The first quality standards were developed in the military sector at the end of the 1950s. The US Military Specification (MILQ-9858) – published in 1959 and adopted by North Atlantic Treaty Organization – is the first reference to a quality system.
In the following decades, the single countries developed different quality standards associated with a proliferation of specific rules for every field of operation; for instance, BS 5750 standards were introduced in the United Kingdom by British Standards Institution, UNI 8217 in Italy, NS 5801 in Norway and CSA Z299 in Canada.
Only during the 1980s, due to a stunning rise of sectorial and national quality standards, the International Organization for Standardization (ISO) undertook a program of rationalization, unification, and harmonization, concluded in 1987 with publication of the ISO 9000 standards. These standards became in a few years the international benchmark as far as the development of quality systems is concerned.
Before analyzing the ISO 9000 standards it is useful to clarify what the “standard” term means and to define the actors and the phases which take part in a standardizing process.
A standard is a document that includes guidelines or rules concerning specific activities, developed by a recognized institution with the aim of reaching the best possible practice regarding the execution of the abovementioned activities.
The willingness about standards obedience is clarified by a European rule (98/34/CE June 22, 1998) where it is specified that “a standard is a technical specification approved by a recognized standardization body for repeated or continuous application, with which compliance is not compulsory and which is one of the following:
International standard (ISO)
European standard (EN)
National standard (e.g., UNI for Italy).”
Standard relevance consists in providing precise references, defining the requirements for processes, products, and behaviors. The main goals of standards are
(1) convey information through a clear and univocal mean between all parts interested;
(2) improve the general economy of production systems, rationalizing the operations, unifying processes, and defining control processes;
(3) preserve human and environmental safety and security.
During the process of standardization, it has to be guaranteed:
(1) transparency, clarifying the fundamental stages which concern the approval process of a standard project;
(2) democracy, allowing all the interested actors to take part to the process; and
(3) mutual consent, through the approval of the standard text by those who contributed to write it.
It is crucial to discern technical standards from technical rules.
The latter have legal value and are usually given off by single national bodies, even though it is becoming stronger the tendency to uniform technical rules on international level (e.g., European Union Directives). The term compulsory certificate is often used to point out the compliance to the technical rules, which highlights the fact that their attainment is prescribed by law.
On the contrary, the technical rules generally show less restricting but essential requirements. The compliance to technical standards is usually referred as voluntary certificate.
However, despite the fact of being voluntary, standard requirements are frequently integrated in cogent documents by Public Administration because they impact directly on the security of citizens and on the environment.
Often, it may happen that some highly spread standards, whose requirements are perceived essential, become strongly relevant on contractual terms. In this case, the market makes the standard compulsory. ISO 9000 standards are an example because they became in some public sectors compulsory requirements to take part in tenders.
The standard structure works on three hierarchical levels: International (ISO), European (CEN), and National.
ISO is a non-governmental organization that works on developing, unifying, and coordinating standards at international level. Standard authorities of 157 countries are represented. Due to its supranational nature, the authority is highly decentralized and hierarchical, involving hundreds of Technical Committees (TC) that work on the standardizing process. It covers all scientific, technical, and intellectual fields with some exceptions, for instance, electrical and electronic fields are under the International Electrotechnical Commission (IEC) jurisdiction.
The TC that develops ISO 9000 standards is ISO/TC 176, which works on anything concerning “quality management and quality insurance.” Every year 50,000 highly qualified experts work on activities related to the standards. The authority structure is coordinated by the General Secretary, while the Technical Management Board (TMB) drafts policies, goals, and tools concerning the activities related to the standards. It is also TMB competence to supervise TC’s activities and the decision to make applicable ISO Council decisions. For instance, these decisions may concern the time for emission of the standards or the possibility for developing countries to be embodied in the processes. Since 1947 – year of its birth – ISO has published more than 17,500 ISO.
Thirty European countries are involved in the CEN with one representative for each country. The 30 members, with different representatives from European Federations and EU Commission, form the Bureau Technique (CEN/BT), the body which works on defining CEN technical policy, as TMB does for ISO. English is the official language and the Secretary relies on CEN Management Center. Since its year of foundation (1961), CEN worked on the acquisition and the development of standards at European level in all sectors, apart from the electrical one for which CENELEC is responsible.
CEN aims at removing national barriers through the publication of standards able to balance technical rules coming from every nation. In this case, activity related to standards is entrusted to European TC’s that involve more than 60,000 specialists. The Technical Committee Management Board instead, controls TC activities, checks work status, and standard’s period of publication. These periods must not last more than three years.
