|
site-map
ISO’s business management definitions - explained using simple wording in order to make them easier to understand.
Audit
An audit is an evidence gathering process. Audit evidence is used to evaluate how well audit criteria are being met. Audits must be objective, impartial, and independent, and the audit process must be both systematic and documented. There are three types of audits: first-party, second-party, and third-party audits. First-party audits are internal audits. Second and third party audits are external audits. Organizations use first party (internal) audits to audit themselves for internal purposes. However, you don’t have to do them yourself. You can ask an external organization to carry out an internal audit on behalf of your organization. You can also use first party audits to declare that your organization complies with the ISO 9001 standard (a self-declaration). Second party audits are external audits. They’re usually done by customers or by others on their behalf. However, they can also be done by any external party that has an interest in your organization. Third party audits are external audits as well. However, they’re performed by independent (disinterested) external organizations. Third party audits are used to determine whether or not an organization complies with the ISO 9001 standard. Third party auditors are referred to as registrars or certification bodies.
Audit criteria
Audit criteria include policies, procedures, and requirements. Audit evidence is used to determine how well such audit criteria are being met. Audit evidence is used to determine how well policies are being implemented, how well procedures are being applied, and how well requirements are being met.
Auditee
An auditee is an organization that is being audited. Organizations include companies, corporations, enterprises, firms, charities, associations, and institutions (or some combination of these). Organizations can be either incorporated or unincorporated and can be privately or publicly owned.
Audit evidence
Audit evidence includes records, factual statements, and other verifiable information that is related to the audit criteria being used. Audit criteria include policies, procedures, and requirements. Audit evidence can be either qualitative or quantitative. Objective evidence is data that shows or proves that something exists or is true.
Audit findings
Audit findings result from a process that evaluates audit evidence and compares it against audit criteria. Audit findings can show that audit criteria are being met (conformity) or that they are not being met (nonconformity). They can also identify improvement opportunities. Audit findings are used to assess the effectiveness of the quality management system and to identify opportunities for improvement. Audit evidence includes records, factual statements, and other verifiable information that is related to the audit criteria being used. Audit criteria include policies, procedures, and requirements.
Auditor
In the context of this quality management standard, an auditor is a person who collects evidence in order to evaluate how well quality management systems meet requirements. Auditors are expected to determine whether quality management systems comply with standards and other planned arrangements. They must also be able to determine whether quality management systems are properly implemented and maintained. And they must be able to do all of this while being independent, objective, impartial, and competent.
Audit plan
An audit plan specifies how you intend to conduct a particular audit. It describes the activities you intend to carry out and the arrangements you intend to make. An audit is an evidence gathering process. Audit evidence is used to evaluate how well audit criteria are being met.
Audit scope
The scope of an audit is a statement that specifies the focus, extent, and boundary of a particular audit. The scope of an audit is generally defined by specifying the physical location of the audit, the organizational units that will be examined, the processes and activities that will be included, and the time period that will be covered.
Business improvement
Business improvement refers to anything that enhances an organization's ability to meet quality requirements. Business improvement is one part of business management.
Business management
Business management includes all the activities that organizations use to direct, control, and coordinate quality. These activities include formulating a business policy and setting business objectives. They also include business planning, quality control, quality assurance, and business improvement.
Business management system (BMS)
A business management system is a set of interrelated or interacting elements that organizations use to direct and control how business policies are implemented and business objectives are achieved. A process-based BMS uses a process approach to manage and control how its business policy is implemented and business objectives are achieved. A process-based BMS is a network of many interrelated and interconnected processes (elements). Each process uses resources to transform inputs into outputs. Since the output of one process becomes the input of another process, processes interact and are interrelated by means of such input-output relationships. These process interactions create a single process-based BMS.
BMS manual
A BMS manual documents an organization's business management system (BMS). It can be a paper manual or an electronic manual. According to ISO 9001, your business manual should:
· Define the scope of your BMS.
· Explain reductions in the scope of your BMS.
· Justify all exclusions (reductions in scope).
· Describe how your BMS processes interact.
· Document your business procedures or refer to them.
