ISO Certification: How to Get it and Why

Return to main page


Digital Library > Operations and Technology > ISO certification"ISO Certification: How to Get it and Why"

More organizations are becoming ISO-certified than ever before, and many are limiting their business relationships to similarly certified companies. Learn how your company could benefit from ISO certification.

OVERVIEW [top]

The number of ISO-9000 registered companies in the United States has increased significantly, with more than 30,000 organizations already certified and approximately 700 new businesses being certified each month (ISO press release August 3, 2000). Simultaneously, there is a trend toward forming long-term relationships with other quality-oriented or environmentally conscious suppliers. However, ISO is still relatively new to many business owners, and it's often mistakenly associated only with manufacturers and large corporations.

In this Quick-Read you will find:

  • A brief explanation of ISO 9000 and ISO 14000.
  • The benefits of ISO certification.
  • An outline of the ISO-certification process.

SOLUTION [top]

What is ISO 9000? ISO 14000?

The International Organization for Standardization was established to promote the development of universal standards for facilitating international trade. Experts in quality assurance from each participant country provide input to a committee responsible for the ISO standards. The first set of standards, published in 1987, mandated that the standards be reviewed and, if necessary, revised every five years.

Already accepted as the norm in more than 120 countries, ISO 9000 is the collective term given to a set of quality-assurance systems designed to assure purchasers of products and services sold around the world that production methods and after-sale service will be consistent. The ISO-9000 standards were revised at the end of the year 2000. Organizations with ISO-9000 certification based on the 1994 standards will be able to recertify under those standards until 2003, after which they must be certified under ISO 9000-2000.

Less well-known but growing in popularity, the ISO-14000 series addresses environmental management standards in production and disposal. There were over 1000 organizations in the United States with ISO-14000 certification at the end of the year 2000 (ISO Survey of ISO 9000 and ISO 14000 Certificates). ISO-14000 revisions are scheduled for publication in 2002. Both ISO 9000 and ISO 14000 deal with documentation and consistency of the processes involved in production, and do not prescribe standards for the production process or the final product or service itself. Any impact on the standardization of a product or service is an indirect result of the processes.

Some purchasing agents give preference to ISO-certified vendors.

What organizations should consider ISO 9000, 14000?

ISO standards are applicable to companies of all sizes in any industry, from manufacturing to biotechnology to retail, with the exception of those related to electrical and electronic engineering. ISO compliance is voluntary.

Reasons to consider ISO certification

Most companies seek ISO-9000 certification to:

  1. Implement quality controls over products and services to attain consistency.

  2. Make planning processes more effective and efficient through consistency.

  3. Eliminate added service costs associated with poor quality.

  4. Improve production efficiency.

  5. Contribute to good relations with regulatory agencies and the public.

  6. Satisfy customers who require ISO-9000 and -14000 certification of all their vendors.

The reason not to

Cost. In the short run, certification preparations take resources away from production operations, and ISO-14000 audits may reveal new obligations for change to meet regulations.

What is involved in the certification process?

A company seeking certification must document and implement effective quality-control or environmental-management processes that meet the ISO requirements. You can get help from an ISO consultancy service that will take you through the entire certification process, or obtain the guidelines from the International Organization for Standardization if you opt to do the work independently.

Once processes have been fully developed and internally tested, an independent, accredited third party completes an audit to ensure your system satisfies the ISO requirements. Even after receiving certification, companies are subject to re-audits to ensure problems or variances do not reoccur.

It is possible to do your own audit and declare that you are in compliance. Government agencies and customers are likely to have more confidence in the declaration if your internal auditor is certified by ANSI, still more confidence if the audit is by a third party, and the most confidence if the audit is by a third party certified by ANSI.

REAL-LIFE EXAMPLE [top]

With a growing number of worldwide businesses, particularly in the European Union, looking to do business with ISO-certified companies only, seeking ISO-9000 certification made good business sense for ConMed Corporation in New York state. ConMed, manufacturer of disposable medical devices and powered arthroscopic surgical equipment, started working with a consultant in 1997. Simultaneously, it began internal training of various levels of personnel. Fifteen months later, following a successful first audit, ConMed had its certification.

Fortunately, ConMed had a good documentation system in place before beginning the ISO process. As a manufacturer of a medical device, ConMed is subject to regulation, including documentation, and inspection by the FDA. It had to incorporate elements of the ISO documentation system into its existing system.