Standards realized by CEN, usually inspired by ISO standards, are signed by “EN.” This theme point out standard homogeneity in all Europe. Country members of the CEN ought to respect these standards, which cannot be in contrast with national standards.
“END” standards, produced on EU Commission request to support European Directives that are called “balanced” standards. CEN, differently from ISO, has to report its standard activity to EU rules, calling off standards in contrast with them.
The standard process at all levels (Italian, European, and International), follows the same path and consists in four phases:
(1) Study. The request to begin a standard process can come either from a decision taken by technical bodies – like the Bureau Technique (CEN) or the Technical Management Board (ISO) – or from a Commission’s proposal. A feasibility study has to be done in order to evaluate standard necessity, advantages, resources, and available competences needed. If the result is positive, the second stage begins.
(2) Document writing. This activity is competence of a technical body, chosen according to the sector which the standards belongs to. Technical bodies are organized in teams made up by experts. A standard draft is created, and this draft must be approved by all involved members. Usually, this step should be completed after a couple of years.
(3) Public communication. Using the media, the standard text is available for the stakeholders from two to six months depending on the type of document. In this way, it is possible to correct and improve the standard collecting feedbacks from all the stakeholders.
(4) Approval and publication. For national standards, the final project is scrutinized by the Central Technical Commission, while at the European and International level, the approval of national standard bodies is requested. Every CEN member has to adopt EN standards and delete national standards in conflict with them. This obligation does not exist for ISO standards, as a matter of fact they can be voluntarily adopted.
Before releasing an ISO 9000 certificate, the certification body plans with the company some audit to verify the effective implementation of the standards and the quality management system (QMS).
ISO 9000 standard gives audit definition and highlights the different typologies.
An audit can be defined as a systematic and documented process with the goal to achieve an evidence not contaminated by subjectivity. The objectivity is used to verify that the audit criteria are constantly respected.
The standards distinguish between internal audits and external audits.
The internal audits, or first-party audits, are those audits carried out by the organization itself. There can be many reasons to require an internal audit, but usually the final goal is to verify the conformity of the internal processes. For these audits, it is difficult to demonstrate independence.
Whereas the external audits are divided into second-party audits and third-party audits. The first category of audits (second-party) is generally carried out by the external stakeholders while the second type of audits (third-party) is carried out by independent auditing organizations (private or governmental).
As far as the audit is concerned the TC ISO/TC 176 produced ISO 19011 standard which presents the “guiding lines for audit concerning quality and/or environmental management systems.” Supervisors’ competence is one of the most important aspects to guarantee effectiveness and credibility to the certification system.
The procedure allows to arrange a date for the audit; the interested company has in this way the opportunity to prepare itself and inform the staff.
ISO/IEC 170211 standard defines in detail the certification process: in order to release the certificate two audits, named “stage 1” and “stage 2,” are necessary.
In the “stage 1” the evaluation concerns: organization’s goals and processes; aim of the certification request; the documentation; level of maturity in QMS2 application; cogent rules3; and internal audit planning and execution, management re-examination.4 During “stage 2,” the following aspects are evaluated: planning, realization, and control of the productive process, and operative implementation of the QMS.
The pathway which allows to eventually release the certificate does not end up with the audit; after having verified all the papers, at the end of every “stage,” the Verifying Group (designated by the certification body) analyzes and classifies with the customer eventual non-compliances. It will be customer’s task to define corrective actions, to adopt and establish the temporal period for their implementation. The certification authority will then verify the suitability, the effectiveness, and the actual realization of these interventions, if necessary also with another audit. The period of time between “stage 1” and “stage 2” must be adequate in order to solve problems highlighted during “stage 1.”
After having solved all non-compliances, the certification body deliberates on releasing the certificate.
During the period of the certificate’s validity, specific bodies conduct surveillance visits, usually annual, to control the retention of conditions and to verify the presence of other non-compliances. If compliances are identified and not corrected in the terms established by the authority, it might lead to the suspension of the certificate. ISO/IEC 17021 standard establishes that the first surveillance audit has to be done before a year after the ending of “stage 2.”
When the certificate expires after a certain period of time, a new audit is conducted to release it again.
Besides, two other types of audit are established: audit without giving notice, usually made after complains toward the certified organization, and supplementary audit, to extend the certification to new sites or activities (e.g., organization that introduces a new project activity).
Until 2008’s version ISO 9001 standard was made up of eight chapters, whereas with 2015’s edition, the standard has been changed also as far as the structure is concerned, passing from eight to 10 chapters (in addition to the introduction).
