Featured Product
This Week in Quality Digest Live
Standards Features
Master Gage and Tool Co.
Why it matters for accurate measurements
Etienne Nichols
It’s not the job that’s the problem. It’s the tools you have to do it with.
Jón Bergsteinsson
Understanding the standard is essential
Stephanie Ojeda
The FDA’s new QMSR will harmonize with ISO 13485 for medical device quality management
Aymen Saidane
Addressing modern manufacturing challenges with advanced software

More Features

Standards News
Providing practical interpretation of the EU AI Act
Advanced Swiss CNC machining delivers precision for the tightest tolerances and specifications
Oct. 24–25, 2023, 8 a.m.–5 p.m. Eastern
Greater accuracy in under 3 seconds of inspection time
Showcasing the latest in digital transformation for validation professionals in life sciences

More News

Denise Robitaille


ISO 9004:2009 Is Out and It Sure Looks Different

Pay attention, be flexible, embrace change.

Published: Tuesday, February 2, 2010 - 05:00

The new revision to ISO 9004 came off the press in the last quarter of 2009. It is significantly different from its predecessor. ISO 9004:2009 embodies the quality management principle relating to continual improvement. The technical experts made bold strides in their quest to address market needs by producing a standard that would help organizations maintain and improve their quality management systems over time. While that was the stated intent with the 2000 version, the fact is that the majority of users considered it a road map for implementing ISO 9001.

Individuals who were familiar with the 2000 version will have several questions. The first is: “Where’s 9001?” In ISO 9004:2000 the entire text of ISO 9001:2000 was embedded into the standard. The clauses, by and large, mirrored ISO 9001 and the structure was identical. Those who utilized ISO 9004 as a how-to guide for ISO 9001 had no trouble finding the relevant clauses. The only problem with that approach is that ISO 9004 was not intended to be a handbook on how to implement ISO 9001. It was intended, as the title plainly indicated, to provide “Guidelines for performance improvements.”

“Performance improvements” sounds like a great idea. Until you ask yourself the next question: “Why?” What is the value in improving performance? Within the answer lies the crux and purpose of both ISO 9001 and ISO 9004. That answer is found in ISO 9004’s new title—“Managing for the sustained success of an organization—A quality management approach.”

It’s not good enough to achieve ISO 9001, proudly displaying the coveted certificate on the wall. To conform to the requirements of ISO 9001, it’s important to maintain the quality management system that has been established. It’s important to consistently fulfill requirements found in multiple subclauses relating to establishing objectives (5.4.1), monitoring and measuring product and processes (8.4), reviewing changes that could affect the quality management system (5.6.3), and striving for continual improvement (8.5.1).

So ISO 9004:2009 is about what you do after you’ve established and implemented your quality management system to keep it going and to make sure both you and your customers continue to derive benefit from your organization. They get a reliable supplier and you get to stay in business. It also addresses one of the basic truisms of our universe: things change. Hence, the new ISO 9004, and particularly the annexes, is heavily weighted toward monitoring and periodically assessing so that you can respond to change.

The new version of ISO 9004 was structured to facilitate this quest. The subclauses flow from the organization’s environment, to strategic planning, through resource management to managing processes, to monitoring and analyzing, and ending up with improvement, innovation, and learning. Think of it like this: “This is who we are. This is the big plan for the organization. This is what we have to work with. This is how we do things. This is how we figure out what’s working and what isn’t. And these are the things that will allow us to still be around tomorrow—this is how we plan for our future.” Any of these can, and probably, will change over time. How your organization handles those changes will determine your “… sustained success.”

Under the first subclause we look at who we are. We also look at stakeholders, or as the standard refers to them, “interested parties.” This concept is situated early on in the standard because interested parties are directly relevant to our organization now and in the future. You could say they are an element of our identity. Interested parties can be customers, stockholders, employees, suppliers, and society at large, just to name a few. Changes with any of these interested parties affect our organization.

The next subclause talks about strategy and policy. I think this is a great step forward. It illustrates the very tight bond that should exist between the real business of the business and the quality management system. For too long top management in many organizations has considered the quality management system, and its requirements for management review and management involvement, as an odious infringement on their sanctum sanctorum. Time is overdue to recognize that a good quality management system is in harmony with strategic goals and planning.

Consideration of resources is another key factor that often changes over time. Monitoring what resources currently exist and which will be impacted by changes such as turnover of personnel, slower cash flow, cost of fossil fuel, and scarcity of raw materials, seques directly into the next section dealing with managing processes. It’s impossible for processes to remain consistent when support such as resources and infrastructure are changing.

You’ll note throughout the emphasis on monitoring. This is carried through to annexes that give you tips on how to assess your organization. Doing it once gives you a starting point. But the assessments, just like any other effective monitoring tool, needs to be utilized cyclically to achieve any real benefit. The annexes are a useful guide; but you can also devise your own methodology to assess your organization. Whatever method you use, make sure that your assessment reflects interdependencies and interrelations between various factors. The results should help you identify what needs to be enhanced, what needs to be discarded, and what needs to be improved.

Use ISO 9001 to build a great quality management system. Use ISO 9004 to maintain it and to help it to become even greater.


About The Author

Denise Robitaille’s picture

Denise Robitaille

Denise Robitaille is the author of thirteen books, including: ISO 9001:2015 Handbook for Small and Medium-Sized Businesses.

She is chair of PC302, the project committee responsible for the revision to ISO 19011, an active member of USTAG to ISO/TC 176 and technical expert on the working group that developed the current version of ISO 9004:2018. She has participated internationally in standards development for over 15 years. She is a globally recognized speaker and trainer. Denise is a Fellow of the American Society for Quality and an Exemplar Global certified lead assessor and an ASQ certified quality auditor.