Business planning
Business planning involves setting business objectives and then specifying the operational processes and resources that will be needed to achieve those objectives. Business planning is one part of business management.
Business plan
A business plan is a document that is used to specify the procedures and resources that will be needed to carry out a project, perform a process, realize a product, or manage a contract. Business plans also specify who will do what and when.
Business policy
An organization’s business policy defines top management’s commitment to quality. A business policy statement should describe an organization’s general business orientation and clarify its basic intentions. Business policies should be used to generate business objectives and should serve as a general framework for action. Business policies can be based on the ISO 9000 Quality Management Principles and should be consistent with the organization’s other policies.
Business objectives
A business objective is a business oriented goal. A business objective is something you aim for or try to achieve. Business objectives are generally based on or derived from your organization’s business policy and must be consistent with it. They are usually formulated at all relevant levels within the organization and for all relevant functions
Characteristic
A characteristic is a distinctive feature or property of something. Characteristics can be inherent or assigned. An inherent characteristic exists in something or is a permanent feature of something, while an assigned characteristic is a feature that is attributed or attached to something.
Concession
A concession is a special approval that is granted to release a nonconforming product for use or delivery. Concessions are usually limited by time and quantity and tend to specify that nonconforming characteristics may not violate specified limits.
Conformity
In the context of this standard, to conform means to meet or comply with requirements. There are many types of requirements. There are quality requirements, customer requirements, product requirements, management requirements, legal requirements, and so on. Requirements can be explicitly specified (like the ISO 9001 requirements) or implied. A specified requirement is one that has been stated (in a document, for example). When your organization meets a requirement, you can say that it conforms to that requirement.
Continual improvement
Continual improvement is a set of activities that an organization periodically carries out in order to enhance its ability to meet requirements. Continual improvements can be achieved by carrying out audits (and using audit findings and conclusions), performing management reviews, analyzing data, setting objectives, and implementing corrective and preventive actions
Contract Management
The establishment and maintenance of procedures for the co-ordination and review of contracts to which the organisation is a party.
Control of Customer Supplied Product
Where customers supply their own product, example, aircraft and radio equipment received for repair, documented procedures are established and maintained for the control, verification, storage and maintenance of products provided for incorporation into the supplies, or for related activities.
Control of Non Conforming Product
Product that does not conform to specified requirements is prevented from unintended use or installation through the establishment and maintenance of documented procedures.
Correction
A correction is any action that is taken to eliminate a nonconformity. However, corrections do not address causes. When applied to products, corrections can include reworking products, reprocessing them, re-grading them, assigning them to a different use, or simply destroying them.
Corrective action
Corrective actions are steps that are taken to remove the causes of an existing nonconformity or undesirable situation. The corrective action process is designed to prevent the recurrence of nonconformities or undesirable situations. It tries to make sure that existing nonconformities and situations don’t happen again. It tries to prevent recurrence by eliminating causes. Corrective actions address actual problems. Because of this, the corrective action process can be thought of as a problem solving process.
Customer
A customer is anyone who receives products or services from a supplier organization. Customers can be people or organizations and can be either external or internal to the supplier organization. For example, a factory may supply products or services to another factory (customer) within the same organization. According to ISO 9000, examples of customers include clients, consumers, end-users, purchasers, retailers, and beneficiaries.
Customer satisfaction
Customer satisfaction is a perception. It is also a question of degree. It can vary from high satisfaction to low satisfaction. If customers believe that you've met their requirements, they experience high satisfaction. If they believe that you've not met their requirements, they experience low satisfaction. Since satisfaction is a perception, customers may not be satisfied even though you’ve met all contractual requirements. Just because you haven’t received any complaints doesn’t mean that customers are satisfied. There are many ways to monitor and measure customer satisfaction. You can use customer satisfaction and opinion surveys; you can collect product quality data (post delivery), track warranty claims, examine dealer reports, study customer compliments and criticisms, and analyze lost business opportunities.
Data Collection and Analysis
Relevant information supports decision making and planning processes and is available, collected and analysed on a corporate basis.