The 10 chapters are:
Chapter 1: Scope of the standard.
Chapter 2: Normative references.
Chapter 3: Terms and definitions (reference to ISO 9000 standard).
Chapter 4: Context of the organization: in which the general requirements that concern the organizational environment, the processes, and the QMS application field are underlined.
Chapter 5: Leadership: this section focuses on management role and responsibilities.
Chapter 6: Planning: new chapter introduced to highlight a new prospect of planning and process management strongly linked to risks (Risk Based Thinking).
Chapter 7: Support: in which requirements concerning organization resources are described, paying particular attention to human resources and infrastructures.
Chapter 8: Operation: in this section, the requirements affecting all the processes linked to the realization and sale of goods and services are presented.
Chapter 9: Performance Evaluation: embodies all the requirements concerning measurement processes, audit and monitoring activities.
Chapter 10: Improvement: focusing on requirements linked to the processes of continuous improvement; from this edition, it has been separated from the measurement activities.
In particular, this change let the standards being more adherent to Plan Do Check Act (PDCA) approach that nowadays is commonly used by many companies for process management and improvement. This change not only has involved ISO 9001 standards but also ISO 14001 and ISO 45001 with the aim of aligning the standards and making them an easier tool to understand and integrate.
Since 2000’s edition of ISO 9000 (vision 2000), seven general quality management principles have been taken into consideration which have to be followed to successfully manage a company, increasing repeatedly the performances and taking into consideration stakeholders’ needs.
These principles have been described in the ISO 9000 and are usually mentioned in ISO 9001 requirements. We report below the list of principles with a short description taken from UNI EN ISO 9000.
a) Customer focus
The customer is the first stakeholder to take into consideration and his satisfaction must be the first goal of an organization.
b) Leadership
One of the most innovative concepts introduced by the vision 2000 is the focus on management responsibilities as far as QMS is concerned. Besides, the management board has the important task to define quality policies and goals, ensuring the right resources.
c) Engagement of people
The ability to involve all the human capital of the company in the QMS process is important to create and deliver value.
d) Process approach
Nowadays, all companies around the world work through interrelated processes in order to be more effective and efficient.
e) Improvement
ISO 9001 standard, since 2000, clearly establish the PDCA5 approach as the most important tool for continuous improvement.
f) Evidence-based decision-making
Decisions taken after a deep and objective evaluation of data are the best way to achieve the desired goals of the organization.
g) Relationship management
In order to guarantee a long-lasting success, a company should invest in and manage the relationship with all its stakeholders (e.g., suppliers).
Since vision 2000’s publication, critics move about the heaviness of the requirements related to the documentation have been taken into consideration. A distinction has been made between the compulsory documentation established by the standards and a series of papers, necessary to the organization for planning, realizing, and monitoring the processes. Operative procedures, work instructions, and all modules and data referred to the processes of the company are all included in the last group.
Instead, for “cogent” documentation of the QMS, as prescribed by ISO 9000 standard, we refer to:
documented statements for quality policies and goals;
documented procedures; and
registrations.
Passing from ‘94 ISO 9000 edition to the vision 2000, there have been significant changes as far as structure, principles, and standard requirements are concerned, in order to make them more efficient, complete, and flexible for quality management. Besides, these changes clarified the content, made more understandable the requirements without altering the innovative aspects introduced with vision 2000.
Now we analyze some areas in which 2000 edition has introduced significant novelties.
In 2000 ISO 9001 edition and, more intensively, in 2008 and 2015 editions, important actions have been taken to clarify standard requirements in order to make the text more understandable to all members of the organization.
In order to achieve this aim, it is crucial to mention the fact that the standard should not to be trivialized. On one hand, there is the aim of clarifying the text, on the other hand, a lack of technical language and precision is not allowed. To reach an acceptable compromise, a section on “terms and definitions” can be found in the text of the ISO 9000. The meaning of some technical terms used in ISO 9001 standard is explained in this section. Moreover, a clear hamper to comprehension is represented by the translations; often they introduce hints or misunderstandings not present in the English original text (Conti & De Risi, 2001).
In Chapter 7, ISO 9001 standard tackles the resource management and focuses on three types of resources: human resources, infrastructures, and work environment. High relevance is given to human resources, in accordance with the third quality principle that recognizes people as essence of the organization. In particular, the focus is put on competence, training-formation, and staffing.
In fact, an organization should determine the competences that its personnel should have to perform in conformity to product/service requirements, provide and track training courses to achieve that level of competences, and evaluate the actions taken to empower its employees. An organization should also inform its employees about the importance of their contribution to pursue the organization’s goals.