As principal of Robitaille Associates, she has helped many companies achieve ISO 9001 registration and to improve their quality management systems. She has conducted training courses for thousands of individuals on such topics as auditing, corrective action, document control, root cause analysis, and implementing ISO 9001. Among Denise’s books are: 9 Keys to Successful Audits, The (Almost) Painless ISO 9001:2015 Transition and The Corrective Action Handbook. She is a frequent contributor to several quality periodicals.


ISO 9004 It sure looks different.

Denise you are a delight your words of wisdom ring true. Finally we have a "Quality" document that says all the right things and the target is sustain ability. Finally they got it right. Early in my quality life i took this approach and was machined gunned out of the sky with consultants advising that I had it all wrong.
Consultants have a lot to answer for. In past cases the blind leading the blind. What seems never to be asked is does it work for the this companies CEO? If it does then how does it align with ISO if seeking Certification?
The trick is the auditor needs to understand the business need not the business understand what the auditor wants. How often have I witnessed business changing they way they have been doing things for the last 40 years because the auditor thought it didn't fit.
To have been in existance for say 5 years or more means that this business must be doing something right. They do have a quality system else they would not survive. Is it based on ISO 9001:2009 ? Perhaps not but then the skilled auditor can match what the business has done to the Standard and hence is a support to the business. Too often I hear all this quality stuff is just more and more red tape. When in fact it is about lifting the bottom line and securing the businesses sustain ability.
When talking about a quality systems documentation the real question here is why do we need this documentation? What is its purpose? Quality systems are risk management systems. So if the document did not exist what is the threat to the business. If none then ditch the document as it serves no useful purpose. Documenting process for the sake of it is futile and serves no purpose.
What is good about this Digest is that in this case JToler actually read the paper and gave a good honest comment. It has been my experience as an auditor that most seeking Certification are doing it for the wrong reasons. Many have bought off the shelf systems only to discover that they don't fit. ISO 9004:2009 is a great step foward. Perhaps at first a little overwhelming but if one reads it section by section with a fine wine or indeed a good coffee; take the time to reflect on ones own business. Then it will be clear what has to happen or indeed does not have to happen if seeking complience. We should all remember that one can have a quality system that is not Certified. It is just that it is not recognised by outsiders. But a quality system exists never the less. It is the auditors role to recognise the quality system for what it is.
Rob Langdon
Quality Manager
Biomedical Technology Services

Too much?

It is one thing to establish and maintain a quality system but to continuously monitor down to minute details and document is getting a bit too much. What ever happened to the Paper Reduction Act of 1995?
I will use my company as an example... We are a major distributor or raw stock titanium. We stock three grades of titanium in selective shapes and sizes. We do not have nor possess any manufacturing and/or special processing capabilities nor do we machine or alter the material in any way other than cutting it down to a smaller size (per our customer's request).
We are a small, veteran owned business, with less than 25 employees, and have been doing basically the same thing since the early 70's with almost no change in our business practices. Our company has a great reputation among our customers and within our industry because we provide quality product to our customers. For us, the quality and traceability of product is key and considered the two main factors in our business.
There is very little room to move or improve upon because are processes are simple and straightforward and have been nearly perfected in the almost 40 years since we have been in business.
The current ISO 9001:2000 quality system already has us repeatedly documenting many of our processes over and over again in a repetitive manner to the point where we could photocopy it once and reuse it again and again and again, etc.
To add more documentation on top of all the current documentation seems a bit redundant and wasteful especially in today's "green" environment.
Of course this is just one opinion from a certain point of view but I think that there are a lot of people out there who have a similar situation where they also feel that by adding more documentation still does not necessarily make things more quality efficient.

You're a stockist!

Hi there JToler,
I sympathise. The fact is you're a stockist, and back in the day, there was a UK version of BS 5750 (now ISO 9001) that was designed to cover off exactly what you do. I agree that your processes are simple, probably a cuppla deployment flowcharts is all you need. The Registered Stockist Scheme, as it was called, used a version of ISO 9002 (BS 5750 Pt 2) that was slightly more than than ISO 9003 (BS750 Pt 3). In today's parlance of course, the extent of your ISO 9001 conformity should be seeking exclusions from much of section 7, and the extent of your documentation should reflect this. So if your system is document heavy and complex, once again you are the victim of incompetent certifers/registrars and ineffective accreditation bodies.
Having said that, I'm sure you would agree that being innovative in how you keep your customers satisfied and acknowledging that you apply a commensurate duty of care is how you stay in business. This angle is the approach in ISO 9004:2009 as Denise points out. It's also how the UK Chartered Quality Institue (try this link http://www.thecqi.org/Knowledge-Hub/What-is-quality/) defines quality.
I suggest the following; first draw up a conformity matrix of your system documentation against the pertinent clauses of the standard. Rows for the clauses, columns for your activity areas or processes (eg Management, Purchasing, Stores, Order processing, Despatch, etc). As you go through it, discard all documentation that adds no value, is duplicated elsewhere, or exerts no control. As the acid test, ask the lottery question ("what would happen if XYZ won the lottery and didn't come back to work?"....that's coz it's nicer than the "run over by a bus" version but the effect is the same!). And use diagrams and pictures rather than text wherever you can.

When your registrar's auditors turn up next time give them the matrix and ask them to point out exactly ("put your finger on the words in The Standard") what's wrong with your interpretation if they raise issues. Demand your certifcation money back if they come up with rubbish and complain to the accreditation body.

I hope this helps.