Can We Require ISO 9001 Certification?

Suppliers, supplier management

Q: My company has bought another company in Canada and we are outsourcing to them. They are not certified to ISO/ANSI/ASQ 9001:2008 Quality management systems–Requirements.  Do we have the legal right to require them to get certified since we are?

A: Thank you for contacting the ASQ Ask the Experts Program.  With regard to your question, there is no requirement in ISO 9001 that requires any organization or their suppliers to be certified by a third-party. Certification is only needed if it’s required by a customer contract/purchase order, or if an organization has opted to be ISO 9001 certified.

However, as an ISO 9001 certified organization, your quality management system must include controls to maintain control over outsourced processes. This requirement is stated in clause 4.1. The control over outsourced processes may include all or any of the following:

1.    Use of an approved suppliers list (see clause 7.4.1)

2.    An onsite supplier quality audit (see clause 7.4.3)

3.    Review and approval of equipment, processes, procedures, methods, and personnel qualifications for processes that require validation such as welding, nondestructive testing, heat treatment or others (see clause 7.5.2).

In summary, ISO 9001 certification is a management decision and not a requirement.  Organizations that follow the ISO 9001 requirements and have outsourced processes should have controls in place to manage those processes.

I hope this helps.

Bill Aston
ASQ Senior Member
Managing Director of Aston Technical Consulting Services
Kingwood, TX
www.astontechconsult.com

Related Content:

Imaging Core Lab Takes Quality Beyond Regulatory Requirements With ISO 9001, ASQ Knowledge Center case study, open access

Medical Metrics Inc. (MMI), had an existing quality management system structured to meet FDA regulations, but it was missing a framework to help drive organizationwide improvement. MMI worked with an external consultant to create an integrated management system—a fusion of regulatory requirements with the ISO 9001 framework—and received certification to the standard in less than seven months. Read More.

Sarbanes-Oxley And ISO 9000, Quality Progress, open access

Critics say ISO 9000 doesn’t compare favorably to quality programs such as the Baldrige criteria, lean and Six Sigma. But ISO 9001’s emphasis on documentation is a major asset from a legal perspective. Quality professionals can help companies comply with Sarbanes-Oxley while enhancing their organizational status. Read More.

Explore the ASQ Knowledge Center for more case studies, articles, benchmarking reports, and more.

Browse articles from ASQ magazines and journals here.

Is it Legal to Require Certification to an ISO Standard?

Contract, requirement, legal, standard

Q: Can a contract include a requirement stating that the manufacturer of the materials to be installed as part of the job must be ISO 9001 and ISO 14000 listed? My question is in reference to a contract I received that is requiring this.

A: In general, contracts between business entities are enforceable unless they violate laws or are contrary to public policy. Private businesses entering into commercial contracts have a great deal of freedom in establishing contract terms.

One of the common uses of ISO standards is to clearly delineate requirements in commercial contracts.   This can, and often does, include requirements for third-party certification of suppliers to ISO 9001-2008: Quality management systems–Requirements and/or ISO 14001-2004: Environmental management systems – Requirements with guidance for use.

This requirement is usually met by providing a copy of the certificate issued by a third-party certification body (registrar) that lists the name of the organization certified and the scope of the certification.

Based on the information provided along with your question, it appears that the question actually relates to a material specification that was included as part of a request for proposal (RFP) from a governmental entity. Note: the contract has not been included with this post to protect the anonymity of the questioner and the governmental entity.

The authority of governmental contracting officers is more limited.  They must comply with applicable purchasing statutes and regulations.  Whether or not a requirement for certification to ISO 9001 and/or ISO 14001 is permissible would be determined by reviewing these contracting rules.  These rules also often provide mechanisms for contesting the award of a contract if it is believed to be unfair.

There are often opportunities to request clarification of information included in a government-issued RFP. This may be something to consider in this situation since the requirements in this RFP appear to be unclear, such as:

  •  There is no comprehensive “list” of certified companies so there is no mechanism for a manufacturer to be listed.
  • There is no ISO 14000 standard.  There are over 20 different standards in the ISO 14000 family – each with a different number.  I assume the RFP is referring to ISO 14001.
  • It is not clear which of the materials specified in the contract must be manufactured by an organization that is certified to the ISO 9001 and ISO 14001 standards.

(Note: the contract has not been included with this post to protect the anonymity of the questioner and the governmental entity).

I hope this helps.

