How are ISO standards developed

ISO standards are developed according to the following principles.

• Consensus
  The views of all interests are taken into account: manufacturers, vendors and users, consumer groups, testing laboratories, governments, engineering professions and research organizations.
  
  
• Industry wide
  Global solutions to satisfy industries and customers worldwide.
  
  
• Voluntary
  International standardization is market driven and therefore based on voluntary involvement of all interests in the market-place.
  
  

There are three main phases in the ISO standards development process as follows.

1. The need for a standard is usually expressed by an industry sector, which communicates this need to a national member body. The latter proposes the new work item to ISO as a whole. Once the need for an International Standard has been recognized and formally agreed, the first phase involves definition of the technical scope of the future standard. This phase is usually carried out in working groups which comprise technical experts from countries interested in the subject matter.
2. Once agreement has been reached on which technical aspects are to be covered in the standard, a second phase is entered during which countries negotiate the detailed specifications within the standard. This is the consensus-building phase.
3. The final phase comprises the formal approval of the resulting draft International Standard (the acceptance criteria stipulate approval by two-thirds of the ISO members that have participated actively in the standards development process, and approval by 75% of all members that vote), following which the agreed text is published as an ISO International Standard.

It is also possible to publish interim documents at different stages in the standardization process.

Most standards require periodic revision. Several factors combine to render a standard out of date: technological evolution, new methods and materials, new quality and safety requirements. To take account of these factors, ISO has established the general rule that all ISO standards should be reviewed at intervals of not more than five years. On occasion, it is necessary to revise a standard earlier.

To date, ISO's work has resulted in over 16 000 International Standards, representing more than 620 000 pages in English and French (terminology is often provided in other languages as well).

A list of all ISO standards appears in the ISO Catalogue.

see the new standard ISO9001 version 2008

ISO/TC 176 Information..

I believe Piney has combined information on ISO 9000:2000, ISO 9001:2000 and ISO 9004:2000.

ISO 9000:200X is already at the FDIS (Final Draft Interantional Standard) stage. This means that ISO 9000:200X could be published as an International Standard by the end of 2005.

The plan is to Amend ISO 9001:2000 and to Revise ISO 9004:2000. Amend means to clarify content to improve useability of the standard. There should be no changes to requirements. Revise means to clarify and to change requirmeents. Keep in mind that ISO 9004 is a non-normative standard. There really are no requirements within ISO 9004 from a certification standpoint. There are requiremtns within ISO 9004 if an organization chooses to implement it for improvement purposes.

Both the amendment to ISO 9001 and the revision to ISO 9004 are expected to be completed by 2008 based on how long the amendment / revision process has taken in the past. If there are lots of arguemnts and disagreement amongst member bodies, it may take even longer.

Regards, Dirk

Next Revisions to ISO 9001 - 2008 Addendum - 2010 Revision

Preliminary information I received from a member of the TC 176 committee this morning:
2005 - there will be an addendum to ISO 9001:2000 brought out that will more clearly define much of the terminology in the standard.

2008- another addendum

2010 - next revision to the standard ISO 9001:2010, although there continues to be much discussion on this.

Type and Extent of Control to be Applied - ISO 9001:2008 is the interesting topic!!

Interesting topic, Sidney. This sounds like Agency Theory. I really like this link to Agency Theory, as it cites the seminal papers.

Starting off, everything is great. They negotiate a low price and high quality to establish your business. After the honeymoon is over, they will incrementally go up on price, down on quality, or both. Eventually like with Economies of Scale, the supplier will get close to the marginal utility (or barrier to exit), and either lose your business, or reign things back in.

Seeing the stuff they make their vendors do, I guess Wal-Mart can objectively demonstrate sovereign reign over their outsourced processes!

Sidney, I am probably not even close to your initial query. I see this more on the operational level of the strength of the Supply Chain relationships, and the level of control the agent has. As with E-Technology (Harland et al, 2007), implementation of E-technologies in SME's is largely dictated by customer pressure. The greater the agent strength, the more control (to the point of satisfying internal quality requirements) will be exercised.

The level of compliance by outside vendors reminds me of the many addressing NADCAP and it's implementation. If they can afford it, suppliers told Boeing to take a leap. If Boeing needed them, they had to overlook it. If the vendor needed Boeing's contracts, they complied and implemented it.

__________________
Brad

I agree with you about the risk...

I agree that risk is to be considered. But I was looking for examples of what people would expect to see as a way to demonstrate control over outsourced processes.

As I mentioned earlier, just specifying the product/service being purchased, via PO and/or contract does not raise (imo) to the level of control. So, if we stick to the example of an outsourced design package, what would constitute control in the context of the ISO 9001:2008 standard?

If you mandate the supplier to comply with paragraph 7.3 of ISO 9001, what would be the evidence to you, the customer, that they complied with? A self-declaration of conformance? A customer audit? A 3rd party audit? An ISO 9001 certificate? An accredited ISO 9001 certificate? An IAF "endorsed" accredited ISO 9001 certificate? An IAF "endorsed" accredited ISO 9001 certificate, issued by a reputable registrar?

Reply: Outsourced Processes - Type and Extent of Control to be Applied - ISO 9001:2008

It would depend on the risks associated with the outsourced process and product. For some activities such as a low-risk machining process, the information on the Purchase Order and a drawing will suffice.

For some processes such as product design; that obviously would require many more controls to ensure that the resulting design will meet the requirements.

Risk and reputation (competency) of the supplier will dictate what controls must be deployed.

Stijloor.

Type and Extent of Control to be Applied - ISO 9001:2008 DIS

According to ISO 9001:2008 DIS, an organization must define the type and extent of control to outsourced processes.

According to the N526 - Guide to the Terminology used in ISO 9001:2000 and ISO 9004:2000 document, the definition of control is :

• power to give orders or to restrain something
• means of restraining or regulating
• standard of comparison for checking the results of an action or measurement.

So, I would like to start a debate on what quality professionals, knowledgeable about ISO 9001 on the adequacy of controls which would be deemed acceptable. We know that it is not a requirement for ISO 9001 compliant organizations to flow down ISO 9001 compliance to their suppliers. However, just specifying certain requirements for outsourced processes in a contract and/or PO is no guarantee that the supplier will perform adequately.

For example, if an organization outsources the design of a product to a design-house, what would be the expected controls to be exercised for this supplier? Would compliance to ISO 9001 section 7.3 be mandated? How would the customer assure that the supplier conforms with such requirements? What about other associated requirements, such as the competence of the people performing design work? Would a requirement such as that need to be explicitly invoked?

Opinions welcomed.

from http://elsmar.com/Forums