Design and development
Design and development is a process (or a set of processes). This process uses resources to transform requirements (inputs) into characteristics or specifications (outputs) for products, processes, and systems. You may treat design and development as different stages of a single integrated design and development process or you may treat design and development as two (or more) separate processes. You may also use the terms design and development interchangeably if they mean the same thing in your organization.
Design and development review
Design and development review is a set of activities whose purpose is to evaluate the suitability, adequacy, effectiveness, and sometimes the efficiency of a set of characteristics or specifications. Design and development review can be used to evaluate product, process, and system characteristics or specifications. In this context, an effective set of characteristics or specifications is one that has the potential to achieve planned results or realize planned activities.
Design and development validation
Design and development validation is a process. This process uses objective evidence to confirm that products meet the requirements which define their intended use or application. Whenever specified requirements have been met, a validated status is achieved. The process of validation can be carried out under realistic use conditions or within a simulated use environment.
Design and development verification
Design and development verification is a process. It uses objective evidence to confirm that design and development outputs meet design and development input requirements. Whenever specified input requirements have been met, a verified status is achieved.
Effectiveness
Effectiveness refers to the degree to which a planned effect is achieved. Planned activities are effective if these activities are realized. Similarly, planned results are effective if these results are actually achieved. For example, an effective process is one that realizes planned activities and achieves planned results. Similarly, an effective set of characteristics or specifications is one that has the potential to realize planned activities and achieve planned results.
Efficiency
Efficiency is a relationship between results achieved (outputs) and resources used (inputs). Efficiency can be enhanced by achieving more with the same or fewer resources. The efficiency of a process or system can be enhanced by achieving more or getting better results (outputs) with the same or fewer resources (inputs).
Handling, Storage, Packaging, Preservation and Delivery
Documented procedures for handling, storage, packaging, preservation and delivery of products and services, support the supply of high quality products.
Infrastructure
The term infrastructure refers to the entire system of facilities, equipment, and services that an organization needs in order to function. According to ISO 9001, Part 6.3, the term infrastructure includes buildings and workspaces (including related utilities), process equipment (both hardware and software), support services (such as transportation and communications), and information systems.
Inspection
Inspections use observation, measurement, testing and judgment to evaluate conformity. Inspection results are compared with specified requirements in order to establish whether conformity has been achieved. Product inspections compare product characteristics with product requirements in order to evaluate conformity.
Inspection, Testing and control of non-conforming product
Procedures for inspection and testing activities are developed in order to verify that the specified requirements for the materials, products and services provided are met. By conducting regular inspections and testing, non-conforming product is identified at the earliest possible stage, and corrective action facilitated
Interested party
An interested party is a person or group that has a stake in the success or performance of another organization. Interested parties may be directly affected by the organization or actively concerned about its performance. Interested parties can come from inside or outside of the organization. Examples of interested parties can include customers, suppliers, owners, partners, employees, unions, bankers, or members of the general public.
Internal audit
Internal audits are referred to as first-party audits. Organizations use internal (first party) audits to audit themselves for internal purposes. However, you don’t have to do them yourself. You can ask an external organization to carry out an internal audit on behalf of your organization. You can use first party audits to declare that your organization complies with the ISO 9001 standard. This is called a self-declaration.
Internal Audit Results
Documented procedures for planning and conducting internal quality audits verify whether activities comply with plans and determine the continued effectiveness of the Business Management System.
Management
The term management refers to all the activities that are used to coordinate, direct, and control an organization. In this context, the term management does not refer to people. It refers to activities. ISO 9000 uses the term top management to refer to people.
Management review
The overall purpose of a management review is to evaluate the suitability, adequacy, and effectiveness of an organization's business management system, and to look for improvement opportunities. Management reviews are also used to identify and assess opportunities to change an organization’s business policy and business objectives, to address resource needs, and to look for opportunities to improve its products.
Management system
A management system is a set of interrelated or interacting elements that organizations use to implement policy and achieve objectives. There are many types of management systems. Some of these include quality management systems, environmental management systems, emergency management systems, food safety management systems, occupational health and safety management systems, information security management systems, and business continuity management systems.
