Management System Standards
Standardization exists when a large majority of products and services in a particular business or industry sector conform to a globally accepted standard
ISO MS Standards:
- Make the development, manufacturing and supply of products and services more efficient.
- Provide for global acceptance of certified organizations.
- Allow for sharing of technological advances and good management practices
- Provide governments with a technical base for legislation and conformity assessment.
- Make life simpler by providing solutions to common problems.
There have been over 21,000 ISO standards issued by the International Organization for Standardization, the most popular of which are the ISO management system standards such as ISO 9001 (for quality management systems) and now ISO 20000 (for control and management of IT services) and ISO 27001 (for IT security). For aerospace companies, the ISO 9001 standard is enhanced in the aerospace standards: AS 9100 for the design and manufacture of aerospace products, AS 9110 for aviation maintenance facilities and AS 9120 for stock list distributors of aerospace components.
ISO 9001: Quality Management System
ISO 9001 is the leading international standard for a quality management system. The standard specifies the requirements for a quality management system which are recognized as being aligned with accepted good practice for running a business. ISO certification is rapidly becoming mandatory in order to do business with other countries, the government and prime contractors.
The ISO 9001 standard was completely revised in 2015 to make it user friendly and easier for small and medium sized companies to achieve certification regardless of whether they produce a product or provide a service.
There is now only one requirement standard; i.e., ISO 9001:2015. It is structured to follow the process approach for implementing a quality management system. The emphasis is no longer on documentation but rather on the effectiveness and improvement of the quality management system and the business to enhance customer satisfaction by meeting and/or exceeding customer expectations and requirements.
ISO 14001 – Environmental Management System
This international standard specifies the requirements for an environmental management system that an organization can use to enhance its environmental performance. ISO 14001 is intended for use by organizations seeking to manage its environmental responsibilities in a systematic manner that contributes to environmental sustainability. The most recent version of the standard was published in 2015.
ISO 14001:2015 helps an organization achieve the intended outcomes by implementing an environmental management system that provides value for the environment, the organization itself and interested parties. Consistent with an organization’s environmental policy, the intended outcomes of an environmental management system include:
- enhancement of environmental performance,
- fulfillment of compliance obligations,
- achievement of environmental objectives.
ISO 20000: IT Service Management
ISO/IEC 20000 is the first worldwide standard specifically devised for IT Service Management (ITSM). It describes an integrated set of managed processes for the effective delivery of services to the business and its customers. It is aligned and complimentary to the process approach defined within ITIL ISO/IEC 20000 consists of two parts:
- ISO/IEC 20000-1:2005 is the formal Specification. It defines the requirements to deliver managed services of an acceptable quality for its customers. It is used to assess conformance for certification.
- ISO/IEC 20000-2:2005 is the Code of Practice. It describes the best practices for service management processes within the scope of ISO/IEC 20000-1. The Code of Practice is of particular use to organizations preparing to be audited against ISO/IEC 20000 or planning service improvements
ISO 27001: Information Security Management System
ISO 27001 is the standard for an Information Security Management System (ISMS). The basic objective of the standard is to provide a model for establishing and maintaining an effective IT information management system based on the process approach.
ISO/IEC 27001:2005 is the formal requirements Specification. It is used in order to assess conformance for certification.
ISO/IEC 27002:2005 is the Code of Practice. It is aligned with the specification and used to guide the implementation of an information security management system.
Aerospace Specific QMS Standards
The aerospace industry developed a series of quality management standards specifically for the industry. These standards are all based on ISO 9001 with additional requirements specific to the aerospace industry. AS 9100, 9110 and 9120 can be used to assess conformance for certification.
AS 9100:2016 is intended for use by organizations whose primary business is to design, develop, manage and produce aviation, space and defense products and services.
AS 9110:2016 is for use by organizations whose primary business is providing maintenance, repair and overhaul for aviation and military products; and original equipment manufacturers with maintenance, repair and overhaul operations that operate autonomously for their primary business.
AS 9120:2016 is for use by organizations that procure parts, and assemblies and resell these products to a customer in the aviation, space and defense industries.