ISO 9000 Terminology in Plain English
So, you’ve heard an ISO audit is in your near future and you want to know what you can do to get ready? One of the best ways you can prepare for an audit is to learn the language your auditor will be using.
Let's Start by Looking at What ISO 9000 Really Is
ISO 9000 is a series of standards, developed and published by the International Organization for Standardization, that define, establish and maintain an effective quality assurance system for manufacturing and service industries.
Common ISO Definitions
- Accreditation: The act of giving an organization formal approval to operate an audit and registration program.
- Auditor: ISO auditors perform assessments and surveillance. They are the “front line” people during an audit. An internal auditor is normally an employee who is trained in auditing and, depending on the company requirement, carries out annual or bi-annual audits.External audits are carried out by a company not affiliated in any way to the organization being audited.
- Concession: The formal act of yielding, waiving or surrendering a right or privilege. A concession is often made in writing by a customer when it has been determined that a product or contractual requirement cannot be met in a practical or cost-efficient way, and that dropping the requirement will not materially affect the desired outcome.
- Corrective Action Request (CAR): In the ISO arena, a CAR is by far one of the most frequently used terms for corrective action. The essence of a CAR is to investigate a problem that already happened and requires root cause analysis and resolution to prevent recurrence.
- Discrepancy: A failure to meet the specified requirement, supported by evidence. Also can be called “nonconformance” or “deficiency.”
- Document Management System (DMS): Software used to track and store electronic documents. Capable of keeping track of the different versions modified by different users.
- Fault Tree Analysis: The process of identifying potential design weaknesses using a logic diagram that depicts basic faults and events that can lead to system failures and/or safety hazards.
- Observation: Think of this as an area of improvement. An “observation” is a statement of fact made in an audit team’s report. It indicates an audit finding that doesn’t rise to the level of a nonconformity (i.e. no objective evidence of nonconformity, doesn’t require a corrective action, etc.) but which, if left alone, could result in a future audit finding.
- Policy: A definite course or method of action to guide and determine present and future decisions. ISO mandates a Quality Policy be developed and used as a basis for your quality objectives.
- Preventive Action: An action taken to eliminate the causes of a potential nonconformity.
- Procedure: A particular way of accomplishing something; an established way of doing things; a series of steps followed in a definite regular order. It ensures a consistent and repetitive approach to actions.
- Quality Audit: Examination of an organization’s quality management system to assure conformance to a specific quality standard, such as ISO 9001.
- Quality Manual: A document in which your quality standards are described and where your Quality Policy is stated.
- Quality Management System: A collection of business processes focused on achieving your Quality Policy and quality objectives.
- Registrars: Organizations that issue ISO certification.
- Verification: The act or process of confirming the accuracy or existence of a systematic, objective and documented process that conforms to various requirements, such as customer or regulatory requirements.
- Validation: The process of establishing that the audit results not only meet requirements, but also satisfy the intended purpose.
About NAVEX Global, Inc.
NAVEX Global’s comprehensive suite of ethics and compliance software, content and services helps organizations protect their people, reputation and bottom line. Trusted by 95 of the FORTUNE 100 and more than 12,500 clients, our solutions are informed by the largest ethics and compliance community in the world.