Measuring equipment
In the context of this standard, measuring equipment includes all the things that are needed to carry out a measurement process. Accordingly, measuring equipment includes measuring instruments and apparatuses as well as all the associated software, standards, and reference materials. Quality control of measuring equipment refers to all relevant equipment being verified as accurate and maintained in calibration.
Nonconforming product
When one or more characteristics of a product fail to meet specified requirements, it is referred to as a nonconforming product. When a product deviates from specified product requirements, it fails to conform. Nonconformity products must be identified and controlled to prevent unintended use or delivery. A product is the output of a process. Products can be tangible or intangible. ISO 9000 lists four generic product categories: services, software, hardware, and processed materials.
Nonconformity
Nonconformity refers to a failure to comply with requirements. A requirement is a need, expectation, or obligation. It can be stated or implied by an organization, its customers, or other interested parties. There are many types of requirements. Some of these include quality requirements, customer requirements, management requirements, product requirements, and legal requirements. Whenever your organization fails to meet one of these requirements, a nonconformity occurs. ISO 9001 lists business management system requirements.
When your organization deviates from these requirements, a nonconformity occurs.
Objective evidence
Objective evidence is data that shows or proves that something exists or is true. Objective evidence can be collected by performing observations, measurements, tests, or by using any other suitable method.
Organisational Performance
Organisational performance is maximised through strategic and business planning processes which support evaluation, planning and decision making.
Outsourced process
An outsourced process is any process that is part of your organization’s business management system (BMS) but is performed by a party that is external to your organization. According to ISO 9001, you must identify and control your outsourced processes, and you must ensure that each outsourced process is effective. You also need to figure out how to control the interaction between internal and outsourced processes. A process is a set of activities that are interrelated or that interact with one another. Processes use resources to transform inputs into outputs. According to ISO/TC 176/SC 2/N526R, “the terms subcontract and outsource are interchangeable and have the same meaning”.
Performance Appraisal
An environment and culture which clearly identifies and rewards individual and team contributions supports organisational outcomes includes regular performance appraisal for staff. Performance appraisal is a system of regular reviews between an employee and their supervisor to assess the employee's and organisation's requirements.
Performance measurement and systems improvement
Policy and procedures relating to the activities associated with core business performance measurement and systems improvement.
Preventive action
Preventive actions are steps that are taken to remove the causes of potential nonconformities or potential situations that are undesirable. The preventive action process is designed to prevent the occurrence of nonconformities or situations that do not yet exist. It tries to prevent occurrence by eliminating causes. While corrective actions prevent recurrence, preventive actions prevent occurrence. Both types of actions are intended to prevent nonconformities. Preventive actions address potential problems, ones that haven't yet occurred. In general, the preventive action process can be thought of as a risk analysis process.
The procedures for preventive action are based on the use of appropriate sources of information such as quality records, service reports, customer complaints and audit results to detect, analyse and eliminate problems.
Procedure
A procedure is a way of carrying out a process or activity. According to ISO 9000, procedures may or may not be documented. However, in most cases, ISO 9001 expects you to document your procedures. Documented procedures can be very general or very detailed, or anywhere in between. While a general procedure could take the form of a simple flow diagram, a detailed procedure could be a one page form or it could be several pages of text. A detailed procedure defines and controls the work that should be done, and explains how it should be done, who should do it, and under what circumstances. In addition, it explains what authority and what responsibility has been allocated, which inputs should be used, and what outputs should be generated.
Process
A process is a set of activities that are interrelated or that interact with one another. Processes use resources to transform inputs into outputs. Processes are interconnected because the output from one process becomes the input for another process. In effect, processes are “glued” together by means of such input output relationships. Organizational processes should be planned and carried out under controlled conditions. An effective process is one that realizes planned activities and achieves planned results.
Process approach
The process approach is a management strategy. When managers use a process approach, it means that they manage the processes that make up their organization, the interaction between these processes, and the inputs and outputs that tie these processes together.