Moreover, ISO 9004 underlines the importance to involve the staff, because it proactively contributes to the success of the organization. Employee’s satisfaction has to be increased through encouragements, incentives, and other tools.
ISO 9000 revision of 1994 recognized three different contractual models linked to the different production stages (purchasing, planning, production-fabrication, and assistance) that the company must include in the QMS. With the vision 2000, the three models have been unified in a single standard (ISO 9001) giving few chances to exclude some requirements.
It is impossible to adopt the standard only for some production stages, gaining a partial certification; instead, all the processes that, directly or indirectly, may influence the quality of the product or the customer satisfaction should be taken into consideration (Conti, 2001).
The requirements for which the exclusion can be taken into consideration are only those concerning product realization and not those concerning the QMS processes.
In order to avoid opportunistic conducts if an organization decides to outsource some processes to other organizations and the processes may influence the conformity of the product, the organization has to take the responsibility also for the control of these processes.
It is clear that these standards can represent an efficient tool for quality management because they lead to a rationalization of the processes. These processes, resulting more effective and efficient management, bring therefore an improvement in product quality. Acting in this way the “non-quality” cost, which influence heavily organization profits, is reduced as happens though the application of other standards (Orzes et al., 2018; Orzes, Jia, Sartor, & Nassimbeni, 2017; Sartor, Orzes, Di Mauro, Ebrahimpour, & Nassimbeni, 2016; Sartor, Orzes, Touboulic, Culot, & Nassimbeni, 2019).
Moreover, other advantages achieved through the correct application of these standards are the improvement of internal and external communication and the acquisition, by staff members, of higher awareness in terms of roles, tasks, and responsibilities.
In particular, the effort made to involve and train the staff, despite being onerous in terms of resources and subject’s adaptability, leads to an increase in performances; besides, the staff itself, growing its awareness as stakeholder, can give new and useful suggestions for improvement.
We should not forget that monitoring interventions, requested by the standard, let us identify the factors which customers are more sensible about and highlight the critical points of intervention to increase their satisfaction. Moreover, it is possible to establish a strategical relationship based on lasting loyalty, increasing in this way the profits and achieving a stable and competitive position on the market.
An organization can adopt ISO 9000 to obtain clear competitive advantages (Nassimbeni, Sartor, & Orzes, 2014); however, it has to be reaffirmed that the strategical decision to adopt a QMS may not be pushed by the only necessity to be certified, but should be intended as a productive investment.
Conti, T. & De Risi, P. (2001). Manuale della qualità. Milano: Il Sole24ORE.
Nassimbeni, G., Sartor, M., & Orzes, G. (2014). Countertrade: Compensatory requests to sell abroad. Journal for Global Business Advancement, 7(1), 69–87.
Orzes, G., Jia, F., Sartor, M., & Nassimbeni, G. (2017). Performance implications of SA8000 certification. International Journal of Operations and Production Management, 37(11), 1625–1653.
Orzes, G., Moretto, A. M., Ebrahimpour, M., Sartor, M., Moro, M., & Rossi, M. (2018). United nations global compact: Literature review and theory-based research agenda. Journal of Cleaner Production, 177, 633–654.
Sartor, M., Orzes, G., Di Mauro, C., Ebrahimpour, M., & Nassimbeni, G. (2016). The SA8000 social certification standard: Literature review and theory-based research agenda. International Journal of Production Economics, 175, 164–181.
Sartor, M., Orzes, G., Touboulic, A., Culot, G., & Nassimbeni, G., (2019). ISO 14001 standard: Literature review and theory-based research agenda. Quality Management Journal, 26(1), 32–64.
ISO/IEC 17021
UNI EN ISO 9000:2015 and previous editions.
UNI EN ISO 9001:2015 and previous editions.
UNI EN ISO 9004:2018 and previous editions.
UNI EN ISO 19011:2018 and previous editions.
UNI EN ISO 14001:2015 and previous editions.
1 “Conformity assessment. Requirements for bodies providing audit and certification of management systems” which replaced the ISO 45012.
2 The term “quality management system” is often replaced by “QMS”.
3 Obligatory in relation to current laws.
4 UNI EN ISO 9001 standard advocates that the management has to re-examine periodically the organization’s QMS in order to ensure its suitability, adequacy, and effectiveness. This re-examination must evaluate the opportunities for improvement and the need to modify the QMS, including its quality policies and goals.
5 Plan-Do-Check-Act.