Have a question? We'll do our best to give you a considered answer. Contact us
Here are some recurring questions of general interest:
FAQ 1. What does it cost to get registered to ISO 9001?
FAQ 2. Why do some companies charge extra for "ISO 9000 Quality"?
FAQ 3. Why do I get bad products from an ISO 9000 registered supplier?
FAQ 4. How does ISO 9000 apply to Medical Devices?
FAQ 5. An ISO 9001 registered company could sell concrete life jackets to its customers provided they controlled the design and manufacture. True?
We prefer not to guess at consulting costs sight unseen and we avoid fixed price consulting packages because they lead to abler, better organized clients subsidizing the weaker ones. We will cheerfully answer this question after a face to face meeting with the prospective client.
Here are the major components of the cost of registration to start your thinking. The internal cost of your own resources for preparation are probably the largest single item, though few companies track this.
Preparation: Describing and understanding your business processes, persuading managers and others, documenting policies, procedures and methods, setting up record keeping systems, applying all this in practice.
Services: Training, education, calibration, maintenance, ... Do it yourself or outsource.
Consultation: Optional, but someone who has guided others can help you find effective solutions faster. The harder you are prepared to work, the less of this you need.
Registration: The registrar charges fees for reviewing the system documentation, auditing its application in practice and maintaining your registration. Registration is now a competitive business. Get several quotes and look for value added. Remember that your relationship with the registrar will be long term. Make sure you choose someone you want as a partner.
Maintenance: Correction, prevention, customer satisfaction monitoring and system improvement are part of ISO 9000:2000. The registrar will conduct regular maintenance and re-registration audits of your system as part of their contract.
ROI: More important than cost is the question, "What is the return on investment for registration?"
First, bear in mind that "registration" is a separate issue from "compliance". If you have an ISO 9001 compliant system, you have documented and you are doing everything required by the standard and by your business processes. The return on this investment is a no-brainer (see Quality Costs). You have enhanced your business management systems to assure quality and avoid the costs of "unquality".
A compliant organization may well question the value of registration if: 1) none of its customers or prospects insist on registration; 2) none of its competitors is registered or preparing for registration, or 3) it is not producing products for the medical, electrical, automotive, aerospace, nuclear or similar sectors where public safety and regulatory compliance require a registered quality system. Nevertheless, many companies find that the registrar's third party audits are a valuable service that helps to motivate improvement, identify opportunities and provide management with an independent assessment of the operation.
At this time, we should dispel one more misunderstanding. Some consulting organizations have offered to create "instant" or "overnight" compliance by writing and delivering Quality System documentation. Any such claim is nonsense. The documentation may well comply with the standard, and may even be reasonably well tailored to your organization, but to be in compliance with ISO 9001 means that you have both documented and demonstrably implemented the system described. Implementation takes time because it involves training and reinforcement to instill new practices and break old habits.
This question keeps recurring in various forms ... "Can I take on two kinds of contract, with and without ISO?", "Can I set up a separate, unregistered subsidiary for cut-rate work?"
For the most part, these questions miss the point that your Quality Management System works for you. Why would you want to deliberately mismanage your company? Do you really believe that mismanagement will save you money?
However, the question has a legitimate side. If the documentation, test results and other quality records for your product are deliverable to your customer, or if there are exceptional requirements for traceability, there is a case for billing the extra work of preparation, review and delivery. Remember, however, that charging for activities and deliverables is not the same as running a competent quality management system. You may charge what the market will bear; you must manage competently or you will go out of business.
As for using an unregistered subsidiary for low priced work: this has been tried, but the saving is often illusory and managers and employees often become confused when switching between "high" and "low" quality work. In fact, if your formal QMS is adding significantly to your total cost of goods and services, it was probably poorly designed, with an emphasis of formal compliance rather than business effectiveness. Have a look at the comments on Quality Value and Quality Costs.
This is a surprisingly common question from commercial customers who buy components and materials. There is no guarantee against human error, mechanical failure or any number of events triggering a problem, even in the best of companies; however, if your supplier is to meet the requirements of the standard, they must respond not only with a direct answer to your complaint, but with measures to find and eliminate the cause.
If you continue to experience the same problem, have a serious talk with the supplier and demand their commitment to effective action. The supplier's registrar should detect chronic failures of this type in regular audits and require correction as a condition of continued registration.
If you have real difficulty getting your supplier's attention, change suppliers if possible. Lodging a complaint with their Quality System Registrar will also raise awareness, although inviting a third party into the argument should be a last resort.
FAQ 4. How does ISO 9000 apply to Medical Devices?
On May 27, 1998, Health Canada announced the "Renewal of the Medical Devices Regulations" governing the manufacture and sale of devices for medical diagnosis and treatment. Manufacturers are required to have appropriate licenses for the devices they produce for sale in Canada.
Effective January 1, 2003, registration of the manufacturer's Quality Management System (QMS) to: ISO 13488:1996 (for Risk Class II devices) or ISO 13485:1996 (for Risk Class III and IV devices) became a requirement to obtain or renew such a license. ISO 13485:1996 was titled "Quality Systems - Medical devices - Particular requirements for the application of ISO 9001:1994" (ISO 13485:1996 was analogously based on ISO 9002:1994). This implied that Medical Device Manufacturers must maintain an ISO 9001- or 9002-registered QMS, with particular provisions for medical devices, as the basis for compliance and licensing.
However, in December, 2000, ISO 9001 was fundamentally rewritten with significant differences from its predecessor. ISO 13485 has now been revised to align it with the new ISO 9001 but it is is now a "stand alone" standard because of several divergences from ISO 9001.
ISO withdrew ISO 13485:1996 and ISO 13488:1996 on July 15, 2006, three years after the publication of ISO 13485:2003 but Health Canada imposed a slightly shorter coexistence period during which either version of the standard would be accepted as the basis for licensing. All manufactures of Class II, III, and IV medical devices renewing or applying for licences after March 15, 2006, have been required to prove registration to ISO 13485:2003.
The registration must be provided by a registrar qualified under the Canadian Medical Devices Conformity Assessment System (CMDCAS).
To demystify this puzzle and assess your organization's readiness, contact us at Collier Management Consulting.
FAQ5. An ISO 9001 registered company could sell concrete life jackets to its customers provided they "controlled" the design and manufacture. True?
This bit of nonsense has been repeated, thoughtlessly, ad nauseam, for years. It is high time we removed it from circulation!
ISO 9001:2000 states explicitly that organizations must comply with laws and regulations when they provide products and services to their customers. Section 7.3.2 of the Standard, "Design and development inputs", states that design inputs "shall include ... applicable statutory and regulatory requirements...". (Incidentally, the previous version of ISO 9001 also identified "statutory and regulatory requirements" as design inputs. This is not new!)
To address this particular case, Canada, like most countries, defines the requirements for life jackets in Department of Transport regulations. These legal requirements form part of the product specification. Ignoring them explicitly violates both the law and the Design Control requirements of ISO 9001:2000.
An organization is obligated to be aware of and comply with all legal requirements relevant to their business and to incorporate them into their products and services without exception.