Process-based business management system (BMS)
A process-based business management system uses a process approach to manage and control how its business policy is implemented and how its business objectives are achieved. A process-based BMS is a network of interrelated and interconnected processes. Each process uses resources to transform inputs into outputs. Since the output of one process becomes the input of another process, processes interact and are interrelated by means of such input-output relationships. These process interactions create a single integrated process-based BMS.
Process Control
The planning of all activities to ensure customer and regulatory requirements are met and the existence of appropriate procedures and equipment for all planned activities and processes.
Process Improvement
Documented procedures support the identification and implementation of improvements in processes. Process improvement focuses on short term remedial action to correct non conformance, and long term preventative action to prevent recurrence. The procedures for process improvement include:-
a) The effective handling of customer complaints and staff reports
b) Investigation of the cause of inferior quality and significant variation (see 4.16);
c) Determination of the corrective action needed; and
d) Ensuring that corrective action is taken and that it is effective
Product
A product is the output of a process. Products can be tangible or intangible. ISO 9000 lists four generic product categories: services, software, hardware, and processed materials. Many products combine several of these categories. For example, an automobile (a product) combines hardware (e.g. tires), software (e.g. engine control algorithms), and processed materials (e.g. lubricants). Service is always the result of an interaction between a service supplier and a customer and can take many forms. Service can be provided to support an organization’s own products (e.g. warranty service or the serving of meals). Conversely, service can be provided for a product supplied by a customer (e.g. a repair service or a delivery service). Service can also involve the provision of an intangible thing to a customer (e.g. entertainment, transportation, or advice). While software is intangible, and includes things like approaches and procedures, hardware and processed materials are tangible and are often referred to as goods.
Product Identification and Traceability
Procedures ensure that products conform with regulatory or other requirements and those products can be identified and traced.
Product inspection
Product inspection is an activity that compares product characteristics with product requirements in order to evaluate conformity. More precisely, a product inspection compares one or more characteristics of a product with specified requirements in order to determine if the product meets these requirements. Product inspections use observation, measurement, testing and judgment to evaluate conformity.
Product realization
A product starts out as an idea. The idea is realized or actualized by following a set of product realization processes. Product realization refers to all the processes that are used to bring products into being.
Purchasing
Procedures to ensure that all purchased products and services used in all departments conform to specified requirements. In other words, a system to ensure the organisation gets what it ordered.
Quality
The quality of something can be determined by comparing a set of inherent characteristics with a set of requirements. If those inherent characteristics meet all requirements, high or excellent quality is achieved. If those characteristics do not meet all requirements, a low or poor level of quality is achieved. Quality is, therefore, a question of degree. As a result, the central quality question is: How well does this set of inherent characteristics comply with this set of requirements? In short, the quality of something depends on a set of inherent characteristics and a set of requirements and how well the former complies with the latter. According to this definition, quality is a relative concept. By linking quality to requirements, ISO 9000 argues that the quality of something cannot be established in a vacuum. Quality is always relative to a set of requirements.
Quality assurance (QA)
Quality assurance is a set of activities intended to establish confidence that quality requirements will be met. QA is one part of business management.
Quality characteristic
A quality characteristic is tied to a requirement and is an inherent feature or property of a product, process, or system. A requirement is a need, expectation, or obligation. It can be stated or implied by an organization, its customers, or other interested parties. An inherent feature or property exists in something or is a permanent characteristic of something.
Quality control
Quality control is a set of activities intended to ensure that business requirements are actually being met. Quality control is one part of business management.
Receiving Inspection and Testing
All materials, products, services and associated documentation received from approved suppliers is inspected to verify conformance with specified and regulatory requirements including before use. When non conforming products or services are identified a non conformance report is completed which shall identify the product or service and the reasons for non conformance and the corrective action taken.
Record
A record is a type of document. Records provide evidence that activities have been performed or results have been achieved. They always document the past. Records can, for example, be used to show that traceability requirements are being met, that verification is being performed, and that preventive and corrective actions are being carried out.
