Skip to main content



Welcome to the "ISO Myth Busters" Blog! With over 30 years of Quality Management System's experience, I enjoy sharing my knowledge with those who are seeking answers or a better way to implement ISO 9001 requirements. For too long, there have been myths and legends about how to implement a variety of requirements from the International Standard. These myths and legends often come from the need to pass an ISO Certification audit and as a result, people get the wrong ideas about what implementing an ISO 9001-compliant Quality Management System is truly about. In this blog, we'll cover such diverse issues as the myths surrounding document control, measuring equipment calibration, management review and internal auditing. We'll also take a look at the role of the Certification Body/Registrar and what to consider if you're looking for one to work with. I hope you'll find the posts to be helpful. Let's make a start on busting the first myth:-
Recent posts

Got No Time For ISO 9001 Quality Systems? Maybe You Need a Time Machine!

“Ticking away the moments that make up a dull day…” go the lyrics of Pink Floyd’s song “ Time ,” taken from the seminal album  The Dark Side of the Moon . This iconic work of progressive rock music reflects on the negative effects of performing mundane or routine actions and how time can control one’s life. The meaning behind the song’s lyrics, while strongly applicable to everyday life, also is an apt description for the way certain clauses of ISO 9001:2015 are implemented. Often, requirements including Management Reviews, Internal Audits and Calibration of Measuring Equipment are planned according to a misperception that they must be conducted at certain intervals, generally throughout a calendar year.  However, an examination of the relevant clauses reveals there is  zero  mention of  when  to implement the requirements, as seen below.  7.1.6 Monitoring and measuring resources “…calibrated…at  specified intervals …” 9.2 Internal audit “…conduct internal audits at  planned intervals

Document Control Advice You Can Take to the Bank!

Document control is a frequent issue for organizations who pursue ISO 9001 compliance. Commonly a reason for Certification Audit non-conformities being written, previous versions of ISO 9001 detailed the need for a Quality Manual, documented procedures and, at the process-control level, work instructions. It may be noted that these types of documents are no longer prescribed by the international standard, ISO 9001:2015. With fewer documents prescribed by ISO 9001, you'd think the burden on document control would be less. Sadly, experience shows it's not the ISO requirements which cause problems but the ways organization go about "control". WHAT DO YOU KNOW ABOUT CONTROL? This lack of prescription is a major departure from previous ISO 9001 versions. However, once an organization has determined specific documentation is useful, that documentation must still be controlled to an extent. The need for control is something that hasn’t (substantially) changed since ISO 90

You Spin Me Round - Quality Records

In the past, we’ve related ISO 9001 documentation to both the Pyramids of Giza and bank notes (money). Let's turn our attention to another aspect of documentation, what is referred to as “retained documented information,” or more commonly known as “Quality records.” The international standard for Quality Management, ISO 9001:2015, references the term “retained documented information” no fewer than  24 times . In addition to these required areas, an organization may have extra records which are generated as a result of doing business and, therefore, included in Clause 4.4.2., Quality Management System (QMS) and Processes. Despite its extensive presence throughout ISO 9001:2015, there’s long been some uncertainty regarding what exactly a documented record is. Many heads have spun trying to make this important distinction, with confusion stemming from a few clich├ęs born out of earlier versions of ISO 9001: “Say-what-you-do, Do-what-you-say”  – This saying caused people to creat

All Internal Audits Are Process-based? Er, No...

Since ISO 9001:2000, it’s become increasingly common to consider that an organization’s Internal Quality Audits be performed using the so-called “Process Approach”. At the time of publication, that particular version of the International Standard for Management Systems contained no description of what the process approach was. The recently introduced 2015 version makes the “Process Approach” a lot clearer by describing what is envisaged, in section 0.3 of the Introduction to the Standard – and how it applies to the quality management system development, implementation and improvement . Reading further, the text goes on to describe the Process Approach involving the “systematic definition and management of processes, and their interactions, so as to achieve the intended results.” There’s no mention of anything to do with conducting internal audits in any particular fashion. Perhaps the Internal Audit requirements, found in clause 9.2, will reveal something… This particular clau

WTH? A Useful Quality Manual?

One of the first things which comes to peoples’ minds when describing Quality Management Systems and “ISO 9000” is documentation, which often includes a Quality Manual. The background to Quality Management Systems started with (big) procurement organizations such as government agencies and Fortune 500 companies making Quality Systems a contractual requirement. Frequently, these requirements included the need for a document, which was often called a “Quality Manual”, a “Quality Plan” or similar. These were used, by a supplier, to describe the approach to be used to fulfil the contract requirements and assure the quality of the deliverables. Today, a hall mark of ISO 9001 Quality Management Systems documentation is a Quality Manual – one has been a requirement of the International Standard since 1987. Manuals produced by many organizations emulate the format and content of the ISO 9001:2008 clauses (4 through 8) to the extent that the words “The organization shall” have simply been

People Got Talent!

Competency is all around us. It pervades our lives. We see competency on t.v, - for example “America’s Got Talent” – talented people, regardless of their age, gender or social background.   performing all manner of stage acts that wow the show’s judges and viewers. “How did they do that?”, we often ask ourselves… ISO 9001 includes a requirement for an organization’s people, involved in the Quality Management System, to be competent in their work responsibilities. The normative reference (vocabulary) document, ISO 9000, defines competence as “the demonstrated ability to apply skills and knowledge”. Those t.v show contestants could certainly demonstrate skills and knowledge, but how did they become so competent? They weren’t likely to be born with some “gift”, therefore, their performance is most likely to have been the result of combination of factors… Practice, Practice, Practice…   Zig Ziglar is credited with this: “Repetition is the mother of learning, the father of action