Systematic process improvement using ISO 9001:2000 and CMMI
Systematic process improvement using ISO 9001:2000 and CMMI
Systematic process improvement using ISO 9001:2000 and CMMI
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
252 Appraisal/Registration<br />
It is important to note that the SEI does not ‘‘certify’’ appraisal ratings.<br />
Although it keeps a database of all assessments <strong>and</strong> appraisals, it does not<br />
provide information about the scope or results of any organization’s appraisal<br />
to the public. On the other h<strong>and</strong>, an appraised organization is free to use<br />
<strong>and</strong> publicize the appraisal results as it sees fit.<br />
8.2 <strong>ISO</strong> <strong>9001</strong>:<strong>2000</strong> registration <strong>process</strong><br />
In this section we briefly describe the <strong>ISO</strong> assessment flow <strong>and</strong> the objective<br />
evidence needed for an <strong>ISO</strong> certification audit. Because the st<strong>and</strong>ard has<br />
been updated, there are at least two ways to approach an <strong>ISO</strong> <strong>9001</strong>:<strong>2000</strong><br />
audit. One is for organizations that have upgraded their QMS from the 1994<br />
version, <strong>and</strong> another is for those being audited for the first time <strong>using</strong> the<br />
<strong>2000</strong> version. We will concentrate on the later because it will, in general,<br />
encompass the former. The upgrade audit typically concentrates on the<br />
review of the requirements imposed by the <strong>ISO</strong> <strong>9001</strong>:<strong>2000</strong> st<strong>and</strong>ard, evidence<br />
that internal audits <strong>and</strong> management reviews foc<strong>using</strong> on <strong>process</strong><br />
changes have been conducted, <strong>and</strong> personnel training in the new QMS.<br />
Most organizations will perform a preassessment to determine if the QMS<br />
is satisfactory for the formal audit. <strong>ISO</strong> limits performance of the preassessment<br />
to only one instance. The flow of a typical registration <strong>process</strong> is shown<br />
in Figure 8.4.<br />
It is expected that the organization has already selected the registrar <strong>and</strong><br />
has the necessary information about <strong>ISO</strong> audit requirements. During the<br />
preparation phase, the auditor <strong>and</strong> the organization’s representative develop<br />
an audit plan, which identifies the organizational unit to be assessed <strong>and</strong><br />
the scope of the assessment. In addition, the optional preassessment will be<br />
arranged. Note that registrars are not allowed to provide consultation services<br />
because the st<strong>and</strong>ards require that they maintain their independence from<br />
the organizations that they will audit.<br />
During preparation, the auditor will inform the organization about the<br />
documentation they will be required to provide <strong>and</strong> the support that will<br />
be needed during the assessment. The goal of the audit is to review as much<br />
of the organizational documentation <strong>and</strong> its implementation as possible in<br />
the time allotted, typically a week. Although an audit of a large organization<br />
will be different from an audit of a small organization, the <strong>process</strong>es practiced<br />
in those organizations must be reviewed in both cases.<br />
A portion of a typical assessment plan is shown in Table 8.4. The plan<br />
indicates the areas of investigation <strong>and</strong> relates them to the responsible or<br />
cognizant organizational elements. Assessors develop questions at the level