Requirement
A requirement is a need, expectation, or obligation. It can be stated or implied by an organization, its customers, or other interested parties. A specified requirement is one that has been stated (in a document for example), whereas an implied requirement is a need, expectation, or obligation that is common practice or customary. There are many types of requirements. Some of these include business requirements, customer requirements, management requirements, product requirements, and legal requirements.
Review
A review is an activity. Its purpose is to figure out how well the thing being reviewed is capable of achieving established objectives. Reviews ask the following question: is the subject of the review a suitable, adequate, effective, and efficient way of achieving your organization’s objectives? There are many kinds of reviews. Some of these include management reviews, design and development reviews, customer requirement reviews, and nonconformity reviews. Relative to the previous types of reviews, the focus of each review is as follows: business management systems, design characteristics and specifications, customer requirements, and nonconformities, respectively.
Service
According to ISO 9000, a service is a type of product. Service is always the result of an activity or interaction between a service supplier and a customer and can take many forms. Service can be provided to support an organization’s own products (e.g. warranty service or the serving of meals). Conversely, service can be provided for a product supplied by a customer (e.g. a repair service or a delivery service). Service can also involve the provision of an intangible thing to a customer (e.g. entertainment, transportation, or advice).
Special process
A special process is any production or service delivery process that generates outputs that cannot be measured, monitored, or verified until it's too late. It's often too late because deficiencies may not be obvious until after the resulting products have been used or services have been delivered. In order to prevent output deficiencies, these special processes must be validated in order to prove that they can generate planned results.
Standard
A standard is a document. It is a set of rules that control how people develop and manage materials, products, services, technologies, processes, and systems. ISO's standards are agreements. ISO refers to them as agreements because its members must agree on content and give formal approval before they are published. ISO standards are developed by technical committees. Members of these committees come from many countries. Therefore, ISO standards tend to have very broad support.
Supplier
A supplier is a person or an organization that provides products. Suppliers can be either internal or external to the organization. Internal suppliers provide products to people within their own organization while external suppliers provide products to other organizations. Examples of suppliers include organizations and people who produce, distribute, or sell products, provide services, or publish information.
Top management
When ISO 9001 uses the term top management it is referring to a person or a group of people at the highest level within an organization. It refers to the people who coordinate, direct, and control organizations. The term management refers to all the activities that are used to coordinate, direct, and control an organization. The term management does not refer to people. It refers to activities.
Traceability
Traceability is the ability to identify and trace the history, distribution, location, and application of products, parts, and materials. A traceability system records and follows the trail as products, parts, and materials come from suppliers and are processed and ultimately distributed as end products.
Validation
Validation is a process. It uses objective evidence to confirm that the requirements which define an intended use or application have been met. Whenever all requirements have been met, a validated status is achieved. The process of validation can be carried out under realistic use conditions or within a simulated use environment. In the context of this standard, the term validation is used in at least two different situations: design and development and production and service provision. Design and development validations use objective evidence to confirm that products meet the requirements which define their intended use or application. Production and service provision processes must be validated whenever process outputs cannot be measured, monitored, or verified until after the product is in use or the service has been delivered (by then it’s too late to do anything about output deficiencies and defects). In this case, validations use objective evidence to confirm that production and service provision processes are capable of producing planned results.
Verification
Verification is a process. It uses objective evidence to confirm that specified requirements have been met. Whenever specified requirements have been met, a verified status is achieved.
In the context of this standard, the term verification is used in at least two different situations: design and development and purchasing. Design and development verifications use objective evidence to confirm that design and development outputs meet specified input requirements. Similarly, objective evidence must be used to verify or confirm that purchased products meet specified purchasing requirements. There are many ways to verify that requirements have been met. For example, you could do tests, perform demonstrations, carry out alternative calculations, compare a new design specification with a proven design specification, or you could inspect documents before you issue them.
Work environment
The term work environment refers to working conditions. It refers to all of the conditions and factors that influence work. In general, these include physical, social, psychological, and environmental conditions and factors. Work environmentincludes lighting, temperature, and noise factors, as well as the whole range of ergonomic influences. It also includes things like supervisory practices as well as reward and recognition programs. All of these things influence work.
|