Thea Dunmire, JD, CIH, CSP
Chair, ASC Z1-Audit Subcommittee
ENLAR Compliance Services, Inc.
Largo, FL
www.enlar.com

Related resources:

Explore the content below or find more in the ASQ Knowledge Center.

“Quality Improvement through Proactive Contracting: Contracts Are Too Important to Be Left to Lawyers!”

by Helena Haapio Annika Varjonen, paper presented at the World Conference on Quality and Improvement (ASQ members only content)

Preventive law is the concept that legal opportunities must be identified early to take proper advantage and that legal problems must be detected early so that there are no negative surprises. Contracts can be used as preventive tools that avoid most such surprises. A vital contractual tool is the contract review, which the ISO 9000 standards identify as a device for ensuring that a supplier has the knowledge and capability for meeting a customer’s requirements. Read more.

Managing Contract Quality Requirements

by C. Robert Pennella, ASQ Quality Press

This book is for anyone who prepares contract quality requirements for a supplier, is a supplier, or is affected in any way by a contract. Readers will learn how to establish and implement contract requirements effectively; identify and resolve actual and potential contractual problems; preclude overlapping of administrative efforts; reduce unanticipated costs associated with errors of omission; and be better prepared for the administrative application and final outcome of contract quality requirements. Read more.

Career Corner: Has Information About Quality Become a Liability?

by Diane Kulisek, Quality Progress (open access)

In this career corner column, the author provides recommendations for approaching quality issue resolution in today’s complex legal landscape. Read more.

Explore the ASQ Knowledge Center for more case studies, articles, benchmarking reports, and more.

Browse open access content from ASQ magazines and journals here.

ISO 9001: Product Development and Customer Satisfaction

Manufacturing, inspection, exclusions

Q: Does a company certified to ANSI/ISO/ASQ Q9001-2008 Quality management systems — Requirements that produces raw materials for a customer according to their written specification also, as a raw material supplier, have a responsibility under ISO 9001 to meet the customer’s needs for their design intent and intended and known use?

In simple language, I sell a raw material to a customer who takes my raw material and then designs a product and sells it to a customer who uses it in the field. I wonder where does the ISO standard application stop for the raw material supplier?  How can a raw material supplier under ISO 9001 meet the needs of a customer’s trade secret designs, or further down the intended use of the product where the raw material supplier has no control over how it will be used or maintained?

A: Your question is more a legal one than a quality one. You are offering a product to a customer. This is your finished product and their raw material. When both parties agree to the terms and conditions (payment, form, fit, function, shipping, etc.) a contract exists. We call this a purchase order (PO) and part of that PO is the specification for your product. If they place an order to your spec, you have done the design work under ISO 9001 and they are accepting your design. END OF YOUR RESPONSIBILITY for future application and use. If you accept an order to their spec, they have done the design work and you are obligated to make sure your product meets the stated (and often implied) form/fit/function requirements. We call this quality control and you do this by testing in the lab prior to shipment.

Most firms address the issue of application by stating quite clearly in the contract terms that you are selling your product as-is and you do not warrant the product as fit for ultimate use. This is the kind of thing the lawyers require.

Having said all this, there is a requirement in ISO 9001 for you to measure customer satisfaction. You must state in your manual the concept (strategies) for doing this and have some defined processes – usually called procedures – to carry it out. Of course, part of this is the regular management review. Quality, marketing, and sales all provide input on how well the customer needs are being met. Your registrar should be examining how you do this.

If there is a trend showing that customers are unhappy with how the stuff performs under end-use conditions, ISO says you should address those issues. (Ignoring them is an option, if it is deliberate). Mature firms will work on building customer-supplier partnerships, getting their engineers to talk to your engineers. Although this is technically outside of the quality function, it is still part of your overall quality management system.

Charlie Cianfrani
Consulting Engineer
Green Lane Quality Management Services
Green Lane, PA
ASQ Fellow; ASQ CQE, CRE, CQA, RABQSA Certified QMS-Auditor (Q3558)
ASQ Quality Press Author
Related Content:

Open access resources about supplier quality and product development:

Two Sides of the Same Coin: Using Teams in Customer-Supplier Relationships, Journal for Quality and Participation

In the Know: A BoK dedicated to quality in outsourcing is essential in today’s global marketplace, Quality Progress

The Role of Quality Management Practice in the Performance of Integrated Supply Chains, Quality Management Journal

Has Information About Quality Become a Liability? Quality Progress

Product Liability: Beyond Loss Control — An Argument for Quality Assurance, Quality Management Journal