8. How do you make sure all certifying bodies have a consistent process for auditing?

ISO only creates the standards and does not govern / oversee the certifying bodies. That is performed by accreditation bodies. Accreditation is based on meeting the requirements of ISO/IEC 17000, ISO/IEC 17011, And ISO/IEC 17021 - Conformity Assessment Package.

9. Why is the Standard so generic?

The ISO 9001 Standard is written in a way that it is broadly applicable to just about any
organization. Thus, it comprises requirements that are universally applicable. However specific industries and companies may require to enhance the Standard according to their needs.

10. If I have suggestions for the improvement of the Standard, who should I contact?

Please contact the TC176. Standards development is a multi-stake holder process of global scale, and success depends on participation by different experts. Please do participate in this effort, here is the link to learn more and sign up: https://www.iso.org/developing-standards.html

11. How is risk addressed under the ISO 9001 Standard?

Prior versions of the Standard had an implicit reference to risk. The 2015 version clearly states that risk-based thinking is essential to achieve an effective QMS. The organization is encouraged to address both – risks and opportunities.

12. What exclusions are allowed in the ISO 9001:2015 Standard?

The prior version of ISO 9001 (2008) had a statement that any requirements within Clause 7 (Product Realization) that “cannot be applied due to the nature of an organization and its product…can be considered for exclusion, as long such exclusions do not affect the
organization's ability, or responsibility, to provide product that meets customer and applicable statutory and regulatory requirements.” Exclusion for clauses other than Clause 7 were not acceptable. The current version of ISO 9001 (2015) does not have an explicit explanation, but intent/expectation is there in Clause 4.3. An organization that cannot apply one or more specific requirements based on the nature of the organization and its product can consider them for exclusion. However, any such exclusion must be justified. If the organization elects to be certified to this standard, justifications for exclusions must be reviewed and accepted by the certification body.

13. Who is a registrar, and who oversees their work?

A registrar (aka certification body) is the organization that certifies an auditee has met the
requirements of the standard. They then issue the Certificate accordingly. An accreditation body oversees their work. Details of accreditation bodies are available at IAF Website; follow link below: https://iaf.nu/en/accreditation-bodies/

14. I have a complaint against the certification body, who should I contact?

Complaints against a certification body can be filed with national accreditation body. Details of accreditation bodies available at IAF Website; follow link below: https://iaf.nu/en/accreditationbodies/

15. I want to file a complaint against an auditor, how should I go about doing that?

Complaints against auditors should be filed with the national certification body since the auditor works for them. An alternate path is to approach the International Accreditation Forum (IAF): https://iaf.nu/en/home/

16. What is the benefit to my organization from getting ISO 9001 Certification?

This publication by ISO provides information on the benefits together with testimonials from leaders of various firms: https://www.iso.org/files/live/sites/isoorg/files/store/en/PUB100369.pdf

17. Do I really need a certification?

According to the publication above in question 15, “Certification to ISO 9001 is not a
requirement and you can use the standard to improve the way you work without being certified. However, third-party certification, when an independent certification body audits your practices against the requirements of the standard, is a way of signaling to your buyers, customers, suppliers and other stakeholders that you have implemented the standard properly.”
NOTE: In certain cases, customers may require evidence of certification as a pre-requisite to conducting business.

18. Can I self-proclaim compliance after making sure that we have complied with all the
requirements of the standard?

You can proclaim that, however, the QMS would not have been validated via examination by an independent third party. Further, self-proclamation will not lead to certification.

19. Do I really need a certificate on the wall?

If you do achieve certification, it is not necessary to display it on the wall. However, it will be beneficial to display it in your marketing materials.

20. Which industries or services does ISO 9001 apply to (or does not apply to)?

The ISO 9001 Standard is focused on management systems; as such it has universal application without regard to industry, service, for profit, or not for profit organizations. Any organization that has processes, stake holders, interested parties, and needs any kind of quality management will benefit from ISO 9001.

21. Why are the Standards not made available for free – just as the regulatory documents are?

The Standards organization has several expenses linked to their administrative role, oversight of standards development, and publication of the same. The revenues from the sale of standards help defray such costs.