"It was a time-consuming process but not incredibly difficult," recalls Nancy Crisino, Regulatory Affairs/Quality Assurance officer for ConMed. "We did hire two people to work as documentation specialists who actually pulled the hard-copy system together."

According to Crisino, employee training was their largest expense. Employees were removed from their regular duties to complete the training for the new documentation procedures required for ISO and for the ongoing internal audits to maintain the certification.

Another cost is the consultant fee, although Crisino notes that an experienced ISO consultant can save you time and money in the long term. Consultants can direct you through the process, saving you the cost of unsuccessful attempts at certification audit. For ConMed, it meant passing their audit on the first try. Costs can be recovered if the ISO certification opens your business to new markets and, subsequently, increased trade.

"Our sales in Europe have increased, and the Pacific Rim sales have increased, too," Crisino says.

While ConMed's certifying organization was and continues to be a great source of information and advice, Crisino adds that all certifying organizations are not viewed equally. "Some are thought to be more difficult to obtain certification from and these command a higher level of esteem than others." Crisino likens it to receiving a degree from Oxford versus a small local university.

Crisino suggests that those looking to begin the ISO accreditation process start by examining existing processes and procedures within their companies. If you do not have these in place, start writing! You will need to do the work for ISO certificati on.

DO IT [top]

  1. Perform a cost benefit analysis. If you are going to commit to ISO certification, you should first analyze the added cost of doing business — not the certification process, but any additional overhead costs that you will face to follow ISO standards. Likewise, research the companies or markets that will do business with you because you have ISO certification. Get a feel for how much your business will increase if you have certification. The idea is to increase your sales so that ISO-certified products won't cost more to your customers, especially your existing customers.

  2. Involve your staff. ISO certification is a team effort, not just upfront but ongoing. Make certain that they understand the importance of the project, including the cost involved. If they are not supportive, it could sabotage your project or prolong it unnecessarily.

  3. Hire or appoint a QA specialist. Depending on your business, it could be a full-time or long-term part-time position, but will most likely be a full-time position from the beginning.

  4. Document. If you do not have your policies and procedures documented, start now. You can start with a single consultation on what is needed, but there is no need to have a consultant sitting around accruing fees while you document from scratch.

  5. Be aware of your audience. Write your procedures so that a nonemployee — someone unfamiliar with your premises, machinery or suppliers — could easily use them to conduct operations.

  6. Hire a consultant. The short-term cost may be high, but it will save you time and money in the long run. Also, check your consultant's references. Make sure his or her clients are passing certification audits on the first or — at most — second attempt.

  7. Select a certifying organization. Research the organization both within your industry and within the industry with which you do business. If the organization does not have a good reputation, it may reflect badly on you.

  8. Don't scrimp on training. Your staff must not only implement and maintain your processes but also train all future workers on your ISO-standard processes.

  9. Create incentives. Consider placing an incentive, either for all or for the key ISO-project people, on completing certification on the first attempt. You may be able to work this into your consultant's contract, too, saving you fees if you do not pass on your first try.

RESOURCES [top]

Books

How to Make Money with ISO 9000: A Guide to Profitable Quality Management by James Highlands (McGraw-Hill, 1999).

ISO 9000 Quality Systems Handbook: ISO 9000: 2000 Version by David Hoyle (Butterworth-Heinemann, 2001).

ISO 9000 Answer Book, 2nd edition, by Rob Kantner (Wiley, 2000).

ISO 14000 Handbook, revised edition, edited by Joseph Cascio (ASQC Quality, 1998).

ISO 9000-2000 Collection (of downloadable standards) (ANSI, 2000).

ISO 14000 Collection (ANSI, 1997). Paper copies for these two collections are available from Global Engineering Documents. Enter "iso 9000 collection" or "iso 14000 compendium" in the search blank to display the item descriptions.


Internet Sites

International Organization for Standardization

ISO Easy

Frequently Asked Questions about International Standards, from American Institute of Consultants


Article Contributors

Writer: Tracy MacNicoll

Related Articles

Saving Money With Better Energy Efficiency

Heads Up! B2B E-Procurement Is Hard at Work

Quality Makes the Difference

Moving Closer to the Talent Pool

Just-in-Time Inventory Management



Operations and Technology

Articles in our Entrepreneur’s Resource Center appeared in print and online newsletters published previously by the foundation. More than 1,000 articles can be found in the categories below, addressing timeless challenges faced by entrepreneurs of all types.