Specific Applications

The tremendous impact of ISO 9001 on organizational practices, and on trade, has stimulated the development of other ISO standards and deliverables that adapt the generic management systems approach to specific sectors or aspects. Some of these documents are listed below.

ISO/TS 16949:2009, Quality management systems – Particular requirements for the application of ISO 9001:2008 for automotive production and relevant service part organizations

ISO/TS 16949:2009, in conjunction with ISO 9001:2008, defines the quality management system requirements for the design and development, production and, when relevant, installation and service of automotive-related products. It is applicable to sites of the organization where customer-specified parts, for production and/or service, are manufactured.

We offer an ISO/TS 16949 Lead Auditor 4.5-day course. Click on the course title to see the class schedule.

Customer Satisfaction:
ISO 10002:2004, Quality management – Customer Satisfaction – Guidelines for complaints handling in organizations

ISO 10002 provides guidance on the process of complaints handling related to products within an organization, including planning, design, operation, maintenance, and improvement. The complaints-handling process described is suitable for use as one of the processes of an overall quality management system. ISO 10002 is not applicable to disputes referred for resolution outside the organization or for employment-related disputes.

ISO 10003:2007, Quality Management – Customer Satisfaction – Guidelines for Dispute Resolution External to Organizations

ISO 10003 provides guidance for an organization to plan, design, develop, operate, maintain, and improve an effective and efficient dispute-resolution process. It is applicable to complaints relating to the organization’s products intended for, or required by, customers, the complaints-handling process, or dispute-resolution process. It is also applicable to resolution of disputes arising from domestic or cross-border business activities, including those arising from electronic commerce.

ISO/TS 10004:2010, Quality management – Customer satisfaction – Guidelines for monitoring and measuring

ISO/TS 10004 provides guidance in defining and implementing processes to monitor and measure customer satisfaction. It is intended for use by organizations regardless of type, size, or product provided. The focus of ISO/TS 10004 is on customers external to the organization.

IWA 2:2007, Quality management systems — Guidelines for the application of ISO 9001:2000 in education

IWA 2 provides guidance for a quality management system in educational organizations. Its guidelines do not add to, change or otherwise modify the requirements of ISO 9001:2000.

Energy Management:
ISO 50001:2011 (planned)

ISO 50001 will help organizations to improve their energy performance, increase energy efficiency, and reduce climate change impacts. It will establish a framework for industrial plants, commercial facilities or entire organizations to manage energy.

Food Safety:
ISO 22000:2005, Food safety management systems — Requirements for any organization in the food chain

ISO 22000 specifies requirements for a food safety management system where an organization in the food chain needs to demonstrate its ability to control food safety hazards in order to ensure that food is safe at the time of human consumption.

Health Care:
IWA 1:2005, Quality management systems — Guidelines for process improvements in health service organizations

IWA 1 provides additional guidance for any health service organization involved in the management, delivery, or administration of health service products or services, including training and/or research, in the life continuum process for human beings, regardless of type, size and the product or service provided.

Information Security:
ISO 27001:2005, Information technology — Security techniques — Information security management systems – Requirements

ISO 27001 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving a documented Information Security Management System within the context of the organization’s overall business risks. It is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.

We offer an ISO 27001 Internal Auditor 3-day course and an ISO 27001 Lead Auditor 4-day course. Click on the course title to see the class schedule.

Local Government:
IWA 4:2009, Quality management systems — Guidelines for the application of ISO 9001:2008 in local government

The objective of International Workshop Agreement, IWA 4, is to provide local governments with guidelines for the voluntary application of ISO 9001:2008 on an integral basis. These guidelines do not, however, add, change or modify the requirements of ISO 9001:2008.

Medical Devices:
ISO 13485:2003, Quality management systems — Requirements for regulatory purposes

ISO 13485 specifies requirements for a quality management system where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer requirements and regulatory requirements applicable to medical devices and related services.

We offer an ISO 13485 Internal Auditor 3-day course and an ISO 13485 Lead Auditor 4.5-day course. Click on the course title to see the class schedule.

Petroleum and Gas:
ISO/TS 29001:2010, Petroleum, petrochemical and natural gas industries — Sector-specific quality management systems — Requirements for product and service supply organizations

ISO/TS 29001 defines the quality management system for product and service supply organizations for the petroleum, petrochemical and natural gas industries. Boxed text is original ISO 9001:2008 text unaltered and in its entirety. The petroleum, petrochemical, and natural gas industry sector-specific supplemental requirements are outside the boxes.

We offer a 1-day ISO/TS 29001 Requirements course and a half-day ISO/TS 29001 “Delta” Requirements course. For an on-site class, please contact Larry Whittington at 770-517-7944 or larry@whittingtonassociates.com.

Risk Management:
ISO 31000, 2009, Risk management — Principles and guidelines

ISO 31000 provides principles and generic guidelines on risk management. The standard can be applied to any type of risk, whatever its nature, whether having positive or negative consequences. It is applicable to a wide range of activities, including strategies and decisions, operations, processes, functions, projects, products, services, and assets.

Service Management:
ISO 20000-1:2011, Information technology — Service management — Part 1: Service management system requirements

ISO 20000-1 is a service management system (SMS) standard. It specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain, and improve an SMS. The requirements include the design, transition, delivery, and improvement of services to fulfill agreed service requirements.

We offer an ISO 20000 Internal Auditor 3-day course and an ISO 20000 Lead Auditor 4-day course. Click on the course title to see the class schedule.

Ship Recycling:
ISO 30000:2009, Ships and marine technology — Ship recycling management systems — Specifications for management systems for safe and environmentally sound ship recycling facilities

ISO 30000 specifies requirements for a management system to enable a ship recycling facility to develop and implement procedures, policies, and objectives in order to be able to undertake safe and environmentally sound ship recycling operations in accordance with national and international standards. The management system requirements take into account the relevant legal requirements, safety standards, and environmental elements that the ship recycling facility needs to identify and comply with in order to carry out safe and environmentally sound ship recycling.

Supply Chain Security:
ISO 28000:2007, Specification for security management systems for the supply chain

ISO 28000 specifies the requirements for a security management system, including those aspects critical to security assurance of the supply chain. Security management is linked to many other aspects of business management, such as, all activities controlled or influenced by organizations that impact on supply chain security. These other aspects should be considered directly, where and when they have an impact on security management, including transporting these goods along the supply chain.

Other Sector Standards:
Although not issued by ISO, there are other published industry sector standards that are based on ISO 9001:

Aerospace: AS9100, AS9110, and AS9120
Telecommunications: TL 9000