Is ISO 9000 bad for business?
ISO 9000 is a family of international standards that are voluntary standards and includes ISO 9001 which is only made mandatory by customers when invoked in contracts. Whether they are bad for business depends on how you treat them.
If you treat them as a prescription for what you have to do, ignore the purpose for which they were designed, foolishly pursue ISO 9001 certification when you don't have to and accede to the whim of every third party auditor - you deserve what you get!
- Why would organizations continue to do these things if they gained no value from them?
- Why did they not kick out their auditors and their consultants?
- Why did they judge results by whether they got the badge when in everything else they do they judge results by their impact on the bottom line?
- Why were these people willing partners in the coercion?
The 2000 version of ISO 9001 was different from its predecessor. The primary motivation for the change had been to move organizations further forward towards Business Excellence, providing guidance that will enable them to achieve sustained success. The standard represented a fundamental change in intent, direction and approach. The sad thing is that if the standard is perceived as not having changed significantly, it will continue to wreak havoc as it will be interpreted and used in the same inappropriate way it has been for the last 30 yrs. As is often said, “If you continue to do the things that you have always done you will continue to get what you always got!”
However, the 2000 and 2008 versions retained remnants of a deterministic approach in the form of documented procedures and preventive action, as though its possible in complex organizations to prevent problems arising or recurring. The 2015 version of ISO 9001 is different again and moves organizations further towards Business Excellence by getting them to look outward and consider all stakeholders, not just customers, consider the factors that affects its ability to achieve its goals and consider the risks and opportunities they present in influencing how quality is managed.
By looking at ISO 9001 as a framework upon which can be built a successful organization, rather than as a narrow set of minimum requirements, significant benefits can be gained.
In response to ISO 9001:1994 most organizations only used the assessment standards ISO 9001, 9002 and 9003. They paid no attention to ISO 9004. They ignored the concepts in ISO 8402 and created documentation that focused only on those requirements that were addressed by the assessment standard. The belief was that by documenting what you do and doing what you document, product quality would be achieved. As some of the principal factors affecting quality of output were missing, mere conformity with the clauses of ISO 9001 did not stop organizations avoiding quality problems. The intent of the 87 & 94 versions was clearly to create documented systems. The documentation was intended as a means of demonstrating capability in order that customers would be assured of product quality, but in practice it did nothing of the kind primarily because the real purpose for the documentation was lost along the way. The 94 family lacked sufficient guidance and led to organizations failing to understand that quality could not be assured simply by documenting procedures.
A change in culture was required but it was found that certification could be obtained simply by producing a manual and a set of procedures that bore little resemblance to the way the organization was managed so why change when you don't have to?
This narrow view of quality management was swept aside by ISO 9000:2000 and enhanced significantly by ISO 9001:2015 which encourages organizations to:
- Determine the factors that affect the organizations ability to fulfil its purpose and strategic direction;
- Determine the needs and expectations of customers and other interested parties relative to its strategic direction;
- Determine and address the risks and opportunities presented by the internal and external environment as the organization pursues its strategic direction;
- Establish policies, objectives and a work environment necessary to motivate the organization to satisfy these needs;
- Design, resource and manage the processes necessary to implement the policy and attain the objectives;
- Measure and analyse the adequacy, efficiency and effectiveness of each process in fulfilling its purpose and objectives and;
- Pursue the continual improvement of the organization from an objective evaluation of its performance.
I challenge anyone to deny that this is the real intent of the family of standards and that doing any one of these is bad for business.
The family of standards has been based on 7 key principles - principles which anyone would find hard to deny lead to successful businesses. Within the requirements you will find -
- Customer focus through determining needs and expectations of customers;
- Leadership though policies, objectives and taking accountability for the effectiveness of the management system;
- Engagement of people by ensuring they are competent to do the job they are given, supported and are provided with a safe working environment in which to do it
- A process approach to managing work by linking policy, objectives, processes, measures, results and improvement across the organization;
- A systems approach to management by managing the interaction of interrelated elements;
- Improvement from the results of the measurement and analysis of processes
- An evidence based approach to decision making through the objective evaluation of process measurement data
- A focus on mutual beneficial relationships through determining needs and expectations of other interested parties and the setting of policies and objective to satisfy these needs.
For the designers and managers of the organization's management system these principles are the key to a successful implementation of ISO 9001.
For the auditors they are the key to transforming the way quality management system audits are conducted. With a little thought the lack of application of one or more of these principles will be found to be at the root cause of most of the organization's problems.
- The intent is that successful organizations adapt to changes in the internal and external environment and adjust their policies and practices accordingly, not continue with ones that are outdated.
- The intent is that unless constrained by law, managers weigh up the the potential benefits and harms of exercising one choice of action over another and make an informed decision that is in the best long term interests of the organization, not attempt to predict every action and decision that is to be taken;
- The intent is that organizations design and manage their processes effectively to achieve corporate objectives, not that they create functional silos that compete for resources.
- The intent is that organizations choose the right things to do based on an objective analysis of the environment in which they operate, not slavishly follow procedures that serve no practical purpose.
- The intent is that management create an environment in which people will be motivated, not create bureaucratic systems of documentation that stifle initiative and creativity.
The family of standards has to be used intelligently by customers, managers, auditors and consultants. An intelligent use of the standard would result in:-
- Viewing the organization as a goal seeking system, establishing what it does, how it does it and what results it produces and using ISO 9001 to assess whether improvements in the way it functions are necessary
- Viewing the quality policy as the organization's values that guide it to achieve its purpose and mission rather than a motherhood statement with no connection with reality
- Viewing the quality objectives as the corporate objectives rather than a set of tasks for the quality department to carry out
- Viewing the system as the means by which the organization implements it policy and achieves it objectives rather than a set of documents that are always out of date.
- Viewing audits as a means to determine whether the organization has the capability to achieve its objectives rather than on conformity to requirements and procedures
- Viewing performance in terms of the extent to which the needs and expectations of all interested parties are met rather than on the number of customer complaints, non-conformities and audit findings
We can find all these concepts within the latest version of the ISO 9000 family of standards if we take a step back from them and make the linkages. It is plain to see that these things are good for business so why would anyone not want to do them? So I contend that ISO 9001:2015 is not bad for business - but it will be if we treat it as we did previous versions.